Visible to the public Biblio

Filters: Author is Cheng, G.  [Clear All Filters]
Ciovati, G., Cheng, G., Drury, M., Fischer, J., Geng, R..  2017.  Impact of Remanent Magnetic Field on the Heat Load of Original CEBAF Cryomodule. IEEE Transactions on Applied Superconductivity. 27:1–6.

The heat load of the original cryomodules for the continuous electron beam accelerator facility is 50% higher than the target value of 100 W at 2.07 K for refurbished cavities operating at an accelerating gradient of 12.5 MV/m. This issue is due to the quality factor of the cavities being 50% lower in the cryomodule than when tested in a vertical cryostat, even at low RF field. Previous studies were not conclusive about the origin of the additional losses. We present the results of a systematic study of the additional losses in a five-cell cavity from a decommissioned cryomodule after attaching components, which are part of the cryomodule, such as the cold tuner, the He tank, and the cold magnetic shield, prior to cryogenic testing in a vertical cryostat. Flux-gate magnetometers and temperature sensors are used as diagnostic elements. Different cool-down procedures and tests in different residual magnetic fields were investigated during the study. Three flux-gate magnetometers attached to one of the cavities installed in the refurbished cryomodule C50-12 confirmed the hypothesis of high residual magnetic field as a major cause for the increased RF losses.

Lu, Z., Chen, F., Cheng, G., Ai, J..  2017.  A secure control plane for SDN based on Bayesian Stackelberg Games. 2017 3rd IEEE International Conference on Computer and Communications (ICCC). :1259–1264.

Vulnerabilities of controller that is caused by separation of control and forwarding lead to a threat which attacker can take remote access detection in SDN. The current work proposes a controller architecture called secure control plane (SCP) that enhances security and increase the difficulty of the attack through a rotation of heterogeneous and multiple controllers. Specifically, a dynamic-scheduling method based on Bayesian Stackelberg Games is put forward to maximize security reward of defender during each migration. Secondly, introducing a self-cleaning mechanism combined with game strategy aims at improving the secure level and form a closed-loop defense mechanism; Finally, the experiments described quantitatively defender will get more secure gain based on the game strategy compared with traditional strategy (pure and random strategies), and the self-cleaning mechanism can make the control plane to be in a higher level of security.

Qi, C., Wu, J., Chen, H., Yu, H., Hu, H., Cheng, G..  2017.  Game-Theoretic Analysis for Security of Various Software-Defined Networking (SDN) Architectures. 2017 IEEE 85th Vehicular Technology Conference (VTC Spring). :1–5.

Security evaluation of diverse SDN frameworks is of significant importance to design resilient systems and deal with attacks. Focused on SDN scenarios, a game-theoretic model is proposed to analyze their security performance in existing SDN architectures. The model can describe specific traits in different structures, represent several types of information of players (attacker and defender) and quantitatively calculate systems' reliability. Simulation results illustrate dynamic SDN structures have distinct security improvement over static ones. Besides, effective dynamic scheduling mechanisms adopted in dynamic systems can enhance their security further.

Liu, W., Chen, F., Hu, H., Cheng, G., Huo, S., Liang, H..  2017.  A Novel Framework for Zero-Day Attacks Detection and Response with Cyberspace Mimic Defense Architecture. 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). :50–53.

In cyberspace, unknown zero-day attacks can bring safety hazards. Traditional defense methods based on signatures are ineffective. Based on the Cyberspace Mimic Defense (CMD) architecture, the paper proposes a framework to detect the attacks and respond to them. Inputs are assigned to all online redundant heterogeneous functionally equivalent modules. Their independent outputs are compared and the outputs in the majority will be the final response. The abnormal outputs can be detected and so can the attack. The damaged executive modules with abnormal outputs will be replaced with new ones from the diverse executive module pool. By analyzing the abnormal outputs, the correspondence between inputs and abnormal outputs can be built and inputs leading to recurrent abnormal outputs will be written into the zero-day attack related database and their reuses cannot work any longer, as the suspicious malicious inputs can be detected and processed. Further responses include IP blacklisting and patching, etc. The framework also uses honeypot like executive module to confuse the attacker. The proposed method can prevent the recurrent attack based on the same exploit.