Haibo Cheng

Haibo Cheng

Postdoctoral researcher

Peking University

Biography

I am a postdoctoral researcher at Peking University from July 2021, supported by the Peking University Boya Postdoctoral Fellowship 2021. My research focuses on cyber security and machine learning. My work about password and honey encryption appeared at USENIX Security 2021, 2019, ICASSP 2021, NDSS 2018, etc.

Interests
  • Cyber Security
  • Machine Learning
Education

  • Ph.D. in Computer Science, 2021

    Peking University, Beijing, China

  • M.A. in Pure Mathematics, 2015

    Peking University, Beijing, China

  • B.A. in Pure Mathematics, 2011

    Nankai University, Tianjin, China

Featured Publications

Haibo Cheng, Wenting Li, Ping Wang, Chao-Hsien Chu, Kaitai Liang
August 2021 In USENIX Security 2021
Incrementally Updateable Honey Password Vaults
Incrementally Updateable Honey Password Vaults

For HE-based honey vault schemes, we 1) propose a new generic construction and an incremental update mechanism, which resists intersection attacks; 2) formally investigate the optimal strategy for online verifications and further propose several practical attacks, which can effectively distinguish real and decoy vaults for the existing honey vault schemes; 3) instantiate our construction with a well-designed multi-similar-password model, which can generate more plausible-looking decoys.
Cite Slides Video PDF: Full version PDF: Conference version
Haibo Cheng, Wenting Li, Ping Wang, Kaitai Liang
June 2021 In ICASSP 2021
Improved Probabilistic Context-Free Grammars for Passwords Using Word Extraction
Improved Probabilistic Context-Free Grammars for Passwords Using Word Extraction

We propose a word extraction approach for passwords, and further present an improved PCFG model, called WordPCFG. The word extraction method can precisely extract semantic segments (called word) from passwords based on cohesion and freedom of words.
PDF Cite Poster Slides
Haibo Cheng, Zhixiong Zheng, Wenting Li, Ping Wang, Chao-Hsien Chu
August 2019 In USENIX Security 2019
Probability Model Transforming Encoders Against Encoding Attacks
Probability Model Transforming Encoders Against Encoding Attacks

For existing honey encryption applications, we propose two types of attacks, encoding attacks and distribution difference attacks, and further show the insecurity of the applications. We propose a generic method to transform an arbitrary probability model to a probability model transforming encoder, which resists encoding attacks.
PDF Cite Slides Video

Recent Publications

Quickly discover relevant content by filtering publications.
Haibo Cheng, Wenting Li, Ping Wang, Chao-Hsien Chu, Kaitai Liang (2021). Incrementally Updateable Honey Password Vaults. In USENIX Security 2021.

Cite Slides Video PDF: Full version PDF: Conference version

Haibo Cheng, Wenting Li, Ping Wang, Kaitai Liang (2021). Improved Probabilistic Context-Free Grammars for Passwords Using Word Extraction. In ICASSP 2021.

PDF Cite Poster Slides

Wenting Li, Haibo Cheng, Ping Wang, Kaitai Liang (2021). Practical Threshold Multi-Factor Authentication. In IEEE TIFS.

PDF Cite

Haibo Cheng, Zhixiong Zheng, Wenting Li, Ping Wang, Chao-Hsien Chu (2019). Probability Model Transforming Encoders Against Encoding Attacks. In USENIX Security 2019.

PDF Cite Slides Video

Ding Wang, Haibo Cheng, Ping Wang, Jeff Yan, Xinyi Huang (2018). A Security Analysis of Honeywords. In NDSS 2018.

PDF Cite Slides Video

See all publications

Contact

  • hbcheng89@gmail.com
  • Room 1723, Science Buildings No. 1, Peking University, Haidian District, Beijing, 100871
  • Enter Science Buildings No. 1 from the northwest gate and take the elevator to Room 1723 on Floor 7