Xiaolin Chang

• PhD
• Professor (Full) at Beijing Jiaotong University

In this paper, we describe a mechanism to improve the speed of the Practical Byzantine Fault Tolerance (PBFT) consensus protocol in a multi-leader setting by overlapping the COMMIT and PREPREPARE stages where applicable. We analyze the performance of the proposed mechanism using a probabilistic model and show that it achieves high throughput at hig...

Traditional covert transmission (CT) approaches have been hindering CT application while blockchain technology offers new avenue. Current blockchain-based CT approaches require off-chain negotiation of critical information and often overlook the dynamic updating of session keys, which increases the risk of message and key leakage. Additionally, in...

Data provision, referring to data upload and data access, is one key phase in vehicular digital forensics. The unique features of Driverless Taxi (DT) bring new issues to this phase: I1) efficient verification of data integrity when diverse Data Providers (DPs) upload data; I2) DP privacy preservation during data upload; and I3) privacy preservatio...

Despite significant advancements in deep reinforcement learning (DRL)-based autonomous driving policies, these policies still exhibit vulnerability to adversarial attacks. This vulnerability poses a formidable challenge to the practical deployment of these policies in autonomous driving. Designing effective adversarial attacks is an indispensable p...

Establishing and sustaining Metaverse service necessitates an unprecedented scale of resources. Some researchers consider the deployment of Metaverse service in a cloud-edge resource architecture, which can satisfy the escalating demand for Metaverse service resources while ensuring both high bandwidth and low latency. However, how to ensure the se...

Data provision, referring to the data upload and data access, is one key phase in vehicular digital forensics. The unique features of Driverless Taxi (DT) bring new issues to this phase: 1) efficient verification of data integrity when diverse Data Providers (DPs) upload data; 2) DP privacy preservation during data upload; and 3) privacy preservati...

GHOST, like the longest-chain protocol, is a chain selection protocol and its capability in resisting selfish mining attack has been validated in imperfect (delay-existing-) blockchains of Bitcoin and its variants (Bitcoin-like). This paper explores an analytical-model-based approach to investigate the impact of stubborn mining attack in imperfect...

Driverless vehicle as a taxi is gaining more attention due to its potential to enhance urban transportation efficiency. However, both unforeseen incidents led by unsupervised physical users' driverless taxi (DT) rides and personalized needs of users when riding in a DT necessitate the authentication of user identity and attributes. Moreover, safegu...

Recently, big data has seen explosive growth in the Internet of Things (IoT). Multilayer FL (MFL) based on cloud-edge-end architecture can promote model training efficiency and model accuracy while preserving IoT data privacy. This article considers an improved MFL, where edge layer devices own private data and can join the training process. Improv...

Practical Byzantine Fault Tolerance (PBFT) is the protocol of choice for many applications that require distributed consensus between a number of participant nodes. While PBFT assumes a single voting committee, many applications recognize different groups of participants that need to reach a consensus separately before accepting a proposal. To this...

Processing sensitive data and deploying well-designed Intellectual Property (IP) cores on remote Field Programmable Gate Array (FPGA) are prone to private data leakage and IP theft. One effective solution is constructing Trusted Execution Environment (TEE) and its secure boot process on FPGA-SoC (FPGA System on Chip). This paper aims to establish...

Proof-of-Stake (PoS) protocols are widely accepted as a viable substitute for the Proof-of-Work-based consensus, which is why recent blockchain-based cryptocurrencies and applications, most notably Ethereum 2.0, are using some variant of PoS as the basis for the consensus protocol. However, the implementation of PoS protocols in Ethereum 2.0 are no...

Federated Learning (FL) as a secure distributed learning framework gains interests in Internet of Things (IoT) due to its capability of protecting the privacy of participant data. However, traditional FL systems are vulnerable to Free-Rider (FR) attacks, which causes unfairness, privacy leakage and inferior performance to FL systems. The prior defe...

Federated Learning (FL), a privacy-oriented distributed ML paradigm, is gaining great interest in the Internet of Things because of its capability to protect participants’ data privacy. Studies have been conducted to address the challenges of communication efficiency and privacy-preserving, which exist in standard FL. However, they cannot achieve t...

Container technology, as the key enabler behind microservice architectures, is widely applied in Cloud and Edge Computing. A long and continuous running of operating system (OS) hosting container-based services can encounter software aging that leads to performance deterioration and even causes system failures. OS rejuvenation techniques can mitiga...

Both Proof of Stake (PoS) and Delegated Proof of Stake (DPoS) consensus schemes for permissioned blockchains incur the risk of centralization of voting power in the hands of a small number of wealthy voters. In this work, we present Qualified Proof of Stake (QPoS) scheme which alleviates centralization by rewarding truthful behavior of both voters...

This paper aims to use analytical modeling technique to quantitatively study the dependability of Vehicle Platooning Application, which consists of Multiple Sub-Services (VPP-MSS) to achieve its functionality. Each sub-service (SS), based on network function virtualization technology, is executed in a container. Both SSes and OSes which SSes run on...

In NFV networks, service functions (SFs) can be deployed on virtual machines (VMs) across multiple domains and then form a service function chain (MSFC) for end-to-end network service provision. However, any software component in a VM-based MSFC must experience software aging issue after a long period of operation. This paper quantitatively investi...

Container technology, as the key enabler behind microservice architectures, is widely applied in Cloud and Edge Computing. A long and continuous running of operating system (OS) host-ing container-based services can encounter software aging that leads to performance deterioration and even causes system fail-ures. OS rejuvenation techniques can miti...

Processing sensitive data and deploying well-designed Intellectual Property (IP) cores on remote Field Programmable Gate Array (FPGA) are prone to private data leakage and IP theft. One effective solution is constructing Trusted Execution Environment (TEE) on FPGA-SoCs (FPGA System on Chips). Researchers have integrated this type TEE with Trusted P...

Multi-access edge c omputing (MEC)-enabled Internet of Things (IoT) is considered as a promising paradigm to deliver computation-intensive and delay-sensitive services to users. IoT service requests can be served by multiple m icro s ervices (MSs) that form a chain, called a micro s ervice c hain (MSC). However, the high complexity of MSs a...

Consensus algorithm is an essential ingredient of any blockchain system. Many different consensus mechanisms such as Practical Byzantine Fault Tolerance (PBFT), Proof-of-Work (PoW), Proof-of-Stake (PoS), and their many derivatives have been proposed over the years, but the complementary problems of performance and resilience to malicious behavior o...

In this paper we propose a gated cycle scheme for prioritized block access in a PBFT-like consensus mechanism suitable for blockchain-based IoT applications. Blocks submitted by clients are processed in cycles of variable length, in the order determined according to their priorities which can be assigned according to the block length or orderer's s...

Practical Byzantine Fault Tolerance (PBFT) is widely used despite its limitations. In this paper we extend a previously described multiple entry version of PBFT with fast cycle capability. In this approach, multiple data blocks are proposed by different nodes or replicas, but instead of choosing only one to undergo the consensus procedure, replicas...

This paper investigates a hierarchical aerial computing system, where both HAPs and UAVs provision computation services for ground devices (GDs). Different from the existing works which ignored UAV task offloading to HAPs and suffered long transmission delay between HAPs and GDs, in our system, UAVs are responsible for collecting the tasks generate...

Task offloading combined with reinforcement learning (RL) is a promising research direction in edge computing. However, the intractability in the training of RL and the heterogeneity of network devices have hindered the application of RL in large-scale networks. Moreover, traditional RL algorithms lack mechanisms to share information effectively in...

Stubborn mining attack greatly downgrades Bitcoin throughput and also benefits malicious miners (attackers). This paper aims to quantify the impact of block receiving delay on stubborn mining attack severity in imperfect Bitcoin networks. We develop an analytic model and derive formulas of both relative revenue and system throughput, which are appl...

Service function chain (SFC) based on network function virtualization (NFV) technology can handle network traffic flexibly and efficiently. The virtual network function (VNF), as the core function unit of SFC, can experience software aging, which reduces the availability and reliability of SFC and even leads to service interruption, after it runs c...

The continuous increase of electric vehicles is being facilitating the large-scale distributed charging-pile deployment. It is crucial to guarantee normal operation of charging piles, resulting in the importance of diagnosing charging-pile faults. The existing fault-diagnosis approaches were based on physical fault data like mechanical log data and...

Fully homomorphic encryption (FHE) has experienced significant development and continuous breakthroughs in theory, enabling its widespread application in various fields, like outsourcing computation and secure multi-party computing, in order to preserve privacy. Nonetheless, the application of FHE is constrained by its substantial computing overhea...

In this paper we propose a gated cycle scheme for prioritized block access in a PBFT-like consensus mechanism suitable for blockchain-based IoT applications. Blocks submitted by clients are processed in cycles of variable length, in the order determined according to their priorities which can be assigned according to the block length or orderer's s...

GHOST, like the longest-chain protocol, is a chain selection protocol and its capability in resisting selfish mining attack has been validated in imperfect blockchains of Bitcoin and its variants (Bitcoin-like). This paper explores an analytical-model-based method to investigate the impact of stubborn mining attack in imperfect GHOST Bitcoin-like b...

In this paper, we analyze the performance of Ethereum data distribution network using a probabilistic model which allows accurate modeling of data propagation but also of forking, which happens when the blockchain maintained by the network temporarily splits into multiple versions due to a disagreement over the validity of a particular block. We al...

Delegated Proof of Stake (DPoS) is a high throughput, low power consumption consensus mechanism is which elected participants or witnesses vote to accept blocks to be included in the blockchain ledger. However, DPoS is prone to centralization of voting power which can introduce bias and degrade the usability of the blockchain. In this work, we prop...

Bitcoin is the largest Proof-of-Work (PoW) public blockchain but is vulnerable to various attacks like stubborn mining attack, which greatly downgrades both system throughput and benefits malicious miners (attackers). The existing works assume miners receive new blocks immediately after block generation, which is away from reality. This paper aims...

In this work we combine Delegated Proof of Stake (DPoS) consensus technique with multiple entry Practical Byzantine Fault Tolerant voting in a permissioned blockchain network. Voting is organized in rounds that contain a number of PBFT consensus cycles. Nodes with low stake are forced to leave at the end of current round and may return to a new rou...

Unmanned aerial vehicle (UAV) and network function virtualization (NFV) facilitate the deployment of multi-access edge computing (MEC). In the UAV-based MEC (UMEC) network, virtualized network function (VNF) can be implemented as a lightweight container running on UMEC host operating system (OS). However, UMEC network is vulnerable to attack, which...

Eclipse-based Stake-Bleeding (ESB) attack is a kind of long-range attacks in a Proof-of-Stake (PoS) blockchain system, which can shorten the attack completion time. Researchers have quantitatively analyzed ESB attack but ignoring checkpointing defense technique, which solidifies the history of blockchain and then prevents an adversary to change the...

This paper investigates a dual-unmanned aerial vehicle (UAV) aided communication system to improve the security of the communication between ground devices and UAVs. Different from the existing works which ignored ground devices mobility and just considered one-way communication security between ground devices and UAVs, we allow the devices to be m...

We describe an implementation of a data storage and manipulation system for the Internet of Things (IoT) networks based on blockchain and using a Practical Byzantine Fault Tolerance (PBFT)-like protocol to achieve consensus. In our proposed model, blockchain ledger consistency is ensured by leaders contending for the next available spot(s) in which...

Alleviating human suffering in disasters is one of the main objectives of humanitarian logistics. The lack of emergency rescue materials is the root cause of this suffering and must be considered when making emergency supply distribution decision. As large-scale disasters often cause varying degrees of damage to different influenced areas, which wi...

We describe a two-layer architecture suitable for wide area IoT systems that use blockchain technology. The lower layer is comprised of several clusters in which nodes are interconnected with a number of virtual overlays which allow multiple consensus rounds that validate incoming data blocks to proceed concurrently and without contention. Validate...

Malicious miners in a Proof-of-Work (PoW) blockchain can apply less computing power to perform fork-after-withholding (FAW) attack than that to selfish mining and other withholding attacks. Quantitative study of FAW attack enables an in-depth understanding of the attack and then helps design countermeasures. The existing quantification studies of F...

Deep neural networks (DNNs) can be misclassified by adversarial examples, which are legitimate inputs integrated with imperceptible perturbations at the testing stage. Extensive research has made progress for white-box adversarial attacks to craft adversarial examples with a high success rate. However, these crafted examples have a low success rate...

As an indispensable part of intelligent transportation system, a traffic-sensitive navigation system can assist drivers in avoiding traffic congestion by providing navigation services. The navigation service provider (NSP) utilizes road condition information from nearby vehicles collected by roadside units (RSUs) to guide a vehicle through an optim...

In this work we integrate Proof of Stake (PoS) consensus technique with multiple entry Practical Byzantine Fault Tolerance voting in a permissioned blockchain network. We introduce several PoS classes based on stake and truthfulness of voting. Each class is modeled using Semi Markov Process (SMP). We derive probability of reaching the two-thirds ma...

Internet of Things (IoT) jobs not only require computational resources but also are delay-sensitive and security-sensitive. Edge computing emerges as a promising paradigm to improve the quality of experience for IoT users. Edge computing faces many security threats, perhaps even more than traditional data centers. With a growing amount of data offl...

Network function virtualization (NFV) has been explored to be integrated with multi-access edge computing (MEC) to facilitate the development of 5G (fifth-generation) network. Latency-sensitive applications can be deployed as serial-parallel hybrid service function chains (SP-SFCs) in the MEC-NFV environment. SP-SFCs are deployed on resource-limite...

White-box adversarial example (AE) attacks on deep neural networks (DNNs) have a more powerful destructive capacity than black-box attacks using AE strategies. However, few studies have been conducted on the generation of low-perturbation adversarial examples from the interpretability perspective. Specifically, adversaries who conducted attacks lac...

The longest-chain and Greedy Heaviest Observed Subtree (GHOST) protocols are the two most famous chain-selection protocols to address forking in Proof-of-Work (PoW) blockchain systems. Inclusive protocol was proposed to lower the loss of miners who produce stale blocks and increase the blockchain throughput. This paper aims to make an analytical-mo...

We propose a scalable self-sovereign identity (S3I) system architecture that uses a hierarchically structured Byzantine fault tolerance layer of validating authorities and a permissioned blockchain to record and manage user identities. Users and service providers interact with the S3I system through nearby proxy nodes that store copies of the block...

The sixth-generation (6G) vehicular networks are expected to be much more large-scaled, heterogeneous, dynamic and intelligent, and are expected to meet diverse Quality of Service (QoS) and Quality of Experience (QoE) requirements from vehicular applications. This paper aims to quantitatively investigate the capability of the MEC-Cloud orchestratio...

Malignant miners with small computing power can achieve unfair revenue and degrade system throughput through launching Fork after withholding (FAW) attack in a Proof-of-Work (PoW) blockchain system. The existing works about FAW attack have some of the following issues: (i) only studying Bitcoin blockchain, (ii) assuming that the blockchain network...

Data propagation in the Bitcoin network is inefficient due to its permissionless nature and the lack of multicast/broadcast features. In particular, the number of messages needed to propagate a single transaction is very high which is rather wasteful in terms of bandwidth utilization. In this work we propose two simple modifications of Bitcoin soft...

The Multi-access Edge Computing (MEC) and Network Function Virtualization (NFV) integrated architecture is a key enabling platform for 5G to run multiple customized services in the form of service function chain (SFC) configured as an ordered set of service functions (SFs). However, memory-related software aging in the SF that can be exploited by a...

Unmanned aerial vehicles (UAVs) have been widely used in Intelligent Transportation Systems (ITS) due to their rapid deployment and high mobility, which are considered as a promising solution to expand the scope of communication, especially in inaccessible areas. However, there is a lack of a universal and extensible multi-hop collaboration model i...

With the continuous development of electric vehicles (EV), large-scale distributed charging piles have been deployed in the wild. Therefore, it is extremely essential to evaluate the risk state of EV charging piles efficiently and effectively. This paper aims to measure the capability of supervised and semi-supervised machine learning techniques in...

Effective inter-node collaborative strategy can significantly improve fog computing (FC) system performance, thereby enhancing the users' quality of experience (QoE). With more and more smart personal devices serving as fog nodes (FNs) to assist users or other FNs, it is challenging to achieve effective collaboration among these FNs with selfishnes...

Blockchain ledgers are being increasingly used in Internet of Things (IoT) and Internet of Vehicles (IoV) applications. However, Proof of Work consensus is unsuitable in an IoV setting, which is why other paradigms need to be investigated. In this work we integrate Proof of Stake (PoS) consensus technique with multiple entry Practical Byzantine Fau...

As an indispensable part of intelligent transportation system, a traffic-sensitive navigation system can assist drivers in avoiding traffic congestion by providing navigation services. The navigation service provider (NSP) utilizes road condition information from nearby vehicles collected by roadside units (RSUs) to guide a vehicle through an optim...

Bitcoin and Ethereum are the top two blockchain-based cryptocurrencies whether from cryptocurrency market cap or popularity. However, they are vulnerable to selfish mining and stubborn mining due to that both of them adopt Proof-of-Work consensus mechanism. In this paper, we develop a novel Markov model, which can study selfish mining and seven kin...

Adversarial Malware Example (AME)-based adversarial training can effectively enhance the robustness of Machine Learning (ML)-based malware detectors against AME. AME quality is a key factor to the robustness enhancement. Generative Adversarial Network (GAN) is a kind of AME generation method, but the existing GAN-based AME generation methods have t...

In this work we describe and analyze a novel multi-tier architecture for recording Internet of Things (IoT) data. Each tier in the architecture consists of vertically interconnected node clusters that may be operated by different service providers. Blocks of IoT data are accepted by a cluster tier by tier, until they reach the top tier which adds t...

The well known Practical Byzantine Fault Tolerance (PBFT) consensus algorithm is not well suited to blockchain-based Internet of Things (IoT) systems which cover large geographical areas. To reduce queuing delays and eliminates a permanent leader as a single point of failure, we use a multiple entry, multi-tier PBFT architecture and investigate the...

This paper aims to study a computation task scheduling problem in the space-air-ground integrated network (SAGIN). The prior works on this problem usually assume that an unmanned aerial vehicle (UAV) is static or has a fixed flying trajectory. In this paper, we allow a UAV to plan its own trajectory and to have a certain coverage area. Our objectiv...

White-box Adversarial Example (AE) attacks towards Deep Neural Networks (DNNs) have a more powerful destructive capacity than black-box AE attacks in the fields of AE strategies. However, almost all the white-box approaches lack interpretation from the point of view of DNNs. That is, adversaries did not investigate the attacks from the perspective...

The widespread applications of deep neural network (DNN) techniques in intelligent systems are is being challenged by adversarial examples—the legitimate input added with imperceptible and well-designed perturbations that can fool DNNs easily in the DNN testing/deploying stage. Previous adversarial example attacks in the white-box manner used Jacob...

Vehicle-to-everything (V2X) has been regarded as an important enabling technology for future intelligent transportation systems (ITS). Safety-critical applications in V2X require authentication of nodes and messages, and also need to preserve the privacy of vehicles. Pseudonymity plays an important role in V2X communication by satisfying both secur...

In this work we design and model policy which penalizes nodes when they do not vote in multiple entry PBFT protocol. Penalty consists of denying node the right to submit the proposal until it has collected sufficient number of tokens. Token for the node is generated when node votes on block proposal. We have provided queueing M/G/1 model of token c...

Practical Byzantine Fault Tolerance (PBFT) is the protocol of choice for many application that require a distributed agreement or consensus between a number of participants. While PBFT assumes that all participants have an equal say in the final decision, many applications, and recently introduced identity management systems in particular, require...

Proof-of-Work (PoW) blockchain systems like Bitcoin and Ethereum are vulnerable to selfholding attack. The prior modeling-based works about this attack only considered Bitcoin and assumed that there were at most two honest pools in a perfect network (no natural fork in such networks). However, a blockchain network is imperfect due to block propagat...

We propose a scalable self-sovereign identity (S3I) system architecture that uses a hierarchically structured Byzantine Fault Tolerant layer of validating authorities and a permissioned blockchain to record and manage user identities. Users and service providers interact with the S3I system through nearby proxy nodes that store copies of the blockc...

The use of blockchain for Internet-of-Things (IoT) data recording necessitates an efficient and scalable consensus mechanism. In this paper, we describe a two-tier architecture in which IoT data is packaged in batches or blocks, approved by a low-tier cluster first and a top-tier cluster second, before being added to the replicated blockchain ledge...

Vehicle platooning can be applied to cooperative downloading and uploading (CDU) services through the cooperation between lead vehicle and non-lead vehicles. CDU service can be completed cooperatively by containers constructed in vehicles of vehicle platooning system. Containers in vehicles may suffer from potential attacks which can lead to resour...

The fantastic growth in cybersecurity attack frequency and sophistication over the years advances the development of Moving Target Defense (MTD) technology. Migration-based dynamic platform technique (DPT), one of MTD techniques, is expected to significantly improve cyberspace security by migrating service across multiple platforms according to the...

Selfish mining, as a serious threat to blockchain, has been attracting attentions from academic and industry. Stochastic modeling has been explored to quantitatively investigate selfish mining in imperfect blockchain networks. However, prior modeling-based analysis approaches have some of the following issues: (1) only focus on Bitcoin or Ethereum,...