SUMMARY
I have more than four years of development experience in Python and research experience in network security, cyber-physical system security, machine learning, and BlockChain. I discovered vulnerabilities in power system communication protocol and developed mitigations methods. I have reviewed 14 papers, published 11 papers and received 141 citations. You can find my sample code
here and sample tutorial
here.
EDUCATION
Ph.D. in Computer Engineering
The Holcombe Department of Electrical and Computer Engineering, Clemson University, USA
Estimated to graduate in Aug 2018
M.S. in Computer Science
Department of Computer Science, University of Texas-Pan American, USA
Graduated in Aug 2013
B.S. in Information and Computational Science
College of Mathematics, Jilin University, China
Graduated in June 2010
TECHNICAL SKILLS
Languages: Proficient: Python; Prior experience: SQL, C++, C
Libraries: scapy, numpy, pandas, PyTorch, OpenMPI
Operating System: Cent OS, Mac OS, Debian, Fedora, Kali, Metasploit, Windows XP
Software and Tools: Wireshark, nmap, MySQL, Hex-Rays IDA, Anaconda, Git, Floodlight, Matlab, vShpere
Hardwares: SEL Relays and Security Gateways, Cisco VPNs, PICA8 SDN Switches, AirTight Wireless IDS
Other Skills: Traffic Analysis, Machine Learning, BlockChain, Reverse Engineering, IDS, IPS
PROJECTS
Situational Intelligence for Smart Grid Optimization and Intelligent Control
NSF Grant: IIP-1312260, With Prof. G. Kumar Venayagamoorthy and Prof. Richard R. Brooks
2014 - Present
Discovered side-channel vulnerabilities of the synchrophasor network protocol that can differentiate data packets from other packets in an encrypted VPN tunnel. Discovered a vulnerability that can trigger a security gateway to send clear text packages. Designed and implemented side-channel based DoS attacks against above protocol and devices. Developed protocol camouflage method and transformed a segment of Zeus bot-net traffic into the above protocol and injected the fake traffic into a legitimate data receiver. Designed and implemented a set of neural networks trained with the dynamic of the power grid and used the trained neural networks to infer missing data during DoS attacks. Implemented BGP hijacking experiments on the Internet and now developing a method to detect BGP hijacking attacks using side-channels.
Open Source Synchrophasor Protocol Parser and Client
2016 - Present
Designed and developed the first open source
synchrophasor protocol client available on Github using Python3 with asynchronous programming and a customized parser. The package fully supports the IEEE C37.118.2-2011 standard including all packet formats, communication methods, and performance requirements. The package helped reduced the development time of synchrophasor applications from weeks to days and now used by dozens of researchers for experimenting and prototyping.
Security of Distributed Cyber-Physical Systems with Connected Vehicle Applications
NSF Grant: CNS-1544910, With Prof. Pierluigi Pisu and Prof. Richard R. Brooks
2017 - Present
Developed a software simulation of a connected vehicle platooning system using Python and Matlab. Developed both centralized and decentralized controller that allows the platooning vehicles automatically follows the leading vehicle. Analyzed the impact of sensor noise on the control system. Now developing a control strategy to mitigate damage caused by a malicious vehicle in the platoon.
Provenance Assurance Using Currency Primitives
NSF Grant: OAC-1547164, With Prof. Richard R. Brooks
2017
Implemented the data serialization, transmission, and deserialization module of the data provenance system using C++. The module is used for communications and file transmissions between block chian mining servers and clients.
Explorations of Theoretical Models of Self-Assembly
NSF Grant: CCF-1117672, With Prof. Robert Schweller and Prof. Matthew J. Patitz
2011 - 2013
Designed a parallel binary adding algorithm, a parallel shear sorting algorithm, and a self-replication system using the DNA self-assembly model.
WORK EXPERIENCE
Teaching Assistant for ECE8930 DDoS Attack Class - Clemson University, USA
2017 - Present
Implemented the
Dynamic DDoS Mitigation System that automatically scales up the CDN during DDoS attacks and scales down the CDN during light load to save energy. Developed lectures, slides, labs, and
lab instructions. Updated the network topology for different labs using Floodlight SDN. Instructed lectures, labs. Graded assignments.
Teaching Assistant for ECE6490/ECE4490 Network Security Class - Clemson University, USA
2015 - Present
Built the network security lab on two campuses connected through VPN. Wrote a variety of automation scripts. Set up Fedora, LDAP, VirtualBox, Motion, Floodlight SDN and a variety of other software. Installed and configured Synology NAS, Dell PowerEdge servers, and workstations, PICA8 SDN switches, AirTight wireless IDS, APC UPS, and a variety of other hardware. Instructed lectures, labs. Graded assignments.
Database Administrator - China Huaneng Group, Beijing, China
2010 - 2011
Worked with IBM and Huaneng's subsidiary companies to deploy SAP system. Maintained human resource and payroll system database.
INVITED REVIEWS(14 reviews in total as of June 2018)
Computers & Security - Elsevier Journal
2016 - 2018
International Journal of Electrical Power & Energy Systems - Elsevier Journal
2016
IEEE Symposium Series on Computational Intelligence - IEEE Conference
2016
Clemson University Power Systems Conference - IEEE Conference
2016
FEATURED PUBLICATIONS(11 publications in total as of June 2018)
Denial of service attack on tie-line bias control in a power system with pv plant
X Zhong, I Jayawardene, GK Venayagamoorthy, R Brooks
IEEE Transactions on Emerging Topics in Computational Intelligence
2017
Stealthy malware traffic-Not as innocent as it looks
X Zhong, Y Fu, L Yu, R Brooks, GK Venayagamoorthy
10th International Conference on Malicious and Unwanted Software
2015
Side-channels in electric power synchrophasor network data traffic
X Zhong, P Arunagirinathan, A Ahmadi, R Brooks, GK Venayagamoorthy
10th Annual Cyber and Information Security Research Conference
2015