Jianwei Zhuge

Ph.D., Associate Professor
Email: zhugejw [at] cernet -dot- edu -dot- cn / zhugejw [at] Gmail
Office: FIT 4-204, Tsinghua University
Mail Address: FIT4-204, Tsinghua University, Haidian District, Beijing, China (100083)

Dr. Jianwei Zhuge, Assoicate Professor in the Institute for Network Science and Cyberspace of Tsinghua University of Tsinghua University, Co-Founder, Organizer and Sponsor Professor of the Blue-Lotus Team. He also play some of the CTF games with the team.

His research area is network and system security. He has published more than 50 academic papers, two books, and several translated books including , , and . Based on Google Scholar, his papers have been cited 652 times, and the h-index of his publication is 13, as of July 2013. He is also a member of ACM and CCF, and a Full member of The Honeynet Project. Research Interests

Network and System Securitycurrently focus on: Measurement and Counter-Strike Mechanisms of Emerging Internet Threats Collection, Analysis, Detection and Defense Techniques for Various forms of Malware * Software Vulnerability Analysis, Detection and Mitigation

Education

  • Ph.D. in Computer Science, Peking University, China. 2001-2006. Advisor: Prof. Wang Xuan, Prof. Xiao Jianguo, Dissertation: Research on Technologies for Network Intrusion Detection and Behavior Correlation Analysis. With additional guidance from Prof. Yang Zhenkun, Prof. Pan Aimin, and Prof. Zou Wei.
  • B.S. in Computer Science, Peking University, China. 1997-2001.

Professional Experience

  • Associate Professor, Network and Information Security Lab, Tsinghua University, China, 2010 – present.
  • Associate Professor, Institute of Computer Science and Technology, Peking University, China, 2009 – 2010.
  • Assistant Professor, Institute of Computer Science and Technology, Peking University, China, 2006 – 2009.

Publications in English

  • J. Zhuge, L. Gu, H. Duan, Investigating China’s Online Underground Economy. Conference on the Political Economy of Information Security in China, San Diego, US, Apr, 2012. Full paper published at July 2012. [Full Paper]
  • Z. Chen, G. Gu, J. Zhuge, J. Nazario, X. Han, WebPatrol: Automated Collection and Replay of Web-based Malware Scenarios, to appear inProceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11) , HongKong, China, March 2011.
  • C. Song, J. Zhuge*, X. Han, Z. Ye, Preventing Drive-by Download via Inter-Module Communication Monitoring, In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS’10) , Beijing, China, Apr 2010. (full paper accept ratio: 25/166 = 15%)
  • C. Song, C. Qin, J. Zhuge*, et al, MwSandbox: On Improving the Efficiency of Automated Coarse-grained Dynamic Malware Analysis, Proceedings of the 14th Youth Conference on Communication, July 2009.
  • J. Zhuge*, T. Holz, C. Song, J. Guo, X. Han, and W. Zou. Studying Malicious Websites and the Underground Economy on the Chinese Web, In Proceedings of the 7th Workshop on the Economics of Information Security (WEIS’08), Hanover, NH, USA, June 2008. Springer Book “Managing Information Risk and the Economics of Security” Chapter, Jan 2009.
  • J. Zhuge, Y. Zhou, J. Guo, et al. Malicious Websites on the Chinese Web: Overview and Case Study, 20th Annual FIRST Conference (FIRST’08), British Columbia, Canada, June 2008.
  • Y. Zhou, J. Zhuge*, et al. Matrix: a Distributed Honeynet and its Applications, 20th Annual FIRST Conference (FIRST’08), British Columbia, Canada, June 2008.
  • J. Zhuge*, T. Holz, X. Han, C. Song, and W. Zou. Collecting Autonomous Spreading Malware Using High-interaction Honeypots, In Proceedings of 9th International Conference on Information and Communications Security (ICICS’07), Zhengzhou, China, Lecture Notes in Computer Science 4861, 438~451. Dec 2007.
  • J. Zhuge*, X. Han, Y. Chen, Z. Ye, and W. Zou. Towards High Level Attack Scenario Graph through Honeynet Data Correlation Analysis, In Proceedings of the 7th IEEE Workshop on Information Assurance (IAW’06), West Point, New York, USA, 2006.
  • J. Zhuge, and R. Yao*. Security Mechanisms for Wireless Home Network, In Proceedings of IEEE Global Telecommunications Conference 2003 (GLOBECOM’03), Vol. 3, pp. 1527-1531, San Francisco, USA, 2003.
  • J. Zhuge, T. Holz, X. Han, J. Guo, and W. Zou. Characterizing the IRC-based Botnet Phenomenon, Peking University & University of Mannheim Technical Report, Nov 2007.

Teaching

  • Network Security Engineering and Practice, for undergraduate students of CS, Tsinghua University, Fall Semester from 2011 to present.
  • Computer Network Security Technology and Practice, for graduated students of CS, Tsinghua University, Spring Semester from 2011 to present.
  • SRT (Student Research Training) Course for undergraduate students, Tsinghua University, from 2011 to present.
  • Network Hacking and Defense: Technology and Practice, for graduated students of EECS, Peking University, Fall Semester from 2008 to 2010.
  • Research Course for undergraduate students, EECS, Yuanpei, and Other departments of Peking University.

Academic/Open Source Activities

  • NSFC peer reviewer, National Security Research Project peer reviewer, since 2011.
  • Book Reviewer: PHEI Press, Science Press, Since 2011.
  • WWW 2012 Security, Privacy, Trust, and Abuse Track PC Member
  • Paper Reviewer: Computer Networks, NWSC, Chinese Journal of Electronics, Journal on Communications.
  • The Honeynet Project Full Member, Chinese Chapter Leader. Since 2006.
  • Google Summer of Code 2009, 2010, 2012 Mentor, 2011 Org Admin.

Awards and Honors

  • IBM Ph.D. Fellowship, 2005 (worldwide, honored by IBM Corp.)
  • Microsoft Research Asia Fellowship, 2004 (Asia Pacific-wide, honored by MSRA)
  • The HP Chinese Excellent Student Scholarship, 2003 (nationwide, honored by HP China)

Projects

Malware Analysis, Detection and Defense

  • Mechanism Analysis and Detection Methods of Drive-by Download Exploits, funded by NSFC
  • Malware Analysis and Detection Methods based on Hardware Virtualization
  • Exploit Analysis and Detection, funded by MOE

Automated Security Assessment Technology for Information Systems and Networks

  • Remote Security Assessment Technology for Information Systems based on SCAP
  • Automated Security Assessment Technology for Information Networks

Recent Publication

2010

1 .Wu Liu Hai-xin Duan Ping Ren Jian-ping Wu. Weakness analysis and attack test for WLAN, 2010 International Conference on Green Circuits and Systems (ICGCS),21-23 June, 2010: 387 – 391 (EI) 2. LIU Wu, DUAN Hai-xin, REN Ping, Jian-ping Wu. SSL-DP: A Rootkit of Network Based SSL and TLS Traffic Decryptor, 2010 Second Cybercrime and Trustworthy Computing Workshop, 19-21, July 2010, Ballarat, Austrilia, CTC.2010:29-33(EI) 3. Wu Liu, Hai-Xin Duan, Ping Ren, Jianping Wu: IABA: An improved PNN Algorithm for anomaly detection in network security management. ICNC 2010: 335-339(EI) 4. Jia Zhang Haixin Duan Wu Liu Jianping Wu. A light-weighted extension of anonymous communications in IPv6 Network, 2010 International Conference on Green Circuits and Systems (ICGCS),21-23 June, 2010: 404 – 408(EI) 5. Xuefeng Li Haixin Duan Wu Liu Jianping Wu. The growing model of Botnets, 2010 International Conference on Green Circuits and Systems (ICGCS),21-23 June, 2010: 414 – 419(EI) 6. Donghong Sun ; Xuefeng Li ; Wu Liu ; Jianping Wu . The New Architecture of P2P-Botnet, 2010 Second Cybercrime and Trustworthy Computing Workshop, 19-21, July 2010, Ballarat, Austrilia, CTC.2010:34-40(EI) 7. Jia Zhang, Hai-Xin Duan, Wu Liu, Jianping Wu: Analysis of Anonymity in P2P Anonymous Communication Systems. 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops(AINA 2010): 860-865 (EI) 8. Jia Zhang, Haixin Duan, Wu Liu, Jianping Wu. Anonymity analysis of P2P anonymous communication systems. J. of Computer Communications, 2010 Published by Elsevier. 7 July 2010 9. Lei Hou, Haixin Duan, Jianping Wu, et al. Distinguishing the Master to Defend DDoS Attack in Peer-to-Peer Networks. Proceedings of the third IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP)(in conjunction with The 10th IEEE International Conference on Computer and Information Technology (CIT 2010)),2010,p -. (EI 收录, 检索号: 20104613393430.) 10. Z. Chen, G. Gu, J. Zhuge, J. Nazario, X. Han, WebPatrol: Automated Collection and Replay of Web-based Malware Scenarios, to appear in Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11) , March 2011.

2009

  1. Jia ZHANG, Haixin DUAN, Wu LIU, Jianping WU. WindTalker: A P2P-Based Low-Latency Anonymous Communication Network, IEICE Transactions on Communications, 2009, VOL. E92-B, NO.10, pp.3183-3194
  2. LIU Wu, DUAN Hai-xin, LIN Tao, LI Xing, WU Jian-ping. H6Proxy: ICMPv6 Weakness Analysis and Implementation of IPv6 Attacking Test Proxy. Cybercrime and Trustworthy Computing (CTC-2009), July 7-10, 2009, Brisbane, Australia

2008

  1. Zhang Jia, Duan Haixin, Wang Lanjia. A Fast Method of Signature Generation for Polymorphic Worms, proceedings of the 2008 International Conference on Computer and Electrical Engineering, ICCEE 2008, pp8-13
  2. [4] Jia Zhang, Yuntao Guan, Xiaoxin Jiang, Haixin Duan, Jianping Wu. AMCAS: An Automatic Malicious Code Analysis System. In Proceedings of the Ninth International Conference on Web-Age Information Management (WAIM’08), Zhangjiajie, China, Jul, 2008.