Visible to the public Biblio

Filters: Author is Ma, Jianfeng  [Clear All Filters]
2019-11-04
Li, Teng, Ma, Jianfeng, Pei, Qingqi, Shen, Yulong, Sun, Cong.  2018.  Anomalies Detection of Routers Based on Multiple Information Learning. 2018 International Conference on Networking and Network Applications (NaNA). :206-211.

Routers are important devices in the networks that carry the burden of transmitting information among the communication devices on the Internet. If a malicious adversary wants to intercept the information or paralyze the network, it can directly attack the routers and then achieve the suspicious goals. Thus, preventing router security is of great importance. However, router systems are notoriously difficult to understand or diagnose for their inaccessibility and heterogeneity. The common way of gaining access to the router system and detecting the anomaly behaviors is to inspect the router syslogs or monitor the packets of information flowing to the routers. These approaches just diagnose the routers from one aspect but do not consider them from multiple views. In this paper, we propose an approach to detect the anomalies and faults of the routers with multiple information learning. We try to use the routers' information not from the developer's view but from the user' s view, which does not need any expert knowledge. First, we do the offline learning to transform the benign or corrupted user actions into the syslogs. Then, we try to decide whether the input routers' conditions are poor or not with clustering. During the detection phase, we use the distance between the event and the cluster to decide if it is the anomaly event and we can provide the corresponding solutions. We have applied our approach in a university network which contains Cisco, Huawei and Dlink routers for three months. We aligned our experiment with former work as a baseline for comparison. Our approach can gain 89.6% accuracy in detecting the attacks which is 5.1% higher than the former work. The results show that our approach performs in limited time as well as memory usages and has high detection and low false positives.

2017-06-05
Yao, Qingsong, Ma, Jianfeng, Cong, Sun, Li, Xinghua, Li, Jinku.  2016.  Attack Gives Me Power: DoS-defending Constant-time Privacy-preserving Authentication of Low-cost Devices Such As Backscattering RFID Tags. Proceedings of the 3rd ACM Workshop on Mobile Sensing, Computing and Communication. :23–28.

Denial of service (DoS) attack is a great threaten to privacy-preserving authentication protocols for low-cost devices such as RFID. During such attack, the legal internal states can be consumed by the DoS attack. Then the attacker can observe the behavior of the attacked tag in authentication to break privacy. Due to the inadequate energy and computing power, the low cost devices can hardly defend against the DoS attacks. In this paper, we propose a new insight of the DoS attack on tags and leverage the attacking behavior as a new source of power harvesting. In this way, a low-cost device such as a tag grows more and more powerful under DoS attack. Finally, it can defend against the DoS attack. We further propose a protocol that enables DoS-defending constant-time privacy-preserving authentication.