• 340 Research Hall
• George Mason University
• Fairfax, VA 22030

• My Current Affiliations:

• My Former Affiliations:

Publications | Projects | Profession Services | Work & Edu History | Fun Reads

I am an Associate Professor in the Cybersecurity Engineering Department at George Mason University.

My current research interest lies in computer networks and web application security, where I endeavor to identify, evaluate, and combat security threats among various web pages and websites. I am also interested in interdisciplinary research that brings advanced computer science techniques to benefit other fields, such as law enforcement and forensic investigation. In the past, I have focused on cyber-physical system security and reliability that covered Smart Grid and Intelligent Transportation Systems.

Publications

Conference Papers

• Xiao Han, Junjie Xiong, Wenbo Shen, Mingkui Wei, Shangqing Zhao, Zhuo Lu, Yao Liu
  The Perils of Wi-Fi Spoofing Attack Via Geolocation API and its Defense
  [IEEE Transactions on Dependable and Secure Computing, 2023]
• Tao Hou, Shengping Bi, Mingkui Wei, Tao Wang, Zhuo Lu, and Yao Liu
  When Third-Party JavaScript Meets Cache: Explosively Amplifying Security Risks on the Internet
  [Proc. of IEEE Conference on Communications and Network Security (CNS), 2022.]
• Junjie Xiong, Mingkui Wei, Zhuo Lu, and Yao Liu
  "Warmonger: Inflicting Denial-of-Service via Serverless Functions in the Cloud".
  [ACM Conference on Computer and Communications Security (CCS), Nov. 2021.]
  Download: PDF
• Mingkui Wei
  "Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications".
  [Proceedings of Usenix Security 2021.]
  Media coverage: Invited Writeup on Tor Blog
  Download: PDF
• Mingkui Wei, Khaled Rabieh, and Faisal Kaleem
  "CacheLoc: Leveraging CDN Edge Servers for User Geolocation".
  [Proceedings of EAI SecureComm 2020, Washington DC, US, 2020.]
  Download: PDF
• Nicholas Frey, Carilyn Santisteban, Khalid Noman, Mingkui Wei, and Jorn Yu
  "Development of an Intelligent Mobile Application to Enhance the Quality of Latent Fingerprint Acquisition".
  [American Academy of Forensic Science (AAFS) 72nd Annual Meeting, Anaheim, CA, US 2020.]
  Download: PDF Slides
• Daniel Brites and Mingkui Wei
  "PhishFry - A Proactive Approach to Classify Phishing Sites using SCIKIT Learn".
  [Proceedings of IEEE GlobeCom Workshop, Puako, HI, US 2019]
  Download: PDF Slides
• Danni Yuan, Xiaoyan Zhu, Mingkui Wei, and Jianfeng Ma
  "Collaborative Deep Learning for Medical Image Analysis with Differential Privacy".
  [Proceedings of IEEE GlobeCom, Puako, HI, US 2019]
  Download: PDF Slides
• Sundar Krishnan and Mingkui Wei
  "SCADA Testbed for Vulnerability Assessments, Penetration Testing and Incident Forensics".
  [Proceedings of International Symposium on Digital Forensic and Security (ISDFS), Barcelos, Protugal, 2019]
  Download: PDF Slides
Read more
Mingkui Wei, Jie Wang, Zhuo Lu and Wenye Wang
"On Studying Information Dissemination in Social-Physical Interdependent Networks".
[Proceedings of IEEE ICC, ShangHai, China, 2019]
Download: PDF Slides
Mingkui Wei, Zhuo Lu, Yufei Tang and Xiang Lu
"How Can Cyber-Physical Interdependence Affect the Mitigation of Cascading Power Failure?".
[Proceedings of IEEE INFOCOM, Honolulu HI, 2018]
Download: PDF Slides
Zhuo Lu, Mingkui Wei and Xiang Lu
"How They Interact? Understanding Cyber and Physical Interactions against Fault Propagation in Smart Grid.".
[Proceedings of IEEE INFOCOM, Atlanta CA, 2017]
Download: PDF Slides
Mingkui Wei, Zhuo Lu and Wenye Wang
"On Modeling and Understanding Vehicle Evacuation Attacks in VANETs.".
[Proceedings of IEEE ICC, France, 2017]
Download: PDF Slides
Khaled Rabieh and Mingkui Wei
"Efficient and Privacy-aware Authentication Scheme for EVs Pre-Paid Wireless Charging Services.".
[Proceedings of IEEE ICC, Malasysia, 2016]
Download: PDF Slides
Mingkui Wei, Zhuo Lu and Wenye Wang
"Dominoes with Communications: On Characterizing the Progress of Cascading Failures in Smart Grid.".
[Proceedings of IEEE ICC, Malasysia, 2016]
Download: PDF Slides
Zhuo Lu and Cliff Wang and Mingkui Wei
"On Detection and Concealment of Critical Roles in Tactical Wireless Networks.".
[Proceedings of IEEE Milcom, Tampa, FL, US 2015]
Download: PDF Slides
Mingkui Wei and Wenye Wang
"Safety Can Be Dangerous: Secure Communications Impair Smart Grid Stability Under Emergencies.".
[Proceedings of IEEE GlobeCom, San Diego, CA, US 2015]
Download: PDF Slides
Mingkui Wei and Xi Gong and Wenye Wang
"Claim What You Need: A Text-Mining Approach on Android Permission Request Authorization.".
[Proceedings of IEEE GlobeCom, San Diega, CA, US 2015]
Download: PDF Slides
Mingkui Wei and Wenye Wang
Combat the Disaster: Communications in Smart Grid Alleviate Cascading Failures.".
[Proceedings of IEEE Honet, Charlotte, NC, US 2014]
Download: PDF Slides
Mingkui Wei and Wenye Wang
Greenbench: A Benchmark for Observing Power Grid Vulnerability Under Data-Centric Threats.".
[Proceedings of IEEE InfoCom, Toronto, Ontario, Canada 2014]
Download: PDF Slides
Mingkui Wei and Wenye Wang
Toward Distributed Intelligent: A Case Study of Peer to Peer Communication in Smart Grid.".
[Proceedings of IEEE GlobeCom, Atlanta, GA, US 2013]
Download: PDF Slides

Journal Papers

• Robert Pitts, Mingkui Wei, Jorn Yu, Alicia Rairden
  "Empirical Comparison of DSLRs and Smartphone cameras for Latent Prints Photography".
  [Wiley Interdisciplinary Reviews (WIREs) Forensic Sciecne.]
  Download: Coming soon...
• Mingkui Wei, Zhuo Lu, Yufei Tang, and Xiang Lu,
  "Cyber and Physical Interactions to Combat Failure Propagation in Smart Grid: Characterization, Analysis and Evaluation".
  [Computer Networks, Elsevier, 2019.]
  Download: PDF
• Mingkui Wei, Zhuo Lu and Wenye Wang
  "On Characterizing Information Dissemination During City-Wide Cascading Failures in Smart Grid".
  [IEEE Systems Journal, 2018.]
  Download: PDF
• Mingkui Wei and Wenye Wang
  Data-Centric Threats and THeir Impacts to Real-Time Communications in Smart Grid.".
  [Computer Networks, vol. 104, pp 174 - 188, 2016.]
  Download: PDF
• Mingkui Wei
  "An Improved Min-Sum Decoding Algorithm for LDPC Codes.".
  [Telecom Market, vol. 10, pp 155 - 159, 2007.]
  Download: PDF

Projects

• Investigating, Evaluating, and Remediating Self-Inflicted Denial of Service Attacks amoung Cloud Server Providers, PI, Office of Research & Sponsored Program (ORSP), SHSU, 2020. Granted amount: $4,967.
• On Evaluation and Analysis of the CDN Web Cache Poisoning Attack, PI, Polit Studies for Future Funding Program, Office of Research & Sponsored Program (ORSP), SHSU, 2019. Granted amount: $14,675.
  Read more
  The use of web cache is prevalent among today's web services. Classical web service adopts the client-server architecture, where the client sends HTTP requests to the web server requesting web documents such as HTML pages, and the origin server will respond correspondingly. In the recent decade, with the substantial growth of various web applications, origin servers need to handle much more and more complex requests, to whom such burden becomes unbearable. The web caching service is introduced to offload the origin server under such circumstance. In the client-cache-server architecture, client's requests are instead sent to a cache server. If the cache server has a valid copy of the requested document, it will directly respond to the request without inquiring the origin server; otherwise, it will request the document from the origin server and forward it to the client, and meanwhile store a local copy that will be used to fulfill future requests to the same document. Such implementation, however, bears the risk of cache poisoning attack, i.e., if the cached document is tampered without being detected by the cache server, the tampered document will be used to serve all legitimate requests.
  
  In this project, we aim at identifying, evaluating and analyzing web cache poisoning attack induced by attacker sending malicious HTTP request headers to the origin server. With a scan of 1 million root domains, we identified thousands of domains which allow the cache to be tampered with, including insert phishing or redirecting links, and arbitrary Javascripts. This vulnerability is currently under coordination by the CERT coordination center and among multiple cache service vendors (VU#335217), public disclosure has been made in early Jan 2020.
  
  Vulnerability #: VU#335217, JVNVU#98141012, JVNDB-2020-001007
• Development of Machine Learning Assisted Smartphone Application to Support On-Site and Real-Time Latent Fingerprint Analysis and Identification in Crime Scene Investigation, PI, Faculty and Student Team (FAST) Award, EURECA Center, SHSU, 2019. Granted amount: $10,000.
  Read more
  Latent fingerprint image capturing in the forensic investigation field requires quality images be taken in order to accurately match fingerprints to those stored in a database. The goal of this project is to implement a mobile application to aid forensic investigators in the latent fingerprint acquisition process. In a typical use scenario, the investigator points the camera of the smartphone to a latent fingerprint at the crime scene. The application is able to recognize and analyze the latent print in real-time, and display a graphical indicator (i.e., green/red color-map) for useable/unusable fingerprint areas, as well as a numerical score evaluated based on the overall fingerprint quality. The acquired latent fingerprint image can be directly send to remote automated fingerprint identification system (AFIS) for latent fingerprint searching or matching. The success of this project would greatly off the burden from on-site forensic investigators, as well as forensics labs who is currently overwhelmed by numerious "of no value" latent print photos.
• Enhancing Computer Science and Digital Forensics Education by Integrating Lecture-directed and Project-based Learning in Mobile Computing and Mobile Forensics, co-PI, Teaching Innovation Grant, PACE Center, SHSU, 2019. Granted amount: $8,000.
• Analysis and Evaluation of the Code Reuse Attack: A Digital Forensics Approach, PI, COSET Summer Research Grant, College of Science and Engineering Technology, SHSU, 2018. Granted amount: $2,500.
• Improving Digital Forensics and Cybersecurity Education with Intelligent Computing by Integrating Lecture Directed and Project-based Learning Together, co-PI, Teaching Innovation Grant, PACE Center, SHSU, 2018. Granted amount: $11,000.

Professional Services

TPC Member

• IEEE INFOCOM 2017, 2018, 2019, 2020.
• IEEE ICC 2019, 2020.
• IEEE Globecom 2019.

Guest Editor

• Sensors: Special Issue: Topology Control and Protocols in Sensor Network and IoT Applications.

Funding Member

• IEEE special interest group (SIG) on Intelligent Internet Edge (IIE).

Reviewer

• Multiple.
• Computers & Security, Elsevier.

Work and Education History

• Jan 2021 - Current: Assistant Professor, Cybersecurity Engineering, George Mason University
  
• Aug 2016 - Dec 2020: Assistant Professor, Computer Science, Sam Houston State University
  
• Aug 2011 - July 2016: PhD Student, Research/Teaching Assistant, NC State University
  
• Mar 2008 - May 2011: First Office Application Engineer, Bell Labs, Alcatel-Lucent
  
• Aug 2005 - Mar 2008: Master student, National Mobile Communication Research Lab, Southeast University, China
  
• Aug 2001 - May 2005: Undergraduate student, Nanjing University of Science and Technology, China
  

© Mingkui Wei 2019