Visible to the public Biblio

Filters: Author is Wang, X.  [Clear All Filters]
2019-05-20
Hu, W., Ardeshiricham, A., Gobulukoglu, M. S., Wang, X., Kastner, R..  2018.  Property Specific Information Flow Analysis for Hardware Security Verification. 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). :1-8.

Hardware information flow analysis detects security vulnerabilities resulting from unintended design flaws, timing channels, and hardware Trojans. These information flow models are typically generated in a general way, which includes a significant amount of redundancy that is irrelevant to the specified security properties. In this work, we propose a property specific approach for information flow security. We create information flow models tailored to the properties to be verified by performing a property specific search to identify security critical paths. This helps find suspicious signals that require closer inspection and quickly eliminates portions of the design that are free of security violations. Our property specific trimming technique reduces the complexity of the security model; this accelerates security verification and restricts potential security violations to a smaller region which helps quickly pinpoint hardware security vulnerabilities.

2019-05-01
Gundabolu, S., Wang, X..  2018.  On-chip Data Security Against Untrustworthy Software and Hardware IPs in Embedded Systems. 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI). :644–649.

State-of-the-art system-on-chip (SoC) field programmable gate arrays (FPGAs) integrate hard powerful ARM processor cores and the reconfigurable logic fabric on a single chip in addition to many commonly needed high performance and high-bandwidth peripherals. The increasing reliance on untrustworthy third-party IP (3PIP) cores, including both hardware and software in FPGA-based embedded systems has made the latter increasingly vulnerable to security attacks. Detection of trojans in 3PIPs is extremely difficult to current static detection methods since there is no golden reference model for 3PIPs. Moreover, many FPGA-based embedded systems do not have the support of security services typically found in operating systems. In this paper, we present our run-time, low-cost, and low-latency hardware and software based solution for protecting data stored in on-chip memory blocks, which has attracted little research attention. The implemented memory protection design consists of a hierarchical top-down structure and controls memory access from software IPs running on the processor and hardware IPs running in the FPGA, based on a set of rules or access rights configurable at run time. Additionally, virtual addressing and encryption of data for each memory help protect confidentiality of data in case of a failure of the memory protection unit, making it hard for the attacker to gain access to the data stored in the memory. The design is implemented and tested on the Intel (Altera) DE1-SoC board featuring a SoC FPGA that integrates a dual-core ARM processor with reconfigurable logic and hundreds of memory blocks. The experimental results and case studies show that the protection model is successful in eliminating malicious IPs from the system without need for reconfiguration of the FPGA. It prevents unauthorized accesses from untrusted IPs, while arbitrating access from trusted IPs generating legal memory requests, without incurring a serious area or latency penalty.

2019-04-05
Li, X., Cui, X., Shi, L., Liu, C., Wang, X..  2018.  Constructing Browser Fingerprint Tracking Chain Based on LSTM Model. 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC). :213-218.
Web attacks have increased rapidly in recent years. However, traditional methods are useless to track web attackers. Browser fingerprint, as a stateless tracking technique, can be used to solve this problem. Given browser fingerprint changes easily and frequently, it is easy to lose track. Therefore, we need to improve the stability of browser fingerprint by linking the new one to the previous chain. In this paper, we propose LSTM model to learn the potential relationship of browser fingerprint evolution. In addition, we adjust the input feature vector to time series and construct training set to train the model. The results show that our model can construct the tracking chain perfectly well with average ownership up to 99.3%.
2019-03-15
Wang, C., Zhao, S., Wang, X., Luo, M., Yang, M..  2018.  A Neural Network Trojan Detection Method Based on Particle Swarm Optimization. 2018 14th IEEE International Conference on Solid-State and Integrated Circuit Technology (ICSICT). :1-3.

Hardware Trojans (HTs) are malicious modifications of the original circuits intended to leak information or cause malfunction. Based on the Side Channel Analysis (SCA) technology, a set of hardware Trojan detection platform is designed for RTL circuits on the basis of HSPICE power consumption simulation. Principal Component Analysis (PCA) algorithm is used to reduce the dimension of power consumption data. An intelligent neural networks (NN) algorithm based on Particle Swarm Optimization (PSO) is introduced to achieve HTs recognition. Experimental results show that the detection accuracy of PSO NN method is much better than traditional BP NN method.

2019-01-21
Wang, X., Hou, Y., Huang, X., Li, D., Tao, X., Xu, J..  2018.  Security Analysis of Key Extraction from Physical Measurements with Multiple Adversaries. 2018 IEEE International Conference on Communications Workshops (ICC Workshops). :1–6.
In this paper, security of secret key extraction scheme is evaluated for private communication between legitimate wireless devices. Multiple adversaries that distribute around these legitimate wireless devices eavesdrop on the data transmitted between them, and deduce the secret key. Conditional min-entropy given the view of those adversaries is utilized as security evaluation metric in this paper. Besides, the wiretap channel model and hidden Markov model (HMM) are regarded as the channel model and a dynamic programming approach is used to approximate conditional min- entropy. Two algorithms are proposed to mathematically calculate the conditional min- entropy by combining the Viterbi algorithm with the Forward algorithm. Optimal method with multiple adversaries (OME) algorithm is proposed firstly, which has superior performance but exponential computation complexity. To reduce this complexity, suboptimal method with multiple adversaries (SOME) algorithm is proposed, using performance degradation for the computation complexity reduction. In addition to the theoretical analysis, simulation results further show that the OME algorithm indeed has superior performance as well as the SOME algorithm has more efficient computation.
Lian, J., Wang, X., Noshad, M., Brandt-Pearce, M..  2018.  Optical Wireless Interception Vulnerability Analysis of Visible Light Communication System. 2018 IEEE International Conference on Communications (ICC). :1–6.
Visible light communication is a solution for high-security wireless data transmission. In this paper, we first analyze the potential vulnerability of the system from eavesdropping outside the room. By setting up a signal to noise ratio threshold, we define a vulnerable area outside of the room through a window. We compute the receiver aperture needed to capture the signal and what portion of the space is most vulnerable to eavesdropping. Based on the analysis, we propose a solution to improve the security by optimizing the modulation efficiency of each LED in the indoor lamp. The simulation results show that the proposed solution can improve the security considerably while maintaining the indoor communication performance.
Chen, Z., Wang, X..  2018.  A Method for Improving Physical Layer Security in Visible Light Communication Networks. 2018 IEEE Conference on Standards for Communications and Networking (CSCN). :1–5.
In this paper, a method is proposed for improving the physical layer security for indoor visible light communication (VLC) networks with angle diversity transmitters. An angle diversity transmitter usually consists of multiple narrow-beam light-emitting diode (LED) elements with different orientations. Angle diversity transmitters are suitable for confidential data transmission, since data transmission via narrow light beams can effectively avoid the leakage of messages. In order to improve security performance, protection zones are introduced to the systems with angle diversity transmitters. Simulation results show that over 50% performance improvement can be obtained by adding protection zones.
2019-01-16
Jia, Z., Cui, X., Liu, Q., Wang, X., Liu, C..  2018.  Micro-Honeypot: Using Browser Fingerprinting to Track Attackers. 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC). :197–204.
Web attacks have proliferated across the whole Internet in recent years. To protect websites, security vendors and researchers collect attack information using web honeypots. However, web attackers can hide themselves by using stepping stones (e.g., VPN, encrypted proxy) or anonymous networks (e.g., Tor network). Conventional web honeypots lack an effective way to gather information about an attacker's identity, which raises a big obstacle for cybercrime traceability and forensics. Traditional forensics methods are based on traffic analysis; it requires that defenders gain access to the entire network. It is not suitable for honeypots. In this paper, we present the design, implementation, and deployment of the Micro-Honeypot, which aims to use the browser fingerprinting technique to track a web attacker. Traditional honeypot lure attackers and records attacker's activity. Micro-Honeypot is deployed in a honeypot. It will run and gather identity information when an attacker visits the honeypot. Our preliminary results show that Micro-Honeypot could collect more information and track attackers although they might have used proxies or anonymous networks to hide themselves.
2018-11-19
Wang, X., Oxholm, G., Zhang, D., Wang, Y..  2017.  Multimodal Transfer: A Hierarchical Deep Convolutional Neural Network for Fast Artistic Style Transfer. 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR). :7178–7186.
Transferring artistic styles onto everyday photographs has become an extremely popular task in both academia and industry. Recently, offline training has replaced online iterative optimization, enabling nearly real-time stylization. When those stylization networks are applied directly to high-resolution images, however, the style of localized regions often appears less similar to the desired artistic style. This is because the transfer process fails to capture small, intricate textures and maintain correct texture scales of the artworks. Here we propose a multimodal convolutional neural network that takes into consideration faithful representations of both color and luminance channels, and performs stylization hierarchically with multiple losses of increasing scales. Compared to state-of-the-art networks, our network can also perform style transfer in nearly real-time by performing much more sophisticated training offline. By properly handling style and texture cues at multiple scales using several modalities, we can transfer not just large-scale, obvious style cues but also subtle, exquisite ones. That is, our scheme can generate results that are visually pleasing and more similar to multiple desired artistic styles with color and texture cues at multiple scales.
2018-06-11
Ding, W., Wang, J., Lu, K., Zhao, R., Wang, X., Zhu, Y..  2017.  Optimal Cache Management and Routing for Secure Content Delivery in Information-Centric Networks with Network Coding. 2017 IEEE International Symposium on Parallel and Distributed Processing with Applications and 2017 IEEE International Conference on Ubiquitous Computing and Communications (ISPA/IUCC). :267–274.

Information-Centric Network (ICN) is one of the most promising network architecture to handle the problem of rapid increase of data traffic because it allows in-network cache. ICNs with Linear Network Coding (LNC) can greatly improve the performance of content caching and delivery. In this paper, we propose a Secure Content Caching and Routing (SCCR) framework based on Software Defined Network (SDN) to find the optimal cache management and routing for secure content delivery, which aims to firstly minimize the total cost of cache and bandwidth consumption and then minimize the usage of random chunks to guarantee information theoretical security (ITS). Specifically, we firstly propose the SCCR problem and then introduce the main ideas of the SCCR framework. Next, we formulate the SCCR problem to two Linear Programming (LP) formulations and design the SCCR algorithm based on them to optimally solve the SCCR problem. Finally, extensive simulations are conducted to evaluate the proposed SCCR framework and algorithms.

2018-06-07
Yang, Y., Chen, J., Huang, Y., Wang, X..  2017.  Security-reliability tradeoff for cooperative multi-relay and jammer selection in Nakagami-m fading channels. 2017 IEEE 17th International Conference on Communication Technology (ICCT). :181–186.
In this paper, we analyze the security-reliability tradeoff (SRT) performance of the multi-relay cooperative networks over Nakagami-m fading channels. By considering the reliability of the first phase from the source to relay, a cooperative jamming (CJ) assisted secure transmission scheme is investigated to improve the security performance of the considered system. Specifically, we derive the approximate closed-form expression of the outage probability (OP) and exact closed-form expression of the intercepted probability (IP) for the CJ scheme to evaluate the SRT performance of the system. Finally, the simulation results verify the validity of our theoretical derivations and the advantage of the CJ scheme compared to the traditional scheme with no cooperative jammer.
2018-05-01
Wang, X., Zhou, S..  2017.  Accelerated Stochastic Gradient Method for Support Vector Machines Classification with Additive Kernel. 2017 First International Conference on Electronics Instrumentation Information Systems (EIIS). :1–6.

Support vector machines (SVMs) have been widely used for classification in machine learning and data mining. However, SVM faces a huge challenge in large scale classification tasks. Recent progresses have enabled additive kernel version of SVM efficiently solves such large scale problems nearly as fast as a linear classifier. This paper proposes a new accelerated mini-batch stochastic gradient descent algorithm for SVM classification with additive kernel (AK-ASGD). On the one hand, the gradient is approximated by the sum of a scalar polynomial function for each feature dimension; on the other hand, Nesterov's acceleration strategy is used. The experimental results on benchmark large scale classification data sets show that our proposed algorithm can achieve higher testing accuracies and has faster convergence rate.

2018-03-05
Shu, F., Li, M., Chen, S., Wang, X., Li, F..  2017.  Research on Network Security Protection System Based on Dynamic Modeling. 2017 IEEE 2nd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :1602–1605.
A dynamic modeling method for network security vulnerabilities which is composed of the design of safety evaluation model, the design of risk model of intrusion event and the design of vulnerability risk model. The model based on identification of vulnerabilities values through dynamic forms can improve the tightness between vulnerability scanning system, intrusion prevention system and security configuration verification system. Based on this model, the network protection system which is most suitable for users can be formed, and the protection capability of the network protection system can be improved.
Shu, F., Li, M., Chen, S., Wang, X., Li, F..  2017.  Research on Network Security Protection System Based on Dynamic Modeling. 2017 IEEE 2nd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :1602–1605.
A dynamic modeling method for network security vulnerabilities which is composed of the design of safety evaluation model, the design of risk model of intrusion event and the design of vulnerability risk model. The model based on identification of vulnerabilities values through dynamic forms can improve the tightness between vulnerability scanning system, intrusion prevention system and security configuration verification system. Based on this model, the network protection system which is most suitable for users can be formed, and the protection capability of the network protection system can be improved.
2018-02-21
Lu, Y., Chen, G., Luo, L., Tan, K., Xiong, Y., Wang, X., Chen, E..  2017.  One more queue is enough: Minimizing flow completion time with explicit priority notification. IEEE INFOCOM 2017 - IEEE Conference on Computer Communications. :1–9.

Ideally, minimizing the flow completion time (FCT) requires millions of priorities supported by the underlying network so that each flow has its unique priority. However, in production datacenters, the available switch priority queues for flow scheduling are very limited (merely 2 or 3). This practical constraint seriously degrades the performance of previous approaches. In this paper, we introduce Explicit Priority Notification (EPN), a novel scheduling mechanism which emulates fine-grained priorities (i.e., desired priorities or DP) using only two switch priority queues. EPN can support various flow scheduling disciplines with or without flow size information. We have implemented EPN on commodity switches and evaluated its performance with both testbed experiments and extensive simulations. Our results show that, with flow size information, EPN achieves comparable FCT as pFabric that requires clean-slate switch hardware. And EPN also outperforms TCP by up to 60.5% if it bins the traffic into two priority queues according to flow size. In information-agnostic setting, EPN outperforms PIAS with two priority queues by up to 37.7%. To the best of our knowledge, EPN is the first system that provides millions of priorities for flow scheduling with commodity switches.

Li, T., Wu, L., Zhang, X., Wu, X., Zhou, J., Wang, X..  2017.  A novel transition effect ring oscillator based true random number generator for a security SoC. 2017 International Conference on Electron Devices and Solid-State Circuits (EDSSC). :1–2.

The transition effect ring oscillator (TERO) based true random number generator (TRNG) was proposed by Varchola and Drutarovsky in 2010. There were several stochastic models for this advanced TRNG based on ring oscillator. This paper proposed an improved TERO based TRNG and implements both on Altera Cyclone series FPGA platform and on a 0.13um CMOS ASIC process. FPGA experimental results show that this balanced TERO TRNG is in good performance as the experimental data results past the national institute of standards and technology (NIST) test in 1M bit/s. The TRNG is feasible for a security SoC.

2018-02-15
Wang, X., Lin, S., Wang, S., Shi, J., Zhang, C..  2017.  A multi-fault diagnosis strategy of electro-hydraulic servo actuation system based on extended Kalman filter. 2017 IEEE International Conference on Cybernetics and Intelligent Systems (CIS) and IEEE Conference on Robotics, Automation and Mechatronics (RAM). :614–619.
Electro-hydraulic servo actuation system is a mechanical, electrical and hydraulic mixing complex system. If it can't be repaired for a long time, it is necessary to consider the possibility of occurrence of multiple faults. Considering this possibility, this paper presents an extended Kalman filter (EKF) based method for multiple faults diagnosis. Through analysing the failure modes and mechanism of the electro-hydraulic servo actuation system and modelling selected typical failure modes, the relationship between the key parameters of the system and the faults is obtained. The extended Kalman filter which is a commonly used algorithm for estimating parameters is used to on-line fault diagnosis. Then use the extended Kalman filter to diagnose potential faults. The simulation results show that the multi-fault diagnosis method based on extended Kalman filter is effective for multi-fault diagnosis of electro-hydraulic servo actuation system.
2018-02-02
Zha, X., Wang, X., Ni, W., Liu, R. P., Guo, Y. J., Niu, X., Zheng, K..  2017.  Analytic model on data security in VANETs. 2017 17th International Symposium on Communications and Information Technologies (ISCIT). :1–6.

Fast-changing topologies and uncoordinated transmissions are two critical challenges of implementing data security in vehicular ad-hoc networks (VANETs). We propose a new protocol, where transmitters adaptively switch between backing off retransmissions and changing keys to improve success rate. A new 3-dimensional (3-D) Markov model, which can analyze the proposed protocol with symmetric or asymmetric keys in terms of data security and connectivity, is developed. Analytical results, validated by simulations, show that the proposed protocol achieves substantially improved resistance against collusion attacks.

2018-01-23
Lim, K., Tuladhar, K. M., Wang, X., Liu, W..  2017.  A scalable and secure key distribution scheme for group signature based authentication in VANET. 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON). :478–483.

Security issues in vehicular communication have become a huge concern to safeguard increasing applications. A group signature is one of the popular authentication approaches for VANETs (Vehicular ad hoc networks) which can be implemented to secure the vehicular communication. However, securely distributing group keys to fast-moving vehicular nodes is still a challenging problem. In this paper, we propose an efficient key management protocol for group signature based authentication, where a group is extended to a domain with multiple road side units. Our scheme not only provides a secure way to deliver group keys to vehicular nodes, but also ensures security features. The experiment results show that our key distribution scheme is a scalable, efficient and secure solution to vehicular networking.

2017-03-08
Liu, H., Wang, W., He, Z., Tong, Q., Wang, X., Yu, W., Lv, M..  2015.  Blind image quality evaluation metrics design for UAV photographic application. 2015 IEEE International Conference on Cyber Technology in Automation, Control, and Intelligent Systems (CYBER). :293–297.

A number of blind Image Quality Evaluation Metrics (IQEMs) for Unmanned Aerial Vehicle (UAV) photograph application are presented. Nowadays, the visible light camera is widely used for UAV photograph application because of its vivid imaging effect; however, the outdoor environment light will produce great negative influences on its imaging output unfortunately. In this paper, to conquer this problem above, we design and reuse a series of blind IQEMs to analyze the imaging quality of UAV application. The Human Visual System (HVS) based IQEMs, including the image brightness level, the image contrast level, the image noise level, the image edge blur level, the image texture intensity level, the image jitter level, and the image flicker level, are all considered in our application. Once these IQEMs are calculated, they can be utilized to provide a computational reference for the following image processing application, such as image understanding and recognition. Some preliminary experiments for image enhancement have proved the correctness and validity of our proposed technique.

Wang, X., Teng, Y., Song, M., Wang, X., Yuan, H..  2015.  Joint Optimization of Coverage and Capacity Based on Power Density Distribution in Heterogeneous Cellular Networks. 2015 Fifth International Conference on Instrumentation and Measurement, Computer, Communication and Control (IMCCC). :251–255.

The paper presents a joint optimization algorithm for coverage and capacity in heterogeneous cellular networks. A joint optimization objective related to capacity loss considering both coverage hole and overlap area based on power density distribution is proposed. The optimization object is a NP problem due to that the adjusting parameters are mixed with discrete and continuous, so the bacterial foraging (BF) algorithm is improved based on network performance analysis result to find a more effective direction than randomly selected. The results of simulation show that the optimization object is feasible gains a better effect than traditional method.