A5056827411- Network Security and Intrusion Detection
- Advanced Malware Detection Techniques
- Security in Wireless Sensor Networks
- Human Mobility and Location-Based Analysis
- Information and Cyber Security
- Internet Traffic Analysis and Secure E-voting
- Software System Performance and Reliability
- Anomaly Detection Techniques and Applications
- Spam and Phishing Detection
- Scientific Computing and Data Management
- Cryptography and Data Security
- Video Surveillance and Tracking Methods
- Traffic Prediction and Management Techniques
- Digital and Cyber Forensics
- Security and Verification in Computing
- Vehicular Ad Hoc Networks (VANETs)
- Software Testing and Debugging Techniques
- User Authentication and Security Systems
- Biometric Identification and Security
- Data Management and Algorithms
- Formal Methods in Verification
- Energy Efficient Wireless Sensor Networks
- Software Reliability and Analysis Research
- Advanced Authentication Protocols Security
- Smart Parking Systems Research
Zhejiang University of Technology
2016-2025
Xi'an High Tech University
2018-2019
Beihang University
2007-2010
Traffic flow prediction plays an important role in ITS (Intelligent Transportation System). This task is challenging due to the complex spatial and temporal correlations (e.g., constraints of road network law dynamic change with time). Existing work tried solve this problem by exploiting a variety spatiotemporal models. However, we observe that more semantic pair-wise among possibly distant roads are also critical for traffic prediction. To jointly model spatial, temporal, various global...
To defend against Advanced Persistent Threats on the endpoint, threat hunting employs security knowledge such as cyber intelligence to continuously analyze system audit logs through retrospective scanning, querying, or pattern matching, aiming uncover attack patterns/graphs that traditional detection methods (e.g., recognition for Point of Interest) fail capture. However, existing systems based provenance graphs face challenges high false negatives, positives, and low efficiency when...
With the popularity of Android applications, malware has an exponential growth trend. In order to detect effectively, this paper proposes a novel lightweight static detection model, TinyDroid , using instruction simplification and machine learning technique. First, symbol-based method is proposed abstract opcode sequence decompiled from Dalvik Executable files. Then, N-gram employed extract features simplified sequence, classifier trained for classification tasks. To improve efficiency...
Advanced Persistent Threat (APT) attacks have caused massive financial loss worldwide. Researchers thereby proposed a series of solutions to detect APT attacks, such as dynamic/static code analysis, traffic detection, sandbox technology, endpoint detection and response (EDR), etc. However, existing defenses are failed accurately effectively defend against the current that exhibit strong persistent, stealthy, diverse dynamic characteristics due weak data source integrity, large processing...
In the arms race of attackers and defenders, defense is usually more challenging than attack due to unpredicted vulnerabilities newly emerging attacks every day. Currently, most existing malware detection solutions are individually proposed address certain types or evasion techniques. Thus, it desired conduct a systematic investigation evaluation anti-malware tools based on different this paper, we first propose meta model for Android capture common features in malware. Based model, develop...
Semantic human activity (SHA) refers to users' activities performed in their daily lives (e.g., having dinner, shopping, etc.). SHA recognition is a promising issue wearable and mobile computing. Most existing methods represent based on single view, e.g., representing as combination of body actions, distribution latent semantics. Since SHAs are complicated nature, views lack the ability comprehensively profiling SHAs. In this paper, we propose bi-view semi-supervised learning method for...
Gait authentication, especially sensor-based patterns, has been studied by researchers for decades. Nowadays, gait authentication become an important facet of biometric systems due to the so-called unique characteristics each user. With development various technologies (i.e., hardware, data processing, features extraction, and learning algorithms), performance methods is gradually improving. But we have found that vulnerability most existing can be compromised easily. In this paper, propose...
APTs (Advanced Persistent Threats) have caused serious security threats worldwide. Most existing APT detection systems are implemented based on sophisticated forensic analysis rules. However, the design of these rules requires in-depth domain knowledge and lack generalization ability. On other hand, deep learning technique could automatically create model from training samples with little knowledge. due to persistence, stealth, diversity attacks, suffers a series problems including...
The damage caused by Advanced Persistent Threat (APT) attacks to governments and large enterprises is gradually escalating. Once an attack event detected, forensic analysis will use the dependencies between system audit logs rapidly locate intrusion points determine impact of attacks. Due high persistence APT attacks, huge amounts data be stored meet needs analysis, which not only brings great storage overhead, but also sharply increases computing costs. To compact without affecting several...
Subspace clustering has attracted much attention because of its ability to group unlabeled high-dimensional data into multiple subspaces. Existing graph-based subspace methods focus on either the sparsity affinity or low rank affinity. Thus, quality plays an essential role in performance clustering. However, real-world are generally high-dimensional, complex, and heterogeneous multi-source data, so that learned by these cannot be completely dependent. Moreover, since approaches always ignore...
This paper presents a robust and efficient method to discover knowledge for classification problems through data summarization. It discretizes continuous features then summarizes the using contingency table. Inconsistency rate different subsets of can be easily calculated from Sequential search is used find best feature subset. After number reduced certain extent, easy-to-understand intuitively derived summary. Another desirable proposed its capability learn incrementally; namely, updated...
With the proliferation of Android malicious applications, malware becomes more capable hiding or confusing its intent through use code obfuscation, which has significantly weaken effectiveness conventional defense mechanisms.Therefore, in order to effectively detect unknown applications on platform, we propose DroidVecDeep, an detection method using deep learning technique.First, extract various features and rank them Mean Decrease Impurity.Second, transform into compact vectors based...
Malicious HTTP traffic detection plays an important role in web application security. Most existing work applies machine learning and deep techniques to build the malicious model. However, they still suffer from problems of huge training data collection cost low cross-dataset generalization ability. Aiming at these problems, this paper proposes DeepPTSD, a method for payload based detection. First, it treats as text classification problem trains initial model using TextCNN on public dataset,...