Guangjie Liu

Guangjie Liu
Nanjing University of Science and Technology | NJUST · School of Automation

About

124
Publications
14,608
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,494
Citations
Additional affiliations
January 2006 - November 2016
Nanjing University of Science and Technology
Position
  • Professor

Publications

Publications (124)
Article
Full-text available
In recent years, various adversarial defense methods have been proposed to improve the robustness of deep neural networks. Adversarial training is one of the most potent methods to defend against adversarial attacks. However, the difference in the feature space between natural and adversarial examples hinders the accuracy and robustness of the mode...
Article
Covert communication is one of the most promising ways in 6G due to its high concealment, diverse forms, and strong compatibility. In traditional covert communication, high-gain antennas, signal amplifiers, and multipath transmission methods are commonly used to expand communication distance. However, the current research on covert communication is...
Article
Full-text available
This study explores the covert transmission of surveillance videos using QAM (quadrature amplitude modulation) constellations. By analyzing transmission strategies used in surveillance video systems, we adopt KL divergence as the constraint for covertness performance and mutual information to characterize transmission rates. Utilizing the Taylor se...
Article
Full-text available
Machine learning (ML) models are essential to securing communication networks. However, these models are vulnerable to adversarial examples (AEs), in which malicious inputs are modified by adversaries to produce the desired output. Adversarial training is an effective defense method against such attacks but relies on access to a substantial number...
Article
Secure communication technology has attracted more and more attention to improve the security of the Internet of Things (IoT). In this article, we discuss the maximum secrecy capacity problem for a mobile unmanned aerial vehicle (UAV) assisted secure communication in IoT, where the UAV relays the covert information from the transmitter (Alice) to t...
Article
Full-text available
In wireless sensor networks (WSNs), unmanned aerial vehicles (UAVs) are considered an effective data collection tool. In this paper, we investigate the energy-efficient data collection problem in a UAV-enabled secure WSN without knowing the instantaneous channel state information of the eavesdropper (Eve). Specifically, the UAV collected the inform...
Article
Unmanned aerial vehicles (UAVs) are an important component of a communication system to measure, collect, store, forward, analyze, and operate covert data. Due to the advantages of rapid deployment and high mobility, it has become a promising trend to leverage the UAVs to assist Alice against Willie's detection. Nevertheless, the covert communicati...
Article
Unmanned aerial vehicles (UAVs) are viewed as a key component of 5G, 6G and beyond wireless networks to receive, store and forward information. Benefiting from swift deployment, low cost and high mobility, it has become a promising trend to leverage the UAVs to assist the covert communicator (Alice) against the detector’s (Willie’s) detection in a...
Article
Full-text available
The evergrowing diversity of encrypted and anonymous network traffic makes network management more formidable to manage the network traffic. An intelligent system is essential to analyse and identify network traffic accurately. Network management needs such techniques to improve the Quality of Service and ensure the flow of secure network traffic....
Article
The existing detection methods of algorithmically generated malicious domain names lack theoretical modelling methods for domain name element composition. To address this problem, a semantic element representation model for domain names is constructed based on the set of semantic elements of domain names and the probabilistic context free grammar m...
Article
Full-text available
Wireless covert communication is an emerging communication technique that prevents eavesdropping. This paper considers the bit error ratio (BER) problem of covert communication based on constellation shaping modulation (CSM). The impact of carrier-secret ratio (CSR) on BER is studied and the approximate solution of optimal CSR is obtained. Then, we...
Article
Full-text available
The security of cyber-physical systems (CPS) has become an active research area in recent years. Autonomous micro-grid, an important component of smart grid and essentially a cyber-physical system, extends the attack surface and undermines system security. This paper proposes a game-theoretic approach to describe the plausible attack-defense dynami...
Article
Detecting malicious domain names generated by domain generation algorithms is critical for defending the network against sophisticated attacks. In the past decade, deep-learning-based detection schemes have proven to be the most effective. However, each of these schemes requires sufficient computation time, which makes it difficult for real-time on...
Preprint
Full-text available
Ambient backscatter communication has become a low-cost and green solution to next-generation Internet-of-Things (IoT). In this paper, we investigate a problem of wireless covert communication in backscatter communication system. The purpose of covert communication is to hide the process of communication and avoid being detected by eavesdropper. Co...
Article
Full-text available
With the development of wireless communication technology, more and more information leakage is realized through a wireless covert channel, which brings great challenges to the security of wireless communication. Compared with the wireless covert channel on the upper layer, the wireless covert channel based on the physical layer (WCC-P) has better...
Article
Full-text available
With the development of detection algorithms on malicious dynamic domain names, domain generation algorithms have developed to be more stealthy. The use of multiple elements for generating domains will lead to higher detection difficulty. To effectively improve the detection accuracy of algorithmically generated domain names based on multiple eleme...
Article
Software-defined networking (SDN) has become a promising trend for managing the industrial Internet of Things (IIoT) devices. As the core of sensitive data storage and business interaction, the SDN is vulnerable to advanced persistent threats (APT) attacks, while honeypots have shown great promise against APT attacks. In this paper, we propose a ne...
Article
With the rapid development of wireless communication technology, the openness of wireless communication makes it more likely to be threated by radio interception or even maliciously use. As a widely used way to exfiltrate information, the wireless covert channel brings a great threat to communication security. Compared with the wireless covert chan...
Article
Full-text available
Mobile malware poses a great challenge to mobile devices and mobile communication. With the explosive growth of mobile networks, it is significant to detect mobile malware for mobile security. Since most mobile malware relies on the networks to coordinate operations, steal information, or launch attacks, evading network monitor is difficult for the...
Article
Full-text available
Network management is facing a great challenge to analyze and identify encrypted network traffic with specific applications and protocols. A significant number of network users applying different encryption techniques to network applications and services to hide the true nature of the network communication. These challenges attract the network comm...
Article
Honeypot defense deployment is considered as a promising technology to protect the industrial Internet of Things (IIoT), especially Advanced Metering Infrastructure (AMI), threatened by cyber-attacks. AMI defensive effectiveness depends on the honeypot deployment of the small-scale electricity suppliers (SESs) in sharing defense data. However, sinc...
Article
Full-text available
To conceal the very existence of communication, the noise-based wireless covert channel modulates secret messages into artificial noise, which is added to the normal wireless signal. Although the state-of-the-art work based on constellation modulation has made the composite and legitimate signal undistinguishable, there exists an imperfection on re...
Chapter
Wireless covert channel by manipulating the distortions of signal in transmission is an important technique. The covert channels are undetectable by making artificial noise modulated from secret messages distribute as normal channel noise. Although the state-of-the-art work has excellent performance, the undetectability of the schemes for Multiple...
Article
Full-text available
The persistent emergence of new network applications, along with encrypted network communication, has make traffic analysis become a challenging issue in network management and cyberspace security. Currently, virtual private network (VPNs) has become one of the most popular encrypted communication services for bypassing censorship and guarantee rem...
Article
HTTP tunnels almost obscure the original contents and behaviors of network applications, which makes it challenging for the network management and cybersecurity equipment to identify the hidden network application behaviors. Many efficient detection schemes have been exploited for network application identification in prior works. However, the foll...
Article
DNS (Domain Name System) tunnels almost obscure the true network activities of users, which makes it challenging for the gateway or censorship equipment to identify malicious or unpermitted network behaviors. An efficient way to address this problem is to conduct a temporal‐spatial analysis on the tunnel traffic. Nevertheless, current studies on th...
Article
Full-text available
Distinguishing malicious domain names generated by various domain generation algorithms (DGA) is critical for defending a network against sophisticated network attacks. In recent years, stealthy domain generation algorithms (SDGA) have been proposed and revealed significantly stronger stealthiness comparing to the traditional character-based DGA. E...
Article
Full-text available
As one of the most critical infrastructure, the power grid has been increasingly threatened by network attacks, especially advanced persistent threats (APTs). APT in the power grid is a continual and stealthy attack that analyzes the interaction between the cyber layer and the physical layer. The existing offensive and defensive processes for power...
Article
Full-text available
With the increasingly fierce competition for marine resources, underwater acoustic communication as the main form of underwater communication, its security has received more and more attention. The traditional underwater acoustic communication technology with fixed frequency and modulation may cause information leakage and location exposure of the...
Article
Full-text available
AbstractA cyber‐physical system (CPS) is a new mechanism controlled or monitored by computer algorithms that intertwine physical and software components. Advanced persistent threats (APTs) represent stealthy, powerful, and well‐funded attacks against CPSs; they integrate physical processes and have recently become an active research area. Existing...
Article
Full-text available
With the rapid development of mobile internet and cloud computing, numerous digital me-dia files in mobile social networking and media sharing software have become the important carriers of steganography. However, these digital media files may be resampled by the media server when being pushed to the intelligent mobile terminals. The resampling of...
Article
Full-text available
Environmental sounds, everyday audio events that do not consist of music or speech data and are often more diverse and chaotic in their structure, have proven to be a promising type of carrier signals to carry out covert communication as they occur frequently in the natural environment, e.g., marine communication by mimicking dolphin or sea lion wh...
Article
Full-text available
In highly sophisticated network attacks, command-and-control (C&C) servers always use domain generation algorithms (DGAs) to dynamically produce several candidate domains instead of static hard-coded lists of IP addresses or domain names. Distinguishing the domains generated by DGAs from the legitimate ones is critical for finding out the existence...
Article
Full-text available
Cyber-physical system (CPS) is an advanced system that integrats physical processes, computation and communication resources. The security of cyber-physical systems has become an active research area in recent years. In this paper, we focus on defensive strategies against network attacks in CPS. We introduce both low- and high-interaction honeypots...
Article
Full-text available
Network flow watermarking (NFW) is an emerging flow correlation technique to deanonymize an anonymous communication system or detect stepping stones, in which a watermark is encoded into a network flow by manipulating some flow characteristics, predominantly by altering timing information. Although interval-based NFWs that employ time intervals as...
Article
Full-text available
Data confidentiality is the basically important concern for everyone in the digital era. In this paper, an image encryption scheme is proposed based on the recently discovered 4D4W hyperchaotic system. Initially, the hyperchaotic system is used to generate the S-Boxes and permutation index matrices. In the first stage of image encryption, the colum...
Chapter
As the existing DGA detection methods always don’t take into account the problem of word-based DGA method, this will make it invalid. In this paper, a detection method against the word-based DGA has been proposed. Firstly, the word-based DGA methods are analyzed and three type features that the word feature, part-of-speech feature and word correlat...
Chapter
As the main active traffic analysis method, network flow watermarking (NFW) has been proven effective for flow correlation in anonymous communication system or stepping stone detection. In various types of network flow watermarking schemes, the interval-based ones can achieve significant better capability of resisting network interference. However,...
Article
Full-text available
Rainstorms, insect swarms and galloping horses produce “sound textures,” which are the resulting natural sounds of many similar acoustic events. With new achievements emerging regularly for generative models, the deep convolutional neural network (CNN) has proven to be a tremendously successful approach for image and sound synthesis. Existing state...
Article
Full-text available
Wireless covert channel is an emerging covert communication technique which conceals the very existence of secret information in wireless signal including GSM, CDMA, and LTE. The secret message bits are always modulated into artificial noise superposed with cover signal, which is then demodulated with the shared codebook at the receiver. In this pa...
Conference Paper
Jitterbug is a typical delay-based covert timing channel and supplies reliable covert communication in a passive manner. The existing entropy-based detection scheme based on training samples may suffer from model mismatching, which results in detection performance deterioration. In this paper, a new detection method for Jitterbug based on partial e...
Conference Paper
As the most efficient matrix embedding scheme, syndrome-trellis codes (STCs) has been widely used in the field of data hiding, it is implemented based on syndrome trellis structure of convolutional codes and the Viterbi algorithm. In this paper, a new construction scheme of STCs is proposed based on a family of time-varying periodic convolutional c...
Article
Full-text available
Jitterbug is a passive network covert timing channel supplying reliable stealthy transmission. It is also the basic manner of some improved covert timing channels designed for higher undetectability. The existing entropy-based detection scheme based on training sample binning may suffer from model mismatching, which results in detection performance...
Article
As the detection methods of covert channels can provide a better way to detect the existence of advanced persistent threat, it has become a hot research topic in the field of network security. Although the existing methods can achieve feasible performance for detecting the JitterBug covert timing channel, they are ineffective when the covert timing...
Conference Paper
In image steganography, embedding data in texture image regions will cause less distortion than smooth ones. An efficient strategy to enhance the resistance capability to steganalysis is exploiting the texture image regions for steganography. In this paper, an adaptive image steganographic scheme based on pixel selection and syndrome-trellis codes...
Conference Paper
For tracing the anonymous communication, traditional passive manners based on source-destination addresses and flow correlatioin analysis is limited with the high-speed flow processing requirements, unreadable encrypted traffic and complicated flow processing in secure routing mechanism. Network flow watermarking as one of anonymous network tracing...
Conference Paper
Extracting packet signatures automatically and accurately are the foundation of traffic identification for most network monitoring and forensics application. The Apriori algorithm is a common and useful method to fulfill the task. For huge amount Internet traffic, the traditional Apriori algorithm, produce huge candidate itemsets and will occupy la...
Article
Full-text available
Piping isometric drawings, which feature their intrinsical topological relation rather than just geometrical shape, are important industrial art works in the field of Computer-Aided Design (CAD). This paper takes a fresh look at the topology integrity authentication of piping isometric drawings, which has not been mentioned before in the literature...
Article
Full-text available
The construction of S-boxes is crucial to the design of block ciphers. In this paper, the scheme for constructing S-boxes based on 3-D four-wing autonomous chaotic system is proposed. It can be used to batch-generating 8×8 S-boxes conveniently. With the analysis based on typical evaluation criteria including nonlinearity, differential uniformity, s...
Article
Network covert channel is a technology that transfers information secretly through the computer network. The length-based covert channel is one of the most popular covert channels. Most of the existing length-based schemes are vulnerable to detections due to the abnormal statistical features of the covert traffic. In this paper, a Skype-based lengt...
Article
Network covert timing channel embeds confidential information into the inter-packet delays of the network traffic generated by a legitimate application. The packets of carrier channel may be lost when the network is in congestion state. It would impact the confidential information transfer in the covert timing channel. In this paper, a novel scheme...
Article
With rapid development of multicast communication, multimedia share services have become one of the most important channels for steganography. In this paper, we extend traditional unicast steganography to multicast steganography, which is the covert communication of a single sender attempting to deliver different secret messages simultaneously to s...
Article
Matrix embedding schemes based on linear codes have been widely used in the field of steganography, which is an important branch of covert communication. Nevertheless, they appear weak for some conditions of high reliability demand or “active attack” because of the poor robustness. In this paper, with robustness analysis of matrix embedding based o...
Article
To improve the embedding efficiency of steganography, syndrome coding based on the coding theory has attracted many researchers’ attentions. In this paper, we make use of the relationship between syndrome coding for minimizing additive distortion and maximum likelihood decoding for linear codes to analyze the main parameters of convolutional codes...
Article
Network covert channel is a communication technique that utilizes the redundancies of the network to transfer secret information. With the appearances of various covert channels, how to evaluate their performance is becoming an urgent need. There are two main contributions in this paper, one is the model of network covert channel and the other is a...
Article
Network packet length covert channel modulates secret message bits onto the packet lengths to transmit secret messages. In this paper, a novel network packet length covert channel is proposed. The proposed scheme is based on the empirical distribution function of packet length series of legitimate traffic. Different from the existing schemes, the l...
Article
In this paper, an adaptive steganography algorithm based on block complexity and matrix embedding is proposed. The matrix embedding constructed by [8,3], [8,4] [8,5] [8,6] and [8,7] linear codes is taken as the basic embedding strategy. Each block with 2 × 4 pixels is used as a cover unit and its block complexity is computed by neighboring pixel di...
Article
Full-text available
Image splicing is an image editing method to copy a part of an image and paste it onto another image, and it is commonly followed by postprocessing such as local/global blurring, compression, and resizing. To detect this kind of forgery, the image rich models, a feature set successfully used in the steganalysis is evaluated on the splicing image da...
Article
Process plant models, which feature their intrinsical complex topological relation, are important industrial art works in the field of Computer-Aided Design (CAD). This paper investigates the topology authentication problem for process plant models. Compared with the widely studied watermarking based geometrical information protection and authentic...
Article
Network covert channel is a covert communication method by hiding covert messages into overt network packets. In recent years, with the development of various hiding methods, network covert channel has become a new kind of threat for network security. The covert channel that uses the redundancies existing in TCP protocol to make hiding is called TC...
Article
In this paper, a novel method is proposed to detect image splicing with artificial blurred boundary based on image edge analysis and blur detection. Different from existing algorithms, the image edges are divided into three types based on the coefficients of the non-subsampled contourlet transform. And, the six-dimensional feature of each edge poin...
Article
Network steganography is a covert communication technique that uses redundancies in network protocols to transfer secret information. The retransmission-based steganography (RSTEG) embeds covert messages into the payload field of the intentionally retransmission packets. So its capacity is higher than most of the existing methods. Because TCP check...
Conference Paper
Copy-move is a common used forgeries in digital image tampering. In this paper, a non block-matching based fast method to detect image copy-move forgery is proposed exploiting phase correlation. Results of experiments indicate that the proposed method is valid in detecting the image region duplication and quite robust to additive noise and blurring...
Conference Paper
Syndrome-trellis codes provide a flexible framework for adaptive steganography, but how to construct the proper distortion weight function is still a disturbing question. In this paper, we propose to use an exponential function based on the local complexity to define the risk caused by the data embedding. And the steganography based on the payload-...
Article
The existing covert timing channel detection methods are not always effective in the situation that the covert timing channels are used in the sparse embedding manner. In this paper, a new method to detect covert timing channel with sparse embedding is proposed. Firstly, the inter-packet delay series of normal network packets are modeled by the one...
Article
Network covert timing channel is a communication fashion that modifies the timing properties of network traffic to transfer secret information. It is designed to carry out the reliable and undetectable transmission. In this paper, a simple and secure covert timing channel method with distribution matching is proposed. The approach treats the networ...
Article
In this paper, an adaptive matrix embedding method is proposed for grayscale images. The 2×4 pixel block is taken as a cover unit. The local correlation of the block is used to determine the message bit amount and choose the corresponding matrix embedding strategy. The method can embed less in image parts with high local correlation and more in ima...
Article
Network steganography (referred to as network covert channel) is a covert communication technique that uses the redundancies of network protocol to transfer secret information. The retransmission steganography (RSTEG) is first proposed by Szczypiorski in 2009. It embeds secret information in the payload field of the retransmission packets which are...
Article
Region-duplication forgery is one of most common tampering artifices. Several methods have been developed to detect and locate the tampered region, while most methods do fail when the copied region is rotated before being pasted because of the de-synchronization in the searching procedure. To solve the problem, the paper proposes an efficient and r...
Article
As the advent and growing popularity of image rendering software, photorealistic computer graphics are becoming more and more perceptually indistinguishable from photographic images. If the faked images are abused, it may lead to potential social, legal or private consequences. To this end, it is very necessary and also challenging to find effectiv...
Article
In this paper, an adaptive matrix embedding method based on LSB matching is proposed for greyscale images. The adaption mechanism of the method is used to embed less message bits in regions with high local correlation and embed more in regions with low local correlation. The 2 × 4 pixel block is taken as a cover unit. The seven pixels of its neighb...
Article
In this paper, a secure content distribution scheme is proposed which transmits the multimedia content to users in a secure manner. In server side, the content is embedded by pseudorandom sequences (the customer's ID) and then encrypted by another pseudorandom sequence. In user side, the content is decrypted with the some sequence as the encryption...
Article
In this paper, a visible and removable watermarking scheme in JPEG compression is presented. In the scheme, a secure template is generated to modulate the embedding strength of watermark and host image, separately. The template generates different versions of watermarked images which can be seen visually the same, and the visible watermark can only...
Article
Tardos constructed the optimal probabilistic codes that are e-secure against c pirates have length and are full power of randomization. Many improved versions of Tardos’ codes are proposed to shorten its code length while they are still not used in multimedia content. In this paper, the multimedia content tracing scheme based on the Tardos’ fingerp...