For wisdom will enter your heart, and knowledge will be pleasant to your soul.

I graduated from George Mason University in 2003, and had been a faculty member at Singapore Management University from 2003 to 2019 (my previous webpage).

My research interests: Blockchain security and privacy, IoT Security and Privacy, Mobile and System Security, Applied Cryptography and Cloud Security, Data Applications Security and Privacy

Current bio and updated CV

Recent events and services:

 

1.     I serve on the editorial board for IEEE Transactions on Secure and Dependable Computing (TDSC), 2021.

2.     I gave a keynote talk "Robust Android Malware Detection" at the 23rd International Conference on Information Security (ISC), 16-20 December 2020.

3.     I gave a spitfire talk "Blockchain Rewriting Made Fine-Grained and Accountable" at Ripple's University Blockchain Research Initiative (UBRI) Connect, October 11-13, 2020.

4.     I participated in the panel discussion "Post COVID-19 Cybersecurity Risks and Opportunities" at Oregon Cyber Resilience Summit 2020, Eugene, Oregon, October 13-15, 2020.

5.     Graduate Education Committee (GEC), Computer and Information Science Department, University of Oregon, 1 October 2020 - present.

6.     Curriculum Committee (CC), Computer and Information Science Department, University of Oregon, 1 October 2020 - present.

7.     Information Security and Privacy Governance Subcommittee (ISP GC), University of Oregon, October 2020 - present.

8.     Committee on Sexual and Gender Based Violence, University of Oregon, 1 May 2020 - present.

 

Recent conference program committees:

 

1.     The 17th EAI International Conference on Security and Privacy in Communication Networks (SecureComm), 2021.

2.     The 35^th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSEC), 2021.

3.     The 36^th IFIP TC-11 SEC 2020 International Information Security and Privacy Conference (IFIP SEC), 2021.

4.     The 25^th European Symposium on Research in Computer Security (ESORICS), 2020.

5.     The 18th International Conference on Applied Cryptography and Network Security (ACNS), 2020.

6.     The 34^th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSEC), 2020.

7.     The 35^th IFIP TC-11 SEC 2020 International Information Security and Privacy Conference (IFIP SEC), 2020.

8.     The 16th International Conference on Information Security and Cryptology (Inscrypt), 2020.

9.     The 24^th European Symposium on Research in Computer Security (ESORICS), 2019.

10.  The 17^th International Conference on Applied Cryptography and Network Security (ACNS), 2019.

11.  The 33^rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec), 2019.

12.  The 18^th International Conference on Cryptology and Network Security (CANS), 2019.

13.  The 1^st International Workshop on Self-Protecting Systems (SPS) 2019.

14.  The 15^th International Conference on Information Security Practice and Experience (ISPEC), 2019.

 

Recent publications: 

 

2021

1. Jianting Ning, Xinyi Huang, Geong Sen Poh, Jiaming Yuan, Yingjiu Li, Jian Weng, Robert H. Deng: LEAP: Leakage-Abuse Attack on Efficiently Deployable, Efficiently Searchable Encryption with Partially Known Dataset. Accepted by the ACM Conference on Computer and Communications Security (ACM CCS), Seoul, South Korea, November 14-19, 2021.
2. Jiayun Xu, Yingjiu Li, Robert Deng: Differential Training: A Generic Framework to Reduce Label Noises for Android Malware Detection. The Network and Distributed System Security Symposium (NDSS), February 21-24, 2021.
3. Ximing Liu, Yingjiu Li, Robert H. Deng: UltraPIN: Inferring PIN Entries via Ultrasound. The ACM Asia Conference on Computer and Communications Security (ACM ASIACCS), 944-957, Hong Kong, June 7-11, 2021.
4. Yan Li, Yao Cheng, Weizhi Meng, Yingjiu Li, Robert H. Deng: Designing Leakage-Resilient Password Entry on Head-Mounted Smart Wearable Glass Devices. IEEE Transactions on Information Forensics and Security (TIFS), 16: 307-321, 2021.
5. Shengmin Xu, Jianting Ning, Xinyi Huang, Yingjiu Li, Guowen Xu: Untouchable Once Revoking: A Practical and Secure Dynamic EHR Sharing System via Cloud. Accepted by IEEE Transactions on Dependable and Secure Computing (TDSC), August 2021.
6. Binanda Sengupta, Yingjiu Li, Yangguang Tian, Robert Deng, Zheng Yang: Policy-Based Editing-Enabled Signatures: Authenticating Fine-Grained and Restricted Data Modification. Accepted by The Computer Journal (COMPJ), Oxford Academic, 2021.
7. Yangguang Tian, Yingjiu Li, Robert Deng, Binanda Sengupta, Guomin Yang: Lattice-Based Remote User Authentication from Reusable Fuzzy Signature. Journal of Computer Security (JCS), 29(3): 273-298, IOS Press, 2021.

 

2020

1. Yangguang Tian, Nan Li, Yingjiu Li, Pawel Szalachowski, Jianying Zhou: Policy-Based Chameleon Hash for Blockchain Rewriting with Black-Box Accountability. The 36th Annual Computer Security Applications Conference (ACSAC), 813-828, Austin, Texas, December 7-11, 2020.
2. Tao Xue, Yu Wen, Bo Luo, Boyang Zhang, Yang Zheng, Yanfei Hu, Yingjiu Li, Gang Li, Dan Meng: GuardSpark++: Fine-Grained Purpose-Aware Access Control for Secure Data Sharing and Analysis in Spark. The 36th Annual Computer Security Applications Conference (ACSAC), 582-596, Austin, Texas, December 7-11, 2020.
3. Jiayun Xu, Yingjiu Li, Robert H. Deng, Ke Xu: SDAC: A Slow-Aging Solution for Android Malware Detection Using Semantic Distance Based API Clustering. Accepted by IEEE Transactions on Dependable and Secure Computing (TDSC), 2020.
4. Shengmin Xu, Jianting Ning, Yingjiu Li, Yinghui Zhang, Guowen Xu, Xinyi Huang, Robert H. Deng: Match in My Way: Fine-Grained Bilateral Access Control for Secure Cloud-Fog Computing. Accepted by IEEE Transactions on Dependable and Secure Computing (TDSC), 2020.
5. Yao Cheng, Chang Xu, Zhen Hai, Yingjiu Li: DeepMnemonic: Password Mnemonic Generation via Deep Attentive Encoder-Decoder Model. Accepted by IEEE Transactions on Dependable and Secure Computing (TDSC), 2020.
6. Binanda Sengupta, Yingjiu Li, Yangguang Tian, Robert Deng: A New Tool for Editing Authenticated Data. IEEE Internet of Things (IoT) Journal, 7(6): 4997-5007, 2020.
7. Binanda Sengupta, Yingjiu Li, Kai Bu, Robert Deng: Privacy-Preserving Network Path Validation. ACM Transactions on Internet Technology (TOIT), 20(1): 5:1-5:27, 2020.
8. Kai Bu, Avery Laird, Yutian Yang, Linfeng Cheng, Jiaqing Luo, Yingjiu Li, Kui Ren: Unveiling the Mystery of Internet Packet Forwarding: A Survey of Network Path Validation. ACM Computing Survey (CSUR) 53(5): 104:1-104:34, 2020.
9. Shengmin Xu, Jiaming Yuan, Guowen Xu, Yingjiu Li, Ximeng Liu, Yinghui Zhang, Zuobin Ying: Efficient ciphertext-policy attribute-based encryption with blackbox traceability. Information Science, 538: 19-38, 2020.
10. Yangguang Tian, Yingjiu Li, Yi Mu, Guomin Yang: Unlinkable and Revocable Secret Handshake for IoT. The Computer Journal (COMPJ), 63(4): 536-548, Oxford University, 2020.
11. Yangguang Tian, Yingjiu Li, Robert H. Deng, Nan Li, Guomin Yang, Zheng Yang: A New Construction for Linkable Secret Handshake. The Computer Journal (COMPJ), 63(4): 536-548, Oxford Academic, 2020.
12. Yang Yang, Ximeng Liu, Robert H. Deng, Yingjiu Li: Lightweight Sharable and Traceable Secure Mobile Health System. IEEE Transactions on Dependable and Secure Computing (TDSC), 17(1): 78-91, 2020.
13. Yangguang Tian, Yingjiu Li, Robert Deng, Pengfei Wu, Nan Li, Anyi Liu: A New Framework for Privacy-Preserving Biometric-Based Remote User Authentication. Journal of Computer Security (JCS), 28(4): 469-498, 2020.
14. Yangguang Tian, Yingjiu Li, Binanda Sengupta, Nan Li, Chunhua Su: Leakage-resilient biometric-based remote user authentication with fuzzy extractors. Theoretical Computer Science, 814: 223-233, 2020.

 

2019

1. Shengmin Xu, Jiaming Yuan, Yingjiu Li, Ximeng Liu, Yinghui Zhang: Super Payment Channel for Decentralized Cryptocurrencies. IEEE Conference on Dependable and Secure Computing (IDSC), Hangzhou, China, November 18-20, 2019.
2. Yangguang Tian, Yingjiu Li, Binanda Sengupta, Nan Li, Yong Yu: Anonymous Asynchronous Payment Channel from K-Time Accountable Assertion (short paper). The 18th International Conference on Cryptology and Network Security (CANS), Fuzhou, China, October 25-27, 2019.
3. Shengmin Xu, Yingjiu Li, Ximeng Liu, Guomin Yang, Yinghui Zhang: Generic Construction of ElGamal-Type Attribute-Based Encryption Schemes with Revocability and Dual-Policy. The 15th EAI International Conference on Security and Privacy in Communication Networks (SecureComm), Orlando, United States, October 23-25, 2019.
4. Yan Li, Zilong Wang, Yingjiu Li, Robert H. Deng, Binbin Chen, Weizhi Meng, Hui Li: A Closer Look Tells More: A Facial Distortion Based Liveness Detection for Face Authentication (short paper). The 14th ACM Asia Conference on Information, Computer and Communications Security (ASIACCS), Auckland, New Zealand, July 7-12, 2019.
5. Ke Xu, Yingjiu Li, Robert H. Deng, Kai Chen, Jiayun Xu: DroidEvolver: Self-Evolving Android Malware Detection System. The 4th IEEE European Symposium on Security and Privacy (EuroS&P), Stockholm, Sweden, June 17-19, 2019.
6. Pamela Hui Ting Chua, Yingjiu Li, Wei He: Adopting Hyperledger Fabric Blockchain for EPCglobal Network. The 13th Annual International Conference on RFID (IEEE RFID), Phoenix, AZ, April 2-4, 2019.
7. Shengmin Xu, Yingjiu Li, Robert H. Deng, Yinghui Zhang, Xiangyang Luo, Ximeng Liu: Lightweight and Expressive Fine-grained Access Control for Healthcare Internet-of-Things. Accepted by IEEE Transactions on Cloud Computing (TCC), 2019.
8. Yangguang Yang, Yingjiu Li, Ximeng Liu, Robert H. Deng, Binanda Sengupta: Privacy-Preserving Biometric-Based Remote User Authentication. Accepted by Journal of Internet Technology (JIT), Taiwan Academic Network, 2019.
9. Xingjie Yu, Michael Shiwen Thang, Yingjiu Li, Robert H. Deng: Collusion Attacks and Fair Time-Locked Deposits for Fast-Payment Transactions in Bitcoin. Journal of Computer Security (JCS) 27(3): 375-403, IOS Press, 2019.
10. Anyi Liu, Huirong Fu, Yuan Hong, Jigang Liu, Yingjiu Li: LiveForen: Ensuring Live Forensic Integrity in the Cloud. IEEE Transactions on Information Forensics and Security (TIFS), 14(10): 2749-2764, 2019.
11. Yangguang Tian, Yingjiu Li, Guomin Yang, Willy Susilo, Yi Mu, Hui Cui, Yinghui Zhang: DABKE: Secure Deniable Attribute-Based Key Exchange Framework. Journal of Computer Security (JCS), 27(2): 259-275, IOS Press, 2019.

 

My publications on DBLP

 

It's worth mentioning: 

 

1.     Android Security Flaws Identified (Google 2016)

We discovered a series of Android framework vulnerabilities and attacks on Android 5.1.0 and 4.4.4 and reported to Google in November 2015. Google acknowledged our findings in its Android Security Acknowledgements - 2016 and in its Nexus Security Bulletin - March 2016. In particular, our finding on Information Disclosure Vulnerability in Telephony is given a common vulnerabilities and exposures (CVE) number CVE-2016-0831.

 

2.     Book Authored (Springer 2015)

Yingjiu Li, Qiang Yan, Robert H. Deng: Leakage Resilient Password Systems. 64 pages, ISBN 978-3-319-17502-7, Springer Briefs in Computer Science, Springer, April 2015. [buy this book at Springer]

 

3.     Book Authored (Morgan & Claypool 2013)

Yingjiu Li, Robert H. Deng, Elisa Bertino: RFID Security and Privacy. 158 pages, ISBN-13: 978-1627053259, Synthesis Lectures on Information Security, Privacy, & Trust, Morgan & Claypool Publishers, December 2013. [purchase hardcopy at Amazon] [purchase softcopy at M&C]

 

4.     iOS Security Flaws Identified (Apple 2013)

We identified seven attacks which can be performed by third-party applications on iOS 5 and iOS 6. We reported our findings to Apple's security team in October 2012. Three attacks, which include passcode cracking (CVE-2013-0957), interference with or control of telephony functionality (CVE-2013-5156) and sending tweets without the user's awareness and permission (CVE-2013-5157), were rectified by Apple in its release of iOS 7 in Sept 2013.

 

5.     Distinguished Paper Award (NDSS 2012).

Qiang Yan, Jin Han, Yingjiu Li, Robert Deng: On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability. 19th Network & Distributed System Security Symposium (NDSS), San Diego, California, USA, February 5-8, 2012.

Last updated: August 2021.