A5100668780- Security and Verification in Computing
- Advanced Malware Detection Techniques
- Mobile Ad Hoc Networks
- Network Security and Intrusion Detection
- Cloud Data Security Solutions
- Security in Wireless Sensor Networks
- Wireless Networks and Protocols
- Software System Performance and Reliability
- Radiation Effects in Electronics
- Internet Traffic Analysis and Secure E-voting
- Distributed systems and fault tolerance
- Diamond and Carbon-based Materials Research
- Information and Cyber Security
- Antenna Design and Analysis
- Advanced Data Storage Technologies
- Innovative Microfluidic and Catalytic Techniques Innovation
- Digital and Cyber Forensics
- Blockchain Technology Applications and Security
- Cryptography and Data Security
- Cancer Genomics and Diagnostics
- Smart Grid Security and Resilience
- Parallel Computing and Optimization Techniques
- Text Readability and Simplification
- Advanced Authentication Protocols Security
- Software Testing and Debugging Techniques
Indiana University Bloomington
2020-2022
Zhejiang Provincial Institute of Communications Planning,Design & Research
2022
Indiana University
2021
Wuhan University
2016-2019
Yonsei University
2011-2017
Singapore Management University
2016
University of Illinois Urbana-Champaign
2015
Nankai University
2015
Weifang University
2011
Northeast Institute of Geography and Agroecology
2010
Abstract Concerns regarding inappropriate leakage of sensitive personal information as well unauthorized data use are increasing with the growth genomic repositories. Therefore, privacy and security have become increasingly important need to be studied. With many proposed protection techniques, their applicability in support biomedical research should understood. For this purpose, we organized a community effort past 8 years through integrating for analysis, anonymization sharing consortium...
The recent wave of in-browser cryptojacking has ebbed away, due to the new updates mainstream cryptocurrrencies, which demand level mining resources browsers cannot afford. As replacements, resource-rich, loosely protected free Internet services, such as Continuous Integration (CI) platforms, have become attractive targets. In this paper, we report a systematic study on real-world illicit cryptomining public CI platforms (called Cijacking). Unlike cryptojacking, Cijacks masquerade jobs and...
Software Defined Networks (SDNs) have opened up a new era for networking by decoupling the control and data planes. With centralized controller, process of updating networks becomes much more convenient when compared to traditional networks. However, even with SDNs, transitional network states during updates may still cause problems. Such result in breakdown isolation guarantees or other critical constraints this could lead incorrect behavior security vulnerabilities. In paper, we propose...
Nowadays, wireless ad hoc networks become more and popular significant in many fields. However, the important applications of make them very attractive to attackers. Moreover, deployment scenarios, functionality requirements limited capabilities these types vulnerable a large group attacks, e.g., wormhole attacks concerned this paper. We propose time-based scheme for purpose preventing networks. The includes two phases which are detection phase location phase. By phase, existence can be...
A trusted execution environment (TEE) such as Intel Software Guard Extension (SGX) runs attestation to prove a data owner the integrity of initial state an enclave, including program operate on her data. For this purpose, data-processing is supposed be open or third party, so its functionality can evaluated before trust being established. In real world, however, increasingly there are application scenarios in which itself needs protected (e.g., proprietary algorithm). So compliance with...
Trusted execution environments (TEE) such as In-tel's Software Guard Extension (SGX) have been widely studied to boost security and privacy protection for the computation of sensitive data human genomics. However, a performance hurdle is often generated by SGX, especially from small enclave memory. In this paper, we propose new Hybrid Secured Flow framework (called "HySec-Flow") large-scale genomic analysis using SGX platforms. Here, data-intensive computing tasks can be partitioned into...
Over the last five decades and more, rapid economic growth in Northeast Asia –China, Japan, Republic of Korea, Democratic Peoples' Mongolia, plus Russian Far East okrug (district) Federation – has rapidly increased needs for services eco-environment natural resources. Though region as a whole possesses resources that could contribute substantially toward its future needs, mass data management analysis is essential. A decision support system been developed Asia. The based on evaluation...
The Rowhammer bug is a novel micro-architectural security threat, enabling powerful privilege-escalation attacks on various mainstream platforms. It works by actively flipping bits in Dynamic Random Access Memory (DRAM) cells with unprivileged instructions. In order to set up against binaries the Linux page cache, Waylaying algorithm has previously been proposed. method stealthily relocates onto exploitable physical addresses without exhausting system memory. However, proof-of-concept can be...
Mobile ad hoc networks are vulnerable to a large group of attacks, e.g., wormhole attacks. In this paper, we propose countermeasure prevent We utilize analytical hierarchy process elect some special nodes, named the local most trustable for source and destination node, respectively. The elected nodes then required implement our proposed scheme cannot only detect but also locate i.e., identify malicious that behave To solve colluding attack, present bi-directional location mechanism.
Cloud attack provenance is a well-established industrial practice for assuring transparency and accountability service provider to tenants. However, the multi-tenancy self-service nature coupled with sheer size of cloud implies many unique challenges forensics. Although Virtual Machine Introspection (VMI) powerful tool due privilege isolation, stealthiness state-of-the-art attacks lack precise information make existing solutions difficult fulfill real-time forensics when tracking enormous...
Binary rewriting has been widely used in software security, correctness assessment, performance analysis, and debugging. One approach for binary lifts the to IR then regenerates a new one, which achieves near-to-zero runtime overhead, but relies on several limiting assumptions binaries achieve complete analysis perform lifting. Another patches individual instructions without utilizing any great reliability as it does not make about binary, incurs prohibitive overhead.
Covert channel is a major threat to the information system security and commonly found in operating systems, especially cloud computing environment. Owing characteristics environment such as resources sharing logic boundaries, covert channels become more varied difficult find. Focusing on those problems, this paper presents universal method for detecting automatically. To achieve global detection, we leveraged virtual machine event record mechanism hypervisor gather necessary metadata....
As an emerging technique for confidential computing, trusted execution environment (TEE) receives a lot of attention. To better develop, deploy, and run secure applications on TEE platform such as Intel's SGX, both academic industrial teams have devoted much effort to developing reliable convenient containers. In this paper, we studied the isolation strategies 15 existing containers protect from potentially malicious operating systems (OS) or untrusted applications, using semi-automatic...
Filesystem isolation enforced by today's container technology has been found to be less effective in the presence of host-container interactions increasingly utilized tools. This weakened led a type path misresolution (Pamir) vulnerabilities, which have considered highly risky and continuously reported over years. In this paper, we present first systematic study on Pamir risk existing fixes related vulnerabilities. Our research reveals that spite significant efforts being made patch...
A trusted execution environment (TEE) such as Intel Software Guard Extension (SGX) runs a remote attestation to prove data owner the integrity of initial state an enclave, including program operate on her data. For this purpose, data-processing is supposed be open owner, so its functionality can evaluated before trust established. However, increasingly there are application scenarios in which itself needs protected. So compliance with privacy policies expected by should verified without...
Due to the absence of in-enclave isolation, today's trusted execution environment (TEE), specifically Intel's Software Guard Extensions (SGX), does not have capability securely run different users' tasks within a single enclave, which is required for supporting real-world services, such as an machine learning model that classifies data from various sources, or microservice (e.g., search) performs very small task (within sub-seconds) user and therefore cannot afford resources delay creating...