Your search keyword '"Wu Jiangxing"' showing total 14 results

1. SecMVX: Analysis on the vulnerability of multi-variant execution

Author

Wu Jiangxing, Wang Xiaomei, Qu Sheng, Zheng Zhang, and Li Bingzheng

Subjects

Computer Networks and Communications, business.industry, Computer science, Distributed computing, Vulnerability, Spec#, Instruction set, Consistency (database systems), Kernel (linear algebra), Software, Synchronization (computer science), Benchmark (computing), Electrical and Electronic Engineering, business, computer, computer.programming_language

Abstract

As an active defenses technique, multivariant execution(MVX) can detect attacks by monitoring the consistency of heterogeneous variants with parallel execution. Compared with patch-style passive defense, MVX can defend against known and even unknown vulnerability-based attacks without relying on attack feature information. However, variants generated with software diversity technologies will introduce new vulnerabilities when they execute in parallel. First, we analyze the security of MVX theory from the perspective of formal description. Then we summarize the general forms and techniques for attacks against MVX, and analyze the new vulnerabilities arising from the combination of variant generation technologies. We propose SecMVX, a secure MVX architecture and variant generation technology. Experimental evaluations based on CVEs and SPEC 2006 benchmark show that SecMVX introduces 11.29% of the average time overhead, and avoids vulnerabilities caused by the improper combination of variant generation technologies while keeping the defensive ability of MVX.

Published

2021

2. Secure Cloud Architecture for 5G Core Network

Author

WU Jiangxing, Hu Hongchao, Liu Wenyan, LI Lingshu, and Guo Zehua

Subjects

Service (systems architecture), Cloud computing security, Computer science, business.industry, Applied Mathematics, Control reconfiguration, Core network, Hypervisor, Cloud computing, computer.software_genre, Scalability, Malware, Electrical and Electronic Engineering, business, computer, Computer network

Abstract

Service-based architecture (SBA) is a profound advancement in the novel 5G Core network (5GC). Existing studies show that SBA can benefit from cloud computing to achieve extensibility, modularity, reusability, and openness. It also brings security problems (e.g., hypervisor hijacking, and malware injection). To provide secure 5G services, we propose a service-based cloud architecture called Mimicloud for 5GC based on dynamic and heterogeneous techniques. Mimicloud provides flexible reconfiguration mechanisms to protect containers and eliminate all attack knowledge obtained from adversaries. We use multiple containers to execute crucial services and ensure security with crosscheck. Mimicloud employs heterogeneous components to prevent multiple containers from being breached through the same vulnerabilities. Experimental results show that Mimicloud can effectively strengthen the security of the 5GC. The performance overhead is analyzed in order to demonstrate its scalability.

Published

2021

3. Dynamic changes in soil chemical properties and microbial community structure in response to different nitrogen fertilizers in an acidified celery soil

Author

Lian Ying, Huaiying Yao, Yuping Wu, Wu Jiangxing, Sun Hui, Philip C. Brookes, Yaying Li, Danchao Xie, and Ma Yongjun

Subjects

Ecology, Calcium cyanamide, Soil Science, Biomass, chemistry.chemical_element, engineering.material, complex mixtures, Nitrogen, Horticulture, chemistry.chemical_compound, Microbial population biology, chemistry, Soil pH, engineering, Urea, Ammonium, Fertilizer, Ecology, Evolution, Behavior and Systematics

Abstract

To determine the effects of different kinds of nitrogen fertilizer, especially high-efficiency slow-release fertilizers, on soil pH, nitrogen (N) and microbial community structures in an acidic celery soil, four treatments (CK, no N fertilizer; NR, urea; PE, calcium cyanamide fertilizer; and SK, controlled-release N fertilizer) were applied, and soil pH, total soil N, inorganic N, and soil microbial biomass C were analyzed. Phospholipid fatty acids (PLFAs) were extracted and detected using the MIDI Sherlock microbial identification system. The PE treatment significantly improved soil pH, from 4.80 to >6.00, during the whole growth period of the celery, and resulted in the highest celery yield among the four treatments. After 14 d application of calcium cyanamide, the soil nitrate content significantly decreased, but the ammonium content significantly increased. The PE treatment also significantly increased soil microbial biomass C during the whole celery growth period. Canonical variate analysis of the PLFA data indicated that the soil microbial community structure in the CK treatment was significantly different from those in the N applied treatments after 49 d fertilization. However, there was a significant difference (P

Published

2019

4. An energy-efficient system on a programmable chip platform for cloud applications

Author

Yajun Ha, Xu Wang, Wu Jiangxing, Xueming Si, Tian Huang, Meikang Qiu, and Yongxin Zhu

Subjects

Speedup, business.industry, Computer science, Network packet, Cloud computing, 02 engineering and technology, Energy consumption, Dynamic priority scheduling, 020202 computer hardware & architecture, Hardware and Architecture, Embedded system, 0202 electrical engineering, electronic engineering, information engineering, Hardware acceleration, 020201 artificial intelligence & image processing, business, Field-programmable gate array, Software, Efficient energy use

Abstract

Performance analysis of master-slave based reconfigurable architecture and standalone SOPC based reconfigurable architecture using an analytical model.A massive-sessions optimized TCP/IP offload engine that supports up to 100K TCP sessions under 10Gbps line rate.An online dynamic scheduling method that can reconfigure or power off FPGA nodes according to workload variance to reduce the runtime energy consumption.Prototype of a reconfigurable cluster system based on standalone SOPC to provide cloud services, achieving up to 38X speed up in performance and 418X improvement in energy efficiency compared to the software based cloud systems. Traditional cloud service providers build large data-centers with a huge number of connected commodity computers to meet the ever-growing demand on performance. However, the growth potential of these data-centers is limited by their corresponding energy consumption and thermal issues. Energy efficiency becomes a key issue of building large-scale cloud computing centers. To solve this issue, we propose a standalone SOPC (System on a Programmable Chip) based platform for cloud applications. We improve the energy efficiency for cloud computing platforms with two techniques. First, we propose a massive-sessions optimized TCP/IP hardware stack using a macro-pipeline architecture. It enables the hardware acceleration of pipelining execution of network packet offloading and application level data processing. This achieves higher energy efficiency while maintaining peak performance. Second, we propose a online dynamic scheduling strategy. It can reconfigure or shut down FPGA nodes according to workload variance to reduce the runtime energy consumption in a standalone SOPC based reconfigurable cluster system. Two case studies including a webserver application and a cloud based ECG (electrocardiogram) classification application are developed to validate the effectiveness of the proposed platform. Evaluation results show that our SOPC based cloud computing platform can achieve up to 418X improvement in terms of energy efficiency over commercial cloud systems.

Published

2017

5. MIN: Co-Governing Multi-Identifier Network Architecture and its Prototype on Operator's Network

Author

Li, Hui, Wu, Jiangxing, Yang, Xin, Wang, Han, Lan, Julong, Xu, Ke, Zhang, Yunyong, Wei, Jinwu, Chen, Shisheng, Liang, Wei, Zhu, Fusheng, Lu, Yiqin, Mow, Wai Ho, Wai-Ho, Yeung, Zheng, Zefeng, Yi, Peng, Ji, Xinsheng, Liu, Qinrang, Li, Wei, Tian, Kaiyan, Zhu, Jiang, Song, Jiaxing, Liu, Yijun, Ma, Junfeng, Hu, Jiawei, Xu, Rui, Huang, Jiansen, Wei, Guohua, Qi, Jiuhua, Huang, Ting, and Xing, Kaixuan

Subjects

Computer Science - Networking and Internet Architecture, Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, 68M10, C.2.1, C.2.6

Abstract

IP protocol is the core of TCP/IP network layer. However, since IP address and its Domain Name are allocated and managed by a single agency, there are risks of centralization. The semantic overload of IP address also reduces its scalability and mobility, which further hinders the security. This paper proposes a co-governing Multi-Identifier Network (MIN) architecture that constructs a network layer with parallel coexistence of multiple identifiers, including identity, content, geographic information, and IP address. On the management plane, we develop an efficient management system using consortium blockchain with voting consensus, so the network can simultaneously manage and support by hundreds or thousands of nodes with high throughput. On the data plane, we propose an algorithm merging hash table and prefix tree (HTP) for FIB, which avoids the false-negative error and can inter-translate different identifiers with tens of billions of entries. Further, we propose a scheme to transport IP packets using CCN as a tunnel for supporting progressive deployment. We deployed the prototype of MIN to the largest operators' network in Mainland China, Hongkong and Macao, and demonstrated that the network can register identifier under co-governing consensus algorithm, support VoD service very well., Comment: 13 pages

Published

2019

6. Dynamic bandwidth allocation algorithm for full-band utilization

Author

Wang Hui, Han Guodong, and Wu Jiangxing

Subjects

Bandwidth utilization, Bandwidth management, Dynamic bandwidth allocation, Computer science, business.industry, Network packet, Quality of service, Spare part, Interleaved polling with adaptive cycle time, Bandwidth (signal processing), business, Computer network

Abstract

To improve and optimize the bandwidth utilization for multi-service packet transporting system, a kind of Dynamic Full Bandwidth Utilized (DFBU) allocation algorithm allowing a single link to use far beyond its fair share bandwidth is presented. Three important parameters as the bound on max and minimum bandwidth, the maximum packet delay and the minimum bandwidth utilization are discussed and analyzed. Results of experiments show that the DFBU-algorithm is capable of making a single link in the system use all the spare bandwidth (up to full-bandwidth) while the performance of fairness and QoS requirement is still guaranteed.

Published

2006

7. A new decoder of synchronous optical code division multiple access systems using segmented correlation

Author

Li Ou, Wu Jiangxing, and Lan Julong

Subjects

Sequence, Code division multiple access, Computer science, Real-time computing, Shot noise, Photodetector, Poisson distribution, Prime (order theory), Correlation, symbols.namesake, Probability of error, symbols, Electrical and Electronic Engineering, Algorithm, Computer Science::Information Theory

Abstract

A new segmented correlating decoder of synchronous optical CDMA using modified prime sequence codes is proposed. The performance of the proposed system is analyzed under the assumption of Poisson shot noise model for the receiver photodetector. The decoder technique is shown to be more effective to improve the bit error probability performance than the method using an optical hard-limiter.

Published

2001

8. A dynamic bandwidth control scheme of VP in ATM networks

Author

Li Ou, Lan Julong, Wu Jiangxing, and Wang Binqiang

Subjects

Network architecture, Bandwidth management, Dynamic bandwidth allocation, Computer science, business.industry, Node (networking), Real-time computing, Network traffic control, Bandwidth allocation, Packet switching, Bandwidth (computing), Electrical and Electronic Engineering, business, Computer network

Abstract

This paper proposes an efficient adaptive bandwidth allocation scheme of virtual paths. The bandwidth of a virtual path is dynamically adjusted according to the link residual capacity. The scheme can remarkably reduce the load on node processing and simplify the network architecture, while keeping higher transmission efficiency. The excellent performance is proved by detailed theoretical analyses.

Published

2000

9. Applying a Combination of Mimic Defense and Software Diversity in the Software Security Industry

Author

Pang Jianmin, Zhang Yujia, Zhang Zheng, Wu Jiangxing

Subjects

Engineering, Software security assurance, Software deployment, business.industry, Software diversity, Systems engineering, Software development, General Earth and Planetary Sciences, business, General Environmental Science

Published

2016

10. Mimic Defense Technology

Author

Luo Xingguo, Tong Qing, Zhang Zheng, Wu Jiangxing

Subjects

Engineering, business.industry, General Earth and Planetary Sciences, business, Neuroscience, General Environmental Science

Published

2016

11. User Selection for Multi-user MIMO Downlink with Zero-Forcing Beamforming

Author

Huang, Shengchun, Yin, Hao, Wu, Jiangxing, and Leung, Victor C. M.

Subjects

FOS: Computer and information sciences, Computer Science - Information Theory, Information Theory (cs.IT)

Abstract

In this paper, we propose a greedy user selection with swap (GUSS) algorithm based on zero-forcing beamforming (ZFBF) for the multi-user multiple-input multiple-output (MIMO) downlink channels. Since existing user selection algorithms, such as the zero-forcing with selection (ZFS), have `redundant user' and `local optimum' flaws that compromise the achieved sum rate, GUSS adds `delete' and `swap' operations to the user selection procedure of ZFS to improve the performance by eliminating `redundant user' and escaping from `local optimum', respectively. In addition, an effective channel vector based effective-channel-gain updating scheme is presented to reduce the complexity of GUSS. With the help of this updating scheme, GUSS has the same order of complexity of ZFS with only a linear increment. Simulation results indicate that on average GUSS achieves 99.3 percent of the sum rate upper bound that is achieved by exhaustive search, over the range of transmit signal-to-noise ratios considered with only three to six times the complexity of ZFS., Comment: Submitted to IEEE Transactions on Vehicular Technology

Published

2012

12. Synchronous optical CDMA systems with mark-detection algorithm: APD noise and thermal noise

Author

Li Ou, Wu Jiangxing, and Lan Julong

Subjects

Noise temperature, Interference (communication), Physics::Instrumentation and Detectors, Computer science, Code division multiple access, Optical communication, Avalanche photodiode, Interference (wave propagation), Algorithm, Noise (electronics), Decoding methods, Computer Science::Information Theory

Abstract

A new mark-detection algorithm for synchronous optical CDMA using modified prime sequence codes is proposed. Performance analysis shows that the bit error probability (BER) is significantly improved when using the mark-detection algorithm in the presence of avalanche photodiode (APD) noise, thermal noise and interference.

Published

2002

13. A new virtual path allocation scheme for ATM networks

Author

Li Ou, Wu Jiangxing, and Lan Julong

Subjects

Network architecture, Channel capacity, Bandwidth allocation, Dynamic bandwidth allocation, business.industry, Computer science, Node (networking), Asynchronous Transfer Mode, Distributed computing, Path (graph theory), Bandwidth (computing), business, Computer network

Abstract

This paper proposes an efficient adaptive bandwidth allocation scheme of virtual paths. The bandwidth of a virtual path is dynamically adjusted according to the link residual capacity. The scheme can remarkably reduce the node processing load and simplify the network architecture, while keeping a higher transmission efficiency. The excellent performance is proved by detailed theoretical analyses.

Published

1999

14. A novel decoder for optical synchronous CDMA

Author

Li Ou, Wu Jiangxing, and Lan Julong

Subjects

Theoretical computer science, Synchronous CDMA, Computer science, Code division multiple access, Shot noise, Optical performance monitoring, Poisson distribution, Prime (order theory), symbols.namesake, symbols, Electronic engineering, Decoding methods, Computer Science::Information Theory, Optical communications repeater

Abstract

A novel decoder for synchronous optical CDMA using modified prime sequence codes is proposed. The performance of the proposed system is analyzed under the assumption of Poisson shot noise model for the receiver photodetector. The decoder technique is shown to be more effective to improve the bit error probability performance than the method using an optical hard-limiter.

Published

1999