Visible to the public Biblio

Filters: Author is Dong, Guishan  [Clear All Filters]
2022-01-31
Zhang, Yun, Li, Hongwei, Xu, Guowen, Luo, Xizhao, Dong, Guishan.  2021.  Generating Audio Adversarial Examples with Ensemble Substituted Models. ICC 2021 - IEEE International Conference on Communications. :1–6.
The rapid development of machine learning technology has prompted the applications of Automatic Speech Recognition(ASR). However, studies have shown that the state-of-the-art ASR technologies are still vulnerable to various attacks, which undermines the stability of ASR destructively. In general, most of the existing attack techniques for the ASR model are based on white box scenarios, where the adversary uses adversarial samples to generate a substituted model corresponding to the target model. On the contrary, there are fewer attack schemes in the black-box scenario. Moreover, no scheme considers the problem of how to construct the architecture of the substituted models. In this paper, we point out that constructing a good substituted model architecture is crucial to the effectiveness of the attack, as it helps to generate a more sophisticated set of adversarial examples. We evaluate the performance of different substituted models by comprehensive experiments, and find that ensemble substituted models can achieve the optimal attack effect. The experiment shows that our approach performs attack over 80% success rate (2% improvement compared to the latest work) meanwhile maintaining the authenticity of the original sample well.
2022-01-25
He, YaChen, Dong, Guishan, Liu, Dong, Peng, Haiyang, Chen, Yuxiang.  2021.  Access Control Scheme Supporting Attribute Revocation in Cloud Computing. 2021 International Conference on Networking and Network Applications (NaNA). :379–384.
To break the data barrier of the information island and explore the value of data in the past few years, it has become a trend of uploading data to the cloud by data owners for data sharing. At the same time, they also hope that the uploaded data can still be controlled, which makes access control of cloud data become an intractable problem. As a famous cryptographic technology, ciphertext policy-based attribute encryption (CP-ABE) not only assures data confidentiality but implements fine-grained access control. However, the actual application of CP-ABE has its inherent challenge in attribute revocation. To address this challenge, we proposed an access control solution supporting attribute revocation in cloud computing. Unlike previous attribute revocation schemes, to solve the problem of excessive attribute revocation overhead, we use symmetric encryption technology to encrypt the plaintext data firstly, and then, encrypting the symmetric key by utilizing public-key encryption technology according to the access structure, so that only the key ciphertext is necessary to update when the attributes are revoked, which reduces the spending of ciphertext update to a great degree. The comparative analysis demonstrates that our solution is reasonably efficient and more secure to support attribute revocation and access control after data sharing.
2020-09-28
Dong, Guishan, Chen, Yuxiang, Fan, Jia, Liu, Dijun, Hao, Yao, Wang, Zhen.  2018.  A Privacy-User-Friendly Scheme for Wearable Smart Sensing Devices Based on Blockchain. 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :481–486.
Wearable smart sensing devices presently become more and more popular in people's daily life, which also brings serious problems related to personal data privacy. In order to provide users better experiences, wearable smart sensing devices are collecting users' personal data all the time and uploading the data to service provider to get computing services, which objectively let service provider master each user's condition and cause a lot of problems such as spam, harassing call, etc. This paper designs a blockchain based scheme to solve such problems by cutting off the association between user identifier and its sensing data from perspective of shielding service providers and adversaries. Firstly, privacy requirements and situations in smart sensing area are reviewed. Then, three key technologies are introduced in the scheme including its theories, purposes and usage. Next, the designed protocol is shown and analyzed in detail. Finally, security analysis and engineering feasibility of the scheme are given. This scheme will give user better experience from privacy protection perspective in smart sensing area.
2020-04-06
Chen, Yuxiang, Dong, Guishan, Bai, Jian, Hao, Yao, Li, Feng, Peng, Haiyang.  2019.  Trust Enhancement Scheme for Cross Domain Authentication of PKI System. 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). :103–110.
Public Key Infrastructure (PKI) has been popularized in many scenarios such as e-government applications, enterprises, etc. Due to the construction of PKI system of various regions and departments, there formed a lot of isolated PKI management domains, cross-domain authentication has become a problem that cannot ignored, which also has some traditional solutions such as cross-authentication, trust list, etc. However, some issues still exist, which hinder the popularity of unified trust services. For example, lack of unified cross domain standard, the update period of Certificate Revocation List (CRL) is too long, which affects the security of cross-domain authentication. In this paper, we proposed a trust transferring model by using blockchain consensus instead of traditional trusted third party for e-government applications. We exploit how to solve the unified trust service problem of PKI at the national level through consensus and transfer some CA management functions to the blockchain. And we prove the scheme's feasibility from engineering perspective. Besides, the scheme has enough scalability to satisfy trust transfer requirements of multiple PKI systems. Meanwhile, the security and efficiency are also guaranteed compared with traditional solutions.