Recent Advances in Information Security and Data Privacy

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: closed (15 September 2025) | Viewed by 19007

Special Issue Editors


E-Mail Website
Guest Editor
TSYS School of Computer Science, Columbus State University, Columbus, GA 31907, USA
Interests: intrusion detection; computer, network, and information security
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Computer Science Department, Morgan State University, Baltimore, MD 21251, USA
Interests: explainable artificial intelligence and machine learning to the task of detecting a given, possibly malicious, cyber activity

E-Mail Website
Guest Editor
TSYS School of Computer Science, Columbus State University, Columbus, GA 31907, USA
Interests: information security; data security and privacy; intrusion detection
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor

Special Issue Information

Dear Colleagues,

In recent years, the fields of information security and data privacy have witnessed significant advancements, with novel techniques and methodologies emerging to safeguard computing infrastructure and critical information in an increasingly connected world. The scope of the Special Issue “Recent Advances in information security and data privacy” covers the theory, applications, and implementations of information security and data privacy.  This Special Issue aims to showcase the latest research, developments, and advances in information security and data privacy, encompassing a wide range of topics from system and network security to security foundations and content protection, as well as from differential privacy and homomorphic encryption to federated learning and secure multi-party computation.

In this Special Issue of Electronics, we are looking for original and creative research covering multiple fields of information security and data privacy. Research papers using theoretical, technical, and/or practical approaches as well as survey papers are all welcome. We invite submissions on topics that include, but are not limited to:

Topics:

  • Threat, intrusion, and anomaly detection for the Internet;
  • Operating system, database, and computing infrastructure security;
  • Internet, firewall, and mobile security;
  • Encryption and decryption algorithms in information security;
  • Privacy, access control, and authentication;
  • Anti-virus and anti-hacker techniques;
  • Detection and prevention of stepping-stone intrusion;
  • Differential privacy and its applications;
  • Homomorphic encryption and secure computation;
  • Federated learning and decentralized machine learning techniques;
  • Privacy-preserving machine learning algorithms and methodologies;
  • Blockchain and distributed ledger technologies for enhancing data privacy;
  • Post-quantum cryptography and its implications for data security;
  • Ethical considerations and fairness in privacy-preserving technologies;
  • Privacy in IoT and sensor networks;
  • User-centric privacy tools and technologies;
  • Compliance with data privacy regulations and legal frameworks.

Prof. Dr. Jianhua Yang
Dr. Radhouane Chouchane
Dr. Linqiang Ge
Prof. Dr. Lixin Wang
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • information security
  • network security
  • intrusion detection
  • data security
  • data privacy
  • quantum cryptography
  • mobile security
  • homomorphic encryption

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • Reprint: MDPI Books provides the opportunity to republish successful Special Issues in book format, both online and in print.

Further information on MDPI's Special Issue policies can be found here.

Related Special Issue

Published Papers (11 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

21 pages, 534 KB  
Article
Quantum Enabled Data Authentication Without Classical Control Interaction
by Piotr Zawadzki, Grzegorz Dziwoki, Marcin Kucharczyk, Jan Machniewski, Wojciech Sułek, Jacek Izydorczyk, Weronika Izydorczyk, Piotr Kłosowski, Adam Dustor, Wojciech Filipowski, Krzysztof Paszek and Anna Zawadzka
Electronics 2025, 14(20), 4037; https://doi.org/10.3390/electronics14204037 - 14 Oct 2025
Viewed by 162
Abstract
We present a quantum-assisted data authentication protocol that integrates classical information-theoretic security with quantum communication techniques. We assume only that the participants have access to open classical and quantum channels, and share a random static key material. Building on the Wegman–Carter paradigm, our [...] Read more.
We present a quantum-assisted data authentication protocol that integrates classical information-theoretic security with quantum communication techniques. We assume only that the participants have access to open classical and quantum channels, and share a random static key material. Building on the Wegman–Carter paradigm, our scheme employs universal hashing for message authentication and leverages quantum channels to securely transmit random nonces, eliminating the need for key recycling. The protocol utilizes polar codes within Wyner’s wiretap channel model to ensure confidentiality and reliability, even in the presence of an all-powerful adversary. Security analysis demonstrates that the protocol inherits strong guarantees from both classical and quantum frameworks, provided the quantum channel maintains low loss and noise. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

28 pages, 443 KB  
Article
CPace Protocol—From the Perspective of Malicious Cryptography
by Mirosław Kutyłowski, Przemysław Kubiak and Paweł Kostkiewicz
Electronics 2025, 14(17), 3382; https://doi.org/10.3390/electronics14173382 - 25 Aug 2025
Viewed by 1366
Abstract
The CPace protocol (Internet-Draft:draft-irtf-cfrg-cpace-14) is a password-authenticated key exchange optimized for simplicity. In particular, it involves only two messages exchanged in an arbitrary order. CPace combines a simple and elegant design with privacy guarantees obtained via strict mathematical proofs. In this paper, we [...] Read more.
The CPace protocol (Internet-Draft:draft-irtf-cfrg-cpace-14) is a password-authenticated key exchange optimized for simplicity. In particular, it involves only two messages exchanged in an arbitrary order. CPace combines a simple and elegant design with privacy guarantees obtained via strict mathematical proofs. In this paper, we go further and analyze its resilience against malicious cryptography implementations. While the clever design of CPace immediately eliminates many kleptographic techniques applicable to many other protocols of this kind, we point to the remaining risks related to kleptographic setups. We show that such attacks can break the security and privacy features of CPace. Thereby, we point to the necessity of very careful certification of the devices running CPace, focusing in particular on critical threats related to random number generators. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

24 pages, 3374 KB  
Article
Enhancing Adversarial Robustness in Network Intrusion Detection: A Novel Adversarially Trained Neural Network Approach
by Vahid Heydari and Kofi Nyarko
Electronics 2025, 14(16), 3249; https://doi.org/10.3390/electronics14163249 - 15 Aug 2025
Viewed by 1299
Abstract
Machine learning (ML) has greatly improved intrusion detection in enterprise networks. However, ML models remain vulnerable to adversarial attacks, where small input changes cause misclassification. This study evaluates the robustness of a Random Forest (RF), a standard neural network (NN), and [...] Read more.
Machine learning (ML) has greatly improved intrusion detection in enterprise networks. However, ML models remain vulnerable to adversarial attacks, where small input changes cause misclassification. This study evaluates the robustness of a Random Forest (RF), a standard neural network (NN), and a Transformer-based Network Intrusion Detection System (NIDS). It also introduces ADV_NN, an adversarially trained neural network designed to improve resilience. Model performance is tested using the UNSW-NB15 dataset under both clean and adversarial conditions. The attack types include Projected Gradient Descent (PGD), Fast Gradient Sign Method (FGSM), and Black-Box transfer attacks. The proposed ADV_NN achieves 86.04% accuracy on clean data. It maintains over 80% accuracy under PGD and FGSM attacks, and exceeds 85% under Black-Box attacks at ϵ=0.15. In contrast, the RF, NN, and Transformer-based models suffer significant degradation under adversarial perturbations. These results highlight the need to incorporate adversarial defenses into ML-based NIDS for secure deployment in real-world environments. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

20 pages, 1556 KB  
Article
An Evaluation Framework for Cybersecurity Maturity Aligned with the NIST CSF
by Luís Bernardo, Silvestre Malta and João Magalhães
Electronics 2025, 14(7), 1364; https://doi.org/10.3390/electronics14071364 - 28 Mar 2025
Cited by 2 | Viewed by 3936
Abstract
Cybersecurity is critical for mitigating the economic and reputational impacts of cyberattacks. To address these risks, frameworks like the NIST Cybersecurity Framework (NIST CSF) provide standardized guidelines for managing and reducing cybersecurity threats. This paper presents a maturity assessment approach aligned with the [...] Read more.
Cybersecurity is critical for mitigating the economic and reputational impacts of cyberattacks. To address these risks, frameworks like the NIST Cybersecurity Framework (NIST CSF) provide standardized guidelines for managing and reducing cybersecurity threats. This paper presents a maturity assessment approach aligned with the NIST CSF, incorporating a dual-survey methodology. The first survey engages cybersecurity experts to calibrate question importance, while the second targets organizations across management, IT staff, and other roles. The approach employs algorithms to deliver consistent evaluations and facilitate cross-organization comparisons. Results from case studies illustrate cybersecurity maturity levels for each NIST CSF function and highlight priority controls for enhancing organizational cybersecurity. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

27 pages, 1376 KB  
Article
Proof-of-Friendship Consensus Mechanism for Resilient Blockchain Technology
by Jims Marchang, Rengaprasad Srikanth, Solan Keishing and Indranee Kashyap
Electronics 2025, 14(6), 1153; https://doi.org/10.3390/electronics14061153 - 14 Mar 2025
Cited by 1 | Viewed by 1411
Abstract
Traditional blockchain consensus mechanisms, such as Proof of Work (PoW) and Proof of Stake (PoS), face significant challenges related to the centralisation of validators and miners, environmental impact, and trustworthiness. While PoW is highly secure, it is energy-intensive, and PoS tends to favour [...] Read more.
Traditional blockchain consensus mechanisms, such as Proof of Work (PoW) and Proof of Stake (PoS), face significant challenges related to the centralisation of validators and miners, environmental impact, and trustworthiness. While PoW is highly secure, it is energy-intensive, and PoS tends to favour wealthy stakeholders, leading to validator centralisation. Existing mechanisms lack fairness, and the aspect of sustainability is not considered. Moreover, it fails to address social trust dynamics within validator selection. To bridge this research gap, this paper proposes Proof of Friendship (PoF)—a novel consensus mechanism that leverages social trust by improving decentralisation, enhancing fairness and sustainability among the validators. Unlike traditional methods that rely solely on computational power or financial stakes, PoF integrates friendship-based trust scores with geo-location diversity, transaction reliability, and sustainable energy adoption. By incorporating a trust graph, where validators are selected based on their verified relationships within the network, PoF mitigates the risks of Sybil attacks, promotes community-driven decentralisation, and enhances the resilience of the blockchain against adversarial manipulation. This research introduces the formal model of PoF, evaluates its security, decentralisation, and sustainability trade-offs, and demonstrates its effectiveness compared to existing consensus mechanisms. Our investigation and results indicate that PoF achieves higher decentralisation, improved trustworthiness, reduced validator monopolisation, and enhanced sustainability while maintaining strong network security. This study opens new avenues for socially aware blockchain governance, making consensus mechanisms more equitable, efficient, and environmentally responsible. This consensus mechanism demonstrates a holistic approach to modern blockchain design, addressing key challenges in trust, performance, and sustainability. The mechanism is tested theoretically and experimentally to validate its robustness and functionality. Processing latency (PL), network latency (NL) [transaction size/network speed], synchronisation delays (SDs), and cumulative delay per transaction are 85 ms, 172 ms, 1802 ms, [PL + NL + SD] 2059 ms, respectively. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

14 pages, 553 KB  
Article
HAETAE on ARMv8
by Minjoo Sim, Minwoo Lee and Hwajeong Seo
Electronics 2024, 13(19), 3863; https://doi.org/10.3390/electronics13193863 - 29 Sep 2024
Cited by 1 | Viewed by 1506
Abstract
In this work, we present the highly optimized implementation of the HAETAE algorithm, submitted to the second round of the Korean Post-Quantum Cryptography (KpqC) competition and to the first round of NIST’s additional post-quantum standardization for digital signatures on 64-bit ARMv8 embedded processors. [...] Read more.
In this work, we present the highly optimized implementation of the HAETAE algorithm, submitted to the second round of the Korean Post-Quantum Cryptography (KpqC) competition and to the first round of NIST’s additional post-quantum standardization for digital signatures on 64-bit ARMv8 embedded processors. To the best of our knowledge, this is the first optimized implementation of the HAETAE algorithm on 64-bit ARMv8 embedded processors. We apply various optimization techniques to enhance the multiplication operations in the HAETAE algorithm. We utilize parallel operation techniques involving vector registers and NEON (Advanced SIMD technology used in ARM processors) instructions of ARMv8 embedded processors. In particular, we achieved the best performance of the HAETAE algorithm on ARMv8 embedded processors by applying all the state-of-the-art NTT (Number Theoretic Transform) implementation techniques. Performance improvements of up to 3.07×, 3.63×, and 9.15× were confirmed for NTT, Inverse-NTT, and pointwise Montgomery operations (Montgomery multiplication used in modular arithmetic), respectively, by applying the state-of-the-art implementation techniques, including the proposed techniques. As a result, we achieved a maximum performance improvement of up to 1.16× for the key generation algorithm, up to 1.14× for the signature algorithm, and up to 1.25× for the verification algorithm. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

20 pages, 6592 KB  
Article
Lossless Data Hiding in VQ Compressed Images Using Adaptive Prediction Difference Coding
by Sisheng Chen, Jui-Chuan Liu, Ching-Chun Chang and Chin-Chen Chang
Electronics 2024, 13(17), 3532; https://doi.org/10.3390/electronics13173532 - 5 Sep 2024
Viewed by 1061
Abstract
Data hiding in digital images is an important cover communication technique. This paper studies the lossless data hiding in an image compression domain. We present a novel lossless data hiding scheme in vector quantization (VQ) compressed images using adaptive prediction difference coding. A [...] Read more.
Data hiding in digital images is an important cover communication technique. This paper studies the lossless data hiding in an image compression domain. We present a novel lossless data hiding scheme in vector quantization (VQ) compressed images using adaptive prediction difference coding. A modified adaptive index rearrangement (AIR) is presented to rearrange a codebook, and thus to enhance the correlation of the adjacent indices in the index tables of cover images. Then, a predictor based on the improved median edge detection is used to predict the indices by retaining the first index. The prediction differences are calculated using the exclusive OR (XOR) operation, and the vacancy capacity of each prediction difference type is evaluated. An adaptive prediction difference coding method based on the vacancy capacities of the prediction difference types is presented to encode the prediction difference table. Therefore, the original index table is compressed, and the secret data are embedded into the vacated room. The experimental results demonstrate that the proposed scheme can reduce the pure compression rate compared with the related works. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

23 pages, 2462 KB  
Article
Designing a Scalable and Area-Efficient Hardware Accelerator Supporting Multiple PQC Schemes
by Heonhui Jung and Hyunyoung Oh
Electronics 2024, 13(17), 3360; https://doi.org/10.3390/electronics13173360 - 23 Aug 2024
Cited by 1 | Viewed by 2475
Abstract
This study introduces a hardware accelerator to support various Post-Quantum Cryptosystem (PQC) schemes, addressing the quantum computing threat to cryptographic security. PQCs, while more secure, also bring significant computational demands, which are especially problematic for lightweight devices. Previous hardware accelerators are typically scheme-specific, [...] Read more.
This study introduces a hardware accelerator to support various Post-Quantum Cryptosystem (PQC) schemes, addressing the quantum computing threat to cryptographic security. PQCs, while more secure, also bring significant computational demands, which are especially problematic for lightweight devices. Previous hardware accelerators are typically scheme-specific, which is inefficient given the National Institute of Standards and Technology (NIST)’s multiple finalists. Our approach focuses on the shared operations among these schemes, allowing a single design to accelerate multiple candidate PQCs at the same time. This is further enhanced by allocating resources according to performance profiling results. Our compact, scalable hardware accelerator supports four of NIST PQC finalists, achieving an area efficiency of up to 81.85% compared to the current state-of-the-art multi-scheme accelerator while supporting twice as many schemes. The design demonstrates average throughput improvements ranging from 0.97× to 35.97× across the four schemes and their main operations, offering an efficient solution for implementing multiple PQC schemes within constrained hardware environments. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

15 pages, 495 KB  
Article
Explore Utilizing Network Traffic Distribution to Detect Stepping-Stone Intrusion
by Jianhua Yang and Lixin Wang
Electronics 2024, 13(16), 3258; https://doi.org/10.3390/electronics13163258 - 16 Aug 2024
Cited by 1 | Viewed by 1121
Abstract
In the past three decades, stepping-stone intrusion has become a professional and primary way used by intruders to launch their attacks since they can be protected behind a long TCP connection chain. Many different algorithms have been proposed to detect stepping-stone intrusion since [...] Read more.
In the past three decades, stepping-stone intrusion has become a professional and primary way used by intruders to launch their attacks since they can be protected behind a long TCP connection chain. Many different algorithms have been proposed to detect stepping-stone intrusion since 1995. But most algorithms cannot resist intruders’ session manipulation. In this paper, we propose a novel approach using the distribution of round-trip time (RTT) of network traffic to detect stepping-stone intrusion. This approach can resist intruders’ chaff-perturbation since the round-trip time of network packets can fairly be affected by chaffed packets. The ratio between the standard deviation of the RTTs between Send and Echo packets and the standard deviation of the RTTs between Send and Ack packets can be used to predict if a stepping-stone intrusion exists. The closer to 0 the ratio, the more suspicious a stepping-stone intrusion. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

20 pages, 10850 KB  
Article
Reversible Data Hiding in Crypto-Space Images with Polynomial Secret Sharing over Galois Field
by Hao-Wei Lu, Jui-Chuan Liu, Chin-Chen Chang and Ji-Hwei Horng
Electronics 2024, 13(14), 2860; https://doi.org/10.3390/electronics13142860 - 20 Jul 2024
Cited by 2 | Viewed by 1362
Abstract
Secret sharing is a data security technique that divides secret information into multiple parts, embeds these parts into various shares, and distributes these shares to different participants. The original secret information can be retrieved only when the number of shares gathered meets a [...] Read more.
Secret sharing is a data security technique that divides secret information into multiple parts, embeds these parts into various shares, and distributes these shares to different participants. The original secret information can be retrieved only when the number of shares gathered meets a required threshold. This paper proposes a secret sharing method that can hide data in encrypted images with reversibility and allows content owners to add an additional layer of security before uploading data to the cloud. This method enables the independent extraction of images and data, ensuring that the recovered images and extracted data can serve as validation information for each other. The proposed method not only enhances data security but also guarantees the accuracy of the extracted information. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

33 pages, 2878 KB  
Article
Privacy Essentials
by James Taylor, Jane Henriksen-Bulmer and Cagatay Yucel
Electronics 2024, 13(12), 2263; https://doi.org/10.3390/electronics13122263 - 9 Jun 2024
Cited by 1 | Viewed by 1880
Abstract
Following a series of legislative changes around privacy over the past 25 years, this study highlights data protection regulations and the complexities of applying these frameworks. To address this, we created a privacy framework to guide organisations in what steps they need to [...] Read more.
Following a series of legislative changes around privacy over the past 25 years, this study highlights data protection regulations and the complexities of applying these frameworks. To address this, we created a privacy framework to guide organisations in what steps they need to undertake to achieve compliance with the UK GDPR, highlighting the existing privacy frameworks for best practice and the requirements from the Information Commissioners Office. We applied our framework to a UK charity sector; to account for the specific nuances that working in a charity brings, we worked closely with local charities to understand their requirements, and interviewed privacy experts to develop a framework that is readily accessible and provides genuine value. Feeding the results into our privacy framework, a decision tree artefact has been developed for compliance. The artefact has been tested against black-box tests, System Usability Tests and UX Honeycomb tests. Results show that Privacy Essentials! provides the foundation of a data protection management framework and offers organisations the catalyst to start, enhance, or even validate a solid and effective data privacy programme. Full article
(This article belongs to the Special Issue Recent Advances in Information Security and Data Privacy)
Show Figures

Figure 1

Back to TopTop