Visible to the public Biblio

Filters: Author is Liu, C.  [Clear All Filters]
2019-07-01
Zabetian-Hosseini, A., Mehrizi-Sani, A., Liu, C..  2018.  Cyberattack to Cyber-Physical Model of Wind Farm SCADA. IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society. :4929–4934.

In recent years, there has been a significant increase in wind power penetration into the power system. As a result, the behavior of the power system has become more dependent on wind power behavior. Supervisory control and data acquisition (SCADA) systems responsible for monitoring and controlling wind farms often have vulnerabilities that make them susceptible to cyberattacks. These vulnerabilities allow attackers to exploit and intrude in the wind farm SCADA system. In this paper, a cyber-physical system (CPS) model for the information and communication technology (ICT) model of the wind farm SCADA system integrated with SCADA of the power system is proposed. Cybersecurity of this wind farm SCADA system is discussed. Proposed cyberattack scenarios on the system are modeled and the impact of these cyberattacks on the behavior of the power systems on the IEEE 9-bus modified system is investigated. Finally, an anomaly attack detection algorithm is proposed to stop the attack of tripping of all wind farms. Case studies validate the performance of the proposed CPS model of the test system and the attack detection algorithm.

2019-04-05
Li, X., Cui, X., Shi, L., Liu, C., Wang, X..  2018.  Constructing Browser Fingerprint Tracking Chain Based on LSTM Model. 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC). :213-218.
Web attacks have increased rapidly in recent years. However, traditional methods are useless to track web attackers. Browser fingerprint, as a stateless tracking technique, can be used to solve this problem. Given browser fingerprint changes easily and frequently, it is easy to lose track. Therefore, we need to improve the stability of browser fingerprint by linking the new one to the previous chain. In this paper, we propose LSTM model to learn the potential relationship of browser fingerprint evolution. In addition, we adjust the input feature vector to time series and construct training set to train the model. The results show that our model can construct the tracking chain perfectly well with average ownership up to 99.3%.
2019-04-01
Wang, R., He, J., Liu, C., Li, Q., Tsai, W., Deng, E..  2018.  A Privacy-Aware PKI System Based on Permissioned Blockchains. 2018 IEEE 9th International Conference on Software Engineering and Service Science (ICSESS). :928–931.

Public key infrastructure (PKI) is the foundation and core of network security construction. Blockchain (BC) has many technical characteristics, such as decentralization, impossibility of being tampered with and forged, which makes it have incomparable advantages in ensuring information credibility, security, traceability and other aspects of traditional technology. In this paper, a method of constructing PKI certificate system based on permissioned BC is proposed. The problems of multi-CA mutual trust, poor certificate configuration efficiency and single point failure in digital certificate system are solved by using the characteristics of BC distribution and non-tampering. At the same time, in order to solve the problem of identity privacy on BC, this paper proposes a privacy-aware PKI system based on permissioned BCs. This system is an anonymous digital certificate publishing scheme., which achieves the separation of user registration and authorization, and has the characteristics of anonymity and conditional traceability, so as to realize to protect user's identity privacy. The system meets the requirements of certificate security and anonymity, reduces the cost of CA construction, operation and maintenance in traditional PKI technology, and improves the efficiency of certificate application and configuration.

2019-01-21
Wang, J., Lin, S., Liu, C., Wang, J., Zhu, B., Jiang, Y..  2018.  Secrecy Capacity of Indoor Visible Light Communication Channels. 2018 IEEE International Conference on Communications Workshops (ICC Workshops). :1–6.
In the indoor scenario, visible light communications (VLC) is regarded as one of the most promising candidates for future wireless communications. Recently, the physical layer security for indoor VLC has drawn considerable attention. In this paper, the secrecy capacity of indoor VLC is analyzed. Initially, an VLC system with a transmitter, a legitimate receiver, and an eavesdropper is established. In the system, the nonnegativity, the peak optical intensity constraint and the dimmable average optical intensity constraint are considered. Based on the principle of information theory, the closed-form expressions of the upper and the lower bounds on the secrecy capacity are derived, respectively. Numerical results show that the upper and the lower bounds on secrecy capacity are very tight, which verify the accuracy of the derived closed-form expressions.
2019-01-16
Jia, Z., Cui, X., Liu, Q., Wang, X., Liu, C..  2018.  Micro-Honeypot: Using Browser Fingerprinting to Track Attackers. 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC). :197–204.
Web attacks have proliferated across the whole Internet in recent years. To protect websites, security vendors and researchers collect attack information using web honeypots. However, web attackers can hide themselves by using stepping stones (e.g., VPN, encrypted proxy) or anonymous networks (e.g., Tor network). Conventional web honeypots lack an effective way to gather information about an attacker's identity, which raises a big obstacle for cybercrime traceability and forensics. Traditional forensics methods are based on traffic analysis; it requires that defenders gain access to the entire network. It is not suitable for honeypots. In this paper, we present the design, implementation, and deployment of the Micro-Honeypot, which aims to use the browser fingerprinting technique to track a web attacker. Traditional honeypot lure attackers and records attacker's activity. Micro-Honeypot is deployed in a honeypot. It will run and gather identity information when an attacker visits the honeypot. Our preliminary results show that Micro-Honeypot could collect more information and track attackers although they might have used proxies or anonymous networks to hide themselves.
2018-09-28
Jiang, H., Xu, Q., Liu, C., Liu, Z..  2017.  An Efficient CPA-Secure Encryption Scheme with Equality Test. 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). 2:38–45.

In this paper, we propose a CPA-Secure encryption scheme with equality test. Unlike other public key solutions, in our scheme, only the data owner can encrypt the message and get the comparable ciphertext, and only the tester with token who can perform the equality test. Our encryption scheme is based on multiplicative homomorphism of ElGamal Encryption and Non Interactive Zero Knowledge proof of Discrete Log. We proof that the proposed scheme is OW-CPA security under the attack of the adversary who has equality test token, and IND-CPA security under the attack of adversary who can not test the equality. The proposed scheme only suppose to compare two ciphertexts encrypted by same user, though it is less of flexibility, it is efficient and more suitable for data outsourcing scenario.

2018-05-30
Liu, C., Feng, Y., Fan, M., Wang, G..  2008.  PKI Mesh Trust Model Based on Trusted Computing. 2008 The 9th International Conference for Young Computer Scientists. :1401–1405.
Different organizations or countries maybe adopt different PKI trust model in real applications. On a large scale, all certification authorities (CA) and end entities construct a huge mesh network. PKI trust model exhibits unstructured mesh network as a whole. However, mesh trust model worsens computational complexity in certification path processing when the number of PKI domains increases. This paper proposes an enhanced mesh trust model for PKI. Keys generation and signature are fulfilled in Trusted Platform Module (TPM) for higher security level. An algorithm is suggested to improve the performance of certification path processing in this model. This trust model is less complex but more efficient and robust than the existing PKI trust models.
2018-02-27
Liu, C., Singhal, A., Wijesekera, D..  2017.  A Layered Graphical Model for Mission Attack Impact Analysis. 2017 IEEE Conference on Communications and Network Security (CNS). :602–609.

Business or military missions are supported by hardware and software systems. Unanticipated cyber activities occurring in supporting systems can impact such missions. In order to quantify such impact, we describe a layered graphical model as an extension of forensic investigation. Our model has three layers: the upper layer models operational tasks that constitute the mission and their inter-dependencies. The middle layer reconstructs attack scenarios from available evidence to reconstruct their inter-relationships. In cases where not all evidence is available, the lower level reconstructs potentially missing attack steps. Using the three levels of graphs constructed in these steps, we present a method to compute the impacts of attack activities on missions. We use NIST National Vulnerability Database's (NVD)-Common Vulnerability Scoring System (CVSS) scores or forensic investigators' estimates in our impact computations. We present a case study to show the utility of our model.