Shouhuai Xu
Assistant Professor, Department of Computer Science, University of Texas at San Antonio

office: Science Building 4.01.46
phone: (210)458-5739
fax: (210)458-4437
email: shxu@cs.utsa.edu

mailing address:
Department of Computer Science
University of Texas at San Antonio
6900 North Loop 1604 West
San Antonio, TX 78249
 

• The Third ACM Workshop on Scalable Trusted Computing (STC'08) [deadline: June 16, 2008]
• The First International Workshop on Security of Computer Communications and Networks (SoCCaN 2008) [deadline: March 30, 2008]

• The Second ACM Workshop on Scalable Trusted Computing (STC'07)
• The First ACM Workshop on Scalable Trusted Computing (STC'06)

RA openings!

Technically Long-term Objective

How to construct provably survivable/trustworthy systems?

Background

Here is my brief bio.

Teaching

CS 6373 Applied Cryptography (Fall 2008; Graduate)

CS 4363 Cryptography (Spring 2008; Undergraduate)

CS 6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems (Fall 2007; Graduate)

CS 4363 Cryptography (Spring 2007; Undergraduate)

CS 6463 AT: Applied Cryptography (Fall 2006; Graduate)

CS 4363 Cryptography (Spring 2006; Undergraduate)

CS 6973 Special Problems: Applied Cryptography (Fall 2005; Graduate)

CS 4363 Cryptography (Spring 2005; Undergraduate)

CS 6973 Principles of Information Security (Fall 2004; Graduate)

CS 4363 Cryptography (Spring 2004; Undergraduate)

CS 6973 Special Problems: Applied Cryptography (Fall 2003; Graduate)

Funded Research Projects

PI. Collaborative Research: Secure Knowledge Management: Models and Mechanisms, funded by NSF CyberTrust (9/1/2005 -- 8/31/2008)
PI. SuE: A Framework for Survivable Tactical Information Systems, funded by Army Research (4/15/2005 -- 1/14/2008)
PI. Survivability Analysis for Cryptographic Key Infrastructures in MANETS, funded by UTSA (9/1/2006 -- 12/31/2007)
PI. Countering Malicious and Fast-Spreading Malicious Codes, funded by UTSA Center for Infrastructure Assurance and Security (6/1/2004 -- 8/31/2006)

Students I'm working with

1. Keith Harrison -- PhD student
2. Paul Parker -- PhD student
3. Erhan John Kartaltepe -- now PhD student
   
• Masters Thesis: Malicious Impostor Emails: Emerging Threats and Countermeasures.
  

Graduated Students I worked with

1. Jim Dowd -- MSc student (with Dr. Zhang)

Professional Activities

• Service as a program (co-)chair of the following conferences/workshops:

• The Second ACM Workshop on Scalable Trusted Computing (STC'07)
  
• The First ACM Workshop on Scalable Trusted Computing (STC'06)
  

• Service as a program committee member of the following conferences/workshops:
  

• The Second Conference on Provable Security (ProvSec'08)
  
• The Third Asia-Pacific Trusted Infrastructure Technologies Conference (APTC'08)
• The 3rd International Symposium on Information Security (IS'08)
  
• The 2008 International Conference on Security and Cryptography (SECRYPT'08)
• The International Conference on Communications and Networking in China (ChinaCom'08) --- Network and Information Security Symposium
  
• The 2008 IEEE International Conference on Communications (ICC'08) --- Information and Network Security Symposium
  
• The 3rd International SKLOIS Conference on Information Security and Cryptology (INSCRYPT'07)
• The 3rd Workshop on Cryptography for Ad-hoc Networks (WCAN'07)
• The 2007 International Conference on Security and Cryptography (SECRYPT'07)
• The 13th ACM Conference on Computer and Communication Security (ACM CCS'06)
• The 2006 International Conference on Security and Cryptography (SECRYPT'06)
  
• The 2nd IEEE/CreateNet International Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm'06)
• The 5th International Conference on Cryptology and Network Security (CANS06)
• The 5th Conference on Security and Cryptography for Networks (SCN'06)
  
• The 2nd IEEE International Workshop on Trust, Security and Privacy in Ubiquitous Computing (TSPUC'06)
  
• The 8th International Conference on Information Security and Cryptology (ICISC 2005)
• The 4th International Conference on Cryptology and Network Security (CANS05)
• The 6th International Workshop on Information Security Applications (WISA'05)
• IEEE Globecom 2005 (Symposium on Computer and Network Security)
  
• The 4th International Workshop for Applied PKI (IWAP'05)
• The 2nd International Conference on Applied Cryptography and Network Security (ACNS'04)
• The 9th ACM Conference on Computer and Communications Security (ACM CCS'02)
  

• Service as a reviewer of the following journals/books:
  

• ACM Computing Survey
  
• IEEE/ACM Transactions on Networking (IEEE/ACM ToN)
• ACM Transactions on Sensor Networks (ACM ToSN)
  
• ACM Mobile Computing and Communications Review
• ACM Transactions on Information and System Security (ACM TISSEC)
• IEEE Transaction on Dependable and Secure Computing (IEEE TDSC)
• IEEE Transactions on Computers (IEEE ToC)
• IEEE Transactions on Wireless Communication
• Journla of Computer Security
  
• International Journal of Information Security
  
• IEEE Communication Letters
• Elsevier Ad Hoc Networks Journal
• The Handbook of Information Security (John Wiley \& Sons, Inc.)
  
  

Publications:

1. S. Xu and S. Capkun. Distributed and Secure Bootstrapping of Mobile Ad Hoc Networks: Framework and Constructions. ACM Transactions on Information and Systems Security (ACM TISSEC), ACM, Accepted.
   
2. X. Li, P. Parker, and S. Xu. A Probabilistic Characterization of A Fault-Tolerant Gossiping Algorithm. Journal of Systems Science and Complexity, Springer, Accepted.
3. D. Walleck, Y. Li, and S. Xu. An Empirical Analysis of Certificate Revocation Lists. IFIP DBSec'08.
   
4. S. Xu, X. Li, and P. Parker. Exploiting Social Networks for Thresholding Signing: Attack-resilience vs. Availability. ASIACCS'08.
   
5. E. Kartaltepe, P. Parker, and S. Xu. How to Secure Your Email Address Book and Beyond. CANS'07.
   
6. X. Li, P. Parker, and S. Xu. A Stochastic Characterization of a Fault-tolerant Gossip Algorithm. HASE'07.
   
7. K. Harrison and S. Xu. Protecting Cryptographic Keys from Memory Disclosure Attacks. DSN-DCCS'07. (Preliminary full version with source code is here; a significantly enriched full version will become available some time this summer.)
8. P. Sharkey, H. Tian, W. Zhang, and S. Xu. Privacy-Preserving Data Mining Through Knowledge Model Sharing. PinKDD'07.
   
9. X. Li, P. Parker, and S. Xu. Towards an Analytic Model of Epidemic Spreading in Heterogeneous Systems. Qshine'07.
   
10. S. Xu and K. Han. Envisioning Stealthy Botnet C&C and Graph-based Detection Metrics (Abstract). DSN'07 fast abstract track.
    
11. S. Xu and R. Sandhu. A Scalable and Secure Cryptographic Service. IFIP DBSec'07. Preliminary full version is here.
    
12. X. Li, P. Parker, and S. Xu. Towards Quantifying the (In)Security of Networked Systems. IEEE AINA'07.
    
13. S. Xu and Moti Yung. K-anonymous Multi-party Secret Handshakes. Financial Cryptography and Data Security 2007 (FC'07).
    
14. S. Xu. On the security of group communication schemes. Journal of Computer Security, Volume 15, Number 1, 2007, pp. 129 - 169.
    
• This is the full version of the SASN'05 paper below.
  
15. S. Zhu, S. Setia, S. Xu, and S. Jajodia. GKMPAN: An efficient group rekeying scheme for secure multicast in ad-hoc networks. Journal of Computer Security, Volume 14, Number 4, 2006, pp. 301 - 325.
• This is the full version of the Mobiquitous'04 paper below.
16. S. Zhu, S. Xu, S. Setia, and S. Jajodia. LHAP: A Lightweight Network Access Control Protocol for Ad-Hoc Networks. Elsevier Ad Hoc Networks Journal, Volume 4, Issue 5, Sept. 2006, pp 567-585.
• This is the full version of the MWN'03 paper below.
17. P. Parker and S. Xu. Towards Understanding the (In)security of Networked Systems under Topology-directed Stealthy Attacks. Proceedings of the 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing (DASC'06), pp ???-???.
18. G. Tsudik and S. Xu. A Flexible Framework for Secret Handshakes. In Proceedings of the 6th Workshop on Privacy Enhancing Technologies (PET'06).
• This is an extended version of the PODC'05 brief announcement.
  
19. J. Dowd, S. Xu, and W. Zhang. Privacy-Preserving Decision Tree Mining Based on Random Substitutions. In the Proceedings of the 2006 International Conference on Emerging Trends in Information and Communication Security (ETRICS'06), LNCS 3995, pp 145-159.
20. E. Kartaltepe and S. Xu. Towards Blocking Outgoing Malicious Impostor Emails. In the Proceedings of the 2nd International Workshop on Trust, Security and Privacy for Ubiquitous Computing. IEEE Press, pp 657-661.
    
21. S. Xu. On the Security of Group Communication Schemes based on Symmetric Key Cryptosystems. In the Proceedings of ACM Workshop on Security of Ad hoc and Sensor Network 2005 (ACM SASN'05), ACM press, pp 22-31.
• The full version is invited to submit to a special issue of Journal of Computer Security.
  
22. E. Kartaltepe and S. Xu. On Automatically Detecting Malicious Imposter Emails. In Proceedings of International Workshop on Applied PKI 2005 (IWAP'05), IOS Press, pp ??-??.
23. G. Tsudik and S. Xu. Brief Announcement: A Flexible Framework for Secret Handshakes. In Proceedings of ACM Symposium on Princples of Distributed Computing 2005 (ACM PODC'05), ACM Press, pp 39.
    
24. S. Xu and W. Zhang. Knowledge as a Service and Knowledge Breaching. In the Proceedings of IEEE International Conference on Service Computing (IEEE SCC'05), IEEE Press, pp 87-94.
25. S. Xu and M. Yung. K-Anonymous Secret Handshakes with Reusable Credentials. ACM CCS'04. (full version not available yet)
    
26. S. Xu and W. Zhang. PBKM: A Secure Knowledge Management Framework. NSF/NSA/AFRL Workshop on Secure Knowledge Management'04.
27. S. Xu and M. Yung. Accountable Ring Signatures: A Smart Card Approach. IFIP CARDIS'04.
28. S. Zhu, S. Setia, S. Xu, and S. Jajodia. GKMPAN: An Efficient Group Rekeying Scheme for Secure Multicast in Ad-Hoc Networks. Mobiquitous'04.
29. S. Xu, W. Nelson Jr. and R. Sandhu. Enhancing Anonymity via Market Competition. Information Assurance and Security -- IEEE ITCC'04.
30. S. Xu and R. Sandhu. Applying OM-AM to Analyze Digital Rights Management. 7th International Conference on E-Commerce Research, 2004.
31. X. Ding, G. Tsudik, and S. Xu. Leak-free Group Signatures with Immediate Revocation. ICDCS'04.
32. G. Tsudik and S. Xu. Accumulating Composites and Improved Group Signing. Asiacrypt'03; an extended preliminary version is here. (This paper is under substantial revision; the revisited version will be posted when it is available.)
33. S. Zhu, S. Xu, S. Setia, and S. Jajodia. Establishing Pair-Wise Keys for Secure Communication in Ad Hoc Networks: A Probabilistic Approach. ICNP'03.
34. A. Bagchi, A. Chaudhary, M. Goodrich, and S. Xu. Constructing Dijoint Paths for Secure Communication. DISC'03.
35. S. Zhu, S. Xu, S. Setia, and S. Jajodia. LHAP: A Light-weight Hop-by-hop Authentication Protocol For Ad-Hoc Networks. Workshop on Mobile and Wireless Networks (MWN'03, affiliated with ICDCS'03)
36. S. Xu and M. Yung. Retrofitting Fairness on the Original RSA-Based E-Cash. Financial Cryptography'03.
    
37. S. Xu and R. Sandhu. Two Efficient and Provably Secure Schemes for Server-Assisted Threshold Signatures. RSA-CT'03.
38. Y. Dodis, J. Katz, S. Xu, and M. Yung. Strong Key-Insulated Signature Schemes. PKC'03.
39. Y. Dodis, J. Katz, S. Xu, and M. Yung. Key-Insulated Public Key Cryptosystems. Eurocrypt'02.
40. S. Xu and M. Yung. The Dark Side of Threshold Cryptography. Financial Cryptography'02.
41. S. Xu and R. Sandhu. Authenticated Multicast Immune to Denial-of-Service Attacks. ACM SAC'02.
42. S. Xu, M. Yung, and G. Zhang. Friendly Observers Ease Off-Line E-Cash. CARDIS'00.
43. S. Xu, M. Yung, and G. Zhang. Scalable, Tax-Evasion Free, Anonymous Investing. IFIP SEC'00.
44. S. Xu, M. Yung, G. Zhang, and H. Zhu. Money Conservation via Atomicity in Fair Off-Line E-Cash. ISW'99, LNCS 1729.
45. S. Xu, G. Zhang, and H. Zhu. Securing Systems Using E-Cash. InfoSecu'99.
46. S. Xu, G. Zhang, and H. Zhu. Two Digital Signature Schemes Based on Graph 3-Colorability Problem. ICYCS'99.
47. S. Xu, H. Zhu, and G. Zhang. Digital Signature Schemes Based on Graph Isomorphism and Graph 3-Colorability Problems. CrypTEC'99.
48. S. Xu, G. Zhang, and H. Zhu. On the Security of Three-Party Cryptogrpahic Protocols. ACM Operating Systems Review, Vol. 32, No. 3, July 1998, pp 7-20.
49. S. Xu, G. Zhang, and H. Zhu. On the Security of Cryptogrpahic Protocols (Extended Abstract). ChinaCrypt'98.
50. S. Xu, G. Zhang, and H. Zhu. On the Properties of Cryptogrpahic Protocols and the Weaknesses of BAN-Like Logics. ACM Operating Systems Review, Vol. 31, No. 4, October 1997, pp 12-23.
51. S. Xu, G. Zhang, H. Zhu et al. A General Solution to the Security Problems on the Internet/Intranet Platform. Proceedings of the Sixth Chinese Symposium on Security and Privacy, 1997.

Other Publications (in Chinese):

1. S. Xu. Studies in Digital Currency. PhD Thesis, Dec. 1999, Department of Computer Science, Fudan University, Shanghai, China.
2. S. Xu, G. Zhang, and H. Zhu. A Self-Delegation System and the Knowledge Complexity of Problems. Journal of Software, Vol. 10, No. 2, February 1999, pp 170-174.
3. S. Xu and G. Zhang. Encryption Mechanism for Routing Information Based on the Internet Protocol. Computer Research and Development, Vol. 35, No. 8, August 1998, 753-759
4. S. Xu, G. Zhang, and H. Zhu. Recent Advances in Modern Cryptography. NCYCS'98.
5. S. Xu and M. Hu. Security Strategy for Oracle-Based Application Systems. Computer Engineering and Design, Vol. 18, No. 4, April 1997, pp 43-38.
6. S. Xu and M. Hu. Prospects on Database Security. Computer Engineering, Vol. 23, No. 3, March 1997, pp 50-53.
7. S. Xu and M. Hu. The Storage and Retrieve Techniques for Object-Oriented Multimedia DataBase Systems. Computer Engineering, Vol. 22, No. 5, May 1996, pp 14-17.
8. S. Xu and M. Hu. Database Based on Spatial Algebra. Software, Vol. 4, No. 3, March 1996, pp 20-23.