About
249
Publications
105,143
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
9,841
Citations
Introduction
Skills and Expertise
Publications
Publications (249)
The use of transformers for vision tasks has challenged the traditional dominant role of convolutional neural networks (CNN) in computer vision (CV). For image classification tasks, Vision Transformer (ViT) effectively establishes spatial relationships between patches within images, directing attention to important areas for accurate predictions. H...
The rapid proliferation of Internet of Things (IoT) devices across multiple sectors has escalated serious network security concerns. This has prompted ongoing research in Machine Learning (ML)-based Intrusion Detection Systems (IDSs) for cyber-attack classification. Traditional ML models require data transmission from IoT devices to a centralized s...
Internet censorship is typically enforced by authorities to achieve information control for a certain group of Internet users. So far existing censorship studies have primarily focused on country-level characterization because (1) in many cases, censorship is enabled by governments with nationwide policies and (2) it is usually hard to control how...
Transparent web proxies have been widely deployed on the Internet, bridging the communications between clients and servers and providing desirable benefits to both sides, such as load balancing, security monitoring, and privacy enhancement. Meanwhile, they work silently as clients and servers may not be aware of their existence. However, due to the...
Unmanned Aerial Vehicle (UAV) deployment has risen rapidly in recent years. They are now used in a wide range of applications, from critical safety-of-life scenarios like nuclear power plant surveillance to entertainment and hobby applications. While the popularity of drones has grown lately, the associated intentional and unintentional security th...
For many applications, drones are required to operate entirely or partially autonomously. In order to fly completely or partially on their own, drones need to access location services for navigation commands. While using the Global Positioning System (GPS) is an obvious choice, GPS is not always available, can be spoofed or jammed, and is highly er...
The pursuit of high-accuracy localization without relying on the global positioning system (GPS) has gained significant interest in recent years. The deployment of autonomous vehicles (AVs) in diverse indoor applications exemplifies a prominent domain where the demand for a robust positioning system is evident. With the advancements in 5G and beyon...
Drones in many applications need the ability to fly fully or partially autonomously to accomplish their mission. To allow these fully/partially autonomous flights, first, the drone needs to be able to locate itself constantly. Then the navigation command signal would be generated and passed on to the controller unit of the drone. In this paper, we...
In many scenarios, unmanned aerial vehicles (UAVs), aka drones, need to have the capability of autonomous flight to carry out their missions successfully. In order to fly autonomously, drones need to know their location constantly. Then, based on their current position and the final destination, navigation commands will be generated and drones will...
Online reviews, which play a key role in the ecosystem of nowadays business, have been the primary source of consumer opinions. Due to their importance, professional review writing services are employed for paid reviews and even being exploited to conduct opinion spam. Posting deceptive reviews could mislead customers, yield significant benefits or...
Nowadays security vulnerability reports contain commercial vendor-centric information but fail to include accurate information of open-source software packages. Open-source ecosystems use package managers, such as Maven, NuGet, NPM, and Gem, to cover hundreds of thousands of free code packages. However, we uncover that vulnerability reports frequen...
It is challenging to conduct a large scale Internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of ground truth on the expected responses from legitimate services, previous studies typically require a heavy, unscalable manual inspec...
Open proxies provide free relay services and are widely used to anonymously browse the Internet, avoid geographic restrictions, and circumvent censorship. To shed light on the ecosystem of open proxies and characterize the behaviors of open proxies, we conduct a large-scale, comprehensive study on over 436 thousand identified proxies, including 104...
For many applications, drones are required to operate entirely or partially autonomously. To fly completely or partially on their own, drones need access to location services to get navigation commands. While using the Global Positioning System (GPS) is an obvious choice, GPS is not always available, can be spoofed or jammed, and is highly error-pr...
Drones in many applications need the ability to fly fully or partially autonomously to accomplish their mission. To allow these fully/partially autonomous flights, first, the drone needs to be able to locate itself constantly. Then the navigation command signal would be generated and passed on to the controller unit of the drone. In this paper, we...
In many scenarios, unmanned aerial vehicles (UAVs), aka drones, need to have the capability of autonomous flying to carry out their mission successfully. In order to allow these autonomous flights, drones need to know their location constantly. Then, based on the current position and the final destination, navigation commands will be generated and...
Nowadays, various Internet-of-Things (IoT) devices, such as routers, webcams, and network printers, have been deployed across the Internet. For security and management purposes, it is important to accurately fingerprint IoT devices. In this work, we build a first benchmark called DevTag (IoT Device Tagging) for fingerprinting IoT devices. Specifica...
It is challenging to conduct a large scale Internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of ground truth on the expected responses from legitimate services, previous studies typically require a heavy, unscalable manual inspec...
Navigating in environments where the GPS signal is unavailable, weak, purposefully blocked, or spoofed has become crucial for a wide range of applications. A prime example is autonomous navigation for drones in indoor environments: to fly fully or partially autonomously, drones demand accurate and frequent updates of their locations. This paper pro...
There has been a rapid growth in the deployment of Unmanned Aerial Vehicles (UAVs) in various applications ranging from vital safety-of-life such as surveillance and reconnaissance at nuclear power plants to entertainment and hobby applications. While popular, drones can pose serious security threats that can be unintentional or intentional. Thus,...
An increasing number of embedded devices are connecting to the Internet, ranging from cameras, routers to printers, while an adversary can exploit security flaws already known to compromise those devices. Security patches are usually associated with the device firmware, which relies on the device vendors and products. Due to compatibility and relea...
Search Engine Optimization (SEO) is a set of techniques that help website operators increase the visibility of their webpages to search engine users. However, there are also many unethical practices that abuse ranking algorithms of a search engine to promote illegal online content, called blackhat SEO. In this paper, we make the first attempt to sy...
IP-based geolocation is essential for various location-aware Internet applications, such as online advertisement, content delivery, and online fraud prevention. Achieving accurate geolocation enormously relies on the number of high-quality (i.e., the fine-grained and stable over time) landmarks. However, the previous efforts of garnering landmarks...
Online reviews play a crucial role in the ecosystem of nowadays business (especially e-commerce platforms), and have become the primary source of consumer opinions. To manipulate consumers’ opinions, some sellers of e-commerce platforms outsource opinion spamming with incentives (e.g., free products) in exchange for incentivized reviews. As incenti...
Online reviews play a crucial role in the ecosystem of e-commerce business. To manipulate consumers’ opinions, some sellers of e-commerce platforms outsource opinion spamming with incentives (e.g., free products) in exchange for incentivized reviews. As incentives, by nature, are likely to drive more biased reviews or even fake reviews. Despite e-c...
Given the central role of webcams in monitoring physical surroundings, it behooves the research community to understand the characteristics of webcams' distribution and their privacy/security implications. In this paper, we conduct the first systematic study on live webcams from both aggregation sites and individual webcams (webpages/IP hosts). We...
Given the central role of webcams in monitoring physical surroundings, it behooves the research community tounderstand the characteristics of webcams’ distribution and their privacy/security implications. In this paper,we conduct the first systematic study on live webcams from both aggregation sites and individual webcams(webpages/IP hosts). We pro...
Live migration of Virtual machines (VMs) has become a regular tool for edge and cloud operators to facilitate system maintenance, fault tolerance, and load balancing, with little impact on running instances. However, the potential security risks of live migration of VMs are still obscure. In this article, we expose a new vulnerability in the existi...
Account recovery (usually through a password reset) on many websites has mainly relied on accessibility to a registered email, due to its favorable deployability and usability. However, it makes a user's online accounts vulnerable to a single point of failure when the registered email account is compromised. While previous research focuses on stren...
Data centers have been growing rapidly in recent years to meet the surging demand of cloud services. However, the expanding scale and powerful servers generate a great amount of heat, resulting in significant cooling costs. A trend in modern data centers is to raise the temperature and maintain all servers in a relatively hot environment. While thi...
The popularity of online gambling could bring negative social impact, and many countries ban or restrict online gambling. Taking China for example, online gambling violates Chinese laws and hence is illegal. However, illegal online gambling websites are still thriving despite strict restrictions, since they are able to make tremendous illicit profi...
DNS over TLS (DoT) protects the confidentiality and integrity of DNS communication by encrypting DNS messages transmitted between users and resolvers. In recent years, DoT has been deployed by popular recursive resolvers like Cloudflare and Google. While DoT is supposed to prevent on-path adversaries from learning and tampering with victims' DNS re...
Recommender systems have been increasingly used in a variety of web services, providing a list of recommended items in which a user may have an interest. While important, recommender systems are vulnerable to various malicious attacks. In this paper, we study a new security vulnerability in recommender systems caused by
web injection
, through wh...
In a world where artificial intelligence is one of the greatest assets, unmanned operations seem to be the future. The world of cybersecurity is witness to numerous system break-ins for the purpose of gaining access. One of the ways to gain access to systems is fulfilled by authentication, the process where an entity verifies who he or she claims t...
Anycast has been widely adopted by today’s Internet services, including DNS, CDN, and DDoS protection, in which the same IP address is announced from distributed locations and clients are directed to the topologically-nearest service replica. Prior research has focused on various aspects of anycast, either its usage in particular services such as D...
Container technology provides a lightweight operating system level virtual hosting environment. Its emergence profoundly changes the development and deployment paradigms of multi-tier distributed applications. However, due to the incomplete implementation of system resource isolation mechanisms in the Linux kernel, some security concerns still exis...
Applications in C/C++ are notoriously prone to memory corruptions. With significant research efforts devoted to this area of study, the security threats posed by previously popular vulnerabilities, such as stack and heap overflows, are not as serious as before. Instead, we have seen the meteoric rise of attacks exploiting use-after-free (UaF) vulne...
The success of Content Delivery Networks (CDNs) relies on the mapping system that leverages dynamically generated DNS records to distribute client requests to a proximal server for achieving optimal content delivery. However, the mapping system is vulnerable to malicious hijacks, as (1) it is difficult to provide pre-computed DNSSEC signatures for...
The rapidly increasing landscape of Internet-of-Thing (IoT) devices has introduced significant technical challenges for their management and security, as these IoT devices in the wild are from different device types, vendors , and product models. The discovery of IoT devices is the prerequisite to characterize, monitor, and protect these devices. H...
A certain amount of web traffic is attributed to web bots on the Internet. Web bot traffic has raised serious concerns among website operators, because they usually consume considerable resources at web servers, resulting in high workloads and longer response time, while not bringing in any profit. Even worse, the content of the pages it crawled mi...
In a virtualized environment, it is not difficult to retrieve guest OS information from its hypervisor. However, it is very challenging to retrieve information in the reverse direction, i.e., retrieve the hypervisor information from within a guest OS, which remains an open problem and has not yet been comprehensively studied before. In this paper,...
Industrial control system (ICS) devices play a crucial role in critical infrastructures, such as power grid. In recent years, numerous ICS devices are accessible on the Internet, resulting in potential security issues. However, there is a lack of deep understanding of these devices’ characteristics in the cyberspace. In this paper, we take the firs...