Visible to the public Biblio

Filters: Author is Wang, C.  [Clear All Filters]
2019-08-26
Wang, C., Jiang, Y., Zhao, X., Song, X., Gu, M., Sun, J..  2018.  Weak-Assert: A Weakness-Oriented Assertion Recommendation Toolkit for Program Analysis. 2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion). :69–72.

Assertions are helpful in program analysis, such as software testing and verification. The most challenging part of automatically recommending assertions is to design the assertion patterns and to insert assertions in proper locations. In this paper, we develop Weak-Assert, a weakness-oriented assertion recommendation toolkit for program analysis of C code. A weakness-oriented assertion is an assertion which can help to find potential program weaknesses. Weak-Assert uses well-designed patterns to match the abstract syntax trees of source code automatically. It collects significant messages from trees and inserts assertions into proper locations of programs. These assertions can be checked by using program analysis techniques. The experiments are set up on Juliet test suite and several actual projects in Github. Experimental results show that Weak-Assert helps to find 125 program weaknesses in 26 actual projects. These weaknesses are confirmed manually to be triggered by some test cases.

2019-03-15
Wang, C., Zhao, S., Wang, X., Luo, M., Yang, M..  2018.  A Neural Network Trojan Detection Method Based on Particle Swarm Optimization. 2018 14th IEEE International Conference on Solid-State and Integrated Circuit Technology (ICSICT). :1-3.

Hardware Trojans (HTs) are malicious modifications of the original circuits intended to leak information or cause malfunction. Based on the Side Channel Analysis (SCA) technology, a set of hardware Trojan detection platform is designed for RTL circuits on the basis of HSPICE power consumption simulation. Principal Component Analysis (PCA) algorithm is used to reduce the dimension of power consumption data. An intelligent neural networks (NN) algorithm based on Particle Swarm Optimization (PSO) is introduced to achieve HTs recognition. Experimental results show that the detection accuracy of PSO NN method is much better than traditional BP NN method.

2019-01-16
Shi, T., Shi, W., Wang, C., Wang, Z..  2018.  Compressed Sensing based Intrusion Detection System for Hybrid Wireless Mesh Networks. 2018 International Conference on Computing, Networking and Communications (ICNC). :11–15.
As wireless mesh networks (WMNs) develop rapidly, security issue becomes increasingly important. Intrusion Detection System (IDS) is one of the crucial ways to detect attacks. However, IDS in wireless networks including WMNs brings high detection overhead, which degrades network performance. In this paper, we apply compressed sensing (CS) theory to IDS and propose a CS based IDS for hybrid WMNs. Since CS can reconstruct a sparse signal with compressive sampling, we process the detected data and construct sparse original signals. Through reconstruction algorithm, the compressive sampled data can be reconstructed and used for detecting intrusions, which reduces the detection overhead. We also propose Active State Metric (ASM) as an attack metric for recognizing attacks, which measures the activity in PHY layer and energy consumption of each node. Through intensive simulations, the results show that under 50% attack density, our proposed IDS can ensure 95% detection rate while reducing about 40% detection overhead on average.
2018-04-02
Gao, Y., Luo, T., Li, J., Wang, C..  2017.  Research on K Anonymity Algorithm Based on Association Analysis of Data Utility. 2017 IEEE 2nd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). :426–432.

More and more medical data are shared, which leads to disclosure of personal privacy information. Therefore, the construction of medical data privacy preserving publishing model is of great value: not only to make a non-correspondence between the released information and personal identity, but also to maintain the data utility after anonymity. However, there is an inherent contradiction between the anonymity and the data utility. In this paper, a Principal Component Analysis-Grey Relational Analysis (PCA-GRA) K anonymous algorithm is proposed to improve the data utility effectively under the premise of anonymity, in which the association between quasi-identifiers and the sensitive information is reckoned as a criterion to control the generalization hierarchy. Compared with the previous anonymity algorithms, results show that the proposed PCA-GRA K anonymous algorithm has achieved significant improvement in data utility from three aspects, namely information loss, feature maintenance and classification evaluation performance.

2018-02-21
Wang, C., Xie, H., Bie, Z., Yan, C., Lin, Y..  2017.  Reliability evaluation of AC/DC hybrid power grid considering transient security constraints. 2017 13th IEEE Conference on Automation Science and Engineering (CASE). :1237–1242.

With the rapid development of DC transmission technology and High Voltage Direct Current (HVDC) programs, the reliability of AC/DC hybrid power grid draws more and more attentions. The paper takes both the system static and dynamic characteristics into account, and proposes a novel AC/DC hybrid system reliability evaluation method considering transient security constraints based on Monte-Carlo method and transient stability analytical method. The interaction of AC system and DC system after fault is considered in evaluation process. The transient stability analysis is performed firstly when fault occurs in the system and BPA software is applied to the analysis to improve the computational accuracy and speed. Then the new system state is generated according to the transient analysis results. Then a minimum load shedding model of AC/DC hybrid system with HVDC is proposed. And then adequacy analysis is taken to the new state. The proposed method can evaluate the reliability of AC/DC hybrid grid more comprehensively and reduce the complexity of problem which is tested by IEEE-RTS 96 system and an actual large-scale system.

2018-02-15
Wang, C., Lizana, F. R., Li, Z., Peterchev, A. V., Goetz, S. M..  2017.  Submodule short-circuit fault diagnosis based on wavelet transform and support vector machines for modular multilevel converter with series and parallel connectivity. IECON 2017 - 43rd Annual Conference of the IEEE Industrial Electronics Society. :3239–3244.

The modular multilevel converter with series and parallel connectivity was shown to provide advantages in several industrial applications. Its reliability largely depends on the absence of failures in the power semiconductors. We propose and analyze a fault-diagnosis technique to identify shorted switches based on features generated through wavelet transform of the converter output and subsequent classification in support vector machines. The multi-class support vector machine is trained with multiple recordings of the output of each fault condition as well as the converter under normal operation. Simulation results reveal that the proposed method has high classification latency and high robustness. Except for the monitoring of the output, which is required for the converter control in any case, this method does not require additional module sensors.

2017-12-28
Cai, C., Yuan, X., Wang, C..  2017.  Hardening Distributed and Encrypted Keyword Search via Blockchain. 2017 IEEE Symposium on Privacy-Aware Computing (PAC). :119–128.

Distributed storage platforms draw much attention due to their high reliability and scalability for handling a massive amount of data. To protect user and data privacy, encryption is considered as a necessary feature for production systems like Storj. But it prohibits the nodes from performing content search. To preserve the functionality, we observe that a protocol of integration with searchable encryption and keyword search via distributed hash table allows the nodes in a network to search over encrypted and distributed data. However, this protocol does not address a practical threat in a fully distributed scenario. Malicious nodes would sabotage search results, and easily infiltrate the system as the network grows. Using primitives such as MAC and verifiable data structure may empower the users to verify the search result, but the robustness of the overall system can hardly be ensured. In this paper, we address this issue by proposing a protocol that is seamlessly incorporated to encrypted search in distributed network to attest and monitor nodes. From the moment a node joins the system, it will be attested and continuously monitored through verifiable search queries. The result of each attestation is determined via a standard quorum-based voting protocol, and then recorded on the blockchain as a consensus view of trusted nodes. Based on the proposed protocols, malicious nodes can be detected and removed by a majority of nodes in a self-determining manner. To demonstrate the security and efficiency, we conduct robustness analysis against several potential attacks, and perform performance and overhead evaluation on the proposed protocol.

2015-05-06
Zhuo Lu, Wenye Wang, Wang, C..  2014.  How can botnets cause storms? Understanding the evolution and impact of mobile botnets INFOCOM, 2014 Proceedings IEEE. :1501-1509.

A botnet in mobile networks is a collection of compromised nodes due to mobile malware, which are able to perform coordinated attacks. Different from Internet botnets, mobile botnets do not need to propagate using centralized infrastructures, but can keep compromising vulnerable nodes in close proximity and evolving organically via data forwarding. Such a distributed mechanism relies heavily on node mobility as well as wireless links, therefore breaks down the underlying premise in existing epidemic modeling for Internet botnets. In this paper, we adopt a stochastic approach to study the evolution and impact of mobile botnets. We find that node mobility can be a trigger to botnet propagation storms: the average size (i.e., number of compromised nodes) of a botnet increases quadratically over time if the mobility range that each node can reach exceeds a threshold; otherwise, the botnet can only contaminate a limited number of nodes with average size always bounded above. This also reveals that mobile botnets can propagate at the fastest rate of quadratic growth in size, which is substantially slower than the exponential growth of Internet botnets. To measure the denial-of-service impact of a mobile botnet, we define a new metric, called last chipper time, which is the last time that service requests, even partially, can still be processed on time as the botnet keeps propagating and launching attacks. The last chipper time is identified to decrease at most on the order of 1/√B, where B is the network bandwidth. This result reveals that although increasing network bandwidth can help with mobile services; at the same time, it can indeed escalate the risk for services being disrupted by mobile botnets.

2015-04-30
Zhuo Lu, Wenye Wang, Wang, C..  2015.  Camouflage Traffic: Minimizing Message Delay for Smart Grid Applications under Jamming. Dependable and Secure Computing, IEEE Transactions on. 12:31-44.

Smart grid is a cyber-physical system that integrates power infrastructures with information technologies. To facilitate efficient information exchange, wireless networks have been proposed to be widely used in the smart grid. However, the jamming attack that constantly broadcasts radio interference is a primary security threat to prevent the deployment of wireless networks in the smart grid. Hence, spread spectrum systems, which provide jamming resilience via multiple frequency and code channels, must be adapted to the smart grid for secure wireless communications, while at the same time providing latency guarantee for control messages. An open question is how to minimize message delay for timely smart grid communication under any potential jamming attack. To address this issue, we provide a paradigm shift from the case-by-case methodology, which is widely used in existing works to investigate well-adopted attack models, to the worst-case methodology, which offers delay performance guarantee for smart grid applications under any attack. We first define a generic jamming process that characterizes a wide range of existing attack models. Then, we show that in all strategies under the generic process, the worst-case message delay is a U-shaped function of network traffic load. This indicates that, interestingly, increasing a fair amount of traffic can in fact improve the worst-case delay performance. As a result, we demonstrate a lightweight yet promising system, transmitting adaptive camouflage traffic (TACT), to combat jamming attacks. TACT minimizes the message delay by generating extra traffic called camouflage to balance the network load at the optimum. Experiments show that TACT can decrease the probability that a message is not delivered on time in order of magnitude.