Fang-Yie Leu

A novel network mobility handoff scheme using SIP and SCTP for multimedia applications

In a heterogeneous wireless environment, seamless mobility is the basis of network support with which mobile users who roam between or among various wireless access networks are able to fully enjoy uninterrupted wireless services. When users are in a mass transportation vehicle, e.g., a bus or a train that provides network service, the vehicle can be regarded as a network which is serving users as it moves from one location to another. The movement of a network is called network mobility (NEMO). The network mobility protocol based on Mobile IPv6 as proposed by the Internet Engineering Task Force (IETF) in 2005 has some fundamental drawbacks, such as header overhead and the pinball problem. In this paper, we propose a novel hybrid method for network mobility called Hybrid-NEMO, which provides a soft handoff scheme at the transport layer basically utilizing SIP and SCTP protocols to ensure a lossless packet-transmission environment and less handoff-delay variation, which are critical in providing QoS voice and multimedia applications. Experimental validation and performance evaluation were also conducted in this study.

Integrating grid with intrusion detection

In recent years, distributed denial-of-service (DDoS) and denial-of-service (DoS) are the most dreadful network threats. Single-node IDS often suffers from losing its detection effectiveness and capability when processing enormous network traffic. To solve the drawbacks, we propose grid-based IDS, called grid intrusion detection system (GIDS), which uses grid computing resources to detect intrusion packets. For balancing detection load, score subtraction approach (SSA) and score addition approach (SAA) are deployed. Furthermore, to effectively detect intrusions, a two-phase packet detection process is proposed. The first phase detects logical and momentary attacks. Chronic attacks are detected in the second phase. Experiments are also performed and the results show that GIDS is truly an outstanding system in detecting attacks.

Lifetime elongation for wireless sensor network using queue-based approaches

A wireless sensor network (WSN) is envisioned as a cluster of tiny power-constrained devices with functions of sensing and communications. Sensors closer to a sink node have a larger forwarding traffic burden and consume more energy than nodes further away from the sink. The whole lifetime of WSN is deteriorated because of such an uneven node power consumption patterns, leading to what is known as an energy hole problem (EHP). From open literatures, most research works have focused on how to optimally increase the probability of sleeping states using various wake-up strategies. In this article, we propose a novel power-saving scheme to alleviate the EHP based on the N-policy M/M/1 queuing theory. With little or no extra management cost, the proposed queue-based power-saving technique can be applied to prolong the lifetime of the WSN economically and effectively. A mathematical analysis on the optimal control parameter has been made in detail. Focusing on many-to-one WSN, numerical and network simulation results validate that the proposed approach indeed provides a feasibly cost-effective approach for lifetime elongation of WSN.

A performance-based grid intrusion detection system

Distributed denial-of-service (DDoS) and denial-of-service (DoS) are the most dreadful network threats in recent years. In this paper, we propose a grid-based IDS, called performance-based grid intrusion detection system (PGIDS), which exploits grids abundant computing resources to detect enormous intrusion packets and improve the drawbacks of traditional IDSs which suffer from losing their detection effectiveness and capability when processing massive network traffic. For balancing detection load and accelerating the performance of allocating detection node (DN), we use exponential average to predict network traffic and then assign the collected actual traffic to the most suitable DN. In addition, score subtraction algorithm (SSA) and score addition algorithm (SAA) are deployed to update and reflect the current performance of a DN. PGIDS detects not only DoS/DDoS attacks but also logical attacks. Experimental results show that PGIDS is truly an outstanding system in detecting attacks.

Accessing medical image file with co-allocation HDFS in cloud

Patient privacy has recently become the most important issue in the World Health Organization (WHO) and the United States and Europe. However, inter-hospital medical information is currently shared using paper-based operations, and this is an important research issue for the complete and immediate exchange of electronic medical records to avoid duplicate prescriptions or procedures. An electronic medical record (EMR) is a computerized medical record created by a care-giving organization, such as a hospital and doctors surgery. Using electronic medical records can improve patients privacy and health care efficiency. Although there are many advantages to electronic medical records, the problem of exchanging and sharing medical images remains to be solved. The motivation of this paper is to attempt to resolve the problems of storing and sharing electronic medical records and medical images between different hospitals. Cloud Computing is enabled by the existing parallel and distributed technology, which provides computing, storage and software services to users. Specifically, this study develops a Medical Image File Accessing System (MIFAS) based on HDFS of Hadoop in cloud. The proposed system can improve medical imaging storage, transmission stability, and reliability while providing an easy-to-operate management interface. This paper focuses on the cloud storage virtualization technology to achieve high-availability services. We have designed and implemented a medical imaging system with a distributed file system. The experimental results show that the high reliability data storage clustering and fault tolerance capabilities can be achieved. The motivation of this paper is to attempt to resolve the problems of storing and sharing electronic medical records and medical images between different hospitals.Specifically, this study develops a Medical Image File Accessing System (MIFAS) based on HDFS of Hadoop in cloud.The proposed system can improve medical imaging storage, transmission stability, and reliability while providing an easy-to-operate management interface.This paper focuses on the cloud storage virtualization technology to achieve high-availability services.The experimental results show that the high reliability data storage clustering and fault tolerance capabilities can be achieved.

Detection workload in a dynamic grid-based intrusion detection environment

Denial-of-service (DoS) and distributed denial-of-service (DDoS) are two of the most serious and destructive network threats on the Internet. Hackers, exploiting all kinds of malicious packages to attack and usurp network hosts, servers and bandwidth, have seriously damaged enterprise, campus and government network systems. Many network administrators employ intrusion detection systems (IDSs) and/or firewalls to protect their systems. However, some systems lose most of their detection and/or protection capabilities when encountering a huge volume of attack packets. In addition, some detection resources may fail due to hardware and/or software faults. In this paper, we propose a Grid-based platform, named the dynamic grid-based intrusion detection environment (DGIDE), which exploits Grids abundant computing resources to detect a massive amount of intrusion packets and to manage a dynamic environment. A detector, a node that detects attacks, can dynamically join or leave the DGIDE. A newly joined detector is tested so that we can obtain its key performance curves, which are used to balance detection workload among detectors. The DGIDE backs up network packets. When, for some reason, a detector cannot continue its detection thus leaving an unfinished detection task, the DGIDE allocates another available detector to take over. Therefore, the drawbacks of ordinary security systems as mentioned above can be avoided.

A secure communication over wireless environments by using a data connection core

Abstract Recently, wireless networks, such as Wi-Fi and 3G, have been widely equipped and popularly used in the world. People holding smart devices can conveniently access the Internet services through modern wireless networks. However, when people are enjoying using wireless systems, network security has been a crucial challenge because wireless messages, encrypted or unencrypted, may be maliciously intercepted by hackers. After analyzing and/or decrypting the messages, hackers can illegally capture or steal important information, such as credit card numbers or usernames/passwords, carried in the messages. Currently, SSL and IPsec are utilized to protect the delivery of these types of information. However, each of the two security protocols has its own drawbacks both in their key exchange and message encryption/decryption processes. To solve these drawbacks, in this paper, we propose a secure communication system, named the Wi reless S ecurity System with D ata C onnection Core (WiSDC for short), which consists of two security schemes, including a symmetric key exchange process and a two-dimensional stream cipher mechanism. The former employs random numbers and the connection keys contained in the D ata C onnection C ore (the DCC for short) to generate internal keys, through which the security level of the key exchange process can be enhanced. Here, the DCC is a set of random numbers created when the underlying user registers himself/herself with the wireless system being considered, and the random numbers are only known to the user and AAA server of the wireless system. The latter invokes two operators, including exclusive-or ⊕ and binary adder + 2 operators, and two Pseudo Random Number Sequences (PRNSs) to encrypt plaintext so as to well protect the ciphertext. The WiSDC also adopts a pseudo random number generator, which feeds back keys in current stage as a part of the inputs of the next stage, to generate more complicated keys for data encryption. Experimental results show that the WiSDC can effectively protect transmitted messages for wireless environments. The analytical results indicate that the WiSDC has higher security level and execution efficiency than those of the SSL and IPsec.

Improving reliability of a heterogeneous grid-based intrusion detection platform using levels of redundancies

In this work, we propose a Grid-based intrusion detection platform, named Enhanced Dynamic Grid Intrusion Detection Environment (E-DGIDE), which is an extension of our previous system, DGIDE. The DGIDE exploits a Grids dynamic and abundant computing resources to detect intrusion packets. The E-DGIDE is a fault-tolerant platform that provides three types of standby mechanisms to prevent itself from crashing. The first two types are hot standby in which the standby subsystem performs the same task as its working subsystem. When the working subsystem fails, the standby takes over the current task immediately with less delay and without information passing. The other is cold standby. When the working subsystem cannot work properly, the E-DGIDE notifies the standby subsystem to take over. With these mechanisms, the reliability of an ordinary security system can be improved.

Detecting DoS and DDoS Attacks by Using an Intrusion Detection and Remote Prevention System

In this article, we proposed an intrusion prevention system, named Cumulative-Sum-based Intrusion Prevention System (CSIPS) which detects malicious behaviors, attacks and distributed attacks launched to remote clients and local hosts based on the Cumulative Sum (CUSUM) algorithm. Experimental results show that CSIPSs in a united defense environment can carry out a higher security level for the environment.

IFTS: intrusion forecast and traceback based on union defense environment

Network-based intrusion detection system (NIDS) is developed to monitor network traffic in order to detect network intrusion. But it often lacks global cooperative capability. When facing attacks, e.g., DDoS, an intrusion detection system (IDS) needs an overall scheme to respond properly. Also, Internet consists of network management units (NMUs). It would be better if several nearby surrounding NMUs can collaboratively guard and protect their important surrounded neighbor. In this article, we propose an intrusion forecast and traceback system (IFTS) based on union defense environment. IFTS monitors network forwarding traffic, thus forecasting malicious behaviors for its neighbor NMD, called protected NMU (P-NMU). With forecasting, P-NMU can predetermine the way to treat the intrusion packets. IFTS deploys a hash-based intrusion traceback subsystem to trace intruders.