Xu received the PhD and BE degrees in Computer Science from Beijing University of Posts and Telecommunications, Beijing, China and Beijing Information Science and Technology University, Beijing, China, in 2019 and 2010 respectively.
His main research interests include blockchain, cyber security, complex network, social network, and network dynamics.
Can supervise: YES
Song, B, Wang, X, Ni, W, Song, Y, Liu, RP, Jiang, GP & Guo, YJ 2020, 'Reliability Analysis of Large-Scale Adaptive Weighted Networks', IEEE Transactions on Information Forensics and Security, vol. 15, pp. 651-665.View/Download from: Publisher's site
© 2005-2012 IEEE. Disconnecting impaired or suspicious nodes and rewiring to those reliable, adaptive networks have the potential to inhibit cascading failures, such as DDoS attack and computer virus. The weights of disconnected links, indicating the workload of the links, can be transferred or redistributed to newly connected links to maintain network operations. Distinctively different from existing studies focused on adaptive unweighted networks, this paper presents a new mean-field model to analyze the reliability of adaptive weighted networks against cascading failures. By taking mean-field approximation, we develop a new continuous-time Markov model to capture the propagations of cascading failures and the rewiring actions that individual nodes can take to bypass failed neighbors. We analyze the stability of the model to identify the critical conditions, under which the cascading failures can be eventually inhibited or would proliferate. The conditions are evaluated under different link weight distributions and rewiring strategies. Our model reveals that preferentially disconnecting suspicious peers with high weights can effectively inhibit virus and failures.
Wang, X, Zha, X, Ni, W, Liu, RP, Guo, YJ, Niu, X & Zheng, K 2020, 'Game Theoretic Suppression of Forged Messages in Online Social Networks', IEEE Transactions on Systems, Man, and Cybernetics: Systems, pp. 1-11.View/Download from: Publisher's site
© 2020 Nakamoto protocol, practically solving the Byzantine Generals Problem, can support a variety of proof-based consensus engines, referred to as Proof-of-X (PoX) in permissionless Blockchains. However, there has been to date in lack of a general approach for each miner to evaluate its steady-state profit against the competitors. This paper presents a Markov model which captures explicitly the weighted resource distribution of PoX schemes in large-scale networks and unifies the analysis of different PoX schemes. The new model leads to the development of three new unified metrics for the evaluation, namely, Resource Sensitivity, System Convergence, and Resource Fairness, accounting for security, stability, and fairness, respectively. The generality and applicability of our model are validated by simulation results, revealing that among typically non-Fairness-oriented PoX schemes (such as Proof-of-Work (PoW) and Proof-of-Stake (PoS)), the strongly restricted coinage-based PoS with a Pareto-distributed resource can offer the best performance on Resource Sensitivity, while Proof-of-Publication (PoP) with normal-distributed resource performs the best on System Convergence. Our simulations also reveal the important role of carefully designed Resource Fairness parameter in balancing Resource Sensitivity and System Convergence and improving the performance compared with other non-Fairness-oriented PoX schemes.
Wang, X, Song, B, Ni, W, Liu, RP, Guo, YJ, Niu, X & Zheng, K 2019, 'Group-based susceptible-infectious-susceptible model in large-scale directed networks', Security and Communication Networks, vol. 2019.View/Download from: Publisher's site
© 2019 Xu Wang et al. Epidemic models trade the modeling accuracy for complexity reduction. This paper proposes to group vertices in directed graphs based on connectivity and carries out epidemic spread analysis on the group basis, thereby substantially reducing the modeling complexity while preserving the modeling accuracy. A group-based continuous-time Markov SIS model is developed. The adjacency matrix of the network is also collapsed according to the grouping, to evaluate the Jacobian matrix of the group-based continuous-time Markov model. By adopting the mean-field approximation on the groups of nodes and links, the model complexity is significantly reduced as compared with previous topological epidemic models. An epidemic threshold is deduced based on the spectral radius of the collapsed adjacency matrix. The epidemic threshold is proved to be dependent on network structure and interdependent of the network scale. Simulation results validate the analytical epidemic threshold and confirm the asymptotical accuracy of the proposed epidemic model.
Wang, X, Yu, G, Zha, X, Ni, W, Liu, RP, Guo, YJ, Zheng, K & Niu, X 2019, 'Capacity of blockchain based Internet-of-Things: Testbed and analysis', Internet of Things, vol. 8.View/Download from: Publisher's site
© 2019 Elsevier B.V. The Internet of Things (IoT) is poised to transform human life and unleash enormous economic benefit. However, inadequate data security and trust of current IoT are seriously limiting its adoption. Blockchain, a distributed and tamper-resistant ledger, maintains consistent records of data at different locations, and has the potential to address the data security concern in IoT networks. While providing data security to the IoT, Blockchain also encounters a number of critical challenges inherent in the IoT, such as a huge number of IoT devices, non-homogeneous network structure, limited computing power, low communication bandwidth, and error-prone radio links. This paper presents a comprehensive survey on existing Blockchain technologies with an emphasis on the IoT applications. The Blockchain technologies which can potentially address the critical challenges arising from the IoT and hence suit the IoT applications are identified with potential adaptations and enhancements elaborated on the Blockchain consensus protocols and data structures. Future research directions are collated for effective integration of Blockchain into the IoT networks.
Zha, X, Ni, W, Wang, X, Liu, RP, Guo, YJ, Niu, X & Zheng, K 2018, 'The impact of link duration on the integrity of distributed mobile networks', IEEE Transactions on Information Forensics and Security, vol. 13, no. 9, pp. 2240-2255.View/Download from: Publisher's site
© 2005-2012 IEEE. A major challenge in distributed mobile networks is network integrity, resulting from short link duration and severe transmission collisions. This paper analyzes the impact of link duration and transmission collisions on a range of on-the-fly authentication protocols, which operate based on predistributed keys and can instantly verify and forward messages. All unexpired messages within a link duration can be verified retrospectively, once the keys are matched on-the-air. We develop a new general 4D Markov model which, apart from the first three dimensions modeling a cycle of the protocols, is able to unprecedentedly capture unexpired messages between cycles in the fourth dimension. Validated by simulation, our analysis reveals that the on-the-fly authentication is efficient under short link duration, but is susceptible to transmission collisions. The authentication requires holistic cross-layer designs of retransmission and rekeying. The proposed model is able to facilitate the design of the protocol parameters, which allows the protocols to significantly outperform the state of the art.
Hu, Y, Zheng, K, Wang, X & Yang, Y 2017, 'WORM-HUNTER: A Worm Guard System using Software- defined Networking', KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, vol. 11, no. 1, pp. 484-510.View/Download from: Publisher's site
Xu, Y, Wu, C, Zheng, K, Wang, X, Niu, X & Lu, T 2017, 'Computing Adaptive Feature Weights with PSO to Improve Android Malware Detection', SECURITY AND COMMUNICATION NETWORKS.View/Download from: Publisher's site
Wang, X, Yu, P, Yu, G, Zha, X, Ni, W, Liu, RP & Guo, YJ 2019, 'A High-Performance Hybrid Blockchain System for Traceable IoT Applications', Network and System Security, International Conference on Network and System Security, Springer, Sapporo, Japan, pp. 721-728.View/Download from: Publisher's site
© 2019, Springer Nature Switzerland AG. Blockchain, as an immutable distributed ledger, can be the key to realize secure and trustworthy IoT applications. However, existing blockchains can hardly achieve high-performance and high-security for large-scale IoT applications simultaneously. In this paper, we propose a hyper blockchain architecture combining the security of public blockchains with the efficiency of private blockchains. An IoT anchoring smart contract is proposed to anchor private IoT blockchains into a public blockchain. An IoT device management smart contract is also designed to trace sensory data. A comprehensive analysis reveals that the proposed hybrid blockchain system can achieve the performance of private blockchains and resist tampering.
Wang, X, Zha, X, Yu, G, Ni, W, Liu, RP, Guo, YJ, Niu, X & Zheng, K 2018, 'Attack and Defence of Ethereum Remote APIs', 2018 IEEE Globecom Workshops, GC Wkshps 2018 - Proceedings, IEEE Globecom Workshops, IEEE, Abu Dhabi, United Arab Emirates, United Arab Emirates.View/Download from: Publisher's site
© 2018 IEEE. Ethereum, as the first Turing-complete blockchain platform, provides various application program interfaces for developers. Although blockchain has highly improved security, faulty configuration and usage can result in serious vulnerabilities. In this paper, we focus on the security vulnerabilities of the official Go-version Ethereum client (geth). The vulnerabilities are because of the insecure API design and the specific Ethereum wallet mechanism. We demonstrate attacks exploiting these vulnerabilities in an Ethereum testbed. The vulnerabilities are confirmed by the scanning results on the public Internet. Finally, corresponding countermeasures against attacks are provided to enhance the security of the Ethereum platform.
Yu, G, Wang, X, Zha, X, Zhang, JA & Liu, R 2018, 'An Optimized Round-Robin Scheduling of Speakers for Peers-to-Peers-based Byzantine Faulty Tolerance', 2018 IEEE Globecom Workshops (GC Wkshps), IEEE Globecom Workshops, Abu Dhabi, United Arab Emirates.View/Download from: Publisher's site
Zha, X, Wang, X, Ni, W, Liu, RP, Guo, YJ, Niu, X & Zheng, K 2017, 'Analytic model on data security in VANETs', Proceedings of the 2017 17th International Symposium on Communications and Information Technologies, ISCIT 2017, International Symposium on Communications and Information Technologies, IEEE, Cairns, QLD, Australia, pp. 1-6.View/Download from: Publisher's site
© 2017 IEEE. Fast-changing topologies and uncoordinated transmissions are two critical challenges of implementing data security in vehicular ad-hoc networks (VANETs). We propose a new protocol, where transmitters adaptively switch between backing off retransmissions and changing keys to improve success rate. A new 3-dimensional (3-D) Markov model, which can analyze the proposed protocol with symmetric or asymmetric keys in terms of data security and connectivity, is developed. Analytical results, validated by simulations, show that the proposed protocol achieves substantially improved resistance against collusion attacks.
Wang, X, Zheng, K, Niu, X, Wu, B & Wu, C 2016, 'Detection of command and control in advanced persistent threat based on independent access', 2016 IEEE International Conference on Communications, ICC 2016.View/Download from: Publisher's site
© 2016 IEEE. Advanced Persistent Threat (APT) imposes increasing threats on cyber security with the developing network attack technologies. APT is a highly interactive, specifically targeted and extremely harmful network-centric attack, which employs various technologies to evade detection during attacks leading to the result that victims will not be aware of attacks until they suffer from tremendous losses. Since command and control (C&C) is an essential component during the lifetime of APT, the detection of it is a practical measure to defend against the APT. In this paper, we analyze the features of C&C in APT and find that the HTTP-based C&C is widely used. Based on the analysis results, we propose a new feature of C&C, i.e., independent access, to characterize the difference between C&C communications and normal HTTP requests. Applying the independent access feature into DNS records, we implement a novel C&C detection method and validate it on public dataset. As a new feature of C&C, its advantages and drawbacks are also analyzed.