Journal of Cyber Security and Mobility

Security Assessment of Commercial Password Applications: A Framework that Integrates Randomness Visualization and Spatiotemporal Deep Learning

Jiang Luo — 2026-04-30

To solve the compliance risks caused by “weak passwords”, “clear text transmission”, and algorithm misuse, and to help commercial passwords achieve automated and high-precision security assessment, this study proposes a “randomness-space-time” dual-axis fusion framework. This framework contains two core innovations: firstly, on the static ciphertext side, a “randomness visualization” strategy is proposed, which concatenates the NIST nine-term global randomness test values with local non-overlapping template matching results into a vector. After dimensionality reduction by an autoencoder, it is stacked with the original hexadecimal word throttling and bit accumulation graph to form a three-channel grayscale image, which is then input into the ResNet50 for fine-grained recognition of the encryption algorithm. Secondly, on the dynamic traffic side, a spatio-temporal parallel fusion network is designed, the session is fragmented into packet sequences, and “Attention-ResNet50” is run in parallel to extract the “spatial” texture features inside the packets. It uses the Transformer encoder to capture the “time” remote dependencies between data packets to achieve accurate identification of encryption protocols. The results showed that in ciphertext traffic detection, the recognition accuracy of ciphertext and traffic protocols reached 98.83% and 98.25%, both 3%–8% ahead of the control model. The single-sample inference delay was $<$ 5 ms, and the throughput was $>$ 240 sessions/s. This study couples randomness test statistics with deep vision-sequence models to achieve “ciphertext-traffic” dual-modal collaborative assessment, which can effectively provide compliance detection and defense technical guidance for commercial cryptography applications.

Efficient Network Attack Detection Method Combining SSPCA and Layered Detection

Rui Huang — 2026-04-30

With the deep integration of industrial control networks and information technology, the problems of high-dimensional data redundancy, multi-stage attack concealment and class imbalance lead to the inefficiency of traditional intrusion detection methods. To this end, the new frameworks of Stacked Sparse Principal Component Analysis (SSPCA) and Step-by-Step Industrial Control Intrusion Detection (SSICID) are proposed. The SSPCA reduced the dimensionality of high-dimensional industrial control network traffic data to 12 dimensions by sparse constraint and principal component stacking strategy, which improved the accuracy by 62.5% compared with traditional Principal Component Analysis (PCA). The SSICID used a layered detection architecture to achieve 98.8% detection accuracy, 97.0% recall, and 0.3 second CPU response time on ICS-CERT datasets, which was 4.5% more accurate and 40% faster than the existing optimal model. The proposed model provides an efficient solution for the real-time monitoring of complex attacks in industrial control networks and has important practical significance for ensuring the security of critical infrastructure.

Research on a Network Security Situation Intelligent Awareness and Prediction Model Based on Big Data Technology and Its Supporting Applications

Changyao Yang — 2026-04-30

The traditional network security situational awareness method is difficult to deal with high-speed multi-source data flow because it relies on a centralized data processing architecture, resulting in poor real-time performance and weak data association. Therefore, building a perception prediction model that can fuse multi-source data in real time, understand the internal structure of the network, and have cognitive reasoning capabilities similar to experts is of great theoretical significance for realizing active intelligent network security defense. The study hypothesizes that the integration of distributed flow processing, network structure mode decomposition, and a cognitive decision-making framework can build a security perception model with high-precision perception and forward-looking prediction ability. The core of this method is to integrate the above components into a unified model of “data structure cognition” three-tier collaboration: Kafka+spark stream processing layer is responsible for real-time data fusion and feature supply. The Structural Modal Modeling and Decomposition (SMMD) layer analyzes the functional topology of the network to achieve fine-grained situation decoupling; The Estimation Memory Control (EMC) cognitive layer simulates the closed-loop process of expert evaluation, experience reuse, and predictive decision-making. This architecture realizes the deep coupling of data-driven, structural understanding, and cognitive intelligence, which is different from the existing situational awareness framework that mainly relies on a single data dimension or lacks explicit cognitive reasoning. To verify this hypothesis, several experiments are designed and implemented. Firstly, a distributed stream processing framework is built based on Kafka+spark to realize the real-time fusion and feature extraction of multi-source security data. Secondly, a safety perception prediction model combining the EMC framework and SMMD is proposed. The network functional topology is analyzed by structural mode decomposition, and the EMC framework is introduced to simulate the expert cognitive decision-making process. The core findings are as follows: Experiments on the Canadian Institute for Network Security network intrusion detection dataset (cic-ids-2017) show that the accuracy of the model in predicting the macro situation level is 93.7%, and the F1-Score for identifying five types of attacks is up to 97.2%. This performance is superior to the mainstream baseline models of LSTM, TCN, and GBDT. In the verification of the real network range, the model can shorten the average response time of high-risk threats to 3.5 minutes, improve the attack containment rate to 95.2%, reduce the false positive intervention rate to 8%, and improve the analysis efficiency by about 83%. The conclusion is that the proposed model is superior to the mainstream methods in perception accuracy, response speed, and operation and maintenance efficiency. This study provides effective technical support for the construction of an active and intelligent network security protection system.

This study also recognizes that the model has some limitations: Its performance depends on high-quality labeled data for initial training and pattern library construction; When dealing with large-scale networks (such as more than 10,000 devices), the computational cost of mode division and state estimation needs to be further optimized; In addition, the prediction ability of the model to the new attack mode (zero day) that has not appeared in the training data remains to be explored. Although the model has been validated on the cic-ids-2017 standard dataset and enterprise-wide, its ability to generalize to other network architectures (such as cloud native, IoT) and more complex real-world operational environments is a direction that needs to be evaluated before actual deployment in the future.

Research on a Lightweight SM4 Algorithm-Driven Secure Communication Mechanism for Communication Links

Xiaoli Tang — 2026-04-30

Secure communication for resource-constrained embedded devices must simultaneously satisfy cryptographic compliance, low-latency transmission, and robustness against link disturbances, which makes lightweight deployment of national cryptographic algorithms a critical issue in edge and industrial communication systems. To address this problem, a lightweight SM4-based communication security mechanism is developed for heterogeneous embedded links. The proposed method integrates S-box structure compression, round-function optimization, key-scheduling reconstruction, module trimming, and interface adaptation to construct an efficient encryption/decryption framework that supports UART, CAN, and BLE communication environments. The significance of this study lies not only in reducing the computational and storage burden of SM4, but also in enabling practical deployment of a national-standard encryption mechanism in low-power, real-time, multi-interface embedded platforms. Experimental results on the STM32L432KC platform show that, under the BLE link, the proposed scheme achieves an average encryption latency of 165.8 μs and a throughput of 8.42 KB/s. Compared with existing SM4 and AES implementations, the method provides better delay-throughput performance while maintaining strong anti-interference capability and state-recovery resilience under multiple attack and error-injection scenarios. These results indicate that the proposed mechanism is suitable for secure communication tasks requiring both lightweight implementation and link-level adaptability in embedded systems.

Information Security Risk Assessment Based on Markov Chain Optimization SPA Model

Qi Liang — 2026-04-30

As a transformation of libraries combined with digital technology, digital libraries inevitably face risks such as hacker attacks and virus invasions. In order to reduce losses to users and platforms from information leakage, Information security risk assessment of digital libraries becomes an important topic. The traditional method of risk assessment always has a blind spot when assessing dynamic risk factors. Therefore, this paper constructs a fusion model based on Markov Chain optimized Set Pair Analysis model, which makes full use of the powerful function of Markov Chain and Set Pair Analysis in dealing with dynamic model with fuzzy factor. Experimental results show that when tested on the dataset, the model achieves an identification accuracy of 98.4%, an area under the curve of 0.95, and an F1 score of 0.98. Compared with other models, it not only has higher accuracy but also lower false alarm rates. These results indicate that the proposed risk assessment model is applicable and accurate in risk evaluation. It effectively addresses the difficulty of traditional methods in handling dynamic risk factors. The innovation of the model proposed in the research lies in the construction of a risk assessment framework that combines dynamic and static elements. Although the traditional set pair analysis method can handle the static correlations of risk factors, it is difficult to capture their dynamic evolution. The research achieved dynamic modeling and prediction of the risk situation through the state transition mechanism of Markov chains, and introduced the rough set theory to objectively allocate weights for risk indicators, overcoming the limitation of traditional methods where weights rely on subjective experience. Through Bayesian optimization and accelerated gradient strategies for adaptive parameter adjustment, the convergence speed and generalization ability of the model in complex risk environments were significantly improved. This framework not only realizes the deep integration of multiple algorithms at the functional level, but also achieves the unification of dynamics, objectivity and adaptability in the risk assessment of digital library information security, providing new methodological support for the analysis of high-dimensional and time-varying risks. The model proposed in the research, although performing well in terms of performance, involves integrating multiple algorithms, which leads to high computational complexity and high requirements for hardware resources and real-time performance. In practical deployment, it may encounter challenges in adapting to the high heterogeneity of digital library systems and the inconsistent data formats, and in the future, it needs to be further optimized in aspects such as lightweight deployment, cross-platform adaptation, and weak supervision learning.

Blockchain-Based Mechanism for Privacy Data Integrity Protection in Pharmaceutical Supply Chains

Rui Qiao — 2026-04-30

The pharmaceutical supply chain is increasingly tending towards multi-party collaboration and high-dimensional data flow. Currently, existing blockchain technologies lack collaborative optimization of privacy and integrity for the pharmaceutical industry. Thus, this study tries to solve these issues by designing a blockchain-based approach for preserving data privacy integrity in a pharmaceutical supply chain. First, data privacy protection algorithms along with integrity verification are designed to implement access control and prevent leakage of sensitive information. Subsequently, a bidirectional gated recurrent unit, residual network, and extreme gradient boosting are used to develop a smart contract vulnerability identification approach. Finally, a data protection model is constructed. Experiments show that the proposed data verification algorithm achieves an attribute matching success rate of 99.94%, a high-concurrency authorization error rate of 0.07%, and encryption-decryption time lower than comparison algorithms. The proposed model reaches a maximum vulnerability detection accuracy of 99.31%, an area under the curve of 0.963, a minimum response latency of 132.64 ms, and a traceability data integrity verification rate of 99.96%. The results indicate that this mechanism effectively balances data privacy protection and integrity verification requirements in the pharmaceutical supply chain and provides a new method for secure data management.

Lightweight Attribute-Based Cross-Domain Authentication for Power IoT with Edge Computing Integration

Chengbo Hu — 2026-04-30

With the rapid development of the Power Internet of Things (PIoT), the number of grid terminals has grown exponentially, and the types of equipment have become increasingly heterogeneous, covering different management domains such as power generation, transmission, distribution, and consumption. This has resulted in complex multi-domain collaborative business scenarios. In this context, when a large number of heterogeneous terminal devices access across domains, they face severe challenges such as low authentication efficiency, high computational overhead, and complex policy management due to frequent cross-domain identity verification, dynamic changing access permissions, and limited terminal resources. Traditional centralized authentication schemes based on Public Key Infrastructure (PKI) rely on a unified certificate authority (CA) and frequent certificate verification interactions, which have single-point performance bottlenecks, high communication latency, and difficulty in supporting fine-grained dynamic authorization. These schemes cannot meet the dual requirements of the Power Internet of Things for real-time performance, lightweight design, and flexible access control. Although existing attribute-based encryption (ABE) schemes support attribute-based access control, they generally face limitations such as complex policy parsing, high bilinear pairing computation overhead, and the absence of cross-domain mutual recognition mechanisms. To address this issue, we propose a lightweight, attribute-based, cross-domain authentication method that is integrated with edge computing. By constructing a three-tiered ‘cloud-edge-end’ collaborative hierarchical authentication architecture, authentication computation tasks are offloaded to edge nodes, enabling localized authentication services. Our design incorporates a lightweight, elliptic curve cryptography-based, attribute-based encryption mechanism that replaces bi-linear pairing with scalar multiplication, as well as a cross-domain attribute mapping method based on consortium blockchain smart contracts to support the automatic conversion and mutual recognition of multi-domain attributes. Additionally, a distributed credential management subsystem that integrates blockchain and secret sharing is employed to facilitate the efficient issuance and dynamic revocation of edge-side certificates. Together, these form a complete cross-domain authentication mechanism that covers the entire ‘registration-authentication-key update’ process. Experimental results demonstrate that this method consistently maintains low total authentication overhead under varying concurrency pressures, delivering high semantic security and precise, fine-grained access control. It outperforms existing mainstream approaches in terms of authentication efficiency, computational overhead and system scalability, all without compromising security. This makes it suitable for collaborative scenarios involving multiple domains and the Internet of Things where resources are limited.

Smart Grid Security Vulnerability and Defense Frameworks: A Knowledge Graph and Blockchain-based Collaborative Vulnerability Security Defense Framework

Dongxi Lu — 2026-04-30

At present, there are numerous security vulnerabilities in the smart grid, which seriously threaten the usage environment of the smart grid and the privacy of users. This study addresses this problem by building a vulnerability collaborative defense framework that strengthens smart grid’s resilience against vulnerabilities by utilizing the immutability of blockchain technology and the semantic association capabilities of knowledge graphs, and ensure the data security. The model created by combining these two technologies is examined first in the study. According to the findings, the model increased vulnerability description accuracy by 32.1% and decreased data tampering by 11.4%. Analysis of the collaborative defense framework based on this model later showed that it reduced the vulnerability false positive rate to 4.8% while achieving a 95.7% detection rate for covert vulnerabilities. From the above analysis results, it can be observed that the vulnerability collaborative defense framework proposed in the study can improve the accuracy of vulnerability detection and defense capabilities of the smart grid, thereby providing a secure environment for the smart grid, preventing external interference, and ensuring the accuracy of data.

Blockchain and Fully Homomorphic Encryption for Secure Data Management in Smart Grids

Chu-Hui Li — 2026-04-30

The storage security and privacy protection of power plant ancillary service data face severe challenges, hindering power plant operation optimization and the efficient operation of the electricity market. This research aims to construct a secure and reliable data storage system for power plant ancillary services and establish a scientific and accurate performance evaluation method. To achieve this, a multi-layer technology fusion model based on blockchain, fully homomorphic encryption (FHE), and smart contracts is proposed. The architecture integrates blockchain for trusted data provenance, FHE for privacy-preserving computation, and smart contracts for automated business logic execution, forming a coherent and secure data management framework. Specifically, the study adopts a hybrid storage mode combining blockchain structure and private database. Secure interaction and homomorphic operations of encrypted data are achieved through smart contracts. An improved approximation-ideal solution sorting method is used, combined with fuzzy hierarchical analysis to determine indicator weights. The results showed that in the ancillary business data test of a provincial power system in 2023, the proposed storage scheme achieved a data leakage rate of 1% for 10,000 pieces of data and a tampering detection success rate of 98.99%. This performance evaluation method was applied to six cross-regional power plants, effectively distinguishing the performance differences of ancillary services among different power plants. The relative similarity of the frequency regulation scenario in new energy power plants was 0.85, which was 12% higher than that in thermal power plants. This research provides a reliable and secure storage path for power plant ancillary service data, promoting the digital transformation of the power system and the standardized development of the electricity market. However, the proposed approach may face adaptability challenges in cross-regional deployment due to varying grid regulations and data standards, and the computational overhead of fully homomorphic encryption could impact real-time performance in large-scale applications. Future work will focus on optimizing algorithm efficiency, reducing computational costs, and validating the framework across diverse regional power systems to enhance its generalizability and practical deployment.