Computers & Security最新文献_第10页

M3D-FL: Multi-layer Malicious Model Detection for Federated Learning in IoT networks M3D-FL：物联网网络中联邦学习的多层恶意模型检测

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-25 DOI: 10.1016/j.cose.2025.104444

Okba Ben Atia , Mustafa Al Samara , Ismail Bennis , Abdelhafid Abouaissa , Jaafar Gaber , Pascal Lorenz

{"title":"M3D-FL: Multi-layer Malicious Model Detection for Federated Learning in IoT networks","authors":"Okba Ben Atia , Mustafa Al Samara , Ismail Bennis , Abdelhafid Abouaissa , Jaafar Gaber , Pascal Lorenz","doi":"10.1016/j.cose.2025.104444","DOIUrl":"10.1016/j.cose.2025.104444","url":null,"abstract":"<div><div>Federated learning (FL) is an advanced technique in machine learning that ensures privacy while enabling multiple devices or clients to jointly train a model. Instead of sharing their private data, each device trains a local model on its own data and transmits only the model updates to a central server. However, FL systems face security threats such as poisoning attacks. The maliciously generated data can cause serious consequences on the global model. Also, it can be used to steal sensitive data or cause the model to make incorrect predictions. In this paper, we propose a new approach to enhance the detection of malicious clients against these attacks. Our novel approach is titled M3D-FL for Multi-layer Malicious Model Detection for Federated Learning in IoT networks. The first layer computes the malicious score of participating FL clients using the LOF algorithm, enabling their rejection from the FL aggregation process. Meanwhile, the second layer targets rejected clients and employs MAD outlier detection to permanently eliminate them from the FL process. Simulation results using the CIFAR10, Mnist, and Fashion-Mnist datasets showed that the M3D-FL approach outperforms other studied approaches from the literature regarding several performance metrics like the Accuracy Rate (ACC), Detection Rate (DR), Attack Success Rate (ASR), precision, and the CPU aggregation run-time. The M3D-FL approach is demonstrated to be a more effective and strict detection method of malicious models in FL.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104444"},"PeriodicalIF":4.8,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143706520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Power-ASTNN: A deobfuscation and AST neural network enabled effective detection method for malicious PowerShell Scripts Power-ASTNN：一种消除混淆和AST神经网络的有效检测方法，用于恶意PowerShell脚本

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-22 DOI: 10.1016/j.cose.2025.104441

Sanfeng Zhang , Shangze Li , Juncheng Lu , Wang Yang

{"title":"Power-ASTNN: A deobfuscation and AST neural network enabled effective detection method for malicious PowerShell Scripts","authors":"Sanfeng Zhang , Shangze Li , Juncheng Lu , Wang Yang","doi":"10.1016/j.cose.2025.104441","DOIUrl":"10.1016/j.cose.2025.104441","url":null,"abstract":"<div><div>PowerShell is frequently utilized by attackers in the realm of Windows system security, particularly in cyberattack activities such as information stealing, vulnerability exploitation, and password cracking. To evade detection, attackers often employ code obfuscation techniques on their scripts. Current detection solutions face challenges due to limited deobfuscation methods and a predominant focus on identifying static and local features. This limitation hinders the ability to capture fine-grained code features and long-distance semantic relationships, resulting in reduced robustness and accuracy. To address these issues, this paper presents a novel malicious script detection method, Power-ASTNN, which integrates deobfuscation and a tree neural network. Initially, the method utilizes AMSI memory dump to deobfuscate PowerShell scripts, yielding fully deobfuscated samples. Subsequently, a subtree splitting algorithm tailored for abstract syntax trees extracts fine-grained code features from subtree fragments. Finally, a two-layer neural network model encodes representations based on subtree node semantics and sequence semantics, effectively capturing the semantic characteristics of the code. Experimental results demonstrate the effectiveness of Power-ASTNN, achieving an accuracy of 98.87% on a self built dataset collected from multiple publicly available sources, while maintaining a low false negative rate and a high area under the curve (AUC) value exceeding 0.995. Furthermore, Power-ASTNN demonstrates superior detection performance against adversarial samples compared with existing detection models.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104441"},"PeriodicalIF":4.8,"publicationDate":"2025-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143684124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

DecoyPot: A large language model-driven web API honeypot for realistic attacker engagement DecoyPot：一个大型的语言模型驱动的web API蜜罐，用于真实的攻击者参与

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-22 DOI: 10.1016/j.cose.2025.104458

Anıl Sezgin , Aytuğ Boyacı

{"title":"DecoyPot: A large language model-driven web API honeypot for realistic attacker engagement","authors":"Anıl Sezgin , Aytuğ Boyacı","doi":"10.1016/j.cose.2025.104458","DOIUrl":"10.1016/j.cose.2025.104458","url":null,"abstract":"<div><div>As cyberattacks get more sophisticated, security systems must learn to detect and deceive them. DecoyPot, a honeypot Web Application Programming Interface (API) that generates legitimate API responses, is introduced in this paper. DecoyPot's command extractor module carefully analyzes API requests to create prompt-response pairs that improve a Retrieval-Augmented Generation based (RAG) large language model (LLM). DecoyPot can instantly adjust its answers to mimic API activity in a contextually correct and convincing manner to attackers. To assess system efficacy, we used a two-phase similarity analysis. Initial queries were matched with prompt-response pairs to ensure contextually suitable responses. Second, similarity measures were used to compare generated responses to reference responses, producing an average score of 0.9780. The high score shows that the system can create API-like responses, boosting its utility. DecoyPot engaged opponents and learned their Tactics, Techniques and Procedures (TTPs). The study shows that honeypot cybersecurity effectiveness must be improved by merging AI-driven response creation with enhanced deception technologies. DecoyPot effectively adapts to incoming queries and generates API-like responses, delivering actionable cyber threat intelligence and enhancing proactive defense strategies.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104458"},"PeriodicalIF":4.8,"publicationDate":"2025-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143714573","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Robust intrusion detection based on personalized federated learning for IoT environment 物联网环境下基于个性化联邦学习的鲁棒入侵检测

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-21 DOI: 10.1016/j.cose.2025.104442

Shimin Sun , Le Zhou , Ze Wang , Li Han

{"title":"Robust intrusion detection based on personalized federated learning for IoT environment","authors":"Shimin Sun , Le Zhou , Ze Wang , Li Han","doi":"10.1016/j.cose.2025.104442","DOIUrl":"10.1016/j.cose.2025.104442","url":null,"abstract":"<div><div>In the dynamic and complex realm of the Internet of Things (IoT) and artificial intelligence (AI), it is a significant challenge to design a network intrusion detection system that balances accuracy, efficiency, and data privacy. Federated learning offers a solution by enabling the sharing of high-quality attack samples to enhance local models’ intrusion detection capabilities without compromising local data privacy. However, most existing research on federated learning for intrusion detection assumes homogeneity among local models, which can reduce detection accuracy in real-world scenarios where local datasets are often non-independent and identically distributed (Non-IID). The Non-IID characteristic, marked by varied distributional properties and correlations, impacts model convergence and stability. To address this challenge, we propose a personalized federated cross learning framework (pFedCross) for intrusion detection, to manage imbalanced and heterogeneous data distributions. First, we present a collaborative model cross aggregation algorithm for personalized local model update, to solve the problem that one global model cannot always accommodate all the incompatible convergence directions of local models. Then, we introduce a gradient approximation <span><math><mi>α</mi></math></span>-fairness algorithm for global model generation to achieve a well-generalization. Finally, the experiments show that pFedCross outperforms baseline methods in improving model accuracy and reducing loss, highlighting its promise for enhancing IoT security.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104442"},"PeriodicalIF":4.8,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143684122","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A novel proactive and dynamic cyber risk assessment methodology 一种新颖的主动动态网络风险评估方法

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-21 DOI: 10.1016/j.cose.2025.104439

Pavlos Cheimonidis, Konstantinos Rantos

{"title":"A novel proactive and dynamic cyber risk assessment methodology","authors":"Pavlos Cheimonidis, Konstantinos Rantos","doi":"10.1016/j.cose.2025.104439","DOIUrl":"10.1016/j.cose.2025.104439","url":null,"abstract":"<div><div>In today’s operational environment, organizations face numerous cybersecurity challenges and risks. This paper presents a novel risk assessment methodology designed to assess cyber risks in a proactive and dynamic manner. Our approach gathers information from both the organization’s internal environment and cybersecurity-related open sources. It then converts the collected qualitative data into numerical form by applying predefined mapping rules, including categorical assignments and frequency-based quantification. These numerical values are then integrated with other quantitative data using a probabilistic method. Subsequently, all this information is integrated into a Bayesian network model to dynamically estimate the probability of success of a cyber attack. This probability, combined with the impact assessments of the organization’s assets, is used to provide risk estimations. By incorporating the Exploit Prediction Scoring System, our model is capable of delivering not only dynamic but also proactive risk assessments. To validate the effectiveness of the proposed methodology, we present a use case that demonstrates its application in assessing risk within a SCADA environment.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104439"},"PeriodicalIF":4.8,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143684228","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Semantics-aware location privacy preserving: A differential privacy approach 语义感知位置隐私保护：一种差分隐私保护方法

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-21 DOI: 10.1016/j.cose.2025.104402

Dikai Zou , Jun Tao , Zuyan Wang

{"title":"Semantics-aware location privacy preserving: A differential privacy approach","authors":"Dikai Zou , Jun Tao , Zuyan Wang","doi":"10.1016/j.cose.2025.104402","DOIUrl":"10.1016/j.cose.2025.104402","url":null,"abstract":"<div><div>The protection of location privacy, as a highly sensitive characteristic of information, has been extensively analyzed and discussed for a significant period. Recently, exploiting the semantics of locations offers a new dimension to enhance privacy preservation by enabling more effective control over the information disclosed by users. Different from most prior research efforts, which regard location semantics as a category, in this paper, location semantics is the statistical information about the Points of Interest (PoIs) in the specific location’s vicinity, which can be represented as a multi-dimensional vector. Further, Semantic Indistinguishability (Sem-Ind), a more relaxed privacy guarantee for location privacy than Geo-Indistinguishability (Geo-Ind), is derived under the paradigm of differential privacy. Multiple location obfuscation mechanisms, which integrate linear programming and heuristic search, respectively, are proposed to reduce utility loss while ensuring Sem-Ind. Based on the defined utility and privacy metrics, these obfuscation mechanisms are empirically evaluated on the GeoLife dataset. Experimental results indicate that the existing Geo-Ind-based obfuscation mechanisms satisfy Sem-Ind at an excessive loss of utility. Furthermore, the linear programming-based approach is capable of discovering optimal obfuscation functions, whereas the heuristic algorithms are more efficient in obtaining acceptable utility results.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104402"},"PeriodicalIF":4.8,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143684123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing maritime cyber situational awareness: A cybersecurity visualisation for non-experts 增强海上网络态势感知：面向非专家的网络安全可视化

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-21 DOI: 10.1016/j.cose.2025.104433

Dominic Too, Louise Axon, Ioannis Agrafiotis, Michael Goldsmith, Sadie Creese

{"title":"Enhancing maritime cyber situational awareness: A cybersecurity visualisation for non-experts","authors":"Dominic Too, Louise Axon, Ioannis Agrafiotis, Michael Goldsmith, Sadie Creese","doi":"10.1016/j.cose.2025.104433","DOIUrl":"10.1016/j.cose.2025.104433","url":null,"abstract":"<div><div>Cyber situational awareness is key to mitigating the impacts of cyber threats. However, maritime falls short of its comparative industries, with very little attention given to cyber threats despite the growing concern. In this paper, we explore the use of visualisations as a way to improve the situational awareness of non-experts onboard ships. We designed a visualisation tool with focus on systems that are accessible once onboard. In order to elicit requirements for our visualisations, we conducted semi-structured interviews with experts. We further created a synthetic dataset of attacks that target the systems of ships, which we used to assess the usability of our visualisation. In order to evaluate our visualisations, we conducted a user study with both expert and non-expert users. Our results show that non-expert participants were able to accurately and efficiently detect synthetic attacks targeting ships in an experimental setting, and they were able to use the visualisation to consider what the consequences of these attacks might be. Expert evaluations further suggest the visualisation has merit as a training tool for raising awareness among maritime employees.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104433"},"PeriodicalIF":4.8,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143706518","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing intrusion detection in containerized services: Assessing machine learning models and an advanced representation for system call data 增强容器化服务中的入侵检测：评估机器学习模型和系统调用数据的高级表示

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-20 DOI: 10.1016/j.cose.2025.104438

Iury Araujo , Marco Vieira

{"title":"Enhancing intrusion detection in containerized services: Assessing machine learning models and an advanced representation for system call data","authors":"Iury Araujo , Marco Vieira","doi":"10.1016/j.cose.2025.104438","DOIUrl":"10.1016/j.cose.2025.104438","url":null,"abstract":"<div><div>Security is one of the most critical requirements for modern digital systems. As the paradigm shifts from attempting to develop <em>fully</em> secure systems to designing resilient strategies that detect, respond to, and recover from attacks, Intrusion Detection Systems (IDS) become indispensable. However, developing robust IDS that address sophisticated attacks—especially in scenarios such as Cloud services, IoT, edge computing, and microservices, remains a significant challenge. Among these, containerized services present unique security challenges due to their architecture, deployment methods, and reliance on shared resources. On the other hand, Machine Learning (ML) offers promising, but not yet fully understood, solutions to enable automated, scalable, and adaptive intrusion detection mechanisms. In this paper, we study the applicability of a ML-based approach to enhance intrusion detection in containerized services by training and testing various ML algorithms on system call data, a commonly used data type in intrusion detection. Furthermore, we propose a novel graph-based representation for system calls that preserves critical relationships and contextual information between system calls. With this improved representation, we achieve enhancements in intrusion detection performance, including an increase in detection rates by at least 193% for the tested vulnerabilities while maintaining false alarms at a safer threshold, below a mean of 0.4% to maximize attack identification while minimizing false alarms we also incorporate a post-processing phase using a sliding window technique. This work not only addresses the challenges of securing containerized environments but also provides a robust framework for leveraging machine learning to build next-generation IDS.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104438"},"PeriodicalIF":4.8,"publicationDate":"2025-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143696232","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Performance analysis of dynamic ABAC systems using a queuing theoretic framework 基于排队理论框架的动态ABAC系统性能分析

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-20 DOI: 10.1016/j.cose.2025.104432

Gaurav Madkaikar , Karthikeya S.M. Yelisetty , Shamik Sural , Jaideep Vaidya , Vijayalakshmi Atluri

{"title":"Performance analysis of dynamic ABAC systems using a queuing theoretic framework","authors":"Gaurav Madkaikar , Karthikeya S.M. Yelisetty , Shamik Sural , Jaideep Vaidya , Vijayalakshmi Atluri","doi":"10.1016/j.cose.2025.104432","DOIUrl":"10.1016/j.cose.2025.104432","url":null,"abstract":"<div><div>A policy comprised of a set of rules forms the backbone of Attribute-based Access Control (ABAC) systems. Every incoming request is checked against such a policy and if at least one rule grants the access, it is allowed. Else, access is denied. The initial ABAC policy could be hand crafted by the security administrator or mined from a given set of authorizations using a policy engineering technique. In dynamic ABAC systems, over a period of time, additional authorizations may have to be granted or some removed as per situational changes. These changes are maintained in an auxiliary list. For access resolution, both the policy as well as the auxiliary list are considered before taking a decision. Since such a list can grow indefinitely and checking it adversely affects access resolution efficiency, periodic policy rebuilding must be done by combining the existing policy and the auxiliary list. However, regenerating the ABAC policy requires re-running computationally expensive policy mining algorithms. Further, access mediation has to be put on hold while this step is being carried out, resulting in periods of unavailability of the system. In this paper, we study the intricate problem of balancing access request resolution, accommodating dynamic authorization updates, and ABAC policy rebuilding. We employ a queuing theoretic approach where the access mediation process is modeled as an M/G/1 queue with vacation or limited service. While the server is primarily involved in resolving access requests, it occasionally goes on vacation to rebuild the ABAC policy. We study the effect of queue discipline on several performance parameters like request arrival rate, access resolution time, vacation duration and interval between vacations. Results of an extensive set of experiments provide a direction toward efficient implementation of dynamic ABAC systems.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104432"},"PeriodicalIF":4.8,"publicationDate":"2025-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143706516","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

DPO-Face: Differential privacy obfuscation for facial sensitive regions DPO-Face：面部敏感区域的差分隐私混淆

IF 4.8 2区计算机科学

Computers & Security Pub Date : 2025-03-19 DOI: 10.1016/j.cose.2025.104434

Yuling Luo, Tinghua Hu, Xue Ouyang, Junxiu Liu, Qiang Fu, Sheng Qin, Zhen Min, Xiaoguang Lin

{"title":"DPO-Face: Differential privacy obfuscation for facial sensitive regions","authors":"Yuling Luo, Tinghua Hu, Xue Ouyang, Junxiu Liu, Qiang Fu, Sheng Qin, Zhen Min, Xiaoguang Lin","doi":"10.1016/j.cose.2025.104434","DOIUrl":"10.1016/j.cose.2025.104434","url":null,"abstract":"<div><div>User-sensitive face images captured by widely used image-collection devices are frequently shared on social media. If these images are misused, they may pose a serious threat to users’ privacy. To ensure both privacy-preserving and image usability, this work introduces a Differential Privacy Obfuscation method of Face images (DPO-Face), which addresses the current limitations in balancing privacy and recognition accuracy. DPO-Face effectively balances privacy preservation and recognition accuracy to meet practical application demands. First, sensitive and non-sensitive regions of the image are accurately identified and located using an improved hybrid convolutional neural network by DPO-Face. Subsequently, face parsing technology is employed to precisely segment the input face image into multiple internal and external facial components. Moreover, precisely adjusted noise is introduced to the internal facial component regions using a differential privacy mechanism to disturb them, effectively protecting the privacy information of these regions while leaving the non-sensitive external components unchanged. Finally, the privacy-protected image is transmitted to the face detection and recognition module to evaluate the effectiveness of the privacy protection, such as maintaining high face detection and recognition accuracy. Experimental results demonstrate that DPO-Face meets <span><math><mi>ɛ</mi></math></span>-local differential privacy requirements, achieving recognition rates of 91%–96% and a maximum privacy protection success rate of 0.9720. This method allows the privacy level to be precisely adjusted, preventing privacy leaks to honest but curious third-party servers, thus achieving a balance between privacy-preserving and usability.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104434"},"PeriodicalIF":4.8,"publicationDate":"2025-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143684108","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0