Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
Information Security and Cryptography
share announcement

Information Security and Cryptography

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Electrical, Electronics and Communications Engineering".

Deadline for manuscript submissions: 20 July 2024 | Viewed by 8355

Special Issue Editors

Dr. Zhe Xia

E-Mail Website
Guest Editor
School of Computer Science, Wuhan University of Technology, Wuhan 430070, China
Interests: cryptographic protocols; provable security; electronic voting
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Mingwu Zhang

E-Mail Website
Guest Editor
The School of Computer Science, Hubei University of Technology, Wuhan 430068, China
Interests: theoretic cryptography; security in big data; security in industrial Internet
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Lein Harn

E-Mail Website
Guest Editor
School of Computer and Engineering, University of Missouri-Kansas City, Kansas City, MO, 64110, USA
Interests: secret sharing; multiparty computation; authentication and access control

Special Issue Information

Dear Colleagues,

Information security refers to the technologies and processes that people use to protect the information in a potentially hostile environment. It is a growing and evolving field that covers a wide range of topics, from network and system security to testing and implementation. It is a critical factor in the growth of information-based processes in industry, business, and administration. In particular, cryptography is a key technique for achieving information security in communications, computer systems, electronic commerce, and in the emerging information society.

This Special Issue seeks submissions from academia, government, and industry, presenting novel research on all practical and theoretical aspects of information security and cryptography. The primary focus is on original, high-quality, unpublished research of theoretical and practical impact, including concepts, techniques, applications, and practical experiences. Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or conference.

All topic areas related to information security and cryptography are of interest and in scope. Suggested topics include but are not restricted to:

  • Anonymity and privacy;
  • Applied cryptography and implementations;
  • Authentication, identification and access control;
  • Authenticated key exchange;
  • Block and stream ciphers;
  • Complexity-theoretic cryptography;
  • Cloud computing security;
  • Cryptanalysis;
  • Cryptocurrencies;
  • Cryptographic hash functions;
  • Cryptographic protocols;
  • Database security;
  • Digital forensics;
  • Digital signatures and message authentication codes;
  • Electronic voting;
  • Formal methods;
  • Information theoretic security;
  • Key management;
  • Network and web security;
  • Privacy enhanced technologies;
  • Privacy preserving computations;
  • Public key encryption;
  • Physical security;
  • Security architectures and models;
  • Security in biometric;
  • Security in embedded systems;
  • Security in distributed systems;
  • Security in machine learning;
  • Security in operation systems;
  • Security in social networks;
  • Software security.

Dr. Zhe Xia
Prof. Dr. Mingwu Zhang
Prof. Dr. Lein Harn
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (8 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

26 pages, 19542 KiB  
Article
A Novel Protocol Using Captive Portals for FIDO2 Network Authentication
by Martiño Rivera-Dourado, Marcos Gestal, Alejandro Pazos and Jose Vázquez-Naya
Appl. Sci. 2024, 14(9), 3610; https://doi.org/10.3390/app14093610 - 24 Apr 2024
Viewed by 336
Abstract
FIDO2 authentication is starting to be applied in numerous web authentication services, aiming to replace passwords and their known vulnerabilities. However, this new authentication method has not been integrated yet with network authentication systems. In this paper, we introduce FIDO2CAP: FIDO2 Captive-portal Authentication [...] Read more.
FIDO2 authentication is starting to be applied in numerous web authentication services, aiming to replace passwords and their known vulnerabilities. However, this new authentication method has not been integrated yet with network authentication systems. In this paper, we introduce FIDO2CAP: FIDO2 Captive-portal Authentication Protocol. Our proposal describes a novel protocol for captive-portal network authentication using FIDO2 Authenticators as security keys and passkeys. For validating our proposal, we have developed a prototype of FIDO2CAP authentication in a mock scenario. Using this prototype, we performed a usability experiment with 15 real users. This work makes the first systematic approach for adapting network authentication to the new authentication paradigm relying on FIDO2 authentication. Full article
(This article belongs to the Special Issue Information Security and Cryptography)
Show Figures

Figure 1

16 pages, 6190 KiB  
Article
SimKG-BERT: A Security Enhancement Approach for Healthcare Models Consisting of Fusing SimBERT and a Knowledge Graph
by Songpu Li, Xinran Yu and Peng Chen
Appl. Sci. 2024, 14(4), 1633; https://doi.org/10.3390/app14041633 - 18 Feb 2024
Viewed by 494
Abstract
Model robustness is an important index in medical cybersecurity, and hard-negative samples in electronic medical records can provide more gradient information, which can effectively improve the robustness of a model. However, hard negatives pose difficulties in terms of their definition and acquisition. To [...] Read more.
Model robustness is an important index in medical cybersecurity, and hard-negative samples in electronic medical records can provide more gradient information, which can effectively improve the robustness of a model. However, hard negatives pose difficulties in terms of their definition and acquisition. To solve these problems, a data augmentation approach consisting of fusing SimBERT and a knowledge graph for application to a hard-negative sample is proposed in this paper. Firstly, we selected 40 misdiagnosed cases of diabetic complications as the original data for data augmentation. Secondly, we divided the contents of the electronic medical records into two parts. One part consisted of the core disease phrases in the misdiagnosed case records, which a medical specialist selected. These denoted the critical diseases that the model diagnosed as negative samples. Based on these core symptom words, new symptom phrases were directly generated using the SimBERT model. On the other hand, the noncore phrases of misdiagnosed medical records were highly similar to the positive samples. We determined the cosine similarity between the embedding vector of the knowledge graph entities and a vector made up of the noncore phrases. Then, we used Top-K sampling to generate text. Finally, combining the generated text from the two parts and the disturbed numerical indexes resulted in 160 enhancement samples. Our experiment shows that the distances between the samples generated using the SimKG-BERT model’s samples were closer to those of the positive samples and the anchor points in the space vector were closer than those created using the other models. This finding is more in line with how hard negatives are defined. In addition, compared with the model without data augmentation, the F1 values in the three data sets of diabetic complications increased by 6.4%, 2.24%, and 5.54%, respectively. The SimKG-BERT model achieves data augmentation in the absence of misdiagnosed medical records, providing more gradient information to the model, which not only improves the robustness of the model but also meets the realistic needs of assisted-diagnosis safety. Full article
(This article belongs to the Special Issue Information Security and Cryptography)
Show Figures

Figure 1

12 pages, 1295 KiB  
Article
Quantum Privacy Query Protocol Based on GHZ-like States
by Tingyu Li, Bai Liu and Jun Zhang
Appl. Sci. 2024, 14(2), 608; https://doi.org/10.3390/app14020608 - 10 Jan 2024
Viewed by 594
Abstract
The rapid development of telemedicine technology has brought great convenience to people’s lives. Alongside generating great convenience, protecting patients’ privacy has become increasingly important. Therefore, to solve the above problems, this paper proposes a quantum privacy query protocol based on GHZ-like states. The [...] Read more.
The rapid development of telemedicine technology has brought great convenience to people’s lives. Alongside generating great convenience, protecting patients’ privacy has become increasingly important. Therefore, to solve the above problems, this paper proposes a quantum privacy query protocol based on GHZ-like states. The protocol first utilizes existing diagnostic information for classification to encode symptom attributes. Then, the correlation after measurement using GHZ-like entangled states is utilized so that the querying party can only obtain a key message with the assistance of a third party. Through the above operation, the database cannot know the address of the message queried by the querying party, and the querying party is also unable to obtain more information. The protocol not only adds decoy factor detection but also adds the process of authentication while checking for illegal eavesdropping. It makes the protocol sufficiently resistant to joint attacks, participant attacks, and external system credit attacks. This database privacy query protocol ensures that the database service is more effective and its environment is more secure. Full article
(This article belongs to the Special Issue Information Security and Cryptography)
Show Figures

Figure 1

20 pages, 5855 KiB  
Article
Optimal Deception Asset Deployment in Cybersecurity: A Nash Q-Learning Approach in Multi-Agent Stochastic Games
by Guanhua Kong, Fucai Chen, Xiaohan Yang, Guozhen Cheng, Shuai Zhang and Weizhen He
Appl. Sci. 2024, 14(1), 357; https://doi.org/10.3390/app14010357 - 30 Dec 2023
Cited by 1 | Viewed by 780
Abstract
In the face of an increasingly intricate network structure and a multitude of security threats, cyber deception defenders often employ deception assets to safeguard critical real assets. However, when it comes to the intranet lateral movement attackers in the cyber kill chain, the [...] Read more.
In the face of an increasingly intricate network structure and a multitude of security threats, cyber deception defenders often employ deception assets to safeguard critical real assets. However, when it comes to the intranet lateral movement attackers in the cyber kill chain, the deployment of deception assets confronts the challenges of lack of dynamics, inability to make real-time decisions, and not considering the dynamic change of an attacker’s strategy. To address these issues, this study introduces a novel maze pathfinding model tailored to the lateral movement context, in which we try to find out the attacker’s location to deploy deception assets accurately for interception. The attack–defense process is modeled as a multi-agent stochastic game, by comparing it with random action policy and Minimax-Q algorithm, we choose Nash Q-learning to solve the deception asset’s deployment strategy to achieve the optimal solution effect. Extensive simulation tests reveal that our proposed model exhibits good convergence properties. Moreover, the average defense success rate surpasses 70%, attesting to the model’s efficacy. Full article
(This article belongs to the Special Issue Information Security and Cryptography)
Show Figures

Figure 1

21 pages, 2586 KiB  
Article
Breast Cancer Prediction Based on Differential Privacy and Logistic Regression Optimization Model
by Hua Chen, Nan Wang, Yuan Zhou, Kehui Mei, Mengdi Tang and Guangxing Cai
Appl. Sci. 2023, 13(19), 10755; https://doi.org/10.3390/app131910755 - 27 Sep 2023
Viewed by 1034
Abstract
In order to improve the classification effect of the logistic regression (LR) model for breast cancer prediction, a new hybrid feature selection method is proposed to process the data, using the Pearson correlation test and the iterative random forest algorithm based on out-of-bag [...] Read more.
In order to improve the classification effect of the logistic regression (LR) model for breast cancer prediction, a new hybrid feature selection method is proposed to process the data, using the Pearson correlation test and the iterative random forest algorithm based on out-of-bag estimation (RF-OOB) to screen the optimal 17 features as inputs to the model. Secondly, the LR is optimized using the batch gradient descent (BGD-LR) algorithm to train the loss function of the model to minimize the loss. In order to protect the privacy of breast cancer patients, a differential privacy protection technology is added to the BGD-LR model, and an LR optimization model based on differential privacy with batch gradient descent (BDP-LR) is constructed. Finally, experiments are carried out on the Wisconsin Diagnostic Breast Cancer (WDBC) dataset. Meanwhile, accuracy, precision, recall, and F1-score are selected as the four main evaluation indicators. Moreover, the hyperparameters of each model are determined by the grid search method and the cross-validation method. The experimental results show that after hybrid feature selection, the optimal results of the four main evaluation indicators of the BGD-LR model are 0.9912, 1, 0.9886, and 0.9943, in which the accuracy, recall, and F1-scores are increased by 2.63%, 3.41%, and 1.76%, respectively. For the BDP-LR model, when the privacy budget ε is taken as 0.8, the classification performance and privacy protection effect of the model reach an effective balance. At the same time, the four main evaluation indicators of the model are 0.9721, 0.9975, 0.9664, and 0.9816, which are improved by 1.58%, 0.26%, 1.81%, and 1.07%, respectively. Comparative analysis shows that the models of BGD-LR and BDP-LR constructed in this paper perform better than other classification models. Full article
(This article belongs to the Special Issue Information Security and Cryptography)
Show Figures

Figure 1

26 pages, 3856 KiB  
Article
Cloud Server-Assisted Remote Monitoring and Core Device Fault Identification for Dynamically Tuned Passive Power Filters
by Yifei Wang, Zhenglong Chen and Yi Deng
Appl. Sci. 2023, 13(17), 9830; https://doi.org/10.3390/app13179830 - 30 Aug 2023
Viewed by 657
Abstract
Reliability and safety are crucial for the operation of a dynamically tuned passive power filter (DTPPF). Safe performance of DTTPFs implies complete normal filtering without failure within a specified period. To prevent potential disaster or economic loss, it is desirable to achieve early [...] Read more.
Reliability and safety are crucial for the operation of a dynamically tuned passive power filter (DTPPF). Safe performance of DTTPFs implies complete normal filtering without failure within a specified period. To prevent potential disaster or economic loss, it is desirable to achieve early warning of any core device faults in a DTPPF based on its running state and to optimize its harmonic mitigation performance. In this paper, we explore effective methods for identifying core device faults in DTPPFs. First, we summarize the characteristic parameters of faults, running state parameters, parameters required for fault monitoring, and fault type parameters. Then, a cloud server-assisted remote monitoring and fault identification system for DTPPF is proposed, which consists of monitoring system’s architecture and cloud servers’ software architecture as well as software design of the back-end service layer and functional design of the front-end application layer. Our experiments demonstrate that the proposed system can monitor the real-time operational status of the DTPPF, enabling remote diagnosis and identification of core device faults. Moreover, it is user-friendly, as it is capable of optimizing equipment maintenance schedules and utilizing manufacturers’ service capacities. Therefore, this research provides a theoretical foundation for harmonic mitigation in low-voltage distribution networks and is valuable for practical engineering applications in industrial power grids. Full article
(This article belongs to the Special Issue Information Security and Cryptography)
Show Figures

Figure 1

16 pages, 705 KiB  
Article
Optimized Implementation of Argon2 Utilizing the Graphics Processing Unit
by Siwoo Eum, Hyunjun Kim, Minho Song and Hwajeong Seo
Appl. Sci. 2023, 13(16), 9295; https://doi.org/10.3390/app13169295 - 16 Aug 2023
Viewed by 2356
Abstract
In modern information technology systems, secure storage and transmission of personal and sensitive data are recognized as important tasks. These requirements are achieved through secure and robust encryption methods. Argon2 is an advanced cryptographic algorithm that emerged as the winner in the Password [...] Read more.
In modern information technology systems, secure storage and transmission of personal and sensitive data are recognized as important tasks. These requirements are achieved through secure and robust encryption methods. Argon2 is an advanced cryptographic algorithm that emerged as the winner in the Password Hashing Competition (PHC), offering a concrete and secure measure. Argon2 also provides a secure mechanism against side-channel attacks and cracking attacks using parallel processing (e.g., GPU). In this paper, we analyze the existing GPU-based implementation of the Argon2 algorithm and further optimize the implementation by improving the performance of the hashing function during the computation process. The proposed method focuses on enhancing performance by distributing tasks between CPU and GPU units, reducing the data transfer cost for efficient GPU-based parallel processing. By shifting several stages from the CPU to the GPU, the data transfer cost is significantly reduced, resulting in faster processing times, particularly when handling a larger number of passwords and higher levels of parallelism. Additionally, we optimize the utilization of the GPU’s shared memory, which enhances memory access speed, especially in the computation of the hash value generation process. Furthermore, we leverage the parallel processing capabilities of the GPU to perform efficient brute-force attacks. By computing the H function on the GPU, the proposed implementation can generate initial blocks for multiple inputs in a single operation, making brute-force attacks in an efficient way. The proposed implementation outperforms existing methods, especially when processing a larger number of passwords and operating at higher levels of parallelism. Full article
(This article belongs to the Special Issue Information Security and Cryptography)
Show Figures

Figure 1

20 pages, 1864 KiB  
Article
An Improved Density Peak Clustering Algorithm Based on Chebyshev Inequality and Differential Privacy
by Hua Chen, Yuan Zhou, Kehui Mei, Nan Wang, Mengdi Tang and Guangxing Cai
Appl. Sci. 2023, 13(15), 8674; https://doi.org/10.3390/app13158674 - 27 Jul 2023
Cited by 2 | Viewed by 819
Abstract
This study aims to improve the quality of the clustering results of the density peak clustering (DPC) algorithm and address the privacy protection problem in the clustering analysis process. To achieve this, a DPC algorithm based on Chebyshev inequality and differential privacy (DP-CDPC) [...] Read more.
This study aims to improve the quality of the clustering results of the density peak clustering (DPC) algorithm and address the privacy protection problem in the clustering analysis process. To achieve this, a DPC algorithm based on Chebyshev inequality and differential privacy (DP-CDPC) is proposed. Firstly, the distance matrix is calculated using cosine distance instead of Euclidean distance when dealing with high-dimensional datasets, and the truncation distance is automatically calculated using the dichotomy method. Secondly, to solve the difficulty in selecting suitable clustering centers in the DPC algorithm, statistical constraints are constructed from the perspective of the decision graph using Chebyshev inequality, and the selection of clustering centers is achieved by adjusting the constraint parameters. Finally, to address the privacy leakage problem in the cluster analysis, the Laplace mechanism is applied to introduce noise to the local density in the process of cluster analysis, enabling the privacy protection of the algorithm. The experimental results demonstrate that the DP-CDPC algorithm can effectively select the clustering centers, improve the quality of clustering results, and provide good privacy protection performance. Full article
(This article belongs to the Special Issue Information Security and Cryptography)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-8
Back to TopTop