Visible to the public Biblio

Filters: Author is Wu, Bin  [Clear All Filters]
2022-10-13
Li, Xue, Zhang, Dongmei, Wu, Bin.  2020.  Detection method of phishing email based on persuasion principle. 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). 1:571—574.
“Phishing emails” are phishing emails with illegal links that direct users to pages of some real websites that are spoofed, or pages where real HTML has been inserted with dangerous HTML code, so as to deceive users' private information such as bank or credit card account numbers, email account numbers, and passwords. People are the most vulnerable part of security. Phishing emails use human weaknesses to attack. This article describes the application of the principle of persuasion in phishing emails, and based on the existing methods, this paper proposes a phishing email detection method based on the persuasion principle. The principle of persuasion principle is to count whether the corresponding word of the feature appears in the mail. The feature is selected using an information gain algorithm, and finally 25 features are selected for detection. Finally experimentally verified, accuracy rate reached 99.6%.
2022-02-25
Zheng, Siyuan, Yin, Changqing, Wu, Bin.  2021.  Keys as Secret Messages: Provably Secure and Efficiency-balanced Steganography on Blockchain. 2021 IEEE Intl Conf on Parallel Distributed Processing with Applications, Big Data Cloud Computing, Sustainable Computing Communications, Social Computing Networking (ISPA/BDCloud/SocialCom/SustainCom). :1269–1278.
To improve efficiency of stegosystem on blockchain and balance the time consumption of Encode and Decode operations, we propose a new blockchain-based steganography scheme, called Keys as Secret Messages (KASM), where a codebook of mappings between bitstrings and public keys can be pre-calculated by both sides with some secret parameters pre-negotiated before covert communication. By applying properties of elliptic curves and pseudorandom number generators, we realize key derivation of codebook item, and we construct the stegosystem with provable security under chosen hiddentext attack. By comparing KASM with Blockchain Covert Channel (BLOCCE) and testing on Bitcoin protocol, we conclude that our proposed stegosystem encodes hiddentexts faster than BLOCCE does and can decode stegotexts in highly acceptable time. The balanced time consumption of Encode and Decode operations of KASM make it applicable in the scene of duplex communication. At the same time, KASM does not leak sender’s private keys, so sender’s digital currencies can be protected.
2021-09-07
Shi, Jiayu, Wu, Bin.  2020.  Detection of DDoS Based on Gray Level Co-Occurrence Matrix Theory and Deep Learning. 2020 5th International Conference on Mechanical, Control and Computer Engineering (ICMCCE). :1615–1618.
There have been researches on Distributed Denial of Service (DDoS) attack detection based on deep learning, but most of them use the feature data processed by data mining for feature learning and classification. Based on the original data flow, this paper combines the method of Gray Level Co-occurrence Matrix (GLCM), which not only retains the original data but also can further extract the potential relationship between the original data. The original data matrix and the reconstructed matrix were taken as the input of the model, and the Convolutional Neural Network(CNN) was used for feature learning. Finally, the classifier model was trained for detection. The experimental part is divided into two parts: comparing the detection effect of different data processing methods and different deep learning algorithms; the effectiveness and objectivity of the proposed method are verified by comparing the detection effect of the deep learning algorithm with that of the statistical analysis feature algorithm.
2020-06-01
Wang, He, Wu, Bin.  2019.  SDN-based hybrid honeypot for attack capture. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :1602–1606.
Honeypots have become an important tool for capturing attacks. Hybrid honeypots, including the front end and the back end, are widely used in research because of the scalability of the front end and the high interactivity of the back end. However, traditional hybrid honeypots have some problems that the flow control is difficult and topology simulation is not realistic. This paper proposes a new architecture based on SDN applied to the hybrid honeypot system for network topology simulation and attack traffic migration. Our system uses the good expansibility and controllability of the SDN controller to simulate a large and realistic network to attract attackers and redirect high-level attacks to a high-interaction honeypot for attack capture and further analysis. It improves the deficiencies in the network spoofing technology and flow control technology in the traditional honeynet. Finally, we set up the experimental environment on the mininet and verified the mechanism. The test results show that the system is more intelligent and the traffic migration is more stealthy.
2020-02-10
Li, Meng, Wu, Bin, Wang, Yaning.  2019.  Comment Spam Detection via Effective Features Combination. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–6.

Comment spam is one of the great challenges faced by forum administrators. Detecting and blocking comment spam can relieve the load on servers, improve user experience and purify the network conditions. This paper focuses on the detection of comment spam. The behaviors of spammer and the content of spam were analyzed. According to analysis results, two types of effective features are extracted which can make a better description of spammer characteristics. Additionally, a gradient boosting tree algorithm was used to construct the comment spam detector based on the extracted features. Our proposed method is examined on a blog spam dataset which was published by previous research, and the result illustrates that our method performs better than the previous method on detection accuracy. Moreover, the CPU time is recorded to demonstrate that the time spent on both training and testing maintains a small value.