Texas A&M Cybersecurity Center

You are here: Home / Publications

Publications

*A.B. Birchfield, *T. Xu, *K. Gegner, K.S. Shetye, T.J. Overbye, “Grid Structural Characteristics as Validation Criteria for Synthetic Networks,” IEEE Transactions on Power Systems, 2017.

C. Yang, J. Zhang and G. Gu. “Understanding the Market-level and Network-level Behaviors of the Android Malware Ecosystem.” In Proc. of the 37th International Conference on Distributed Computing Systems (ICDCS’17), Atlanta, GA, June 2017.

G. Yang, A. Mendoza, J. Zhang, G. Gu. “Precisely and Scalably Vetting JavaScript Bridge In Android Hybrid Apps.” In Proc. of the 20th International Symposium on Research on Attacks, Intrusions and Defenses (RAID’17), Atlanta, GA, September 2017.

H. Wang, A. Srivastava, L. Xu, S. Hong, G. Gu. “Bring Your Own Controller: Enabling Tenant-defined SDN Apps in IaaS Clouds.” In Proc. of 2017 IEEE International Conference on Computer Communications (INFOCOM’17), Atlanta, GA, May 2017.

L. Xu, J. Huang, S. Hong, J. Zhang, G. Gu. “Attacking the Brain: Races in the SDN Control Plane.” In Proc. of the 26th USENIX Security Symposium (Security’17), Vancouver, BC, Canada, August 2017.

L. Xue, Y. Zhou, T. Chen, X. Luo, G. Gu. “Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART.” In Proc. of the 26th USENIX Security Symposium (Security’17), Vancouver, BC, Canada, August 2017.

T.J. Overbye, *Z. Mao, K.S. Shetye, J.D. Weber, “An Interactive, Extensible Environment for Power System Simulation on the PMU Time Frame with a Cyber Security Application,” Proc. 2017 Texas Power and Energy Conference, College Station, TX, February 2017.

B. Satchidanandan, P.R. Kumar. “Dynamic Watermarking: Active Defense of Networked Cyber-Physical Systems.” Proceedings of the IEEE, to appear, 2016.

H. Chen, M. Mohammad, L. Kish, “Current Injection Attack Against the KLJN Secure Key Exchange,” Metrology and Measurement Systems, vol. 23, issue 2, pp. 173-181, 2016.

*I. Idehen, *Z. Mao, T.J. Overbye,” An Emulation Environment for Prototyping PMU Data Errors,” Proc. 2016 North American Power symposium, Denver, CO, September 2016.

J. Zhang, X. Hu, J. Jang, T. Wang, G. Gu, M. Stoecklin. “Hunting for Invisibility: Characterizing and Detecting Malicious Web Infrastructures through Server Visibility Analysis.” To appear in Proc. of 2016 IEEE International Conference on Computer Communications(INFOCOM’16), San Francisco, California, April 2016.

S. Hong, R. Baykov, L. Xu, S. Nadimpalli, G. Gu, “Towards SDN-Defined Programmable BYOD (Bring Your Own Device) Security.” To appear in Proc. of the Network and Distributed System Security Symposium (NDSS’16), San Diego, California, Feb. 2016.

S. Shin, L. Xu, S. Hong, G. Gu. “Enhancing Network Security through Software Defined Networking (SDN).” In Proc. of The 25th International Conference on Computer Communication and Networks (ICCCN’16), Hawaii, USA, August 2016.

T. Nix and R. Bettati, “Neighborhood failures in covert communication network topologies,” International Journal of Computational Science and Engineering, vol. 32, issue 2, pp. 132-146, 2016.

N. Ruffing, Y. Zhu, R. Libertini, Y. Guan, R. Bettati, “Smartphone reconnaissance: operating system identification,” Consumer Communications & Networking Conference (CCNC), 2016 13th IEEE Annual, pp. 1086-1091, 2016.

W. Han, Z. Li, M. Ni, G. Gu, W. Xu, “Shadow Attacks based on Password Reuses: A Quantitative Empirical View.” In IEEE Transactions on Dependable and Secure Computing (TDSC), 2016.

Y. Zhang, M. Yang, G. Gu and H. Chen, “Rethinking Permission Enforcement Mechanism on Mobile Systems.” In IEEE Transactions on Information Forensics and Security (TIFS), 2016.

Z. Shamsi, A. Nandwani, D. Leonard, and D. Loguinov, “Hershel: Single-Packet OS fingerprinting,” IEE/ACM Transactions on Networking, vol. 24, no.4, August 2016.

Z. Shamsi and D. Loguinov, “Unsupervised Clustering Under Temporal Feature Volatility in Network Stack Fingerprinting,” ACM SIGMETRICS, June 2016.

A. Fayazi, K. Lee, J. Caverlee, A. Squicciarini, “Uncovering Crowdsourced Manipulation of Online Reviews,” in Proc. of the 38th International ACM SIGIR Conference on Research and Development in Information Retrieval, pp 233-242, 2015.

Andrew D. Targhetta*, Donald E. Owen Jr., Francis L. Israel and Paul V. Gratz, “Energy-Efficient Implementations of GF(p)and GF(2^m)Elliptic Curve Cryptography”, The 33rd IEEE International Conference on Computer Design (ICCD), Oct. 2015. (Nominated for Best Paper)

B. Chen, N. Pattanaik, A. Goulart, K. L. Butler‑Purry, and D. Kundur, “Implementing attacks for modbus/TCP protocol in a real‑time cyber physical system test bed,” in Proceedings of the 2015 IEEE International Workshop Technical Committee on Communications Quality and Reliability (CQR ’15), 2015, pp. 1‑6.

C. Cao, J. Caverlee, “Detecting Spam URLs in Social Media via Behavioral Analysis,” Advances in Information Retrieval, 2015.

C. Qian, X. Luo, Y. Le, and G. Gu, “VulHunter: Toward Discovering Vulnerabilities in Android Applications,” IEEE Micro, vol. 35, pp. 44 53, 2015.

C. Yang, G. Yang, A. Gehani, V. Yegneswaran, D. Tariq, G. Gu. “Using Provenance Patterns to Vet Sensitive Behaviors in Android Apps.” In Proc. of 11th International Conference on Security and Privacy in Communication Networks (SecureComm’15), Dallas, US, October 2015.

E. Gonzalez, R. Balog, L. Kish, “Resource Requirements and Speed Versus Geometry of Unconditionally Secure Physical Key Exchanges,” Entropy, vol. 17, issue 4, pp 2010-2024, 2015.

E. Gonzalez, R. Mingesz, L. Kish, “Unconditional Security for the Smart Power Grids and Star Networks,” in Proc. of the 2015 International Conference on Noise and Fluctuations, 2015.

H. Chen, E. Gonzalez, Y. Saez, L. Kish, “Cable Capacitance Attack Against the KLJN Secure Key Exchange,” Information, vol. 6, issue 4, pp. 719-732, 2015.

H. Wang, L. Xu, G. Gu. “FloodGuard: A DoS Attack Prevention Extension in Software-Defined Networks.” In Proc. of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’15), Rio de Janeiro, Brazil, June 2015.

J. Zhang, S. Saha, G. Gu, S. Lee, M. Mellia. “Systematic Mining of Associated Server Herds for Malware Campaign Discovery.” In Proc. of the 35th International Conference on Distributed Computing Systems (ICDCS’15), Columbus, OH, June 2015.

Jonathan Ponniah, Yih-Chun Hu and P. R. Kumar (2015), “A Clean Slate Approach to Secure Wireless Networking”, Foundations and Trends in Networking: Vol. 9: No. 1, pp 1-105.

L. Kish, Z. Gingl, R. Mingesz, G. Vadai, J. Smulko, C. Grangvist, “Analysis of an Attenuator Artifact in an experimental Attack by Gunn-Allison-Abbott Against the Kirchoff-law-Johnson-Noise (KLJN) Secure Key Exchange System,” Fluctuation and Noise Letters, vol. 14, issue 1, 2015.

S. Hong, L. Xu, H. Wang, G. Gu. “Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures.” In Proc. of 22nd Annual Network & Distributed System Security Symposium (NDSS’15), San Diego, CA, USA. February 2015.

S. Shin, H. Wang, G. Gu, “A First Step Towards Network Security Virtualization: From Concept to Prototype.” In IEEE Transactions on Information Forensics and Security, vol. 10, no. 10, 2015.

S. Yu, G. Gu, A. Barnawi, S. Guo, and I. Stojmenovic, “Malware propagation in large‑scale networks,” IEEE Transactions on Knowledge and Data Engineering, vol. 27, pp. 170‑179, 2015.

X. Cao, Y. Saez, G. Pesti, L. Kish, “On KLJN-based Secure Key Distribution in Vehicular Communication Networks,” Fluctuation and Noise Letters, vol. 14, issue 1, 2015.

Y. Nan, M. Yang, Z. Yang, S. Zhou, G. Gu, and X. Wang, “Uipicker: User‑input privacy identification in mobile applications,” in Proceedings of the 24th USENIX Security Symposium (USENIX ’15), 2015, pp. 993‑1008.

Y. Zhang, M. Yang, G. Gu, H. Chen. “FineDroid: Enforcing Permissions with System-wide Application Execution Context.” In Proc. of 11th International Conference on Security and Privacy in Communication Networks (SecureComm’15), Dallas, US, October 2015.

B. Chen, K. L. Butler-Purry, S. Nuthalapati and D. Kundur, “Network delay caused by cyber attacks on SVC and its impact on transient stability of smart grids,” 2014 IEEE PES General Meeting | Conference & Exposition, National Harbor, MD, 2014, pp. 1-5.

C. Pak Hou, S. Kadhe, M. Bakshi, C. Chung, S. Jaggi, and A. Sprintson, “Reliable, deniable and hidable communication: A quick survey,” in Proceedings of the 2014 Information Theory Workshop (ITW), 2014, pp. 227‑231.

C. Yang*, Z. Xu*, G. Gu, V. Yegneswaran, and P. Porras, “Droidminer: Automated mining and characterization of fine‑grained malicious behaviors in android applications,” in Computer Security‑ESORICS 2014, ed: Springer, 2014, pp. 163‑182.

Chen, K. L. Butler‑Purry, S. Nuthalapati, and D. Kundur, “Network delay caused by cyber attacks on SVC and its impact on transient stability of smart grids,” in Proceedings of the 2014 IEEE Power and Energy Society (PES) General Meeting 2014, pp. 1‑5.

D.‑H. Choi and L. Xie, “Sensitivity Analysis of Real‑Time Locational Marginal Price to SCADA Sensor Data Corruption,” IEEE Transactions on Power Systems, vol. 29, pp. 1110‑1120, 2014.

E. Bertino, J. Caverlee, E. Ferrari, “Identity, Privacy, and Deception in Social Networks,” IEEE Internet Computing, vol. 8, issue 2, 2014.

H. Lei, C. Singh and A. Sprintson, “Reliability Modeling and Analysis of IEC 61850 Based Substation Protection Systems,” in IEEE Transactions on Smart Grid, vol. 5, no. 5, pp. 2194-2202, Sept. 2014.

L. Kish, C. Grangvist, “Elimination of a Second-Law-Attack, and all Cable-Resistance-Based Attacks, in the Kirchhoff-law-Johnson-noise (KLJN) Secure Key Exchange System,” Entropy, vol. 16, issue 10, pp. 5223-5231, 2014.

L. Kish, C. Grangvist, “On the Security of the Kirchhoff-law-Johnson-noise (KLJN) Communicator,” Quantum Information Processing, vol. 13, issue 10, pp. 2213-2219, 2014.

M. Yan, A. Sprintson and I. Zelenko, “Weakly secure data exchange with Generalized Reed Solomon codes,” 2014 IEEE International Symposium on Information Theory, Honolulu, HI, 2014, pp. 1366-1370.

S. Kadhe, S. Jaggi, M. Bakshi, and A. Sprintson, “Reliable, deniable, and hidable communication over multipath networks,” in Proceedings of the 2014 IEEE International Symposium on Information Theory (ISIT ’14), 2014, pp. 611‑615.

S. Kadhe and A. Sprintson, “Weakly secure regenerating codes for distributed storage,” in Proceedings of the 2014 International Symposium on Network Coding (NetCod ’14), 2014, pp. 1‑6.

S. Liu, B. Chen, T. Zourntos, D. Kundur, and K. Butler‑Purry, “A coordinated multi‑switch attack for cascading failures in smart grid,” IEEE Transactions on Smart Grid, vol. 5, pp. 1183‑1195, 2014.

T. Nix and R. Bettati, “Neighborhood failures in random topology covert communication networks,” Procedia Computer Science, vol. 32, pp. 1127‑1134, 2014.

“The Design Space of Ultra-low Energy Asymmetric Cryptography”, A. D. Targhetta*, D. E. Owen Jr., P. V. Gratz, The 2014 IEEE International Symposium on Performance Analysis of Systems and Software (ISPASS), Mar. 2014.

Y. Saez, L. Kish, R. Mingesz, Z. Gingl, C. Granqvist, “Bit Errors in the Kirchhoff-Law-Johnson-Noise Secure Key Exchange,” International Journal of Modern Physics: Conference Series, vol. 33, 2014.

Y. Saez, L. Kish, R. Mingesz, Z. Gingl, C. Granqvist, “Current and Voltage Based Bit Errors and Their Combined Mitigation for the Kirchhoff-law-Johnson-noise Secure Key Exchange,” Journal of Computational Electronics, vol. 13, issue 1, pp. 271-277, 2014.

Y. Wang, Z. Xu*, J. Zhang*, L. Xu*, H. Wang*, and G. Gu, “SRID: State Relation Based Intrusion Detection for False Data Injection Attacks in SCADA,” in Computer Security‑ESORICS 2014, ed: Springer, 2014, pp. 401‑418.

Y. Zhang, M. Yang, Z. Yang, G. Gu, P. Ning, and B. Zang, “Permission Use Analysis for Vetting Undesirable Behaviors in Android Apps,” IEEE Transactions on Information Forensics and Security, vol. 9, pp. 1828‑1842, 2014.

Z. Xu, A. Nappa, R. Baykov, G. Yang, J. Caballero, G. Gu, “AutoProbe: Towards Automatic Active Malicious Server Probing Using Dynamic Binary Analysis,” in Proc. of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 179-190, 2014.

Z. Xu*, J. Zhang*, G. Gu, and Z. Lin, “GOLDENEYE: Efficiently and Effectively Unveiling Malware’s Targeted Environment,” in Research in Attacks, Intrusions and Defenses, ed: Springer, 2014, pp. 22‑45.

A. A. Amleshwaram, N. Reddy, S. Yadav*, G. Gu, and C. Yang, “CATS: Characterizing automation of Twitter spammers,” in Proceedings of the Fifth International Conference on Communication Systems and Networks (COMSNETS ’13) 2013, pp. 1‑10.

B. Chen, S. Mashayekh, K. L. Butler‑Purry, and D. Kundur, “Impact of cyber attacks on transient stability of smart grids with voltage support devices,” in Proceedings of the 2013 IEEE Power and Energy Society (PES) General Meeting, 2013, pp. 1‑5.

B. Chen, K. L. Butler-Purry and D. Kundur, “Impact analysis of transient stability due to cyber attack on FACTS devices,” 2013 North American Power Symposium (NAPS), Manhattan, KS, 2013, pp. 1-6.

C. Jasson Casey, A. Sutton, G. Dos Reis, and A. Sprintson, “Eliminating network protocol vulnerabilities through abstraction and systems language design,” in Proceedings of the 21st IEEE International Conference on Network Protocols (ICNP ’13) 2013, pp. 1‑6.

C. Yang*, R. Harkreader*, and G. Gu, “Empirical evaluation and new design for fighting evolving Twitter spammers,” IEEE Transactions on Information Forensics and Security, vol. 8, pp. 1280‑1293, 2013.

D.-H. Choi, L. Xie, “Ramp-Induced Data Attacks on Look-Ahead Dispatch in Real-Time Power Markets,” IEEE Transactions on Smart Grid, vol. 4, issue 3, pp. 1235-1243, 2013.

E. Gonzalez, L. Kish, R. Balog, P. Enjeti, “Information Theoretically Secure, Enhanced Johnson Noise Based Key Distribution Over the Smart Grid with Switched Filters,” PloS one, vol. 8, issue 7, 2013.

J. Pecarina and J.‑C. Liu, “Behavior instance extraction for risk aware control in mission centric systems,” in Proceedings of the IEEE International Multi‑Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA ’13), 2013, pp. 51‑58.

L. Kish, C. Kwan, “Physical Unclonable Function Hardware Keys Utilizing Kirchhoff-Law-Johnson-Noise Secure Key Exchange and Noise-Based Logic,” Fluctuation and Noise Letters, vol. 12, issue 3, 2013.

M. El-Halabi, T. Liu, C. Georghiades, “Secrecy Capacity Per Unit Cost,” IEEE Journal on Selected Areas in Communications, vol. 31, issue 9, pp. 1909-1920, 2013.

M. Yan and A. Sprintson, “Algorithms for weakly secure data exchange,” in Proceedings of the 2013 International Symposium on Network Coding (NetCod), 2013, pp. 1‑6.

S. Liu, S. Mashayekh, D. Kundur, T. Zourntos, and K. Butler Purry, “A Framework for Modeling Cyber Physical Switching Attacks in Smart Grid,” IEEE Transactions on Emerging Topics in Computing, vol. 1, pp. 273 285, 2013.

S. Shin* and G. Gu, “Attacking software‑defined networks: A first feasibility study,” in Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, 2013, pp. 165‑166.

S. Shin*, V. Yegneswaran, P. Porras, and G. Gu, “Avant‑guard: Scalable and vigilant switch flow management in software‑defined networks,” in Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, 2013, pp. 413‑424.

S. Shin*, Z. Xu*, and G. Gu, “EFFORT: A new host–network cooperated framework for efficient and effective bot malware detection,” Computer Networks, vol. 57, pp. 2628‑2642, 2013.

S. Son, S. Shin*, V. Yegneswaran, P. Porras, and G. Gu, “Model checking invariant security properties in OpenFlow,” in Proceedings of the 2013 IEEE International Conference on Communications (ICC), 2013, pp. 1974‑1979.

S. Vikram*, C. Yang*, and G. Gu, “Nomad: Towards non‑intrusive moving‑target defense against web bots,” in Proceedings of the 2013 IEEE Conference on Communications and Network Security (CNS), 2013, pp. 55‑63.

Y. Saez, L. Kish, “Errors and their mitigation at the Kirchhoff-law-Johnson-noise Secure Key Exchange,” PloS one, vol. 8, issue 11, 2013.

Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, et al., “Vetting undesirable behaviors in android apps with permission use analysis,” in Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, 2013, pp. 611‑622.

Z. Yang, M. Yang, Y. Zhang, G. Gu, P. Ning, and X. S. Wang, “Analyzing sensitive data transmission in android for privacy leakage detection,” in Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, 2013, pp. 1043‑1054.

C. Yang, R. Harkreader, J. Zhang, S. Shin, G. Gu, “Analyzing Spammers’ Social Networks for Fun and Profit: A Case Study of Cyber Criminal Ecosystem Twitter,” in Proc. of the 21st International Conference on World Wide Web, pp. 71-80, 2012.

M. El-Halabi, C. Georghiades, “On Secure Communication with Known Interference,” in Proc. of the 2012 International Symposium on Information Theory and its Applications (ISITA), 2012.

M. El-Halabi, T. Liu, C. Georghiades, S. Shamai, “Secret Writing on Dirty Paper: A Deterministic View,” IEEE Transactions on Information Theory, vol. 58, issue 6, pp. 3419-3429, 2012.

Ma W., Duan P., Liu S., Gu G., & Liu J.C., “Shadow attacks: automatically evading system-call-behavior based malware detection.” Journal in Computer Virology 8.1 (2012): 1-13.

P. Porras, S. Shin, V. Yegneswaran, M. Fong, M. Tyson, G. Gu, “A Security Enforcement Kernel for OpenFlow Networks,” in Proc. of the First Workshop on Hot Topics in Software Defined Networks, pp. 121-126, 2012.

S. Liu, D. Kundur, T. Zourntos and K. L. Butler-Purry, “Coordinated variable structure switching attack in the presence of model error and state estimation,” 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm), Tainan, 2012, pp. 318-323.

S. Liu, S. Mashayekh, D. Kundur, T. Zourntos, and K. Butler-Purry, “A Smart Grid Vulnerability Analysis Framework for Coordinated Variable Structure Switching Attacks,” in Proc. of the 2012 IEEE Power and Energy Society General Meeting, 2012.

S. Shin, G. Gu, N. Reddy and C. P. Lee, “A Large-Scale Empirical Study of Conficker,” in IEEE Transactions on Information Forensics and Security, vol. 7, no. 2, pp. 676-690, April 2012.

S. Wang, L. Cui, J. Que, D.-H. Choi, X. Jiang, S. Cheng, L. Xie, “A Randomized Response Model for Privacy Preserving Smart Metering,” IEEE Transaction on Smart Grid, vol. 3, issue 3, pp. 1317-1324, 2012.

S. Yadav*, A. K. K. Reddy, A. L. N. Reddy and S. Ranjan, “Detecting Algorithmically Generated Domain-Flux Attacks with DNS Traffic Analysis,” in IEEE/ACM Transactions on Networking, vol. 20, no. 5, pp. 1663-1677, Oct. 2012.

S. Yadav* and A. L. N. Reddy, “Winning with DNS failures: strategies for faster botnet detection,” in Security and privacy in communication networks, ed: Springer, 2012, pp. 446‑459.

*S. Zonouz, *K.M. Rogers, *R. Berthier, R.B. Bobba, W.H. Sanders, T.J. Overbye, “SCPSE: Security-Oriented Cyber-Physical State Estimation for Power Grid Critical Infrastructures”, IEEE Transactions on Smart Grid, vol. 3, pp. 1790-1799, December 2012.

J. Jainsky, D. Kundur, “Visual Sensor Network Processing and Preventative Steganalysis,” Visual Information Processing in Wireless Sensor Networks; Technology, Trends and Applications, 2011.

P. Duan, S. Liu, W. Ma, G. Gu, J. Liu, “Privacy-Preserving Matching Protocols for Attributes and Strings,” International Association for Cryptologic Research, vol. 61, 2010.