Journal of Science and Technology on Information security

Research on the Design and Development of a Secure Cold Wallet Device for Blockchain

2025-09-26T09:00:25+07:00

Cold Wallet is a specialized hardware device designed to store private keys and perform digital signing in an isolated (offline) environment, ensuring maximum security for digital assets. This paper presents a comprehensive design of a secure cold wallet device for Blockchain, focusing on security requirements and cryptographic processing capabilities.

Weak Links in Smart Surveillance: An Empirical Security Evaluation of Evil Twin Attacks on IoT Cameras

2025-12-16T16:23:00+07:00

Wireless IP cameras are vital in IoT ecosystems but remain vulnerable to Evil Twin attacks that enable device compromise and data interception. This study empirically demonstrates how Deauthentication combined with rogue access points can coerce WPA2-based cameras into attacker-controlled networks, enabling MITM interception of unencrypted streams. Experiments using a controlled testbed reveal weaknesses in AP authentication, session management, and reconnection logic. To mitigate these threats, we recommend WPA3-SAE adoption, AP fingerprinting, stronger traffic encryption, and rogue AP detection. The results highlight systemic flaws in consumer IoT cameras and outline practical defenses to enhance Wi-Fi security in surveillance systems.

Memory-Resident Malware Detection via a Hybrid Deep Learning Framework

2025-11-17T08:18:29+07:00

Memory-resident malware detection is a critical cybersecurity challenge, particularly with stealth techniques like Living-off-the-Land (LotL). This paper proposes a hybrid deep learning framework to detect malware from memory-behavior data represented as fixed-length tabular features. The framework emphasizes an effective data processing pipeline rather than a complex model architecture. It has three stages: (1) feature selection and Z-score standardization using Extreme Gradient Boosting (XGBoost) and StandardScaler, (2) data balancing and cleaning using Synthetic Minority Over-sampling Technique (SMOTE) and Edited Nearest Neighbor (ENN), and (3) training a Transformer Encoder-based classifier to extract high-level non-linear representations from the stabilized feature space, utilizing robust Feed-Forward Networks, Layer Normalization, residual connections, and Focal Loss to enhance training stability under class imbalance. Training further employs a StepLR Scheduler and Early Stopping to ensure convergence and prevent overfitting. On the CIC-MalMem-2022 dataset, which comprises one benign class and 15 malware classes, the proposed framework achieves 76.62% Accuracy and 76.35% F1-score, outperforming traditional baselines. These results demonstrate the framework’s effectiveness for proactive malware defense based on memory behavioral analysis.

FPGA-Based inline encryption bridge using AES-XTS for storage systems

2025-10-15T17:45:14+07:00

This paper presents a hardware-based AES-256 XTS encryption system implemented on FPGA, providing a complete inline bridge between a storage controller and the storage device. Unlike prior works that focused only on AES core optimization, this design integrates the core into the full SATA protocol and evaluates end-to-end storage-path performance. The pipelined XTS-AES core enables high-throughput, real-time sector-level encryption with minimal performance impact. FPGA implementation offers flexibility in key sizes and encryption modes, supports algorithm updates through partial reconfiguration, and allows scalability to various storage systems, including NAS storage systems. The main contributions are: (i) proposing an FPGA-based inline encryption architecture with an AES-XTS core fully integrated into the SATA protocol; (ii) implementing and evaluating the encryption performance on a real storage system, demonstrating practical feasibility and transparency in real-time operations.

A Blockchain-Based Chain of Custody for Digital Evidence: Design and Evaluation

2025-12-11T09:08:15+07:00

Maintaining a trustworthy chain of custody is essential to ensure the integrity, provenance, and admissibility of digital evidence. However, traditional evidence-management systems often suffer from opacity, limited auditability, and susceptibility to insider abuse or procedural errors. To address these gaps, we propose a blockchain-based chain-of-custody framework built on Hyperledger Fabric. In this design, the full lifecycle of evidence is logged as immutable, permissioned ledger entries, while artefacts themselves remain protected in secure off-chain repositories. Each event is captured through signed metadata and cryptographically time-stamped records, providing tamper-evident traceability. Custody workflows are encoded in Fabric chaincode, with role-based, multi-party authorization required for sensitive transitions. Moreover, Fabric’s privacy channels and fine-grained access controls enable cross-agency collaboration without unnecessary data exposure. A prototype implementation shows that the system achieves end-to-end accountability, practical throughput, and sub-second median latency on commodity hardware-demonstrating that stronger evidentiary assurance can be achieved for law-enforcement and forensic applications without incurring prohibitive operational costs.

AI-Enhanced SQL Injection Detection Framework: A Novel Approach Combines LLMs with Traditional Fuzzing to Improve Web Application Vulnerability Detection

2025-12-18T07:59:26+07:00

SQL injection affects 65% of web applications, yet traditional tools often miss context-specific vulnerabilities. We propose AESIDF, a hybrid framework that integrates Large Language Models with parallel fuzzing for semantic vulnerability analysis. Evaluated on 26 benchmark scenarios from PortSwigger, DVWA, and OWASP Juice Shop, our approach achieves a 92.3% detection rate compared to SQLMap’s 76.9%, while reducing request volume by approximately 68.8%. These preliminary results suggest that LLM-powered contextual reasoning can enhance automated security testing; however, broader validation on larger and more diverse datasets is required to confirm generalizability.

Enhancing MITM Attack Detection Mechanism for ICS using LSTM-based Hybrid Ensemble Learning

2025-12-11T08:03:40+07:00

With the rapid development of Information Technology (IT), the integration of IT with Industrial Control System (ICS) makes it susceptible to cybersecurity threats, including Man-in-the-Middle (MITM) attacks. Many studies focus on MITM attack detection approaches that include rule-based methods and those using Machine Learning (ML). However, these approaches suffer from two main limitations: a lack of a dataset for MITM attack detection in ICS networks and an effective MITM attack detection method due to the ever-increasing complexity of ICS networks. In this paper, we propose a novel MITM attack detection framework using an ensemble learning algorithm for large-scale ICS networks. Concretely, we propose a novel ICS simulation framework for large-scale networks using Software-Defined Networking to facilitate ICS studies. Moreover, a novel lightweight MITM attack detection mechanism using an enhanced pre-processing technique and a hybrid ensemble learning algorithm using Long Short-Term Memory (LSTM) is proposed to detect MITM attacks with high accuracy while requiring suitable processing time. Experimental results show that the proposed MITM attack detection mechanism can achieve an f1 score of 91.91% while requiring only 8.91 microseconds for inference time.

Proposal of an End-to-End Encrypted Chat System with Digital Signature and Vietnamese Character Support Based on Elliptic Curve

2025-12-12T10:32:44+07:00

The paper proposes an End-to-End Encrypted (E2EE) chat system based on Elliptic Curve Cryptography (ECC), using Elliptic Curve Digital Signature Algorithm (ECDSA) for authentication and Elliptic Curve Diffie-Hellman (ECDH) for encryption key generation. The system is designed as a lightweight web widget, easily embeddable into websites, with full support for Vietnamese characters (UTF-8) without compromising performance. The solution employs the Web Crypto API to perform AES-GCM encryption and ECDSA digital signatures, combined with a nonce mechanism to prevent replay attacks. Experimental results demonstrate high performance (encryption/decryption time <1ms for long messages) and resilience against MITM and spoofing attacks.

Throughput Optimization of the ASCON Lightweight Cryptographic Algorithm on IoT Devices

2025-12-23T08:38:37+07:00

ASCON is a lightweight authenticated encryption algorithm standardized by NIST for securing constrained IoT environments. This study presents the implementation of ASCON-128a in a practical IoT architecture, where the ESP32 serves as the central microcontroller at the IoT node and the Raspberry Pi 4 acts as the central microcontroller at the IoT gateway. The ESP32 is chosen for its low-power operation, integrated wireless communication, and suitability for embedded edge processing. At the same time, the Raspberry Pi 4 is selected to support higher computational demands and data aggregation at the network edge. To improve performance, optimization strategies such as CPU frequency scaling, IRAM execution, dual-core parallelism, and cache warm-up were applied on the ESP32, alongside frequency stabilization and cache warm-up on the Raspberry Pi 4. Experimental results indicate that the ESP32 achieves an encryption throughput of 2.42 MB/s, while the Raspberry Pi 4 reaches 124 MB/s. These results validate ASCON-128a as an efficient and secure cryptographic solution for heterogeneous IoT systems.