Visible to the public Biblio

Filters: Author is Han, Rui  [Clear All Filters]
Conference Paper
Zuo, Xiaojiang, Wang, Xiao, Han, Rui.  2022.  An Empirical Analysis of CAPTCHA Image Design Choices in Cloud Services. IEEE INFOCOM 2022 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :1–6.
Cloud service uses CAPTCHA to protect itself from malicious programs. With the explosive development of AI technology and the emergency of third-party recognition services, the factors that influence CAPTCHA’s security are going to be more complex. In such a situation, evaluating the security of mainstream CAPTCHAs in cloud services is helpful to guide better CAPTCHA design choices for providers. In this paper, we evaluate and analyze the security of 6 mainstream CAPTCHA image designs in public cloud services. According to the evaluation results, we made some suggestions of CAPTCHA image design choices to cloud service providers. In addition, we particularly discussed the CAPTCHA images adopted by Facebook and Twitter. The evaluations are separated into two stages: (i) using AI techniques alone; (ii) using both AI techniques and third-party services. The former is based on open source models; the latter is conducted under our proposed framework: CAPTCHAMix.
Han, Rui, Du, Liping, Liu, Tao, Chen, Yueyun.  2017.  SVM-GA Based Method for Estimation of a Large Number of Primary Users in Mobile Cognitive Radio Networks. Proceedings of the 3rd International Conference on Communication and Information Processing. :311–315.

In cognitive radio networks with mobile terminals, it is not enough for spectrum sensing only to determine whether primary user (PU) occupy the spectrum band. Sometimes we also want to know more priori information, such as, the number of PUs, which can help to estimate its carrier frequency, direction of arrival, and location. In this paper, a machine learning based method is proposed to estimate a large number of primary users. In the proposed method, support vector machine (SVM) is used to achieve the number of primary users while genetic algorithm (GA) is to optimize the parameters of SVM kernel. The first class feature of SVM is the ratio of the element sum and the trace of sample covariance matrix, and the second class feature is the mean of Gerschgorin radii. The simulation results show that our proposed SVM-GA algorithm has higher accuracy than SVM.

Sun, Pengfei, Han, Rui, Zhang, Mingbo, Zonouz, Saman.  2016.  Trace-free Memory Data Structure Forensics via Past Inference and Future Speculations. Proceedings of the 32Nd Annual Conference on Computer Security Applications. :570–582.

A yet-to-be-solved but very vital problem in forensics analysis is accurate memory dump data type reverse engineering where the target process is not a priori specified and could be any of the running processes within the system. We present ReViver, a lightweight system-wide solution that extracts data type information from the memory dump without its past execution traces. ReViver constructs the dump's accurate data structure layout through collection of statistical information about possible past traces, forensics inspection of the present memory dump, and speculative investigation of potential future executions of the suspended process. First, ReViver analyzes a heavily instrumented set of execution paths of the same executable that end in the same state of the memory dump (the eip and call stack), and collects statistical information the potential data structure instances on the captured dump. Second, ReViver uses the statistical information and performs a word-byword data type forensics inspection of the captured memory dump. Finally, ReViver revives the dump's execution and explores its potential future execution paths symbolically. ReViver traces the executions including library/system calls for their known argument/return data types, and performs backward taint analysis to mark the dump bytes with relevant data type information. ReViver's experimental results on real-world applications are very promising (98.1%), and show that ReViver improves the accuracy of the past trace-free memory forensics solutions significantly while maintaining a negligible runtime performance overhead (1.8%).