SaTC: CORE: Small: Towards Secure and Reliable Network Tomography in Wireline and Wireless Networks

SaTC：核心：小型：在有线和无线网络中实现安全可靠的网络层析成像

• 批准号: 1717969
• 负责人: Zhuo Lu
• 金额: $ 40万
• 依托单位: University of South Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-09-01 至 2021-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1717969&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Towards; Secure

Today's networks, such as the Internet, cellular networks, and the Internet of Things, provide ubiquitous wired or wireless connections over large areas. Secure and reliable operations are among the most important objectives in these networks. Network tomography has become a promising framework for accurate monitoring of network operation status, which is vital to ensure an efficient and reliable network environment. However, this measurement process can be exploited by malicious attackers to generate falsified, misleading measurement or monitoring results, which significantly affects follow-on network operations based on these results, and accordingly degrades the operational reliability and health of today's networks. The goal of this project is to analyze security vulnerabilities, understand potential security attack strategies and their impact, and design effective defense mechanisms against such attacks. The research in this project will extend the technical knowledge of security vulnerabilities, attacks and defense during network measurement. The project will also offer undergraduate students opportunities to gain research experiences in network measurement and security. The project focuses on investigating a new class of security attacks, called measurement integrity attacks, during the measurement process in network tomography. Unlike conventional data integrity problems that can be usually protected by standard security methods (e.g., encryption and authentication), a key challenge in measurement integrity attacks is that the network event data (e.g., packet transmission/delivery timings and loss) during measurement is not protected by standard security methods, but can be easily manipulated by an inside attacker. This project aims at (i) creating the theoretical foundation to analyze the feasibility and impact of measurement integrity attacks with different attack strategies in wireline and wireless scenarios, (ii) designing robust attack detection and localization methods, and analyzing the effectiveness of such countermeasures, (iii) investigating efficient management methods for network measurement to increase the attack resilience in a network, and (iv) conducting comprehensive evaluation of the efficiency and effectiveness of attack countermeasures in both wireline and wireless networks.

当今的网络，例如Internet，蜂窝网络和物联网，在大区域内提供无处不在的有线或无线连接。安全可靠的操作是这些网络中最重要的目标之一。网络断层扫描已成为准确监视网络操作状态的有希望的框架，这对于确保有效且可靠的网络环境至关重要。但是，恶意攻击者可以利用这种测量过程来产生伪造的，误导性的测量或监测结果，这会严重影响基于这些结果的跟随网络操作，并因此降低了当今网络的操作可靠性和健康。该项目的目的是分析安全漏洞，了解潜在的安全攻击策略及其影响，并针对此类攻击设计有效的防御机制。该项目的研究将扩大网络测量过程中安全漏洞，攻击和防御的技术知识。该项目还将为本科生提供获得网络测量和安全性研究经验的机会。该项目着重于在网络断层扫描中的测量过程中调查新的安全攻击，称为测量完整性攻击。与通常可以通过标准安全方法（例如，加密和身份验证）保护的常规数据完整性问题不同，测量完整性攻击中的关键挑战是，在测量过程中，网络事件数据（例如，测量过程中的数据包传输/交付时间和丢失）不受标准安全方法的保护，但可以通过内部攻击者轻松操纵。 This project aims at (i) creating the theoretical foundation to analyze the feasibility and impact of measurement integrity attacks with different attack strategies in wireline and wireless scenarios, (ii) designing robust attack detection and localization methods, and analyzing the effectiveness of such countermeasures, (iii) investigating efficient management methods for network measurement to increase the attack resilience in a network, and (iv) conducting comprehensive evaluation of the efficiency电线和无线网络中攻击对策的有效性。

项目成果

ProTO: Proactive Topology Obfuscation Against Adversarial Network Topology Inference

• DOI: 10.1109/infocom41043.2020.9155255
• 发表时间: 2020-07
• 期刊: IEEE INFOCOM 2020 - IEEE Conference on Computer Communications
• 作者: Tao Hou;Zhe Qu;Tao Wang;Zhuo Lu;Yao Liu

Smart Spying via Deep Learning: Inferring Your Activities from Encrypted Wireless Traffic

• DOI: 10.1109/globalsip45357.2019.8969428
• 发表时间: 2019-11
• 期刊: 2019 IEEE Global Conference on Signal and Information Processing (GlobalSIP)
• 作者: Tao Hou;Tao Wang;Zhuo Lu;Yao Liu

Orthogonality-Sabotaging Attacks against OFDMA-based Wireless Networks

• DOI: 10.1109/infocom.2019.8737389
• 发表时间: 2019-04
• 期刊: IEEE INFOCOM 2019 - IEEE Conference on Computer Communications
• 作者: Shangqing Zhao;Zhuo Lu;Z. Luo;Yao Liu

No Training Hurdles: Fast Training-Agnostic Attacks to Infer Your Typing

• DOI: 10.1145/3243734.3243755
• 发表时间: 2018-10
• 期刊: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Song Fang;Ian D. Markwood;Yao Liu;Shangqing Zhao;Zhuo Lu;Haojin Zhu

Measurement Integrity Attacks Against Network Tomography: Feasibility and Defense

• DOI: 10.1109/tdsc.2019.2958934
• 发表时间: 2021-11
• 期刊: IEEE Transactions on Dependable and Secure Computing
• 影响因子: 7.3
• 作者: Shangqing Zhao;Zhuo Lu;Cliff X. Wang