Visible to the public Biblio

Filters: Author is Hsiao, Hsu-Chun  [Clear All Filters]
2021-05-18
Chu, Wen-Yi, Yu, Ting-Guang, Lin, Yu-Kai, Lee, Shao-Chuan, Hsiao, Hsu-Chun.  2020.  On Using Camera-based Visible Light Communication for Security Protocols. 2020 IEEE Security and Privacy Workshops (SPW). :110–117.
In security protocol design, Visible Light Communication (VLC) has often been abstracted as an ideal channel that is resilient to eavesdropping, manipulation, and jamming. Camera Communication (CamCom), a subcategory of VLC, further strengthens the level of security by providing a visually verifiable association between the transmitter and the extracted information. However, the ideal security guarantees of visible light channels may not hold in practice due to limitations and tradeoffs introduced by hardware, software, configuration, environment, etc. This paper presents our experience and lessons learned from implementing CamCom for security protocols. We highlight CamCom's security-enhancing properties and security applications that it enables. Backed by real implementation and experiments, we also systematize the practical considerations of CamCom-based security protocols.
2017-05-17
Ke, Yu-Ming, Chen, Chih-Wei, Hsiao, Hsu-Chun, Perrig, Adrian, Sekar, Vyas.  2016.  CICADAS: Congesting the Internet with Coordinated and Decentralized Pulsating Attacks. Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. :699–710.

This study stems from the premise that we need to break away from the "reactive" cycle of developing defenses against new DDoS attacks (e.g., amplification) by proactively investigating the potential for new types of DDoS attacks. Our specific focus is on pulsating attacks, a particularly debilitating type that has been hypothesized in the literature. In a pulsating attack, bots coordinate to generate intermittent pulses at target links to significantly reduce the throughput of TCP connections traversing the target. With pulsating attacks, attackers can cause significantly greater damage to legitimate users than traditional link flooding attacks. To date, however, pulsating attacks have been either deemed ineffective or easily defendable for two reasons: (1) they require a central coordinator and can thus be tracked; and (2) they require tight synchronization of pulses, which is difficult even in normal non-congestion scenarios. This paper argues that, in fact, the perceived drawbacks of pulsating attacks are in fact not fundamental. We develop a practical pulsating attack called CICADAS using two key ideas: using both (1) congestion as an implicit signal for decentralized implementation, and (2) a Kalman-filter-based approach to achieve tight synchronization. We validate CICADAS using simulations and wide-area experiments. We also discuss possible countermeasures against this attack.