I am interested in applying rigorous models and formal methods, for example, Markov Models, Graph Theory, Crytprography, to model, analyze and eventually solve fundamental security problems in computer networks, RIAs, and emerging communications and networking technologies.
- Guest editor: IJAACS Special issue on Security, Trust and Privacy in DTN and Vehicular Communications, Wiley's Journal on Security and Communication Networks, Special issue on Security and Privacy Preservation in Vehicular Ad hoc NETworks
- General Co-Chair: SECUBIQ 2007
- Program Co-Chair: TSP-10
- Publicity Co-Chair: The Fifth International Symposium on Smart Home (SH 2010), VCNA 2009
- Workshop chairs: DASC 2009
- TPC:
- ICC 2010, WCNC 2010
- CloudCom 2009, TrustCom 2009, ICUT 2009, ICEBE 2009, PDCAT 2009, ICA-IN-WIRELESS 2009, Globecom 2009, TSP 2009, ARES-PSAI 2009/2008, WLN 2009/2008,
- ATC 2008, SHPCS'08, WCNC2008, WSAN 200
- SSNDS-07, Ubisafe-07
-
Reviewer:
-
Journals- IEEE Trans. on SMC-A/B, IEEE Trans. on Reliability, IEEE Trans.on Computers, Pattern Recognition Letters, International Journal of Network Security, Security and Communication Networks, Journal of Parallel and Distributed Computing, Journal of supercomputing, Frontier of Chinese Journal...
-
Conferences- DSN-DCCS 2009, ARES-PSAI2008, ICC2008, WCNC2008, SRDS2007, WLAN2007, SSNDS-07, Ubisafe-07, ICPADS2006, PDCAT2005, DSN2005-2007, GCC2005-2007, NPC2005, ICCSA2006, GlobeCom 2007, ICC2007, etc.
Presentations
- Towards an Evaluation Framework for Reputation Systems in Autonomic Computing Networks, @ ChinaCom 2009, Xi'an, China, Aug. 28, 2009.
- On Achieving Cost-sensitive Anomaly Detection and Response in MANET, @ ICC 2009, Dresden, Germany, June 2009.
- Owning botnet by a rational botmaster, @ INSCRYPT 2008, Beijing, China, Dec. 2008.
-
A Holistic Methodology for Achieving Network Security: from Anomaly Detection to Security Evaluation, @Tokyo Denki University, Japan, May. 2008.
-
Boosting Markov Reward Models for Probabilistic Security Evaluation By Characterizing Behaviors of Attacker and Defender, @ ARES 2008, Barcelona, Spain, Mar. 2008.
-
A Holistic Methodology for Achieving Network Security: from Anomaly Detection to Security Evaluation, @ DIES group, University of Twente, The Netherlands, Feb. 2008.
-
Reputation-Based Anomaly Detection and Failure Curse Analysis in Wireless Mesh Networks, @ INRIA Futurs POPS group, France, July 2007.
-
Observation-Centric Anomaly-Based Intrusion Detection: Modeling, Analysis, and Evaluation, @ BBCR Group, ECE Dept., University of Waterloo, Canada, July 2006
-
A Brief Comparative Study on Analytical Models of Computer System Dependability and Security, @ the 6th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT'05), China, Dec. 2005.
-
Constructing Multi-Layered Boundary to Defend Against Intrusive Anomalies: An Autonomic Detection Coordinator, @the International Conference on Dependable Systems and Networks (DSN2005), Yokohama, Japan, June 2005.
-
Dynamic Combination of Multiple Host-based Anomaly Detectors with Broader Detection Coverage and Less False Alerts, @ the 4th International Conference on Networking (ICN'05), Reunion Island, France, Apr. 2005.
-
A Brief Observation-Centric Analysis on Anomaly-based Intrusion Detection, @the First Information Security Practice and Experience Conference, (ISPEC2005), Singapore, Apr. 2005.
-
Online Training of SVMs for Real-time Intrusion Detection, @ the 18th IEEE Int. Conf. on Advanced Information Networking and Applications (18th~AINA), Fukuoka, Japan, Mar. 2004.
Projects
- Towards evolvable and traceable anomaly detection and response for autonomic computing networks, [2008.07~2009.03, SRC-NICT Nano Fund, Japan], Principle Investigator
- Root cause analysis of malware-driven anomalies in computer networks, [2008.04~present, NICT, Japan], Participator
- Cross-layer design for security in MANETs [2006.07~2008.03, INRIA Lille-Nord Europe], Participator
- Anomaly-based intrusion detection and network forensics [2006.06~2007.06, University of Waterloo, Canada], Participator
- Design and development of adaptive anomaly-based intrusion detection techniques [2003.04~2006.05, GRP and COE projects, Japan Advanced Institute of Science and Technology, Japan], Participator
- Security evaluation of Information Systems, genetic programming and its application to traffic control systems [2000.07~2003.03, Xidian University, China], Participator
Past research: snapshot
- A Decision-Theoretical framework for achieving cost-sensitive anomaly detection and response in autonomic computing environment [Proc. of IEEE IWCMC 2008, Proc. of IEEE ICC'09 ]
- RADAR: a reputation-based anomaly detection system for automated troubleshooting in MANETs [Proc. of IEEE WCNC2008]
- A model-based approach to characterizing the interactive behaviors of attacker and defender for probability security evaluation and cost-sensitive risk management [Proc. of ARES2008, Proc. of ACM SAC2008]
- Measuring intrusion impacts for rational response [Elsevier Journal of Computers & Security, Proc. of ChinaCom2007]
- JANUS: a two-sided analytical model for multi-stage coordinated attacks in cyberspace [JNCA, Proc. of ICISC2006]
- M-AID: a middleware for bridging fine-grained IDS sensor alerts and higher-level response policies [ACM TAAS], subsumes two major parts:
- ADC: an autonomic coordinator for correlating a number of light-weight parametric anomaly detectors that have different detection coverage and blind spots [IEICE Trans. on INFO. and SYS., Proc. of IEEE/IFIP DSN2005]
- A statistical framework for the design of observation-centric anomaly detectors [Int. Journal of Network Security, LNCS3439 - Proc. of ISPEC2005]
- Three variants of SVM-based adaptive anomaly detectors [Elsevier Journal of Computer Communications, Proc. of AINA2004]
- Security evaluation on C^3 I systems
- Genetic algorithms/Genetic programming and their applications to traffic control systems
|
|