Your search keyword '"Lin, Zhiqiang"' showing total 51 results

1. SoK: Where's the 'up'?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems

Author

Tan, Xi, Ma, Zheyuan, Pinto, Sandro, Guan, Le, Zhang, Ning, Xu, Jun, Lin, Zhiqiang, Hu, Hongxin, Zhao, Ziming, Tan, Xi, Ma, Zheyuan, Pinto, Sandro, Guan, Le, Zhang, Ning, Xu, Jun, Lin, Zhiqiang, Hu, Hongxin, and Zhao, Ziming

Abstract

Arm Cortex-M processors are the most widely used 32-bit microcontrollers among embedded and Internet-of-Things devices. Despite the widespread usage, there has been little effort in summarizing their hardware security features, characterizing the limitations and vulnerabilities of their hardware and software stack, and systematizing the research on securing these systems. The goals and contributions of this paper are multi-fold. First, we analyze the hardware security limitations and issues of Cortex-M systems. Second, we conducted a deep study of the software stack designed for Cortex-M and revealed its limitations, which is accompanied by an empirical analysis of 1,797 real-world firmware. Third, we categorize the reported bugs in Cortex-M software systems. Finally, we systematize the efforts that aim at securing Cortex-M systems and evaluate them in terms of the protections they offer, runtime performance, required hardware features, etc. Based on the insights, we develop a set of recommendations for the research community and MCU software developers., Comment: To Appear in the 18th USENIX WOOT Conference on Offensive Technologies, August 12-13, 2024

Published

2024

2. Flashback: Enhancing Proposer-Builder Design with Future-Block Auctions in Proof-of-Stake Ethereum

Author

Mao, Yifan, Zhang, Mengya, Venkatakrishnan, Shaileshh Bojja, Lin, Zhiqiang, Mao, Yifan, Zhang, Mengya, Venkatakrishnan, Shaileshh Bojja, and Lin, Zhiqiang

Abstract

Maximal extractable value (MEV) in which block proposers unethically gain profits by manipulating the order in which transactions are included within a block, is a key challenge facing blockchains such as Ethereum today. Left unchecked, MEV can lead to a centralization of stake distribution thereby ultimately compromising the security of blockchain consensus. To preserve proposer decentralization (and hence security) of the blockchain, Ethereum has advocated for a proposer-builder separation (PBS) in which the functionality of transaction ordering is separated from proposers and assigned to separate entities called builders. Builders accept transaction bundles from searchers, who compete to find the most profitable bundles. Builders then bid completed blocks to proposers, who accept the most profitable blocks for publication. The auction mechanisms used between searchers, builders and proposers are crucial to the overall health of the blockchain. In this paper, we consider PBS design in Ethereum as a game between searchers, builders and proposers. A key novelty in our design is the inclusion of future block proposers, as all proposers of an epoch are decided ahead of time in proof-of-stake (PoS) Ethereum within the game model. Our analysis shows the existence of alternative auction mechanisms that result in a better (more profitable) equilibrium to players compared to state-of-the-art. Experimental evaluations based on synthetic and real-world data traces corroborate the analysis. Our results highlight that a rethinking of auction mechanism designs is necessary in PoS Ethereum to prevent disruption.

Published

2024

3. SoK: Security of Cross-chain Bridges: Attack Surfaces, Defenses, and Open Problems

Author

Zhang, Mengya, Zhang, Xiaokuan, Barbee, Josh, Zhang, Yinqian, Lin, Zhiqiang, Zhang, Mengya, Zhang, Xiaokuan, Barbee, Josh, Zhang, Yinqian, and Lin, Zhiqiang

Abstract

Cross-chain bridges are used to facilitate token and data exchanges across blockchains. Although bridges are becoming increasingly popular, they are still in their infancy and have been attacked multiple times recently, causing significant financial loss. Although there are numerous reports online explaining each of the incidents on cross-chain bridges, they are scattered over the Internet, and there is no work that analyzes the security landscape of cross-chain bridges in a holistic manner. To fill the gap, in this paper, we performed a systematic study of cross-chain bridge security issues. First, we summarize the characteristics of existing cross-chain bridges, including their usages, verification mechanisms, communication models, and three categorizations. Based on these characteristics, we identify 12 potential attack vectors that attackers may exploit. Next, we introduce a taxonomy that categorizes cross-chain attacks in the past two years into 10 distinct types, and then provide explanations for each vulnerability type, accompanied by Solidity code examples. We also discuss existing and potential defenses, as well as open questions and future research directions on cross-chain bridges. We believe that this systematization can shed light on designing and implementing cross-chain bridges with higher security and, more importantly, facilitating future research on building a better cross-chain bridge ecosystem.

Published

2023

4. Binary Code Summarization: Benchmarking ChatGPT/GPT-4 and Other Large Language Models

Author

Jin, Xin, Larson, Jonathan, Yang, Weiwei, Lin, Zhiqiang, Jin, Xin, Larson, Jonathan, Yang, Weiwei, and Lin, Zhiqiang

Abstract

Binary code summarization, while invaluable for understanding code semantics, is challenging due to its labor-intensive nature. This study delves into the potential of large language models (LLMs) for binary code comprehension. To this end, we present BinSum, a comprehensive benchmark and dataset of over 557K binary functions and introduce a novel method for prompt synthesis and optimization. To more accurately gauge LLM performance, we also propose a new semantic similarity metric that surpasses traditional exact-match approaches. Our extensive evaluation of prominent LLMs, including ChatGPT, GPT-4, Llama 2, and Code Llama, reveals 10 pivotal insights. This evaluation generates 4 billion inference tokens, incurred a total expense of 11,418 US dollars and 873 NVIDIA A100 GPU hours. Our findings highlight both the transformative potential of LLMs in this field and the challenges yet to be overcome.

Published

2023

5. Cocoon: Static Information Flow Control in Rust

Author

Lamba, Ada, Taylor, Max, Beardsley, Vincent, Bambeck, Jacob, Bond, Michael D., Lin, Zhiqiang, Lamba, Ada, Taylor, Max, Beardsley, Vincent, Bambeck, Jacob, Bond, Michael D., and Lin, Zhiqiang

Abstract

Information flow control (IFC) provides confidentiality by enforcing noninterference, which ensures that high-secrecy values cannot affect low-secrecy values. Prior work introduces fine-grained IFC approaches that modify the programming language and use nonstandard compilation tools, impose run-time overhead, or report false secrecy leaks -- all of which hinder adoption. This paper presents Cocoon, a Rust library for static type-based IFC that uses the unmodified Rust language and compiler. The key insight of Cocoon lies in leveraging Rust's type system and procedural macros to establish an effect system that enforces noninterference. A performance evaluation shows that using Cocoon increases compile time but has no impact on application performance. To demonstrate Cocoon's utility, we retrofitted two popular Rust programs, the Spotify TUI client and Mozilla's Servo browser engine, to use Cocoon to enforce limited confidentiality policies., Comment: Will be published in PACMPL(OOPSLA) in October 2024

Published

2023

6. Don't Leak Your Keys: Understanding, Measuring, and Exploiting the AppSecret Leaks in Mini-Programs

Author

Zhang, Yue, Yang, Yuqing, Lin, Zhiqiang, Zhang, Yue, Yang, Yuqing, and Lin, Zhiqiang

Abstract

Mobile mini-programs in WeChat have gained significant popularity since their debut in 2017, reaching a scale similar to that of Android apps in the Play Store. Like Google, Tencent, the provider of WeChat, offers APIs to support the development of mini-programs and also maintains a mini-program market within the WeChat app. However, mini-program APIs often manage sensitive user data within the social network platform, both on the WeChat client app and in the cloud. As a result, cryptographic protocols have been implemented to secure data access. In this paper, we demonstrate that WeChat should have required the use of the "appsecret" master key, which is used to authenticate a mini-program, to be used only in the mini-program back-end. If this key is leaked in the front-end of the mini-programs, it can lead to catastrophic attacks on both mini-program developers and users. Using a mini-program crawler and a master key leakage inspector, we measured 3,450,586 crawled mini-programs and found that 40,880 of them had leaked their master keys, allowing attackers to carry out various attacks such as account hijacking, promotion abuse, and service theft. Similar issues were confirmed through testing and measuring of Baidu mini-programs too. We have reported these vulnerabilities and the list of vulnerable mini-programs to Tencent and Baidu, which awarded us with bug bounties, and also Tencent recently released a new API to defend against these attacks based on our findings., Comment: This is the preprint of our CCS 2023 paper

Published

2023

7. Uncovering and Exploiting Hidden APIs in Mobile Super Apps

Author

Wang, Chao, Zhang, Yue, Lin, Zhiqiang, Wang, Chao, Zhang, Yue, and Lin, Zhiqiang

Abstract

Mobile applications, particularly those from social media platforms such as WeChat and TikTok, are evolving into "super apps" that offer a wide range of services such as instant messaging and media sharing, e-commerce, e-learning, and e-government. These super apps often provide APIs for developers to create "miniapps" that run within the super app. These APIs should have been thoroughly scrutinized for security. Unfortunately, we find that many of them are undocumented and unsecured, potentially allowing miniapps to bypass restrictions and gain higher privileged access. To systematically identify these hidden APIs before they are exploited by attackers, we developed a tool APIScope with both static analysis and dynamic analysis, where static analysis is used to recognize hidden undocumented APIs, and dynamic analysis is used to confirm whether the identified APIs can be invoked by an unprivileged 3rdparty miniapps. We have applied APIScope to five popular super apps (i.e., WeChat, WeCom, Baidu, QQ, and Tiktok) and found that all of them contain hidden APIs, many of which can be exploited due to missing security checks. We have also quantified the hidden APIs that may have security implications by verifying if they have access to resources protected by Android permissions. Furthermore, we demonstrate the potential security hazards by presenting various attack scenarios, including unauthorized access to any web pages, downloading and installing malicious software, and stealing sensitive information. We have reported our findings to the relevant vendors, some of whom have patched the vulnerabilities and rewarded us with bug bounties., Comment: This is a preprint of our CCS 2023

Published

2023

8. SoK: Decoding the Super App Enigma: The Security Mechanisms, Threats, and Trade-offs in OS-alike Apps

Author

Yang, Yuqing, Wang, Chao, Zhang, Yue, Lin, Zhiqiang, Yang, Yuqing, Wang, Chao, Zhang, Yue, and Lin, Zhiqiang

Abstract

The super app paradigm, exemplified by platforms such as WeChat and AliPay, has revolutionized the mobile app landscape by enabling third-party developers to deploy add-ons within these apps. These add-ons, known as miniapps, leverage user data hosted by the super app platforms to provide a wide range of services, such as shopping and gaming. With the rise of miniapps, super apps have transformed into "operating systems", offering encapsulated APIs to miniapp developers as well as in-app miniapp stores for users to explore and download miniapps. In this paper, we provide the first systematic study to consolidate the current state of knowledge in this field from the security perspective: the security measures, threats, and trade-offs of this paradigm. Specifically, we summarize 13 security mechanisms and 10 security threats in super app platforms, followed by a root cause analysis revealing that the security assumptions still may be violated due to issues in underlying systems, implementation of isolation, and vetting. Additionally, we also systematize open problems and trade-offs that need to be addressed by future works to help enhance the security and privacy of this new paradigm.

Published

2023

9. Ultraverse: Efficient Retroactive Operation for Attack Recovery in Database Systems and Web Frameworks

Author

Ko, Ronny, Xiao, Chuan, Onizuka, Makoto, Huang, Yihe, Lin, Zhiqiang, Ko, Ronny, Xiao, Chuan, Onizuka, Makoto, Huang, Yihe, and Lin, Zhiqiang

Abstract

Retroactive operation is an operation that changes a past operation in a series of committed ones (e.g., cancelling the past insertion of '5' into a queue committed at t=3). Retroactive operation has many important security applications such as attack recovery or private data removal (e.g., for GDPR compliance). While prior efforts designed retroactive algorithms for low-level data structures (e.g., queue, set), none explored retroactive operation for higher levels, such as database systems or web applications. This is challenging, because: (i) SQL semantics of database systems is complex; (ii) data records can flow through various web application components, such as HTML's DOM trees, server-side user request handlers, and client-side JavaScript code. We propose Ultraverse, the first retroactive operation framework comprised of two components: a database system and a web application framework. The former enables users to retroactively change committed SQL queries; the latter does the same for web applications with preserving correctness of application semantics. Our experimental results show that Ultraverse achieves 10.5x~693.3x speedup on retroactive database update compared to a regular DBMS's flashback and redo.

Published

2022

10. An Empirical Study on Ethereum Private Transactions and the Security Implications

Author

Lyu, Xingyu, Zhang, Mengya, Zhang, Xiaokuan, Niu, Jianyu, Zhang, Yinqian, Lin, Zhiqiang, Lyu, Xingyu, Zhang, Mengya, Zhang, Xiaokuan, Niu, Jianyu, Zhang, Yinqian, and Lin, Zhiqiang

Abstract

Recently, Decentralized Finance (DeFi) platforms on Ethereum are booming, and numerous traders are trying to capitalize on the opportunity for maximizing their benefits by launching front-running attacks and extracting Miner Extractable Values (MEVs) based on information in the public mempool. To protect end users from being harmed and hide transactions from the mempool, private transactions, a special type of transactions that are sent directly to miners, were invented. Private transactions have a high probability of being packed to the front positions of a block and being added to the blockchain by the target miner, without going through the public mempool, thus reducing the risk of being attacked by malicious entities. Despite the good intention of inventing private transactions, due to their stealthy nature, private transactions have also been used by attackers to launch attacks, which has a negative impact on the Ethereum ecosystem. However, existing works only touch upon private transactions as by-products when studying MEV, while a systematic study on private transactions is still missing. To fill this gap and paint a complete picture of private transactions, we take the first step towards investigating the private transactions on Ethereum. In particular, we collect large-scale private transaction datasets and perform analysis on their characteristics, transaction costs and miner profits, as well as security impacts. This work provides deep insights on different aspects of private transactions.

Published

2022

11. Mitigation of Advanced Code Reuse Attacks

Author

Eckert, Claudia (Prof. Dr.), Lin, Zhiqiang (Prof. Dr.), Muntean, Paul Ioan, Eckert, Claudia (Prof. Dr.), Lin, Zhiqiang (Prof. Dr.), and Muntean, Paul Ioan

Abstract

This work deals with the mitigation of advanced code reuse attacks by first providing techniques to statically analyze source code in order to find software faults and then provides techniques to automatically generate code repairs. Further, this work proposes dynamic analysis methods based on compiler software hardening used for mitigating advanced code reuse attacks during runtime. Lastly, the results presented in this work have been published in top tier security conferences and journals., Diese Arbeit befasst sich mit der Abschwächung fortgeschrittener Code Wiederverwendung Angriffe, indem zunächst Techniken zur statischen Analyse des Quellcodes bereitgestellt werden, um Softwarefehler zu finden, und anschließend Techniken zur automatischen Generierung von Codereparaturen bereitgestellt werden. Darüber hinaus werden dynamische Analysemethoden vorgeschlagen, die auf der Härtung von Software basieren und zur Minderung Code Wiederverwendung Angriffe verwendet werden.

Published

2021

12. Treatment of Intracranial Infection Caused by Methicillin-Resistant Staphylococcus epidermidis with Linezolid Following Poor Outcome of Vancomycin Therapy: A Case Report and Literature Review

Author

Fu,Xinyang, Lin,Zhiqiang, Chen,Sumei, Hong,Limian, Yu,Xueping, Wu,Shuifa, Fu,Xinyang, Lin,Zhiqiang, Chen,Sumei, Hong,Limian, Yu,Xueping, and Wu,Shuifa

Abstract

Xinyang Fu,1,* Zhiqiang Lin,1,* Sumei Chen,2 Limian Hong,1 Xueping Yu,2 Shuifa Wu1 1Department of Pharmacy, Quanzhou First Hospital Affiliated to Fujian Medical University, Quanzhou, Fujian, People’s Republic of China; 2Department of Infectious Disease, Quanzhou First Hospital Affiliated to Fujian Medical University, Quanzhou, Fujian, People’s Republic of China*These authors contributed equally to this workCorrespondence: Shuifa WuDepartment of Pharmacy, Quanzhou First Hospital Affiliated to Fujian Medical University, No. 250 East Street, Licheng District, Quanzhou, Fujian, 362000, People’s Republic of ChinaEmail shfw0116@126.comXueping YuDepartment of Infectious Disease, Quanzhou First Hospital Affiliated to Fujian Medical University, No. 250 East Street, Licheng District, Quanzhou, Fujian, 362000, People’s Republic of ChinaEmail xpyu15@fudan.edu.cnAbstract: The pharmacokinetic/pharmacodynamic (PK/PD) parameter for evaluating the efficacy of vancomycin is now recommended to target an AUC/MIC (area under the curve, AUC; minimum inhibitory concentration, MIC) ratio of 400 to 600, and trough concentration should not be used as a substitute. We report a case of intracranial infection caused by methicillin-resistant Staphylococcus epidermidis (MRSE), which was sensitive to vancomycin (MIC=2μg/mL) and linezolid (MIC=4μg/mL). The trough concentration of vancomycin in serum was 18.3 μg/mL, and the vancomycin concentration in CSF was 5.0 μg/mL, all within normal range. However, the AUC/MIC ratio was calculated to be 125 mg·h·L− 1, unable to reach target AUC/MIC. Vancomycin was replaced with linezolid after 36 days of treatment due to poor outcome, and the patient was eventually cured. Further, 23 cases of intracranial methicillin-resistant Staphylococcus aureus (MRSA) or methicillin-resistant coagulase-negative Staphylococcus (MRCoNS) infections were reported, of which 1 case with MRSA had a vancomycin MIC of 1 μg/mL, while the remai

Published

2021

13. Mitigation of Advanced Code Reuse Attacks

Author

Eckert, Claudia (Prof. Dr.), Eckert, Claudia (Prof. Dr.);Lin, Zhiqiang (Prof. Dr.), Muntean, Paul Ioan, Eckert, Claudia (Prof. Dr.), Eckert, Claudia (Prof. Dr.);Lin, Zhiqiang (Prof. Dr.), and Muntean, Paul Ioan

Abstract

This work deals with the mitigation of advanced code reuse attacks by first providing techniques to statically analyze source code in order to find software faults and then provides techniques to automatically generate code repairs. Further, this work proposes dynamic analysis methods based on compiler software hardening used for mitigating advanced code reuse attacks during runtime. Lastly, the results presented in this work have been published in top tier security conferences and journals., Diese Arbeit befasst sich mit der Abschwächung fortgeschrittener Code Wiederverwendung Angriffe, indem zunächst Techniken zur statischen Analyse des Quellcodes bereitgestellt werden, um Softwarefehler zu finden, und anschließend Techniken zur automatischen Generierung von Codereparaturen bereitgestellt werden. Darüber hinaus werden dynamische Analysemethoden vorgeschlagen, die auf der Härtung von Software basieren und zur Minderung Code Wiederverwendung Angriffe verwendet werden.

Published

2021

14. WLAN-Log-Based Superspreader Detection in the COVID-19 Pandemic

Author

Zhang, Cheng, Pan, Yunze, Zhang, Yunqi, Champion, Adam C., Shen, Zhaohui, Xuan, Dong, Lin, Zhiqiang, Shroff, Ness B., Zhang, Cheng, Pan, Yunze, Zhang, Yunqi, Champion, Adam C., Shen, Zhaohui, Xuan, Dong, Lin, Zhiqiang, and Shroff, Ness B.

Abstract

Identifying "superspreaders" of disease is a pressing concern for society during pandemics such as COVID-19. Superspreaders represent a group of people who have much more social contacts than others. The widespread deployment of WLAN infrastructure enables non-invasive contact tracing via people's ubiquitous mobile devices. This technology offers promise for detecting superspreaders. In this paper, we propose a general framework for WLAN-log-based superspreader detection. In our framework, we first use WLAN logs to construct contact graphs by jointly considering human symmetric and asymmetric interactions. Next, we adopt three vertex centrality measurements over the contact graphs to generate three groups of superspreader candidates. Finally, we leverage SEIR simulation to determine groups of superspreaders among these candidates, who are the most critical individuals for the spread of disease based on the simulation results. We have implemented our framework and evaluate it over a WLAN dataset with 41 million log entries from a large-scale university. Our evaluation shows superspreaders exist on university campuses. They change over the first few weeks of a semester, but stabilize throughout the rest of the term. The data also demonstrate that both symmetric and asymmetric contact tracing can discover superspreaders, but the latter performs better with daily contact graphs. Further, the evaluation shows no consistent differences among three vertex centrality measures for long-term (i.e., weekly) contact graphs, which necessitates the inclusion of SEIR simulation in our framework. We believe our proposed framework and these results may provide timely guidance for public health administrators regarding effective testing, intervention, and vaccination policies., Comment: Accepted to Elsevier High-Confidence Computing Journal

Published

2021

15. CROSSLINE: Breaking 'Security-by-Crash' based Memory Isolation in AMD SEV

Author

Li, Mengyuan, Zhang, Yinqian, Lin, Zhiqiang, Li, Mengyuan, Zhang, Yinqian, and Lin, Zhiqiang

Abstract

AMD's Secure Encrypted Virtualization (SEV) is an emerging security feature on AMD processors that allows virtual machines to run on encrypted memory and perform confidential computing even with an untrusted hypervisor. This paper first demystifies SEV's improper use of address space identifier (ASID) for controlling accesses of a VM to encrypted memory pages, cache lines, and TLB entries. We then present the CROSSLINE attacks, a novel class of attacks against SEV that allow the adversary to launch an attacker VM and change its ASID to that of the victim VM to impersonate the victim. We present two variants of CROSSLINE attacks: CROSSLINE V1 decrypts victim's page tables or memory blocks following the format of a page table entry; CROSSLINE V2 constructs encryption and decryption oracles by executing instructions of the victim VM. We have successfully performed CROSSLINE attacks on SEV and SEV-ES processors., Comment: 14 pages, 5 figures, security

Published

2020

16. ACOUSTIC-TURF: Acoustic-based Privacy-Preserving COVID-19 Contact Tracing

Author

Luo, Yuxiang, Zhang, Cheng, Zhang, Yunqi, Zuo, Chaoshun, Xuan, Dong, Lin, Zhiqiang, Champion, Adam C., Shroff, Ness, Luo, Yuxiang, Zhang, Cheng, Zhang, Yunqi, Zuo, Chaoshun, Xuan, Dong, Lin, Zhiqiang, Champion, Adam C., and Shroff, Ness

Abstract

In this paper, we propose a new privacy-preserving, automated contact tracing system, ACOUSTIC-TURF, to fight COVID-19 using acoustic signals sent from ubiquitous mobile devices. At a high level, ACOUSTIC-TURF adaptively broadcasts inaudible ultrasonic signals with randomly generated IDs in the vicinity. Simultaneously, the system receives other ultrasonic signals sent from nearby (e.g., 6 feet) users. In such a system, individual user IDs are not disclosed to others and the system can accurately detect encounters in physical proximity with 6-foot granularity. We have implemented a prototype of ACOUSTIC-TURF on Android and evaluated its performance in terms of acoustic-signal-based encounter detection accuracy and power consumption at different ranges and under various occlusion scenarios. Experimental results show that ACOUSTIC-TURF can detect multiple contacts within a 6-foot range for mobile phones placed in pockets and outside pockets. Furthermore, our acoustic-signal-based system achieves greater precision than wireless-signal-based approaches when contact tracing is performed through walls. ACOUSTIC-TURF correctly determines that people on opposite sides of a wall are not in contact with one another, whereas the Bluetooth-based approaches detect nonexistent contacts among them.

Published

2020

17. VGLL4 plays a critical role in heart valve development and homeostasis

Author

Firulli, Anthony B., Yu, Wei, Ma, Xueyan, Xu, Jinjin, Heumüller, Andreas, Fei, Zhaoliang, Feng, Xue, Wang, Xiaodong, Liu, Kuo, Li, Jinhui, Cui, Guizhong, Peng, Guangdun, Ji, Hongbin, Li, Jinsong, Jing, Naihe, Song, Hai, Lin, Zhiqiang, Zhao, Yun, Wang, Zuoyun, Zhou, Bin, Zhang, Lei, Firulli, Anthony B., Yu, Wei, Ma, Xueyan, Xu, Jinjin, Heumüller, Andreas, Fei, Zhaoliang, Feng, Xue, Wang, Xiaodong, Liu, Kuo, Li, Jinhui, Cui, Guizhong, Peng, Guangdun, Ji, Hongbin, Li, Jinsong, Jing, Naihe, Song, Hai, Lin, Zhiqiang, Zhao, Yun, Wang, Zuoyun, Zhou, Bin, and Zhang, Lei

Abstract

Heart valve disease is a major clinical problem worldwide. Cardiac valve development and homeostasis need to be precisely controlled. Hippo signaling is essential for organ development and tissue homeostasis, while its role in valve formation and morphology maintenance remains unknown. VGLL4 is a transcription cofactor in vertebrates and we found it was mainly expressed in valve interstitial cells at the post-EMT stage and was maintained till the adult stage. Tissue specific knockout of VGLL4 in different cell lineages revealed that only loss of VGLL4 in endothelial cell lineage led to valve malformation with expanded expression of YAP targets. We further semi-knockout YAP in VGLL4 ablated hearts, and found hyper proliferation of arterial valve interstitial cells was significantly constrained. These findings suggest that VGLL4 is important for valve development and manipulation of Hippo components would be a potential therapy for preventing the progression of congenital valve disease.

Published

2019

18. Analyzing Control Flow Integrity with LLVM-CFI

Author

Muntean, Paul, Neumayer, Matthias, Lin, Zhiqiang, Tan, Gang, Grossklags, Jens, Eckert, Claudia, Muntean, Paul, Neumayer, Matthias, Lin, Zhiqiang, Tan, Gang, Grossklags, Jens, and Eckert, Claudia

Abstract

Control-flow hijacking attacks are used to perform malicious com-putations. Current solutions for assessing the attack surface afteracontrol flow integrity(CFI) policy was applied can measure onlyindirect transfer averages in the best case without providing anyinsights w.r.t. the absolute calltarget reduction per callsite, and gad-get availability. Further, tool comparison is underdeveloped or notpossible at all. CFI has proven to be one of the most promising pro-tections against control flow hijacking attacks, thus many effortshave been made to improve CFI in various ways. However, there isa lack of systematic assessment of existing CFI protections. In this paper, we presentLLVM-CFI, a static source code analy-sis framework for analyzing state-of-the-art static CFI protectionsbased on the Clang/LLVM compiler framework.LLVM-CFIworksby precisely modeling a CFI policy and then evaluating it within aunified approach.LLVM-CFIhelps determine the level of securityoffered by different CFI protections, after the CFI protections weredeployed, thus providing an important step towards exploit cre-ation/prevention and stronger defenses. We have usedLLVM-CFIto assess eight state-of-the-art static CFI defenses on real-worldprograms such as Google Chrome and Apache Httpd.LLVM-CFIprovides a precise analysis of the residual attack surfaces, andaccordingly ranks CFI policies against each other.LLVM-CFIalsosuccessfully paves the way towards construction of COOP-like codereuse attacks and elimination of the remaining attack surface bydisclosing protected calltargets under eight restrictive CFI policies., Comment: Accepted for publication at ACSAC'19 conference. arXiv admin note: substantial text overlap with arXiv:1812.08496

Published

2019

19. On the (In)security of Bluetooth Low Energy One-Way Secure Connections Only Mode

Author

Zhang, Yue, Weng, Jian, Dey, Rajib, Jin, Yier, Lin, Zhiqiang, Fu, Xinwen, Zhang, Yue, Weng, Jian, Dey, Rajib, Jin, Yier, Lin, Zhiqiang, and Fu, Xinwen

Abstract

To defeat security threats such as man-in-the-middle (MITM) attacks, Bluetooth Low Energy (BLE) 4.2 and 5.x introduce the Secure Connections Only mode, under which a BLE device accepts only secure paring protocols including Passkey Entry and Numeric Comparison from an initiator, e.g., an Android mobile. However, the BLE specification does not explicitly require the Secure Connection Only mode of the initiator. Taking the Android's BLE programming framework for example, we found that it cannot enforce secure pairing, invalidating the security protection provided by the Secure Connection Only mode. The same problem applies to Apple iOS too. Specifically, we examine the life cycle of a BLE pairing process in Android and identify four severe design flaws. These design flaws can be exploited by attackers to perform downgrading attacks, forcing the BLE pairing protocols to run in the insecure mode without the users' awareness. To validate our findings, we selected and tested 18 popular BLE commercial products and our experimental results proved that downgrading attacks and MITM attacks were all possible to these products. All 3501 BLE apps from Androzoo are also subject to these attacks. For defense, we have designed and implemented a prototype of the Secure Connection Only mode on Android 8 through the Android Open Source Project (AOSP). We have reported the identified BLE pairing vulnerabilities to Bluetooth Special Interest Group (SIG), Google, Apple, Texas Instruments (TI) and all of them are actively addressing this issue. Google rated the reported security flaw a High Severity.

Published

2019

20. Co-Emergence of Specialized Endothelial Cells from Embryonic Stem Cells.

Author

Madfis, Nicole, Madfis, Nicole, Lin, Zhiqiang, Kumar, Ashwath, Douglas, Simone A, Platt, Manu O, Fan, Yuhong, McCloskey, Kara E, Madfis, Nicole, Madfis, Nicole, Lin, Zhiqiang, Kumar, Ashwath, Douglas, Simone A, Platt, Manu O, Fan, Yuhong, and McCloskey, Kara E

Abstract

A well-formed and robust vasculature is critical to the health of most organ systems in the body. However, the endothelial cells (ECs) forming the vasculature can exhibit a number of distinct functional subphenotypes like arterial or venous ECs, as well as angiogenic tip and stalk ECs. In this study, we investigate the in vitro differentiation of EC subphenotypes from embryonic stem cells (ESCs). Using our staged induction methods and chemically defined mediums, highly angiogenic EC subpopulations, as well as less proliferative and less migratory EC subpopulations, are derived. Furthermore, the EC subphenotypes exhibit distinct surface markers, gene expression profiles, and positional affinities during sprouting. While both subpopulations contained greater than 80% VE-cad+/CD31+ cells, the tip/stalk-like EC contained predominantly Flt4+/Dll4+/CXCR4+/Flt-1- cells, while the phalanx-like EC was composed of higher numbers of Flt-1+ cells. These studies suggest that the tip-specific EC can be derived in vitro from stem cells as a distinct and relatively stable EC subphenotype without the benefit of its morphological positioning in the sprouting vessel.

Published

2018

21. A personalized and long-acting local therapeutic platform combining photothermal therapy and chemotherapy for the treatment of multidrug-resistant colon tumor

Author

Wang,Beibei, Wu,Sunyi, Lin,Zhiqiang, Jiang,Yajun, Chen,Yan, Chen,Zhe-Sheng, Yang,Xiaoying, Gao,Wei, Wang,Beibei, Wu,Sunyi, Lin,Zhiqiang, Jiang,Yajun, Chen,Yan, Chen,Zhe-Sheng, Yang,Xiaoying, and Gao,Wei

Abstract

Beibei Wang,1 Sunyi Wu,1 Zhiqiang Lin,2 Yajun Jiang,1 Yan Chen,1 Zhe-Sheng Chen,3 Xiaoying Yang,1 Wei Gao1,4 1Tianjin Key Laboratory on Technologies Enabling Development of Clinical Therapeutics and Diagnostics (Theranostics), School of Pharmacy, Tianjin Medical University, Tianjin 300070, China; 2Institute of Systems Biomedicine, School of Basic Medical Sciences, Peking University Health Science Center, Beijing 100191, China; 3College of Pharmacy and Health Sciences, St John’s University, New York, NY 11439, USA; 4College of Pharmacy, University of Michigan, Ann Arbor, MI 48109, USA Background: Local photothermal therapy (PTT) provides an easily applicable, noninvasive adjunctive therapy for colorectal cancer (CRC), especially when multidrug resistance (MDR) occurs. However, using PTT alone does not result in complete tumor ablation in many cases, thus resulting in tumor recurrence and metastasis. Materials and methods: In this study, we aim to develop a personalized local therapeutic platform combining PTT with long-acting chemotherapy for the treatment of MDR CRC. The platform consists of polyethylene glycol (PEG)-coated gold nanorods (PEG-GNRs) and d-alpha-tocopheryl PEG 1000 succinate (TPGS)-coated paclitaxel (PTX) nanocrystals (TPGS-PTX NC), followed by the incorporation into an in situ hydrogel (gel) system (GNRs-TPGS-PTX NC-gel) before injection. After administration, PEG-GNRs can exert quick and efficient local photothermal response under near-infrared laser irradiation to shrink tumor; TPGS-PTX NC then provides a long-acting chemotherapy due to the sustained release of PTX along with the P-glycoprotein inhibitor TPGS to reverse the drug resistance. Results: The cytotoxicity studies showed that the IC50 of GNRs-TPGS-PTX NC-gel with laser irradiation decreased to ~178-folds compared with PTX alone in drug-resistant SW620 AD300 cells. In the in vivo efficacy test, after laser irradiation, the GNRs-TPGS-PTX NC-gel showed similar tumor volume inhibiti

Published

2018

22. Co-Emergence of Specialized Endothelial Cells from Embryonic Stem Cells.

Author

Madfis, Nicole, Madfis, Nicole, Lin, Zhiqiang, Kumar, Ashwath, Douglas, Simone A, Platt, Manu O, Fan, Yuhong, McCloskey, Kara E, Madfis, Nicole, Madfis, Nicole, Lin, Zhiqiang, Kumar, Ashwath, Douglas, Simone A, Platt, Manu O, Fan, Yuhong, and McCloskey, Kara E

Abstract

A well-formed and robust vasculature is critical to the health of most organ systems in the body. However, the endothelial cells (ECs) forming the vasculature can exhibit a number of distinct functional subphenotypes like arterial or venous ECs, as well as angiogenic tip and stalk ECs. In this study, we investigate the in vitro differentiation of EC subphenotypes from embryonic stem cells (ESCs). Using our staged induction methods and chemically defined mediums, highly angiogenic EC subpopulations, as well as less proliferative and less migratory EC subpopulations, are derived. Furthermore, the EC subphenotypes exhibit distinct surface markers, gene expression profiles, and positional affinities during sprouting. While both subpopulations contained greater than 80% VE-cad+/CD31+ cells, the tip/stalk-like EC contained predominantly Flt4+/Dll4+/CXCR4+/Flt-1- cells, while the phalanx-like EC was composed of higher numbers of Flt-1+ cells. These studies suggest that the tip-specific EC can be derived in vitro from stem cells as a distinct and relatively stable EC subphenotype without the benefit of its morphological positioning in the sprouting vessel.

Published

2018

23. A personalized and long-acting local therapeutic platform combining photothermal therapy and chemotherapy for the treatment of multidrug-resistant colon tumor

Author

Wang,Beibei, Wu,Sunyi, Lin,Zhiqiang, Jiang,Yajun, Chen,Yan, Chen,Zhe-Sheng, Yang,Xiaoying, Gao,Wei, Wang,Beibei, Wu,Sunyi, Lin,Zhiqiang, Jiang,Yajun, Chen,Yan, Chen,Zhe-Sheng, Yang,Xiaoying, and Gao,Wei

Abstract

Beibei Wang,1 Sunyi Wu,1 Zhiqiang Lin,2 Yajun Jiang,1 Yan Chen,1 Zhe-Sheng Chen,3 Xiaoying Yang,1 Wei Gao1,4 1Tianjin Key Laboratory on Technologies Enabling Development of Clinical Therapeutics and Diagnostics (Theranostics), School of Pharmacy, Tianjin Medical University, Tianjin 300070, China; 2Institute of Systems Biomedicine, School of Basic Medical Sciences, Peking University Health Science Center, Beijing 100191, China; 3College of Pharmacy and Health Sciences, St John’s University, New York, NY 11439, USA; 4College of Pharmacy, University of Michigan, Ann Arbor, MI 48109, USA Background: Local photothermal therapy (PTT) provides an easily applicable, noninvasive adjunctive therapy for colorectal cancer (CRC), especially when multidrug resistance (MDR) occurs. However, using PTT alone does not result in complete tumor ablation in many cases, thus resulting in tumor recurrence and metastasis. Materials and methods: In this study, we aim to develop a personalized local therapeutic platform combining PTT with long-acting chemotherapy for the treatment of MDR CRC. The platform consists of polyethylene glycol (PEG)-coated gold nanorods (PEG-GNRs) and d-alpha-tocopheryl PEG 1000 succinate (TPGS)-coated paclitaxel (PTX) nanocrystals (TPGS-PTX NC), followed by the incorporation into an in situ hydrogel (gel) system (GNRs-TPGS-PTX NC-gel) before injection. After administration, PEG-GNRs can exert quick and efficient local photothermal response under near-infrared laser irradiation to shrink tumor; TPGS-PTX NC then provides a long-acting chemotherapy due to the sustained release of PTX along with the P-glycoprotein inhibitor TPGS to reverse the drug resistance. Results: The cytotoxicity studies showed that the IC50 of GNRs-TPGS-PTX NC-gel with laser irradiation decreased to ~178-folds compared with PTX alone in drug-resistant SW620 AD300 cells. In the in vivo efficacy test, after laser irradiation, the GNRs-TPGS-PTX NC-gel showed similar tumor volume inhibiti

Published

2018

24. Injected and Delivered: Fabricating Implicit Control over Actuation Systems by Spoofing Inertial Sensors

Author

Tu, Yazhou, Lin, Zhiqiang, Lee, Insup, Hei, Xiali, Tu, Yazhou, Lin, Zhiqiang, Lee, Insup, and Hei, Xiali

Abstract

Inertial sensors provide crucial feedback for control systems to determine motional status and make timely, automated decisions. Prior efforts tried to control the output of inertial sensors with acoustic signals. However, their approaches did not consider sample rate drifts in analog-to-digital converters as well as many other realistic factors. As a result, few attacks demonstrated effective control over inertial sensors embedded in real systems. This work studies the out-of-band signal injection methods to deliver adversarial control to embedded MEMS inertial sensors and evaluates consequent vulnerabilities exposed in control systems relying on them. Acoustic signals injected into inertial sensors are out-of-band analog signals. Consequently, slight sample rate drifts could be amplified and cause deviations in the frequency of digital signals. Such deviations result in fluctuating sensor output; nevertheless, we characterize two methods to control the output: digital amplitude adjusting and phase pacing. Based on our analysis, we devise non-invasive attacks to manipulate the sensor output as well as the derived inertial information to deceive control systems. We test 25 devices equipped with MEMS inertial sensors and find that 17 of them could be implicitly controlled by our attacks. Furthermore, we investigate the generalizability of our methods and show the possibility to manipulate the digital output through signals with relatively low frequencies in the sensing channel., Comment: Original publication in the proceedings of the 27th USENIX Security Symposium, 2018

Published

2018

25. SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative Execution

Author

Chen, Guoxing, Chen, Sanchuan, Xiao, Yuan, Zhang, Yinqian, Lin, Zhiqiang, Lai, Ten H., Chen, Guoxing, Chen, Sanchuan, Xiao, Yuan, Zhang, Yinqian, Lin, Zhiqiang, and Lai, Ten H.

Abstract

This paper presents SgxPectre Attacks that exploit the recently disclosed CPU bugs to subvert the confidentiality and integrity of SGX enclaves. Particularly, we show that when branch prediction of the enclave code can be influenced by programs outside the enclave, the control flow of the enclave program can be temporarily altered to execute instructions that lead to observable cache-state changes. An adversary observing such changes can learn secrets inside the enclave memory or its internal registers, thus completely defeating the confidentiality guarantee offered by SGX. To demonstrate the practicality of our SgxPectre Attacks, we have systematically explored the possible attack vectors of branch target injection, approaches to win the race condition during enclave's speculative execution, and techniques to automatically search for code patterns required for launching the attacks. Our study suggests that any enclave program could be vulnerable to SgxPectre Attacks since the desired code patterns are available in most SGX runtimes (e.g., Intel SGX SDK, Rust-SGX, and Graphene-SGX). Most importantly, we have applied SgxPectre Attacks to steal seal keys and attestation keys from Intel signed quoting enclaves. The seal key can be used to decrypt sealed storage outside the enclaves and forge valid sealed data; the attestation key can be used to forge attestation signatures. For these reasons, SgxPectre Attacks practically defeat SGX's security protection. This paper also systematically evaluates Intel's existing countermeasures against SgxPectre Attacks and discusses the security implications.

Published

2018

26. FreeGuard: A Faster Secure Heap Allocator

Author

Silvestro, Sam, Liu, Hongyu, Crosser, Corey, Lin, Zhiqiang, Liu, Tongping, Silvestro, Sam, Liu, Hongyu, Crosser, Corey, Lin, Zhiqiang, and Liu, Tongping

Abstract

In spite of years of improvements to software security, heap-related attacks still remain a severe threat. One reason is that many existing memory allocators fall short in a variety of aspects. For instance, performance-oriented allocators are designed with very limited countermeasures against attacks, but secure allocators generally suffer from significant performance overhead, e.g., running up to 10x slower. This paper, therefore, introduces FreeGuard, a secure memory allocator that prevents or reduces a wide range of heap-related attacks, such as heap overflows, heap over-reads, use-after-frees, as well as double and invalid frees. FreeGuard has similar performance to the default Linux allocator, with less than 2% overhead on average, but provides significant improvement to security guarantees. FreeGuard also addresses multiple implementation issues of existing secure allocators, such as the issue of scalability. Experimental results demonstrate that FreeGuard is very effective in defending against a variety of heap-related attacks., Comment: 15 pages, 4 figures, to be published at CCS'17

Published

2017

27. Energy Attacks on Mobile Devices

Author

Kundu, Ashish, Lin, Zhiqiang, Hammond, Joshua, Kundu, Ashish, Lin, Zhiqiang, and Hammond, Joshua

Abstract

All mobile devices are energy-constrained. They use batteries that allows using the device for a limited amount of time. In general, energy attacks on mobile devices are denial of service (DoS) type of attacks. While previous studies have analyzed the energy attacks in servers, no existing work has analyzed the energy attacks on mobile devices. As such, in this paper, we present the first systematic study on how to exploit the energy attacks on smartphones. In particular, we explore energy attacks from the following aspect: hardware components, software resources, and network communications through the design and implementation of concrete malicious apps, and malicious web pages. We quantitatively show how quickly we can drain the battery through each individual attack, as well as their combinations. Finally, we believe energy exploit will be a practical attack vector and mobile users should be aware of this type of attacks.

Published

2017

28. Controllable Fabrication of Large-Area Wrinkled Graphene on a Solution Surface

Author

Chen, Wenjun, Gui, Xuchun, Liang, Binghao, Liu, Ming, Lin, Zhiqiang, Zhu, Yuan, Tang, Zikang, Chen, Wenjun, Gui, Xuchun, Liang, Binghao, Liu, Ming, Lin, Zhiqiang, Zhu, Yuan, and Tang, Zikang

Abstract

It is unavoidable to form wrinkles, which are folds or creases in a material, in graphene, whenever the graphene is prepared by micromechanical exfoliation from graphite or chemical vapor deposition (CVD). However, the controllable formation and structures of graphene with nanoscale wrinkles remains a big challenge. Here, we report a liquid-phase shrink method to controllably fabricate large area wrinkled graphene (WG). The CVD-prepared graphene self-shrinks into a WG on an ethanol solution surface. By modifying the concentration of the ethanol solution, we can easily and efficiently obtain WG with a uniform distribution of wrinkles with different heights. The WG shows high stretchability and can withstand more than 100% tensile strain and up to 720 degrees twist. Furthermore, electromechanical response sensors based on double-layer stacking of WG show ultrahigh sensitivity. This simple, effective, and environmentally friendly liquid-phase shrink method will pave a way for the controllable formation of WG, which is an ideal candidate for application in highly stretchable and highly sensitive electronic devices.

Published

2016

29. Controllable Fabrication of Large-Area Wrinkled Graphene on a Solution Surface

Author

Chen, Wenjun, Gui, Xuchun, Liang, Binghao, Liu, Ming, Lin, Zhiqiang, Zhu, Yuan, Tang, Zikang, Chen, Wenjun, Gui, Xuchun, Liang, Binghao, Liu, Ming, Lin, Zhiqiang, Zhu, Yuan, and Tang, Zikang

Abstract

It is unavoidable to form wrinkles, which are folds or creases in a material, in graphene, whenever the graphene is prepared by micromechanical exfoliation from graphite or chemical vapor deposition (CVD). However, the controllable formation and structures of graphene with nanoscale wrinkles remains a big challenge. Here, we report a liquid-phase shrink method to controllably fabricate large area wrinkled graphene (WG). The CVD-prepared graphene self-shrinks into a WG on an ethanol solution surface. By modifying the concentration of the ethanol solution, we can easily and efficiently obtain WG with a uniform distribution of wrinkles with different heights. The WG shows high stretchability and can withstand more than 100% tensile strain and up to 720 degrees twist. Furthermore, electromechanical response sensors based on double-layer stacking of WG show ultrahigh sensitivity. This simple, effective, and environmentally friendly liquid-phase shrink method will pave a way for the controllable formation of WG, which is an ideal candidate for application in highly stretchable and highly sensitive electronic devices.

Published

2016

30. Controllable Fabrication of Large-Area Wrinkled Graphene on a Solution Surface

Author

Chen, Wenjun, Gui, Xuchun, Liang, Binghao, Liu, Ming, Lin, Zhiqiang, Zhu, Yuan, Tang, Zikang, Chen, Wenjun, Gui, Xuchun, Liang, Binghao, Liu, Ming, Lin, Zhiqiang, Zhu, Yuan, and Tang, Zikang

Abstract

It is unavoidable to form wrinkles, which are folds or creases in a material, in graphene, whenever the graphene is prepared by micromechanical exfoliation from graphite or chemical vapor deposition (CVD). However, the controllable formation and structures of graphene with nanoscale wrinkles remains a big challenge. Here, we report a liquid-phase shrink method to controllably fabricate large area wrinkled graphene (WG). The CVD-prepared graphene self-shrinks into a WG on an ethanol solution surface. By modifying the concentration of the ethanol solution, we can easily and efficiently obtain WG with a uniform distribution of wrinkles with different heights. The WG shows high stretchability and can withstand more than 100% tensile strain and up to 720 degrees twist. Furthermore, electromechanical response sensors based on double-layer stacking of WG show ultrahigh sensitivity. This simple, effective, and environmentally friendly liquid-phase shrink method will pave a way for the controllable formation of WG, which is an ideal candidate for application in highly stretchable and highly sensitive electronic devices.

Published

2016

31. In-situ Welding Carbon Nanotubes into a Porous Solid with Super-high Compressive Strength and Fatigue Resistance

Author

Lin, Zhiqiang, Gui, Xuchun, Gan, Qiming, Chen, Wenjun, Cheng, Xiaoping, Liu, Ming, Zhu, Yuan, Yang, Yanbing, Cao, Anyuan, Tang, Zikang, Lin, Zhiqiang, Gui, Xuchun, Gan, Qiming, Chen, Wenjun, Cheng, Xiaoping, Liu, Ming, Zhu, Yuan, Yang, Yanbing, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotube (CNT) and graphene-based sponges and aerogels have an isotropic porous structure and their mechanical strength and stability are relatively lower. Here, we present a junction-welding approach to fabricate porous CNT solids in which all CNTs are coated and welded in situ by an amorphous carbon layer, forming an integral three-dimensional scaffold with fixed joints. The resulting CNT solids are robust, yet still highly porous and compressible, with compressive strengths up to 72 MPa, flexural strengths up to 33 MPa, and fatigue resistance (recovery after 100,000 large-strain compression cycles at high frequency). Significant enhancement of mechanical properties is attributed to the welding-induced interconnection and reinforcement of structural units, and synergistic effects stemming from the core-shell microstructures consisting of a flexible CNT framework and a rigid amorphous carbon shell. Our results provide a simple and effective method to manufacture high-strength porous materials by nanoscale welding.

Published

2015

32. In-situ Welding Carbon Nanotubes into a Porous Solid with Super-high Compressive Strength and Fatigue Resistance

Author

Lin, Zhiqiang, Gui, Xuchun, Gan, Qiming, Chen, Wenjun, Cheng, Xiaoping, Liu, Ming, Zhu, Yuan, Yang, Yanbing, Cao, Anyuan, Tang, Zikang, Lin, Zhiqiang, Gui, Xuchun, Gan, Qiming, Chen, Wenjun, Cheng, Xiaoping, Liu, Ming, Zhu, Yuan, Yang, Yanbing, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotube (CNT) and graphene-based sponges and aerogels have an isotropic porous structure and their mechanical strength and stability are relatively lower. Here, we present a junction-welding approach to fabricate porous CNT solids in which all CNTs are coated and welded in situ by an amorphous carbon layer, forming an integral three-dimensional scaffold with fixed joints. The resulting CNT solids are robust, yet still highly porous and compressible, with compressive strengths up to 72 MPa, flexural strengths up to 33 MPa, and fatigue resistance (recovery after 100,000 large-strain compression cycles at high frequency). Significant enhancement of mechanical properties is attributed to the welding-induced interconnection and reinforcement of structural units, and synergistic effects stemming from the core-shell microstructures consisting of a flexible CNT framework and a rigid amorphous carbon shell. Our results provide a simple and effective method to manufacture high-strength porous materials by nanoscale welding.

Published

2015

33. In-situ Welding Carbon Nanotubes into a Porous Solid with Super-high Compressive Strength and Fatigue Resistance

Author

Lin, Zhiqiang, Gui, Xuchun, Gan, Qiming, Chen, Wenjun, Cheng, Xiaoping, Liu, Ming, Zhu, Yuan, Yang, Yanbing, Cao, Anyuan, Tang, Zikang, Lin, Zhiqiang, Gui, Xuchun, Gan, Qiming, Chen, Wenjun, Cheng, Xiaoping, Liu, Ming, Zhu, Yuan, Yang, Yanbing, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotube (CNT) and graphene-based sponges and aerogels have an isotropic porous structure and their mechanical strength and stability are relatively lower. Here, we present a junction-welding approach to fabricate porous CNT solids in which all CNTs are coated and welded in situ by an amorphous carbon layer, forming an integral three-dimensional scaffold with fixed joints. The resulting CNT solids are robust, yet still highly porous and compressible, with compressive strengths up to 72 MPa, flexural strengths up to 33 MPa, and fatigue resistance (recovery after 100,000 large-strain compression cycles at high frequency). Significant enhancement of mechanical properties is attributed to the welding-induced interconnection and reinforcement of structural units, and synergistic effects stemming from the core-shell microstructures consisting of a flexible CNT framework and a rigid amorphous carbon shell. Our results provide a simple and effective method to manufacture high-strength porous materials by nanoscale welding.

Published

2015

34. Three-Dimensional Carbon Nanotube Sponge-Array Architectures with High Energy Dissipation

Author

Gui, Xuchun, Zeng, Zhiping, Zhu, Yuan, Li, Hongbian, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Cao, Anyuan, Tang, Zikang, Gui, Xuchun, Zeng, Zhiping, Zhu, Yuan, Li, Hongbian, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotube sponges and aligned arrays are seamlessly integrated into numerous possible configurations such as series, parallel, package, and sandwich complex structures, leading to significantly broadened stress plateau and enhanced energy dissipation. © 2013 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

Published

2014

35. Integrated random-aligned carbon nanotube layers: deformation mechanism under compression

Author

Zeng, Zhiping, Gui, Xuchun, Gan, Qiming, Lin, Zhiqiang, Zhu, Yuan, Zhang, Wenhui, Xiang, Rong, Cao, Anyuan, Tang, Zikang, Zeng, Zhiping, Gui, Xuchun, Gan, Qiming, Lin, Zhiqiang, Zhu, Yuan, Zhang, Wenhui, Xiang, Rong, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotubes have the potential to construct highly compressible and elastic macroscopic structures such as films, aerogels and sponges. The structure-related deformation mechanism determines the mechanical behavior of those structures and niche applications. Here, we show a novel strategy to integrate aligned and random nanotube layers and reveal their deformation mechanism under uniaxial compression with a Large range of strain and cyclic testing. Integrated nanotube Layers deform sequentially with different mechanisms due to the distinct morphology of each Layer. While the aligned Layer forms buckles under compression, nanotubes in the random Layer tend to be parallel and form bundles, resulting in the integration of quite different properties (strength and stiffness) and correspondingly distinct plateau regions in the stress-strain curves. Our results indicate a great promise of constructing hierarchical carbon nanotube structures with tailored energy absorption properties, for applications such as cushioning and buffering Layers in microelectromechanical systems.

Published

2014

36. Integrated random-aligned carbon nanotube layers: deformation mechanism under compression

Author

Zeng, Zhiping, Gui, Xuchun, Gan, Qiming, Lin, Zhiqiang, Zhu, Yuan, Zhang, Wenhui, Xiang, Rong, Cao, Anyuan, Tang, Zikang, Zeng, Zhiping, Gui, Xuchun, Gan, Qiming, Lin, Zhiqiang, Zhu, Yuan, Zhang, Wenhui, Xiang, Rong, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotubes have the potential to construct highly compressible and elastic macroscopic structures such as films, aerogels and sponges. The structure-related deformation mechanism determines the mechanical behavior of those structures and niche applications. Here, we show a novel strategy to integrate aligned and random nanotube layers and reveal their deformation mechanism under uniaxial compression with a Large range of strain and cyclic testing. Integrated nanotube Layers deform sequentially with different mechanisms due to the distinct morphology of each Layer. While the aligned Layer forms buckles under compression, nanotubes in the random Layer tend to be parallel and form bundles, resulting in the integration of quite different properties (strength and stiffness) and correspondingly distinct plateau regions in the stress-strain curves. Our results indicate a great promise of constructing hierarchical carbon nanotube structures with tailored energy absorption properties, for applications such as cushioning and buffering Layers in microelectromechanical systems.

Published

2014

37. Three-Dimensional Carbon Nanotube Sponge-Array Architectures with High Energy Dissipation

Author

Gui, Xuchun, Zeng, Zhiping, Zhu, Yuan, Li, Hongbian, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Cao, Anyuan, Tang, Zikang, Gui, Xuchun, Zeng, Zhiping, Zhu, Yuan, Li, Hongbian, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotube sponges and aligned arrays are seamlessly integrated into numerous possible configurations such as series, parallel, package, and sandwich complex structures, leading to significantly broadened stress plateau and enhanced energy dissipation. © 2013 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

Published

2014

38. Integrated random-aligned carbon nanotube layers: deformation mechanism under compression

Author

Zeng, Zhiping, Gui, Xuchun, Gan, Qiming, Lin, Zhiqiang, Zhu, Yuan, Zhang, Wenhui, Xiang, Rong, Cao, Anyuan, Tang, Zikang, Zeng, Zhiping, Gui, Xuchun, Gan, Qiming, Lin, Zhiqiang, Zhu, Yuan, Zhang, Wenhui, Xiang, Rong, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotubes have the potential to construct highly compressible and elastic macroscopic structures such as films, aerogels and sponges. The structure-related deformation mechanism determines the mechanical behavior of those structures and niche applications. Here, we show a novel strategy to integrate aligned and random nanotube layers and reveal their deformation mechanism under uniaxial compression with a Large range of strain and cyclic testing. Integrated nanotube Layers deform sequentially with different mechanisms due to the distinct morphology of each Layer. While the aligned Layer forms buckles under compression, nanotubes in the random Layer tend to be parallel and form bundles, resulting in the integration of quite different properties (strength and stiffness) and correspondingly distinct plateau regions in the stress-strain curves. Our results indicate a great promise of constructing hierarchical carbon nanotube structures with tailored energy absorption properties, for applications such as cushioning and buffering Layers in microelectromechanical systems.

Published

2014

39. Three-Dimensional Carbon Nanotube Sponge-Array Architectures with High Energy Dissipation

Author

Gui, Xuchun, Zeng, Zhiping, Zhu, Yuan, Li, Hongbian, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Cao, Anyuan, Tang, Zikang, Gui, Xuchun, Zeng, Zhiping, Zhu, Yuan, Li, Hongbian, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Cao, Anyuan, and Tang, Zikang

Abstract

Carbon nanotube sponges and aligned arrays are seamlessly integrated into numerous possible configurations such as series, parallel, package, and sandwich complex structures, leading to significantly broadened stress plateau and enhanced energy dissipation. © 2013 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

Published

2014

40. Controllable Synthesis of Spongy Carbon Nanotube Blocks with Tunable Macro- and Microstructures

Author

Gui, Xuchun, Lin, Zhiqiang, Zeng, Zhiping, Wang, Kunlin, Wu, Dehai, Tang, Zikang, Gui, Xuchun, Lin, Zhiqiang, Zeng, Zhiping, Wang, Kunlin, Wu, Dehai, and Tang, Zikang

Abstract

Macroscopic carbon nanotubes (CNTs) with uniform structures are in great demand for use in composites and environmental materials. Here we demonstrate the controlled synthesis of spongy CNT blocks with isotropic properties and flexible, freestanding structures. The formation mechanism of the isotropic CNT sponges is discussed, based on its open-ended structure and initial formation in the vapor phase. The microstructure of the CNT sponges can be tuned by changing the flow rate of the carrier gas, resulting in CNT sponges with diameters ranging from 30.2 to 47.8 nm and wall thicknesses from 7 to 16 nm. The bulk density (5-25 mg cm-3), mechanical strength of the CNT sponges, and filling rate of ferromagnetic catalyst in the CNT sponges can also be modulated by controlling the supply rate of the carbon source, suggesting potential applications in mechanical energy absorption and environmental materials. © 2013 IOP Publishing Ltd.

Published

2013

41. Carbon Nanotube Sponge-Array Tandem Composites with Extended Energy Absorption Range

Author

Zeng, Zhiping, Gui, Xuchun, Lin, Zhiqiang, Zhang, Luhui, Jia, Yi, Cao, Anyuan, Zhu, Yuan, Xiang, Rong, Wu, Tianzhun, Tang, Zikang, Zeng, Zhiping, Gui, Xuchun, Lin, Zhiqiang, Zhang, Luhui, Jia, Yi, Cao, Anyuan, Zhu, Yuan, Xiang, Rong, Wu, Tianzhun, and Tang, Zikang

Abstract

Tandem composites made by integrating random sponge and aligned array layers show wider energy absorption range than individual layers. These composites have potential applications in energy absorption and cushioning under mechanical compression. Copyright © 2013 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

Published

2013

42. Magnetic and Highly Recyclable Macroporous Carbon Nanotubes for Spilled Oil Sorption and Separation

Author

Gui, Xuchun, Zeng, Zhiping, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Zhu, Yuan, Cao, Anyuan, Tang, Zikang, Gui, Xuchun, Zeng, Zhiping, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Zhu, Yuan, Cao, Anyuan, and Tang, Zikang

Abstract

Development of sorbent materials with high selectivity and sorption capacity, easy collection and recyclability is demanding for spilled oil recovery. Although many sorption materials have been proposed, a systematic study on how they can be reused and possible performance degradation during regeneration remains absent. Here we report magnetic carbon nanotube sponges (Me-CNT sponge), which are porous structures consisting of interconnected CNTs with rich Fe encapsulation. The Me-CNT sponges show high mass sorption capacity for diesel oil reached 56 g/g, corresponding to a volume sorption capacity of 99%. The sponges are mechanically strong and oil can be squeezed out by compression. They can be recycled using through reclamation by magnetic force and desorption by simple heat treatment. The Me-CNT sponges maintain original structure, high capacity, and selectivity after 1000 sorption and reclamation cycles. Our results suggest that practical application of CNT macrostructures in the field of spilled oil recovery is feasible.

Published

2013

43. Controllable Synthesis of Spongy Carbon Nanotube Blocks with Tunable Macro- and Microstructures

Author

Gui, Xuchun, Lin, Zhiqiang, Zeng, Zhiping, Wang, Kunlin, Wu, Dehai, Tang, Zikang, Gui, Xuchun, Lin, Zhiqiang, Zeng, Zhiping, Wang, Kunlin, Wu, Dehai, and Tang, Zikang

Abstract

Macroscopic carbon nanotubes (CNTs) with uniform structures are in great demand for use in composites and environmental materials. Here we demonstrate the controlled synthesis of spongy CNT blocks with isotropic properties and flexible, freestanding structures. The formation mechanism of the isotropic CNT sponges is discussed, based on its open-ended structure and initial formation in the vapor phase. The microstructure of the CNT sponges can be tuned by changing the flow rate of the carrier gas, resulting in CNT sponges with diameters ranging from 30.2 to 47.8 nm and wall thicknesses from 7 to 16 nm. The bulk density (5-25 mg cm-3), mechanical strength of the CNT sponges, and filling rate of ferromagnetic catalyst in the CNT sponges can also be modulated by controlling the supply rate of the carbon source, suggesting potential applications in mechanical energy absorption and environmental materials. © 2013 IOP Publishing Ltd.

Published

2013

44. Carbon Nanotube Sponge-Array Tandem Composites with Extended Energy Absorption Range

Author

Zeng, Zhiping, Gui, Xuchun, Lin, Zhiqiang, Zhang, Luhui, Jia, Yi, Cao, Anyuan, Zhu, Yuan, Xiang, Rong, Wu, Tianzhun, Tang, Zikang, Zeng, Zhiping, Gui, Xuchun, Lin, Zhiqiang, Zhang, Luhui, Jia, Yi, Cao, Anyuan, Zhu, Yuan, Xiang, Rong, Wu, Tianzhun, and Tang, Zikang

Abstract

Tandem composites made by integrating random sponge and aligned array layers show wider energy absorption range than individual layers. These composites have potential applications in energy absorption and cushioning under mechanical compression. Copyright © 2013 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

Published

2013

45. Magnetic and Highly Recyclable Macroporous Carbon Nanotubes for Spilled Oil Sorption and Separation

Author

Gui, Xuchun, Zeng, Zhiping, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Zhu, Yuan, Cao, Anyuan, Tang, Zikang, Gui, Xuchun, Zeng, Zhiping, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Zhu, Yuan, Cao, Anyuan, and Tang, Zikang

Abstract

Development of sorbent materials with high selectivity and sorption capacity, easy collection and recyclability is demanding for spilled oil recovery. Although many sorption materials have been proposed, a systematic study on how they can be reused and possible performance degradation during regeneration remains absent. Here we report magnetic carbon nanotube sponges (Me-CNT sponge), which are porous structures consisting of interconnected CNTs with rich Fe encapsulation. The Me-CNT sponges show high mass sorption capacity for diesel oil reached 56 g/g, corresponding to a volume sorption capacity of 99%. The sponges are mechanically strong and oil can be squeezed out by compression. They can be recycled using through reclamation by magnetic force and desorption by simple heat treatment. The Me-CNT sponges maintain original structure, high capacity, and selectivity after 1000 sorption and reclamation cycles. Our results suggest that practical application of CNT macrostructures in the field of spilled oil recovery is feasible.

Published

2013

46. Controllable Synthesis of Spongy Carbon Nanotube Blocks with Tunable Macro- and Microstructures

Author

Gui, Xuchun, Lin, Zhiqiang, Zeng, Zhiping, Wang, Kunlin, Wu, Dehai, Tang, Zikang, Gui, Xuchun, Lin, Zhiqiang, Zeng, Zhiping, Wang, Kunlin, Wu, Dehai, and Tang, Zikang

Abstract

Macroscopic carbon nanotubes (CNTs) with uniform structures are in great demand for use in composites and environmental materials. Here we demonstrate the controlled synthesis of spongy CNT blocks with isotropic properties and flexible, freestanding structures. The formation mechanism of the isotropic CNT sponges is discussed, based on its open-ended structure and initial formation in the vapor phase. The microstructure of the CNT sponges can be tuned by changing the flow rate of the carrier gas, resulting in CNT sponges with diameters ranging from 30.2 to 47.8 nm and wall thicknesses from 7 to 16 nm. The bulk density (5-25 mg cm-3), mechanical strength of the CNT sponges, and filling rate of ferromagnetic catalyst in the CNT sponges can also be modulated by controlling the supply rate of the carbon source, suggesting potential applications in mechanical energy absorption and environmental materials. © 2013 IOP Publishing Ltd.

Published

2013

47. Magnetic and Highly Recyclable Macroporous Carbon Nanotubes for Spilled Oil Sorption and Separation

Author

Gui, Xuchun, Zeng, Zhiping, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Zhu, Yuan, Cao, Anyuan, Tang, Zikang, Gui, Xuchun, Zeng, Zhiping, Lin, Zhiqiang, Gan, Qiming, Xiang, Rong, Zhu, Yuan, Cao, Anyuan, and Tang, Zikang

Abstract

Development of sorbent materials with high selectivity and sorption capacity, easy collection and recyclability is demanding for spilled oil recovery. Although many sorption materials have been proposed, a systematic study on how they can be reused and possible performance degradation during regeneration remains absent. Here we report magnetic carbon nanotube sponges (Me-CNT sponge), which are porous structures consisting of interconnected CNTs with rich Fe encapsulation. The Me-CNT sponges show high mass sorption capacity for diesel oil reached 56 g/g, corresponding to a volume sorption capacity of 99%. The sponges are mechanically strong and oil can be squeezed out by compression. They can be recycled using through reclamation by magnetic force and desorption by simple heat treatment. The Me-CNT sponges maintain original structure, high capacity, and selectivity after 1000 sorption and reclamation cycles. Our results suggest that practical application of CNT macrostructures in the field of spilled oil recovery is feasible.

Published

2013

48. Carbon Nanotube Sponge-Array Tandem Composites with Extended Energy Absorption Range

Author

Zeng, Zhiping, Gui, Xuchun, Lin, Zhiqiang, Zhang, Luhui, Jia, Yi, Cao, Anyuan, Zhu, Yuan, Xiang, Rong, Wu, Tianzhun, Tang, Zikang, Zeng, Zhiping, Gui, Xuchun, Lin, Zhiqiang, Zhang, Luhui, Jia, Yi, Cao, Anyuan, Zhu, Yuan, Xiang, Rong, Wu, Tianzhun, and Tang, Zikang

Abstract

Tandem composites made by integrating random sponge and aligned array layers show wider energy absorption range than individual layers. These composites have potential applications in energy absorption and cushioning under mechanical compression. Copyright © 2013 WILEY-VCH Verlag GmbH & Co. KGaA, Weinheim.

Published

2013

49. Bin-Carver: Automatic Recovery of Binary Executable Files

Author

TEXAS A AND M UNIV COLLEGE STATION DEPT OF COMPUTER SCIENCE, Hand, Scott, Lin, Zhiqiang, Gu, Guofei, Thuraisingham, Bhavani, TEXAS A AND M UNIV COLLEGE STATION DEPT OF COMPUTER SCIENCE, Hand, Scott, Lin, Zhiqiang, Gu, Guofei, and Thuraisingham, Bhavani

Abstract

File carving is the process of reassembling files from disk fragments based on the file content in the absence of file system metadata. By leveraging both file header and footer pairs, traditional file carving mainly focuses on document and image files such as PDF and JPEG. With the vast amount of malware code appearing in the wild daily, recovery of binary executable files becomes an important problem, especially for the case in which malware deletes itself after compromising a computer. However, unlike image files that usually have both a header and footer pair, executable files only have header information, which makes the carving much harder. In this paper, we present Bin-Carver, a first-of-its-kind system to automatically recover executable files with deleted or corrupted metadata. The key idea is to explore the road map information defined in executable file headers and the explicit control flow paths present in the binary code. Our experiment with thousands of binary code files has shown our Bin-Carver to be incredibly accurate with an identification rate of 96.3% and recovery rate of 93.1% on average when handling file systems ranging from pristine to chaotic and highly fragmented., To appear in Proceedings of the 12th Annual Digital Forensics Research Conference (DFRWS'12), Washington DC, August 2012. Prepared in collaboration with the Department of Computer Science, The University of Texas at Dallas.

Published

2012

50. Deriving Input Syntactic Structure From Execution and Its Applications

Author

Lin, Zhiqiang, Zhang, Xiangyu, Lin, Zhiqiang, and Zhang, Xiangyu

Published

2008