N
Ninghui Li
Researcher at Purdue University
Publications - 266
Citations - 19897
Ninghui Li is an academic researcher from Purdue University. The author has contributed to research in topics: Access control & Differential privacy. The author has an hindex of 70, co-authored 262 publications receiving 17748 citations. Previous affiliations of Ninghui Li include New York University & National Chiao Tung University.
Papers
More filters
Proceedings ArticleDOI
Comparing the expressive power of access control models
Mahesh V. Tripunitara,Ninghui Li +1 more
TL;DR: A theory for comparing the expressive power of access control models is proposed and it is shown that: (1) RBAC with a particular administrative model from the literature (ARBAC97) is limited in its expressive power; (2) ATAM is more expressive than TAM (Typed Access Matrix), thereby solving an open problem posed in the literature.
Journal ArticleDOI
Generating Summary Risk Scores for Mobile Applications
Christopher Gates,Ninghui Li,Hao Peng,Bhaskar P. Sarma,Yuan Qi,Rahul Potharaju,Cristina Nita-Rotaru,Ian M. Molloy +7 more
TL;DR: Experimental results conducted using real-world data sets show that a wide range of techniques to generate both risk signals and risk scores that are based on heuristics as well as principled machine learning techniques can effectively identify malware as very risky.
Proceedings Article
Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems.
Hong Chen,Ninghui Li,Ziqing Mao +2 more
TL;DR: The notion of vulnerability surfaces under attack scenarios as the measurement of protection quality is introduced, and a tool called VulSAN is implemented for computing such vulnerability surfaces.
Proceedings ArticleDOI
SymCerts: Practical Symbolic Execution for Exposing Noncompliance in X.509 Certificate Validation Implementations
Sze Yiu Chau,Omar Chowdhury,Endadul Hoque,Huangyi Ge,Aniket Kate,Cristina Nita-Rotaru,Ninghui Li +6 more
TL;DR: It is observed that symbolic execution, a technique proven to be effective in finding software implementation flaws, can also be leveraged to expose noncompliance in X.509 implementations.
Posted Content
Understanding the Sparse Vector Technique for Differential Privacy
Min Lyu,Dong Su,Ninghui Li +2 more
TL;DR: It is shown that, in the non-interactive setting (but not the interactive setting), the SVT technique is unnecessary, as it can be replaced by the Exponential Mechanism (EM) with better accuracy.