Cyber Security Lab Publications
[2023][22]
[21] [20][19][18][17][16][15][14][13][12][11][10][09] [08 | 07 | 06 | 05 | 04
| 03 | 02 | 01 | 00 | 99]
|
|
2024
|
|
(arXiv preprint)
A LLM workflow for identifying user privilege
related variables
|
Haizhou Wang,
Zhilong Wang, Peng Liu, A Hybrid LLM Workflow Can Help Identify User
Privilege Related Variables in Programs of Any Size. https://arxiv.org/abs/2403.15723 March 23, 2024. |
(arXiv preprint)
|
Zhilong Wang, Haizhou Wang, Nanqing Luo, Lan
Zhang, Xiaoyan Sun, Yebo Cao, Peng Liu, Hide Your Malicious Goal Into Benign
Narratives: Jailbreak Large Language Models through Neural Carrier Articles,
https://arxiv.org/pdf/2408.11182 August 21, 2024 |
(arXiv preprint)
AI agent for cyber threat intelligence analysis
|
P. Tseng, et al.,
Using LLMs to Automate Threat Intelligence Analysis Workflows in Security
Operation Center, https://arxiv.org/abs/2407.13093 July 2024 |
(arXiv preprint)
`Stop Using My Data right
|
F. Zhang, P. Liu,
Protecting the 'Stop Using My Data' Right through Blockchain-assisted
Evidence Generation. http://arxiv.org/abs/2406.17694 June 25, 2024. |
Runtime Certification for
Smart Contracts
|
NS Bjψrner, AJ
Chen, S Chen, Y Chen, Z Guo, TH Hsu, P Liu, N. Luo,
Theorem-Carrying-Transaction: Runtime Certification to Ensure Safety for
Smart Contract Transactions. arXiv preprint
arXiv:2408.06478, 2024. |
NDSS
|
Fannv
He, et al., Maginot Line: Assessing a New Cross-app Threat to PII-as-Factor
Authentication in Chinese Mobile Apps, NDSS, 2024. |
ICML Oral
|
Songtao
Liu, Hanjun Dai, Yue Zhao, Peng Liu, Controllable
Molecule Synthesis with Residual Energy-based Model, ICML, 2024. |
IEEE Transactions on Computers
|
W. Song, Z. Xue, J. Han, Z. Li, P. Liu,
Randomizing Set-Associative Caches Against Conflict-Based Cache Side-Channel
Attacks, IEEE Transactions on Computers, 2024 (accepted). |
TDSC
|
Y. Yang, et al., Sharing can be
Threatening: Uncovering Security Flaws of RBAC Model on Smart Home
Platforms, IEEE TDSC, 2024. (Accepted) |
IEEE Transactions on Computers
|
W. Song, et al., A Parallel Tag Cache for
Hardware Managed Tagged Memory in Multicore Processors, IEEE Transactions
on Computers, 2024 (accepted). |
IEEE IoT Journal
|
Y. Yang, et al., Uncovering Access Token
Security Flaws in Multi-user Scenario of Smart Home Platforms, IEEE IoT
Journal, 2024 (accepted). |
IEEE Security & Privacy Magazine
|
Mustafa Abdallah, Saurabh Bagchi, Shaunak
Bopardikar, Kevin Chan, Xing Gao, Murat Kantarcioglu, Congmiao Li, Peng Liu,
Quanyan Zhu, Game Theory in Distributed Systems Security: Foundations,
Challenges, and Future Directions, IEEE Security & Privacy, 2024.
(Accepted) |
Pattern
Recognition
|
Hui Liu, et al., A Lightweight
Unsupervised Adversarial Detector Based on Autoencoder and Isolation Forest,
Pattern Recognition (Elsevier), 2024. |
IEEE Computer
|
Q. Zou, L. Zhang, X. Sun, A. Singhal, P.
Liu, Using Explainable AI for Neural Network Based Network Attack
Detection, IEEE Computer Magazine, 2024. |
Survey on membership inference
|
J Niu, P Liu, X Zhu, K Shen, Y Wang, H Chi,
Y Shen, X Jiang, J Ma, Y Zhang, A Survey on Membership Inference Attacks and
Defenses in Machine Learning, (Elsevier) Journal of Information and
Intelligence, 2024. |
J. of Info and Intelligence
|
J. Niu, et al., Dual Defense: Combining
Preemptive Exclusion of Members and Knowledge Distillation to Mitigate
Membership Inference Attacks, (Elsevier) Journal of Information and
Intelligence, 2024. |
Workshop
|
L. Zhang, Q. Zou, A. Singhal, X. Sun, P.
Liu, Evaluating Large Language Models for Real-World Vulnerability Repair in
C/C++ Code, ACM IWSPA Workship, 2024. |
Book Chapter
|
P. Liu, Providing Iterative Cybersecurity
Hands-on Learning Experience: Reflections on Teaching Cyber-Defense to Second
Year IT Students, In Jack Carroll (Ed.), Innovative Practices in Teaching
Information Sciences and Technology, Springer Nature, 2024, in press. |
2023 |
|
ISSTA
|
Kai Cheng, et al, Detecting
Vulnerabilities in Linux-based Embedded Firmware with SSE-based On-demand
Alias Analysis, 32nd edition of ACM
ISSTA, 2023 (published). |
ChatGPT for Software Security
|
Z. Wang, L. Zhang, P. Liu, ChatGPT for
Software Security: Exploring the Strengths and Limitations of ChatGPT in the
Security Applications, arXiv preprint, arXiv: 2307.12488,
2023. |
IEEE JESTIE
|
B. Yang, et al., Enhanced Cyber-Attack
Detection in Intelligent Motor Drives: A Transfer Learning Approach with
Convolutional Neural Networks, IEEE Journal of Emerging and Selected
Topics in Industrial Electronics. (Accepted) |
JCS
|
Qingtian Zou, et al., Analysis of Neural Network
Detectors for Network Attacks, Journal of Computer Security, 2023
(accepted). |
IEEE IoT Journal
|
Lingyun
Situ, et al., Physical Devices-Agnostic Hybrid Fuzzing of IoT Firmware, IEEE
IoT Journal, 2023 (accepted). |
Theorem-Carrying Transactions (White Paper)
|
Nikolaj Bjψrner, Shuo Chen, Yang Chen, Zhongxin Guo, Peng Liu, Nanqing Luo, An
Ethereum-compatible Blockchain that Explicates and Ensures Design-level
Safety Properties for Smart Contracts, arXiv preprint, arXiv:2304.08655,
2023. |
SSRN preprint
|
Wang,
Zhilong and Zhang, Lan and Cao, Chen and Liu, Peng, How Does Naming Affect
LLMs on Code Analysis Tasks? (July 24, 2023). Available at SSRN: https://ssrn.com/abstract=4567887 |
arXiv
|
L.
Zhang, C. Cao, Z. Wang, P. Liu, Which Features are Learned by CodeBert: An Empirical Study of the BERT-based Source
Code Representation Learning, arXiv preprint arXiv:2301.08427, 2023. |
arXiv
|
J Niu, X Zhu, M Zeng, G Zhang, Q Zhao, C
Huang, Y Zhang, S An, Y Wang, et al., SoK: Comparing Different Membership
Inference Attacks with a Comprehensive Benchmark, arXiv preprint
arXiv:2307.06123, 2023. |
(arXiv preprint)
Game Theory in Distributed Systems Security
|
Mustafa Abdallah, Saurabh Bagchi, Shaunak
D. Bopardikar, Kevin Chan, Xing Gao, Murat Kantarcioglu, Congmiao Li, Peng
Liu, Quanyan Zhu, Game Theory in Distributed Systems Security: Foundations,
Challenges, and Future Directions, arXiv:2309.01281, September 2023. |
Cybersecurity
|
Haizhou Wang, Anoop Singhal, Peng Liu,
Tackling imbalanced data in cybersecurity with transfer learning: a case
with ROP payload detection, SpringerOpen
Cybersecurity, January 2023. |
Encyclopedia
|
P. Liu, Cyber Situational Awareness, in
Encyclopedia of Cryptography, Security and Privacy, edited by Sushil Jajodia, Pierangela Samarati and Moti Yung, 2023. |
Encyclopedia
|
A. Singhal, P. Liu, Advanced Persistent
Threats, in Encyclopedia of Cryptography, Security and Privacy, edited by
Sushil Jajodia, Pierangela
Samarati and Moti Yung, 2023. |
Poster
|
Chuanyong
Tian, et al., Deanonymization of Bitcoin transactions based on network
traffic analysis with semi-supervised learning, poster, IEEE Symposium on
Security and Privacy, 2023. (Published) |
PhD Thesis
|
Zhilong Wang, DEEP LEARNING FOR
SECURITY-ORIENTED PROGRAM ANALYSIS, College of IST, Penn State, 2023. |
PhD Thesis
|
Lan Zhang, APPLYING MACHINE LEARNING AND
NLP TECHNIQUES TO CYBER SECURITY: THREE SELECTED STUDIES, College of IST,
Penn State, 2023. |
PhD Thesis
|
Wenhui Zhang, Studying the Performance and
Security Trade-offs in Modern Linux Systems, College of IST, Penn State,
2023. |
PhD Thesis
|
Qingtian Zou, Applying Deep Learning to
The Detection of Advanced Persistent Threats, College of IST, Penn State,
2023. |
MS Thesis
|
Rajiv Thummala, Space Worms: On the Threat
of Cyber-ASAT Weaponry to Satellite Constellations, College of IST, Penn
State, March 2023. |
MS Thesis
|
Binchen
Fang, Analysis on AI Methods for Detecting DNS Cache Poisoning Attack,
College of IST, Penn State, November 2023.
|
2022 |
|
Handbook of AI for Cybersecurity use
cases
|
Peng Liu, Tao Liu, Nanqing Luo, Zitong
Shang, Haizhou Wang, Zhilong Wang, Lan Zhang, and Qingtian Zou. AI for Cybersecurity: A Handbook of Use
Cases. 2022.
https://www.amazon.com/gp/product/B09T3123RB, Kindle edition. |
CCS
|
Wei Zhou, Lan Zhang, Le Guan, Peng Liu,
Yuqing Zhang, What Your Firmware Tells You Is Not How You Should Emulate It:
A Specification-Guided Approach for Firmware Emulation, ACM Conference on Computer and
Communications Security (CCS22), 2022. (Accepted) |
ASPLOS
|
Benjamin Reidys,
Peng Liu, Jian Huang, RSSD: Defend Against New Ransomware Attacks with
Efficient Hardware-Assisted Logging and Post-Attack Analysis, To appear in
the Proceedings of the 27th
International Conference on Architectural Support for Programming Languages
and Operating Systems (ASPLOS'22),
2022. (Published) |
Oakland
|
Lei Zhang, K. Lian, H. Xiao, Z. Zhang, P.
Liu, Y. Zhang, M. Yang, H. Duan, Exploit the Last Straw that Breaks Android
System, In Proceedings of the 43rd
IEEE Symposium on Security and Privacy (IEEE S&P 2022), 2022.
(Published) |
USENIX Security
|
S. Zhou, Z. Yang, D. Qiao, P. Liu, M. Yang,
Z. Wang, C. Wu, "Ferry: State-Aware Symbolic Execution for
Exploring State-Dependent
Program Paths," USENIX Security
Symposium, 2022. (Published) |
CCS
|
S. Li, Z. Yang, N. Hua, P. Liu, X. Zhang,
G. Yang, M. Yang, "Collect Responsibly but Deliver Arbitrarily? A Study
on Cross-User Privacy Leakage in Mobile Apps," ACM CCS, 2022.
(Published) |
ICISS
|
Q. Zou, L. Zhang, A. Singhal, X. Sun, P.
Liu, Attacks on ML Systems: From Security Analysis to Attack Mitigation,
ICISS, 2022. (Published) |
iThings
|
D. Rajgarhia, P.
Liu, S. Sural, Identifying Channel Related Vulnerabilities in Zephyr
Firmware, Short Paper, IEEE
International Conference on Internet of Things (iThings-2022), 2022.
(Published) |
ASCEND
|
Rajiv Thummala, Peng Liu, "Exploring
the Applications of Frequency Modulation to Secure CubeSats (Space-Based IoT)
from Eavesdropping, Jamming, and Interference," The 2022 ASCEND
Conference, 2022. (Published) |
arXiv
|
Hui Liu, Bo Zhao, Yuefeng
Peng, Weidong Li, Peng Liu, Towards Understanding and Harnessing the Effect
of Image Transformation in Adversarial Detection, arXiv:2201.01080 |
TDSC
|
Lan Zhang, P. Liu, Y. H. Choi, P. Chen,
Semantics-preserving Reinforcement Learning Attack Against Graph Neural
Networks for Malware Detection, IEEE
TDSC, 2022. (Published) |
TIFS
|
J. Zhou, et al., DeepSyslog:
Deep Anomaly Detection on Syslog Using Sentence Embedding and Metadata, IEEE TIFS, 2022. (Published) |
JCS
|
Q. Zou, A.
Singhal, X. Sun, P. Liu, Deep learning for detecting logic-flaw-exploiting
network attacks: An end-to-end approach, Journal
of Computer Security, 2022. (Published) |
IEEE IoT Journal
|
He, Xixun; Yang, Yiyu; Zhou, Wei; Wang, Wenjie; Liu, Peng; Zhang, Yuqing,
Fingerprinting Mainstream IoT Platforms Using Traffic Analysis, IEEE Internet of Things Journal, 2022.
(Published) |
Information Sciences
|
H. Liu, B. Zhao, M. Ji, M. Li, P. Liu, GreedyFool: Multi-Factor Imperceptibility and Its
Application to Designing a Black-box Adversarial Attack, (Elsevier) Information Sciences, 2022.
(Published) |
IEEE Trans. on Big Data
|
Y. Zhang, J. Wang, H. Huang, Y. Zhang, P.
Liu, Understanding and Conquering the Difficulties in Identifying Third-party
Libraries from Millions of Android Apps, IEEE
Transactions on Big Data, Vol. 8, No. 1, 2022. |
IEEE Access
|
SEOK-HWAN CHOI, JINMYEONG SHIN, PENG LIU,
YOON-HO CHOI, "ARGAN: Adversarially Robust
Generative Adversarial Networks for Deep Neural Networks against Adversarial
Examples," IEEE Access, 2022. (Accepted)
|
Elsevier CEE
|
H. Wang, H. He, W. Zhang, W. Liu, P. Liu,
A. Javadpour, Using honeypots to model botnet
attacks on the internet of medical things, Elsevier Computers and Electrical Engineering Journal, Volume
102, September 2022. (Published) |
Elsevier ASC
|
H. Liu, et al., Feature-Filter: Detecting
Adversarial Examples by Filtering out Recessive Features, Elsevier Applied Soft Computing Journal,
2022. (Published) |
Workshop
|
Gaurav Goyal, Peng Liu and Shamik Sural,
Securing Smart Home IoT Systems with Attribute-Based Access Control, ACM SaT-CPS workshop (in conjunction with CODASPY), 2022.
(Published) |
Workshop
|
M. Gu, et al., "Hierarchical Attention
Network for Interpretable and Fine-Grained Vulnerability Detection,"
IEEE BigSecurity workshop (in conjunction with
INFOCOM), 2022. (Published) |
2021 |
|
arXiv
|
Z. Wang, H. Wang, H. Hu, P. Liu, Identifying
Non-Control Security-Critical Data in Program Binaries with a Deep Neural
Model, arXiv preprint arXiv:2108.12071 |
arXiv
|
Zhilong Wang, Li Yu, Suhang
Wang, Peng Liu, Spotting Silent Buffer Overflows in Execution Trace through
Graph Neural Network Assisted Data Flow Analysis, arXiv preprint
arXiv:2102.10452 |
arXiv
|
A
Oseni, N Moustafa, H Janicke, P Liu, Z Tari, A Vasilakos, Security and
privacy for artificial intelligence: Opportunities and challenges, arXiv
preprint arXiv:2102.04661, 2021. |
arXiv
|
H. Wang, P. Liu, Tackling Imbalanced Data
in Cybersecurity with Transfer Learning: A Case with ROP Payload Detection,
arXiv preprint arXiv:2105.02996 |
arXiv
|
Wei Song, Jiameng
Ying, Sihao Shen, Boya Li, Hao Ma, Peng Liu, A
Comprehensive and Cross-Platform Test Suite for Memory Safety -- Towards an
Open Framework for Testing Processor Hardware Supported Security Extensions,
arXiv:2111.14072 |
arXiv
|
Kai Cheng, Tao Liu, Le Guan, Peng Liu, Hong
Li, Hongsong Zhu, Limin Sun, Finding Taint-Style
Vulnerabilities in Linux-based Embedded Firmware with SSE-based Alias
Analysis, https://arxiv.org/abs/2109.12209 |
arXiv
|
Hui Liu, Bo Zhao, Minzhi
Ji, Yuefeng Peng, Jiabao Guo, Peng Liu,
Feature-Filter: Detecting Adversarial Examples through Filtering off
Recessive Features, https://arxiv.org/abs/2107.09502
|
USENIX Security
|
Wei Zhou, Le Guan, Peng Liu, Yuqing Zhang,
Automatic Firmware Emulation through Invalidity-guided Knowledge Inference,
Proc. 30th USENIX Security Symposium,
2021. |
Oakland
|
W. Song, B. Li, Z. Xue, Z. Li, W. Wang, P.
Liu, Randomized Last-Level Caches Are Still Vulnerable to Cache Side-Channel
Attacks! But We Can Fix It, In Proceedings
of the 42nd IEEE Symposium on Security and Privacy (IEEE S&P 2021),
San Francisco, CA, 2021. |
ACSAC
|
D. Fang, Z. Song, L. Guan, Puzhuo Liu, A. Peng, K. Cheng, Y. Zheng, P. Liu, H. Zhu,
L. Sun, ICS3Fuzzer: A Framework for Discovering Protocol Implementation Bugs
in ICS Supervisory Software by Fuzzing, ACSAC,
2021. (Accepted) |
AsiaCCS
|
W. Zhang, P.
Liu, T. Jaeger, Analyzing the Overhead of File Protection by Linux Security
Modules, The ACM Asia Conference on
Computer and Communications Security, 2021. |
AsiaCCS
|
Lun-Pin Yuan, Peng Liu, Sencun
Zhu, Recompose Event Sequences vs. Predict Next Events: A Novel Anomaly
Detection Approach for Discrete Event Logs, The ACM Asia Conference on Computer and Communications Security,
2021. |
DBSEC
|
Q Zou, A Singhal,
X Sun, P Liu, Deep Learning for Detecting Network Attacks: An End-to-End
Approach, Proc. IFIP Annual Conference
on Data and Applications Security and Privacy, short paper, 2021. |
SpringerOpen
Cybersecurity (Feature article)
|
Zhilong Wang,
Peng Liu. GPT Conjecture: Understanding the Trade-offs between Granularity,
Performance and Timeliness in Control-Flow Integrity, Cybersecurity, 2021. |
TIFS
|
Z. Hu, P.
Chen, M. Zhu, P. Liu, A co-design adaptive defense scheme with bounded
security damages against Heartbleed-like attacks, IEEE Transactions on Information Forensics and Security, 2021.
(Accepted) |
IEEE IoT Journal
|
Wei Zhou, Chen Cao, Dongdong
Huo, Kai Cheng, Lan Zhang, Le Guan, Tao Liu, Yan Jia, Yaowen
Zheng, Yuqing Zhang, Limin Sun, Yazhe Wang, Peng
Liu, Reviewing IoT Security via Logic Bugs in IoT Platforms and Systems, IEEE Internet of Things Journal, 2021.
|
TDSC
|
S. Jia, et al., MDEFTL: Incorporating
Multi-Snapshot Plausible Deniability into Flash Translation Layer, IEEE Transactions on Dependable and Secure
Computing. (Accepted) |
IEEE IoT Journal
|
H. Wang, et al., An Evolutionary Study of
IoT Malware, IEEE Internet of Things
Journal, 2021. (Accepted) |
IEEE TC
|
L. Zhao, P. Li,
R. Hou, M. Huang, P. Liu, L. Zhang, D. Meng, Exploiting Security Dependence
for Conditional Speculation against Spectre
Attacks, IEEE Transactions on
Computers, 2021, published. |
JSA
|
D. Huo, et al., Commercial Hypervisor-based
Task Sandboxing Mechanisms Are Unsecured? But We Can Fix It! Journal of Systems Architecture, 2021.
(Accepted) |
JCST
|
L. Situ, et al., Vulnerable Region-Aware Greybox Fuzzing, Journal
of Computer Science and Technology, 2021, published. |
PhD Dissertation
|
Sadegh Farhang, Organizations security
management in different problem domains: Empirical Evidence and
game-theoretic modeling, PhD Dissertation, Penn State University, 2021. |
PhD Dissertation
|
Lun-Pin Yuan, Towards Designing Accurate
Detection Methods for Emerging Cyber Threats, PhD Dissertation, Penn State
University, 2021. |
2020 |
|
arXiv
|
Q. Zou, A. Singhal, X. Sun, P. Liu,
Generating Comprehensive Data with Protocol Fuzzing for Applying Deep
Learning to Detect Network Attacks, https://arxiv.org/abs/2012.12743,
2020. |
arXiv
|
Lan Zhang, Peng Liu, Yoon-Ho Choi, Semantic-preserving
Reinforcement Learning Attack against Graph Neural Networks for Malware
Detection, https://arxiv.org/abs/2009.05602,
2020. |
arXiv
|
Lun-Pin Yuan, Peng Liu, Sencun
Zhu, Recomposition vs. Prediction: A Novel Anomaly
Detection for Discrete Events Based on Autoencoder, |
ACSAC
|
Chen Cao*, Le Guan*, Jiang Ming, Peng Liu,
Device-agnostic Firmware Execution is Possible: A Concolic Execution
Approach for Peripheral Emulation, ACSAC 2020, published. (*equal
contribution) |
Oakland
|
Feng Xiao, Jinquan
Zhang, Jianwei Huang, Guofei Gu, Dinghao Wu, Peng Liu, Unexpected Data Dependency
Creation and Chaining: A New Attack to SDN, In Proceedings of the 41st IEEE Symposium on Security and Privacy (IEEE
S&P 2020), San Francisco, CA, May 18-20, 2020, published. |
WWW
|
S. Farhang, M. B. Kirdan, A. Laszka, and J. Grossklags, An
Empirical Study of Android Security Bulletins in Different Vendors, WWW
2020, published. |
RAID
|
Y. He, Y. Xu, X. Jia, S. Zhang, P. Liu, S.
Chang, EnclavePDP: A General Framework to Verify
Data Integrity in Cloud Using Intel SGX, RAID 2020, published. |
American Control Conference
|
H. Kim, et al., On Data-driven
Attack-resilient Gaussian Process Regression for Dynamic Systems, ACC 2020.
|
TrustCom
|
Chen Tian, Yazhe Wang, Peng
Liu, Yu Wang, Ruirui Dai, Anyuan
Zhou, Zhen Xu, Prihook: Differentiated
context-aware hook placement for different owners smartphones, 19th IEEE International
Conference on Trust, Security and Privacy in Computing and Communications
(TrustCom), 2020.
|
ICICS
|
D. Huo, et al., A
Machine-Learning-based Compartmentalization Scheme for Bare-Metal Systems,
ICICS 2020.
|
ICPR
|
Junwei Zhou, Ke Shu, Peng Liu, Jianwen Xiang, ShengWu Xiong,
Face Anti-spoofing Based on Dynamic Color Texture Analysis Using Local
Directional Number Pattern, International
Conference on Pattern Recognition, 2020.
|
IEEE Computer
|
Q. Zou, X. Sun, P. Liu, A. Singhal,
An Approach for Detection of Advanced Persistent Threat Attacks, column
paper, IEEE Computer, 2020.
|
Journal of Computer Security
|
X. Li, Z. Hu, H. Wang, Y. Fu, P.
Chen, M. Zhu, P. Liu, DEEPRETURN: A Deep Neural Network Can Learn How to
Detect Previously-Unseen ROP Payloads without Using Any Heuristics, Journal of Computer Security, 2020,
published.
|
ACM Transactions on Privacy and Security
|
Z. Hu, M. Zhu, P. Liu, et al.,
Adaptive Cyber Defense against Multi-stage Attacks using Learning-based
POMDP, ACM Transactions on Privacy and
Security, 2020.
|
IEEE TCC
|
D. Tian, et al., Semi-synchronized
Non-blocking Concurrent Kernel Cruising, IEEE Transactions on Cloud
Computing.
|
Cybersecurity
|
Yoon-Ho Choi, Peng Liu, Zitong
Shang, Haizhou Wang, Zhilong Wang, Lan Zhang, Junwei Zhou and Qingtian Zou.
2019. Using Deep Learning to Solve Computer Security Challenges: A Survey. Cybersecurity, 2020, published.
|
|
|
Automatica
(Brief
Paper)
|
H. Kim, P. Guo, M. Zhu and P. Liu, Simultaneous
input and state estimation for stochastic nonlinear systems with additive
unknown inputs, Automatica,
Brief Paper, 2020. Published.
|
IEEE TR
|
Weizhe Zhang, Huanran
Wang, Hui He, Peng Liu, DAMBA: Detecting Android Malware by OTGB Analysis, IEEE Transactions on Reliability,
2020, published. |
IEEE TCC
|
J. Wang, H. Hu, B. Zhao, H. Li, W. Zhang,
J. Xu, P. Liu, J. Ma, S-Blocks: Lightweight and Trusted Virtual Security
Function with SGX, IEEE Transactions
on Cloud Computing.
|
IEEE Access
|
DH Ko, SH Choi, JM Shin, P Liu, YH Choi,
Structural Image De-Identification for Privacy-Preserving Deep Learning, IEEE Access, 2020, published. |
IEEE TNSE
|
S. H. Choi, J. Shin, P. Liu, Y. Choi,
EEJE: Two-Step Input Transformation for Robust DNN against Adversarial
Examples, IEEE Transactions on Network
Science and Engineering, 2020, published. |
SCN
|
F Chen, P Liu, J Zhu, S Gao, Y Zhang, M
Duan, Y Wang, K Hwang, Improving Topic-Based Data Exchanges among IoT
Devices, Security and Communication
Networks, 2020. (Published) |
arXiv
|
E. Yoon, P. Liu, Practical Verification of
MapReduce Computation Integrity via Partial Re-execution, arXiv preprint
arXiv:2002.09560. |
Workshop
|
Q Zou, A Singhal, X Sun, P Liu,
Automatic Recognition of Advanced Persistent Threat Tactics for Enterprise
Security, Proceedings of the Sixth
International Workshop on Security and Privacy Analytics, 2020,
published.
|
Book Chapter
|
C. Zhong, J. Yen, P. Liu, Can Cyber
Operations Be Made Autonomous? An Answer from the Situational Awareness
Viewpoint, In S. Jajodia, G. Cybenko,
V. S. Subrahmanian, V. Swarup, C. Wang, and M.
Wellman (Eds.), Adaptive Autonomous Secure Cyber Systems, Springer 2020,
published.
|
2019 |
|
17 Logic Bugs in IoT platforms
|
Logic Bugs in IoT Platforms and Systems: A
Review. Wei Zhou, Chen Cao, Dongdong Huo, Kai
Cheng, Lan Zhang, Le Guan, Tao Liu, Yaowen Zheng,
Yuqing Zhang, Limin Sun, Yazhe Wang, Peng Liu. arXiv 1912.13410 |
Deep Learning for system security: a survey
|
Using Deep Learning to Solve Computer
Security Challenges: A Survey. (authors are ordered in alphabetic order)
Yoon-Ho Choi, Peng Liu, Zitong Shang, Haizhou Wang, Zhilong Wang, Lan Zhang,
Junwei Zhou, Qingtian Zou. arXiv
1912.05721 |
GPT Conjecture
|
Zhilong Wang, Peng Liu, GPT Conjecture:
Understanding the Trade-offs between Granularity, Performance and Timeliness
in Control-Flow Integrity, arXiv
1911.07828. |
arXiv preprint
|
ROPNN: Detection of ROP Payloads Using Deep
Neural Networks. Xusheng Li, Zhisheng Hu, Yiwei Fu,
Ping Chen, Minghui Zhu, Peng Liu. arXiv 1807.11110. |
arXiv preprint
|
Good Motive but Bad Design: Why ARM MPU Has
Become an Outcast in Embedded Systems. W Zhou, L Guan, P Liu, Y Zhang. arXiv 1908.03638. |
Usenix Security
|
W. Zhou, Y. Jia, Y. Yao, L. Zhu, L. Guan,
Y. Mao, P. Liu, Y. Zhang, Discovering and Understanding the Security Hazards
in the Interactions between IoT Devices, Mobile Apps, and Cloud on Smart Home
Platforms, Usenix Security 2019. |
NDSS
|
M. Nasr, S. Farhang, A. Houmansadr,
and J. Grossklags, Enemy At the Gateways:
Censorship-Resilient Proxy Distribution Using Game Theory, In Network and Distributed System Security
Symposium (NDSS), 2019. |
RAID
|
Lun-Pin Yuan, Wenjun Hu, Ting Yu, Peng Liu,
Sencun Zhu, Towards Large-Scale Hunting for
Android Negative-Day Malware, RAID 2019 |
RAID
|
Wei Song, Peng Liu, Dynamically Finding
Minimal Eviction Sets Can Be Quicker Than You Think for Side-Channel Attacks
against the LLC, RAID 2019 |
ESORICS
|
Y. Yao, W. Zhou, Y. Jia, L. Zhu, P. Liu, Y.
Zhang, Identifying Privilege Separation Vulnerabilities in IoT Firmware with
Symbolic Execution, ESORICS 2019 |
WiSec
|
Le Guan, Chen Cao, Sencun
Zhu, Jingqiang Lin, Peng Liu, Yubin Xia, Bo Luo, Protecting Mobile Devices
from Physical Memory Attacks with Targeted Encryption, Proc. 12th ACM Conference on Security and Privacy in Wireless and
Mobile Networks, WiSec19. |
CODASPY
|
Peiying Wang, Shijie
Jia, Bo Chen, Luning Xia and Peng Liu. MimosaFTL:
Adding Secure and Practical Ransomware Defense Strategy to Flash Translation
Layer. The Ninth ACM Conference on Data
and Application Security and Privacy (CODASPY '19), Dallas, TX, 2019
(Acceptance rate: 23.5%). |
Automatica
|
Z. Hu, M. Zhu, P. Chen and P. Liu, On
convergence rates of game theoretic reinforcement learning algorithms, Automatica,
2019, published. |
TSE
|
Mu, D., Du, Y., Xu, J., Xu, J., Xing, X.,
Mao, B., Liu, P., POMP++: Facilitating Postmortem Program Diagnosis with
Value-set Analysis, IEEE Transaction
on Software Engineering, 2019. |
SOC data triage
|
Chen Zhong, John Yen, Peng Liu, and Robert
F. Erbacher. Learning from Experts Experience: Towards Automated Cyber
Security Data Triage, IEEE Systems
Journal, March 2019, published.
|
IEEE TMC
|
Lannan Luo, Qiang Zeng, Chen Cao,
Kai Chen, Jian Liu, Limin Liu, Neng Gao, Min Yang, Xinyu Xing, and Peng Liu.
Tainting-Assisted and Context-Migrated Symbolic Execution of Android
Framework for Vulnerability Discovery and Exploit Generation. IEEE Transactions on Mobile Computing
(TMC), 2019.
|
IEEE Security & Privacy magazine
|
Sun, Xiaoyan, Peng Liu, and Anoop Singhal.
``Toward Cyberresiliency in the Context of Cloud
Computing. IEEE
Security & Privacy 16.6
(2018): 71-75. (Published in Jan 2019) |
Elsevier FGCS Journal
|
J. Shin, S. H. Choi, P. Liu, Y. H. Choi,
Unsupervised Multi-Stage Attack Detection Framework without Details on
Single-State Attacks, Future Generation of Computer Systems 100, 811-825,
2019, published. |
Edited book
|
S. Jajodia, G. Cybenko, P. Liu, C. Wang, and M. Wellman (Eds.),
Adversarial and Uncertain Reasoning for Adaptive Cyber Defense, Springer
2019, published. |
Edited Proceedings
|
P. Liu and Y. Zhang (Eds.), Proceedings of the 2nd International ACM
Workshop on Security and Privacy for the Internet-of-Things, in
conjunction with ACM CCS 2019. |
Book Chapter
|
P. Chen, Z. Hu, J. Xu, M. Zhu, R. Erbacher,
S. Jajodia, P. Liu, MTD Techniques for Memory
Protection against Zero-Day Attacks, In S. Jajodia,
G. Cybenko, P. Liu, C. Wang, and M. Wellman (Eds.),
Adversarial and Uncertain Reasoning for Adaptive Cyber Defense, Springer
2019. |
Book Chapter
|
B. W. Priest, G. Cybenko,
S. Singh, M. Albanese, P. Liu, Online and Scalable Adaptive Cyber Defense,
In S. Jajodia, G. Cybenko,
P. Liu, C. Wang, and M. Wellman (Eds.), Adversarial and Uncertain Reasoning
for Adaptive Cyber Defense, Springer 2019. |
Book Chapter
|
Z. Hu, P. Chen, M. Zhu, P. Liu,
Reinforcement Learning for Adaptive Cyber Defense against Zero-Day Attacks,
In S. Jajodia, G. Cybenko,
P. Liu, C. Wang, and M. Wellman (Eds.), Adversarial and Uncertain Reasoning
for Adaptive Cyber Defense, Springer 2019. |
Book Chapter
|
G. Cybenko, M.
Wellman, P. Liu, M. Zhu, "Overview of Control and Game Theory in
Adaptive Cyber Defenses", In S. Jajodia, G. Cybenko, P. Liu, C. Wang, and M. Wellman (Eds.),
Adversarial and Uncertain Reasoning for Adaptive Cyber Defense, Springer
2019. |
ICPR
|
Wenhui Zhang, Yizheng
Jiao, Dazhong Wu, Srivatsa Srinivasa, Asmit De,
Swaroop Ghosh, Peng Liu, ArmorPLC: Cyber Security
Threats Detection through Ladder Logic Validation for PLCs, ICPR 2019 |
Workshop
|
Robustness Analysis of CNN-based Malware
Family Classification Methods Against Various Adversarial Attacks. SH Choi,
JM Shin, P Liu, YH Choi, Workshop on Cyber-Physical Systems Security, in
conjunction with IEEE CNS 2019. |
Poster
|
Lingyun
Situ, Linzhang Wang, Xuandong
Li, Le Guan, Wenhui Zhang, Peng Liu (2019). Poster: Energy Distribution
Matters in Greybox Fuzzing. 41th International Conference on Software Engineering, ICSE19. |
Poster
|
To be announced. |
PhD Dissertation
|
Eunjung
Yoon, ENSURING SERVICE INTEGRITY IN CLOUD COMPUTING, Penn State University,
2019 |
2018 |
|
DEFCON
|
Feng Xiao, Jianwei Huang, Peng Liu,
Hacking the Brain: Customize Evil Protocol to Pwn
an SDN Controller, DEF CON 2018 |
DSN
(Attacks against robots)
|
P. Guo, H. Kim, N. Virani, J. Xu, M.
Zhu and P. Liu, RoboADS: Anomaly detection against
sensor and actuator misbehaviors in mobile robots, DSN 2018.
|
RAID
|
Chen Cao, Le Guan, Ning Zhang, Neng
Gao, Jingqiang Lin, Bo Luo, Peng Liu, Ji Xiang, Wenjing Lou, CryptMe: Data Leakage Prevention for Unmodified Programs
on ARM Devices, RAID 2018.
|
ACSAC
|
S. Farhang, J. Weidman, M. M.
Kamani, J. Grossklags, P. Liu, Take It or Leave
It: A Survey Study on Operating System Upgrade Practices, ACSAC 2018. (Accepted)
|
WiSec
|
L. Yuan, P. Liu, S. Zhu, Android
STAR: Interaction-Preserving Messenger-Usage Inspection, To appear in Proceedings of the 11th ACM Conference on
Security and Privacy in Wireless and Mobile Networks (WiSec),
2018.
|
SACMAT
|
Lingjing Yu, Sri Mounica Motipalli,
Dongwon Lee, Peng Liu, Heng Xu, Qingyun Liu, Jianlong
Tan and Bo Luo. My Friend Leaks My Privacy: Modeling and Analyzing Privacy in
Social Networks. In ACM Symposium on
Access Control Models and Technologies (SACMAT), 2018.
|
TrustShadow TEE
|
Le Guan, Chen Cao, Peng Liu, Xinyu Xing,
Xinyang Ge, Shengzhi Zhang, Meng Yu and Trent
Jaeger, Building a Trustworthy Execution Environment to Defeat Exploits from
both Cyber Space and Physical Space for ARM, IEEE Transactions on Dependable and Secure Computing (TDSC).
(Accepted) |
Survey on IoT Security
|
Wei Zhou, Yan Jia, Anni Peng, Yuqing
Zhang, and Peng Liu, The Effect of IoT New Features on Security and Privacy:
New Threats, Existing Solutions, and Challenges Yet to Be Solved, IEEE IoT Journal, 2018.
|
Cybersecurity issues in Digital Manufacturing
|
Wu, D., Ren, A., Zhang, W., Fan, F.,
Liu, P., Fu, X. & Terpenny, J., Cybersecurity
for Digital Manufacturing, Journal of
Manufacturing Systems, 2018.
|
Feedback control against zero-day attacks
|
P. Chen, Z. Hu, J. Xu, M. Zhu, P.
Liu, Feedback Control Can Make Data Structure Layout Randomization More
Cost-Effective under Zero-day Attacks, Cybersecurity
(a new journal), 2018, published.
|
TIFS
|
X. Sun, J. Dai, P. Liu, A. Singhal,
J. Yen, Using Bayesian Networks for Probabilistic Identification of Zero-day
Attack Paths, IEEE Transactions on
Information Forensics and Security, 2018.
|
TMC
|
Kai Chen, Yingjun
Zhang, Peng Liu, Leveraging Information Asymmetry to Transform Android Apps
into Self-Defending Code against Repackaging Attacks, IEEE Transactions on Mobile Computing (TMC), 2018.
|
IEEE Trans. Big Data
|
Heqing Huang, et al., A Large-scale Study of Android Malware
Development Phenomenon on Public Malware Submission and Scanning Platform, IEEE Transactions on Big Data,
2018.
|
Cybersecurity (New Journal)
|
C. Tian, Y. Wang, P. Liu, Q. Zhou,
C. Zhang, Using IM-Visor to Stop Untrusted IME Apps from Stealing Sensitive
Keystrokes, Cybersecurity, 2018,
published.
|
Cybersecurity
|
D. Meng, R. Hou, G. Shi, B. Tu, A.
Yu, Z. Zhu, X. Jia, P. Liu, Security-first architecture: deploying
physically isolated active security processors for safeguarding the future of
computing, Cybersecurity, 2018,
published.
|
Computers & Security
|
Cheng Zhong, et al., A Cyber
Security Data Triage Operation Retrieval System, Computers & Security Journal, 2018.
|
Software: Practice and Experience
|
Donghai Tian, et al., A Policy-Centric Approach to
Protecting OS Kernel from Vulnerable LKMs, Software: Practice and Experience Journal, 2018.
|
IoTSec
|
Chen Cao, Le Guan, Peng Liu, Neng
Gao, Jingqiang Lin, and Ji Xiang, Hey, you, keep away from my device:
remotely implanting a virus expeller to defeat Mirai on IoT devices, 1st International Workshop on Security
and Privacy for the Internet-of-Things (IoTSec),
co-located with the Cyber-Physical
Systems and Internet-of-Things Week, 2018.
|
APSEC
|
Weijuan Zhang, Xiaoqi Jia, Shengzhi
Zhang, Rui Wang and Peng Liu, Running OS Kernel in Separate Domains: A New
Architecture for Applications and OS Services Quarantine, 25th Asia-Pacific Software
Engineering Conference, Japan, 2018.
|
DBSEC
|
Chen Cao, Lunpin
Yuan, Anoop Singhal, Peng Liu, Xiaoyan Sun, Sencun
Zhu, Assessing the Impact on Business Processes by Interconnecting Attack
Graphs and Entity Dependency Graphs, IFIP
International Conference on Database and Application Security and Privacy
(DBSEC), 2018.
|
Journal
|
Le Guan, Sadegh Farhang, Yu Pu, Pinyao Guo, Jens Grossklags and
Peng Liu, VaultIME: Regaining User Control for
Password Managers through Auto-correction, EAI Endorsed Transactions on Security and Safety, 2018.
|
Journal
|
X. Sun, J. Dai, A. Singhal, P. Liu,
Probabilistic Inference of the Stealthy Bridges
between Enterprise Networks in Cloud, EAI
Endorsed Transactions on Security and Safety, 2018.
|
Journal
|
Chen Zhong, John Yen, Peng Liu,
Donald R. Shemanski, ``Using an UD-UC-CSP Model to Infer Missing Actor for Intelligence
Analysis'', Journal
of Secure Communication and Systems. (Accepted)
|
Poster
|
Anoop Singhal, Xiaoyan Sun, Peng
Liu, Towards Cyber Resiliency in the Context of Cloud Computing, ACSAC 2018
Work in Progress Session.
|
Proceedings
|
Liu, Peng, Mauw,
Sjouke, Stolen, Ketil (Eds.), Graphical Models for
Security (Proceedings of the GraMSec 2017 Workshop), Springer LNCS 10744, Feb
2018. Published.
|
Proceedings
|
L. Lazos, P. Liu, M. Li, W. Zhu, Proceedings of 2018 IEEE Conference on
Communications and Network Security (CNS), September 2018. Published.
|
PhD Dissertation
|
Jun Xu, BATTLING CYBER ATTACKS WITH
SOFTWARE CRASH DIAGNOSIS, PhD Dissertation, College of IST, 2018, Penn State
University
|
PhD Dissertation
|
Pinyao Guo, Detection and Prevention: Towards Secure Mobile
Robotic Systems, PhD Dissertation, College of IST, 2018, Penn State
University
|
MS Thesis
|
Tao Lin, A CYBER SECURITY DATA
TRIAGE OPERATION RETRIEVAL SYSTEM, MS Thesis, College of IST, 2018, Penn
State University
|
MS Thesis
|
Tao Zhang, TOWARDS FLEXIBLE AND
REALISTIC INSIDER MISSION SIMULATION, MS Thesis, College of IST, 2018, Penn
State University
|
2017
|
|
ACSAC (Best Paper Award)
|
Le Guan, Shijie
Jia, Bo Chen, Fengwei Zhang, Bo Luo, Jingqiang Lin,
Peng Liu, Xinyu Xing and Luning Xia, Supporting Transparent Snapshot for
Bare-metal Malware Analysis on Mobile Devices, in Proceedings of the 33rd Annual Conference on Computer Security
Applications, ACSAC '17, 2017.
|
CCS
|
Jian Huang, Jun Xu, Xinyu Xing, Peng
Liu, Moinuddin K. Qureshi, FlashGuard: Leveraging
Intrinsic Flash Properties to Defend Against Encryption Ransomware, CCS
2017.
|
CCS
|
S. Jia, L. Xia, B. Chen, P. Liu,
DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation
Layer, CCS 2017.
|
USENIX Security
|
Xu, J., Mu, D., Xing, X., Liu, P.,
Chen, P., Mao, B., "POMP: Postmortem Program Analysis with
Hardware-Enhanced Post-Crash Artifacts", in Proceedings of the 26th USENIX Security Symposium (USENIX Security),
Vancouver, Canada, August 2017.
|
NDSS
|
Chuangang Ren, Peng Liu, Sencun Zhu, WindowGuard:
Systematic Protection of GUI Security in Android, NDSS 2017.
|
MobiSys
|
Lannan Luo*, Qiang
Zeng*, Chen Cao, Kai Chen, Jian Liu, Limin Liu, Neng
Gao, Min Yang, Xinyu Xing, and Peng Liu. (*Co-first authors),
System Service Call-oriented Symbolic Execution of Android Framework with
Applications to Vulnerability Discovery and Exploit Generation, ACM MobiSys 2017.
|
MobiSys
|
L. Guan, P. Liu, X. Xing, X.
Ge, S. Zhang, M. Yu, and T. Jaeger, TrustShadow: Secure execution of unmodified applications
with ARM TrustZone, ACM MobiSys
2017.
|
Mirai Expeller
|
Chen Cao, Le Guan, Peng Liu, Neng
Gao, Jingqiang Lin, Ji Xiang, Hey, you, keep away from my device: remotely
implanting a virus expeller to defeat Mirai on IoT devices, June 2017,
arXiv, http://arxiv.org/abs/1706.05779
|
TSE
|
Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, and Sencun
Zhu, Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison
with Applications to Software and Algorithm Plagiarism Detection, IEEE Transactions on Software Engineering,
Vol. 43, Issue 12, January 2017.
|
VEE
|
D. Liang, P. Liu, J. Xu, P. Chen, Q.
Zeng, Dancing with Wolves: Towards Practical Event-driven VMM Monitoring,
VEE 2017.
|
DSN
|
P. Chen, J. Xu, Z. Hu, X. Xing, M. Zhu,
B. Mao, P. Liu, What You See is Not What You Get! Thwarting Just-in-Time ROP
with Chameleon, DSN 2017.
|
DSN
|
Chen Tian, Yazhe
Wang, Peng Liu, Qihui Zhou, Chengyi
Zhang, IM-Visor: A Pre-IME Guard to Prevent IME Apps from Stealing Sensitive
Keystrokes Using TrustZone, DSN 2017.
|
MASS (short)
|
Chengyi Zhang, Yazhe Wang, Peng Liu,
Tao Lin, Lvgen Luo, Ziqi Yu, and Xinwang Zhuo, PMViewer: A
Crowdsourcing Approach to Fine-Grained Urban PM2.5 Monitoring in China, MASS
2017.
|
SecureComm
(short)
|
Le Guan, Sadegh Farhang, Yu Pu, Pinyao Guo, Jens Grossklags and
Peng Liu, VaultIME: Regaining User Control for
Password Managers through Auto-correction, in Security and Privacy in Communication Networks: 13th International
Conference, SecureComm 2017, 2017.
|
SecureComm
|
Pinyao Guo, Hunmin Kim, Le Guan, Minghui Zhu and Peng Liu, VCIDS: Collaborative Intrusion
Detection of Sensor and Actuator Attacks on Connected Vehicles, in Security and Privacy in Communication
Networks: 13th International Conference, SecureComm
2017, 2017.
|
ACC
|
H. Kim, P. Guo, M. Zhu and P. Liu,
On attack-resilient estimation of switched nonlinear cyber-physical
systems, 2017 American Control
Conference, May 2017, invited paper.
|
MTD
|
Z. Hu, M. Zhu and P. Liu, Online
algorithms for adaptive cyber defense on Bayesian attack graphs, Fourth ACM Workshop on Moving Target
Defense in Association with 2017 ACM Conference on Computer and
Communications Security, Dallas, pages: 99-109, Oct 2017.
|
DBSEC
|
Xiaoyan Sun, Anoop Singhal and Peng
Liu, Towards Actionable Mission Impact Assessment in the Context of Cloud
computing, DBSEC 2017.
|
ISERC
|
Ren, A., Wu, D., Terpenny,
J., Zhang, W., & Liu, P. (2017). Cyber Security in Smart Manufacturing:
Survey and Challenges, Proceedings of
the 2017 Industrial and Systems Engineering Research Conference,
Pittsburgh, PA
|
Cryptology ePrint Archive
|
Dingfeng Ye, Peng Liu, Jun Xu, Towards Practical Obfuscation of
General Circuits, Cryptology ePrint Archive report
2017/321
|
Edited Book
|
Theory and Models for Cyber
Situation Awareness, Peng Liu, Sushil Jajodia, and
Cliff Wang (Eds.), Springer LNCS, Volume No. 10030, 2017, published.
|
Book Chapters
|
P. Liu, et al., Computer-aided
Human Centric Cyber Situation Awareness, In Peng Liu, Sushil Jajodia, and Cliff Wang (Eds.), Theory and Models for Cyber Situation Awareness, Springer LNCS vol. 10030, 2017, published.
Chen Zhong, John Yen, Peng Liu,
Robert F. Erbacher and Christopher Garneau. Studying Analysts Data Triage
Operations in Cyber Defense Situational Analysis, In Peng Liu, Sushil Jajodia, and Cliff Wang (Eds.), Theory and Models for Cyber Situation Awareness, Springer LNCS vol. 10030, 2017, published.
Xiaoyan Sun, Jun Dai, Anoop
Singhal, Peng Liu, Enterprise-Level Cyber Situation Awareness, In Peng Liu,
Sushil Jajodia, and Cliff Wang (Eds.), Theory and Models for Cyber Situation Awareness, Springer LNCS vol. 10030, 2017, published.
X. Sun, J. Dai, P. Liu, A. Singhal,
J. Yen, Using Bayesian Networks to Fuse Intrusion Evidences
and Detect Zero-day Attack Paths, in Lingyu Wang, Sushil Jajodia, and
Anoop Singhal (Eds.), Network Security
Metrics, Springer LNCS, 2017, published.
|
2016
|
|
CCS
|
Xu, J., Mu, D., Chen, P., Xing, X.,
Liu, P., CREDAL: Towards Locating a Memory Corruption Vulnerability with
Your Core Dump, ACM CCS 2016.
|
Big Data
(Dataset release)
|
Android Malware Development on
Public Malware Scanning Platforms: A Large-scale Data-driven Study. Heqing Huang, Cong Zheng, Junyuan
Zeng, Wu Zhou, Sencun Zhu, Peng Liu,
Suresh Chari, Ce Zhang, 2016
IEEE Big Data (79/423=18.7%) (A new Android malware
dataset released @ the
result website)
|
CCS
|
Kai Wang, Yuqing Zhang, Peng Liu, Call
Me Back! Attacks on System Server and System Apps in Android through
Synchronous Callback, ACM CCS 2016.
|
SenSys
|
Guan, L., Xu, J., Wang, S., Xing,
X., Lin, L., Huang, H., Liu, P., Lee, W., From Physical to Cyber: Escalating
Protection for Personalized Auto Insurance, in Proceedings of the 14th ACM Conference on Embedded Networked Sensor
Systems (SenSys 2016), Palo Alto, USA, December
2016.
|
ASE
|
StraightTaint:
Decoupled Offline Symbolic Taint Analysis, by Jiang Ming, Dinghao Wu, Gaoyao Xiao, Jun
Wang, and Peng Liu. In Proceedings of
the 31st IEEE/ACM International Conference on Automated Software Engineering
(ASE 2016), Singapore, September 3-7, 2016, published.
|
DSN
|
Lannan Luo, Yu Fu, Dinghao
Wu, Sencun Zhu, and Peng Liu,
|
ACSAC
|
Shijie Jia, Luning Xia, Bo Chen, and Peng Liu, Sanitizing Data
Is Not Enough! Towards Sanitizing Structural Artifacts in Flash Media, ACSAC, 2016, published.
|
ESORICS
|
Fabo Wang, Yuqing Zhang, Kai
Wang, Peng Liu and Wenjie Wang, Stay in Your Cage! A Sound Sandbox for
Third-Party Libraries on Android, ESORICS,
2016, published.
|
ESORICS
|
Qianru Wu, Qixu
Liu, Yuqing Zhang, Peng Liu and Guanxing Wen, A
Machine Learning Approach for Detecting Third-Party Trackers on the Web, ESORICS, 2016, published.
|
ESORICS
|
Aron Laszka,
Mingyi Zhao and Jens Grossklags,
Banishing Misaligned Incentives for Validating Reports in Bug-Bounty
Platforms, ESORICS, 2016.
|
IDS
|
Chen Zhong, John Yen, Peng Liu,
and Robert F. Erbacher. Automate Cybersecurity Data Triage by Leveraging
Human Analysts Cognitive Process, In Proc.
IEEE International Conference on Intelligent Data and Security (IEEE
IDS), 2016, published.
|
CNS
(Best Paper
Runner up Award)
|
Xiaoyan
Sun, Jun Dai, Peng Liu, Singhal, Anoop, John Yen, Towards Probabilistic
Identification of Zero-day Attack Paths, IEEE
CNS, 2016.
|
AsiaCCS
|
Shijie Jia, Luning Xia, Bo Chen, and Peng Liu, NFPS: Adding Undetectable
Secure Deletion to Flash Translation Layer, Proc. 11th ACM Asia Conference on Computer and Communications
Security (AsiaCCS '16), Xi'an, China, May 30 -
June 3, 2016.
|
CODASPY
(8
pages)
|
Program-object Level Data Flow
Analysis with Applications to Data Leakage and Contamination Forensics, short
paper, by Gaoyao Xiao, Jun Wang, Peng Liu, Jiang
Ming, and Dinghao Wu. In Proc. 6th ACM Conference on Data and Application Security and Privacy
(CODASPY 2016), New Orleans, LA, March 9-11, 2016, published.
|
CIC
|
Z. Hu, P. Chen, Y. Lu, M. Zhu
and P. Liu, Towards a science for adaptive defense: Revisit server
protection, Proc. IEEE International
Conference on Collaboration and Internet Computing (CIC 2016),
Pittsburgh, November 2016, invited paper, published.
|
ESSoS
(Artifact Evaluation Award)
|
Empirical Analysis and
Modeling of Black-box Mutational Fuzzing, by Mingyi
Zhao and Peng Liu, International
Symposium on Engineering Secure Software and Systems (ESSoS)
2016, published.
|
WEIS
|
Thomas Maillart, Mingyi Zhao, Jens Grossklags
and John Chuang, Given Enough Eyeballs, All Bugs Shallow? Revisiting Eric
Raymond with Bug Bounty Market, Proc.
15th Annual Workshop on the Economics of Information Security (WEIS),
2016.
|
ICSE-SEET
|
Lannan Luo, and Qiang Zeng, SolMiner: Mining Distinct Solutions in Programs, In Proceedings of the 38th International
Conference on Software Engineering, SEET track, Austin, TX, May 14-22,
2016.
|
SAC
|
Yuan Zhao, Wuqiong
Pan, Jingqiang Lin, Peng Liu, Cong Xue and Fangyu
Zheng, PhiRSA: Exploiting the Computing Power of
Vector Instructions on Intel Xeon Phi for RSA, Proc. 23rd Conference on Selected Areas in Cryptography (SAC 2016),
Canada, 2016, published.
|
HASE
|
Feature-based Software
Customization: Preliminary Analysis, Formalization, and Methods, by Yufei
Jiang, Can Zhang, Dinghao Wu, and Peng Liu. In Proceedings of the 17th IEEE High
Assurance Systems Engineering Symposium (HASE 2016), Orlando, Florida,
USA, January 7-9, 2016.
|
COMPSAC
|
JRed:
Program Customization and Bloatware Mitigation based on Static Analysis, by
Yufei Jiang, Dinghao Wu, and Peng Liu. In Proceedings of the 40th IEEE Computer
Society International Conference on Computers, Software & Applications
(COMPSAC 2016), Atlanta, Georgia, USA, June 10-14, 2016. (Published.
Acceptance rate: 18%)
|
ICICS
|
Weijuan Zhang, Xiaoqi Jia, Chang Wang, Shengzhi Zhang, Qingjia Huang, Mingsheng Wang, Peng Liu, A Comprehensive Study of
Co-residence Threat in Multi-tenant Public PaaS Clouds, 18th International Conference on Information and Communications
Security (ICICS 2016), Singapore, Singapore, November 29 December 2, 2016
|
arXiv
|
Q. Wang, W. Guo, A. Ororbia, X. Xing, L. Lin, C. L. Giles, X. Liu, P. Liu, G.
Xiong, Using non-invertible data transformations to build
adversary-resistant deep neural networks, arXiv preprint arXiv:1610.01934,
2016.
|
TRE
|
Kai Chen, Yingjun
Zhang, Peng Liu, Dynamically Discovering Likely Memory Layout to Perform
Accurate Fuzzing, IEEE Transactions on
Reliability, 2016, published.
|
TRE
|
Jiang Ming, Fangfang Zhang, Dinghao Wu, Peng Liu, and Sencun
Zhu, Deviation-Based Obfuscation-Resilient Program Equivalence Checking with
Application to Software Plagiarism Detection, IEEE Transactions on Reliability, 2016, published.
|
Journal of Computer Virology
|
Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng
Liu, and Bing Mao, "Impeding Behavior-based Malware Analysis via
Replacement Attacks to Malware Specifications," Springer Journal of Computer Virology and Hacking Techniques,
2016, published.
|
IEEE Security & Privacy Magazine
|
Jingqiang Lin, Bo Luo, Le Guan,
Jiwu Jing, Secure Computing using Registers and
Caches: the Problem, Challenges and Solutions, IEEE Security & Privacy Magazine, 2016. (Accepted)
|
Journal
|
Shengzhi Zhang, Xiaoqi Jia, Peng Liu, "Towards
Service Continuity for Transactional Applications via Diverse Device
Drivers," International Journal of
Information and Computer Security, 2016. (Accepted)
|
Journal
|
Chen Cao, Neng Gao, Ji Xiang,
Peng Liu, Towards Input Validation Vulnerability Analysis of Android System
Services, Journal of Cyber Security,
China Science Press, 2016. (In Chinese), published.
|
Journal
|
K. Chen, P. Wang, Y. Lee, X. F.
Wang, N. Zhang, H. Huang, W. Zou, P. Liu, Scalable Detection of Unknown
Malware from Millions of Apps, Journal
of Cyber Security, China Science Press, 2016. (In Chinese), published.
|
System Demo
|
Xu, J., Guo, P., Chen, B.,
Erbacher, R., Chen, P., & Liu, P., Demo: A Symbolic N-Variant System,
Proc. Third ACM Workshop on Moving
Target Defense (MTD 2016), Vienna, Austria, October 2016, published.
|
Book Chapters
|
Wanyu Zang, Meng Yu, Peng Liu, "Privacy Protection
in Cloud Computing through Architectural Design", book chapter, In Security in the Private Cloud, (John
R. Vacca eds.), CRC Press, 2017, published.
|
|
iCruiser:
Protecting Kernel Link-Based Data Structures with Secure Canary, by Li Wang,
Dinghao Wu, and Peng Liu. In Proceedings of the 7th IEEE International Workshop on Trustworthy
Computing (TC 2016), in conjunction with QRS 2016 Vienna, Austria, August
1-3, 2016, published.
|
PhD Dissertations
|
1. Chen Zhong, A COGNITIVE PROCESS TRACING APPROACH
TO CYBERSECURITY DATA TRIAGE OPERATIONS AUTOMATION, Penn State University,
College of IST, May 2016.
2. Chuangang Ren, A STUDY OF SELECTED SECURITY ISSUES
IN ANDROID SYSTEMS, Penn State University, College of Engineering, May
2016.
3. Xiaoyan Sun, USING BAYESIAN NETWORKS FOR
ENTERPRISE NETWORK SECURITY ANALYSIS, Penn State University, College of IST,
May 2016.
4. Heqing Huang, A STUDY OF ANDROID SYSTEM VULNERABILITY
AND MALWARE, Penn State University, College of Engineering, Feb 2016.
5. Mingyi Zhao, DISCOVERING AND MITIGATING SOFTWARE
VULNERABILITIES THROUGH LARGE-SCALE COLLABORATION, Penn State University,
College of IST, Oct 2016.
6. Wenhui Hu, THIRD-PARTY LIBRARY SECURITY MANAGEMENT
FOR MOBILE APPLICATIONS, Penn State University, College of Engineering, Dec.
2016.
|
2015
|
|
USENIX ATC
|
Jun Wang, Xi Xiong, Peng Liu, Between
Mutual Trust and Mutual Distrust: Practical Fine-grained Privilege Separation
in Multithreaded Applications, Proc.
USENIX Annual Technical Conference 2015, published. [PDF]
|
USENIX Security
|
Chuangang Ren, Yulong Zhang,
Hui Xue, Tao Wei, Peng Liu, "Towards Discovering and Understanding Task
Hijacking in Android," USENIX
Security 2015, published. [PDF]
|
USENIX Security
|
Jiang Ming, Dinghao
Wu, Gaoyao Xiao, Jun Wang, and Peng Liu, TaintPipe: Pipelined Symbolic Taint Analysis, USENIX Security 2015, published. [PDF]
|
USENIX Security
|
Kai Chen, Peng Wang, Yeonjoon Lee, Xiaofeng Wang, Nan Zhang, Heqing Huang, Wei Zou, Peng Liu, "Finding Unknown
Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play
Scale," USENIX Security 2015,
published. [PDF]
|
CCS
|
Heqing Huang, Sencun Zhu, Kai
Chen, Peng Liu, From System Services Freezing to System Server Shutdown in
Android: All You Need Is a Loop in an Application, ACM CCS 2015, published.
|
CCS
Data
and Code Release
|
Mingyi Zhao, Jens Grossklags,
Peng Liu, An Empirical Study of Web Vulnerability Discovery Ecosystems, ACM
CCS 2015, published. [PDF]
(Data and Code Release)
|
TSE
|
Yoon-Chan Jhi,
Xinran Wang, Xiaoqi Jia, Sencun Zhu, Peng Liu, and Dinghao Wu, Program Characterization Using Runtime
Values and Its Application to Software Plagiarism Detection, IEEE Transactions on Software Engineering,
41(9), pages 925-943, September 2015. [PDF]
|
US Patent
|
U.S. Patent 8,904,535, Proactive
Worm Containment (PWC) For Enterprise Networks
|
ESORICS
|
Ping Chen, Jun Xu, Zhiqiang
Lin, Dongyan Xu, Bing Mao and Peng Liu, "A Practical Approach for
Adaptive Data Structure Layout Randomization," ESORICS 2015, published. [PDF]
|
DSN
|
Q. Zeng, M. Zhao, P. Liu, HeapTherapy: An Efficient End-to-end Solution against
Heap Buffer Overflows, DSN 2015,
published. [PDF]
|
DSN
|
B. Zhao, P. Liu, Private
Browsing Mode Not Really That Private: Dealing with Privacy Breach Caused by
Browser Extensions, DSN 2015,
published. [PDF]
|
DSN
|
Jun Wang, Mingyi
Zhao, Qiang Zeng, Dinghao Wu, and Peng Liu, Risk
Assessment of Buffer Heartbleed Over-read Vulnerabilities (Practical
Experience Report), In Proceedings of
the 45th Annual IEEE/IFIP International Conference on Dependable Systems and
Networks (DSN 2015), Rio de Janeiro, Brazil, June 22-25, 2015.
(Published). [PDF]
|
ACSAC
|
Chen Cao, Neng Gao, Peng Liu,
Ji Xiang, Towards Analyzing the Input Validation Vulnerabilities associated
with Android System Services," In Proceedings
of the 31st Annual Computer Security Applications Conference (ACSAC),
2015.
|
ACSAC
|
Bing Chang, Zhan Wang, Bo Chen,
Fengwei Zhang, MobiPluto:
File System Friendly Deniable Storage for Mobile Devices, In Proceedings of the 31st Annual Computer
Security Applications Conference (ACSAC), 2015.
|
ASIACCS
|
Heqing Huang, Kai Chen, Chuangang
Ren, Peng Liu, Sencun Zhu and Dinghao
Wu, Towards Discovering and Understanding the Unexpected Hazards in
Tailoring Antivirus Software for Android, ACM ASIACCS 2015, full paper, published. [PDF]
|
ASIACCS
|
Jun Wang, Zhiyun Qian, Zhichun Li, Zhenyu
Wu, Junghwan Rhee, Xia Ning, Peng Liu and Geoff
Jiang, Discover and Tame Long-running Idling Processes in Enterprise
Systems, ACM ASIACCS 2015, full
paper, published. [PDF]
|
CODASPY
|
Zhongwen Zhang, Peng Liu, Ji Xiang, Jiwu Jing and Lingguang Lei,
How Your Phone Camera Can Be Used to Stealthily Spy on You: Transplantation
Attacks against Android Camera Service, ACM
CODASPY 2015, published. [PDF]
|
ACNS
|
Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng
Liu, and Bing Mao, Replacement Attacks: Automatically Impeding
Behavior-based Malware Specifications, In Proceedings of the 13th
International Conference on Applied Cryptography and Network Security (ACNS
2015), New York, June 2-5, 2015, published. [PDF]
|
HotSOS
|
C. Zhong,
J. Yen, P. Liu, R. Erbacher, R. Etoty, and C.
Garneau, An Integrated Computer-Aided Cognitive Task Analysis Method for
Tracing Cyber-Attack Analysis Processes, Proceedings
of the 2015 Symposium and Bootcamp on the Science of Security, ACM, 2015,
published. [PDF]
|
CogSIMA
|
C. Zhong,
J. Yen, P. Liu, R. Erbacher, R. Etoty, and C.
Garneau, ARSCA: A Computer Tool for Tracing the Cognitive Processes of
Cyber-Attack Analysis, Proceedings of
IEEE CogSIMA Conference, 2015, published.
|
DBSEC
|
M. Zhao, P. Liu, J. Lobo,
Towards Collaborative Query Planning in Multi-party Database Networks,
DBSEC, 2015, published.
|
|
A Preliminary Analysis and Case
Study of Feature-based Software Customization (Extended Abstract), by Yufei
Jiang, Can Zhang, Dinghao Wu, and Peng Liu. In Proceedings of the 2015 IEEE International
Conference on Software Quality, Reliability and Security (QRS 2015),
Vancouver, Canada, August 3-5, 2015.
Xiaoyan Sun, Anoop Singhal, Peng
Liu, Who Touched My Mission: Towards Probabilistic Mission Impact
Assessment, In Proceedings of ACM SafeConfig Workshop, in association with ACM CCS
2015.
M. Zhu and P. Liu. Reviewing
the book Principles of Cyber-physical Systems from a security perspective.
EAI Endorsed Transactions on Security and Safety, Special issue on
miscellaneous emerging security problems, 15(4), 2015, book review.
Chen Zhong, John Yen, Peng Liu,
Robert F. Erbacher, and Christopher Garneau, Peer into Cyber Security
Analysts Minds: Capturing and Studying Their Cognitive Processes of
Analytical Reasoning, Penn State Graduate Exhibition of Research, University
Park, PA, March 2015. Awarded the First Place in
Engineering.
|
PhD Dissertations
|
Bin Zhao, IDENTIFYING PRIVATE
DATA LEAKAGE THREATS IN WEB BROWSERS, PhD Dissertation, College of IST, June
2015, Penn State University.
Jun Wang, PROTECTING SERVER
PROGRAMS AND SYSTEMS: PRIVILEGE SEPARATION, ATTACK SURFACE REDUCTION, AND
RISK ASSESSMENT, PhD Dissertation, College of IST, November 2015, Penn State
University.
|
MS Thesis
|
Pinyao Guo, DESIGN, IMPLEMENTATION AND EVALUATION OF A
SYMBOLIC N-VARIANT SIMULATOR, College of IST, summer 2015, Penn State
University
Gaoyao Xiao, DETECTING AUTOMATED
AGENTS BASED INSIDER ATTACKS THROUGH ADJACENCY MATRIX ANALYSIS, MS Thesis,
College of IST, Spring 2015, Penn State University
Wenqi Cao, MEMORY ANALYSIS TOWARDS
MORE EFFICIENT LIVE MIGRATION OF APACHE WEB SERVER, MS Thesis, College of
Engineering, Spring 2015, Penn State University
|
2014
|
|
US Patent
|
US Patent 8,881,288, Graphical
models for cyber security analysis in enterprise networks, by R Levy, H Li,
P Liu, and M Lyell, November 4, 2014.
|
ICSE
|
Kai Chen, Peng Liu, Yingjun Zhang, Achieving Accuracy and Scalability
Simultaneously in Detecting Application Clones on Android Markets, ICSE 2014, regular paper, June 2014. [PDF]
|
CGO
|
Q. Zeng, J. Rhee, H. Zhang, N.
Arora, G. Jiang, P. Liu, Precise and Scalable Calling Context Encoding,
Proc. International Symposium on Code
Generation and Optimization (CGO 2014), 2014. [PDF]
|
DSN
|
R. Wu, P. Chen, P. Liu, B. Mao,
System Call Redirection: A Practical Approach to Meeting Real-world VMI
Needs, DSN 2014, June 2014.
|
FSE Distinguished Paper Award nomination
|
Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu and Sencun
Zhu, Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison
with Applications to Software Plagiarism Detection, FSE 2014, Nov. 16-22, 2014.
|
ESORICS
|
Lingchen Zhang, Sachin Shetty, Peng Liu, Jiwu Jing, RootkitDet:
Practical End-to-End Defense against Kernel Rootkits in a Cloud Environment,
ESORICS 2014, Sept. 7-11,
2014.
|
ESORICS
|
Min Li, Zili Zha, Wanyu Zang, Meng Yu, Peng Liu, Kun Bai, Detangling
Resource Management Functions from the TCB in Privacy-Preserving
Virtualization, ESORICS 2014,
Sept. 7-11, 2014.
|
ASE
|
Chuangang Ren, Kai Chen, Peng
Liu, Droidmarking: Resilient Software Watermarking
for Impeding Android Application Repackaging, ASE 2014, Sept. 15-19, Sweden, 2014.
|
ACM WiSec
|
Wenhui Hu, Damien Octeau, Patrick McDaniel, and Peng Liu, Duet: Library
Integrity Verification for Android Applications, Proceedings of the ACM Conference on Security and Privacy in Wireless
and Mobile Networks (WiSec), July 2014. Oxford,
United Kingdom.
|
ACM WiSec
|
Fangfang Zhang, Heqing Huang, Sencun Zhu, Dinghao Wu and Peng Liu, ViewDroid:
Towards Obfuscation-Resilient Mobile Application Repackaging Detection, Proceedings of the ACM Conference on
Security and Privacy in Wireless and Mobile Networks (WiSec),
July 2014. Oxford, United Kingdom.
|
TKDE
|
Qiang Zeng, Mingyi
Zhao, Peng Liu, Poonam Yadav, Seraphin Calo, and Jorge Lobo. Enforcement of
Autonomous Authorizations in Collaborative Distributed Query Evaluation. To
appear in IEEE Transactions on
Knowledge and Data Engineering (TKDE), 2014.
|
SecureComm Best Paper Award nomination
|
Xiaoyan Sun, Jun Dai, Anoop
Singhal, Peng Liu, Inferring the Stealthy Bridges between Enterprise Network
Islands in Cloud Using Cross-Layer Bayesian Networks, SecureComm 2014, Beijing, Sept. 23-26, 2014.
|
ISSRE
|
Fangfang, Zhang, Dinghao Wu, Peng Liu, and Sencun
Zhu, Program Logic Based Software Plagiarism Detection, In Proceedings
of the 25th annual International Symposium on Software Reliability
Engineering (ISSRE 2014), Naples, Italy, November 3-6, 2014.
|
MTD
Workshop
|
Minghui Zhu, Zhisheng Hu and Peng Liu, Reinforcement
learning algorithms for adaptive cyber defense against Heartbleed, Proc. First ACM Workshop on Moving Target
Defense (MTD 2014), in association with CCS14, Nov. 2014.
|
MTD
Workshop
|
J. Xu, P. Guo, M. Zhao, R. F.
Erbacher, M. Zhu, P. Liu, Comparing Different Moving Target Defense
Techniques. Proc. First ACM Workshop
on Moving Target Defense (MTD 2014), in association with CCS14, Nov.
2014.
|
IFIP
Networking
|
Lu Su, Yunlong Gao, Fan Ye,
Peng Liu, Oktay Gunluk, Tom Berman, Seraphin Calo,
Tarek Abdelzaher, "Robust Confidentiality
Preserving Data Delivery in Federated Coalition Networks," Proc. 13th IFIP International Conference
on Networking (Networking 2014), Trondheim, Norway, June,
2014.
|
CogSIMA |
C. Zhong, D. Samuel, J. Yen, P.
Liu, R. Erbacher, S. Hutchinson, R. Etoty, H. Cam,
and W. Glodek, RankAOH: Context-driven
Similarity-based Retrieval of Experiences in Cyber Analysis, In Proceedings of IEEE CogSIMA
Conference, 2014.
|
ICISS |
George Cybenko, Sushil Jajodia,
Michael P. Wellman, and Peng Liu, Adversarial and Uncertain Reasoning for
Adaptive Cyber Defense: Building the Scientific Foundation, In Proc. ICISS 2014, invited paper, 8
pages
|
SIW |
Mingyi Zhao, Jens Grossklags
and Kai Chen, An Exploratory Study of White Hat Behaviors in a Web
Vulnerability Disclosure Program, Proc.
CCS Workshop on Security Information Workers, November 7, 2014,
Scottsdale, AZ
|
Elsevier ECE |
D. Tian, X. Xiong, C. Hu, P.
Liu, Defeating Buffer Overflow Attacks via Virtualization, Elsevier Computers & Electrical
Engineering Journal, Vol. 40, Issue 6, Pages 1940-1950, August 2014.
|
PhD
Dissertations
|
Jun Dai, GAINING BIG PICTURE
AWARENESS IN ENTERPRISE CYBER SECURITY DEFENSE, PhD Dissertation, College of
IST, Penn State University, July 2014
Qiang
Zeng, IMPROVING SOFTWARE SECURITY WITH CONCURRENT MONITORING, AUTOMATED
DIAGNOSIS, AND SELF-SHIELDING, PhD Dissertation, Dept. of CSE, College of
Engineering, Penn State University, Oct. 2014
|
Book
Chapters
|
John Yen, Robert Erbacher,
Cheng Zhong, and Peng Liu, Cognitive Process, Book Chapter, in Cyber Defense and Situational Awareness,
Robert Erbacher, Alexander Kott, and Cliff Wang (eds.), to appear.
D. Wu, P. Liu, Q. Zeng, D.
Tian, Software Cruising: A New Technology for Building Concurrent Software
Monitor, Book Chapter, in Secure Cloud Computing,
Springer, Sushil Jajodia,
Krishna
Kant, Pierangela Samarati,
Anoop Singhal, Vipin Swarup, and Cliff Wang (eds.), pages 303-324. Springer, 2014.
Haitao Du, Changzhou Wang, Tao Zhang, Shanchieh Jay Yang, Jai Choi, and Peng Liu, Cyber
Insider Mission Detection for Situation Awareness, Book Chapter, in Intelligent
Methods for Cyberwarfare, Springer, to appear.
|
Others
|
Qiang Zeng, Mingyi
Zhao, and Peng Liu. Targeted Therapy for Software Bugs and Vulnerabilities.
In Poster Session, 35th IEEE Symposium on Security and Privacy (Oakland),
2014.
H. Tripp, K. Warr, A. Freeman,
P. Liu, S. Wang, K. Leung, J. Lobo, A security model for micro-cloud
technology in hybrid tactical environments, short paper and poster, The 2014
Fall Meeting of ITA, 2014.
Mingyi Zhao, Peng Liu, Qiang Zeng, Fan Ye, Seraphin
Calo, Graham Bent, Patrick Dantressangle, and Jorge
Lobo, Authorization Information Leakage Control in Collaborative Distributed
Query Processing, short paper and poster, The 2014 Fall Meeting of ITA,
2014.
Heqing Huang, Kai Chen, Peng Liu, Sencun Zhu, and Dinghao Wu,
Uncovering the Dilemmas on Antivirus Software Design in Modern Mobile
Platforms, Proc. Int'l Workshop on
System Level Security of Smartphones, in conjunction with SecureComm 2014, Springer LNICST, Sept. 23, Beijing,
China
|
2013
|
|
US Patent
|
U.S. Patent 8,443,442,
Signature-Free Buffer Overflow Attack Blocker
|
Technical
Report (code released)
|
J. Wang, X. Xiong, P. Liu,
[Arbiter System] Practical Fine-grained Privilege Separation in
Multithreaded Applications, Penn State Cyber Security Lab Technical Report
PSU-S2-13-051, arXiv:1305.2553,
communicated 12 May 2013.
Arbiter project website (code
released): here
|
RAID
|
Xi Xiong and
Peng Liu, SILVER: Fine-grained and Transparent Protection Domain Primitives
in Commodity OS Kernel, RAID 2013,
published. [PDF]
|
RAID
|
Bin Zhao
and Peng Liu, Behavior Decomposition: Aspect-level Browser Extension
Clustering and Its Security Implications, RAID 2013, published. [PDF]
|
ESORICS
|
Jun Dai,
Xiaoyan Sun, Peng Liu, Patrol: Revealing Zero-day Attack Paths through
Network-wide System Object Dependencies, ESORICS
2013, published. [PDF]
|
ACSAC
|
Meng Yu, Min Li, Wanyu Zang, et al., MyCloud:
Supporting User-configured Privacy Protection in Cloud Computing, ACSAC 2013, accepted. [PDF]
|
TIFS
|
Fengjun Li, Bo Luo, Peng Liu, Dongwon Lee, Chao-Hsien
Chu, Enforcing Secure and Privacy-Preserving Information Brokering in
Distributed Information Sharing, IEEE
Transactions on Information Forensics and Security,
10.1109/TIFS.2013.2247398, Feb 2013. [PDF]
|
ICICS
|
Eunjung Yoon and Peng Liu, XLRF: A Cross-Layer Intrusion Recovery Framework
for Damage Assessment and Recovery Plan Generation, ICICS 2013, published.
|
ICICS
|
Jing Wang,
Peng Liu, Le Guan, Jiwu Jing, Fingerprint
Embedding: A Proactive Strategy of Detecting Timing Channels, ICICS 2013, published.
|
FGCS
|
Shengzhi Zhang, Wenjie Wang, Haishan Wu, Athanasios
Vasilakos, Peng Liu, Towards Transparent and Distributed Workload Management
for Large Scale Web Servers, Elsevier
FGCS Journal: Future Generation Computer Systems, volume 29 issue 4 (June 2013), pages
913-925
|
ISI
|
C. Zhong, D. S. Kirubakaran, J.
Yen, P. Liu, S. Hutchinson, H. Cam, How to Use Experience in Cyber Analysis:
An Analytical Reasoning Support System, IEEE
ISI 2013, published, short paper. [PDF]
|
TRUST
|
H. Huang, S. Zhu, P. Liu, D.
Wu, A Framework for Evaluating Mobile App Repackaging Detection Algorithms,
TRUST 2013, published.
|
SERE
|
Lei Wang, Ji Xiang, Peng Liu, Jiwu Jing, MJBlocker: A
Lightweight and Run-time Malicious JavaScript Extensions Blocker, IEEE SERE 2013, published.
|
SCN
|
Xiaoqi Jia, Rui Wang, Jun
Jiang, Shengzhi Zhang, Peng Liu, Defeating Return
Oriented Programming based on Virtualization Techniques, Wiley Journal Security and Communication Networks,
DOI: 10.1002/sec.693, Jan 2013
|
JNCA
|
Yan Yang, Yulong Zhang, Alex
Hai Wang, Meng Yu, Wanyu Zang, Peng Liu, Sushil Jajodia, Quantitative Survivability Evaluation of Three
Virtual Machine based Server Architectures, Journal of Network and Computer Applications (Elsevier), Volume
36 Issue 2, March, 2013, Pages 781-790.
|
|
Xiaoyan Sun, Jun Dai, Peng Liu,
SKRM: Where Security Techniques Talk to Each Other, CogSIMA 2013, IEEE
International Multi-Disciplinary Conference on Cognitive Methods in Situation
Awareness and Decision Support, February 26-28, 2013, San Diego, 4 page
position paper, plus poster.
C. Zhong, M. Zhao, G. Xiao, J.
Xu, Agile Cyber Analysis: Leveraging Visualization as Functions in
Collaborative Visual Analytics, IEEE VAST Challenge 2013 Workshop, part of
IEEE Viz 2013, short paper, plus poster.
Mingyi Zhao, Peng Liu, Fan Ye, Jorge Lobo,
Decentralized Policy Confidentiality Preserving Query Planning in Coalition
Networks, ACITA 2013 (2-page short paper).
Zongbin Liu, Neng Gao, Jiwu Jing, Peng Liu, HPAZ: a High-throughput Pipeline
Architecture of ZUC in Hardware,
IACR Cryptology ePrint Archive, Report
2013/461 (2013).
|
Thesis
|
Robert Cole, PhD dissertation,
Multi-Step Attack Detection via Bayesian Modeling under Model Parameter
Uncertainty, defended Dec, 2012
Zhi Xin (Nanjing University),
PhD dissertation, Study on Program Diversity for Software Security,
defended May, 2013
D. S.
Kirubakaran, MS Thesis, Context-driven Similarity-based Retrieval of Cyber
Analyst Experiences for Multi-step Attack Analysis, CSE Department, defended
March, 2013
|
2012
|
|
NDSS
|
D. Tian,
Q. Zeng, D. Wu, P. Liu, C. Z. Hu, Kruiser: Semi-synchronized Non-blocking Concurrent Kernel
Heap Buffer Overflow Monitoring, NDSS 2012, published. [PDF]
|
RAID
|
Shengzhi Zhang, Peng Liu, Assessing the Trustworthiness
of Drivers, RAID 2012, published. [PDF]
|
ISSTA
|
F. Zhang, Yoon-Chan Jhi, Dinghao Wu, Peng Liu, Sencun Zhu, Towards Algorithm Plagiarism Detection,
ISSTA 2012, published.
|
ESORICS
|
Q. Gu, K. Jones, W. Zang, M. Yu,
P. Liu, Revealing Abuses of Channel Assignment Protocols in Multi-Channel
Wireless Networks: An Investigation Logic Approach, ESORICS 2012.
|
CODASPY
|
Yuhao Yang, Jonathan Lutes, Fengjun Li, Bo Luo and Peng Liu, Stalking Online: on
User Privacy in Social Networks, In ACM
Conference on Data and Application Security and Privacy (CODASPY), 2012;
Acceptance rate: 18.6%.
|
CogSIMA Best Paper Award |
Po-Chun Chen, Peng Liu, and
John Yen, "Experience-Based Cyber Situation Recognition Using Relaxable Logic Patterns", Proc. IEEE CogSIMA
2012, New Orleans, LA
|
ASIACCS |
Shengzhi Zhang, Peng Liu, Letting Applications Operate
through Attacks Launched from Compromised Drivers, ACM ASIACCS, 2012, short
paper, May 2012, Korea.
|
TrustCom
|
Qijun Gu, Wanyu Zang, Meng
Yu, Peng Liu, Collaborative
Traffic-aware Intrusion Monitoring in Multi-channel Mesh Networks, IEEE TrustCom 2012, published.
|
GameSec
|
J. Lin, P. Liu, J. Jing, Using
Signaling Games to Model the Multi-step Attack-defense Scenarios on
Confidentiality, GameSec 2012, published.
|
SAFECONFIG
|
M. Zhao, P. Liu, Modeling and
Checking the Security of DIFC System Configurations, SAFECONG-2012,
Baltimore, MD, 2012.
|
ASE Cyber
Security
|
Jun Dai, Xiaoyan Sun, Peng Liu,
Nicklaus Giacobe, Gaining Big Picture Awareness through an Interconnected
Cross-layer Situation Knowledge Reference Model, ASE International
Conference on Cyber Security, Washington DC, Dec 14-16, 2012, published.
|
SPIE
|
Y. Cheng, Y. E. Sagduyu, J. Deng, J. Li, and Peng Liu, "Integrated
Situational Awareness for Cyber-attack Detection, Analysis, and
Mitigation," Proc. SPIE Defense,
Security and Sensing Conference, 2012.
|
ACITA
|
Q. Zeng, J. Lobo, P. Liu, S.
Calo, and P. Yadav, Safe query processing for pairwise authorizations in
coalition networks, ACITA 2012, (extended abstract).
Mingyi Zhao, Qiang Zeng, Jorge Lobo, Peng Liu, Fan Ye,
Seraphin Calo, Tom Berman, Distributed Query Planning in Coalition Network,
ACITA 2012, (2-page short paper).
Tom Berman, David Vyvyan,
Graham Bent, Patrick Dantressangle, Jorge Lobo, Fan
Ye, Peng Liu, A Comparative Study on Trusted Path Discovery in Two
Algorithms, ACITA 2012, (2-page short paper).
David Vyvyan, Tom Berman,
Graham Bent, Patrick Dantressangle, Jorge Lobo, Fan
Ye, Peng liu, Trust-based Routing in Gaian
Networks, demo, ACITA 2012, Sept., 2012 UK.
|
JSR
|
Jun Shao, Peng Liu, Yuan Zhou, Achieving
Key Privacy without Losing CCA Security in Proxy Re-Encryption, Journal of Systems and Software,
accepted.
|
SCN
|
Jingqiang Liu, Jiwu Jing, Peng Liu, Qiongxiao
Wang, "Impossibility of Finding Any Third Family of Server Protocols
Integrating Byzantine Quorum Systems with Threshold Signature Schemes,"
Wiley Journal Security and
Communication Networks, accepted.
|
BMC
Bioinformatics
|
Fengjun Li, Xukai Zhou, Peng
Liu, Jake Y. Chen, New Threats to Health Data Privacy, BMC Bioinformatics, in press.
|
IJIS
|
Zhi Xin, Huiyu Chen, Xinche Wang, Peng
Liu, Sencun Zhu, Bing Mao, Li Xie, Replacement
Attacks: Automatically Evading Behavior Based Software Birthmark, International Journal of Information
Security, Springer, accepted, 2012.
|
SCN
|
Deguang Kong, Dinghao Wu,
Donghai Tian, Peng Liu, Semantic Aware Attribution Analysis of Remote
Exploits, Wiley Journal Security and
Communication Networks, accepted.
|
Thesis
|
Xi Xiong, PhD Dissertation,
Protecting System Integrity in Commodity Computers, defended, Oct 2012
Shengzhi Zhang, PhD Dissertation, Virtualization-based
Security Analysis of Production Server Systems, defended, July 2012
Dan Keating, MS Thesis, Exploiting
Memory Remnants Vulnerabilities to Do Cross-Tenant Data Extraction in Cloud
Systems, defended, July 2012
Donghai Tian (BIT), PhD
Dissertation on Kernel Cruising and systems integrity protection, defended,
Feb 2012
Jian Liu (Nanjing University of
Aeronautics & Astronautics), PhD Dissertation, HCS: Study on Algorithms
and Models of Decision Making Problem Based on Human-Centered Services,
defended, June 2012
Lei Wang (CAS), PhD
Dissertation, Study on Behavior-based Analysis of Malicious Network
Scripts, defended, May 2012
Zongbin Liu (CAS), PhD Dissertation, Study on Hardware
Implementations of ECC and Other Cryptographic Algorithms, defended, May
2012
|
2011
|
|
NDSS
|
X. Xiong,
D. Tian, P. Liu, Practical Protection of Kernel Integrity for Commodity OS
from Untrusted Extensions, NDSS 2011, Feb, 2011,
CA. [PDF]
|
PLDI
|
Qiang
Zeng, Dinghao Wu, Peng Liu, Cruiser: Concurrent
Heap Buffer Overflow Monitoring Using Lock-free Data Structures, PLDI 2011, June, 2011. [PDF]
|
TIFS
|
Shengzhi Zhang, Xiaoqi Jia, Peng Liu, Jiwu Jing, PEDA: Comprehensive Damage Assessment for
Production Environment Server Systems, IEEE
Transactions on Information Forensics and Security, Vol. 6, No. 4, Dec
2011, pages 1323-1334.
|
ICSE (SPIE track)
|
Y. C. Jhi, X. Wang, X. Jia, S. Zhu, P. Liu, D. Wu,
"Value-Based Program Characterization and Its Application to Software
Plagiarism Detection", ICSE 2011
(SPIE Track), 2011.
|
HotNets
|
John R.
Douceur, Jon Howell, Bryan Parno, Xi Xiong, Michael Walfish, The Web
Interface Should Be Radically Refactored, to appear, HotNets
X, 2011
|
Cloud
Shredder
|
Nan Zhang,
J. Jing, P. Liu, Cloud Shredder: Removing the Laptop On-Road Data Disclosure
Threat in the Cloud Computing Era, Proc.
6th International Conference on Frontier of Computer Science and Technology,
IEEE Digital Library, 2011
|
SSDBM
|
Fengjun Li, Yuxin Chen, Bo Luo,
Dongwon Lee and Peng Liu, Privacy-Preserving Group Linkage, SSDBM 2011,
accepted.
|
ISC Best Paper Award |
Zhi Xin, Huiyu Chen, Xinche Wang, Peng
Liu, Sencun Zhu and Bing Mao, "Replacement
Attacks on Behavior Based Software Birthmark",(2011), ISC 2011,
accepted.
|
SecureComm
|
Deguang Kong, Donghai Tian and Peng
Liu, "SAEA: Automatic Semantic Aware Remote Exploits Attribution
Analysis", (2011). Proc. SECURECOMM 2011, to appear
|
ICICS
|
Jun Jiang,
Xiaoqi Jia, Dengguo Feng, Shengzhi
Zhang, Peng Liu, HyperCrop: A Hypervisor-based Countermeasure
for Return Oriented Programming, accepted, to appear in Proc. ICICS 2011.
|
CNSM
|
S. Zhang,
H. Wu, W. Wang, B. Yang, P. Liu, A. V. Vasilakos, "Distributed Workload
and Response Time Management for Web Applications", (2011), Proc.
IEEE CNSM 2011, to appear, acceptance
ratio 15%
|
SECRYPT
|
Zongbin Liu, Luning Xia, Jiwu Jing, Peng Liu, A Tiny RSA Coprocessor Based on Optimized
Systolic Montgomery Architecture, Proc. SECRYPT 2011, acceptance ratio 13%
|
CODASPY
|
Junfeng Yu, P. Liu, Z. Li, S. Zhang,
et al., LeakProber: A framework for profiling
sensitive data leakage paths, ACM CODASPY 2011, 2011.
|
ICC
|
Qijun Gu, Meng Yu, Wanyu Zang, Peng Liu, Lightweight Attacks against
Channel Assignment Protocols in MIMC Wireless Networks, ICC 2011, 2011.
|
ICC
|
Jun Shao, Peng Liu, Zhenfu Cao, Guiyi Wei,
Multi-use Unidirectional Proxy Re-Encryption, ICC 2011, 2011
|
ACITA
|
Jorge Lobo, Qiang Zeng,
Towards Securing Query Processing in Distributed Databases, position paper,
Proc. ACITA 2011
|
IJIS
|
Deguang Kong, Yoon-Chan Jhi,
Tao Gong, Sencun Zhu, Peng Liu, Hongsheng
Xi, SAS: Semantics Aware Signature Generation for Polymorphic Worm
Detection, International Journal of
Information Security, Springer, in press.
|
SCN
|
Jun Shao, Zhenfu
Cao, Peng Liu, SCCR: a generic approach to simultaneously achieve CCA
security and collusion-resistance in proxy re-encryption, Security and Communication Networks
4(2): 122135 (2011)
|
ISPEC
|
Donghai Tian, Xi Xiong, Changzhen Hu, and Peng Liu, Policy-Centric Protection of
OS Kernel from Vulnerable Loadable Kernel Modules, ISPEC 2011,
accepted.
|
JQRE
|
Jingqiang Lin, Jiwu Jing, Peng Liu, Evaluating Intrusion Tolerant
Certification Authority Systems, Journal
of Quality and Reliability Engineering, accepted, in press
|
GENSIPS
|
Xukai Zou, Peng Liu and Jake Chen,
Personal Genome Privacy Protection with Feature-based Hierarchical
Dual-stage Encryptions, GENSIPS 2011, to appear |
SCN
|
Jun Shao, Peng Liu, Guiyi Wei, Yun Ling, Anonymous Proxy Re-encryption, Security and Communication Networks
Journal, published.
|
IJSCCPS
|
Baojun Qiu, Kristinka Ivanova, John Yen, Peng Liu, Frank
E. Ritter, Event-driven Modeling of Evolving Social Networks, Int. J. of Social Computing and
Cyber-Physical Systems, published.
|
IJSN
|
Fengjun Li, Bo Luo, Peng Liu, Secure
and Privacy-Preserving Information Aggregation for Smart Grids, International Journal of Security and
Networks (IJSN), 6(1):28 - 39, 2011.
|
Qi Fang, Peng Liu, John Yen,
Frank Ritter, Jonathan Morgan, A Threaded Event-Based Simulation Approach
for Supporting Intelligence Analysis, Proc.
2011 WG 11.10 Conference on Critical Infrastructure Protection,
published.
Kevin Hamlen, Peng Liu, Murat
Kantarcioglu, Bhavani Thuraisingham, Ting Yu, Identity management for cloud
computing: Developments and directions, Proceedings
of the Seventh Annual Workshop on Cyber Security and Information Intelligence
Research, 2011.
|
|
2010
|
|
ACSAC
|
S. Zhang, X. Jia, P.
Liu, J. Jing, Cross-Layer Comprehensive Intrusion Harm Analysis for
Production Workload Server Systems, In Proceedings
of ACSAC 2010, Dec. 2010, Austin, Texas.
|
ISC
|
D. Tian, X. Xiong,
C. Z. Hu, P. Liu, Short Paper: Integrating Offline Analysis and Online
Protection to Defeat Buffer Overflow Attacks, In Proceedings of ISC 2010, Florida
|
SmartGridComm
Selected into IJSN Special
Issue
|
F. Li, B. Luo, P.
Liu, Secure Information Aggregation for Smart Grids Using Homomorphic
Encryption, In Proceedings of First
IEEE Conf. on Smart Grid Communications, Oct. 4-6, 2010, NIST, MD. |
INFOCOM
|
F. Li, B. Luo, P.
Liu, C. H. Chu, A Node Failure Resilient Anonymous
Communication Protocol through
Commutative Path Hopping, In Proceedings of IEEE INFOCOM 2010, March 2010, San
Diego, CA, USA, regular paper. |
MILCOM Tutorial
|
Jason Li, Peng Liu,
Cyber Security Analysis and Situation Awareness: Theory and Practice,
MILCOM 2010, San Jose, CA |
DSN
10-year Test-of-Time Award
|
Peng Xie, Jason H
Li, Xinming Ou, Peng Liu and Renato Levy, Using
Bayesian Networks for Cyber Security Analysis, In
Proceedings of IEEE DSN-DCCS 2010,
June 2010, Chicago, USA, regular paper. |
SecureComm
|
J. Lin, P. Liu, J.
Jing, Q. Wang, Impossibility of Finding Any Third Family of Server Protocols
Integrating Byzantine Quorum Systems with Threshold Signature Schemes , Proceedings
of SecureComm 2010, Sept. 2010, Singapore,
accepted. |
SecureComm
Selected into
IJIS Special Issue
|
D. Kong, Y. C. Jhi, T. Gong, S. Zhu, P. Liu, H. Xi, SAS: Semantics
Aware Signature Generation for Polymorphic Worm Detection, Proceedings of SecureComm
2010, Sept. 2010, Singapore, accepted. |
VLDB Journal
|
QFilter: Rewriting Insecure XML Queries to Secure Ones
using Non-Deterministic Finite Automata, Bo Luo, Dongwon Lee, Wang-Chien
Lee, Peng Liu, In The VLDB J., accepted. |
Position Paper
|
Shengzhi Zhang, Xi Xiong,
Peng Liu, Challenges in Improving the Survivability of Data Centers, Proc. of the Survivability in Cyberspace
Workshop, 2010 |
Position Paper
|
Peng Liu, Security
and Privacy cannot be taken for Granted by the Cloud Computing Industry,
Proc. of METS 2010, Taiwan, Nov. 2010 |
COMCOM
|
Choi, Y. H., Liu,
P. and Seo, S. W. Using Information Collected by Botnets to Create
Importance Scanning Worms, Elsevier
Computer Communications Journal, 33 (6), 676-688, 2010 |
TDSC
|
X. Wang, C. Pan, P. Liu, S.
Zhu, SigFree: A Signature-free Buffer Overflow
Attack Blocker, IEEE Transactions on
Dependable and Secure Computing (TDSC), accepted, in press
|
ACISP
|
Jun Shao, Min Feng, Bin Zhu, Zhenfu Cao and Peng Liu, The Security Model of
Unidirectional Proxy Re-Signature with Private Re-Signature Key, Proc. of 15th Australasian Conference on
Information Security and Privacy, July 5-7, 2010, Sydney, Australia
|
ARES
|
Hai Wang, Yan Su, Peng
Liu, "A Semi-Markov Survivability Evaluation Model for Intrusion
Tolerant Database Systems," accepted for publication in ARES 2010 (The Fifth International Conference on
Availability, Reliability and Security) |
COSE
|
Yoon-Ho Choi, Lunquan Li, Peng Liu, George Kesidis, Worm Virulence Estimation for the Containment of Local Worm Outbreak, Elsevier Computers & Security journal, Feb. 2010
|
ISPEC
|
Xiaoqi Jia, Xi Xiong, Jiwu Jing, Peng Liu, Using Purpose Capturing Signatures to Defeat Computer Virus Mutating, accepted by The Sixth
International Conference on Information Security Practice and Experience
Conference (ISPEC 2010), 2010. Springer-Verlag LNCS, to
appear.
|
CNS
|
Heywoong Kim, Qijun Gu, Meng Yu, Wanyu
Zang and Peng Liu, A Simulation Framework for Performance Analysis of
Multi-Interface and Multi-Channel Wireless Networks in INET/OMNET++,
accepted by 13th Communications and
Networking Simulation Symposium (CNS'10)
|
SECRYPT
|
Meng Yu, W. Zang, H. Wang, P. Liu, Evaluating Survivability and Costs
of Three Virtual Machine based Server Architectures, Proc. of SECRYPT 2010, accepted, 2010
|
Eurosys Poster
|
Shengzhi Zhang, Xiaoqi Jia, Peng Liu, Rupis Dance: Cross-Layer Comprehensive
Infection Diagnosis for Availability-Critical Server Systems, poster, Eurosys 2010
|
CSI
|
Peng Liu, Meng Yu, Damage Assessment and Repair in Attack Resilient
Distributed Database Systems, Elsevier
Computer Standards & Interfaces Journal, accepted.
|
BIOKDD
|
Fengjun Li, Jake Chen, Xukai Zou, Peng Liu, New
Privacy Threats in Healthcare Informatics: When Medical Records Join the
Web, short paper, BIOKDD workshop 2010, Washington D.C.
|
IET Info Security
|
Meng Yu, Wanyu Zang, Peng Liu, Recovery of
Data Integrity under Multi-Tier Architectures, IET Information Security
Journal, accepted.
|
PhD Dissertations
|
Fengjun Li, Secure and Privacy-Preserving Information Brokering, PhD
Dissertation, Oct. 2010
Yoon-Chan Jhi, A Study of Selected Security
Measures against Non-legitimate Use of Code, PhD Dissertation, Aug. 2010
Xiaoqi Jia (joint PhD training), A Study of Virtualization-based High
Availability and Security Mechanisms, PhD Dissertation, June 2010, Degree
granted by Graduate University of CAS
Po-Chun Chen (affiliated student),
Experience-based Cyber Security Analysis, PhD Dissertation, fall 2010
Deguang Kong (joint
PhD training), Research on Applications of Semantic Aware Statistical
Learning Approaches in Code Security Problems, PhD Dissertation, May 2010,
Degree granted by University of Sci. and Tech. of China
|
|
David Basin, Peng Liu, Peng Ning (eds.), Proc. of 5th ACM Symposium on Information, Computer and
Communications Security (ASIACCS10), ACM Press, April,
2010, to appear
D. Tian, D. Kong, C. Z. Hu, P. Liu, Protecting Kernel Data through
Virtualization Technology, Proc. SecureWare 2010
Baojun Qiu, Kristinka Ivanova, John Yen and Peng Liu, Behavior Evolution and
Event-driven Growth Dynamics in Social Networks, IEEE Social Computing
Conference (SocialCom 2010)
Baojun Qiu, Kristinka Ivanova, John Yen and Peng Liu, Study of Effect of
Node Seniority in Social Networks, Proc.
of IEEE ISI 2010, short paper
Zongbin Liu, Jiwu Jing, and Peng Liu, Rate-based
Watermark Traceback: A New Approach, Proc. of The Sixth International Conference on Information Security Practice
and Experience Conference (ISPEC 2010), 2010
Xiaoqi Jia, Jun Shao, Peng Liu, CCA-Secure Type-based Proxy
Re-encryption with Invisible Proxy, accepted by CIT 2010, Proc. of The 10th IEEE International Conference on Computer and Information
Technology, 2010
Daren Zha, Jiwu Jing, Peng Liu, Jingqiang
Lin, Xiaoqi Jia, Proactive Identification and Prevention of Unexpected
Future Rule Conflicts in Attribute Based Access Control, Springer-Verlag LNCS, 2010.
|
2009 |
|
Cyber
Situation
Awareness
|
S. Jajodia,
P. Liu, V. Swarup, C. Wang (eds.), Cyber
Situational Awareness: Issues and Research, Springer, published in Nov.
2009
|
CCS
|
X.
Wang, Y. C. Jhi, S. Zhu, P. Liu, Behavior
Based Software Theft Detection, Proc. ACM CCS, 2009. [PDF]
|
ACSAC
|
X. Wang, Y. C. Jhi, S. Zhu, P. Liu,
Detecting Software Theft via System Call Based Birthmarks, Proc. ACSAC,
2009, accepted, to appear. 19.6% acceptance rate. |
ACSAC
|
X. Xiong, X. Jia, P. Liu, SHELF: Preserving Business Continuity and
Availability in an Intrusion Recovery System, Proc. ACSAC, 2009,
accepted, to appear. 19.6% acceptance rate. |
VMSEC
|
Zhang, S., Xiong, X., Jia, X. and Liu, P. (2009)
Availability-sensitive Intrusion Recovery, Proceedings of Second ACM
Workshop on Virtual Machine Security, Chicago, IL, November 2009, 6 page
position paper |
TKDE
|
B. Zheng, W. C.
Lee, P. Liu, D. L. Lee, X. Ding, Tuning On-Air Signatures for Balancing
Performance and Confidentiality, IEEE Transactions
on Knowledge and Data Engineering, Vol. 21,
Issue. 12, pp. 1783-1797, Dec. 2009 |
TDSC
|
Q. Gu, P. Liu, W. C. Lee, C. H. Chu, KTR: An Efficient Key Management Scheme
For Secure Data Access Control in Wireless Broadcast Services, IEEE Transactions on Dependable and Secure
Computing (TDSC), Volume 6, Number 3, July-Sept.
2009, pp. 188-201. [PDF]
|
EDBT
|
Damage Tracking Quarantine and Recovery for Mission-Critical Database
Systems, Proc. EDBT 2009, March
2009.
|
NCA
|
Meng Yu, Peng Liu, Wanyu Zang: The
implementation and evaluation of a recovery system for workflows. Elsevier J. Network and Computer Applications
32(1): 158-183 (2009)
|
SCN
|
Yoon-Chan Jhi, Peng Liu, Lunquan
Li, Qijun Gu, Jiwu Jing,
George Kesidis, PWC: A Proactive Worm Containment
Solution for Enterprise Networks, Wiley
Security and Communication Networks Journal, accepted, to appear
|
|
K. Bai, Ying Liu,
Peng Liu, Prevent Identity Disclosure in Social Network Data Study, Proc.
ACM CCS 2009, poster
Zang, W., Gu, Q., Yu,
M. and Liu, P. (2009) An Attack-Resilient Channel Assignment MAC Protocol
Not relying on Trust Management, Proc. International Workshop on Data
Security and Privacy in Emerging Networked Systems, in association
with NBiS, Indianapolis, Aug. 19-21. Ruidong Li, Jie Li, Peng
Liu, Jien Kato, A Novel Hybrid Trust Management
Framework for MANETs, Proc. 2009
International Workshop on Next Generation Network Architecture (NGNA
2009) , in association with ICDCS09.
M. Yung, P. Liu, D.
Lin (eds.), Information
Security and Cryptology, Springer Lecture Notes in Computer Science,
2009, ISBN 3-540-36796-9
P. Liu, R. Molva, R. D. Pietro (eds.), Proceedings of the fourth International Conference on Security and
Privacy in Communication Networks (Securecomm
2008), ACM Digital Library, 2008
M. Yung, P. Liu, D.
Lin (eds.), Information
Security and Cryptology - Proceedings of the Short Papers Presented on Inscrypt 2008, Chinese Science Press, 2009
Zang, W., Liu, P.
and Yu, M. (2009) Incentive-based Methods for Inferring Attacker Intent and
Strategies and Measuring Attack Resilience, in Annals of Emerging
Research in IA, Security and Privacy Service, H. R. Rao and Shambhu
Upadhyaya (eds.), Elsevier, in press. Barford, P.,
Dacier, M., Dietterich, T. G., Fredrikson, M., Giffin, J., Jajodia, S., Jha, S., Li, J., Liu, P., Ning, P., Ou, X., Song, D.,
Strater, L., Swarup, V., Tadda, G., Wang, C. and Yen, J. (2009) Cyber SA:
Situational Awareness for Cyber Defense, in Cyber Situational Awareness:
Issues and Research, S. Jajodia, P. Liu, V.
Swarup, C. Wang (Eds.), ISBN: 98-1-4419-0139-2, Springer International Series
on Advances in Information Security, Nov. 2009 Yen, J., McNeese, M., Mullen, T.,
Hall, D., Fan, X. and Liu, P. (2009) RPD-based Hypothesis Reasoning for
Cyber Situation Awareness, in Cyber Situational Awareness: Issues and
Research, S. Jajodia, P. Liu, V. Swarup, C.
Wang (Eds.), ISBN: 98-1-4419-0139-2, Springer International Series on
Advances in Information Security, Nov. 2009
Liu, P., Jia, X.,
Zhang, S., Xiong, X., Jhi, Y. C., Bai, K. and Li,
J. (2009) Cross-Layer Damage Assessment for Cyber Situational Awareness, in
Cyber Situational Awareness: Issues and Research, S. Jajodia, P. Liu, V. Swarup, C. Wang (Eds.), ISBN:
98-1-4419-0139-2, Springer International Series on Advances in Information
Security, Nov. 2009 Liu, P., La Porta, T.
and Kotapati, K. (2009) Cellular Network
Security, in Handbook of Wireless Networks, John R. Vacca (editor),
Morgan Kaufmann, published. P. Luenam, P. Liu, A. F.
Norcio, A Neuro-Fuzzy Approach towards Adaptive
Intrusion Tolerant Database Systems, in Computational
Intelligence and Its Applications, X. Li, X. Yao (eds.), USTC Press,
Hefei, China, 2009
Kun Bai, Damage Management in Database Management Systems, Ph.D. Dissertation, defended in Summer
2009 |
2008
|
|
VMSEC
|
X. Jia, S. Zhang, J. Jing, P. Liu, Using Virtual Machines to Do
Cross-Layer Damage Assessment, Proceedings
of ACM Workshop on Virtual Machine Security, in association with ACM CCS,
2008
|
ACSAC
|
Robert Cole, Peng Liu, Addressing Low Base Rates in Intrusion Detection
via Uncertainty-Bounding Multi-Step Analysis, Proceedings of 24th Annual Computer Security Applications Conference
(ACSAC), 2008
|
ACSAC
|
X. Wang, Y-C Jhi, S. Zhu, P. Liu, STILL:
Exploit Code Detection via Static Taint and Initialization Analyses Proceedings of 24th Annual Computer
Security Applications Conference (ACSAC), 2008
|
ESORICS
|
K. Bai, P. Liu, M. Yu, TRACE: Zero-down-time Database Damage Tracking,
Quarantine, and Cleansing with Negligible Run-time Overhead, Proc. ESORICS 2008
|
WINET
|
Kameswari Kotapati, Peng
Liu, and Thomas F. LaPorta, Evaluating MAPSec by
Marking Attack Graphs, Kluwer/ACM
Wireless Networks Journal (WINET),
in press.
|
TELESYS
|
K. Kotapati, P. Liu, T.
F. LaPorta, Dependency Relation based Vulnerability Analysis of 3G Networks:
Can It Identify Unforeseen Cascading Attacks?
Springer Telecommunications
Systems Journal, special issue on Security, Privacy and Trust for
Beyond-3G Networks, in press [PDF]
|
|
Q. Gu, C. H. Chu, P. Liu, Modeling and Analysis of
Bandwidth Competition in 802.11 Networks, International
Journal of Mobile Network Design and Innovation, in press.
F. Li, B. Luo, P. Liu, D. Lee, P. Mitra, W. Lee,
C. Chu, In-broker Access Control: Towards Efficient End-to-End Performance of
Information Brokerage Systems, International
Journal on Intelligent Control and Systems, Special Issue on Information
Assurance, in press.
W. Zang, M. Yu, P. Liu, How Resilient is the
Internet against DDoS attacks? - A Game Theoretic Analysis of Signature-based
Rate Limiting, International Journal on
Intelligent Control and Systems, Special Issue on Information Assurance,
in press.
X.
Wen, J. Jing, P. Liu, A model of efficient intrusion recovery solution based
on log-structured file system, Journal
of the Graduate School of the Chinese Academy of Sciences (JGSCAS), No.
6, 2008 L. Li, P. Liu, G. Kesidis, Threshold Smart Walk for the Containment of
Local Worm Outbreak, Proc. IEEE
GLOBECOM 2008
F. Li, R. Luo, P. Liu, A. Squicciarini, D. Lee, C.
Chu, Defending against Attribute-Correlation Attacks in Privacy-Aware
Information Brokering, Proc. CollaborateCom
2008, invited paper
K.
Bai, P. Liu, A Fine-grained Damage Management Scheme in a Self-Healing
PostgreSQL System, Proc. IEEE High
Assurance Systems Engineering Symposium (HASE), Dec 3-5, 2008, Nanjing,
China Xinran Wang, Yoon-Chan Jhi,
Sencun Zhu, Peng Liu, Protecting Web Services from
Remote Exploit code: A Static Analysis Approach, Poster paper, Proc. 17th International World Wide Web
Conference (WWW 2008), Beijing,
China, April 2008, to appear.
K.
Bai, P. Liu, A Light Weighted Damage Tracking Quarantine and Recovery Scheme
for Mission-Critical Database System, poster paper, Proceedings of ACM CIKM 2008. Yuewu
Wang, Peng Liu, Jiwu Jing, Xiaoqi Jia, A
Multi-Level Fidelity-preserving Bandwidth-Limited Worm Simulation Model and
Its Application, Proc. 41st Annual IEEE
Simulation Symposium, Ottawa, Canada, April 14-16, 2008, to appear.
Mohammad M. Masud, Latifur
Khan, Bhavani Thuraisingham, Xinran Wang, Peng Liu, Sencun
Zhu, A Data Mining Technique to Detect Remote Exploits, Fourth IFIP WG 11.9 International Conference on Digital Forensics,
Kyoto, Japan, January 27-30, 2008, to appear
Kameswari Kotapati, Peng
Liu, Thomas F. LaPorta, EndSec : An End-to-En
Message Security Protocol for Mobile Telecommunication Networks, IEEE Workshop on Security, Privacy and
Authentication in Wireless Networks, in conjunction with 9th IEEE
International Symposium on a World of Wireless, Mobile and Multimedia
Networks, 2008, accepted, to appear
P. Liu, S. Jajodia, M.
Yu, Damage Quarantine and Recovery in Data Processing Systems, in Handbook of Database Security, M.
Gertz, S. Jajodia, eds., Springer, to appear. [PDF]
Q. Gu, P. Liu, Denial of Service Attacks, in Handbook of Computer Networks, Hossein
Bidgoli et al. (eds.), John Wiley & Sons, Hoboken, NJ, 2008. [PDF]
H. Wang, P. Liu, Survivability Evaluation:
Modeling Techniques And Measures, in Jatinder Gupta and Sushil Sharma eds.,
in Handbook of Research on Information
Security and Assurance, Idea Group Inc., August 2008
Kameswari Kotapati,
Assessing Security of Mobile Telecommunication Networks, Ph.D. Dissertation, defended in Jan 2008
Lunquan
Li, Enterprise Worm: Simulation, Detection, and Optimal Containment, Ph.D. Dissertation, defended in May
2008
Robert (Bo) Luo, XML Access Control in Native and
RDBMS Systems, Ph.D. Dissertation, defended
in May 2008
|
2007
|
|
CCS
|
Fengjun Li, Bo Luo,
Peng Liu, Dongwon Lee, Chao-Hsien Chu, Automaton Segmentation: A New Approach
to Preserve Privacy in XML Information Brokering, In 14th ACM
Conf. on Computer and Communication Security (CCS), Alexandria,
VA, USA, October 2007, pages 508-518.
[PDF]
|
ESORICS
|
B. Luo, D. Lee, P. Liu, Pragmatic
XML Access Control Enforcement using Off-the-shelf RDBMS, ESORICS 2007, pages 55-71. [PDF]
|
SRDS
|
J. Lin, J. Jing, P. Liu, A Framework for Intrusion
Tolerant Certification Authority System Evaluation, IEEE SRDS 2007, acceptance rate = 15%
|
ACSAC
|
M. Yu, W. Zang, P. Liu, Database Isolation and Filtering
against Data Corruption Attacks, ACSAC
2007.
|
SecureComm
|
Y. Jhi, P. Liu, L. Li,
Q. Gu, J. Jing, G. Kesidis, PWC:
A Proactive Worm Containment Solution for Enterprise Networks, IEEE
SecureComm 2007. [PDF]
|
ASIACCS
|
P. Ayyagari, P. Mitra, D. Lee, W. Lee, P. Liu,
Incremental Adaptation of XML Access-Control Views, Proc. Second ACM Symposium on Information, Computer
and Communications Security (AsiaCCS), 2007, acceptance
rate = 18%.
|
TC
|
Peng Liu, Jie, Li, Sushil Jajodia,
Paul Ammann, Can Follow Concurrency Control, IEEE Transactions on Computers, 56(10), pp. 1425-1430 (brief
contribution)
|
|
Q. Gu, P. Liu, C. Chu, Analysis of
Area-congestion-based DDoS Attacks in Ad Hoc Networks, Elsevier Ad Hoc Networks Journal, Vol. 5/5, 2007, pages 613-625.
[PDF]
H. Wang, P. Liu, L.
Li, Evaluating the Survivability of Intrusion Tolerant Database Systems and
the Impact of Intrusion Detection Deficiencies, International Journal of Information and Computer Security, Vol.
1, No. 3, pp. 315-340.
Q.
Gu, P. Liu, S. Zhu, C. Chu, Defending against Packet Injection Attacks in
Unreliable Ad Hoc Networks, International Journal of Security and Networks,
Vol. 2, 2007, pages 154-169. [PDF]
W. Zang, M. Yu, P. Liu, A Distributed Algorithm
for Workflow Recovery, International
Journal on Intelligent Control and Systems, Volume 12, Number 1, March 2007
Page(s): 56- 62
M. Yu, P. Liu, S. Jajodia,
Trusted Recovery, in Secure Data
Management in Decentralized Systems, T. Yu, S. Jajodia,
eds., Springer, Berlin, ISBN / ASIN: 0387276947, Dec. 2006.
L. Li, P. Liu, Y. C. Jhi, G. Kesidis, Evaluation of Collaborative Worm Containment on
DETER Testbed, In Proc. DETER Community
Workshop on Cyber Security Experimentation, in association with Usenix
Security Symposium, Boston, August 2007
J. Li, R. Levy, P. Liu, Intelligent Cyber Security Analysis in
Enterprise Networks, AAAI RIDIS
Workshop 2007, position paper.
R. Li, J. Li, P. Liu, H. H. Chen, An Objective
Trust Management Framework for Mobile Ad Hoc Networks, IEEE VTC 2007.
Pramote Luenam, A Neuro-Fuzzy Approach Towards Adaptive Intrusion
Tolerant Database Systems, Ph.D.
Dissertation, defended in May 2007
Hai Wang, Modeling and Evaluating the
Survivability of an Intrusion Tolerant Database System, Ph.D. Dissertation, defended in July 2007
|
2006
|
|
USENIX Security
|
X. Wang, C. Pan, P. Liu, S. Zhu, SigFree: A Signature-free Buffer Overflow Attack Blocker,
Proc. USENIX Security 2006,
acceptance rate = 12% [PDF]
|
ESORICS
|
H. Wang, P. Liu, Modeling and Evaluating the Survivability of an
Intrusion Tolerant Database System, Proc.
ESORICS 2006, acceptance rate = 20%
|
ACSAC
|
K. Bai, P. Liu, Towards Database Firewall: Mining the Damage Spreading
Patterns, Proc. ACSAC 2006, to
appear, acceptance rate = 20%
|
SACMAT
|
P. Mitra, C. Pan, P. Liu, Semantic Access Control for Information Interoperation,
Proc. ACM SACMAT 2006, to appear.
|
ASIACCS
|
P. Mitra, C. Pan, P. Liu, V. Atluri, Privacy-preserving Semantic Interoperation and Access
Control of Heterogeneous Databases, Proc.
ACM Symposium on Information, Computer and Communications Security
(ASIACCS), 2006, to appear, acceptance rate = 17% [PDF]
|
SEC
|
K. Kotapati, P. Liu, T.
F. LaPorta, CAT A Practical Graph & SDL Based Toolkit for Vulnerability
Assessment of 3G Networks, In Proc.
IFIP SEC 2006, to appear, acceptance rate = 24.8% [PDF]
|
|
F. Li, B. Luo, P. Liu, D. Lee, P. Mitra, W. Lee,
C. Chu, In-broker Access Control: Towards Efficient End-to-End Performance of
Information Brokerage Systems, Proc.
IEEE SUTC 2006, acceptance rate = 25% [PDF]
L. Li, I. Hamadeh, S. Jiwasurat,
G. Kesidis, P. Liu, C. Newman, Emulating Sequential
Scanning Worms on the DETER Testbed, Proc.
IEEE TridentCom 06. [PDF]
L. Li, P. Liu, G. Kesidis, Visual Studio for
Network Security Experiment Specification and Data Analysis, Proc. ACM VizSEC Workshop 2006 (in association with CCS06), Nov 2006.
R. Li, J. Li, P. Liu, H. H. Chen, On-Demand
Public-Key Management for Mobile Ad Hoc Networks, Wiley Journal of Wireless
Communications and Mobile Computing (WCMC), 6:1-12, 2006.
Q.
Gu, Chao-Hsien Chu, Peng Liu, Sencun Zhu, Slander
Resistant Attacker Isolation in Ad Hot Networks, International Journal of
Mobile Network Design and Innovation, Inderscience
Publishers, Vol. 1, No. 3, 2006.
E.
Damiani, P. Liu (eds.), Database and Applications Security XX,
Springer Lecture Notes in Computer Science, LNCS 4127, 2006, ISBN
3-540-36796-9
M. Yu, P. Liu (eds.), Proceedings of the First
International Workshop on Information Assurance in Distributed Systems,
Springer Lecture Notes in Computer
Science, 2006.
Q. Gu, K. Bai, H. Wang, P. Liu, C. Chu, Modeling of Pollution in P2P File Sharing Systems, Proc. 2006 IEEE Consumer
Communications and Networking Conference, 8-10 January 2006, Las Vegas,
NV
L. Li, P. Liu, G. Kesidis, Scanning An
Integrated Experiment Specification and Visualization Tool for Testbed
Emulation, (3 page short paper), Proc.
2006 DETER Community Workshop, Arlington, VA, June 2006
L. Li, G. Kesidis, P. Liu, Scanning Worm
Emulation on the DETER Testbed (3 page short paper), Proc. 2006 DETER Community Workshop, Arlington, VA, June 2006
P. Liu, Book Review, Information
Security A Strategic Approach, Vincent Leveque, IEEE Computer Society
& Wiley Inderscience, ISBN 0471736120, Elsevier Information Processing &
Management Journal, 2006, in press
|
2005
|
|
TISSEC
|
P. Liu, W. Zang, M. Yu, Incentive-Based
Modeling and Inference of Attacker Intent, Objectives and Strategies, ACM Transactions
on Information and Systems Security,
Vol. 8, No. 1, 41 pages. [PDF]
|
JCS
|
M. Yu, P. Liu, W. Zang, Specifying and Using
Group-to-Group Communication Services for Intrusion Masking, Journal of Computer Security, Vol. 13,
No. 4, 623-658. [PDF]
|
JASIST
|
Peng Liu, Amit Chetal, Trust-based Secure
Information Sharing between Federal Government Agencies, Journal of the American Society for Information Science and
Technology, 56(3): 283--298. [PDF]
|
CIKM
|
Q. Tan, W. Lee, B. Zhang, P. Liu, D. L. Lee,
Balancing Performance and Confidentiality in Air Index, ACM CIKM 2005, to appear, acceptance rate = 18% [PDF]
|
ACSAC
|
M. Yu, W. Zang, P. Liu, Defensive Execution of Transactional Processes
against Attacks, Proc. ACSAC 2005,
to appear, acceptance rate = 19.6% [PDF]
|
ITC
|
L. Li, S. Jiwasurat, P.
Liu, G. Kesidis, Emulation of Single Packet UDP
Scanning Worms in Large Enterprises, In Proc.
19 International Teletraffic Congress (ITC19), August, Beijing, China,
2005. [PDF]
|
DOE
|
P. Liu, A Game Theoretic Approach to Cyber Attack Prediction, DOE ECPI Program
Final Technical Report, Dec 2005, 26 pages
|
|
P. Liu, Emerging Technologies in Information
Assurance, DoD IA Newsletter,
summer volume
Q. Gu, P. Liu, S. Zhu, C. Chu, Defending against
Packet Injection Attacks in Unreliable Ad Hoc Networks, IEEE GLOBECOM 05, acceptance rate = 30%. Click [PDF] for the full size technical report.
Y. Sun, P. Liu, P. Kermani, T. F. La Porta, An Architecture and Key Management Approach for Maintaining Privacy in Location Based Group Services, Proc. IEEE CollaborateCom 2005. Q. Gu, P. Liu, W. Lee, C. Chu, KTR: An Efficient
Key Management Scheme for Air Access Control, Proc. IEEE Mobiquitous 2005 (short
paper). Click [PDF] for the full size technical report.
K. Bai, H. Wang, P. Liu, Towards Database
Firewalls, Proc. 19th Annual
IFIP WG 11.3 Working Conference on Data and Applications Security (DBSEC
05), Storrs, CT, August 7-10, 2005.
K. Kotapati, P. Liu., Y.
Sun, T. F. LaPorta, A Taxonomy of Cyber Attacks on 3G Networks, Proc. IEEE Intl Conf. on Intelligence and
Security Informatics (extended abstract) (ISI 05), Springer LNCS Vol. xx
Y. Sun, P. Liu, P. Kermani, T. F. La Porta, An Architecture and Key Management Approach for Maintaining Privacy in Location Based Group Services, Proc. IEEE CollaborateCom 2005, International Conference on Collaborative Computing: Networking, Applications and Worksharing, 2005. Q. Gu, Chao-Hsien Chu, Peng Liu, Sencun Zhu, Slander Resistant Attacker Isolation in Ad
Hot Networks, Proc. International Conference on Telecommunication Systems
Modeling and Analysis, November 17-20, 2005, Dallas, TX, 13 pages, To
appear.
M. Yu, W. Zang, P. Liu, J. Wang, The Architecture
of An Automatic Distributed Recovery System, Proc. 2005 IEEE
International Conference on Networking, Sensing and Control (ICNSC 05).
P. Mitra, P. Liu, C. Pan, Privacy Preserving
Ontology Matching, In Proc. AAAI-05 Workshop on Contexts and
Ontologies: Theory, Practice and Applications (4-page
short paper), 2005, to appear.
B. Luo, D. Lee, W. Lee, P. Liu, Deep Set Operators
for XQuery, In Proc. Second
International Workshop on XQuery Implementation, Experience and Perspectives
(XIME-P 2005) (short paper), in association with SIGMOD 2005, to appear
S. Roberts, S. Coyne, Form Follows Function:
Information Assurance Network Design for Problem Based Learning, In Proc. 9th Colloquium for Information
Systems Security Education (CISSE 05), 6-10 June, Atlanta Georgia, 2005.
M. Yu, W. Zang, P. Liu, Self
Healing Workflows under Attacks, 5 minute talk, IEEE Symposium on Security and Privacy, 2005
Qijun
Gu, Peng Liu, Chao-Hsien Chu, Hacking Techniques in Wired Networks, In The Handbook of Information Security,
Hossein Bidgoli et al. (eds.), John Wiley & Sons, to appear [PDF]
Peng Liu, Meng Yu, Jiwu
Jing, Information Assurance, In The
Handbook of Information Security, Hossein Bidgoli et al. (eds.), John
Wiley & Sons; to appear [PDF]
Qijun
Gu, A Study of Selected Security Issues in Wireless Networks, Ph.D. Dissertation, defended in June 21, 2005
|
2004
|
|
ICDCS
|
M. Yu, P. Liu, W. Zang, Self
Healing Workflow Systems under Attacks, Proc. 24th IEEE International Conference on Distributed
Computing Systems (ICDCS 04), Tokyo, Japan, March 2004, pages 418-425. Acceptance rate = 17.68% [PDF]
|
CIKM
|
B. Luo, D. Lee, W. C. Lee, P. Liu, QFilter: Fine-Grained Run-Time XML Access Controls via
NFA-based Query Rewriting, Proc. ACM
CIKM 2004. Acceptance rate = 19%.
[PDF]
|
CACM
|
R. Bazjscy, T. Benzel, M. Bishop, B. Braden,
C. Brodley, S. Fahmy, S. Floyd, W. Hardaker, A. Joseph, G. Kesidis, K. Levitt, B. Lindell, P. Liu, D. Miller, R.
Mundy, C. Neuman, R. Ostrenga, V. Paxson, P. Porras, C. Rosenberg, J. Tygar, S. Sastry, D. Sterne, S.F. Wu, Cyber Defense Technology Networking and Evaluation, Communications of the ACM, March 2004,
Vol. 47, No. 3, pages 58-61
|
ISC
|
H. Wang, P. Liu, L. Li, Evaluating the Impact of
Intrusion Detection Deficiencies on the Cost-Effectiveness of Attack
Recovery, In Proceedings of the 7th Information Security Conference (ISC 04), Springer LNCS,
September 2004.
|
|
R. Li, J. Li, H. Kameda, P. Liu, Localized
Public-key Management for Mobile Ad Hoc Networks, Proc. IEEE Globecom 04. Acceptance rate = 29% [PDF]
Peng Liu, H. Wang, L. Li, Real-Time Data Attack
Isolation for Commercial Database Applications, Elsevier Journal of Network and Computer Applications, in press.
P. Liu, J. Jing, P. Luenam,
Y. Wang, L. Li, S. Ingsriswang, The Design and
Implementation of a Self-Healing Database System, Journal of Intelligent Information Systems, Vol. 23, No. 3,
247-269, 2004 [PDF]
B. Luo, D. Lee, W. C. Lee, P. Liu, A Flexible
Framework for Architecting XML Access Control Enforcement Mechanisms, In Proceedings
of the First Workshop on Secure Data Management in a Connected World (Lecture Notes in Computer
Science 3178), August
2004.
Q. Gu, P. Liu, C. Chu, Tactical
Bandwidth Exhaustion in Ad Hoc Networks, Proceedings of the 5th Annual IEEE Information
Assurance Workshop (IA 04), West Point, June 2004.
B. Pfitzmann, P. Liu
(Eds.), Proceedings of the 11th ACM Conference on Computer and Communications
Security, ACM Press, 2004, ACM ISBN: 1-58113-961-6.
Dan Gao, TCP-based Worm Analysis and Experiments
on Emulab, BS
Thesis, IST & Schreyer Honors College
W. C. Lee, P. Liu, L. Giles, Research Issues in
Secure Wireless Data Broadcast Systems, Technical Report
|
2003
|
|
CCS
Selected into
TISSEC Special Issue
|
P. Liu, W. Zang, Incentive-Based Modeling and Inference of Attacker
Intent, Objectives and Strategies, Proc.
10th ACM Conference on Computer and Communications Security (CCS 03)
(Acceptance rate 36/252=14.3%), October 28-31, Washington DC, 2003, pages
179-189. [PDF]
|
ACSAC
|
M. Yu, P. Liu, W. Zang, Multi-Version Data Objects Based Attack
Recovery of Workflows, Proc. 19th
Annual Computer Security Applications Conference (ACSAC 03), Las Vegas, Dec, 2003, pages 142-151. [PDF]
|
SEC
|
M. Yu, P. Liu, W. Zhang, Intrusion Masking for Distributed Atomic
Operations, Proc. 18th IFIP International Information Security Conference
(SEC 03), May 2003, acceptance ratio 27%, pages 229-240.
|
SSRS
|
J. Jing, P. Liu, D. G. Feng, J.
Xiang, N. Gao, J. Q. Lin, ARECA: A Highly Attack Resilient Certification
Authority, Proc. First ACM Workshop on
Survivable and Self-Regenerative Systems (SSRS 03), October 2003, pages
53-63. [PDF]
|
XSYM
|
D. Lee, W. C. Lee, and P. Liu, Supporting XML Security Models using
Relational Databases: A Vision, Proc.
First International Symposium of XML Databases (XSym
03) (Lecture Notes in Computer Science), September 2003. [PDF]
|
|
J. Zhang, P. Liu, Delivering
Services with Integrity Guarantees in Survivable Database Systems, Proc. 17th IFIP WG 11.3 Conference on Data
and Applications Security (DBSEC 03), August 2003, pages 31-45.
Peng Liu, Engineering a Distributed Intrusion
Tolerant Database System Using COT Components, Proc. DISCEX III, Volume 2, pages 284-289, April 2003
Peng Liu, ITDB: An Attack Self-Healing Database
System Prototype, Demo Abstract, Proc.
DISCEX III, Volume 2, pages 131-133, 2003
P. Liu, Architectures for Intrusion Tolerant
Database Systems, in Foundations of
Intrusion Tolerant Systems, Jaynarayan H. Lala
(ed.), IEEE Computer Society Press, 2003, pages 3-13. A previous version
appears as [28].
P. Luenam, P. Liu, The
Design of an Adaptive Intrusion Tolerant Database System, in Foundations of Intrusion Tolerant Systems,
Jaynarayan H. Lala (ed), IEEE Computer Society
Press, 2003, pages 14-21. A previous version appears as [30].
P. Liu, Measuring Quality of Information Assurance, DARPA OASIS Final Technical Report, 2003
R. R. Barton, W. J. Hery, P. Liu, An S-Vector for Web Applications
Security Management, Proc. First ACM
Workshop on Business Driven Security Engineering (SDSE 03), October
2003, 5 page poster paper.
P. Liu and P. Pal (Eds.), Proc. First ACM Workshop
on Survivable and Self-Regenerative Systems, ACM Press, 2003, ACM ISBN:
1-58113-784-2/03/0010.
V. Atluri and P. Liu (Eds.), 10th ACM
Proceedings on Computer and Communications Security, ACM Press, 2003, ISBN:
1-58113-738-9
Amit Chetal, Trust-Based Secure Info
Sharing Between Federal Government Agencies, MS Thesis, Cyber Security Group, 2003
|
2002
|
|
BOOK
|
(Book) P. Liu, S. Jajodia,
Trusted
Recovery and Defensive Information Warfare, Monograph, Kluwer Academic Publishers,
2002. ISBN 0-7923-7572-6
|
TKDE
|
P. Ammann, S. Jajodia,
P. Liu, Recovery
from Malicious Transactions, IEEE
Transactions on Knowledge and Data Engineering,
Vol. 15, No. 5, September 2002, pages 1167-1185. [PDF]
|
ACSAC
|
P. Liu, Architectures for Intrusion Tolerant Database
Systems, Proc. 18th
Annual Computer Security Applications Conference (ACSAC 02), Dec 2002, acceptance
ratio 32%, pages 311-320. [PDF]
|
|
P. Liu, Y. Wang, The Design and Implementation of a Multiphase
Database Damage Confinement System, Proc. 16th IFIP Working Conf. on Data and
Applications Security (DBSEC 02), July 2002. [PDF]
|
2001
|
|
CSF
|
P. Liu, S. Jajodia, Multi-Phase Damage
Confinement in Database Systems for Intrusion Tolerance, Proc. 14th IEEE Computer
Security Foundations Workshop (CSFW 01)), June 2001, pages 191-205. [PDF]
|
ACSAC
|
P. Liu, DAIS: A Real-Time Data Attack Isolation
System for Commercial Database Applications, Proc. 17th
Annual Computer Security Applications Conference
(ACSAC 01), Dec 2001, pages 219-229. [PDF]
|
|
Peng Liu, Xu Hao, Efficient Damage Assessment and Repair in
Resilient Distributed Database Systems, Proc. 15th IFIP WG 11.3 Working Conference on Data
and Applications Security (DBSEC 01), July 2001. [Postscript]
|
2000
|
|
JCS
|
P. Liu, S. Jajodia, C.
D. McCollum, Intrusion
Confinement by Isolation in Information Systems, Journal of Computer Security, Vol. 8,
No. 4, pages 243-279. [PDF]
|
DSS
|
P. Liu, P. Ning, S. Jajodia,
Avoiding
Loss of Fairness Owing to Failures in Fair Data Exchange Systems,
Decision Support Systems, Vol. 31,
No. 3, 2001, pages 337-350. [PDF]
|
DPDB
|
P. Liu, P. Ammann, S. Jajodia,
Rewriting
Histories: Recovering From Malicious Transactions, Distributed and Parallel
Databases, Vol. 8, No. 1, January 2000, pages 7-40. [PDF]
|
|
Peng Liu, Peng Ning, Sushil Jajodia,
Avoiding
Loss of Fairness Owing to Process Crashes in Fair Data Exchange Protocols,
Proc. IEEE International Conference on
Dependable Systems and Networks (DSN 00), Workshop on Dependability Despite Malicious Faults, June 2000,
pages 631-640.
Peng Liu, General Design of ItDBMS,
Technical Report, 2000.
|
1999
|
|
ICDCS
|
P. Liu, P. Ammann, S. Jajodia,
Incorporating
Transaction Semantics to Reduce Reprocessing Overhead in Replicated Mobile
Data Applications, Proc.
19th IEEE International Conference on Distributed Computing Systems (ICDCS
99), June 1999, pages 414-423. [PDF]
|
THESIS
|
Peng Liu, Trusted Recovery from Malicious Attacks, PhD Dissertation,
June 1999.
|
|
Paul Ammann, Sushil Jajodia,
Peng Liu, A
fault tolerance approach to survivability, in Computer Security, Dependability, and
Assurance: From Needs to Solutions, P. Ammann, B. H. Barnes, S. Jajodia, E. H. Sibley (eds.), IEEE Computer Society
Press, 1999
P. Liu, S. Jajodia, C.
D. McCollum, Intrusion
Confinement by Isolation in Information Systems, Proc. IFIP WG 11.3 13th Working Conference
on Database Security (DESEC 99), July 1999.
S. Jajodia, P. Ammann,
P. Liu, A
Fault Tolerance Approach to Survivability, Proc. IST 4th Symposium on Protecting NATO
Information Systems (NATO Security 99), Oct 1999, pages 20-1 to 20-7
|
-1998
|
|
ACSAC
|
S. Jajodia, P. Liu, C.
D. McCollum, Application
Level Isolation to Cope with Malicious Database Users, Proc. 14th Annual Computer
Security Applications Conference (ACSAC 98),
December 1998, pages 73-82.
|
|
Peng Liu, Semantic Views of Multilevel Secure
Relational Data Models, Technical Report, George Mason
University, 1997.
Peng Liu, SDB2: A Secure Client-Server Database System
Prototype, Master
Thesis, University of Science and Technology of China,
1996.
Jiwu
Jing, Peng Liu, IsData: A Secure Networked Management Information
System Architecture, IDG
Computer World Newspaper, 1995. Invited paper.
Jiwu
Jing, Peng Liu, Threats
of Virus to Networked Management Information Systems, IDG Computer World Newspaper,
1995. Invited paper.
Peng Liu, Yinxia Dai, Shuwang Lu, Secure Multimedia Data Communications, Proc. 2nd Chinese Annual Conference on
Multimedia (Chinese Multimedia 93), September,
1993.
Peng Liu, A Neural Network Approach to Information
Management and Decision Support Expert Systems, BS Thesis, University of Science and
Technology of China, 1993.
|