This page has only limited features, please log in for full access.

Unclaimed
Shichang Xuan
Information Security Research Centre, Harbin Engineering University, Harbin 150001, China

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

The user biography is not available.
Following
Followers
Co Authors
The list of users this user is following is empty.
Following: 0 users

Feed

Research article
Published: 01 July 2021 in Security and Communication Networks
Reads 0
Downloads 0

The rapid development in network technology has resulted in the proliferation of Internet of Things (IoT). This trend has led to a widespread utilization of decentralized data and distributed computing power. While machine learning can benefit from the massive amount of IoT data, privacy concerns and communication costs have caused data silos. Although the adoption of blockchain and federated learning technologies addresses the security issues related to collusion attacks and privacy leakage in data sharing, the “free-rider attacks” and “model poisoning attacks” in the federated learning process require auditing of the training models one by one. However, that increases the communication cost of the entire training process. Hence, to address the problem of increased communication cost due to node security verification in the blockchain-based federated learning process, we propose a communication cost optimization method based on security evaluation. By studying the verification mechanism for useless or malicious nodes, we also introduce a double-layer aggregation model into the federated learning process by combining the competing voting verification methods and aggregation algorithms. The experimental comparisons verify that the proposed model effectively reduces the communication cost of the node security verification in the blockchain-based federated learning process.

ACS Style

Shichang Xuan; Ming Jin; Xin Li; Zhaoyuan Yao; Wu Yang; Dapeng Man. DAM-SE: A Blockchain-Based Optimized Solution for the Counterattacks in the Internet of Federated Learning Systems. Security and Communication Networks 2021, 2021, 1 -14.

AMA Style

Shichang Xuan, Ming Jin, Xin Li, Zhaoyuan Yao, Wu Yang, Dapeng Man. DAM-SE: A Blockchain-Based Optimized Solution for the Counterattacks in the Internet of Federated Learning Systems. Security and Communication Networks. 2021; 2021 ():1-14.

Chicago/Turabian Style

Shichang Xuan; Ming Jin; Xin Li; Zhaoyuan Yao; Wu Yang; Dapeng Man. 2021. "DAM-SE: A Blockchain-Based Optimized Solution for the Counterattacks in the Internet of Federated Learning Systems." Security and Communication Networks 2021, no. : 1-14.

Research article
Published: 31 May 2021 in Security and Communication Networks
Reads 0
Downloads 0

Online social networks provide convenient conditions for the spread of rumors, and false rumors bring great harm to social life. Rumor dissemination is a process, and effective identification of rumors in the early stage of their appearance will reduce the negative impact of false rumors. This paper proposes a novel early rumor detection (ERD) model based on reinforcement learning. In the rumor detection part, a dual-engine rumor detection model based on deep learning is proposed to realize the differential feature extraction of original tweets and their replies. A double self-attention (DSA) mechanism is proposed, which can eliminate data redundancy in sentences and words at the same time. In the reinforcement learning part, an ERD model based on Deep Recurrent Q-Learning Network (DRQN) is proposed, which uses LSTM to learn the state sequence features, and the optimization strategy of the reward function is to take into account the timeliness and accuracy of rumor detection. Experiments show that, compared with existing methods, the ERD model proposed in this paper has a greater improvement in the timeliness and detection rate of rumor detection.

ACS Style

Wei Wang; Yuchen Qiu; Shichang Xuan; Wu Yang. Early Rumor Detection Based on Deep Recurrent Q-Learning. Security and Communication Networks 2021, 2021, 1 -13.

AMA Style

Wei Wang, Yuchen Qiu, Shichang Xuan, Wu Yang. Early Rumor Detection Based on Deep Recurrent Q-Learning. Security and Communication Networks. 2021; 2021 ():1-13.

Chicago/Turabian Style

Wei Wang; Yuchen Qiu; Shichang Xuan; Wu Yang. 2021. "Early Rumor Detection Based on Deep Recurrent Q-Learning." Security and Communication Networks 2021, no. : 1-13.

Journal article
Published: 12 June 2020 in Symmetry
Reads 0
Downloads 0

Emerging as the effective strategy of intelligent transportation system (ITS), vehicular ad hoc networks (VANETs) have the capacity of drastically improving the driving experience and road safety. In typical VANET scenarios, high mobility and volatility of vehicles result in dynamic topology of vehicular networks. That is, individual vehicle may pass through the effective domain of multiple neighboring road-side-units (RSUs) during a comparatively short time interval. Hence, efficient and low-latency cross-domain verification with all the successive RSUs is of significance. Recently, a lot of research on VANET authentication and key distribution was presented, while the critical cross-domain authentication (CDA) issue has not been properly addressed. Particularly, the existing CDA solutions mainly reply on the acquired confidential keying information from the neighboring entities (RSUs and vehicles), while too much trustworthiness is granted to the involved RSUs. Please note that the RSUs are distributively located and may be compromised or disabled by adversary, thus vital vehicle information may be revealed. Furthermore, frequent data interactions between RSUs and cloud server are always the major requisite so as to achieve mutual authentication with cross-domain vehicles, which leads to heavy bandwidth consumption and high latency. In this paper, we address the above VANET cross-domain authentication issue under the novel RSU edge networks assumption. Please note that RSUs are assumed to be semi-trustworthy entity in our design, where critical vehicular keying messages remain secrecy. Homomorphic encryption design is applied for all involved RSUs and vehicles. In this way, successive RSUs could efficiently verify the cross-domain vehicle with the transited certificate from the neighbor RSUs and vehicle itself, while the identity and secrets of each vehicle is hidden all the time. Afterwards, dynamic updating towards the anonymous vehicle identity is conducted upon validation, where conditional privacy preserving is available. Moreover, pairing-free mutual authentication method is used for efficiency consideration. Formal security analysis is given, proving that the HCDA mechanism yields desirable security properties on VANET cross domain authentication issue. Performance discussions demonstrate efficiency of the proposed HCDA scheme compared with the state-of-the-art.

ACS Style

Haowen Tan; Shichang Xuan; Ilyong Chung. HCDA: Efficient Pairing-Free Homographic Key Management for Dynamic Cross-Domain Authentication in VANETs. Symmetry 2020, 12, 1003 .

AMA Style

Haowen Tan, Shichang Xuan, Ilyong Chung. HCDA: Efficient Pairing-Free Homographic Key Management for Dynamic Cross-Domain Authentication in VANETs. Symmetry. 2020; 12 (6):1003.

Chicago/Turabian Style

Haowen Tan; Shichang Xuan; Ilyong Chung. 2020. "HCDA: Efficient Pairing-Free Homographic Key Management for Dynamic Cross-Domain Authentication in VANETs." Symmetry 12, no. 6: 1003.

Special issue article
Published: 10 June 2020 in Transactions on Emerging Telecommunications Technologies
Reads 0
Downloads 0

The explosive growth of data in the network has brought huge burdens and challenges to traditional centralized cloud computing data processing. To solve this problem, edge computing technology came into being. Because the edge is closer to the user, processing part of the data at the edge can also bring a faster response to the user and improve their experience. However, the existing edge computing platforms have problems such as data storage security and multiparty data mutual trust. Blockchain technology has become an important means to solve the above data storage and sharing problems due to its excellent characteristics. The core of blockchain technology is consensus, and its speed and security will directly affect the efficiency and stability of the blockchain system. Therefore, this study uses the consensus mechanism as an entry point to reduce the resource consumption of the edge computing blockchain system and improve its security. In order to reduce the resource consumption of traditional consensus algorithms, improve their adaptability in the edge computing environment, and solve the security problem caused by the concentration of node rights, a prestige‐based edge computing blockchain security consensus model (ECBCM) is proposed. ECBCM is a general model based on prestige rewards and penalties. It also introduces a node replacement mechanism to ensure the fault tolerance of the consensus process. According to the results of multiple sets of performance comparison experiments and security verification experiments after embedding the existing consensus algorithm, the validity of the consensus model is confirmed.

ACS Style

Shichang Xuan; Zhiyu Chen; Ilyong Chung; Haowen Tan; Dapeng Man; Xiaojiang Du; Wu Yang; Mohsen Guizani. ECBCM: A prestige‐based edge computing blockchain security consensus model. Transactions on Emerging Telecommunications Technologies 2020, 32, 1 .

AMA Style

Shichang Xuan, Zhiyu Chen, Ilyong Chung, Haowen Tan, Dapeng Man, Xiaojiang Du, Wu Yang, Mohsen Guizani. ECBCM: A prestige‐based edge computing blockchain security consensus model. Transactions on Emerging Telecommunications Technologies. 2020; 32 (6):1.

Chicago/Turabian Style

Shichang Xuan; Zhiyu Chen; Ilyong Chung; Haowen Tan; Dapeng Man; Xiaojiang Du; Wu Yang; Mohsen Guizani. 2020. "ECBCM: A prestige‐based edge computing blockchain security consensus model." Transactions on Emerging Telecommunications Technologies 32, no. 6: 1.

Journal article
Published: 30 March 2020 in IEEE Access
Reads 0
Downloads 0

With the development of the Internet, numerous new applications have emerged, the features of which are constantly changing. It is necessary to perform application classification detection on the network traffic to monitor the changes in the applications. Using RelSamp to sample traffic can provide the sampled traffic with sufficient application features to support application classification. RelSamp separately assigns counters for each flow to record the statistical features and introduces a collision chain into the hash flow table to resolve hash conflicts in the table entries. However, in high-speed networks, owing to the number of concurrent flows and heavy-tailed nature of the traffic, the storage allocation method of RelSamp results in a significant waste of storage on the traffic sampling device. Moreover, the hash conflict resolution of RelSamp causes the collision chains of several hash table entries to be excessively deep, thereby reducing the search efficiency of the flow nodes. To overcome the shortcomings of RelSamp, this study presents a sampling model known as MiniSamp. Based on the RelSamp sampling mechanism, MiniSamp introduces shared counter trees to compress the storage space of the counters during the sampling process and integrates an efficient search tree into the hash table. The search tree structure is adjusted according to the network environment to improve the search efficiency of the flow nodes. The experimental results demonstrate that MiniSamp can effectively aid network operators to classify traffic in the high-speed network.

ACS Style

Shichang Xuan; Dezhi Tang; Ilyong Chung; Youngju Cho; Xiaojiang Du; Wu Yang. Network Traffic Sampling System Based on Storage Compression for Application Classification Detection. IEEE Access 2020, 8, 63106 -63120.

AMA Style

Shichang Xuan, Dezhi Tang, Ilyong Chung, Youngju Cho, Xiaojiang Du, Wu Yang. Network Traffic Sampling System Based on Storage Compression for Application Classification Detection. IEEE Access. 2020; 8 (99):63106-63120.

Chicago/Turabian Style

Shichang Xuan; Dezhi Tang; Ilyong Chung; Youngju Cho; Xiaojiang Du; Wu Yang. 2020. "Network Traffic Sampling System Based on Storage Compression for Application Classification Detection." IEEE Access 8, no. 99: 63106-63120.

Journal article
Published: 20 February 2020 in Computers & Electrical Engineering
Reads 0
Downloads 0

Data sharing techniques have progressively drawn increasing attention as a means of significantly reducing repetitive work. However, in the process of data sharing, the challenges regarding formation of mutual-trust relationships and increasing the level of user participation are yet to be solved. The existing solution is to use a third party as a trust organization for data sharing, but there is no dynamic incentive mechanism for data sharing with a large number of users. Blockchain 2.0 with smart contract has the natural advantage of being able to enable trust and automated transactions between a large number of users. This paper proposes a data sharing incentive model based on evolutionary game theory using blockchain with smart contract. The smart contract mechanism can dynamically control the excitation parameters and continuously encourages users to participate in data sharing.

ACS Style

Shichang Xuan; Li Zheng; Ilyong Chung; Wei Wang; Dapeng Man; Xiaojiang Du; Wu Yang; Mohsen Guizani. An incentive mechanism for data sharing based on blockchain with smart contracts. Computers & Electrical Engineering 2020, 83, 106587 .

AMA Style

Shichang Xuan, Li Zheng, Ilyong Chung, Wei Wang, Dapeng Man, Xiaojiang Du, Wu Yang, Mohsen Guizani. An incentive mechanism for data sharing based on blockchain with smart contracts. Computers & Electrical Engineering. 2020; 83 ():106587.

Chicago/Turabian Style

Shichang Xuan; Li Zheng; Ilyong Chung; Wei Wang; Dapeng Man; Xiaojiang Du; Wu Yang; Mohsen Guizani. 2020. "An incentive mechanism for data sharing based on blockchain with smart contracts." Computers & Electrical Engineering 83, no. : 106587.

Journal article
Published: 28 November 2019 in Applied Sciences
Reads 0
Downloads 0

With the arrival of the Internet of Things (IoT) era and the rise of Big Data, cloud computing, and similar technologies, data resources are becoming increasingly valuable. Organizations and users can perform all kinds of processing and analysis on the basis of massive IoT data, thus adding to their value. However, this is based on data-sharing transactions, and most existing work focuses on one aspect of data transactions, such as convenience, privacy protection, and auditing. In this paper, a data-sharing-transaction application based on blockchain technology is proposed, which comprehensively considers various types of performance, provides an efficient consistency mechanism, improves transaction verification, realizes high-performance concurrency, and has tamperproof functions. Experiments were designed to analyze the functions and storage of the proposed system.

ACS Style

Shichang Xuan; Yibo Zhang; Hao Tang; Ilyong Chung; Wei Wang; Wu Yang. Hierarchically Authorized Transactions for Massive Internet-of-Things Data Sharing Based on Multilayer Blockchain. Applied Sciences 2019, 9, 5159 .

AMA Style

Shichang Xuan, Yibo Zhang, Hao Tang, Ilyong Chung, Wei Wang, Wu Yang. Hierarchically Authorized Transactions for Massive Internet-of-Things Data Sharing Based on Multilayer Blockchain. Applied Sciences. 2019; 9 (23):5159.

Chicago/Turabian Style

Shichang Xuan; Yibo Zhang; Hao Tang; Ilyong Chung; Wei Wang; Wu Yang. 2019. "Hierarchically Authorized Transactions for Massive Internet-of-Things Data Sharing Based on Multilayer Blockchain." Applied Sciences 9, no. 23: 5159.

Journal article
Published: 01 August 2019 in Symmetry
Reads 0
Downloads 0

Nowadays, with rapid advancement of both the upcoming 5G architecture construction and emerging Internet of Things (IoT) scenarios, Device-to-Device (D2D) communication provides a novel paradigm for mobile networking. By facilitating continuous and high data rate services between physically proximate devices without interconnection with access points (AP) or service network (SN), spectral efficiency of the 5G network can be drastically increased. However, due to its inherent open wireless communicating features, security issues and privacy risks in D2D communication remain unsolved in spite of its benefits and prosperous future. Hence, proper D2D authentication mechanisms among the D2D entities are of great significance. Moreover, the increasing proliferation of smartphones enables seamlessly biometric sensor data collecting and processing, which highly correspond to the user’s unique behavioral characteristics. For the above consideration, we present a secure certificateless D2D authenticating mechanism intended for extreme scenarios in this paper. In the assumption, the key updating mechanism only requires a small modification in the SN side, while the decryption information of user equipment (UEs) remains constant as soon as the UEs are validated. Note that a symmetric key mechanism is adopted for the further data transmission. Additionally, the user activities data from smartphone sensors are analyzed for continuous authentication, which is periodically conducted after the initial validation. Note that in the assumed scenario, most of the UEs are out of the effective range of cellular networks. In this case, the UEs are capable of conducting data exchange without cellular connection. Security analysis demonstrates that the proposed scheme can provide adequate security properties as well as resistance to various attacks. Furthermore, performance analysis proves that the proposed scheme is efficient compared with state-of-the-art D2D authentication schemes.

ACS Style

Haowen Tan; Yuanzhao Song; Shichang Xuan; Sungbum Pan; Ilyong Chung. Secure D2D Group Authentication Employing Smartphone Sensor Behavior Analysis. Symmetry 2019, 11, 969 .

AMA Style

Haowen Tan, Yuanzhao Song, Shichang Xuan, Sungbum Pan, Ilyong Chung. Secure D2D Group Authentication Employing Smartphone Sensor Behavior Analysis. Symmetry. 2019; 11 (8):969.

Chicago/Turabian Style

Haowen Tan; Yuanzhao Song; Shichang Xuan; Sungbum Pan; Ilyong Chung. 2019. "Secure D2D Group Authentication Employing Smartphone Sensor Behavior Analysis." Symmetry 11, no. 8: 969.

Journal article
Published: 21 February 2019 in IEEE Access
Reads 0
Downloads 0

Influence blocking maximization (IBM) is a key problem for viral marketing in competitive social networks. Although the IBM problem has been extensively studied, existing works neglect the fact that the location information can play an important role in influence propagation. In this paper, we study the location-based seeds selection for IBM problem, which aims to find a positive seed set in a given query region to block the negative influence propagation in a given block region as much as possible. In order to overcome the low efficiency of the simulation-based greedy algorithm, we propose a heuristic algorithm IS-LSS and its improved version IS-LSS+, both of which are based on the maximum influence arborescence structure and Quadtree index, while IS-LSS+ further improves the efficiency of IS-LSS by using an upper bound method and Quadtree cell lists. The experimental results on real-world datasets demonstrate that our proposed algorithms are able to achieve matching blocking effect to the greedy algorithm as the increase in the number of positive seeds and often better than other heuristic algorithms, whereas they are four orders of magnitude faster than the greedy algorithm.

ACS Style

Wenlong Zhu; Wu Yang; Shichang Xuan; Dapeng Man; Wei Wang; Xiaojiang Du; Mohsen Guizani. Location-Based Seeds Selection for Influence Blocking Maximization in Social Networks. IEEE Access 2019, 7, 27272 -27287.

AMA Style

Wenlong Zhu, Wu Yang, Shichang Xuan, Dapeng Man, Wei Wang, Xiaojiang Du, Mohsen Guizani. Location-Based Seeds Selection for Influence Blocking Maximization in Social Networks. IEEE Access. 2019; 7 ():27272-27287.

Chicago/Turabian Style

Wenlong Zhu; Wu Yang; Shichang Xuan; Dapeng Man; Wei Wang; Xiaojiang Du; Mohsen Guizani. 2019. "Location-Based Seeds Selection for Influence Blocking Maximization in Social Networks." IEEE Access 7, no. : 27272-27287.

Conference paper
Published: 01 November 2018 in 2018 14th International Conference on Computational Intelligence and Security (CIS)
Reads 0
Downloads 0

This research paper introduces a Denoising auto encoder (Unsupervised Deep Neural Network) combined with a typical Back Propagation (BP) Artificial Neural Network (ANN), capable of efficiently detecting WEB Trojan malware. Several researchers in the literature, employ Machine Learning (ML) to detect WEB Trojans. The data used in this paper, come from the WEB security Gateway, since there is less tagged data than unlabeled ones. Based on the literature, simple Supervised Learning (SULE) is not efficient enough for this task. The algorithm proposed herein is hybrid. It employs Unsupervised Learning (UNLE) based on a Stack Denoising Auto encoder (SdAE) to pre-train the data (one layer at a time). This results in more robust feature vectors. Then, in the fine-tuning process, minor adjustments are made through Supervised Learning (SUL) based on a BP ANN. The proposed approach, ensures that the developed model, can still perform accurately, even when the training data set has a small number of tagged data vectors. This research, verifies this hybrid Deep Learning approach used for WEB Trojan detection, outperforms other common classification methods.

ACS Style

Shichang Xuan; Dapeng Man; Wei Wang; Kaiyue Qin; Wu Yang. Hybrid Classification of WEB Trojan Exploiting Small Volume of Labeled Data Vectors. 2018 14th International Conference on Computational Intelligence and Security (CIS) 2018, 286 -290.

AMA Style

Shichang Xuan, Dapeng Man, Wei Wang, Kaiyue Qin, Wu Yang. Hybrid Classification of WEB Trojan Exploiting Small Volume of Labeled Data Vectors. 2018 14th International Conference on Computational Intelligence and Security (CIS). 2018; ():286-290.

Chicago/Turabian Style

Shichang Xuan; Dapeng Man; Wei Wang; Kaiyue Qin; Wu Yang. 2018. "Hybrid Classification of WEB Trojan Exploiting Small Volume of Labeled Data Vectors." 2018 14th International Conference on Computational Intelligence and Security (CIS) , no. : 286-290.

Journal article
Published: 15 October 2018 in International Journal of Distributed Sensor Networks
Reads 0
Downloads 0

Due to the vast popularity of sensors, cloud computing, mobile computing, and intelligent devices, the Internet of Things has seen tremendous growth in recent years. Operating system type recognition is the core technology of network security assessment. Due to inherit security problems of Internet of Things such as the situation of risk and threat of information, the operating system recognition seeks research attention for Internet of Things network security. In view of the current identification method of active operating system, it is prone to be detected by intrusion detection system. The operating system identification technology based on transmission control protocol/Internet protocol fingerprint library is more complicated than to distinguish the operating system types of unknown fingerprints. In this work, a passive operating system identification method based on RIPPER model is proposed. Also, it is compared with the existing support vector machine and C45 decision tree classification algorithms. Experiments reveal that RIPPER-based algorithm has better recognition accuracy and recognition efficiency.

ACS Style

Shichang Xuan; Dapeng Man; Wu Yang; Wei Wang; Jiashuai Zhao; Miao Yu. Identification of unknown operating system type of Internet of Things terminal device based on RIPPER. International Journal of Distributed Sensor Networks 2018, 14, 1 .

AMA Style

Shichang Xuan, Dapeng Man, Wu Yang, Wei Wang, Jiashuai Zhao, Miao Yu. Identification of unknown operating system type of Internet of Things terminal device based on RIPPER. International Journal of Distributed Sensor Networks. 2018; 14 (10):1.

Chicago/Turabian Style

Shichang Xuan; Dapeng Man; Wu Yang; Wei Wang; Jiashuai Zhao; Miao Yu. 2018. "Identification of unknown operating system type of Internet of Things terminal device based on RIPPER." International Journal of Distributed Sensor Networks 14, no. 10: 1.

Journal article
Published: 15 October 2018 in IEEE Access
Reads 0
Downloads 0

In real social networks, it is often the case that opposite opinions, ideas, products or innovations are propagating simultaneously. Although the competitive influence problem has been extensively studied, existing works neglect the fact that the location information can play an important role in influence propagation. In this paper, we study the location-aware influence blocking maximization (LIBM) problem, which aims to find a positive seed set to maximize the blocked negative influence for a given query region. In order to overcome low efficiency of the greedy algorithm, we propose two heuristic algorithms LIBM-H and LIBM-C based on the quadtree index and the maximum influence arborescence (MIA) structure. Experimental results on real-world datasets show that both LIBM-H and LIBM-C are able to achieve matching blocking effect to the greedy algorithm and often better than other heuristic algorithms, whereas they are several orders of magnitude faster than the greedy algorithm.

ACS Style

Wenlong Zhu; Wu Yang; Shichang Xuan; Dapeng Man; Wei Wang; Xiaojiang Du. Location-Aware Influence Blocking Maximization in Social Networks. IEEE Access 2018, 6, 61462 -61477.

AMA Style

Wenlong Zhu, Wu Yang, Shichang Xuan, Dapeng Man, Wei Wang, Xiaojiang Du. Location-Aware Influence Blocking Maximization in Social Networks. IEEE Access. 2018; 6 (99):61462-61477.

Chicago/Turabian Style

Wenlong Zhu; Wu Yang; Shichang Xuan; Dapeng Man; Wei Wang; Xiaojiang Du. 2018. "Location-Aware Influence Blocking Maximization in Social Networks." IEEE Access 6, no. 99: 61462-61477.

Research article
Published: 30 April 2018 in Wireless Communications and Mobile Computing
Reads 0
Downloads 0

While mobile networks provide many opportunities for people, they face security problems huge enough that a firewall is essential. The firewall in mobile networks offers a secure intranet through which all traffic is handled and processed. Furthermore, due to the limited resources in mobile networks, the firewall execution can impact the quality of communication between the intranet and the Internet. In this paper, a performance evaluation mathematical model for firewall system of mobile networks is developed using queuing theory for a multihierarchy firewall with multiple concurrent services. In addition, the throughput and the package loss rate are employed as performance evaluation indicators, and discrete-event simulated experiments are conducted for further verification. Lastly, experimental results are compared to theoretically obtained values to identify a resource allocation scheme that provides optimal firewall performance and can offer a better quality of service (QoS) in mobile networks.

ACS Style

Shichang Xuan; Dapeng Man; Jiangchuan Zhang; Wu Yang; Miao Yu. Mathematical Performance Evaluation Model for Mobile Network Firewall Based on Queuing. Wireless Communications and Mobile Computing 2018, 2018, 1 -13.

AMA Style

Shichang Xuan, Dapeng Man, Jiangchuan Zhang, Wu Yang, Miao Yu. Mathematical Performance Evaluation Model for Mobile Network Firewall Based on Queuing. Wireless Communications and Mobile Computing. 2018; 2018 ():1-13.

Chicago/Turabian Style

Shichang Xuan; Dapeng Man; Jiangchuan Zhang; Wu Yang; Miao Yu. 2018. "Mathematical Performance Evaluation Model for Mobile Network Firewall Based on Queuing." Wireless Communications and Mobile Computing 2018, no. : 1-13.

Conference paper
Published: 01 July 2017 in 2017 26th International Conference on Computer Communication and Networks (ICCCN)
Reads 0
Downloads 0

Web Security Gateway (WSG) is a new type of network security product that maintains the security of trusted networks. In this paper, a WSG model for evaluating WSG performance is presented. This paper advances discussion of previous studies on series services under multiple service windows. The proposed model consists of a two-stage queuing system. The first stage is a network layer simulation. The second stage is thus similar to a parallel hyper-Erlang distribution model. The results of a simulation test verified the feasibility and performance of the proposed model.

ACS Style

Shichang Xuan; Dapeng Man; Wei Wang; Jiangchuan Zhang; Wu Yang; Xiaojiang Du. Two-Stage Mixed Queuing Model for Web Security Gateway Performance Evaluation. 2017 26th International Conference on Computer Communication and Networks (ICCCN) 2017, 1 -7.

AMA Style

Shichang Xuan, Dapeng Man, Wei Wang, Jiangchuan Zhang, Wu Yang, Xiaojiang Du. Two-Stage Mixed Queuing Model for Web Security Gateway Performance Evaluation. 2017 26th International Conference on Computer Communication and Networks (ICCCN). 2017; ():1-7.

Chicago/Turabian Style

Shichang Xuan; Dapeng Man; Wei Wang; Jiangchuan Zhang; Wu Yang; Xiaojiang Du. 2017. "Two-Stage Mixed Queuing Model for Web Security Gateway Performance Evaluation." 2017 26th International Conference on Computer Communication and Networks (ICCCN) , no. : 1-7.

Research article
Published: 10 January 2017 in Security and Communication Networks
Reads 0
Downloads 0

Occupancy information is one of the most important privacy issues of a home. Unfortunately, an attacker is able to detect occupancy from smart meter data. The current battery-based load hiding (BLH) methods cannot solve this problem. To thwart occupancy detection attacks, we propose a framework of battery-based schemes to prevent occupancy detection (BPOD). BPOD monitors the power consumption of a home and detects the occupancy in real time. According to the detection result, BPOD modifies those statistical metrics of power consumption, which highly correlate with the occupancy by charging or discharging a battery, creating a delusion that the home is always occupied. We evaluate BPOD in a simulation using several real-world smart meter datasets. Our experiment results show that BPOD effectively prevents the threshold-based and classifier-based occupancy detection attacks. Furthermore, BPOD is also able to prevent nonintrusive appliance load monitoring attacks (NILM) as a side-effect of thwarting detection attacks.

ACS Style

Dapeng Man; Wu Yang; Shichang Xuan; Xiaojiang Du. Thwarting Nonintrusive Occupancy Detection Attacks from Smart Meters. Security and Communication Networks 2017, 2017, 1 -9.

AMA Style

Dapeng Man, Wu Yang, Shichang Xuan, Xiaojiang Du. Thwarting Nonintrusive Occupancy Detection Attacks from Smart Meters. Security and Communication Networks. 2017; 2017 ():1-9.

Chicago/Turabian Style

Dapeng Man; Wu Yang; Shichang Xuan; Xiaojiang Du. 2017. "Thwarting Nonintrusive Occupancy Detection Attacks from Smart Meters." Security and Communication Networks 2017, no. : 1-9.

Evaluation study
Published: 28 November 2016 in PLOS ONE
Reads 0
Downloads 0

Application layer firewalls protect the trusted area network against information security risks. However, firewall performance may affect user experience. Therefore, performance analysis plays a significant role in the evaluation of application layer firewalls. This paper presents an analytic model of the application layer firewall, based on a system analysis to evaluate the capability of the firewall. In order to enable users to improve the performance of the application layer firewall with limited resources, resource allocation was evaluated to obtain the optimal resource allocation scheme in terms of throughput, delay, and packet loss rate. The proposed model employs the Erlangian queuing model to analyze the performance parameters of the system with regard to the three layers (network, transport, and application layers). Then, the analysis results of all the layers are combined to obtain the overall system performance indicators. A discrete event simulation method was used to evaluate the proposed model. Finally, limited service desk resources were allocated to obtain the values of the performance indicators under different resource allocation scenarios in order to determine the optimal allocation scheme. Under limited resource allocation, this scheme enables users to maximize the performance of the application layer firewall.

ACS Style

Shichang Xuan; Wu Yang; Hui Dong; Jiangchuan Zhang. Performance Evaluation Model for Application Layer Firewalls. PLOS ONE 2016, 11, e0167280 .

AMA Style

Shichang Xuan, Wu Yang, Hui Dong, Jiangchuan Zhang. Performance Evaluation Model for Application Layer Firewalls. PLOS ONE. 2016; 11 (11):e0167280.

Chicago/Turabian Style

Shichang Xuan; Wu Yang; Hui Dong; Jiangchuan Zhang. 2016. "Performance Evaluation Model for Application Layer Firewalls." PLOS ONE 11, no. 11: e0167280.

Conference paper
Published: 01 November 2015 in 2015 Eighth International Conference on Internet Computing for Science and Engineering (ICICSE)
Reads 0
Downloads 0

After studying the current principle andarchitecture of antivirus gateway for Web security detection, we found that the conventional virus scan is based on filescanning, which takes significant processing time. Whenscanning big size files, it may often cause disconnection of filetransferring with a time-out error message prompted out. Tosolve the problem of slow file virus scan, we propose a newmethod in which a packet scanning is introduced instead oftraditional file scanning. This method can be used to processfile receiving and scanning in parallel. The experiment resultsprove that this method significantly improve the performanceof security detection speed.

ACS Style

Shichang Xuan; Dapeng Man; Wei Wang; W. Yang. A Web Security Data Detection Based on Group Scanning. 2015 Eighth International Conference on Internet Computing for Science and Engineering (ICICSE) 2015, 218 -222.

AMA Style

Shichang Xuan, Dapeng Man, Wei Wang, W. Yang. A Web Security Data Detection Based on Group Scanning. 2015 Eighth International Conference on Internet Computing for Science and Engineering (ICICSE). 2015; ():218-222.

Chicago/Turabian Style

Shichang Xuan; Dapeng Man; Wei Wang; W. Yang. 2015. "A Web Security Data Detection Based on Group Scanning." 2015 Eighth International Conference on Internet Computing for Science and Engineering (ICICSE) , no. : 218-222.

Conference paper
Published: 01 November 2015 in 2015 Eighth International Conference on Internet Computing for Science and Engineering (ICICSE)
Reads 0
Downloads 0

In this paper, a variable-length counting Bloomfilter is studied for a variable-length-count Bloom filter(VLCBF) when configuring updates to the median groupfrequently-shifting. Our proposed improved VLCBF deleteseach hash value stored in the first buffer insertion. Only theauxiliary Bloom filter bit is modified accordingly until thebuffer is full when the group of digits updates a shift. Themethod reduces the number of bits set of shift operations toimprove the efficiency of its configuration updates. Theoperations processes of inserting, querying, and deleting in theimproved VLCBF are described in details, followed bycomparative experiments to illustrate the method's efficiencyand applicability.

ACS Style

Shichang Xuan; Dapeng Man; Wei Wang; W. Yang. The Improved Variable Length Counting Bloom Filter Based on Buffer. 2015 Eighth International Conference on Internet Computing for Science and Engineering (ICICSE) 2015, 74 -78.

AMA Style

Shichang Xuan, Dapeng Man, Wei Wang, W. Yang. The Improved Variable Length Counting Bloom Filter Based on Buffer. 2015 Eighth International Conference on Internet Computing for Science and Engineering (ICICSE). 2015; ():74-78.

Chicago/Turabian Style

Shichang Xuan; Dapeng Man; Wei Wang; W. Yang. 2015. "The Improved Variable Length Counting Bloom Filter Based on Buffer." 2015 Eighth International Conference on Internet Computing for Science and Engineering (ICICSE) , no. : 74-78.

Conference paper
Published: 01 January 2015 in 2015 International Conference on Network and Information Systems for Computers
Reads 0
Downloads 0

With the development of computer network technology, network security issues become increasingly more serious, firewall technology is one of the most effective methods to protect network security. Stream filter technology is a new firewall technology, which not only can supervise the network layer as packet filtering firewall, but also can supervise transport layer and application layer as the application proxy firewall. Hash table algorithm has been often used to manage the TCP stream table in firewall. However, the 4-tuple of TCP stream is not uniform distribution, it may lead to the worst case when searching in the hash table. When the worst case happens on the firewall, the quality of service may become very bad in the network. In order to control the worst case, we propose two-level hash tables algorithm based on bloom filter counter algorithm and multi-level hash tables algorithm. We search in the small hash table firstly, if it's fail, then search in the big hash table. The algorithm we proposed can not only decline the probability of worst case, but also reduce the number of memory access in worst case. And our theoretical research and simulation experiments proof that.

ACS Style

Shichang Xuan; Hewei Yu; Yanlong Liu; Wu Yang. An Algorithm of Managing the TCP Stream Based on Two-Level Hash Tables. 2015 International Conference on Network and Information Systems for Computers 2015, 90 -96.

AMA Style

Shichang Xuan, Hewei Yu, Yanlong Liu, Wu Yang. An Algorithm of Managing the TCP Stream Based on Two-Level Hash Tables. 2015 International Conference on Network and Information Systems for Computers. 2015; ():90-96.

Chicago/Turabian Style

Shichang Xuan; Hewei Yu; Yanlong Liu; Wu Yang. 2015. "An Algorithm of Managing the TCP Stream Based on Two-Level Hash Tables." 2015 International Conference on Network and Information Systems for Computers , no. : 90-96.

Journal article
Published: 01 March 2014 in Applied Mechanics and Materials
Reads 0
Downloads 0

It is important to ensure the integrity of the aggregation result and quality of communication among node in wireless sensor network in the condition of high-efficient privacy-preserving data aggregation mechanism. In this paper, we propose a method based on reputation model to solve this problem. During the process of data aggregation, the cluster head node will choose the node with max reputation value as collaborative node to accomplish the aggregation process. To show the efficacy and efficiency of this method, we present the simulation results. The simulation results show that our method iE-CPDA(enforced Integrity Energy-efficient Cluster-based Privacy-preserving Data Aggregation) has less communication and computation and higher accuracy than iCPDA.

ACS Style

Da Peng Man; Ya Qiong Yang; Wu Yang; Wei Wang; Shi Chang Xuan. An Enforcing Integrity and Privacy-Preserving Data Aggregation Protocol in Wireless Sensor Network. Applied Mechanics and Materials 2014, 543-547, 3248 -3251.

AMA Style

Da Peng Man, Ya Qiong Yang, Wu Yang, Wei Wang, Shi Chang Xuan. An Enforcing Integrity and Privacy-Preserving Data Aggregation Protocol in Wireless Sensor Network. Applied Mechanics and Materials. 2014; 543-547 ():3248-3251.

Chicago/Turabian Style

Da Peng Man; Ya Qiong Yang; Wu Yang; Wei Wang; Shi Chang Xuan. 2014. "An Enforcing Integrity and Privacy-Preserving Data Aggregation Protocol in Wireless Sensor Network." Applied Mechanics and Materials 543-547, no. : 3248-3251.