Recent Cybersecurity Publications

Recent Cybersecurity Publications

Here is the list of some peer-reviewed cybersecurity publications by UCF faculty and students in the recent years (samples, not a complete list):

  • Ardhi Yudha, Reza Pulungan, Henry Hoffman, and Yan Solihin, “A Simple Cache Coherence Scheme for Integrated CPU-GPU Systems”, Proc. of the 57th ACM/EDAC/IEEE Design Automation Conference (DAC), San Francisco/Virtual, July 2020. https://doi.org/10.1109/DAC18072.2020.9218664
  • Mnassar Alyami, Cliff Zou, and Yan Solihin, Adaptive Segmentation: A Tradeoff Between Packet-Size Obfuscation and Performance, in Proceedings of 2024 IEEE International Conference on Smart Applications, Communications and Networking (SmartNets),Washington D.C., May 28-30, 2024. https://doi.org/10.1109/SmartNets61466.2024.10577699
  • Tangila Islam Tanni, Aaron Necaise, Yan Solihin, Mary Jean Amon, “Empirical evidence for reciprocal radicalization: Conformity of user comment, peer feedback, and community emotion in extreme misogynistic social media groups”, in the Proc. of the 26th International Conference on Human-Computer Interaction (HCII),  pp. 403 - 416,  Washington D.C., June 29 - July 4, 2024. https://doi.org/10.1007/978-3-031-61281-7_29
  • Khan Shaikhul Hadi, Naveed Ul Mustafa, Mark Heinrich, Yan Solihin, “Hardware Support for Durable Atomic Instructions for Persistent Parallel Programming”. Design Automation Conference (DAC), San Francisco, July 9-13, 2023. http://dx.doi.org/10.1109/DAC56929.2023.10247729
  • Mansour Al Ghanim, Muhammad Santriaji, Qian Lou, Yan Solihin, TrojBits: A Hardware Aware Inference-Time Attack on Transformer-based Language Models, 26th European Conference on Artificial Intelligence (ECAI), Sep 30 - Oct 4, 2023. http://dx.doi.org/10.3233/FAIA230254
  • Mnassar Alyami, Abdulmajeed Alghamdi, Mohammed A. Alkhowaiter, Cliff Zou, and Yan Solihin, Random Segmentation: New Traffic Obfuscation Against Packet-Size based Side-Channel Attacks, Electronics 2023, 12(18), 3816, Sep 09, 2023 https://doi.org/10.3390/electronics12183816
  • Derrick Greenspan, Naveed Ul Mustafa, Andres Delgado, Connor Bramham, Christopher Prats, Samu Wallace, Mark Heinrich, and Yan Solihin, LOaPP: Improving the performance of Persistent Memory Objects via Low-Overhead at-rest PMO Protection, in Proc. of the 2024 IEEE International Symposium on Secure and Private Execution Environment Design (SEED), May 17-18, 2024. https://seed-symposium.org/2024/program2024.html
  • Derrick Greenspan, Naveed ul Mustafa, Zoran Kolega, Mark Heinrich, and Yan Solihin, Improving the Security and Programmability of Persistent Memory Objects, in Proc. of the IEEE International Symposium on Secure and Private Execution Environment Design (SEED), Virtual, Sep 26-27, 2022 https://doi.org/10.1109/SEED55351.2022.00021
  • Mnassar Alyami, Mohammed Alkhowaiter, Mansour Al Ghanim, Changchun Zou, and Yan Solihin, MAC-Layer Traffic Shaping Defense Against WiFi Device Fingerprinting Attacks,  26th IEEE Symposium on Computers and Communication (ISCC), Athens, Sep 5-8, 2022. https://doi.org/10.1109/ISCC55528.2022.9913056
  • Ardhi Yudha, Jake Meyer, Shougang Yuan, Huiyang Zhou, and Yan Solihin, LITE: a Low-Cost Practi- cal Inter-Operable GPU TEE, ACM International Conference on Supercomputing (ICS), Virtual, June 27-30, 2022. https://dl.acm.org/doi/10.1145/3524059.3532361
  • Mnassar Alyami, Ibrahim Alharbi, Cliff Zou, Yan Solihin, Karl Ackerman: WiFi-based IoT Devices Profiling Attack based on Eavesdropping of Encrypted WiFi Traffic. IEEE 19th Annual Consumer Communications & Networking Conference (CCNC) 2022 https://doi.org/10.1109/CCNC49033.2022.9700674
  • Ardhi Yudha, Keiji Kimura, Huiyang Zhou, and Yan Solihin, Scalable and Fast Lazy Persistency on GPUs, in Proc. of 2020 IEEE International Symposium on Workload Characterization (IISWC), Virtual, Nov 2020. https://doi.org/10.1109/HPCA51647.2021.00019
  • Muhammad Saad and David Mohaisen, “Three Birds with One Stone: Efficient Partitioning Attacks on Interdependent Cryptocurrency Networks”. In Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, May 2023 https://doi.org/10.1109/SP46215.2023.10179456
  • Soohyeon Choi, Manar Mohaisen, Daehun Nyang, David Mohaisen. “Revisiting the Deep Learning-based Eavesdropping Attacks via Facial Dynamics from VR Motion Sensors”, The 25th International Conference on Information and Communications Security (ICICS) 2023, Tianjin, China, November 2023 (Acceptance rate: 18% ) http://dx.doi.org/10.1007/978-981-99-7356-9_24
  • Ulku Meteriz, Necip Fazil Yildiran, Amro Awad, David Mohaisen. “A Keylogging Inference Attack on Air-Tapping Keyboards in Virtual Environments”. IEEE Conference on Virtual Reality and 3D User Interfaces, IEEE VR 2022, March 12-16, New Zealand ( Best Paper Award Nominee). https://doi.org/10.1109/VR51125.2022.00098
  • Muhammad Saad, Songqing Chen, David Mohaisen. “SyncAttack: Double-spending in Bitcoin Without Mining Power”. Proceedings of the 2021 ACM SIGSAC Conference on Com- puter and Communications Security, ACM CCS, Seoul, Republic of Korea, November 14-19, 2021 https://doi.org/10.1145/3460120.3484568
  • Afsah Anwar, Ahmed Abusnaina, Songqing Chen, Frank Li, David Mohaisen. “Cleaning the NVD: Comprehensive Quality Assessment, Improvements, and Analyses”, IEEE Transactions on Dependable and Secure Computing (IEEE TDSC), 2022. https://doi.org/10.1109/TDSC.2021.3125270
  • Mohammed Alkinoon, Abdulrahman Alabduljabbar, Hattan Althebeiti, Rhongho Jang, DaeHun Nyang, David Mohaisen. “Understanding the Security and Performance of the Web Presence of Hospitals: A Measurement Study”. International Conference on Computer Com- munications and Networks, IEEE ICCCN 2023, Honolulu, Hawaii, USA. https://doi.org/10.1109/ICCCN58024.2023.10230186
  • Mohammed Alqadhi, Mohammed Alkinoon, Jie Lin, Ahmed Abdalaal, David Mohaisen: “Entangled Clouds: Measuring the Hosting Infrastructure of the Free Contents Web” In Proceedings of the 2023 on Cloud Computing Security Workshop, ACM CCSW, 2023. Copenhagen, Denmark, 26 November 2023. https://dl.acm.org/doi/10.1145/3605763.3625274
  • Ahmed Abusnaina, Afsah Anwar, Sultan Alshamrani, Abdulrahman Alabduljabbar, Rhongho Jang, Daehun Nyang, David Mohaisen. “Systematically Evaluating the Robustness of ML- based IoT Malware Detection Systems”. The 25th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2022, Limassol, Cyprus on 26-28 October, 2022. https://doi.org/10.1109/DSN-S52858.2021.00012
  • Ulku Meteriz, Necip Fazil Yildiran, David Mohaisen. “AiRType: An Air-Tapping Keyboard for Augmented Reality Environments” (short paper). IEEE Conference on Virtual Reality and 3D User Interfaces, IEEE VR 2022, March 12-16, New Zealand (virtual event). https://doi.org/10.1109/VRW55335.2022.00189
  • Muhammad Saad, Songqing Chen, David Mohaisen. “SyncAttack: Double-spending in Bitcoin Without Mining Power”. Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, ACM SIGSAC Conference on Computer and Communications Security (CCS), Seoul, Republic of Korea, November 14-19, 2021. https://dl.acm.org/doi/10.1145/3460120.3484568
  • Afsah Anwar, Ahmed Abusnaina, Songqing Chen, Frank Li, and David Mohaisen. “Cleaning the NVD: Comprehensive Quality Assessment, Improvements, and Analyses”, The 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, IEEE DSN, Taipei, Taiwan, June 21-24, 2021. https://doi.org/10.1109/DSN-S52858.2021.00011
  • Amirfarhad Nilizadeh, Shirin Nilizadeh, Wojciech Mazurczyk, Cliff Zou, and Gary T. Leavens. Adaptive Matrix Pattern Steganography on RGB Images. Journal of Cyber Security and Mobility, 11(1):1–28, 2022, Elsevier. https://dx.doi.org/10.13052/jcsm2245-1439.1111
  • Amirfarhad Nilizadeh, Gary T. Leavens, and Corina Pasareanu. Using a Guided Fuzzer and Precon- ditions to Achieve Branch Coverage with Valid Inputs. In 15th International Conference on Tests and Proofs (TAP 2021), June 2021, pp. 72–84. https://doi.org/10.1007/978-3-030-79379-1_5
  • Amirfarhad Nilizadeh, Marlon Calvo, Gary T. Leavens, Xuan-Bach D. Le, and Corina Pasareanu. More Reliable Test Suites for Dynamic APR by using Counterexamples. In The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021), IEEE, Wuhan, China. pp. 208-219 https://doi.org/10.1109/ISSRE52982.2021.00032
  • Amoruso, Edward L., Richard Leinecker, and Cliff C. Zou. 2024. "User Privacy Protection via Windows Registry Hooking and Runtime Encryption" Sensors 24, no. 16: 5106. https://doi.org/10.3390/s24165106
  • Luo, Lan; Zhang, Yue; White, Clayton; Keating, Brandon; Pearson, Bryan; Shao, Xinhui; Ling, Zhen; Yu, Haofei; Zou, Cliff; Fu, Xinwen; "On Security of TrustZone-M Based IoT Systems",  in IEEE Internet of Things Journal, 2022 https://doi.org/10.1109/JIOT.2022.3144405
  • Roy Laurens, Edo D. Christianto, Bruce Caulkins, Cliff Zou, "Side-Channel VoIP Profiling Attack against Customer Service Automated Phone System" in IEEE Global Communications Conference (Globecom), Dec. 4-8, 2022 https://doi.org/10.1109/GLOBECOM48099.2022.10001537
  • Bryan Pearson, Yue Zhang, Cliff Zou, Xinwen Fu, "FUME: Fuzzing Message Queuing Telemetry Transport Brokers", in IEEE INFOCOM, May 2-5, 2022 https://doi.org/10.1109/INFOCOM48880.2022.9796755
  • Edward Amoruso, Cliff Zou, Richard Leinecker, "User Profiling Attack Using Windows Registry Data", in IEEE 14th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), October 2023 https://doi.org/10.1109/UEMCON59035.2023.10315968
  • Mohammed Alkhowaiter, Cliff Zou, "Adversarial-Aware Deep Learning System based on a Secondary Classical Machine Learning Verification Approach", Sensors 2023, 23(14), 6287. https://doi.org/10.3390/s23146287
  • Anne M. Tall, Cliff C. Zou, "A Framework for Attribute-Based Access Control in Processing Big Data with Multiple Sensitivities", Appl. Sci. 2023, 13(2), 1183 https://doi.org/10.3390/app13021183
  • Hossein Rezaeighaleh, Cliff Zou, "Multilayered Defense-in-Depth Architecture for Cryptocurrency Wallet", in 6th IEEE International Conference on Computer and Communications (ICCC), Dec. 11-14, 2020. https://doi.org/10.1109/ICCC51575.2020.9345013
  • Ibrahim Alwhbi Alharbi, Ali Jaber Almalki, Mnassar Alyami, Cliff Zou, Yan Solihin, "Profiling Attack on WiFi-based IoT Devices Using an Eavesdropping of an Encrypted Data Frames", Advances in Science, Technology and Engineering Systems Journal (ASTES), Vol. 7, No. 6, pp. 49-57, 2022. http://dx.doi.org/10.25046/aj070606
  • Lan Luo, Cliff Zou, Sashank Narain, and Xinwen Fu. "On teaching malware analysis on latest windows." CISSE Colloquium for Information Systems Security Education, 2021. https://doi.org/10.53735/cisse.v9i1.152
  • Necip Yildiran, Jeho Oh, Julia Lawall, and Paul Gazzillo. “Maximizing Patch Coverage for Testing of Highly-Configurable Software without Exploding Build Times”, Proceedings of the ACM International Conference on the Foundations of Software Engineering (FSE), July 2024. https://doi.org/10.5281/zenodo.10626343
  • Jeho Oh, Necip Yıldıran, Julian Braha, and Paul Gazzillo, “Finding Broken Linux Configuration Specifications by Statically Analyzing the Kconfig Language”, Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), 2021. https://doi.org/10.5281/zenodo.4885001
  • Paul Gazzillo, “Inferring and Securing Software Configurations Using Automated Reasoning”,  Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Visions & Reflections Track (ESEC/FSE VR), 2020. https://doi.org/10.1145/3368089.3417041
  • Sanan Hasanov, Stefan Nagy, and Paul Gazzillo, "A Little Goes a Long Way: Tuning Configuration Selection for Continuous Kernel Fuzzing”, to appear in Proceedings of the International Conference on Software Engineering (ICSE), 2025. https://www.paulgazzillo.com/papers/icse25.pdf
  • Brent Pappas, Paul Gazzillo, “Semantic Analysis of Macro Usage for Portability”. Proceedings of the International Conference on Software Engineering (ICSE), 2024. (Acceptance Rate: 28% ) https://dl.acm.org/doi/10.1145/3597503.3623323
  • Zach Patterson, Zenong Zhang, Brent Pappas, Shiyi Wei, and Paul Gazzillo, “SugarC: Scalable Desugaring of Real-World Preprocessor Usage into Pure C”, Proceedings of the International Conference on Software Engineering (ICSE), 2022. (Acceptance Rate: 26%) https://dl.acm.org/doi/10.1145/3510003.3512763
  • Jiaqi Xue, Mengxin Zheng, Ting Hua, Yilin Shen, Yepeng Liu, Ladislau Bölöni, Qian Lou. “TrojLLM:A Black-box Trojan Prompt Attack on Large Language Models”. Annual Conference on Neural Information Processing Systems (NeurIPS) 2023 https://dl.acm.org/doi/10.5555/3666122.3668988
  • Mengxin Zheng, Jiaqi Xue, Xun Chen, Yanshan Wang, Qian Lou, Lei Jiang,  TrojFSP: Trojan Insertion in Few-shot Prompt Tuning. In Proceedings of the 2024 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies https://doi.org/10.18653/v1/2024.naacl-long.64
  • Qian Lou, Xin Liang, Jiaqi Xue, Yancheng Zhang, Rui Xie, Mengxin Zheng, CR-UTP: Certified Robustness against Universal Text Perturbations on Large Language Models. In ACL Findings 2024 https://aclanthology.org/2024.findings-acl.588
  • Qian Lou, Yen-Chang Hsu, Burak Uzkent, Ting Hua, Yilin Shen, and Hongxia Jin. " Lite-MDETR: A Lightweight Multi-Modal Detector ".   In 2022 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). https://doi.org/10.1109/CVPR52688.2022.01189
  • Mengxin Zheng, Jiaqi Xue, Zihao Wang, Xun Chen, Qian Lou, Lei Jiang, Xiaofeng Wang. “SSL-Cleanse: Trojan Detection and Mitigation in Self-Supervised Learning”. The European Conference on Computer Vision (ECCV), 2024.  https://doi.org/10.48550/arXiv.2303.09079
  • Mengxin Zheng, Qian Lou, and Lei Jiang. “TrojViT: Trojan Insertion in Vision Transformers”. IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) 2023 https://doi.org/10.1109/CVPR52729.2023.00392
  • Mengxin Zheng, Qian Lou, and Lei Jiang. “Primer: Fast Private Transformer Inference on Encrypted Data”. ACM/IEEE Design Automation Conference (DAC) 2023. http://dx.doi.org/10.1109/DAC56929.2023.10247719
  • Mengxin Zheng, Qian Lou, Fan Chen, Lei Jiang, and Yongxin Zhu. “CryptoLight: An Electro-Optical Accelerator for Fully Homomorphic Encryption”. ACM International Symposium on Nanoscale Architectures (NANOARCH) 2022 https://dl.acm.org/doi/10.1145/3565478.3572544
  • A. Kumar Dipongkor, and K. Moran, “A Comparative Study of Transformer-based Neural Text Representation Techniques on Bug Triaging,” in Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023), Kirchberg, Luxembourg, 2023, pp. 1012-1023 https://doi.ieeecomputersociety.org/10.1109/ASE56229.2023.00217
  • J. Mahmud, N. De Silva, S. Ali Khan, S. H. Mostafavi, SM H. Mansur, O. Chaparro, A. Marcus, and K. Moran, “On Using GUI Interaction Data to Improve Text Retrieval-based Bug Localization,” in Proceedings of the 46th IEEE/ACM International Conference on Software Engineering (ICSE 2024), Lisbon, Portugal, April 14-20, 2024 https://dl.acm.org/doi/10.1145/3597503.3608139
  • SM H. Mansur, S. Salma, D. Awofisayo, and K. Moran, “AidUI: Toward Automated Recognition of Dark Patterns in User Interfaces,” in Proceedings of the 45th IEEE/ACM International Conference on Software Engineering (ICSE 2023), Melbourne, Australia, 2023, pp. 1958-1970. https://dl.acm.org/doi/10.1109/ICSE48619.2023.00166
  • A. Krishnavajjala, SM Hasan Mansur, Justin Jose, K. Moran, “MotorEase: Automated Detection of Motor Impairment Accessibility Issues in Mobile App UIs,” in Proceedings of the 46th IEEE/ACM International Conference on Software Engineering (ICSE 2024), Lisbon, Portugal, April 14-20, 2024 https://dl.acm.org/doi/10.1145/3597503.3639167
  • S. A. Khan, W. Wang, Y. Ren, B. Zhu, J Shi, A. McGowan, W. Lam, and K. Moran, “AURORA: Navigating UI Tarpits via Automated Neural Screen Understanding,” in Proceedings of the 17th International Conference on Software Testing, Verification, and Validation (ICST 2024), Toronto, Canada, 2024 https://doi.ieeecomputersociety.org/10.1109/ICST60714.2024.00028
  • J. Johnson, J. Mahmud, T. Wendland, K. Moran, J. Rubin, and M. Fazzini, “An Empirical Investigation into the Reproduction of Bug Reports for Android Apps,” in Proceedings of the 29th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER’22), Honolulu, Hawaii, 2022, pp. 321-332. (24% acceptance rate) https://doi.org/10.1109/SANER53432.2022.00048
  • Yifan Zhang, Zhaojie Hu, Xueqiang Wang, Yuhui Hong, Yuhong Nan, XiaoFeng Wang, Jiatao Cheng, Luyi Xing. ”Navigating the Privacy Compliance Maze: Understanding Risks with Privacy-Configurable Mobile SDKs.” In USENIX Security Symposium, August 14-16 2024. https://www.usenix.org/biblio-14927
  • Wang Xueqiang, Zhang Yifan, Wang XiaoFeng, Jia Yan, Xing Luyi. ”Union under Duress: Understanding Hazards of Duplicate Resource Mismediation in Android Software Supply Chain.” In USENIX Security Symposium, August 9-11, 2023. https://dl.acm.org/doi/10.5555/3620237.3620428
  • Zhaojie Hu, Jingzhou Ye, Yifan Zhang, Xueqiang Wang. ”Seeing is Not Always Believing: An Empirical Analysis of Fake Evidence Generators.” In IEEE 9th European Symposium on Security and Privacy (EuroS&P). July 8-12 2024 https://doi.ieeecomputersociety.org/10.1109/EuroSP60621.2024.00037
  • Wang Xueqiang, Sun Yuqiong, Susanta Nanda, Wang XiaoFeng. ”Credit Karma: Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference.” In USENIX Security Synposium 2023. https://dl.acm.org/doi/10.5555/3620237.3620573
  • Nan Yuhong, Wang Xueqiang, Xing Luyi, Liao Xiaojing, Wu Ruoyu, Wu Jian- liang, Zhang Yifan, Wang XiaoFeng. ”Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion Apps.” In USENIX Security Symposium, 2023 https://dl.acm.org/doi/10.5555/3620237.3620610