Journal of Cyber Security and Mobility

AI-Based Malware Detection and Classification Algorithms

Zhenshen Zhu — Thu, 04 Jun 2026 00:00:00 +0200

Malware exhibits characteristics such as rapid variant evolution, sophisticated obfuscation techniques, and frequent zero-day attacks. Existing detection methods suffer from issues like insufficient feature extraction, weak generalization capabilities, and difficulty in capturing code semantic information. This paper proposes a malware detection and classification algorithm based on the fusion of Graph Neural Networks (GNN) and attention mechanisms. First, this paper transforms the control flow graph and function call graph of malware into a heterogeneous graph structure, extracting node and edge features. Second, it employs a Graph Convolutional Network (GCN) for multi-layer feature aggregation, introducing a multi-head attention mechanism to adaptively learn the weights of key code snippets. Then, it reduces dimensionality and integrates global features through a graph pooling layer, utilizing a fully connected layer for binary classification detection and multi-class family identification of malware. Finally, adversarial training is applied to enhance the model’s robustness. Verified on a public dataset containing 15000 samples, the overall detection accuracy reached 98.7%, the recall rate reached 98.8%, and the detection rate for confused samples increased to 96.1%. The experimental results show that this method can effectively identify variants of malicious software and has strong practical value.

Blockchain-based 5G Wireless Access Network Resource Sharing Framework and Secure Resource Allocation Method

Deqiang Fei, Xu Wei — Thu, 04 Jun 2026 00:00:00 +0200

In response to problems such as a lack of trust, low resource utilization rates, conflicts due to multiple constraints, and security risks associated with sharing 5G wireless access network resources, this study proposes an efficient, trustworthy, and secure distributed resource sharing system and optimizes the resource allocation strategy. First, it performs virtual decoupling and atomic modeling for the three core computing resources: spectrum, security, and computing power. It also designs a five-layer distributed resource-sharing framework that integrates blockchain and software-defined networks. Additionally, it proposes an improved delegated proof-of-stake consensus mechanism, as well as an asymmetric encryption transaction authentication and resource status traceability mechanism. Second, for the multi-constraint conflict issue, it designs a multi-agent deep deterministic strategy gradient secure resource allocation algorithm integrating long-term and short-term memory state prediction. The verification experiments were carried out based on the 5G-RAN public resource scheduling dataset in accordance with the 3GPP TR38.901 protocol specification. The experimental hardware was equipped with Intel Core i9-13900K processor, NVIDIA RTX 4090 graphics card, etc. The simulation platform was built on the Ubuntu 22.04 LTS system using the PyTorch 2.1.0 deep learning framework and the NS-3 3.36 simulation tool. The comparison benchmarks were mainstream centralized resource allocation schemes, blockchain, federated deep reinforcement learning schemes, and consortium chain hierarchical cross-slice schemes. The experimental results showed that the resource utilization rate of this framework reached 89.3%, the transaction delay was only 21.8 ms, the service quality satisfaction and security compliance rate were 96.7% and 98.2% respectively, the double-spend attack resistance rate and resource status traceability accuracy rate both reached 99.9%, and all related indicators were significantly superior to the existing comparison schemes. This study provided technical support for 5G resource collaboration in scenarios such as industrial internet and vehicle networking, effectively solving the trust bottleneck and scheduling problems in distributed environments. However, the research has not fully considered the adaptability of resource scheduling in extreme network environments. The computational power consumption of the algorithm in large-scale node deployment scenarios must be optimized further. The computational cost of the blockchain and multi-agent deep reinforcement learning components is high. Additionally, the system’s scalability in ultra-dense 5G scenarios must be improved. To a certain extent, this framework’s immediate large-scale practical application in complex 5G network environments is limited.

Security and Privacy Protection Methods for Federated Learning for Big Data

Bin Zhou — Thu, 04 Jun 2026 00:00:00 +0200

In the big data environment, federated learning faces multiple challenges such as privacy leakage, poisoning attacks, and communication overload. Existing methods, mostly functioning as point defenses, struggle to simultaneously balance security, efficiency, and utility. This research aims to construct a multi-layered federated learning security system encompassing “source protection, process defense, and global optimization”. The study builds a cloud-edge-end collaborative architecture, integrating differential privacy with Shamir’s secret sharing to achieve data source perturbation and gradient share transmission. Through Mixup data augmentation combined with gradient clustering, it proactively detects poisoning attacks and introduces federated unlearning to remediate malicious impacts post factum. Based on static Bayesian games, it dynamically allocates privacy budgets to achieve a Nash equilibrium between personalized privacy and model utility. Experiments conducted on the CIFAR-10 and FEMNIST datasets, using a convolutional neural network as the base model and comparing it with the Vanilla FL model and module ablation versions, demonstrate the following: the FAA achieves a communication overhead of only 91.9 MB with 75 clients. Mixup combined with gradient clustering maintains an accuracy of 69.7% under 24% poisoning attacks. The game-theoretic framework attains a privacy–utility balance coefficient of up to 0.91. In complex dynamic scenarios, the multi-layered framework achieves an accuracy of 76.9%. This system exhibits robust security and adaptability under various attacks, providing a systematic solution for the practical deployment of federated learning.

Obstacles in the Design and Implementation of Smart Contract-Driven Automated Audit Processes

Xiao Lanqing — Thu, 04 Jun 2026 00:00:00 +0200

Traditional auditing processes are inefficient and produce low-quality audit reports due to human intervention. This research project constructs a novel automated auditing architecture based on smart contracts, comprising four functional modules: (i) data acquisition, (ii) rule encoding, (iii) execution verification, and (iv) report output. This paper demonstrates how to achieve a high-throughput, low-latency, and verifiable automated auditing system by utilizing technologies such as multi-source data cross-validation, formal encoding of audit rules, privacy protection based on zero-knowledge proofs, and cross-chain communication. The developed novel auditing process can shorten the traditional audit cycle to 8 to 15 days, reduce manual operation costs by 37.5% to 44.4%, reduce the error rate to 0.2% to 0.5%, and exhibit high fault tolerance during disaster recovery, making it an effective approach to achieve digital transformation of auditing processes.

WSN Secure Routing Planning Algorithm Based on MOACO

Qian Mei, Jie Li, Zhiyong Si — Thu, 04 Jun 2026 00:00:00 +0200

This study proposes a secure routing planning algorithm that integrates an improved Dempster-Shafer Evidence Theory (D-S ET) and enhanced Multi-Objective Ant Colony Optimization (MOACO) to balance security protection and Energy Consumption (EC) in Wireless Sensor Networks (WSN). For the D-S ET, we correct third-party recommendation bias by calculating evidence distance and introducing discount coefficients, thereby optimizing its conflict handling mechanism, solving the problem of node credibility misjudgment caused by traditional evidence fusion, and achieving accurate Node Trust Evaluation (NTE) through a direct and indirect dual trust mechanism. For MOACO, we integrated elite retention strategy, improved crowding distance, and mutation convergence operation to optimize the Pareto optimal solution set, improving the search accuracy and stability of the algorithm, and achieving multi-objective routing optimization with node trust value and remaining energy as the core objectives. Based on a 100 node WSN simulation environment, the algorithm was compared with typical baseline methods under consistent initial parameter settings. The experimental results show that when the proportion of Malicious Nodes (MN) is 25%, the detection rate of MN in this algorithm is 84.5%, and the false positive rate is 9.2%, which is better than the comparative methods. In terms of routing performance, it extends the lifecycle of WSN to 937 rounds, maintaining a stable throughput of 4344 bps and a minimum average delay of 33 ms. Without black hole attacks, the MN is only 37.5 J. Faced with 10 single type black hole attack nodes, its MN decreases by 4.8%, and the packet loss rate is controlled at 9.9%, demonstrating excellent anti-attack performance. This algorithm effectively balances the security and energy efficiency of WSN, and innovative improvements to the core algorithm provide reliable technical support for the efficient and stable operation of WSN, with significant practical application value.

Federated Learning with Adaptive Gradient Compression and Dynamic Aggregation for Privacy-Preserving Small-Sample Data

Leiqian Qi — Thu, 04 Jun 2026 00:00:00 +0200

This paper proposes a federated learning (FL) framework that incorporates adaptive gradient compression and dynamic aggregation to address communication efficiency and data privacy issues in the context of FL with limited sample size and non-IID data distributions in edge devices and resource-scarce environments. This proposed framework incorporates dynamic gradient compression techniques that compress gradients based on their magnitude and variance to ensure high communication efficiency with minimal loss in model accuracy. Meanwhile, the proposed framework incorporates dynamic aggregation techniques that assign different weights to clients based on their reliability to ensure effective model convergence in heterogeneous and scarce data distributions. Data privacy in the proposed framework is ensured through secure aggregation and Differential Privacy (DP) techniques. Experimental results on various datasets, including LEAF, FEMNIST, Reddit, and Shakespeare, show that the proposed framework ensures communication efficiency of over 70%, preserves model accuracy with minimal loss at 1–2%, and achieves 30% faster convergence speed compared to traditional FL techniques. These results show that the proposed framework is applicable in real-world scenarios in mobile edge computing and IoT applications, where communication efficiency and data privacy are significant factors for model convergence and deployment. The combination of gradient compression and dynamic aggregation in FL with strong privacy guarantees makes this framework a powerful tool for model convergence in heterogeneous scenarios.

MCO-IDM: A Network Intrusion Detection Model Based on CMO-BOA and Pareto Frontier Search

Laibing Wang — Thu, 04 Jun 2026 00:00:00 +0200

With the increasingly complex network environment, intrusion detection systems are faced with severe challenges such as high-dimensional feature redundancy, category imbalance and low detection accuracy. Aiming at these problems, this paper proposes a multi-objective and multi-strategy collaborative optimization intrusion detection model (MCO-IDM). The model innovatively integrates multi-objective optimization techniques to simultaneously optimize conflicting objectives such as minimizing the number of features, maximizing detection accuracy and minimizing false alarm rates, and integrates collaborative search strategies such as dynamic adaptive mechanisms and swarm intelligence optimization algorithms (such as CMO-BOA) to achieve efficient trade-offs through Pareto frontier search and weight adjustment. The test results show that on globally public datasets such as KDD CUP99, NSL-KDD and CIC-IDS2017, MCO-IDM achieves the highest accuracy rate of 97.8%, the false alarm rate is reduced to 4.3%, and the training time is controlled within 185.3 seconds. At the same time, it maintains high robustness and scalability under different data scales. These results confirm the effectiveness of the model in feature selection, parameter optimization and multi-policy collaboration, and provide a new scheme with high precision and strong practicability for network intrusion detection.

Energy Data Transaction Privacy Protection Scheme Based on Dynamic Pseudonym and Lightweight zk-SNARKs

Rui Xin, ShaoYing Wang, Xin Lu, YanYan Lu, LiPing Yang, XinYing Wang — Thu, 04 Jun 2026 00:00:00 +0200

In response to the difficulty of balancing privacy protection and system efficiency in energy data trading, this article analyzes the limitations of existing methods: static pseudonym mechanisms can easily lead to long-term identity link risks, traditional zk-SNARKs schemes have high computational overhead, and Raft consensus mechanisms lack robustness in adversarial environments. To address the above challenges, an integrated privacy protection scheme based on dynamic pseudonyms and lightweight zk-SNARKs is proposed. This scheme breaks the temporal correlation of transactions through a dynamic pseudonym generation mechanism, uses blockchain level batch processing proofs to reduce the computational and storage overhead of zero knowledge proofs, and introduces an LSTM based node health assessment model and incremental log synchronization mechanism to enhance the error tolerance and synchronization efficiency of the Raft consensus algorithm. The experimental results show that the proposed scheme outperforms traditional methods in terms of privacy, transaction processing performance, and system availability, effectively achieving a balance between privacy protection and operational efficiency, and providing a feasible technical path for energy data trading.

Data Deduplication Method Based on CSP-DLP Asymmetric Homomorphic Encryption Algorithm for High-Density Scenarios

Thu, 04 Jun 2026 00:00:00 +0200

With the continuous growth of data scale in high-density scenarios such as the Internet of Things and the Internet of Vehicles, the repeated storage and frequent transmission of massive data not only causes waste of computing and storage resources, but also significantly increases the risk of sensitive information leakage. Therefore, this study innovatively proposes a data deduplication method that integrates asymmetric homomorphic encryption and federated learning. First, a novel asymmetric homomorphic encryption algorithm is designed using the conjugate search problem and the discrete logarithm problem. This algorithm ensures the indistinguishability of ciphertext while providing a cryptographic foundation for data comparability in the ciphertext state, resolving the inherent conflict between privacy protection and data deduplication. Based on this, the proposed encryption algorithm is combined with a federated learning framework to construct an efficient data processing flow that supports ciphertext deduplication, achieving secure identification and filtering of redundant privacy data. The experimental findings reveal that the encryption cost of the introduced encryption algorithm under 128-bit security strength is only 62.5% of the traditional Paillier scheme, and the ciphertext size is reduced by about 42.4%. When conducting deduplication testing in Internet of Vehicles scenarios, the proposed method achieves a duplicate detection rate of 97.4% on a million-level dataset. Moreover, under the condition of maintaining full encrypted processing, the storage requirements are reduced by an average of 38.6%, and the cross-node communication overhead is reduced by about 29.4%. In summary, the proposed method combines high security, high detection rate, and low overhead in high-density scenarios, achieving a balance between privacy protection and data deduplication efficiency. This research provides a scalable, deployable and practical engineering value technology path for privacy data management in the Internet of Things, industrial Internet, smart cities and other fields.