Publications
Selected publications
- Single Sign-On Security: An Empirical Study of Sign in with Apple (Chapter - 2025)
- Poster: Automated Dependency Mapping for Web API Security Testing Using Large Language Models (Conference Paper - 2024)
- From Manifest V2 to V3: A Study on the Discoverability of Chrome Extensions (Chapter - 2023)
- User Access Privacy in OAuth 2.0 and OpenID Connect (Conference Paper - 2020)
- OAuthGuard (Conference Paper - 2019)
- Beyond Cookie Monster Amnesia: Real World Persistent Online Tracking (Chapter - 2018)
- Not All Browsers are Created Equal: Comparing Web Browser Fingerprintability (Chapter - 2017)
- Analysing the Security of Google's implementation of OpenID Connect (Preprint - 2015)
- Security Issues in OAuth 2.0 SSO Implementations (Chapter - 2014)
2025
An evolutionary features-based neural grey system model and its application
Ma, X., Hao, Y., & Li, W. (2025). An evolutionary features-based neural grey system model and its application. Applied Mathematical Modelling, 145, 116126. doi:10.1016/j.apm.2025.116126
Time-delayed fractional grey Bernoulli model with independent fractional orders for fossil energy consumption forecasting
Ma, X., He, Q., Li, W., & Wu, W. (2025). Time-delayed fractional grey Bernoulli model with independent fractional orders for fossil energy consumption forecasting. Engineering Applications of Artificial Intelligence, 155, 110942. doi:10.1016/j.engappai.2025.110942
Forecasting fossil fuel consumption and greenhouse gas emissions using novel multi-variable grey system model with convolution integrals
Ma, X., He, Q., Zhang, L., Wu, W., & Li, W. (2025). Forecasting fossil fuel consumption and greenhouse gas emissions using novel multi-variable grey system model with convolution integrals. Energy, 326, 135981. doi:10.1016/j.energy.2025.135981
Group-Grained Data Search and Sharing With Privacy Protection for Vehicular Social Networks
Zhou, R., Li, D., Li, W., Zhang, X., Du, X., & Guizani, M. (2025). Group-Grained Data Search and Sharing With Privacy Protection for Vehicular Social Networks. IEEE Internet of Things Journal, 12(7), 7793-7808. doi:10.1109/jiot.2024.3523910
Subversion-resistant public-key searchable encryption for data sharing in IIoT
Zhou, R., He, Y., Li, W., Wang, Y., & Zhang, X. (2025). Subversion-resistant public-key searchable encryption for data sharing in IIoT. Journal of Systems Architecture, 161, 103370. doi:10.1016/j.sysarc.2025.103370
A new method of free-rider attack based on disguise in federated learning
Luo, H., Zhou, R., Su, Y., Huang, J., & Li, W. (2025). A new method of free-rider attack based on disguise in federated learning. In C. Ping (Ed.), Tenth Symposium on Novel Optoelectronic Detection Technology and Applications (pp. 125). SPIE. doi:10.1117/12.3056723
Single Sign-On Security: An Empirical Study of Sign in with Apple
Okyere, M., & Li, W. (2025). Single Sign-On Security: An Empirical Study of Sign in with Apple. In Communications in Computer and Information Science (pp. 101-120). Springer Nature Singapore. doi:10.1007/978-981-96-4836-8_8
2024
Poster: Automated Dependency Mapping for Web API Security Testing Using Large Language Models
Li, W., & Guo, Y. (2024). Poster: Automated Dependency Mapping for Web API Security Testing Using Large Language Models. In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security (pp. 5024-5026). ACM. doi:10.1145/3658644.3691377
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security (2024). In CCS '24: ACM SIGSAC Conference on Computer and Communications Security. ACM. doi:10.1145/3658644
The nonlinear multi-variable grey Bernoulli model and its applications
He, Q., Ma, X., Zhang, L., Li, W., & Li, T. (2024). The nonlinear multi-variable grey Bernoulli model and its applications. Applied Mathematical Modelling, 134, 635-655. doi:10.1016/j.apm.2024.06.015
2023
A Broadband Subliminal Channel in Signatures Without Sharing the Signing Key
Hu, Q., Xu, C., & Li, W. (2023). A Broadband Subliminal Channel in Signatures Without Sharing the Signing Key. In 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 814-822). IEEE. doi:10.1109/trustcom60117.2023.00118
LAMA: A secure lattice-based authentication scheme for cloud storage against misbehaved private key generator
Hossain, M. J., Xu, C., Zhang, Y., Zhang, X., & Li, W. (2023). LAMA: A secure lattice-based authentication scheme for cloud storage against misbehaved private key generator. Journal of Ambient Intelligence and Humanized Computing, 14(7), 8613-8629. doi:10.1007/s12652-021-03620-z
From Manifest V2 to V3: A Study on the Discoverability of Chrome Extensions
Bucci, V., & Li, W. (2023). From Manifest V2 to V3: A Study on the Discoverability of Chrome Extensions. In Lecture Notes in Computer Science (pp. 183-202). Springer Nature Switzerland. doi:10.1007/978-3-031-49187-0_10
2022
Industry herding in crypto assets
Zhao, Y., Liu, N., & Li, W. (2022). Industry herding in crypto assets. International Review of Financial Analysis, 84, 102335. doi:10.1016/j.irfa.2022.102335
2021
Forecasting short-term solar energy generation in Asia Pacific using a nonlinear grey Bernoulli model with time power term
Wu, W., Ma, X., Zeng, B., Zhang, Y., & Li, W. (2021). Forecasting short-term solar energy generation in Asia Pacific using a nonlinear grey Bernoulli model with time power term. Energy & Environment, 32(5), 759-783. doi:10.1177/0958305x20960700
ICAS: Two-factor identity-concealed authentication scheme for remote-servers
Hossain, M. J., Xu, C., Li, C., Mahmud, S. M. H., Zhang, X., & Li, W. (2021). ICAS: Two-factor identity-concealed authentication scheme for remote-servers. Journal of Systems Architecture, 117, 102077. doi:10.1016/j.sysarc.2021.102077
2020
Forecasting manufacturing industrial natural gas consumption of China using a novel time-delayed fractional grey model with multiple fractional order
Hu, Y., Ma, X., Li, W., Wu, W., & Tu, D. (2020). Forecasting manufacturing industrial natural gas consumption of China using a novel time-delayed fractional grey model with multiple fractional order. Computational and Applied Mathematics, 39(4). doi:10.1007/s40314-020-01315-3
User Access Privacy in OAuth 2.0 and OpenID Connect
Li, W., & Mitchell, C. J. (2020). User Access Privacy in OAuth 2.0 and OpenID Connect. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 664-6732). IEEE. doi:10.1109/eurospw51379.2020.00095
A novel Grey Bernoulli model for short-term natural gas consumption forecasting
Wu, W., Ma, X., Zeng, B., Lv, W., Wang, Y., & Li, W. (2020). A novel Grey Bernoulli model for short-term natural gas consumption forecasting. Applied Mathematical Modelling, 84, 393-404. doi:10.1016/j.apm.2020.04.006
Evolutionary Algorithms in Web Security: Exploring Untapped Potential
Attwood, S., Li, W., & Kharel, R. (2020). Evolutionary Algorithms in Web Security: Exploring Untapped Potential. In 2020 12th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP) (pp. 1-6). IEEE. doi:10.1109/csndsp49049.2020.9249521
A novel conformable fractional non-homogeneous grey model for forecasting carbon dioxide emissions of BRICS countries.
Wu, W., Ma, X., Zhang, Y., Li, W., & Wang, Y. (2020). A novel conformable fractional non-homogeneous grey model for forecasting carbon dioxide emissions of BRICS countries.. The Science of the total environment, 707, 135447. doi:10.1016/j.scitotenv.2019.135447
Application of a new information priority accumulated grey model with time power to predict short-term wind turbine capacity
Xia, J., Ma, X., Wu, W., Huang, B., & Li, W. (2020). Application of a new information priority accumulated grey model with time power to predict short-term wind turbine capacity. Journal of Cleaner Production, 244, 118573. doi:10.1016/j.jclepro.2019.118573
2019
OAuthGuard
Li, W., Mitchell, C. J., & Chen, T. (2019). OAuthGuard. In Proceedings of the 5th ACM Workshop on Security Standardisation Research Workshop (pp. 35-44). ACM. doi:10.1145/3338500.3360331
Application of a new information priority accumulated grey model with time power to predict short-term wind turbine capacity
Beyond Cookie Monster Amnesia: Real World Persistent Online Tracking
OAuthGuard: Protecting User Security and Privacy with OAuth 2.0 and OpenID Connect
2018
Mitigating CSRF attacks on OAuth 2.0 Systems
Li, W., Mitchell, C. J., & Chen, T. (2018). Mitigating CSRF attacks on OAuth 2.0 Systems. In 2018 16th Annual Conference on Privacy, Security and Trust (PST) (pp. 1-5). IEEE. doi:10.1109/pst.2018.8514180
Mitigating CSRF attacks on OAuth 2.0 and OpenID Connect
An advanced quantum-resistant signature scheme for cloud based on eisenstein ring
Wu, F., Zhang, X., Yao, W., Zheng, Z., Xiang, L., & Li, W. (2018). An advanced quantum-resistant signature scheme for cloud based on eisenstein ring. Computers Materials and Continua, 56(1), 19-34. doi:10.3970/cmc.2018.02664
Beyond Cookie Monster Amnesia: Real World Persistent Online Tracking
Al-Fannah, N. M., Li, W., & Mitchell, C. J. (2018). Beyond Cookie Monster Amnesia: Real World Persistent Online Tracking. In Lecture Notes in Computer Science (pp. 481-501). Springer International Publishing. doi:10.1007/978-3-319-99136-8_26
Keyword Searchable Encryption with Fine-Grained Forward Secrecy for Internet of Thing Data
Zhou, R., Zhang, X., Wang, X., Yang, G., & Li, W. (2018). Keyword Searchable Encryption with Fine-Grained Forward Secrecy for Internet of Thing Data. In Lecture Notes in Computer Science (pp. 288-302). Springer International Publishing. doi:10.1007/978-3-030-05063-4_23
Your Code Is My Code: Exploiting a Common Weakness in OAuth 2.0 Implementations
Li, W., Mitchell, C. J., & Chen, T. (2018). Your Code Is My Code: Exploiting a Common Weakness in OAuth 2.0 Implementations. In Lecture Notes in Computer Science (pp. 24-41). Springer International Publishing. doi:10.1007/978-3-030-03251-7_3
Your Code Is My Code: Exploiting a Common Weakness in OAuth 2.0 Implementations (Transcript of Discussion)
Li, W. (2018). Your Code Is My Code: Exploiting a Common Weakness in OAuth 2.0 Implementations (Transcript of Discussion). In Unknown Conference (pp. 42-44). Springer International Publishing. doi:10.1007/978-3-030-03251-7_4
2017
Not All Browsers are Created Equal: Comparing Web Browser Fingerprintability
Al-Fannah, N. M., & Li, W. (2017). Not All Browsers are Created Equal: Comparing Web Browser Fingerprintability. In Lecture Notes in Computer Science (pp. 105-120). Springer International Publishing. doi:10.1007/978-3-319-64200-0_7
2016
An ID-based hierarchical access control scheme with constant size public parameter
Zhou, R., Xu, C., Li, W., & Zhao, J. (2016). An ID-based hierarchical access control scheme with constant size public parameter. International Journal of Network Security, 18(5), 960-968.
Analysing the Security of Google’s Implementation of OpenID Connect
Li, W., & Mitchell, C. J. (2016). Analysing the Security of Google’s Implementation of OpenID Connect. In Lecture Notes in Computer Science (pp. 357-376). Springer International Publishing. doi:10.1007/978-3-319-40667-1_18
2015
Analysing the Security of Google's implementation of OpenID Connect
An RFID authentication protocol anonymous against readers
Xie, R., Xu, C. X., Chen, W. J., & Li, W. P. (2015). An RFID authentication protocol anonymous against readers. Dianzi Yu Xinxi Xuebao Journal of Electronics and Information Technology, 37(5), 1241-1247. doi:10.11999/JEIT140902
Addressing Threats to Real-World Identity Management Systems
Li, W., & Mitchell, C. J. (2015). Addressing Threats to Real-World Identity Management Systems. In ISSE 2015 (pp. 251-259). Springer Fachmedien Wiesbaden. doi:10.1007/978-3-658-10934-9_21
Generating Unlinkable IPv6 Addresses
Kayuni, M. N., Khan, M. S. A., Li, W., Mitchell, C. J., & Yau, P. -W. (2015). Generating Unlinkable IPv6 Addresses. In Lecture Notes in Computer Science (pp. 185-199). Springer International Publishing. doi:10.1007/978-3-319-27152-1_10
2014
Security Issues in OAuth 2.0 SSO Implementations
Li, W., & Mitchell, C. J. (2014). Security Issues in OAuth 2.0 SSO Implementations. In Lecture Notes in Computer Science (pp. 529-541). Springer International Publishing. doi:10.1007/978-3-319-13257-0_34
2013
Threshold public key encryption scheme resilient against continual leakage without random oracles
Zhang, X., Xu, C., Zhang, W., & Li, W. (2013). Threshold public key encryption scheme resilient against continual leakage without random oracles. Frontiers of Computer Science, 7(6), 955-968. doi:10.1007/s11704-013-3051-0
New forward-secure signature schemes with untrusted update
Li, W., Xu, C., Zhang, W., Zhu, S., & Zhang, X. (2013). New forward-secure signature schemes with untrusted update. Frontiers of Computer Science, 7(4), 536-543. doi:10.1007/s11704-013-2300-6
Provable secure leakage-resilient predicate encryption scheme without random oracle
Zhang, X., Xu, C., & Li, W. (2013). Provable secure leakage-resilient predicate encryption scheme without random oracle. Journal of Computational Information Systems, 9(12), 4681-4689. doi:10.12733/jcis6075
2012
Predicate encryption for inner product in cloud computing
Zeng, F., Xu, C., Li, W., & Mo, J. (2012). Predicate encryption for inner product in cloud computing. International Journal of Advancements in Computing Technology, 4(13), 52-61.