Cyber Security Lab Publications
[2017][16][15][14][13][12][11][10][09]
[08 | 07 | 06 | 05 | 04 | 03 | 02 | 01 | 00 | 99]
|
|
2017
|
|
Mirai Expeller
|
Chen Cao, Le
Guan, Peng Liu, Neng Gao, Jingqiang Lin, Ji Xiang, “Hey, you, keep away from my
device: remotely implanting a virus expeller to defeat Mirai on IoT devices,”
arVic June 2017, arXiv, http://arxiv.org/abs/1706.05779
|
USENIX Security
|
Xu, J., Mu, D.,
Xing, X., Liu, P., Chen, P., Mao, B., "POMP: Postmortem Program Analysis
with Hardware-Enhanced Post-Crash Artifacts", in Proceedings of the 26th
USENIX Security Symposium (USENIX Security), Vancouver, Canada, August 2017.
(Accepted)
|
NDSS
|
Chuangang Ren,
Peng Liu, Sencun Zhu, “WindowGuard: Systematic Protection of GUI Security in
Android,” NDSS 2017.
|
MobiSys
|
Lannan Luo*, Qiang
Zeng*, Chen Cao, Kai Chen, Jian Liu, Limin Liu, Neng
Gao, Min Yang, Xinyu Xing, and Peng Liu. (*Co-first authors),
“System Service Call-oriented Symbolic Execution of Android Framework with
Applications to Vulnerability Discovery and Exploit Generation,” ACM MobiSys
2017. (Accepted)
|
MobiSys
|
L. Guan, P. Liu, X. Xing, X.
Ge, S. Zhang, M. Yu, and T. Jaeger,
“TrustShadow: Secure execution of unmodified applications with ARM
TrustZone,” ACM MobiSys 2017. (Accepted)
|
TSE
|
Lannan Luo, Jiang
Ming, Dinghao Wu, Peng Liu, and Sencun Zhu, “Semantics-Based
Obfuscation-Resilient Binary Code Similarity Comparison with Applications to
Software and Algorithm Plagiarism Detection,” IEEE Transactions on Software Engineering, accepted.
|
VEE
|
D. Liang, P. Liu,
J. Xu, P. Chen, Q. Zeng, “Dancing with Wolves: Towards Practical Event-driven
VMM Monitoring,” VEE 2017.
|
DSN
|
P. Chen, J. Xu, Z.
Hu, X. Xing, M. Zhu, B. Mao, P. Liu, “What You See is Not What You Get!
Thwarting Just-in-Time ROP with Chameleon,” DSN 2017. (Accepted)
|
DSN
|
Chen Tian, Yazhe
Wang, Peng Liu, Qihui Zhou, Chengyi Zhang, “IM-Visor: A Pre-IME Guard to
Prevent IME Apps from Stealing Sensitive Keystrokes Using TrustZone,” DSN
2017. (Accepted)
|
ACC
|
H. Kim, P. Guo,
M. Zhu and P. Liu, “On attack-resilient estimation of switched nonlinear
cyber-physical systems,” 2017 American
Control Conference, May 2017, invited paper. (Accepted)
|
ISERC
|
Ren, A., Wu, D.,
Terpenny, J., Zhang, W., & Liu, P. (2017). Cyber Security in Smart
Manufacturing: Survey and Challenges, Proceedings
of the 2017 Industrial and Systems Engineering Research Conference,
Pittsburgh, PA
|
Cryptology ePrint Archive
|
Dingfeng Ye, Peng
Liu, Jun Xu, “Towards Practical Obfuscation of General Circuits,” Cryptology
ePrint Archive report 2017/321
|
Edited Book
|
Recent Advances
in Cyber Situation Awareness, Peng Liu, Sushil Jajodia, and Cliff Wang
(Eds.), Springer LNCS, Volume No. 10030, 2017 (in press)
|
Book Chapters
|
P. Liu, et al., “Computer-aided
Human Centric Cyber Situation Awareness,” In Peng Liu, Sushil Jajodia, and
Cliff Wang (Eds.), Recent Advances in
Cyber Situation Awareness, Springer LNCS vol. 10030, 2017, to appear.
Chen Zhong, John Yen, Peng Liu,
Robert F. Erbacher and Christopher Garneau. “Studying Analysts Data Triage
Operations in Cyber Defense Situational Analysis,” In Peng Liu, Sushil
Jajodia, and Cliff Wang (Eds.), Recent
Advances in Cyber Situation Awareness, Springer LNCS vol. 10030, 2017, to
appear.
Xiaoyan Sun, Jun Dai, Anoop
Singhal, Peng Liu, “Enterprise-Level Cyber Situation Awareness,” In Peng Liu,
Sushil Jajodia, and Cliff Wang (Eds.), Recent
Advances in Cyber Situation Awareness, Springer LNCS vol. 10030, 2017, to
appear.
|
2016
|
|
CCS
|
Xu, J., Mu, D.,
Chen, P., Xing, X., Liu, P., “CREDAL: Towards Locating a Memory Corruption
Vulnerability with Your Core Dump,” ACM CCS 2016.
|
Big
Data
(Dataset release)
|
“Android Malware Development on
Public Malware Scanning Platforms: A Large-scale Data-driven
Study.” Heqing Huang, Cong Zheng, Junyuan Zeng, Wu
Zhou, Sencun Zhu, Peng Liu, Suresh Chari, Ce Zhang, 2016 IEEE Big
Data (79/423=18.7%) (A new Android malware dataset
released @ the
result website)
|
CCS
|
Kai Wang, Yuqing
Zhang, Peng Liu, “Call Me Back! Attacks on System Server and System Apps in
Android through Synchronous Callback,” ACM CCS 2016.
|
SenSys
|
Guan, L., Xu, J.,
Wang, S., Xing, X., Lin, L., Huang, H., Liu, P., Lee, W., “From Physical to
Cyber: Escalating Protection for Personalized Auto Insurance,” in Proceedings of the 14th ACM Conference on
Embedded Networked Sensor Systems (SenSys 2016), Palo Alto, USA, December
2016.
|
ASE
|
“StraightTaint:
Decoupled Offline Symbolic Taint Analysis,” by Jiang Ming, Dinghao Wu, Gaoyao
Xiao, Jun Wang, and Peng Liu. In Proceedings
of the 31st IEEE/ACM International Conference on Automated Software Engineering
(ASE 2016), Singapore, September 3-7, 2016, published.
|
DSN
|
Lannan Luo, Yu Fu, Dinghao Wu, Sencun
Zhu, and Peng Liu,
|
ACSAC
|
Shijie Jia,
Luning Xia, Bo Chen, and Peng Liu, “Sanitizing Data Is Not Enough! Towards
Sanitizing Structural Artifacts in Flash Media,” ACSAC, 2016, published.
|
ESORICS
|
Fabo Wang, Yuqing Zhang, Kai
Wang, Peng Liu and Wenjie Wang, “Stay in Your Cage! A Sound Sandbox for
Third-Party Libraries on Android,” ESORICS,
2016, published.
|
ESORICS
|
Qianru Wu, Qixu Liu, Yuqing
Zhang, Peng Liu and Guanxing Wen, “A Machine Learning Approach for Detecting
Third-Party Trackers on the Web,” ESORICS,
2016, published.
|
ESORICS
|
Aron Laszka, Mingyi Zhao and
Jens Grossklags, “Banishing Misaligned Incentives for Validating Reports in
Bug-Bounty Platforms,” ESORICS,
2016.
|
IDS
|
Chen Zhong, John Yen, Peng Liu,
and Robert F. Erbacher. “Automate Cybersecurity Data Triage by Leveraging
Human Analysts Cognitive Process,” In Proc.
IEEE International Conference on Intelligent Data and Security (IEEE
IDS), 2016, published.
|
CNS
(Best Paper Runner up Award)
|
Xiaoyan Sun, Jun Dai, Peng Liu, Singhal, Anoop, John Yen, “Towards
Probabilistic Identification of Zero-day Attack Paths,” IEEE CNS, 2016.
|
AsiaCCS
|
Shijie Jia, Luning Xia, Bo Chen, and Peng Liu, “NFPS: Adding
Undetectable Secure Deletion to Flash Translation Layer,” Proc. 11th ACM Asia Conference on Computer
and Communications Security (AsiaCCS '16), Xi'an, China, May 30 - June 3,
2016.
|
CODASPY
(8 pages)
|
“Program-object Level Data Flow
Analysis with Applications to Data Leakage and Contamination Forensics,”
short paper, by Gaoyao Xiao, Jun Wang, Peng Liu, Jiang Ming, and Dinghao Wu.
In Proc. 6th ACM Conference on Data and
Application Security and Privacy (CODASPY 2016), New Orleans, LA, March
9-11, 2016, published.
|
CIC
|
Z. Hu, P. Chen, Y. Lu, M. Zhu
and P. Liu, “Towards a science for adaptive defense: Revisit server
protection,” Proc. IEEE International
Conference on Collaboration and Internet Computing (CIC 2016),
Pittsburgh, November 2016, invited paper, published.
|
ESSoS (Artifact Evaluation
Award)
|
“Empirical Analysis and
Modeling of Black-box Mutational Fuzzing,” by Mingyi Zhao and Peng Liu, International Symposium on Engineering
Secure Software and Systems (ESSoS) 2016, published.
|
WEIS
|
Thomas Maillart, Mingyi Zhao,
Jens Grossklags and John Chuang, “Given Enough Eyeballs, All Bugs Shallow?
Revisiting Eric Raymond with Bug Bounty Market,” Proc. 15th Annual Workshop on the Economics of Information Security
(WEIS), 2016.
|
ICSE-SEET
|
Lannan Luo, and Qiang Zeng,
“SolMiner: Mining Distinct Solutions in Programs,” In Proceedings of the 38th International Conference on Software
Engineering, SEET track, Austin, TX, May 14-22, 2016.
|
SAC
|
Yuan Zhao, Wuqiong Pan,
Jingqiang Lin, Peng Liu, Cong Xue and Fangyu Zheng, “PhiRSA: Exploiting the
Computing Power of Vector Instructions on Intel Xeon Phi for RSA,” Proc. 23rd Conference on Selected Areas in
Cryptography (SAC 2016), Canada, 2016, published.
|
HASE
|
“Feature-based Software
Customization: Preliminary Analysis, Formalization, and Methods,” by Yufei
Jiang, Can Zhang, Dinghao Wu, and Peng Liu. In Proceedings of the 17th IEEE High Assurance Systems Engineering
Symposium (HASE 2016), Orlando, Florida, USA, January 7-9, 2016.
|
COMPSAC
|
“JRed: Program Customization
and Bloatware Mitigation based on Static Analysis,” by Yufei Jiang, Dinghao
Wu, and Peng Liu. In Proceedings of the
40th IEEE Computer Society International Conference on Computers, Software
& Applications (COMPSAC 2016), Atlanta, Georgia, USA, June 10-14, 2016.
(Published. Acceptance rate: 18%)
|
ICICS
|
Weijuan Zhang, Xiaoqi Jia,
Chang Wang, Shengzhi Zhang, Qingjia Huang, Mingsheng Wang, Peng Liu, “A
Comprehensive Study of Co-residence Threat in Multi-tenant Public PaaS
Clouds,” 18th International Conference
on Information and Communications Security (ICICS 2016), Singapore,
Singapore, November 29 – December 2, 2016
|
TRE
|
Kai Chen, Yingjun Zhang, Peng
Liu, “Dynamically Discovering Likely Memory Layout to Perform Accurate
Fuzzing,” IEEE Transactions on
Reliability, 2016, published.
|
TRE
|
Jiang Ming, Fangfang Zhang,
Dinghao Wu, Peng Liu, and Sencun Zhu, “Deviation-Based Obfuscation-Resilient
Program Equivalence Checking with Application to Software Plagiarism
Detection,” IEEE Transactions on
Reliability, 2016, published.
|
Journal of Computer Virology
|
Jiang Ming, Zhi Xin, Pengwei
Lan, Dinghao Wu, Peng Liu, and Bing Mao, "Impeding Behavior-based
Malware Analysis via Replacement Attacks to Malware Specifications," Springer Journal of Computer Virology and
Hacking Techniques, 2016, published.
|
IEEE Security & Privacy Magazine
|
Jingqiang Lin, Bo Luo, Le Guan,
Jiwu Jing, “Secure Computing using Registers and Caches: the Problem,
Challenges and Solutions,” IEEE
Security & Privacy Magazine, 2016. (Accepted)
|
Journal
|
Shengzhi Zhang, Xiaoqi Jia,
Peng Liu, "Towards Service Continuity for Transactional Applications via
Diverse Device Drivers," International
Journal of Information and Computer Security, 2016. (Accepted)
|
Journal
|
Chen Cao, Neng Gao, Ji Xiang,
Peng Liu, “Towards Input Validation Vulnerability Analysis of Android System
Services,” Journal of Cyber Security,
China Science Press, 2016. (In Chinese), published.
|
Journal
|
K. Chen, P. Wang, Y. Lee, X. F.
Wang, N. Zhang, H. Huang, W. Zou, P. Liu, “Scalable Detection of Unknown
Malware from Millions of Apps,” Journal
of Cyber Security, China Science Press, 2016. (In Chinese), published.
|
System Demo
|
Xu, J., Guo, P., Chen, B.,
Erbacher, R., Chen, P., & Liu, P., “Demo: A Symbolic N-Variant System,”
Proc. Third ACM Workshop on Moving
Target Defense (MTD 2016), Vienna, Austria, October 2016, published.
|
Book Chapters
|
Wanyu Zang, Meng Yu, Peng Liu,
"Privacy Protection in Cloud Computing through Architectural
Design", book chapter, In Security
in the Private Cloud, (John R. Vacca eds.), CRC Press, 2017, published.
|
|
|
“iCruiser: Protecting Kernel
Link-Based Data Structures with Secure Canary,” by Li Wang, Dinghao Wu, and
Peng Liu. In Proceedings of the 7th
IEEE International Workshop on Trustworthy Computing (TC 2016), in
conjunction with QRS 2016 Vienna, Austria, August 1-3, 2016, published.
|
PhD Dissertations
|
1. Chen Zhong, A COGNITIVE PROCESS TRACING APPROACH
TO CYBERSECURITY DATA TRIAGE OPERATIONS AUTOMATION, Penn State University,
College of IST, May 2016.
2.
Chuangang
Ren, A STUDY OF SELECTED SECURITY ISSUES IN ANDROID SYSTEMS, Penn State
University, College of Engineering, May 2016.
3. Xiaoyan Sun, USING BAYESIAN NETWORKS FOR
ENTERPRISE NETWORK SECURITY ANALYSIS, Penn State University, College of IST,
May 2016.
4. Heqing Huang, A STUDY OF ANDROID SYSTEM
VULNERABILITY AND MALWARE, Penn State University, College of Engineering, Feb
2016.
5.
Mingyi
Zhao, DISCOVERING AND MITIGATING SOFTWARE VULNERABILITIES THROUGH LARGE-SCALE
COLLABORATION, Penn State University, College of IST, Oct 2016.
6. Wenhui Hu, THIRD-PARTY LIBRARY SECURITY MANAGEMENT
FOR MOBILE APPLICATIONS, Penn State University, College of Engineering, Dec.
2016.
|
2015
|
|
USENIX ATC
|
Jun Wang, Xi Xiong, Peng Liu,
“Between Mutual Trust and Mutual Distrust: Practical Fine-grained Privilege
Separation in Multithreaded Applications,” Proc. USENIX Annual Technical Conference 2015, published. [PDF]
|
USENIX Security
|
Chuangang Ren, Yulong Zhang,
Hui Xue, Tao Wei, Peng Liu, "Towards Discovering and Understanding Task
Hijacking in Android," USENIX
Security 2015, published. [PDF]
|
USENIX Security
|
Jiang Ming, Dinghao Wu, Gaoyao
Xiao, Jun Wang, and Peng Liu, “TaintPipe: Pipelined Symbolic Taint Analysis,”
USENIX Security 2015, published. [PDF]
|
USENIX Security
|
Kai Chen, Peng Wang, Yeonjoon
Lee, Xiaofeng Wang, Nan Zhang, Heqing Huang, Wei Zou, Peng Liu, "Finding
Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play
Scale," USENIX Security 2015,
published. [PDF]
|
CCS
|
Heqing Huang, Sencun Zhu, Kai
Chen, Peng Liu, “From System Services Freezing to System Server Shutdown in
Android: All You Need Is a Loop in an Application”, ACM CCS 2015, published.
|
CCS
Data and Code Release
|
Mingyi Zhao, Jens Grossklags,
Peng Liu, “An Empirical Study of Web Vulnerability Discovery Ecosystems,” ACM
CCS 2015, published. [PDF]
(Data and Code Release)
|
TSE
|
Yoon-Chan Jhi, Xinran Wang, Xiaoqi
Jia, Sencun Zhu, Peng Liu, and Dinghao Wu, “Program Characterization Using
Runtime Values and Its Application to Software Plagiarism Detection,” IEEE Transactions on Software Engineering,
41(9), pages 925-943, September 2015. [PDF]
|
US Patent
|
U.S. Patent 8,904,535,
“Proactive Worm Containment (PWC) For Enterprise Networks”
|
ESORICS
|
Ping Chen, Jun Xu, Zhiqiang
Lin, Dongyan Xu, Bing Mao and Peng Liu, "A Practical Approach for Adaptive
Data Structure Layout Randomization," ESORICS 2015, published. [PDF]
|
DSN
|
Q. Zeng, M. Zhao, P. Liu,
“HeapTherapy: An Efficient End-to-end Solution against Heap Buffer
Overflows,” DSN 2015, published. [PDF]
|
DSN
|
B. Zhao, P. Liu, “Private
Browsing Mode Not Really That Private: Dealing with Privacy Breach Caused by
Browser Extensions,” DSN 2015,
published. [PDF]
|
DSN
|
Jun Wang, Mingyi Zhao, Qiang
Zeng, Dinghao Wu, and Peng Liu, “Risk Assessment of Buffer ‘Heartbleed’
Over-read Vulnerabilities” (Practical Experience Report), In Proceedings of the 45th Annual IEEE/IFIP International
Conference on Dependable Systems and Networks (DSN 2015), Rio de Janeiro,
Brazil, June 22-25, 2015. (Published).
[PDF]
|
ACSAC
|
Chen Cao, Neng Gao, Peng Liu,
Ji Xiang, “Towards Analyzing the Input Validation Vulnerabilities associated
with Android System Services," In Proceedings
of the 31st Annual Computer Security Applications Conference (ACSAC),
2015.
|
ACSAC
|
Bing Chang, Zhan Wang, Bo Chen,
Fengwei Zhang, “MobiPluto: File System Friendly Deniable Storage for Mobile
Devices,” In Proceedings of the 31st
Annual Computer Security Applications Conference (ACSAC), 2015.
|
ASIACCS
|
Heqing Huang, Kai Chen, Chuangang Ren, Peng Liu, Sencun Zhu and Dinghao
Wu, “Towards Discovering and Understanding the Unexpected Hazards in
Tailoring Antivirus Software for Android,” ACM ASIACCS 2015, full paper, published. [PDF]
|
ASIACCS
|
Jun Wang, Zhiyun Qian, Zhichun Li, Zhenyu Wu, Junghwan Rhee, Xia Ning,
Peng Liu and Geoff Jiang, “Discover and Tame Long-running Idling Processes in
Enterprise Systems,” ACM ASIACCS 2015,
full paper, published. [PDF]
|
CODASPY
|
Zhongwen Zhang, Peng Liu, Ji Xiang, Jiwu Jing and Lingguang Lei, “How
Your Phone Camera Can Be Used to Stealthily Spy on You: Transplantation
Attacks against Android Camera Service,” ACM
CODASPY 2015, published. [PDF]
|
ACNS
|
Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, and Bing Mao,
“Replacement Attacks: Automatically Impeding Behavior-based Malware
Specifications,” In Proceedings of the 13th International Conference on
Applied Cryptography and Network Security (ACNS 2015), New York, June
2-5, 2015, published. [PDF]
|
HotSOS
|
C. Zhong, J. Yen, P. Liu, R. Erbacher, R. Etoty, and C. Garneau, “An
Integrated Computer-Aided Cognitive Task Analysis Method for Tracing
Cyber-Attack Analysis Processes,” Proceedings
of the 2015 Symposium and Bootcamp on the Science of Security, ACM, 2015,
published. [PDF]
|
CogSIMA
|
C. Zhong, J. Yen, P. Liu, R. Erbacher, R. Etoty, and C. Garneau,
“ARSCA: A Computer Tool for Tracing the Cognitive Processes of Cyber-Attack
Analysis,” Proceedings of IEEE CogSIMA
Conference, 2015, published.
|
DBSEC
|
M. Zhao, P. Liu, J. Lobo, “Towards
Collaborative Query Planning in Multi-party Database Networks,” DBSEC, 2015,
published.
|
|
|
A Preliminary Analysis and Case
Study of Feature-based Software Customization (Extended Abstract), by Yufei
Jiang, Can Zhang, Dinghao Wu, and Peng Liu. In Proceedings of the 2015 IEEE International Conference on Software
Quality, Reliability and Security (QRS 2015), Vancouver, Canada, August
3-5, 2015.
Xiaoyan Sun, Anoop Singhal,
Peng Liu, “Who Touched My Mission: Towards Probabilistic Mission Impact
Assessment,” In Proceedings of ACM
SafeConfig Workshop, in association with ACM CCS 2015.
M. Zhu and P. Liu. “Reviewing
the book Principles of Cyber-physical Systems from a security perspective.”
EAI Endorsed Transactions on Security and Safety, Special issue on
miscellaneous emerging security problems, 15(4), 2015, book review.
Chen
Zhong, John Yen, Peng Liu, Robert F. Erbacher, and Christopher Garneau, “Peer
into Cyber Security Analysts’ Minds: Capturing and Studying Their Cognitive
Processes of Analytical Reasoning,” Penn State Graduate Exhibition of
Research, University Park, PA, March 2015. Awarded the First Place in Engineering.
|
PhD Dissertations
|
Bin Zhao, IDENTIFYING PRIVATE
DATA LEAKAGE THREATS IN WEB BROWSERS, PhD Dissertation, College of IST, June
2015, Penn State University.
Jun Wang,
PROTECTING SERVER PROGRAMS AND SYSTEMS: PRIVILEGE SEPARATION, ATTACK SURFACE
REDUCTION, AND RISK ASSESSMENT, PhD Dissertation, College of IST, November
2015, Penn State University.
|
MS Thesis
|
Pinyao Guo, DESIGN,
IMPLEMENTATION AND EVALUATION OF A SYMBOLIC N-VARIANT SIMULATOR, College of
IST, summer 2015, Penn State University
Gaoyao Xiao, DETECTING AUTOMATED AGENTS BASED INSIDER ATTACKS THROUGH
ADJACENCY MATRIX ANALYSIS, MS Thesis, College of IST, Spring 2015, Penn State
University
Wenqi Cao, MEMORY ANALYSIS TOWARDS MORE EFFICIENT LIVE MIGRATION OF
APACHE WEB SERVER, MS Thesis, College of Engineering, Spring 2015, Penn State
University
|
2014
|
|
US Patent
|
US Patent 8,881,288, “Graphical
models for cyber security analysis in enterprise networks,” by R Levy, H Li,
P Liu, and M Lyell, November 4, 2014.
|
ICSE
|
Kai Chen, Peng Liu, Yingjun
Zhang, “Achieving Accuracy and Scalability Simultaneously in Detecting
Application Clones on Android Markets”, ICSE
2014, regular paper, June 2014. [PDF]
|
CGO
|
Q. Zeng, J. Rhee, H. Zhang, N.
Arora, G. Jiang, P. Liu, “Precise and Scalable Calling Context Encoding,”
Proc. International Symposium on Code
Generation and Optimization (CGO 2014), 2014. [PDF]
|
DSN
|
R. Wu, P. Chen, P. Liu, B. Mao,
“System Call Redirection: A Practical Approach to Meeting Real-world VMI
Needs,” DSN 2014, June 2014.
|
FSE Distinguished Paper Award nomination
|
Lannan Luo, Jiang Ming, Dinghao
Wu, Peng Liu and Sencun Zhu, “Semantics-Based Obfuscation-Resilient Binary
Code Similarity Comparison with Applications to Software Plagiarism
Detection,” FSE 2014, Nov. 16-22,
2014.
|
ESORICS
|
Lingchen Zhang, Sachin Shetty,
Peng Liu, Jiwu Jing, “RootkitDet: Practical End-to-End Defense against Kernel
Rootkits in a Cloud Environment,” ESORICS
2014, Sept. 7-11, 2014.
|
ESORICS
|
Min Li, Zili Zha, Wanyu Zang,
Meng Yu, Peng Liu, Kun Bai, “Detangling Resource Management Functions from
the TCB in Privacy-Preserving Virtualization,” ESORICS 2014, Sept. 7-11, 2014.
|
ASE
|
Chuangang Ren, Kai Chen, Peng
Liu, “Droidmarking: Resilient Software Watermarking for Impeding Android
Application Repackaging,” ASE 2014,
Sept. 15-19, Sweden, 2014.
|
ACM
WiSec
|
Wenhui Hu, Damien Octeau,
Patrick McDaniel, and Peng Liu, “Duet: Library Integrity Verification for
Android Applications,” Proceedings of
the ACM Conference on Security and Privacy in Wireless and Mobile Networks
(WiSec), July 2014. Oxford, United Kingdom.
|
ACM
WiSec
|
Fangfang Zhang, Heqing Huang,
Sencun Zhu, Dinghao Wu and Peng Liu, “ViewDroid: Towards
Obfuscation-Resilient Mobile Application Repackaging Detection,” Proceedings of the ACM Conference on Security
and Privacy in Wireless and Mobile Networks (WiSec), July 2014. Oxford,
United Kingdom.
|
TKDE
|
Qiang Zeng, Mingyi Zhao, Peng
Liu, Poonam Yadav, Seraphin Calo, and Jorge Lobo. “Enforcement of Autonomous Authorizations
in Collaborative Distributed Query Evaluation.” To appear in IEEE Transactions on Knowledge and Data
Engineering (TKDE), 2014.
|
SecureComm
Best Paper Award nomination
|
Xiaoyan Sun, Jun Dai, Anoop
Singhal, Peng Liu, “Inferring the Stealthy Bridges between Enterprise Network
Islands in Cloud Using Cross-Layer Bayesian Networks,” SecureComm 2014, Beijing, Sept. 23-26, 2014.
|
ISSRE
|
Fangfang, Zhang, Dinghao Wu,
Peng Liu, and Sencun Zhu, “Program Logic Based Software Plagiarism
Detection,” In Proceedings of the 25th annual International Symposium on Software
Reliability Engineering (ISSRE 2014), Naples, Italy, November 3-6, 2014.
|
MTD
Workshop
|
Minghui Zhu, Zhisheng Hu and
Peng Liu, “Reinforcement learning algorithms for adaptive cyber defense against
Heartbleed”, Proc. First ACM Workshop
on Moving Target Defense (MTD 2014), in association with CCS’14, Nov.
2014.
|
MTD
Workshop
|
J. Xu, P. Guo, M. Zhao, R. F.
Erbacher, M. Zhu, P. Liu, “Comparing Different Moving Target Defense
Techniques.” Proc. First ACM Workshop
on Moving Target Defense (MTD 2014), in association with CCS’14, Nov.
2014.
|
IFIP
Networking
|
Lu Su, Yunlong Gao, Fan Ye,
Peng Liu, Oktay Gunluk, Tom Berman, Seraphin Calo, Tarek Abdelzaher,
"Robust Confidentiality Preserving Data Delivery in Federated Coalition
Networks," Proc. 13th IFIP
International Conference on Networking (Networking 2014), Trondheim,
Norway, June, 2014.
|
|
CogSIMA |
C. Zhong, D. Samuel, J. Yen, P.
Liu, R. Erbacher, S. Hutchinson, R. Etoty, H. Cam, and W. Glodek, “RankAOH: Context-driven
Similarity-based Retrieval of Experiences in Cyber Analysis,” In Proceedings of IEEE CogSIMA Conference,
2014.
|
|
ICISS |
George
Cybenko, Sushil Jajodia, Michael P. Wellman, and Peng Liu, “Adversarial and
Uncertain Reasoning for Adaptive Cyber Defense: Building the Scientific
Foundation,” In Proc. ICISS 2014,
invited paper, 8 pages
|
|
SIW |
Mingyi
Zhao, Jens Grossklags and Kai Chen, “An Exploratory Study of White Hat
Behaviors in a Web Vulnerability Disclosure Program,” Proc. CCS Workshop on Security Information Workers, November 7,
2014, Scottsdale, AZ
|
|
Elsevier ECE |
D. Tian, X. Xiong, C. Hu, P.
Liu, “Defeating Buffer Overflow Attacks via Virtualization,” Elsevier Computers & Electrical
Engineering Journal, Vol. 40, Issue 6, Pages 1940-1950, August 2014.
|
PhD
Dissertations
|
Jun Dai, “GAINING BIG PICTURE
AWARENESS IN ENTERPRISE CYBER SECURITY DEFENSE,” PhD Dissertation, College of
IST, Penn State University, July 2014
Qiang Zeng, “IMPROVING SOFTWARE SECURITY WITH CONCURRENT MONITORING,
AUTOMATED DIAGNOSIS, AND SELF-SHIELDING,” PhD Dissertation, Dept. of CSE,
College of Engineering, Penn State University, Oct. 2014
|
Book
Chapters
|
John Yen, Robert Erbacher, Cheng Zhong, and Peng Liu, “Cognitive
Process,” Book Chapter, in Cyber
Defense and Situational Awareness, Robert Erbacher, Alexander Kott, and
Cliff Wang (eds.), to appear.
D. Wu, P. Liu, Q. Zeng, D.
Tian, “Software Cruising: A New Technology for Building Concurrent Software
Monitor,” Book Chapter, in Secure Cloud Computing,
Springer, Sushil Jajodia, Krishna Kant, Pierangela
Samarati, Anoop Singhal, Vipin Swarup, and Cliff Wang (eds.), pages 303-324. Springer, 2014.
Haitao Du, Changzhou Wang, Tao
Zhang, Shanchieh Jay Yang, Jai Choi, and Peng Liu, “Cyber Insider Mission
Detection for Situation Awareness,” Book Chapter, in Intelligent
Methods for Cyberwarfare, Springer, to appear.
|
Others
|
Qiang Zeng, Mingyi Zhao, and
Peng Liu. “Targeted Therapy for Software Bugs and Vulnerabilities.” In Poster
Session, 35th IEEE Symposium on Security and Privacy (Oakland), 2014.
H. Tripp,
K. Warr, A. Freeman, P. Liu, S. Wang, K. Leung, J. Lobo, “A security model
for micro-cloud technology in hybrid tactical environments,” short paper and
poster, The 2014 Fall Meeting of ITA, 2014.
Mingyi Zhao, Peng Liu, Qiang
Zeng, Fan Ye, Seraphin Calo, Graham Bent, Patrick Dantressangle, and Jorge
Lobo, “Authorization Information Leakage Control in Collaborative Distributed
Query Processing,” short paper and poster, The 2014 Fall Meeting of ITA,
2014.
Heqing Huang, Kai Chen, Peng Liu, Sencun Zhu, and Dinghao Wu,
“Uncovering the Dilemmas on Antivirus Software Design in Modern Mobile
Platforms,” Proc. Int'l Workshop on
System Level Security of Smartphones, in conjunction with SecureComm
2014, Springer LNICST, Sept. 23, Beijing, China
|
2013
|
|
US
Patent
|
U.S. Patent 8,443,442,
“Signature-Free Buffer Overflow Attack Blocker”
|
Technical
Report (code released)
|
J. Wang, X. Xiong, P. Liu, [Arbiter
System] “Practical Fine-grained Privilege Separation in Multithreaded
Applications,” Penn State Cyber Security Lab Technical Report PSU-S2-13-051, arXiv:1305.2553, communicated 12
May 2013.
Arbiter project website (code
released): here
|
RAID
|
Xi Xiong and Peng Liu, “SILVER: Fine-grained and Transparent Protection
Domain Primitives in Commodity OS Kernel,” RAID 2013, published. [PDF]
|
RAID
|
Bin Zhao and Peng Liu, “Behavior Decomposition: Aspect-level Browser
Extension Clustering and Its Security Implications,” RAID 2013, published. [PDF]
|
ESORICS
|
Jun Dai, Xiaoyan Sun, Peng Liu, “Patrol: Revealing Zero-day Attack
Paths through Network-wide System Object Dependencies,” ESORICS 2013, published. [PDF]
|
ACSAC
|
Meng Yu, Min Li, Wanyu Zang, et
al., “MyCloud: Supporting User-configured Privacy Protection in Cloud
Computing,” ACSAC 2013, accepted. [PDF]
|
TIFS
|
Fengjun Li, Bo Luo, Peng Liu,
Dongwon Lee, Chao-Hsien Chu, “Enforcing Secure and Privacy-Preserving
Information Brokering in Distributed Information Sharing,” IEEE Transactions on Information Forensics
and Security, 10.1109/TIFS.2013.2247398, Feb 2013. [PDF]
|
ICICS
|
Eunjung Yoon and Peng Liu, “XLRF: A Cross-Layer Intrusion Recovery
Framework for Damage Assessment and Recovery Plan Generation,” ICICS 2013, published.
|
ICICS
|
Jing Wang, Peng Liu, Le Guan, Jiwu Jing, “Fingerprint Embedding: A
Proactive Strategy of Detecting Timing Channels,” ICICS 2013, published.
|
FGCS
|
Shengzhi Zhang, Wenjie Wang,
Haishan Wu, Athanasios Vasilakos, Peng Liu, “Towards Transparent and
Distributed Workload Management for Large Scale Web Servers,” Elsevier FGCS Journal: Future Generation
Computer Systems, volume 29 issue
4 (June 2013), pages 913-925
|
ISI
|
C. Zhong, D. S. Kirubakaran, J.
Yen, P. Liu, S. Hutchinson, H. Cam, “How to Use Experience in Cyber Analysis:
An Analytical Reasoning Support System,” IEEE
ISI 2013, published, short paper. [PDF]
|
TRUST
|
H. Huang, S. Zhu, P. Liu, D.
Wu, “A Framework for Evaluating Mobile App Repackaging Detection Algorithms,”
TRUST 2013, published.
|
SERE
|
Lei Wang, Ji Xiang, Peng Liu,
Jiwu Jing, “MJBlocker: A Lightweight and Run-time Malicious JavaScript
Extensions Blocker,” IEEE SERE 2013,
published.
|
SCN
|
Xiaoqi Jia, Rui Wang, Jun
Jiang, Shengzhi Zhang, Peng Liu, “Defeating Return Oriented Programming based
on Virtualization Techniques,” Wiley Journal Security and Communication Networks, DOI: 10.1002/sec.693, Jan
2013
|
JNCA
|
Yan Yang, Yulong Zhang, Alex
Hai Wang, Meng Yu, Wanyu Zang, Peng Liu, Sushil Jajodia, “Quantitative
Survivability Evaluation of Three Virtual Machine based Server
Architectures,” Journal of Network and
Computer Applications (Elsevier), Volume 36 Issue 2, March, 2013, Pages
781-790.
|
|
|
Xiaoyan Sun, Jun Dai, Peng Liu,
“SKRM: Where Security Techniques Talk to Each Other,” CogSIMA 2013, IEEE
International Multi-Disciplinary Conference on Cognitive Methods in Situation
Awareness and Decision Support, February 26-28, 2013, San Diego, 4 page
position paper, plus poster.
C. Zhong, M. Zhao, G. Xiao, J.
Xu, “Agile Cyber Analysis: Leveraging Visualization as Functions in
Collaborative Visual Analytics,” IEEE VAST Challenge 2013 Workshop, part of
IEEE Viz 2013, short paper, plus poster.
Mingyi
Zhao, Peng Liu, Fan Ye, Jorge Lobo, “Decentralized Policy Confidentiality
Preserving Query Planning in Coalition Networks,” ACITA 2013 (2-page short
paper).
Zongbin Liu, Neng Gao, Jiwu Jing, Peng Liu, “HPAZ: a High-throughput
Pipeline Architecture of ZUC in Hardware,”
IACR Cryptology ePrint Archive, Report 2013/461 (2013).
|
Thesis
|
Robert Cole, PhD dissertation, “Multi-Step
Attack Detection via Bayesian Modeling under Model Parameter Uncertainty,”
defended Dec, 2012
Zhi Xin (Nanjing University),
PhD dissertation, “Study on Program Diversity for Software Security,”
defended May, 2013
D. S. Kirubakaran, MS Thesis, “Context-driven Similarity-based
Retrieval of Cyber Analyst Experiences for Multi-step Attack Analysis,” CSE
Department, defended March, 2013
|
2012
|
|
NDSS
|
D. Tian, Q. Zeng, D. Wu, P. Liu, C. Z. Hu, “Kruiser: Semi-synchronized Non-blocking
Concurrent Kernel Heap Buffer Overflow Monitoring,” NDSS 2012, published. [PDF]
|
RAID
|
Shengzhi Zhang, Peng Liu,
“Assessing the Trustworthiness of Drivers,” RAID 2012, published. [PDF]
|
ISSTA
|
F. Zhang, Yoon-Chan Jhi,
Dinghao Wu, Peng Liu, Sencun Zhu, “Towards Algorithm Plagiarism Detection,”
ISSTA 2012, published.
|
ESORICS
|
Q. Gu, K. Jones, W. Zang, M.
Yu, P. Liu, “Revealing Abuses of Channel Assignment Protocols in Multi-Channel
Wireless Networks: An Investigation Logic Approach,” ESORICS 2012.
|
CODASPY
|
Yuhao Yang, Jonathan Lutes,
Fengjun Li, Bo Luo and Peng Liu, “Stalking Online: on User Privacy in Social
Networks,” In ACM Conference on Data
and Application Security and Privacy (CODASPY), 2012; Acceptance rate:
18.6%.
|
|
CogSIMA Best Paper Award |
Po-Chun Chen, Peng Liu, and
John Yen, "Experience-Based Cyber Situation Recognition Using Relaxable
Logic Patterns", Proc. IEEE
CogSIMA 2012, New Orleans, LA
|
|
ASIACCS |
Shengzhi Zhang, Peng Liu,
“Letting Applications Operate through Attacks Launched from Compromised
Drivers,” ACM ASIACCS, 2012, short paper, May 2012, Korea.
|
TrustCom
|
Qijun Gu, Wanyu Zang, Meng
Yu, Peng Liu, “Collaborative
Traffic-aware Intrusion Monitoring in Multi-channel Mesh Networks,” IEEE
TrustCom 2012, published.
|
GameSec
|
J. Lin, P. Liu, J. Jing, “Using
Signaling Games to Model the Multi-step Attack-defense Scenarios on
Confidentiality,” GameSec 2012, published.
|
SAFECONFIG
|
M. Zhao, P. Liu, “Modeling and
Checking the Security of DIFC System Configurations,” SAFECONG-2012,
Baltimore, MD, 2012.
|
ASE
Cyber Security
|
Jun Dai, Xiaoyan Sun, Peng Liu,
Nicklaus Giacobe, “Gaining Big Picture Awareness through an Interconnected
Cross-layer Situation Knowledge Reference Model,” ASE International
Conference on Cyber Security, Washington DC, Dec 14-16, 2012, published.
|
SPIE
|
Y. Cheng, Y. E. Sagduyu, J.
Deng, J. Li, and Peng Liu, "Integrated Situational Awareness for Cyber-attack
Detection, Analysis, and Mitigation," Proc. SPIE Defense, Security and Sensing Conference, 2012.
|
ACITA
|
Q. Zeng, J. Lobo, P. Liu, S.
Calo, and P. Yadav, “Safe query processing for pairwise authorizations in
coalition networks,” ACITA 2012, (extended abstract).
Mingyi Zhao, Qiang Zeng, Jorge
Lobo, Peng Liu, Fan Ye, Seraphin Calo, Tom Berman, “Distributed Query
Planning in Coalition Network,” ACITA 2012, (2-page short paper).
Tom Berman, David Vyvyan,
Graham Bent, Patrick Dantressangle, Jorge Lobo, Fan Ye, Peng Liu, “A
Comparative Study on Trusted Path Discovery in Two Algorithms,” ACITA 2012,
(2-page short paper).
David Vyvyan, Tom Berman,
Graham Bent, Patrick Dantressangle, Jorge Lobo, Fan Ye, Peng liu,
“Trust-based Routing in Gaian Networks,” demo, ACITA 2012, Sept., 2012 UK.
|
JSR
|
Jun Shao, Peng Liu, Yuan Zhou,
“Achieving Key Privacy without Losing CCA Security in Proxy Re-Encryption,” Journal of Systems and Software,
accepted.
|
SCN
|
Jingqiang Liu, Jiwu Jing, Peng
Liu, Qiongxiao Wang, "Impossibility of Finding Any Third Family of
Server Protocols Integrating Byzantine Quorum Systems with Threshold
Signature Schemes," Wiley Journal Security
and Communication Networks, accepted.
|
BMC
Bioinformatics
|
Fengjun Li, Xukai Zhou, Peng Liu,
Jake Y. Chen, New Threats to Health Data Privacy, BMC Bioinformatics, in press.
|
IJIS
|
Zhi Xin, Huiyu Chen, Xinche Wang, Peng Liu, Sencun Zhu, Bing Mao, Li
Xie, “Replacement Attacks: Automatically Evading Behavior Based Software
Birthmark,” International Journal of
Information Security, Springer, accepted, 2012.
|
SCN
|
Deguang Kong, Dinghao Wu,
Donghai Tian, Peng Liu, “Semantic Aware Attribution Analysis of Remote
Exploits,” Wiley Journal Security and
Communication Networks, accepted.
|
Thesis
|
Xi Xiong, PhD Dissertation,
“Protecting System Integrity in Commodity Computers,” defended, Oct 2012
Shengzhi Zhang, PhD
Dissertation, “Virtualization-based Security Analysis of Production Server
Systems,” defended, July 2012
Dan Keating, MS Thesis,
“Exploiting Memory Remnants Vulnerabilities to Do Cross-Tenant Data
Extraction in Cloud Systems,” defended, July 2012
Donghai Tian (BIT), PhD
Dissertation on “Kernel Cruising” and systems integrity protection, defended,
Feb 2012
Jian Liu (Nanjing University of
Aeronautics & Astronautics), PhD Dissertation, “HCS: Study on Algorithms
and Models of Decision Making Problem Based on Human-Centered Services,”
defended, June 2012
Lei Wang (CAS), PhD
Dissertation, “Study on Behavior-based Analysis of Malicious Network
Scripts,” defended, May 2012
Zongbin Liu (CAS), PhD
Dissertation, “Study on Hardware Implementations of ECC and Other
Cryptographic Algorithms,” defended, May 2012
|
2011
|
|
NDSS
|
X. Xiong, D. Tian, P. Liu, “Practical Protection of Kernel Integrity
for Commodity OS from Untrusted Extensions,” NDSS 2011, Feb, 2011, CA. [PDF]
|
PLDI
|
Qiang Zeng, Dinghao Wu, Peng Liu, “Cruiser: Concurrent Heap Buffer
Overflow Monitoring Using Lock-free Data Structures,” PLDI 2011, June, 2011.
[PDF]
|
TIFS
|
Shengzhi Zhang, Xiaoqi Jia, Peng Liu, Jiwu Jing, “PEDA: Comprehensive
Damage Assessment for Production Environment Server Systems,” IEEE Transactions on Information Forensics
and Security, Vol. 6, No. 4, Dec 2011, pages 1323-1334.
|
ICSE (SPIE track)
|
Y. C. Jhi, X. Wang, X. Jia, S. Zhu, P. Liu, D. Wu, "Value-Based
Program Characterization and Its Application to Software Plagiarism
Detection", ICSE 2011 (SPIE
Track), 2011.
|
HotNets
|
John R. Douceur, Jon Howell, Bryan Parno, Xi Xiong, Michael Walfish,
“The Web Interface Should Be Radically Refactored,” to appear, HotNets X,
2011
|
“Cloud
Shredder”
|
Nan Zhang, J. Jing, P. Liu, “Cloud Shredder: Removing the Laptop
On-Road Data Disclosure Threat in the Cloud Computing Era,” Proc. 6th International Conference on
Frontier of Computer Science and Technology, IEEE Digital Library, 2011
|
SSDBM
|
Fengjun Li, Yuxin Chen, Bo Luo, Dongwon Lee and Peng Liu,
“Privacy-Preserving Group Linkage,” SSDBM 2011, accepted.
|
|
ISC Best Paper Award |
Zhi Xin,
Huiyu Chen, Xinche Wang, Peng Liu, Sencun Zhu and Bing Mao, "Replacement
Attacks on Behavior Based Software Birthmark",(2011), ISC 2011,
accepted.
|
SecureComm
|
Deguang Kong, Donghai Tian and Peng Liu, "SAEA: Automatic Semantic
Aware Remote Exploits Attribution Analysis", (2011). Proc. SECURECOMM
2011, to appear
|
ICICS
|
Jun Jiang, Xiaoqi Jia, Dengguo Feng, Shengzhi Zhang, Peng Liu,
“HyperCrop: A Hypervisor-based Countermeasure for Return Oriented Programming,”
accepted, to appear in Proc. ICICS 2011.
|
CNSM
|
S. Zhang, H. Wu, W. Wang, B. Yang, P. Liu, A. V. Vasilakos,
"Distributed Workload and Response Time Management for Web
Applications", (2011), Proc. IEEE
CNSM 2011, to appear, acceptance ratio 15%
|
SECRYPT
|
Zongbin Liu, Luning Xia, Jiwu Jing, Peng Liu, A Tiny RSA Coprocessor
Based on Optimized Systolic Montgomery Architecture, Proc. SECRYPT 2011,
acceptance ratio 13%
|
CODASPY
|
Junfeng Yu, P. Liu, Z. Li, S. Zhang, et al., “LeakProber: A framework
for profiling sensitive data leakage paths,” ACM CODASPY 2011, 2011.
|
ICC
|
Qijun Gu, Meng Yu, Wanyu Zang, Peng Liu, “Lightweight Attacks against
Channel Assignment Protocols in MIMC Wireless Networks,” ICC 2011, 2011.
|
ICC
|
Jun Shao, Peng Liu, Zhenfu Cao,
Guiyi Wei, “Multi-use Unidirectional Proxy Re-Encryption,” ICC 2011, 2011
|
ACITA
|
Jorge Lobo, Qiang Zeng,
“Towards Securing Query Processing in Distributed Databases,” position paper,
Proc. ACITA 2011
|
IJIS
|
Deguang Kong, Yoon-Chan Jhi,
Tao Gong, Sencun Zhu, Peng Liu, Hongsheng Xi, “SAS: Semantics Aware Signature
Generation for Polymorphic Worm Detection,” International Journal of Information Security, Springer, in
press.
|
SCN
|
Jun Shao, Zhenfu Cao, Peng Liu,
“SCCR: a generic approach to simultaneously achieve CCA security and
collusion-resistance in proxy re-encryption,” Security and Communication Networks 4(2): 122–135 (2011)
|
ISPEC
|
Donghai Tian, Xi Xiong,
Changzhen Hu, and Peng Liu, “Policy-Centric Protection of OS Kernel from
Vulnerable Loadable Kernel Modules,” ISPEC 2011, accepted.
|
JQRE
|
Jingqiang Lin, Jiwu Jing, Peng
Liu, “Evaluating Intrusion Tolerant Certification Authority Systems,” Journal of Quality and Reliability
Engineering, accepted, in press
|
GENSIPS
|
Xukai
Zou, Peng Liu and Jake Chen, “Personal Genome Privacy Protection with
Feature-based Hierarchical Dual-stage Encryptions,” GENSIPS 2011, to appear |
SCN
|
Jun Shao, Peng Liu, Guiyi Wei,
Yun Ling, “Anonymous Proxy Re-encryption,” Security and Communication Networks Journal, published.
|
IJSCCPS
|
Baojun Qiu, Kristinka Ivanova,
John Yen, Peng Liu, Frank E. Ritter, “Event-driven Modeling of Evolving
Social Networks,” Int. J. of Social
Computing and Cyber-Physical Systems, published.
|
IJSN
|
Fengjun Li, Bo Luo, Peng Liu, “Secure and Privacy-Preserving
Information Aggregation for Smart Grids,” International
Journal of Security and Networks (IJSN), 6(1):28 - 39, 2011.
|
Qi Fang, Peng Liu, John Yen, Frank
Ritter, Jonathan Morgan, “A Threaded Event-Based Simulation Approach for
Supporting Intelligence Analysis,” Proc.
2011 WG 11.10 Conference on Critical Infrastructure Protection,
published.
Kevin
Hamlen, Peng Liu, Murat Kantarcioglu, Bhavani Thuraisingham, Ting Yu,
“Identity management for cloud computing: Developments and directions,” Proceedings of the Seventh Annual Workshop
on Cyber Security and Information Intelligence Research, 2011.
|
|
2010
|
|
ACSAC
|
S. Zhang, X. Jia,
P. Liu, J. Jing, “Cross-Layer Comprehensive Intrusion Harm Analysis for
Production Workload Server Systems,” In Proceedings
of ACSAC 2010, Dec. 2010, Austin, Texas.
|
ISC
|
D. Tian, X. Xiong,
C. Z. Hu, P. Liu, “Short Paper: Integrating Offline Analysis and Online Protection
to Defeat Buffer Overflow Attacks,” In Proceedings
of ISC 2010, Florida |
SmartGridComm
Selected into
IJSN Special Issue
|
F. Li, B. Luo, P.
Liu, “Secure Information Aggregation for Smart Grids Using Homomorphic
Encryption,” In Proceedings of First
IEEE Conf. on Smart Grid Communications, Oct. 4-6, 2010, NIST, MD. |
INFOCOM
|
F. Li, B. Luo, P.
Liu, C. H. Chu, “A Node Failure Resilient Anonymous
Communication Protocol through
Commutative Path Hopping,” In Proceedings of IEEE INFOCOM 2010, March 2010, San
Diego, CA, USA, regular paper. |
MILCOM Tutorial
|
Jason Li, Peng Liu,
“Cyber Security Analysis and Situation Awareness: Theory and Practice,”
MILCOM 2010, San Jose, CA |
DSN
|
Peng Xie, Jason H
Li, Xinming Ou, Peng Liu and Renato Levy, “Using Bayesian
Networks for Cyber Security Analysis,” In Proceedings of IEEE DSN-DCCS 2010,
June 2010, Chicago, USA, regular paper. |
SecureComm
|
J. Lin, P. Liu, J.
Jing, Q. Wang, “Impossibility of Finding Any Third Family of Server Protocols
Integrating Byzantine Quorum Systems with Threshold Signature Schemes” , Proceedings
of SecureComm 2010, Sept. 2010, Singapore, accepted. |
SecureComm
Selected into
IJIS Special Issue
|
D. Kong, Y. C. Jhi,
T. Gong, S. Zhu, P. Liu, H. Xi, “SAS: Semantics Aware Signature Generation
for Polymorphic Worm Detection”, Proceedings
of SecureComm 2010, Sept. 2010, Singapore, accepted. |
VLDB Journal
|
QFilter:
Rewriting Insecure XML Queries to Secure Ones using Non-Deterministic Finite
Automata, Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu, In The VLDB
J., accepted. |
Position Paper
|
Shengzhi Zhang, Xi
Xiong, Peng Liu, “Challenges in Improving the Survivability of Data Centers,”
Proc. of the Survivability in
Cyberspace Workshop, 2010 |
Position Paper
|
Peng Liu, “Security
and Privacy cannot be taken for Granted by the Cloud Computing Industry,”
Proc. of METS 2010, Taiwan, Nov. 2010 |
COMCOM
|
Choi, Y. H., Liu, P.
and Seo, S. W. “Using Information Collected by Botnets to Create Importance
Scanning Worms,” Elsevier Computer
Communications Journal, 33 (6),
676-688, 2010 |
TDSC
|
X. Wang, C. Pan, P. Liu, S.
Zhu, SigFree: A Signature-free Buffer Overflow Attack Blocker, IEEE Transactions on Dependable and Secure
Computing (TDSC), accepted, in press
|
ACISP
|
Jun Shao, Min Feng, Bin Zhu,
Zhenfu Cao and Peng Liu, “The Security Model of Unidirectional Proxy
Re-Signature with Private Re-Signature Key,” Proc. of 15th Australasian Conference on Information Security and
Privacy, July 5-7, 2010, Sydney, Australia
|
ARES
|
Hai Wang, Yan Su, Peng
Liu, "A Semi-Markov Survivability Evaluation Model for Intrusion
Tolerant Database Systems," accepted for publication in ARES 2010 (The Fifth International Conference on
Availability, Reliability and Security) |
COSE
|
Yoon-Ho Choi, Lunquan Li, Peng Liu, George Kesidis, “Worm Virulence
Estimation for the Containment of
Local Worm Outbreak,” Elsevier Computers
& Security journal, Feb. 2010
|
ISPEC
|
Xiaoqi Jia, Xi Xiong, Jiwu Jing, Peng Liu, “Using Purpose Capturing Signatures to Defeat Computer Virus Mutating, “ accepted by The Sixth
International Conference on Information Security Practice and Experience
Conference (ISPEC 2010), 2010. Springer-Verlag LNCS, to
appear.
|
CNS
|
Heywoong Kim, Qijun Gu, Meng Yu, Wanyu Zang and Peng Liu, “A Simulation
Framework for Performance Analysis of Multi-Interface and Multi-Channel
Wireless Networks in INET/OMNET++,” accepted by 13th Communications and Networking Simulation Symposium (CNS'10)
|
SECRYPT
|
Meng Yu, W. Zang, H. Wang, P. Liu, “Evaluating Survivability and Costs
of Three Virtual Machine based Server Architectures,” Proc. of SECRYPT 2010, accepted, 2010
|
Eurosys Poster
|
Shengzhi Zhang, Xiaoqi Jia, Peng Liu, “Rupi’s Dance: Cross-Layer
Comprehensive Infection Diagnosis for Availability-Critical Server Systems,”
poster, Eurosys 2010
|
CSI
|
Peng Liu, Meng Yu, “Damage Assessment and Repair in Attack Resilient
Distributed Database Systems,” Elsevier
Computer Standards & Interfaces Journal, accepted.
|
BIOKDD
|
Fengjun Li, Jake Chen, Xukai Zou, Peng Liu, “New
Privacy Threats in Healthcare Informatics: When Medical Records Join the
Web,” short paper, BIOKDD workshop 2010, Washington D.C.
|
IET Info
Security
|
Meng Yu, Wanyu Zang, Peng Liu, “Recovery of Data Integrity under
Multi-Tier Architectures”, IET Information Security Journal, accepted.
|
PhD
Dissertations
|
Fengjun Li, “Secure and Privacy-Preserving Information Brokering,” PhD
Dissertation, Oct. 2010
Yoon-Chan Jhi, “A Study of Selected
Security Measures against Non-legitimate Use of Code,” PhD Dissertation, Aug.
2010
Xiaoqi Jia (joint PhD training), “A Study
of Virtualization-based High Availability and Security Mechanisms,” PhD
Dissertation, June 2010, Degree granted by Graduate University of CAS
Po-Chun Chen (affiliated
student), “Experience-based Cyber Security Analysis,” PhD Dissertation, fall
2010
Deguang Kong (joint PhD
training), “Research on Applications of Semantic Aware Statistical Learning
Approaches in Code Security Problems”, PhD Dissertation, May 2010, Degree
granted by University of Sci. and Tech. of China
|
|
|
David Basin, Peng Liu, Peng Ning (eds.), Proc. of 5th ACM Symposium on Information, Computer and
Communications Security (ASIACCS’10), ACM Press, April, 2010, to appear
D. Tian, D. Kong, C. Z. Hu, P. Liu, “Protecting
Kernel Data through Virtualization Technology,” Proc. SecureWare 2010
Baojun Qiu, Kristinka Ivanova, John Yen and Peng
Liu, “Behavior Evolution and Event-driven Growth Dynamics in Social
Networks,” IEEE Social Computing Conference (SocialCom 2010)
Baojun Qiu, Kristinka Ivanova, John Yen and Peng Liu, “Study of Effect
of Node Seniority in Social Networks,” Proc.
of IEEE ISI 2010, short paper
Zongbin Liu, Jiwu Jing, and Peng Liu, “Rate-based
Watermark Traceback: A New Approach,” Proc. of The Sixth International Conference on Information Security Practice
and Experience Conference (ISPEC 2010), 2010
Xiaoqi Jia, Jun Shao, Peng Liu, “CCA-Secure
Type-based Proxy Re-encryption with Invisible Proxy,” accepted by CIT 2010, Proc. of The 10th IEEE International Conference on Computer and Information
Technology, 2010
Daren Zha, Jiwu Jing, Peng Liu, Jingqiang Lin, Xiaoqi Jia, “Proactive
Identification and Prevention of Unexpected Future Rule Conflicts in
Attribute Based Access Control, “ Springer-Verlag
LNCS, 2010.
|
|
2009 |
|
Cyber
Situation
Awareness
|
S. Jajodia, P. Liu, V. Swarup,
C. Wang (eds.), Cyber Situational
Awareness: Issues and Research, Springer, published in Nov. 2009
|
CCS
|
X.
Wang, Y. C. Jhi, S. Zhu, P. Liu, “Behavior Based
Software Theft Detection,” Proc. ACM CCS, 2009. [PDF]
|
ACSAC
|
X. Wang, Y. C. Jhi, S. Zhu, P. Liu, “Detecting Software Theft via
System Call Based Birthmarks”, Proc. ACSAC, 2009, accepted, to appear.
19.6% acceptance rate. |
ACSAC
|
X. Xiong, X. Jia, P. Liu, “SHELF: Preserving Business Continuity and
Availability in an Intrusion Recovery System”, Proc. ACSAC, 2009,
accepted, to appear. 19.6% acceptance rate. |
VMSEC
|
Zhang, S., Xiong, X., Jia, X. and Liu, P. (2009)
“Availability-sensitive Intrusion Recovery”, Proceedings of Second ACM Workshop
on Virtual Machine Security, Chicago, IL, November 2009, 6 page position
paper |
TKDE
|
B. Zheng, W. C.
Lee, P. Liu, D. L. Lee, X. Ding, Tuning On-Air Signatures for Balancing
Performance and Confidentiality, IEEE
Transactions on Knowledge and Data Engineering, Vol. 21, Issue. 12, pp. 1783-1797, Dec. 2009 |
TDSC
|
Q. Gu, P. Liu, W. C. Lee, C. H. Chu, KTR: An Efficient Key Management
Scheme For Secure Data Access Control in Wireless Broadcast Services, IEEE Transactions on Dependable and Secure
Computing (TDSC), Volume 6, Number 3, July-Sept.
2009, pp. 188-201. [PDF]
|
EDBT
|
Damage Tracking Quarantine and Recovery for Mission-Critical Database
Systems, Proc. EDBT 2009, March
2009.
|
NCA
|
Meng Yu, Peng Liu, Wanyu Zang: The implementation and evaluation of a
recovery system for workflows. Elsevier J.
Network and Computer Applications 32(1): 158-183 (2009)
|
SCN
|
Yoon-Chan Jhi, Peng Liu, Lunquan Li, Qijun Gu, Jiwu Jing, George
Kesidis, PWC: A Proactive Worm Containment Solution for Enterprise Networks, Wiley Security and Communication Networks
Journal, accepted, to appear
|
|
|
K. Bai, Ying Liu,
Peng Liu, “Prevent Identity Disclosure in Social Network Data Study,” Proc.
ACM CCS 2009, poster
Zang, W., Gu, Q.,
Yu, M. and Liu, P. (2009) “An Attack-Resilient Channel Assignment MAC
Protocol Not relying on Trust Management”, Proc. International Workshop on
Data Security and Privacy in Emerging Networked Systems, in
association with NBiS, Indianapolis, Aug. 19-21. Ruidong Li, Jie Li, Peng Liu,
Jien Kato, “A Novel Hybrid Trust Management Framework for MANETs,” Proc. 2009 International Workshop on Next
Generation Network Architecture (NGNA 2009) , in association with
ICDCS’09.
M. Yung, P. Liu, D. Lin (eds.),
Information
Security and Cryptology, Springer Lecture Notes in Computer Science,
2009, ISBN 3-540-36796-9
P. Liu, R.
Molva, R. D. Pietro (eds.), Proceedings
of the fourth International Conference on Security and Privacy in Communication
Networks (Securecomm 2008), ACM Digital Library, 2008
M. Yung, P. Liu, D. Lin (eds.), Information Security and Cryptology -
Proceedings of the Short Papers Presented on Inscrypt 2008, Chinese Science Press, 2009
Zang, W., Liu, P. and
Yu, M. (2009) “Incentive-based Methods for Inferring Attacker Intent and
Strategies and Measuring Attack Resilience,” in Annals of Emerging
Research in IA, Security and Privacy Service, H. R. Rao and Shambhu
Upadhyaya (eds.), Elsevier, in press. Barford, P.,
Dacier, M., Dietterich, T. G., Fredrikson, M., Giffin, J., Jajodia, S., Jha,
S., Li, J., Liu, P., Ning, P., Ou, X.,
Song, D., Strater, L., Swarup, V., Tadda, G., Wang, C. and Yen, J. (2009)
“Cyber SA: Situational Awareness for Cyber Defense,” in Cyber Situational
Awareness: Issues and Research, S. Jajodia, P. Liu, V. Swarup, C. Wang
(Eds.), ISBN: 98-1-4419-0139-2, Springer International Series on Advances in
Information Security, Nov. 2009 Yen, J., McNeese, M., Mullen, T., Hall, D., Fan,
X. and Liu, P. (2009) “RPD-based Hypothesis Reasoning for Cyber Situation
Awareness,” in Cyber Situational Awareness: Issues and Research, S.
Jajodia, P. Liu, V. Swarup, C. Wang (Eds.), ISBN: 98-1-4419-0139-2, Springer
International Series on Advances in Information Security, Nov. 2009
Liu, P., Jia, X.,
Zhang, S., Xiong, X., Jhi, Y. C., Bai, K. and Li, J. (2009) “Cross-Layer
Damage Assessment for Cyber Situational Awareness,” in Cyber Situational
Awareness: Issues and Research, S. Jajodia, P. Liu, V. Swarup, C. Wang
(Eds.), ISBN: 98-1-4419-0139-2, Springer International Series on Advances in
Information Security, Nov. 2009 Liu, P., La Porta,
T. and Kotapati, K. (2009) “Cellular Network Security,” in Handbook of
Wireless Networks, John R. Vacca (editor), Morgan Kaufmann, published. P.
Luenam, P. Liu, A. F. Norcio, A Neuro-Fuzzy Approach towards Adaptive
Intrusion Tolerant Database Systems, in Computational
Intelligence and Its Applications, X. Li, X. Yao (eds.), USTC Press,
Hefei, China, 2009
Kun Bai, Damage Management in Database Management Systems, Ph.D. Dissertation, defended in Summer
2009 |
2008
|
|
VMSEC
|
X. Jia, S. Zhang, J. Jing, P. Liu, Using Virtual
Machines to Do Cross-Layer Damage Assessment, Proceedings of ACM Workshop on Virtual Machine Security, in association
with ACM CCS, 2008
|
ACSAC
|
Robert Cole, Peng Liu, Addressing Low Base
Rates in Intrusion Detection via Uncertainty-Bounding Multi-Step Analysis, Proceedings of 24th Annual Computer
Security Applications Conference (ACSAC), 2008
|
ACSAC
|
X. Wang, Y-C Jhi, S. Zhu, P. Liu, STILL:
Exploit Code Detection via Static Taint and Initialization Analyses Proceedings of 24th Annual Computer
Security Applications Conference (ACSAC), 2008
|
ESORICS
|
K. Bai, P. Liu, M. Yu, TRACE:
Zero-down-time Database Damage Tracking, Quarantine, and Cleansing with
Negligible Run-time Overhead, Proc. ESORICS
2008
|
WINET
|
Kameswari
Kotapati, Peng Liu, and Thomas F. LaPorta, Evaluating MAPSec by Marking
Attack Graphs, Kluwer/ACM Wireless
Networks Journal (WINET), in
press.
|
TELESYS
|
K.
Kotapati, P. Liu, T. F. LaPorta, Dependency Relation based Vulnerability
Analysis of 3G Networks: Can It Identify Unforeseen Cascading Attacks? Springer Telecommunications Systems Journal, special issue on “Security, Privacy
and Trust for Beyond-3G Networks,” in press [PDF]
|
|
|
Q. Gu, C. H. Chu, P. Liu,
Modeling and Analysis of Bandwidth Competition in 802.11 Networks, International Journal of Mobile Network
Design and Innovation, in press.
F.
Li, B. Luo, P. Liu, D. Lee, P. Mitra, W. Lee, C. Chu, In-broker Access
Control: Towards Efficient End-to-End Performance of Information Brokerage
Systems, International Journal on
Intelligent Control and Systems, Special Issue on Information Assurance,
in press.
W.
Zang, M. Yu, P. Liu, How Resilient is the Internet against DDoS attacks? - A
Game Theoretic Analysis of Signature-based Rate Limiting, International Journal on Intelligent
Control and Systems, Special Issue on Information Assurance, in press.
X.
Wen, J. Jing, P. Liu, A model of efficient intrusion recovery solution based
on log-structured file system, Journal
of the Graduate School of the Chinese Academy of Sciences (JGSCAS), No.
6, 2008 L. Li, P. Liu, G.
Kesidis, Threshold Smart Walk for the Containment of Local Worm Outbreak, Proc. IEEE GLOBECOM 2008
F. Li, R. Luo, P. Liu, A.
Squicciarini, D. Lee, C. Chu, Defending against Attribute-Correlation Attacks
in Privacy-Aware Information Brokering, Proc.
CollaborateCom 2008, invited paper
K.
Bai, P. Liu, A Fine-grained Damage Management Scheme in a Self-Healing
PostgreSQL System, Proc. IEEE High
Assurance Systems Engineering Symposium (HASE), Dec 3-5, 2008, Nanjing,
China Xinran Wang,
Yoon-Chan Jhi, Sencun Zhu, Peng Liu, Protecting Web Services from Remote
Exploit code: A Static Analysis Approach, Poster paper, Proc. 17th International World Wide Web Conference (WWW 2008), Beijing, China, April
2008, to appear.
K.
Bai, P. Liu, A Light Weighted Damage Tracking Quarantine and Recovery Scheme
for Mission-Critical Database System, poster paper, Proceedings of ACM CIKM 2008. Yuewu
Wang, Peng Liu, Jiwu Jing, Xiaoqi Jia, A Multi-Level Fidelity-preserving
Bandwidth-Limited Worm Simulation Model and Its Application, Proc. 41st Annual IEEE Simulation
Symposium, Ottawa, Canada, April 14-16, 2008, to appear.
Mohammad
M. Masud, Latifur Khan, Bhavani Thuraisingham, Xinran Wang, Peng Liu, Sencun
Zhu, A Data Mining Technique to Detect Remote Exploits, Fourth IFIP WG 11.9 International Conference on Digital Forensics,
Kyoto, Japan, January 27-30, 2008, to appear
Kameswari
Kotapati, Peng Liu, Thomas F. LaPorta, EndSec : An End-to-En Message Security
Protocol for Mobile Telecommunication Networks, IEEE Workshop on Security, Privacy and Authentication in Wireless
Networks, in conjunction with 9th IEEE International Symposium on a World
of Wireless, Mobile and Multimedia Networks, 2008, accepted, to appear
P.
Liu, S. Jajodia, M. Yu, Damage Quarantine and Recovery in Data Processing
Systems, in Handbook of Database
Security, M. Gertz, S. Jajodia, eds., Springer, to appear. [PDF]
Q.
Gu, P. Liu, Denial of Service Attacks, in Handbook
of Computer Networks, Hossein Bidgoli et al. (eds.), John Wiley &
Sons, Hoboken, NJ, 2008. [PDF]
H.
Wang, P. Liu, Survivability Evaluation: Modeling Techniques And Measures, in
Jatinder Gupta and Sushil Sharma eds., in Handbook
of Research on Information Security and Assurance, Idea Group Inc.,
August 2008
Kameswari
Kotapati, Assessing Security of Mobile Telecommunication Networks, Ph.D. Dissertation, defended in Jan
2008
Lunquan
Li, Enterprise Worm: Simulation, Detection, and Optimal Containment, Ph.D. Dissertation, defended in May
2008
Robert
(Bo) Luo, XML Access Control in Native and RDBMS Systems, Ph.D. Dissertation, defended in May
2008
|
2007
|
|
CCS
|
Fengjun Li,
Bo Luo, Peng Liu, Dongwon Lee, Chao-Hsien Chu, Automaton Segmentation: A New
Approach to Preserve Privacy in XML Information Brokering, In 14th ACM
Conf. on Computer and Communication Security (CCS), Alexandria,
VA, USA, October 2007, pages 508-518.
[PDF]
|
ESORICS
|
B.
Luo, D. Lee, P. Liu, Pragmatic XML Access Control Enforcement using
Off-the-shelf RDBMS, ESORICS 2007,
pages 55-71. [PDF]
|
SRDS
|
J.
Lin, J. Jing, P. Liu, A Framework for Intrusion Tolerant Certification
Authority System Evaluation, IEEE SRDS
2007, acceptance rate = 15%
|
ACSAC
|
M.
Yu, W. Zang, P. Liu, Database Isolation and Filtering against Data Corruption
Attacks, ACSAC 2007.
|
SecureComm
|
Y.
Jhi, P. Liu, L. Li, Q. Gu, J. Jing, G. Kesidis, PWC:
A Proactive Worm Containment Solution for Enterprise Networks, IEEE
SecureComm 2007. [PDF]
|
ASIACCS
|
P.
Ayyagari, P. Mitra, D. Lee, W. Lee, P. Liu, Incremental Adaptation of XML
Access-Control Views, Proc. Second ACM
Symposium on Information, Computer and
Communications Security (AsiaCCS), 2007, acceptance rate = 18%.
|
TC
|
Peng
Liu, Jie, Li, Sushil Jajodia, Paul Ammann, Can Follow Concurrency Control, IEEE Transactions on Computers,
56(10), pp. 1425-1430 (brief contribution)
|
|
|
Q.
Gu, P. Liu, C. Chu, Analysis of Area-congestion-based DDoS Attacks in Ad Hoc
Networks, Elsevier Ad Hoc Networks
Journal, Vol. 5/5, 2007, pages 613-625. [PDF]
H.
Wang, P. Liu, L. Li, Evaluating the
Survivability of Intrusion Tolerant Database Systems and the Impact of
Intrusion Detection Deficiencies, International
Journal of Information and Computer Security, Vol. 1, No. 3, pp. 315-340.
Q. Gu, P. Liu, S. Zhu,
C. Chu, Defending against Packet Injection Attacks in Unreliable Ad Hoc
Networks, International Journal of Security and Networks, Vol. 2,
2007, pages 154-169. [PDF]
W. Zang, M. Yu, P. Liu, A
Distributed Algorithm for Workflow Recovery, International Journal on Intelligent Control and Systems, Volume 12, Number
1, March 2007
Page(s):
56- 62
M.
Yu, P. Liu, S. Jajodia, Trusted Recovery, in Secure Data Management in Decentralized Systems, T. Yu, S.
Jajodia, eds., Springer, Berlin, ISBN / ASIN: 0387276947, Dec. 2006.
L. Li, P.
Liu, Y. C. Jhi, G. Kesidis, Evaluation of Collaborative Worm Containment on
DETER Testbed, In Proc. DETER Community
Workshop on Cyber Security Experimentation, in association with Usenix
Security Symposium, Boston, August 2007
J. Li, R. Levy, P. Liu,
Intelligent Cyber Security Analysis in Enterprise Networks, AAAI RIDIS Workshop 2007, position
paper.
R.
Li, J. Li, P. Liu, H. H. Chen, An Objective Trust Management Framework for
Mobile Ad Hoc Networks, IEEE VTC 2007.
Pramote
Luenam, A Neuro-Fuzzy Approach Towards Adaptive Intrusion Tolerant Database
Systems, Ph.D. Dissertation, defended
in May 2007
Hai
Wang, Modeling and Evaluating the Survivability of an Intrusion Tolerant
Database System, Ph.D. Dissertation, defended
in July 2007
|
2006
|
|
USENIX
Security
|
X. Wang, C. Pan, P.
Liu, S. Zhu, SigFree: A Signature-free Buffer Overflow Attack Blocker, Proc. USENIX Security 2006, acceptance
rate = 12% [PDF]
|
ESORICS
|
H. Wang, P.
Liu, Modeling and Evaluating the Survivability of an Intrusion Tolerant
Database System, Proc. ESORICS 2006,
acceptance rate = 20%
|
ACSAC
|
K. Bai, P.
Liu, Towards Database Firewall: Mining the Damage Spreading Patterns, Proc. ACSAC 2006, to appear, acceptance rate = 20%
|
SACMAT
|
P.
Mitra, C. Pan, P. Liu, Semantic Access Control for Information
Interoperation, Proc. ACM
SACMAT 2006, to appear.
|
ASIACCS
|
P. Mitra, C.
Pan, P. Liu, V. Atluri, Privacy-preserving Semantic Interoperation and Access Control of
Heterogeneous Databases, Proc. ACM
Symposium on Information, Computer and Communications Security (ASIACCS),
2006, to appear, acceptance rate = 17% [PDF]
|
SEC
|
K.
Kotapati, P. Liu, T. F. LaPorta, CAT – A Practical Graph & SDL Based Toolkit
for Vulnerability Assessment of 3G Networks, In Proc. IFIP SEC 2006, to appear, acceptance rate = 24.8% [PDF]
|
|
|
F.
Li, B. Luo, P. Liu, D. Lee, P. Mitra, W. Lee, C. Chu, In-broker Access
Control: Towards Efficient End-to-End Performance of Information Brokerage
Systems, Proc. IEEE SUTC 2006,
acceptance rate = 25% [PDF]
L.
Li, I. Hamadeh, S. Jiwasurat, G. Kesidis, P. Liu, C. Newman, Emulating
Sequential Scanning Worms on the DETER Testbed, Proc. IEEE TridentCom ’06. [PDF]
L. Li, P.
Liu, G. Kesidis, Visual Studio for Network Security Experiment Specification
and Data Analysis, Proc. ACM VizSEC Workshop
2006 (in association with CCS’06), Nov 2006.
R.
Li, J. Li, P. Liu, H. H. Chen, On-Demand Public-Key Management for Mobile Ad
Hoc Networks, Wiley Journal of Wireless Communications and
Mobile Computing (WCMC), 6:1-12, 2006.
Q. Gu, Chao-Hsien Chu, Peng
Liu, Sencun Zhu, Slander Resistant Attacker Isolation in Ad Hot Networks, International
Journal of Mobile Network Design and Innovation, Inderscience Publishers,
Vol. 1, No. 3, 2006.
E. Damiani, P. Liu
(eds.), Database and Applications Security XX, Springer Lecture Notes
in Computer Science, LNCS 4127, 2006, ISBN 3-540-36796-9
M.
Yu, P. Liu (eds.), Proceedings of the First International Workshop on
Information Assurance in Distributed Systems, Springer Lecture Notes in Computer Science, 2006.
Q. Gu, K. Bai, H. Wang, P. Liu,
C. Chu, Modeling of Pollution in P2P
File Sharing Systems, Proc. 2006 IEEE Consumer Communications and Networking
Conference, 8-10 January 2006, Las Vegas, NV
L. Li, P.
Liu, G. Kesidis, Scanning An Integrated Experiment Specification and
Visualization Tool for Testbed Emulation, (3 page short paper), Proc. 2006 DETER Community Workshop,
Arlington, VA, June 2006
L. Li, G.
Kesidis, P. Liu, Scanning Worm Emulation on the DETER Testbed (3 page short
paper), Proc. 2006 DETER Community
Workshop, Arlington, VA, June 2006
P. Liu, Book
Review, Information Security – A
Strategic Approach, Vincent Leveque, IEEE Computer Society & Wiley
Inderscience, ISBN 0471736120, Elsevier
Information Processing & Management Journal, 2006, in press
|
2005
|
|
TISSEC
|
P.
Liu, W. Zang, M. Yu, Incentive-Based Modeling and Inference of Attacker Intent, Objectives
and Strategies, ACM Transactions on Information and Systems Security, Vol. 8, No. 1, 41 pages. [PDF]
|
JCS
|
M.
Yu, P. Liu, W. Zang, Specifying and Using Group-to-Group Communication
Services for Intrusion Masking, Journal
of Computer Security, Vol. 13, No. 4, 623-658. [PDF]
|
JASIST
|
Peng
Liu, Amit Chetal, Trust-based Secure Information Sharing between Federal
Government Agencies, Journal of the
American Society for Information Science and Technology, 56(3): 283--298.
[PDF]
|
CIKM
|
Q.
Tan, W. Lee, B. Zhang, P. Liu, D. L. Lee, Balancing Performance and
Confidentiality in Air Index, ACM CIKM
2005, to appear, acceptance rate = 18% [PDF]
|
ACSAC
|
M.
Yu, W. Zang, P. Liu, Defensive Execution of
Transactional Processes against Attacks, Proc. ACSAC 2005,
to appear, acceptance rate = 19.6% [PDF]
|
ITC
|
L.
Li, S. Jiwasurat, P. Liu, G. Kesidis, Emulation of Single Packet UDP Scanning
Worms in Large Enterprises, In Proc. 19
International Teletraffic
Congress (ITC19), August, Beijing, China, 2005. [PDF]
|
DOE
|
P.
Liu, A Game Theoretic Approach to
Cyber Attack Prediction, DOE ECPI Program Final Technical Report, Dec 2005,
26 pages
|
|
|
P.
Liu, Emerging Technologies in Information Assurance, DoD IA Newsletter, summer volume
Q.
Gu, P. Liu, S. Zhu, C. Chu, Defending against Packet Injection Attacks in
Unreliable Ad Hoc Networks, IEEE
GLOBECOM ’05, acceptance rate = 30%. Click [PDF]
for the full size technical report.
Y. Sun, P. Liu, P. Kermani, T. F. La Porta, “An Architecture and Key Management Approach for Maintaining Privacy in Location Based Group Services,” Proc. IEEE CollaborateCom 2005. Q. Gu, P. Liu, W.
Lee, C. Chu, KTR: An Efficient Key Management Scheme for Air Access Control, Proc. IEEE Mobiquitous 2005 (short
paper). Click [PDF] for the full size technical report.
K.
Bai, H. Wang, P. Liu, Towards Database Firewalls, Proc. 19th Annual IFIP WG 11.3 Working Conference on Data
and Applications Security (DBSEC ’05), Storrs, CT, August 7-10, 2005.
K.
Kotapati, P. Liu., Y. Sun, T. F. LaPorta, A Taxonomy of Cyber Attacks on 3G
Networks, Proc. IEEE Int’l Conf. on
Intelligence and Security Informatics (extended abstract) (ISI ’05),
Springer LNCS Vol. xx
Y. Sun, P. Liu, P. Kermani, T. F. La Porta, “An Architecture and Key Management Approach for Maintaining Privacy in Location Based Group Services,” Proc. IEEE CollaborateCom 2005, International Conference on Collaborative Computing: Networking, Applications and Worksharing, 2005. Q.
Gu, Chao-Hsien Chu, Peng Liu, Sencun Zhu, Slander Resistant Attacker Isolation
in Ad Hot Networks, Proc. International Conference on
Telecommunication Systems – Modeling and Analysis, November 17-20, 2005,
Dallas, TX, 13 pages, To appear.
M.
Yu, W. Zang, P. Liu, J. Wang, The Architecture of An Automatic Distributed
Recovery System, Proc. 2005 IEEE International Conference on
Networking, Sensing and Control (ICNSC ’05).
P.
Mitra, P. Liu, C. Pan, Privacy Preserving Ontology Matching, In Proc. AAAI-05 Workshop on Contexts and Ontologies: Theory, Practice and
Applications (4-page short paper), 2005, to appear.
B.
Luo, D. Lee, W. Lee, P. Liu, Deep Set Operators for XQuery, In Proc. Second International Workshop on
XQuery Implementation, Experience and Perspectives (XIME-P 2005) (short
paper), in association with SIGMOD 2005, to appear
S.
Roberts, S. Coyne, Form Follows Function: Information Assurance Network
Design for Problem Based Learning, In Proc.
9th Colloquium for Information Systems Security Education (CISSE ’05), 6-10 June, Atlanta Georgia, 2005.
M.
Yu, W. Zang, P. Liu, Self Healing Workflows under Attacks, 5 minute talk, IEEE Symposium on Security and Privacy,
2005
Qijun
Gu, Peng Liu, Chao-Hsien Chu, Hacking Techniques in Wired Networks, In The Handbook of Information Security,
Hossein Bidgoli et al. (eds.), John Wiley & Sons, to appear [PDF]
Peng
Liu, Meng Yu, Jiwu Jing, Information Assurance, In The Handbook of Information Security, Hossein Bidgoli et al.
(eds.), John Wiley & Sons; to appear [PDF]
Qijun
Gu, A Study of Selected Security Issues in Wireless Networks, Ph.D. Dissertation, defended in June 21,
2005
|
2004
|
|
ICDCS
|
M.
Yu, P. Liu, W. Zang, Self Healing Workflow Systems under Attacks, Proc. 24th IEEE International
Conference on Distributed Computing Systems (ICDCS ’04), Tokyo, Japan,
March 2004, pages 418-425. Acceptance
rate = 17.68% [PDF]
|
CIKM
|
B.
Luo, D. Lee, W. C. Lee, P. Liu, QFilter: Fine-Grained Run-Time XML Access
Controls via NFA-based Query Rewriting, Proc.
ACM CIKM 2004. Acceptance rate =
19%. [PDF]
|
CACM
|
R. Bazjscy,
T. Benzel, M. Bishop, B. Braden, C. Brodley, S. Fahmy, S. Floyd, W. Hardaker,
A. Joseph, G. Kesidis, K. Levitt, B. Lindell, P. Liu, D. Miller, R. Mundy, C.
Neuman, R. Ostrenga, V. Paxson, P. Porras, C. Rosenberg, J. Tygar, S. Sastry,
D. Sterne, S.F. Wu, Cyber Defense Technology
Networking and Evaluation, Communications
of the ACM, March 2004, Vol. 47, No. 3, pages 58-61
|
ISC
|
H.
Wang, P. Liu, L. Li, Evaluating the Impact of Intrusion Detection
Deficiencies on the Cost-Effectiveness of Attack Recovery, In Proceedings
of the 7th Information Security Conference (ISC ’04), Springer LNCS,
September 2004.
|
|
|
R.
Li, J. Li, H. Kameda, P. Liu, Localized Public-key Management for Mobile Ad
Hoc Networks, Proc. IEEE Globecom ’04.
Acceptance rate = 29% [PDF]
Peng
Liu, H. Wang, L. Li, Real-Time Data Attack Isolation for Commercial Database
Applications, Elsevier Journal of
Network and Computer Applications, in press.
P.
Liu, J. Jing, P. Luenam, Y. Wang, L. Li, S. Ingsriswang, The Design and
Implementation of a Self-Healing Database System, Journal of Intelligent Information Systems, Vol. 23, No. 3,
247-269, 2004 [PDF]
B.
Luo, D. Lee, W. C. Lee, P. Liu, A Flexible Framework for Architecting XML
Access Control Enforcement Mechanisms, In Proceedings of the First
Workshop on Secure Data Management in a Connected World (Lecture Notes in Computer
Science 3178), August
2004.
Q.
Gu, P. Liu, C. Chu, Tactical Bandwidth Exhaustion in Ad Hoc Networks, Proceedings
of the 5th Annual IEEE Information Assurance Workshop (IA ’04),
West Point, June 2004.
B.
Pfitzmann, P. Liu (Eds.), Proceedings of the 11th ACM Conference on Computer
and Communications Security, ACM Press, 2004, ACM ISBN: 1-58113-961-6.
Dan
Gao, TCP-based Worm Analysis and Experiments on Emulab, BS Thesis, IST & Schreyer Honors College
W.
C. Lee, P. Liu, L. Giles, Research Issues in Secure Wireless Data Broadcast
Systems, Technical Report
|
2003
|
|
CCS
Selected into TISSEC Special
Issue
|
P. Liu, W. Zang,
Incentive-Based Modeling and Inference of Attacker Intent, Objectives and
Strategies, Proc. 10th ACM Conference
on Computer and Communications Security (CCS ’03) (Acceptance rate
36/252=14.3%), October 28-31, Washington DC, 2003, pages 179-189. [PDF]
|
ACSAC
|
M. Yu, P.
Liu, W. Zang, Multi-Version Data Objects Based Attack Recovery of Workflows, Proc. 19th Annual Computer Security
Applications Conference (ACSAC ’03), Las Vegas, Dec, 2003, pages 142-151.
[PDF]
|
SEC
|
M. Yu, P.
Liu, W. Zhang, Intrusion Masking for Distributed Atomic Operations, Proc.
18th IFIP International Information Security Conference (SEC ’03), May
2003, acceptance ratio 27%, pages 229-240.
|
SSRS
|
J. Jing, P. Liu, D. G. Feng, J. Xiang, N.
Gao, J. Q. Lin, ARECA: A Highly Attack Resilient Certification Authority, Proc. First ACM Workshop on Survivable and
Self-Regenerative Systems (SSRS ’03), October 2003, pages 53-63. [PDF]
|
XSYM
|
D. Lee, W. C.
Lee, and P. Liu, Supporting XML Security Models using Relational Databases: A
Vision, Proc. First International
Symposium of XML Databases (XSym ’03) (Lecture Notes in Computer
Science), September 2003. [PDF]
|
|
|
J. Zhang, P. Liu, Delivering Services with
Integrity Guarantees in Survivable Database Systems, Proc. 17th IFIP WG 11.3 Conference on Data and Applications Security (DBSEC
’03), August 2003, pages 31-45.
Peng
Liu, Engineering a Distributed Intrusion Tolerant Database System Using COT
Components, Proc. DISCEX III,
Volume 2, pages 284-289, April 2003
Peng
Liu, ITDB: An Attack Self-Healing Database System Prototype, Demo Abstract, Proc. DISCEX III, Volume 2, pages 131-133,
2003
P.
Liu, Architectures for Intrusion Tolerant Database Systems, in Foundations of Intrusion Tolerant Systems,
Jaynarayan H. Lala (ed.), IEEE Computer Society Press, 2003, pages 3-13. A
previous version appears as [28].
P.
Luenam, P. Liu, The Design of an Adaptive Intrusion Tolerant Database System,
in Foundations of Intrusion Tolerant
Systems, Jaynarayan H. Lala (ed), IEEE Computer Society Press, 2003,
pages 14-21. A previous version appears as [30].
P. Liu, Measuring
Quality of Information Assurance, DARPA OASIS Final
Technical Report, 2003
R. R. Barton,
W. J. Hery, P. Liu, An S-Vector for Web Applications Security Management, Proc. First ACM Workshop on Business
Driven Security Engineering (SDSE ’03), October 2003, 5 page poster
paper.
P.
Liu and P. Pal (Eds.), Proc. First ACM Workshop on Survivable and
Self-Regenerative Systems, ACM Press, 2003, ACM ISBN: 1-58113-784-2/03/0010.
V.
Atluri and P. Liu (Eds.), 10th ACM Proceedings on Computer and Communications
Security, ACM Press, 2003, ISBN: 1-58113-738-9
Amit
Chetal, Trust-Based Secure Info Sharing Between Federal Government Agencies, MS Thesis, Cyber Security Group, 2003
|
2002
|
|
BOOK
|
(Book)
P. Liu, S. Jajodia, Trusted
Recovery and Defensive Information Warfare, Monograph, Kluwer Academic Publishers,
2002. ISBN 0-7923-7572-6
|
TKDE
|
P.
Ammann, S. Jajodia, P. Liu, Recovery from Malicious Transactions, IEEE Transactions on Knowledge
and Data Engineering, Vol. 15, No. 5, September
2002, pages 1167-1185. [PDF]
|
ACSAC
|
P.
Liu, Architectures
for Intrusion Tolerant Database Systems, Proc. 18th Annual Computer Security
Applications Conference (ACSAC ’02), Dec 2002, acceptance ratio 32%,
pages 311-320. [PDF]
|
|
|
P.
Liu, Y. Wang, The
Design and Implementation of a Multiphase Database Damage Confinement System, Proc. 16th IFIP Working Conf. on Data and
Applications Security (DBSEC ’02), July 2002. [PDF]
|
2001
|
|
CSF
|
P.
Liu, S. Jajodia, Multi-Phase
Damage Confinement in Database Systems for Intrusion Tolerance, Proc. 14th IEEE Computer
Security Foundations Workshop (CSFW ’01)), June
2001, pages 191-205. [PDF]
|
ACSAC
|
P.
Liu, DAIS:
A Real-Time Data Attack Isolation System for Commercial Database
Applications, Proc. 17th Annual Computer Security
Applications Conference (ACSAC ’01), Dec 2001, pages
219-229. [PDF]
|
|
|
Peng
Liu, Xu Hao, Efficient
Damage Assessment and Repair in Resilient Distributed Database Systems, Proc. 15th IFIP WG 11.3 Working
Conference on Data and Applications Security (DBSEC
’01), July 2001. [Postscript]
|
2000
|
|
JCS
|
P.
Liu, S. Jajodia, C. D. McCollum, Intrusion Confinement by Isolation in
Information Systems, Journal of
Computer Security, Vol. 8, No. 4, pages 243-279. [PDF]
|
DSS
|
P.
Liu, P. Ning, S. Jajodia, Avoiding Loss of Fairness Owing to Failures in Fair Data
Exchange Systems, Decision
Support Systems, Vol. 31, No. 3, 2001, pages 337-350. [PDF]
|
DPDB
|
P.
Liu, P. Ammann, S. Jajodia, Rewriting Histories: Recovering From Malicious
Transactions, Distributed
and Parallel Databases, Vol. 8, No. 1, January 2000,
pages 7-40. [PDF]
|
|
|
Peng
Liu, Peng Ning, Sushil Jajodia, Avoiding Loss of Fairness Owing to Process
Crashes in Fair Data Exchange Protocols, Proc. IEEE International Conference on
Dependable Systems and Networks (DSN ’00), Workshop on Dependability Despite Malicious Faults, June 2000,
pages 631-640.
Peng
Liu, General
Design of ItDBMS, Technical Report, 2000.
|
1999
|
|
ICDCS
|
P.
Liu, P. Ammann, S. Jajodia, Incorporating Transaction Semantics to Reduce
Reprocessing Overhead in Replicated Mobile Data Applications, Proc. 19th IEEE International
Conference on Distributed Computing Systems (ICDCS
’99), June 1999, pages 414-423. [PDF]
|
THESIS
|
Peng
Liu, Trusted
Recovery from Malicious Attacks, PhD
Dissertation, June 1999.
|
|
|
Paul
Ammann, Sushil Jajodia, Peng Liu, A fault tolerance approach to survivability,
in Computer Security, Dependability, and
Assurance: From Needs to Solutions, P. Ammann, B. H. Barnes, S. Jajodia,
E. H. Sibley (eds.), IEEE Computer Society Press, 1999
P.
Liu, S. Jajodia, C. D. McCollum, Intrusion Confinement by Isolation in
Information Systems, Proc. IFIP
WG 11.3 13th Working Conference on Database Security (DESEC ’99), July
1999.
S.
Jajodia, P. Ammann, P. Liu, A Fault Tolerance Approach to Survivability, Proc. IST 4th Symposium on
Protecting NATO Information Systems (NATO Security
’99), Oct 1999, pages 20-1 to 20-7
|
-1998
|
|
ACSAC
|
S.
Jajodia, P. Liu, C. D. McCollum, Application Level Isolation to Cope with
Malicious Database Users, Proc.
14th Annual Computer Security Applications Conference
(ACSAC ’98), December 1998, pages 73-82.
|
|
|
Peng
Liu, Semantic
Views of Multilevel Secure Relational Data Models, Technical
Report, George Mason University, 1997.
Peng
Liu, SDB2:
A Secure Client-Server Database System Prototype, Master Thesis, University of
Science and Technology of China, 1996.
Jiwu
Jing, Peng Liu, IsData:
A Secure Networked Management Information System Architecture, IDG Computer World Newspaper,
1995. Invited paper.
Jiwu
Jing, Peng Liu, Threats
of Virus to Networked Management Information Systems, IDG Computer World Newspaper,
1995. Invited paper.
Peng
Liu, Yinxia Dai, Shuwang Lu, Secure Multimedia Data Communications, Proc. 2nd Chinese Annual Conference on
Multimedia (Chinese Multimedia ’93), September, 1993.
Peng
Liu, A
Neural Network Approach to Information Management and Decision Support Expert Systems, BS Thesis, University of Science and
Technology of China, 1993.
|