Visible to the public Biblio

Filters: Author is Guo, Hui  [Clear All Filters]
2020-05-08
Wu, Peilun, Guo, Hui.  2019.  LuNet: A Deep Neural Network for Network Intrusion Detection. 2019 IEEE Symposium Series on Computational Intelligence (SSCI). :617—624.

Network attack is a significant security issue for modern society. From small mobile devices to large cloud platforms, almost all computing products, used in our daily life, are networked and potentially under the threat of network intrusion. With the fast-growing network users, network intrusions become more and more frequent, volatile and advanced. Being able to capture intrusions in time for such a large scale network is critical and very challenging. To this end, the machine learning (or AI) based network intrusion detection (NID), due to its intelligent capability, has drawn increasing attention in recent years. Compared to the traditional signature-based approaches, the AI-based solutions are more capable of detecting variants of advanced network attacks. However, the high detection rate achieved by the existing designs is usually accompanied by a high rate of false alarms, which may significantly discount the overall effectiveness of the intrusion detection system. In this paper, we consider the existence of spatial and temporal features in the network traffic data and propose a hierarchical CNN+RNN neural network, LuNet. In LuNet, the convolutional neural network (CNN) and the recurrent neural network (RNN) learn input traffic data in sync with a gradually increasing granularity such that both spatial and temporal features of the data can be effectively extracted. Our experiments on two network traffic datasets show that compared to the state-of-the-art network intrusion detection techniques, LuNet not only offers a high level of detection capability but also has a much low rate of false positive-alarm.

2018-06-11
Hussain, Mubashir, Guo, Hui.  2017.  Packet Leak Detection on Hardware-Trojan Infected NoCs for MPSoC Systems. Proceedings of the 2017 International Conference on Cryptography, Security and Privacy. :85–90.
Packet leak on network-on-chip (NoC) is one of the key security concerns in the MPSoC design, where the NoC of the system can come from a third-party vendor and can be illegitimately implanted with hardware trojans. Those trojans are usually small so that they can escape the scrutiny of circuit level testing and perform attacks when activated. This paper targets the trojan that leaks packets to malicious applications by altering the packet source and destination addresses. To detect such a packet leak, we present a cost effective authentication design where the packet source and destination addresses are tagged with a dynamic random value and the tag is scrambled with the packet data. Our design has two features: 1) If the adversary attempts to play with tag to escape detection, the data in the packet may likely be changed – hence invalidating the leaked packet; 2) If the attacker only alters the packet addresses without twiddling tag in the packet, the attack will be100% detected.