网络与信息安全、数据科学与计算

招生专业：083900-网络空间安全

招生方向：网络行为分析、大数据智能处理、人工智能

招生类型：硕士研究生

2019.10 - 现在, 中国科学院信息工程研究所, 副研究员
2016.09 - 2019.10, 中国科学院信息工程研究所, 助理研究员

一、授权专利

[1] 一种协同调度方法. 专利号：ZL2024113252038

[2] 基于机器学习的网络流量分类方法及装置. 专利号：ZL202310386039.0

[3] 一种针对网络行为数据的图存储方法及系统. 专利号：ZL2023104879002

[4] 基于特征融合的内部威胁检测方法. 专利号：ZL202210105573.5

[5] 一种基于对合和投票的网络流量异常行为检测方法和系统. 专利号：ZL202210425627.6

[6] 一种基于海量告警的攻击事件识别方法及电子装置. 专利号：ZL202010323268.4

[7] 一种基于日志溯源图的APT攻击检测方法. 专利号：ZL202510283194.9

[8] 一种基于异质图网络的横向移动攻击检测方法及系统. 专利号：ZL202310502002.X

[9] 一种时空感知的网络流量异常行为检测方法及电子装置. 专利号：ZL202011341722.5

[10] 一种基于数据包头的加密流量识别方法及装置. 专利号：ZL202110623379.1

[11] 一种基于异质图网络的横向移动攻击检测方法及系统. 专利号：ZL202110347685.7

[12] 一种区块链钓鱼行为检测方法及装置. 专利号：ZL202310289882.7

[13] 一种基于基线行为刻画的通联异常发现方法、装置、存储介质及电子装置. 专利号：ZL202110750021.5

[14] 一种基于BERT的网络空间安全领域命名实体识别方法和装置. 专利号：ZL202010151014.9

[15] 一种基于自动编码器的网络流量异常行为识别方法. 专利号：ZL202010217930.8

[16] 基于双层异质集成学习器的入侵检测方法. 专利号：ZL201910671353.7

[17] 一种加密流量的服务与应用分类方法. 专利号：ZL201910504060.X

[18] 一种加密流量类别检测方法及系统. 专利号：ZL201910073768.4

[19] 一种加密匿名网络流量识别方法. 专利号：ZL201910086039.2

[20] 面向威胁情报的安全知识图谱构建方法及系统. 专利号：ZL201811569400.9

[21] 基于事件识别的搜索电子邮件内容的方法及系统. 专利号：ZL201810980147.X

[22] 基于上下文感知张量分解的社交网络用户行为预测方法. 专利号：ZL201810332563.9

[23] 基于自扩充表示和相似双向约束的短文本主题发现方法及系统. 专利号：ZL201810306013.X

[24] 一种对抗性竞赛中的精彩时刻识别方法. 专利号：ZL201810934862.X

二、奖励

[1] 网络威胁情报关键技术及应用奖

[2] 面向关键信息基础设施的网络安全态势感知技术及应用奖

一、书籍

[1] 毋建军, 姜波, 郭舒 编著. 机器学习原理及应用. 机械工业出版社. 2025.1.

[2] 毋建军, 姜波 编著. 计算机视觉应用开发. 北京邮电大学出版社. 2022.6.

[3] 毋建军, 姜波 编著. Python数据分析、挖掘与可视化. 机械工业出版社. 2021.9.

二、代表性论文

[1] Xueying Han, Jian Qin, Changzhi Zhao, Weike Fang, Junrong Liu, Weihang Wang, Bo Jiang, Susu Cui, Zhigang Lu, Baoxu Liu. Robust Malicious Network Traffic Detection Framework with Automated Drift Detection, Identification, and Adaptation. IEEE Transactions on Information Forensics and Security (TIFS), 2026. (CCF A)

[2] Junjie Yang, Junrong Liu, Song Liu, Xueying Han, Yan Zhu, Bo Jiang, Zhigang Lu, Huamin Feng. STCFormer: Robust Malicious Traffic Detection Via Short-Term Traffic Profiling and A Hybrid Transformer. IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 4-8 May 2026, Spain, pp. 14262-14266. (CCF-B)

[3] Yun Li, Zelin Cui, Wei Li, Boyuan Xu, Song Liu, Xuren Wang, Xueying Han, Bo Jiang, Zhigang Lu. CDT: Robust Detection of DoH Tunnels Via Background Association. IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 4-8 May 2026, Spain, pp. 14257-14261. (CCF-B)

[4] Jian Qin, Xueying Han, Yunpeng Li, Dongqi Han, Wei Qiao, Xiaobo Yang, Zelin Cui, Bo Jiang, Zhigang Lu. TrafficMoE: Adaptive Multi-Perspective Feature Fusion for Enhancing Malicious Traffic General Detection Capability. IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 4-8 May 2026, Spain, pp. 14242-14246. (CCF-B)

[5] Jian Qin, Yunpeng Li, Tian Tian, Yan Zhu, Xuren Wang, Song Liu, Bo Jiang, Zhigang Lu. TrafficHTG: Revolutionizing Network Traffic Generation with Hierarchical Transformers. IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 4-8 May 2026, Spain, pp. 14237-14241. (CCF-B)

[6] Ding Wang, Xiaobo Yang, Zelin Cui, Wei Qiao, Weiheng Wu, Yitan Huang, Susu Cui, Bo Jiang, Zhigang Lu. Btda: A Robust Framework for Encrypted Traffic Classification with Byte-Level TLS Data Augmentation. IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 4-8 May 2026, Spain, pp. 13832-13836. (CCF-B)

[7] Yitan Huang, Wei Qiao, Ding Wang, Meng Shen, Di Zhao, Linxu Li, Susu Cui, Bo Jiang, Zhigang Lu, Baoxu Liu. Forge: A Robust Multi-tab Website Fingerprinting Attack via Blind Source Separation. Proceedings of the ACM on Web Conference (WWW 2026), Dubai, June 29-July 3, 2026. (CCF-A)

[8] Yiru Gong, Song Liu, Changzhi Zhao, Junrong Liu, Tian Tian, Xiaobo Yang, Bo Jiang, Zhigang Lu. GARNET: GoT-Based Alert Reduction and Narrative Event Tracing. The 40th Annual AAAI Conference on Artificial Intelligence (AAAI 2026). January 22 – 25, 2026, Singapore. (CCF A)

[9] Wenhao Yan, Ning An, Wei Qiao, Weiheng Wu, Zhigang Lu, Bo Jiang, Baoxu Liu, Junrong Liu. Sentient: Detecting APTs via Capturing Indirect Dependencies and Behavioral Logic. The 40th Annual AAAI Conference on Artificial Intelligence (AAAI 2026). January 22 – 25, 2026, Singapore. (CCF A)

[10] Yiren Chen, Xiaobo Yang, Fangming Dong, Bo Jiang, Zhigang Lu, Baoxu Liu. MoPHoney: An adaptive honeyword generation system based on Mixture-of-prompts. Journal of Systems Architecture, 2026(170):103617. (CCF B)

[11] Yinhao Qi, Chen Zhang, Xinghu Han, Xiaobo Yang, Tian Tian, Bo Jiang, Zhigang Lu. Sysalign: Protect System Calls via Semantic Alignment of Critical Paths and Syscall Sequences. Cybersecurity, 2026,9(1):174. (CCF B)

[12] Tian Tian, Chen Zhang, Bo Jiang, Huamin Feng, Zhigang Lu. Insider Threat Detection for Specific Threat Scenarios. Cybersecurity, 2025,8(1):17. (CCF B)

[13] Wei Qiao, Weiheng Wu, Song Liu, Teng Li, Yebo Feng, Zehui Wang, Junrong Liu, Bo Jiang, Zhigang Lu, Baoxu Liu. SAURONEYES: Disentangling Voluminous Logs to Unveil Camouflaged Attack Intentions. IEEE Transactions on Information Forensics and Security (TIFS), 2025. (CCF A)

[14] Linghao Li, Yan Zhu, Yun Li, Wei Qiao, Zelin Cui, Susu Cui, Bo Jiang, Zhigang Lu. Towards effective black-box attacks on DoH tunnel detection systems. Computers & Security, 2025(138):111524. (CCF B)

[15] Yinhao Qi, Chuyi Yan, Zehui Wang, Chen Zhang, Song Liu, Zhigang Lu, Bo Jiang. ATHITD: Attention-based Temporal Heterogeneous Graph Neural Network for Insider Threat Detection. Computers & Security, 2025(157):104587. (CCF B)

[16] Zehui Wang, Hao Li, Yinhao Qi, Wei Qiao, Song Liu, Chen Zhang, Bo Jiang, Zhigang Lu. PathWatcher: A path-based behavior detection method for attack detection and investigation. Computers & Security, 2025(157):104563. (CCF B)

[17] Susu Cui, Xueying Han, Dongqi Han, Zhiliang Wang, Weihang Wang, Bo Jiang, Baoxu Liu, Zhigang Lu. FG-SAT: Efficient Flow Graph for Encrypted Traffic Classification under Environment Shifts. IEEE Transactions on Information Forensics and Security (TIFS), 2025. (CCF A)

[18] Weiheng Wu, Wei Qiao, Wenhao Yan, Bo Jiang, Yuling Liu, Baoxu Liu, Zhigang Lu, JunRong Liu. Brewing Vodka: Distilling Pure Knowledge for Lightweight Threat Detection in Audit Logs. Proceedings of the ACM on Web Conference (WWW 2025), Australia, 28 April - 2 May 2025, pp. 2172 - 2182. (CCF-A)

[19] Yun Li, Wei Qiao, Yan Zhu, Yunxiang Wang, Bo Jiang, Zhigang Lu. DCASI: A Sequence-based Attack Investigation Method Using DTW Contrastive Learning. Proceedings of International Conference on Acoustics, Speech and Signal Processing (ICASSP 2025), pp. 1-5. IEEE, 2025. (CCF B)

[20] Yiru Gong, Susu Cui, Song Liu, Bo Jiang, Cong Dong, Zhigang Lu. Graph-based insider threat detection: A survey. Computer Networks, 2024(254): 110757. (CCF B)

[21] Yiren Chen, Mengjiao Cui, Ding Wang, Yiyang Cao, Peian Yang, Bo Jiang, Zhigang Lu, Baoxu Liu. A Survey of Large Language Models for Cyber Threat Detection. Computers & Security, 2024(145):104016. (CCF B)

[22] Xueying Han, Song Liu, Junrong Liu, Bo Jiang, Zhigang Lu, Baoxu Liu. ECNet: Robust Malicious Network Traffic Detection with Multi-view Feature and Confidence Mechanism. IEEE Transactions on Information Forensics and Security (TIFS), vol. 19, pp. 6871-6885, 2024. (CCF A)

[23] Xueying Han, Susu Cui, Jian Qin, Song Liu, Bo Jiang, Cong Dong, Zhigang Lu, Baoxu Liu. ContraMTD: An Unsupervised Malicious Network Traffic Detection Method based on Contrastive Learning. Proceedings of the ACM on Web Conference (WWW 2024), Singapore, May 13 - 17, 2024. (CCF A)

[24] Yufan Chen, Jiahai Yang, Susu Cui, Cong Dong, Bo Jiang, Yuling Liu, Zhigang Lu. Unveiling Encrypted Traffic Types Through Hierarchical Network Characteristics. Computers & Security, 2024(138):103645. (CCF B)

[25] Haochen Xu, Xiaoyu Geng, Junrong Liu, Zhigang Lu, Bo Jiang, Yuling Liu. A Novel Approach for Detecting Malicious Hosts Based on RE-GCN in Intranet. Cybersecurity, 2024,7(1):69. (CCF B)

[26] Boyuan Xu, Yiru Gong, Xiaoyu Geng, Yun Li, Cong Dong, Song Liu, Yuling Liu, Bo Jiang, Zhigang Lu. ProcSAGE: An Efficient Host Threat Detection Method Based on Graph Representation Learning. Cybersecurity, 2024,7(1):51. (CCF B)

[27] Susu Cui, Cong Dong, Meng Shen, Yuling Liu, Bo Jiang, Zhigang Lu. CBSeq: A Channel-level Behavior Sequence For Encrypted Malware Traffic Detection. IEEE Transactions on Information Forensics and Security (TIFS), Volume 18, January 2023. pp 5011–5025. (CCF A)

[28] Xueying Han, Susu Cui, Song Liu, Chen Zhang, Bo Jiang, Zhigang Lu. Network Intrusion Detection Based on n-gram Frequency and Time-aware Transformer. Computers & Security, volume 128, May 2023, 103171. (CCF B)

[29] Chonghua Wang, Hao Zhou, Zhiqiang Hao, Shu Hu, Jun Li, Xueying Zhang, Bo Jiang, Xuehong Chen. Network Traffic Analysis Over Clustering-based Collective Anomaly Detection. Computer Networks, 2022:108760. (CCF B)

[30] Cong Dong, Chen Zhang, Zhigang Lu, Baoxu Liu, Bo Jiang. CETAnalytics: Comprehensive Effective Traffic Information Analytics for Encrypted Traffic Classification. Computer Networks, 2020,176:107258. (CCF B)

已指导学生

张绩成  硕士研究生  085412-网络与信息安全  

许思民  硕士研究生  083900-网络空间安全  

尚梦川  硕士研究生  083900-网络空间安全  

现指导学生

乔伟  硕士研究生  083900-网络空间安全  

杨嫣然  硕士研究生  085412-网络与信息安全  

杨光  硕士研究生  085412-网络与信息安全  

刘秉鑫  硕士研究生  085412-网络与信息安全  

田长乐  硕士研究生  083900-网络空间安全  

张正凯  硕士研究生  085412-网络与信息安全