Jianfeng Ma

• Lanzhou University of Technology

Composites of MIL-101(Fe)/CoFe2O4 were prepared by a simple solvothermal approach and these composites were explored for tetracycline (TC) degradation by using light and persulfate (PS). MIL-101(Fe)/CoFe2O4 catalyst showed superior catalytic performance when combined with photocatalysis and chemical catalysis. Experimental results suggest that the...

In recent years, mobile ransomware attacks have become increasingly prevalent, especially in Android systems. Android ransomware extorts users by maliciously locking infected devices or encrypting user files on the devices. To address this problem, we propose RansomSentry , a runtime detection system with compiler-based instrumentation against both...

Electronic Medical Records (EMR) are the essential sensitive personal data that is shared between patients and doctors through the semi-trusted E-health cloud. In the real application, Multi-Authority Ciphertext-Policy Attribute-Based Searchable Encryption (MA-CP-ABSE) is suitable to protect the security of the EMR for it possesses fine-grained acc...

Vehicular platoon, a cutting-edge technology in the realm of intelligent transportation systems, holds the promise of transforming vehicle operations on roadways. By fostering seamless communication among vehicles and leveraging advanced automation, vehicular platoon enables vehicles to travel closely together, thereby reducing aerodynamic drag, op...

FL is vulnerable to model poisoning attacks due to the invisibility of local data and the decentralized nature of FL training. The adversary attempts to maliciously manipulate local model gradients to compromise the global model ( i.e. , victim model). Commonly-studied model poisoning attacks heavily depend on accessing additional knowledge, such a...

Manufacturers offer adjustable control parameters for flight control systems to accommodate diverse environments and missions. To ensure flight safety, they also develop established boundaries, i.e., range specifications for parameter values. However, even when the configuration parameters fall within the prescribed manufacturer range, they could s...

Recent studies emphasize the serious threat posed by backdoor attacks when training deep models on data from untrustworthy sources. Despite the emergence of various backdoor attack paradigms, the patch-based approach stands out as the most sought-after and effective method of poisoning. However, current defenses against such attacks often exhibit r...

The prerequisite for implementing incentive mechanisms and reliable participant selection schemes in federated learning is to obtain the contribution of each participant. Available evaluation methods for participant contributions require the server to possess a test dataset, often impractical. Additionally, the excessively high complexity of these...

Cloud storage has become prevalent in Internet of Things (IoT) systems, attributed to its robust storage capabilities and user convenience. However, the cloud-based storage model, which separates data ownership from management, introduces integrity challenges due to the vulnerability of data to tampering. To address the risk of data loss and ensure...

Privacy preservation are becoming increasingly significant in machine learning, with recent privacy regulations requiring the deletion of personal data and its impact on models. Although erasing data from storage is simple, removing the influence of data on models remains a challenge. Federated unlearning is an emerging paradigm that aims to forget...

Delegation Learning(DL) flourishes data sharing, enabling agents to delegate data to the cloud for model training. To preserve privacy, homomorphic encryption (HE) offers an effective solution for privacy-preserving machine learning (PPML) in delegation learning, yet faces critical challenges in functionality (non-linear activation support), practi...

Delegation learning is indeed a prevalent approach in privacy-preserving machine learning (PPML), especially when dealing with big data. It specifically involves data owners delegating their data to servers with computational capabilities for training and inference. These servers provide services on a pay-per-use basis. The essence of delegation le...

The widespread use of machine learning in location-related scenarios is propelling the rapid development of intelligent transportation. To assist users in making more informed travel plans, the demand for improving prediction accuracy is growing. Prior to model training, data cleaning is a common method used to eliminate redundant, erroneous and ou...

Unsupervised sentence representation learning remains a critical challenge in modern natural language processing (NLP) research. Recently, contrastive learning techniques have achieved significant success in addressing this issue by effectively capturing textual semantics. Many such approaches prioritize the optimization using negative samples. In...

Blockchain sharding has emerged as a promising solution to the scalability challenges in traditional blockchain systems by partitioning the network into smaller, manageable subsets called shards. Despite its potential, existing sharding solutions face significant limitations in handling dynamic workloads, ensuring secure cross-shard transactions, a...

The rapid expansion of Internet of Things (IoT) has resulted in vast, heterogeneous graphs that capture complex interactions among devices, sensors, and systems. Efficient analysis of these graphs is critical for deriving insights in IoT scenarios such as smart cities, industrial IoT, and intelligent transportation systems. However, the scale and d...

Configurations are supported by most flight control systems, allowing users to control a flying drone adapted to complexities such as environmental changes or mission alterations. Such an advanced functionality also introduces a significant problem - misconfiguration settings. It may cause drone instability, threaten drone safety, and potentially l...

Multisource Private Label Propagation (MPLP) is designed for different organizations to collaboratively predict labels of unlabeled nodes through iterative propagation and label updates without revealing sensitive information. Aside from the privacy of the origin data, in some statistical prediction services, it is only needed to learn about the st...

Advanced Persistent Threats (APTs) represent sophisticated cyberattacks characterized by their ability to remain undetected within the victim system for extended periods, aiming to exfiltrate sensitive data or disrupt operations. Existing detection approaches often struggle to effectively identify these complex threats, construct the attack chain f...

Internet of Vehicles (IoVs) is increasingly used as a medium to propagate critical information via establishing connections between entities such as vehicles and infrastructures. During message transmission, privacy-preserving authentication is considered the first line of defence against attackers and malicious information. To achieve a more secur...

Simulation is a vital method to test autonomous vehicle software. It provides a low-cost and convenient virtual environment to verify the control program of autonomous vehicles. However, to deploy simulation, the vehicle software must either have built-in adaptability or undergo the source code level modification to adapt to simulators. Unfortunate...

The Proactive Recovery (PR) mechanism in Software-Defined Networking (SDN) provides good failure recovery resilience for the Beyond Fifth-Generation/Sixth-Generation (B5G/6G) delay-sensitive applications. However, PR’s fixed single backup path policy for any flow and fine-grained backup forwarding rule configuration poses severe challenges for post...

Smart homes provide various services that serve people using AI (artificial intelligence) models. In order to meet the changing demands, devices in smart homes independently collect or passively receive data for model (re)training. However, backdoor attackers could inject backdoor samples into the training data set, thus controlling the behavior of...

Link prediction is a network analysis model used to discover missing links or future relationships that may appear, which has been widely used in many real network systems to predict the potential relationship between two individuals. However, link prediction can also be used by attackers to identify sensitive links that users are unwilling to expo...

The adoption of SDN/NFV opens avenues for efficient network slicing deployment and cost control. However, the dynamic cost reduction brought by deployment location optimization is not suitable for all scenarios. To further reduce the cost, we recommend a sharing strategy in NFV. In this paper, we introduce a two-layer VNF multiplexing architecture,...

Incentive plays an important role in mobile crowdsensing (MCS), as it impels mobile users to participate in sensing tasks and provide high-quality sensing data. However, considering the privacy (including identity privacy, sensing data privacy, and reputation value privacy) and practicality (including reliability, quality awareness, and efficiency)...

Developers and manufacturers provide configurable control parameters for flight control programs to support various environments and missions, along with suggested ranges for these parameters to ensure flight safety. However, this flexible mechanism can also introduce a vulnerability known as range specification bugs. The vulnerability originates f...

With the development of IoT applications, machine learning dramatically improves the utility of variable IoT systems such as autonomous driving. Although the pretrain-finetune framework can cope well with data heterogeneity in complex IoT scenarios, the data collected by sensors often contain unexpected noisy data, e.g., out-of-distribution (OOD) d...

Boolean Searchable Symmetric Encryption (BSSE) enables users to perform retrieval operations on the encrypted data while supporting complex query capabilities. This paper focuses on addressing the storage overhead and privacy concerns associated with existing BSSE schemes. While Patel et al. (ASIACRYPT’21) and Bag et al. (PETS’23) introduced BSSE s...

OS-level virtualization (a.k.a. container) has become a fundamental technology in cloud computing due to the efficiency provided by the shared-kernel design. However, this design results in containers sharing thousands of kernel variables and data structures (termed abstract resources ), which are prevalent but under-protected. Without exploiting...

The backdoor attack has emerged as a prevalent threat that affects the effectiveness of machine learning models in intelligent vehicles. While such attacks may not impair the normal performance of the trained model, they can be exploited by malicious entities to manipulate model inferences, resulting in serious problems. In this paper, we design a...

With the rapid development of mobile apps, developers tend to implement a variety of functionalities to support users' demands. Thus, they involve the usage of native libraries to fulfill the luxuriant functionalities and maintain fast system responses, instead of using a unitary programming language (i.e., Java). Nonetheless, such an inter-languag...

Privacy-preserving range query, which allows the server to implement secure and efficient range query on encrypted data, has been widely studied in recent years. Existing privacy-preserving range query schemes can realize effective range query, but usually suffer from the low efficiency and security. In order to solve the above issues, we propose a...

The rapid expansion of Internet of Things (IoT) has resulted in vast, heterogeneous graphs that capture complex interactions among devices, sensors, and systems. Efficient analysis of these graphs is critical for deriving insights in IoT scenarios such as smart cities, industrial IoT, and intelligent transportation systems. However, the scale and d...

Blockchain sharding has emerged as a promising solution to the scalability challenges in traditional blockchain systems by partitioning the network into smaller, manageable subsets called shards. Despite its potential, existing sharding solutions face significant limitations in handling dynamic workloads, ensuring secure cross-shard transactions, a...

The rapid growth of IoT technology has heightened the requirement for effective data management and analysis. Knowledge graphs (KGs) and large pre-trained language models (LLMs) play crucial roles in this scenario: KGs offer structured data management, while LLMs enhance data feature analysis. However, as data privacy concerns escalate, IoT machine...

Link prediction is a network analysis model used to discover missing links or future relationships that may appear, which has been widely used in many real network systems to predict the potential relationship between two individuals. However, link prediction can also be used by attackers to identify sensitive links that users are unwilling to expo...

Getting access to labeled datasets in certain sensitive application domains can be challenging. Hence, one may resort to transfer learning to transfer knowledge learned from a source domain with sufficient labeled data to a target domain with limited labeled data. However, most existing transfer learning techniques only focus on one-way transfer wh...

In mobile crowdsensing (MCS), truth discovery (TD) plays an important role in sensing task completion. Most of the existing studies focus on the privacy preservation of mobile users, and the reliability of mobile users is evaluated by their weights which are calculated based on the submitted sensing data. However, if mobile users are unreliable, th...

To achieve the search over encrypted data in cloud server, Searchable Encryption (SE) has attracted extensive attention from both academic and industrial fields. The existing Bloom filter-based SE schemes can achieve similarity search, but will generally incur high false positive rates, and even leak the privacy of values in Bloom filters (BF). To...

Cloud computing, which provides a brand-new service model, has become an important infrastructure in the information age, and has been widely used in numerous fields. The Key-Policy Attribute-Based Encryption (KP-ABE) scheme allows the encrypted data with fine-grained access control in the cloud environment. However, achieving large-scale user revo...

Due to the distributed collaboration and privacy protection features, federated learning is a promising technology to perform the model training in virtual twins of Digital Twin for Mobile Networks (DTMN). In order to enhance the reliability of the model, it is always expected that the users involved in federated learning have trustworthy behaviors...

In machine learning (ML), the massive data processing and dense computations based on matrices make outsourced inference computation a growing trend. The unreliability of cloud platforms makes privacy protection and inference correctness increasingly important in outsourced computations. Unfortunately, current works cannot provide an effective veri...

Outsourcing data to the cloud has become prevalent, so Searchable Symmetric Encryption (SSE), one of the methods for protecting outsourced data, has arisen widespread interest. Moreover, many novel technologies and theories have emerged, especially for the attacks on SSE and privacy-preserving. But most surveys related to SSE concentrate on one asp...

In the context of real-world secure outsourced computations, private data alignment has been always the essential preprocessing step. However, current private data alignment schemes, mainly circuit-based, suffer from high communication overhead and often need to transfer potentially gigabytes of data. In this paper, we propose a lightweight private...

Mobile crowdsensing (MCS) is widely applied in vehicular networks where several sensing vehicles complete the same sensing task. Recently, the privacy and reliability of sensing vehicles have aroused extensive attention of researchers in academia. Although the majority of existing schemes have achieved anonymous authentication with large computatio...

With the development of Industrial Internet of Things (IIoT) and 5G, massive data are easily collected and transmitted in cloud. Therefore, it is critical to guarantee the security of data sharing. In IIoT applications, the users of a group are in hierarchical structure and they intend to access data by external groups, which requires fine-grained...

With the rapid deployment of storage services, secure and efficient user authorization and revocation data shared through the cloud have become a grand challenge hindering cloud data applications. When previous direct and indirect user revocation schemes implemented large-scale user revocation, they faced heavy communication and computational costs...

Developing an efficient and stable monolithic catalyst is the key to remove organic pollutants from water. Herein, Cu doped CoCO3 was successfully loaded on metal foam nickel (NF) via a solvothermal process for the first time, which exhibited excellent performance for tetracycline (TTC) elimination. The effects of experimental conditions, including...

As a popular platform-independent language, Java is widely used in enterprise applications. In the past few years, language vulnerabilities exploited by Java malware have become increasingly prevalent, which cause threats for multi-platform. Security researchers continuously propose various approaches for fighting against Java malware programs. The...

Advanced Persistent Threats (APTs) employ sophisticated and covert tactics to infiltrate target systems, leading to increased vulnerability and an elevated risk of exposure. Consequently, it is essential for us to proactively create an extensive and clearly outlined attack chain for APTs in order to effectively combat these threats. Unlike traditio...

The emergence of edge computing guarantees the combination of the Internet of Things (IoT) and artificial intelligence (AI). The vertical federated learning (VFL) framework, usually deployed by split learning, can analyze and integrate information on different features collected by different terminals in the IoT. The complete model is divided into...

The surging interest in cryptocurrency has revitalized the research for digital signature schemes with strong security. In particular, signature schemes are investigated to resist the malleability attacks in cryptocurrency platforms. However, existing signature schemes only conquer partial malleability attacks due to various sources of attacks. Oth...

When enjoying mobile crowdsensing (MCS), it is vital to evaluate the trustworthiness of mobile users (MUs) without disclosing their sensitive information. However, the existing schemes ignore this requirement in the multiple crowdsourcers (CSs) scenario. The lack of a credible sharing about MUs' trustworthiness results in an inaccurate trust evalua...

GPS-enabled Internet of Things devices, which can obtain the location and temporal information of installed objects to promote Location Based Service, are completely changing our lives. In recent years, the confidentiality and privacy of personal data have attracted widespread attention, especially when outsourcing to third-party providers. To achi...

Federated Learning (FL) suffers from low convergence and significant accuracy loss due to local biases caused by non-Independent and Identically Distributed (non-IID) data. To enhance the non-IID FL performance, a straightforward idea is to leverage the Generative Adversarial Network (GAN) to mitigate local biases using synthesized samples. Unfortu...

Authentication and cryptography are critical security functions and, thus, are very often included as part of code. These functions require using credentials, such as passwords, security tokens, and cryptographic keys. However, developers often incorrectly implement/use credentials in their code because of a lack of secure coding skills. This paper...

Vehicular networks have huge potential to enhance road safety, improve traffic efficiency, reduce energy consumption, and decrease pollution emission. However, only relying on ground segment is unable to provide satisfactory wireless communication services for vehicles at any time and any where. The emergence of the 6th Generation (6G) fully achiev...

Vehicular networks have huge potential to improve road safety and traffic efficiency, especially in the context of large models. Cloud computing can significantly improve the performance of vehicular networks, and the concept of cloud-assisted vehicular networks comes into being. Reputation management plays a crucial role in vehicular networks, sin...

Platoon refers to a group of vehicles traveling in a train-like strategy with a lean inter-vehicle gap, which can increase road capacity and reduce energy consumption. A platoon is composed of several member vehicles and one leader vehicle which determines the driving pattern of the platoon. Therefore, it is crucial to select a vehicle with the hig...

Recent substitute training methods have utilized the concept of Generative Adversarial Networks (GANs) to implement data-free black-box attacks. Specifically, in designing the generators, the substitute training methods use a similar structure to the generators in GANs. However, this design approach ignores the potential situation that the generato...

Random forest is one of the most heated machine learning tools in a wide range of industrial scenarios. Recently, federated learning enables efficient distributed machine learning without direct revealing of private participant data. In this article, we present a novel framework of federated random forest (RevFRF), and further emphatically discuss...

Worker selection in crowdsensing plays an important role in the quality control of sensing services. The majority of existing studies on worker selection were largely dependent on a trusted centralized server, which might suffer from single point of failure, the lack of transparency and so on. Some works recently proposed blockchain-based crowdsens...