skip to main content

Search for: All records

Creators/Authors contains: "Chen, H"

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. Free, publicly-accessible full text available July 1, 2023
  2. Free, publicly-accessible full text available October 1, 2023
  3. Use of structured roles to facilitate cooperative learning is an evidence-based practice that has been shown to improve student performance, attitude, and persistence. The combination of structured roles and activities also helps build students’ process skills including communication and metacognition. While these benefits have been shown in a variety of disciplines, most prior work has focused on in-person, synchronous settings, and few studies have looked at online, synchronous settings. With the ongoing COVID-19 pandemic, we need a better understanding of how cooperative learning takes place online and what differences may exist between online and in-person modalities. This work-in-progress serves to document our development of an observation protocol to help us answer research questions such as the following: Do group members participate equally? Do group members’ contributions match their role? How do groups connect and bond with each other? How do groups seek help?
    Free, publicly-accessible full text available July 1, 2023
  4. Black hat hackers use malicious exploits to circumvent security controls and take advantage of system vulnerabilities worldwide, costing the global economy over $450 billion annually. While many organizations are increasingly turning to cyber threat intelligence (CTI) to help prioritize their vulnerabilities, extant CTI processes are often criticized as being reactive to known exploits. One promising data source that can help develop proactive CTI is the vast and ever-evolving Dark Web. In this study, we adopted the computational design science paradigm to design a novel deep learning (DL)-based exploit-vulnerability attention deep structured semantic model (EVA-DSSM) that includes bidirectional processing and attention mechanisms to automatically link exploits from the Dark Web to vulnerabilities. We also devised a novel device vulnerability severity metric (DVSM) that incorporates the exploit post date and vulnerability severity to help cybersecurity professionals with their device prioritization and risk management efforts. We rigorously evaluated the EVA-DSSM against state-of-the-art non-DL and DL-based methods for short text matching on 52,590 exploit-vulnerability linkages across four testbeds: web application, remote, local, and denial of service. Results of these evaluations indicate that the proposed EVA-DSSM achieves precision at 1 scores 20% - 41% higher than non-DL approaches and 4% - 10% higher than DL-basedmore »approaches. We demonstrated the EVA-DSSM’s and DVSM’s practical utility with two CTI case studies: openly accessible systems in the top eight U.S. hospitals and over 20,000 Supervisory Control and Data Acquisition (SCADA) systems worldwide. A complementary user evaluation of the case study results indicated that 45 cybersecurity professionals found the EVA-DSSM and DVSM results more useful for exploit-vulnerability linking and risk prioritization activities than those produced by prevailing approaches. Given the rising cost of cyberattacks, the EVA-DSSM and DVSM have important implications for analysts in security operations centers, incident response teams, and cybersecurity vendors.« less
    Free, publicly-accessible full text available June 1, 2023
  5. Black hat hackers use malicious exploits to circumvent security controls and take advantage of system vulnerabilities worldwide, costing the global economy over $450 billion annually. While many organizations are increasingly turning to cyber threat intelligence (CTI) to help prioritize their vulnerabilities, extant CTI processes are often criticized as being reactive to known exploits. One promising data source that can help develop proactive CTI is the vast and ever-evolving Dark Web. In this study, we adopted the computational design science paradigm to design a novel deep learning (DL)-based exploit-vulnerability attention deep structured semantic model (EVA-DSSM) that includes bidirectional processing and attention mechanisms to automatically link exploits from the Dark Web to vulnerabilities. We also devised a novel device vulnerability severity metric (DVSM) that incorporates the exploit post date and vulnerability severity to help cybersecurity professionals with their device prioritization and risk management efforts. We rigorously evaluated the EVA-DSSM against state-of-the-art non-DL and DL-based methods for short text matching on 52,590 exploit-vulnerability linkages across four testbeds: web application, remote, local, and denial of service. Results of these evaluations indicate that the proposed EVA-DSSM achieves precision at 1 scores 20%-41% higher than non-DL approaches and 4%-10% higher than DL-based approaches. We demonstrated themore »EVA-DSSM's and DVSM's practical utility with two CTI case studies: openly accessible systems in the top eight U.S. hospitals and over 20,000 Supervisory Control and Data Acquisition (SCADA) systems worldwide. A complementary user evaluation of the case study results indicated that 45 cybersecurity professionals found the EVA-DSSM and DVSM results more useful for exploit-vulnerability linking and risk prioritization activities than those produced by prevailing approaches. Given the rising cost of cyberattacks, the EVA-DSSM and DVSM have important implications for analysts in security operations centers, incident response teams, and cybersecurity vendors.« less
    Free, publicly-accessible full text available June 1, 2023
  6. International dark web platforms operating within multiple geopolitical regions and languages host a myriad of hacker assets such as malware, hacking tools, hacking tutorials, and malicious source code. Cybersecurity analytics organizations employ machine learning models trained on human-labeled data to automatically detect these assets and bolster their situational awareness. However, the lack of human-labeled training data is prohibitive when analyzing foreign-language dark web content. In this research note, we adopt the computational design science paradigm to develop a novel IT artifact for cross-lingual hacker asset detection(CLHAD). CLHAD automatically leverages the knowledge learned from English content to detect hacker assets in non-English dark web platforms. CLHAD encompasses a novel Adversarial deep representation learning (ADREL) method, which generates multilingual text representations using generative adversarial networks (GANs). Drawing upon the state of the art in cross-lingual knowledge transfer, ADREL is a novel approach to automatically extract transferable text representations and facilitate the analysis of multilingual content. We evaluate CLHAD on Russian, French, and Italian dark web platforms and demonstrate its practical utility in hacker asset profiling, and conduct a proof-of-concept case study. Our analysis suggests that cybersecurity managers may benefit more from focusing on Russian to identify sophisticated hacking assets. In contrast, financialmore »hacker assets are scattered among several dominant dark web languages. Managerial insights for security managers are discussed at operational and strategic levels.« less
    Free, publicly-accessible full text available June 1, 2023
  7. The assembly of massive black holes in the early universe remains a poorly constrained open question in astrophysics. The merger and accretion of light seeds (remnants of Population III stars with mass below ∼ 1000 M ) or heavy seeds (in the mass range 104−106 M ) could both explain the formation of massive black holes, but the abundance of seeds and their merging mechanism are highly uncertain. In the next decades, the gravitational-wave observatories coming online are expected to observe very highredshift mergers, shedding light on the seeding of the first black holes. In this Letter we explore the potential and limitations for LISA, Cosmic Explorer and Einstein Telescope to constrain the mixture ratio of light and heavy seeds as well as the probability that central black holes in merging galaxies merge as well. Since the third generation ground-based gravitational-wave detectors will only observe light seed mergers, we demonstrate two scenarios in which the inference of the seed mixture ratio and merging probability can be limited. The synergy of multi-band gravitational-wave observations and electromagnetic observations will likely be necessary in order to fully characterize the process of high-redshift black hole formation.
  8. Marc Peter Deisenroth (Ed.)
  9. Semiconductors with O(meV) band gaps have been shown to be promising targets to search for sub-MeV mass dark matter (DM). In this paper we focus on a class of materials where such narrow band gaps arise naturally as a consequence of spin-orbit coupling (SOC). Specifically, we are interested in computing DM-electron scattering and absorption rates in these materials using state- of-the-art density functional theory (DFT) techniques. To do this, we extend the DM interaction rate calculation to include SOC effects which necessitates a generalization to spin-dependent wave functions. We apply our new formalism to calculate limits for several DM benchmark models using an example ZrTe5 target and show that the inclusion of SOC can substantially alter projected constraints.