Visible to the public Biblio

Filters: Author is Liu, Ying  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
B
He, Lin, Ren, Gang, Liu, Ying.  2019.  Bootstrapping Accountability and Privacy to IPv6 Internet without Starting from Scratch. IEEE INFOCOM 2019 - IEEE Conference on Computer Communications. :1486–1494.

Accountability and privacy are considered valuable but conflicting properties in the Internet, which at present does not provide native support for either. Past efforts to balance accountability and privacy in the Internet have unsatisfactory deployability due to the introduction of new communication identifiers, and because of large-scale modifications to fully deployed infrastructures and protocols. The IPv6 is being deployed around the world and this trend will accelerate. In this paper, we propose a private and accountable proposal based on IPv6 called PAVI that seeks to bootstrap accountability and privacy to the IPv6 Internet without introducing new communication identifiers and large-scale modifications to the deployed base. A dedicated quantitative analysis shows that the proposed PAVI achieves satisfactory levels of accountability and privacy. The results of evaluation of a PAVI prototype show that it incurs little performance overhead, and is widely deployable.

D
Liu, Ying, He, Qiang, Zheng, Dequan, Zhang, Mingwei, Chen, Feifei, Zhang, Bin.  2019.  Data Caching Optimization in the Edge Computing Environment. 2019 IEEE International Conference on Web Services (ICWS). :99–106.

With the rapid increase in the use of mobile devices in people's daily lives, mobile data traffic is exploding in recent years. In the edge computing environment where edge servers are deployed around mobile users, caching popular data on edge servers can ensure mobile users' fast access to those data and reduce the data traffic between mobile users and the centralized cloud. Existing studies consider the data cache problem with a focus on the reduction of network delay and the improvement of mobile devices' energy efficiency. In this paper, we attack the data caching problem in the edge computing environment from the service providers' perspective, who would like to maximize their venues of caching their data. This problem is complicated because data caching produces benefits at a cost and there usually is a trade-off in-between. In this paper, we formulate the data caching problem as an integer programming problem, and maximizes the revenue of the service provider while satisfying a constraint for data access latency. Extensive experiments are conducted on a real-world dataset that contains the locations of edge servers and mobile users, and the results reveal that our approach significantly outperform the baseline approaches.

R
Mi, Xianghang, Feng, Xuan, Liao, Xiaojing, Liu, Baojun, Wang, XiaoFeng, Qian, Feng, Li, Zhou, Alrwais, Sumayah, Sun, Limin, Liu, Ying.  2019.  Resident Evil: Understanding Residential IP Proxy as a Dark Service. 2019 IEEE Symposium on Security and Privacy (SP). :1185—1201.

An emerging Internet business is residential proxy (RESIP) as a service, in which a provider utilizes the hosts within residential networks (in contrast to those running in a datacenter) to relay their customers' traffic, in an attempt to avoid server- side blocking and detection. With the prominent roles the services could play in the underground business world, little has been done to understand whether they are indeed involved in Cybercrimes and how they operate, due to the challenges in identifying their RESIPs, not to mention any in-depth analysis on them. In this paper, we report the first study on RESIPs, which sheds light on the behaviors and the ecosystem of these elusive gray services. Our research employed an infiltration framework, including our clients for RESIP services and the servers they visited, to detect 6 million RESIP IPs across 230+ countries and 52K+ ISPs. The observed addresses were analyzed and the hosts behind them were further fingerprinted using a new profiling system. Our effort led to several surprising findings about the RESIP services unknown before. Surprisingly, despite the providers' claim that the proxy hosts are willingly joined, many proxies run on likely compromised hosts including IoT devices. Through cross-matching the hosts we discovered and labeled PUP (potentially unwanted programs) logs provided by a leading IT company, we uncovered various illicit operations RESIP hosts performed, including illegal promotion, Fast fluxing, phishing, malware hosting, and others. We also reverse engi- neered RESIP services' internal infrastructures, uncovered their potential rebranding and reselling behaviors. Our research takes the first step toward understanding this new Internet service, contributing to the effective control of their security risks.

S
Zhao, Zhiyuan, Sun, Lei, Li, Zuohui, Liu, Ying.  2018.  Searchable Ciphertext-Policy Attribute-Based Encryption with Multi-Keywords for Secure Cloud Storage. Proceedings of the 2018 International Conference on Computing and Pattern Recognition. :35–41.
Searchable encryption is one of the most important techniques for the sensitive data outsourced to cloud server, and has been widely used in cloud storage which brings huge convenience and saves bandwidth and computing resources. A novel searchable cryptographic scheme is proposed by which data owner can control the search and use of the outsourced encrypted data according to its access control policy. The scheme is called searchable ciphertext-policy attribute-based encryption with multikeywords (CPABMKS). In the scheme, CP-ABE and keywords are combined together through the way that the keywords are regarded as the file attributes. To overcome the previous problems in cloud storage, access structures are hidden so that receivers cannot extract sensitive information from the ciphertext. At the same time, this scheme supports the multi-keywords search, and the data owner can outsource the encryption operations to the private cloud that can reduce the data owner' calculation. The security of this scheme is proved based on the DBDH assumption. Finally, scheme evaluation shows that the CPABMKS scheme is practical