Search Results (237)

With the proliferation of edge computing in IoT and smart security, there is a growing demand for large-scale encrypted traffic anomaly detection. However, the opaque nature of encrypted traffic makes it difficult for traditional detection methods to balance efficiency and accuracy. To address this challenge, this paper proposes FMTF, a Multi-Scale Feature Fusion method based on Federated Learning for encrypted traffic anomaly detection. FMTF constructs graph structures at three scales—spatial, statistical, and content—to comprehensively characterize traffic features. At the spatial scale, communication graphs are constructed based on host-to-host IP interactions, where each node represents the IP address of a host and edges capture the communication relationships between them. The statistical scale builds traffic statistic graphs based on interactions between port numbers, with nodes representing individual ports and edge weights corresponding to the lengths of transmitted packets. At the content scale, byte-level traffic graphs are generated, where nodes represent pairs of bytes extracted from the traffic data, and edges are weighted using pointwise mutual information (PMI) to reflect the statistical association between byte occurrences. To extract and fuse these multi-scale features, FMTF employs the Graph Attention Network (GAT), enhancing the model’s traffic representation capability. Furthermore, to reduce raw-data exposure in distributed edge environments, FMTF integrates a federated learning framework. In this framework, edge devices train models locally based on their multi-scale traffic features and periodically share model parameters with a central server for aggregation, thereby optimizing the global model without exposing raw data. Experimental results demonstrate that FMTF maintains efficient and accurate anomaly detection performance even under limited computing resources, offering a practical and effective solution for encrypted traffic identification and network security protection in edge computing environments. Full article

In the practice of enterprise data security governance, document AI has emerged as a mission-critical component that seeks to underpin the prevention of document leakage via automatic accurate classification and identification of sensitive content. Arising from this, a need to bring document classification benchmark closer to real-world engineering applications is highlighted. This paper identifies the lack of public datasets for native multi-modal hybrid document classification and, accordingly, proposes the dataset DocCLS_NMMH (Native Multi-Modal Hybrid Document Classification) along with its out-of-distribution (OOD) test subset. An experimental study on the proposed dataset demonstrates that current benchmarks have become irrelevant and need to be updated to evaluate native multi-modal hybrid documents. Meanwhile, accuracy degradation in heterogeneous documents and few-shot scenarios is assessed, as all of these are prevalent in the practice. The experimental results demonstrate that LayoutLM achieves a state-of-the-art (SOTA) performance with 98.66% accuracy on DocCLS_NMMH, with only approximately 7% accuracy degradation on its OOD test subset, while training-free models (Qwen2.5-VL-32B and Gemma3-27B) consistently achieve over 95% accuracy across the full dataset. The SOTA performance of these models on our benchmark provides an effective guidance for model selection in real engineering applications. Full article

The development and utilization of unconventional shale oil and gas have enhanced the resilience of global energy security. Hydraulic fracturing is the primary method for enhancing unconventional shale oil and gas extraction. Previous studies have predominantly employed homogenized geomechanical models to simulate fracture propagation in rock masses. However, bedding planes and inhomogeneous mineral distributions introduce mechanical anisotropy in shale, rendering conventional homogenized models insufficient for accurately representing hydraulic fracturing in real reservoirs. For this, millimeter-scale indentation testing was employed to systematically quantify the depth-dependent distribution of mechanical parameters across varying bedding orientations, using fragmented shale samples obtained from the Qingshankou Formation of the Songliao Basin, northern China. Then, hydraulic fracturing simulations were performed using the mechanical properties derived from the indentation tests. The key findings include: (1) The elastic modulus of the Qingshankou Formation shale reservoir exhibits significant anisotropic properties in both the depth and bedding orientations. The elastic modulus measured parallel to bedding (10.23–65.08 GPa) is 28% higher than that measured perpendicular to bedding (9.60–47.24 GPa) due to shale bedding anisotropy. The mineralogical composition predominantly governs the depth-dependent anisotropy, with an elevated brittle mineral content increasing the elastic modulus and a higher clay content reducing it. (2) The simulation results reveal that the depth-dependent anisotropy of elastic modulus induces asymmetric hydraulic fracture propagation, with the fractures preferentially extending along the orientations exhibiting a higher elastic modulus. This behavior arises due to the enhanced brittleness and reduced deformation resistance of high-modulus rocks, facilitating fracture advancement. The study offers critical insights for hydraulic fracturing design and operational implementation in bedded shale reservoirs. Full article

Textual content faces escalating security threats regarding copyright infringement, tampering, and unauthorized distribution. Text watermarking offers a vital defense mechanism by embedding imperceptible identifiers for source tracking and anti-counterfeiting. However, unlike general image watermarking, protecting text is uniquely challenging due to its highly discrete structure and low pixel redundancy, where even minute perturbations can compromise legibility. Over the past three decades, a wide range of text watermarking techniques have been proposed to address these challenges. While recent research has heavily favored semantic-based watermarking driven by Large Language Models (LLMs), these approaches are often inapplicable to high-stakes scenarios requiring strict content integrity and visual fidelity, such as legal documentation and artistic font protection. Addressing this gap, this paper presents a comprehensive survey of semantic-preserving text watermarking methods developed in recent years, with a particular focus on image-based, font-based, and format-based techniques. We propose a unified classification framework to systematically analyze these approaches, examining their methodological principles, robustness, embedding capacity, and imperceptibility. By clarifying the core characteristics and limitations of existing techniques, this survey aims to provide a structured technical reference for researchers and practitioners, facilitating the advancement of secure, robust, and scalable text protection technologies. Full article

The Internet of Things (IoT) has transformed modern life through interconnected devices enabling automation across diverse environments. However, its reliance on legacy network architectures has introduced significant security vulnerabilities and efficiency challenges—for example, when Datagram Transport Layer Security (DTLS) encrypts transport-layer communications to protect IoT traffic, it simultaneously blinds intermediate proxies that need to inspect message contents for protocol translation and caching, forcing a fundamental trade-off between security and functionality. This paper presents an architectural solution based on the Recursive InterNetwork Architecture (RINA) to address these issues. We analyze current IoT network stacks, highlighting their inherent limitations—particularly how adding security at one layer often disrupts functionality at others, forcing a detrimental trade-off between security and performance. A central principle underlying our approach is the role of structural symmetry in RINA’s design. Unlike the heterogeneous, protocol-specific layers of TCP/IP, RINA exhibits recursive self-similarity: every Distributed IPC Facility (DIF), regardless of its position in the network hierarchy, instantiates identical mechanisms and offers the same interface to layers above. This architectural symmetry ensures predictable, auditable behavior while enabling policy-driven asymmetry for context-specific security enforcement. By embedding security within each layer and allowing flexible layer arrangement, RINA mitigates common IoT attacks and resolves persistent issues such as the inability of Performance Enhancing Proxies to operate on encrypted connections. We demonstrate RINA’s applicability through use cases spanning smart homes, healthcare monitoring, autonomous vehicles, and industrial edge computing, showcasing its adaptability to both RINA-native and legacy device integration. Our mixed-methods evaluation combines qualitative architectural analysis with quantitative experimental validation, providing both theoretical foundations and empirical evidence for RINA’s effectiveness. We also address emerging trends including AI-driven security and massive IoT scalability. This work establishes a conceptual foundation for leveraging recursive symmetry principles to achieve secure, efficient, and scalable IoT ecosystems. Full article

In grain storage and transportation, biological activity, including respiration and metabolism, generates heat, creating temperature gradients that can induce moisture migration and form high-humidity areas. This accelerates fungal and insect activity, leading to quality degradation. Long-term, distributed temperature monitoring inside grain piles is essential for ensuring safe storage and early risk warning. Radio Frequency Identification (RFID) technology has become widely adopted in storage temperature monitoring due to its low cost, maintenance-free operation, and high security. However, traditional RFID systems have limited communication ranges, and the large size of storage facilities necessitates the deployment of multiple readers, which increases costs. Additionally, the high density and fluctuating moisture content of bulk grain lead to significant RF signal absorption and scattering, weakening the accessibility of purely wireless systems to deeper parts of the grain pile. To address these issues, a passive distributed temperature monitoring system based on RFID technology is proposed. The system utilizes RFID readers to harvest RF energy for passive power supply, with an external antenna ensuring stable energy harvesting and data transmission. Single-bus multi-point temperature sensor modules are integrated into the system, enabling distributed temperature measurements across grain piles or warehouses. Experimental results show that the system achieves a temperature collection success rate of 98%, with an accuracy of ±1 °C and a polling cycle of less than 30 s, providing a low-cost, battery-free, and scalable solution for grain storage monitoring, significantly improving storage quality. Full article

Blockchain technology, with its characteristics of decentralization, immutability, auditability, and traceability, has gradually become a core infrastructure in the digital economy era, demonstrating great potential in fields such as finance, government services, and the Internet of Things (IoT). However, as the scale of blockchain networks expands and data volumes surge, issues such as full-node storage redundancy, limited transaction throughput, and inefficient synchronization of historical data have become increasingly prominent, severely restricting the large-scale application of blockchain systems. The storage scalability problem faced by blockchain is therefore becoming more critical. To address the challenge in which on-chain storage expansion still cannot meet the demand for large-scale data storage, a storage method combining the InterPlanetary File System (IPFS) with blockchain, referred to as IPFS-BC, is proposed. In IPFS-BC, large-scale raw data are stored in the decentralized and content-addressable IPFS network, while the blockchain only retains the unique content identifier (CID) hash and related metadata. Through smart contracts enabling dynamic permission management and fine-grained access control, efficient interaction and collaborative storage between on-chain and off-chain systems are achieved. In this work, file upload simulation experiments were conducted, and two evaluation indicators—storage space consumption and storage performance (file read/write time and speed)—were used to compare three storage approaches: Distributed Hash Table (DHT)-based off-chain storage, Financial Blockchain Shenzhen Open Source (FISCO BCOS) on-chain storage, and the IPFS-BC on-chain/off-chain collaborative storage model. Experimental results show that the IPFS-BC model reduces storage space consumption by approximately 75% compared with FISCO BCOS blockchain storage when storing file data, significantly decreasing data redundancy. Moreover, IPFS-BC ensures system security during the on-chain process, and through the automated management and auditing provided by smart contracts, it effectively enhances system security and realizes scalable on-chain/off-chain collaborative storage. Full article

The widespread distribution of digital videos in social networks, streaming services, and surveillance systems has increased the risk of manipulation, unauthorized redistribution, and adversarial tampering. This paper presents a lightweight deep learning framework for robust and imperceptible video watermarking designed specifically for cybersecurity environments. Unlike heavy architectures that rely on multi-scale feature extractors or complex adversarial networks, our model introduces a compact encoder–decoder pipeline optimized for real-time watermark embedding and recovery under adversarial attacks. The proposed system leverages spatial attention and temporal redundancy to ensure robustness against distortions such as compression, additive noise, and adversarial perturbations generated via Fast Gradient Sign Method (FGSM) or recompression attacks from generative models. Experimental simulations using a reduced Kinetics-600 subset demonstrate promising results, achieving an average PSNR of 38.9 dB, SSIM of 0.967, and Bit Error Rate (BER) below 3% even under FGSM attacks. These results suggest that the proposed lightweight framework achieves a favorable trade-off between resilience, imperceptibility, and computational efficiency, making it suitable for deployment in video forensics, authentication, and secure content distribution systems. Full article

The rapid digitization of library resources has intensified the need for robust digital-rights management (DRM) mechanisms to safeguard copyright, control access, and preserve user privacy. Conventional DRM approaches are often centralized, prone to single-point-of-failure, and are limited in transparency and interoperability. To address these challenges, this article puts forward a decentralized DRM framework for library systems by leveraging blockchain technology and decentralized DRM-key mechanisms. An integrative review of the available research literature provides an analysis of current blockchain-based DRM library systems, their limitations, and associated challenges. To address these issues, a controlled experiment is set up to implement and evaluate a possible solution. In the proposed model, digital content is encrypted and stored in the Inter-Planetary File System (IPFS), while blockchain smart contracts manage the generation, distribution, and validation of DRM-keys that regulate user-access rights. This approach ensures immutability, transparency, and fine-grained access control without reliance on centralized authorities. Security is enhanced through cryptographic techniques for authentication. The model not only mitigates issues of piracy, unauthorized redistribution, and vendor lock-in, but also provides a scalable and interoperable solution for modern digital libraries. The findings demonstrate how blockchain-enabled DRM-keys can enhance trust, accountability, and efficiency through the development of secure, decentralized, and user-centric digital library systems, which will be of interest to practitioners charged with library IT technology management and to researchers in the wider field of blockchain applications in organizations. Full article

We statistically examine the global distribution of free content websites (FCWs) by analyzing their hosting network scale, cloud service provider, and country-level presence, both in aggregate and across specific content categories. These measurements are contrasted with those of premium content websites (PCWs) and with general websites sampled from the Alexa top-1M. We further evaluate their security characteristics using multiple security indicators. Our findings show that FCWs and PCWs are predominantly hosted in medium-scale networks, which are strongly associated with a high concentration of malicious websites. At the cloud and country level, FCW distributions follow heavy-tailed patterns that differ from those of PCWs. Beyond static distributions, our analysis also uncovers dynamic trends, where PCWs demonstrate improving security postures over time while FCWs reveal increasing maliciousness in several categories and hosting regions. This study contributes to understanding the FCW ecosystem through comprehensive quantitative analysis. The results suggest that the harm posed by malicious FCWs can potentially be contained through effective isolation and filtering, given their concentration at the network, cloud, and country levels, and that longitudinal monitoring is essential to capture their evolving risks. Full article

Soil erosion in the hilly and gully region of the middle reaches of the Yellow River is severe, threatening regional ecological security and the water–sediment balance of the Yellow River. The area features fragmented topography and significant spatial heterogeneity in soil thickness, forming a unique binary “soil–rock” structural system. The soil in the study area is characterized by silt-based loess, and the underlying bedrock is an interbedded Jurassic-Cretaceous sandstone and sandy shale. It has strong weathering, well-developed fissures, and good permeability, rather than dense impermeable rock layers. However, the spatiotemporal differentiation mechanism of soil moisture in this system remains unclear. This study focuses on the typical hilly and gully region—the Geqiugou watershed. Through field investigations, soil thickness sampling, multi-scale soil moisture monitoring, and analysis of meteorological data, it systematically examines the cascade relationships among microtopography, soil–rock combinations, soil moisture, and meteorological drivers. The results show that: (1) Based on the field survey of 323 sampling points in the study area, it was found that soil samples with a thickness of less than 50 cm accounted for 85%, which constituted the main structure of soil thickness in the region. Macrotopographic units control the spatial differentiation of soil thickness, forming a complete thickness gradient from erosional units (e.g., Gully and Furrow) to depositional units (e.g., Gently sloped terrace). Based on this, five typical soil–rock combination types with soil thicknesses of 10 cm, 30 cm, 50 cm, 70 cm, and 90 cm were identified. (2) Soil–rock combination structures regulate the vertical distribution and seasonal dynamics of soil moisture. In thin-layer combinations, soil moisture is primarily retained within the shallow soil profile with higher dynamics, whereas in thick-layer combinations, under conditions of substantial rainfall, moisture can percolate deeply and become notably stored within the fractured bedrock, sometimes exceeding the moisture content in the overlying soil. (3) The response of soil moisture to precipitation is hierarchical: light rain events only affect the surface layer, whereas heavy rainfall can infiltrate to depths below 70 cm. Under intense rainfall, the soil–rock interface acts as a rapid infiltration pathway. (4) The influence of meteorological drivers on soil moisture exhibits vertical differentiation and is significantly modulated by soil–rock combination types. This study reveals the critical role of microtopography-controlled soil–rock combination structures in the spatiotemporal differentiation of soil moisture, providing a scientific basis for the precise implementation of soil and water conservation measures and ecological restoration in the region. Full article

Soybean is a key global crop for food and oil production, playing a vital role in ensuring food security and supplying plant-based proteins and oils. Accurate information on soybean distribution is essential for yield forecasting, agricultural management, and policymaking. In this study, we developed an Enhanced Chlorophyll Index (NRLI) to improve the separability between soybean and maize—two spectrally similar crops that often confound traditional vegetation indices. The proposed NRLI integrates red-edge, near-infrared, and green spectral information, effectively capturing variations in chlorophyll and canopy water content during key phenological stages, particularly from flowering to pod setting and maturity. Building upon this foundation, we further introduce a pixel-wise compositing strategy based on the peak phase of NRLI to enhance the temporal adaptability and spectral discriminability in crop classification. Unlike conventional approaches that rely on imagery from fixed dates, this strategy dynamically analyzes annual time-series data, enabling phenology-adaptive alignment at the pixel level. Comparative analysis reveals that NRLI consistently outperforms existing vegetation indices, such as the Normalized Difference Vegetation Index (NDVI), Enhanced Vegetation Index (EVI), and Greenness and Water Content Composite Index (GWCCI), across representative soybean-producing regions in multiple countries. It improves overall accuracy (OA) by approximately 10–20 percentage points, achieving accuracy rates exceeding 90% in large, contiguous cultivation areas. To further validate the robustness of the proposed index, benchmark comparisons were conducted against the Random Forest (RF) machine learning algorithm. The results demonstrated that the single-index NRLI approach achieved competitive performance, comparable to the multi-feature RF model, with accuracy differences generally within 1–2%. In some regions, NRLI even outperformed RF. This finding highlights NRLI as a computationally efficient alternative to complex machine learning models without compromising mapping precision. This study provides a robust, scalable, and transferable single-index approach for large-scale soybean mapping and monitoring using remote sensing. Full article

A sharing framework based on Zero-Knowledge Proof (ZKP) and Proxy Re-encryption (PRE) technologies offers a promising solution for sharing Student Electronic Academic Records (SEARs). As core credentials in the education sector, student records are characterized by strong identity binding, the need for long-term retention, frequent cross-institutional verification, and sensitive information. Compared with electronic health records and government archives, they face more complex security, privacy protection, and storage scalability challenges during sharing. These records not only contain sensitive data such as personal identity and academic performance but also serve as crucial evidence in key scenarios such as further education, employment, and professional title evaluation. Leakage or tampering could have irreversible impacts on a student’s career development. Furthermore, traditional blockchain technology faces storage capacity limitations when storing massive academic records, and existing general electronic record sharing solutions struggle to meet the high-frequency verification demands of educational authorities, universities, and employers for academic data. This study proposes a dedicated sharing framework for students’ electronic academic records, leveraging PRE technology and the distributed ledger characteristics of blockchain to ensure transparency and immutability during sharing. By integrating the InterPlanetary File System (IPFS) with Ethereum Smart Contract (SC), it addresses blockchain storage bottlenecks, enabling secure storage and efficient sharing of academic records. Relying on optimized ZKP technology, it supports verifying the authenticity and integrity of records without revealing sensitive content. Furthermore, the introduction of gate circuit merging, constant folding techniques, Field-Programmable Gate Array (FPGA) hardware acceleration, and the efficient Bulletproofs algorithm alleviates the high computational complexity of ZKP, significantly reducing proof generation time. The experimental results demonstrate that the framework, while ensuring strong privacy protection, can meet the cross-scenario sharing needs of student records and significantly improve sharing efficiency and security. Therefore, this method exhibits superior security and performance in privacy-preserving scenarios. This framework can be applied to scenarios such as cross-institutional academic certification, employer background checks, and long-term management of academic records by educational authorities, providing secure and efficient technical support for the sharing of electronic academic credentials in the digital education ecosystem. Full article

Phishing attacks continue to evolve and exploit fundamental human impulses, such as trust and the need for a rapid response, as well as emotional triggers. This makes the human mind both a valuable asset and a significant vulnerability. The proliferation of zero-day vulnerabilities has been identified as a significant exacerbating factor in this threat landscape. To address these evolving challenges, we introduce CrossPhire: a multimodal deep learning framework with an end-to-end architecture that captures semantic and visual cues from multiple data modalities, while also providing methodological insights for anti-phishing multimodal learning. First, we demonstrate that markup-free semantic text encoding captures linguistic deception patterns more effectively than DOM-based approaches, achieving 96–97% accuracy using textual content alone and providing the strongest single-modality signal through sentence transformers applied to HTML text stripped of structural markup. Second, through controlled comparison of fusion strategies, we show that simple concatenation outperforms a sophisticated gating mechanism so-called Mixture-of-Experts by 0.5–10% when modalities provide complementary, non-redundant security evidence. We validate these insights through rigorous experimentation on five datasets, achieving competitive same-dataset performance (97.96–100%) while demonstrating promising cross-dataset generalization (85–96% accuracy under distribution shift). Additionally, we contribute Phish360, a rigorously curated multimodal benchmark with 10,748 samples addressing quality issues in existing datasets (96.63% unique phishing HTML vs. 16–61% in prior benchmarks), and provide LIME-based explainability tools that decompose predictions into modality-specific contributions. The rapid inference time (0.08 s) and high accuracy results position CrossPhire as a promising solution in the fight against phishing attacks. Full article

This paper presents the design, implementation, and evaluation of a low-code document management and approval system developed on the Microsoft Power Platform. The solution integrates Power Apps, Power Automate, SharePoint Online, and Azure Active Directory to enable secure, traceable, and device-independent workflows for managing organizational documents. By combining graphical interfaces, automated approval logic, and enterprise-grade identity management, the system supports real-time collaboration and compliance with records’ governance standards. A comparative analysis with traditional enterprise content management and open-source web architectures demonstrates substantial advantages in deployment speed, scalability, and auditability. Empirical results from a six-week pilot involving multiple users indicate a reduction in approval cycle time, high user satisfaction, and strong cost-efficiency relative to conventional development models. The findings highlight how low-code ecosystems operationalize digital transformation by empowering non-technical users to automate complex workflows while maintaining security and governance integrity. This work contributes to the understanding of information system democratization, showing that low-code platforms can extend digital participation, improve organizational agility, and support sustainable operational efficiency across distributed environments. Full article