Tong Liu scite author profile

Recently, automated software vulnerability detection and exploitation in Internet of Things (IoT) has attracted more and more attention, due to IoT’s fast adoption and high social impact. However, the task is challenging and the solutions are non-trivial: the existing methods have limited effectiveness at discovering vulnerabilities capable of compromising IoT systems. To address this, we propose an Automated Vulnerability Discovery and Exploitation framework with a Scheduling strategy, AutoDES that aims to improve the efficiency and effectiveness of vulnerability discovery and exploitation. In the vulnerability discovery stage, we use our Anti-Driller technique to mitigate the “path explosion” problem. This approach first generates a specific input proceeding from symbolic execution based on a Control Flow Graph (CFG). It then leverages a mutation-based fuzzer to find vulnerabilities while avoiding invalid mutations. In the vulnerability exploitation stage, we analyze the characteristics of vulnerabilities and then propose to generate exploits, via the use of several proposed attack techniques that can produce a shell based on the detected vulnerabilities. We also propose a genetic algorithm (GA)-based scheduling strategy (AutoS) that helps with assigning the computing resources dynamically and efficiently. The extensive experimental results on the RHG 2018 challenge dataset and the BCTF-RHG 2019 challenge dataset clearly demonstrate the effectiveness and efficiency of the proposed framework.

show abstract

Artificial Intelligence-Enabled DDoS Detection for Blockchain-Based Smart Transport Systems

Liu

Sabrina

Jang-Jaccard

et al. 2021

Sensors

View full text Add to dashboard Cite

A smart public transport system is expected to be an integral part of our human lives to improve our mobility and reduce the effect of our carbon footprint. The safety and ongoing maintenance of the smart public transport system from cyberattacks are vitally important. To provide more comprehensive protection against potential cyberattacks, we propose a novel approach that combines blockchain technology and a deep learning method that can better protect the smart public transport system. By the creation of signed and verified blockchain blocks and chaining of hashed blocks, the blockchain in our proposal can withstand unauthorized integrity attack that tries to forge sensitive transport maintenance data and transactions associated with it. A hybrid deep learning-based method, which combines autoencoder (AE) and multi-layer perceptron (MLP), in our proposal can effectively detect distributed denial of service (DDoS) attempts that can halt or block the urgent and critical exchange of transport maintenance data across the stakeholders. The experimental results of the hybrid deep learning evaluated on three different datasets (i.e., CICDDoS2019, CIC-IDS2017, and BoT-IoT) show that our deep learning model is effective to detect a wide range of DDoS attacks achieving more than 95% F1-score across all three datasets in average. The comparison of our approach with other similar methods confirms that our approach covers a more comprehensive range of security properties for the smart public transport system.

show abstract

An Unlinkable Authentication Scheme for Distributed IoT Application

et al. 2019

View full text Add to dashboard Cite

The Internet of Things (IoT) is an enormous ubiquitous-network, which connects the objects through various sensors. The IoT technology promotes the interconnection and fusion between the physical world and information space, and it facilitates the day-to-day life of people. However, since a lot of equipped sensors are unattended and open, the IoT must face and overcome the main problems of security and privacy. Authentication is one of the paramount security concerns in the IoT environment, in which a user could directly access data from the sensors. Therefore, we propose an authentication and key agreement scheme providing unlinkability for the IoT environment based on bilinear pairings. The formal security proof demonstrates that the proposed protocol is unforgeable under the adaptively chosen message attack, and the session key exchange is semantic secure under the eCK model. In addition, the computation and communication costs of the proposed scheme are evaluated and compared with some existing similar schemes, which exhibits that it pleasantly addresses the needs of the IoT as far as security properties and computation expenses.INDEX TERMS Authentication, IoT, privacy-preserving, security.

show abstract

Rockburst prediction for hard rock and deep-lying long tunnels based on the entropy weight ideal point method and geostress field inversion: a case study of the Sangzhuling Tunnel

Zhou

Chen

et al. 2021

Bull Eng Geol Environ

View full text Add to dashboard Cite

To Explore the Inheritance of Computer Multimedia Art Design Based on Traditional Chinese Cultural Elements

Liu¹,

Xiang²

2020

J. Phys.: Conf. Ser.

View full text Add to dashboard Cite

With the development of computer digital media technology, computer multimedia art has emerged as a new art form.In China, it is very important to embed multimedia art in traditional Chinese culture, draw nourishment from traditional Chinese cultural elements, and give it a national character.This paper USES computer multimedia technology to discuss how to inherit and realize multimedia art design based on traditional Chinese cultural elements by analyzing the opening ceremony of the Beijing Olympic Games and the China pavilion of the Shanghai world expo, because they are the perfect combination of Chinese traditional culture and multimedia art.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Tong Liu

Automated Vulnerability Discovery and Exploitation in the Internet of Things

Artificial Intelligence-Enabled DDoS Detection for Blockchain-Based Smart Transport Systems

An Unlinkable Authentication Scheme for Distributed IoT Application

Rockburst prediction for hard rock and deep-lying long tunnels based on the entropy weight ideal point method and geostress field inversion: a case study of the Sangzhuling Tunnel

To Explore the Inheritance of Computer Multimedia Art Design Based on Traditional Chinese Cultural Elements

Contact Info

Product

Resources

About