Wenjing Lou

Virginia Polytechnic Institute and State University, Блэксбург, Virginia, United States

Are you Wenjing Lou?

Claim your profile

Publications (167)160.58 Total impact

  • Yao Zheng · Bing Wang · Wenjing Lou · Y.Thomas Hou
    [Show abstract] [Hide abstract]
    ABSTRACT: We consider the privacy-preserving link prediction problem in decentralized online social networks (OSNs). We formulate the problem as a sparse logistic regression problem and solve it with a novel decentralized two-tier method using alternating direction method of multipliers (ADMM). This method enables end users to collaborate with their online service providers without jeopardizing their data privacy. The method also grants end users fine-grained privacy control to their personal data by supporting arbitrary public/private data split. Using real-world data, we show that our method enjoys various advantages including high prediction accuracy, balanced workload, and limited communication overhead. Additionally, we demonstrate that our method copes well with link reconstruction attack.
    ESORICS 2015; 09/2015
  • [Show abstract] [Hide abstract]
    ABSTRACT: Wireless energy transfer (WET) is a new technology that can be used to charge the batteries of sensor nodes without wires. Although wireless, WET does require a charging station to be brought to within reasonable range of a sensor node so that a good energy transfer efficiency can be achieved. On the other hand, it has been well recognized that data collection with a mobile base station has significant advantages over a static one. Given that a mobile platform is required for WET, a natural approach is to employ the same mobile platform to carry the base station for data collection. In this paper, we study the interesting problem of co-locating a wireless charger (for WET) and a mobile base station on the same mobile platform—the wireless charging vehicle (WCV). The WCV travels along a pre-planned path inside the sensor network. Our goal is to minimize energy consumption of the entire system while ensuring that 1) each sensor node is charged in time so that it will never run out of energy, and 2) all data collected from the sensor nodes are relayed to the mobile base station. We develop a mathematical model for this problem (OPT-t), which is time-dependent. Instead of solving OPT-t directly, we show that it is sufficient to study a special subproblem (OPT-s) which only involves space-dependent variables. Subsequently, we develop a provably near-optimal solution to OPT-s. Our results offer a solution on how to use a single mobile platform to address both WET and data collection in sensor networks.
    IEEE Journal on Selected Areas in Communications 08/2015; 33(8):1-1. DOI:10.1109/JSAC.2015.2391631 · 4.14 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: The dominate spectrum sharing paradigm of today is interference avoidance, where a secondary network can use the spectrum only when such a use is not interfering with the primary network. However, with the advances of physical-layer technologies, the mindset of this paradigm is being challenged. This paper explores a new paradigm called “transparent coexistence” for spectrum sharing between primary and secondary nodes in a multihop network environment. Under this paradigm, the secondary network is allowed to use the same spectrum simultaneously with the primary network as long as their activities are “transparent” (or “invisible”) to the primary network. Such transparency is accomplished through a systematic interference cancelation (IC) by the secondary nodes without any impact on the primary network. Although such a paradigm has been studied in the information theory (IT) and communications (COMM) communities, it is not well understood in the wireless networking community, particularly for multihop networks. This paper offers an in-depth study of this paradigm in a multihop network environment and addresses issues such as scheduling (both in frequency channels and time slots) and IC (to/from primary network and within the secondary network). Through a rigorous modeling and formulation, problem formulation, solution development, and simulation results, we show that transparent coexistence paradigm offers significant improvement in terms of spectrum access and throughput performance as compared to the current prevailing interference avoidance paradigm.
    IEEE Journal on Selected Areas in Communications 05/2015; 33(5):958-971. DOI:10.1109/JSAC.2014.2361090 · 4.14 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new deduplication constructions supporting authorized duplicate check in a hybrid cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead compared to normal operations.
    IEEE Transactions on Parallel and Distributed Systems 05/2015; 26(5):1206-1216. DOI:10.1109/TPDS.2014.2318320 · 2.17 Impact Factor
  • Source
    Bing Wang · Yao Zheng · Wenjing Lou · Y. Thomas Hou
    [Show abstract] [Hide abstract]
    ABSTRACT: Cloud computing has become the real trend of enterprise IT service model that offers cost-effective and scalable processing. Meanwhile, Software-Defined Networking (SDN) is gaining popularity in enterprise networks for flexibility in network management service and reduced operational cost. There seems a trend for the two technologies to go hand-in-hand in providing an enterprise’s IT services. However, the new challenges brought by the marriage of cloud computing and SDN, particularly the implications on enterprise network security, have not been well understood. This paper sets to address this important problem.
    Computer Networks 03/2015; 81. DOI:10.1016/j.comnet.2015.02.026 · 1.28 Impact Factor
  • Li Yang · Jianfeng Ma · Wenjing Lou · Qi Jiang
    [Show abstract] [Hide abstract]
    ABSTRACT: Direct Anonymous Attestation (DAA) is a complex cryptographic protocol for remote attestation and provides both signer authentication and privacy. It was adopted by the Trusted Computing Group (TCG) as a technical standard. However, the DAA scheme in TCG specifications is designed for the single trusted domain attestation, and cannot be deployed in different trusted domain directly. It limits its application range in mobile networks, cloud computing, Internet of Things networks when users and authentication servers belong to different domains. Based on delegation of the trusted relationship, a new cross trusted domain direct anonymous attestation scheme is proposed in this paper. The proxy signature is used for trusted relationship delegation among different domains, and the DAA method is used for the computation platform authentication when a trusted platform accessing different trusted domains. Then the authentication protocol is designed and analyzed under Canetti–Krawczyk (CK) model for the platform remote attestation. The further analysis shows that our proposal can resist platform masquerade attacks and replay attacks, and the authentication protocol is provably secure. The security of the DAA remote attestation system is enhanced by the session key agreement. Finally, a prototype implementation and some experiments are given, the results show that the proposed scheme is effective and suitable for cross domain applications.
    Computer Networks 02/2015; 81. DOI:10.1016/j.comnet.2015.02.023 · 1.28 Impact Factor
  • Jin Li · Jingwei Li · Xiaofeng Chen · Chunfu Jia · Wenjing Lou
    [Show abstract] [Hide abstract]
    ABSTRACT: Identity-Based Encryption (IBE) which simplifies the public key and certificate management at Public Key Infrastructure (PKI) is an important alternative to public key encryption. However, one of the main efficiency drawbacks of IBE is the overhead computation at Private Key Generator (PKG) during user revocation. Efficient revocation has been well studied in traditional PKI setting, but the cumbersome management of certificates is precisely the burden that IBE strives to alleviate. In this paper, aiming at tackling the critical issue of identity revocation, we introduce outsourcing computation into IBE for the first time and propose a revocable IBE scheme in the server-aided setting. Our scheme offloads most of the key generation related operations during key-issuing and key-update processes to a Key Update Cloud Service Provider, leaving only a constant number of simple operations for PKG and users to perform locally. This goal is achieved by utilizing a novel collusion-resistant technique: we employ a hybrid private key for each user, in which an AND gate is involved to connect and bound the identity component and the time component. Furthermore, we propose another construction which is provable secure under the recently formulized Refereed Delegation of Computation model. Finally, we provide extensive experimental results to demonstrate the efficiency of our proposed construction.
    IEEE Transactions on Computers 02/2015; 64(2):425-437. DOI:10.1109/TC.2013.208 · 1.47 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: In this letter, we describe highly effective known-plaintext attacks against physical layer security schemes. We substantially reduce the amount of required known-plaintext symbols and lower the symbol error rate (SER) for the attacker. In particular, we analyze the security of orthogonal blinding schemes that disturb an eavesdropper's signal reception using artificial noise transmission. We improve the attack efficacy using fast converging optimization algorithms and combining the measurements of neighboring subchannels in a multicarrier system. We implement the enhanced attack algorithms by solving unregularized and regularized least squares problems. By means of simulation, we show that the performance of the new attack algorithms supersedes the normalized least mean square approach discussed in the work of Schulz et al., e.g., by lowering the eavesdropper's SER by 82% while using 95% less known plaintext.
    IEEE Wireless Communication Letters 02/2015; 4(1):34-37. DOI:10.1109/LWC.2014.2363176
  • IEEE Transactions on Mobile Computing 01/2015; DOI:10.1109/TMC.2015.2410772 · 2.91 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: With the rapid development in availability of cloud services, the techniques for securely outsourcing the prohibitively expensive computations to untrusted servers are getting more and more attentions in the scientific community. In this paper, we investigate secure outsourcing for large-scale systems of linear equations, which are the most popular problems in various engineering disciplines. For the first time, we utilize the sparse matrix to propose a new secure outsourcing algorithm of large-scale linear equations in the fully malicious model. Compared with the state-of-the-art algorithm, the proposed algorithm only requires (optimal) one round communication (while the algorithm requires $L$ rounds of interactions between the client and cloud server, where $L$ denotes the number of iteration in iterative methods). Furthermore, the client in our algorithm can detect the misbehavior of cloud server with the (optimal) probability 1. Therefore, our proposed algorithm is superior in both efficiency and checkability. We also provide the experimental evaluation that demonstrates the efficiency and effectiveness of our algorithm.
    IEEE Transactions on Information Forensics and Security 01/2015; 10(1):69-78. DOI:10.1109/TIFS.2014.2363765 · 2.07 Impact Factor
  • Yao Zheng · Ming Li · Wenjing Lou · Thomas Hou
    IEEE Transactions on Dependable and Secure Computing 01/2015; DOI:10.1109/TDSC.2015.2472529 · 1.14 Impact Factor
  • IEEE Transactions on Mobile Computing 01/2015; DOI:10.1109/TMC.2015.2413788 · 2.91 Impact Factor
  • Liang Liu · Xiaofeng Chen · Wenjing Lou
    International Journal of Information Security 01/2015; DOI:10.1007/978-3-319-08344-5_6 · 0.94 Impact Factor
  • Huacheng Zeng · Yi Shi · Yunhe Hou · Rongbo Zhu · Wenjing Lou
    [Show abstract] [Hide abstract]
    ABSTRACT: The rapid advances of MIMO to date have mainly stayed at the physical layer or single-hop communications. Such advantages have not been fully realized at the network level, particularly for multi-hop networks. This is mainly due to the lack of a tractable and accurate model that can characterize MIMO's powerful capabilities such as spatial multiplexing (SM) and interference cancellation (IC). Recently a new DoF-based model was proposed to capture MIMO's SM and IC capabilities in multi-hop networks. This model is based on a novel node-ordering concept and only requires simple numeric computation on DoFs. In this article we review previous models for MIMO and then describe this new DoF model. This new DoF model has the potential to enable significant advances in MIMO research in the networking community.
    IEEE Network 10/2014; 28(5):81-85. DOI:10.1109/MNET.2014.6915444 · 3.72 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Passive monitoring by distributed wireless sniffers has been used to strategically capture the network traffic, as the basis of automatic network diagnosis. However, the traditional monitoring techniques fall short in cognitive radio networks (CRNs) due to the much larger number of channels to be monitored and the secondary users' channel availability uncertainty imposed by primary user activities. To better serve CRNs, we propose a systematic passive monitoring framework, i.e., SpecMonitor, for traffic collection using a limited number of sniffers in Wi-Fi-like CRNs. We jointly consider primary user activity and secondary user channel access pattern to optimize the traffic capturing strategy. In particular, we exploit a nonparametric density estimation method to learn and predict secondary users' access pattern in an online fashion, which rapidly adapts to the users' dynamic behaviors and supports accurate estimation of merged access patterns from multiple users. We also design near-optimal monitoring algorithms that maximize two levels of quality-of-monitoring goals based on the predicted channel access patterns. The simulations and experiments show that SpecMonitor outperforms the existing schemes significantly.
    IEEE Transactions on Wireless Communications 10/2014; 13(10):5893-5905. DOI:10.1109/TWC.2014.2339218 · 2.76 Impact Factor
  • Xiaofeng Chen · Jin Li · M. Jianfeng · Qiang Tang · Wenjing Lou
    [Show abstract] [Hide abstract]
    ABSTRACT: With the rapid development in availability of cloud services, the techniques for securely outsourcing the prohibitively expensive computations to untrusted servers are getting more and more attentions in the scientific community. Exponentiations modulo a large prime have been considered the most expensive operation in discrete-logarithm based cryptographic protocols, and the computationally limited devices such as RFID tags or smartcard may be incapable to accomplish these operations. Therefore, it is meaningful to present an efficient method to securely outsource most of this work-load to (untrusted) cloud servers. In this paper, we propose a new secure outsourcing algorithm for (variable-exponent, variable-base) exponentiation modular a prime in the two untrusted program model. Compared with the state-of-the-art algorithm cite{HL05}, the proposed algorithm is superior in both efficiency and checkability. We then utilize this algorithm as a subroutine to achieve outsource-secure Cramer-Shoup encryptions and Schnorr signatures. Besides, we propose the first outsource-secure and efficient algorithm for simultaneous modular exponentiations. Moreover, we formally prove that both the algorithms can achieve the desired security notions. We also provide the experimental evaluation that demonstrates the efficiency and effectiveness of the proposed outsourcing algorithms and schemes.
    IEEE Transactions on Parallel and Distributed Systems 09/2014; 25(9). DOI:10.1109/TPDS.2013.180 · 2.17 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Conditional e-payments (or e-cash) allow the user to anonymously cash a bank-issued e-coin at a future time if and only if a certain agreed-upon public condition is satisfied, which are useful in plenty of applications such as prediction markets, anonymous online betting, and securities trading. In this paper, we propose a new and efficient conditional e-payment system based on Chen et al.’s restrictive partially blind signature scheme. Compared to the existing conditional e-payment schemes , and , our construction requires neither the inefficient cut-and-choose techniques nor the complicated knowledge proof protocols and thus has lower computation and communication complexity. Another significant contribution of this paper is a conditional e-payment system with transferability which allows the coin to be further transferred anonymously by a chain of payees.
    Future Generation Computer Systems 07/2014; 37:252–258. DOI:10.1016/j.future.2013.07.015 · 2.64 Impact Factor
  • Jin Li · Xiaofeng Chen · Mingqiang Li · P.P.C. Lee · Wenjing Lou
    [Show abstract] [Hide abstract]
    ABSTRACT: Data deduplication is a technique for eliminating duplicate copies of data, and has been widely used in cloud storage to reduce storage space and upload bandwidth. Promising as it is, an arising challenge is to perform secure deduplication in cloud storage. Although convergent encryption has been extensively adopted for secure deduplication, a critical issue of making convergent encryption practical is to efficiently and reliably manage a huge number of convergent keys. This paper makes the first attempt to formally address the problem of achieving efficient and reliable key management in secure deduplication. We first introduce a baseline approach in which each user holds an independent master key for encrypting the convergent keys and outsourcing them to the cloud. However, such a baseline key management scheme generates an enormous number of keys with the increasing number of users and requires users to dedicatedly protect the master keys. To this end, we propose Dekey , a new construction in which users do not need to manage any keys on their own but instead securely distribute the convergent key shares across multiple servers. Security analysis demonstrates that Dekey is secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement Dekey using the Ramp secret sharing scheme and demonstrate that Dekey incurs limited overhead in realistic environments.
    IEEE Transactions on Parallel and Distributed Systems 06/2014; 25(6):1615-1625. DOI:10.1109/TPDS.2013.284 · 2.17 Impact Factor
  • Haixin Nie · Xiaofeng Chen · Jin Li · Josolph Liu · Wenjing Lou
    [Show abstract] [Hide abstract]
    ABSTRACT: Linear programming (LP) has been well studied in the scientific community for various engineering applications such as network flow problems, packet routing, portfolio optimization, and financial data management, etc. In this paper, we first utilize the sparse matrix to investigate secure outsourcing for large-scale LP systems, which is considered as a prohibitively expensive computation for the clients with resource-constraint devices. Besides, we propose a secure and practical scheme which is suitable for any LP problem (feasible, infeasible or unbounded) even in the fully malicious model. Compared with the state-of-the-art algorithm [30], our proposed algorithm only requires O(n2) computational overhead instead of O(nρ) for 2 <; ρ ≤ 3. Furthermore, the client C can detect the misbehavior of cloud server S with the (optimal) probability 1 under the computational complexity of O(n).
    2014 IEEE 28th International Conference on Advanced Information Networking and Applications (AINA); 05/2014
  • [Show abstract] [Hide abstract]
    ABSTRACT: Reactive jamming is considered the most powerful jamming attack as the attack efficiency is maximized while the risk of being detected is minimized. Currently, there are no effective anti-jamming solutions to secure OFDM wireless communications under reactive jamming attack. On the other hand, MIMO has emerged as a technology of great research interest in recent years mostly due to its capacity gain. In this paper, we explore the use of MIMO technology for jamming resilient OFDM communication, especially its capability to communicate against the powerful reactive jammer. We first investigate the jamming strategies and their impacts on the OFDM-MIMO receivers. We then present a MIMO-based anti-jamming scheme that exploits interference cancellation and transmit precoding capabilities of MIMO technology to turn a jammed non-connectivity scenario into an operational network. Our testbed evaluation shows the destructive power of reactive jamming attack, and also validates the efficacy and efficiency of our defense mechanisms.
    IEEE INFOCOM 2014 - IEEE Conference on Computer Communications; 04/2014

Publication Stats

4k Citations
160.58 Total Impact Points

Institutions

  • 2009–2015
    • Virginia Polytechnic Institute and State University
      • Department of Computer Science
      Блэксбург, Virginia, United States
  • 2004–2011
    • Worcester Polytechnic Institute
      • Department of Electrical and Computer Engineering
      Worcester, Massachusetts, United States
  • 2008
    • Illinois Institute of Technology
      • Department of Electrical & Computer Engineering
      Chicago, IL, United States
  • 2001–2006
    • University of Florida
      • Department of Electrical and Computer Engineering
      Gainesville, FL, United States