Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
6.1
2.6
Journals
Electronics
Special Issues
Security and Privacy in Artificial Intelligence Systems
electronics-logo
Submit to Electronics Review for Electronics Propose a Special Issue

Journal Menu

Journal Menu

Journal Browser

Journal Browser
share announcement

Security and Privacy in Artificial Intelligence Systems

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: closed (15 May 2026) | Viewed by 1243

Special Issue Editors

Dr. Yangfei Lin

E-Mail Website
Guest Editor
School of Informatics and Engineering, University of Electro-Communications, Tokyo 1828585, Japan
Interests: semantic communications; AI security and privacy; trustworthy and robust machine learning; blockchain-based secure data sharing; privacy-preserving communication for IoT, edge, and 6G networks
Dr. Qiong Chang

E-Mail Website
Guest Editor
Department of Computer Science, Science Tokyo, Tokyo 152-8550, Japan
Interests: hardware security; GPU accelerator; high-performance computing

Special Issue Information

Dear Colleagues,

Artificial Intelligence (AI) has become the core engine driving innovation across diverse domains, including autonomous vehicles, healthcare, finance, and next-generation communication systems. However, the rapid deployment of AI introduces new vectors of security and privacy risks: adversarial attacks against models, data poisoning, model inversion, backdoor threats, and privacy leakage from training data. These vulnerabilities not only compromise system integrity but also raise ethical and regulatory concerns for trustworthy AI adoption.

This Special Issue will explore cutting-edge research on security and privacy in AI systems, covering theoretical foundations, algorithmic advances, and practical applications. By focusing on both attack and defense perspectives, as well as privacy-preserving AI frameworks, this Special Issue will provide a comprehensive view of how to build resilient and trustworthy AI ecosystems. Its scope is well aligned with that of Electronics, emphasizing digital technologies, system reliability, and user protection.

In this Special Issue, original research articles and reviews are welcome. Research areas may include (but are not limited to) the following:

  • Adversarial attacks and defences in AI/ML models;
  • Data poisoning, backdoor, and evasion attacks;
  • Federated learning security and privacy;
  • Differential privacy and homomorphic encryption for AI;
  • Blockchain-enabled secure and trustworthy AI;
  • Privacy-preserving data sharing and knowledge extraction;
  • Secure and robust AI for IoT, edge, and 6G networks;
  • Explainable AI (XAI) and its role in system trustworthiness;
  • AI-driven intrusion detection and cyber defense.

We look forward to receiving your contributions.

Dr. Yangfei Lin
Dr. Qiong Chang
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 250 words) can be sent to the Editorial Office for assessment.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • AI security
  • AI privacy
  • adversarial attacks
  • privacy-preserving AI
  • federated learning
  • blockchain
  • trustworthy AI
  • differential privacy
  • secure machine learning
  • robust AI systems

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • Reprint: MDPI Books provides the opportunity to republish successful Special Issues in book format, both online and in print.

Further information on MDPI's Special Issue policies can be found here.

Published Papers (2 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

20 pages, 2635 KB  
Article
Boosting Adversarial Transferability via Region-Wise PCGrad and Margin-Guided Adaptive Weighting for Ensemble Attack
by Jiale Shi, Yafei Song, Chunxiao Yang, Tianpeng Li and Qin Lei
Electronics 2026, 15(9), 1881; https://doi.org/10.3390/electronics15091881 - 29 Apr 2026
Viewed by 261
Abstract
Adversarial attacks have been extensively studied in recent years to investigate the vulnerability mechanisms of deep neural networks and enhance model robustness and security. However, the transferability of adversarial examples across different models remains a fundamental challenge in black-box attacks. Existing ensemble attack [...] Read more.
Adversarial attacks have been extensively studied in recent years to investigate the vulnerability mechanisms of deep neural networks and enhance model robustness and security. However, the transferability of adversarial examples across different models remains a fundamental challenge in black-box attacks. Existing ensemble attack methods primarily aggregate gradient information from multiple surrogate models through simple averaging, failing to consider gradient conflicts and cancellations among heterogeneous models, which results in poor transferability. To address this limitation, we propose a novel ensemble adversarial attack method called Region-wise PCGrad and Margin-Guided Adaptive Weighting Ensemble Attack (RPMGEA). To tackle gradient conflicts, we adopt a region-wise PCGrad method that divides gradient maps into semantically relevant regional blocks for conflict resolution. To address weight allocation issues, we directly measure transferability contributions by evaluating decision boundary changes caused by temporary adversarial examples generated from each model’s gradients across all models, thereby adaptively allocating weights to the models. RPMGEA significantly enhances the transferability of ensemble attacks, achieving average attack success rates of up to 93.7% and 90.4% on conventional and adversarial training models, respectively, and up to 88.9% on defense models, demonstrating superior performance compared to existing state-of-the-art ensemble attack methods. Full article
(This article belongs to the Special Issue Security and Privacy in Artificial Intelligence Systems)
Show Figures

Figure 1

23 pages, 1101 KB  
Article
A Reinforcement Learning-Based Optimization Strategy for Noise Budget Management in Homomorphically Encrypted Deep Network Inference
by Chi Zhang, Fenhua Bai, Jinhua Wan and Yu Chen
Electronics 2026, 15(2), 275; https://doi.org/10.3390/electronics15020275 - 7 Jan 2026
Viewed by 640
Abstract
Homomorphic encryption provides a powerful cryptographic solution for privacy-preserving deep neural network inference, enabling computation on encrypted data. However, the practical application of homomorphic encryption is fundamentally constrained by the noise budget, a core component of homomorphic encryption schemes. The substantial multiplicative depth [...] Read more.
Homomorphic encryption provides a powerful cryptographic solution for privacy-preserving deep neural network inference, enabling computation on encrypted data. However, the practical application of homomorphic encryption is fundamentally constrained by the noise budget, a core component of homomorphic encryption schemes. The substantial multiplicative depth of modern deep neural networks rapidly consumes this budget, necessitating frequent, computationally expensive bootstrapping operations to refresh the noise. This bootstrapping process has emerged as the primary performance bottleneck. Current noise management strategies are predominantly static, triggering bootstrapping at pre-defined, fixed intervals. This approach is sub-optimal for deep, complex architectures, leading to excessive computational overhead and potential accuracy degradation due to cumulative precision loss. To address this challenge, we propose a Deep Network-aware Adaptive Noise-budget Management mechanism, a novel mechanism that formulates noise budget allocation as a sequential decision problem optimized via reinforcement learning. The core of the proposed mechanism comprises two components. First, we construct a layer-aware noise consumption prediction model to accurately estimate the heterogeneous computational costs and noise accumulation across different network layers. Second, we design a Deep Q-Network-driven optimization algorithm. This Deep Q-Network agent is trained to derive a globally optimal policy, dynamically determining the optimal timing and network location for executing bootstrapping operations, based on the real-time output of the noise predictor and the current network state. This approach shifts from a static, pre-defined strategy to an adaptive, globally optimized one. Experimental validation on several typical deep neural network architectures demonstrates that the proposed mechanism significantly outperforms state-of-the-art fixed strategies, markedly reducing redundant bootstrapping overhead while maintaining model performance. Full article
(This article belongs to the Special Issue Security and Privacy in Artificial Intelligence Systems)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-2
Back to TopTop