IET Information Security最新文献

{"title":"Blockchain-Based Piecewise Regressive Kupyna Cryptography for Secure Cloud Services","authors":"Selvakumar Shanmugam,&nbsp;Rajesh Natarajan,&nbsp;Gururaj H. L.,&nbsp;Francesco Flammini,&nbsp;Badria Sulaiman Alfurhood,&nbsp;Anitha Premkumar","doi":"10.1049/2024/6863755","DOIUrl":"https://doi.org/10.1049/2024/6863755","url":null,"abstract":"<div>\u0000 <p>Cloud computing (CC) is a network-based concept where users access data at a specific time and place. The CC comprises servers, storage, databases, networking, software, analytics, and intelligence. Cloud security is the cybersecurity authority dedicated to securing cloud computing systems. It includes keeping data private and safe across online-based infrastructure, applications, and platforms. Securing these systems involves the efforts of cloud providers and the clients that use them, whether an individual, small-to-medium business, or enterprise uses. Security is essential for protecting data and cloud resources from malicious activity. A cloud service provider is utilized to provide secure data storage services. Data integrity is a critical issue in cloud computing. However, using data storage services securely and ensuring data integrity in these cloud servers remain an issue for cloud users. We introduce a unique piecewise regressive Kupyna cryptographic hash blockchain (PRKCHB) technique to secure cloud services with higher data integrity to solve these issues. The proposed PRKCHB method involves user registration, cryptographic hash blockchain, and regression analysis. Initially, the registration process for each cloud user is performed. After registering user particulars, Davies–Meyer Kupyna’s cryptographic hash blockchain generates the hash value of data in each block. When a user requests data from the server, a piecewise regression function is used to validate their identity. Furthermore, the Gaussian kernel function recognizes authorized or unauthorized users for secure cloud information transmission. The regression function results in original data by enhanced integrity in the cloud. An analysis of the proposed PRKCHB technique evaluates different existing methods implemented in Python. The results contain different metrics: data confidentiality rate, data integrity rate, authentication time, storage overhead, and execution time. Compared to conventional techniques, findings corroborate the assertion that the proposed PRKCHB technique improves data confidentiality and integrity by up to 9% and 9% while lowering storage overhead, authentication time, and execution time by 10%, 12%, and 12%.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/6863755","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141967665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Using WPCA and EWMA Control Chart to Construct a Network Intrusion Detection Model","authors":"Ying-Ti Tsai,&nbsp;Chung-Ho Wang,&nbsp;Yung-Chia Chang,&nbsp;Lee-Ing Tong","doi":"10.1049/2024/3948341","DOIUrl":"https://doi.org/10.1049/2024/3948341","url":null,"abstract":"<div>\u0000 <p>Artificial intelligence algorithms and big data analysis methods are commonly employed in network intrusion detection systems. However, challenges such as unbalanced data and unknown network intrusion modes can influence the effectiveness of these methods. Moreover, the information personnel of most enterprises lack specialized knowledge of information security. Thus, a simple and effective model for detecting abnormal behaviors may be more practical for information personnel than attempting to identify network intrusion modes. This study develops a network intrusion detection model by integrating weighted principal component analysis into an exponentially weighted moving average control chart. The proposed method assists information personnel in easily determining whether a network intrusion event has occurred. The effectiveness of the proposed method was validated using simulated examples.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/3948341","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141967577","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Social Media Public Opinion Detection Using Multimodal Natural Language Processing and Attention Mechanisms","authors":"Yanxia Dui,&nbsp;Hongchun Hu","doi":"10.1049/2024/8880804","DOIUrl":"https://doi.org/10.1049/2024/8880804","url":null,"abstract":"<div>\u0000 <p>The fast dissemination speed and wide range of information dissemination on social media also enable false information and rumors to spread rapidly on public social media. Attackers can use false information to trigger public panic and disrupt social stability. Traditional multimodal sentiment analysis methods face challenges due to the suboptimal fusion of multimodal features and consequent diminution in classification accuracy. To address these issues, this study introduces a novel emotion classification model. The model solves the problem of interaction between modalities, which is neglected by the direct fusion of multimodal features, and improves the model’s ability to understand and generalize the semantics of emotions. The Transformer’s encoding layer is applied to extract sophisticated sentiment semantic encodings from audio and textual sequences. Subsequently, a complex bimodal feature interaction fusion attention mechanism is deployed to scrutinize intramodal and intermodal correlations and capture contextual dependencies. This approach enhances the model’s capacity to comprehend and extrapolate sentiment semantics. The cross-modal fused features are incorporated into the classification layer, enabling sentiment prediction. Experimental testing on the IEMOCAP dataset demonstrates that the proposed model achieves an emotion recognition classification accuracy of 78.5% and an F1-score of 77.6%. Compared to other mainstream multimodal emotion recognition methods, the proposed model shows significant improvements in all metrics. The experimental results demonstrate that the proposed method based on the Transformer and interactive attention mechanism can more fully understand the information of discourse emotion features in the network model. This research provides robust technical support for social network public sentiment security monitoring.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/8880804","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141631141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TAAC: Secure and Efficient Time-Attribute-Based Access Control Scheme in SDN-IoT","authors":"Jiamin Hu,&nbsp;Zhonghua Shen,&nbsp;Kefei Chen,&nbsp;Yuying Liu,&nbsp;Qian Meng,&nbsp;Fuqun Wang,&nbsp;Yong Liu","doi":"10.1049/2024/8059692","DOIUrl":"https://doi.org/10.1049/2024/8059692","url":null,"abstract":"<div>\u0000 <p>The convergence of software-defined networking (SDN) and the Internet of Things (IoT) provides a scalable method for handling the considerable volumes of data produced by IoT devices. However, the lack of appropriate security measures can lead to unauthorized access to sensitive data, potential breaches, and privacy violations, as well as time-consuming and inefficient data retrieval methods in SDN-IoT systems that require decrypting the entire dataset. To address these challenges, this article proposes the time-attribute-based access control scheme in SDN-IoT (TAAC). The TAAC scheme combines ciphertext-policy attribute-based encryption with a novel time-attribute-based access tree to ensure fine-grained access control on time and attributes, enabling secure ciphertext interaction and information sharing across domains. Furthermore, the TAAC scheme also incorporates searchable encryption, which enhances the efficiency of data retrieval. By implementing searchable encryption techniques, the data receiver can generate trapdoors to search and retrieve specific encrypted data without the need to decrypt the entire dataset. In summary, the TAAC scheme improves storage efficiency and computation, enhances scalability, and provides robust security, offering an efficient and secure solution for ciphertext sharing in SDN-IoT environments. Experimental results have demonstrated that the TAAC scheme shows excellent performance and outperforms other attribute-based searchable encryption algorithms.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/8059692","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141536641","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Optimized SM4 Hardware Implementations for Low Area Consumption","authors":"Ruolin Zhang,&nbsp;Zejun Xiang,&nbsp;Shasha Zhang,&nbsp;Xiangyong Zeng,&nbsp;Min Song","doi":"10.1049/2024/7047055","DOIUrl":"https://doi.org/10.1049/2024/7047055","url":null,"abstract":"<div>\u0000 <p>The SM4 block cipher is standardized in ISO/IEC, and it is also the national standard of commercial cryptography in China. In this paper, we propose two new techniques called “split-and-join” and “off-peak and stagger” to make SM4 more applicable to resource-constrained environments. The area optimization method uses a 1-bit data path while reducing the number of registers from 64 to 8 and the number of XOR gates from 194 to 8. As a result, we report a 1-bit-serial SM4 encryption circuit that occupies 1771 GE with a latency of 2,336 cycles. Additionally, the “off-peak and stagger” technique compresses all the operations within the state update and key schedule into 32 clock cycles to reduce the latency. In other words, it takes 32 clock cycles to complete one <i>round</i> encryption. The new circuit occupies 1861 GE with a latency of 1,344 cycles. Moreover, we also discuss how to further reduce the latency by increasing the data path with a small area overhead to provide wider area-latency tradeoffs for SM4. Our designs make SM4 competitive with many ciphers specifically designed for lightweight cryptography.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.3,"publicationDate":"2024-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/7047055","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141488365","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Lattice-Based CP-ABE Access Control for SDS Constraint with Lazy Assignment of Attributes and Attribute Revocation","authors":"Ting Guo,&nbsp;Abdugeni Abduxkur,&nbsp;Nurmamat Helil","doi":"10.1049/2024/6963475","DOIUrl":"https://doi.org/10.1049/2024/6963475","url":null,"abstract":"<div>\u0000 <p>Ciphertext-policy attribute-based encryption (CP-ABE) is a cryptographic scheme suitable for secure data sharing on cloud storage. The CP-ABE based on lattice theory has the property of resisting quantum attack. Some data objects uploaded to the cloud by the same data owner may cause conflicts of interest, or their combination may expose sensitive information. This paper proposes a revocable CP-ABE scheme on the lattice, based on ring learning with error (R-LWE) problem, to enforce access control constraints on user access to such data objects. In this scheme, first, the access policies of such data objects are amended by adding dummy attributes. Second, we control the secret key components associated with the dummy attributes or revoke the dummy attributes to prevent users from continuously accessing specific parts or all data objects from this kind of data set. Finally, we carry on the efficiency and security analysis of the scheme. The analysis results show that the scheme is efficient and safe.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.4,"publicationDate":"2024-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/6963475","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141425052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Efficient Code-Based One-Time Blind Signature Scheme for Electronic Forensics","authors":"Haiyan Xiu,&nbsp;Fang Ren,&nbsp;Xinglong Xue,&nbsp;Dong Zheng","doi":"10.1049/2024/6656367","DOIUrl":"https://doi.org/10.1049/2024/6656367","url":null,"abstract":"<div>\u0000 <p>We propose a one-time blind signature scheme based on coding theory, which is improved on the basis of the SHMWW protocol. By adding two blinding factors, the anonymity of users is protected. The analysis proves that the scheme is secure and meets the requirements of completeness, blindness, and one-more unforgeability. Under the 128-bit security level, our scheme can achieve a signature length of 2.1 kB. The experimental results show that our scheme has a short signature length and high execution efficiency. Our scheme can also be applied to electronic forensics of traffic accidents on the Internet of Vehicles, which can protect users’ privacy.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.4,"publicationDate":"2024-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/6656367","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141326744","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"LπCET: A Logic Security Analysis for Cryptographic Protocols Based on π-Calculus Extension Theory","authors":"Fusheng Wu,&nbsp;Jinhui Liu,&nbsp;Yanbin Li,&nbsp;Mingtao Ni","doi":"10.1049/2024/2634744","DOIUrl":"https://doi.org/10.1049/2024/2634744","url":null,"abstract":"<div>\u0000 <p>The <i>π</i>-calculus is a basic theory of mobile communication based on the notion of interaction, which, is aimed at analyzing and modeling the behaviors of communication processes in communicating and mobile systems, and is widely applied to the security analysis of cryptographic protocol’s design and implementation. But the <i>π</i>-calculus does not provide seamless logical security analysis, so the logical flaws in the design and the implementation of a cryptographic protocol cannot be discovered in time. This paper introduces logical rules and logical proofs, binary tree, and the KMP algorithm and proposes a new extension of the <i>π</i>-calculus theory, a logical security analysis method, and an algorithm. The aim is to analyze whether there are logical flaws in the design and the implementation of a cryptographic protocol, to ensure the security of the cryptographic protocol when it is encoded into software and implemented. This paper presents the logical security proof and analysis of the TLS1.3 protocol’s interactional implementation process. Empirical results show that the additional extension theory, the logical security analysis method, and the algorithm can effectively analyze whether there are logical flaws in the design and the implementation of a cryptographic protocol.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.4,"publicationDate":"2024-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/2634744","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141308899","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"PATS: Let Parties Have a Say in Threshold Group Key Sharing","authors":"Adnan Kılıç,&nbsp;Cansu Betin Onur,&nbsp;Ertan Onur","doi":"10.1049/2024/7557514","DOIUrl":"https://doi.org/10.1049/2024/7557514","url":null,"abstract":"<div>\u0000 <p>We present a password-authenticated (2, 3)-threshold group key share (PATS) mechanism. Although PATS resembles threshold secret sharing schemes, it has a different structure. The innovative perspective of the PATS mechanism that makes a difference from the standard secret-sharing schemes is that it involves parties in the generation of the shares. PATS allows parties to communicate securely to establish their shares over insecure channels. Parties (shareholders) construct a secret (key) using shares obtained at the end of the protocol. PATS takes advantage of zero-knowledge proofs compared to well-known threshold key exchange schemes and will tolerate the existence of semi-trusted parties. We present two variants of PATS, centralized and distributed, and then generalize PATS to (<i>t</i>, <i>n</i>)-threshold scheme. PATS supports the distributed operation and optionally facilitates group key verification by a trusted third party, which may also partake in group key sharing. In this paper, we present PATS, which employs finite fields and elliptic curves, along with its security and complexity analyses.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.4,"publicationDate":"2024-06-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/7557514","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141298410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Optimal Joint Defense and Monitoring for Networks Security under Uncertainty: A POMDP-Based Approach","authors":"Armita Kazeminajafabadi,&nbsp;Mahdi Imani","doi":"10.1049/2024/7966713","DOIUrl":"https://doi.org/10.1049/2024/7966713","url":null,"abstract":"<div>\u0000 <p>The increasing interconnectivity in our infrastructure poses a significant security challenge, with external threats having the potential to penetrate and propagate throughout the network. Bayesian attack graphs have proven to be effective in capturing the propagation of attacks in complex interconnected networks. However, most existing security approaches fail to systematically account for the limitation of resources and uncertainty arising from the complexity of attacks and possible undetected compromises. To address these challenges, this paper proposes a partially observable Markov decision process (POMDP) model for network security under uncertainty. The POMDP model accounts for uncertainty in monitoring and defense processes, as well as the probabilistic attack propagation. This paper develops two security policies based on the optimal stationary defense policy for the underlying POMDP state process (i.e., a network with known compromises): the estimation-based policy that performs the defense actions corresponding to the optimal minimum mean square error state estimation and the distribution-based policy that utilizes the posterior distribution of network compromises to make defense decisions. Optimal monitoring policies are designed to specifically support each of the defense policies, allowing dynamic allocation of monitoring resources to capture network vulnerabilities/compromises. The performance of the proposed policies is examined in terms of robustness, accuracy, and uncertainty using various numerical experiments.</p>\u0000 </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2024 1","pages":""},"PeriodicalIF":1.4,"publicationDate":"2024-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/2024/7966713","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141246107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}