I am an assistant professor in the computer science department at Seattle University. Before joining Seattle University, I completed my Ph.D. study at Colorado School of Mines with a research focus on web security and privacy. I am also very interested in Web3 and blockchain security, including smart contract and blockchain auditing, malicious transaction detection, etc. Out of work and study, I am a baller. If you'd like, let's hoop together at SU or in Seattle.
Teaching: Computer Networks (CPSC 4510/5510), Security in Computing (CPSC 5710), Big Data Analytics (CPSC 5330), Programming & Problem Solving (CPSC 1430)
Research: Web security and privacy, Blockchain/Web3 security, ML/DL, NLP
We propose WtaGraph, a web tracking and advertising detection framework based on Graph Neural Networks (GNNs).
We construct an attributed homogenous multi-graph (AHMG) that represents HTTP network traffic,
and formulate web tracking and advertising detection as a task of GNN-based edge representation learning and classification in AHMG.
Our proposed WtaGraph can detect tracking and advertising requests effectively and accurately.
The paper of this project will appear in the IEEE Symposium on Security & Privacy, May 2022.
Our paper and source code are available.
Technologies we used in this project: Graph Neural Networks, Python, JavaScript
We proposed a two-step approach to secure the web application via JavaScript debloating and automated CSP deployment. Given a web application,
we first trim it at function level using our debloating framework, and then deploy CSP automatically on-the-fly via a web server reverse proxy.
Technologies we used in this project:JavaScript, Babel JavaScript Compiler, Apache Web Server, C++
In this project, we investigated the web tracking practices on both mobile and desktop environments.
we found that mobile web tracking has its unique characteristics, and it has become increasingly as prevalent as desktop web tracking.
We released our tool here and our paper can be found here.
Technologies we used in this project: Java, JavaScript, Browser Extension
Ongoing project, details will be shown once papers are accepted. Would like to discuss it during an interview.
Motion sensors can be exploited by attackers as side-channels to compromise users’ security and privacy due to the unrestricted sensor data access on modern smartphone platforms. In this project, we investigate motion sensor based user fingerprinting attacks. We formulate our user fingerprinting attacks as a typical multi-class classification problem and design a framework for performing the attacks.
Technologies we used in this project: Machine Learning, Java, JavaScript, PHP
To efficiently complete security assessment work of information system, we designed and developed this B/S platform to collaboratively work with our Information System Configuration Verification Tool. Assessment job is managed by this platform instead of by manual work before. Also, an assessment result can be generated electronically with this platform.
Technologies we used in this project: ASP.NET MVC, SQL Server, JavaScript
This HPPG project was designed and developed to get NIC working at full capacity for future use of DoS attack. To lessen interrupts as possible as we can, we let it run as a module in the kernel and for each different thread of HPPG a single processor was exclusively assigned to process it. Experimental results show that using HPPG, a 1 Gigabit Ethernet card can send packets 900 Mb/s.
Technologies we used in this project: C, Linux Kernel, Netfilter
To grab the opportunity of O2O(online to offline), our team designed and developed this B/S platform to establish connections between food restaurants around campus and students.
That is restaurants provide their food services online and students can order foods both with this platform. It not only increased restaurants' sales but saved students' time successfully.
We also applied for and gained computer software copyright from the Copyright Protection Center of China.
Technologies we used in this project: ASP.NET MVC, SQL Server, JavaScript
After Regulations on Protection of Computer Information System Security of China Promulgated, our team designed and developed this C/S tool to automatically check whether the configuration of target whole information system satisfied the requirement of that regulation. My duty was to design and develop submodules including Cisco firewall, Cisco router and Windows 7.
Technologies we used in this project: ASP.NET WPF, GNS3, SQLite
Invited by Bank of Weifang, we launched a comprehensive security assessment on system configuration for Bank of Weifang. Such an assessment including Operating System, Database, Firewall, Router, Application and Physical security assessment. My duty was to check the security configurations on Firewall and Router.
Under the supervision of Dr. Chuan Yue, my research mainly focus on: 1) web, mobile, and cloud systems security, 2) usable security and privacy, 3) vulnerability measurement and analysis.
Under the supervision of Dr. Haipeng Qu, my research mainly focuses on cyber security. I received my Master degree with a graduate thesis titled "Research on Networking Troubleshooting Method Based on Software Defined Network", in which I proposed a new method for troubleshooting in SDN.