About

Wenjing Lou is a professor in the Department of Computer Science at Virginia Tech. She holds a Ph.D. in electrical and computer engineering from the University of Florida. Her research interests include cybersecurity, wireless networks, cyber-physical systems security, adversarial machine learning, and applied cryptography. She is associated with the Virginia Tech Research Center in Arlington, VA, and has multiple contact points including her email wjlou@vt.edu and phone number (703) 538-3774. Her professional activities are centered around advancing knowledge and solutions in the fields of cybersecurity and network security.

Research topics

• Artificial Intelligence
• Computer Science
• Computer Security
• Machine Learning
• Mathematical optimization
• Distributed computing
• Computer network
• Telecommunications

Selected publications

• AnonyCall: Enabling Native Private Calling in Mobile Networks

  2026-01-01

  articleSenior author
  PublisherDOI

• BoBa: Boosting Backdoor Detection Through Data Distribution Inference in Federated Learning

  Frontiers in artificial intelligence and applications · 2025-10-21

  book-chapterOpen access

  Federated learning, while being a promising approach for collaborative model training, is susceptible to backdoor attacks due to its decentralized nature. Backdoor attacks have shown remarkable stealthiness, as they compromise model predictions only when inputs contain specific triggers. As a countermeasure, anomaly detection is widely used to filter out backdoor attacks in FL. However, the non-independent and identically distributed (non-IID) data distribution nature of FL clients presents substantial challenges in backdoor attack detection, as the data variety introduces variance among benign models, making them indistinguishable from malicious ones. In this work, we propose a novel distribution-aware backdoor detection mechanism, BoBa, to address this problem. To differentiate outliers arising from data variety versus backdoor attacks, we propose to break down the problem into two steps: clustering clients utilizing their data distribution, and followed by a voting-based detection. We propose a novel data distribution inference mechanism for accurate data distribution estimation. To improve detection robustness, we introduce an overlapping clustering method, where each client is associated with multiple clusters, ensuring that the trustworthiness of a model update is assessed collectively by multiple clusters rather than a single cluster. Through extensive evaluations, we demonstrate that BoBa can reduce the attack success rate to lower than 0.001 while maintaining high main task accuracy across various attack strategies and experimental settings.

  PublisherDOI

• Real-Time Scheduling for GAA Users’ Coexistence in CBRS Using O-RAN Architecture

  IEEE Transactions on Cognitive Communications and Networking · 2025-07-01

  article

  To maximize the potential benefit of Citizen Broadband Radio Service (CBRS), efficient coexistence algorithms are urgently needed for the general authorized access (GAA) users. The goal is to allow the GAA users to share the same spectrum with the priority access license (PAL) users while providing the required interference protection to the PAL users. The main challenge in designing an efficient coexistence solution is the absence of collaboration by the PAL users and the uncertainty in sensed channel information. This paper addresses these problems through a data-driven approach based on limited data samples. We develop a mathematical model using chance-constrained programming (CCP) to address uncertainty in sensed data samples. By exploiting the ∞-Wasserstein ambiguity set, we reformulate the CCP problem into a deterministic Mixed-Integer Nonlinear Program (MINLP). We propose an open RAN (O-RAN)-based solution to MINLP at the GAA base station (BS) that leverages both Non-Real-Time (Non-RT) RAN Intelligent Controller (RIC) and Real-Time (RT) O-DU to deliver a final scheduling solution.

  PublisherDOI

• Privacy-Preserving Authentication in Wireless Access Networks

  2025-01-01

  book-chapterSenior author
  PublisherDOI

• StarCast: A Secure and Spectrum-Efficient Group Communication Scheme for LEO Satellite Networks

  2025-05-12 · 2 citations

  articleSenior author

  Low Earth Orbit (LEO) satellite networks serve as a cornerstone infrastructure for providing ubiquitous connectivity in areas where terrestrial infrastructure is unavailable. With the emergence of Direct-to-Cell (DTC) satellites, these networks can provide direct access to mobile phones and IoT devices without relying on terrestrial base stations, leading to a surge in massive connectivity demands for the serving satellite. To address this issue, group communication is an effective paradigm that enables simultaneous content delivery to multiple users and thus optimizes bandwidth reuse. Although extensive research has been conducted to improve group communication performance, securing this communication without compromising its inherent spectrum efficiency remains a critical challenge. To address this, we introduce StarCast, a secure group encryption scheme for LEO satellite networks. Our solution leverages ciphertext-policy attribute-based encryption (CP-ABE) to implement fine-grained access control by embedding access policies directly within the ciphertext. Unlike standard secure communication approaches that require dedicated per-user channels and significantly deplete limited satellite spectrum resources, StarCast maintains efficient spectrum reuse within user groups while ensuring that only authorized users can access transmitted data. Additionally, it significantly reduces the costly key management overhead associated with conventional encryption schemes.

  PublisherDOI

• StarCast: A Secure and Spectrum-Efficient Group Communication Scheme for LEO Satellite Networks

  ArXiv.org · 2025-02-11

  preprintOpen accessSenior author

  Low Earth Orbit (LEO) satellite networks serve as a cornerstone infrastructure for providing ubiquitous connectivity in areas where terrestrial infrastructure is unavailable. With the emergence of Direct-to-Cell (DTC) satellites, these networks can provide direct access to mobile phones and IoT devices without relying on terrestrial base stations, leading to a surge in massive connectivity demands for the serving satellite. To address this issue, group communication is an effective paradigm that enables simultaneous content delivery to multiple users and thus optimizes bandwidth reuse. Although extensive research has been conducted to improve group communication performance, securing this communication without compromising its inherent spectrum efficiency remains a critical challenge. To address this, we introduce StarCast, a secure group encryption scheme for LEO satellite networks. Our solution leverages ciphertext-policy attribute-based encryption (CP-ABE) to implement fine-grained access control by embedding access policies directly within the ciphertext. Unlike standard secure communication approaches that require dedicated per-user channels and significantly deplete limited satellite spectrum resources, StarCast maintains efficient spectrum reuse within user groups while ensuring that only authorized users can access transmitted data. Additionally, it significantly reduces the costly key management overhead associated with conventional encryption schemes.

  PublisherOA PDFDOI

• A New Approach to Tackle Channel Uncertainty with Limited Data Samples

  IEEE Wireless Communications · 2025-04-21 · 2 citations

  article

  Channel state information (CSI) is a key realtime parameter for resource allocation in wireless networks. However, CSI acquisition or estimation is known to be imperfect and bound to errors and uncertainties. Traditional methods addressing CSI rely on either model-based or model-free approaches, each with its limitations. A model- based approach assumes CSI (or CSI error) follows certain distributions and develops a solution following this assumption. However, the assumed model may not accurately characterize reality, especially as the operating environment changes over time. On the other hand, a model-free approach uses data-driven techniques such as machine learning (ML) for real-time resource allocation. This approach is only effective when a large set of high-quality training data is available. Its convergence is also an issue when there is a limited amount of data set available. Further, this approach does not offer any performance guarantee. In this article, we introduce a new "small-data" approach that only requires a small set of data samples. We show that this approach is able to combine the benefits of both approaches -- offering a performance guarantee solely based on the small set of data samples and without assuming any distributions for the CSI (or CSI error). We will describe how this new approach works and discuss its theoretical underpinning. We further demonstrate the efficacy of this approach by applying it to solve a resource allocation problem involving CSI uncertainty.

  PublisherDOI

• A Spectrum-Efficient Solution with Data Rate Guarantees in 5G/Next-G Networks

  IEEE Internet of Things Journal · 2025-01-01

  article

  The scarcity of spectrum and the proliferation of data-intensive applications in 5G/Next-G networks call for innovations of new techniques that are capable of offering UE-level data rate guarantee with minimum required spectrum usage. This is a challenging problem due to the complexity of mechanisms involved in the process, such as Resource Block (RB) allocation, modulation and coding scheme (MCS) selection, and MU-MIMO beamforming (BF) design. Further complicating the problem is the random, unknown nature of Channel State Information (CSI) and the errors involved in its estimation. In this paper, we present Rudra, which offers a comprehensive solution to these challenges. Rudra formulates the bandwidth minimization problem by incorporating probabilistic data rate guarantee through a chance constraint, which embeds RB allocation, MCS selection, and MU-MIMO BF mechanisms. The CSI uncertainty problem is addressed through a novel error-embedded (EE)-Wasserstein ambiguity set based on a small set of data samples. We show that the solution by Rudra meets our design objective and outperforms a modified state-of-the-art algorithm.

  PublisherDOI

• Savitar: A Multi-Timescale Spectrum-Efficient Scheduler for O-RAN

  2025-08-04

  article

  The O-RAN architecture introduces unprecedented flexibility and openness into modern cellular networks, allowing mix-and-match of components from different vendors and the rapid deployment of innovative solutions across the RAN vertical. Despite its openness, some fundamental technical challenges associated with 5G/Next-G still remain in O-RAN. A well known example is joint optimization of Resource Block (RB) allocation, Modulation and Coding Scheme (MCS) selection, and Beamforming (BF) design. In this paper, we present Savitar—an O-RAN scheduler that jointly optimizes these components, with the objective of minimizing spectrum usage while meeting per-UE probabilistic data rate requirements. Following the multi-timescale design principle in O-RAN, we present three components (each at a different time scale) of Savitar that can be seamlessly integrated with O-RAN RICs: (i) hyperparameter tuning in the Non-Real-Time (Non-RT) RIC, (ii) parallel RB Group (RBG) allocation and MCS selection in the Near-RT RIC, and (iii) BF vector design in the RT Open Distributed Unit (O-DU). A unique design in these components is our handling of CSI uncertainty with limited data samples. Experimental results show that Savitar achieves competitive spectrum efficiency performance while meeting our design requirements (i.e., per-UE probabilistic data rate requirement and real-time requirement in O-DU).

  PublisherDOI

• FeCo: Boosting Intrusion Detection Capability in IoT Networks via Contrastive Learning

  IEEE Transactions on Dependable and Secure Computing · 2025-02-20 · 14 citations

  article

  Over the last decade, Internet of Things (IoT) has permeated our daily life with a broad range of applications. However, a lack of adequate security in IoT devices renders IoT systems vulnerable to various network-based cyberattacks, potentially causing severe damage. Recent works have explored using machine learning to build anomaly detection models for defending against such attacks. In this paper, we propose FeCo, a federated-contrastive-learning framework that coordinates in-network IoT devices to jointly learn intrusion detection models. FeCo utilizes federated learning to alleviate users’ privacy concerns as participating devices only submit their model parameters rather than raw local data. Compared to previous works, we develop a novel representation learning method based on contrastive learning that is able to learn a more accurate model for the benign class. FeCo significantly improves the intrusion detection accuracy compared to previous works. In addition, we implement a two-step feature selection scheme to avoid overfitting and reduce computation time. Through extensive experiments on the NSL-KDD dataset and the BaIoT dataset, we demonstrate that FeCo achieves as high as 8% accuracy improvement compared to the state-of-the-art and is robust to non-independent and identically distributed (non-IID) data. Our implementation of FeCo on a Raspberry Pi device further confirms the applicability of FeCo for resource-constrained IoT devices.

  PublisherDOI

Recent grants

• EAGER: A Novel Approach to Achieve Real-time Wireless Network Optimization

  NSF · $300k · 2018–2020

• CT-ISG: Broadcast/Multicast Security in Multi-User Wireless Sensor Networks

  NSF · $337k · 2007–2011

• CPS: Medium: S2Guard: Building Security and Safety in Autonomous Vehicles via Multi-Layer Protection

  NSF · $1.1M · 2019–2024

• SaTC: CORE: Medium: Collaborative: Toward Enforceable Data Usage Control in Cloud-based IoT Systems

  NSF · $750k · 2019–2024

• CSR: Small: Collaborative Research: Engineering Secure Data Computation Outsourcing in Cloud Computing

  NSF · $80k · 2011–2013

Frequent coauthors

• Y. Thomas Hou

  Virginia Tech

  191 shared

• Jie Yang

  86 shared

• Donald R. Brown

  Worcester Polytechnic Institute

  84 shared

• Kai Zeng

  Kunming University of Science and Technology

  76 shared

• Kui Ren

  71 shared

• Jin Li

  Guangzhou University

  59 shared

• Yi Shi

  State Key Laboratory of Quantum Optics and Quantum Optics Devices

  47 shared

• Kai Zeng

  36 shared

Education

• Ph.D., Department of Electrical and Computer Engineering

  University of Florida

  2003