Publications

Journal Articles

  1. A decentralized framework for cultivating research lifecycle transparency. [code] W. Jeng, S.-H. Wang, H.-W. Chen, P.-W. Huang, Y.-J. Chen, H.-C. Hsiao. PLOS ONE 15(11): e0241496, 2020.
  2. SAFECHAIN: Securing Trigger-Action Programming from Attack Chains. [code&dataset] K.-H. Hsu, Y.-H. Chiang, H.-C. Hsiao. in IEEE Transactions on Information Forensics and Security, 14(10), pp.2607-2622, Oct. 2019.
  3. GROUPIT: Lightweight Group Key Management for Dynamic IoT Environments. Y.-H. Kung, H.-C. Hsiao. in IEEE Internet of Things Journal, vol. 5, no. 6, pp. 5155-5165, Dec. 2018.
  4. Traffic-aware Patching for Cyber Security in Mobile IoT. S.-M. Cheng, P.-Y. Chen, C.-C. Lin, H.-C. Hsiao. IEEE Communications Magazine, 2017.
  5. Decapitation via Digital Epidemics: A Bio-Inspired Transmissive Attack. P.-Y. Chen, C.-C. Lin, S.-M. Cheng, H.-C. Hsiao, and C.-Y. Huang. IEEE Communications Magazine, 2016.
  6. Insider Collusion Attack on Privacy-preserving Kernel-based Data Mining Systems. P. S. Wang, F. Lai, H.-C. Hsiao, and J.-L. Wu IEEE Access, vol. 4, pp. 2244-2255, 2016.
  7. Secure Distributed Data Aggregation. H. Chen, H.-C. Hsiao, A. Perrig, and D. Song. Journal of Foundations and Trends in Databases, Vol. 3, No. 3, pp 149-201, 2011.
  8. SPATE: Small-group PKI-less Authenticated Trust Establishment. Y.-H. Lin, A. Studer, Y.-H. Chen, H.-C. Hsiao, E. L.-H. Kuo, J. M. McCune, K.-H. Wang, M. Krohn, A. Perrig, B.-Y. Yang, H.-M. Sun, P.-L. Lin, and J. Lee. IEEE Transactions on Mobile Computing, 9(12): 1666-1681, 2010.
  9. A Survey of Secure Data Aggregation on Sensor Networks. Y.-S. Chen, H.-C. Hsiao, and C.-L. Lei. Communications of Chinese Cryptology and Information Security Association (CCISA), Vol.13 No.4 pp17-28, 2007.

Conference and Workshop Papers

  1. ALBUS: a Probabilistic Monitoring Algorithm to Counter Burst-Flood Attacks. S. Scherrer, J. Vliegen, A. Sateesan, H.-C. Hsiao, N. Mentens, A. Perrig In International Symposium on Reliable Distributed Systems, September, 2023.
  2. Capturing Antique Browsers in Modern Devices: A Security Analysis of Captive Portal Mini-Browsers. [code] P.-L. Wang, K.-H. Chou, S.-C. Hsiao, A. T. Low, T. H.-J. Kim and H.-C. Hsiao To appear in The 21st International Conference on Applied Cryptography and Network Security (ACNS), June 2023. (Best Student Paper Award)
  3. OmniCrawl: Comprehensive Measurement of Web Tracking With Real Desktop and Mobile Browsers. [code] D. Cassel, S.-C. Lin, A. Buraggina, W. Wang, A. Zhang, L. Bauer, H.-C. Hsiao, L. Jia, T. Libert In Privacy Enhancing Technologies Symposium (PETS), July 2022. (Best Artifact Award)
  4. Tool: An Efficient and Flexible Simulator for Byzantine Fault-Tolerant Protocols. [code] P.-L. Wang, T.-W. Chao, C.-C. Wu, H.-C. Hsiao In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), June 2022.
  5. LAEG: Leak-based AEG using Dynamic Binary Analysis to Defeat ASLR. [code (TBA)] W.-L. Mow, S.-K. Huang, H.-C. Hsiao In The 6th International Workshop on Privacy, data Assurance, Security Solutions for Internet of Things, June 2022.
  6. Investigating Advertisers' Domain-changing Behaviors and Their Impacts on Ad-blocker Filter Lists. [extended] [code & dataset] S.-C. Lin, K.-H. Chou, Y. Chen, H.-C. Hsiao, D. Cassel, L. Bauer, and L. Jia In The Web Conference (TheWebConf, formerly known as WWW), April 2022.
  7. HeadStart: Efficiently Verifiable and Low-Latency Participatory Randomness Generation at Scale. [code (TBA)] H. Lee, Y.-M. Hsu, J.-J. Wang, H.-C. Yang, Y.-H. Chen, Y.-C. Hu, and H.-C. Hsiao In Network and Distributed System Security Symposium (NDSS), April 2022.
  8. Low-Rate Overuse Flow Tracer (LOFT): An Efficient and Scalable Algorithm for Detecting Overuse Flows. [preprint] S. Scherrer, C.-Y. Wu, Y.-H. Chiang, B. Rothenberger, D. Asoni, A. Sateesan, J. Vliegen, N. Mentens, H.-C. Hsiao, A. Perrig In International Symposium on Reliable Distributed Systems, September, 2021.
  9. ProMutator: Detecting Price Oracle Vulnerabilities in DeFi by Mutated Transactions. [code & disclosure] S.-H. Wang, C.-C. Wu, Y.-C. Liang, L.-H. Hsieh and H.-C. Hsiao In IEEE Workshop on Security & Privacy on the Blockchain (co-located with IEEE Euro S&P), September 2021.
  10. Speed Records in Network Flow Measurement on FPGA. A. Sateesan, J. Vliegen, S. Scherrer, H.-C. Hsiao, A. Perrig, and N. Mentens In International Conference on Field-Programmable Logic and Applications (FPL), August 2021.
  11. icLibFuzzer: Isolated-context libFuzzer for Improving Fuzzer Comparability. [preprint] [code] Y.-C. Liang, H.-C. Hsiao In NDSS workshop on Binary Analysis Research, February 2021.
  12. On the Privacy Risks of Compromised Trigger-Action Platforms. [code] Y.-H. Chiang, H.-C. Hsiao, C.-M. Yu and T. H.-J. Kim In European Symposium on Research in Computer Security (ESORICS), September 2020.
  13. FALCO: Detecting JavaScript-based Cyber Attack UsingWebsite Fingerprints.
    C.-C. Liu, H.-C. Hsiao, T. H.-J. Kim In International Conference on Security and Cryptography (SECRYPT), July 2020.
  14. Practical and Verifiable Electronic Sortition. H. Lee, H.-C. Hsiao In Workshop on Foundations of Computer Security, June 2020.
  15. On Using Camera-based Visible Light Communication for Security Protocols.
    W.-Y. Chu, T.-G. Yu, Y.-K. Lin, S.-C. Lee and H.-C. Hsiao In IEEE Workshop on the Internet of Safe Things (SafeThings), May 2020.
  16. On the Feasibility of Rerouting-based DDoS Defenses. M. Tran, M. S. Kang, H.-C. Hsiao, W.-H. Chiang, S.-P. Tung and Y.-S. Wang In IEEE Symposium on Security and Privacy (IEEE S&P), May 2019.
  17. An Investigation of Cyber Autonomy on Government Websites. (Short Paper) [dataset] H.-C. Hsiao, T. H.-J. Kim, Y.-M. Ku, C.-M. Chang, H.-F. Chen, Y.-J. Chen, C.-W. Wang and W. Jeng In The Web Conference (TheWebConf, formerly known as WWW), May 2019.
  18. Enhancing Symbolic Execution by Machine Learning Based Solver Selection. [code] S.-H. Wen, W.-L. Mow, W.-N. Chen, C.-Y. Wang, H.-C. Hsiao In NDSS workshop on Binary Analysis Research, February 2019.
  19. Dynamic Path Pruning in Symbolic Execution. Y.-S. Chen, W.-N. Chen, C.-Y. Wu, H.-C. Hsiao, S.-K. Huang In IEEE Conference on Dependable and Secure Computing (DSC), December 2018.
  20. CLEF: Limiting the Damage Caused by Large Flows in the Internet Core. H. Wu, H.-C. Hsiao, D. E. Asoni, S. Scherrer, A. Perrig, Y.-C. Hu In International Conference on Cryptology and Network Security (CANS), September 2018.
  21. SDNProbe: Lightweight Fault Localization in the Error-Prone Environment. [code] Y.-M, Ke, H.-C. Hsiao, T. H.-J. Kim In IEEE International Conference on Distributed Computing Systems (ICDCS), July 2018.
  22. DAMUP: Practical and Privacy-aware Cloud-based DDoS Mitigation. [code] S.-C. Lin, P.-W. Huang, H.-Y. Wang, H.-C. Hsiao In IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), April 2018.
  23. INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing. [code] C.-C. Hsu, C.-Y. Wu, H.-C. Hsiao, S.-K. Huang In NDSS Workshop on Binary Analysis Research, February 2018.
  24. A Generic Web Application Testing and Attack Data Generation Method. H.-Y. Shih, H.-L. Lu, C.-C. Yeh, H.-C. Hsiao, S.-K. Huang In International Conference on Security with Intelligent Computing and Big-data Services (SICBS), December 2017.
  25. Security Implications of Redirection Trail in Popular Websites Worldwide. L. Chang, W.-H. Lin, H.-C. Hsiao, W. Jeng, T. H.-J. Kim In 26th International World Wide Web Conference (WWW), April 2017.
  26. SandUSB: An Installation-Free Sandbox for USB Peripherals. E. L. Loe, H.-C. Hsiao, T. H.-J. Kim, S.-C. Lee, and S.-M. Cheng. In IEEE World Forum on Internet of Things Workshop on User Centric Security, Privacy, and Interoperability in the Context of Internet of Things and Smart Cities, December 2016.
  27. Migrant Attack: A Multi-resource DoS Attack on Cloud Virtual Machine Migration Schemes. J.-R. Yeh, H.-C. Hsiao, A.-C. Pang In 11th Asia Joint Conference on Information Security (AsiaJCIS), August 2016.
  28. Securing Data Planes in Software-Defined Networks. T.-W. Chao, Y.-M. Ke, B.-H. Chen, J.-L. Chen, C. J. Hsieh, S.-C. Lee, H.-C. Hsiao. In IEEE International Workshop on Security in Virtualized Networks (Sec-VirtNet), June 2016.
  29. CICADAS: Congesting the Internet with Coordinated And Decentralized Pulsating Attacks. Y.-M. Ke, C.-W. Chen, H.-C. Hsiao, A. Perrig, V. Sekar. In ACM Asia Conference on Computer and Communications Security (ASIACCS), May 2016.
  30. SIBRA: Scalable Internet Bandwidth Reservation Architecture. C. Basescu, R. M. Reischuk, P. Szalachowski, A. Perrig, Y. Zhang, H.-C. Hsiao, A. Kubota, J. Urakawa. In Networked & Distributed System Security Symposium (NDSS), February 2016.
  31. A Secure Authorization System in PHR based on CP-ABE. H.-H. Chung, P. Wang, T.-W. Ho, H.-C. Hsiao, F. Lai. In IEEE E-Health and Bioengineering Conference (EHB), November 2015.
  32. A Practical System for Guaranteed Access in the Presence of DDoS Attacks and Flash Crowds. Y.-H. Kung, T. Lee, P.-N. Tseng, H.-C. Hsiao, T. H.-J. Kim, S. B. Lee, Y.-H. Lin, and A. Perrig. In IEEE International Conference on Internet Protocols (ICNP), November 2015.
  33. Efficient Large Flow Detection over Arbitrary Windows: An Algorithm Exact Outside An Ambiguity Region. H. Wu, H.-C. Hsiao, and Y.-C. Hu. In ACM Internet Measurement Conference (IMC), November 2014.
  34. YourPassword: Applying Feedback Loops to Improve Security Behavior of Managing Multiple Passwords. (Short Paper) T. H.-J. Kim, H. C. Stuart, H.-C. Hsiao, Y.-H. Lin, L. Zhang, L. Dabbish, and S. Kiesler. In ACM Symposium on Information, Computer and Communications Security (ASIACCS), June 2014.
  35. Policy-based secure deletion. C. Cachin, K. Haralambiev, H.-C. Hsiao, and A. Sorniotti. In ACM Conference on Computer and Communications Security (CCS), November 2013.
  36. STRIDE: Sanctuary Trail -- Refuge from Internet DDoS Entrapment. H.-C. Hsiao, T. H.-J. Kim, S. B. Lee, X. Zhang, S. Yoo, V. Gligor and A. Perrig. In ACM Symposium on Information, Computer and Communications Security (ASIACCS), May 2013.
  37. LAP: Lightweight Anonymity and Privacy. H.-C. Hsiao, T. H.-J. Kim, A. Perrig, A. Yamada, S. C. Nelson, M. Gruteser, and W. Meng. In IEEE Symposium on Security and Privacy (Oakland), May 2012.
  38. ShortMAC: Efficient Data-Plane Fault Localization. X. Zhang, Z. Zhou, H.-C. Hsiao, T. H.-J. Kim, A. Perrig, and P. Tague. In Networked & Distributed System Security Symposium (NDSS), February 2012.
  39. Flooding-Resilient Broadcast Authentication for VANETs. H.-C. Hsiao, A. Studer, C. Chen, A. Perrig, F. Bai, B. Bellur, and A. Iyer. In ACM Conference on Mobile Computing and Networking (MobiCom), September 2011.
  40. Efficient and Secure Threshold-based Event Validation for VANETs. H.-C. Hsiao, A. Studer, R. Dubey, E. Shi, and Adrian Perrig. In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), June 2011.
  41. SCION: Scalability, Control, and Isolation On Next-Generation Networks. X. Zhang, H.-C. Hsiao, G. Hasker, H. Chan, A. Perrig, and D. Andersen. In IEEE Symposium on Security and Privacy (Oakland), May 2011. (2022 Test-of-Time Award)
  42. A Study of User-Friendly Hash Comparison Schemes. H.-C. Hsiao, Y.-H. Lin, A. Studer, C. Studer, K.-H. Wang, H. Kikuchi, A. Perrig, H.-M. Sun, and B.-Y. Yang. In Annual Computer Security Applications Conference (ACSAC), December 2009.
  43. SPATE: Small-group PKI-less Authenticated Trust Establishment. Y.-H. Lin, A. Studer, H.-C. Hsiao, J. M. McCune, K.-H. Wang, M. Krohn, P.-L. Lin, A. Perrig, H.-M. Sun, and B.-Y. Yang. In ACM Annual International Conference on Mobile Systems, Applications and Services (MobiSys) 2009.

Posters and Extended Abstracts

  1. "Prove it!" A user-centered design client for the blockchain-based research lifecycle transparency framework. Y.-C. Chang, L.-F. Kang, H.-C. Hsiao, & W. Jeng In ASIS&T AM, October 2022. (Best Poster Award)
  2. PluginPermCheck: Preventing Permission Escalation in App Virtualization. S.-C. Hsiao, H.-C. Hsiao In IEEE Symposium on Security and Privacy (IEEE S&P), May 2022.
  3. Know Your Victim: Tor Browser Setting Identification via Network Traffic Analysis. [code] C.-M. Chang, H.-C. Hsiao, T. Lynar, T. Mori In the Poster Track of The Web Conference (TheWebConf), April 2022.
  4. POSTER: Challenges in Stopping Ticket Scalping Bots. H. C. Yang, H. Lee, H.-C. Hsiao In ACM Asia Conference on Computer and Communications Security (ASIACCS), October 2020.
  5. POSTER: Android IME Privacy Leakage Analyzer. P. Lo, J.-C. Huo, H.-C. Hsiao, B. Sun, T. Ban, T. Takahashi In IEEE Symposium on Security and Privacy (IEEE S&P), May 2020.
  6. Keeping passwords in your pocket: Managing password locally with mobile fingerprint sensors. P.-Y. Lin, Z.-Y. Zhou, C.-M. Chang, H.-W. Chen, S.-P. Tung, and H.-C. Hsiao In the Poster Track of The Web Conference (TheWebConf), April 2020.
  7. Detecting JavaScript Injection via Website Behavior Fingerprint. C.-C. Liu, H.-C. Hsiao, and T.H.-J. Kim In the Poster Track of The Web Conference (TheWebConf), April 2020.
  8. Hybrid-Voting:A Hybrid Structured Electronic Voting System. P.-L.Wang, S.-H.Yang, and H.-C. Hsiao In the Poster Track of The Web Conference (TheWebConf), April 2020.
  9. Secure Device Pairing. H.-C. Hsiao In Encyclopedia of Wireless Networks (Springer), 2019.
  10. Poster: Protecting Campus Networks with Cost-effective DDoS Defense. W.-H. Chiang, S.-P. Tung, Y.-S. Wang, I-J. Hsiao, H.-C. Hsiao In IEEE Symposium on Security and Privacy (IEEE S&P), May 2019.
  11. Challenges in Realizing Privacy-aware Cloud-based DDoS Mitigation Mechanism. S.-C. Lin, W.-N. Chen, H.-C. Hsiao In USENIX Security Symposium Poster Session, August 2018.
  12. Need Tickets? A Case Study of Bot-enabled Ticket Scalping. C.-C. Lin, H.-C. Hsiao Extended Abstract in APWG.EU eCrime Cyber-Security Symposium, October 2017.
  13. Poster: VLC-based Authenticated Key Exchange. Y.-S. Chen, C.-L. Lin, H.-C. Hsiao, Y.-H. Lin, H.-M. Tsai In IEEE Symposium on Security and Privacy (IEEE S&P), May 2016.