Journal of Cyber Security and Mobility

Network Security Posture Assessment Algorithm Based on Multilayer Perceptron of Graph Convolutional Neural Networks

Xiaofeng Zhao — 2026-03-26

With the increasing complexity and security threats in cyberspace, network security situation assessment has become a key technology to ensure digital security. This study proposes a hybrid model integrating graph convolutional neural networks and multi-layer perceptrons to address the limitations of traditional methods in capturing the topological associations of complex networks and dynamic threat responses. First, this model uses graph convolutional neural networks to aggregate node neighborhood information and capture topological features. Then, it conducts deep nonlinear feature learning through multi-layer perceptrons. Finally, it screens key information through pooling layers. Finally, the situation level assessment is achieved by the Softmax classifier. Experiments showed that the accuracy rates of the model on the CICIDS and UNSW-NB15 datasets reached 96.5% and 94.3% respectively, and its performance was superior to that of the comparison models. In the simulation and dynamic environment tests, the model evaluation results were stable, with an average evaluation time of only 66.19 ms and a resource utilization rate of 53.87%. The hybrid model constructed in this study effectively overcomes the challenges of feature fusion and classification in complex network environments. It provides a novel solution for efficiently and accurately assessing network security situations and has significant practical application value.

Distributed Machine Learning Privacy Protection Algorithm for Tax Big Data Analysis

Ying Fang — 2026-03-26

With the acceleration of informatization and digitization, the tax system has generated massive amounts of data with diverse types and large scales. However, the data sharing across regions and institutions faces challenges on privacy protection and compliance. Therefore, a distributed machine learning privacy protection algorithm for tax big data is proposed, and a multi-layer secure transmission mechanism combining differential privacy, homomorphic encryption, and secure multi-party computation is designed. In the experiment, real invoices and tax declaration data from provincial tax bureaus, as well as simulated data generated based on these data, are selected to compare various existing methods. The results showed that the accuracy in classification tasks reached 0.87, which was 2.35%–8.75% higher than that of traditional distributed methods. In the regression task, the mean square error and mean absolute error were reduced by 10%–40% and 22.03%, respectively. Compared to homomorphic encryption methods, the designed method reduced communication overhead by 59.67% and achieved a fault tolerance of 96.38% under the 10% node dropout rate. In addition, the accuracy decrease in poisoning attack scenarios was only 25.29%, which was superior to other methods. This algorithm can achieve high predictive performance and robustness while ensuring privacy and compliance, providing effective technical support for intelligent tax governance.

Detection Method of Abnormal Text Information in Social Networks Integrating GUIDE and NOTICE

Ying Liu — 2026-03-26

The proliferation of abnormal text information in social networks has become an important challenge for digital social governance. Traditional detection methods are unable to cope with increasingly complex semantic camouflage and dissemination strategies due to excessive reliance on one-dimensional analysis. Therefore, this research develops a detection method for abnormal text information in social networks that integrates the Graph-based User Interaction and Diffusion Evaluation (GUIDE) module and the Natural Language Ontology-driven Textual Anomaly Classification Engine (NOTICE) module. The GUIDE module captures anomalous propagation patterns through dynamic propagation tracking and network modeling, while the NOTICE module identifies semantic risks using a multilingual ontology library and deep semantic understanding. By combining structural and semantic analysis through a dual-attention fusion mechanism, the proposed framework simultaneously detects semantic anomalies and propagation topology anomalies, thereby improving detection accuracy and practicality. The experimental results show that the framework achieves F1 score of 91.2%, 89.7%, and 88.3% in detecting fake news, junk advertising, and hate speech tasks, respectively, which is 5.5–17.8 percentage points higher than the optimal baseline model. These evaluations are conducted on a comprehensive dataset from ZN Lab, containing real-world samples from major platforms like Twitter and Weibo. In actual deployment, the system maintains an accuracy rate of 89.4% when processing 230 million pieces of content per day, and reduces manual review by 43%. In terms of resource consumption, the memory usage remains stable at 645 MB and the response time is 76 ms, significantly better than traditional models. The above results indicate that the proposed model has excellent accuracy and applicability in detecting abnormal text information in social networks, effectively solving the problem of lack of accuracy and reliability in current detection methods. It provides an efficient and reliable technical solution for content governance on social platforms, especially in scenarios such as false information prevention and network violence governance, which has important application value.

Cybersecurity in the Internet of Things (IoT): Protecting Connected Devices and Networks

Yan Zhang — 2026-03-26

The fast development of the Internet of Things (IoT) has introduced significant threats due to the growing number of connected devices and the vulnerability of data transmitted. Conventional security systems often fail to address the specific requirements of IoT networks because of the limited resources of individual devices and the complexity of the interconnected ecosystem in which they are implemented. The research introduces SecureNet-IoT, a modern security framework that will strengthen the security of connected systems and networks. The framework uses a tuned Intelligent Random Forest (ASSO-IRF) that uses an ASSO to predict the behaviour of IoT devices and distinguish between various types of attacks. SecureNet-IoT actively detects and neutralizes the possible vulnerabilities within the environments of IoT and fog computing. The information was gathered on IoT devices in smart homes and industrial IoTs, including device communication, communication logs, and network traffic, which were pre-processed with a Kalman filter to eliminate noise and normalization techniques to normalize the data. The model classifies devices as authentic, breached, or fake and uses a suggested model to forecast malicious acts. It approximates the possibilities of transitions between states, thus being able to detect threats early. In addition, the framework also analyses device communications to enhance predictive accuracy. The metrics used to assess performance were accuracy (98.96%), F1-score (96.31%), precision (98.78%), and recall (96.24%). The framework demonstrates the system’s effectiveness in preventing malicious behavior by successfully categorizing device states, estimating transition probabilities, and analyzing device communications, ultimately enhancing IoT system security and integrity.

Security Assurance of Disaster Recovery Data in Information Collection System Based on Artificial Intelligence Encryption Algorithm

Siyuan Suo — 2026-03-26

Data security in information collection systems faces challenges such as malicious attacks, data leaks, and delayed disaster recovery. This paper proposes a data security model for disaster recovery in information collection systems based on Artificial Intelligence (AI) encryption algorithms. By introducing a dynamic encryption algorithm driven by Deep Learning (DL), this model achieves real-time secure encryption and intelligent key management for collected data. First, feature extraction is performed on the data stream, and a Convolutional Neural Network (CNN) is used to identify abnormal access behavior, triggering a multi-factor dynamic encryption mechanism. Second, a Generative Adversarial Network (GAN) is used to check the integrity of backup data to prevent tampering and loss. Finally, distributed key storage and access auditing are implemented based on blockchain technology. The proposed model maintains a data encryption speed of 3.1–3.3 ms, a recovery efficiency of 4.09 ms, and a data integrity verification accuracy of 99.5%. This approach effectively improves the security and recovery reliability of disaster recovery data in information collection systems, providing a new approach for data security assurance.

Extraction and Evaluation of Cybersecurity Situation Elements in Power Monitoring Networks Based on LDA-XGBoost

Ruizhi Zhang — 2026-03-26

As power systems become increasingly digitalized and intelligent, security threats to power communication networks exhibit characteristics of multi-source, complexity, and stealth. Traditional rule-based or threshold-based security monitoring methods struggle to meet the demands of refined situational awareness. Addressing challenges such as the difficulty of integrating multi-source heterogeneous data, high false alarm rates in alerts, and the complex propagation mechanisms of link congestion, this paper proposes a power network security situational awareness framework that integrates information entropy quantification, LDA semantic topic enhancement, and XGBoost ensemble learning. This approach first performs multi-source data preprocessing through weighted fusion and Kalman smoothing. It then constructs vulnerability severity and attack impact models based on information entropy, enabling a quantifiable representation of the power network security posture. Building upon this foundation, an LDA–XGBoost-based false alarm detection model is developed, significantly enhancing alert credibility and classification accuracy. Additionally, an active–passive adjustment mechanism optimizes communication link congestion states. Experimental results demonstrate that the proposed solution reduces data redundancy by 81.8%, elevates anomaly detection accuracy to 96.8%, achieves a 98.50% resistance rate against encryption cracking, and effectively improves link status indices across multiple cases.

Network Security Situation Analysis and Forecasting System Based on Probability Neural Network

Bo Hong — 2026-03-26

This paper proposes a network security situation analysis and forecasting system to address the limits of current technologies in uncertainty measurement, multi-source data fusion, and long-sequence dependency modeling. The system uses a Genetic Algorithm to optimize the smoothing parameter and the feature weight of the Probability Neural Network to complete the situation assessment. It also uses a self-attention mechanism to enhance the gated recurrent unit’s temporal modeling ability to complete situation prediction. Experiments were conducted on the CIC-IoMT-2024 benchmark dataset, which includes multiple attack types, including DDoS, brute-force, and command-injection attacks, with comparisons against various state-of-the-art algorithms. Experiments show that the system achieves 96.78% accuracy, 95.02% detection rate, and 3.81% false alarm rate in the assessment task. In the prediction task, the mean absolute error stays below 0.0241, the root mean square error stays below 0.0603, and the coefficient of variation stays below 0.085. Compared with various state-of-the-art models, such as the support vector machine integrated with principal component analysis, the proposed integrated system achieves significant improvements in core metrics, including assessment accuracy and prediction error. These results show that the system keeps high precision, high stability, and strong generalization ability in both assessment and prediction. It offers an effective integrated solution to the limitations of current network security situation technologies. More importantly, this work bridges the gap between high-precision real-time assessment and reliable proactive forecasting in a unified framework. The demonstrated capability for accurate early warning of evolving cyber threats provides a practical pathway to building more intelligent, autonomous active defense systems, which are crucial for safeguarding critical infrastructure in the era of IoT and 5G.

A Secure Cloud Architecture for Resilient Electricity Trading Platforms in Smart Grid Environments

Mo Pingyan — 2026-03-26

To address gaps in security, resilience, and scalability in smart grid electricity trading, this study proposes Cloud-RESilient, a secure cloud-based architecture for local energy market and peer-to-peer trading platforms. The design features a hybrid edge-central cloud topology, where edge nodes support low-latency local trading and the central cloud enables scalable cross-cluster coordination. A multi-layer security framework integrates end-to-end encryption, AI-driven intrusion detection, and homomorphic encryption to protect data and enable privacy-preserving computation. A data-driven renewable energy source adaptation module based on the LSTM-ARIMA model is incorporated to manage generation variability. Validation is conducted in a simulated urban smart grid environment comprising five microgrid clusters and 10,000 prosumers, using real-world datasets including two years of renewable generation and over 10,000 cyber threat patterns. Evaluation covers three areas: security through penetration testing and privacy audits, resilience through fault tolerance and response to renewable fluctuations, and performance through scalability and latency testing. Results show that Cloud-RESilient achieves zero data leakage, 99.98% platform uptime, 92% accuracy in one-hour renewable forecasts, and 120 ms order processing time under full load. These outcomes confirm the effectiveness of the proposed methodology in delivering secure, resilient, and scalable electricity trading solutions for smart grids.

An ML-Driven Adaptive Bitrate Optimization Algorithm for Secure Edge-Assisted Video Transmission

Lirong Pang — 2026-03-26

Real-time video streaming over wireless networks has become increasingly reliant on adaptive bitrate (ABR) control to mitigate variability in bandwidth, latency, and user mobility. However, existing ABR algorithms are predominantly reactive, operate on limited network observability, and largely ignore the computational and bandwidth overhead introduced by encryption, which is now ubiquitous in edge-assisted multimedia delivery. This paper presents a machine-learning driven adaptive bitrate optimization framework that jointly addresses predictive bandwidth estimation, mobility dynamics, and security constraints in edge-assisted video transmission. We formulate bitrate selection as a stochastic optimization problem and develop a cross-layer system model that characterizes network evolution, user mobility, and cryptographic overhead. An edge-hosted learning engine leverages supervised prediction and reinforcement-driven control to proactively select bitrates using features derived from transport behavior, playback state, and security cost. We implement the proposed approach in a prototype edge-streaming platform and evaluate performance under realistic wireless traces, user mobility patterns, and multi-user contention. Experimental results demonstrate that the proposed system reduces stall probability by up to 42%, improves average Quality of Experience (QoE) by up to 27%, and maintains equitable performance under multi-user load, while introducing only modest cryptographic overhead. We further analyze the security–performance trade-offs, identify risk factors in encrypted media pipelines, and quantify the operational limits of edge execution. The results highlight the importance of integrating prediction, security-awareness, and scalability into ABR design, and demonstrate the potential of edge-hosted learning models to enable secure, high-quality, and resource-efficient video streaming in mobile environments.