Visible to the public Biblio

Filters: Author is Wang, Wei  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
C
Cheng, Wei, Zhang, Kai, Chen, Haifeng, Jiang, Guofei, Chen, Zhengzhang, Wang, Wei.  2016.  Ranking Causal Anomalies via Temporal and Dynamical Analysis on Vanishing Correlations. Proceedings of the 22Nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. :805–814.

Modern world has witnessed a dramatic increase in our ability to collect, transmit and distribute real-time monitoring and surveillance data from large-scale information systems and cyber-physical systems. Detecting system anomalies thus attracts significant amount of interest in many fields such as security, fault management, and industrial optimization. Recently, invariant network has shown to be a powerful way in characterizing complex system behaviours. In the invariant network, a node represents a system component and an edge indicates a stable, significant interaction between two components. Structures and evolutions of the invariance network, in particular the vanishing correlations, can shed important light on locating causal anomalies and performing diagnosis. However, existing approaches to detect causal anomalies with the invariant network often use the percentage of vanishing correlations to rank possible casual components, which have several limitations: 1) fault propagation in the network is ignored; 2) the root casual anomalies may not always be the nodes with a high-percentage of vanishing correlations; 3) temporal patterns of vanishing correlations are not exploited for robust detection. To address these limitations, in this paper we propose a network diffusion based framework to identify significant causal anomalies and rank them. Our approach can effectively model fault propagation over the entire invariant network, and can perform joint inference on both the structural, and the time-evolving broken invariance patterns. As a result, it can locate high-confidence anomalies that are truly responsible for the vanishing correlations, and can compensate for unstructured measurement noise in the system. Extensive experiments on synthetic datasets, bank information system datasets, and coal plant cyber-physical system datasets demonstrate the effectiveness of our approach.

Cheng, Wei, Zhang, Kai, Chen, Haifeng, Jiang, Guofei, Chen, Zhengzhang, Wang, Wei.  2016.  Ranking Causal Anomalies via Temporal and Dynamical Analysis on Vanishing Correlations. Proceedings of the 22Nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. :805–814.

Modern world has witnessed a dramatic increase in our ability to collect, transmit and distribute real-time monitoring and surveillance data from large-scale information systems and cyber-physical systems. Detecting system anomalies thus attracts significant amount of interest in many fields such as security, fault management, and industrial optimization. Recently, invariant network has shown to be a powerful way in characterizing complex system behaviours. In the invariant network, a node represents a system component and an edge indicates a stable, significant interaction between two components. Structures and evolutions of the invariance network, in particular the vanishing correlations, can shed important light on locating causal anomalies and performing diagnosis. However, existing approaches to detect causal anomalies with the invariant network often use the percentage of vanishing correlations to rank possible casual components, which have several limitations: 1) fault propagation in the network is ignored; 2) the root casual anomalies may not always be the nodes with a high-percentage of vanishing correlations; 3) temporal patterns of vanishing correlations are not exploited for robust detection. To address these limitations, in this paper we propose a network diffusion based framework to identify significant causal anomalies and rank them. Our approach can effectively model fault propagation over the entire invariant network, and can perform joint inference on both the structural, and the time-evolving broken invariance patterns. As a result, it can locate high-confidence anomalies that are truly responsible for the vanishing correlations, and can compensate for unstructured measurement noise in the system. Extensive experiments on synthetic datasets, bank information system datasets, and coal plant cyber-physical system datasets demonstrate the effectiveness of our approach.

CUI, A-jun, Fu, Jia-yu, Wang, Wei, Zhang, Hua-feng.  2019.  Construction of Network Active Security Threat Model Based on Offensive and Defensive Differential Game. 2019 12th International Conference on Intelligent Computation Technology and Automation (ICICTA). :289—294.
Aiming at the shortcomings of the traditional network active security threat model that cannot continuously control the threat process, a network active security threat model based on offensive and defensive differential game is constructed. The attack and defense differential game theory is used to define the parameters of the network active security threat model, on this basis, the network security target is determined, the network active security threat is identified by the attack defense differential equation, and finally the network active security threat is quantitatively evaluated, thus construction of network active security threat model based on offensive and defensive differential game is completed. The experimental results show that compared with the traditional network active security threat model, the proposed model is more feasible in the attack and defense control of the network active security threat process, and can achieve the ideal application effect.
D
Dai, Haipeng, Liu, Alex X., Li, Zeshui, Wang, Wei, Zhang, Fengmin, Dong, Chao.  2019.  Recognizing Driver Talking Direction in Running Vehicles with a Smartphone. 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :10–18.
This paper addresses the fundamental problem of identifying driver talking directions using a single smartphone, which can help drivers by warning distraction of having conversations with passengers in a vehicle and enable safety enhancement. The basic idea of our system is to perform talking status and direction identification using two microphones on a smartphone. We first use the sound recorded by the two microphones to identify whether the driver is talking or not. If yes, we then extract the so-called channel fingerprint from the speech signal and classify it into one of three typical driver talking directions, namely, front, right and back, using a trained model obtained in advance. The key novelty of our scheme is the proposition of channel fingerprint which leverages the heavy multipath effects in the harsh in-vehicle environment and cancels the variability of human voice, both of which combine to invalidate traditional TDoA, DoA and fingerprint based sound source localization approaches. We conducted extensive experiments using two kinds of phones and two vehicles for four phone placements in three representative scenarios, and collected 23 hours voice data from 20 participants. The results show that our system can achieve 95.0% classification accuracy on average.
G
Gao, Yang, Li, Borui, Wang, Wei, Xu, Wenyao, Zhou, Chi, Jin, Zhanpeng.  2018.  Watching and Safeguarding Your 3D Printer: Online Process Monitoring Against Cyber-Physical Attacks. Proc. ACM Interact. Mob. Wearable Ubiquitous Technol.. 2:108:1–108:27.

The increasing adoption of 3D printing in many safety and mission critical applications exposes 3D printers to a variety of cyber attacks that may result in catastrophic consequences if the printing process is compromised. For example, the mechanical properties (e.g., physical strength, thermal resistance, dimensional stability) of 3D printed objects could be significantly affected and degraded if a simple printing setting is maliciously changed. To address this challenge, this study proposes a model-free real-time online process monitoring approach that is capable of detecting and defending against the cyber-physical attacks on the firmwares of 3D printers. Specifically, we explore the potential attacks and consequences of four key printing attributes (including infill path, printing speed, layer thickness, and fan speed) and then formulate the attack models. Based on the intrinsic relation between the printing attributes and the physical observations, our defense model is established by systematically analyzing the multi-faceted, real-time measurement collected from the accelerometer, magnetometer and camera. The Kalman filter and Canny filter are used to map and estimate three aforementioned critical toolpath information that might affect the printing quality. Mel-frequency Cepstrum Coefficients are used to extract features for fan speed estimation. Experimental results show that, for a complex 3D printed design, our method can achieve 4% Hausdorff distance compared with the model dimension for infill path estimate, 6.07% Mean Absolute Percentage Error (MAPE) for speed estimate, 9.57% MAPE for layer thickness estimate, and 96.8% accuracy for fan speed identification. Our study demonstrates that, this new approach can effectively defend against the cyber-physical attacks on 3D printers and 3D printing process.

Gu, Zhaoyu, Wang, Wei, Wang, Guoyu.  2016.  HRRP Reconstruction of Sub-Nyquist Sampled Chirp Signals with CS-based Dechirping. Proceedings of the 8th International Conference on Signal Processing Systems. :123–126.

Benefiting bythe large time-bandwidth product, chirp signals arefrequentlyadopted in modern radars. In this paper, the influence on thehigh-resolution range profile (HRRP) reconstruction of chirp waveform after sub-Nyquist sampling is investigated, where the (compressive sensing) CS-based dechirpingalgorithms are applied to achieve the range compression of the sub-Nyquist sampled chirp signals. The conditions that the HRRP can be recovered from the sub-Nyquist sampled chirp signals via CS-based dechirping are addressed. The simulated echoes, formed by the sub-Nyquist sampled chirp signals and scattered by moving targets, are collected by radars to yieldthe high-resolution range profile (HRRP) which validate the correctness of the analyses.

Q
Qiu, Shuo, Wang, Boyang, Li, Ming, Victors, Jesse, Liu, Jiqiang, Shi, Yanfeng, Wang, Wei.  2016.  Fast, Private and Verifiable: Server-aided Approximate Similarity Computation over Large-Scale Datasets. Proceedings of the 4th ACM International Workshop on Security in Cloud Computing. :29–36.

Computing similarity, especially Jaccard Similarity, between two datasets is a fundamental building block in big data analytics, and extensive applications including genome matching, plagiarism detection, social networking, etc. The increasing user privacy concerns over the release of has sensitive data have made it desirable and necessary for two users to evaluate Jaccard Similarity over their datasets in a privacy-preserving manner. In this paper, we propose two efficient and secure protocols to compute the Jaccard Similarity of two users' private sets with the help of an unfully-trusted server. Specifically, in order to boost the efficiency, we leverage Minhashing algorithm on encrypted data, where the output of our protocols is guaranteed to be a close approximation of the exact value. In both protocols, only an approximate similarity result is leaked to the server and users. The first protocol is secure against a semi-honest server, while the second protocol, with a novel consistency-check mechanism, further achieves result verifiability against a malicious server who cheats in the executions. Experimental results show that our first protocol computes an approximate Jaccard Similarity of two billion-element sets within only 6 minutes (under 256-bit security in parallel mode). To the best of our knowledge, our consistency-check mechanism represents the very first work to realize an efficient verification particularly on approximate similarity computation.

S
Shen, Weiguo, Wang, Wei.  2018.  Node Identification in Wireless Network Based on Convolutional Neural Network. 2018 14th International Conference on Computational Intelligence and Security (CIS). :238—241.
Aiming at the problem of node identification in wireless networks, a method of node identification based on deep learning is proposed, which starts with the tiny features of nodes in radiofrequency layer. Firstly, in order to cut down the computational complexity, Principal Component Analysis is used to reduce the dimension of node sample data. Secondly, a convolution neural network containing two hidden layers is designed to extract local features of the preprocessed data. Stochastic gradient descent method is used to optimize the parameters, and the Softmax Model is used to determine the output label. Finally, the effectiveness of the method is verified by experiments on practical wireless ad-hoc network.
Sheng, Mingren, Liu, Hongri, Yang, Xu, Wang, Wei, Huang, Junheng, Wang, Bailing.  2020.  Network Security Situation Prediction in Software Defined Networking Data Plane. 2020 IEEE International Conference on Advances in Electrical Engineering and Computer Applications( AEECA). :475–479.
Software-Defined Networking (SDN) simplifies network management by separating the control plane from the data forwarding plane. However, the plane separation technology introduces many new loopholes in the SDN data plane. In order to facilitate taking proactive measures to reduce the damage degree of network security events, this paper proposes a security situation prediction method based on particle swarm optimization algorithm and long-short-term memory neural network for network security events on the SDN data plane. According to the statistical information of the security incident, the analytic hierarchy process is used to calculate the SDN data plane security situation risk value. Then use the historical data of the security situation risk value to build an artificial neural network prediction model. Finally, a prediction model is used to predict the future security situation risk value. Experiments show that this method has good prediction accuracy and stability.
W
Wang, Wei, Yang, Lin, Zhang, Qian.  2016.  Touch-and-guard: Secure Pairing Through Hand Resonance. Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing. :670–681.

Securely pairing wearables with another device is the key to many promising applications, such as mobile payment, sensitive data transfer and secure interactions with smart home devices. This paper presents Touch-And-Guard (TAG), a system that uses hand touch as an intuitive manner to establish a secure connection between a wristband wearable and the touched device. It generates secret bits from hand resonant properties, which are obtained using accelerometers and vibration motors. The extracted secret bits are used by both sides to authenticate each other and then communicate confidentially. The ubiquity of accelerometers and motors presents an immediate market for our system. We demonstrate the feasibility of our system using an experimental prototype and conduct experiments involving 12 participants with 1440 trials. The results indicate that we can generate secret bits at a rate of 7.84 bit/s, which is 58% faster than conventional text input PIN authentication. We also show that our system is resistant to acoustic eavesdroppers in proximity.

Wang, Wei, Zhang, Guidong, Shen, Yongjun.  2018.  A CP-ABE Scheme Supporting Attribute Revocation and Policy Hiding in Outsourced Environment. 2018 IEEE 9th International Conference on Software Engineering and Service Science (ICSESS). :96—99.
Aiming at the increasing popularity of mobile terminals, a CP-ABE scheme adapted to lightweight decryption at the mobile end is proposed. The scheme has the function of supporting timely attributes revocation and policy hiding. Firstly, we will introduce the related knowledge of attribute base encryption. After that, we will give a specific CP-ABE solution. Finally, in the part of the algorithm analysis, we will give analysis performance and related security, and compare this algorithm with other algorithms.
Wu, Hao, Mao, Jiangyun, Sun, Weiwei, Zheng, Baihua, Zhang, Hanyuan, Chen, Ziyang, Wang, Wei.  2016.  Probabilistic Robust Route Recovery with Spatio-Temporal Dynamics. Proceedings of the 22Nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. :1915–1924.

Vehicle trajectories are one of the most important data in location-based services. The quality of trajectories directly affects the services. However, in the real applications, trajectory data are not always sampled densely. In this paper, we study the problem of recovering the entire route between two distant consecutive locations in a trajectory. Most existing works solve the problem without using those informative historical data or solve it in an empirical way. We claim that a data-driven and probabilistic approach is actually more suitable as long as data sparsity can be well handled. We propose a novel route recovery system in a fully probabilistic way which incorporates both temporal and spatial dynamics and addresses all the data sparsity problem introduced by the probabilistic method. It outperforms the existing works with a high accuracy (over 80%) and shows a strong robustness even when the length of routes to be recovered is very long (about 30 road segments) or the data is very sparse.

Wu, Siyan, Tong, Xiaojun, Wang, Wei, Xin, Guodong, Wang, Bailing, Zhou, Qi.  2018.  Website Defacements Detection Based on Support Vector Machine Classification Method. Proceedings of the 2018 International Conference on Computing and Data Engineering. :62–66.
Website defacements can inflict significant harm on the website owner through the loss of reputation, the loss of money, or the leakage of information. Due to the complexity and diversity of all kinds of web application systems, especially a lack of necessary security maintenance, website defacements increased year by year. In this paper, we focus on detecting whether the website has been defaced by extracting website features and website embedded trojan features. We use three kinds of classification learning algorithms which include Gradient Boosting Decision Tree (GBDT), Random Forest (RF) and Support Vector Machine (SVM) to do the classification experiments, and experimental results show that Support Vector Machine classifier performed better than two other classifiers. It can achieve an overall accuracy of 95%-96% in detecting website defacements.
X
Xu, Peng, Li, Jingnan, Wang, Wei, Jin, Hai.  2016.  Anonymous Identity-Based Broadcast Encryption with Constant Decryption Complexity and Strong Security. Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. :223–233.

Anonymous Identity-Based Broadcast Encryption (AIBBE) allows a sender to broadcast a ciphertext to multi-receivers, and keeps receivers' anonymity. The existing AIBBE schemes fail to achieve efficient decryption or strong security, like the constant decryption complexity, the security under the adaptive attack, or the security in the standard model. Hence, we propose two new AIBBE schemes to overcome the drawbacks of previous schemes in the state-of-art. The biggest contribution in our work is the proposed AIBBE scheme with constant decryption complexity and the provable security under the adaptive attack in the standard model. This scheme should be the first one to obtain advantages in all above mentioned aspects, and has sufficient contribution in theory due to its strong security. We also propose another AIBBE scheme in the Random Oracle (RO) model, which is of sufficient interest in practice due to our experiment.

Xu, Peng, Xu, Jun, Wang, Wei, Jin, Hai, Susilo, Willy, Zou, Deqing.  2016.  Generally Hybrid Proxy Re-Encryption: A Secure Data Sharing Among Cryptographic Clouds. Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. :913–918.

Proxy Re-Encryption (PRE) is a favorable primitive to realize a cryptographic cloud with secure and flexible data sharing mechanism. A number of PRE schemes with versatile capabilities have been proposed for different applications. The secure data sharing can be internally achieved in each PRE scheme. But no previous work can guarantee the secure data sharing among different PRE schemes in a general manner. Moreover, it is challenging to solve this problem due to huge differences among the existing PRE schemes in their algebraic systems and public-key types. To solve this problem more generally, this paper uniforms the definitions of the existing PRE and Public Key Encryption (PKE) schemes, and further uniforms their security definitions. Then taking any uniformly defined PRE scheme and any uniformly defined PKE scheme as two building blocks, this paper constructs a Generally Hybrid Proxy Re-Encryption (GHPRE) scheme with the idea of temporary public and private keys to achieve secure data sharing between these two underlying schemes. Since PKE is a more general definition than PRE, the proposed GHPRE scheme also is workable between any two PRE schemes. Moreover, the proposed GHPRE scheme can be transparently deployed even if the underlying PRE schemes are implementing.

Xu, Peng, Li, Jingnan, Wang, Wei, Jin, Hai.  2016.  Anonymous Identity-Based Broadcast Encryption with Constant Decryption Complexity and Strong Security. Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. :223–233.
Anonymous Identity-Based Broadcast Encryption (AIBBE) allows a sender to broadcast a ciphertext to multi-receivers, and keeps receivers' anonymity. The existing AIBBE schemes fail to achieve efficient decryption or strong security, like the constant decryption complexity, the security under the adaptive attack, or the security in the standard model. Hence, we propose two new AIBBE schemes to overcome the drawbacks of previous schemes in the state-of-art. The biggest contribution in our work is the proposed AIBBE scheme with constant decryption complexity and the provable security under the adaptive attack in the standard model. This scheme should be the first one to obtain advantages in all above mentioned aspects, and has sufficient contribution in theory due to its strong security. We also propose another AIBBE scheme in the Random Oracle (RO) model, which is of sufficient interest in practice due to our experiment.
Xuan, Shichang, Wang, Huanhong, Gao, Duo, Chung, Ilyong, Wang, Wei, Yang, Wu.  2019.  Network Penetration Identification Method Based on Interactive Behavior Analysis. 2019 Seventh International Conference on Advanced Cloud and Big Data (CBD). :210–215.

The Internet has gradually penetrated into the national economy, politics, culture, military, education and other fields. Due to its openness, interconnectivity and other characteristics, the Internet is vulnerable to all kinds of malicious attacks. The research uses a honeynet to collect attacker information, and proposes a network penetration recognition technology based on interactive behavior analysis. Using Sebek technology to capture the attacker's keystroke record, time series modeling of the keystroke sequences of the interaction behavior is proposed, using a Recurrent Neural Network. The attack recognition method is constructed by using Long Short-Term Memory that solves the problem of gradient disappearance, gradient explosion and long-term memory shortage in ordinary Recurrent Neural Network. Finally, the experiment verifies that the short-short time memory network has a high accuracy rate for the recognition of penetration attacks.

Y
Yu, Wenchao, Zheng, Cheng, Cheng, Wei, Aggarwal, Charu C., Song, Dongjin, Zong, Bo, Chen, Haifeng, Wang, Wei.  2018.  Learning Deep Network Representations with Adversarially Regularized Autoencoders. Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. :2663-2671.

The problem of network representation learning, also known as network embedding, arises in many machine learning tasks assuming that there exist a small number of variabilities in the vertex representations which can capture the "semantics" of the original network structure. Most existing network embedding models, with shallow or deep architectures, learn vertex representations from the sampled vertex sequences such that the low-dimensional embeddings preserve the locality property and/or global reconstruction capability. The resultant representations, however, are difficult for model generalization due to the intrinsic sparsity of sampled sequences from the input network. As such, an ideal approach to address the problem is to generate vertex representations by learning a probability density function over the sampled sequences. However, in many cases, such a distribution in a low-dimensional manifold may not always have an analytic form. In this study, we propose to learn the network representations with adversarially regularized autoencoders (NetRA). NetRA learns smoothly regularized vertex representations that well capture the network structure through jointly considering both locality-preserving and global reconstruction constraints. The joint inference is encapsulated in a generative adversarial training process to circumvent the requirement of an explicit prior distribution, and thus obtains better generalization performance. We demonstrate empirically how well key properties of the network structure are captured and the effectiveness of NetRA on a variety of tasks, including network reconstruction, link prediction, and multi-label classification.

Yu, Wenchao, Cheng, Wei, Aggarwal, Charu C., Zhang, Kai, Chen, Haifeng, Wang, Wei.  2018.  NetWalk: A Flexible Deep Embedding Approach for Anomaly Detection in Dynamic Networks. Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. :2672-2681.

Massive and dynamic networks arise in many practical applications such as social media, security and public health. Given an evolutionary network, it is crucial to detect structural anomalies, such as vertices and edges whose "behaviors'' deviate from underlying majority of the network, in a real-time fashion. Recently, network embedding has proven a powerful tool in learning the low-dimensional representations of vertices in networks that can capture and preserve the network structure. However, most existing network embedding approaches are designed for static networks, and thus may not be perfectly suited for a dynamic environment in which the network representation has to be constantly updated. In this paper, we propose a novel approach, NetWalk, for anomaly detection in dynamic networks by learning network representations which can be updated dynamically as the network evolves. We first encode the vertices of the dynamic network to vector representations by clique embedding, which jointly minimizes the pairwise distance of vertex representations of each walk derived from the dynamic networks, and the deep autoencoder reconstruction error serving as a global regularization. The vector representations can be computed with constant space requirements using reservoir sampling. On the basis of the learned low-dimensional vertex representations, a clustering-based technique is employed to incrementally and dynamically detect network anomalies. Compared with existing approaches, NetWalk has several advantages: 1) the network embedding can be updated dynamically, 2) streaming network nodes and edges can be encoded efficiently with constant memory space usage, 3) flexible to be applied on different types of networks, and 4) network anomalies can be detected in real-time. Extensive experiments on four real datasets demonstrate the effectiveness of NetWalk.