@article{cai_lin_liu_lin_2023, title={Control Design of a Continuous Model and Its Application in Highway Traffic Flow}, volume={70}, ISSN={["1558-3791"]}, DOI={10.1109/TCSII.2023.3241646}, abstractNote={We investigate control designs for a continuity model itself, not its linearization based on Banach fixed point theorem. This model can simulate the traffic flow on the highway. We design two kinds of control laws. One is to stabilize the equilibrium point of the closed-loop system from any initial value. The other is to stabilize the state to the equilibrium point locally, which requires the initial value to meet a constraint. In simulation, we show the applications of two control designs in highway traffic flow control.}, number={7}, journal={IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS II-EXPRESS BRIEFS}, author={Cai, Xiushan and Lin, Yuhang and Liu, Leipo and Lin, Cong}, year={2023}, month={Jul}, pages={2575–2579} }
 @article{cai_lin_zhan_wan_liu_lin_2023, title={Inverse Optimal Control of Korteweg-de Vries-Burgers Equation}, volume={56}, ISSN={["2405-8963"]}, DOI={10.1016/j.ifacol.2023.10.1786}, abstractNote={We consider inverse optimal adaptive control for Korteweg-de Vries Burgers (KdVB) equation. First, we prove that the boundary control design in Balogh and Krstic (2000) is inverse optimal for a meaningful functional. Next, we achieve an adaptive boundary control design for KdVB equation with an unknown dissipation coefficient. Moreover, we prove that it is also inverse optimal for a meaningful functional. Two examples are given to show the validity of the proposed design.}, number={2}, journal={IFAC PAPERSONLINE}, author={Cai, Xiushan and Lin, Yuhang and Zhan, Xisheng and Wan, Liguang and Liu, Leibo and Lin, Cong}, year={2023}, pages={1351–1356} }
 @article{cai_lin_lin_liu_2023, title={Inverse optimality of adaptive control for Korteweg-de Vries-Burgers equation}, ISSN={["2195-2698"]}, DOI={10.1007/s40435-023-01195-5}, journal={INTERNATIONAL JOURNAL OF DYNAMICS AND CONTROL}, author={Cai, Xiushan and Lin, Yuhang and Lin, Cong and Liu, Leipo}, year={2023}, month={May} }
 @article{cai_lin_zhang_lin_2022, title={PREDICTOR CONTROL FOR WAVE PDE / NONLINEAR ODE CASCADED SYSTEM WITH BOUNDARY VALUE- DEPENDENT PROPAGATION SPEED}, volume={58}, ISSN={["0023-5954"]}, DOI={10.14736/kyb-2022-3-0400}, abstractNote={This paper investigates predictor control for wave partial differential equation (PDE) and nonlinear ordinary differential equation (ODE) cascaded system with boundary value-dependent propagation speed. A predictor control is designed first. A two-step backstepping transformation and a new time variable are employed to derive a target system whose stability is established using Lyapunov arguments. The equivalence between stability of the target and the original system is provided using the invertibility of the backstepping transformations. Stability of the closed-loop system is established by Lyapunov}, number={3}, journal={KYBERNETIKA}, author={Cai, X. I. U. S. H. A. N. and Lin, Y. U. H. A. N. G. and Zhang, J. U. N. F. E. N. G. and Lin, C. O. N. G.}, year={2022}, pages={400–425} }
 @article{he_lin_gu_yeh_zhuang_2022, title={PerfSig: Extracting Performance Bug Signatures via Multi-modality Causal Analysis}, ISSN={["0270-5257"]}, DOI={10.1145/3510003.3510110}, abstractNote={Diagnosing a performance bug triggered in production cloud environments is notoriously challenging. Extracting performance bug signatures can help cloud operators quickly pinpoint the problem and avoid repeating manual efforts for diagnosing similar performance bugs. In this paper, we present PerfSig, a multi-modality performance bug signature extraction tool which can identify principal anomaly patterns and root cause functions for performance bugs. PerfSig performs fine-grained anomaly detection over various machine data such as system metrics, system logs, and function call traces. We then conduct causal analysis across different machine data using information theory method to pinpoint the root cause function of a performance bug. PerfSig generates bug signatures as the combination of the identified anomaly patterns and root cause functions. We have implemented a prototype of PerfSig and conducted evaluation using 20 real world performance bugs in six commonly used cloud systems. Our experimental results show that PerfSig captures various kinds of fine-grained anomaly patterns from different machine data and successfully identifies the root cause functions through multi-modality causal analysis for 19 out of 20 tested performance bugs.}, journal={2022 ACM/IEEE 44TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2022)}, author={He, Jingzhu and Lin, Yuhang and Gu, Xiaohui and Yeh, Chin-Chia Michael and Zhuang, Zhongfang}, year={2022}, pages={1669–1680} }
 @article{lin_tunde-onadele_gu_he_latapie_2022, title={SHIL: Self-Supervised Hybrid Learning for Security Attack Detection in Containerized Applications}, DOI={10.1109/ACSOS55765.2022.00022}, abstractNote={Container security has received much research attention recently. Previous work has proposed to apply various machine learning techniques to detect security attacks in containerized applications. On one hand, supervised machine learning schemes require sufficient labelled training data to achieve good attack detection accuracy. On the other hand, unsupervised machine learning methods are more practical by avoiding training data labelling requirements, but they often suffer from high false alarm rates. In this paper, we present SHIL, a self-supervised hybrid learning solution, which combines unsupervised and supervised learning methods to achieve high accuracy without requiring any manual data labelling. We have implemented a prototype of SHIL and conducted experiments over 41 real world security attacks in 28 commonly used server applications. Our experimental results show that SHIL can reduce false alarms by 39-91% compared to existing supervised or unsupervised machine learning schemes while achieving a higher or similar detection rate.}, journal={2022 IEEE INTERNATIONAL CONFERENCE ON AUTONOMIC COMPUTING AND SELF-ORGANIZING SYSTEMS (ACSOS 2022)}, author={Lin, Yuhang and Tunde-Onadele, Olufogorehan and Gu, Xiaohui and He, Jingzhu and Latapie, Hugo}, year={2022}, pages={41–50} }
 @article{tunde-onadele_lin_gu_he_2022, title={Understanding Software Security Vulnerabilities in Cloud Server Systems}, ISSN={["2373-3845"]}, DOI={10.1109/IC2E55432.2022.00033}, abstractNote={Cloud systems have been widely adopted by many real world production applications. Thus, security vulnerabilities in those cloud systems can cause serious widespread impact. Although previous intrusion detection systems can detect security attacks, understanding the underlying software defects that cause those security vulnerabilities is little studied. In this paper, we conduct a systematic study over 110 software security vulnera-bilities in 13 popular cloud server systems. To understand the underlying vulnerabilities, we answer the following questions: 1) what are the root causes of those security vulnerabilities? 2) what threat impact do those vulnerable code have? 3) how do developers patch those vulnerable code? Our results show that the vulnerable code of the studied security vulnerabilities comprise five common categories: 1) improper execution restrictions, 2) improper permission checks, 3) improper resource path-name checks, 4) improper sensitive data handling, and 5) improper synchronization handling. We further extract principal vulnerable code patterns from those common vulnerability categories.}, journal={2022 IEEE INTERNATIONAL CONFERENCE ON CLOUD ENGINEERING (IC2E 2022)}, author={Tunde-Onadele, Olufogorehan and Lin, Yuhang and Gu, Xiaohui and He, Jingzhu}, year={2022}, pages={245–252} }
 @article{lin_tunde-onadele_gu_2020, title={CDL: Classified Distributed Learning for Detecting Security Attacks in Containerized Applications}, ISSN={["1063-9527"]}, DOI={10.1145/3427228.3427236}, abstractNote={Containers have been widely adopted in production computing environments for its efficiency and low overhead of isolation. However, recent studies have shown that containerized applications are prone to various security attacks. Moreover, containerized applications are often highly dynamic and short-lived, which further exacerbates the problem. In this paper, we present CDL, a classified distributed learning framework to achieve efficient security attack detection for containerized applications. CDL integrates online application classification and anomaly detection to overcome the challenge of lacking sufficient training data for dynamic short-lived containers while considering diversified normal behaviors in different applications. We have implemented a prototype of CDL and evaluated it over 33 real world vulnerability attacks in 24 commonly used server applications. Our experimental results show that CDL can reduce the false positive rate from over 12% to 0.24% compared to traditional anomaly detection schemes without aggregating training data. By introducing application classification into container behavior learning, CDL can improve the detection rate from catching 20 attacks to 31 attacks before those attacks succeed. CDL is light-weight, which can complete application classification and anomaly detection for each data sample within a few milliseconds.}, journal={36TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2020)}, author={Lin, Yuhang and Tunde-Onadele, Olufogorehan and Gu, Xiaohui}, year={2020}, pages={179–188} }
 @article{tunde-onadele_lin_he_gu_2020, title={Self-Patch: Beyond Patch Tuesday for Containerized Applications}, DOI={10.1109/ACSOS49614.2020.00022}, abstractNote={Containers have become increasingly popular in distributed computing environments. However, recent studies have shown that containerized applications are susceptible to various security attacks. Traditional periodically scheduled software update approaches not only become ineffective under dynamic container environments but also impose high overhead to containers. In this paper, we present Self-Patch, a new self-triggering patching framework for applications running inside containers. Self-Patch combines light-weight runtime attack detection and dynamic targeted patching to achieve more efficient and effective security protection for containerized applications. We evaluated our schemes over 31 real world vulnerability attacks in 23 commonly used server applications. Results show that Self-Patch can accurately detect and classify 81% of attacks and reduce patching overhead by up to 84%.}, journal={2020 IEEE INTERNATIONAL CONFERENCE ON AUTONOMIC COMPUTING AND SELF-ORGANIZING SYSTEMS (ACSOS 2020)}, author={Tunde-Onadele, Olufogorehan and Lin, Yuhang and He, Jingzhu and Gu, Xiaohui}, year={2020}, pages={21–27} }