Biblio

Filters: Author is Han, Xiao  [Clear All Filters]
2022-03-23
Lyu, Chen, Huang, Dongmei, Jia, Qingyao, Han, Xiao, Zhang, Xiaomei, Chi, Chi-Hung, Xu, Yang.  2021.  Predictable Model for Detecting Sybil Attacks in Mobile Social Networks. 2021 IEEE Wireless Communications and Networking Conference (WCNC). :1—6.
Mobile Social Networks have become one of the most convenient services for users to share information everywhere. This crowdsourced information is often meaningful and recommended to users, e.g., reviews on Yelp or high marks on Dianping, which poses the threat of Sybil attacks. To address the problem of Sybil attacks, previous solutions mostly use indirect/direct graph model or clickstream model to detect fake accounts. However, they are either dependent on strong connections or solely preserved by servers of social networks. In this paper, we propose a novel predictable approach by exploiting users' custom patterns to distinguish Sybil attackers from normal users for the application of recommendation in mobile social networks. First, we introduce the entropy of spatial-temporal features to profile the mobility traces of normal users, which is quite different from Sybil attackers. Second, we develop discriminative entropy-based features, i.e., users' preference features, to measure the uncertainty of users' behaviors. Third, we design a smart Sybil detection model based on a binary classification approach by combining our entropy-based features with traditional behavior-based features. Finally, we examine our model and carry out extensive experiments on a real-world dataset from Dianping. Our results have demonstrated that the model can significantly improve the detection accuracy of Sybil attacks.
2017-09-27
Han, Xiao, Yin, Jingwei, Yu, Ge.  2016.  Multiple-input Multiple-output Under-ice Acoustic Communication in Shallow Water. Proceedings of the 11th ACM International Conference on Underwater Networks & Systems. :7:1–7:2.

Multiple-input multiple-output (MIMO) techniques have been the subject of increased attention for underwater acoustic communication for its ability to significantly improve the channel capabilities. Recently, an under-ice MIMO acoustic communication experiment was conducted in shallow water which differs from previous works in that the water column was covered by about 40 centimeters thick sea ice. In this experiment, high frequency MIMO signals centered at 10 kHz were transmitted from a two-element source array to a four-element vertical receive array at 1km range. The unique under-ice acoustic propagation environment in shallow water seems naturally separate data streams from different transducers, but there is still co-channel interference. Time reversal followed by a single channel decision feedback equalizer is used in this paper to compensate for the inter-symbol interference and co-channel interference. It is demonstrated that this simple receiver scheme is good enough to realize robust performance using fewer hydrophones (i.e. 2) without the explicit use of complex co-channel interference cancelation algorithms such as parallel interference cancelation or serial interference cancelation. Two channel estimation algorithms based on least square and least mean square are also studied for MIMO communications in this paper and their performance are compared using experimental data.

2017-11-20
Han, Xiao, Kheir, Nizar, Balzarotti, Davide.  2016.  PhishEye: Live Monitoring of Sandboxed Phishing Kits. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :1402–1413.

Phishing is a form of online identity theft that deceives unaware users into disclosing their confidential information. While significant effort has been devoted to the mitigation of phishing attacks, much less is known about the entire life-cycle of these attacks in the wild, which constitutes, however, a main step toward devising comprehensive anti-phishing techniques. In this paper, we present a novel approach to sandbox live phishing kits that completely protects the privacy of victims. By using this technique, we perform a comprehensive real-world assessment of phishing attacks, their mechanisms, and the behavior of the criminals, their victims, and the security community involved in the process – based on data collected over a period of five months. Our infrastructure allowed us to draw the first comprehensive picture of a phishing attack, from the time in which the attacker installs and tests the phishing pages on a compromised host, until the last interaction with real victims and with security researchers. Our study presents accurate measurements of the duration and effectiveness of this popular threat, and discusses many new and interesting aspects we observed by monitoring hundreds of phishing campaigns.