Baojiang Cui
YOU?
Author Swipe
View article: Enhanced anomaly traffic detection framework using BiGAN and contrastive learning
Enhanced anomaly traffic detection framework using BiGAN and contrastive learning Open
Abnormal traffic detection is a crucial topic in the field of network security. However, existing methods face many challenges when processing complex high-dimensional traffic data. Especially in dealing with redundant features, data spars…
View article: Analyzing and Discovering Spatial Algorithm Complexity Vulnerabilities in Recursion
Analyzing and Discovering Spatial Algorithm Complexity Vulnerabilities in Recursion Open
The algorithmic complexity vulnerability (ACV) that may lead to denial of service attacks greatly disrupts the security and availability of applications, and due to the widespread use of third-party libraries, its impact may be amplified t…
View article: Analyzing and Discovering Spacial Algorithm Complexity Vulnerabilities in Recursion
Analyzing and Discovering Spacial Algorithm Complexity Vulnerabilities in Recursion Open
The algorithmic complexity vulnerability (ACV) that may lead to denial of service attacks greatly disrupts the security and availability of applications, and due to the widespread use of third-party libraries, its impact may be amplified t…
View article: RESTlogic: Detecting Logic Vulnerabilities in Cloud REST APIs
RESTlogic: Detecting Logic Vulnerabilities in Cloud REST APIs Open
The API used to access cloud services typically follows the Representational State Transfer (REST) architecture style.RESTful architecture, as a commonly used Application Programming Interface (API) architecture paradigm, not only brings c…
View article: On-Demand Anonymous Access and Roaming Authentication Protocols for 6G Satellite–Ground Integrated Networks
On-Demand Anonymous Access and Roaming Authentication Protocols for 6G Satellite–Ground Integrated Networks Open
Satellite–ground integrated networks (SGIN) are in line with 6th generation wireless network technology (6G) requirements. However, security and privacy issues are challenging with heterogeneous networks. Specifically, although 5G authenti…
View article: Attacks Against Security Context in 5G Network
Attacks Against Security Context in 5G Network Open
The security context used in 5G authentication is generated during the Authentication and Key Agreement (AKA) procedure and stored in both the user equipment (UE) and the network sides for the subsequent fast registration procedure. Given …
View article: Watching your call: Breaking VoLTE Privacy in LTE/5G Networks
Watching your call: Breaking VoLTE Privacy in LTE/5G Networks Open
Voice over LTE (VoLTE) and Voice over NR (VoNR), are two similar technologies that have been widely deployed by operators to provide a better calling experience in LTE and 5G networks, respectively. The VoLTE/NR protocols rely on the secur…
View article: Grey-Box Fuzzing Based on Reinforcement Learning for XSS Vulnerabilities
Grey-Box Fuzzing Based on Reinforcement Learning for XSS Vulnerabilities Open
Cross-site scripting (XSS) vulnerabilities are significant threats to web applications. The number of XSS vulnerabilities reported has increased annually for the past three years, posing a considerable challenge to web application maintain…
View article: Watching your call: Breaking VoLTE Privacy in LTE/5G Networks
Watching your call: Breaking VoLTE Privacy in LTE/5G Networks Open
Voice over LTE (VoLTE) and Voice over NR (VoNR) are two similar technologies that have been widely deployed by operators to provide a better calling experience in LTE and 5G networks, respectively. The VoLTE/NR protocols rely on the securi…
View article: JShellDetector: A Java Fileless Webshell Detector Based on Program Analysis
JShellDetector: A Java Fileless Webshell Detector Based on Program Analysis Open
Fileless webshell attacks against Java web applications have become more frequent in recent years as Java has gained market share. Webshell is a malicious script that can remotely execute commands and invade servers. It is widely used in a…
View article: Security Threats to Voice Services in 5G Standalone Networks
Security Threats to Voice Services in 5G Standalone Networks Open
With the rapid development of 5G SA (standalone) networks, increasing subscribers are motivated to make calls through 5G. To support voice services critical to mobile users, 5G SA networks adopt two solutions: VoNR (Voice Over New Radio) a…
View article: Bee: End to End Distributed Tracing System for Source Code Security Analysis
Bee: End to End Distributed Tracing System for Source Code Security Analysis Open
As distributed services become more and more complex, their security is becoming an increasingly important issue. End-to-end tracing has emerged recently as a valuable tool to improve the dependability of distributed systems, by performing…
View article: Secure Data Publishing of Private Trajectory in Edge Computing of IoT
Secure Data Publishing of Private Trajectory in Edge Computing of IoT Open
Secure data publishing of private trajectory is a typical application scene in the Internet of Things (IoT). Protecting users’ privacy while publishing data has always been a long-term challenge. In recent years, the mainstream method is t…
View article: Smart Contract Vulnerability Detection Based on Symbolic Execution Technology
Smart Contract Vulnerability Detection Based on Symbolic Execution Technology Open
With the rapid development of the blockchain, smart contract technology has been widely applied. The number of smart contracts has grown at a high rate and nearly at an average of thousands per day. However, the correctness and security of…
View article: Generating Synthetic Trajectory Data Using GRU
Generating Synthetic Trajectory Data Using GRU Open
With the rise of mobile network, user location information plays an increasingly important role in various mobile services. The analysis of mobile users’ trajectories can help develop many novel services or applications, such as targeted a…
View article: IoTCID: A Dynamic Detection Technology for Command Injection Vulnerabilities in IoT Devices
IoTCID: A Dynamic Detection Technology for Command Injection Vulnerabilities in IoT Devices Open
The pervasiveness of IoT devices has brought us convenience as well as the risks of security vulnerabilities. However, traditional device vulnerability detection methods cannot efficiently detect command injection vulnerabilities due to he…
View article: A Privacy-Preserving Medical Data Traceability System Based on Attribute-Based Encryption on Blockchain
A Privacy-Preserving Medical Data Traceability System Based on Attribute-Based Encryption on Blockchain Open
With the continuous development of distributed technology, blockchain has been widely applied to solve practical problems in various fields. Its advantages such as decentralization and non-tamperability perfectly meet the needs of permanen…
View article: A Novel Model for Anomaly Detection in Network Traffic Based on Support Vector Machine and Clustering
A Novel Model for Anomaly Detection in Network Traffic Based on Support Vector Machine and Clustering Open
New vulnerabilities and ever-evolving network attacks pose great threats to today’s cyberspace security. Anomaly detection in network traffic is a promising and effective technique to enhance network security. In addition to traditional st…
View article: An Improved Feature Extraction Approach for Web Anomaly Detection Based on Semantic Structure
An Improved Feature Extraction Approach for Web Anomaly Detection Based on Semantic Structure Open
Anomaly-based Web application firewalls (WAFs) are vital for providing early reactions to novel Web attacks. In recent years, various machine learning, deep learning, and transfer learning-based anomaly detection approaches have been devel…
View article: PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization
PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization Open
Coverage-oriented and target-oriented fuzzing are widely used in vulnerability detection. Compared with coverage-oriented fuzzing, target-oriented fuzzing concentrates more computing resources on suspected vulnerable points to improve the …
View article: Firmware code instrumentation technology for internet of things-based services
Firmware code instrumentation technology for internet of things-based services Open
With the rapid development of electronic and information technology, Internet of Things (IoT) devices have become extensively utilised in various fields. Increasing attention has been paid to the performance and security analysis of IoT-ba…
View article: Malicious JavaScript Detection Based on Bidirectional LSTM Model
Malicious JavaScript Detection Based on Bidirectional LSTM Model Open
JavaScript has been widely used on the Internet because of its powerful features, and almost all the websites use it to provide dynamic functions. However, these dynamic natures also carry potential risks. The authors of the malicious scri…
View article: IoTSIT: A Static Instrumentation Tool for IoT Devices
IoTSIT: A Static Instrumentation Tool for IoT Devices Open
In recent years, an increasing number of Internet of Things (IoT) devices have been employed in various fields, which has caused an increased demand for IoT device testing and analysis. However, due to the strictly limited software interfa…
View article: Detecting Malicious URLs via a Keyword-Based Convolutional Gated-Recurrent-Unit Neural Network
Detecting Malicious URLs via a Keyword-Based Convolutional Gated-Recurrent-Unit Neural Network Open
With the continuous development of Web attacks, many web applications have been suffering from various forms of security threats and network attacks. The security detection of URLs has always been the focus of Web security. Many web applic…