Visible to the public Biblio

Filters: Author is Zhang, Yi  [Clear All Filters]
Zhu, Yan, Zhang, Yi, Wang, Jing, Song, Weijing, Chu, Cheng-Chung, Liu, Guowei.  2019.  From Data-Driven to Intelligent-Driven: Technology Evolution of Network Security in Big Data Era. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:103–109.

With the advent of the big data era, information systems have exhibited some new features, including boundary obfuscation, system virtualization, unstructured and diversification of data types, and low coupling among function and data. These features not only lead to a big difference between big data technology (DT) and information technology (IT), but also promote the upgrading and evolution of network security technology. In response to these changes, in this paper we compare the characteristics between IT era and DT era, and then propose four DT security principles: privacy, integrity, traceability, and controllability, as well as active and dynamic defense strategy based on "propagation prediction, audit prediction, dynamic management and control". We further discuss the security challenges faced by DT and the corresponding assurance strategies. On this basis, the big data security technologies can be divided into four levels: elimination, continuation, improvement, and innovation. These technologies are analyzed, combed and explained according to six categories: access control, identification and authentication, data encryption, data privacy, intrusion prevention, security audit and disaster recovery. The results will support the evolution of security technologies in the DT era, the construction of big data platforms, the designation of security assurance strategies, and security technology choices suitable for big data.

Park, Daejun, Zhang, Yi, Saxena, Manasvi, Daian, Philip, Ro\c su, Grigore.  2018.  A Formal Verification Tool for Ethereum VM Bytecode. Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. :912-915.

In this paper, we present a formal verification tool for the Ethereum Virtual Machine (EVM) bytecode. To precisely reason about all possible behaviors of the EVM bytecode, we adopted KEVM, a complete formal semantics of the EVM, and instantiated the K-framework's reachability logic theorem prover to generate a correct-by-construction deductive verifier for the EVM. We further optimized the verifier by introducing EVM-specific abstractions and lemmas to improve its scalability. Our EVM verifier has been used to verify various high-profile smart contracts including the ERC20 token, Ethereum Casper, and DappHub MakerDAO contracts.

Liu, Shilei, Xu, Guoxiong, Zhang, Yi, Li, Wenxin.  2018.  A Study of Temporal Stability on Finger-Vein Recognition Accuracy Using a Steady-State Model. Proceedings of the 2018 10th International Conference on Bioinformatics and Biomedical Technology. :7–12.
Stability has been one of the most fundamental premises in biometric recognition field. In the last few years, a few achievements have been made on proving this theoretical premises concerning fingerprints, palm prints, iris, face, etc. However, none of related academic results have been published on finger-vein recognition so far. In this paper, we try to study on the stability of finger-vein within a designed timespan (four years). In order to achieve this goal, a proper database for stability was collected with all external influences of finger-vein features (acquiring hardware, user behavior and circumstance situation) eliminated. Then, for the first time, we proposed a steady-state model of finger-vein features indicating that each specific finger owns a stable steady-state which all its finger-vein images would properly converging to, regardless of time. Experiments have been conducted on our 5-year/200,000-finger data set. And results from both genuine match and imposter match demonstrate that the model is well supported. This steady-state model is generic, hence providing a common method on how to evaluate the stability of other types of biometric features.
Sun, Yueming, Zhang, Yi, Chen, Yunfei, Jin, Roger.  2016.  Conversational Recommendation System with Unsupervised Learning. Proceedings of the 10th ACM Conference on Recommender Systems. :397–398.

We will demonstrate a conversational products recommendation agent. This system shows how we combine research in personalized recommendation systems with research in dialogue systems to build a virtual sales agent. Based on new deep learning technologies we developed, the virtual agent is capable of learning how to interact with users, how to answer user questions, what is the next question to ask, and what to recommend when chatting with a human user. Normally a descent conversational agent for a particular domain requires tens of thousands of hand labeled conversational data or hand written rules. This is a major barrier when launching a conversation agent for a new domain. We will explore and demonstrate the effectiveness of the learning solution even when there is no hand written rules or hand labeled training data.

Wu, Meng, Zhang, Yi, Mi, Xianya.  2016.  Binary Protection Using Dynamic Fine-grained Code Hiding and Obfuscation. Proceedings of the 4th International Conference on Information and Network Security. :1–8.

Anti-reverse engineering is one of the core technologies of software intellectual property protection, prevailing techniques of which are static and dynamic obfuscation. Static obfuscation can only prevent static analysis with code mutation done before execution by compressing, encrypting and obfuscating. Dynamic obfuscation can prevent both static and dynamic analysis, which changes code while being executed. Popular dynamic obfuscation techniques include self-modifying code and virtual machine protection. Despite the higher safety, dynamic obfuscation has its problems: 1) code appear in plain text remains a long time; 2) control flow is exposable; 3) time and space overheads are too big. This paper presents a binary protection scheme using dynamic fine-grained code hiding and obfuscation named dynFCHO. In this scheme, basic blocks to be protected are hidden in original code and will be restored while being executed. Code obfuscation is also implemented additionally to enhance safety. Experiments prove that dynFCHO can effectively resist static and dynamic analysis without destructing original software functions. It can be used on most binary programs compiled by standard compilers. This scheme can be widely used with the advantages of strong protection, light-weight implementation, and good extendibility.