Guoqiang Shu
Ph.D. (2008) Department of Computer Science and Engineering, The Ohio-State University M.E. (2003) Institute of Software, Chinese Academy of Sciences (ISCAS), Beijing B.S. (2000) Dept. of Computer Science and Technology, Peking University, Beijing E-mail:
shug [at] cse.ohio-state.edu
|
|
I have graduated
from The Ohio State University in June 2008. I now work for VMware Inc. in
Palo Alto, CA.
Please E-email me
for anything regarding my research and teaching.
|
Research Interests
I was a member of Network Research Labs led by my advisor Dr. David Lee. My Ph.D. study focused on security analysis of network protocol systems. I have proposed a state machine based formal model (Symbolic Parameterized Extended Finite State Machine, SP-EFSM) to describe the key functional and nonfunctional properties of network protocol, and designed algorithms to solve specific validation and testing problems. Unlike most existing ad-hoc security testing approaches, this methodology is protocol-independent and provides high level of automation. I have build software tools to support the formal model and algorithms. This methodology has been applied into various projects including the following:
· Virtual Cyber Security Testing Capability (funded by DoD) [HST’08, TESTCOM/FATES’08]
I was the lead developer of an out-of-box automated security testing solution funded by DoD. We proposed a new design for security testbed using hybrid network virtualization technique, and implemented an integrated solution including network modeling, test case specification and automated test execution. Our hybrid network emulator provided high fidelity by host virtualization and scalability by lightweight protocol stack emulation. We also developed an intermediate level test case description language that is suitable for security tests at various network protocol layers and that can be executed automatically on the emulated network.
· Model Based Fuzz Testing [ FORTE’08, ICNP’08]
Fuzz testing works by mutating the normal traffic at the ingress interface of a protocol component in order to reveal unwanted behaviors. We improved the quality and measurability of existing black-box fuzz testing technique by using an automatically synthesized formal protocol specification. Under our formal framework, the model could be synthesized either actively or passively. We defined some model-based coverage criteria and applied this method to discover crashes of both commercial and open source protocol implementations. In addition to network level fuzzing, I also implemented API level fuzzing using dynamic API interception which gave this approach boarder applicability.
· Theory of Protocol Fingerprinting [INFOCOM’06, NPSEC’07, ICDCS’07]
SP-EFSM model is used to describe the distinguishing I/O behavior of a protocol implementation by its states and transitions. A complete taxonomy of fingerprint matching and discovery problems is identified, based on (1) available information of candidate implementations (2) whether the experiment is active or passive. We map this taxonomy into problems in the formal methodology, implement and analyze the algorithms for each of them. This work is useful for intrusion detection, protocol reverse engineering, and network management.
I have also worked with Dr. Neelam Soundarajan to develop an approach of formally modeling and monitoring the design patterns.
During my study at Institute of Software CAS, I have conducted research in the area of real time embedded systems under the supervision of Dr. Mingshu Li. I participated in two Chinese NSF KEY Projects: “Geographic Processing oriented Real-time High-resolution SAR Imaging System (Nos. 69896250)” and “Modeling and Development of Real-time Software Systems (Nos. 69896250-3)”, which were among the first efforts in China to build an advanced SAR imaging system with our own intellectual property. My contribution was developing a Linux-based real-time host controller that includes a software stack of device driver, task scheduler and imaging applications. In 2003 I have been a visiting scholar at the Pontifical Catholic University of Parana, Brazil, where I extended the result of this work and completed my master thesis.
Teaching Experiences
· Lecturer of CSE201, Elementary Programming using Java, 2004-2006
· Lecturer of CSE459.22, Programming in C++, 2007
· Lab Instructor of CSE 200, Problem Solving using Business Software, 2007-2008
· Grader for various courses
Publications and Thesis
· (Ph.D. Thesis) Formal Methods and Tools for Testing Network Protocol System Security. The Ohio State University, 2008. [PDF]
· Y. Hsu, G. Shu and D. Lee, A Model-based Approach to Security Flaw Detection of Network Protocol Implementation, IEEE ICNP, 2008. [PDF]
· P. Pederson, D. Lee, G. Shu, D. Chen, Z. Liu, N. Li and L. Sang, Virtual Cyber-Security Testing Capability for Large Scale Distributed Information Infrastructure Protection, IEEE International Conference on Technologies for Homeland Security (HST), 2008. [PDF]
· G. Shu, D. Chen, Z. Liu, N. Li, L. Sang and D. Lee, VCSTC: Virtual Cyber Security Testing Capability - An Application Oriented Paradigm for Network Infra-structure Protection, IFIP WG6.1 TESTCOM/FATES, LNCS Vol.5047, 2008. [PDF]
· G. Shu, Y. Hsu and D. Lee, Detecting Communication Protocol Security Flaws by Formal Fuzz Testing and Machine Learning, IFIP WG6.1 FORTE, LNCS Vol.5048, 2008. [PDF]
· N. Soundarajan, J. O.Hallstrom, G. Shu and A. Delibas, Patterns: From System Design to Software Testing. Journal of Innovations in Systems and Software Engineering, Vol. 3(5), Springer, 2008. [PDF]
· G. Shu and D. Lee, Minutiae: A Formal Methodology for Accurate Protocol Fingerprinting, The 3rd Annual Workshop on Secure Network Protocols (NPSEC, in conjunction with ICNP), 2007. [PDF]
· G. Shu and D. Lee, Testing Security Properties of Protocol Implementations – a Machine Learning Based Approach, IEEE ICDCS, 2007. [PDF]
· N. Soundarajan, J.O.Hallstrom, A. Delibas and G. Shu, Testing Patterns, IEEE 31st Annual Software Engineering Workshop (SEW-31), Baltimore, 2007. [PDF]
· Z. Liu, G. Shu, N. Li and D. Lee, Defending Against Instant Messaging Worms, IEEE GLOBECOM, San Francisco, 2006. [PDF]
· G. Shu and D. Lee, Message Confidentiality Testing of Security Protocols - Passive Monitoring and Active Checking, IFIP TESTCOM, LNCS Vol.3964, New York, 2006. [PDF]
· G. Shu, D. Lee and M. Yannakakis, A Note on Broadcast Encryption Key Management with Applications to Large Scale Emergency Alert Systems, 2nd International Workshop on Security in Systems and Networks (SSN, in conjunction with IPDPS), Rhodes Island, 2006. [PDF]
· G. Shu and D. Lee, Network Protocol System Fingerprinting – A Formal Approach, IEEE INFOCOM, 2006. [PDF]
· G. Shu and D. Lee, (Poster) Defending Against Internet Host Fingerprinting - Towards an Outermost Barrier of Cyberspace Security, Research & Development Partnerships in Homeland Security, Boston, 2005. [PDF]
Publication before coming to Ohio State (published during master program, some in Chinese) [List in Chinese]
· L. Yang, W. Wang, G. Shu and X. Yang. (in Chinese) Divert IP Datagram Based on Network Protocol of Linux, Journal of Computer Engineering, Vol.12(30), 43-44, 2004
· G. Shu, Q. Wang, M. Li. (in Chinese) A Novel Solution of Embedded Host Controller in Real-time SAR Imaging Systems, Journal of Computer Research and Development, Vol.40(1),33-39,2003
· Q. Wang, Y. Zou, G. Shu and M. Li. (in Chinese) A Real-Time System Solution Supporting Real-Time Imaging of High Resolution of SAR, Journal of Computer Research and Development, Vol.40(1),33-39,2003
· G. Shu, C. Li, Q. Wang and M. Li, Validating Object-oriented Prototypes of Real-time Systems with Timed Automata, IEEE 13th International Workshop on Rapid System Prototyping (RSP), Germany, 2002. [PDF]
· G. Shu and A. Pan. (in Chinese) A Research on Multi-Method Dispatch Extension in Java. Journal of Computer Engineering and Application, Vol.38, 100-105, 2002
· G. Shu and G. Lv. (in Chinese) A Research on Generic Java language Extension, in Proceedings of the 4th Chinese National Conference on Java Technology and Application, pp 80-86, China, 2001
· (Master Thesis, in Chinese) Study on Schedulability Analysis and Automatic Code Generation of Object-Oriented Real-Time Software Systems. Institute of Software, Chinese Academy of Sciences, China, 2003. [PDF]
Personal
§ My favorite sport is soccer. For the last 5 years I have played with Benchball club of OSU
§ I am an NCAA football fan, not surprisingly. I look forward to the day when our Buckeyes return to the top.
§ I play a little bit folk guitar, and have my own favorite Chinese folk songs. Here are some videos of me playing (warning: the browser will be first redirected to a page containing a random list of undefendable malwares)