姓名：施新刚

职称：副研究员

电话：010-62603272

邮箱：shixg@cernet.edu.cn

Doctor of Philosophy (Information Engineering)， 香港中文大学， 中国， 2011

工学硕士 (计算机系统结构)， 清华大学， 中国， 2005

工学学士 (计算机科学与技术)，清华大学，中国， 2002

网络体系结构

路由协议

网络测量

网络优化

网络安全

       在互联网体系结构和网络空间安全领域已开展二十多年基础理论研究和核心技术攻关，作为负责人承担国家863、重点研发计划、自然科学基金、国家实验室专项等重要科研项目或课题，深度参与中关村实验室、互联网体系结构全国重点实验室、下一代互联网核心技术国家工程研究中心、中国教育和科研计算机网CERNET/CERNET2、国家重大科技基础设施未来互联网试验设施FITI等下一代互联网和网络空间安全领域的国家创新基地和重大工程建设。在网络和安全方向顶级学术会议（SIGCOMM、INFOCOM、SIGMETRICS、IMC、ICNP、CoNEXT、CCS、NDSS、ICDCS、IWQoS等）、期刊（TON、JSAC、TPDS、TIFS、CN等）发表录用上百篇论文，研究成果在网络基础设施建设和运行中已得到深入应用。
       近年来取得的重点研究成果包括：
       1. 互联网体系结构。研究互联网体系结构中编址和路由这两项核心要素的创新机理，面向网络扩展性、安全性、实时性等需求，提出了基于真实源地址的新型编址方案，设计实现了支持灵活聚合、高效计算、快速收敛、多径传输、路径安全、分级保护等特性的域内域间路由算法和协议。面向新型业务对网络带宽、业务流完成时延、路径可用性等的严格要求，设计实现SDN网络、数据中心网络、量子网络等新型网络中多路径路由、流量工程、拥塞控制、流调度、资源分配等方面的优化算法。相关成果纳入多项国家标准和行业标准。解决了产业核心技术难题，获得华为火花奖。
       2. 网络测试测量。研究基于形式化方法的测试生成和执行、网络属性验证、高速流量分析等方面的理论和方法，设计实现基于形式化技术的网络协议和配置测试、面向分布式应用故障的零侵扰检测和根因分析等系统。相关成果多次为中国下一代互联网示范工程CNGI项目及国内外厂商产品提供测试服务，获得中国电子学会技术发明一等奖。网络测试和配置属性验证相关系统支撑国家重大科技基础设施等重要网络设施的运行管理。分布式应用故障分析系统应用于数十家不同行业公司生产环境，获得中国开源云联盟优秀开源项目奖。
       3. 网络态势感知。研究网络安全态势感知理论和方法，包括全球路由系统的策略分析和安全风险监测、基于机器学习的网络入侵检测、面向鲁棒性和可解释性的异常检测等。相关成果获得ACM IMC颁发的首个社区贡献奖、IRTF颁发的网络研究应用奖、CCS杰出技术成果奖等国际学术奖项，以及中国电子学会技术发明一等奖。

互联网研究任务组IRTF和国际互联网协会ISOC共同颁发的网络研究应用奖（Applied Networking Research Prize），2024

网络安全顶级会议CCS颁发的杰出技术成果奖（ Distinguished Artifact Award），2024

华为火花奖，2023

中国开源云联盟优秀开源项目奖，2022

中国电子学会技术发明一等奖，2016

网络测量领域顶级会议IMC颁发的首个社区贡献奖（Community Contribution Award），2012

代表性会议论文

[1] On Non-Commutative Routing. Zhaozhen Wang, Xingang Shi*, Haijun Geng, Zitong Jin, Han Zhang, Xia Yin and Zhiliang Wang. INFOCOM 2025.

[2] Which way to go? Inferring Fine-grained AS paths with PathRadar. Zitong Jin, Xingang Shi*, Qiang Ma, Letong Sun, Zhiliang Wang, Xia Yin and Jianping Wu. INFOCOM 2025.

[3] Affinity-Model: Improving AS Routing Models via AS Affinity Behavior Inference. Zitong Jin, Xingang Shi*, Ying Tian, Zhiliang Wang, Xia Yin and Jianping Wu. INFOCOM 2025.

[4] Quantum Network Optimization: From Optimal Routing to Fair Resource Allocation. Zhaozhen Wang, Xingang Shi*, Zhengfeng Ji, Xia Yin. SIGMETRICS 2025.

[5] ACME++: Secure ACME Client Verification for Web-PKI. Tianyu Zhang, Han Zhang, Yunze Wei, Yahui Li, Xingang Shi, Jilong Wang, Xia Yin. WWW 2025.

[6] Rules Refine the Riddle: Global Explanation for Deep Learning-Based Anomaly Detection in Security Applications. Dongqi Han, Zhiliang Wang, Ruitao Feng, Minghui Jin, Wenqi Chen, Kai Wang, Su Wang, Jiahai Yang, Xingang Shi, Xia Yin, Yang Liu. CCS 2024, Distinguished Artifacts Award.

[7] Network-Centric Distributed Tracing with DeepFlow: Troubleshooting Your Microservices in Zero Code. Junxian Shen, Han Zhang, Yang Xiang, Xingang Shi, Xinrui Li, Yunxi Shen, Zijian Zhang, Yongxiang Wu, Xia Yin, Jilong Wang, Mingwei Xu, Yahui Li, Jiping Yin, Jianchang Song, Zhuofeng Li, Runjie Nie. SIGCOMM 2023.

[8] BARS: Local Robustness Certification for Deep Learning based Traffic Analysis Systems. Kai Wang, Zhiliang Wang, Dongqi Han, Wenqi Chen, Jiahai Yang, Xingang Shi, Xia Yin. NDSS 2023.

[9] Anomaly Detection in the Open World: Normality Shift Detection, Explanation, and Adaptation. Dongqi Han, Zhiliang Wang, Wenqi Chen, Kai Wang, Rui Yu, Su Wang, Han Zhang, Zhihua Wang, Minghui Jin, Jiahai Yang, Xingang Shi, Xia Yin. NDSS 2023, IRTF Applied Networking Research Prize.

[10] Delay Based Congestion Control for Cross-Datacenter Networks. Yantao Geng, Han Zhang, Xingang Shi, Jilong Wang, Xia Yin, Dongbiao He, Yahui Li. IWQoS 2023.

[11] ROV-MI: Large-Scale, Accurate and Efficient Measurement of ROV Deployment. Wenqi Chen, Zhiliang Wang∗, Dongqi Han, Chenxin Duan, Xia Yin, Jiahai Yang, Xingang Shi*. NDSS 2022.

[12] Centralized Network Utility Maximization with Accelerated Gradient Method. Ying Tian, Zhiliang Wang, Xia Yin, Xingang Shi, Jiahai Yang, and Han Zhang. ICNP 2022.

[13] Boosting Bandwidth Availability Over Inter-DC WAN. Han Zhang, Xingang Shi*, Xia Yin, Jilong Wang, Zhiliang Wang, Yingya Guo, Tian Lan. CoNEXT 2021.

[14] DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications. Dongqi Han, Zhiliang Wang, Wenqi Chen, Ying Zhong, Su Wang, Han Zhang, Jiahai Yang, Xingang Shi, and Xia Yin. CCS 2021.

[15] Continuous Flow Measurement with SuperFlow. Zongyi Zhao, Xingang Shi*, Arpit Gupta,  Qing Li, Zhiliang Wang, Bin Xiong, Xia Yin. IWQoS 2021.

[16] TopoScope: Recover AS Relationships From Fragmentary Observations. Zitong Jin, Xingang Shi*, Yan Yang, Xia Yin, Zhiling Wang*, Jianping Wu. IMC 2020.

[17] HashFlow for Better Flow Record Collection. Zongyi Zhao, Xingang Shi*, Xia Yin, Zhiliang Wang, Qing Li. ICDCS 2019.

[18] More Load, More Differentiation - a Design Principle for Deadline-Aware Flow Control in DCNs. Han Zhang, Xingang Shi*, Xia Yin, Fengyuan Ren, Zhiliang Wang. INFOCOM 2015.

[19] Formal Modeling and Systematic Black-Box Testing of SDN Data Plane. Jiangyuan Yao, Zhiliang Wang, Xia Yin, Xingang Shi, Jianping Wu. ICNP 2014.

[20] Dynamic Distributed Algorithm for Computing Multiple Next-Hops on a Tree. Haijun Geng, Xingang Shi*, Xia Yin, Zhiliang Wang. ICNP 2013.

[21] Detecting Prefix Hijackings in the Internet with Argus. Xingang Shi*, Yang Xiang, Zhiliang Wang, Xia Yin, Jianping Wu. IMC 2012, Community Contribution Award.

[22] Space efficient tracking of network wide flow correlations. Xingang Shi*, Chi-Kin Chau, Dah-Ming Chiu. INFOCOM 2011.

代表性期刊论文

[1] Centralized Network Utility Maximization with Accelerated Gradient Method. Ying Tian, Zhiliang Wang, Xia Yin, Xingang Shi, Jiahai Yang, Han Zhang. IEEE/ACM Transactions on Networking (TON), 2025.

[2] Quantum Network Optimization: From Optimal Routing to Fair Resource Allocation. Zhaozhen Wang, Xingang Shi*, Zhengfeng Ji, Xia Yin. Proceedings of the ACM on Measurement and Analysis of Computing Systems (POMACS), 9(2) June 2025.

[3] A Model Checking-Based Framework for Testing Security Properties of Developing Protocols. Jiangyuan Yao, Weiyang Xin, Xia Yin, Xingang Shi, Zhiliang Wang, Li Zhou, Ting Jin. Computer Networks, 2025.

[4] Network Anomaly Detection via Similarity-aware Ensemble Learning with ADSim. Wenqi Chen, Zhiliang Wang, Ying Zhong, Dongqi Han, Chenxin Duan, Xia Yin, Jiahai Yang, Xingang Shi. Computer Networks, 247: 110423 (2024).

[5] Proactively Verifying Quantitative Network Policy across Unsafe and Unreliable Environments. Yahui Li, Han Zhang, Jilong Wang, Xingang Shi, Xia Yin, Zhiliang Wang, Jiankun Hu, Congcong Miao, and Jianping Wu. IEEE Transactions on Information Forensics and Security (TIFS), Vol. 19, 10099-10113, 2024.

[6] RFG-HELAD: A Robust Fine-Grained Network Traffic Anomaly Detection Model Based on Heterogeneous Ensemble Learning. Ying Zhong, Zhiliang Wang, Xingang Shi, Jiahai Yang and Keqin Li. IEEE Transactions on Information Forensics and Security (TIFS), Vol. 19: 5895-5910, 2024.

[7] Cost-efficient flow migration for SFC dynamical scheduling in geo-distributed clouds. Weihan Chen, Zhiliang Wang, Han Zhang, Xia Yin, Xingang Shi. Computer Networks, 249: 110496 (2024).

[8] Achieving High Availability in Inter-DC WAN Traffic Engineering. Han Zhang, Xia Yin, Xingang Shi*, Jilong Wang, Zhiliang Wang, Yingya Guo, Tian Lan, Yahui Li, Yongqing Zhu, Ke Ruan, and Haijun Geng. IEEE/ACM Transactions on Networking (TON), 31(6): 2406-2421 (2023).

[9] A General Approach to Generate Test Packets with Network Configurations. Yahui Li , Han Zhang, Jilong Wang, Zhiliang Wang, Xia Yin, Xingang Shi, Jianping Wu. IEEE Transactions on Parallel and Distributed Systems (TPDS), 34(4): 1362-1375, 2023.

[10] Path Stability in Partially Deployed Secure BGP Routing. Yan Yang, Xingang Shi*, Qiang Ma, Yahui Li, Xia Yin, Zhiliang Wang. Computer Networks, 206 (2022) 108762.

[11] Efficient and Accurate Flow Record Collection With HashFlow. Zongyi Zhao, Xingang Shi*, Zhiliang Wang, Qing Li, Han Zhang and Xia Yin. IEEE Transactions on Parallel and Distributed Systems (TPDS), 33(5): 1069-1083, 2022.

[12] THREATRACE, Detecting and Tracing Host-based Threats in Node Level Through Provenance Graph Learning. Su Wang, Zhiliang Wang, Tao Zhou, Hongbin Sun, Xia Yin, Dongqi Han, Han Zhang, Xingang Shi, and Jiahai Yang. IEEE Transactions on Information Forensics and Security (TIFS), vol. 17, 3972-3987, 2022.

[13] Log-based Anomaly Detection with Robust Feature Extraction and Online Learning. Shangbin Han, Qianhong Wu, Han Zhang, Bo Qin, Jiankun Hu, Xingang Shi, Linfeng Liu, Xia Yin. IEEE Transactions on Information Forensics & Security (TIFS), Volume 16, Pages: 2300-2311, 2021.

[14] Evaluating and Improving Adversarial Robustness of Machine Learning-Based Network Intrusion Detectors. Dongqi Han , Zhiliang Wang , Member, IEEE, Ying Zhong, Wenqi Chen. IEEE Journal on Selected Areas in Communications (JSAC), 39(8): 2632-2647, 2021.

[15] HELAD A novel network anomaly detection model based on heterogeneous ensemble learning. Ying Zhong, Wenqi Chen, Zhiliang Wang, Yifan Chen, Kai Wang, Yahui Li, Xia Yin, Xingang Shi, Jiahai Yang, and Keqin Li. Computer Networks, 169 (2020) 107049.

[16] Traffic Engineering in Partially Deployed Segment Routing over IPv6 Network with Deep Reinforcement Learning. Tian, Ying; Wang, Zhiliang; Yin, Xia; Shi, Xingang; Guo, Yingya; Geng, Haijun; Yang, Jiahai. IEEE/ACM Transactions on Networking (TON), 28(4): 1573-1586，2020.

[17] Assisting Reachability Verification of Network Configurations Updates with NUV. Yahui Li, Zhiliang Wang, Xia Yina, Xingang Shi, Jianping Wu, Fangdan Ye, Jiangyuan Yao, Han Zhang. Computer Networks, 177 (2020) 107326.

[18] DA&FD – Deadline-Aware and Flow Duration Based Rate Control for Mixed Flows in DCNs. Zhang, Han; Shi, Xingang*; Geng, Haijun; Wang, Zhiliang; Wu, Qianhong; Liu, Jianwei; Yin, Xia. IEEE/ACM Transactions on Networking (TON), 27(6): 2458-2471, 2019.

[19] Inter-domain routing bottlenecks and their aggravation. Yan Yang, Xia Yin, Xingang Shi*, Zhiliang Wang, Jiong He, Tom Z.J.Fu, Marianne Winslett. Computer Networks, 162 (2019) 106839.

[20] Efficient Scheduling of Weighted Coflows in Data Centers. Zhiliang Wang, Han Zhang, Xingang Shi, Haijun Geng, Yahui Li, Xia Yin, Jianwei Liu, Qianhong Wu. IEEE Transactions on Parallel and Distributed Systems (TPDS), 30(9): 2003-2017, 2019.

[21] SOTE: Traffic engineering in hybrid software defined networks. Yingya Guo, Zhiliang Wang*, Zhifeng Liu, Xia Yin, Xingang Shi, Jianping Wu, Yang Xu, H. Jonathan Chao. Computer Networks, 154 (2019) 60-72.

[22] MSAID: Automated detection of interference in multiple SDN applications. Yahui Li, Zhiliang Wang, Jiangyuan Yao, Xia Yin, Xingang Shi, Jianping Wu, Han Zhang. Computer Networks, 153 (2019) 49-62.

[23] A hop-by-hop dynamic distributed multipath routing mechanism for link state network,

[24] Haijun Geng, Xingang Shi*, Zhiliang Wang, Xia Yin. Computer Communications, Volume 116, 2018, 225–239.

[25] More load, more differentiation - Let more flows finish before deadline in data center networks. Han Zhang, Xingang Shi*, Yingya Guo, Zhiliang Wang, Xia Yin. Computer Networks,127 (2017) 352-367.

[26] Traffic engineering in hybrid SDN networks with multiple traffic matrices. Yingya Guo, Zhiliang Wang, Xia Yin, Xingang Shi, Jianping Wu. Computer Networks, 126 (2017) 187-199. [26] DIMR: Disjoint Interdomain Multipath Routing. Xia Yin, Dan Wu, Zhiliang Wang, Xingang Shi, JianpingWu. Computer Networks, 91(2015)356–375.

[27] Sign What You Really Care About - Secure BGP AS Paths Efficiently. Yang Xiang, Xingang Shi*, Jianping Wu, Zhiliang Wang, Xia Yin. Computer Networks, 57 (2013) 2250–2265.

[28] A Unified Approach to Routing Protection in IP Networks, Qi Li, Mingwei Xu, Jianping Wu, Patrick P.C. Lee, Xingang Shi, Dah Ming Chiu, and Yuan Yang. IEEE Transactions on Network and Service Management, 9(3), 2012.

[29] An online framework for tracking super spreaders and scanners. Xingang Shi, Dah-Ming Chiu, John C.S. Lui. Computer Networks, 54 (2010) 1375-1388.