Visible to the public Biblio

Filters: Author is Zhang, Yuan  [Clear All Filters]
2022-08-26
Zhang, Yuan, Li, Jian, Yang, Jiayu, Xing, Yitao, Zhuang, Rui, Xue, Kaiping.  2021.  Low Priority Congestion Control for Multipath TCP. 2021 IEEE Global Communications Conference (GLOBECOM). :1–6.

Many applications are bandwidth consuming but may tolerate longer flow completion times. Multipath protocols, such as multipath TCP (MPTCP), can offer bandwidth aggregation and resilience to link failures for such applications, and low priority congestion control (LPCC) mechanisms can make these applications yield to other time-sensitive ones. Properly combining the above two can improve the overall user experience. However, the existing LPCC mechanisms are not adequate for MPTCP. They do not take into account the characteristics of multiple network paths, and cannot ensure fairness among the same priority flows. Therefore, we propose a multipath LPCC mechanism, i.e., Dynamic Coupled Low Extra Delay Background Transport, named DC-LEDBAT. Our scheme is designed based on a standardized LPCC mechanism LEDBAT. To avoid unfairness among the same priority flows, DC-LEDBAT trades little throughput for precisely measuring the minimum delay. Moreover, to be friendly to single-path LEDBAT, our scheme leverages the correlation of the queuing delay to detect whether multiple paths go through a shared bottleneck. Then, DC-LEDBAT couples the congestion window at shared bottlenecks to control the sending rate. We implement DC-LEDBAT in a Linux kernel and experimental results show that DC-LEDBAT can not only utilize the excess bandwidth of MPTCP but also ensure fairness among the same priority flows.

Lv, Huiying, Zhang, Yuan, Li, Huan, Chang, Wenjun.  2021.  Security Assessment of Enterprise Networks Based on Analytic Network Process and Evidence Theory. 2021 3rd International Conference on Artificial Intelligence and Advanced Manufacture (AIAM). :305—313.

Network security has always been the most important of enterprise informatization construction and development, and the security assessment of network system is the basis for enterprises to make effective security defense strategies. Aiming at the relevance of security factors and subjectivity of evaluation results in the process of enterprise network system security assessment, a security assessment method combining Analytic Network Process and evidence theory is proposed. Firstly, we built a complete security assessment index system and network analysis structure model for enterprise network, and determined the converged security index weights by calculating hypermatrix, limit hypermatrix and stable limit hypermatrix; then, we used the evidence theory on data fusion of the evaluation opinions of multiple experts to eliminate the conflict between evidences. Finally, according to the principle of maximum membership degree, we realized the assessment of enterprise network security level using weighted average. The example analysis showed that the model not only weighed the correlation influence among the security indicators, but also effectively reduced the subjectivity of expert evaluation and the fuzziness and uncertainty in qualitative analysis, which verified the effectiveness of the model and method, and provided an important basis for network security management.

2020-11-02
Zhang, Yuan, Xu, Chunxiang, Li, Hongwei, Yang, Haomiao, Shen, Xuemin.  2019.  Chronos: Secure and Accurate Time-Stamping Scheme for Digital Files via Blockchain. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1—6.

It is common to certify when a file was created in digital investigations, e.g., determining first inventors for patentable ideas in intellectual property systems to resolve disputes. Secure time-stamping schemes can be derived from blockchain-based storage to protect files from backdating/forward-dating, where a file is integrated into a transaction on a blockchain and the timestamp of the corresponding block reflects the latest time the file was created. Nevertheless, blocks' timestamps in blockchains suffer from time errors, which causes the inaccuracy of files' timestamps. In this paper, we propose an accurate blockchain-based time-stamping scheme called Chronos. In Chronos, when a file is created, the file and a sufficient number of successive blocks that are latest confirmed on blockchain are integrated into a transaction. Due to chain quality, it is computationally infeasible to pre-compute these blocks. The time when the last block was chained to the blockchain serves as the earliest creation time of the file. The time when the block including the transaction was chained indicates the latest creation time of the file. Therefore, Chronos makes the file's creation time corresponding to this time interval. Based on chain growth, Chronos derives the time when these two blocks were chained from their heights on the blockchain, which ensures the accuracy of the file's timestamp. The security and performance of Chronos are demonstrated by a comprehensive evaluation.

2018-11-19
Hong, Geng, Yang, Zhemin, Yang, Sen, Zhang, Lei, Nan, Yuhong, Zhang, Zhibo, Yang, Min, Zhang, Yuan, Qian, Zhiyun, Duan, Haixin.  2018.  How You Get Shot in the Back: A Systematical Study About Cryptojacking in the Real World. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :1701–1713.

As a new mechanism to monetize web content, cryptocurrency mining is becoming increasingly popular. The idea is simple: a webpage delivers extra workload (JavaScript) that consumes computational resources on the client machine to solve cryptographic puzzles, typically without notifying users or having explicit user consent. This new mechanism, often heavily abused and thus considered a threat termed "cryptojacking", is estimated to affect over 10 million web users every month; however, only a few anecdotal reports exist so far and little is known about its severeness, infrastructure, and technical characteristics behind the scene. This is likely due to the lack of effective approaches to detect cryptojacking at a large-scale (e.g., VirusTotal). In this paper, we take a first step towards an in-depth study over cryptojacking. By leveraging a set of inherent characteristics of cryptojacking scripts, we build CMTracker, a behavior-based detector with two runtime profilers for automatically tracking Cryptocurrency Mining scripts and their related domains. Surprisingly, our approach successfully discovered 2,770 unique cryptojacking samples from 853,936 popular web pages, including 868 among top 100K in Alexa list. Leveraging these samples, we gain a more comprehensive picture of the cryptojacking attacks, including their impact, distribution mechanisms, obfuscation, and attempts to evade detection. For instance, a diverse set of organizations benefit from cryptojacking based on the unique wallet ids. In addition, to stay under the radar, they frequently update their attack domains (fastflux) on the order of days. Many attackers also apply evasion techniques, including limiting the CPU usage, obfuscating the code, etc.

2017-06-27
Zhang, Baojia, Zhang, He, Yan, Boqun, Zhang, Yuan.  2016.  A New Secure Index Supporting Efficient Index Updating and Similarity Search on Clouds. Proceedings of the 4th ACM International Workshop on Security in Cloud Computing. :37–43.

With the increasing popularity of cloud storage services, many individuals and enterprises start to move their local data to the clouds. To ensure their privacy and data security, some cloud service users may want to encrypt their data before outsourcing them. However, this impedes efficient data utilities based on the plain text search. In this paper, we study how to construct a secure index that supports both efficient index updating and similarity search. Using the secure index, users are able to efficiently perform similarity searches tolerating input mistakes and update the index when new data are available. We formally prove the security of our proposal and also perform experiments on real world data to show its efficiency.