Wenjing Lou

Virginia Polytechnic Institute and State University, Блэксбург, Virginia, United States

Are you Wenjing Lou?

Claim your profile

Publications (171)149.56 Total impact

  • Yao Zheng · Bing Wang · Wenjing Lou · Y.Thomas Hou ·
    [Show abstract] [Hide abstract]
    ABSTRACT: We consider the privacy-preserving link prediction problem in decentralized online social networks (OSNs). We formulate the problem as a sparse logistic regression problem and solve it with a novel decentralized two-tier method using alternating direction method of multipliers (ADMM). This method enables end users to collaborate with their online service providers without jeopardizing their data privacy. The method also grants end users fine-grained privacy control to their personal data by supporting arbitrary public/private data split. Using real-world data, we show that our method enjoys various advantages including high prediction accuracy, balanced workload, and limited communication overhead. Additionally, we demonstrate that our method copes well with link reconstruction attack.
    ESORICS 2015; 09/2015
  • Amr Nabil · Y. Thomas Hou · Rongbo Zhu · Wenjing Lou · Scott F. Midkiff ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Interference has been the central challenge for wireless networks. In wireless networking, the prevailing paradigm to handle interference is avoidance. Over time, many interference avoidance techniques have been proposed following this paradigm. Recently, research advances at the physical layer are allowing us to explore a new direction in interference management. The new direction is to allow interference to occur and exploit the desired information from interference, rather than avoiding interference completely. This new direction allows much higher utilization of radio channel and spectrum, and opens the door for a whole new perspective on how interference should be managed in a wireless network. This article offers a timely overview of recent advances in this exciting area, with a focus on its application in wireless LAN. We envision that the deployment of these new techniques will lead to dramatic change in the wireless networking paradigm, with profound impact on the future research direction for the wireless networking community.
    IEEE Network 09/2015; 29(5):83-89. DOI:10.1109/MNET.2015.7293310 · 2.54 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Wireless energy transfer (WET) is a new technology that can be used to charge the batteries of sensor nodes without wires. Although wireless, WET does require a charging station to be brought to within reasonable range of a sensor node so that a good energy transfer efficiency can be achieved. On the other hand, it has been well recognized that data collection with a mobile base station has significant advantages over a static one. Given that a mobile platform is required for WET, a natural approach is to employ the same mobile platform to carry the base station for data collection. In this paper, we study the interesting problem of co-locating a wireless charger (for WET) and a mobile base station on the same mobile platform—the wireless charging vehicle (WCV). The WCV travels along a pre-planned path inside the sensor network. Our goal is to minimize energy consumption of the entire system while ensuring that 1) each sensor node is charged in time so that it will never run out of energy, and 2) all data collected from the sensor nodes are relayed to the mobile base station. We develop a mathematical model for this problem (OPT-t), which is time-dependent. Instead of solving OPT-t directly, we show that it is sufficient to study a special subproblem (OPT-s) which only involves space-dependent variables. Subsequently, we develop a provably near-optimal solution to OPT-s. Our results offer a solution on how to use a single mobile platform to address both WET and data collection in sensor networks.
    IEEE Journal on Selected Areas in Communications 08/2015; 33(8):1-1. DOI:10.1109/JSAC.2015.2391631 · 3.45 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: The dominate spectrum sharing paradigm of today is interference avoidance, where a secondary network can use the spectrum only when such a use is not interfering with the primary network. However, with the advances of physical-layer technologies, the mindset of this paradigm is being challenged. This paper explores a new paradigm called “transparent coexistence” for spectrum sharing between primary and secondary nodes in a multihop network environment. Under this paradigm, the secondary network is allowed to use the same spectrum simultaneously with the primary network as long as their activities are “transparent” (or “invisible”) to the primary network. Such transparency is accomplished through a systematic interference cancelation (IC) by the secondary nodes without any impact on the primary network. Although such a paradigm has been studied in the information theory (IT) and communications (COMM) communities, it is not well understood in the wireless networking community, particularly for multihop networks. This paper offers an in-depth study of this paradigm in a multihop network environment and addresses issues such as scheduling (both in frequency channels and time slots) and IC (to/from primary network and within the secondary network). Through a rigorous modeling and formulation, problem formulation, solution development, and simulation results, we show that transparent coexistence paradigm offers significant improvement in terms of spectrum access and throughput performance as compared to the current prevailing interference avoidance paradigm.
    IEEE Journal on Selected Areas in Communications 05/2015; 33(5):958-971. DOI:10.1109/JSAC.2014.2361090 · 3.45 Impact Factor
  • Jin Li · Yan Kit Li · Xiaofeng Chen · Patrick P.C. Lee · Wenjing Lou ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data, and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate check besides the data itself. We also present several new deduplication constructions supporting authorized duplicate check in a hybrid cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead compared to normal operations.
    IEEE Transactions on Parallel and Distributed Systems 05/2015; 26(5):1206-1216. DOI:10.1109/TPDS.2014.2318320 · 2.17 Impact Factor
  • Liang Liu · Xiaofeng Chen · Wenjing Lou ·

    International Journal of Information Security 04/2015; DOI:10.1007/978-3-319-08344-5_6 · 0.96 Impact Factor
  • N. Zhang · K. Sun · W. Lou · Y.T. Hou · S. Jajodia ·
    [Show abstract] [Hide abstract]
    ABSTRACT: With the growing complexity of computing systems, memory based forensic techniques are becoming instrumental in digital investigations. Digital forensic examiners can unravel what happened on a system by acquiring and inspecting in-memory data. Meanwhile, attackers have developed numerous anti-forensic mechanisms to defeat existing memory forensic techniques by manipulation of system software such as OS kernel. To counter anti-forensic techniques, some recent researches suggest that memory acquisition process can be trusted if the acquisition module has not been tampered with and all the operations are performed without relying on any untrusted software including the operating system. However, in this paper, we show that it is possible for malware to bypass the current state-of-art trusted memory acquisition module by manipulating the physical address space layout, which is shared between physical memory and I/O devices on x86 platforms. This fundamental design on x86 platform enables an attacker to build an OS agnostic anti-forensic system. Base on this finding, we propose Hidden in I/O Space (HIveS) which manipulates CPU registers to alter such physical address layout. The system uses a novel I/O Shadowing technique to lock a memory region named HIveS memory into I/O address space, so all operation requests to the HIveS memory will be redirected to the I/O bus instead of the memory controller. To access the HIveS memory, the attacker unlocks the memory by mapping it back into the memory address space. Two novel techniques, Blackbox Write and TLB Camouflage, are developed to further protect the unlocked HIveS memory against memory forensics while allowing attackers to access it. A HIveS prototype for both Windows and Linux running on x86 platform. Lastly, we propose potential countermeasures to detect and mitigate HIveS.
  • Source
    Bing Wang · Yao Zheng · Wenjing Lou · Y. Thomas Hou ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Cloud computing has become the real trend of enterprise IT service model that offers cost-effective and scalable processing. Meanwhile, Software-Defined Networking (SDN) is gaining popularity in enterprise networks for flexibility in network management service and reduced operational cost. There seems a trend for the two technologies to go hand-in-hand in providing an enterprise’s IT services. However, the new challenges brought by the marriage of cloud computing and SDN, particularly the implications on enterprise network security, have not been well understood. This paper sets to address this important problem.
    Computer Networks 03/2015; 81. DOI:10.1016/j.comnet.2015.02.026 · 1.26 Impact Factor
  • Li Yang · Jianfeng Ma · Wenjing Lou · Qi Jiang ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Direct Anonymous Attestation (DAA) is a complex cryptographic protocol for remote attestation and provides both signer authentication and privacy. It was adopted by the Trusted Computing Group (TCG) as a technical standard. However, the DAA scheme in TCG specifications is designed for the single trusted domain attestation, and cannot be deployed in different trusted domain directly. It limits its application range in mobile networks, cloud computing, Internet of Things networks when users and authentication servers belong to different domains. Based on delegation of the trusted relationship, a new cross trusted domain direct anonymous attestation scheme is proposed in this paper. The proxy signature is used for trusted relationship delegation among different domains, and the DAA method is used for the computation platform authentication when a trusted platform accessing different trusted domains. Then the authentication protocol is designed and analyzed under Canetti–Krawczyk (CK) model for the platform remote attestation. The further analysis shows that our proposal can resist platform masquerade attacks and replay attacks, and the authentication protocol is provably secure. The security of the DAA remote attestation system is enhanced by the session key agreement. Finally, a prototype implementation and some experiments are given, the results show that the proposed scheme is effective and suitable for cross domain applications.
    Computer Networks 02/2015; 81. DOI:10.1016/j.comnet.2015.02.023 · 1.26 Impact Factor
  • Jin Li · Jingwei Li · Xiaofeng Chen · Chunfu Jia · Wenjing Lou ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Identity-Based Encryption (IBE) which simplifies the public key and certificate management at Public Key Infrastructure (PKI) is an important alternative to public key encryption. However, one of the main efficiency drawbacks of IBE is the overhead computation at Private Key Generator (PKG) during user revocation. Efficient revocation has been well studied in traditional PKI setting, but the cumbersome management of certificates is precisely the burden that IBE strives to alleviate. In this paper, aiming at tackling the critical issue of identity revocation, we introduce outsourcing computation into IBE for the first time and propose a revocable IBE scheme in the server-aided setting. Our scheme offloads most of the key generation related operations during key-issuing and key-update processes to a Key Update Cloud Service Provider, leaving only a constant number of simple operations for PKG and users to perform locally. This goal is achieved by utilizing a novel collusion-resistant technique: we employ a hybrid private key for each user, in which an AND gate is involved to connect and bound the identity component and the time component. Furthermore, we propose another construction which is provable secure under the recently formulized Refereed Delegation of Computation model. Finally, we provide extensive experimental results to demonstrate the efficiency of our proposed construction.
    IEEE Transactions on Computers 02/2015; 64(2):425-437. DOI:10.1109/TC.2013.208 · 1.66 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: In this letter, we describe highly effective known-plaintext attacks against physical layer security schemes. We substantially reduce the amount of required known-plaintext symbols and lower the symbol error rate (SER) for the attacker. In particular, we analyze the security of orthogonal blinding schemes that disturb an eavesdropper's signal reception using artificial noise transmission. We improve the attack efficacy using fast converging optimization algorithms and combining the measurements of neighboring subchannels in a multicarrier system. We implement the enhanced attack algorithms by solving unregularized and regularized least squares problems. By means of simulation, we show that the performance of the new attack algorithms supersedes the normalized least mean square approach discussed in the work of Schulz et al., e.g., by lowering the eavesdropper's SER by 82% while using 95% less known plaintext.
    IEEE Wireless Communication Letters 02/2015; 4(1):34-37. DOI:10.1109/LWC.2014.2363176
  • X. Yuan · Y. Shi · Y.T. Hou · W. Lou · S.F. Midkiff · S. Kompella ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Transparent coexistence, also known as underlay, offers much more efficient spectrum sharing than traditional interweave coexistence paradigm. In a previous work, the transparent coexistence for a multi-hop secondary networks is studied. In this paper, we design a distributed solution to achieve this paradigm. In our design, we show how to increase the number of data streams iteratively while meeting constraints in the MIMO interference cancelation (IC) model and achieving transparent coexistence. All steps in our distributed algorithm can be accomplished based on local information exchange among the neighboring nodes. Our simulation results show that the performance of our distributed algorithm is highly competitive when compared to an upper bound solution for the centralized problem.

  • IEEE Transactions on Mobile Computing 01/2015; DOI:10.1109/TMC.2015.2413788 · 2.54 Impact Factor

  • IEEE Transactions on Mobile Computing 01/2015; DOI:10.1109/TMC.2015.2410772 · 2.54 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: With the rapid development in availability of cloud services, the techniques for securely outsourcing the prohibitively expensive computations to untrusted servers are getting more and more attentions in the scientific community. In this paper, we investigate secure outsourcing for large-scale systems of linear equations, which are the most popular problems in various engineering disciplines. For the first time, we utilize the sparse matrix to propose a new secure outsourcing algorithm of large-scale linear equations in the fully malicious model. Compared with the state-of-the-art algorithm, the proposed algorithm only requires (optimal) one round communication (while the algorithm requires $L$ rounds of interactions between the client and cloud server, where $L$ denotes the number of iteration in iterative methods). Furthermore, the client in our algorithm can detect the misbehavior of cloud server with the (optimal) probability 1. Therefore, our proposed algorithm is superior in both efficiency and checkability. We also provide the experimental evaluation that demonstrates the efficiency and effectiveness of our algorithm.
    IEEE Transactions on Information Forensics and Security 01/2015; 10(1):69-78. DOI:10.1109/TIFS.2014.2363765 · 2.41 Impact Factor
  • Xiaoqi Qin · Xu Yuan · Yi Shi · Y. Hou · Wenjing Lou · Scott Midkiff ·

    IEEE Transactions on Wireless Communications 01/2015; DOI:10.1109/TWC.2015.2496961 · 2.50 Impact Factor
  • Yao Zheng · Ming Li · Wenjing Lou · Thomas Hou ·

    IEEE Transactions on Dependable and Secure Computing 01/2015; DOI:10.1109/TDSC.2015.2472529 · 1.35 Impact Factor
  • Huacheng Zeng · Yi Shi · Yunhe Hou · Rongbo Zhu · Wenjing Lou ·
    [Show abstract] [Hide abstract]
    ABSTRACT: The rapid advances of MIMO to date have mainly stayed at the physical layer or single-hop communications. Such advantages have not been fully realized at the network level, particularly for multi-hop networks. This is mainly due to the lack of a tractable and accurate model that can characterize MIMO's powerful capabilities such as spatial multiplexing (SM) and interference cancellation (IC). Recently a new DoF-based model was proposed to capture MIMO's SM and IC capabilities in multi-hop networks. This model is based on a novel node-ordering concept and only requires simple numeric computation on DoFs. In this article we review previous models for MIMO and then describe this new DoF model. This new DoF model has the potential to enable significant advances in MIMO research in the networking community.
    IEEE Network 10/2014; 28(5):81-85. DOI:10.1109/MNET.2014.6915444 · 2.54 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Passive monitoring by distributed wireless sniffers has been used to strategically capture the network traffic, as the basis of automatic network diagnosis. However, the traditional monitoring techniques fall short in cognitive radio networks (CRNs) due to the much larger number of channels to be monitored and the secondary users' channel availability uncertainty imposed by primary user activities. To better serve CRNs, we propose a systematic passive monitoring framework, i.e., SpecMonitor, for traffic collection using a limited number of sniffers in Wi-Fi-like CRNs. We jointly consider primary user activity and secondary user channel access pattern to optimize the traffic capturing strategy. In particular, we exploit a nonparametric density estimation method to learn and predict secondary users' access pattern in an online fashion, which rapidly adapts to the users' dynamic behaviors and supports accurate estimation of merged access patterns from multiple users. We also design near-optimal monitoring algorithms that maximize two levels of quality-of-monitoring goals based on the predicted channel access patterns. The simulations and experiments show that SpecMonitor outperforms the existing schemes significantly.
    IEEE Transactions on Wireless Communications 10/2014; 13(10):5893-5905. DOI:10.1109/TWC.2014.2339218 · 2.50 Impact Factor
  • Xiaofeng Chen · Jin Li · M. Jianfeng · Qiang Tang · Wenjing Lou ·
    [Show abstract] [Hide abstract]
    ABSTRACT: With the rapid development in availability of cloud services, the techniques for securely outsourcing the prohibitively expensive computations to untrusted servers are getting more and more attentions in the scientific community. Exponentiations modulo a large prime have been considered the most expensive operation in discrete-logarithm based cryptographic protocols, and the computationally limited devices such as RFID tags or smartcard may be incapable to accomplish these operations. Therefore, it is meaningful to present an efficient method to securely outsource most of this work-load to (untrusted) cloud servers. In this paper, we propose a new secure outsourcing algorithm for (variable-exponent, variable-base) exponentiation modular a prime in the two untrusted program model. Compared with the state-of-the-art algorithm cite{HL05}, the proposed algorithm is superior in both efficiency and checkability. We then utilize this algorithm as a subroutine to achieve outsource-secure Cramer-Shoup encryptions and Schnorr signatures. Besides, we propose the first outsource-secure and efficient algorithm for simultaneous modular exponentiations. Moreover, we formally prove that both the algorithms can achieve the desired security notions. We also provide the experimental evaluation that demonstrates the efficiency and effectiveness of the proposed outsourcing algorithms and schemes.
    IEEE Transactions on Parallel and Distributed Systems 09/2014; 25(9). DOI:10.1109/TPDS.2013.180 · 2.17 Impact Factor

Publication Stats

5k Citations
149.56 Total Impact Points


  • 2009-2015
    • Virginia Polytechnic Institute and State University
      • Department of Computer Science
      Блэксбург, Virginia, United States
  • 2004-2011
    • Worcester Polytechnic Institute
      • Department of Electrical and Computer Engineering
      Worcester, Massachusetts, United States
  • 2008
    • Illinois Institute of Technology
      • Department of Electrical & Computer Engineering
      Chicago, IL, United States
  • 2001-2005
    • University of Florida
      • Department of Electrical and Computer Engineering
      Gainesville, FL, United States