shouhuai

$Description: C:\my-data\My Homepage\me.jpg$

Shouhuai Xu (PhD: Fudan University, 2000)
Associate Professor, Department of Computer Science, University of Texas at San Antonio

office: Science Building 4.01.46
phone: (210)458-5739
fax: (210)458-4437
email: shxu(at)cs(dot)utsa(dot)edu

mailing address:
Department of Computer Science
University of Texas at San Antonio
One UTSA Circle
San Antonio, TX 78249

Research

Supervising

Teaching

Professional Activities/Services

Publications

Current Research Projects/Threads

A Novel Mathematical Foundation for Macroscopic Cyber Security
Defense Against Malware/Botnets (Models and Systems)
Trustworthy Cloud Computing (Cryptographic Multi-Party Computing, Storage, Systems)
Highly-Assured Cryptography (resilient against Malware etc.)
Assured Information Sharing and Provenance

Research Long-term Goal

A Unified Foundation for Cyber Security

Funded Research Projects

Co-PI. TC: Large: Collaborative Research: Privacy-Enhanced Secure Data Provenance. Funded by NSF (Sept. 2011 -- Aug. 2016)
PI. IAPD: Integrated Adaptive and Proactive Defense against Stealthy Botnets. Funded by AFOSR (March 2009 -- Oct. 2012)
Co-PI. AFOSR MURI: A Framework for Managing the Assured Information Sharing Lifecycle (July 2008 -- June 2013)
PI. Securing the Smart Power Grid. Funded by UTSA (Sept. 2010 -- Aug. 2011)
Co-PI. A Systematic Defense Framework for Combating Botnets. Funded by ONR (April 2009 -- Dec. 2010)
PI. Modeling Cyber Attacks. Funded by UTSA (Nov. 2008 -- Nov. 2009)
PI. Collaborative Research: Secure Knowledge Management: Models and Mechanisms, funded by NSF CyberTrust (9/1/2005 -- 8/31/2009)
PI. SuE: A Framework for Survivable Tactical Information Systems, Funded by Army Research (4/15/2005 -- 1/14/2008)
PI. Survivability Analysis for Cryptographic Key Infrastructures in MANETS, Funded by UTSA (9/1/2006 -- 12/31/2007)
PI. Countering Malicious and Fast-Spreading Malicious Codes, Funded by UTSA Center for Infrastructure Assurance and Security (6/1/2004 -- 8/31/2006)

RA openings!

I am always seeking highly motivated PhD students who have a strong desire to pursue excellent PhD work.

Current PhD Students I supervise

1. Weiliang Luo

2. Li Xu

3. Zhenxin Zhan

4. Qingji Zheng

Graduated students I supervised with Thesis

1. Paul Parker (PhD Thesis: Protecting Cryptographic Keys and Functions from Software-based Attacks), Dec 2010. First employment: Assistant Professor at Dallas Baptist University

2. Giovanni Del Valle (Masters Thesis: Protecting Cryptographic Keys from Memory Disclosure Attacks), May 2010. First employment: Rackspace

3. Erhan John Kartaltepe (Masters Thesis: Malicious Impostor Emails: Emerging Threats and Countermeasures), April 2006. First employment: SouthWest Research Institute.

Teaching

CS 4363 Cryptography (Spring 2012; Undergraduate)
CS 2233 Discrete Mathematical Structures (Spring 2012; Undergraduate)

CS 6373 Applied Cryptography (Fall 2011; Graduate)
CS 4363 Cryptography (Spring 2011; Undergraduate)
CS 2233 Discrete Mathematical Structures (Spring 2011; Undergraduate)
CS 6393 AT: Cyber Security (Fall 2010; Graduate)
CS 4363 Cryptography (Spring 2010; Undergraduate)
CS 6373 Applied Cryptography (Fall 2009; Graduate)
CS 4363 Cryptography (Spring 2009; Undergraduate)
CS 6373 Applied Cryptography (Fall 2008; Graduate)
CS 4363 Cryptography (Spring 2008; Undergraduate)
CS 6393 Advanced Topics in Computer Security: Reliable and Secure Distributed Systems (Fall 2007; Graduate)
CS 4363 Cryptography (Spring 2007; Undergraduate)
CS 6463 AT: Applied Cryptography (Fall 2006; Graduate)
CS 4363 Cryptography (Spring 2006; Undergraduate)
CS 6973 Special Problems: Applied Cryptography (Fall 2005; Graduate)
CS 4363 Cryptography (Spring 2005; Undergraduate)

CS 6973 Principles of Information Security (Fall 2004; Graduate)

CS 4363 Cryptography (Spring 2004; Undergraduate)

CS 6973 Special Problems: Applied Cryptography (Fall 2003; Graduate)

Professional Activities/Services

Associate Editor or Member of Editorial Baord:

ACM Workshop on Scalable Trusted Computing (STC): The Workshop series I co-initiated (The link points to both current and previous editions)

Service as a program (co-)chair of the following conferences/workshops:

o The Second ACM Workshop on Scalable Trusted Computing (STC'07)

o The First ACM Workshop on Scalable Trusted Computing (STC'06)

Service as a program committee member of the following conferences/workshops:

Service as a reviewer of the following journals/books:

ACM Computing Survey
IEEE/ACM Transactions on Networking (IEEE/ACM ToN)
ACM Transactions on Sensor Networks (ACM ToSN)
ACM Mobile Computing and Communications Review
ACM Transactions on Information and System Security (ACM TISSEC)
IEEE Journal on Selected Areas in Communications (IEEE JSAC)
IEEE Transaction on Dependable and Secure Computing (IEEE TDSC)
IEEE Transactions on Computers (IEEE ToC)
IEEE Transactions on Wireless Communication (IEEE TWC)
IEEE Transactions on Information Security & Forensics (IEEE TIFS)
Journla of Computer Security
International Journal of Information Security
IEEE Communication Letters
Elsevier Ad Hoc Networks Journal
IET Proceedings Information Security
The Handbook of Information Security (John Wiley \& Sons, Inc.)

Publications:

Copyright notice: The copyright of the papers available online had already been transferred to the corresponding organizations or presses.

M. Xu and S. Xu. An Extended Stochastic Model for Quantitative Security Analysis of Networked Systems. Internet Mathematics, accepted in Dec. 2011
Q. Zheng and S. Xu. Secure and Efficient Proof of Storage with Deduplication. To Appear in the Proceedings of Second ACM Conference on Data and Application Security and Privacy (ACM CODASPY'12).
Y. Shang, W. Luo, and S. Xu. L-hop percolation on networks with arbitrary degree distributions and its applications. Physical Review E, Sept. 2011.
J. Morales, M. Main, W. Luo, S. Xu, and R. Sandhu. Building Malware Infection Trees. Proceedings of the 6^th International Conference on Malicious and Unwanted Software (Malware 2011), to appear.
S. Xu, W. Lu, and Z. Zhan. A Stochastic Model of Multi-Virus Dynamics. IEEE Transactions on Dependable and Secure Computing (IEEE TDSC), Jan 2012.
S. Xu, W. Lu, and L. Xu. Push- and Pull-based Epidemic Spreading in Networks: Thresholds and Deeper Insights. ACM Transactions on Autonomous and Adaptive Systems (TAAS), to appear.
S. Xu, X. Li, P. Parker, and X. Wang. Exploiting Trust-Based Social Networks for Distributed Protection of Sensitive Data. IEEE Transactions on Information Forensics & Security, 2011.

earlier version appeared in AsiaCCS'08

H. Qian and S. Xu. Non-Interactive Multisignatures in the Plain Public-Key Model with Efficient Verification. Information Processing Letters, accepted, 2010
S. Xu, W. Lu, L. Xu, and Z. Zhan. Adaptive Epidemic Dynamics in Networks: Thresholds and Control. ACM Transactions on Autonomous and Adaptive Systems (TAAS) --- Special Issue on Adaptive Distributed Defense Systems. accepted.
H. Qian and S. Xu. Non-Interactive Editable Signatures for Assured Data Provenance. First ACM Conference on Data and Application Security and Privacy (ACM CODASPY'11).
Q. Zheng and S. Xu. Fair and Dynamic Proof of Retrievability. First ACM Conference on Data and Application Security and Privacy (ACM CODASPY'11).
X. Li, P. Parker, and S. Xu. A Stochastic Model for Quantitative Security Analysis of Networked Systems. IEEE Transactions on Dependable and Secure Computing (IEEE TDSC), 2011.
W. Tian, C. Qian and S. Xu, Performance comparison and feedback controller design of network controlled systems with continuous loss of states, Proc. of 2011 International Conference on Measuring Technology and Mechatronics Automation.
J. Morales, R. Sandhu, and S. Xu. Evaluating Detection and Treatment Effectiveness of Commercial Anti-Malware Programs. Proceedings of the 5th International Conference on Malicious and Unwanted Software (Malware 2010), pp ???.
J. Morales, A. Al-Bataineh, S. Xu and R. Sandhu. Analyzing and Exploiting Network Behaviors of Malware. SecureComm'10.
C. Qian, W. Tian, and S. Xu. Global stabilization over the network with continuous loss of states. MESA'10 (2010 IEEE/ASME International Conference on Mechatronic and Embedded Systems and Applications). pp 566-570.
J. Morales, E. Kartaltepe, S. Xu, and R. Sandhu. Symptoms-Based Detection of Bot Processes. MMM-ACNS-2010 (5th International Conference on Mathematical Methods, Models, and Architectures for Computer Networks Security).
E. Kartaltepe, J. Morales, S. Xu, and R. Sandhu. Social Network-Based Botnet Command-and-Control: Emerging Threats and Countermeasures. ACNS'10. Springer Lecture Notes in Computer Science 6123, pp 511-528.
S. Xu, H. Qian, F. Wang, Z. Zhan, E. Bertino, and R. Sandhu. Trustworthy Information: Concepts and Mechanisms. WAIM'10 (11th International Conference on Web-Age Information Management). Springer Lecture Notes in Computer Science 6184, pp 398-404.
S. Xu. Towards a Theoretical Framework for Trustworthy Cyber Sensing. Proceedings of the 2010 SPIE Conference on SPIE Defense, Security, and Sensing (DSS'10).
P. Parker and S. Xu. A Method for Safekeeping Cryptographic Keys from Memory Disclosure Attacks. Intrust'09.
S. Xu and M. Yung. SocialClouds: Concept, Security Architecture and Some Mechanisms. Intrust'09.
J. Morales, A. Al-Bataineh, S. Xu, and R. Sandhu. Analyzing DNS Activities of Bot Processes. Proceedings of the 4th International Conference on Malicious and Unwanted Software (Malware 2009).
Q. Ni, S. Xu, E. Bertino, R. Sandhu and W. Han. An Access Control Language for a General Provenance Model. Proc. 6th VLDB Workshop on Secure Data Management (SDM'09).
S. Xu, R. Sandhu, and E. Bertino. TIUPAM: A Framework for Trustworthiness-Centric Information Sharing. Invited paper in Proc. 3rd IFIP WG 11.11 International Conference on Trust Management, 2009.
S. Xu, Q. Ni, E. Bertino and R. Sandhu. A Characterization of the Problem of Secure Provenance Management. Proc. Workshop on Assured Information Sharing at the IEEE International Conference on Intelligence and Security Informatics (ISI'09).
S. Xu and M. Yung. Expecting the Unexpected: Towards Robust Credential Infrastructure. FC'09
J. Leonard, S. Xu, and R. Sandhu. A First Step Towards Characterizing Stealthy Botnets. To appear in the Proceedings of The Fourth International Conference on Availability, Reliability and Security (ARES'09), IEEE press, pp ???-???.
J. Leonard, S. Xu, and R. Sandhu. A Framework for Understanding Botnets. To appear in the Proceedings of the Third International Workshop on Advances in Information Security (WAIS'09), IEEE press, pp ???-???.
S. Xu. Collaborative Attack vs. Collaborative Defense. Invited Paper in the Proceedings of The 4th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborativeCom'08), pp ???-???, Nov. 13-16, 2008.
S. Xu. (How) Can We Manage the Trustworthiness of Security Infrastructures and Services. Abstract of Keynote address in the Proceedings of The 3rd Asia-Pacific Trusted Infrastructure Technologies Conference (APTC'08), IEEE press, pp ???-???, Oct. 14-17, 2008.
X. Ding, G. Tsudik, and S. Xu. Leak-free Mediated Group Signatures. Journal of Computer Security, Volume 17, Number 4, 2009, pp. 489-514.

This is the full version of the ICDCS paper below.

A. Kiayias, S. Xu, and M. Yung. Privacy Preserving Data Mining within Anonymous Credential Systems. SCN'08.
S. Xu and S. Capkun. Distributed and Secure Bootstrapping of Mobile Ad Hoc Networks: Framework and Constructions. ACM Transactions on Information and Systems Security (ACM TISSEC), 12(1), 2008.
X. Li, P. Parker, and S. Xu. A Probabilistic Characterization of A Fault-Tolerant Gossiping Algorithm. Journal of Systems Science and Complexity, Springer, Accepted.
D. Walleck, Y. Li, and S. Xu. An Empirical Analysis of Certificate Revocation Lists. IFIP DBSec'08.
S. Xu, X. Li, and P. Parker. Exploiting Social Networks for Thresholding Signing: Attack-resilience vs. Availability. ASIACCS'08.
E. Kartaltepe, P. Parker, and S. Xu. How to Secure Your Email Address Book and Beyond. CANS'07.
X. Li, P. Parker, and S. Xu. A Stochastic Characterization of a Fault-tolerant Gossip Algorithm. HASE'07.
K. Harrison and S. Xu. Protecting Cryptographic Keys from Memory Disclosure Attacks. DSN-DCCS'07. (Preliminary full version with source code is here; a significantly enriched full version will become available some time soon.)
P. Sharkey, H. Tian, W. Zhang, and S. Xu. Privacy-Preserving Data Mining Through Knowledge Model Sharing. PinKDD'07.
X. Li, P. Parker, and S. Xu. Towards an Analytic Model of Epidemic Spreading in Heterogeneous Systems. Qshine'07.
S. Xu and K. Han. Envisioning Stealthy Botnet C&C and Graph-based Detection Metrics (Abstract). DSN'07 fast abstract track.
S. Xu and R. Sandhu. A Scalable and Secure Cryptographic Service. IFIP DBSec'07. Preliminary full version is here.
X. Li, P. Parker, and S. Xu. Towards Quantifying the (In)Security of Networked Systems. IEEE AINA'07.
S. Xu and Moti Yung. K-anonymous Multi-party Secret Handshakes. Financial Cryptography and Data Security 2007 (FC'07).
S. Xu. On the security of group communication schemes. Journal of Computer Security, Volume 15, Number 1, 2007, pp. 129 - 169.
This is the full version of the SASN'05 paper below.
S. Zhu, S. Setia, S. Xu, and S. Jajodia. GKMPAN: An efficient group rekeying scheme for secure multicast in ad-hoc networks. Journal of Computer Security, Volume 14, Number 4, 2006, pp. 301 - 325.

This is the full version of the Mobiquitous'04 paper below.

S. Zhu, S. Xu, S. Setia, and S. Jajodia. LHAP: A Lightweight Network Access Control Protocol for Ad-Hoc Networks. Elsevier Ad Hoc Networks Journal, Volume 4, Issue 5, Sept. 2006, pp 567-585.

This is the full version of the MWN'03 paper below.

P. Parker and S. Xu. Towards Understanding the (In)security of Networked Systems under Topology-directed Stealthy Attacks. Proceedings of the 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing (DASC'06), pp ???-???.
G. Tsudik and S. Xu. A Flexible Framework for Secret Handshakes. In Proceedings of the 6th Workshop on Privacy Enhancing Technologies (PET'06).

This is an extended version of the PODC'05 brief announcement.

J. Dowd, S. Xu, and W. Zhang. Privacy-Preserving Decision Tree Mining Based on Random Substitutions. In the Proceedings of the 2006 International Conference on Emerging Trends in Information and Communication Security (ETRICS'06), LNCS 3995, pp 145-159.
E. Kartaltepe and S. Xu. Towards Blocking Outgoing Malicious Impostor Emails. In the Proceedings of the 2nd International Workshop on Trust, Security and Privacy for Ubiquitous Computing. IEEE Press, pp 657-661.
S. Xu. On the Security of Group Communication Schemes based on Symmetric Key Cryptosystems. In the Proceedings of ACM Workshop on Security of Ad hoc and Sensor Network 2005 (ACM SASN'05), ACM press, pp 22-31.

The full version is invited to submit to a special issue of Journal of Computer Security.

E. Kartaltepe and S. Xu. On Automatically Detecting Malicious Imposter Emails. In Proceedings of International Workshop on Applied PKI 2005 (IWAP'05), IOS Press, pp ??-??.
G. Tsudik and S. Xu. Brief Announcement: A Flexible Framework for Secret Handshakes. In Proceedings of ACM Symposium on Princples of Distributed Computing 2005 (ACM PODC'05), ACM Press, pp 39.
S. Xu and W. Zhang. Knowledge as a Service and Knowledge Breaching. In the Proceedings of IEEE International Conference on Service Computing (IEEE SCC'05), IEEE Press, pp 87-94.
S. Xu and M. Yung. K-Anonymous Secret Handshakes with Reusable Credentials. ACM CCS'04. (full version not available yet)
S. Xu and W. Zhang. PBKM: A Secure Knowledge Management Framework. NSF/NSA/AFRL Workshop on Secure Knowledge Management'04.
S. Xu and M. Yung. Accountable Ring Signatures: A Smart Card Approach. IFIP CARDIS'04.
S. Zhu, S. Setia, S. Xu, and S. Jajodia. GKMPAN: An Efficient Group Rekeying Scheme for Secure Multicast in Ad-Hoc Networks. Mobiquitous'04.
S. Xu, W. Nelson Jr. and R. Sandhu. Enhancing Anonymity via Market Competition. Information Assurance and Security -- IEEE ITCC'04.
S. Xu and R. Sandhu. Applying OM-AM to Analyze Digital Rights Management. 7th International Conference on E-Commerce Research, 2004.
X. Ding, G. Tsudik, and S. Xu. Leak-free Group Signatures with Immediate Revocation. ICDCS'04.
G. Tsudik and S. Xu. Accumulating Composites and Improved Group Signing. Asiacrypt'03; an extended preliminary version is here. (This paper is under substantial revision; the revisited version will be posted when it is available.)
S. Zhu, S. Xu, S. Setia, and S. Jajodia. Establishing Pair-Wise Keys for Secure Communication in Ad Hoc Networks: A Probabilistic Approach. ICNP'03.
A. Bagchi, A. Chaudhary, M. Goodrich, and S. Xu. Constructing Dijoint Paths for Secure Communication. DISC'03.
S. Zhu, S. Xu, S. Setia, and S. Jajodia. LHAP: A Light-weight Hop-by-hop Authentication Protocol For Ad-Hoc Networks. Workshop on Mobile and Wireless Networks (MWN'03, affiliated with ICDCS'03)
S. Xu and M. Yung. Retrofitting Fairness on the Original RSA-Based E-Cash. Financial Cryptography'03.
S. Xu and R. Sandhu. Two Efficient and Provably Secure Schemes for Server-Assisted Threshold Signatures. RSA-CT'03.
Y. Dodis, J. Katz, S. Xu, and M. Yung. Strong Key-Insulated Signature Schemes. PKC'03.
Y. Dodis, J. Katz, S. Xu, and M. Yung. Key-Insulated Public Key Cryptosystems. Eurocrypt'02.
S. Xu and M. Yung. The Dark Side of Threshold Cryptography. Financial Cryptography'02.
S. Xu and R. Sandhu. Authenticated Multicast Immune to Denial-of-Service Attacks. ACM SAC'02.
S. Xu, M. Yung, and G. Zhang. Friendly Observers Ease Off-Line E-Cash. CARDIS'00.
S. Xu, M. Yung, and G. Zhang. Scalable, Tax-Evasion Free, Anonymous Investing. IFIP SEC'00.
S. Xu, M. Yung, G. Zhang, and H. Zhu. Money Conservation via Atomicity in Fair Off-Line E-Cash. ISW'99, LNCS 1729.
S. Xu, G. Zhang, and H. Zhu. Securing Systems Using E-Cash. InfoSecu'99.
S. Xu, G. Zhang, and H. Zhu. Two Digital Signature Schemes Based on Graph 3-Colorability Problem. ICYCS'99.
S. Xu, H. Zhu, and G. Zhang. Digital Signature Schemes Based on Graph Isomorphism and Graph 3-Colorability Problems. CrypTEC'99.
S. Xu, G. Zhang, and H. Zhu. On the Security of Three-Party Cryptogrpahic Protocols. ACM Operating Systems Review, Vol. 32, No. 3, July 1998, pp 7-20.
S. Xu, G. Zhang, and H. Zhu. On the Security of Cryptogrpahic Protocols (Extended Abstract). ChinaCrypt'98.
S. Xu, G. Zhang, and H. Zhu. On the Properties of Cryptogrpahic Protocols and the Weaknesses of BAN-Like Logics. ACM Operating Systems Review, Vol. 31, No. 4, October 1997, pp 12-23.
S. Xu, G. Zhang, H. Zhu et al. A General Solution to the Security Problems on the Internet/Intranet Platform. Proceedings of the Sixth Chinese Symposium on Security and Privacy, 1997.

Other Publications (in Chinese):

S. Xu. Studies in Digital Currency. PhD Thesis, Dec. 1999, Department of Computer Science, Fudan University, Shanghai, China.
S. Xu, G. Zhang, and H. Zhu. A Self-Delegation System and the Knowledge Complexity of Problems. Journal of Software, Vol. 10, No. 2, February 1999, pp 170-174.
S. Xu and G. Zhang. Encryption Mechanism for Routing Information Based on the Internet Protocol. Computer Research and Development, Vol. 35, No. 8, August 1998, 753-759
S. Xu, G. Zhang, and H. Zhu. Recent Advances in Modern Cryptography. NCYCS'98.
S. Xu and M. Hu. Security Strategy for Oracle-Based Application Systems. Computer Engineering and Design, Vol. 18, No. 4, April 1997, pp 43-38.
S. Xu and M. Hu. Prospects on Database Security. Computer Engineering, Vol. 23, No. 3, March 1997, pp 50-53.
S. Xu and M. Hu. The Storage and Retrieve Techniques for Object-Oriented Multimedia DataBase Systems. Computer Engineering, Vol. 22, No. 5, May 1996, pp 14-17.
S. Xu and M. Hu. Database Based on Spatial Algebra. Software, Vol. 4, No. 3, March 1996, pp 20-23.