For wisdom will enter your heart, and knowledge will be pleasant to your soul.

I graduated from George Mason University in 2003, and had been a faculty member at Singapore Management University from 2003 to 2019 (my previous webpage).

My research interests: Blockchain security and privacy, IoT Security and Privacy, Mobile and System Security, Applied Cryptography and Cloud Security, Data Applications Security and Privacy

Current bio and updated CV

Recent events and services:

 

1.     I serve on the editorial board for IEEE Transactions on Reliability (TRel), since 2022.

2.     I serve on the editorial board for IEEE Transactions on Secure and Dependable Computing (TDSC), since 2021.

3.     I gave a keynote talk "Accountable Blockchain Rewriting" at International Conference on Network Security and Blockchain Technology (ICNSBT 2021), Kolkata, India, December 2-4, 2021.

4.     I gave a keynote talk "Robust Android Malware Detection" at the 23rd International Conference on Information Security (ISC), 16-20 December 2020.

5.     I gave a spitfire talk "Blockchain Rewriting Made Fine-Grained and Accountable" at Ripple's University Blockchain Research Initiative (UBRI) Connect, October 11-13, 2020.

6.     I participated in the panel discussion "Post COVID-19 Cybersecurity Risks and Opportunities" at Oregon Cyber Resilience Summit 2020, Eugene, Oregon, October 13-15, 2020.

7.     Graduate Education Committee (GEC), Computer and Information Science Department, University of Oregon, October 2020 - September 2021.

8.     Curriculum Committee (CC), Computer and Information Science Department, University of Oregon, October 2020 - September 2021.

9.     Joint Recruiting Committee for Tenure-Track Faculty in Biomedical Data Science, University of Oregon, October 2021 - March 2022.

10.  Undergraduate Education Committee (UEC), Computer and Information Science Department, University of Oregon, October 2021 - present.

11.  Information Security and Privacy Governance Subcommittee (ISP GC), University of Oregon, October 2020 - present.

12.  Committee on Sexual and Gender Based Violence, University of Oregon, May 2020 - present.

 

Recent conference program committees:

 

1.     The 36^th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSEC), 2022.

2.     The 27th Australasian Conference on Information Security and Privacy (ACISP), 2022.

3.     The 17th International Conference on Information Security Practice and Experience (ISPEC), 2022.

4.     The 4th International Conference on Science of Cyber Security (SciSec), 2022.

5.     The 17th EAI International Conference on Security and Privacy in Communication Networks (SecureComm), 2021.

6.     The 35^th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSEC), 2021.

7.     The 36^th IFIP TC-11 SEC 2020 International Information Security and Privacy Conference (IFIP SEC), 2021.

8.     The 25^th European Symposium on Research in Computer Security (ESORICS), 2020.

9.     The 18th International Conference on Applied Cryptography and Network Security (ACNS), 2020.

10.  The 34^th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSEC), 2020.

11.  The 35^th IFIP TC-11 SEC 2020 International Information Security and Privacy Conference (IFIP SEC), 2020.

12.  The 16th International Conference on Information Security and Cryptology (Inscrypt), 2020.

 

Recent publications: 

 

2022

1. Bowen Zhao, Yingjiu Li, Ximeng Liu, Hwee Hwa Pang, Robert Deng: FREED: An Efficient Privacy-Preserving Solution for Person Re-Identification. 5^th IEEE Conference on Dependable and Secure Computing (IEEE DSC), Edinburgh, UK, June 22 - 24, 2022. (Best Paper Award)
2. Zhuoran Ma, Jianfeng Ma, Yinbin Miao, Yingjiu Li, Bowen Zhao, Yang Yang, Ximeng Liu, Robert Deng: ShieldFL: Mitigating Model Poisoning Attacks in Privacy-Preserving Federated Learning. IEEE Transactions on Information Forensics and Security (TIFS), 17: 1639-1654, 2022.
3. Shengmin Xu, Jianting Ning, Yingjiu Li, Yinghui Zhang, Guowen Xu, Xinyi Huang, Robert H. Deng: Match in My Way: Fine-Grained Bilateral Access Control for Secure Cloud-Fog Computing. IEEE Transactions on Dependable and Secure Computing (TDSC), 19(2): 1064-1077, 2022.
4. Jiayun Xu, Yingjiu Li, Robert H. Deng, Ke Xu: SDAC: A Slow-Aging Solution for Android Malware Detection Using Semantic Distance Based API Clustering. IEEE Transactions on Dependable and Secure Computing (TDSC), 19(2): 1149-1163, 2022.
5. Tao Xue, Yu Wen, Bo Luo, Gang Li, Yingjiu Li, Boyang Zhang, Yang Zheng, Yanfei Hu, Dan Meng: SparkAC: Fine-Grained Access Control in Spark for Secure Data Sharing and Analytics. Acceped by IEEE Transactions on Dependable and Secure Computing (TDSC), 2022.
6. Yao Cheng, Chang Xu, Zhen Hai, Yingjiu Li: DeepMnemonic: Password Mnemonic Generation via Deep Attentive Encoder-Decoder Model. IEEE Transactions on Dependable and Secure Computing (TDSC), 19(1):77-90, 2022.
7. Li Song, Qiongxiao Wang, Jingqiang Lin, Yingjiu Li, Shijie Jia: Approach then connect: A Physical Location-based Wi-Fi Password Dynamic Update Scheme. IEEE Wireless Communications and Networking Conference (WCNC), 1010-1015, Austin, TX, USA, April 10-13, 2022.

 

2021

1. Jianting Ning, Xinyi Huang, Geong Sen Poh, Jiaming Yuan, Yingjiu Li, Jian Weng, Robert H. Deng: LEAP: Leakage-Abuse Attack on Efficiently Deployable, Efficiently Searchable Encryption with Partially Known Dataset. Accepted by the ACM Conference on Computer and Communications Security (ACM CCS), Seoul, South Korea, November 14-19, 2021.
2. Jiayun Xu, Yingjiu Li, Robert Deng: Differential Training: A Generic Framework to Reduce Label Noises for Android Malware Detection. The Network and Distributed System Security Symposium (NDSS), February 21-24, 2021.
3. Ximing Liu, Yingjiu Li, Robert H. Deng: UltraPIN: Inferring PIN Entries via Ultrasound. The ACM Asia Conference on Computer and Communications Security (ACM ASIACCS), 944-957, Hong Kong, June 7-11, 2021.
4. Yan Li, Yao Cheng, Weizhi Meng, Yingjiu Li, Robert H. Deng: Designing Leakage-Resilient Password Entry on Head-Mounted Smart Wearable Glass Devices. IEEE Transactions on Information Forensics and Security (TIFS), 16: 307-321, 2021.
5. Shengmin Xu, Jianting Ning, Yingjiu Li, Yinghui Zhang, Guowen Xu, Xinyi Huang, Robert H. Deng: A Secure EMR Sharing System with Tamper Resistance and Expressive Access Control. Accepted by IEEE Transactions on Dependable and Secure Computing (TDSC), November 2021.
6. Shengmin Xu, Jianting Ning, Xinyi Huang, Yingjiu Li, Guowen Xu: Untouchable Once Revoking: A Practical and Secure Dynamic EHR Sharing System via Cloud. Accepted by IEEE Transactions on Dependable and Secure Computing (TDSC), August 2021.
7. Binanda Sengupta, Yingjiu Li, Yangguang Tian, Robert Deng, Zheng Yang: Policy-Based Editing-Enabled Signatures: Authenticating Fine-Grained and Restricted Data Modification. Accepted by The Computer Journal (COMPJ), Oxford Academic, 2021.
8. Yangguang Tian, Yingjiu Li, Robert Deng, Binanda Sengupta, Guomin Yang: Lattice-Based Remote User Authentication from Reusable Fuzzy Signature. Journal of Computer Security (JCS), 29(3): 273-298, IOS Press, 2021.

 

2020

1. Yangguang Tian, Nan Li, Yingjiu Li, Pawel Szalachowski, Jianying Zhou: Policy-Based Chameleon Hash for Blockchain Rewriting with Black-Box Accountability. The 36th Annual Computer Security Applications Conference (ACSAC), 813-828, Austin, Texas, December 7-11, 2020.
2. Tao Xue, Yu Wen, Bo Luo, Boyang Zhang, Yang Zheng, Yanfei Hu, Yingjiu Li, Gang Li, Dan Meng: GuardSpark++: Fine-Grained Purpose-Aware Access Control for Secure Data Sharing and Analysis in Spark. The 36th Annual Computer Security Applications Conference (ACSAC), 582-596, Austin, Texas, December 7-11, 2020.
3. Binanda Sengupta, Yingjiu Li, Yangguang Tian, Robert Deng: A New Tool for Editing Authenticated Data. IEEE Internet of Things (IoT) Journal, 7(6): 4997-5007, 2020.
4. Binanda Sengupta, Yingjiu Li, Kai Bu, Robert Deng: Privacy-Preserving Network Path Validation. ACM Transactions on Internet Technology (TOIT), 20(1): 5:1-5:27, 2020.
5. Kai Bu, Avery Laird, Yutian Yang, Linfeng Cheng, Jiaqing Luo, Yingjiu Li, Kui Ren: Unveiling the Mystery of Internet Packet Forwarding: A Survey of Network Path Validation. ACM Computing Survey (CSUR) 53(5): 104:1-104:34, 2020.
6. Shengmin Xu, Jiaming Yuan, Guowen Xu, Yingjiu Li, Ximeng Liu, Yinghui Zhang, Zuobin Ying: Efficient ciphertext-policy attribute-based encryption with blackbox traceability. Information Science, 538: 19-38, 2020.
7. Yangguang Tian, Yingjiu Li, Yi Mu, Guomin Yang: Unlinkable and Revocable Secret Handshake for IoT. The Computer Journal (COMPJ), 63(4): 536-548, Oxford University, 2020.
8. Yangguang Tian, Yingjiu Li, Robert H. Deng, Nan Li, Guomin Yang, Zheng Yang: A New Construction for Linkable Secret Handshake. The Computer Journal (COMPJ), 63(4): 536-548, Oxford Academic, 2020.
9. Yang Yang, Ximeng Liu, Robert H. Deng, Yingjiu Li: Lightweight Sharable and Traceable Secure Mobile Health System. IEEE Transactions on Dependable and Secure Computing (TDSC), 17(1): 78-91, 2020.
10. Yangguang Tian, Yingjiu Li, Robert Deng, Pengfei Wu, Nan Li, Anyi Liu: A New Framework for Privacy-Preserving Biometric-Based Remote User Authentication. Journal of Computer Security (JCS), 28(4): 469-498, 2020.
11. Yangguang Tian, Yingjiu Li, Binanda Sengupta, Nan Li, Chunhua Su: Leakage-resilient biometric-based remote user authentication with fuzzy extractors. Theoretical Computer Science, 814: 223-233, 2020.

 

My publications on DBLP

 

It's worth mentioning: 

 

1.     Best Paper Award (DSC 2022)

Bowen Zhao, Yingjiu Li, Ximeng Liu, Hwee Hwa Pang, Robert Deng: FREED: An Efficient Privacy-Preserving Solution for Person Re-Identification. 5^th IEEE Conference on Dependable and Secure Computing (IEEE DSC), Edinburgh, UK, June 22 - 24, 2022.

 

2.     UBRI Educator (Ripple 2021)

Yingjiu Li received the UBRI Educator award, 2021 UBRI Award Winners, Ripple's University Blockchain Research Initiative (UBRI), 2021.

 

3.     Android Security Flaws Identified (Google 2016)

We discovered a series of Android framework vulnerabilities and attacks on Android 5.1.0 and 4.4.4 and reported to Google in November 2015. Google acknowledged our findings in its Android Security Acknowledgements - 2016 and in its Nexus Security Bulletin - March 2016. In particular, our finding on Information Disclosure Vulnerability in Telephony is given a common vulnerabilities and exposures (CVE) number CVE-2016-0831.

 

4.     Book Authored (Springer 2015)

Yingjiu Li, Qiang Yan, Robert H. Deng: Leakage Resilient Password Systems. 64 pages, ISBN 978-3-319-17502-7, Springer Briefs in Computer Science, Springer, April 2015. [buy this book at Springer]

 

5.     Book Authored (Morgan & Claypool 2013)

Yingjiu Li, Robert H. Deng, Elisa Bertino: RFID Security and Privacy. 158 pages, ISBN-13: 978-1627053259, Synthesis Lectures on Information Security, Privacy, & Trust, Morgan & Claypool Publishers, December 2013. [purchase hardcopy at Amazon] [purchase softcopy at M&C]

 

6.     iOS Security Flaws Identified (Apple 2013)

We identified seven attacks which can be performed by third-party applications on iOS 5 and iOS 6. We reported our findings to Apple's security team in October 2012. Three attacks, which include passcode cracking (CVE-2013-0957), interference with or control of telephony functionality (CVE-2013-5156) and sending tweets without the user's awareness and permission (CVE-2013-5157), were rectified by Apple in its release of iOS 7 in Sept 2013.

 

7.     Distinguished Paper Award (NDSS 2012).

Qiang Yan, Jin Han, Yingjiu Li, Robert Deng: On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability. 19th Network & Distributed System Security Symposium (NDSS), San Diego, California, USA, February 5-8, 2012.

Last updated: Sept 2022.