A5071738824- Advanced Malware Detection Techniques
- Spam and Phishing Detection
- Security and Verification in Computing
- Internet Traffic Analysis and Secure E-voting
- Extracellular vesicles in disease
- Blockchain Technology Applications and Security
- Metal-Organic Frameworks: Synthesis and Applications
- User Authentication and Security Systems
- Microwave Engineering and Waveguides
- Adversarial Robustness in Machine Learning
- Advanced Nanomaterials in Catalysis
- Cancer Immunotherapy and Biomarkers
- Privacy, Security, and Data Protection
- Cryptographic Implementations and Security
- Network Security and Intrusion Detection
- Antenna Design and Analysis
- Carbon and Quantum Dots Applications
- Mercury impact and mitigation studies
- Prostate Cancer Treatment and Research
- Analytical chemistry methods development
- Adsorption and biosorption for pollutant removal
- Cloud Data Security Solutions
- RFID technology advancements
- Distributed systems and fault tolerance
- Energy Harvesting in Wireless Networks
Hebei Medical University
2022-2025
Fourth Hospital of Hebei Medical University
2022-2025
George Mason University
2022-2024
Nanjing Tech University
2022-2024
Georgia Institute of Technology
2021-2023
Air Force Engineering University
2017-2023
The Ohio State University
2016-2022
Microsoft (United States)
2020
University of North Carolina at Chapel Hill
2019
Tsinghua University
2018
Intel Software Guard Extension (SGX) protects the confidentiality and integrity of an unprivileged program running inside a secure enclave from privileged attacker who has full control entire operating system (OS). Program execution this is therefore referred to as shielded. Unfortunately, shielded does not protect programs side-channel attacks by attacker. For instance, it been shown that changing page table entries memory pages used execution, malicious OS kernel could observe accesses...
Smart home is an emerging technology for intelligently connecting a large variety of smart sensors and devices to facilitate automation appliances, lighting, heating cooling systems, security safety systems. Our research revolves around Samsung SmartThings, platform with the largest number apps among currently available platforms. The previous has revealed several flaws in design which allow malicious (or SmartApps) possess more privileges than they were designed eavesdrop or spoof events...
Cache side-channel attacks have been extensively studied on x86 architectures, but much less so ARM processors. The technical challenges to conduct ARM, presumably, stem from the poorly documented cache implementations, such as coherence protocols and flush operations, also lack of understanding how different implementations will affect attacks. This paper presents a systematic exploration vectors for flush-reload are among most well-known x86. It has shown in previous work that they capable...
Combining nanomedicine with immunotherapy offers a promising and potent cancer treatment strategy; however, improving the effectiveness of antitumor immune response remains challenging. A "cold" tumor microenvironment (TME) is marked factor affecting efficacy immunotherapy. Herein, intracellular-acidity-activatable dynamic nanoparticles (NPs) were designed for precision photodynamic ferroptosis in cancer. M1 macrophage-derived exosomes (Mex) constructed to coassemble photosensitizer SR780,...
Machine learning empowers traffic-analysis attacks that breach users' privacy from their encrypted traffic.Recent advances in deep drastically escalate such threats.One prominent example demonstrated recently is a attack against video streaming by using convolutional neural networks.In this paper, we explore the adaption of techniques previously used domains adversarial machine and differential to mitigate machine-learning-powered analysis traffic.Our findings are twofold.First, constructing...
Today, there is an increasing number of smartphones supporting wireless charging that leverages electromagnetic induction to transmit power from a charger the smartphone. In this paper, we report new contactless and context-aware wireless-charging side-channel attack, which captures two physical phenomena (i.e., coil whine magnetic field perturbation) generated during process further infers user interactions on We design implement three-stage attack framework, dubbed WISERS, demonstrate...
Recently, power banks for smartphones have begun to support wireless charging. Although these charging appear be immune most reported vulnerabilities in either or charging, we found a new contactless side channel that leaks user privacy from their without compromising victim smartphones. We proposed BankSnoop demonstrate the practicality of newly discovered banks. Specifically, it leverages coil whine and magnetic field disturbance emitted by bank when wirelessly smartphone adopts few-shot...
Recently, in-display fingerprint sensors have been widely adopted in newly-released smartphones. However, we find this new technique can leak information about the user's fingerprints during a screen-unlocking process via electromagnetic (EM) side channel that be exploited for recovery. We propose FPLogger to demonstrate feasibility of novel side-channel attack. Specifically, it leverages emitted EM emanations when user presses sensor extract information, then maps captured signals images...
It has been demonstrated in numerous previous studies that Android and its underlying Linux operating systems do not properly isolate mobile apps to prevent cross-app sidechannel attacks.Cross-app information leakage enables malicious infer sensitive user data (e.g., passwords), or private identity location) without requiring specific permissions.Nevertheless, no prior work ever studied these side-channel attacks on iOS-based devices.One reason is iOS does implement procfsthe most popular...
Recently, clipboard usage has become prevalent in mobile apps allowing users to copy and paste text within the same app or across different apps. However, insufficient access control on operating systems exposes its contained data high risks where one can read copied other store it locally even send remote servers. Unfortunately, literature only ad-hoc studies this respect lacks a comprehensive systematic study of entire ecosystem. To establish missing links, paper proposes an automated...
Public cloud platforms have employed Trusted Execution Environment (TEE) technology to provide confidential computing services. However, applications running on TEEs are susceptible rollback or forking attacks. Their states can be rolled back an outdated version split into multiple conflicting versions, violating state continuity. Existing solutions against these attacks either rely centralized trust assumption ( <italic xmlns:mml="http://www.w3.org/1998/Math/MathML"...
Online Social Networks (OSNs) are facing an increasing threat of sybil attacks. Sybil detection is regarded as one major challenges for OSN security. The existing proposals that leverage graph theory or exploit the unique clickstream patterns either based on unrealistic assumptions limited to service providers. In this study, we introduce a novel approach by exploiting fundamental mobility separate real users from ones. proposed motivated follows. On hand, OSNs including Yelp and Dianping...
Public cloud platforms have leveraged Trusted Execution Environment (TEE) technology to provide confidential computing services. However, TEE-protected applications still suffer from rollback or forking attacks, in which their states could be rolled back a stale version forked into multiple versions, resulting state continuity violations. Existing solutions against these attacks either rely on weak threat models based centralized trust (e.g., trusted server) large performance overheads tens...
Knowledge work increasingly spans multiple computing surfaces. Yet in status quo user experiences, content as well tools, behaviors, and workflows are largely bound to the current device-running application, for user, at moment time. SurfaceFleet is a system toolkit that uses resilient distributed programming techniques explore cross-device interactions unbounded these four dimensions of device, As reference implementation, we describe an interface built using employs lightweight,...
Along with gaining popularity of Real-Time Bidding (RTB) based programmatic advertising, the click farm invalid traffic, which leverages massive real smartphones to carry out large-scale ad fraud campaigns, is becoming one major threats against online advertisement. In this study, we take an initial step towards detection and measurement traffic. Our study begins a on device's features using real-world labeled dataset, reveals series distinguishing fraudulent devices from benign ones. Based...
Text passwords remain a primary means for user authentication on modern computer systems. However, recent studies have shown the promises of guessing efficiently with auxiliary information targeted accounts, such as users' personal information, previously used passwords, or those in other Authentication rate-limiting mechanisms, account lockout and login throttling, are common methods to defeat online password cracking attacks. But date, no published investigated how is implemented by...