Visible to the public Biblio

Filters: Author is Liu, Feng  [Clear All Filters]
2021-05-13
Zhang, Yaqin, Ma, Duohe, Sun, Xiaoyan, Chen, Kai, Liu, Feng.  2020.  WGT: Thwarting Web Attacks Through Web Gene Tree-based Moving Target Defense. 2020 IEEE International Conference on Web Services (ICWS). :364–371.
Moving target defense (MTD) suggests a game-changing way of enhancing web security by increasing uncertainty and complexity for attackers. A good number of web MTD techniques have been investigated to counter various types of web attacks. However, in most MTD techniques, only fixed attributes of the attack surface are shifted, leaving the rest exploitable by the attackers. Currently, there are few mechanisms to support the whole attack surface movement and solve the partial coverage problem, where only a fraction of the possible attributes shift in the whole attack surface. To address this issue, this paper proposes a Web Gene Tree (WGT) based MTD mechanism. The key point is to extract all potential exploitable key attributes related to vulnerabilities as web genes, and mutate them using various MTD techniques to withstand various attacks. Experimental results indicate that, by randomly shifting web genes and diversely inserting deceptive ones, the proposed WGT mechanism outperforms other existing schemes and can significantly improve the security of web applications.
2020-08-07
Yan, Dingyu, Liu, Feng, Jia, Kun.  2019.  Modeling an Information-Based Advanced Persistent Threat Attack on the Internal Network. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1—7.
An advanced persistent threat (APT) attack is a powerful cyber-weapon aimed at the specific targets in cyberspace. The sophisticated attack techniques, long dwell time and specific objectives make the traditional defense mechanism ineffective. However, most existing studies fail to consider the theoretical modeling of the whole APT attack. In this paper, we mainly establish a theoretical framework to characterize an information-based APT attack on the internal network. In particular, our mathematical framework includes the initial entry model for selecting the entry points and the targeted attack model for studying the intelligence gathering, strategy decision-making, weaponization and lateral movement. Through a series of simulations, we find the optimal candidate nodes in the initial entry model, observe the dynamic change of the targeted attack model and verify the characteristics of the APT attack.
2017-09-27
Xu, Yanli, Jiang, Shengming, Liu, Feng.  2016.  A LTE-based Communication Architecture for Coastal Networks. Proceedings of the 11th ACM International Conference on Underwater Networks & Systems. :6:1–6:2.
Currently, the coastal communication is mainly provided by satellite networks, which are expensive with low transmission rate and unable to support underwater communication efficiently. In this work, we propose a communication architecture for coastal network based on long term evolution (LTE) cellular networks in which a cellular network architecture is designed for the maritime communication scenario. Some key technologies of next-generation cellular networks such as device-to-device (D2D) and multiple input multiple output (MIMO) are integrated into the proposed architecture to support more efficient data transmission. In addition, over-water nodes aid the transmission of underwater network to improve the communication quality. With the proposed communication architecture, the coastal network can provide high-quality communication service to traffics with different quality-of-service (QoS) requirements.