hero image
Xiaodong Lin, PhD - University of Ontario Institute of Technology. Oshawa, ON, CA

Xiaodong Lin, PhD Xiaodong Lin, PhD

Associate Professor, Faculty of Business Information Technology | University of Ontario Institute of Technology

Oshawa, ON, CANADA

International security and privacy expert explores measures to protect mobile users’ personal data



Xiaodong Lin, PhD Publication Xiaodong Lin, PhD Publication Xiaodong Lin, PhD Publication






Mobile social networks are swelling with personal information that if hacked could lead to identity theft, financial loss and even personal exploitation. Exploring the evolution of the information age, Xiaodong Lin, PhD, Associate Professor in the Faculty of Business and Information Technology, aims to help mobile social network users protect the privacy and security of their personal data, while maintaining the ease of a wireless world.

Internationally, he is best known for his published Bibliography on Secure Vehicle Communications, outlining improved protocols to protect communication between vehicles and with the Internet from being hacked either for personal information or potentially causing an accident to occur. He introduced the concept of conditional privacy for vehicular communications and it has become a key automotive design objective to ensure security and privacy protection for vehicular ad hoc networks. His research has many critical applications including increased road safety and improved traffic management.

A Senior Member of the Institute of Electrical and Electronics Engineers (IEEE), Dr. Lin is Chair of the IEEE Communication Society’s Communication and Information Security Technical Committee. As an accomplished author, he has co-written Vehicular Ad Hoc Network Security and Privacy, and Security and Privacy in Mobile Social Networks, and co-edited Networking for Big Data; and his research has received numerous international best paper awards. He joined UOIT in 2008 as an Assistant Professor, and is an Adjunct Professor in the Department of Electrical and Computer Engineering in the Faculty of Engineering at the University of Waterloo, in Waterloo, Ontario, and Central South University in Changsha, China. He is a Certified Information Systems Security Professional (CISSP) since 2002.

He moved to Canada in 1999 to pursue a two-year post-doctoral fellowship in the School of Computer Science at the University of Waterloo, then spent five years in industry, before receiving a Doctorate in Electrical and Computer Engineering, and a Certificate in University Teaching concurrently at the University of Waterloo. He also holds a Doctorate in Information Engineering from Beijing University of Posts and Telecommunications in Beijing, China, a Master of Science in Computer Science from East Normal University in Shanghai, China, and a Bachelor of Applied Science from Nanjing University of Posts and Telecommunications in Nanjing, China.

Industry Expertise (9)

Computer Software Computer/Network Security Computer Networking Education/Learning Information Technology and Services Research Security Social Media Wireless

Areas of Expertise (5)

Wireless Network Security Applied cryptography Computer Forensics Software Security Wireless Networking and Mobile Computing

Accomplishments (5)

Adjunct Professor, Faculty of Engineering, University of Waterloo (professional)


Dr. Lin is an Adjunct Professor in the university's Department of Electrical and Computer Engineering.

Adjunct Professor, Central South University


Dr. Lin is an Adjunct Professor in the Changsha, China university.

Best Paper Award, IEEE International Conference on E-Health Networking, Application and Services (professional)


Awarded for his paper in the conference proceedings entitled: Efficient E-health Data Release with Consistency Guarantee under Differential Privacy.

Best Paper Award, The 18th International Conference on Computer Communications and Networks (ICCCN 2009) (professional)


Awarded for his paper in the conference proceedings entitled: Location-release Signature for Vehicular Communications.

Senior Member, IEEE (professional)


For his contributions to his field, he was elevated to Senior Member of IEEE. He also serves as Associate Editor of IEEE Network.

Education (5)

University of Waterloo: PhD, Electrical and Computer Engineering 2008

University of Waterloo: Certificate, University Teaching 2008

Beijing University of Posts and Telecommunications: PhD, Information Engineering 1998

East China Normal University: MSc, Computer Science 1993

Nanjing University of Posts and Telecommunications: BASc, Computer Science and Technology 1990

Affiliations (1)

  • Institute of Electrical and Electronic Engineers (IEEE)

Event Appearances (10)

Keynote: Enterprise Wireless Network Security and Protection

The First International Workshop on Cyber Security  Xi'an, China


Keynote: Security and Privacy in Mobile Social Networks

ACM International Workshop on Mobility and MiddleWare Management in HetNets  Hangzhou, China


Toward Secure User-Habit-Oriented Authentication for Mobile Devices

2014 IEEE Global Communications Conference  Austin, Texas


Secure and Effective Image Storage for Cloud Based E-healthcare Systems

IEEE Global Communications Conference 2013  Atlanta, Georgia


Detecting GPS Information Leakage in Android Applications

IEEE Global Communications Conference 2013  Atlanta, Georgia


Social-Aware Trustworthy Data Forwarding in Vehicular Delay Tolerant Networks

Invited Talk, Central South University, China  Changsha, China


Computer Forensics of Unallocated Space

Invited Talk, National University of Defense Technology  Changsha, China


Towards Secure and Forensic Computing: Multimedia Forensics and Cross-Layer Design for Wireless Network Security

Invited talk at Harbin Institute of Technology, Shenzhen Graduate School  Shenzhen, China


Best Paper Award: Location-release Signature for Vehicular Communications

The 18th International Conference on Computer Communications and Networks (ICCCN 2009)  San Francisco, California


Best Paper Award: ASRPAKE: An Anonymous Secure Routing Protocol with Authenticated Key Exchange for Wireless Ad Hoc Networks

IEEE International Conference on Communications  Glasgow, Scotland


Research Grants (3)

Security and Privacy in Mobile Social Network and its Applications

NSERC Discovery Grant $155,000


Mobile social networks boast millions of new data and image posts daily around the world. Every single user post possesses clues to their identity and location and serves as a potential security or privacy threat. As principal investigator of this five-year research project, Dr. Lin aims to develop ways to better protect the security and privacy of mobile users’ data from potential threats.

Security and Co-operation in Vehicular Delay Tolerant Network and Its Applications

NSERC Discovery Grant $100000


As principal investigator of this five-year research project, Dr. Lin is the first researcher to introduce the concept of conditional privacy for vehicular communications, and it’s now a key design objective for secure and privacy-preserving protocols in vehicular ad hoc networks. His widely published bibliography on Secure Vehicle Communications has significantly improved security protocols to protect communication between vehicles and the Internet. His research contributes to improved road safety, facilitates better traffic management, and assists law enforcement officers in tracking dangerous or impaired drivers.

Reliable and Privacy-Preserving Wireless Body-Area Sensor Networks for E-Health Monitoring

NSERC Collaborative Research and Development Grant $540000


Healthcare costs have been skyrocketing as the baby boom generation continues to grey. Remote e-health monitoring has shown to be promising for decreasing emergency room visits and/or hospitalizations compared to standard traditional healthcare. With the advancement of wireless communications and networking technology, wireless sensor networks on human body are emerging as a promising new approach for monitoring patient health and disease progression. As co-investigator of this three-year research project, Dr. Lin focused on the development of wireless body area networks for e-healthcare applications, and helped design and develop a new set of networking solutions for power-efficient, reliable, and privacy-preserving communications, taking into account the unique propagation characteristics and strict networking performance requirements.

Courses (4)

IT Forensics (Lecture)

INFR 4690U, 4th Year Undergraduate Course

view more

IT Forensics (Laboratory)

INFR 4690U, 4th Year Undergraduate Course

view more

Secure Software Systems

MITS 5400G, Graduate Course

view more

Attack and Defence

MITS 6100G, Graduate Course

view more

Articles (10)

A Threshold Anonymous Authentication Protocol for VANETs IEEE Transactions on Vehicular Technology


Vehicular ad hoc networks (VANETs) have recently received significant attention in improving traffic safety and efficiency. However, communication trust and user privacy still present practical concerns to the deployment of VANETs, as many existing authentication protocols for VANETs either suffer from the heavy workload of downloading the latest revocation list from a remote authority or cannot allow drivers on the road to decide the trustworthiness of a message when the authentication on messages is anonymous. In this paper, to cope with these challenging concerns, the authors propose a new authentication protocol for VANETs in a decentralized group model by using a new group signature scheme.

view more

An Empirical Investigation into Path Divergences for Concolic Execution Using CREST Security and Communication Networks


Recently, concolic execution has become a hotspot in the domain of software testing and program analysis. However, a practical challenge, called path divergence, impairs the soundness and completeness of concolic execution. A path divergence indicates the tested program runs an unpredicted path. In this work, we carry out a comprehensive empirical study on path divergences using an open-source concolic execution tool, named CREST. To make the investigation representative, we select 120 test units randomly from 21 different open-source programs.

view more

PPDM: A Privacy-Preserving Protocol for Cloud-Assisted e-Healthcare Systems IEEE Journal of Selected Topics in Signal Processing


E-healthcare systems have been increasingly facilitating health condition monitoring, disease modeling and early intervention, and evidence-based medical treatment by medical text mining and image feature extraction. Owing to the resource constraint of wearable mobile devices, it is required to outsource the frequently collected personal health information (PHI) into the cloud. Unfortunately, delegating both storage and computation to the untrusted entity would bring a series of security and privacy issues. The existing work mainly focused on fine-grained privacy-preserving static medical text access and analysis, which can hardly afford the dynamic health condition fluctuation and medical image analysis. In this paper, a secure and efficient privacy-preserving dynamic medical text mining and image feature extraction scheme PPDM in cloud-assisted e-healthcare systems is proposed.

view more

User-Provided Networking for QoE Provisioning in Mobile Networks IEEE Wireless Communications


With the accelerating pace of development in mobile networks, mobile network operators and service providers are facing new challenges, especially in terms of quality of experience provisioning. To address these challenges, we present a new network paradigm by taking advantage of an emerging type of user-provided network. In particular, the proposed scheme allows end users to play a crucial role in both QoE evaluation and network improvement. Some points for possible challenges and future research are given. Also, a case study with the proposed resource scheduling algorithm is conducted to illustrate the win-win situation created by the proposed network paradigm.

view more

An Effective Behaviour-Based Android Malware Detection System Security and Communication Networks


With the rapid growth of Android applications and malware, it has become a challenge to distinguish malware from a huge number of applications. The use of behavioral analytics is one of the most promising approaches because of its accuracy and resilience to malware variants. In this paper, we propose a behavior-based malware detection system.

view more

White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Flexible Attributes IEEE Transactions on Information Forensics and Security


In this paper, we propose two practical large universe CP-ABE systems supporting white-box traceability. Compared with existing systems, both the two proposed systems have two advantages: 1) the number of attributes is not polynomially bounded and 2) malicious users who leak their decryption keys could be traced. Moreover, another remarkable advantage of the second proposed system is that the storage overhead for traitor tracing is constant, which are suitable for commercial applications.

view more

PSMPA: Patient Self-Controllable and Multi-Level Privacy-Preserving Cooperative Authentication in Distributedm-Healthcare Cloud Computing System IEEE Transactions on Parallel and Distributed Systems


Distributed m-healthcare cloud computing system significantly facilitates efficient patient treatment for medical consultation by sharing personal health information among healthcare providers. However, it brings about the challenge of keeping both the data confidentiality and patients’ identity privacy simultaneously. Many existing access control and anonymous authentication schemes cannot be straightforwardly exploited. To solve the problem, in this paper, a novel authorized accessible privacy model (AAPM) is established.

view more

Security and Privacy in Cloud-Assisted Wireless Wearable Communications: Challenges, Solutions, and Future Directions IEEE Wireless Communications


Cloud-assisted wireless wearable communications have been increasingly pervasive with the profound development of sensor, wireless communication, and cloud computing technologies, in addition to the wide adoption of e-health, location-based service, and mobile smart communities. In this article we mainly focus on the goals and tactics of privacy-preserving data aggregation in cloud-assisted wireless wearable communications.

view more

Duth: A User-Friendly Dual-Factor Authentication for Android Smartphone Devices Security and Communication Networks


With the pervasiveness of smartphones and the richness of mobile apps, many people are storing increasingly sensitive data on them, in greater quantities. In order to protect this sensitive information from misuse due to loss, or other accidental reasons, strong smartphone authentication has become imperative and has received considerable attention in recent years. However, when we directly implement traditional authentication schemes in smartphone devices, the balance between security and user-friendliness of authentication becomes challenging, mainly because of the input-in-motion environments. In this paper, without adding extra hardware devices, we present a user-friendly, dual-factor authentication scheme called Duth, for Android smartphone devices.

view more

LSR: Mitigating Zero-day Sybil Vulnerability in Privacy-preserving Vehicular Peer-to-Peer Networks IEEE Journal on Selected Areas of Communications


Privacy-preserving Vehicular Peer-to-Peer Network (VPNET) is particularly vulnerable to sybil attack, where a malicious vehicle can abuse its multiple unlinkable pseudo-IDs to pretend multiple and distinct vehicles in the network. To make the matter even worse, due to the privacy-preserving network environment, zero-day sybil vulnerability is hard to defend against, i.e., a vehicle cannot locally detect a sybil attacker before the attacker is formally revoked. In this paper, aiming at mitigating zero-day sybil vulnerability in privacy-preserving VPNET, we propose an efficient Local Sybil Resistance scheme, called LSR, to locally detect sybil attack.

view more