Visible to the public Biblio

Filters: Author is Wu, Zhijun  [Clear All Filters]
2022-07-01
Wu, Zhijun, Cui, Weihang, Gao, Pan.  2021.  Filtration method of DDoS attacks based on time-frequency analysis. 2021 7th IEEE Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :75–80.
Traditional DDoS attacks mainly send massive data packets through the attacking machine, consuming the network resources or server resources of the target server, making users unable to use server resources to achieve the purpose of denial of service. This type of attack is called a Flooding-based DDoS (FDDoS) attack. It has the characteristics of large traffic and suddenness. However, Low-rate DDoS (LDDoS) attack is a new type of DDoS attack. LDDoS utilize the TCP congestion control mechanism and sends periodic pulses to attack, which can seriously reduce the TCP flow throughput of the attacked link. It has the characteristics of small traffic and strong concealment. Each of these two DDoS attack methods has its own hard-to-handle characteristics, so that there is currently no particularly effective method to prevent such attacks. This paper uses time-frequency analysis to classify and filter DDoS traffic. The proposed filtering method is designed as a system in the actual environment. Experimental results show that the designed filtering algorithm can resist not only FDDoS attacks, but also LDDoS attacks.
2020-07-24
Wu, Zhijun, Xu, Enzhong, Liu, Liang, Yue, Meng.  2019.  CHTDS: A CP-ABE Access Control Scheme Based on Hash Table and Data Segmentation in NDN. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :843—848.

For future Internet, information-centric networking (ICN) is considered a potential solution to many of its current problems, such as content distribution, mobility, and security. Named Data Networking (NDN) is a more popular ICN project. However, concern regarding the protection of user data persists. Information caching in NDN decouples content and content publishers, which leads to content security threats due to lack of secure controls. Therefore, this paper presents a CP-ABE (ciphertext policy attribute based encryption) access control scheme based on hash table and data segmentation (CHTDS). Based on data segmentation, CHTDS uses a method of linearly splitting fixed data blocks, which effectively improves data management. CHTDS also introduces CP-ABE mechanism and hash table data structure to ensure secure access control and privilege revocation does not need to re-encrypt the published content. The analysis results show that CHTDS can effectively realize the security and fine-grained access control in the NDN environment, and reduce communication overhead for content access.