Siu Leung Chung

Lightweight security for mobile commerce transactions

This paper describes a lightweight security mechanism for protecting electronic transactions conducted over the mobile platform. In a typical mobile computing environment, one or more of the transacting parties are based on some wireless handheld devices. Electronic transactions conducted over the mobile platform are gaining popularity and it is widely accepted that mobile computing is a natural extension of the wired Internet computing world. However, security over the mobile platform is more critical due to the open nature of wireless networks. Furthermore, security is more difficult to implement on the mobile platform because of the resource limitation of mobile handheld devices. Therefore, security mechanisms for protecting traditional computer communications need to be revisited so as to ensure that electronic transactions involving mobile devices can be secured and implemented in an effective manner. This research is part of our effort in designing security infrastructure for electronic commerce systems, which extend from the wired to the wireless Internet. A lightweight mechanism was designed to meet the security needs in face of the resource constraints. The proposed mechanism is proven to be practical in real deployment environment.

Efficient vector quantization using genetic algorithm

This paper proposes a new codebook generation algorithm for image data compression using a combined scheme of principal component analysis (PCA) and genetic algorithm (GA). The combined scheme makes full use of the near global optimal searching ability of GA and the computation complexity reduction of PCA to compute the codebook. The experimental results show that our algorithm outperforms the popular LBG algorithm in terms of computational efficiency and image compression performance.

A data reduction method for intrusion detection

This paper describes a technique for improving efficiency of data analysis involved in intrusion detection. Intrusion detection aims to detect security violations from abnormal patterns of system usage. It is required that user activities be monitored by the system and that monitoring data be analyzed to recognize behavior patterns of users. Multivariate data analysis may be used to achieve intrusion detection. Nevertheless, system monitoring typically records everything that each user performs in the system; hence, a massive volume of monitoring data is created. To allow analysis of monitoring data to be performed efficiently, it is essential to develop techniques that, without losing important information, reduce the amount of data to be processed. This paper presents a data reduction method that makes multivariate data analysis involved in intrusion detection more efficient. Our data reduction technique extracts, from the original data set, discriminating components that best characterize user behavior. This way, the amount of data to be processed by the multivariate data analysis module will be reduced substantially.

Enhancing Grid security infrastructure to support mobile computing nodes

With the rapid development of the global information infrastructure, the use of virtual organization (VO) is gaining increasing importance as a model for studying business and organizational structures. The notion of VO is significant in that it could serve as a basic framework for implementing geographically distributed, cross-organizational application systems in a highly flexible manner. To further enhance the pervasiveness of VO, it is of great importance that participation of mobile computing nodes be supported. Thus, security is a critical issue due to the open nature of the wireless channels that provide connectivity to mobile devices. This paper discusses, from an application angle, the importance of supporting mobile devices in VO. It also discusses the design of security infrastructures that support mobile nodes in mission-specific applications. A simple grid security infrastructure that supports participation of mobile computing nodes is also proposed to illustrate the implementation feasibility of the infrastructure.

Multivariate data analysis software for enhancing system security

Abstract This article describes an intrusion detection technique that aims to enhance the security of computing systems. The idea of intrusion detection is based on the hypothesis that computer users are typically involved in specific types of activity, and the set of programs they use will normally reflect that activity. Hence, security violations could be detected from abnormal patterns of system usage. Intrusion detection almost invariably involves two components: system monitoring and data analysis. In general, system monitoring records everything that each user performs in the system. Monitoring information is analyzed by use of some data analysis technique to abstract user behavior patterns from the audit log. Although the concept of system monitoring is widely supported in todays computer systems (at least for accounting purposes), the provision of tools for analyzing monitoring information is not sufficient. We present a multivariate data analysis technique that is a nice mathematical tool for the analysis of user behavior patterns in intrusion detection. Our system records all user activities in each login session; abnormal sessions are identified when the monitoring data are analyzed. Data analysis involves two steps: analysis of correlations and classification of behavior patterns. Analysis of correlations, which is based on standardized principal components analysis, partitions the set of user sessions into groups such that sessions within the same group are closely correlated and hence governed by the same behavior pattern. Classification of behavior patterns is automated by a cluster recognition technique. To visualize analysis results, the multivariate data set is summarized by factor analysis.

Parallel stochastic dynamic programming: finite element methods

Abstract A finite element method for stochastic dynamic programming is developed. The computational method is valid for a general class of optimal control problems that are nonlinear and perturbed by general Markov noise in continuous time, including jump Poisson noise. Stability and convergence of the method are verified, and its advantage in storage utilization efficiency over the traditional finite difference method is demonstrated. This advanced numerical technique, together with parallel computation, helps to alleviate Bellmans curse of dimensionality by permitting the solution of larger problems.

Towards Energy-Efficient Secure Communications Using Biometric Key Distribution in Wireless Biomedical Healthcare Networks

Wireless body sensor network (WBSN) has gained significant interests as an important infrastructure for the real- time biomedical healthcare system, while the security of the sensitive health information becomes one of the main challenges. Due to the crucial constraints of low power in the sensors, traditional security mechanisms and key distribution schemes are not suitable for WBSN. In this paper, we investigate a novel energy-efficient approach, BodyKey, that can generate and distribute the cryptographic keys using the Electrocardiograph (ECG) biometrics in WBSN. The proposed BodyKey represents the biometric features as ordered set, and deals with the biometric variations using a new fuzzy construction with set reconciliation. In this way, only limited necessary information needs to be communicated for key agreement, and the total energy consumption for key distribution can thus be reduced. The proposed approach has been implemented and evaluated on the public domain PTB Diagnostic Set database with 290 subjects. Experimental results and security analysis for accuracy performance, energy consumption and security property show that BodyKey is a promising and practical key distribution scheme for secure communications in WBSN.

An efficient anomaly detection algorithm for vector-based intrusion detection systems

This paper proposes a new algorithm that improves the efficiency of the anomaly detection stage of a vector-based intrusion detection scheme. In general, intrusion detection schemes are based on the hypothesis that normal system/user behaviors are consistent and can be characterized by some behavior profiles such that deviations from the profiles are considered abnormal. In complicated computing environments, users may exhibit complicated usage patterns that the user profiles have to be established using sophisticated classification methods such as vector quantization (VQ) technique. However, anomaly detection based on the data set in a high dimension space is inefficient. In this paper we focus on the design of an algorithm that uses principal component analysis (PCA) to improve the anomaly detection efficiency. The main contribution of this research is to demonstrate how the efficiency of the anomaly detection can be raised while the effectiveness of the detection in terms of low false alarm rate and high detection rate can be maintained.

Anomaly Detection in Grid Computing Based on Vector Quantization

An efficient and effective intrusion detection model based the Vector Quantization (VQ) technique is proposed. This model is suitable for security monitoring in the grid computing environment. Experimental results based on this model have shown very promising performance in terms of high detection rate and low false alarm rate.

Kwok-Yan Lam, Siu-Leung Chung, Ming Gu and Jia-Guang Sun - Middleware for enhancing interoperability: Security middleware for enhancing interoperability of Public Key Infrastructure

This paper describes a security middleware for enhancing the interoperability of public key infrastructure (PKI). Security is a key concern in e-commerce and is especially critical in cross-enterprise transactions. Public key cryptography is widely accepted as an important mechanism for addressing the security needs of e-commerce transactions because of its ability to implement non-repudiation. The deployment of public key cryptography is facilitated by the provision of PKI which assures the integrity of cryptographic keys. Nevertheless, industry experiences have shown that the task of implementing PKI-based e-commerce applications is challenging. Prior studies have identified interoperability as a major issue that hinders the adoption of PKI in spite of its effectiveness in implementing strong security mechanisms and protocols. In this paper, we discuss the interoperability issue of PKI applications. This research is part of our effort in designing security infrastructure for e-commerce systems. A middleware architecture was designed to enhance interoperability of PKI applications. The security middleware aims to promote cross-enterprise cross-border e-commerce transactions. The proposed mechanism is proven to be practical in real deployment environment.