Zhengrui Qin

IMDGuard: Securing implantable medical devices with the external wearable guardian

Recent studies have revealed security vulnerabilities in implantable medical devices (IMDs). Security design for IMDs is complicated by the requirement that IMDs remain operable in an emergency when appropriate security credentials may be unavailable. In this paper, we introduce IMDGuard, a comprehensive security scheme for heart-related IMDs to fulfill this requirement. IMDGuard incorporates two techniques tailored to provide desirable protections for IMDs. One is an ECG based key establishment without prior shared secrets, and the other is an access control mechanism resilient to adversary spoofing attacks. The security and performance of IMDGuard are evaluated on our prototype implementation.

Fog Computing: Platform and Applications

Despite the broad utilization of cloud computing, some applications and services still cannot benefit from this popular computing paradigm due to inherent problems of cloud computing such as unacceptable latency, lack of mobility support and location-awareness. As a result, fog computing, has emerged as a promising infrastructure to provide elastic resources at the edge of network. In this paper, we have discussed current definitions of fog computing and similar concepts, and proposed a more comprehensive definition. We also analyzed the goals and challenges in fog computing platform, and presented platform design with several exemplar applications. We finally implemented and evaluated a prototype fog computing platform.

Security and Privacy Issues of Fog Computing: A Survey

Fog computing is a promising computing paradigm that extends cloud computing to the edge of networks. Similar to cloud computing but with distinct characteristics, fog computing faces new security and privacy challenges besides those inherited from cloud computing. In this paper, we have surveyed these challenges and corresponding solutions in a brief manner.

Defending Against Cooperative Attacks in Cooperative Spectrum Sensing

Accurate spectrum sensing is important in cognitive radio networks. False sensing results in either waste of spectrum or harmful interference to primary users. To improve accuracy, cooperative spectrum sensing, in which a set of secondary users cooperatively sense the presence of the primary user, has emerged. This technique, however, opens a window for malicious users and attackers, who may remotely or physically capture the sensors and manipulate the sensing reports. In this paper, we consider the attack model whereby the attacker injects self-consistent false data simultaneously, and propose a modified COI (combinatorial optimization identification) algorithm to defend against such attacks. We also provide a theorem that detection uncertainty may exist in cooperative spectrum sensing. We intensively evaluate our algorithm with simulations, and the results show that our algorithm is a good technique to complement an existing algorithm, called IRIS.

Unidentifiable Attacks in Electric Power Systems

The electric power grid is a crucial infrastructure in our society and is always a target of malicious users and attackers. In this paper, we first introduce the concept of unidentifiable attack, in which the control center cannot identify the attack even though it detects its presence. Thus, the control center cannot obtain deterministic state estimates, since there may have several feasible cases and the control center cannot simply favor one over the others. Furthermore, we present algorithms to enumerate all feasible cases under an unidentifiable attack, and propose an optimization strategy from the perspective of the control center to deal with an unidentifiable attack. We briefly evaluate and validate our enumerating algorithms and optimization strategy.

Defending against Unidentifiable Attacks in Electric Power Grids

The electric power grid is a crucial infrastructure in our society and is always a target of malicious users and attackers. In this paper, we first introduce the concept of unidentifiable attack, in which the control center cannot identify the attack even though it detects its presence. Thus, the control center cannot obtain deterministic state estimates, since there may have several feasible cases and the control center cannot simply favor one over the others. Given an unidentifiable attack, we present algorithms to enumerate all feasible cases, and propose an optimization strategy from the perspective of the control center to deal with an unidentifiable attack. Furthermore, we propose a heuristic algorithm from the view of an attacker to find good attack regions such that the number of meters required to compromise is as few as possible. We also formulate the problem that how to distinguish all feasible cases if the control center has some limited resources to verify some meters, and solve it with standard algorithms. Finally, we briefly evaluate and validate our enumerating algorithms and optimization strategy.

Preserving secondary users' privacy in cognitive radio networks

Cognitive radio plays an important role in improving spectrum utilization in wireless services. In the cognitive radio paradigm, secondary users (SUs) are allowed to utilize licensed spectrum opportunistically without interfering with primary users (PUs). To motivate PU to share licensed spectrum with SU, it is reasonable for SU to pay PU a fee whenever the former is utilizing the latters licensed spectrum. SUs detailed usage information, such as when and how long the licensed spectrum is utilized, is needed for PU to calculate payment. Providing usage information to PU, however, may compromise SUs privacy. To solve this dilemma, we are the first to propose a novel privacy-preserving mechanism for cognitive radio transactions through commitment scheme and zero-knowledge proof. This mechanism, on one hand, only allows PU to know the total payment to SU for a billing period, plus a little portion of SUs usage information. On the other hand, it guarantees PU that the payment is correctly calculated. We have implemented our mechanism and evaluated its performance.

Securing SDN Infrastructure of IoT–Fog Networks From MitM Attacks

While the Internet of Things (IoT) is making our lives much easier, managing the IoT becomes a big issue due to the huge number of connections, and the lack of protections for devices. Recent work shows that software-defined networking (SDN) has a great capability in automatically and dynamically managing network flows. Besides, switches in SDNs are usually powerful machines, which can be used as fog nodes simultaneously. Therefore, SDN seems a good choice for IoT–Fog networks. However, before deploying to IoT–Fog networks, the security of the OpenFlow channel between the controller and its switches need to be addressed. Since all the controller commands are sent through this channel, once compromised, the network will be completely controlled by an attacker. This is a disaster for both the network service providers and their customers. Previous works on SDN security either protect controllers themselves or make a strong assumption that the OpenFlow channel is already secured. Using TLS to encrypt the channel is not a “silver-bullet” solution due to the known TLS vulnerabilities. In this paper, we specifically investigate the potential threats of man-in-the-middle attacks on the OpenFlow control channel. We first introduce a feasible attack model in an IoT–Fog architecture, and then we implement attack demonstrations to show the severe consequences of such attacks. Additionally, we propose a lightweight countermeasure using Bloom filters. We implement a prototype for this method to monitor stealthy packet modifications. The result of our evaluation shows that our Bloom filter monitoring system is efficient and consumes few resources.

Lehigh Explorer: A Real Time Video Streaming Application with Mobility Support for Content Centric Networks

With the availability of powerful mobile devices and cellular or WiFi networks with larger bandwidth, users can search and retrieve contents everywhere anytime. Recently content-centric networks have been proposed to provide users with more flexible access to contents than the existing IP-based networks. We have designed secure content centric mobile network (SECON)s that allow users to publish and retrieve contents securely. Unique SECON features include supporting keyword-based content queries, and enhanced attribute-based security approach. In this paper, we describe two new features for SECON, namely real-time video streaming and mobility support. We further describe Lehigh Explorer, an Android application we developed for users to explore different campuses in real-time or virtually. Users of Lehigh Explorer issue keyword based content queries to retrieve data items of interests. They can also retrieve streaming videos of interests while on the move. Our prototype evaluation using GENI test bed showed that the average handoff time for our streaming video service is 732 ms without caching and 101 ms with caching. The energy consumption for supporting video streaming of different qualities using 3 Android-based phones is also reported.

WearLock: Unlocking Your Phone via Acoustics Using Smartwatch

Smartphone lock screens are implemented to reduce the risk of data loss or compromise given the fact that increasing amount of person data are accessible on smartphones nowadays. Unfortunately, many smartphone users abandon lock screens due to the inconvenience of unlocking their phones many times a day. With the wide adoption of wearables, token-based approaches have gained popularity in simplifying unlocking and retaining security at the same time. To this end, we propose to take advantage of the smartwatch for easy smartphone unlocking. In this paper, we have designed WearLock, a system that uses acoustic tones as tokens to automate the unlocking securely. We build a sub-channel selection and an adaptive modulation in the acoustic modem to maximize unlocking success rate against ambient noise only when those two devices are nearby. We leverage the motion sensor on the smartwatch to reduce the unlock frequency. We offload smartwatch tasks to the smartphone to speed up computation and save energy. We have implemented the WearLock prototype and conducted extensive evaluations. Results achieved a low average bit error rate (BER) as 8% in various experiments. Compared to traditional manual personal identification numbers (PINs) entry, WearLock achieves at least 18% unlock speedup without any manual effort.