Visible to the public Biblio

Filters: Author is Xie, Tao  [Clear All Filters]
2021-11-29
Di, Jia, Xie, Tao, Fan, Shuhui, Jia, Wangjing, Fu, Shaojing.  2020.  An Anti-Quantum Signature Scheme over Ideal Lattice in Blockchain. 2020 International Symposium on Computer Engineering and Intelligent Communications (ISCEIC). :218–226.
Blockchain is a decentralized technology that provides untampered and anonymous security service to users. Without relying on trusted third party, it can establish the value transfer between nodes and reduce the transaction costs. Mature public key cryptosystem and signature scheme are important basis of blockchain security. Currently, most of the public key cryptosystems are based on classic difficult problems such as RSA and ECC. However, the above asymmetric cryptosystems are no longer secure with the development of quantum computing technology. To resist quantum attacks, researchers have proposed encryption schemes based on lattice recently. Although existing schemes have theoretical significance in blockchain, they are not suitable for the practical application due to the large size of key and signature. To tackle the above issues, this paper proposes an anti-quantum signature scheme over ideal lattice in blockchain. First, we transfer the signature scheme from the standard lattice to the ideal lattice, which reduces the size of public key. Afterwards, a novel signature scheme is proposed to reduce both the size of the private and public key significantly. Finally, we theoretically prove the security of our ideal lattice-based signature scheme with a reduction to the hardness assumption of Ideal Small Integer Sulotion problem which can resist quantum attacks. The efficiency analysis demonstrates that our signature scheme can be practically used in blockchain.
2017-09-19
Xie, Tao, Enck, William.  2016.  Text Analytics for Security: Tutorial. Proceedings of the Symposium and Bootcamp on the Science of Security. :124–125.

Computing systems that make security decisions often fail to take into account human expectations. This failure occurs because human expectations are typically drawn from in textual sources (e.g., mobile application description and requirements documents) and are hard to extract and codify. Recently, researchers in security and software engineering have begun using text analytics to create initial models of human expectation. In this tutorial, we provide an introduction to popular techniques and tools of natural language processing (NLP) and text mining, and share our experiences in applying text analytics to security problems. We also highlight the current challenges of applying these techniques and tools for addressing security problems. We conclude the tutorial with discussion of future research directions.

2014-09-17
Yang, Wei, Xiao, Xusheng, Pandita, Rahul, Enck, William, Xie, Tao.  2014.  Improving Mobile Application Security via Bridging User Expectations and Application Behaviors. Proceedings of the 2014 Symposium and Bootcamp on the Science of Security. :32:1–32:2.

To keep malware out of mobile application markets, existing techniques analyze the security aspects of application behaviors and summarize patterns of these security aspects to determine what applications do. However, user expectations (reflected via user perception in combination with user judgment) are often not incorporated into such analysis to determine whether application behaviors are within user expectations. This poster presents our recent work on bridging the semantic gap between user perceptions of the application behaviors and the actual application behaviors.