Computer Standards & Interfaces最新文献

{"title":"A secure and efficient UAV network defense strategy: Convergence of blockchain and deep learning","authors":"Zhihao Li ,&nbsp;Qi Chen ,&nbsp;Jin Li ,&nbsp;Jiahui Huang ,&nbsp;Weichuan Mo ,&nbsp;Duncan S. Wong ,&nbsp;Hai Jiang","doi":"10.1016/j.csi.2024.103844","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103844","url":null,"abstract":"<div><p>Unmanned Aerial Vehicles (UAVs) are highly versatile and efficient tools utilized across diverse industries for data collection. However, they are vulnerable to wireless communication and data exchange risks, including unauthorized access, data theft, and network attacks. To address these problems, we introduce a secure and reliable UAV network service architecture that incorporates blockchain and deep learning to provide more secure and efficient network services for UAVs. We propose a UAV cluster identity management module by combining blockchain, encryption algorithms, and digital signatures to enhance the security of UAV communication data transmission. Then, based on machine learning, deep learning, and malicious process detection technology, we propose a real-time secure situational awareness system for UAV cluster terminal devices to enhance the security of the operating environment for UAVs. Finally, we propose a data-trustworthy interconnection platform based on blockchain, smart contracts, and consensus algorithms to realize secure and efficient sharing and transmission of terminal data. The results of the experiments demonstrate the feasibility and effectiveness of our UAV network service architecture.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2024-02-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139743938","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"HT2REP: A fair cross-chain atomic exchange protocol under UC framework based on HTLCs and TRE","authors":"Tao Li ,&nbsp;Peiyao Niu ,&nbsp;Yilei Wang ,&nbsp;Shengke Zeng ,&nbsp;Xiaoying Wang ,&nbsp;Willy Susilo","doi":"10.1016/j.csi.2024.103834","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103834","url":null,"abstract":"<div><p><span>Cross-chain transactions between heterogeneous blockchain<span> systems pose various challenges, encompassing atomicity, security, and fairness of the transactions. While Traditional Hash Time Lock Contracts (HTLCs) can achieve atomic cross-chain transactions, they exhibit fairness deficiencies in two aspects: firstly, the transaction initiator benefits from an American Option (AO) advantage, and secondly, the transaction responder may be incentivized to launch a Draining Attack (DA), both of which impact the fairness of cross-chain transactions. Because of significant fluctuations in the exchange rate of tokens held by both parties, cross-chain transactions often face timeout rollbacks, resulting in a diminished probability of successful transactions. To tackle these issues, we propose a novel atomic cross-chain exchange protocol—</span></span><span><math><mrow><mi>H</mi><msup><mrow><mi>T</mi></mrow><mrow><mn>2</mn></mrow></msup><mi>R</mi><mi>E</mi><mi>P</mi></mrow></math></span><span><span>. This protocol integrates Time Released Encryption (TRE), ShangMi 3 Hash function (SM3), and scalable </span>smart contract technologies to enhance fairness within the traditional HTLCs protocol. Additionally, </span><span><math><mrow><mi>H</mi><msup><mrow><mi>T</mi></mrow><mrow><mn>2</mn></mrow></msup><mi>R</mi><mi>E</mi><mi>P</mi></mrow></math></span> ensures atomicity, security, and a heightened probability of success for cross-chain exchanges. Finally, we demonstrate that <span><math><mrow><mi>H</mi><msup><mrow><mi>T</mi></mrow><mrow><mn>2</mn></mrow></msup><mi>R</mi><mi>E</mi><mi>P</mi></mrow></math></span> is Universally Composable (UC) secure.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2024-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139549994","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Patient-centric medical service matching with fine-grained access control and dynamic user management","authors":"Shu Wu ,&nbsp;Aiqing Zhang ,&nbsp;Ya Gao ,&nbsp;Xiaojuan Xie","doi":"10.1016/j.csi.2024.103833","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103833","url":null,"abstract":"<div><p>Personal health records (PHR) offer significant benefit for patients, such as reducing medical cost and improving the quality of medical care. Majority of the current schemes lack provisions for tracking and revoking malicious doctors. The explicit access policies are prone to leaking patient private information. What is more, owning to the uneven distribution of medical supplies, shocking computational overhead during decryption is a burden that cannot be ignored for busy medical workers. This paper proposed a patient-centric medical service matching scheme that supports policy hiding, attribute matching, fine-grained access control, and user dynamic management. The scheme uses ciphertext policy-based attribute encryption (CP-ABE) to achieve fine-grained access control and supports policy hiding. It utilizes white-box tracking technology and binary tree structure to achieve malicious doctor tracking. Revocation information is ciphertext to achieve dynamic management of doctors. From the experimental results, it can be concluded that our protocol achieves both patient-centric security and performance advantages.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2024-01-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139550003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A critical analysis of Zero Trust Architecture (ZTA)","authors":"Eduardo B. Fernandez ,&nbsp;Andrei Brazhuk","doi":"10.1016/j.csi.2024.103832","DOIUrl":"https://doi.org/10.1016/j.csi.2024.103832","url":null,"abstract":"<div><p>Zero Trust (ZT) has become a very hot approach for building secure systems, promoted by industry and government as a new way to produce systems with a high degree of security. ZT is based on not trusting any request for accessing resources. Because of the possibility of increasing the security of enterprise systems there has been a large amount of publication on different aspects of this strategy. It is then important to evaluate if its claims are true. We have used security patterns to design and evaluate security architectures and we apply here this method to analyze the expectations of this strategy. We relate the ideas behind ZT to the accumulated knowledge of security and attempt to answer some questions about the value and possibilities of this technology. In general, industry publications are vague about the technical aspects of these systems, ignore past security knowledge, and there are few reports describing actual experience building and using ZT architectures. Is Zero Trust Architecture (ZTA) the ideal architecture to build secure systems? To obtain a deeper understanding of this architecture, we analyze its pattern structure and provide a sketch of its reference architecture built as an aggregation of security patterns. As any system architecture, regardless of the way it has been constructed, represents a system, we also consider its threats. Finally, we provide directions for research on this area.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2024-01-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139436500","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"When deep learning meets watermarking: A survey of application, attacks and defenses","authors":"Huajie Chen ,&nbsp;Chi Liu ,&nbsp;Tianqing Zhu ,&nbsp;Wanlei Zhou","doi":"10.1016/j.csi.2023.103830","DOIUrl":"10.1016/j.csi.2023.103830","url":null,"abstract":"<div><p><span>Deep learning has been used to address various problems in a range of domains within both academia and industry. However, the issue of intellectual property with </span>deep learning models<span> has aroused broad attention. Watermarking, a proactive defense approach widely adopted to safeguard the copyright of digital content, is now sparking novel mechanisms for protecting the intellectual property of deep learning models. Further, significantly improved digital watermarking techniques<span> have been developed to protect multimedia content, primarily images, with high efficiency and effectiveness. Yet, our current understandings of these two technical forefronts, i.e., deep learning model watermarking and image watermarking via deep learning, are unilaterally separated and application-oriented. To this end, we have undertaken a survey on emerging watermarking mechanisms in the two areas from a novel security perspective. That is, we have surveyed attacks and defenses in deep learning model watermarking and deep-learning-based image watermarking. Within the survey, we propose an objective taxonomy to unify the two domains, revealing their commonly shared properties with reference to design principles, functionalities, etc. Upon the taxonomy, a comprehensive analysis of attacks and defenses associated with the shared properties in both domains is presented. We have summarized the collected methods from a technical aspect and their advantages vs. disadvantages. A discussion of the joint characteristics and possible improvements of the methods are attached. Lastly, we have also proposed several potential research directions to inspire more ideas in these areas.</span></span></p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2024-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139374129","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Compact and efficient KEMs over NTRU lattices","authors":"Zhichuang Liang ,&nbsp;Boyue Fang ,&nbsp;Jieyu Zheng ,&nbsp;Yunlei Zhao","doi":"10.1016/j.csi.2023.103828","DOIUrl":"10.1016/j.csi.2023.103828","url":null,"abstract":"<div><p><span><span>The NTRU lattice is a promising candidate to construct practical cryptosystems, in particular key encapsulation mechanism (KEM), resistant to </span>quantum computing attacks. Nevertheless, there are still some inherent obstacles to NTRU-based KEM schemes when considering integrated performance, taking security, bandwidth, error probability, and computational efficiency </span><em>as a whole</em><span>, that is as good as and even better than their {R,M}LWE-based counterparts. In this work, we address the challenges by presenting a new family of NTRU-based KEM schemes, denoted as CTRU and CNTR. By bridging low-dimensional lattice codes and high-dimensional NTRU-lattice-based cryptography with careful design and analysis, to the best of our knowledge, CTRU and CNTR are the first NTRU-based KEM schemes featuring scalable ciphertext compression via only one </span><em>single</em> ciphertext polynomial, and are the first that can outperform {R,M}LWE-based KEM schemes in terms of integrated performance. For instance, when compared to Kyber, the only KEM scheme currently standardized by NIST, our recommended parameter set CNTR-768 exhibits approximately 12% smaller ciphertext size, when its security is strengthened by <span><math><mrow><mo>(</mo><mn>8</mn><mo>,</mo><mn>7</mn><mo>)</mo></mrow></math></span> bits for classical and quantum security respectively, with a significantly lower error probability (<span><math><msup><mrow><mn>2</mn></mrow><mrow><mo>−</mo><mn>230</mn></mrow></msup></math></span> for CNTR-768 vs. <span><math><msup><mrow><mn>2</mn></mrow><mrow><mo>−</mo><mn>164</mn></mrow></msup></math></span> for Kyber-768). In terms of the state-of-the-art AVX2 implementation of Kyber-768, CNTR-768,achieves a speedup of 2.7X in KeyGen, 3.3X in Encaps, and 1.6X in Decaps, respectively. When compared to the NIST Round 3 finalist NTRU-HRSS, CNTR-768,features 15% smaller ciphertext size, coupled with an improvement of <span><math><mrow><mo>(</mo><mn>55</mn><mo>,</mo><mn>49</mn><mo>)</mo></mrow></math></span> bits for classical and quantum security respectively. As for the AVX2 implementation, CNTR-768,outperforms NTRU-HRSS by 26X in KeyGen, 3.0X in Encaps, and 2.2X in Decaps, respectively. Along the way, we develop new techniques for more accurate error probability analysis, and a unified number theoretic transform (NTT) implementation for multiple parameter sets, which may be of independent interest.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2024-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139080229","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Local differential privacy and its applications: A comprehensive survey","authors":"Mengmeng Yang ,&nbsp;Taolin Guo ,&nbsp;Tianqing Zhu ,&nbsp;Ivan Tjuawinata ,&nbsp;Jun Zhao ,&nbsp;Kwok-Yan Lam","doi":"10.1016/j.csi.2023.103827","DOIUrl":"10.1016/j.csi.2023.103827","url":null,"abstract":"<div><p><span><span>With the rapid development of low-cost consumer electronics and pervasive adoption of next generation wireless communication technologies, a tremendous amount of data has been generated from users’ smart devices and collected for research and analysis. This inevitably results in increasing concern of mobile users regarding their personal information; the problem of </span>privacy preservation has become more urgent and it has also attracted a significant amount of attention from both academic researchers and industry practitioners. As a strong privacy tool, local </span>differential privacy<span> (LDP) has been widely deployed in recent years. It eliminates the need for a trusted third party by allowing users to perturb their data locally, thus providing better privacy protection. This survey provides a comprehensive and structured overview of LDP technology. We summarize and analyse state-of-the-art development in LDP and compare a range of methods from various perspectives and from the context of machine learning model training. We explore the applications of LDP in various domains. Furthermore, we identify several research challenges and discuss promising future research directions.</span></p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2023-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139079200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A heuristic design toolkit for web conferencing software based on self-determination theory","authors":"Ming Wu,&nbsp;Xiaohui Shen,&nbsp;Lekai Zhang,&nbsp;Xingyu Liu,&nbsp;Hailong Zhang,&nbsp;Yaqi Hu","doi":"10.1016/j.csi.2023.103831","DOIUrl":"10.1016/j.csi.2023.103831","url":null,"abstract":"<div><p><span>Web conferencing software can help workers work remotely and provide them with greater flexibility and autonomy. However, existing web conferencing software faces certain technical, functional, and design-related limitations. These problems lead to a less than ideal user experience and consequently result in a lack of intrinsic motivation on the part of the user. To improve this situation, we conducted a System Literature Review (SLR) to integrate and summarize the principles proposed in the literature and ultimately developed a heuristic design toolkit for web conferencing software based on self-determination theory. This toolkit contains a total of 15 principles corresponding to autonomy, competence and relatedness. Through heuristic and expert evaluations, we verified that the toolkit is effective in identifying problems. Therefore, the results of this research can help designers to develop web conferencing software and evaluate its usability in order to address the </span>usability issues of the software and to satisfy the basic psychological needs of the users, thus enhancing users intrinsic motivation to use the web conferencing software.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2023-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139069294","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MRAN: Multimodal relationship-aware attention network for fake news detection","authors":"Hongyu Yang ,&nbsp;Jinjiao Zhang ,&nbsp;Liang Zhang ,&nbsp;Xiang Cheng ,&nbsp;Ze Hu","doi":"10.1016/j.csi.2023.103822","DOIUrl":"10.1016/j.csi.2023.103822","url":null,"abstract":"<div><p>Existing multimodal fake news detection methods face challenges in jointly capturing the intramodality and cross-modal correlation relationships between image regions and text fragments. Additionally, these methods lack comprehensive hierarchical semantics mining for text. These limitations result in ineffective utilization of multimodal information and impact detection performance. To address these issues, we propose a multimodal relationship-aware attention network (MRAN), which consists of three main steps. First, a multi-level encoding network is employed to extract hierarchical semantic feature representations of text, while the visual feature extractor VGG19 learns image feature representations. Second, the captured text and image representations are input into the relationship-aware attention network, which generates high-order fusion features by calculating the similarity between information segments within modalities and cross-modal similarity. Finally, the fusion features are passed through a fake news detector, which identifies fake news. Experimental results on three benchmark datasets demonstrate the effectiveness of MRAN, highlighting its strong detection performance.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2023-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139055034","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MRFM: A timely detection method for DDoS attacks in IoT with multidimensional reconstruction and function mapping","authors":"Lixia Xie ,&nbsp;Bingdi Yuan ,&nbsp;Hongyu Yang ,&nbsp;Ze Hu ,&nbsp;Laiwei Jiang ,&nbsp;Liang Zhang ,&nbsp;Xiang Cheng","doi":"10.1016/j.csi.2023.103829","DOIUrl":"10.1016/j.csi.2023.103829","url":null,"abstract":"<div><p>To address the slow response time of existing detection modules to the Internet of Things<span> (IoT) Distributed Denial of Service (DDoS) attacks, along with their low feature differentiation and poor detection performance, we propose MRFM, a timely detection method with multidimensional reconstruction and function mapping. Firstly, we employ a queue mechanism to capture and store incoming network traffic data within a predefined time frame. Subsequently, we introduce a multidimensional reconstruction neural network model, specifically designed to reconstruct quantitative features based on their respective indices by adjusting the loss function. This process is followed by the computation of multidimensional reconstruction errors and the transformation of vectors into mapping features, thereby augmenting the disparities among various types of traffic data and promoting the similarity within the same category of traffic data. Lastly, we extract frequency information from the qualitative feature matrix using information entropy calculations, enriching the feature profile of individual traffic instances. The experimental results on two benchmark datasets show that MRFM can effectively detect different types of DDoS attacks. Notably, MRFM consistently outperforms other existing methods, exhibiting an average metric improvement of up to 9.61 %.</span></p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":5.0,"publicationDate":"2023-12-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139055029","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}