异常流量分析与检测(Network Abnormal Traffic Analysis and Detection)、加密流量分析与理解(Encrypted Traffic Analysis and Comprehension)、数字取证与隐蔽通信(Digital Forensics and Covert Communication)、网络安全体系与协议(Cybersecurity Architecture and Protocols)
(1)基于协议规范统一描述、异常流量及其行为模式、深度学习等方法,提出并设计了针对包含恶意DNS流量、HTTP和DNS隧道流量、远控流量、隐蔽信道和未知加密通信等暗网异常流量的检测算法和应对实际流量大数据场景检测系统,上述关键算法模块和系统在国家某工程上得到成功应用;基于大数据采集与自动化特征抽取技术,研制了移动互联网应用识别引擎,成功在某系统实现了应用。
(2)针对多媒体内容安全中的数字取证问题,提出了高维深度学习取证模型、篡改操作检测、对抗样本生成与检测、人脸合成视频检测等多一系列算法;以网络通信报文、通信数据帧、无线通信信号为载体,提出了多种实现网络隐蔽通信的编码方法和技术方案,并形成了一类时间信道和队列信道分析的理论成果。
(3)以典型战术互联网为背景,提出并设计了具备内生安全功能的网络体系架构,并设计了多套实现节点自组织地安全组网路由协议,支持高层节点安全转发和网络管理的轻量级认证和加密协议,结合节点安全加固和状态检测与流量分析与审计,设计了网络安全态势感知系统。当前上述研究已逐步完成原型系统的开发与仿真试验。
(1) 国家自然科学基金联合基金,基于多尺度流分析的隐蔽信道检测模型与技术(U1836104),67万,2019-2021
(2) 国家自然科学基金面上项目,网络环境中的多播隐写理论与方法研究(61472188),80万,2015-2018
(3) 国家自然科学基金面上项目,基于彩色四元数小波域的彩色图像取证研究(61772281),62万,2018-2021
(4) 国家自然科学基金面上项目,视频可逆水印加密一体化理论与方法研究(61272421),81万,2013-2016
(5) 国家自然科学基金青年基金项目,高级持续威胁网络侧检测理论与方法研究(61702235),27万,2018-2020
(6) 工信部工业互联网创新发展工程,电子制造行业的安全技术典型推广项目子课题——企业邮件安全网关技术,70万,2018-2020
(7) 国家重点研发计划子课题,××智能解析与××研究,120万,2019-2021
(8) 国家科技支撑计划子课题,多媒体载体空间××利用平台研究,60万,2014-2016
(9) 国家242专项课题,基于机器学习的加密代理通道检测技术研究,300万,2017-2020
(10) 装备发展部课题,融合安全的智能××研究,60万,2019-2020
[1] 刘光杰、刘伟伟、戴跃伟, 数字隐写编码理论与方法,2020,北京:清华大学出版社
[2] Jinwei Wang, Ting Li, Xiangyang Luo, Yun-Qing Shi, Sunil Kr. Jha, Identifying Computer Generated Images Based on Quaternion Central Moments in Color Quaternion Wavelet Domain, IEEE Transactions on Circuits and Systems for Video Technology, 2018, 29 (9), 2775-2785.
[3] Jinwei Wang, Hao Wang, Jian Li, Xiangyang Luo, Yun-Qing Shi, Sunil Kr. Jha, Detecting Double JPEG Compressed Color Images With the Same Quantization Matrix in Spherical Coordinates, IEEE Transactions on Circuits and Systems for Video Technology, 2019, online, DOI:10.1109/TCSVT.2019.2922309.
[4] Hao Wang, Jinwei Wang, Jiangtao Zhai, Xiangyang Luo, Detection of Triple JPEG Compressed Color Images, IEEE Access, 2019, DOI: 10.1109/ACCESS.2019.2934160.
[5] Qilin Yin, Jinwei Wang, Xiangyang Luo, Yun-Qing Shi, Sunil Kr. Jha, Quaternion Convolutional Neural Network for Color Image Classification and Forensics, IEEE Access, 2019, 7(1): 20293-20301.
[6] Jinwei Wang, Yang Zhang, Median Filtering Forensics Scheme for Color Images Based on Quaternion Magnitude-Phase CNN, Computers, Materials & Continua, 2020, 62(1): 99-112.
[7] Jinwei Wang, Wei Huang, Xiangyang Luo, Yun-Qing Shi & Sunil Kr. Jha, Non-Aligned Double JPEG Compression Detection Based on Refined Markov Features in QDCT Domain, Journal of Real-Time Image Processing, 2020, 17(1):7–16.
[8] Jinwei Wang, Guojing Wu, Jian Li, Sunil Kr Jha, A New Method Estimating Linear Gaussian Filter Kernel by Image PRNU Noise, Journal of Information Security and Applications, 2019, 44:1-11.
[9] Jinwei Wang, Yangyang Li, Jian Li, Xiangyang Luo, Yun-Qing Shi, Sunil Kr Jha, Color Image-Spliced Localization Based on Quaternion Principal Component Analysis and Quaternion Skewness, Journal of Information Security and Applications, 2019, 47:353-362.
[10] Jinwei Wang, Ting Li, Yun-Qing Shi, Shiguo Lian, Jingyu Ye, Forensics Feature Analysis in Quaternion Wavelet Domain for Distinguishing Photographic Images and Computer Graphics, Multimedia Tools and Applications, 2017, 76(22): 23721-23737.
[11] Jinwei Wang, Shiguo Lian, Yunqing Shi, Hybrid Multiplicative Multi-Watermarking in DWT Domain, Multidimensional Systems and Signal Processing, 2017, 28: 617-636.
[12] Liu W, Liu G, Dai Y. Damage‐resistance matrix embedding framework: the contradiction between robustness and embedding efficiency. Security and Communication Networks. 2015 Jun;8(9):1636-47.
[13] Liu G, Yang W, Liu W, Dai Y. Designing S-boxes based on 3-D four-wing autonomous chaotic system. Nonlinear Dynamics. 2015 Dec 1;82(4):1867-77.
[14] Yang L, Zhai J, Liu W, Ji X, Bai H, Liu G, Dai Y. Detecting word-based algorithmically generated domains using semantic analysis. Symmetry. 2019 Feb;11(2):176.
[15] Zhai J, Liu G, Dai Y. Detection of TCP covert channel based on Markov model. Telecommunication systems. 2013 Nov 1;54(3):333-43.
[16] Liu W, Liu G, Dai Y. Matrix embedding in multicast steganography: analysis in privacy, security and immediacy. Security and Communication Networks. 2016 May 25;9(8):791-802.
[17] Zhai J, Wang M, Liu G, Dai Y. Detecting JitterBug covert timing channel with sparse embedding. Security and Communication Networks. 2016 Jul 25;9(11):1509-19.
[18] Liu G, Liu W, Dai Y, Lian S. Adaptive steganography based on block complexity and matrix embedding. Multimedia systems. 2014 Mar 1;20(2):227-38.
[19] Liu W, Liu G, Ji X, Zhai J, Dai Y. Sound texture generative model guided by a lossless Mel-frequency convolutional neural network. IEEE Access. 2018 Aug 29;6:48030-41.
[20] Dai Y, Liu W, Liu G, Ji X, Zhai J. An end-to-end generative network for environmental sound-based covert communication. Multimedia Tools and Applications. 2019 Apr 1;78(7):8635-53.
[21] Liu W, Liu G, Zhai J, Dai Y, Ghosal D. Designing analog fountain timing channels: Undetectability, robustness, and model-adaptation. IEEE Transactions on Information Forensics and Security. 2015 Dec 4;11(4):677-90.
[22] Cao P, Liu W, Liu G, Ji X, Zhai J, Dai Y. A wireless covert channel based on constellation shaping modulation. Security and Communication Networks. 2018;2018.
[1] 支持预览和追踪非授权分发的多媒体版权保护的方法,ZL2010106226484A
[2] 基于IPID位增量调制的隐秘通信方法,ZL201010622651.6A
[3] 针对BitTorrent文件共享过程中基于Have消息编码的隐蔽通信检测方法,ZL201710306395.1
[4] 基于BitTorrent协议的P2P网络下的秘密信息传输方法,ZL201610261879.4
[5] 基于VxWorks系统驱动层的数据访问监控系统及其控制方法,ZL201610329398.2
[6] 针对BitTorrent文件共享过程中基于Have消息编码的隐蔽通信检测方法,ZL201710306395.1
[7] 基于BitTorrent协议的P2P网络下的秘密信息传输方法,ZL201610261879.4
[8] 一种针对多链路到达序列编码的隐蔽通信检测方法,ZL201610460259.3
[9] 基于VxWorks系统驱动层的数据访问监控系统及其控制方法,ZL201610329398.2
[10] 基于BitTorrent协议Have消息的秘密信息传输方法,ZL201610259478.5
[11] 一种高安全性的组合式隐信道同步方法,ZL201310181037.4
[12] 基于域名字符串统计特征的dga生成域名的检测方法,CN201710123327.1A
[13] 基于lte协议的网络隐信道构建方法,CN201910838598.4A
[14] 基于Intent通信行为语义图的安卓应用间隐信道检测方法,CN201910832577.1A
[15] 一种适用于图像缺陷标注的数据存储方法,CN201810948961.3A
[16] 一种基于cnn的柔性电路板外观缺陷检测方法,CN201810951960.4A
[17] 基于surf特征和哈希感知算法的fpc图像自动配准方法,CN201810957266.3A
[18] 一种针对Obfuscated-Openssh协议流量的检测方法,CN201811650332.9A
[19] 基于可疑度评估的http混淆流量检测方法,CN201811650319.3A
[20] P2P网络下基于协议字段冗余的隐蔽数据传输同步方法,CN201810212292.3
地址江苏省南京市宁六路219号
电话86-25-58731101
传真86-25-57792648
邮件xb@nuist.edu.cn
