BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Xiuzhen Cheng

Xiuzhen Cheng contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityDistributed, Parallel, and Cluster ComputingComputer Science and Game TheoryMachine LearningArtificial Intelligencecs.CYeess.SYMultimediaNetworking and Internet ArchitectureSystems and Control

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author
20works
0followers
10topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

20 published item(s)

preprint2026arXiv

Low Rank Comes with Low Security: Gradient Assembly Poisoning Attacks against Distributed LoRA-based LLM Systems

Low-Rank Adaptation (LoRA) has become a popular solution for fine-tuning large language models (LLMs) in federated settings, dramatically reducing update costs by introducing trainable low-rank matrices. However, when integrated with frameworks like FedIT, LoRA introduces a critical vulnerability: clients submit $A$ and $B$ matrices separately, while only their product $AB$ determines the model update, yet this composite is never directly verified. We propose Gradient Assembly Poisoning (GAP), a novel attack that exploits this blind spot by crafting individually benign $A$ and $B$ matrices whose product yields malicious updates. GAP operates without access to training data or inter-client coordination and remains undetected by standard anomaly detectors. We identify four systemic vulnerabilities in LoRA-based federated systems and validate GAP across LLaMA, ChatGLM, and GPT-2. GAP consistently induces degraded or biased outputs while preserving surface fluency, reducing BLEU by up to 14.5\%, increasing factual and grammatical errors by over 800\%, and maintaining 92.6\% long-form response length. These results reveal a new class of stealthy, persistent threats in distributed LoRA fine-tuning.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

Second-Order Convergence in Private Stochastic Non-Convex Optimization

We investigate the problem of finding second-order stationary points (SOSP) in differentially private (DP) stochastic non-convex optimization. Existing methods suffer from two key limitations: (i) inaccurate convergence error rate due to overlooking gradient variance in the saddle point escape analysis, and (ii) dependence on auxiliary private model selection procedures for identifying DP-SOSP, which can significantly impair utility, particularly in distributed settings. To address these issues, we propose a generic perturbed stochastic gradient descent (PSGD) framework built upon Gaussian noise injection and general gradient oracles. A core innovation of our framework is using model drift distance to determine whether PSGD escapes saddle points, ensuring convergence to approximate local minima without relying on second-order information or additional DP-SOSP identification. By leveraging the adaptive DP-SPIDER estimator as a specific gradient oracle, we develop a new DP algorithm that rectifies the convergence error rates reported in prior work. We further extend this algorithm to distributed learning with heterogeneous data, providing the first formal guarantees for finding DP-SOSP in such settings. Our analysis also highlights the detrimental impacts of private selection procedures in distributed learning under high-dimensional models, underscoring the practical benefits of our design. Numerical experiments on real-world datasets validate the efficacy of our approach.

0 citations0 reviewsNo code linkedOpen access
preprint2025arXiv

Distributed Bilevel Optimization with Dual Pruning for Resource-limited Clients

With the development of large-scale models, traditional distributed bilevel optimization algorithms cannot be applied directly in low-resource clients. The key reason lies in the excessive computation involved in optimizing both the lower- and upper-level functions. Thus, we present the first resource-adaptive distributed bilevel optimization framework with a second-order free hypergradient estimator, which allows each client to optimize the submodels adapted to the available resources. Due to the coupled influence of partial outer parameters x and inner parameters y, it's challenging to theoretically analyze the upper bound regarding the globally averaged hypergradient for full model parameters. The error bound of inner parameter also needs to be reformulated since the local partial training. The provable theorems show that both RABO and RAFBO can achieve an asymptotically optimal convergence rate of $O(1/\sqrt{C_x^{\ast}Q})$, which is dominated by the minimum coverage of the outer parameter $C_x^{\ast}$. Extensive experiments on two different tasks demonstrate the effectiveness and computation efficiency of our proposed methods.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

ASM2TV: An Adaptive Semi-Supervised Multi-Task Multi-View Learning Framework for Human Activity Recognition

Many real-world scenarios, such as human activity recognition (HAR) in IoT, can be formalized as a multi-task multi-view learning problem. Each specific task consists of multiple shared feature views collected from multiple sources, either homogeneous or heterogeneous. Common among recent approaches is to employ a typical hard/soft sharing strategy at the initial phase separately for each view across tasks to uncover common knowledge, underlying the assumption that all views are conditionally independent. On the one hand, multiple views across tasks possibly relate to each other under practical situations. On the other hand, supervised methods might be insufficient when labeled data is scarce. To tackle these challenges, we introduce a novel framework ASM2TV for semi-supervised multi-task multi-view learning. We present a new perspective named gating control policy, a learnable task-view-interacted sharing policy that adaptively selects the most desirable candidate shared block for any view across any task, which uncovers more fine-grained task-view-interacted relatedness and improves inference efficiency. Significantly, our proposed gathering consistency adaption procedure takes full advantage of large amounts of unlabeled fragmented time-series, making it a general framework that accommodates a wide range of applications. Experiments on two diverse real-world HAR benchmark datasets collected from various subjects and sources demonstrate our framework's superiority over other state-of-the-arts. The detailed codes are available at https://github.com/zachstarkk/ASM2TV.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

BLOWN: A Blockchain Protocol for Single-Hop Wireless Networks under Adversarial SINR

Known as a distributed ledger technology (DLT), blockchain has attracted much attention due to its properties such as decentralization, security, immutability and transparency, and its potential of servicing as an infrastructure for various applications. Blockchain can empower wireless networks with identity management, data integrity, access control, and high-level security. However, previous studies on blockchain-enabled wireless networks mostly focus on proposing architectures or building systems with popular blockchain protocols. Nevertheless, such existing protocols have obvious shortcomings when adopted in wireless networks where nodes may have limited physical resources, may fall short of well-established reliable channels, or may suffer from variable bandwidths impacted by environments or jamming attacks. In this paper, we propose a novel consensus protocol named Proof-of-Channel (PoC) leveraging the natural properties of wireless communications, and develop a permissioned BLOWN protocol (BLOckchain protocol for Wireless Networks) for single-hop wireless networks under an adversarial SINR model. We formalize BLOWN with the universal composition framework and prove its security properties, namely persistence and liveness, as well as its strengths in countering against adversarial jamming, double-spending, and Sybil attacks, which are also demonstrated by extensive simulation studies.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Decentralized Wireless Federated Learning with Differential Privacy

This paper studies decentralized federated learning algorithms in wireless IoT networks. The traditional parameter server architecture for federated learning faces some problems such as low fault tolerance, large communication overhead and inaccessibility of private data. To solve these problems, we propose a Decentralized-Wireless-Federated-Learning algorithm called DWFL. The algorithm works in a system where the workers are organized in a peer-to-peer and server-less manner, and the workers exchange their privacy preserving data with the analog transmission scheme over wireless channels in parallel. With rigorous analysis, we show that DWFL satisfies $(ε,δ)$-differential privacy and the privacy budget per worker scales as $\mathcal{O}(\frac{1}{\sqrt{N}})$, in contrast with the constant budget in the orthogonal transmission approach. Furthermore, DWFL converges at the same rate of $\mathcal{O}(\sqrt{\frac{1}{TN}})$ as the best known centralized algorithm with a central parameter server. Extensive experiments demonstrate that our algorithm DWFL also performs well in real settings.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

DP2-Pub: Differentially Private High-Dimensional Data Publication with Invariant Post Randomization

A large amount of high-dimensional and heterogeneous data appear in practical applications, which are often published to third parties for data analysis, recommendations, targeted advertising, and reliable predictions. However, publishing these data may disclose personal sensitive information, resulting in an increasing concern on privacy violations. Privacy-preserving data publishing has received considerable attention in recent years. Unfortunately, the differentially private publication of high dimensional data remains a challenging problem. In this paper, we propose a differentially private high-dimensional data publication mechanism (DP2-Pub) that runs in two phases: a Markov-blanket-based attribute clustering phase and an invariant post randomization (PRAM) phase. Specifically, splitting attributes into several low-dimensional clusters with high intra-cluster cohesion and low inter-cluster coupling helps obtain a reasonable allocation of privacy budget, while a double-perturbation mechanism satisfying local differential privacy facilitates an invariant PRAM to ensure no loss of statistical information and thus significantly preserves data utility. We also extend our DP2-Pub mechanism to the scenario with a semi-honest server which satisfies local differential privacy. We conduct extensive experiments on four real-world datasets and the experimental results demonstrate that our mechanism can significantly improve the data utility of the published data while satisfying differential privacy.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Extending On-chain Trust to Off-chain -- Trustworthy Blockchain Data Collection using Trusted Execution Environment (TEE)

Blockchain creates a secure environment on top of strict cryptographic assumptions and rigorous security proofs. It permits on-chain interactions to achieve trustworthy properties such as traceability, transparency, and accountability. However, current blockchain trustworthiness is only confined to on-chain, creating a "trust gap" to the physical, off-chain environment. This is due to the lack of a scheme that can truthfully reflect the physical world in a real-time and consistent manner. Such an absence hinders further real-world blockchain applications, especially for security-sensitive ones. In this paper, we propose a scheme to extend blockchain trust from on-chain to off-chain, and take trustworthy vaccine transportation as an example. Our scheme consists of 1) a Trusted Execution Environment (TEE)-enabled trusted environment monitoring system built with the Arm Cortex-M33 microcontroller that continuously senses the inside of a vaccine box through trusted sensors and generates anti-forgery data; and 2) a consistency protocol to upload the environment status data from the TEE system to blockchain in a truthful, real-time consistent, continuous and fault-tolerant fashion. Our security analysis indicates that no adversary can tamper with the vaccine in any way without being captured. We carry out an experiment to record the internal status of a vaccine shipping box during transportation, and the results indicate that the proposed system incurs an average latency of 84 ms in local sensing and processing followed by an average latency of 130 ms to have the sensed data transmitted to and available in the blockchain.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Harnessing Context for Budget-Limited Crowdsensing with Massive Uncertain Workers

Crowdsensing is an emerging paradigm of ubiquitous sensing, through which a crowd of workers are recruited to perform sensing tasks collaboratively. Although it has stimulated many applications, an open fundamental problem is how to select among a massive number of workers to perform a given sensing task under a limited budget. Nevertheless, due to the proliferation of smart devices equipped with various sensors, it is very difficult to profile the workers in terms of sensing ability. Although the uncertainties of the workers can be addressed by standard Combinatorial Multi-Armed Bandit (CMAB) framework through a trade-off between exploration and exploitation, we do not have sufficient allowance to directly explore and exploit the workers under the limited budget. Furthermore, since the sensor devices usually have quite limited resources, the workers may have bounded capabilities to perform the sensing task for only few times, which further restricts our opportunities to learn the uncertainty. To address the above issues, we propose a Context-Aware Worker Selection (CAWS) algorithm in this paper. By leveraging the correlation between the context information of the workers and their sensing abilities, CAWS aims at maximizing the expected total sensing revenue efficiently with both budget constraint and capacity constraints respected, even when the number of the uncertain workers is massive. The efficacy of CAWS can be verified by rigorous theoretical analysis and extensive experiments.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Learning Graph Structures with Transformer for Multivariate Time Series Anomaly Detection in IoT

Many real-world IoT systems, which include a variety of internet-connected sensory devices, produce substantial amounts of multivariate time series data. Meanwhile, vital IoT infrastructures like smart power grids and water distribution networks are frequently targeted by cyber-attacks, making anomaly detection an important study topic. Modeling such relatedness is, nevertheless, unavoidable for any efficient and effective anomaly detection system, given the intricate topological and nonlinear connections that are originally unknown among sensors. Furthermore, detecting anomalies in multivariate time series is difficult due to their temporal dependency and stochasticity. This paper presented GTA, a new framework for multivariate time series anomaly detection that involves automatically learning a graph structure, graph convolution, and modeling temporal dependency using a Transformer-based architecture. The connection learning policy, which is based on the Gumbel-softmax sampling approach to learn bi-directed links among sensors directly, is at the heart of learning graph structure. To describe the anomaly information flow between network nodes, we introduced a new graph convolution called Influence Propagation convolution. In addition, to tackle the quadratic complexity barrier, we suggested a multi-branch attention mechanism to replace the original multi-head self-attention method. Extensive experiments on four publicly available anomaly detection benchmarks further demonstrate the superiority of our approach over alternative state-of-the-arts. Codes are available at https://github.com/ZEKAICHEN/GTA.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

MalFox: Camouflaged Adversarial Malware Example Generation Based on Conv-GANs Against Black-Box Detectors

Deep learning is a thriving field currently stuffed with many practical applications and active research topics. It allows computers to learn from experience and to understand the world in terms of a hierarchy of concepts, with each being defined through its relations to simpler concepts. Relying on the strong capabilities of deep learning, we propose a convolutional generative adversarial network-based (Conv-GAN) framework titled MalFox, targeting adversarial malware example generation against third-party black-box malware detectors. Motivated by the rival game between malware authors and malware detectors, MalFox adopts a confrontational approach to produce perturbation paths, with each formed by up to three methods (namely Obfusmal, Stealmal, and Hollowmal) to generate adversarial malware examples. To demonstrate the effectiveness of MalFox, we collect a large dataset consisting of both malware and benignware programs, and investigate the performance of MalFox in terms of accuracy, detection rate, and evasive rate of the generated adversarial malware examples. Our evaluation indicates that the accuracy can be as high as 99.0% which significantly outperforms the other 12 well-known learning models. Furthermore, the detection rate is dramatically decreased by 56.8% on average, and the average evasive rate is noticeably improved by up to 56.2%.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Malware-on-the-Brain: Illuminating Malware Byte Codes with Images for Malware Classification

Malware is a piece of software that was written with the intent of doing harm to data, devices, or people. Since a number of new malware variants can be generated by reusing codes, malware attacks can be easily launched and thus become common in recent years, incurring huge losses in businesses, governments, financial institutes, health providers, etc. To defeat these attacks, malware classification is employed, which plays an essential role in anti-virus products. However, existing works that employ either static analysis or dynamic analysis have major weaknesses in complicated reverse engineering and time-consuming tasks. In this paper, we propose a visualized malware classification framework called VisMal, which provides highly efficient categorization with acceptable accuracy. VisMal converts malware samples into images and then applies a contrast-limited adaptive histogram equalization algorithm to enhance the similarity between malware image regions in the same family. We provided a proof-of-concept implementation and carried out an extensive evaluation to verify the performance of our framework. The evaluation results indicate that VisMal can classify a malware sample within 4.0ms and have an average accuracy of 96.0%. Moreover, VisMal provides security engineers with a simple visualization approach to further validate its performance.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

Online Learning for Failure-aware Edge Backup of Service Function Chains with the Minimum Latency

Virtual network functions (VNFs) have been widely deployed in mobile edge computing (MEC) to flexibly and efficiently serve end users running resource-intensive applications, which can be further serialized to form service function chains (SFCs), providing customized networking services. To ensure the availability of SFCs, it turns out to be effective to place redundant SFC backups at the edge for quickly recovering from any failures. The existing research largely overlooks the influences of SFC popularity, backup completeness and failure rate on the optimal deployment of SFC backups on edge servers. In this paper, we comprehensively consider from the perspectives of both the end users and edge system to backup SFCs for providing popular services with the lowest latency. To overcome the challenges resulted from unknown SFC popularity and failure rate, as well as the known system parameter constraints, we take advantage of the online bandit learning technique to cope with the uncertainty issue. Combining the Prim-inspired method with the greedy strategy, we propose a Real-Time Selection and Deployment(RTSD) algorithm. Extensive simulation experiments are conducted to demonstrate the superiority of our proposed algorithms.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

SPDL: Blockchain-secured and Privacy-preserving Decentralized Learning

Decentralized learning involves training machine learning models over remote mobile devices, edge servers, or cloud servers while keeping data localized. Even though many studies have shown the feasibility of preserving privacy, enhancing training performance or introducing Byzantine resilience, but none of them simultaneously considers all of them. Therefore we face the following problem: \textit{how can we efficiently coordinate the decentralized learning process while simultaneously maintaining learning security and data privacy?} To address this issue, in this paper we propose SPDL, a blockchain-secured and privacy-preserving decentralized learning scheme. SPDL integrates blockchain, Byzantine Fault-Tolerant (BFT) consensus, BFT Gradients Aggregation Rule (GAR), and differential privacy seamlessly into one system, ensuring efficient machine learning while maintaining data privacy, Byzantine fault tolerance, transparency, and traceability. To validate our scheme, we provide rigorous analysis on convergence and regret in the presence of Byzantine nodes. We also build a SPDL prototype and conduct extensive experiments to demonstrate that SPDL is effective and efficient with strong security and privacy guarantees.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

zk-PCN: A Privacy-Preserving Payment Channel Network Using zk-SNARKs

Payment channel network (PCN) is a layer-two scaling solution that enables fast off-chain transactions but does not involve on-chain transaction settlement. PCNs raise new privacy issues including balance secrecy, relationship anonymity and payment privacy. Moreover, protecting privacy causes low transaction success rates. To address this dilemma, we propose zk-PCN, a privacy-preserving payment channel network using zk-SNARKs. We prevent from exposing true balances by setting up \textit{public balances} instead. Using public balances, zk-PCN can guarantee high transaction success rates and protect PCN privacy with zero-knowledge proofs. Additionally, zk-PCN is compatible with the existing routing algorithms of PCNs. To support such compatibility, we propose zk-IPCN to improve zk-PCN with a novel proof generation (RPG) algorithm. zk-IPCN reduces the overheads of storing channel information and lowers the frequency of generating zero-knowledge proofs. Finally, extensive simulations demonstrate the effectiveness and efficiency of zk-PCN in various settings.

0 citations0 reviewsNo code linkedOpen access
preprint2021arXiv

wChain: A Fast Fault-Tolerant Blockchain Protocol for Multihop Wireless Networks

This paper presents $\mathit{wChain}$, a blockchain protocol specifically designed for multihop wireless networks that deeply integrates wireless communication properties and blockchain technologies under the realistic SINR model. We adopt a hierarchical spanner as the communication backbone to address medium contention and achieve fast data aggregation within $O(\log N\logΓ)$ slots where $N$ is the network size and $Γ$ refers to the ratio of the maximum distance to the minimum distance between any two nodes. Besides, $\mathit{wChain}$ employs data aggregation and reaggregation, and node recovery mechanisms to ensure efficiency, fault tolerance, persistence, and liveness. The worst-case runtime of $\mathit{wChain}$ is upper bounded by $O(f\log N\logΓ)$, where $f=\lfloor \frac{N}{2} \rfloor$ is the upper bound of the number of faulty nodes. To validate our design, we conduct both theoretical analysis and simulation studies, and the results only demonstrate the nice properties of $\mathit{wChain}$, but also point to a vast new space for the exploration of blockchain protocols in wireless networks.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

A Misreport- and Collusion-Proof Crowdsourcing Mechanism without Quality Verification

Quality control plays a critical role in crowdsourcing. The state-of-the-art work is not suitable for large-scale crowdsourcing applications, since it is a long haul for the requestor to verify task quality or select professional workers in a one-by-one mode. In this paper, we propose a misreport- and collusion-proof crowdsourcing mechanism, guiding workers to truthfully report the quality of submitted tasks without collusion by designing a mechanism, so that workers have to act the way the requestor would like. In detail, the mechanism proposed by the requester makes no room for the workers to obtain profit through quality misreport and collusion, and thus, the quality can be controlled without any verification. Extensive simulation results verify the effectiveness of the proposed mechanism. Finally, the importance and originality of our work lie in that it reveals some interesting and even counterintuitive findings: 1) a high-quality worker may pretend to be a low-quality one; 2) the rise of task quality from high-quality workers may not result in the increased utility of the requestor; 3) the utility of the requestor may not get improved with the increasing number of workers. These findings can boost forward looking and strategic planning solutions for crowdsourcing.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Egoistic Incentives Based on Zero-Determinant Alliances for Large-Scale Systems

Social dilemmas exist in various fields and give rise to the so-called free-riding problem, leading to collective fiascos. The difficulty of tracking individual behaviors makes egoistic incentives in large-scale systems a challenging task. However, the state-of-the-art mechanisms are either individual-based or state-dependent, resulting in low efficiency in large-scale networks. In this paper, we propose an egoistic incentive mechanism from a connected (network) perspective rather than an isolated (individual) perspective by taking advantage of the social nature of people. We make use of a zero-determinant (ZD) strategy for rewarding cooperation and sanctioning defection. After proving cooperation is the dominant strategy for ZD players, we optimize their deployment to facilitate cooperation over the whole system. To further speed up cooperation, we derive a ZD alliance strategy for sequential multiple-player repeated games to empower ZD players with higher controllable leverage, which undoubtedly enriches the theoretical system of ZD strategies and broadens their application domain. Our approach is stateless and stable, which contributes to its scalability. Extensive simulations based on a real world trace data as well as synthetic data demonstrate the effectiveness of our proposed egoistic incentive approach under different networking scenarios.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Privacy-aware Data Trading

The growing threat of personal data breach in data trading pinpoints an urgent need to develop countermeasures for preserving individual privacy. The state-of-the-art work either endows the data collector with the responsibility of data privacy or reports only a privacy-preserving version of the data. The basic assumption of the former approach that the data collector is trustworthy does not always hold true in reality, whereas the latter approach reduces the value of data. In this paper, we investigate the privacy leakage issue from the root source. Specifically, we take a fresh look to reverse the inferior position of the data provider by making her dominate the game with the collector to solve the dilemma in data trading. To that aim, we propose the noisy-sequentially zero-determinant (NSZD) strategies by tailoring the classical zero-determinant strategies, originally designed for the simultaneous-move game, to adapt to the noisy sequential game. NSZD strategies can empower the data provider to unilaterally set the expected payoff of the data collector or enforce a positive relationship between her and the data collector's expected payoffs. Both strategies can stimulate a rational data collector to behave honestly, boosting a healthy data trading market. Numerical simulations are used to examine the impacts of key parameters and the feasible region where the data provider can be an NSZD player. Finally, we prove that the data collector cannot employ NSZD to further dominate the data market for deteriorating privacy leakage.

0 citations0 reviewsNo code linkedOpen access