Visible to the public Biblio

Filters: Author is Yao, Y.  [Clear All Filters]
2021-01-22
Chen, P., Liu, X., Zhang, J., Yu, C., Pu, H., Yao, Y..  2019.  Improvement of PRIME Protocol Based on Chaotic Cryptography. 2019 22nd International Conference on Electrical Machines and Systems (ICEMS). :1–5.

PRIME protocol is a narrowband power line communication protocol whose security is based on Advanced Encryption Standard. However, the key expansion process of AES algorithm is not unidirectional, and each round of keys are linearly related to each other, it is less difficult for eavesdroppers to crack AES encryption algorithm, leading to threats to the security of PRIME protocol. To solve this problem, this paper proposes an improvement of PRIME protocol based on chaotic cryptography. The core of this method is to use Chebyshev chaotic mapping and Logistic chaotic mapping to generate each round of key in the key expansion process of AES algorithm, In this way, the linear correlation between the key rounds can be reduced, making the key expansion process unidirectional, increasing the crack difficulty of AES encryption algorithm, and improving the security of PRIME protocol.

2018-05-30
Liang, L., Liu, Y., Yao, Y., Yang, T., Hu, Y., Ling, C..  2017.  Security Challenges and Risk Evaluation Framework for Industrial Wireless Sensor Networks. 2017 4th International Conference on Control, Decision and Information Technologies (CoDIT). :0904–0907.

Due to flexibility, low cost and rapid deployment, wireless sensor networks (WSNs)have been drawing more and more interest from governments, researchers, application developers, and manufacturers in recent years. Nowadays, we are in the age of industry 4.0, in which the traditional industrial control systems will be connected with each other and provide intelligent manufacturing. Therefore, WSNs can play an extremely crucial role to monitor the environment and condition parameters for smart factories. Nevertheless, the introduction of the WSNs reveals the weakness, especially for industrial applications. Through the vulnerability of IWSNs, the latent attackers were likely to invade the information system. Risk evaluation is an overwhelmingly efficient method to reduce the risk of information system in order to an acceptable level. This paper aim to study the security issues about IWSNs as well as put forward a practical solution to evaluate the risk of IWSNs, which can guide us to make risk evaluation process and improve the security of IWSNs through appropriate countermeasures.

2018-05-02
Yao, Y., Xiao, B., Wu, G., Liu, X., Yu, Z., Zhang, K., Zhou, X..  2017.  Voiceprint: A Novel Sybil Attack Detection Method Based on RSSI for VANETs. 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :591–602.

Vehicular Ad Hoc Networks (VANETs) enable vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications that bring many benefits and conveniences to improve the road safety and drive comfort in future transportation systems. Sybil attack is considered one of the most risky threats in VANETs since a Sybil attacker can generate multiple fake identities with false messages to severely impair the normal functions of safety-related applications. In this paper, we propose a novel Sybil attack detection method based on Received Signal Strength Indicator (RSSI), Voiceprint, to conduct a widely applicable, lightweight and full-distributed detection for VANETs. To avoid the inaccurate position estimation according to predefined radio propagation models in previous RSSI-based detection methods, Voiceprint adopts the RSSI time series as the vehicular speech and compares the similarity among all received time series. Voiceprint does not rely on any predefined radio propagation model, and conducts independent detection without the support of the centralized infrastructure. It has more accurate detection rate in different dynamic environments. Extensive simulations and real-world experiments demonstrate that the proposed Voiceprint is an effective method considering the cost, complexity and performance.