Collaborative learning faces challenges in the real-world deployment due to the stringent communication and deployment condi- tions, as well as security threats like adversarial attacks and privacy breaches. To facilitate the practical application of collaborative learning, a loose coupling cross-domain collaborative learning platform that balances efficiency and security was designed and implemented. Specifically, a loosely coupled design pattern was employed to achieve the collaborative learning with efficiency and security. A three-tier architecture encompassing cloud, edge, and endpoint collaboration was adopted, addressing the system’s security with regard to the training task legitimacy and isolation, and simultaneously ensuring efficiency and security at the system level. Compared the to centralized artificial intelligence solutions, collaborative learning implemented on this platform exhibited performance improvements of 35.29% and 8.30% in tasks involving the underground business recognition and the malicious traffic detection, respectively. In terms of the defense against adversarial attacks, the model's robustness increased by 570% and 290% in the two tasks after deploying an adversarial training module. Furthermore, the success rate of member inference attacks decreased by 26.33% after deploying a differential privacy module.

With the rapid development of intelligent connected vehicle technologies with electrification, intelligence, and networking, intelligent connected vehicles have exposed more new types of attack surfaces. All types of security challenges are threatening the security of intelligent connected vehicles as one of the key infrastructures in the digital society. This survey aimed to comprehensively review the current research status and development trends in the field of intelligent vehicle security. Firstly, the basic architecture and security standards of the intelligent vehicle networks were introduced, and the security threats faced by intelligent connected vehicles were analyzed in terms of autonomous driving, network communications, software and hardware systems as well as their supply chains, etc. Secondly, the existing network and information security defense strategies as well as testing and verification schemes for intelligent connected vehicles were comprehensively evaluated. Finally, the future research directions in the fields of intelligent vehicle network and information security were forecasted. Through the comprehensive analysis and summary of the issues of intelligent vehicle network and information security and their corresponding solutions as well as the prospect of future research directions, valuable technical references for the construction of security management system and security standard system for intelligent connected vehicles were provided.

Satellite Internet serves as the core of next-generation communication networks, and exhibits several distinctive features, such as blurred internal and external boundaries, globally open networks, and overlapping hostile and friendly spaces. These features inevitably make security issues a focal point in the design and construction of such networks. Firstly, the primary security threats faced by Satellite Internet were analyzed, particularly in terms of network transmission involving nodes, links, and routing, with a special emphasis on novel satellite spoofing attacks. Subsequently, the current states of security technology development were reviewed in the areas of node access authentication, link secure transmission, and network security routing. Finally, the development trends of Satellite Internet security technology were predicted, highlighting the importance of endogenous, systematic, and intelligent Satellite Internet techniques. Furthermore, several key future research directions in Satellite Internet security were suggested, including integrated security protection systems for Satellite Internet, satellite radio frequency fingerprint authentication, cross-layer secure transmission between satellite and ground, location protection for satellite-ground wireless communication, and deterministic mission security execution based on intrinsic security.

In the era of digital transformation, data has become a critical resource for reshaping the individual lifestyles, driving the corporate decision-making, and enhancing the public services, with its commercial and societal value steadily increasing. However, the risks of data leakage, misuse, and privacy invasion have also intensified. As big data integrates more deeply in various fields, how to extract the data value under the premise of protecting user’s privacy has become a central focus for both academia and industry. In response to these challenges, the data security and privacy protection technologies have advanced rapidly, as a key technology of which, privacy computing can offer effective solutions to the tension between secure data collaboration and privacy protection. In this context, the development stages of big data security were reviewed, and the major threats to data security and the future direction of building data security capacity were discussed. The basic concepts, technical routes and research efforts of the privacy computing were presented and the challenges faced in its application were also discussed. The overview of the development history and latest technologies of data security and privacy computing was to provide reference for the future research and to promote the further development and application of the big data security and privacy protection technologies.

The secure storage and retrieval of data are essential for the secure utilization of open big data. However, existing big data storage and retrieval systems struggle to update storage keys and cannot handle both secure storage and efficient retrieval of multi-modal data. To address the issue of storage key update, a storage key update mechanism based on nested encryption was proposed, which supports efficient non-decrypted key update to meet the requirement for regular key rotation in untrusted environments. To solve the problem of index volume expansion, a compressed encrypted multi-set query filter was proposed to support high-density ciphertext indexing of massive data. Aiming at multi-modal data retrieval on encrypted data, a cross-type ciphertext composite association retrieval algorithm was designed to support single-type and cross-type retrieval of multi-modal encrypted data such as text, spatial, and images. Based on the above technologies, a multi-modal encrypted database system was designed, which supported the separation of storage and computing and was compatible with the technical architecture of existing big data services. The existing big data platform can be upgraded through incremental deployment of microservices to ensure system scalability and efficiency. Experimental results show that the key update performance of the proposed storage key update mechanism improve by over 80% compared to the traditional re-encryption mechanism. Compared to the existing plaintext database system, the overall performance loss of the proposed multi-modal encrypted database system in terms of text, space, image, and cross-modal retrieval does not exceed 25%.

With the rapid development of cyberspace, cybersecurity threats are becoming increasingly complex and diverse. Knowledge graphs offer new methods for extracting, integrating, and analyzing multi-source heterogeneous cybersecurity data. In recent years, knowledge graphs have gradually been applied in various cybersecurity subfields, such as threat intelligence, vulnerability management, and attack path analysis, demonstrating vast potential for application. Furthermore, as the application of knowledge graphs deepens, the numerous security issues that knowledge graphs face also deserve significant attention. We to provide a comprehensive overview of the construction and application of Cybersecurity Knowledge Graphs (CKG), as well as the security risks currently faced by knowledge graphs. First, we introduced the construction of CKGs, including related work on cybersecurity ontologies and cybersecurity information extraction. Then we reviewed relevant work on CKGs based on threat intelligence, CKG completion, and specific applications of CKGs. Following this, we explored the current security risks faced by knowledge graphs, covering attacks and defenses against knowledge graphs, as well as privacy protection within knowledge graphs. Finally, we discussed the challenges and future research directions in the field of knowledge graph research for cybersecurity. Through a comprehensive introduction and in-depth analysis of the construction and application of CKGs, as well as the risks and protections associated with knowledge graphs, we can promote application of knowledge graphs in the field of cybersecurity.

Unmanned aerial vehicle (UAV) networks are founded upon the low-altitude airspace and are led by the aviation industry. Driven by the fast development of the low-altitude digital economy, new demands and challenges of enhanced security, high collaboration, and regulatability have been raised in UAV networks. Based on the comprehensive review of current research progress on UAV networks, key security threats and challenges faced by UAV networks were explored from four perspectives: behavioral security, communication security, decision security, and data sharing security. A thorough review of the existing and potential solutions was also provided across various aspects, including dynamic anomalous behavior warning, trusted communication link construction, intelligent defense against network attacks, and cross-domain secure data sharing. Finally, several future directions and trends of the UAV networks were outlined about the integration of the UAV networks with the emerging technologies such as semantic communication, large models, and digital twin.

As the development of onboard computing power and inter-satellite communication technology, the space-ground integrated computing network is expected to solve the issues of response delay caused by optimizing sensing, communication, and computing separately in a multitude of time-sensitive tasks by using the distributed data, onboard computing and communication resources collaboratively. The forthcoming space-ground integrated computing network serving as an integrated network system for providing wide-area information services, involves a significant amount of data interaction. However, its characteristics such as open channels and highly dynamic network topology expose a broad range of vulnerabilities in data sensing, storage, transmission, intelligent processing and service, making the high-value data like remote sensing susceptible to attacks, and thereby threatening the data security and user privacy. To this end, the future technical architecture, key technologies and applications of the space-ground integrated computing network were summarized. Then, the key features and the security issues of data were deeply analyzed. Next, a series of possible countermeasures were further discussed, and the future research directions of data security were prospected.

orbit prediction is crucial for assessing the likelihood of collisions between space objects and for better managing the near-earth space environment. Traditional orbit prediction methods rely on physical dynamic models, which necessitate the modeling of complex space environments and space objects. In reality, the limited understanding of many non-gravitational perturbations restricts the accuracy of orbit predictions. Considering the limitations of traditional orbit prediction methods, we proposed a technique to predict orbits based on the long short-term memory (LSTM) network. This approach leveraged a series of convolutions to extract features from the satellite orbit data over time, uncovering the underlying operational patterns. Experimental results indicated that this method improved the accuracy of satellite orbit predictions and provided a theoretical foundation for improving space situational awareness capabilities.

The Internet of Things (IoT) is a new type of interconnected network composed of a large number of connected objects or devices. The physical objects or sensing devices in the Internet of Things can collect sensitive data generated by the surrounding environment and then exchange and share data information through insecure public channels. Therefore, it is necessary to create secure mediums to protect the confidentiality and integrity of data and prevent attacks from adversaries. In this regard, authenticated key agreement (AKA) protocols can achieve mutual authentication between network communication entities and generate a shared symmetric session key for encrypting future transmitted data. The review of several AKA protocols proposed for Internet of Things application scenarios was presented first. These protocols utilized elliptic curve cryptography or Chebyshev chaotic mapping cryptographic mechanisms as key components of their design. Next, the vulnerabilities and security shortcomings to which these reviewed AKA protocols are susceptible were outlined. Finally, several useful suggestions for designing a secure and efficient AKA protocol were proposed. These recommendations aim to help AKA protocol designers achieve their desired security and functionality features.

With the rapid development of Satellite Internet, how to ensure the security of satellite-to-ground communication has become an inevitable problem. Compared with the traditional key encryption method used for communication security, the new and practical physical layer security technology is a new choice, which makes up many shortcomings of the key encryption method. By making full use of the wireless channel characteristics during the information transmission, it provides a new solution to the existing problem during the security transmission. Focusing on the secure communication model, the actual satellite communication scenario was divided into two situations according to the location relationship, and the physical layer security technologies adopted under different conditions were reviewed from the basic theory. Finally, the future research directions and challenges of the secure communication technology were pointed out.

White-box cryptography aims to provide security in white-box security model or scenario, to replace the hardware-based cryptographic solutions with software implementations, and to reduce the deployment cost and leverage usage flexibility. The white-box security model or security scenario assumes that the attacker can fully control the running environment of a cryptographic implementation and obtain any running information. At present, there are two main research directions on white-box cryptography: one is the design and analysis of white-box implementations of existing cryptographic algorithms, which can be further classified into the design and analysis of white-box implementations with or without external encodings; the other is the design and analysis of white-box cryptography with ideal security. The research progress of the design and analysis of white-box cryptography and implementation was summarized, the widely used white-box cryptanalytic methods were briefed, and the research status on white-box cryptography was summarized.

The global satellite communication industry has entered the era of Satellite Internet development. In the face of complex and ever-changing international political landscapes and increasingly severe cyberattacks, the security of Satellite Internet is of paramount importance. In response to the aforementioned issues, an innovative Satellite Internet network model had been constructed, analyzing the space link security risks posed by the characteristics of Satellite Internet, including the massive user base, open space environment, network interconnection, and highly dynamic network topology. Based on the principle of "adequate protection and comprehensive encryption where necessary", a flexible link layer encryption system for Satellite Internet is designed, which seamlessly adapts to the network architecture, operation mode, application scenario characteristics. Particularly, focusing on the diverse needs of massive Satellite Internet users, the system optimizes the encryption communication protocols. Given the numerous and highly dynamic network nodes of Satellite Internet, the key management function of the link layer encryption system is emphatically designed to ensure secure transmission of the business data and critical management information throughout the Satellite Internet service process, thereby significantly enhancing the security protection level of Satellite Internet space links. This designed system has undergone the practical testing and verification across the entire business process with different data types based on the ChinaSat-26 satellite. The results demonstrate that this encryption system can effectively encrypt the business data and critical information.

White-box attacks assume that the execution device of the encryption algorithm is completely controlled by an attacker, and all the internal data can be observed and tampered with, making the traditional cryptographic algorithms ineffective against such threats. To address the challenges posed by white-box attacks on the block cipher security, white-box cryptography implementations have become a research hotspot. However, the existing white-box cryptography implementations not only struggle to withstand white-box attacks but also are vulnerable to side-channel attacks with more limited capabilities, such as computation analysis and fault analysis. A series of protective strategies have been proposed to counter these threats, but also leading to the development of stronger countermeasures. Currently, side-channel techniques have become the primary challenge during the white-box cryptographic design. The existing attack methods were categorized based on algorithm frameworks and attack types, and the protective strategies along with their corresponding counterattacks were summarized. The threats and challenges currently faced were discussed, and future side-channel attack techniques and defensive solutions were explored.

Fully homomorphic encryption supports direct algebraic operations on encrypted data (ciphertext), with the foundation of its ciphertext evaluation phase involving numerous high-dimensional integer coefficient polynomial ring additions and multiplications. This limits its widespread application in the field of privacy computing. The CPU implementation scheme offers low parallelism for the Number Theoretic Transform （NTT） algorithm calculations. A CPU+GPU heterogeneous fully homomorphic encryption implementation scheme was proposed. Firstly, a cache strategy of data temporarily stored in shared memory was introduced, which stored repeatedly read and unchanging data, including NTT input data and rotation factors, in shared memory to reduce frequent global memory access. Secondly, to address the issue of partially idle threads caused by variable data sizes, it dynamically allocates thread workloads based on data size and hardware resources, adopting butterfly transformation structures of different radices to achieve optimal parallel strategies while enhancing the flexibility of data input. Thirdly, it introduces a single-multi-core mixed invocation mode, dynamically switching the kernel invocation mode based on the group size of butterfly transformations in each NTT iteration, to fully utilize the parallel potential of multi-core invocations on GPU. Finally, it designs and implements a higher parallelism, lower computational complexity NTT algorithm for GPU, uses this algorithm to perform parallel homomorphic multiplication operations, and implements a CPU+GPU heterogeneous CKKS fully homomorphic encryption algorithm based on the HElib library. Experimental results show NTT/INTT computation time is reduced by nearly 65% compared to HElib library using AVX-512 acceleration technology.

With the development of Satellite Internet technology, content delivery network (CDN) with the integrated satellite- terrestrial environment plays a significant role in enhancing the experience of information access and alleviating the stress on the Internet's backbone. However, CDN in Satellite Internet also faces a series of security vulnerabilities. The vulnerabilities of CDN in Satellite Internet were analyzed and the corresponding countermeasures were discussed, delving into the security issues of content distribution in Satellite Internet. Based on this, a series of difficulties to enhance the security mechanism of CDN in Satellite Internet were proposed and the security threats of CDN in Satellite Internet were summarized, providing an outlook for future research directions.

Artificial intelligence (AI) is increasingly being employed in the field of network security, yet the deployment of AI techniques faces significant challenges due to their inherent black-box nature and the complexity of real-world applications. While a variety of platforms and tools have been developed to monitor the security of AI algorithms, merely securing the intelligent algorithms is inadequate to ensure the stable operation of the intelligent systems as a whole due to the influence of the intricate environment within intelligent systems and the coupling between multiple AI algorithms, which presents new changes to their safety. To address these issues, it is essential to monitor the security of intelligent systems in real time during deployment to ensure stable operation. Aiming at the safety monitoring problems faced by intelligent systems, firstly, the definition of security within intelligent systems was clarified, and societal problems that could be traced back to the security challenges of intelligent systems in the real world were identified. Then proceeding from the perspective of complex system theory, the micro and macro behavioral dynamics for intelligent systems along with the corresponding monitoring methods were introduced. Lastly, a case study of monitoring intelligent systems for robot swarm control from the real-world application scenarios was presented, and the potential future research directions were proposed. The development and research into theories and methodologies for monitoring the safety of intelligent systems are crucial for effectively identifying and preemptively discovering the potential risks and security flaws during the deployment phase, which serves as a vital component in achieving trustworthy AI algorithms and is of significant importance in realizing safe AI.

Voice communication has become an indispensable part of daily life, but the privacy data it contains, such as semantic content and voiceprints, faces significant risks of leakage. A real-time voice data privacy protection method for real-time communication, addressing privacy concerns from both semantic content and voiceprint perspectives was proposed. The method utilizes speech recognition technology to perform semantic content desensitization in the text domain. Detecting sensitive information by calculating the similarity between text embedding vectors, on this basis, users can specify sensitive words to achieve personalized privacy protection. Additionally, this approach combines semantic content desensitization algorithms that replace sensitive content with secure words using both semantic similarity and random characters. It employs deep learning-based speech synthesis technology and voice engines to anonymize the voiceprint features of audio data. Experimental results demonstrate that the method allows for the selection of semantic desensitization and voiceprint anonymization based on privacy levels and time constraints. Notably, when the time required to obtain speech recognition results is between 30% to 50% of the original time, this method effectively balances recognition accuracy and time overhead.

With the rapid development of the Internet of Things (IoT) technology, billions of devices are interconnected through networks, and IoT security issues are becoming increasingly prominent. Especially with the advancement of quantum computing technology, traditional cryptographic algorithms are facing unprecedented security threats. The traditional public key encryption algorithms relied upon by IoT devices may become ineffective in the era of quantum computing, posing significant risks to IoT applications worldwide. As a new cryptographic system to resist quantum computing attacks, post quantum cryptographic algorithms play a crucial role in the security of IoT devices. However, although post quantum cryptography algorithms can theoretically resist the threat of quantum computing, the risk of side channel attacks (SCA) in their practical implementation cannot be ignored. Side channel attacks do not rely on the cracking algorithm itself, but instead undermine security by analyzing the physical information leaked by IoT devices when running encryption algorithms. In this context, a mask conversion scheme called boolean to arithmetic conversion (B2A) is reviewed to address the issue of side channel attack mask protection in post quantum cryptography algorithms. Through in-depth analysis of existing masking techniques, the principle, implementation process, and advantages of B2A method in resisting side channel attacks are elaborated in detail, providing ideas for the secure implementation of post quantum cryptography algorithms in IoT devices and references for research and development in the field of cryptography in China.

The rapid development of the low-altitude intelligent network (LAIN) significantly enhances its applications in smart transportation, environmental monitoring, and public security, driving the growth of the low-altitude economy. However, the increasing number of unmanned aerial vehicle (UAV) and other aerial devices introduces substantial challenges. These include the diversity and complexity of data sources, information heterogeneity, the need for real-time processing, and escalating security risks, which pose critical barriers to the efficient operation and secure management of LAIN. To address these challenges, the design and implementation of a security situation cognitive system was presented that could efficiently integrate multi-source data and support real-time analysis and risk warning. The system first analyzed the heterogeneity of data sources in LAIN and proposed effective strategies for data collection and preprocessing. It incorporated a multi-dimensional data fusion framework, leveraging the multi-access devices to achieve efficient data integration and unified representation. Utilizing the advanced threat detection technologies, the system realized real-time risk identification and prediction. Its effectiveness was demonstrated through applications such as UAV trajectory prediction and dynamic risk assessment in complex airspace management scenarios. Finally, the challenges the system faced during implementation were discussed and the insights into future research directions were provided to further enhance the security and intelligence capabilities of LAIN.

The rapid development of mobile network has created new development opportunities for many fields. Mobile edge computing (MEC) has attracted much attention on its widespread applications in the smart city vehicular networks due to its unique advantages. However, the increasing number of vehicular users has led to several challenges, such as network channel resource shortage, high latency, and excessive energy consumption, significantly reducing the data transmission efficiency. Therefore, an unmanned aerial vehicle (UAV)-empowered task offloading scheme was proposed for the smart city vehicular networks. By integrating the semantic communication with multiple access, multiple vehicular users could simultaneously access the network and extract semantic information for uploading to UAV, thereby enhancing the data transmission efficiency. At the same time, the game incentive mechanism was introduced to enhance the effectiveness of each participant. The simulation results showed that compared with the traditional baseline scheme, the proposed scheme could significantly improve the overall utility of the system.

DoH utilizes the encrypted HTTPS connections to conceal the traffic of DNS queries and responses, addressing security concerns in traditional DNS. However, attackers also leverage this feature to carry out the DoH tunneling attacks. Currently, the DoH tunnel traffic detection methods mainly involve the detection approaches based on TLS fingerprint and the machine learning approaches based on bidirectional flow features. Nevertheless, these approaches are unsuitable for backbone networks due to the widespread use of asymmetric routing in such scenarios, as well as the changeable nature of TLS fingerprints. To address these issues, a unidirectional flow feature-based detection method for DoH tunnel traffic was proposed specifically tailored for backbone networks. The method could rapidly extract the concise traffic features from unidirectional flows and construct a detection model using machine learning. The performance of three classifiers was evaluated with the XGB algorithm demonstrating the best performance. Even when attackers increased the query intervals to evade detection, the performance metrics of the XGB classifier remained above 99.75%. The proposed method had faster feature extraction speed than comparable methods while with a similar detection accuracy. In summary, this method could quickly and effectively detected the DoH tunnel traffic in backbone networks.

The evolution of low earth orbit (LEO) satellite networks has introduced an innovative paradigm for achieving the continuous, seamless and global coverage. In the dynamically complex environment of LEO satellite networks, intelligent and efficient resource management strategies are crucial given the limited resources. Focusing on the resource management issues of LEO satellite networks, the integration of intent-driven networking with the resource management of LEO satellite networks was considered. Firstly, a heterogeneous resource management model for LEO satellite networks was established. Subsequently, an intent-driven resource management framework was designed to enhance the utilization of limited resources and to meet the diverse needs of various tasks. Then, heterogeneous resource management strategies were employed to address the resource management issues. Finally, the application of this architecture was illustrated in a specific scenario. The simulation results showed that compared to the traditional resource management architecture, the intent-driven resource management architecture could effectively improve the task benefits and efficiency.

With the booming development of low-altitude economy and unmanned aerial vehicle (UAV) technology, the deep learning based object detection model has been widely used in the field of UAVs, however, with potential security threats in practical deployment. Distinguished from the traditional image classification, the object detection model additionally generates and returns a set of labeled bounding boxes on the basis of identifying objects. Utilizing this feature, a covert backdoor attack framework for object detection model was proposed. Different from the traditional backdoor attack methods that only embed specific trigger features in images, the proposed new framework precisely matched the object categories of images with bounding box labels firstly. Then, based on the matching results, the data and labels were selectively poisoned according to the image scaling principle, achieving high stealthiness of backdoor implantation. Finally, the experimental results demonstrated that the proposed backdoor attack method was with high attack success rate on the real datasets.

The standardization and deployment applications of the secure DNS protocol DNS-over-HTTPS (DoH) have brought DoH tunnels to the forefront as a new insidious network threat. Screening potential tunneling traffic among the large-scale DoH service traffic in the cloud network environments requires both computational efficiency and accuracy. Aiming at the low feature efficiency and high computational complexity of the current machine learning-based DoH tunnel detection algorithms, a set of packet block length features was designed and a low-dimensional fast DoH tunnel detection method was proposed based on the max-Relevance and Min-Re-dundancy(mRMR)feature screening algorithm and the random forest algorithm. The features greatly contributing to the DoH tunnel detection task were selected through feature screening and a random forest classifier was used in the DoH tunnel detection task in the proposed method. Experimental results showed that this method achieved a comparable accuracy to other algorithms with using 24 to 34 features, even with using only 10 features. This could effectively reduce the computational complexity of the deployed applications and better adapt to the application scenarios of the large-scale DoH service traffic analysis.

With the rapid development of the low-altitude economy, the construction of communication, navigation, and surveillance infrastructure is accelerating, making the assurance of safe and orderly low-altitude operations a critical task. As the core technical support of the low-altitude supervision and management, the security of low-altitude surveillance networks directly affects the operational efficiency and stability of low-altitude airspace. It is essential to conduct an in-depth analysis of the security of the low-altitude surveillance networks, identifying potential risks and providing guidance for future system design and construction. Firstly, the current development situation of low-altitude surveillance networks was introduced, revealing the challenges in the process of low-altitude management and technology implementation. Secondly, the equipment and data assets for cooperative target surveillance and 5G-A (5G-Advanced)-based non-cooperative target perception architectures were identified, and the current research progress on cybersecurity attacks targeting these assets both domestically and internationally was discussed. Subsequently, a detailed analysis of the potential security threats posed by data security issues to low-altitude surveillance capabilities was presented, followed by an exploration of the future research directions in low-altitude surveillance security.

As the primary avenue for information retrieval, social media increasingly grapples with the issue of fake news. A key challenge in fake news detection is ensuring models can promptly respond to emerging events and complete detection tasks within a limited timeframe. This necessitates models with efficient real-time capabilities and rapid adaptation to new events. Meanwhile, the development of multimodal fake news detection technology as a crucial future direction also merits attention. Addressing these challenges, a multimodal fake news detection model, ADSCL was proposed. Leveraging convolutional neural networks, the model extracts semantic features from text and images, integrating them through a multi-layered joint attention mechanism. To meet the demand for timely responses to new events, the model introduces generative adversarial networks and contrastive learning to extract transferable features from extensive data, enhancing generalization capability. Furthermore, adversarial training enhances model robustness. Experimental results demonstrate that the ADSCL model effectively enhances the capability of fake news detection, validating the superiority of multimodal fusion and adversarial methods in news verification tasks.

In the context of the continuous development of modern communication technologies, the satellite communication plays a crucial role in global information transmission. However, the communication security and the timeliness of information are always key issues that urgently need to be addressed. The information freshness of covert communication in a satellite-terrestrial system consisting of a satellite transmitter Alice, a terrestrial full-duplex receiver Bob, and a terrestrial warden Willie, was taken as the object of the study. Particularly, Alice tried to transmit the covert information to Bob under the detection of Willie, while Bob emitted jamming signals to confuse Willie simultaneously. Therefore, a theoretical model was provided for the average age of information (AoI) of Bob and the covert constraint of Willie. This model considered the impact of various interferences and noises during the communication process, providing a solid theoretical basis for analyzing system performance. Based on the theoretical model, a optimal transmit power of Alice was drived to minimize the average AoI with the constraint of covertness requirement. By optimizing the transmission power, Alice is capable of ensuring the maximum the freshness of information while minimizing the delay in information transmission under the precondition of covert communication. Subsequently, numerical simulations were carried out to verify the accuracy of the theoretical model, and the impacts of transmission power and interference power on the concealment and average AoI were analyzed. Finally, the numerical results showed that the balance between concealment and AoI could be effectively achieved by reasonably adjusting the transmission and jamming power.

Satellite-assisted Unmanned Device Networks (SUNets) integrate satellite communication, unmanned devices, ground support facilities, and cloud computing to achieve wide-area connectivity in agricultural production. However, the security issues introduced by the wide-area coverage and complex multi-layered communication structure of SUNets have not been thoroughly researched in the agricultural field. The future "cloud-network-end" agricultural architecture based on SUNets is systematically reviewed, and the specific application cases of future agriculture under the wide-area coverage of SUNets are explored, focusing on cross-regional agricultural machinery scheduling and field management. Additionally, the collaborative security and the security issues caused the data transparency, transmission path complexity, and the dynamic nature of the network environment within the SUNets architecture are summarized. The paper aims at investigating the architectures, applications, and security challenges of future agricultural SUNets, providing a reference for future research to fill the gaps in SUNets about agriculture.

Nowadays, data owners often need to provide the data they have collected to other organizations for data analysis. To prevent the leakage of users' private information, data is typically anonymized before being published or shared, ensuring a certain level of privacy protection. Therefore, measuring the privacy protection level of published data is an important research topic. In previous studies, there has been a lack of sufficiently general methods to accurately measure the privacy protection level of published data. A method to measure the privacy protection level of published data was proposed. The method primarily uses conditional entropy and mutual information to measure the difference between the data before and after processing. The results are then substituted into a formula to obtain an accurate privacy protection level, ultimately calculating a number between 0 and 1 to precisely indicate the privacy protection level of the data. Finally, this method was applied to real datasets. After anonymizing the datasets to meet commonly used privacy models, the privacy protection level of each attribute was measured under different privacy models, thereby demonstrating the practicality of the method.

The social interaction functions provided by mobile social applications (apps) allow users to easily obtain the personal information of other users, thereby promoting cross-user privacy sharing. According to the data minimization principle stipulated in relevant laws and regulations, the personal information shared by the application should be limited to the minimum scope necessary to the display function. Therefore, personal information not stated in the privacy policy and not displayed on the user interface shall not be shared. However, security communities barely pay attention to the compliance of cross-user privacy sharing. Therefore, an automated compliance detection system was designed to use privacy policies and user interfaces as the basis for determining whether the data minimization principle is met in cross-user privacy sharing behaviors. According to the compliance inspection results of 509 mobile social apps, which each app is dynamically tested for 20 minutes, a total of 101 unique violations of privacy sharing behaviors was found in 47 mobile apps, involving 18 types of user privacy data. Through manual verification, it was confirmed that 91.09% violations of privacy sharing behaviors actually exist. Experimental results show that the system performs well in both precision and recall compared to previous work.

When automatically detecting defects in insulator images by unmanned aerial vehicle (UAV) , the frequent use of the attention module by the detection algorithm leads to large model parameters and poor real-time performance. In order to realize lightweight and high-accuracy UAV intelligent inspection, a vision transformer (ViT) based UAV insulator defect detection model based on DEtection TRansformer (UID-DETR) was proposed. Firstly, the proposed fast re-parameterization module (FREP) utilized the partial convolution (PConv) and re-parameterization convolution (RepConv) to reduce redundant computations and extract spatial features efficiently. Secondly, the efficient intra-scale interaction module (EISI) was designed for enhancing the interaction of high-level features. Thirdly, the complementary integration of high-level and low-level semantic information was realized by the feature fusion strategy of static fusion (STF) and dynamic fusion (DYF). Extensive experimental results verified the effectiveness of the proposed method on open-source synthetic foggy insulator dataset (SFID) and self-made insulator dataset (SID).

Obfuscation of the web traffic is a common tactic used by many illicit online communications to circumvent monitoring, making the effective web traffic recognition crucial for cyberspace protection. In the field of network traffic recognition, the deep learning technology has become a key to break through the limitations of traditional methods and to enhance the recognition accuracy. A method for the obfuscated encrypted web traffic recognition based on the denoising dynamic window recurrent neural network (DDWRNN) was proposed, aiming to efficiently identify the obfuscated encrypted web traffic. Firstly, leveraging the denoising and feature extraction capabilities of denoising autoencoders (DAE), the robust deep spatiotemporal features were effectively extracted from the traffic data. Subsequently, the designed dynamic window recurrent neural network captured the dynamic features of traffic across various time scales using its multi-scale dynamic temporal windows. Experimental results showed that the average recognition accuracy of the proposed method reached 95.7% for the obfuscated encrypted web page traffic. Compared to other machine learning and deep learning approaches, the proposed method not only showed an improvement of the recognition accuracy but also demonstrated strong capabilities to handle the complex traffic patterns and to adapt to the dynamically changing network environments.

With the rapid development of Internet of Things (IoT) technology, the unmanned aerial vehicle (UAV)-assisted edge computing has become crucial for enhancing data processing capabilities and model performance. However, the limited computational and storage capacities of UAV nodes constrain the quality of local models, making them insufficient to support the neural network training tasks effectively. To address this challenge, introducing a federated learning mechanism to construct UAV swarms has proven to be an effective solution. Nevertheless, this approach involves trade-offs between the system availability and the privacy protection, which make poisoning attacks more effective and harder to detect. Traditional aggregation defense mechanisms mitigate the threat of poisoning attacks by introducing similarity or gradient contribution evaluation to filter out malicious gradients. However, the emergence of adaptive poisoning attacks in recent years has rendered such defenses less effective. To better counter the model poisoning attacks, a hierarchical clustering-based aggregation algorithm was proposed. By processing gradients in a bottom-up manner, the algorithm enhanced the UAV swarm’s robustness against various types of poisoning attacks. Experimental evaluations on three commonly used datasets demonstrated the effectiveness of the proposed method across different attack scenarios. Compared with existing approaches, the proposed method improved the average defense success rate by 11.25% and increased the model accuracy by an average of 2.8%.

Unmanned aerial vehicle (UAV) faces the risk of data leakage and malicious attacks when collecting and transmitting data. Differential privacy technology can provide privacy protection in the communication process. However, the traditional differential privacy mechanism has the problem of poor privacy protection and data utility loss when dealing with the high dimensional or complex data in UAV communications. To solve these problems, a novel matrix differential privacy protection method named matrix Gaussian mechanism (MGM) was proposed. MGM provided privacy protection in matrix data by introducing structured noise, while using matrix covariance structure to control the direction of noise addition to minimize the data utility loss. Compared with the traditional methods, MGM could adjust the noise distribution more flexibly, improve the efficiency of privacy protection, and maintain the structural characteristics of data in the multidimensional data space. Experimental results showed that the proposed method could effectively protect data privacy with improving the efficiency of UAV communications as well as the adaptability and scalability of model training.

Industrial control systems (ICS) are the nerve centers of critical national infrastructure, including petroleum, petrochemicals, intelligent manufacturing, electricity, water resources, and transportation. These systems are closely linked to people’s lives, social economy, and national security, and have increasingly become high-value targets for hacker ransomware attacks. The widespread application of ICS, the diversity of their equipment, the lack of information security considerations in early design, and their characteristics such as high availability, control timing, and long life cycles, expose ICS to significant cybersecurity risks. In recent years, ransomware attacks targeting industrial enterprises have attracted wide attention. Given the enormous threat posed by ransomware to ICS enterprises, this study investigates information and data on ransomware attacks involving ICS. First, typical cases of ransomware attacks on ICS in recent years were analyzed, followed by an in-depth examination and summary of the key technologies involved in each phase of the attack process. Then, the characteristics and shortcomings of existing ICS ransomware models were discussed, and a new ransomware model for ICS was proposed. Subsequently, defense measures against ransomware in ICS were reviewed, and finally, recommendations were provided for future research on the detection and defense of ransomware attacks targeting ICS.

The development of the Internet of Things (IoT) has significantly improved people’s lives and productivity. In this process, deep neural network models play a crucial role in data processing and intelligence within IoT. To prevent unauthorized use of models, model watermarking has been emerged as an effective means of copyright protection. Model owners can embed specific watermark behaviors into the models before release and detect the watermark behaviors to identify potential pirated models. However, adversaries can use low-cost methods to remove watermarks with minimal impact on model performance, thus evading copyright verification. To address this problem, an innovative robust model watermarking method based on adversarial simulation was proposed. The method optimized a set of watermark samples to ensure that the watermark samples could trigger the watermark behaviors even after undergoing watermark removal attacks. Specifically, by analyzing the common characteristics of watermark removal attacks, a watermark removal simulator was constructed to mimic these attacks and a clean model simulator was constructed to emulate the model’s performance without watermarks. These simulators were used together to guide the optimization of the watermark samples. Experiments were conducted on CIFAR-10 and CIFAR-100 datasets. The results show that the proposed robust model watermarking method exhibits strong resistance to various watermark removal attacks, demonstrating its effectiveness and practicality.

The development of unmanned aerial vehicle (UAV) enabled communication faces challenges of both security and efficiency. A futuristic yet important problem faced by the current UAV-enabled communication was explored how could we make UAVs as energy efficient as possible while maintaining the communication secrecy? To solve this problem, a secrecy energy efficiency maximization (SEEM) solution for advanced dual-UAV-enabled secure communication systems was proposed. In such systems, a source UAV ensured secured information transmission with the assistance of a jammer UAV. In order to establish the optimal trade-off between security and efficiency, maximal secrecy energy efficiency (SEE) for dual-UAV enabled secure communications was seeked. Solving the issue optimally was challenging because of its non-convexity and imprecise locations of eavesdroppers. Based on the successive convex approximation (SCA) and S-procedure techniques, the SEEM solution was designed for optimizing the trajectory of source and jammer UAVs in this situation. The simulation results demonstrated that the proposed solution could establish a substantially greater SEE than other benchmark solutions for dual-UAV-enabled secure communication systems. Consequently, the proposed solution could focus on both transmission covertness and energy efficiency for dual-UAV-enabled secure communications.

Structural characteristics are one of the important bases for inferring device categories and models. However, because Wi-Fi networks are encrypted in various ways such as WPA/WPA2, WPA-PSK/WPA2-PSK, WEP, etc., existing hidden camera identification methods based on wireless traffic characteristics are difficult to extract structural characteristics from encrypted data. To solve this problem, a hidden camera identification method CEASE based on the GoP（Group of Pictures）features was proposed. The proposed method first employed a nearest neighbor time interval contrast strategy to recover lost packets. Then, it constructed GoPs based on the principles of camera video encoding and transmission, extracting feature vectors using aggregation functions on these GoPs. Finally, the LightGBM method was applied for training and to infer device categories and models. Extensive experiments were conducted on substantial real-world traffic data, with comparisons made against representative methods in recent years. The results demonstrated that compared to DeWiCam and ScamF, which used manually crafted features, the proposed method improved device category recognition accuracy by 4.2% and 3.4% respectively, and camera model recognition accuracy by 32.9% and 38.4% respectively. When compared to Lumos, another method that extracted aggregated features across multiple windows, the device category recognition accuracy was improved by 1.6%, and the camera model recognition accuracy was enhanced by 8.3%.

The Internet of Things (IoT) is a crucial infrastructure for data storage and management, involving personal privacy, corporate interests, and national security. The challenge in achieving trustworthy IoT data rights confirmation, secure auditing, and traceability lies in the management of data objects. An ontology-based multi-dimensional IoT data security labeling method was proposed, with a definition of IoT data security labels being provided. Based on the concept of ontology, semantic feature libraries and sensitive feature libraries were constructed, and algorithms for extracting physical fingerprints, semantic fingerprints, and sensitive point fingerprints of data were designed. A method for generating IoT data security labels was established, and the proposed algorithms and protocols were simulated and tested to verify the uniqueness, simplicity, efficiency, unidirectionality, and authenticity of the proposed IoT data security labeling method.