Visible to the public Biblio

Filters: Author is Shen, Y.  [Clear All Filters]
Li, T., Ma, J., Pei, Q., Song, H., Shen, Y., Sun, C..  2019.  DAPV: Diagnosing Anomalies in MANETs Routing With Provenance and Verification. IEEE Access. 7:35302–35316.
Routing security plays an important role in the mobile ad hoc networks (MANETs). Despite many attempts to improve its security, the routing mechanism of MANETs remains vulnerable to attacks. Unlike most existing solutions that prevent the specific problems, our approach tends to detect the misbehavior and identify the anomalous nodes in MANETs automatically. The existing approaches offer support for detecting attacks or debugging in different routing phases, but many of them cannot answer the absence of an event. Besides, without considering the privacy of the nodes, these methods depend on the central control program or a third party to supervise the whole network. In this paper, we present a system called DAPV that can find single or collaborative malicious nodes and the paralyzed nodes which behave abnormally. DAPV can detect both direct and indirect attacks launched during the routing phase. To detect malicious or abnormal nodes, DAPV relies on two main techniques. First, the provenance tracking enables the hosts to deduce the expected log information of the peers with the known log entries. Second, the privacy-preserving verification uses Merkle Hash Tree to verify the logs without revealing any privacy of the nodes. We demonstrate the effectiveness of our approach by applying DAPV to three scenarios: 1) detecting injected malicious intermediated routers which commit active and passive attacks in MANETs; 2) resisting the collaborative black-hole attack of the AODV protocol, and; 3) detecting paralyzed routers in university campus networks. Our experimental results show that our approach can detect the malicious and paralyzed nodes, and the overhead of DAPV is moderate.
Li, T., Ma, J., Pei, Q., Shen, Y., Sun, C..  2018.  Log-based Anomalies Detection of MANETs Routing with Reasoning and Verification. 2018 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC). :240–246.

Routing security plays an important role in Mobile Ad hoc Networks (MANETs). Despite many attempts to improve its security, the routing procedure of MANETs remains vulnerable to attacks. Existing approaches offer support for detecting attacks or debugging in different routing phases, but many of them have not considered the privacy of the nodes during the anomalies detection, which depend on the central control program or a third party to supervise the whole network. In this paper, we present an approach called LAD which uses the raw logs of routers to construct control a flow graph and find the existing communication rules in MANETs. With the reasoning rules, LAD can detect both active and passive attacks launched during the routing phase. LAD can also protect the privacy of the nodes in the verification phase with the specific Merkle hash tree. Without deploying any special nodes to assist the verification, LAD can detect multiple malicious nodes by itself. To show that our approach can be used to guarantee the security of the MANETs, we deploy our experiment in NS3 as well as the practical router environment. LAD can improve the accuracy rate from 2.28% to 29.22%. The results show that LAD performs limited time and memory usages, high detection and low false positives.

Gao, J., Wang, J., Zhang, L., Yu, Q., Huang, Y., Shen, Y..  2019.  Magnetic Signature Analysis for Smart Security System Based on TMR Magnetic Sensor Array. IEEE Sensors Journal. :1–1.

This paper presents a novel low power security system based on magnetic anomaly detection by using Tunneling Magnetoresistance (TMR) magnetic sensors. In this work, a smart light has been developed, which consists of TMR sensors array, detection circuits, a micro-controller and a battery. Taking the advantage of low power consumption of TMR magnetic sensors, the smart light powered by Li-ion battery can work for several months. Power Spectrum Density of the obtained signal was analyzed to reject background noise and improve the signal to noise ratio effectively by 1.3 dB, which represented a 30% detection range improvement. Also, by sending the signals to PC, the magnetic fingerprints of the objects have been configured clearly. In addition, the quick scan measurement has been also performed to demonstrate that the system can discriminate the multiple objects with 30 cm separation. Since the whole system was compact and portable, it can be used for security check at office, meeting room or other private places without attracting any attention. Moreover, it is promising to integrate multiply such systems together to achieve a wireless security network in large-scale monitoring.

Salem, A., Liao, X., Shen, Y., Lu, X..  2017.  Provoking the Adversary by Dual Detection Techniques: A Game Theoretical Framework. 2017 International Conference on Networking and Network Applications (NaNA). :326–329.

Establishing a secret and reliable wireless communication is a challenging task that is of paramount importance. In this paper, we investigate the physical layer security of a legitimate transmission link between a user that assists an Intrusion Detection System (IDS) in detecting eavesdropping and jamming attacks in the presence of an adversary that is capable of conducting an eavesdropping or a jamming attack. The user is being faced by a challenge of whether to transmit, thus becoming vulnerable to an eavesdropping or a jamming attack, or to keep silent and consequently his/her transmission will be delayed. The adversary is also facing a challenge of whether to conduct an eavesdropping or a jamming attack that will not get him/her to be detected. We model the interactions between the user and the adversary as a two-state stochastic game. Explicit solutions characterize some properties while highlighting some interesting strategies that are being embraced by the user and the adversary. Results show that our proposed system outperform current systems in terms of communication secrecy.

Shen, Y., Chen, W., Wang, J..  2017.  Distributed Self-Healing for Mobile Robot Networks with Multiple Robot Failures. 2017 Chinese Automation Congress (CAC). :5939–5944.

In the multi-robot applications, the maintained and desired network may be destroyed by failed robots. The existing self-healing algorithms only handle with the case of single robot failure, however, multiple robot failures may cause several challenges, such as disconnected network and conflicts among repair paths. This paper presents a distributed self-healing algorithm based on 2-hop neighbor infomation to resolve the problems caused by multiple robot failures. Simulations and experiment show that the proposed algorithm manages to restore connectivity of the mobile robot network and improves the synchronization of the network globally, which validate the effectiveness of the proposed algorithm in resolving multiple robot failures.

Shen, Y., Wang, H..  2017.  Enhancing data security of iOS client by encryption algorithm. 2017 IEEE 2nd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). :366–370.

iOS devices are steadily obtaining popularity of the majority of users because of its some unique advantages in recent years. They can do many things that have been done on a desktop computer or laptop. With the increase in the use of mobile devices by individuals, organizations and government, there are many problems with information security especially some sensitive data related to users. As we all known, encryption algorithm play a significant role in data security. In order to prevent data being intercepted and being leaked during communication, in this paper, we adopted DES encryption algorithm that is fast, simple and suitable for large amounts of data of encryption to encrypt the data of iOS client and adopted the ECC encryption algorithms that was used to overcome the shortcoming of exchanging keys in a securing way before communications. In addition, we should also consider the application isolation and security mechanism of iOS that these features also protect the data securing to some extent. Namely, we propose an encryption algorithm combined the strengths of DES and ECC and make full use of the advantages of hybrid algorithm. Then, we tested and evaluated the performances of the suggested cryptography mechanism within the mobile platform of iOS. The results show that the algorithm has fairly efficiency in practical applications and strong anti-attack ability and it also improves the security and efficiency in data transmission.

Hu, P., Pathak, P. H., Shen, Y., Jin, H., Mohapatra, P..  2017.  PCASA: Proximity Based Continuous and Secure Authentication of Personal Devices. 2017 14th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON). :1–9.
User's personal portable devices such as smartphone, tablet and laptop require continuous authentication of the user to prevent against illegitimate access to the device and personal data. Current authentication techniques require users to enter password or scan fingerprint, making frequent access to the devices inconvenient. In this work, we propose to exploit user's on-body wearable devices to detect their proximity from her portable devices, and use the proximity for continuous authentication of the portable devices. We present PCASA which utilizes acoustic communication for secure proximity estimation with sub-meter level accuracy. PCASA uses Differential Pulse Position Modulation scheme that modulates data through varying the silence period between acoustic pulses to ensure energy efficiency even when authentication operation is being performed once every second. It yields an secure and accurate distance estimation even when user is mobile by utilizing Doppler effect for mobility speed estimation. We evaluate PCASA using smartphone and smartwatches, and show that it supports up to 34 hours of continuous authentication with a fully charged battery.