{"title":"Radio Frequency Fingerprinting for WiFi Authentication Based on Detrended Fluctuation Analysis","authors":"Shuguang Wang, Songyan Li, Tingjia Liu, Shuangrui Zhao, Jiandong Wang, Yulong Shen","doi":"10.1049/ise2/8683522","DOIUrl":"https://doi.org/10.1049/ise2/8683522","url":null,"abstract":"<p>Traditional physical-layer authentication (PLA) approaches primarily rely on a limited set of hardware features, which restricts their robustness and accuracy in dynamic wireless environments. This paper proposes a novel PLA enhancement framework based on nonlinear signal analysis, introducing detrended fluctuation analysis (DFA) as a distinctive hardware fingerprinting feature. We first model the statistical properties of DFA and analytically derive its dependence on intrinsic hardware imperfections, thereby establishing its feasibility for device authentication. To improve overall system performance, the DFA feature is further fused with conventional features such as fractal dimension and carrier frequency offset (CFO) within a shallow classification framework. Experimental evaluation is conducted on real signal data collected from 28 commercial devices, demonstrating that the proposed multifeature PLA scheme can significantly improve authentication accuracy, confirming the effectiveness of DFA in enhancing physical-layer security without additional cryptographic overhead.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8683522","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145317019","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xinhai Wang, Lin Ding, Jiang Wan, Zhengting Li, Zheng Wu
{"title":"Best Known Fast Correlation Attack on SNOW 3G Based on a New Insight","authors":"Xinhai Wang, Lin Ding, Jiang Wan, Zhengting Li, Zheng Wu","doi":"10.1049/ise2/7162579","DOIUrl":"https://doi.org/10.1049/ise2/7162579","url":null,"abstract":"<p>The well-known SNOW 3G stream cipher serves as the core of 3GPP confidentiality and integrity algorithms UEA 2 and UIA2 for universal mobile telecommunications system (UMTS) and long term evolution (LTE) networks. Recently, Gong and Zhang gave two linear approximations of SNOW 3G with correlation 2<sup>−20.48</sup>, and then proposed a fast correlation attack on the cipher with time/data/memory/precomputation complexities all upper bounded by 2<sup>174.16</sup>. In this paper, a more accurate calculation method of the linear approximation correlations is proposed. It treats the inversion function of the 32-bit Sbox used in SNOW 3G as the parallel composition of four 8-bit Sboxes, and the correlation calculation of the noise variables as the correlation calculation of the addition modulo 2<sup>32</sup> with two inputs. Based on this new insight, we improve the correlation of the best linear approximation of SNOW 3G from 2<sup>−20.48</sup> to 2<sup>−18.91</sup>. The new result is substituted into a new fast correlation attack on SNOW 3G, whose time/data/memory/precomputation complexities are all improved compared with the existing attacks. To the best of our knowledge, this is the best cryptanalytic result of SNOW 3G up to now.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/7162579","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145316870","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"On the Resilience of Traditional AI Algorithms Toward Poisoning Attacks for Vulnerability Detection","authors":"Lorena González-Manzano, Joaquin Garcia-Alfaro","doi":"10.1049/ise2/9997989","DOIUrl":"https://doi.org/10.1049/ise2/9997989","url":null,"abstract":"<p>The complexity of implementations and the interconnection of assorted systems and devices facilitate the emergence of vulnerabilities. Detection systems are developed to fight against this security issue, being the use of artificial intelligence (AI) a common practice. However, the use of AI is not without its problems, especially those affecting the training phase. This article tackles this issue by characterizing the resilience against poisoning attacks using a benchmark for vulnerability detection, extracting simple code features while applying traditional AI algorithms. These choices are beneficial for the fast processing of vulnerabilities required in a triage process. The study is carried out in C#, C/C++, and PHP. Results show that the vulnerability detection process is specially affected beyond 20% of false data. Remarkably, detecting some of the most frequent common weakness enumeration (CWE) is altered even with lower poison rates. Overall, <i>K</i>-nearest-neighbor (KNN) and support vector machine (SVM) are the most resilient in C# and C/C++, while multilayer perceptron (MLP) in PHP. Indeed, vulnerability detection in PHP is less affected by attacks, while C# and C/C++ present comparable results.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/9997989","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145272439","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Athraa J. H. Witwit, Ahmed Fanfakh, Ali Kadhum Idrees
{"title":"NoLIEM: A Novel Lightweight Image Encryption Method for Resource-Constrained IoT Devices","authors":"Athraa J. H. Witwit, Ahmed Fanfakh, Ali Kadhum Idrees","doi":"10.1049/ise2/9976924","DOIUrl":"https://doi.org/10.1049/ise2/9976924","url":null,"abstract":"<p>The expanded use of Internet of Things (IoT) devices in smart homes, industrial automation, healthcare, and smart cities has increased the risk of unauthorized access, data breaches, and man-in-the-middle attacks. Traditional encryption methods like AES and RSA are too energy- and processing-intensive for IoT devices. Therefore, it is essential to develop efficient, lightweight encryption methods to improve security while maintaining the longevity and functionality of IoT devices. This article proposes a novel lightweight image encryption method (NoLIEM) for resource-constrained IoT devices. NoLIEM uses a key-dependent and substitution layer at the same time. These key-dependent transformations protect the fundamental structure of the cipher algorithm, rendering it resistant to cryptanalysis while applying one-round encryption. The suggested NoLIEM uses a substitution box (S-box) and Feistel structures. We also conduct numerous security analysis tests using the proposed NoLIEM. The efficiency and effectiveness of pseudo-random number generators (PRNGs) of the suggested NoLIEM are demonstrated, and their performance is compared with existing lightweight cipher algorithms using correlation coefficients, information entropy, encryption quality, encryption duration, randomness, and attack analysis tests. According to the acquired results, the proposed NoLIEM works well in terms of security, complexity, and real-time cryptography applications. We compare the proposed NoLIEM with both known lightweight ciphering algorithms, SPECK and SIMON. The proposed NoLIEM outperforms the SPECK and SIMON, and PRESENT algorithms in terms of throughput by a ratio of 6.29 and 19.61, and 1319.36, respectively.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-10-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/9976924","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145272007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Cybersecurity and Artificial Intelligence in Unmanned Aerial Vehicles: Emerging Challenges and Advanced Countermeasures","authors":"Deafallah Alsadie","doi":"10.1049/ise2/2046868","DOIUrl":"https://doi.org/10.1049/ise2/2046868","url":null,"abstract":"<p>The increasing adoption of artificial intelligence (AI)-driven unmanned aerial vehicles (UAVs) in military, commercial, and surveillance operations has introduced significant security challenges, including cyber threats, adversarial AI attacks, and communication vulnerabilities. This paper presents a comprehensive review of the key security threats and challenges faced by AI-powered UAVs, such as unauthorized access, GPS spoofing, adversarial manipulations, and UAV hijacking. We analyze advanced solutions including blockchain-secured UAV networks, post-quantum cryptography (PQC), adversarial AI training, self-healing AI models, and multi-factor authentication (MFA), which collectively strengthen UAV cybersecurity defenses. Our findings highlight the critical role of emerging technologies, including self-adaptive AI-driven UAVs capable of detecting and learning from novel cyber threats autonomously. We also discuss the integration of 6 G-powered communication networks for secure and ultra-fast encrypted transmissions, as well as Edge AI computing that enables real-time, onboard threat detection without cloud dependency. Furthermore, decentralized intelligence models and blockchain-based authentication are shown to enhance security in UAV swarms by preventing unauthorized infiltration. Overall, this review emphasizes the necessity of multilayered security frameworks that combine AI techniques, cryptographic measures, and decentralized swarm protection to ensure resilient, autonomous, and secure UAV operations in complex and high-risk environments.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/2046868","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145223840","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"WinDroid: A Novel Framework for Windows and Android Malware Family Classification Using Hierarchical Ensemble Support Vector Machines With Multiview Handcrafted and Deep Learning Features","authors":"K. Sundara Krishnan, S. Syed Suhaila","doi":"10.1049/ise2/8843518","DOIUrl":"10.1049/ise2/8843518","url":null,"abstract":"<p>The rapid growth and diversification of malware variants, driven by advanced code obfuscation, evasion, and antianalysis techniques, present a significant threat to cybersecurity. The inadequacy of traditional methods in accurately classifying these evolving threats highlights the need for effective and robust malware classification techniques. This article presents WinDroid, a novel visualization-based framework for Windows and Android malware family (AMF) classification using hybrid features and hierarchical ensemble learning. The WinDroid system employs a multistage approach to malware classification, transforming binaries into Markov grayscale images, enhanced via contrast-limited-adaptive-histogram-equalization and gamma correction. Deep learning and handcrafted features are extracted and fuzed using graph attention networks (GATs), feeding into hierarchical support vector machines (SVMs) for accurate family classification. This framework effectively reduces information loss, enhances computational efficiency, and demonstrates outstanding performance. WinDroid delivers excellent results, achieving 99.53% accuracy on Windows and 99.65% on AMF classification, along with Cohen’s kappa coefficients of 99.01% and 99.28%, respectively, and outperforming state-of-the-art baseline methods.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8843518","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145146957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Bowen Ma, Jiangwei Shi, Ning Zhu, Chen Fang, Yongjin Hu
{"title":"Backdoor Attack and Defense Methods for AI–Based IoT Intrusion Detection System","authors":"Bowen Ma, Jiangwei Shi, Ning Zhu, Chen Fang, Yongjin Hu","doi":"10.1049/ise2/6664900","DOIUrl":"https://doi.org/10.1049/ise2/6664900","url":null,"abstract":"<p>The Internet of Things (IoT) is an emerging technology that has attracted significant attention and triggered a technical revolution in recent years. Numerous IoT devices are directly connected to the physical world, such as security cameras and medical equipment, making IoT security a critical issue. Artificial intelligence (AI) based intrusion detection technology for IoT can rapidly detect network attacks and improve security performance. However, this technology is vulnerable to backdoor attacks. As an important form of adversarial machine learning (ML), backdoor attacks can allow malicious traffic to evade detection of the intrusion detection system, posing a significant threat to the IoT security. This study focuses on backdoor attack and defense methods for AI–based IoT intrusion detection system. Specifically, we first use different ML and deep learning (DL) classification models to classify IoT traffic data, thereby achieving intrusion detection within IoT. Additionally, we employ data poisoning techniques to implant backdoors into models, enabling backdoor attacks on classification models. For backdoor defense, we propose backdoor detection and mitigate methods: (1) The proposed backdoor detection method is achieved by leveraging the strong correlation between the backdoor trigger and the target classification; (2) we utilize the unlearning method to mitigate the backdoor effect, enhancing the robustness of classification networks. Extensive experiments were conducted on the CICIOT2023 dataset to evaluate the effectiveness of IoT intrusion detection, backdoor attack, and defense.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6664900","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145146304","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Yoyo Cryptanalysis Against Reduced-Round L-Feistel Structure for Recovering the Secret Components","authors":"Jiyan Zhang, Yuxin Niu, Zhen Shi, Ting Cui","doi":"10.1049/ise2/3355095","DOIUrl":"https://doi.org/10.1049/ise2/3355095","url":null,"abstract":"<p>L-Feistel structure is a new iterative block cipher structure and unifies the Feistel structure and the Lai–Massey structure while maintaining the similarity of encryption and decryption. In this study, we present the first yoyo cryptanalysis against the L-Feistel structure to evaluate the security under structural attack and give the method to recover the secret round function. We construct the fundamental yoyo distinguisher for the three-round L-Feistel structure, which can be used to distinguish the L-Feistel structure from random permutation and establish the linear equations of the secret round functions. Besides, the fundamental yoyo distinguisher can be extended to more rounds when the invertible linear transformations are given. Then the equivalent structures of the L-Feistel structure are provided, which helps reduce the guess of the starting point of the secret round functions. Finally, the process of recovering the secret round functions for the three-round L-Feistel structure is presented. We believe this study will enrich the application of yoyo cryptanalysis and L-Feistel structure.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/3355095","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145146305","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ye Bai, Weiwei Jiang, Jianbin Mu, Shang Liu, Weixi Gu, Shuke Wang
{"title":"Enhancing IoT Security via Federated Learning: A Comprehensive Approach to Intrusion Detection","authors":"Ye Bai, Weiwei Jiang, Jianbin Mu, Shang Liu, Weixi Gu, Shuke Wang","doi":"10.1049/ise2/8432654","DOIUrl":"10.1049/ise2/8432654","url":null,"abstract":"<p>The rapid proliferation of Internet of Things (IoT) devices has revolutionized various industries by enabling smart grids, smart cities, and other applications that rely on seamless connectivity and real-time data processing. However, this growth has also introduced significant security challenges due to the scale, heterogeneity, and resource constraints of IoT systems. Traditional intrusion detection systems (IDS) often struggle to address these challenges effectively, as they require centralized data collection and processing, which raises concerns about data privacy, communication overhead, and scalability. To address these issues, this paper investigates the application of federated learning for network intrusion detection in IoT environments. We first evaluate a range of machine learning (ML) and deep learning (DL) models, finding that the random forest model achieves the highest classification accuracy. We then propose a federated learning approach that allows distributed IoT devices to collaboratively train ML models without sharing raw data, thereby preserving privacy and reducing communication costs. Experimental results using the UNSW-NB15 dataset demonstrate that this approach achieves promising outcomes in the IoT context, with minimal performance degradation compared to centralized learning. Our findings highlight the potential of federated learning as an effective, decentralized solution for network intrusion detection in IoT environments, addressing critical challenges, such as data privacy, heterogeneity, and scalability.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8432654","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145062618","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Blockchain Analytics Based on Artificial Intelligence: Using Machine Learning for Improved Transaction Analysis","authors":"Ahmed I. Alutaibi","doi":"10.1049/ise2/5560771","DOIUrl":"10.1049/ise2/5560771","url":null,"abstract":"<p>Blockchain technology has reshaped numerous industries by providing secure and transparent transactional platforms. This paper delves into the intersection of blockchain analytics and artificial intelligence (AI) to advance transaction analysis. The primary aim is to bolster fraud detection and enhance transaction efficiency. Through a comprehensive literature review, we identify gaps in existing knowledge and lay the groundwork for our research. We introduce a novel transaction-hybrid model developed using machine learning (ML) algorithms, including support vector machines (SVMs), <i>K</i>-nearest neighbors (KNNs), and random forest (RF). This transact-hybrid model aims to fortify fraud detection capabilities by harnessing the strengths of each algorithm. We curate a unique dataset comprising 1000 instances, incorporating critical transaction features such as transaction hash, block number, transaction fee and gas limit, with binary classification indicating fraudulent transactions. Meticulous preprocessing, including feature engineering and data splitting for training and testing, is conducted. Visualization techniques, including seaborn-based graphs, correlation plots and violin plots, elucidate the dataset’s characteristics. Additionally, a spring colormap correlation map enhances the understanding of feature relationships. Transaction fee distributions before and after preprocessing are visually presented, highlighting the impact of data preparation. We introduce the novel transact-hybrid classifier (THC) with detailed mathematical equations, emphasising its contribution to transactional fraud detection. The classifier integrates SVM, KNN and RF outputs using an exclusive OR operation, showcasing innovation in model development. To evaluate model performance, we conduct a comparative analysis, incorporating SVM, KNN, RF and a voting classifier. Bar plots for accuracy, precision, recall and F1 score, with a custom plasma colormap, offer a visual summary of each model’s metrics. Furthermore, a receiver operating characteristics (ROC) curve analysis is presented, highlighting the area under the curve (AUC) for SVM, KNN, RF and voting models, providing a comprehensive view of their performance in distinguishing between true positive and false positive rates. Our proposed method demonstrates over 99% efficacy in fraud detection, underscoring its potential impact in transaction analysis.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/5560771","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144999043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}