����Ŀ¼

25 June 2023, Volume 9 Issue 3

Previous Issue   

Papers

New hash function based on C-MD structure and chaotic neural network

Liquan CHEN, Yuhang ZHU, Yu WANG, Zhongyuan QIN, Yang MA

2023, 9(3):  1-15.  doi:10.11959/j.issn.2096-109x.2023033

Asbtract ( 201 )   HTML ( 46)   PDF (4368KB) ( 205 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In recent years, widely used hash algorithms such as MD5 and SHA-1 have been found to have varying degrees of security risks.The iterative structure of the SHA-2 algorithm is similar to that of SHA-1, making it vulnerable to attacks as well.Meanwhile, SHA-3 has a complex internal structure and low implementation efficiency.To address these issues, a keyed hash function was designed and implemented based on chaotic neural network and C-MD structure.The approach involved improving the Merkle-Damgard structure by proposing the chaotic neural network Merkle-Damgard (C-MD) structure.This structure can be used to design a hash function that can withstand attacks such as the middle attack, multiple collision attack, and second pre-image attack for long information.Besides, the chaotic neural network was used as the compression function to increase the complexity of the hash function and improve its collision resistance, while also enabling it to output multiple lengths.Moreover, a plaintext preprocessor was designed, which used the coupled image lattice to generate chaos sequence related to the length of the plaintext to fill the plaintext, thus enhancing the ability of the hash function to resist length expansion attacks.Simulation results demonstrate that the proposed hash function performs faster than SHA-2, SHA-3 and the same type of chaotic hash function proposed by Teh et al.It can resist second pre-image attack, multi-collision attack and differential attack, while also exhibiting better collision resistance and mapping uniformity.In addition, the proposed Hash function can output Hash values of different lengths, making it suitable for use in digital signature, key generation, Hash-based message authentication code, deterministic random bit generator, and other application fields.

Double adversarial attack against license plate recognition system

Xianyi CHEN, Jun GU, Kai YAN, Dong JIANG, Linfeng XU, Zhangjie FU

2023, 9(3):  16-27.  doi:10.11959/j.issn.2096-109x.2023034

Asbtract ( 223 )   HTML ( 45)   PDF (7649KB) ( 158 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Recent studies have revealed that deep neural networks (DNN) used in artificial intelligence systems are highly vulnerable to adversarial sample-based attacks.To address this issue, a dual adversarial attack method was proposed for license plate recognition (LPR) systems in a DNN-based scenario.It was demonstrated that an adversarial patch added to the pattern location of the license plate can render the target detection subsystem of the LPR system unable to detect the license plate class.Additionally, the natural rust and stains were simulated by adding irregular single-connected area random points to the license plate image, which results in the misrecognition of the license plate number.or the license plate research, different shapes of adversarial patches and different colors of adversarial patches are designed as a way to generate adversarial license plates and migrate them to the physical world.Experimental results show that the designed adversarial samples are undetectable by the human eye and can deceive the license plate recognition system, such as EasyPR.The success rate of the attack in the physical world can reach 99%.The study sheds light on the vulnerability of deep learning and the adversarial attack of LPR, and offers a positive contribution toward improving the robustness of license plate recognition models.

Personalized lightweight distributed network intrusion detection system in fog computing

Tianpeng YE, Xiang LIN, Jianhua LI, Xuankai ZHANG, Liwen XU

2023, 9(3):  28-37.  doi:10.11959/j.issn.2096-109x.2023035

Asbtract ( 208 )   HTML ( 34)   PDF (4834KB) ( 185 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

With the continuous development of Internet of Things (IoT) technology, there is a constant emergency of new IoT applications with low latency, high dynamics, and large bandwidth requirements.This has led to the widespread aggregation of massive devices and information at the network edge, promoting the emergence and deep development of fog computing architecture.However, with the widespread and in-depth application of fog computing architecture, the distributed network security architecture deployed to ensure its security is facing critical challenges brought by fog computing itself, such as the limitations of fog computing node computing and network communication resources, and the high dynamics of fog computing applications, which limit the edge deployment of complex network intrusion detection algorithms.To effectively solve the above problems, a personalized lightweight distributed network intrusion detection system (PLD-NIDS) was proposed based on the fog computing architecture.A large-scale complex network flow intrusion detection model was trained based on the convolutional neural network architecture, and furthermore the network traffic type distribution of each fog computing node was collected.The personalized model distillation algorithm and the weighted first-order Taylor approximation pruning algorithm were proposed to quickly compress the complex model, breaking through the limitation of traditional model compression algorithms that can only provide single compressed models for edge node deployment due to the high compression calculation overhead when facing a large number of personalized nodes.According to experimental results, the proposed PLD-NIDS architecture can achieve fast personalized compression of edge intrusion detection models.Compared with traditional model pruning algorithms, the proposed architecture achieves a good balance between computational loss and model accuracy.In terms of model accuracy, the proposed weighted first-order Taylor approximation pruning algorithm can achieve about 4% model compression ratio improvement under the same 0.2% model accuracy loss condition compared with the traditional first-order Taylor approximation pruning algorithm.

Image double fragile watermarking algorithm based on block neighborhood

Yilong WANG, Zhenyu LI, Daofu GONG, Fenlin LIU

2023, 9(3):  38-48.  doi:10.11959/j.issn.2096-109x.2023036

Asbtract ( 114 )   HTML ( 17)   PDF (8848KB) ( 212 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

To address the security risks associated with fixed offset mapping in self-embedded watermarking technology, as well as the limited recovery rate of single watermarking methods, an image double fragile watermarking algorithm based on block neighborhood was proposed.The image was divided into non-overlapping blocks of size 4×4 and block truncation coding was used to generate the recovery watermark based on the image block.For each image block, a neighborhood of a proper size was specified and two mapping blocks were randomly selected from the regions within and outside the neighborhood.Then the recovery watermark was embedded into the two mapping blocks simultaneously.The image block neighborhood setting mechanism of the algorithm ensured that the image block maintains a certain distance from its corresponding mapping block.Additionally, the selection mechanism of mapping blocks inside and outside the image block neighborhood ensured a certain distance between the two mapping blocks, thereby guaranteeing the security of the watermark.In the case of continuous region tampering, the relationship between the tampered region and the neighborhood of the image block was analyzed theoretically.The analysis showed that a suitable image block neighborhood can improve the average recovery rate of the tampered area compared with the random mapping embedding algorithm.Besides, the distribution trend of the average recovery rate of the tampered area and the recovery rate of each image block in the tampered area were given by numerical calculation.It was found that the tampered area image block can be recovered 100%, some image blocks in the center of the tampered area can be recovered 100%, and the recovery rate of image blocks in tampered area will be reduced.The experimental results verify the rationality and effectiveness of the theoretical analysis.Moreover, when the neighborhood parameters are large, the proposed algorithm achieves a higher average recovery rate of the tampered region than the random mapping embedding algorithm in the case of continuous region tampering.

Adaptive selection method of desensitization algorithm based on privacy risk assessment

Lijun ZU, Yalin CAO, Xiaohua MEN, Zhihui LYU, Jiawei YE, Hongyi LI, Liang ZHANG

2023, 9(3):  49-59.  doi:10.11959/j.issn.2096-109x.2023037

Asbtract ( 166 )   HTML ( 34)   PDF (1985KB) ( 149 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The financial industry deals with a vast amount of sensitive data in its business operations.However, the conventional approach of binding financial data for desensitization and using desensitization algorithms is becoming inefficient due to the fast-paced growth of financial businesses and the proliferation of data types.Additionally, manual verification and assessment of desensitized data by security experts are time-consuming and may carry potential privacy risks due to the improper selection of desensitization algorithms.While prior research has emphasized desensitization methods and privacy-preserving technologies, limited work has been conducted on desensitization algorithms from the perspective of automation.To address this issue, an adaptive recommendation framework was propose for selecting desensitization strategies that consider various factors, such as existing privacy protection technologies, data quality requirements of business scenarios, security risk requirements of financial institutions, and data attributes.Specifically, a dual-objective evaluation function was established for privacy risk and data quality to optimize the selection of desensitization algorithm parameters for different algorithms.Furthermore, the desensitization algorithm and parameters were adaptively selected by considering the data attributes through a multi-decision factor system and desensitization effect evaluation system.Compared to traditional approaches, the proposed framework effectively tackle issues of reduced data usability and inadequate personal data privacy protection that derive from manual intervention.Testing on a dataset with multiple financial institution types, the experiments show that the proposed method achieves a recommendation accuracy exceeding 95%, while the desensitized privacy risk level differed by less than 10% from the expected level.Additionally, the recommendation efficiency is 100 times faster than expert manual processing.

Location privacy protection method based on lightweight K-anonymity incremental nearest neighbor algorithm

Saite CHEN, Weihai LI, Yuanzhi YAO, Nenghai YU

2023, 9(3):  60-72.  doi:10.11959/j.issn.2096-109x.2023038

Asbtract ( 103 )   HTML ( 18)   PDF (2031KB) ( 89 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The use of location-based service brings convenience to people’s daily lives, but it also raises concerns about users’ location privacy.In the k-nearest neighbor query problem, constructing K-anonymizing spatial regions is a method used to protects users’ location privacy, but it results in a large waste of communication overhead.The SpaceTwist scheme is an alternative method that uses an anchor point instead of the real location to complete the k-nearest neighbor query,which is simple to implement and has less waste of communication overhead.However,it cannot guarantee K-anonymous security, and the specific selection method of the anchor point is not provided.To address these shortcomings in SpaceTwist, some schemes calculate the user’s K-anonymity group by introducing a trusted anonymous server or using the way of user collaboration, and then enhance the end condition of the query algorithm to achieve K-anonymity security.Other schemes propose the anchor point optimization method based on the approximate distribution of interest points, which can further reduce the average communication overhead.A lightweight K-anonymity incremental nearest neighbor (LKINN) location privacy protection algorithm was proposed to improve SpaceTwist.LKINN used convex hull mathematical tool to calculate the key points of K-anonymity group, and proposed an anchor selection method based on it, achieving K-anonymity security with low computational and communication costs.LKINN was based on a hybrid location privacy protection architecture, making only semi-trusted security assumptions for all members of the system, which had lax security assumptions compared to some existing research schemes.Simulation results show that LKINN can prevent semi-trusted users from stealing the location privacy of normal users and has smaller query response time and communication overhead compare to some existing schemes.

Research on credit card transaction security supervision based on PU learning

Renfeng CHEN, Hongbin ZHU

2023, 9(3):  73-78.  doi:10.11959/j.issn.2096-109x.2023039

Asbtract ( 121 )   HTML ( 16)   PDF (771KB) ( 114 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The complex and ever-evolving nature of credit card cash out methods and the emergence of various forms of fake transactions present challenges in obtaining accurate transaction information during customer interactions.In order to develop an accurate supervision method for detecting fake credit card transactions, a PU (positive-unlabeled learning) based security identification model for single credit card transactions was established.It was based on long-term transaction label data from cashed-up accounts in commercial banks’ credit card systems.A Spy mechanism was introduced into sample data annotation by selecting million positive samples of highly reliable cash-out transactions and 1.3 million samples of transactions to be labeled, and using a learner to predict the result distribution and label negative samples of non-cash-out transactions that were difficult to identify, resulting in 1.2 million relatively reliable negative sample labels.Based on these samples, 120 candidate variables were constructed, including credit card customer attributes, quota usage, and transaction preference characteristics.After importance screening of variables, nearly 50 candidate variables were selected.The XGBoost binary classification algorithm was used for model development and prediction.The results show that the proposed model achieve an identification accuracy of 94.20%, with a group stability index (PSI) of 0.10%, indicating that the single credit card transaction security identification model based on PU learning can effectively monitor fake transactions.This study improves the model discrimination performance of machine learning binary classification algorithm in scenarios where high-precision sample label data is difficult to obtain, providing a new method for transaction security monitoring in commercial bank credit card systems.

Identification on the structures of block ciphers using machine learning

Ruiqi XIA, Manman LI, Shaozhen CHEN

2023, 9(3):  79-89.  doi:10.11959/j.issn.2096-109x.2023040

Asbtract ( 196 )   HTML ( 26)   PDF (2896KB) ( 282 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Cryptographic identification is a critical aspect of cryptanalysis and a fundamental premise for key recovery.With the advancement of artificial intelligence, cryptanalysis based on machine learning has become increasingly mature, providing more effective methods and valuable insights for cryptographic identification.The distinguishability experiments were performed based on the Machine Learning to identify the structures of block ciphers in conditions of random keys.The identification of two structures of block ciphers from theoretical and experimental angles was studied.The differences of features in two structures’ cipher texts have been deduced by introducing the runs distribution index, feature distribution functions, KL-divergence, etc.After completing the feasibility research, experiments to identify the structures of two block ciphers using two Machine Learning models and the runs distribution index were conducted.The experiments were divided into two groups: single algorithm group and mixture algorithms group.It is found that the accuracy of both groups are more than 80%, which is around 40% higher than former work.The problem of identifying the structures of Block Ciphers in the conditions of random keys is solved in detail.Meanwhile, differences between the two structures of block ciphers are verified, which can serve as a reference for the design of cryptography algorithms.

EN-Bypass: a security assessment method on e-mail user interface notification

Jingyi YUAN, Zichuan LI, Guojun PENG

2023, 9(3):  90-101.  doi:10.11959/j.issn.2096-109x.2023041

Asbtract ( 103 )   HTML ( 19)   PDF (3078KB) ( 145 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Email plays an important role in people’s daily communications, while also attracts the attention of hackers.Email is frequently used in phishing attacks, with email sender spoofing being a key step.To prevent sender-spoofing attacks, email vendors often deploy email security protocols such as SPF, DKIM, and DMARC to verify the sender’s identity.Moreover, some vendors add email UI notification mechanism on email clients to help users identify the real sender.However, there is no uniform standard in the implementation of the email UI notification mechanism, which varies among vendors.Whether the mechanism effectively prevents sender-spoofing attacks still needs verification.In this paper, the security evaluation of the email UI notification mechanism was studied to gain better understanding of its efficacy and to eventually protect users from sender-spoofing attacks.Ten world-famous email services were researched and evaluated, of which seven deployed the email UI notification mechanism.Consequently, a new type of sender-spoofing attack was proposed which was called EN-Bypass, aiming to bypass the email UI notification mechanism by forging the “From” and “Sender” fields in the email header.To verify the email UI notification mechanism’s security and reliability, EmailSenderChecker was implemented, which can automatically evaluate the existence of the EN-Bypass attack.The result shows that all seven email service vendors suffer from EN-Bypass attack.Attackers could bypass the email UI notification mechanism by constructing special email headers and spoofing the sender.Finally, to improve the mail service security, three suggestions about the email UI notification mechanism were proposed for the mail service vendors.

Insider threat detection based on operational attention and data augmentation

Guanyun FENG, Cai FU, Jianqiang LYU, Lansheng HAN

2023, 9(3):  102-112.  doi:10.11959/j.issn.2096-109x.2023042

Asbtract ( 204 )   HTML ( 22)   PDF (3554KB) ( 258 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In recent years, there has been an increased focus on the issue of insider threats.Insider threats are a major cause security breaches in organizations and pose an ongoing challenge.By analyzing the existing insider threat data, it was identified that the biggest challenge in insider threat detection lies in data imbalance and the limited number of labeled threat samples.In the Cert R4.2 dataset, which is a classic dataset for insider threat detection, there are over 3.22 million log data, but only 7,423 are marked as malicious operation logs.Furthermore, most of the operation types in the logs are not related to malicious behavior, and only two types of operations are highly correlated with malicious behavior, such as leaking company data, creating interference in the detection process.To address this challenge, a data processing framework was designed based on operational attention and data augmentation.Anomaly evaluation was first performed on operations by the framework, and operations with low anomaly scores were then masked.This makes the model better focus on operations related to malicious behavior, which can be considered as a hard attention mechanism for operations.Next, the characteristics of the insider threat dataset were analyzed, and three rules were designed for data augmentation on malicious samples to increase the diversity of samples and alleviate the substantial imbalance between positive and negative samples.Supervised insider threat detection was regarded as a time-series classification problem.Residual connections were added to the LSTM-FCN model to achieve multi-granularity detection, and indicators such as precision rate and recall rate were used to evaluate the model.The results indicate superior performance over existing baseline models.Moreover, the data processing framework was implemented on various classic models, such as ITD-Bert and TextCNN, and the results show that the methods effectively improve the performance of insider threat detection models.

Privacy-enhanced federated learning scheme based on generative adversarial networks

Feng YU, Qingxin LIN, Hui LIN, Xiaoding WANG

2023, 9(3):  113-122.  doi:10.11959/j.issn.2096-109x.2023043

Asbtract ( 305 )   HTML ( 53)   PDF (3710KB) ( 343 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Federated learning, a distributed machine learning paradigm, has gained a lot of attention due to its inherent privacy protection capability and heterogeneous collaboration.However, recent studies have revealed a potential privacy risk known as “gradient leakage”, where the gradients can be used to determine whether a data record with a specific property is included in another participant’s batch, thereby exposing the participant’s training data.Current privacy-enhanced federated learning methods may have drawbacks such as reduced accuracy, computational overhead, or new insecurity factors.To address this issue, a differential privacy-enhanced generative adversarial network model was proposed, which introduced an identifier into vanilla GAN, thus enabling the input data to be approached while satisfying differential privacy constraints.Then this model was applied to the federated learning framework, to improve the privacy protection capability without compromising model accuracy.The proposed method was verified through simulations under the client/server (C/S) federated learning architecture and was found to balance data privacy and practicality effectively compared with the DP-SGD method.Besides, the usability of the proposed model was theoretically analyzed under a peer-to-peer (P2P) architecture, and future research work was discussed.

Forgery face detection method based on multi-domain temporal features mining

Chuntao ZHU, Chengxi YIN, Bolin ZHANG, Qilin YIN, Wei LU

2023, 9(3):  123-134.  doi:10.11959/j.issn.2096-109x.2023044

Asbtract ( 185 )   HTML ( 23)   PDF (2998KB) ( 118 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Financial technology has greatly facilitated people’s daily life with the continuous development of computer technology in the financial services industry.However, digital finance is accompanied by security problems that can be extremely harmful.Face biometrics, as an important part of identity information, is widely used in payment systems, account registration, and many other aspects of the financial industry.The emergence of face forgery technology constantly impacts the digital financial security system, posing a threat to national asset security and social stability.To address the security problems caused by fake faces, a forgery face detection method based on multi-domain temporal features mining was proposed.The tampering features were distinguished and enhanced based on the consistency of statistical feature data distribution and temporal action trend in the temporal features of videos existing in the spatial domain and frequency domain.Temporal information was mined in the spatial domain using an improved LSTM, while in the frequency domain, temporal information existing in different frequency bands of the spectrum was mined using 3D convolution layers.The information was then fused with the tampering features extracted from the backbone network, thus effectively distinguishing forged faces from real ones.The effectiveness of the proposed method was demonstrated on mainstream datasets.

Carrier-independent screen-shooting resistant watermarking based on information overlay superimposition

Xiaomeng LI, Daidou GUO, Xunfang ZHUO, Heng YAO, Chuan QIN

2023, 9(3):  135-149.  doi:10.11959/j.issn.2096-109x.2023045

Asbtract ( 175 )   HTML ( 25)   PDF (14561KB) ( 115 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Financial security, an important part of national security, is critical for the stable and healthy development of the economy.Digital image watermarking technology plays a crucial role in the field of financial information security, and the anti-screen watermarking algorithm has become a new research focus of digital image watermarking technology.The common way to achieve an invisible watermark in existing watermarking schemes is to modify the carrier image, which is not suitable for all types of images.To solve this problem, an end-to-end robust watermarking scheme based on deep learning was proposed.The algorithm achieved both visual quality and robustness of the watermark image.A random binary string served as the input of the encoder network in the proposed end-to-end network architecture.The encoder can generate the watermark information overlay, which can be attached to any carrier image after training.The ability to resist screen shooting noise was learned by the model through mathematical methods incorporated in the network to simulate the distortion generated during screen shooting.The visual quality of the watermark image was further improved by adding the image JND loss based on just perceptible difference.Moreover, an embedding hyperparameter was introduced in the training phase to balance the visual quality and robustness of the watermarked image adaptively.A watermark model suitable for different scenarios can be obtained by changing the size of the embedding hyperparameter.The visual quality and robustness performance of the proposed scheme and the current state-of-the-art algorithms were evaluated to verify the effectiveness of the proposed scheme.The results show that the watermark image generated by the proposed scheme has better visual quality and can accurately restore the embedded watermark information in robustness experiments under different distances, angles, lighting conditions, display devices, and shooting devices.

Gender forgery of faces by fusing wavelet shortcut connection generative adversarial network

Wanze CHEN, Liqing HUANG, Jiazhen CHEN, Feng YE, Tianqiang HUANG, Haifeng LUO

2023, 9(3):  150-160.  doi:10.11959/j.issn.2096-109x.2023046

Asbtract ( 84 )   HTML ( 13)   PDF (6589KB) ( 97 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

The mainstream methods in the field of facial attribute manipulation had the following two defects due to data and model architecture limitations.First, the bottleneck structure of the autoencoder model results in the loss of feature information, and the traditional method of continuously injected styles to the source domain features during the decoding process makes the generated image too referential to the target domain while losing the identity information and fine-grained details.Second, differences in facial attributes composition between images, such as gender, ethnicity, or age can cause variations in frequency domain information.And the current unsupervised training methods do not automatically adjust the proportion of source and target domain information in the style injection stage, resulting in artifacts in generated images.A facial gender forgery model based on generative adversarial networks and image-to-image translation techniques, namely fused wavelet shortcut connection generative adversarial network (WscGAN), was proposed to address the these issues.Shortcut connections were added to the autoencoder structure, and the outputs of different encoding stages were decomposed at the feature level by wavelet transform.Attention mechanism was employed to process them one by one, to dynamically change the proportion of source domain features at different frequencies in the decoding process.This model could complete forgery of facial images in terms of gender attributes.To verify the effectiveness of the model, it was conducted on the CelebA-HQ dataset and the FFHQ dataset.Compared with the existing optimal models, the method improves the FID and LPIPS indices by 5.4% and 11.2%, and by 1.8% and 6.7%, respectively.Furthermore, the effectiveness of the proposed method in improving the gender attribute conversion of facial images is fully demonstrated by the results based on qualitative visual comparisons.

Software diversity evaluating method based on gadget feature analysis

Genlin XIE, Guozhen CHENG, Yawen WANG, Qingfeng WANG

2023, 9(3):  161-173.  doi:10.11959/j.issn.2096-109x.2023047

Asbtract ( 104 )   HTML ( 10)   PDF (6240KB) ( 84 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

Software diversity is commonly utilized in scenarios such as software distribution and operating systems to improves system resilience and security.However, existing software diversity evaluation methods are typically based on conventional code features and are relatively limited in scope, which can make it difficult to accurately reflect the security benefits of software diversity.To address this issue, a software diversity evaluation method was proposed from the perspective of ROP attack by analyzing the impact of software diversity on the difficulty of building a gadget attack chain, the attacker’s potentially available computing power, and the attacker’s cost of searching for gadgets in different variants.Metrics for the quality, practicability, and distribution of gadgets were integrated into this method.Testing was conducted using diversity technologies with different granularity.The evaluation results showed that the proposed method could accurately and comprehensively reflect the security gain brought by software diversity.It was observed that software diversity could relocate/modify/delete a large number of gadgets in the software, increasing the cost of attacking different software variants but also leading to different degrees of software expansion.Finally, an analysis and discussion of the advantages and disadvantages of existing diversity techniques were conducted based on the experimental results.

Technology and practice of intelligent governance for financial data security

Peng HOU, Zhixin LI, Fei ZHANG, Xu SUN, Dan CHEN, Yihao CUI, Hanbing ZHANG, Yinan JIN, Hongfeng CHAI

2023, 9(3):  174-187.  doi:10.11959/j.issn.2096-109x.2023048

Asbtract ( 294 )   HTML ( 106)   PDF (3239KB) ( 296 )   Knowledge map   

Figures and Tables | References | Related Articles | Metrics

In the “14th Five-Year Plan” era, the digitization of the financial industry has entered a phase of deepening and high-quality development.Strengthening Financial Data Security Governance (FDSG) and protecting financial data security have become an objective need and essential requirements for developing national economic security.FDSG utilizes data governance measures as a fundamental tool with a focus on sensitive data to ensure the comprehensive security of the entire lifecycle of financial data.It aims to promote data circulation among financial institutions, activate data value, and facilitate market-oriented allocation of financial data elements.FDSG is increasingly intertwined with big data, artificial intelligence, cloud computing, and blockchain technologies, transforming traditional data security governance into intelligent governance and accelerating the evolution of FDSG towards automation, intelligence, efficiency, and precision.FDSG’s essence, scope, and governance framework were introduced, and the core concepts and critical supporting technologies for the intellectual development of FDSG were elaborated, outlining the roadmap for intelligent governance.With consideration of FDSG’s demands and characteristics of intelligent technologies, vital directions for the practical application of intelligent technologies in FDSG were outlined, including data classification, data traceability, content control, privacy protection, and data twinning.Examples of current intelligent governance practices in banking, securities, and insurance industries were provided.Policy recommendations were proposed in the paper to promote the standardized and intelligent development of FDSG in China’s new era, aiming to foster the sustainable development of financial institutions and industries and ensure a healthy and secure environment for the future.