An Efficient Fog-Assisted Unstable Sensor Detection Scheme with Privacy Preserved

The Internet of Thing (IoT) has been a hot topic in both research community and industry. It is anticipated that in future IoT, an enormous number of sensors will collect the physical information every moment to enable the control center making better decisions to improve the quality of service (QoS). However, the sensors maybe faulty and thus generate inaccurate data which would compromise the decision making. To guarantee the QoS, the system should be able to detect faulty sensors so as to eliminate the damages of inaccurate data. Various faulty sensor detection mechanisms have been developed in the context of wireless sensor network (WSN). Some of them are only fit for WSN while the others would bring a communication burden to control center. To detect the faulty sensors for general IoT applications and save the communication resource at the same time, an efficient faulty sensor detection scheme is proposed in this paper. The proposed scheme takes advantage of fog computing to save the computation and communication resource of control center. To preserve the privacy of sensor data, the Paillier Cryptosystem is adopted in the fog computing. The batch verification technique is applied to achieve efficient authentication. The performance analyses are presented to demonstrate that the proposed detection scheme is able to conserve the communication resource of control center and achieve a high true positive ratio while maintaining an acceptable false positive ratio. The scheme could also withstand various security attacks and preserve data privacy.Comment: 11 pages, 5 figure

Making Availability as a Service in the Clouds

Cloud computing has achieved great success in modern IT industry as an excellent computing paradigm due to its flexible management and elastic resource sharing. To date, cloud computing takes an irrepalceable position in our socioeconomic system and influences almost every aspect of our daily life. However, it is still in its infancy, many problems still exist.Besides the hotly-debated security problem, availability is also an urgent issue.With the limited power of availability mechanisms provided in present cloud platform, we can hardly get detailed availability information of current applications such as the root causes of availability problem,mean time to failure, etc. Thus a new mechanism based on deep avaliability analysis is neccessary and benificial.Following the prevalent terminology 'XaaS',this paper proposes a new win-win concept for cloud users and providers in term of 'Availability as a Service' (abbreviated as 'AaaS').The aim of 'AaaS' is to provide comprehensive and aimspecific runtime avaliabilty analysis services for cloud users by integrating plent of data-driven and modeldriven approaches. To illustrate this concept, we realize a prototype named 'EagleEye' with all features of 'AaaS'. By subscribing corresponding services in 'EagleEye', cloud users could get specific availability information of their applications deployed in cloud platform. We envision this new kind of service will be merged into the cloud management mechanism in the near future.Comment:

Sparse Signal Processing Concepts for Efficient 5G System Design

As it becomes increasingly apparent that 4G will not be able to meet the emerging demands of future mobile communication systems, the question what could make up a 5G system, what are the crucial challenges and what are the key drivers is part of intensive, ongoing discussions. Partly due to the advent of compressive sensing, methods that can optimally exploit sparsity in signals have received tremendous attention in recent years. In this paper we will describe a variety of scenarios in which signal sparsity arises naturally in 5G wireless systems. Signal sparsity and the associated rich collection of tools and algorithms will thus be a viable source for innovation in 5G wireless system design. We will discribe applications of this sparse signal processing paradigm in MIMO random access, cloud radio access networks, compressive channel-source network coding, and embedded security. We will also emphasize important open problem that may arise in 5G system design, for which sparsity will potentially play a key role in their solution.Comment: 18 pages, 5 figures, accepted for publication in IEEE Acces

A Smart Home Gateway Platform for Data Collection and Awareness

Smart homes have attracted much attention due to the expanding of Internet-of-Things (IoT) and smart devices. In this paper, we propose a smart gateway platform for data collection and awareness in smart home networks. A smart gateway will replace the traditional network gateway to connect the home network and the Internet. A smart home network supports different types of smart devices, such as in home IoT devices, smart phones, smart electric appliances, etc. A traditional network gateway is not capable of providing quality-of-service measurement, user behavioral analytics, or network optimization. Such tasks are traditionally performed with measurement agents such as optical splitters or network probes deployed in the core network. Our proposed platform is a lightweight plug-in for the smart gateway to accomplish data collection, awareness and reporting. While the smart gateway is able to adjust the control policy for data collection and awareness locally, a cloud-based controller is also included for more refined control policy updates. Furthermore, we propose a multi-dimensional awareness framework to achieve accurate data awareness at the smart gateway. The efficiency of data collection and accuracy of data awareness of the proposed platform is demonstrated based on the tests using actual data traffic from a large number of smart home users

Privacy-Preserving DDoS Attack Detection Using Cross-Domain Traffic in Software Defined Networks

Existing distributed denial-of-service attack detection in software defined networks (SDNs) typically perform detection in a single domain. In reality, abnormal traffic usually affects multiple network domains. Thus, a cross-domain attack detection has been proposed to improve detection performance. However, when participating in detection, the domain of each SDN needs to provide a large amount of real traffic data, from which private information may be leaked. Existing multiparty privacy protection schemes often achieve privacy guarantees by sacrificing accuracy or increasing the time cost. Achieving both high accuracy and reasonable time consumption is a challenging task. In this paper, we propose Predis, which is a privacypreserving cross-domain attack detection scheme for SDNs. Predis combines perturbation encryption and data encryption to protect privacy and employs a computationally simple and efficient algorithm k-Nearest Neighbors (kNN) as its detection algorithm. We also improve kNN to achieve better efficiency. Via theoretical analysis and extensive simulations, we demonstrate that Predis is capable of achieving efficient and accurate attack detection while securing sensitive information of each domain

A Novel PMU Fog based Early Anomaly Detection for an Efficient Wide Area PMU Network

Based on phasor measurement units (PMUs), a synchronphasor system is widely recognized as a promising smart grid measurement system. It is able to provide high-frequency, high-accuracy phasor measurements sampling for Wide Area Monitoring and Control (WAMC) applications. However, the high sampling frequency of measurement data under strict latency constraints introduces new challenges for real time communication. It would be very helpful if the collected data can be prioritized according to its importance such that the existing quality of service (QoS) mechanisms in the communication networks can be leveraged. To achieve this goal, certain anomaly detection functions should be conducted by the PMUs. Inspired by the recent emerging edge-fog-cloud computing hierarchical architecture, which allows computing tasks to be conducted at the network edge, a novel PMU fog is proposed in this paper. Two anomaly detection approaches, Singular Spectrum Analysis (SSA) and K-Nearest Neighbors (KNN), are evaluated in the PMU fog using the IEEE 16-machine 68-bus system. The simulation experiments based on Riverbed Modeler demonstrate that the proposed PMU fog can effectively reduce the data flow end-to-end (ETE) delay without sacrificing data completeness.Comment: presented at the 2nd IEEE International Conference on Fog and Edge Computing (ICFEC 2018), Washington DC, USA, May 1, 201

A Decade of Mal-Activity Reporting: A Retrospective Analysis of Internet Malicious Activity Blacklists

This paper focuses on reporting of Internet malicious activity (or mal-activity in short) by public blacklists with the objective of providing a systematic characterization of what has been reported over the years, and more importantly, the evolution of reported activities. Using an initial seed of 22 blacklists, covering the period from January 2007 to June 2017, we collect more than 51 million mal-activity reports involving 662K unique IP addresses worldwide. Leveraging the Wayback Machine, antivirus (AV) tool reports and several additional public datasets (e.g., BGP Route Views and Internet registries) we enrich the data with historical meta-information including geo-locations (countries), autonomous system (AS) numbers and types of mal-activity. Furthermore, we use the initially labelled dataset of approx 1.57 million mal-activities (obtained from public blacklists) to train a machine learning classifier to classify the remaining unlabeled dataset of approx 44 million mal-activities obtained through additional sources. We make our unique collected dataset (and scripts used) publicly available for further research. The main contributions of the paper are a novel means of report collection, with a machine learning approach to classify reported activities, characterization of the dataset and, most importantly, temporal analysis of mal-activity reporting behavior. Inspired by P2P behavior modeling, our analysis shows that some classes of mal-activities (e.g., phishing) and a small number of mal-activity sources are persistent, suggesting that either blacklist-based prevention systems are ineffective or have unreasonably long update periods. Our analysis also indicates that resources can be better utilized by focusing on heavy mal-activity contributors, which constitute the bulk of mal-activities.Comment: ACM Asia Conference on Computer and Communications Security (AsiaCCS), 13 page

Mobile Device Identification via Sensor Fingerprinting

We demonstrate how the multitude of sensors on a smartphone can be used to construct a reliable hardware fingerprint of the phone. Such a fingerprint can be used to de-anonymize mobile devices as they connect to web sites, and as a second factor in identifying legitimate users to a remote server. We present two implementations: one based on analyzing the frequency response of the speakerphone-microphone system, and another based on analyzing device-specific accelerometer calibration errors. Our accelerometer-based fingerprint is especially interesting because the accelerometer is accessible via JavaScript running in a mobile web browser without requesting any permissions or notifying the user. We present the results of the most extensive sensor fingerprinting experiment done to date, which measured sensor properties from over 10,000 mobile devices. We show that the entropy from sensor fingerprinting is sufficient to uniquely identify a device among thousands of devices, with low probability of collision

From Network Traces to System Responses: Opaquely Emulating Software Services

Enterprise software systems make complex interactions with other services in their environment. Developing and testing for production-like conditions is therefore a challenging task. Prior approaches include emulations of the dependency services using either explicit modelling or record-and-replay approaches. Models require deep knowledge of the target services while record-and-replay is limited in accuracy. We present a new technique that improves the accuracy of record-and-replay approaches, without requiring prior knowledge of the services. The approach uses multiple sequence alignment to derive message prototypes from recorded system interactions and a scheme to match incoming request messages against message prototypes to generate response messages. We introduce a modified Needleman-Wunsch algorithm for distance calculation during message matching, wildcards in message prototypes for high variability sections, and entropy-based weightings in distance calculations for increased accuracy. Combined, our new approach has shown greater than 99% accuracy for four evaluated enterprise system messaging protocols.Comment: Technical Report. Swinburne University of Technology, Faculty of Information and Technolog

The Challenges in SDN/ML Based Network Security : A Survey

Machine Learning is gaining popularity in the network security domain as many more network-enabled devices get connected, as malicious activities become stealthier, and as new technologies like Software Defined Networking (SDN) emerge. Sitting at the application layer and communicating with the control layer, machine learning based SDN security models exercise a huge influence on the routing/switching of the entire SDN. Compromising the models is consequently a very desirable goal. Previous surveys have been done on either adversarial machine learning or the general vulnerabilities of SDNs but not both. Through examination of the latest ML-based SDN security applications and a good look at ML/SDN specific vulnerabilities accompanied by common attack methods on ML, this paper serves as a unique survey, making a case for more secure development processes of ML-based SDN security applications.Comment: 8 pages. arXiv admin note: substantial text overlap with arXiv:1705.0056