Biblio

Filters: Author is Zhang, Kevin  [Clear All Filters]
2022-02-03
Zhang, Kevin, Olmsted, Aspen.  2021.  Examining Autonomous Vehicle Operating Systems Vulnerabilities using a Cyber-Physical Approach. 2021 IEEE International Intelligent Transportation Systems Conference (ITSC). :976—981.
Increasingly, the transportation industry has moved towards automation to improve safety, fuel efficiency, and system productivity. However, the increased scrutiny that automated vehicles (AV) face over functional safety has hindered the industry's unbridled confidence in self-driving technologies. As AVs are cyber-physical systems, they utilize distributed control to accomplish a range of safety-critical driving tasks. The Operation Systems (OS) serve as the core of these control systems. Therefore, their designs and implementation must incorporate ways to protect AVs against what must be assumed to be inevitable cyberattacks to meet the overall AV functional safety requirements. This paper investigates the connection between functional safety and cybersecurity in the context of OS. This study finds that risks due to delays can worsen by potential cybersecurity vulnerabilities through a case example of an automated vehicle following. Furthermore, attack surfaces and cybersecurity countermeasures for protecting OSs from security breaches are addressed.
2020-02-10
Zhang, Kevin.  2019.  A Machine Learning Based Approach to Identify SQL Injection Vulnerabilities. 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). :1286–1288.

This paper presents a machine learning classifier designed to identify SQL injection vulnerabilities in PHP code. Both classical and deep learning based machine learning algorithms were used to train and evaluate classifier models using input validation and sanitization features extracted from source code files. On ten-fold cross validations a model trained using Convolutional Neural Network(CNN) achieved the highest precision (95.4%), while a model based on Multilayer Perceptron(MLP) achieved the highest recall (63.7%) and the highest f-measure (0.746).