Visible to the public Biblio

Filters: Author is Zhang, Y.  [Clear All Filters]
Journal Article
Yang, Z., Sun, Q., Zhang, Y., Zhu, L., Ji, W..  2020.  Inference of Suspicious Co-Visitation and Co-Rating Behaviors and Abnormality Forensics for Recommender Systems. IEEE Transactions on Information Forensics and Security. 15:2766—2781.
The pervasiveness of personalized collaborative recommender systems has shown the powerful capability in a wide range of E-commerce services such as Amazon, TripAdvisor, Yelp, etc. However, fundamental vulnerabilities of collaborative recommender systems leave space for malicious users to affect the recommendation results as the attackers desire. A vast majority of existing detection methods assume certain properties of malicious attacks are given in advance. In reality, improving the detection performance is usually constrained due to the challenging issues: (a) various types of malicious attacks coexist, (b) limited representations of malicious attack behaviors, and (c) practical evidences for exploring and spotting anomalies on real-world data are scarce. In this paper, we investigate a unified detection framework in an eye for an eye manner without being bothered by the details of the attacks. Firstly, co-visitation and co-rating graphs are constructed using association rules. Then, attribute representations of nodes are empirically developed from the perspectives of linkage pattern, structure-based property and inherent association of nodes. Finally, both attribute information and connective coherence of graph are combined in order to infer suspicious nodes. Extensive experiments on both synthetic and real-world data demonstrate the effectiveness of the proposed detection approach compared with competing benchmarks. Additionally, abnormality forensics metrics including distribution of rating intention, time aggregation of suspicious ratings, degree distributions before as well as after removing suspicious nodes and time series analysis of historical ratings, are provided so as to discover interesting findings such as suspicious nodes (items or ratings) on real-world data.
Zhang, Y., Deng, L., Chen, M., Wang, P..  2018.  Joint Bidding and Geographical Load Balancing for Datacenters: Is Uncertainty a Blessing or a Curse? IEEE/ACM Transactions on Networking. 26:1049—1062.

We consider the scenario where a cloud service provider (CSP) operates multiple geo-distributed datacenters to provide Internet-scale service. Our objective is to minimize the total electricity and bandwidth cost by jointly optimizing electricity procurement from wholesale markets and geographical load balancing (GLB), i.e., dynamically routing workloads to locations with cheaper electricity. Under the ideal setting where exact values of market prices and workloads are given, this problem reduces to a simple linear programming and is easy to solve. However, under the realistic setting where only distributions of these variables are available, the problem unfolds into a non-convex infinite-dimensional one and is challenging to solve. One of our main contributions is to develop an algorithm that is proven to solve the challenging problem optimally, by exploring the full design space of strategic bidding. Trace-driven evaluations corroborate our theoretical results, demonstrate fast convergence of our algorithm, and show that it can reduce the cost for the CSP by up to 20% as compared with baseline alternatives. This paper highlights the intriguing role of uncertainty in workloads and market prices, measured by their variances. While uncertainty in workloads deteriorates the cost-saving performance of joint electricity procurement and GLB, counter-intuitively, uncertainty in market prices can be exploited to achieve a cost reduction even larger than the setting without price uncertainty.

Conference Paper
Yang, B., Liu, F., Yuan, L., Zhang, Y..  2020.  6LoWPAN Protocol Based Infrared Sensor Network Human Target Locating System. 2020 15th IEEE Conference on Industrial Electronics and Applications (ICIEA). :1773–1779.
This paper proposes an infrared sensor human target locating system for the Internet of Things. In this design, the wireless sensor network is designed and developed to detect human targets by using 6LoWPAN protocol and pyroelectric infrared (PIR) sensors. Based on the detection data acquired by multiple sensor nodes, K-means++ clustering algorithm combined with cost function is applied to complete human target location in a 10m×10m detection area. The experimental results indicate the human locating system works well and the user can view the location information on the terminal devices.
Dong, C., Liu, Y., Zhang, Y., Shi, P., Shao, X., Ma, C..  2018.  Abnormal Bus Data Detection of Intelligent and Connected Vehicle Based on Neural Network. 2018 IEEE International Conference on Computational Science and Engineering (CSE). :171–176.
In the paper, our research of abnormal bus data analysis of intelligent and connected vehicle aims to detect the abnormal data rapidly and accurately generated by the hackers who send malicious commands to attack vehicles through three patterns, including remote non-contact, short-range non-contact and contact. The research routine is as follows: Take the bus data of 10 different brands of intelligent and connected vehicles through the real vehicle experiments as the research foundation, set up the optimized neural network, collect 1000 sets of the normal bus data of 15 kinds of driving scenarios and the other 300 groups covering the abnormal bus data generated by attacking the three systems which are most common in the intelligent and connected vehicles as the training set. In the end after repeated amendments, with 0.5 seconds per detection, the intrusion detection system has been attained in which for the controlling system the abnormal bus data is detected at the accuracy rate of 96% and the normal data is detected at the accuracy rate of 90%, for the body system the abnormal one is 87% and the normal one is 80%, for the entertainment system the abnormal one is 80% and the normal one is 65%.
Ge, H., Yue, D., p Xie, X., Deng, S., Zhang, Y..  2017.  Analysis of Cyber Physical Systems Security via Networked Attacks. 2017 36th Chinese Control Conference (CCC). :4266–4272.

In this paper, cyber physical system is analyzed from security perspective. A double closed-loop security control structure and algorithm with defense functions is proposed. From this structure, the features of several cyber attacks are considered respectively. By this structure, the models of information disclosure, denial-of-service (DoS) and Man-in-the-Middle Attack (MITM) are proposed. According to each kind attack, different models are obtained and analyzed, then reduce to the unified models. Based on this, system security conditions are obtained, and a defense scenario with detail algorithm is design to illustrate the implementation of this program.

Teoh, T. T., Zhang, Y., Nguwi, Y. Y., Elovici, Y., Ng, W. L..  2017.  Analyst Intuition Inspired High Velocity Big Data Analysis Using PCA Ranked Fuzzy K-Means Clustering with Multi-Layer Perceptron (MLP) to Obviate Cyber Security Risk. 2017 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD). :1790–1793.
The growing prevalence of cyber threats in the world are affecting every network user. Numerous security monitoring systems are being employed to protect computer networks and resources from falling victim to cyber-attacks. There is a pressing need to have an efficient security monitoring system to monitor the large network datasets generated in this process. A large network datasets representing Malware attacks have been used in this work to establish an expert system. The characteristics of attacker's IP addresses can be extracted from our integrated datasets to generate statistical data. The cyber security expert provides to the weight of each attribute and forms a scoring system by annotating the log history. We adopted a special semi supervise method to classify cyber security log into attack, unsure and no attack by first breaking the data into 3 cluster using Fuzzy K mean (FKM), then manually label a small data (Analyst Intuition) and finally train the neural network classifier multilayer perceptron (MLP) base on the manually labelled data. By doing so, our results is very encouraging as compare to finding anomaly in a cyber security log, which generally results in creating huge amount of false detection. The method of including Artificial Intelligence (AI) and Analyst Intuition (AI) is also known as AI2. The classification results are encouraging in segregating the types of attacks.
Zhang, Y., Weng, J., Ling, Z., Pearson, B., Fu, X..  2020.  BLESS: A BLE Application Security Scanning Framework. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :636—645.
Bluetooth Low Energy (BLE) is a widely adopted wireless communication technology in the Internet of Things (IoT). BLE offers secure communication through a set of pairing strategies. However, these pairing strategies are obsolete in the context of IoT. The security of BLE based devices relies on physical security, but a BLE enabled IoT device may be deployed in a public environment without physical security. Attackers who can physically access a BLE-based device will be able to pair with it and may control it thereafter. Therefore, manufacturers may implement extra authentication mechanisms at the application layer to address this issue. In this paper, we design and implement a BLE Security Scan (BLESS) framework to identify those BLE apps that do not implement encryption or authentication at the application layer. Taint analysis is used to track if BLE apps use nonces and cryptographic keys, which are critical to cryptographic protocols. We scan 1073 BLE apps and find that 93% of them are not secure. To mitigate this problem, we propose and implement an application-level defense with a low-cost \$0.55 crypto co-processor using public key cryptography.
Wang, S., Zhu, S., Zhang, Y..  2018.  Blockchain-Based Mutual Authentication Security Protocol for Distributed RFID Systems. 2018 IEEE Symposium on Computers and Communications (ISCC). :00074–00077.

Since radio frequency identification (RFID) technology has been used in various scenarios such as supply chain, access control system and credit card, tremendous efforts have been made to improve the authentication between tags and readers to prevent potential attacks. Though effective in certain circumstances, these existing methods usually require a server to maintain a database of identity related information for every tag, which makes the system vulnerable to the SQL injection attack and not suitable for distributed environment. To address these problems, we now propose a novel blockchain-based mutual authentication security protocol. In this new scheme, there is no need for the trusted third parties to provide security and privacy for the system. Authentication is executed as an unmodifiable transaction based on blockchain rather than database, which applies to distributed RFID systems with high security demand and relatively low real-time requirement. Analysis shows that our protocol is logically correct and can prevent multiple attacks.

Zhang, Y., Duan, L., Sun, C. A., Cheng, B., Chen, J..  2017.  A Cross-Layer Security Solution for Publish/Subscribe-Based IoT Services Communication Infrastructure. 2017 IEEE International Conference on Web Services (ICWS). :580–587.

The publish/subscribe paradigm can be used to build IoT service communication infrastructure owing to its loose coupling and scalability. Its features of decoupling among event producers and event consumers make IoT services collaborations more real-time and flexible, and allow indirect, anonymous and multicast IoT service interactions. However, in this environment, the IoT service cannot directly control the access to the events. This paper proposes a cross-layer security solution to address the above issues. The design principle of our security solution is to embed security policies into events as well as allow the network to route events according to publishers' policies and requirements. This solution helps to improve the system's performance, while keeping features of IoT service interactions and minimizing the event visibility at the same time. Experimental results show that our approach is effective.

Zhang, Y., Eisele, S., Dubey, A., Laszka, A., Srivastava, A. K..  2019.  Cyber-Physical Simulation Platform for Security Assessment of Transactive Energy Systems. 2019 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES). :1–6.
Transactive energy systems (TES) are emerging as a transformative solution for the problems that distribution system operators face due to an increase in the use of distributed energy resources and rapid growth in scalability of managing active distribution system (ADS). On the one hand, these changes pose a decentralized power system control problem, requiring strategic control to maintain reliability and resiliency for the community and for the utility. On the other hand, they require robust financial markets while allowing participation from diverse prosumers. To support the computing and flexibility requirements of TES while preserving privacy and security, distributed software platforms are required. In this paper, we enable the study and analysis of security concerns by developing Transactive Energy Security Simulation Testbed (TESST), a TES testbed for simulating various cyber attacks. In this work, the testbed is used for TES simulation with centralized clearing market, highlighting weaknesses in a centralized system. Additionally, we present a blockchain enabled decentralized market solution supported by distributed computing for TES, which on one hand can alleviate some of the problems that we identify, but on the other hand, may introduce newer issues. Future study of these differing paradigms is necessary and will continue as we develop our security simulation testbed.
Wu, D., Zhang, Y., Liu, Y..  2017.  Dummy Location Selection Scheme for K-Anonymity in Location Based Services. 2017 IEEE Trustcom/BigDataSE/ICESS. :441–448.

Location-Based Service (LBS) becomes increasingly important for our daily life. However, the localization information in the air is vulnerable to various attacks, which result in serious privacy concerns. To overcome this problem, we formulate a multi-objective optimization problem with considering both the query probability and the practical dummy location region. A low complexity dummy location selection scheme is proposed. We first find several candidate dummy locations with similar query probabilities. Among these selected candidates, a cloaking area based algorithm is then offered to find K - 1 dummy locations to achieve K-anonymity. The intersected area between two dummy locations is also derived to assist to determine the total cloaking area. Security analysis verifies the effectiveness of our scheme against the passive and active adversaries. Compared with other methods, simulation results show that the proposed dummy location scheme can improve the privacy level and enlarge the cloaking area simultaneously.

Shen, N., Yeh, J., Chen, C., Chen, Y., Zhang, Y..  2019.  Ensuring Query Completeness in Outsourced Database Using Order-Preserving Encryption. 2019 IEEE Intl Conf on Parallel Distributed Processing with Applications, Big Data Cloud Computing, Sustainable Computing Communications, Social Computing Networking (ISPA/BDCloud/SocialCom/SustainCom). :776–783.
Nowadays database outsourcing has become business owners' preferred option and they are benefiting from its flexibility, reliability, and low cost. However, because database service providers cannot always be fully trusted and data owners will no longer have a direct control over their own data, how to make the outsourced data secure becomes a hot research topic. From the data integrity protection aspect, the client wants to make sure the data returned is correct, complete, and up-to-date. Previous research work in literature put more efforts on data correctness, while data completeness is still a challenging problem to solve. There are some existing works that tried to protect the completeness of data. Unfortunately, these solutions were considered not fully solving the problem because of their high communication or computation overhead. The implementations and limitations of existing works will be further discussed in this paper. From the data confidentiality protection aspect, order-preserving encryption (OPE) is a widely used encryption scheme in protecting data confidentiality. It allows the client to perform range queries and some other operations such as GROUP BY and ORDER BY over the OPE encrypted data. Therefore, it is worthy to develop a solution that allows user to verify the query completeness for an OPE encrypted database so that both data confidentiality and completeness are both protected. Inspired by this motivation, we propose a new data completeness protecting scheme by inserting fake tuples into databases. Both the real and fake tuples are OPE encrypted and thus the cloud server cannot distinguish among them. While our new scheme is much more efficient than all existing approaches, the level of security protection remains the same.
Lyu, C., Pande, A., Zhang, Y., Gu, D., Mohapatra, P..  2018.  FastTrust: Fast and Anonymous Spatial-Temporal Trust for Connected Cars on Expressways. 2018 15th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON). :1–9.

Connected cars have received massive attention in Intelligent Transportation System. Many potential services, especially safety-related ones, rely on spatial-temporal messages periodically broadcast by cars. Without a secure authentication algorithm, malicious cars may send out invalid spatial-temporal messages and then deny creating them. Meanwhile, a lot of private information may be disclosed from these spatial-temporal messages. Since cars move on expressways at high speed, any authentication must be performed in real-time to prevent crashes. In this paper, we propose a Fast and Anonymous Spatial-Temporal Trust (FastTrust) mechanism to ensure these properties. In contrast to most authentication protocols which rely on fixed infrastructures, FastTrust is distributed and mostly designed on symmetric-key cryptography and an entropy-based commitment, and is able to fast authenticate spatial-temporal messages. FastTrust also ensures the anonymity and unlinkability of spatial-temporal messages by developing a pseudonym-varying scheduling scheme on cars. We provide both analytical and simulation evaluations to show that FastTrust achieves the security and privacy properties. FastTrust is low-cost in terms of communication and computational resources, authenticating 20 times faster than existing Elliptic Curve Digital Signature Algorithm.

Xia, D., Zhang, Y..  2017.  The fuzzy control of trust establishment. 2017 4th International Conference on Systems and Informatics (ICSAI). :655–659.

In the open network environment, the strange entities can establish the mutual trust through Automated Trust Negotiation (ATN) that is based on exchanging digital credentials. In traditional ATN, the attribute certificate required to either satisfied or not, and in the strategy, the importance of the certificate is same, it may cause some unnecessary negotiation failure. And in the actual situation, the properties is not just 0 or 1, it is likely to between 0 and 1, so the satisfaction degree is different, and the negotiation strategy need to be quantified. This paper analyzes the fuzzy negotiation process, in order to improve the trust establishment in high efficiency and accuracy further.

Fu, Y., Tong, S., Guo, X., Cheng, L., Zhang, Y., Feng, D..  2020.  Improving the Effectiveness of Grey-box Fuzzing By Extracting Program Information. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :434–441.
Fuzzing has been widely adopted as an effective techniques to detect vulnerabilities in softwares. However, existing fuzzers suffer from the problems of generating excessive test inputs that either cannot pass input validation or are ineffective in exploring unvisited regions in the program under test (PUT). To tackle these problems, we propose a greybox fuzzer called MuFuzzer based on AFL, which incorporates two heuristics that optimize seed selection and automatically extract input formatting information from the PUT to increase the chance of generating valid test inputs, respectively. In particular, the first heuristic collects the branch coverage and execution information during a fuzz session, and utilizes such information to guide fuzzing tools in selecting seeds that are fast to execute, small in size, and more importantly, more likely to explore new behaviors of the PUT for subsequent fuzzing activities. The second heuristic automatically identifies string comparison operations that the PUT uses for input validation, and establishes a dictionary with string constants from these operations to help fuzzers generate test inputs that have higher chances to pass input validation. We have evaluated the performance of MuFuzzer, in terms of code coverage and bug detection, using a set of realistic programs and the LAVA-M test bench. Experiment results demonstrate that MuFuzzer is able to achieve higher code coverage and better or comparative bug detection performance than state-of-the-art fuzzers.
Li, M., Zhang, Y., Sun, Y., Wang, W., Tsang, I. W., Lin, X..  2020.  I/O Efficient Approximate Nearest Neighbour Search based on Learned Functions. 2020 IEEE 36th International Conference on Data Engineering (ICDE). :289–300.
Approximate nearest neighbour search (ANNS) in high dimensional space is a fundamental problem in many applications, such as multimedia database, computer vision and information retrieval. Among many solutions, data-sensitive hashing-based methods are effective to this problem, yet few of them are designed for external storage scenarios and hence do not optimized for I/O efficiency during the query processing. In this paper, we introduce a novel data-sensitive indexing and query processing framework for ANNS with an emphasis on optimizing the I/O efficiency, especially, the sequential I/Os. The proposed index consists of several lists of point IDs, ordered by values that are obtained by learned hashing (i.e., mapping) functions on each corresponding data point. The functions are learned from the data and approximately preserve the order in the high-dimensional space. We consider two instantiations of the functions (linear and non-linear), both learned from the data with novel objective functions. We also develop an I/O efficient ANNS framework based on the index. Comprehensive experiments on six benchmark datasets show that our proposed methods with learned index structure perform much better than the state-of-the-art external memory-based ANNS methods in terms of I/O efficiency and accuracy.
Wang, B., Dou, Y., Sang, Y., Zhang, Y., Huang, J..  2020.  IoTCMal: Towards A Hybrid IoT Honeypot for Capturing and Analyzing Malware. ICC 2020 - 2020 IEEE International Conference on Communications (ICC). :1—7.

Nowadays, the emerging Internet-of-Things (IoT) emphasize the need for the security of network-connected devices. Additionally, there are two types of services in IoT devices that are easily exploited by attackers, weak authentication services (e.g., SSH/Telnet) and exploited services using command injection. Based on this observation, we propose IoTCMal, a hybrid IoT honeypot framework for capturing more comprehensive malicious samples aiming at IoT devices. The key novelty of IoTC-MAL is three-fold: (i) it provides a high-interactive component with common vulnerable service in real IoT device by utilizing traffic forwarding technique; (ii) it also contains a low-interactive component with Telnet/SSH service by running in virtual environment. (iii) Distinct from traditional low-interactive IoT honeypots[1], which only analyze family categories of malicious samples, IoTCMal primarily focuses on homology analysis of malicious samples. We deployed IoTCMal on 36 VPS1 instances distributed in 13 cities of 6 countries. By analyzing the malware binaries captured from IoTCMal, we discover 8 malware families controlled by at least 11 groups of attackers, which mainly launched DDoS attacks and digital currency mining. Among them, about 60% of the captured malicious samples ran in ARM or MIPs architectures, which are widely used in IoT devices.

Yang, B., Xu, G., Zeng, X., Liu, J., Zhang, Y..  2018.  A Lightweight Anonymous Mobile User Authentication Scheme for Smart Grid. 2018 IEEE SmartWorld, Ubiquitous Intelligence Computing, Advanced Trusted Computing, Scalable Computing Communications, Cloud Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). :821-827.

Smart Grid (SG) technology has been developing for years, which facilitates users with portable access to power through being applied in numerous application scenarios, one of which is the electric vehicle charging. In order to ensure the security of the charging process, users need authenticating with the smart meter for the subsequent communication. Although there are many researches in this field, few of which have endeavored to protect the anonymity and the untraceability of users during the authentication. Further, some studies consider the problem of user anonymity, but they are non-light-weight protocols, even some can not assure any fairness in key agreement. In this paper, we first points out that existing authentication schemes for Smart Grid are neither lack of critical security nor short of important property such as untraceability, then we propose a new two-factor lightweight user authentication scheme based on password and biometric. The authentication process of the proposed scheme includes four message exchanges among the user mobile, smart meter and the cloud server, and then a security one-time session key is generated for the followed communication process. Moreover, the scheme has some new features, such as the protection of the user's anonymity and untraceability. Security analysis shows that our proposed scheme can resist various well-known attacks and the performance analysis shows that compared to other three schemes, our scheme is more lightweight, secure and efficient.

Zhang, Y., Liu, Y., Chung, C.-L., Wei, Y.-C., Chen, C.-H..  2020.  Machine Learning Method Based on Stream Homomorphic Encryption Computing. 2020 IEEE International Conference on Consumer Electronics - Taiwan (ICCE-Taiwan). :1–2.
This study proposes a machine learning method based on stream homomorphic encryption computing for improving security and reducing computational time. A case study of mobile positioning based on k nearest neighbors ( kNN) is selected to evaluate the proposed method. The results showed the proposed method can save computational resources than others.
Tai, J., Alsmadi, I., Zhang, Y., Qiao, F..  2020.  Machine Learning Methods for Anomaly Detection in Industrial Control Systems. 2020 IEEE International Conference on Big Data (Big Data). :2333—2339.

This paper examines multiple machine learning models to find the model that best indicates anomalous activity in an industrial control system that is under a software-based attack. The researched machine learning models are Random Forest, Gradient Boosting Machine, Artificial Neural Network, and Recurrent Neural Network classifiers built-in Python and tested against the HIL-based Augmented ICS dataset. Although the results showed that Random Forest, Gradient Boosting Machine, Artificial Neural Network, and Long Short-Term Memory classification models have great potential for anomaly detection in industrial control systems, we found that Random Forest with tuned hyperparameters slightly outperformed the other models.

Zhang, Y., Ya\u gan, O..  2018.  Modeling and Analysis of Cascading Failures in Interdependent Cyber-Physical Systems. 2018 IEEE Conference on Decision and Control (CDC). :4731-4738.

Integrated cyber-physical systems (CPSs), such as the smart grid, are becoming the underpinning technology for major industries. A major concern regarding such systems are the seemingly unexpected large scale failures, which are often attributed to a small initial shock getting escalated due to intricate dependencies within and across the individual counterparts of the system. In this paper, we develop a novel interdependent system model to capture this phenomenon, also known as cascading failures. Our framework consists of two networks that have inherently different characteristics governing their intra-dependency: i) a cyber-network where a node is deemed to be functional as long as it belongs to the largest connected (i.e., giant) component; and ii) a physical network where nodes are given an initial flow and a capacity, and failure of a node results with redistribution of its flow to the remaining nodes, upon which further failures might take place due to overloading. Furthermore, it is assumed that these two networks are inter-dependent. For simplicity, we consider a one-to-one interdependency model where every node in the cyber-network is dependent upon and supports a single node in the physical network, and vice versa. We provide a thorough analysis of the dynamics of cascading failures in this interdependent system initiated with a random attack. The system robustness is quantified as the surviving fraction of nodes at the end of cascading failures, and is derived in terms of all network parameters involved. Analytic results are supported through an extensive numerical study. Among other things, these results demonstrate the ability of our model to capture the unexpected nature of large-scale failures, and provide insights on improving system robustness.

Yousefi, M., Mtetwa, N., Zhang, Y., Tianfield, H..  2017.  A Novel Approach for Analysis of Attack Graph. 2017 IEEE International Conference on Intelligence and Security Informatics (ISI). :7–12.

Attack graph technique is a common tool for the evaluation of network security. However, attack graphs are generally too large and complex to be understood and interpreted by security administrators. This paper proposes an analysis framework for security attack graphs for a given IT infrastructure system. First, in order to facilitate the discovery of interconnectivities among vulnerabilities in a network, multi-host multi-stage vulnerability analysis (MulVAL) is employed to generate an attack graph for a given network topology. Then a novel algorithm is applied to refine the attack graph and generate a simplified graph called a transition graph. Next, a Markov model is used to project the future security posture of the system. Finally, the framework is evaluated by applying it on a typical IT network scenario with specific services, network configurations, and vulnerabilities.

Berscheid, A., Makarov, Y., Hou, Z., Diao, R., Zhang, Y., Samaan, N., Yuan, Y., Zhou, H..  2018.  An Open-Source Tool for Automated Power Grid Stress Level Prediction at Balancing Authorities. 2018 IEEE/PES Transmission and Distribution Conference and Exposition (T D). :1–5.
The behavior of modern power systems is becoming more stochastic and dynamic, due to the increased penetration of variable generation, demand response, new power market structure, extreme weather conditions, contingencies, and unexpected events. It is critically important to predict potential system operational issues so that grid planners and operators can take preventive actions to mitigate the impact, e.g., lack of operational reserves. In this paper, an innovative software tool is presented to assist power grid operators in a balancing authority in predicting the grid stress level over the next operating day. It periodically collects necessary information from public domain such as weather forecasts, electricity demand, and automatically estimates the stress levels on a daily basis. Advanced Neural Network and regression tree algorithms are developed as the prediction engines to achieve this goal. The tool has been tested on a few key balancing authorities and successfully predicted the growing system peak load and increased stress levels under extreme heat waves.
Zhang, Y., Groves, T., Cook, B., Wright, N. J., Coskun, A. K..  2020.  Quantifying the impact of network congestion on application performance and network metrics. 2020 IEEE International Conference on Cluster Computing (CLUSTER). :162–168.
In modern high-performance computing (HPC) systems, network congestion is an important factor that contributes to performance degradation. However, how network congestion impacts application performance is not fully understood. As Aries network, a recent HPC network architecture featuring a dragonfly topology, is equipped with network counters measuring packet transmission statistics on each router, these network metrics can potentially be utilized to understand network performance. In this work, by experiments on a large HPC system, we quantify the impact of network congestion on various applications' performance in terms of execution time, and we correlate application performance with network metrics. Our results demonstrate diverse impacts of network congestion: while applications with intensive MPI operations (such as HACC and MILC) suffer from more than 40% extension in their execution times under network congestion, applications with less intensive MPI operations (such as Graph500 and HPCG) are mostly not affected. We also demonstrate that a stall-to-flit ratio metric derived from Aries network counters is positively correlated with performance degradation and, thus, this metric can serve as an indicator of network congestion in HPC systems.
Zhang, Y., Liu, J., Shang, T., Wu, W..  2020.  Quantum Homomorphic Encryption Based on Quantum Obfuscation. 2020 International Wireless Communications and Mobile Computing (IWCMC). :2010–2015.
Homomorphic encryption enables computation on encrypted data while maintaining secrecy. This leads to an important open question whether quantum computation can be delegated and verified in a non-interactive manner or not. In this paper, we affirmatively answer this question by constructing the quantum homomorphic encryption scheme with quantum obfuscation. It takes advantage of the interchangeability of the unitary operator, and exchanges the evaluation operator and the encryption operator by means of equivalent multiplication to complete homomorphic encryption. The correctness of the proposed scheme is proved theoretically. The evaluator does not know the decryption key and does not require a regular interaction with a user. Because of key transmission after quantum obfuscation, the encrypting party and the decrypting party can be different users. The output state has the property of complete mixture, which guarantees the scheme security. Moreover, the security level of the quantum homomorphic encryption scheme depends on quantum obfuscation and encryption operators.