Visible to the public Biblio

Filters: Author is Chen, J.  [Clear All Filters]
2019-09-23
Tan, L., Liu, K., Yan, X., Wan, S., Chen, J., Chang, C..  2018.  Visual Secret Sharing Scheme for Color QR Code. 2018 IEEE 3rd International Conference on Image, Vision and Computing (ICIVC). :961–965.

In this paper, we propose a novel visual secret sharing (VSS) scheme for color QR code (VSSCQR) with (n, n) threshold based on high capacity, admirable visual effects and popularity of color QR code. By splitting and encoding a secret image into QR codes and then fusing QR codes to generate color QR code shares, the scheme can share the secret among a certain number of participants. However, less than n participants cannot reveal any information about the secret. The embedding amount and position of the secret image bits generated by VSS are in the range of the error correction ability of the QR code. Each color share is readable, which can be decoded and thus may not come into notice. On one hand, the secret image can be reconstructed by first decomposing three QR codes from each color QR code share and then stacking the corresponding QR codes based on only human visual system without computational devices. On the other hand, by decomposing three QR codes from each color QR code share and then XORing the three QR codes respectively, we can reconstruct the secret image losslessly. The experiment results display the effect of our scheme.

2019-05-01
Chen, D., Chen, W., Chen, J., Zheng, P., Huang, J..  2018.  Edge Detection and Image Segmentation on Encrypted Image with Homomorphic Encryption and Garbled Circuit. 2018 IEEE International Conference on Multimedia and Expo (ICME). :1-6.

Edge detection is one of the most important topics of image processing. In the scenario of cloud computing, performing edge detection may also consider privacy protection. In this paper, we propose an edge detection and image segmentation scheme on an encrypted image with Sobel edge detector. We implement Gaussian filtering and Sobel operator on the image in the encrypted domain with homomorphic property. By implementing an adaptive threshold decision algorithm in the encrypted domain, we obtain a threshold determined by the image distribution. With the technique of garbled circuit, we perform comparison in the encrypted domain and obtain the edge of the image without decrypting the image in advanced. We then propose an image segmentation scheme on the encrypted image based on the detected edges. Our experiments demonstrate the viability and effectiveness of the proposed encrypted image edge detection and segmentation.

2019-03-28
Chen, J., Xu, R., Li, C..  2018.  Research of Security Situational Awareness and Visualization Approach in Cloud Computing. 2018 International Conference on Networking and Network Applications (NaNA). :201-205.
Cloud computing is an innovative mechanism to optimize computing and storage resource utilization. Due to its cost-saving, high-efficiency advantage, the technology receives wide adoption from IT industries. However, the frequent emergences of security events become the heaviest obstacle for its advancement. The multi-layer and distributive characteristics of cloud computing make IT admins compulsively collect all necessary situational information at cloud runtime if they want to grasp the panoramic secure state, hereby practice configuration management and emergency response methods when necessary. On the other hand, technologies such as elastic resource pooling, dynamic load balancing and virtual machine real-time migration complicate the difficulty of data gathering, where secure information may come from virtual machine hypervisor, network accounting or host monitor proxies. How to classify, arrange, standardize and visualize these data turns into the most crucial issue for cloud computing security situation awareness and presentation. This dissertation borrows traditional fashion of data visualization to integrate into cloud computing features, proposes a new method for aggregating and displaying secure information which IT admins concern, and expects that by method realization cloud security monitor/management capabilities could be notably enhanced.
2019-03-25
Hasan, K., Shetty, S., Hassanzadeh, A., Salem, M. B., Chen, J..  2018.  Self-Healing Cyber Resilient Framework for Software Defined Networking-Enabled Energy Delivery System. 2018 IEEE Conference on Control Technology and Applications (CCTA). :1692–1697.
Software defined networking (SDN) is a networking paradigm to provide automated network management at run time through network orchestration and virtualization. SDN can also enhance system resilience through recovery from failures and maintaining critical operations during cyber attacks. SDN's self-healing mechanisms can be leveraged to realized autonomous attack containment, which dynamically modifies access control rules based on configurable trust levels. In this paper, we present an approach to aid in selection of security countermeasures dynamically in an SDN enabled Energy Delivery System (EDS) and achieving tradeoff between providing security and QoS. We present the modeling of security cost based on end-to-end packet delay and throughput. We propose a non-dominated sorting based multi-objective optimization framework which can be implemented within an SDN controller to address the joint problem of optimizing between security and QoS parameters by alleviating time complexity at O(M N2), where M is the number of objective functions and N is the number of population for each generation respectively. We present simulation results which illustrate how data availability and data integrity can be achieved while maintaining QoS constraints.
2018-12-10
Chen, J., Touati, C., Zhu, Q..  2017.  Heterogeneous Multi-Layer Adversarial Network Design for the IoT-Enabled Infrastructures. GLOBECOM 2017 - 2017 IEEE Global Communications Conference. :1–6.

The emerging Internet of Things (IoT) applications that leverage ubiquitous connectivity and big data are facilitating the realization of smart everything initiatives. IoT-enabled infrastructures have naturally a multi-layer system architecture with an overlaid or underlaid device network and its coexisting infrastructure network. The connectivity between different components in these two heterogeneous networks plays an important role in delivering real-time information and ensuring a high-level situational awareness. However, IoT- enabled infrastructures face cyber threats due to the wireless nature of communications. Therefore, maintaining the network connectivity in the presence of adversaries is a critical task for the infrastructure network operators. In this paper, we establish a three-player three-stage game-theoretic framework including two network operators and one attacker to capture the secure design of multi- layer infrastructure networks by allocating limited resources. We use subgame perfect Nash equilibrium (SPE) to characterize the strategies of players with sequential moves. In addition, we assess the efficiency of the equilibrium network by comparing with its team optimal solution counterparts in which two network operators can coordinate. We further design a scalable algorithm to guide the construction of the equilibrium IoT-enabled infrastructure networks. Finally, we use case studies on the emerging paradigm of Internet of Battlefield Things (IoBT) to corroborate the obtained results.

2018-10-26
He, S., Cheng, B., Wang, H., Xiao, X., Cao, Y., Chen, J..  2018.  Data security storage model for fog computing in large-scale IoT application. IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). :39–44.

With the scale of big data increasing in large-scale IoT application, fog computing is a recent computing paradigm that is extending cloud computing towards the edge of network in the field. There are a large number of storage resources placed on the edge of the network to form a geographical distributed storage system in fog computing system (FCS). It is used to store the big data collected by the fog computing nodes and to reduce the management costs for moving big data to the cloud. However, the storage of fog nodes at the edge of the network faces a direct attack of external threats. In order to improve the security of the storage of fog nodes in FCS, in this paper, we proposed a data security storage model for fog computing (FCDSSM) to realize the integration of storage and security management in large-scale IoT application. We designed a detail of the FCDSSM system architecture, gave a design of the multi-level trusted domain, cooperative working mechanism, data synchronization and key management strategy for the FCDSSM. Experimental results show that the loss of computing and communication performance caused by data security storage in the FCDSSM is within the acceptable range, and the FCDSSM has good scalability. It can be adapted to big data security storage in large-scale IoT application.

2018-09-28
Tsou, Y., Chen, H., Chen, J., Huang, Y., Wang, P..  2017.  Differential privacy-based data de-identification protection and risk evaluation system. 2017 International Conference on Information and Communication Technology Convergence (ICTC). :416–421.

As more and more technologies to store and analyze massive amount of data become available, it is extremely important to make privacy-sensitive data de-identified so that further analysis can be conducted by different parties. For example, data needs to go through data de-identification process before being transferred to institutes for further value added analysis. As such, privacy protection issues associated with the release of data and data mining have become a popular field of study in the domain of big data. As a strict and verifiable definition of privacy, differential privacy has attracted noteworthy attention and widespread research in recent years. Nevertheless, differential privacy is not practical for most applications due to its performance of synthetic dataset generation for data query. Moreover, the definition of data protection by randomized noise in native differential privacy is abstract to users. Therefore, we design a pragmatic DP-based data de-identification protection and risk of data disclosure estimation system, in which a DP-based noise addition mechanism is applied to generate synthetic datasets. Furthermore, the risk of data disclosure to these synthetic datasets can be evaluated before releasing to buyers/consumers.

2018-09-05
Wang, J., Shi, D., Li, Y., Chen, J., Duan, X..  2017.  Realistic measurement protection schemes against false data injection attacks on state estimators. 2017 IEEE Power Energy Society General Meeting. :1–5.
False data injection attacks (FDIA) on state estimators are a kind of imminent cyber-physical security issue. Fortunately, it has been proved that if a set of measurements is strategically selected and protected, no FDIA will remain undetectable. In this paper, the metric Return on Investment (ROI) is introduced to evaluate the overall returns of the alternative measurement protection schemes (MPS). By setting maximum total ROI as the optimization objective, the previously ignored cost-benefit issue is taken into account to derive a realistic MPS for power utilities. The optimization problem is transformed into the Steiner tree problem in graph theory, where a tree pruning based algorithm is used to reduce the computational complexity and find a quasi-optimal solution with acceptable approximations. The correctness and efficiency of the algorithm are verified by case studies.
2018-06-07
Yang, Y., Chen, J., Huang, Y., Wang, X..  2017.  Security-reliability tradeoff for cooperative multi-relay and jammer selection in Nakagami-m fading channels. 2017 IEEE 17th International Conference on Communication Technology (ICCT). :181–186.
In this paper, we analyze the security-reliability tradeoff (SRT) performance of the multi-relay cooperative networks over Nakagami-m fading channels. By considering the reliability of the first phase from the source to relay, a cooperative jamming (CJ) assisted secure transmission scheme is investigated to improve the security performance of the considered system. Specifically, we derive the approximate closed-form expression of the outage probability (OP) and exact closed-form expression of the intercepted probability (IP) for the CJ scheme to evaluate the SRT performance of the system. Finally, the simulation results verify the validity of our theoretical derivations and the advantage of the CJ scheme compared to the traditional scheme with no cooperative jammer.
2018-05-30
Li, F., Chen, J., Shu, F., Zhang, J., Qing, S., Guo, W..  2017.  Research of Security Risk in Electric Power Information Network. 2017 6th International Conference on Computer Science and Network Technology (ICCSNT). :361–365.

The factors that threaten electric power information network are analyzed. Aiming at the weakness of being unable to provide numerical value of risk, this paper presents the evaluation index system, the evaluation model and method of network security based on multilevel fuzzy comprehensive judgment. The steps and method of security evaluation by the synthesis evaluation model are provided. The results show that this method is effective to evaluate the risk of electric power information network.

2018-04-11
Shen, G., Tang, Y., Li, S., Chen, J., Yang, B..  2017.  A General Framework of Hardware Trojan Detection: Two-Level Temperature Difference Based Thermal Map Analysis. 2017 11th IEEE International Conference on Anti-Counterfeiting, Security, and Identification (ASID). :172–178.

With the globalization of integrated circuit design and manufacturing, Hardware Trojan have posed serious threats to the security of commercial chips. In this paper, we propose the framework of two-level temperature difference based thermal map analysis detection method. In our proposed method, thermal maps of an operating chip during a period are captured, and they are differentiated with the thermal maps of a golden model. Then every pixel's differential temperature of differential thermal maps is extracted and compared with other pixel's. To mitigate the Gaussian white noise and to differentiate the information of Hardware Trojan from the information of normal circuits, Kalman filter algorithm is involved. In our experiment, FPGAs configured with equivalent circuits are utilized to simulate the real chips to validate our proposed approach. The experimental result reveals that our proposed framework can detect Hardware Trojan whose power proportion magnitude is 10''3.

2018-02-27
Huang, L., Chen, J., Zhu, Q..  2017.  A Factored MDP Approach to Optimal Mechanism Design for Resilient Large-Scale Interdependent Critical Infrastructures. 2017 Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES). :1–6.

Enhancing the security and resilience of interdependent infrastructures is crucial. In this paper, we establish a theoretical framework based on Markov decision processes (MDPs) to design optimal resiliency mechanisms for interdependent infrastructures. We use MDPs to capture the dynamics of the failure of constituent components of an infrastructure and their cyber-physical dependencies. Factored MDPs and approximate linear programming are adopted for an exponentially growing dimension of both state and action spaces. Under our approximation scheme, the optimally distributed policy is equivalent to the centralized one. Finally, case studies in a large-scale interdependent system demonstrate the effectiveness of the control strategy to enhance the network resilience to cascading failures.

2018-02-21
Zhao, C., He, J., Cheng, P., Chen, J..  2017.  Privacy-preserving consensus-based energy management in smart grid. 2017 IEEE Power Energy Society General Meeting. :1–5.

This paper investigates the privacy-preserving problem of the distributed consensus-based energy management considering both generation units and responsive demands in smart grid. First, we reveal the private information of consumers including the electricity consumption and the sensitivity of the electricity consumption to the electricity price can be disclosed without any privacy-preserving strategy. Then, we propose a privacy-preserving algorithm to preserve the private information of consumers through designing the secret functions, and adding zero-sum and exponentially decreasing noises. We also prove that the proposed algorithm can preserve the privacy while keeping the optimality of the final state and the convergence performance unchanged. Extensive simulations validate the theoretical results and demonstrate the effectiveness of the proposed algorithm.

2018-01-10
Zhang, Y., Duan, L., Sun, C. A., Cheng, B., Chen, J..  2017.  A Cross-Layer Security Solution for Publish/Subscribe-Based IoT Services Communication Infrastructure. 2017 IEEE International Conference on Web Services (ICWS). :580–587.

The publish/subscribe paradigm can be used to build IoT service communication infrastructure owing to its loose coupling and scalability. Its features of decoupling among event producers and event consumers make IoT services collaborations more real-time and flexible, and allow indirect, anonymous and multicast IoT service interactions. However, in this environment, the IoT service cannot directly control the access to the events. This paper proposes a cross-layer security solution to address the above issues. The design principle of our security solution is to embed security policies into events as well as allow the network to route events according to publishers' policies and requirements. This solution helps to improve the system's performance, while keeping features of IoT service interactions and minimizing the event visibility at the same time. Experimental results show that our approach is effective.

2017-12-28
He, S., Shu, Y., Cui, X., Wei, C., Chen, J., Shi, Z..  2017.  A Trust Management Based Framework for Fault-Tolerant Barrier Coverage in Sensor Networks. 2017 IEEE Wireless Communications and Networking Conference (WCNC). :1–6.
Barrier coverage has been widely adopted to prevent unauthorized invasion of important areas in sensor networks. As sensors are typically placed outdoors, they are susceptible to getting faulty. Previous works assumed that faulty sensors are easy to recognize, e.g., they may stop functioning or output apparently deviant sensory data. In practice, it is, however, extremely difficult to recognize faulty sensors as well as their invalid output. We, in this paper, propose a novel fault-tolerant intrusion detection algorithm (TrusDet) based on trust management to address this challenging issue. TrusDet comprises of three steps: i) sensor-level detection, ii) sink-level decision by collective voting, and iii) trust management and fault determination. In the Step i) and ii), TrusDet divides the surveillance area into a set of fine- grained subareas and exploits temporal and spatial correlation of sensory output among sensors in different subareas to yield a more accurate and robust performance of barrier coverage. In the Step iii), TrusDet builds a trust management based framework to determine the confidence level of sensors being faulty. We implement TrusDet on HC- SR501 infrared sensors and demonstrate that TrusDet has a desired performance.
2017-12-27
Guo, L., Chen, J., Li, J..  2016.  Chaos-Based color image encryption and compression scheme using DNA complementary rule and Chinese remainder theorem. 2016 13th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP). :208–212.

In this paper, we propose a new color image encryption and compression algorithm based on the DNA complementary rule and the Chinese remainder theorem, which combines the DNA complementary rule with quantum chaotic map. We use quantum chaotic map and DNA complementary rule to shuffle the color image and obtain the shuffled image, then Chinese remainder theorem from number theory is utilized to diffuse and compress the shuffled image simultaneously. The security analysis and experiment results show that the proposed encryption algorithm has large key space and good encryption result, it also can resist against common attacks.

2017-12-20
Shi, Z., Chen, J., Chen, S., Ren, S..  2017.  A lightweight RFID authentication protocol with confidentiality and anonymity. 2017 IEEE 2nd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). :1631–1634.

Radio Frequency IDentification(RFID) is one of the most important sensing techniques for Internet of Things(IoT) and RFID systems have been applied to various different fields. But an RFID system usually uses open wireless radio wave to communicate and this will lead to a serious threat to its privacy and security. The current popular RFID tags are some low-cost passive tags. Their computation and storage resources are very limited. It is not feasible for them to complete some complicated cryptographic operations. So it is very difficult to protect the security and privacy of an RFID system. Lightweight authentication protocol is considered as an effective approach. Many typical authentication protocols usually use Hash functions so that they require more computation and storage resources. Based on CRC function, we propose a lightweight RFID authentication protocol, which needs less computation and storage resources than Hash functions. This protocol exploits an on-chip CRC function and a pseudorandom number generator to ensure the anonymity and freshness of communications between reader and tag. It provides forward security and confidential communication. It can prevent eavesdropping, location trace, replay attack, spoofing and DOS-attack effectively. It is very suitable to be applied to RFID systems.

2017-03-08
Chen, J., Miyaj, A., Sato, H., Su, C..  2015.  Improved Lightweight Pseudo-Random Number Generators for the Low-Cost RFID Tags. 2015 IEEE Trustcom/BigDataSE/ISPA. 1:17–24.

EPC Gen2 tags are working as international RFID standards for the use in the supply chain worldwide, such tags are computationally weak devices and unable to perform even basic symmetric-key cryptographic operations. For this reason, to implement robust and secure pseudo-random number generators (PRNG) is a challenging issue for low-cost Radio-frequency identification (RFID) tags. In this paper, we study the security of LFSR-based PRNG implemented on EPC Gen2 tags and exploit LFSR-based PRNG to provide a better constructions. We provide a cryptanalysis against the J3Gen which is LFSR-based PRNG and proposed by Sugei et al. [1], [2] for EPC Gen2 tags using distinguish attack and make observations on its input using NIST randomness test. We also test the PRNG in EPC Gen2 RFID Tags by using the NIST SP800-22. As a counter-measure, we propose two modified models based on the security analysis results. We show that our results perform better than J3Gen in terms of computational and statistical property.

2015-04-30
Grilo, A.M., Chen, J., Diaz, M., Garrido, D., Casaca, A..  2014.  An Integrated WSAN and SCADA System for Monitoring a Critical Infrastructure. Industrial Informatics, IEEE Transactions on. 10:1755-1764.

Wireless sensor and actuator networks (WSAN) constitute an emerging technology with multiple applications in many different fields. Due to the features of WSAN (dynamism, redundancy, fault tolerance, and self-organization), this technology can be used as a supporting technology for the monitoring of critical infrastructures (CIs). For decades, the monitoring of CIs has centered on supervisory control and data acquisition (SCADA) systems, where operators can monitor and control the behavior of the system. The reach of the SCADA system has been hampered by the lack of deployment flexibility of the sensors that feed it with monitoring data. The integration of a multihop WSAN with SCADA for CI monitoring constitutes a novel approach to extend the SCADA reach in a cost-effective way, eliminating this handicap. However, the integration of WSAN and SCADA presents some challenges which have to be addressed in order to comprehensively take advantage of the WSAN features. This paper presents a solution for this joint integration. The solution uses a gateway and a Web services approach together with a Web-based SCADA, which provides an integrated platform accessible from the Internet. A real scenario where this solution has been successfully applied to monitor an electrical power grid is presented.