Visible to the public Biblio

Filters: Author is Zhang, J.  [Clear All Filters]
Gu, R., Zhang, X., Yu, L., Zhang, J..  2018.  Enhancing Security and Scalability in Software Defined LTE Core Networks. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :837–842.

The rapid development of mobile networks has revolutionized the way of accessing the Internet. The exponential growth of mobile subscribers, devices and various applications frequently brings about excessive traffic in mobile networks. The demand for higher data rates, lower latency and seamless handover further drive the demand for the improved mobile network design. However, traditional methods can no longer offer cost-efficient solutions for better user quality of experience with fast time-to-market. Recent work adopts SDN in LTE core networks to meet the requirement. In these software defined LTE core networks, scalability and security become important design issues that must be considered seriously. In this paper, we propose a scalable channel security scheme for the software defined LTE core network. It applies the VxLAN for scalable tunnel establishment and MACsec for security enhancement. According to our evaluation, the proposed scheme not only enhances the security of the channel communication between different network components, but also improves the flexibility and scalability of the core network with little performance penalty. Moreover, it can also shed light on the design of the next generation cellular network.

Lin, Y., Qi, Z., Wu, H., Yang, Z., Zhang, J., Wenyin, L..  2018.  CoderChain: A BlockChain Community for Coders. 2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN). :246–247.
An online community based on blockchain is proposed for software developers to share, assess, and learn codes and other codes or software related knowledge. It involves three modules or roles, namely: developer (or coder, or more generally, knowledge contributor), code (or knowledge contribution), and jury (or assessor, who is usually a developer with advanced skills), in addition to the blockchain based database. Each full node of the blockchain hosts a copy of all activities of developers in such community, including uploading contributions, assessing others' contributions, and conducting transactions. Smart contracts are applicable to automate transactions after code assessment or other related activities. The system aims to assess and improve the value of codes accurately, stimulate the creativity of the developers, and improve software development efficiency, so as to establish a virtuous cycle of a software development community.
Kelkar, S., Kraus, T., Morgan, D., Zhang, J., Dai, R..  2018.  Analyzing HTTP-Based Information Exfiltration of Malicious Android Applications. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :1642-1645.
Exfiltrating sensitive information from smartphones has become one of the most significant security threats. We have built a system to identify HTTP-based information exfiltration of malicious Android applications. In this paper, we discuss the method to track the propagation of sensitive information in Android applications using static taint analysis. We have studied the leaked information, destinations to which information is exfiltrated, and their correlations with types of sensitive information. The analysis results based on 578 malicious Android applications have revealed that a significant portion of these applications are interested in identity-related sensitive information. The vast majority of malicious applications leak multiple types of sensitive information. We have also identified servers associated with three country codes including CN, US, and SG are most active in collecting sensitive information. The analysis results have also demonstrated that a wide range of non-default ports are used by suspicious URLs.
Zhou, Y., Shi, J., Zhang, J., Chi, N..  2018.  Spectral Scrambling for High-security PAM-8 Underwater Visible Light Communication System. 2018 Asia Communications and Photonics Conference (ACP). :1–3.
We propose a spectral scrambling scheme to enhance physical layer security for an underwater VLC system which also simplifies the real-value signal generation procedure. A 1.08-Gb/s PAM-8 encrypted data over 1.2m transmission is experimentally demonstrated.
Yang, M., Wang, A., Sun, G., Liang, S., Zhang, J., Wang, F..  2017.  Signal Distribution Optimization for Cabin Visible Light Communications by Using Weighted Search Bat Algorithm. 2017 3rd IEEE International Conference on Computer and Communications (ICCC). :1025–1030.
With increasing demand for travelling, high-quality network service is important to people in vehicle cabins. Visible light communication (VLC) system is more appropriate than wireless local area network considering the security, communication speed, and narrow shape of the cabin. However, VLC exhibits technical limitations, such as uneven distribution of optical signals. In this regard, we propose a novel weight search bat algorithm (WSBA) to calculate a set of optimal power adjustment factors to reduce fluctuation in signal distributions. Simulation results show that the fairness of signal distribution in the cabin optimized by WSBA is better than that of the non-optimized signal distribution. Moreover, the coverage rate of WSBA is higher than that of genetic algorithm and particle swarm optimization.
Zhang, J., Zheng, L., Gong, L., Gu, Z..  2018.  A Survey on Security of Cloud Environment: Threats, Solutions, and Innovation. 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC). :910–916.

With the extensive application of cloud computing technology developing, security is of paramount importance in Cloud Computing. In the cloud computing environment, surveys have been provided on several intrusion detection techniques for detecting intrusions. We will summarize some literature surveys of various attack taxonomy, which might cause various threats in cloud environment. Such as attacks in virtual machines, attacks on virtual machine monitor, and attacks in tenant network. Besides, we review massive existing solutions proposed in the literature, such as misuse detection techniques, behavior analysis of network traffic, behavior analysis of programs, virtual machine introspection (VMI) techniques, etc. In addition, we have summarized some innovations in the field of cloud security, such as CloudVMI, data mining techniques, artificial intelligence, and block chain technology, etc. At the same time, our team designed and implemented the prototype system of CloudI (Cloud Introspection). CloudI has characteristics of high security, high performance, high expandability and multiple functions.

Zhang, J., Tang, Z., Li, R., Chen, X., Gong, X., Fang, D., Wang, Z..  2017.  Protect Sensitive Information against Channel State Information Based Attacks. 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). 2:203–210.
Channel state information (CSI) has been recently shown to be useful in performing security attacks in public WiFi environments. By analyzing how CSI is affected by the finger motions, CSI-based attacks can effectively reconstruct text-based passwords and locking patterns. This paper presents WiGuard, a novel system to protect sensitive on-screen gestures in a public place. Our approach carefully exploits the WiFi channel interference to introduce noise into the attacker's CSI measurement to reduce the success rate of the attack. Our approach automatically detects when a CSI-based attack happens. We evaluate our approach by applying it to protect text-based passwords and pattern locks on mobile devices. Experimental results show that our approach is able to reduce the success rate of CSI attacks from 92% to 42% for text-based passwords and from 82% to 22% for pattern lock.
Li, F., Chen, J., Shu, F., Zhang, J., Qing, S., Guo, W..  2017.  Research of Security Risk in Electric Power Information Network. 2017 6th International Conference on Computer Science and Network Technology (ICCSNT). :361–365.

The factors that threaten electric power information network are analyzed. Aiming at the weakness of being unable to provide numerical value of risk, this paper presents the evaluation index system, the evaluation model and method of network security based on multilevel fuzzy comprehensive judgment. The steps and method of security evaluation by the synthesis evaluation model are provided. The results show that this method is effective to evaluate the risk of electric power information network.

Guan, L., Zhang, J., Zhong, L., Li, X., Xu, Y..  2017.  Enhancing Security and Resilience of Bulk Power Systems via Multisource Big Data Learning. 2017 IEEE Power Energy Society General Meeting. :1–5.

In this paper, an advanced security and stability defense framework that utilizes multisource power system data to enhance the power system security and resilience is proposed. The framework consists of early warning, preventive control, on-line state awareness and emergency control, requires in-depth collaboration between power engineering and data science. To realize this framework in practice, a cross-disciplinary research topic — the big data analytics for power system security and resilience enhancement, which consists of data converting, data cleaning and integration, automatic labelling and learning model establishing, power system parameter identification and feature extraction using developed big data learning techniques, and security analysis and control based on the extracted knowledge — is deeply investigated. Domain considerations of power systems and specific data science technologies are studied. The future technique roadmap for emerging problems is proposed.

Chu, Z., Zhang, J., Kosut, O., Sankar, L..  2016.  Evaluating power system vulnerability to false data injection attacks via scalable optimization. 2016 IEEE International Conference on Smart Grid Communications (SmartGridComm). :260–265.

Physical consequences to power systems of false data injection cyber-attacks are considered. Prior work has shown that the worst-case consequences of such an attack can be determined using a bi-level optimization problem, wherein an attack is chosen to maximize the physical power flow on a target line subsequent to re-dispatch. This problem can be solved as a mixed-integer linear program, but it is difficult to scale to large systems due to numerical challenges. Three new computationally efficient algorithms to solve this problem are presented. These algorithms provide lower and upper bounds on the system vulnerability measured as the maximum power flow subsequent to an attack. Using these techniques, vulnerability assessments are conducted for IEEE 118-bus system and Polish system with 2383 buses.

You, L., Li, Y., Wang, Y., Zhang, J., Yang, Y..  2016.  A deep learning-based RNNs model for automatic security audit of short messages. 2016 16th International Symposium on Communications and Information Technologies (ISCIT). :225–229.

The traditional text classification methods usually follow this process: first, a sentence can be considered as a bag of words (BOW), then transformed into sentence feature vector which can be classified by some methods, such as maximum entropy (ME), Naive Bayes (NB), support vector machines (SVM), and so on. However, when these methods are applied to text classification, we usually can not obtain an ideal result. The most important reason is that the semantic relations between words is very important for text categorization, however, the traditional method can not capture it. Sentiment classification, as a special case of text classification, is binary classification (positive or negative). Inspired by the sentiment analysis, we use a novel deep learning-based recurrent neural networks (RNNs)model for automatic security audit of short messages from prisons, which can classify short messages(secure and non-insecure). In this paper, the feature of short messages is extracted by word2vec which captures word order information, and each sentence is mapped to a feature vector. In particular, words with similar meaning are mapped to a similar position in the vector space, and then classified by RNNs. RNNs are now widely used and the network structure of RNNs determines that it can easily process the sequence data. We preprocess short messages, extract typical features from existing security and non-security short messages via word2vec, and classify short messages through RNNs which accept a fixed-sized vector as input and produce a fixed-sized vector as output. The experimental results show that the RNNs model achieves an average 92.7% accuracy which is higher than SVM.

Luo, Z., Gilimyanov, R., Zhuang, H., Zhang, J..  2015.  Network-Wide Optimization of Uplink Fractional Power Control in LTE Networks. 2015 IEEE 82nd Vehicular Technology Conference (VTC2015-Fall). :1–5.

Next generation cellular networks will provide users better experiences by densely deploying smaller cells, which results in more complicated interferences environment. In order to coordinate interference, power control for uplink is particularly challenging due to random locations of uplink transmitter and dense deployment. In this paper, we address the uplink fractional power control (FPC) optimization problem from network optimization perspective. The relations between FPC parameters and network KPIs (Key Performance Indicators) are investigated. Rather than considering any single KPI in conventional approaches, multi-KPI optimization problem is formulated and solved. By relaxing the discrete optimization problem to a continuous one, the gradients of multiple KPIs with respect to FPC parameters are derived. The gradient enables efficiently searching for optimized FPC parameters which is particularly desirable for dense deployment of large number of cells. Simulation results show that the proposed scheme greatly outperforms the traditional one, in terms of network mean load, call drop & block ratio, and convergence speed.

Chuan, T. H., Zhang, J., Maode, M., Chong, P. H. Joo, Labiod, H..  2015.  Secure Public Key Regime (SPKR) in vehicular networks. 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC). :1–7.

Public Key Regime (PKR) was proposed as an alternative to certificate based PKI in securing Vehicular Networks (VNs). It eliminates the need for vehicles to append their certificate for verification because the Road Side Units (RSUs) serve as Delegated Trusted Authorities (DTAs) to issue up-to-date public keys to vehicles for communications. If a vehicle's private/public key needs to be revoked, the root TA performs real time updates and disseminates the changes to these RSUs in the network. Therefore, PKR does not need to maintain a huge Certificate Revocation List (CRL), avoids complex certificate verification process and minimizes the high latency. However, the PKR scheme is vulnerable to Denial of Service (DoS) and collusion attacks. In this paper, we study these attacks and propose a pre-authentication mechanism to secure the PKR scheme. Our new scheme is called the Secure Public Key Regime (SPKR). It is based on the Schnorr signature scheme that requires vehicles to expend some amount of CPU resources before RSUs issue the requested public keys to them. This helps to alleviate the risk of DoS attacks. Furthermore, our scheme is secure against collusion attacks. Through numerical analysis, we show that SPKR has a lower authentication delay compared with the Elliptic Curve Digital Signature (ECDSA) scheme and other ECDSA based counterparts.