软件与网络安全、系统安全和攻防

   

083900-网络空间安全

网络与软件安全,系统安全与测评

   

1993~2000 云南大学计算机科学系 硕士&学士
2000~2005 中国科学院软件研究所  博士

2000~2001 澳大利亚昆士兰大学高级访问学者

软件测试与安全分析

易秋萍、刘剑、汪孙律、一种快速的循环扩展检测方法 （201110137793.8）
汪孙律、张弦、李斌、刘剑、严俊 进程通信系统建模和分析软件（2010R11S069155）
汪孙律、张弦、李斌、刘剑、严俊 过程间代码边界检测软件（2010SR056505）

   

[1] Jian Liu, Qingsai Xiao, Liling Xin, Qiuyun Wang, Yepeng Yao, Zhengwei Jiang. M3F: A novel multi-session and multi-protocol based malware traffic fingerprinting. COMPUTER NETWORKS[J]. 2023, 227: [2] Jian Liu, Qingsai Xiao, Zhengwei Jiang, Yepeng Yao, Qiuyun Wang. Effectiveness Evaluation of Evasion Attack on Encrypted Malicious Traffic Detection. IEEE Wireless Communications and Networking Conference (WCNC2022 IEEE Wireless Communications and Networking Conferencenull. 2022, [3] Liu Jian, Lin Yi, Weiteng Chen, Chenyu Song, Zhiyun Qian, Qiuping Yi. LinKRID: Vetting Imbalance Reference Counting in Linux kernel with Symbolic Execution. The 31st Usenix Security Symposium[J]. 2022, [4] Jian Liu, Junjie Yan, Jun Jiang, Yitong He, Xuren Wang, Zhengwei Jiang, Peian Yang, Ning Li. TriCTI: an actionable cyber threat intelligence discovery system via trigger-enhanced neural network. CYBERSECURITY[J]. 2022, 5(1): 1-16, https://doaj.org/article/055c3d99e30c4411a52ab61fcc884ab9.
[5] Xingran Hao, Zhengwei Jiang, Qingsai Xiao, Qiuyun Wang, Yepeng Yao, Baoxu Liu, Jian Liu. Producing More with Less: A GAN-based Network Attack Detection Approach for Imbalanced Data. 24th IEEE International Conference on Computer Supported Cooperative Work in Design (IEEE CSCWD)[J]. 2021, 384-390, [6] Wang, Xiaoyu, Gong, Xiaorui, Yu, Lei, Liu, Jian. MAAC: Novel Alert Correlation Method To Detect Multi-step Attack. 2021, [7] Marko Hlbl, Kai Rannenberg, Tatjana Welzer, Can Yang, Jian Liu, Mengxia Luo, Xiaorui Gong, Baoxu Liu. RouAlign: Cross-Version Function Alignment and Routine Recovery with Graphlet Edge Embedding. ICT SYSTEMS SECURITY AND PRIVACY PROTECTION. 2020, 580: 155-170, https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7978991/.
[8] Li, Menghao, Wang, Pei, Wang, Wei, Wang, Shuai, Wu, Dinghao, Liu, Jian, Xue, Rui, Huo, Wei, Zou, Wei. Large-Scale Third-Party Library Detection in Android Markets. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING[J]. 2020, 46(9): 981-1003, [9] Qingsai Xiao, Quiyun Wang, Jian Liu, Zhengwei Jiang, Xuren Wang, Yepeng Yao. Towards Network Anomaly Detection Using Graph Embedding. COMPUTATIONAL SCIENCE – ICCS 2020null. 2020, 12140: 156-169, [10] Luo, Lannan, Zeng, Qiang, Cao, Chen, Chen, Kai, Liu, Jian, Liu, Limin, Gao, Neng, Yang, Min, Xing, Xinyu, Liu, Peng. Tainting-Assisted and Context-Migrated Symbolic Execution of Android Framework for Vulnerability Discovery and Exploit Generation. IEEE TRANSACTIONS ON MOBILE COMPUTING[J]. 2020, 19(12): 2946-2964, http://dx.doi.org/10.1109/TMC.2019.2936561.
[11] Fangli Ren, Zhengwei Jiang, Xuren Wang, Jian Liu. A DGA domain names detection modeling method based on integrating an attention mechanism and deep neural network. CYBERSECURITY[J]. 2020, 3(1): 1-13, http://lib.cqvip.com/Qikan/Article/Detail?id=7103849810.
[12] 陈小全, 刘剑, 刘昱鑫, 张国荣. 一种针对云平台的缓存侧信道攻击方法研究. 价值工程[J]. 2020, 39(4): 269-273, http://lib.cqvip.com/Qikan/Article/Detail?id=7100957410.
[13] Liu Jian. A Session-Packets-based Encrypted Traffic Classification using Capsule Neural Networks. HPCC. 2019, [14] Zhang, Tao, Li, Haoming, Xu, Zhou, Liu, Jian, Huang, Rubing, Shen, Yiran. Labelling issue reports in mobile apps. IET SOFTWARE[J]. 2019, 13(6): 528-542, http://dx.doi.org/10.1049/iet-sen.2018.5420.
[15] Ren, Fangli, Jiang, Zhengwei, Liu, Jian. Integrating an Attention Mechanism and Deep Neural Network for Detection of DGA Domain Names. 2019 IEEE 31ST INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE (ICTAI 2019)null. 2019, 848-855, [16] 刘剑, 苏璞睿, 杨珉, 和亮, 张源, 朱雪阳, 林惠民. 软件与网络安全研究综述. 软件学报[J]. 2018, 29(1): 42-68, http://lib.cqvip.com/Qikan/Article/Detail?id=674317699.
[17] 刘剑. 模型驱动的SAML单点登录系统的安全测试技术. 计算机应用. 2018, [18] Yi, Qiuping, Yang, Zijiang, Guo, Shengjian, Wang, Chao, Liu, Jian, Zhao, Chen. Eliminating Path Redundancy via Postconditioned Symbolic Execution. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING[J]. 2018, 44(1): 25-43, https://www.webofscience.com/wos/woscc/full-record/WOS:000422693800004.
[19] Rui Xue. Large-scale Third-party Library Detection in Android Markets.. IEEE Transactions on Software Engineering（TSE）. 2018, [20] Li, Menghao, Wang, Wei, Wang, Pei, Wang, Shuai, Wu, Dinghao, Liu, Jian, Xue, Rui, Huo, Wei, IEEE. LibD: Scalable and Precise Third-party Library Detection in Android Markets. 2017 IEEE/ACM 39TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE)null. 2017, 335-346, [21] Luo, Lannan, Zeng, Qiang, Cao, Chen, Chen, Kai, Liu, Jian, Liu, Limin, Gao, Neng, Yang, Min, Xing, Xinyu, Liu, Peng, Assoc Comp Machinery. System Service Call-oriented Symbolic Execution of Android Framework with Applications to Vulnerability Discovery and Exploit Generation. MOBISYS'17: PROCEEDINGS OF THE 15TH ANNUAL INTERNATIONAL CONFERENCE ON MOBILE SYSTEMS, APPLICATIONS, AND SERVICESnull. 2017, 225-238, http://dx.doi.org/10.1145/3081333.3081361.
[22] Jian Zhang. A deployable sampling strategy for data race detection. Proc. FSE. 2016, [23] Yi Qiuping, Yang Zijiang, Liu Jian, Zhao Chen, Wang Chao, IEEE. A Synergistic Analysis Method for Explaining Failed Regression Tests. 2015 IEEE/ACM 37TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, VOL 1null. 2015, 257-267, http://dx.doi.org/10.1109/ICSE.2015.46.
[24] 孙可钦, 王玉庆, 刘剑, 杨秋松, 马越. 一种基于微内核操作系统进程间通信恢复方法. 计算机应用与软件[J]. 2015, 32(6): 9-13, http://lib.cqvip.com/Qikan/Article/Detail?id=665233748.
[25] Yi, Qiuping, Yang, Zijiang, Liu, Jian, Zhao, Chen, Wang, Chao. Explaining Software Failures by Cascade Fault Localization. ACM TRANSACTIONS ON DESIGN AUTOMATION OF ELECTRONIC SYSTEMS[J]. 2015, 20(3): [26] 周艺, 易秋萍, 刘剑, 淮晓永. 一种基于单条程序执行路径的错误定位方法. 计算机系统应用[J]. 2014, 23(10): 112-118, http://lib.cqvip.com/Qikan/Article/Detail?id=662825637.
[27] 王云飞, 刘剑, 马越. 基于锁信息的多线程软件原子性错误检测方法. 计算机应用与软件[J]. 2014, 31(6): 1-4, http://lib.cqvip.com/Qikan/Article/Detail?id=50011282.
[28] Liu Jian. Program Structure Aware Fault Localization. Procceding of InnoSWDev workshop, The 22nd ACM SIGSOFT International Symposium on the Foundations of Software Engineering，2014. 2014, [29] Qiao Ying, Leng Chang, Wang Hongan, Liu Jian. Developing a real-time inference approach for rule-based reasoning systems. 2013 Research in Adaptive and Convergent Systems, RACS 2013null. 2013, 22-27, http://ir.iscas.ac.cn/handle/311060/16665.
[30] 刘剑, 孙可钦, 汪孙律. 基于控制流挖掘的Android系统代码漏洞分析. 清华大学学报(自然科学版)[J]. 2012, 52(10): 1335-1339, [31] 李斌, 马越, 李潇, 刘剑. 航天嵌入式操作系统的分析与验证. 载人航天[J]. 2012, 18(6): 69-74, http://lib.cqvip.com/Qikan/Article/Detail?id=44100456.
[32] 李潇, 刘剑, 易秋萍. 一种并发程序原子性错误的检测方法及工具. 计算机应用与软件[J]. 2012, 29(11): 92-94, http://lib.cqvip.com/Qikan/Article/Detail?id=43972053.
[33] Liu Jian. Effficient Loop-extended Model Checking of Data Structure Methods. Proceeding of ASEA 2011. 2011, [34] Liu Jian. Supporting Flexibile Reification of Design Patterns. Proceeding of APSIC 2010. 2010, [35] 易秋萍, 刘剑, 武术. 面向访问验证保护级的安全VMM形式化原型系统设计和实现. 计算机科学[J]. 2010, 37(12): 85-90, http://lib.cqvip.com/Qikan/Article/Detail?id=36079409.
[36] Sunlv Wang, Jian Liu, Qiuping Yi, Xian Zhang. Model checking a secure hypervisor. 2010, 119-122, http://124.16.136.157/handle/311060/8828.
[37] Liu Jian. Diagnose Model Checking for Value-passing CCS. In Proc. of the Automated Technology for Verification and Analysis(ATVA’2003). 2003, [38] 林惠民. 谓词μ演算和模态图的语义一致性. 软件学报[J]. 2003, 14(10): 67-68, http://lib.cqvip.com/Qikan/Article/Detail?id=8598439.0.
[39] 刘剑. 谓词u演算和模态图的语义一致性. 软件学报. 2003, [40] 林惠民. 传值进程模型检测中诊断信息的生成. 软件学报[J]. 2003, 14(1): 1-8, http://lib.cqvip.com/Qikan/Article/Detail?id=7277903.0.
[41] 刘剑, 和伟民, 金钊, 李彤. 交互式环境下基于层次分解的并行变换技术. 计算机研究与发展[J]. 1999, 36(6): 705-, http://lib.cqvip.com/Qikan/Article/Detail?id=3637410.
[42] 刘剑. 一种并发软件规约方法的框架. 计算机科学. 1999, [43] Dong, Shuaike, Li, Menghao, Diao, Wenrui, Liu, Xiangyu, Liu, Jian, Li, Zhou, Xu, Fenghao, Chen, Kai, Wang, Xiaofeng, Zhang, Kehuan. Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild. http://arxiv.org/abs/1801.01633.

   

（ 1 ） 面向国标第五级安全操作系统原型系统研发, 参与, 部委级, 2008-10--2012-06
（ 2 ） “核高基”, 参与, 国家级, 2012-01--2014-12
（ 3 ） 某云计算平台安全分析, 主持, 省级, 2015-06--2017-06

现指导学生

王云飞  硕士研究生  081202-计算机软件与理论