Fengjun Li

Fengjun Li
University of Kansas | KU · Department of Electrical Engineering and Computer Science

PhD

About

80
Publications
13,754
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,800
Citations
Additional affiliations
January 2003 - December 2004
Chinese University of Hong Kong
Position
  • Research Assistant
August 2011 - present
University of Kansas
Position
  • Professor (Assistant)
May 2005 - December 2010
Pennsylvania State University
Position
  • Research Assistant

Publications

Publications (80)
Article
Full-text available
The increasing use of the Internet of Things (IoT) technology has made our lives convenient, however, it also poses new security and privacy threats. In this work, we study a new type of privacy threat enabled by cross-app chains built among multiple seemingly benign IoT apps. We find that interactions among apps could leak privacy-sensitive inform...
Chapter
Full-text available
Generative AI models can produce high-quality images based on text prompts. The generated images often appear indistinguishable from images generated by conventional optical photography devices or created by human artists (i.e., real images). While the outstanding performance of such generative models is generally well received, security concerns a...
Article
Full-text available
In the past decade, we have witnessed an exponential growth of deep learning models, platforms, and applications. While existing DL applications and Machine Learning as a service (MLaaS) frameworks assume fully trusted models, the need for privacy-preserving DNN evaluation arises. In a secure multi-party computation scenario, both the model and the...
Preprint
Full-text available
With ChatGPT under the spotlight, utilizing large language models (LLMs) for academic writing has drawn a significant amount of discussions and concerns in the community. While substantial research efforts have been stimulated for detecting LLM-Generated Content (LLM-content), most of the attempts are still in the early stage of exploration. In thi...
Chapter
The growth of IoT apps poses increasing concerns about sensitive data leaks. While privacy policies are required to describe how IoT apps use private user data (i.e., data practice), problems such as missing, inaccurate, and inconsistent policies have been repeatedly reported. Therefore, it is important to assess the actual data practice in IoT app...
Chapter
With the growing popularity of artificial intelligence (AI) and machine learning (ML), a wide spectrum of attacks against deep learning (DL) models have been proposed in the literature. Both the evasion attacks and the poisoning attacks attempt to utilize adversarially altered samples to fool the victim model to misclassify the adversarial sample....
Preprint
With the growing popularity of artificial intelligence and machine learning, a wide spectrum of attacks against deep learning models have been proposed in the literature. Both the evasion attacks and the poisoning attacks attempt to utilize adversarially altered samples to fool the victim model to misclassify the adversarial sample. While such atta...
Article
Full-text available
Neural networks have been widely deployed in sensor networks and IoT systems due to the advance in lightweight design and edge computing as well as emerging energy-efficient neuromorphic accelerators. However, adversary attack has raised a major threat against neural networks, which can be further enhanced by leveraging the natural hard faults in t...
Preprint
Full-text available
Fuzzing is one of the most effective approaches to finding software flaws. However, applying it to microcontroller firmware incurs many challenges. For example, rehosting-based solutions cannot accurately model peripheral behaviors and thus cannot be used to fuzz the corresponding driver code. In this work, we present $\mu$AFL, a hardware-in-the-lo...
Preprint
Full-text available
Local Transformer-based classification models have recently achieved promising results with relatively low computational costs. However, the effect of aggregating spatial global information of local Transformer-based architecture is not clear. This work investigates the outcome of applying a global attention-based module named multi-resolution over...
Article
To detect fraudulent TLS server certificates and improve the accountability of certification authorities (CAs), certificate transparency (CT) is proposed to record certificates in publicly-visible logs, from which the monitors fetch all certificates and watch for suspicious ones. However, if the monitors, either domain owners themselves or third-pa...
Preprint
Single sign-on (SSO) allows a user to maintain only the credential at the identity provider (IdP), instead of one credential for each relying party (RP), to login to numerous RPs. However, SSO introduces extra privacy leakage threats, as (a) the IdP could track all the RPs which a user is visiting, and (b) collusive RPs could learn a user's online...
Chapter
Federated learning (FL) is an emerging machine learning paradigm. With FL, distributed data owners aggregate their model updates to train a shared deep neural network collaboratively, while keeping the training data locally. However, FL has little control over the local data and the training process. Therefore, it is susceptible to poisoning attack...
Preprint
In the evasion attacks against deep neural networks (DNN), the attacker generates adversarial instances that are visually indistinguishable from benign samples and sends them to the target DNN to trigger misclassifications. In this paper, we propose a novel multi-view adversarial image detector, namely Argos, based on a novel observation. That is,...
Preprint
Finding bugs in microcontroller (MCU) firmware is challenging, even for device manufacturers who own the source code. The MCU runs different instruction sets than x86 and exposes a very different development environment. This invalidates many existing sophisticated software testing tools on x86. To maintain a unified developing and testing environm...
Article
We investigate the problem of securely outsourcing the modular exponentiations in cryptography to an untrusted server, and analyze the security and the efficiency of three privacy-preserving outsourcing protocols for exponentiations proposed in [JCSS,90 (2017):1-13]. Based on Coppersmith's lattice-based method, we present heuristic polynomial-time...
Chapter
Certificate Transparency (CT) is proposed to detect fraudulent certificates and improve the accountability of CAs. CT as an open auditing and monitoring system is based on the idea that all CA-issued certificates are logged in a publicly accessible log server, and that CT-compliant browsers only accept publicly recorded certificates. The purpose of...
Chapter
The Controller Area Network (CAN) has been widely adopted as the de facto standard to support the communication between the ECUs and other computing components in automotive and industrial control systems. In its initial design, CAN only provided very limited security features, which is seriously behind today’s standards for secure communication. T...
Article
Artificial intelligence enabled medical big data analysis has the potential to revolutionize medical practice from diagnosis and prediction of complex diseases to making recommendations and resource allocation decisions in an evidence-based manner. However, big data comes with big disclosure risks. To preserve privacy, excessive data anonymization...
Chapter
Single sign-on (SSO) is becoming more and more popular in the Internet. An SSO ticket issued by the identity provider (IdP) allows an entity to sign onto a relying party (RP) on behalf of the account enclosed in the ticket. To ensure its authenticity, an SSO ticket is digitally signed by the IdP and verified by the RP. However, recent security inci...
Conference Paper
To detect fraudulent TLS server certificates and improve the accountability of certification authorities (CAs), certificate transparency (CT) is proposed to record certificates in publicly-visible logs, from which the monitors fetch all certificates and watch for suspicious ones. However, if the monitors, either domain owners themselves or third-pa...
Conference Paper
Federated learning (FL) is promising in supporting collaborative learning applications that involve large datasets, massively distributed data owners and unreliable network connectivity. To protect data privacy, existing FL approaches adopt (k,n)-threshold secret sharing schemes, based on the semi-honest assumption for clients, to enable secure mul...
Article
Full-text available
With the growing popularity of online social networks, a large amount of private or sensitive information has been posted online. In particular, studies show that users sometimes reveal too much information or unintentionally release regretful messages, especially when they are careless, emotional, or unaware of privacy risks. As such, there exist...
Article
Cloud computing gives resource-constrained clients great conveniences to outsource exorbitant computations to a public cloud. The extended Euclidean algorithm with large-scale polynomials over finite fields is fundamental and widespread in computer science and cryptography, yet it is computationally overloaded for quantities of lightweight devices...
Article
Full-text available
With the increasing popularity of online review systems, a large volume of user-generated content becomes available to help people make reasonable judgments about the quality of services and products from unknown providers. However, these platforms are frequently abused since fraudulent information can be freely inserted by potentially malicious us...
Chapter
Many popular online social networks, such as Twitter, Tumblr, and Sina Weibo, adopt too simple privacy models to satisfy users’ diverse needs for privacy protection. In platforms with no (i.e., completely open) or binary (i.e., “public” and “friends-only”) access control, users cannot control the dissemination boundary of the content they share. Fo...
Article
Full-text available
With the recent growth and commercialization of cloud computing, outsourcing computation has become one of the most important cloud services, which allows the resource-constrained clients to efficiently perform large-scale computation in a pay-per-use manner. Meanwhile, outsourcing large scale computing problems and computationally intensive applic...
Chapter
The rapid expansion of IoT-enabled home automation is accompanied by substantial security and privacy risks. A large number of real-world security incidents exploiting various device vulnerabilities have been revealed. The Onion IoT gateways have been proposed to provide strong security protection for potentially vulnerable IoT devices by hiding th...
Conference Paper
Online review helps reducing uncertainty in the pre-purchasing decision phase and thus becomes an important information source for consumers. With the increasing popularity of online review systems, a large volume of reviews of varying quality is generated. Meanwhile, individual and professional spamming activities have been observed in almost all...
Article
Full-text available
Existing prevention-based secure in-network data aggregation schemes for the smart grids cannot eectively detect accidental errors and falsified data injected by malfunctioning or compromised meters. In this work, we develop a light-weight anomaly detector based on kernel density estimator to locate the smart meter from which the falsified data is...
Article
Full-text available
With the exponential growth of cyber-physical systems (CPS), new security challenges have emerged. Various vulnerabilities, threats, attacks, and controls have been introduced for the new generation of CPS. However, there lack a systematic study of CPS security issues. In particular, the heterogeneity of CPS components and the diversity of CPS syst...
Preprint
With the exponential growth of cyber-physical systems (CPS), new security challenges have emerged. Various vulnerabilities, threats, attacks, and controls have been introduced for the new generation of CPS. However, there lack a systematic study of CPS security issues. In particular, the heterogeneity of CPS components and the diversity of CPS syst...
Conference Paper
Full-text available
With the increased popularity of ubiquitous computing and connectivity, the Internet of Things (IoT) also introduces new vulnerabilities and attack vectors. While secure data collection (i.e. the upward link) has been well studied in the literature, secure data dissemination (i.e. the downward link) remains an open problem. Attribute-based encrypti...
Conference Paper
Hidden service is a very important feature of Tor, which supports server operators to provide a variety of Internet services without revealing their locations. A large number of users rely on Tor hidden services to protect their anonymity. Around 30,000 servers are running hidden services every day [21]. However, hidden services are particularly vu...
Conference Paper
Full-text available
Hardware primitives provide significant promises to support cryptographic primitives and security mechanisms against various forms of compromises. In this work, we study the intrinsic hardware characteristics of modern graphics processing units (GPUs) due to random manufacturing variations, and exploits the inherent randomness to generate device-sp...
Conference Paper
Hidden service is a very important feature of Tor, which supports server operators to provide a variety of Internet services without revealing their locations. A large number of users rely on Tor hidden services to protect their anonymity. Around 30,000 servers are running hidden services every day. However, hidden services are particularly vulnera...
Conference Paper
Full-text available
Online review systems play an important role in affecting consumers' behaviors and decision making, attracting many spammers to insert fake reviews to manipulate review content and ratings. To increase utility and improve user experience, some online review systems allow users to form social relationships between each other and encourage their inte...
Conference Paper
Analyzing 5,525 reviews of restaurants on Yelp.com, we examine how characteristics of review content and attributes of reviewers influence consumers’ evaluations of online reviews. Our results show that review content specificity and engagement significantly affect how consumers rate online reviews. Moreover, reviewer activeness and reputation infl...
Article
The smart grid systems aim to integrate conventional power grids with modern information communication technology. While intensive research efforts have been focused on ensuring data correctness in AMI data collection and protecting data confidentiality in smart grid communications, less effort has been devoted to privacy protection in smart grid d...
Conference Paper
Database outsourcing reduces the cost of data management; however, the confidentiality of the outsourced data is a main challenge. Existing solutions [9, 13, 16, 17] either adopt multiple encryption schemes for data confidentiality that only support limited operations, or focus on providing efficient retrieval with problematic update support. In th...
Conference Paper
Full-text available
Byzantine fault tolerant (BFT) protocols enhance system safety and availability in asynchronous networks, despite the arbitrary faults at both servers and clients. A practical BFT system should be efficient in both contention-free and contending cases, and fault scalable (i.e., efficiently tolerating the increasing number of server faults). However...
Conference Paper
Full-text available
Software based cryptographic services are subject to various memory attacks that expose sensitive keys. This poses serious threats to data confidentiality of the stakeholder. Recent research has made progress in safekeeping these keys by employing isolation at all levels. However, all of them depend on the security of the operating system (OS), whi...
Conference Paper
The core of the smart grid relies on the ability of transmitting realtime metering data and control commands efficiently and reliably. Secure in-network data aggregation approaches have been introduced to fulfill the goal in smart grid neighborhood area networks (NANs) by aggregating the data on-the-fly via intermediate meters. To protect users' pr...
Article
Today's organizations raise an increasing need for information sharing via on-demand access. Information brokering systems (IBSs) have been proposed to connect large-scale loosely federated data sources via a brokering overlay, in which the brokers make routing decisions to direct client queries to the requested data servers. Many existing IBSs ass...
Conference Paper
In smart grid systems, secure in-network data aggregation approaches have been introduced to efficiently collect aggregation data, while preserving data privacy of individual meters. Nevertheless, it is also important to maintain the integrity of aggregate data in the presence of accidental errors and internal/external attacks. To ensure the correc...
Conference Paper
Online customer reviews for both products or merchants have greatly affected others' decision making in purchase. Considering the easily accessibility of the reviews and the significant impacts to the retailers, there is an increasing incentive to manipulate the reviews, mostly profit-driven. Without proper protection, spam reviews will cause gradu...
Conference Paper
With the extreme popularity of Web and online social networks, a large amount of personal information has been made available over the Internet. On the other hand, advances in information retrieval, data mining and knowledge discovery technologies have enabled users to efficiently satisfy their information needs over the Internet or from large-scal...
Article
Full-text available
Along with the rapid digitalization of health data (e.g. Electronic Health Records), there is an increasing concern on maintaining data privacy while garnering the benefits, especially when the data are required to be published for secondary use. Most of the current research on protecting health data privacy is centered around data de-identificatio...
Conference Paper
The problem of privacy preserving record linkage is to find the intersection of records from two parties, while not revealing any private records to each other. Recently, group linkage has been introduced to measure the similarity of groups of records [19]. When we extend the traditional privacy preserving record linkage methods to group linkage me...
Article
In this paper, we present a distributed incremental data aggregation approach, in which data aggregation is performed at all smart meters involved in routing the data from the source meter to the collector unit. With a carefully constructed aggregation tree, the aggregation route covers the entire local neighbourhood or any arbitrary set of designa...
Conference Paper
In this paper, we present a distributed incremental data aggregation approach, in which data aggregation is performed at all smart meters involved in routing the data from the source meter to the collector unit. With a carefully constructed aggregation tree, the aggregation route covers the entire local neighborhood or any arbitrary set of designat...
Conference Paper
Full-text available
In this paper, we study how patient privacy could be com-promised from electronic health records (EHRs), especially with the help of today's information technologies. Current research on privacy protection is centralized around EHR: protecting patient information from being abused by autho-rized users or being accessed by unauthorized users. Limite...
Conference Paper
Full-text available
With rising concerns on user privacy over the Internet, anonymous communication systems that hide the identity of a participant from its partner or third parties are highly desired. Existing approaches either rely on a relative small set of pre-selected relay servers to redirect the messages, or use structured peer-to-peer systems to multicast mess...
Conference Paper
Full-text available
Nowadays, increasing needs for information sharing arise due to extensive collaborations among organizations. Organizations desire to provide data access to their collaborators while preserving full control over the data and comprehensive privacy of their users. A number of information systems have been developed to provide efficient and secure inf...
Article
Full-text available
An XML brokerage system is a distributed XML database system that comprises data sources and brokers which, respectively, hold XML documents and document distribution information. Databases can be queried through brokers with no schema-relevant or geographical difference being noticed. However, all existing information brokerage systems view or han...
Conference Paper
Full-text available
A Distributed Information Brokering System (DIBS) is a peer-to-peer overlay network that comprises diverse data servers and brokering components helping client queries lo- cate the data server(s). Many existing information broker- ing systems adopt server side access control deployment and honest assumptions on brokers. However, little attention ha...
Conference Paper
Full-text available
An XML brokerage system is a distributed XML database system that comprises data sources and brokers which, respectively, hold XML documents and document distribution information. However, all existing information brokerage systems view or handle query brokering and access control as two orthogonal issues: query brokering is a system issue that con...
Article
Full-text available
The concept of fairness index for self-authority servers in a large-scale network is introduced in this paper. The index quantifies the relative contributions of the servers to network routing, and can be used in network administration processes, such as negotiation of Multi-Lateral Peering Agreements. The fairness index concept leads naturally to...
Article
This paper introduces a new fairness index in open architecture networks. The concept can be used to balance the load of self-authority servers and keep them operating in a fair manner. Properties, such as existence and uniqueness, of this index are investigated for some typical network structures. By connecting to von Neumann's equilibrium concept...
Thesis
Thesis submitted in: July 2004. Thesis (M.Phil.)--Chinese University of Hong Kong, 2005. Includes bibliographical references (leaves 83-84).

Network

Cited By