Visible to the public Biblio

Filters: Author is Wu, K.  [Clear All Filters]
2020
Zhang, R., Cao, Z., Wu, K..  2020.  Tracing and detection of ICS Anomalies Based on Causality Mutations. 2020 IEEE 5th Information Technology and Mechatronics Engineering Conference (ITOEC). :511—517.

The algorithm of causal anomaly detection in industrial control physics is proposed to determine the normal cloud line of industrial control system so as to accurately detect the anomaly. In this paper, The causal modeling algorithm combining Maximum Information Coefficient and Transfer Entropy was used to construct the causal network among nodes in the system. Then, the abnormal nodes and the propagation path of the anomaly are deduced from the structural changes of the causal network before and after the attack. Finally, an anomaly detection algorithm based on hybrid differential cumulative is used to identify the specific anomaly data in the anomaly node. The stability of causality mining algorithm and the validity of locating causality anomalies are verified by using the data of classical chemical process. Experimental results show that the anomaly detection algorithm is better than the comparison algorithm in accuracy, false negative rate and recall rate, and the anomaly location strategy makes the anomaly source traceable.

2018
Cui, X., Wu, K., Karri, R..  2018.  Hardware Trojan Detection Using Path Delay Order Encoding with Process Variation Tolerance. 2018 IEEE 23rd European Test Symposium (ETS). :1-2.

The outsourcing for fabrication introduces security threats, namely hardware Trojans (HTs). Many design-for-trust (DFT) techniques have been proposed to address such threats. However, many HT detection techniques are not effective due to the dependence on golden chips, limitation of useful information available and process variations. In this paper, we data-mine on path delay information and propose a variation-tolerant path delay order encoding technique to detect HTs.

Saeed, S. M., Cui, X., Zulehner, A., Wille, R., Drechsler, R., Wu, K., Karri, R..  2018.  IC/IP Piracy Assessment of Reversible Logic. 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). :1–8.
Reversible logic is a building block for adiabatic and quantum computing in addition to other applications. Since common functions are non-reversible, one needs to embed them into proper-size reversible functions by adding ancillary inputs and garbage outputs. We explore the Intellectual Property (IP) piracy of reversible circuits. The number of embeddings of regular functions in a reversible function and the percent of leaked ancillary inputs measure the difficulty of recovering the embedded function. To illustrate the key concepts, we study reversible logic circuits designed using reversible logic synthesis tools based on Binary Decision Diagrams and Quantum Multi-valued Decision Diagrams.
Wu, K., Gao, X., Liu, Y..  2018.  Web server security evaluation method based on multi-source data. 2018 International Conference on Cloud Computing, Big Data and Blockchain (ICCBB). :1–6.
Traditional web security assessments are evaluated using a single data source, and the results of the calculations from different data sources are different. Based on multi-source data, this paper uses Analytic Hierarchy Process to construct an evaluation model, calculates the weight of each level of indicators in the web security evaluation model, analyzes and processes the data, calculates the host security threat assessment values at various levels, and visualizes the evaluation results through ECharts+WebGL technology.
2017
Kong, L., Huang, G., Wu, K..  2017.  Identification of Abnormal Network Traffic Using Support Vector Machine. 2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT). :288–292.

Network traffic identification has been a hot topic in network security area. The identification of abnormal traffic can detect attack traffic and helps network manager enforce corresponding security policies to prevent attacks. Support Vector Machines (SVMs) are one of the most promising supervised machine learning (ML) algorithms that can be applied to the identification of traffic in IP networks as well as detection of abnormal traffic. SVM shows better performance because it can avoid local optimization problems existed in many supervised learning algorithms. However, as a binary classification approach, SVM needs more research in multiclass classification. In this paper, we proposed an abnormal traffic identification system(ATIS) that can classify and identify multiple attack traffic applications. Each component of ATIS is introduced in detail and experiments are carried out based on ATIS. Through the test of KDD CUP dataset, SVM shows good performance. Furthermore, the comparison of experiments reveals that scaling and parameters has a vital impact on SVM training results.