Wei Zhao

DSSS-Based Flow Marking Technique for Invisible Traceback

Law enforcement agencies need the ability to conduct electronic surveillance to combat crime, terrorism, or other malicious activities exploiting the Internet. However, the proliferation of anonymous communication systems on the Internet has posed significant challenges to providing such traceback capability. In this paper, we develop a new class of flow marking technique for invisible traceback based on direct sequence spread spectrum (DSSS), utilizing a pseudo-noise (PN) code. By interfering with a senders traffic and marginally varying its rate, an investigator can embed a secret spread spectrum signal into the senders traffic. The embedded signal is carried along with the traffic from the sender to the receiver, so the investigator can recognize the corresponding communication relationship, tracing the messages despite the use of anonymous networks. The secret PN code makes it difficult for others to detect the presence of such embedded signals, so the traceback, while available to investigators is, effectively invisible. We demonstrate a practical flow marking system which requires no training, and can achieve both high detection and low false positive rates. Using a combination of analytical modeling, simulations, and experiments on Tor (a popular Internet anonymous communication system), we demonstrate the effectiveness of the DSSS-basedflow marking technique.

On False Data-Injection Attacks against Power System State Estimation: Modeling and Countermeasures

It is critical for a power system to estimate its operation state based on meter measurements in the field and the configuration of power grid networks. Recent studies show that the adversary can bypass the existing bad data detection schemes, posing dangerous threats to the operation of power grid systems. Nevertheless, two critical issues remain open: 1) how can an adversary choose the meters to compromise to cause the most significant deviation of the system state estimation, and 2) how can a system operator defend against such attacks? To address these issues, we first study the problem of finding the optimal attack strategy--i.e., a data-injection attacking strategy that selects a set of meters to manipulate so as to cause the maximum damage. We formalize the problem and develop efficient algorithms to identify the optimal meter set. We implement and test our attack strategy on various IEEE standard bus systems, and demonstrate its superiority over a baseline strategy of random selections. To defend against false data-injection attacks, we propose a protection-based defense and a detection-based defense, respectively. For the protection-based defense, we identify and protect critical sensors and make the system more resilient to attacks. For the detection-based defense, we develop the spatial-based and temporal-based detection schemes to accurately identify data-injection attacks.

Representation of a Stochastic Traffic Bound

This paper presents a theoretical representation of a stochastic traffic bound (σ,ρ) that consists of two items, the burstiness bound σ and the bound of long-term average rate ρ. The novelty of the suggested representation is that the burstiness bound and the bound of long-term average rate are separately connected to the fractal dimension D that is the measure of the local self-similarity together with the small-scale factor r and the Hurst parameter H that is the measure of the long-range dependence (LRD) together with the large-scale factor a of traffic. More precisely, we obtain σ = r2D-5σ and ρ = a-H ρ, where σ is the conventional bound of burstiness and ρ the conventional bound of long-term average rate, respectively. Thus, the present bound (σ,ρ) takes the conventional bound, say (σ,ρ), as a special case when r = 1 and a = 1. Hence, the proposed representation provides us with a flexible way to tighten a traffic bound. Since we study the stochastically bounded modeling of traffic by taking into account the parameters in stochastic modeling, namely, D, H, r, and a, as well as the parameters in the deterministic modeling of traffic, i.e., σ and ρ, a new outlook regarding the stochastically bounded modeling of traffic is revealed. In addition, we open a problem to estimate r and a with respect to the possible applications of the proposed bound to the practice.

A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications

Fog/edge computing has been proposed to be integrated with Internet of Things (IoT) to enable computing services devices deployed at network edge, aiming to improve the user’s experience and resilience of the services in case of failures. With the advantage of distributed architecture and close to end-users, fog/edge computing can provide faster response and greater quality of service for IoT applications. Thus, fog/edge computing-based IoT becomes future infrastructure on IoT development. To develop fog/edge computing-based IoT infrastructure, the architecture, enabling techniques, and issues related to IoT should be investigated first, and then the integration of fog/edge computing and IoT should be explored. To this end, this paper conducts a comprehensive overview of IoT with respect to system architecture, enabling technologies, security and privacy issues, and present the integration of fog/edge computing and IoT, and applications. Particularly, this paper first explores the relationship between cyber-physical systems and IoT, both of which play important roles in realizing an intelligent cyber-physical world. Then, existing architectures, enabling technologies, and security and privacy issues in IoT are presented to enhance the understanding of the state of the art IoT development. To investigate the fog/edge computing-based IoT, this paper also investigate the relationship between IoT and fog/edge computing, and discuss issues in fog/edge computing-based IoT. Finally, several applications, including the smart grid, smart transportation, and smart cities, are presented to demonstrate how fog/edge computing-based IoT to be implemented in real-world applications.

On False Data Injection Attacks against Distributed Energy Routing in Smart Grid

Smart Grid is a new type of energy-based cyber-physical system (CPS) that will provide reliable, secure, and efficient energy transmission and distribution. The way to secure the distributed energy routing process that efficiently utilizes the distributed energy resources and minimizes the energy transmission overhead is essential in smart grid. In this paper, we study the vulnerability of the distributed energy routing process and investigate novel false data injection attacks against the energy routing process. We consider several general attacks, in which the adversary may manipulate the quantity of energy supply, the quantity of energy response, and the link state of energy transmission. The forged data injected by those attacks will cause imbalanced demand and supply, increase the cost for energy distribution, and disrupt the energy distribution. We formally model these attacks and quantitatively analyze their impact on energy distribution. Our evaluation data show that those attacks can effectively disrupt the effectiveness of energy distribution process, causing significant supplied energy loss, energy transmission cost and the number of outage users.

Protection of query privacy for continuous location based services

Location-based services (LBS) have become an immensely valuable source of real-time information and guidance. Nonetheless, the potential abuse of users sensitive personal data by an LBS server is evolving into a serious concern. Privacy concerns in LBS exist on two fronts: location privacy and query privacy. In this paper we investigate issues related to query privacy. In particular, we aim to prevent the LBS server from correlating the service attribute, e.g., bar/tavern, in the query to the users real-world identity. Location obfuscation using spatial generalization aided by anonymization of LBS queries is a conventional means to this end. However, effectiveness of this technique would abate in continuous LBS scenarios, i.e., where users are moving and recurrently requesting for LBS. In this paper, we present a novel query-perturbation-based scheme that protects query privacy in continuous LBS even when user-identities are revealed. Unlike most exiting works, our scheme does not require the presence of a trusted third party.

A Novel En-Route Filtering Scheme Against False Data Injection Attacks in Cyber-Physical Networked Systems

In Cyber-Physical Networked Systems (CPNS), attackers could inject false measurements to the controller through compromised sensor nodes, which not only threaten the security of the system, but also consumes network resources. To deal with this issue, a number of en-route filtering schemes have been designed for wireless sensor networks. However, these schemes either lack resilience to the number of compromised nodes or depend on the statically configured routes and node localization, which are not suitable for CPNS. In this paper, we propose a Polynomial-based Compromised-Resilient En-route Filtering scheme (PCREF), which can filter false injected data effectively and achieve a high resilience to the number of compromised nodes without relying on static routes and node localization. Particularly, PCREF adopts polynomials instead of MACs (message authentication codes) for endorsing measurement reports to achieve the resilience to attacks. Each node stores two types of polynomials: authentication polynomial and check polynomial derived from the primitive polynomial, and used for endorsing and verifying the measurement reports. Via extensive theoretical analysis and simulation experiments, our data show that PCREF achieves better filtering capacity and resilience to the large number of compromised nodes in comparison to the existing schemes.

Static priority scheduling for ATM networks

Static priority scheduling is popular for traffic scheduling in ATM switches because it is less costly than dynamic priority scheduling while being sensitive to the delay constraints of connections. We study delay computation and priority assignment problems in an ATM network with static priority scheduling. Given an ATM network with arbitrary topology, it is possible that the traffic on it may become unstable (i.e., packet delays become unbounded) due to the potential cyclic dependency of the traffic. An unstable network is definitely unacceptable for many delay sensitive applications. We start by formally deriving a simple condition under which the network is guaranteed to be stable. We then develop a numerical method to compute worst case end to end delays in an ATM network with arbitrary topology. Convergence of the method is formally proved and a closed form for the computing error is obtained. Despite its advantages, static priority scheduling remains sensitive to proper priority assignment. We describe two simple priority assignment methods, which we show to outperform other commonly used methods.

Pattern mutation in wireless sensor deployment

In this paper, we study the optimal deployment pattern problem in wireless sensor networks (WSNs). We propose a new set of patterns, particularly when sensors communication range (r_c) is relatively low compared with their sensing range (r_s), and prove their optimality among regular patterns. In this study, we discover a surprising and interesting phenomenon - pattern mutation. This phenomenon contradicts the conjecture presented in a previous work that there exists a universal elemental pattern among optimal pattern evolution and the pattern evolution is continuous. For example, we find mutation happens among the patterns for full-coverage and 3-connectivity when r_c/r_s = 1.0459, among the patterns for full-coverage and 4-connectivity when r_c/r_s = 1.3903, and among the patterns for full-coverage and 5-connectivity when r_c/r_s = 1.0406. To the best of our knowledge, this is the first time that mutation in pattern evolution has been discovered. Also, our work further completes the exploration of optimal patterns in WSNs.

Self-Disciplinary Worms and Countermeasures: Modeling and Analysis

In this paper, we address issues related to the modeling, analysis, and countermeasures of worm attacks on the Internet. Most previous work assumed that a worm always propagates itself at the highest possible speed. Some newly developed worms (e.g., “Atak” worm) contradict this assumption by deliberately reducing the propagation speed in order to avoid detection. As such, we study a new class of worms, referred to as self-disciplinary worms. These worms adapt their propagation patterns in order to reduce the probability of detection, and eventually, to infect more computers. We demonstrate that existing worm detection schemes based on traffic volume and variance cannot effectively defend against these self-disciplinary worms. To develop proper countermeasures, we introduce a game-theoretic formulation to model the interaction between the worm propagator and the defender. We show that an effective integration of multiple countermeasure schemes (e.g., worm detection and forensics analysis) is critical for defending against self-disciplinary worms. We propose different integrated schemes for fighting different self-disciplinary worms, and evaluate their performance via real-world traffic data.