IET Information Security最新文献

{"title":"Cybersecurity and Artificial Intelligence in Unmanned Aerial Vehicles: Emerging Challenges and Advanced Countermeasures","authors":"Deafallah Alsadie","doi":"10.1049/ise2/2046868","DOIUrl":"https://doi.org/10.1049/ise2/2046868","url":null,"abstract":"<p>The increasing adoption of artificial intelligence (AI)-driven unmanned aerial vehicles (UAVs) in military, commercial, and surveillance operations has introduced significant security challenges, including cyber threats, adversarial AI attacks, and communication vulnerabilities. This paper presents a comprehensive review of the key security threats and challenges faced by AI-powered UAVs, such as unauthorized access, GPS spoofing, adversarial manipulations, and UAV hijacking. We analyze advanced solutions including blockchain-secured UAV networks, post-quantum cryptography (PQC), adversarial AI training, self-healing AI models, and multi-factor authentication (MFA), which collectively strengthen UAV cybersecurity defenses. Our findings highlight the critical role of emerging technologies, including self-adaptive AI-driven UAVs capable of detecting and learning from novel cyber threats autonomously. We also discuss the integration of 6 G-powered communication networks for secure and ultra-fast encrypted transmissions, as well as Edge AI computing that enables real-time, onboard threat detection without cloud dependency. Furthermore, decentralized intelligence models and blockchain-based authentication are shown to enhance security in UAV swarms by preventing unauthorized infiltration. Overall, this review emphasizes the necessity of multilayered security frameworks that combine AI techniques, cryptographic measures, and decentralized swarm protection to ensure resilient, autonomous, and secure UAV operations in complex and high-risk environments.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/2046868","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145223840","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"WinDroid: A Novel Framework for Windows and Android Malware Family Classification Using Hierarchical Ensemble Support Vector Machines With Multiview Handcrafted and Deep Learning Features","authors":"K. Sundara Krishnan,&nbsp;S. Syed Suhaila","doi":"10.1049/ise2/8843518","DOIUrl":"10.1049/ise2/8843518","url":null,"abstract":"<p>The rapid growth and diversification of malware variants, driven by advanced code obfuscation, evasion, and antianalysis techniques, present a significant threat to cybersecurity. The inadequacy of traditional methods in accurately classifying these evolving threats highlights the need for effective and robust malware classification techniques. This article presents WinDroid, a novel visualization-based framework for Windows and Android malware family (AMF) classification using hybrid features and hierarchical ensemble learning. The WinDroid system employs a multistage approach to malware classification, transforming binaries into Markov grayscale images, enhanced via contrast-limited-adaptive-histogram-equalization and gamma correction. Deep learning and handcrafted features are extracted and fuzed using graph attention networks (GATs), feeding into hierarchical support vector machines (SVMs) for accurate family classification. This framework effectively reduces information loss, enhances computational efficiency, and demonstrates outstanding performance. WinDroid delivers excellent results, achieving 99.53% accuracy on Windows and 99.65% on AMF classification, along with Cohen’s kappa coefficients of 99.01% and 99.28%, respectively, and outperforming state-of-the-art baseline methods.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8843518","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145146957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Backdoor Attack and Defense Methods for AI–Based IoT Intrusion Detection System","authors":"Bowen Ma,&nbsp;Jiangwei Shi,&nbsp;Ning Zhu,&nbsp;Chen Fang,&nbsp;Yongjin Hu","doi":"10.1049/ise2/6664900","DOIUrl":"https://doi.org/10.1049/ise2/6664900","url":null,"abstract":"<p>The Internet of Things (IoT) is an emerging technology that has attracted significant attention and triggered a technical revolution in recent years. Numerous IoT devices are directly connected to the physical world, such as security cameras and medical equipment, making IoT security a critical issue. Artificial intelligence (AI) based intrusion detection technology for IoT can rapidly detect network attacks and improve security performance. However, this technology is vulnerable to backdoor attacks. As an important form of adversarial machine learning (ML), backdoor attacks can allow malicious traffic to evade detection of the intrusion detection system, posing a significant threat to the IoT security. This study focuses on backdoor attack and defense methods for AI–based IoT intrusion detection system. Specifically, we first use different ML and deep learning (DL) classification models to classify IoT traffic data, thereby achieving intrusion detection within IoT. Additionally, we employ data poisoning techniques to implant backdoors into models, enabling backdoor attacks on classification models. For backdoor defense, we propose backdoor detection and mitigate methods: (1) The proposed backdoor detection method is achieved by leveraging the strong correlation between the backdoor trigger and the target classification; (2) we utilize the unlearning method to mitigate the backdoor effect, enhancing the robustness of classification networks. Extensive experiments were conducted on the CICIOT2023 dataset to evaluate the effectiveness of IoT intrusion detection, backdoor attack, and defense.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6664900","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145146304","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Yoyo Cryptanalysis Against Reduced-Round L-Feistel Structure for Recovering the Secret Components","authors":"Jiyan Zhang,&nbsp;Yuxin Niu,&nbsp;Zhen Shi,&nbsp;Ting Cui","doi":"10.1049/ise2/3355095","DOIUrl":"https://doi.org/10.1049/ise2/3355095","url":null,"abstract":"<p>L-Feistel structure is a new iterative block cipher structure and unifies the Feistel structure and the Lai–Massey structure while maintaining the similarity of encryption and decryption. In this study, we present the first yoyo cryptanalysis against the L-Feistel structure to evaluate the security under structural attack and give the method to recover the secret round function. We construct the fundamental yoyo distinguisher for the three-round L-Feistel structure, which can be used to distinguish the L-Feistel structure from random permutation and establish the linear equations of the secret round functions. Besides, the fundamental yoyo distinguisher can be extended to more rounds when the invertible linear transformations are given. Then the equivalent structures of the L-Feistel structure are provided, which helps reduce the guess of the starting point of the secret round functions. Finally, the process of recovering the secret round functions for the three-round L-Feistel structure is presented. We believe this study will enrich the application of yoyo cryptanalysis and L-Feistel structure.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/3355095","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145146305","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhancing IoT Security via Federated Learning: A Comprehensive Approach to Intrusion Detection","authors":"Ye Bai,&nbsp;Weiwei Jiang,&nbsp;Jianbin Mu,&nbsp;Shang Liu,&nbsp;Weixi Gu,&nbsp;Shuke Wang","doi":"10.1049/ise2/8432654","DOIUrl":"10.1049/ise2/8432654","url":null,"abstract":"<p>The rapid proliferation of Internet of Things (IoT) devices has revolutionized various industries by enabling smart grids, smart cities, and other applications that rely on seamless connectivity and real-time data processing. However, this growth has also introduced significant security challenges due to the scale, heterogeneity, and resource constraints of IoT systems. Traditional intrusion detection systems (IDS) often struggle to address these challenges effectively, as they require centralized data collection and processing, which raises concerns about data privacy, communication overhead, and scalability. To address these issues, this paper investigates the application of federated learning for network intrusion detection in IoT environments. We first evaluate a range of machine learning (ML) and deep learning (DL) models, finding that the random forest model achieves the highest classification accuracy. We then propose a federated learning approach that allows distributed IoT devices to collaboratively train ML models without sharing raw data, thereby preserving privacy and reducing communication costs. Experimental results using the UNSW-NB15 dataset demonstrate that this approach achieves promising outcomes in the IoT context, with minimal performance degradation compared to centralized learning. Our findings highlight the potential of federated learning as an effective, decentralized solution for network intrusion detection in IoT environments, addressing critical challenges, such as data privacy, heterogeneity, and scalability.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8432654","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145062618","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Blockchain Analytics Based on Artificial Intelligence: Using Machine Learning for Improved Transaction Analysis","authors":"Ahmed I. Alutaibi","doi":"10.1049/ise2/5560771","DOIUrl":"10.1049/ise2/5560771","url":null,"abstract":"<p>Blockchain technology has reshaped numerous industries by providing secure and transparent transactional platforms. This paper delves into the intersection of blockchain analytics and artificial intelligence (AI) to advance transaction analysis. The primary aim is to bolster fraud detection and enhance transaction efficiency. Through a comprehensive literature review, we identify gaps in existing knowledge and lay the groundwork for our research. We introduce a novel transaction-hybrid model developed using machine learning (ML) algorithms, including support vector machines (SVMs), <i>K</i>-nearest neighbors (KNNs), and random forest (RF). This transact-hybrid model aims to fortify fraud detection capabilities by harnessing the strengths of each algorithm. We curate a unique dataset comprising 1000 instances, incorporating critical transaction features such as transaction hash, block number, transaction fee and gas limit, with binary classification indicating fraudulent transactions. Meticulous preprocessing, including feature engineering and data splitting for training and testing, is conducted. Visualization techniques, including seaborn-based graphs, correlation plots and violin plots, elucidate the dataset’s characteristics. Additionally, a spring colormap correlation map enhances the understanding of feature relationships. Transaction fee distributions before and after preprocessing are visually presented, highlighting the impact of data preparation. We introduce the novel transact-hybrid classifier (THC) with detailed mathematical equations, emphasising its contribution to transactional fraud detection. The classifier integrates SVM, KNN and RF outputs using an exclusive OR operation, showcasing innovation in model development. To evaluate model performance, we conduct a comparative analysis, incorporating SVM, KNN, RF and a voting classifier. Bar plots for accuracy, precision, recall and F1 score, with a custom plasma colormap, offer a visual summary of each model’s metrics. Furthermore, a receiver operating characteristics (ROC) curve analysis is presented, highlighting the area under the curve (AUC) for SVM, KNN, RF and voting models, providing a comprehensive view of their performance in distinguishing between true positive and false positive rates. Our proposed method demonstrates over 99% efficacy in fraud detection, underscoring its potential impact in transaction analysis.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/5560771","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144999043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Revisiting LWR: A Novel Reduction Through Quantum Approximations","authors":"Zhuang Shan,&nbsp;Leyou Zhang,&nbsp;Qiqi Lai","doi":"10.1049/ise2/6825855","DOIUrl":"10.1049/ise2/6825855","url":null,"abstract":"<p>Pseudorandom functions (PRFs) are a very important tool in cryptography, and the learning with rounding (LWR) problem is one of the main issues in their construction. LWR problem, is to find <span></span><math></math> from ⌊<b>A</b><b>s</b>⌋_<i>p</i>, where <span></span><math></math> and <span></span><math></math> is the rounding function. The LWR problem is considered a variant of the learning with error (LWE) problem, that is, to find <b>s</b> from <b>b</b> = <b>A</b><b>s</b> + <b>e</b>, where <span></span><math></math>, and LWE has been reduced to GapSVP and SIVP. The hardness of the lattice problems is the security foundation of the issued schemes. The best-known reduction for LWR was completed using information-theoretic entropy arguments, and the reduction requires <i>q</i> ≥ 2<i>n</i><i>m</i><i>p</i>. It does not directly reduce to the closest vector problem (CVP) problem, but rather to the LWE problem. However, the reduction in the aforementioned work significantly reduces the difficulty of LWR. To more accurately characterize the hardness of LWR, this paper uses statistical approximation and a Quantum Fourier Transform to reduce LWR to the CVP, thereby ensuring the hardness of LWR. Furthermore, unlike the previous conclusions, our reduction involves minimal loss and has broad security conditions, requiring only that <span></span><math></math>, where <i>q</i> and <i>p</i> are prime numbers and 0 &lt; <i>α</i> &lt; 1.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6825855","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144897395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Methodological Framework to Hybrid Machine Learning for Detecting Unusual Cyberattacks in Internet of Things","authors":"R. S. Ramya,&nbsp;S. Jayanthy","doi":"10.1049/ise2/8381148","DOIUrl":"10.1049/ise2/8381148","url":null,"abstract":"<p><b>Background:</b> The Internet of Things (IoT) represents one of the fastest-expanding developments in the computer industry. However, the inherently hostile environment of the internet makes IoT systems vulnerable. A popular and promising method for detecting cyberattacks is machine learning (ML), which produces excellent outcomes for identified attacks. However, their ability to identify unidentified malicious traffic is nearly nonexistent.</p><p><b>Need for the Study:</b> The need for study arises from the advanced security solutions of IoT, which are vulnerable to various known and unknown cyberattacks. Traditional ML methods are used to effectively detect new threats. It is followed by a hybrid methodological framework to combine supervised and semisupervised learning. It is an advanced approach to enhance detection accuracy and adaptability in dynamic IoT environments.</p><p><b>Methods:</b> The study suggests an innovative strategy that combines supervised and unsupervised techniques. Initially employing several flow-based parameters, the improved density-based spatial clustering of applications with noise (IDBSCAN) clustering technique distinguishes between anomalous and regular traffic. Next, utilizing specific statistical metrics, a hybrid multiple kernel extreme learning machine with modified teaching–learning-based optimization (HMKELM-MTLBO) classification process is applied to label the clusters.</p><p><b>Findings of the Study:</b> The findings of accuracy result as 98.95%, precision as 97.65%, recall as 98.56%, and F1 score value as 98.23%.</p><p><b>Results:</b> The approach’s effectiveness was evaluated using the ToN_IoT dataset, and a 99%+ accuracy rate was attained in identifying cyberattacks across IoT technology.</p><p><b>Conclusion:</b> The study validates the suggested strategy by testing a distinct set of attacks and training on the ToN_IoT dataset utilizing an extensive data processing system.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8381148","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144869754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"STF-LPPVA: Local Privacy-Preserving Method for Vehicle Assignment Based on Spatial–Temporal Fusion","authors":"Lei Tang,&nbsp;Zhengxin Cao,&nbsp;Xin Zhou,&nbsp;Junzhe Zhang,&nbsp;Junchi Ma","doi":"10.1049/ise2/1915019","DOIUrl":"10.1049/ise2/1915019","url":null,"abstract":"<p>There are user privacy risks in cloud-based vehicle dispatch platforms due to the unauthorized collection, use, and dissemination of data. However, existing data protection methods cannot balance privacy, usability, and efficiency well. To address this, we propose a local privacy-preserving vehicle assignment strategy via spatial–temporal fusion (STF-LPPVA). Specifically, the strategy allows the cloud platform to train and distribute a spatial–temporal representation model to the user side. Encoded by this model, drivers and passengers can privately fuze the spatial–temporal information of their trips and then transmit these fuzed vectors to the cloud platform. Based on the similarity of the vectors, the cloud platform can allocate vehicles using the Kuhn–Monkreth (KM) algorithm. In addition, we analyze the theoretical feasibility of the STF-LPPVA strategy using entropy change and get good performance with a dataset from DiDi in Chengdu, China. The results show that the successful matching rate of the STF-LPPVA strategy is very close to the original data matching with lower time overhead. Our approach can reduce the traveling distance by 66.5% and improve the matching success rate by 36.2% on average.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/1915019","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144853799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhanced Cybersecurity Framework for Unmanned Aerial Systems: A Comprehensive STRIDE-Model Analysis and Emerging Defense Strategies","authors":"Hailong Xi,&nbsp;Le Ru,&nbsp;Jiwei Tian,&nbsp;Bo Lu,&nbsp;Shiguang Hu,&nbsp;Wenfei Wang,&nbsp;Hongqiao Wang,&nbsp;Xiaohui Luan","doi":"10.1049/ise2/9637334","DOIUrl":"10.1049/ise2/9637334","url":null,"abstract":"<p>Recent advancements in unmanned aerial vehicle (UAV) technology have facilitated its widespread adoption across a spectrum of sectors, such as commercial logistics, agricultural surveillance, industrial diagnostics, and military maneuvers. However, the widespread adoption has also engendered a burgeoning array of security concerns. Unmanned aerial systems (UAS) networks are characterized by high node mobility, unstable links, open communication environments, and limited platform resources, which in turn exhibit typical vulnerabilities in terms of cybersecurity. Most current studies on UAV cybersecurity issues tend to focus on individual UAVs, often neglecting the holistic cybersecurity of UAS. This paper outlines the composition of UAS network architecture. It summarizes the main cybersecurity challenges UAS faces within six categories—spoofing, tampering, information disclosure, denial of service (DoS), service refusal, and privilege escalation—based on the STRIDE threat model. Corresponding methods for risk mitigation and security protection strategies are proposed. Ultimately, the paper provides a perspective on the future development directions of UAS cybersecurity, aiming to offer a reference for addressing related issues in subsequent research and practice.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/9637334","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144815012","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}