Chang, Jian
Email Address
ORCID
Disciplines
Search Results
Now showing 1 - 8 of 8
Publication Assessing the Overall Sufficiency of Safety Arguments(2013-02-01) Ayoub, Anaheed; Chang, Jian; Sokolsky, Oleg; Lee, InsupSafety cases offer a means for communicating information about the system safety among the system stakeholders. Recently, the requirement for a safety case has been considered by regulators for safety-critical systems. Adopting safety cases is necessarily dependent on the value added for regulatory authorities. In this work, we outline a structured approach for assessing the level of sufficiency of safety arguments. We use the notion of basic probability assignment to provide a measure of sufficiency and insufficiency for each argument node. We use the concept of belief combination to calculate the overall sufficiency and insufficiency of a safety argument based on the sufficiency and insufficiency of its nodes. The application of the proposed approach is illustrated by examples.Publication Trust in Collaborative Web Applications(2012-01-01) West, Andrew G.; Chang, Jian; Venkatasubramanian, Krishna; Lee, InsupCollaborative functionality is increasingly prevalent in web applications. Such functionality permits individuals to add - and sometimes modify - web content, often with minimal barriers to entry. Ideally, large bodies of knowledge can be amassed and shared in this manner. However, such software also provide a medium for nefarious persons to operate. By determining the extent to which participating content/agents can be trusted, one can identify useful contributions. In this work, we define the notion of trust for Collaborative Web Applications and survey the state-of-the-art for calculating, interpreting, and presenting trust values. Though techniques can be applied broadly, Wikipedia's archetypal nature makes it a focal point for discussion.Publication Link Spamming Wikipedia for Profit(2011-09-01) West, Andrew G.; Chang, Jian; Venkatasubramanian, Krishna; Sokolsky, Oleg; Lee, InsupCollaborative functionality is an increasingly prevalent web technology. To encourage participation, these systems usually have low barriers-to-entry and permissive privileges. Unsurprisingly, ill-intentioned users try to leverage these characteristics for nefarious purposes. In this work, a particular abuse is examined -- link spamming -- the addition of promotional or otherwise inappropriate hyperlinks. Our analysis focuses on the "wiki" model and the collaborative encyclopedia, Wikipedia, in particular. A principal goal of spammers is to maximize *exposure*, the quantity of people who view a link. Creating and analyzing the first Wikipedia link spam corpus, we find that existing spam strategies perform quite poorly in this regard. The status quo spamming model relies on link persistence to accumulate exposures, a strategy that fails given the diligence of the Wikipedia community. Instead, we propose a model that exploits the latency inherent in human anti-spam enforcement. Statistical estimation suggests our novel model would produce significantly more link exposures than status quo techniques. More critically, the strategy could prove economically viable for perpetrators, incentivizing its exploitation. To this end, we address mitigation strategies.Publication Reputation-Based Networked Control With Data-Corrupting Channels(2011-04-01) Sundaram, Shreyas; Chang, Jian; Venkatasubramanian, Krishna K.; Enyioha, Chinwendu; Lee, Insup; Pappas, GeorgeWe examine the problem of reliable networked control when the communication channel between the controller and the actuator periodically drops packets and is faulty i.e., corrupts/alters data. We first examine the use of a standard triple modular redundancy scheme (where the control input is sent via three independent channels) with majority voting to achieve mean square stability. While such a scheme is able to tolerate a single faulty channel when there are no packet drops, we show that the presence of lossy channels prevents a simple majority-voting approach from stabilizing the system. Moreover, the number of redundant channels that are required in order to maintain stability under majority voting increases with the probability of packet drops. We then propose the use of a reputation management scheme to overcome this problem, where each channel is assigned a reputation score that predicts its potential accuracy based on its past behavior. The reputation system builds on the majority voting scheme and improves the overall probability of applying correct (stabilizing) inputs to the system. Finally, we provide analytical conditions on the probabilities of packet drops and corrupted control inputs under which mean square stability can be maintained, generalizing existing results on stabilization under packet drops.Publication Spam Mitigation Using Spatio-Temporal Reputations From Blacklist History(2010-12-01) West, Andrew G.; Aviv, Adam J.; Chang, Jian; Lee, InsupIP blacklists are a spam filtering tool employed by a large number of email providers. Centrally maintained and well regarded, blacklists can filter 80+% of spam without having to perform computationally expensive content-based filtering. However, spammers can vary which hosts send spam (often in intelligent ways), and as a result, some percentage of spamming IPs are not actively listed on any blacklist. Blacklists also provide a previously untapped resource of rich historical information. Leveraging this history in combination with spatial reasoning, this paper presents a novel reputation model (PreSTA), designed to aid in spam classification. In simulation on arriving email at a large university mail system, PreSTA is capable of classifying up to 50% of spam not identified by blacklists alone, and 93% of spam on average (when used in combination with blacklists). Further, the system is consistent in maintaining this blockage-rate even during periods of decreased blacklist performance. PreSTA is scalable and can classify over 500,000 emails an hour. Such a system can be implemented as a complementary blacklist service and used as a first-level filter or prioritization mechanism on an email server.Publication ToMaTo: A Trustworthy Code Mashup Development Tool(2011-01-01) Chang, Jian; Venkatasubramanian, Krishna; West, Andrew G; Kannan, Sampath; Sokolsky, Oleg; Kim, Myuhng Joo; Lee, InsupRecent years have seen the emergence of a new programming paradigm for Web applications that emphasizes the reuse of external content, the mashup. Although the mashup paradigm enables the creation of innovative Web applications with emergent features, its openness introduces trust problems. These trust issues are particularly prominent in JavaScript code mashup - a type of mashup that integrated external Javascript libraries to achieve function and software reuse. With JavaScript code mashup, external libraries are usually given full privileges to manipulate data of the mashup application and executing arbitrary code. This imposes considerable risk on the mashup developers and the end users. One major causes for these trust problems is that the mashup developers tend to focus on the functional aspects of the application and implicitly trust the external code libraries to satisfy security, privacy and other non-functional requirements. In this paper, we present ToMaTo, a development tool that combines a novel trust policy language and a static code analysis engine to examine whether the external libraries satisfy the non-functional requirements. ToMaTo gives the mashup developers three essential capabilities for building trustworthy JavaScript code mashup: (1) to specify trust policy, (2) to assess policy adherence, and (3) to handle policy violation. The contributions of the paper are: (1) a description of JavaScript code mashup and its trust issues, and (2) a development tool (ToMaTo) for building trustworthy JavaScript code mashup.Publication A Trust Model for Vehicular Network-Based Incident Reports(2013-06-02) Chang, Jian; Lee, Insup; Liao, Cong; Venkatasubramanian, Krishna K.Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) networks are ephemeral, short-duration wireless networks that have the potential to improve the overall driving experience through the exchange of information between vehicles. V2V and V2I networks operate primarily by distributing real-time incident reports regarding potential traffic problems such as traffic jams, accidents, bad roads and so on to other vehicles in their vicinity over a multi-hop network. However, given the presence of malicious entities, blindly trusting such incident reports (even the one received through a cryptographically secure channel) can lead to undesirable consequences. In this paper, we propose an approach to determine the likelihood of the accuracy of V2V incident reports based on the trustworthiness of the report originator and those vehicles that forward it. The proposed approach takes advantage of existing road-side units (RSU) based V2I communication infrastructure deployed and managed by central traffic authorities, which can be used to collect vehicle behavior information in a crowd-sourcedfashion for constructing a more comprehensive view of vehicle trustworthiness. For validating our scheme, we implemented a V2V/V2I trust simulator by extending an existing V2V simulator with trust management capabilities. Preliminary analysis of the model shows promising results. By combining our trust modeling technique with a threshold-based decision strategy, we observed on average 85% accuracy.Publication QuanTM: A Quantitative Trust Management System(2009-03-01) West, Andrew G; Aviv, Adam J; Chang, Jian; Prabhu, Vinayak S; Blaze, Matthew A; Kannan, Sampath; Lee, Insup; Smith, Jonathan M; Sokolsky, OlegQuantitative Trust Management (QTM) provides a dynamic interpretation of authorization policies for access control decisions based on upon evolving reputations of the entities involved. QuanTM, a QTM system, selectively combines elements from trust management and reputation management to create a novel method for policy evaluation. Trust management, while effective in managing access with delegated credentials (as in PolicyMaker and KeyNote), needs greater flexibility in handling situations of partial trust. Reputation management provides a means to quantify trust, but lacks delegation and policy enforcement. This paper reports on QuanTM’s design decisions and novel policy evaluation procedure. A representation of quantified trust relationships, the trust dependency graph, and a sample QuanTM application specific to the KeyNote trust management language, are also proposed.