A secure image encryption scheme based on Fully-Connected-Like Neural Network and edge pixel reset

When digital images are transmitted and stored in the currently open network environment, they often face various risks. A secure image encryption based on Fully-Connected-Like Neural Network (FCLNN) and edge pixel reset is proposed. Firstly, using random noise to reset the image last-bit of the edge pixels to generate diﬀerent keys for each encryption. Secondly, the image rows and columns are transformed by Cyclic Shift Transformation (CST). Then, the image is diﬀused at the bit-level by using FCLNN. Finally, forward and reverse diﬀusions are performed on the image to generate the cipher image. In addition, the result of convolution operation between plain image and chaotic sequence is introduced to set the initial value of the chaotic sys-tem to establish the correlation between plain image and algorithm, which makes the algorithm resistant to known/chosen plaintext attack. The simulation results show that the proposed algorithm has negligible loss, and the decrypted image is visually identical to the original image. At the same time, the algorithm has a large key space, can resist common attacks such as statistical attacks, diﬀerential attacks, noise attacks, and data loss attacks, and has high security.


Introduction
With the development of Internet technology, image information has an explosive growth. Images contain a large number of information with the intuitive visual effects and gradually become an important information carrier in social communication [1][2][3]. At the same time, image also plays an important role in medicine, military, aerospace, and other important fields [4][5][6]. However, with the impact of science and technology on people's lives, people also begin to worry about the security of image information in the transmission process. When the image is uploaded on the public channel, it may be maliciously damaged or illegally copied [7], so personal privacy, military secrets, and even national strategy are facing risks.
Therefore, effective methods are needed to protect image information. In the process of transmission, the direct method to protect the image is image encryption [8,9], which encrypts the image into meaningless noise-like information. After receiving the image information, only a legal key can be used to obtain the correct decrypted image. Traditional encryption methods mostly convert images into bit streams and then encrypt them, such as DES [10], AES [11], IDEA [12], and so on. However, unlike bit streams, images have the characteristics of high correlation between adjacent pixels, large data capacity, and high redundancy [3]. Thus, traditional encryption methods may ignore these characteristics of the image, resulting in insufficient security of the image encryption algorithm [13][14][15].
Chaotic systems have the characteristics of initial value sensitivity, ergodicity and unpredictability [16], so it is very suitable for image encryption systems. Since chaos theory was first applied to image encryption [17], chaotic cryptosystem has attracted a large number of scholars. At present, many image encryption algorithms based on chaos have appeared. Feifei Yang et al. proposed a new 4D fractional order laser chaotic system based on Lorenz Haken Model and applied it to image encryption. The chaotic sequence generated by the chaotic system has good pseudo randomness, and the encryption result also has good security [18]. Mingxu Wang et al. proposed an improved cross coupled spatiotemporal chaotic system and designed a bit-level image encryption algorithm based on the chaotic system, which has high security against common attacks [1].
However, some existing chaotic-based encryption algorithms have some shortcomings. Such as, the key design is simple [19,20], cannot resist some plaintext attacks [21][22][23] and requires a large number of pseudorandom numbers [9,23,26]. These methods may lead to inefficient encryption processes and lower security levels. For instance, Wei Feng et al. proposed an image encryption method based on discrete logarithm and memristor system, in which the hash code of an ordinary image is directly used as the key, which may be conducive to cryptanalysis [24]. After that, Guodong Ye et al. proposed a pixel image scrambling encryption algorithm, but through cryptanalysis, it has been proved that this method cannot resist the chosen plaintext attack [25]. Although the chaotic system used in these methods can produce excellent pseudo-random sequences, the simple encryption algorithm based on the chaotic system is still insufficient to meet the higher requirements of image information security. In order to improve the ability of the algorithm to resist various attacks, we design an image edge pixel reset algorithm to generate plaintext-related keys. In the encryption process, random noise is used to reset the least-significant bits of the edge pixels of the image.When the same image is encrypted many times, a completely different cipher image can be generated each time. Experimental analysis shows that the method can resist all kinds of attacks.
With the development of cross-application of chaotic systems and multiple technologies, scholars have designed a variety of new image encryption algorithms. Guodong Ye et al. proposed an image encryption method based on compressed sensing and random number insertion, which uses compressed sensing to compress and encrypt the scrambled image, ensuring encryption security and improving the encryption efficiency [8]. Xingbin Liu et al. proposed a quantum image encryption method, which uses a novel quantum representation mode to represent the image, and then encrypts the image. This method has good computational complexity [27]. Jian Zhou et al. proposed a medical image ROI encryption method based on game theory, which real-ized the best balance between efficiency and security by using game theory [4]. From these image encryption algorithms, it can be seen that the combination of an excellent chaotic system and a good algorithm design can improve the encryption efficiency and the security of the encryption algorithm. In this paper, we design a bit-level image encryption method combined with FCLNN. FCLNN simulates the structure of a fully connected neural network and uses chaotic systems and random matrices to update the weight of the network. This algorithm can change the value of image pixels while scrambling the 8-bit binary number of image pixels. Since FCLNN is a reversible network, it can be used in symmetric encryption algorithms. Simulation results show that FCLNN is very suitable for image encryption.
After the above discussion, combined with the good security and reasonable computing cost of chaotic systems, this paper proposes a secure image encryption scheme based on FCLNN and edge pixel reset. Our algorithm consists of four parts. First, the edge pixel reset algorithm is used to generate the key. Second, the row and column cyclic shift transform is used to scramble the image. Then, the bit-level diffusion of the image is performed by using the FCLNN. Finally, the bidirectional diffusion of the image is performed. The cipher image is obtained by encrypting the image for more than n rounds. The main contributions of this study are as follows: (1) A novel bit-level image diffusion method based on FCLNN is designed, the weights of the network are generated by a random matrix and chaotic sequences, and the improved S-box is used as the activation function. (2) A method of generating plaintext-related keys based on the image edge pixel reset algorithm is proposed. Even if the same image is encrypted twice with the same user key, the encryption keys used in the encryption process are completely different, and the cipher images obtained are also completely different. (3) A new image encryption algorithm based on CST scrambling, FCLNN bit-level diffusion and bidirectional diffusion is given. The algorithm has good encryption performance and can effectively resist various attacks.
The rest of this paper is arranged as follows. Section 2 introduces FCLNN. Section 3 describes the proposed image encryption algorithm in detail. In section 4, a lot of simulation experiments are carried out. Finally, the whole paper is summarized in section 5.

FCLNN
Neural network is a mathematical model or computational model that imitates the structure and function of biological neural network [28]. Fig. 1 shows a threelayer fully connected neural network with three inputs and one output, x 1 , x 2 , x 3 are the inputs of the fully connected neural network, y is the output of the fully connected neural network,w 32 are the weights of the first layer, w 12 are the weights of the second layer, k 1 and k 2 are the thresholds of the first layer and the second layer respectively, and f (·) is the activation function. According to Fig.1 the output y is [29] (1) In this paper, according to the structure of the full connection neural network model, by adjusting the twolayer full connection neural network with eight inputs and eight outputs, the FCLNN as shown in Fig. 2 is designed. Compared with the fully connected neural network, the FCLNN has the following adjustments.
(1) The inputs p i1 , p i2 , ..., p i8 of the input layer are the pixel value of the element of the image, and the pixel values of each input image are recorded as p i , the input elements of the input layer can be expressed as: where i = 1, 2, 3, ..., M ×N 8 . In Eq. 2, M and N are the number of rows and columns of the image respectively. (2) The weights from input layer to output layer w 11 , w 12 , w 13 , ..., w 84 , which is updated by a matrix with the size of 8 × 8 and each row is randomly arranged from 0 to 7 and the pseudo-random sequence generated by the chaotic systems. (3) The activation function in neurons (yellow ball in Fig. 2 is replaced by a novel S-box proposed by Lu Qing et al. [30]. The S-box has very small linear probability and differential probability values, and has a good nonlinear average value. The S-box is suitable for cryptographic system. Table.1 shows the new S-box. (4) The output layer has eight outputs, and the outputs of the output layer are the element value processed by weights and activation function. The output elements of the output layer can be expressed as: where i = 1, 2, 3, ..., M ×N 8 . This structure, in Fig.2, is applied to image encryption as a part of the algorithm proposed in this paper. The new network inputs eight pixels of gray image each time and outputs eight pixels processed by the network.

The proposed scheme
This paper proposes an image encryption algorithm based on FCLNN and edge pixel reset. The structure of the algorithm is shown in Fig. 3. The encryption algorithm is divided into four parts: the image edge pixel reset, CST, FCLNN and bidirectional diffusion. The above encryption part will be described in detail in the following section. In order to enhance the encryption effect of the algorithm, the last three parts of the algorithm are used to perform n rounds of image processing. On the basis of ensuring security and efficiency, we set n to 2 in this paper. If you want a higher level of security, you can set n to a larger integer.

Image edge pixel reset
In this paper, we use two chaotic systems: logistic [31] and Fractional-order discrete Hopfield neural network (FODHNN) [13]. The definitions of logistic and FODHNN Chaotic systems are: and In grayscale image, the image information contained in the lowest bit-plane is very small [32]. Table. 2 shows the percentage of image information contained in different bit-planes. In order to enhance the ability of the proposed algorithm to resist various types of attacks, we design a plaintext-related key generation method by the image edge pixel reset algorithm. Different from some previous algorithms that directly use the hash code of ordinary image as the key, we use random noise to reset the least-significant bit of the edge pixels of the image. Although this operation changes the information of the original image, the information content of the lowest bit of the image is very small, and we only reset least-significant bits of the edge pixels, so the image after reseting is visually consistent with the original image. is the "Boat" after reseting leastsignificant bits of the edge pixels. The detailed steps of this part can be described as follows: Step1: Input the plain gray image P with the size of M × N , divide the gray image into eight bit-planes, use random noise to reset the least-significant bits of the edge pixels of the image, and then recombine the eight bit-planes into ordinary gray image P .
Step2: Calculate a 0 from image P , use a 0 as the initial value of logistic system (4).
where P (i, j) represents the pixel value at position (i, j) of the image. The parameter µ is set to 3.99, and the logistic system is iterated for M ×N times to obtain the chaotic sequence A.
Step3: The image P is convolved with chaotic sequence A, and a plaintext-related matrix KM with size of 8 × 8 is obtained. where * denotes convolution operation.
Step4: This algorithm uses different keys each round. Six rows are randomly selected from the KM matrix to generate the keys, shown as in Eq. 8. This will introduce more randomness and expand the key space. Here we randomly choose six lines, and the keys generation formula is defined as: where mod(·) represents the modular operation, sum(·) is the sum of all the elements. l 1 , l 2 , l 3 , l 4 , l 5 , l 6 are randomly selected row numbers.
Step5: The initial values of the FODHNN system (5) are obtained by the generated keys, the initial values are given by: where k 1 , k 2 , k 3 are the given values, and then iterate FODHNN system (5) M × N + 1000 times, and discard the first 1000 values to minimize the impact of the transient, and finally the chaotic sequences X, Y, Z are obtained.
We use edge pixel reset algorithm to reset the leastsignificant bits of the edge pixels of the image and compare the a 0 value of the image without noise. The two a 0 values change in the sixth place after the decimal point. Although the change is very small, because of the sensitivity of the chaotic systems to the initial value, the generated chaotic sequence is completely different. To a certain extent, it can resist the attacker to analyze the keys through the image information. Fig.5 shows the result of reseting the least-significant bits of the edge pixels of the image in the encryption process. Since the noise is random, the images after reseting the edge pixels are different. So each encryption will generate a unique cipher image. When two users encrypt the same image, they cannot decrypt each other. This operation enhances the ability to resist various attacks.

Cyclic shift transformation (CST)
In this section, a method of CST is proposed to scramble the pixel position of the image, so as to reduce the correlation between pixels. Some existing algorithms only exchange the position of rows or columns to achieve the purpose of pixel position scrambling, which may lead to the decrease of encryption performance and efficiency. In order to overcome these shortcomings, this paper uses the row and column cyclic shift method based on chaotic sequence. The index sequence of chaotic sequence is used to transform rows and columns. The step size of the shift is the value of the corresponding index sequence. If the corresponding value is even, the row and column are shifted to the right and down, respectively. Similarly, if the corresponding value is odd, the rows and columns are shifted to the left and up, respectively. The detailed steps of this part can be described as follows: Step1: The sequences M 1 and N 1 of length M and N are intercepted from chaotic sequence X respectively, and t 1 and t 2 are the starting points of intercepting. Here, we set the values of t 1 and t 2 to 2000 and 3000 respectively.
Step2: Sort M 1 and N 1 from small to large, and get two index sequences M M and N N .
Step3: According to the sequence M M , the row of the image P is circularly shifted, and the shift step is the value of the corresponding element of the sequence M M . If the ith value of the sequence M M is even p, then the ith row of the image P circularly shifts to the right by p cells; if the ith value of the sequence M M is odd p, then the ith row of the image P circularly shifts to the left by p cells. After the cyclic shift of the row, to obtain the result as Q.
Step4: Similarly, the columns of the image Q are circularly shifted according to the sequence N N . If the jth value of sequence N N is an even number q, then the jth column of image Q circularly shifts to the down by q cells; if the jth value of sequence N N is an odd number q, then the jth column of image Q circularly shifts to the up by q cells. After the cyclic shift of the column, to obtain the result as P .
The process of Step 3 and Step 4 is described in Algorithm 1.
For simplicity, we provide a numerical example to explain its detailed operation on a 4 × 4 image. Fig. 6 shows the process of CST.

Bit-level image diffusion based on FCLNN
In this section, a method of FCLNN is proposed for bit-level image diffusion. Different from the previous algorithm, the proposed image encryption system uses FCLNN to realize the bit-level diffusion of image information. The elements of the image matrix are input into the network, and the weights of the network are generated by a random matrix and chaotic sequence. Then the improved S-box is used as the activation function, and the diffused image matrix is output. The detailed steps of this part can be described as follows: Step2: The chaotic sequence X is converted to integer number between 0 and 7, and then convert to 8 rows and M × N/8 columns matrix XR.
where Floor(·) represents the maximum integer not greater than the given value. Step3: Generate a matrix W whose size is 8 × 8 and each row is randomly arranged from 1 to 8. Algorithm 2 shows the pseudo code generated by matrix W . Step4: Input the image matrix P into Each row of matrix W is circularly shifted to the left by using the corresponding row of chaotic sequence XR, and the shift step is the value of sequence XR. The shifted matrix W is used as the weights. The number of the corresponding position of the image P is selected to the output element by the value of the weight. Convert the output elements to decimal representation, and then use the activation function S-box to process to get the diffused elements. From the first row to the last row of the image matrix P , we process FCLNN on each row, and finally get the diffused image matrix T . Algorithm 3 shows the pseudo code of FCLNN bit-level diffusion process. For simplicity, we provide an example to illustrate its detailed operation on the first two lines of a 4 × 4 image. Fig. 7 shows the FCLNN bit-level diffusion process, here we only describe the diffusion process of the first two rows elements, and use the first two rows of elements W (1, :) and W (2, :) of matrix W .

Bidirectional diffusion
Encryption algorithm must have diffusion property. Some algorithms use chaotic sequences to XOR with image pixels directly to achieve diffusion, which may provide useful information to attackers for cryptanalysis. We designed a bidirectional diffusion method for image, namely forward diffusion and reverse diffusion.
Step2: Starting from the upper left corner of the image, from left to right, top to bottom. Diffusion the image T to obtain the middle image D.
Step3: Start at the bottom right corner of the image, right to left, bottom to top. The image D is diffused to obtain the encrypted image C.

Decryption process
The image encryption algorithm proposed in this paper is symmetric encryption algorithm, so decryption is the reverse process of encryption. Firstly, the cipher image is input into the "Inverse of Bidirectional diffusion" module, and then the obtained sequence is input into the "Inverse of FCLNN" module. After that, the output of the previous step goes through the "Inverse of CST " module. After n rounds of decryption process, finally, the obtained sequence is reshaped into a matrix of size M ×N , that is, the decrypted image. Fig. 9 shows the decryption process

Experiment and analysis of encryption scheme
In this section, we use MATLAB R2015b platform to test the performance of our proposed encryption method. The computer hardware parameters used are Microsoft Windows 10 home (64 bit), Intel Core i5-9300H@2.40 GHz and 8GB DDR4@2666 MHz memory. The proposed algorithm can encrypt different types of images, so we choose "Baboon", "Peppers", all black, and all white images as our test images. For easy comparison, all the test images are 8-bit gray images, the size are 256 × 256, and the encryption rounds are n = 2. User provided values of k 1 ,k 2 ,k 3 ,h and v are (0.07, 0.8, -6.2, 0.05, 0.6). The performance of the proposed image encryption algorithm is evaluated from different aspects, and the results are compared with the existing methods to prove the effectiveness and security of our image encryption scheme. Fig. 10 shows the results of encryption and decryption using this algorithm, which illustrates that it can effectively eliminate the intuitive visual information about the original image and can completely reconstruct this information. 2 256 Ref. [34] 2 446 Ref. [35] 2 185 Ref. [36] 2 283

Key space
The key space is the range of the key size of the encryption algorithm. The encryption algorithm should have enough key space to resist violent attacks. Generally, the key space is designed to be greater than 2 100 [5]. In this algorithm, the key is composed of a five-parameter vector provided by the user and a 512-bit matrix W . The precision of user's input data is 10 15 , and the fractional order and discrete step are also 10 15 . In addition, the key space caused by matrix W is 2 512 . Therefore, our key space is about 10 75 × 2 512 ≈ 2 749 . The results are shown in Table 3. From the table, we can see that the key space is larger than the minimum of 2 100 , which shows that this algorithm has the ability to resist violent attacks. At the same time, it has a larger key space than the previous algorithms.

Key sensitivity analysis
Encryption algorithm must be very sensitive to key. Key sensitivity means that if the key changes slightly during encryption and decryption, it will produce completely different encryption and decryption results [3].
Here, we tested the sensitivity of the encryption key and decryption key to verify the key sensitivity of the proposed algorithm. For the sake of brevity of the article, only the experimental results of changing the values of k 1 ,k 2 , and k 3 input by the user are described. The keys used in the experiment are as follows:  Fig. 11 shows the key sensitivity analysis results of the proposed algorithm in the "Baboon" encryption process. In Fig.11, b-e are the encryption results using K 1 ,K 2 ,K 3 and K 4 respectively, and f-h are the differences between the encryption results using K 1 and those using K 2 ,K 3 and K 4 respectively. It can be observed that the keys are only slightly changed, but the results of encryption are completely different. Fig. 12 shows the experimental results of the key sensitivity

Histogram analysis
The histogram of a digital image can count the number of pixels with the same pixel value and can directly reflect the distribution of all pixel values in the image. Usually, the pixel value distribution of a meaningful image is uneven, so its histogram is fluctuating. In contrast, the pixel value distribution of the encrypted image is uniform, and its histogram is relatively flat [37]. Fig. 13 shows the histograms of plain images "Baboon", "Peppers ", all black and all white images (Fig. 10 a-d), and Fig. 14 shows the histograms of their corresponding cipher image (Fig. 10 e-h). It can be seen that the histograms of the cipher images are quite flat.
The sample standard deviation is used to quantitatively analyze the difference between the histograms of the plain image and the cipher image. For the sample space X i , i=0,1,. . . ,255, the formula for calculating the sample standard deviation is [38]: where for images of size 256×256, the E(X)=256, X i is the number of times a pixel with a value of i appears in the image, and s represents the sample standard deviation of the histogram. Table 4 lists the sample standard deviations of the histograms of the plain image and the cipher image in Fig. 13 and Fig. 14. It can be seen from the table that the sample standard deviation of the cipher image histogram is about 16, which is far less than that of the plain image histogram. Therefore, the histogram of the cipher image generated by our algorithm is very flat compared with that of the corresponding plain image. As can be seen from both the histogram and the sample standard deviation, our encryption algorithm can hide the distribution information of image pixel value well and can effectively resist statistical analysis.

X 2 test
In order to quantitatively verify that the pixel values of the cipher image are evenly distributed, X 2 test is performed on the cipher image. Assuming that the distribution of 8-bit gray image with size of M × N is uniform, the statistical formula is [39]: where i is the pixel value of the image, f i represents the number of times the pixel with the value of i appears in the image, and f g =(M × N )/256 represents the average number of occurrences of all pixel values. Table  5 lists the X 2 values of plain image and cipher image. From the table, we can see that the X 2 value of the cipher image is less than 293.2478. In other words, all the cipher images have passed the X 2 test, so it can be proved that the distribution of the pixel values of the cipher image generated by our proposed encryption algorithm is uniform.

Correlation analysis
Meaningful images have a lot of redundant information, and there is a strong correlation between their adjacent pixels. On the contrary, cipher images have no redundant information, and their adjacent pixels have no correlation. In order to prevent attackers from finding a way to crack the encryption algorithm by analyzing the correlation between adjacent pixels, image encryption algorithm should break this high correlation.
To test the image correlation, we randomly select 5000 pairs of adjacent pixels from the horizontal, vertical and diagonal directions of "Baboon" in Fig. 9 and its cipher image, respectively. Fig. 14 shows the correlation of adjacent pixels of the two images in three directions. We can see that the pixels in the three directions of the plain image are distributed near y = x, while the pixels in the three directions of the cipher image are evenly distributed. The results represent that  Fig. 10 (a)-(d), respectively our algorithm breaks the high correlation between the adjacent pixels of the image. At the same time, quantitative methods can also be used to analyze the correlation of images. The following formulas are used to calculate the correlation coefficients of adjacent pixels where x and y are two adjacent sequences of pixels, cov(x, y) is the covariance of x and y, and r xy is the correlation coefficient. r xy is used to measure the correlation of adjacent pixels. If r xy is close to 1, the correlation between adjacent pixels is very high. On the contrary, if r xy is close to 0, the correlation between adjacent pixels is very small. Table 6 lists the correlation coefficients of adjacent pixels selected from the plain image (Fig. 10a-d) and cipher image (Fig. 10e-h) in the horizontal, vertical and diagonal directions. The correlation coefficient of the plain image in each direction is close to 1, which indicates that the adjacent pixels in the plain image have a strong correlation. However, the correlation coefficient of the cipher image in each direction is very close to 0, that is, the correlation between adjacent pixels in the cipher image is very low. Table 7 compares the correlation coefficient calculation results of "Baboon" with other algorithms. The proposed encryption algorithm successfully destroys the correlation of adjacent pixels, and the algorithm has better resistance to statistical attacks.

Information entropy analysis
Information entropy reflects the uncertainty of image information, which can be used as an important feature to detect the randomness of image pixel value distribution. The calculation formula of image information entropy is [43] where P i is the frequency of occurrence of the pixel with the value i. When the frequency of each pixel is equal, we can calculate the highest value of information entropy theoretically. H = −log 2 (1/256) = 8. The calculation results of information entropy of cipher image (Fig. 10e-h) are shown in Table 8. The results illustrate that the information entropy of the cipher image generated by our algorithm is close to 8, which means that that the pixel values of the cipher image are evenly distributed, and proves that our algorithm has the ability to resist statistical attacks. We compare the results of "Baboon" with other algorithms, and the results are listed in Table 9. The table shows that our algorithm has higher information entropy than other algorithms, which shows that our algorithm has higher security.

Peak signal to noise ratio (PSNR)
PSNR is a measure of image quality. Here, we first use PSNR to analyze the difference between the plain image and the cipher image. Second, in order to verify that 7.9971 Ref. [23] 7.9976 Ref. [38] 7.9973 Ref. [6] 7.9970 our algorithm can generate completely different cipher images when encrypting the same image multiple times, we use PSNR to analyze multiple cipher images of the same image. Finally, due to the use of random noise in the encryption process to reset least-significant bits of the edge pixels, so our algorithm has a loss. In order to measure the decryption result of the algorithm, we use PSNR to analyze the difference between the original image and the decrypted image. The formula is as follows [21]: where M ×N is the size of the image, P (i, j) and C(i, j) are the pixel value of the image, M SE is the mean square error of image P and C, and max is the maximum pixel value of plain image. The smaller the PSNR value, the greater the difference between images, indicating the better encryption effect of the algorithm. The larger the PSNR value, the better the quality of the reconstructed image. Table 10 lists the PSNR of the plain image and the cipher image in Fig. 10a-d. From the table, as we can see that the PSNR is less than 8. The test results show that our algorithm has good encryption performance. Table 11 lists the PSNR between the cipher images generated by encrypting the plain images in Fig.10a-d three times. It can be seen from the table that the PSNR between cipher images is less than 8. This means that the same image encryption, each time will generate a completely different cipher image. That is, when different users encrypt the same image, even using the same key, they cannot decrypt each other. To ensure that our algorithm can resist all kinds of attacks. Table 12 lists the PSNR values between the original image and the decrypted image in Fig.10. We can see that the PSNR values are all greater than 50, indicating that the loss caused by the algorithm is negligible.

Chosen-plaintext attacks
Chosen-plaintext attack is a common cryptanalysis technique. By chosen-plaintext attack, the attacker can determine the relationship between plaintext and ciphertext, and then crack the key stream of other images. The proposed algorithm obtains partial keys by convoluting plaintext images and chaotic sequences. This means that when the image information changes, a completely different key will be obtained. Moreover, we insert random noise into the lowest bit of the outermost image. The noise is different each time, so the generated keys are also different. Even for the same image, the keys generated each time are different. These will The first, second and third are the first, second and third encrypted cipher images respectively directly affect the generated chaotic sequence, and then affect all the pixels of the cipher image. At the same time, in the diffusion process, the proposed algorithm will spread any small changes of the pure image to all the pixels of the cipher image. Therefore, the algorithm can resist the chosen-plaintext attack, and the attacker cannot obtain the key of other images from the plaintext attack. If an algorithm can resist chosen-plaintext attack, it can also resist ciphertext-only attacks, knownplaintext attacks and chosen-ciphertext attacks [44].

Differential attack
Differential attack is often used for cryptanalysis. The attacker changes the value of one or more pixels of the plain image, and finds a way to crack the algorithm by comparing the difference between the new cipher image and the original cipher image.
In order to prove the ability of the proposed algorithm to resist differential attacks, change the pixel value of "Baboon" at any random position (the pixel coordinates in this experiment are (100, 100)) to generate a new "Baboon" image, and then use the same key to encrypt the two images and calculate the difference between the two encryption results. As can be seen from Fig. 16, the two encryption results are different. In order to quantitatively test the ability of the proposed algorithm to resist differential attacks. Use the number of pixel change rate (NPCR) and the unified average changing intensity (UACI) to measure the difference between two images, denoted as [45]: where M × N represents the size of the image, C 1 and C 2 are two cipher images with only one different pixel.
The theoretical values of NPCR and UACI are 99.6094% and 33.4635%, respectively. In the experiment, four images ( Fig. 10a-d) are selected as test images, and each image is tested multiple times, and the average value is calculated. The test results are shown in Table 13. It can be seen that NPCR and UACI are very close to their theoretical values, indicating that it is difficult for attackers to conduct cryptanalysis through differential attacks. In addition, we compare the experimental results of "Baboon" with other existing algorithms. As shown by the data in Table 14, our results are closer to the theoretical values of NPCR and UACI. Therefore, this algorithm has a good ability to resist differential attack.

Robustness to data loss and noise
When the cipher image is transmitted in the communication system, the data may be lost or affected by noise due to various reasons. A good encryption algorithm can recover the original image as much as possible from the lost data or the cipher image affected by noise.
In this section, we test the ability of the proposed algorithm to resist data loss and noise. The encrypted "Baboon" image data is cut by 25% and 50%, and then the correct key is used to decrypt these processed cipher images. The decrypted image as shown in Fig. 17 restores most information of the original image data.
Salt & Pepper Noise (SPN) and Gaussian Noise (GN) are common noises. Add SPN and GN of different strengths to the "Baboon" cipher image, and then decrypt them with the correct key. From Fig.18, the decrypted images successfully display the information of the original image. This experiment proves that the proposed algorithm has good resistance to data loss and noise.

Conclusion
This paper proposes an image encryption algorithm based on FCLNN and edge pixel reset. The algorithm consists of four steps: image edge pixel reset, CST, FCLNN and bidirectional diffusion. In the image edge pixel reset part, using random noise to reset the leastsignificant bits of the edge pixels of the image, then the key is set by the convolution result of image and chaotic sequence. Each encryption can generate a completely different key, it can enhance the ability of the algorithm to resist various attacks. CST is a cyclic shift of rows and columns on the image, and determine the number of moving steps by chaotic sequence, this step allows the image to be completely scrambled. The FCLNN imitates the structure of fully connected neural network to conduct bit-level diffusion of images. Bidirectional diffusion is the forward and backward diffusion of image. These two parts can spread the tiny change of image pixel value to the whole cipher image, so as to significantly improve the security level of encryption. Simulation results show that the algorithm has negligible loss and large key space, can withstand common attacks such as statistical attack, differential attack, noise attack and data loss attack, and is superior to other algorithms in some aspects. In this paper, we did not test the color image, but the proposed encryption algorithm can encrypt the color image. In the future work, We plan to propose a more complex key generation method, and design an image encryption algorithm based on multi-layer neural network with higher security and efficiency.

Compliance with ethical standards
Conflict of interest The authors declare that they have no conflict of interest. (e) decrypted Baboon of (a); (f) decrypted Baboon of (b); (g) decrypted Baboon of(c); (h) decrypted Baboon of (d) Fig. 18 Noise analysis: (a) corrupted image with SPN with density 0.05; (b) corrupted image with SPN with density 0.1; (c) corrupted image with GN with density 10 −6 ; (d) corrupted image with GN with density 3 × 10 −6 (e) decrypted Baboon of (a); (f) decrypted Baboon of (b); (g) decrypted Baboon of(c); (h) decrypted Baboon of (d)