Shujun Li

Shujun Li
University of Kent | KENT · School of Computing

BE (1997), PhD (2003)

About

201
Publications
43,366
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
7,486
Citations
Additional affiliations
September 2011 - present
University of Surrey
Position
  • Senior Lecturer (Associate Professor)
Description
  • This is of course not a teaching post, but a normal academic one with both teaching and research duties.
September 2011 - March 2016
University of Surrey
Position
  • Senior Lecturer (Associate Professor)
July 2008 - August 2011
Universität Konstanz
Position
  • Secure Multimedia Computing
Description
  • Zukunftskolleg Fellow (Junior Group Leader)
Education
March 1999 - September 2003
Xi'an Jiaotong University
Field of study
  • Information and Communication Engineering
September 1997 - February 1999
Xi'an Jiaotong University
Field of study
  • Electromagnetic Measurement and Devices
September 1993 - July 1997
Xi'an Jiaotong University
Field of study
  • Information Science and Engineering

Publications

Publications (201)
Preprint
Full-text available
The application of Federated Learning (FL) is steadily increasing, especially in privacy-aware applications, such as healthcare. However, its applications have been limited by security concerns due to various adversarial attacks, such as poisoning attacks (model and data poisoning). Such attacks attempt to poison the local models and data to manipu...
Preprint
Full-text available
The Internet of Things (IoT) is increasingly present in many family homes, yet it is unclear precisely how well families understand the cyber security threats and risks of using such devices, and how possible it is for them to educate themselves on these topics. Using a survey of 553 parents and interviews with 25 families in the UK, we find that f...
Preprint
Full-text available
Current research on users` perspectives of cyber security and privacy related to traditional and smart devices at home is very active, but the focus is often more on specific modern devices such as mobile and smart IoT devices in a home context. In addition, most were based on smaller-scale empirical studies such as online surveys and interviews. W...
Preprint
Full-text available
Recently, there has been a rise in the development of powerful pre-trained natural language models, including GPT-2, Grover, and XLM. These models have shown state-of-the-art capabilities towards a variety of different NLP tasks, including question answering, content summarisation, and text generation. Alongside this, there have been many studies f...
Article
Full-text available
In today's highly connected cyber‐physical world, people are constantly disclosing personal and sensitive data to different organizations and other people through the use of online and physical services. This is because sharing personal information can bring various benefits for themselves and others. However, data disclosure activities can lead to...
Article
Full-text available
INTRODUCTION: Many online services use data-sharing nudges to solicit personal data from their customers for personalized services. OBJECTIVES: This study aims to study people’s privacy preferences in sharing different types of personal data under different nudging conditions, how digital nudging can change their data sharing willingness, and if p...
Preprint
This study considers how well an autoethnographic diary study helps as a method to explore why families might struggle in the application of strong and cohesive cyber security measures within the smart home. Combining two human-computer interaction (HCI) research methods - the relatively unstructured process of autoethnography and the more structur...
Chapter
Full-text available
The main purpose of a healthcare support system is to provide %timely and accurate information to clinicians, patients, and others to inform decisions about healthcare. Healthcare support systems can potentially lower costs, improve efficiency, and reduce patient inconvenience. For example, Healthcare support systems can help by alerting clinicians...
Article
Full-text available
Deep learning plays a vital role in classifying different arrhythmias using electrocardiography (ECG) data. Nevertheless, training deep learning models normally requires a large amount of data and can lead to privacy concerns. Unfortunately, a large amount of healthcare data cannot be easily collected from a single silo. Additionally, deep learning...
Preprint
Full-text available
Human Activity Recognition (HAR) has been a challenging problem yet it needs to be solved. It will mainly be used for eldercare and healthcare as an assistive technology when ensemble with other technologies like Internet of Things(IoT). HAR can be achieved with the help of sensors, smartphones or images. Deep neural network techniques like artific...
Article
Full-text available
Objective Digital nudging has been mooted as a tool to alter user privacy behavior. However, empirical studies on digital nudging have yielded divergent results: while some studies found nudging to be highly effective, other studies found no such effects. Furthermore, previous studies employed a wide range of digital nudges, making it difficult to...
Preprint
Full-text available
As users increasingly introduce Internet-connected devices into their homes, having access to accurate and relevant cyber security information is a fundamental means of ensuring safe use. Given the paucity of information provided with many devices at the time of purchase, this paper engages in a critical study of the type of advice that home Intern...
Preprint
Full-text available
Recently, there had been little notable activity from the once prominent hacktivist group, Anonymous. The group, responsible for activist-based cyber attacks on major businesses and governments, appeared to have fragmented after key members were arrested in 2013. In response to the major Black Lives Matter (BLM) protests that occurred after the kil...
Chapter
As users increasingly introduce Internet-connected devices into their homes, having access to accurate and relevant cyber security information is a fundamental means of ensuring safe use. Given the paucity of information provided with many devices at the time of purchase, this paper engages in a critical study of the type of advice that home Intern...
Article
Full-text available
To improve the imperceptibility without decreasing the steganographic capacity when steganography by a modification to an audio is carried out, this paper proposes an optimal matching path algorithm to reduce the modification to achieve it. A steganography operation unit is defined, which is composed of every N consecutive audio frames and each fra...
Preprint
Full-text available
Deep learning play a vital role in classifying different arrhythmias using the electrocardiography (ECG) data. Nevertheless, training deep learning models normally requires a large amount of data and it can lead to privacy concerns. Unfortunately, a large amount of healthcare data cannot be easily collected from a single silo. Additionally, deep le...
Preprint
Full-text available
Emojis have established themselves as a popular means of communication in online messaging. Despite the apparent ubiquity in these image-based tokens, however, interpretation and ambiguity may allow for unique uses of emojis to appear. In this paper, we present the first examination of emoji usage by hacktivist groups via a study of the Anonymous c...
Article
Full-text available
Cognitive modeling tools have been widely used by researchers and practitioners to help design, evaluate, and study computer user interfaces (UIs). Despite their usefulness, large-scale modeling tasks can still be very challenging due to the amount of manual work needed. To address this scalability challenge, we propose CogTool+, a new cognitive mo...
Conference Paper
Unanticipated accumulation and dissemination of accurate location information flows is the latest iteration of the privacy debate. This mixed-methods research contributes a grounded understanding of risk perceptions, enablers and barriers to privacy preserving behaviour in a cyber-physical environment. We conducted the first representative survey o...
Chapter
Histogram-based watermarking schemes are invariant to pixel permutations and can thus be combined with permutation-based ciphers to form a commutative watermarking-encryption scheme. In this chapter, the authors demonstrate the feasibility of this approach for audio data and still image data. Typical histogram-based watermarking schemes based on co...
Book
This two-volume set LNICST 398 and 399 constitutes the post-conference proceedings of the 17th International Conference on Security and Privacy in Communication Networks, SecureComm 2021, held in September 2021. Due to COVID-19 pandemic the conference was held virtually. The 56 full papers were carefully reviewed and selected from 143 submissions....
Book
This two-volume set LNICST 398 and 399 constitutes the post-conference proceedings of the 17th International Conference on Security and Privacy in Communication Networks, SecureComm 2021, held in September 2021. Due to COVID-19 pandemic the conference was held virtually. The 56 full papers were carefully reviewed and selected from 143 submissions....
Chapter
Benchmarking digital watermarking algorithms is not an easy task because different applications of digital watermarking often have very different sets of requirements and trade-offs between conflicting requirements. While there have been some general-purpose digital watermarking benchmarking systems available, they normally do not support complicat...
Article
Many web-based attacks have been studied to understand how web hackers behave, but web site defacement attacks (malicious content manipulations of victim web sites) and defacers’ behaviors have received less attention from researchers. This paper fills this research gap via a computational data-driven analysis of a public database of defacers and d...
Book
Cognitive models and software tools have been widely used for both research and commercial purposes. Although they have proved very useful, there are some limitations preventing large-scale modeling and simulation tasks to be carried out efficiently and effectively. In this book, we aim to provide readers with a systematic overview of state-of-the-...
Chapter
This chapter presents a proposed conceptual framework to address the issues and challenges of large-scale cognitive modeling. UI/UX designers are considered as the main target users of the framework with additional support from computer programmers and psychologists. The framework has the following features: (1) it supports high-level parameterizat...
Chapter
As demonstrated in previous chapters, human cognitive modeling techniques and related software tools have been widely used by researchers and practitioners to evaluate user interface (UI) designs and related human performance. However, for a system involving a relatively complicated UI, it could be difficult to build a cognitive model that accurate...
Chapter
A large number of cognitive models have been developed and widely used in the HCI domain. GOMS (Gray et al (1993) Hum Comput Interact 8(3):237–309; John and Kieras (1996) ACM Trans Comput-Hum Interact 3(4):320–351) is one of the well-established models for predicting human performance and facilitating UI design. As mentioned in Chap. 10.1007/978-3-...
Chapter
This chapter presents a brief overview of theories and concepts that ar some well-established and widely used cognitive architectures, such as ACT-R (Anderson et al (2004) Psychol Rev 111(4):1036–1060; Anderson (2007) How can the human mind occur in the physical universe? Oxford series on cognitive models and architectures. Oxford University Press,...
Chapter
This book reviews and explores the applications and implications of cognitive models and related software modeling tools in the HCI field and a particular application area – cyber security. To facilitate the modeling process, the incorporation of human behavioral data (i.e., eye tracking data) is also introduced in this book. In addition, by addres...
Chapter
In this chapter, we demonstrate and evaluate the effectiveness and usefulness of the developed software prototype CogTool+. In particular, we present our work of using CogTool+ to model three existing systems. The first system is an observer-resistant password system called Undercover; the second one is a 6-digit PIN entry system, and the third one...
Conference Paper
Full-text available
After the European Union’s new General Data Protection Regulation (GDPR) became applicable in May 2018, concerns about the legal compliance of public blockchain systems with rights guaranteed by GDPR have emerged, e.g., on the "right to be forgotten". In order to better understand how the blockchain sector sees the challenges raised by GDPR and how...
Preprint
The hacktivist group Anonymous is unusual in its public-facing nature. Unlike other cybercriminal groups, which rely on secrecy and privacy for protection, Anonymous is prevalent on the social media site, Twitter. In this paper we re-examine some key findings reported in previous small-scale qualitative studies of the group using a large-scale comp...
Conference Paper
The hacktivist group Anonymous is unusual in its public-facing nature. Unlike other cybercriminal groups, which rely on secrecy and privacy for protection, Anonymous is prevalent on the social media site, Twitter. In this paper we reexamine some key findings reported in previous small-scale qualitative studies of the group using a large-scale compu...
Article
CAPTCHAs are security mechanisms that try to prevent automated abuse of computer services. Many CAPTCHAs have been proposed but most have known security flaws against advanced attacks. In order to avoid a kind of oracle attacks in which the attacker learns about ground truth labels via active interactions with the CAPTCHA service as an oracle, Kwon...
Conference Paper
Full-text available
In today's highly connected cyber-physical world, people are constantly disclosing personal and sensitive data to different organizations and other people through the use of online and physical services. Such data disclosure activities can lead to unexpected privacy issues. However, there is a general lack of tools that help to improve users' aware...
Book
This book constitutes the refereed post-conference proceedings of the Interdisciplinary Workshop on Trust, Identity, Privacy, and Security in the Digital Economy, DETIPS 2020; the First International Workshop on Dependability and Safety of Emerging Cloud and Fog Systems, DeSECSys 2020; Third International Workshop on Multimedia Privacy and Security...
Article
Digital technologies shape travel environments. Noticing online privacy issues, consumers can hold distinct attitudes towards disclosing personal information to service providers. We conducted a panel survey to gauge travelers’ willingness to share personal information with service providers, provided with different types of nudges. Based on the re...
Conference Paper
The focus on cyber security as an interaction between technical elements and humans has typically confined consideration of the latter to practical issues of implementation, conventionally those of ‘human performance factors’ of vigilance etc., ‘raising awareness’ and/or ‘incentivization’ of people and organizations to participate and adapt their b...
Chapter
Although there are many privacy-enhancing tools designed to protect users’ online privacy, it is surprising to see a lack of user-centric solutions allowing privacy control based on the joint assessment of privacy risks and benefits, due to data disclosure to multiple platforms. In this paper, we propose a conceptual framework to fill the gap: aimi...
Chapter
Full-text available
The focus on cyber security as an interaction between technical elements and humans has typically confined consideration of the latter to practical issues of implementation, conventionally those of ‘human performance factors’ of vigilance etc., ‘raising awareness’ and/or ‘incentivization’ of people and organizations to participate and adapt their b...
Preprint
Full-text available
Although there are privacy-enhancing tools designed to protect users' online privacy, it is surprising to see a lack of user-centric solutions allowing privacy control based on the joint assessment of privacy risks and benefits, due to data disclosure to multiple platforms. In this paper, we propose a conceptual framework to fill the gap: aiming at...
Conference Paper
Full-text available
Taxonomies and ontologies are handy tools in many application domains such as knowledge systematization and automatic reasoning. In the cyber security field, many researchers have proposed such taxonomies and ontologies, most of which were built based on manual work. Some researchers proposed the use of computing tools to automate the building proc...
Preprint
Full-text available
Subjective perceptual image quality can be assessed in lab studies by human observers. Objective image quality assessment (IQA) refers to algorithms for estimation of the mean subjective quality ratings. Many such methods have been proposed, both for blind IQA in which no original reference image is available as well as for the full-reference case....
Article
Full-text available
Proactive password checkers have been widely used to persuade users to select stronger passwords by providing machine-generated strength ratings of passwords. If such ratings do not match human-generated ratings of human users, there can be a loss of trust in PPCs. In order to study the effectiveness of PPCs, it would be useful to investigate how h...
Article
Chaotic dynamics is widely used to design pseudo-random number generators and for other applications, such as secure communications and encryption. This paper aims to study the dynamics of the discrete-time chaotic maps in the digital (i.e., finite-precision) domain. Differing from the traditional approaches treating a digital chaotic map as a blac...
Chapter
Full-text available
The link between information privacy concerns and privacy behaviours has been a focus of extensive investigation in various disciplines. However, little attention has been devoted to this issue in the tourism literature. Spurred by technological development and shaped by tourism-related environments, emerging privacy issues call for comprehensive y...
Article
Full-text available
This paper proposes an improved steganalytic method when cover selection is used in steganography. We observed that the covers selected by existing cover selection methods normally have different characteristics from normal ones, and propose a steganalytic method to capture such differences. As a result, the detection accuracy of steganalysis is in...
Chapter
Histogram-based watermarking schemes are invariant to pixel permutations and can thus be combined with permutation-based ciphers to form a commutative watermarking-encryption scheme. In this chapter, the authors demonstrate the feasibility of this approach for audio data and still image data. Typical histogram-based watermarking schemes based on co...
Preprint
1.0 Background Human decision making is inherently complex and imperfect. Immersed in digital environments and while performing online activities, individuals are faced daily with numerous privacy and security decisions: configuring visibility in social networking sites, allowing access to sensitive data in mobile apps, clicking or ignoring links e...
Conference Paper
Full-text available
This workshop addresses the security and privacy issues that have developed as our society has become more interconnected, specifically with respect to multimedia data generated in the context of the Internet of Things (IoT) and Web 2.0/3.0. The word "multimedia" here has expanded beyond its original scope. With the rise of social media and online...
Preprint
Full-text available
This paper presents a new general framework of information hiding, in which the hidden information is embedded into a collection of activities conducted by selected human and computer entities (e.g., a number of online accounts of one or more online social networks) in a selected digital world. Different from other traditional schemes, where the hi...
Article
Full-text available
This paper proposes the first user-independent inter-keystroke timing attacks on PINs. Our attack method is based on an inter-keystroke timing dictionary built from a human cognitive model whose parameters can be determined by a small amount of training data on any users (not necessarily the target victims). Our attacks can thus be potentially laun...
Article
Full-text available
In the last decade, a large number of multimedia forensic and security techniques have been proposed to protect multimedia data and devices and to support investigations of multimedia-related criminal cases and security incidents. However, most of these solutions adopt very limiting and simplifying working conditions, being more appropriate for lab...
Conference Paper
Full-text available
Recent studies have revealed that cyber criminals tend to exchange knowledge about cyber attacks in online social networks (OSNs). Cyber security experts are another set of information providers on OSNs who frequently share information about cyber security incidents and their personal opinions and analyses. Therefore, in order to improve our knowle...
Conference Paper
Full-text available
Mobile devices are ubiquitous in today's digital world. While people enjoy the convenience brought by mobile devices, it has been proven that many mobile apps leak personal information without user consent or even awareness. That can occur due to many reasons, such as careless programming errors, intention of developers to collect private informati...
Article
Full-text available
The advancement of cryptography and cryptanalysis has driven numerous innovations over years. Among them is the treatment of cryptanalysis on selectively encrypted content as a recovery problem. Recent research has shown that linear programming is a powerful tool to recover unknown coefficients in DCT-transformed images. While the time complexity i...
Conference Paper
Full-text available
This paper presents the Password Security Visualizer (PSV), an interactive visualization system specifically designed for password security education. PSV can be seen as a reconfigurable “box” containing different proactive password checkers (PPCs) and visualizers of password security information, allowing it to be used like a “many in one” or “hyb...
Conference Paper
Full-text available
Human cognitive modeling techniques and related software tools have been widely used by researchers and practitioners to evaluate the effectiveness of user interface (UI) designs and related human performance. However, they are rarely used in the cyber security field despite the fact that human factors have been recognized as a key element for cybe...