{"title":"MLPN: Multi-Scale Laplacian Pyramid Network for deepfake detection and localization","authors":"Yibo Zhang , Weiguo Lin , Junfeng Xu , Wanshang Xu , Yikun Xu","doi":"10.1016/j.jisa.2025.103965","DOIUrl":"10.1016/j.jisa.2025.103965","url":null,"abstract":"<div><div>Sophisticated and realistic facial manipulation videos created by deepfake technology have become ubiquitous, leading to profound trust crises and security risks in contemporary society. However, various researchers concentrate on enhancing the precision and generalization of deepfake detection models, with little attention to forgery localization. Detecting deepfakes and identifying fake regions is a challenging task. We propose an end-to-end model for performing deepfake detection and forgery localization based on the Laplacian pyramid. The model is designed by an encoder–decoder architecture. Specifically, the encoder generates multi-scale features. The decoder gradually integrates multi-scale features and Laplacian residuals to reconstruct the prediction masks coarse-to-finely. Otherwise, we adopt a spatial pyramid pool approach to deal with high-level semantic features and integrate local and global information. Comprehensive experiments demonstrate that the proposed model performs satisfactorily in deepfake detection and localization.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103965"},"PeriodicalIF":3.8,"publicationDate":"2025-01-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170173","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A pairing-free proxy re-encryption scheme suitable for cloud medical information systems","authors":"Han Zhou , Lunzhi Deng , Yaying Wu , Sihua Zhou","doi":"10.1016/j.jisa.2025.103967","DOIUrl":"10.1016/j.jisa.2025.103967","url":null,"abstract":"<div><div>The cloud medical information system provides a platform for patients and doctors to share data. Patients send files containing personal medical data to cloud storage, which can reduce their own storage burden and facilitate other doctors’ access to data files. To ensure the privacy of sensitive information deposited in the communal network platform, patients should encrypt their data before submitting it to the network platform. Nevertheless, the effective sharing of encrypted data in the public cloud brings us new challenges. Proxy re-encryption (PRE) supports a proxy, who is unable to decrypt the original ciphertext, converts the original ciphertext to a new ciphertext using the re-encryption key, and the new receiver can decrypt the new ciphertext to obtain plaintext. In this article, we design a new PRE programme for cloud medical information systems. There are two merits in the new scheme. To begin with, it is indistinguishable against chosen-ciphertext attacks secure and is resistant to collusion attacks, which means that the proxy is incompetent to acquire data owner’s secret key even if he colludes with data receiver. Secondly, it has higher computational efficiency compared to other schemes because it does not use bilinear pairing operations.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103967"},"PeriodicalIF":3.8,"publicationDate":"2025-01-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sandip Y. Bobade , Ravindra S Apare , Ravindra H. Borhade , Parikshit N. Mahalle
{"title":"Intelligent detection framework for IoT-botnet detection: DBN-RNN with improved feature set","authors":"Sandip Y. Bobade , Ravindra S Apare , Ravindra H. Borhade , Parikshit N. Mahalle","doi":"10.1016/j.jisa.2024.103961","DOIUrl":"10.1016/j.jisa.2024.103961","url":null,"abstract":"<div><div>The pervasive adoption of IoT devices has significantly enhanced connectivity but also introduced vulnerabilities, particularly through IoT botnets, which exploit compromised devices for large-scale attacks. Current detection methods, although effective, often face challenges in accuracy. This work proposes a new framework for IoT botnet detection utilizing an optimized hybrid classification technique. The framework comprises two primary phases: feature extraction and attack detection. Initially, various features including statistical measures, higher-order statistics, improved correlation-based insights, and flow-based characteristics are extracted from IoT network data. Notably, the approach enhances traditional correlation analysis by weighting data points based on proximity, refining the detection of complex relationships crucial for identifying botnet behaviors. To identify attacks, the system uses a hybrid classifier that integrates an Improved Deep Belief Network (IDBN) with a Recurrent Neural Network (RNN). The Improved DBN incorporates batch normalization and dropout layers, along with a modified Gumbel softmax activation function, to bolster its robustness against noisy data and prevent overfitting, while the RNN excels in sequential data analysis, capturing temporal dependencies within IoT traffic. Additionally, Self-Adaptive Beluga Whale Optimization (SA-BWO) is utilized for optimizing RNN weights, to enhance the accuracy for detection through adaptive parameter tuning. Experimental validation demonstrates the framework's superior performance in detecting IoT botnet activities, surpassing conventional methods in accuracy and resilience.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103961"},"PeriodicalIF":3.8,"publicationDate":"2025-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170745","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"PRAAD: Pseudo representation adversarial learning for unsupervised anomaly detection","authors":"Liang Xi, Dong He, Han Liu","doi":"10.1016/j.jisa.2025.103968","DOIUrl":"10.1016/j.jisa.2025.103968","url":null,"abstract":"<div><div>As one of the typical means of anomaly detection, unsupervised reconstruction-based anomaly detection methods usually extract the normal representations and utilize the reconstruction error to detect the anomalies. The main framework is autoencoder. If the autoencoder has strong generalization ability, the anomalies could also be well reconstructed, resulting in model misjudgment. Therefore, we propose a Pseudo Representation Adversarial learning model for unsupervised Anomaly Detection (PRAAD). Specifically, we design a pseudo-representation-based data augmentation strategy to enrich latent distribution for capturing additional normal patterns through an adversarial learning strategy. Based on this, PRAAD could improve the confidence of normal reconstruction rather than abnormal reconstruction. Finally, we additionally consider the distance of the sample to the latent distribution to synthesize the anomaly score. Experimental results on real image and cybersecurity datasets show that PRAAD outperforms the state-of-the-art baselines.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103968"},"PeriodicalIF":3.8,"publicationDate":"2025-01-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170744","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jiyou Chen , Zhi Lv , Ge Jiao , Ming Xia , Gaobo Yang
{"title":"SPNet: Seam carving detection via spatial-phase learning","authors":"Jiyou Chen , Zhi Lv , Ge Jiao , Ming Xia , Gaobo Yang","doi":"10.1016/j.jisa.2025.103963","DOIUrl":"10.1016/j.jisa.2025.103963","url":null,"abstract":"<div><div>Seam carving is an image content-aware retargeting operation that can automatically insert seams to expand an image or remove seams to reduce image size. However, it can also perform illegal image tampering by inserting or removing objects. We observe that upsampling is a necessary step for seam removal or insertion, and cumulative them can lead to significant changes in the frequency domain, particularly in the phase spectrum. In fact, according to the properties of natural images, the phase spectrum retains rich frequency components, which can complement the loss of the amplitude spectrum and provide additional information. To this end, we propose a spatial phase-based network (SPNet) that combines spatial and phase spectra to capture retargeting artifacts for image seam carving detection. In addition, since the artifacts usually hide in the local regions for the seam carving operation, the local texture feature is more effective than the high-level semantic one. Based on this, we introduce a shallow network to reduce the receptive field, it can highlight the local features while suppressing high-level semantic information. Extensive experiments demonstrate that SPNet achieves state-of-the-art (SOTA) performance.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103963"},"PeriodicalIF":3.8,"publicationDate":"2025-01-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170130","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Workplace security and privacy implications in the GenAI age: A survey","authors":"Abebe Diro , Shahriar Kaisar , Akanksha Saini , Samar Fatima , Pham Cong Hiep , Fikadu Erba","doi":"10.1016/j.jisa.2024.103960","DOIUrl":"10.1016/j.jisa.2024.103960","url":null,"abstract":"<div><div>Generative Artificial Intelligence (GenAI) is transforming the workplace, but its adoption introduces significant risks to data security and privacy. Recent incidents underscore the urgency of addressing these issues. This comprehensive survey investigates the implications of GenAI integration in workplaces, focusing on its impact on organizational operations and security. We analyze vulnerabilities within GenAI systems, threats they face, and repercussions of AI-driven workplace monitoring. By examining diverse attack vectors like model attacks and automated cyberattacks, we expose their potential to undermine data integrity and privacy. Unlike previous works, this survey specifically focuses on the security and privacy implications of GenAI within workplace settings, addressing issues like employee monitoring, deepfakes, and regulatory compliance. We delve into emerging threats during model training and usage phases, proposing countermeasures such as differential privacy for training data and robust authentication for access control. Additionally, we provide a comprehensive analysis of evolving regulatory frameworks governing AI tools globally. Based on our comprehensive analysis, we propose targeted recommendations for future research and policy-making to promote responsible and secure adoption of GenAI in the workplace, such as incentivizing the development of explainable AI (XAI) and establishing clear guidelines for ethical data usage. This survey equips stakeholders with a comprehensive understanding of GenAI’s complex workplace landscape, empowering them to harness its benefits responsibly while mitigating risks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103960"},"PeriodicalIF":3.8,"publicationDate":"2025-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170751","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Security analysis of SFrame","authors":"Takanori Isobe , Ryoma Ito , Kazuhiko Minematsu","doi":"10.1016/j.jisa.2024.103958","DOIUrl":"10.1016/j.jisa.2024.103958","url":null,"abstract":"<div><div>Increasing privacy consciousness has popularized the use of end-to-end encryption (E2EE). In this paper, we discuss the security of SFrame, an E2EE mechanism proposed to the Internet Engineering Task Force for video/audio group communications over the Internet. Despite being a quite recent project, SFrame has been deployed in several real-world applications. The original specification of SFrame is evaluated herein to find critical issues that can cause impersonation (forgery) attacks with a practical complexity by a malicious group member. Further investigations have revealed that these issues are present in several publicly available SFrame implementations. Therefore, we provide several countermeasures against all the proposed attacks and considerations from performance and security perspectives towards their implementation.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103958"},"PeriodicalIF":3.8,"publicationDate":"2025-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"BridgeSec: Facilitating effective communication between security engineering and systems engineering","authors":"Avi Shaked , Nan Messe","doi":"10.1016/j.jisa.2024.103954","DOIUrl":"10.1016/j.jisa.2024.103954","url":null,"abstract":"<div><div>We increasingly rely on systems to perform reliably and securely. Therefore, it is imperative that security aspects are properly considered when designing and maintaining systems. However, achieving the security by design ideal is challenging. Security information is typically unstructured, dispersed, hard to communicate, and its assessment is somewhat subjective and tacit. Additionally, the inclusion of security information within design requires integrating the efforts of two knowledge-intensive disciplines: security engineering and systems engineering. In this paper, we introduce BridgeSec, a novel conceptual information-exchange interface to systemise the communication of security information between these two disciplines. The main contribution of BridgeSec lies in its explicit identification of concepts related to vulnerability management, which allows systems engineering and security engineering teams to codify pertinent information. The disciplines involved in the system design can thus coordinate policies, implementations and, ultimately, the security posture. Furthermore, based on the newly unveiled interface, an automated reasoning mechanism is specified. This mechanism allows to reason about the vulnerability posture of systems in a scalable and systematic way. First, we describe and formalise the information-exchange interface BridgeSecand how it can be used to reason about the security of systems designs. Next, we present an open-source prototype – integrated into a threat modelling tool – which rigorously implements the interface and the reasoning mechanism. Finally, we detail two diverse and prominent applications of the interface for communicating security aspects of systems designs. These applications show how BridgeSec can rigorously support the design of systems’ security in two representative scenarios: in coordinating security features and policy during design, and in coordinating mitigation to disclosed implementation vulnerabilities.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103954"},"PeriodicalIF":3.8,"publicationDate":"2025-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170750","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Blacklisting access control via negated subset predicate encryption: Constant-size ciphertexts/keys constructions with adaptive security or attribute hiding","authors":"Yi-Fan Tseng","doi":"10.1016/j.jisa.2024.103959","DOIUrl":"10.1016/j.jisa.2024.103959","url":null,"abstract":"<div><div>In order to realize the functionality for blacklisting, we introduce a novel primitive, negated subset-predicate encryption (NSPE), where a ciphertext associated with a set <span><math><msub><mrow><mi>S</mi></mrow><mrow><mi>C</mi></mrow></msub></math></span> can be only decrypted by a private key related to a set <span><math><msub><mrow><mi>S</mi></mrow><mrow><mi>K</mi></mrow></msub></math></span> iff <span><math><mrow><msub><mrow><mi>S</mi></mrow><mrow><mi>K</mi></mrow></msub><mo>⁄</mo><mo>⊆</mo><msub><mrow><mi>S</mi></mrow><mrow><mi>C</mi></mrow></msub></mrow></math></span>. Compared to adopting complex tools to realize such a functionality, e.g., key-policy attribute-based encryption (KPABE) for non-monotonic access structure, NSPE provides a more concise and efficient way. In this manuscript, we first conceptualize the definition and security requirements for NSPE, and give several constructions, including fully secure constructions with different features, generic construction with weak attribute-hiding, and selectively secure construction with shorter ciphertexts/keys. All of the proposed schemes are proven secure under well-studied assumptions. Compared with the architecture using complex primitives such as KPABE to achieve the same functionality, our schemes provide a more concise and efficient method, especially in terms of the private key size.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103959"},"PeriodicalIF":3.8,"publicationDate":"2025-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Changqing Zhu , Heyan Wang , Yazhou Zhao , Xingxiang Jiang , Hua Sun , Jia Duan , Hui Li , Luanyun Hu , Na Ren
{"title":"Vector map zero-watermarking algorithm considering feature set granularity","authors":"Changqing Zhu , Heyan Wang , Yazhou Zhao , Xingxiang Jiang , Hua Sun , Jia Duan , Hui Li , Luanyun Hu , Na Ren","doi":"10.1016/j.jisa.2024.103955","DOIUrl":"10.1016/j.jisa.2024.103955","url":null,"abstract":"<div><div>Current vector map zero-watermarking algorithms that integrate blockchain technology typically focus on a limited subset of feature classes within datasets, resulting in significant energy consumption during copyright registration and hindering the advancement of vector map copyright protection through blockchain and zero-watermarking techniques. To address this challenge, this paper presents a novel vector map zero-watermarking algorithm that considers feature set granularity (ZW-CFSG). This algorithm effectively utilizes boundary contours and internal features to characterize dataset attributes, subsequently converting these features into zero-watermarks. To evaluate the efficacy of the ZW-CFSG algorithm, a comprehensive vector map copyright protection model is developed, integrating both blockchain and zero-watermarking mechanisms. The zero-watermark is securely registered on the blockchain, with energy consumption metrics employed to assess the algorithm's efficiency. Experimental findings reveal that the adoption of the ZW-CFSG algorithm can significantly reduce energy consumption associated with blockchain-based zero-watermarking, thereby enhancing the efficiency of copyright registration while ensuring compliance with rigorous requirements for copyright uniqueness and resilience.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103955"},"PeriodicalIF":3.8,"publicationDate":"2025-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}