Traditional email systems can only achieve one-way communication,which means only the receiver is allowed to search for emails on the email server.In this paper,we propose a blockchain-based certificateless bidirectio...Traditional email systems can only achieve one-way communication,which means only the receiver is allowed to search for emails on the email server.In this paper,we propose a blockchain-based certificateless bidirectional authenticated searchable encryption model for a cloud email system named certificateless authenticated bidirectional searchable encryption(CL-BSE)by combining the storage function of cloud server with the communication function of email server.In the new model,not only can the data receiver search for the relevant content by generating its own trapdoor,but the data owner also can retrieve the content in the same way.Meanwhile,there are dual authentication functions in our model.First,during encryption,the data owner uses the private key to authenticate their identity,ensuring that only legal owner can generate the keyword ciphertext.Second,the blockchain verifies the data owner’s identity by the received ciphertext,allowing only authorized members to store their data in the server and avoiding unnecessary storage space consumption.We obtain a formal definition of CL-BSE and formulate a specific scheme from the new system model.Then the security of the scheme is analyzed based on the formalized security model.The results demonstrate that the scheme achieves multikeyword ciphertext indistinguishability andmulti-keyword trapdoor privacy against any adversary simultaneously.In addition,performance evaluation shows that the new scheme has higher computational and communication efficiency by comparing it with some existing ones.展开更多
This paper focuses on the improvement of traditional email system architecture with the help of blockchain technology in the existing network environment. The improved system architecture can better improve the securi...This paper focuses on the improvement of traditional email system architecture with the help of blockchain technology in the existing network environment. The improved system architecture can better improve the security and stability of the system. The email content is extracted and stored in the blockchain network to achieve regulatory traceability between the email service provider and the higher-level organization. In turn, A Blockchain-based Upgraded Email System(BUES) is proposed. The defects of the existing traditional email system are addressed. Firstly, the threat model of the traditional email system is analyzed, and solutions are proposed for various threats. Then a system architecture consisting of the blockchain network, email servers, and users are constructed. The implementation of BUES is carried out, and the related experimental process and algorithm steps are given. After the experimental analysis, it is shown that BUES can ensure the security, reliability, efficiency, and traceability of email transmission.展开更多
In this paper, we propose a new online system that can quickly detect malicious spam emails and adapt to the changes in the email contents and the Uniform Resource Locator (URL) links leading to malicious websites by ...In this paper, we propose a new online system that can quickly detect malicious spam emails and adapt to the changes in the email contents and the Uniform Resource Locator (URL) links leading to malicious websites by updating the system daily. We introduce an autonomous function for a server to generate training examples, in which double-bounce emails are automatically collected and their class labels are given by a crawler-type software to analyze the website maliciousness called SPIKE. In general, since spammers use botnets to spread numerous malicious emails within a short time, such distributed spam emails often have the same or similar contents. Therefore, it is not necessary for all spam emails to be learned. To adapt to new malicious campaigns quickly, only new types of spam emails should be selected for learning and this can be realized by introducing an active learning scheme into a classifier model. For this purpose, we adopt Resource Allocating Network with Locality Sensitive Hashing (RAN-LSH) as a classifier model with a data selection function. In RAN-LSH, the same or similar spam emails that have already been learned are quickly searched for a hash table in Locally Sensitive Hashing (LSH), in which the matched similar emails located in “well-learned” are discarded without being used as training data. To analyze email contents, we adopt the Bag of Words (BoW) approach and generate feature vectors whose attributes are transformed based on the normalized term frequency-inverse document frequency (TF-IDF). We use a data set of double-bounce spam emails collected at National Institute of Information and Communications Technology (NICT) in Japan from March 1st, 2013 until May 10th, 2013 to evaluate the performance of the proposed system. The results confirm that the proposed spam email detection system has capability of detecting with high detection rate.展开更多
Cybercriminals often use fraudulent emails and fictitious email accounts to deceive individuals into disclosing confidential information,a practice known as phishing.This study utilizes three distinct methodologies,Te...Cybercriminals often use fraudulent emails and fictitious email accounts to deceive individuals into disclosing confidential information,a practice known as phishing.This study utilizes three distinct methodologies,Term Frequency-Inverse Document Frequency,Word2Vec,and Bidirectional Encoder Representations from Transform-ers,to evaluate the effectiveness of various machine learning algorithms in detecting phishing attacks.The study uses feature extraction methods to assess the performance of Logistic Regression,Decision Tree,Random Forest,and Multilayer Perceptron algorithms.The best results for each classifier using Term Frequency-Inverse Document Frequency were Multilayer Perceptron(Precision:0.98,Recall:0.98,F1-score:0.98,Accuracy:0.98).Word2Vec’s best results were Multilayer Perceptron(Precision:0.98,Recall:0.98,F1-score:0.98,Accuracy:0.98).The highest performance was achieved using the Bidirectional Encoder Representations from the Transformers model,with Precision,Recall,F1-score,and Accuracy all reaching 0.99.This study highlights how advanced pre-trained models,such as Bidirectional Encoder Representations from Transformers,can significantly enhance the accuracy and reliability of fraud detection systems.展开更多
Mobile agent currently is a hot spot among research fields of Internet technology. The deployment of mo-bile agents over network usually needs extra infrastructure for agent migration and communication,which adds to t...Mobile agent currently is a hot spot among research fields of Internet technology. The deployment of mo-bile agents over network usually needs extra infrastructure for agent migration and communication,which adds to thedifficulty of popularizing MA systems. We present in this paper an Email-box-based mechanism of agent migrationand communication,which is built on top of the formerly developed MOON-EAMS system. This mechanism,basedon Email formatting skills,utilizes Email for data transfer,and offers a loosely coupled option of agent migration andcommunication,which ,compared to related works ,obtains the advantage of easy implementation,and reduces the riskof network connection failure.展开更多
基金supported by the National Natural Science Foundation of China(Nos.62172337,62241207)Key Project of GansuNatural Science Foundation(No.23JRRA685).
文摘Traditional email systems can only achieve one-way communication,which means only the receiver is allowed to search for emails on the email server.In this paper,we propose a blockchain-based certificateless bidirectional authenticated searchable encryption model for a cloud email system named certificateless authenticated bidirectional searchable encryption(CL-BSE)by combining the storage function of cloud server with the communication function of email server.In the new model,not only can the data receiver search for the relevant content by generating its own trapdoor,but the data owner also can retrieve the content in the same way.Meanwhile,there are dual authentication functions in our model.First,during encryption,the data owner uses the private key to authenticate their identity,ensuring that only legal owner can generate the keyword ciphertext.Second,the blockchain verifies the data owner’s identity by the received ciphertext,allowing only authorized members to store their data in the server and avoiding unnecessary storage space consumption.We obtain a formal definition of CL-BSE and formulate a specific scheme from the new system model.Then the security of the scheme is analyzed based on the formalized security model.The results demonstrate that the scheme achieves multikeyword ciphertext indistinguishability andmulti-keyword trapdoor privacy against any adversary simultaneously.In addition,performance evaluation shows that the new scheme has higher computational and communication efficiency by comparing it with some existing ones.
基金supported by the China Mobile Research Foundation of the Ministry of Education (No. MCM20180401)State Administration of Science, Technology and Industry for National Defence, PRC (NO.JCKY2020602B008)
文摘This paper focuses on the improvement of traditional email system architecture with the help of blockchain technology in the existing network environment. The improved system architecture can better improve the security and stability of the system. The email content is extracted and stored in the blockchain network to achieve regulatory traceability between the email service provider and the higher-level organization. In turn, A Blockchain-based Upgraded Email System(BUES) is proposed. The defects of the existing traditional email system are addressed. Firstly, the threat model of the traditional email system is analyzed, and solutions are proposed for various threats. Then a system architecture consisting of the blockchain network, email servers, and users are constructed. The implementation of BUES is carried out, and the related experimental process and algorithm steps are given. After the experimental analysis, it is shown that BUES can ensure the security, reliability, efficiency, and traceability of email transmission.
文摘In this paper, we propose a new online system that can quickly detect malicious spam emails and adapt to the changes in the email contents and the Uniform Resource Locator (URL) links leading to malicious websites by updating the system daily. We introduce an autonomous function for a server to generate training examples, in which double-bounce emails are automatically collected and their class labels are given by a crawler-type software to analyze the website maliciousness called SPIKE. In general, since spammers use botnets to spread numerous malicious emails within a short time, such distributed spam emails often have the same or similar contents. Therefore, it is not necessary for all spam emails to be learned. To adapt to new malicious campaigns quickly, only new types of spam emails should be selected for learning and this can be realized by introducing an active learning scheme into a classifier model. For this purpose, we adopt Resource Allocating Network with Locality Sensitive Hashing (RAN-LSH) as a classifier model with a data selection function. In RAN-LSH, the same or similar spam emails that have already been learned are quickly searched for a hash table in Locally Sensitive Hashing (LSH), in which the matched similar emails located in “well-learned” are discarded without being used as training data. To analyze email contents, we adopt the Bag of Words (BoW) approach and generate feature vectors whose attributes are transformed based on the normalized term frequency-inverse document frequency (TF-IDF). We use a data set of double-bounce spam emails collected at National Institute of Information and Communications Technology (NICT) in Japan from March 1st, 2013 until May 10th, 2013 to evaluate the performance of the proposed system. The results confirm that the proposed spam email detection system has capability of detecting with high detection rate.
文摘Cybercriminals often use fraudulent emails and fictitious email accounts to deceive individuals into disclosing confidential information,a practice known as phishing.This study utilizes three distinct methodologies,Term Frequency-Inverse Document Frequency,Word2Vec,and Bidirectional Encoder Representations from Transform-ers,to evaluate the effectiveness of various machine learning algorithms in detecting phishing attacks.The study uses feature extraction methods to assess the performance of Logistic Regression,Decision Tree,Random Forest,and Multilayer Perceptron algorithms.The best results for each classifier using Term Frequency-Inverse Document Frequency were Multilayer Perceptron(Precision:0.98,Recall:0.98,F1-score:0.98,Accuracy:0.98).Word2Vec’s best results were Multilayer Perceptron(Precision:0.98,Recall:0.98,F1-score:0.98,Accuracy:0.98).The highest performance was achieved using the Bidirectional Encoder Representations from the Transformers model,with Precision,Recall,F1-score,and Accuracy all reaching 0.99.This study highlights how advanced pre-trained models,such as Bidirectional Encoder Representations from Transformers,can significantly enhance the accuracy and reliability of fraud detection systems.
文摘Mobile agent currently is a hot spot among research fields of Internet technology. The deployment of mo-bile agents over network usually needs extra infrastructure for agent migration and communication,which adds to thedifficulty of popularizing MA systems. We present in this paper an Email-box-based mechanism of agent migrationand communication,which is built on top of the formerly developed MOON-EAMS system. This mechanism,basedon Email formatting skills,utilizes Email for data transfer,and offers a loosely coupled option of agent migration andcommunication,which ,compared to related works ,obtains the advantage of easy implementation,and reduces the riskof network connection failure.
