Jianbin Hu

C4W: An Energy Efficient Public Key Cryptosystem for Large-Scale Wireless Sensor Networks

With hardware support and software optimization, public key cryptography (PKC) has been announced feasible on micro sensors recently. A number of experiments proved that the elliptic curve cryptography (ECC) is more suitable for resource constraint motes compared with RSA, But even ECC based protocols still cost too much energy. In this paper, we propose C4W, an identity-based public key infrastructure specially designed for wireless sensor networks (WSNs), in which all nodes can generate others ECC public keys directly from their identities. Without certificates, no energy will be consumed for certificates communication and verification, which makes C4W especially energy efficient. C4W uses a protocol without certificates to realize mutual authentication and key agreement. Compared with a simplified SSL (SSSL) protocol using an abbreviated certificate, C4W consumes lower than 35% energy, and the communication consumption of C4W is only 28.5% of that consumed by SSSL. Furthermore, the energy analysis of C4W illuminates that the expensive public key computational cost is almost neglectable compared with the heavy communication consumption in a large-scale WSNs, which gives the asymmetric key management in WSNs a bright future

CuboidTrust: a global reputation-based trust model in peer-to-peer networks

Peer-to-Peer communication model has the potential to harness huge amounts of resources. However, some recent studies indicate that most of current Peer-to-Peer systems suffer from inauthentic resource attacks. One way to cope with these attacks is to constitute a reputation-based trust model to help evaluating the trust values of peers and predicting their future behaviors. In this paper, we propose a global reputation-based trust model, called CuboidTrust. It builds four relations among three trust factors including contribution, trustworthiness and quality of resource, and applies power iteration to compute the global trust value of each peer. The experimental results show that CuboidTrust performs efficiently, and significantly decreases the count of inauthentic resource downloads under various threat models.

On the security of an identity based multi-proxy signature scheme

In a multi-proxy signature scheme, an original signer could authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy group can generate the proxy signatures on behalf of the original signer. Recently, Cao and Cao gave the first formal definition and security model of an identity-based multi-proxy signature scheme, then proposed an identity-based multi-proxy signature scheme from bilinear pairings and proved its security in their security model. Although they proved that their scheme is secure under this model, we disprove their claim and show that their scheme is not secure. We also present a simple fix to prevent this attack.

Feedback: Towards Dynamic Behavior and Secure Routing forWireless Sensor Networks

Wireless sensor networks, due to their potentially wide application perspectives, may proliferate in future. Two major stumbling blocks are the dynamic variance of network topology caused by the energy constraint of sensor nodes and uncertainties of wireless links, and the security routing in this severe security environment. Therefore adaptable and defendable routing mechanism is in urgent need for the deployment of these networks. In this paper we propose FBSR, a novel feedback based secure routing protocol. Feedback from both the nearby neighbors and base stations, serves as the dynamic information of the current network with which sensor nodes make forwarding decision in a secure and energy aware manner. We present both mathematical analysis and simulation results to show the efficiency of FBSR

Claper: Recommend classical papers to beginners

Classical papers are of great help for beginners to get familiar with a new research area. However, digging them out is a difficult problem. This paper proposes Claper, a novel academic recommendation system based on two proven principles: the Principle of Download Persistence and the Principle of Citation Approaching (we prove them based on real-world datasets). The principle of download persistence indicates that classical papers have few decreasing download frequencies since they were published. The principle of citation approaching indicates that a paper which cites a classical paper is likely to cite citations of that classical paper. Our experimental results based on large-scale real-world datasets illustrate Claper can effectively recommend classical papers of high quality to beginners and thus help them enter their research areas.

Scalable Byzantine Fault Tolerant Public Key Authentication for Peer-to-Peer Networks

Peer-to-Peer (P2P) communication model has the potential to harness huge amounts of resources. However, due to the self-organizing and self-maintaining nature, current P2P networks suffer from various kinds of attacks. Public key authentication can provide a fundamental building block for P2P communication security. In this paper, we propose a scalable Byzantine fault tolerant public key authentication scheme for P2P networks, in which each participating peer dynamically maintains a trusted group to perform distributed challenge-response authentication without centralized infrastructure. To guarantee the authentication correctness, we additionally present a complementary trusted group maintenance scheme. The experimental results demonstrate that our authentication scheme can work in various different P2P scenarios effectively and efficiently.

FBSR: feedback‐based secure routing protocol for wireless sensor networks

Purpose – Wireless sensor networks, due to their potentially wide application perspectives, may proliferate in future. Two major stumbling blocks are the dynamic variance of the network caused by both the capacity constraint of sensor nodes and uncertainties of wireless links, and secure routing in the special security sensitive environment. Therefore, adaptable and defendable routing mechanism is in urgent need for the deployment of sensor networks. This paper aims to propose a feedback‐based secure routing protocol (FBSR).Design/methodology/approach – Feedback from the neighboring nodes serves as the dynamic information of the current network, with which sensor nodes make forwarding decisions in a secure and energy aware manner. Feedback message is included in the MAC layer acknowledgement frame to avoid network congestion, and it is authenticated with the proposed Keyed One Way Hash Chain (Keyed‐OWHC) to avoid feedback fabrication. FBSRs resilience to node compromise is enhanced by statistic efforts a...

DSpam: Defending Against Spam in Tagging Systems via Users' Reliability

Resisting spam in tagging system is very challenging. This paper presents DSpam, a novel spam-resistant tagging system which can significantly diminish spam in tag search results with users’ reliabilities. DSpam client groups other users into unfamiliar users and interacted users according to the fact whether the client has interacted with such users. For an unfamiliar user, the client computes his reliability by tagging behavior-based mechanism which reflects correlation of annotations between them. For an interacted user, the reliability includes two parts: feedback-based reliability, which indicates direct interactions between that user and the client, and recommendation reliability, which indicates the evaluation about that user from the client’s friends. The client ranks search result with the average reliabilities of himself with respect to annotators of each result. Experimental results show DSpam can effectively resist tag spam and work better than existing tag search schemes.

A Secure Routing and Aggregation Protocol with Low Energy Cost for Sensor Networks

Wireless sensor networks are increasingly deployed in security-critical areas, such as battle field. However, general sen-sor nodes are manufactured with inexpensive components, and they are short of security enhancement. Therefore, an adversary could capture and compromise sensor nodes easily, then launch some malicious attacks (including tampering or discarding useful data collected from source nodes). In this paper, we propose a secure routing and aggregation protocol with low energy cost for sensor networks (named STAPLE), which utilizes one-way hash chain and multi-path mechanism to achieve security of wireless sensor networks, and develop a network expanding model to control communication cost incurred by multi-path routing. We perform the simulation of STAPLE in comparison with INSENS, the results demonstrate that STAPLE achieves a higher level security and it is efficient in large scale sensor networks with considerably low communication overhead.

A New Method to Generate Attack Graphs

To address the scalability problem in attack graphs generation, we propose a novel method to generate attack graphs automatically. Our approach constructs a two- tier attack graph framework, which includes a host access graph and some sub-attack graphs. A sub-attack graph describes concrete attack scenarios from one source host to one target host, while the host access graph describes the attacker’s privilege transition among hosts. Our sub-attack graphs and host access graph have remarkable smaller scales and can help network administrators to find the key hosts in attack sequences. Analysis shows that the upper bound computational cost of our model is O(N3), which could also be competed in real time. The following experiment validates our approach.