Zhen Xu

Cross-layer transmission and energy scheduling under full-duplex energy harvesting wireless OFDM joint transmission

This paper studies the design of the optimal and online cross-layer transmission and energy schedulings for a full-duplex energy harvesting wireless orthogonal frequency division multiplexing (OFDM) joint transmissions. Supported by today’s power management integrated circuit, the full-duplex energy harvesting system becomes a reality, which can overcome the transmission time loss problem caused by the half-duplex constraint of the energy storage unit (ESU) in the serial Harvest-Store-Use system. However, its corresponding modeling is still unexplored. Therefore, the full-duplex energy harvesting system is first modeled and proved to be equivalent to a composition of energy behavior models of Harvest-Store-Use in fine-time granularity. Then, the convex optimization problem of cross-layer transmission and energy scheduling is formulated with the objective to maximize the sum of transmission throughput during successively multiple time units, which takes into account the temporal variance of energy harvesting rates and channel states, and the limited capacity of ESUs. The optimal power allocation with three dimensions of time, channel and antenna is solved by utilizing the dual decomposition method with the pre-known temporal variance, and the corresponding result of the system throughput provides the theoretical upper bound. Finally, to reduce the throughput degradation caused by channel state prediction errors, a non-convex online scheduling problem is formulated as the classical energy efficiency format. It is transformed into a convex optimization problem by exploiting the properties of fractional programming, and then, an efficiently iterative solution is designed. Numerical results show that the average throughput of the online algorithm is 24% greater than that of existing time-energy adaptive water-filling algorithm. The degradation of the average throughput is less than 19% with probability 90%, even as the channel prediction error reaches 20%. These results provide guidelines for the design and optimization for full-duplex energy harvesting joint transmission systems.摘要创新点建立了全双工能量采集系统的能量流模型, 并证明了在时间尺度足够小时其可采用经典的顺序能量收集-存储-使用模型表示; 构建了最优化连续多时隙吞吐量问题模型, 并针对该问题, 基于对偶分解方法提出了功率在不同信道、天线与时隙的最优化离线控制算法; 进一步, 在考虑信道预测差的条件下, 构建了最优化连续多时隙吞吐量在线问题模型, 并针对其非凸性, 基于分数规划理论提出了功率在不同信道、天线与时隙的在线优化控制算法。

Real-world traffic analysis and joint caching and scheduling for in-RAN caching networks

This paper analyzes the traffic of a current LTE network in China and investigates the joint optimization of content object caching and scheduling for in-radio access network (RAN) caches. Cooperative caching has been well recognized as a way of unleashing the ultimate potential of in-RAN caches, yet its feasibility is still unexplored. Moreover, content object caching and scheduling are two key issues for cache deployment, which are usually jointly considered and resolved. However, they are triggered by different events with different time granularities. Therefore, on the basis of the real-world dataset, the feasibility of in-RAN cooperative caching is proved from aspects of network topology, traffic load difference among small base stations (SBSs) and correlation analysis of content objects requested at different SBSs. Then, it is verified that different time scales should be considered in making content object caching and scheduling decisions. To exploit in-RAN cooperative caching while meeting the time scale requirement in making caching and scheduling decisions, an optimization problem is constructed considering practical transmission constraints in wireless and backhaul. It is proved to be a quadratic assignment problem, and then, a joint caching, and wireless and backhaul scheduling algorithm is proposed based on Lagrangian relaxation and decomposition, and hastening branch and bound. The performance of the proposed algorithm is evaluated based on the real-world dataset. Results depict the relationship among the cache capacity, the number of SBSs, the connection probability of SBSs and the objective performance, and show that the proposed algorithm can achieve better performance, compared with the existing algorithms.

A Self-adaptive Hopping Approach of Moving Target Defense to thwart Scanning Attacks

End-point hopping is one of important moving target defense (MTD) mechanisms to kill the attacker’s reconnaissance. This method involves periodically changing the network configuration in use by communicating end points. Since without the awareness of attack strategies, existing end-point hopping mechanisms is blind which leads the network defense to low security effectiveness and high overhead. In this paper we propose a novel MTD approach named self-adaptive end-point hopping, which is based on adversary strategy awareness and implemented by Software Defined Networking (SDN) technique. It can greatly counterpoise the defense benefit of end-point hopping and service quality of network system. Directed at the blindness problem of hopping mechanism in the course of defense, hopping trigger based on adversary strategy awareness is proposed for guiding the choice of hopping mode by discriminating the scanning attack strategy, which enhances targeted defense. Aimed at the low availability problem caused by limited network resource and high hopping overhead, satisfiability modulo theories and are used to formally describe the constraints of hopping, so as to ensure the low-overhead of hopping. Theoretical and experimental analysis shows the ability to thwart scanning attacks in a relatively reasonable hopping cost.

What should we do? A structured review of SCADA system cyber security standards

SCADA (Supervisory Control and Data Acquisition) system is the core component of industrial and critical infrastructure, and cyber security of SCADA system has become the key consideration of system managers and engineers. Therefore, a great many of standards, guidelines and best practices have been developed to give reference of SCADA system cyber security, hoping to provide some instructions for system managers. Unfortunately, there is little consensus on what to do. Whats worse, it is difficult to choose the right one for a particular industrial scene. These standards are usually long and complex texts, whose reading and understanding often takes much time and effort. We provide a comprehensive and structured review of SCADA cyber security standards, guidelines and best practices with three dimensions: release time, geographic location and intended audience. Finally, we use the theory of defense-in-depth as a reference to evaluate these standards. It is concluded that no standard performs better than others on all the criteria and that we should integrate different standards to apply them to a specific industrial scene.

DGASensor: Fast Detection for DGA-Based Malwares

DNS protocol has been used by many malwares for command-and-control (C&C). To improve the resiliency of C&C communication, Domain Generation Algorithm (DGA) has been utilized by recent malwares such as Locky, Conficker and Zeus. Many detection systems have been introduced for DGA-based botnets detection. However, such botnets detection approaches suffer from several limitations, for instance, requiring a group of DGA domains, period behaviors, the presence of multiple bots, and so forth. It is very hard for them to detect an individually running DGA-based malware which leave only a few traces. In this paper, we develop DGASensor to detect DGA-based malwares immediately by identifying a single DGA domain using lexical evidence. First, DGASensor automatically analyzes the lexical patterns of the most popular domains listed in Alexa top 100,000, and then extracts two templates, namely distribution template and structure template. Second, the above two templates, pronounceable attributes, and some frequently used properties like entropy and length, are used to extract features from a single domain. Third, we train our classifier using a non-DGA dataset consisting of domains obtained from Alexa rank and a DGA dataset generated by known DGAs. At last, we provide a short word filter to decrease the false positive rate. We implement a prototype system and evaluate it using the above training dataset with 10-fold cross validation. Moreover, a set of real world DNS traffic collected from a recursive DNS server is used to measure real world performance of our system. The results show that DGASensor detects DGA domains with accuracy 93% in our training dataset and is able to identify a variety of malwares in the real world dataset with an extremely high processing capability.

LagProber: Detecting DGA-Based Malware by Using Query Time Lag of Non-existent Domains

Domain Generation Algorithm (DGA) has been outfitted by various malware families to extend the resistance to the blacklist-based techniques. A lot of previous approaches have been developed to detect the DGA-based malware based on the lexical property of the random generated domains. Unfortunately, attackers can adjust their DGAs to produce domains by simulating the character distribution of popular domains or words and thus can evade the detection of these approaches.

A Novel Semantic-Aware Approach for Detecting Malicious Web Traffic

With regard to web compromise, malicious web traffic refers to requests from users visiting websites for malicious targets, such as web vulnerabilities, web shells and uploaded malicious advertising web pages. To directly and comprehensively understand malicious web visits is meaningful to prevent web compromise. However, it is challenging to identify different malicious web traffic with a generic model. In this paper, a novel semantic-aware approach is proposed to detect malicious web traffic by profiling web visits individually. And a semantic representation of malicious activities is introduced to make detection results more understandable. The evaluation shows that our algorithm is effective in detecting malice with an average precision and recall of 90.8% and 92.9% respectively. Furthermore, we employ our approach on more than 136 million web traffic logs collected from a web hosting service provider, where 3,995 unique malicious IPs are detected involving hundreds of websites. The derived results reveal that our method is conductive to figure out adversaries’ intentions.

A game theoretical framework for improving the quality of service in cooperative RAN caching

In this paper, we design a game theoretical framework for improving the Quality of Service (QoS) in cooperative RAN caching. Considering the cooperation under both single cell transmission and joint transmission, the QoS metric is uniformly quantified as the total content delivery time. Although the formulated cooperative content placement problem is proved NP-hard, noticing the local cooperative characteristics, we transform the problem into Local Altruistic Gaming where the Nash Equilibrium (NE) can be guaranteed and distributive algorithms such as Spatial Adaptive Play (SAP) are applicable. Then, two distributed learning algorithms are proposed, where the former overcomes the execution difficulties over tremendous action set in traditional SAP, and the latter further accelerate the convergence by reducing the number of additional suboptimal NEs brought by the former. To further improve the computation efficiency, an updating scheme is constructed to enable parallel updating in the proposed algorithms. Finally, based on a real-world LTE traffic dataset, the performance of the proposed algorithms and the updating scheme have been validated.

POSTER: Quantitative Security Assessment Method based on Entropy for Moving Target Defense

Moving Target Defense(MTD) provides a promising solution to reduce the chance of weakness exposure by constantly changing the targets attack surface. Though lots of MTD technologies have been researched to defend network attacks, there is little systematic study on security assessment of MTD. This paper proposes a novel method to quantify the security of MTD system which based on three factors: Vulnerability Entropy, Attack Entropy and Attenuation Entropy. This assessment model provides a theoretical and practical guidance for building MTD system and improving MTD technology.

A Multi-queue Aggregation Framework for M2M Traffic in LTE-A and Beyond Networks.

Traffic aggregation has been considered as an effective approach to improve the radio resource utilization for M2M communication in LTE-A and beyond networks. In the LTE-A specification, the Relay Node (RN) is recommended to aggregate uplink M2M small-sized packets. However, the delay brought by the packets aggregation is inevitably increased, which is a vital metric for M2M packets with low delay requirement, such as emergency alerting. In this paper, we propose a new framework for optimal aggregation implemented in the PDCP of RN, which features balancing a tradeoff between QoS requirements of packets and the utilization efficiency of Physical Radio Blocks (PRBs). Specifically, (1) the RN dispatches the new arrival M2M packets into corresponding virtual queues according to their priorities set by M2M devices. Then, an Optimal Aggregating Scheme (OAS) is designed to minimize the PRB usage in condition satisfying the specific restriction of waiting time of packets in virtual queues. (2) The optimal aggregating problem is proved to be a NP-hard problem, which is solved by the Priority Branch and Bound Algorithm (PBBA) and the Priority Aggregating Heuristic. Numerical results illustrate that OAS achieves a tradeoff of QoS and PRB utilization efficiency in comparison with four existing schemes.