Jingdong Bian scite author profile

The web technology has become the cornerstone of a wide range of platforms, such as mobile services and smart Internet-of-things (IoT) systems. In such platforms, users' data are aggregated to a cloud-based platform, where web applications are used as a key interface to access and configure user data. Securing the web interface requires solutions to deal with threats from both technical vulnerabilities and social factors. Phishing attacks are one of the most commonly exploited vectors in social engineering attacks. The attackers use web pages visually mimicking legitimate web sites, such as banking and government services, to collect users' sensitive information. Existing phishing defense mechanisms based on URLs or page contents are often evaded by attackers. Recent research has demonstrated that visual layout similarity can be used as a robust basis to detect phishing attacks. In particular, features extracted from CSS layout files can be used to measure page similarity. However, it needs human expertise in specifying how to measure page similarity based on such features. In this paper, we aim to enable automated page-layout-based phishing detection techniques using machine learning techniques. We propose a learning-based aggregation analysis mechanism to decide page layout similarity, which is used to detect phishing pages. We prototype our solution and evaluate four popular machine learning classifiers on their accuracy and the factors affecting their results.

show abstract

Application of learning algorithms in smart home IoT system security

Mao¹,

Lin²,

Bian³

2018

View full text Add to dashboard Cite

With the rapid development of Internet of Things (IoT) technologies, smart home systems are getting more and more popular in our daily life. Besides providing convenient functionality and tangible benefits, smart home systems also expose users to security risks. To enhance the functionality and the security, machine learning algorithms play an important role in a smart home ecosystem, e.g., ensuring biotechnology-based authentication and authorization, anomalous detection, etc. On the other side, attackers also treat learning algorithms as a tool, as well as a target, to exploit the security vulnerabilities in smart home systems. In this paper, we unify the system architectures suggested by the mainstream service providers, e.g., Samsung, Google, Apple, etc. Based on our proposed overall smart home system model, we investigate the application of learning algorithms in smart home IoT system security. Our study includes two angles. First, we discussed the functionality and security enhancing methods based on learning mechanisms; second, we described the security threats exposed by employing learning techniques. We also explored the potential solutions that may address the aforementioned security problems.2010 Mathematics Subject Classification. Primary: 58F15, 58F17; Secondary: 53C35.

show abstract

Detecting Malicious Behaviors in JavaScript Applications

et al. 2018

View full text Add to dashboard Cite

A Compatible OpenFlow Platform for Enabling Security Enhancement in SDN

Cheng

Liu

Mao

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Software-defined networking (SDN) is a representative next generation network architecture, which allows network administrators to programmatically initialize, control, change, and manage network behavior dynamically via open interfaces. SDN is widely adopted in systems like 5G mobile networks and cyber-physical systems (CPS). However, SDN brings new security problems, e.g., controller hijacking, black-hole, and unauthorized data modification. Traditional firewall or IDS based solutions cannot fix these challenges. It is also undesirable to develop security mechanisms in such an ad hoc manner, which may cause security conflict during the deployment procedure. In this paper, we propose OSCO (Open Security-enhanced Compatible OpenFlow) platform, a unified, lightweight platform to enhance the security property and facilitate the security configuration and evaluation. The proposed platform supports highly configurable cryptographic algorithm modules, security protocols, flexible hardware extensions, and virtualized SDN networks. We prototyped our platform based on the Raspberry Pi Single Board Computer (SBC) hardware and presented a case study for switch port security enhancement. We systematically evaluated critical security modules, which include 4 hash functions, 8 stream/block ciphers, 4 public-key cryptosystems, and key exchange protocols. The experiment results show that our platform performs those security modules and SDN network functions with relatively low computational (extra 2.5% system overhead when performing AES-256 and SHA-256 functions) and networking performance overheads (73.7 Mb/s TCP and 81.2Mb/s UDP transmission speeds in 100Mb/s network settings).

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Jingdong Bian

Detecting Phishing Websites via Aggregation Analysis of Page Layouts

Phishing page detection via learning classifiers from page layout feature

Application of learning algorithms in smart home IoT system security

Detecting Malicious Behaviors in JavaScript Applications

A Compatible OpenFlow Platform for Enabling Security Enhancement in SDN

Contact Info

Product

Resources

About