A&S Graduate Studies
This calendar presented by
A&S Graduate Studies
[PAST EVENT] Zhengrui Qin, Computer Science - Ph.D. Defense
April 6, 2016
9:30am - 11:30am
Abstract:
A cyber-physical system (CPS) is a sensing and communication platform that features tight integration and combination of computation, networking, and physical processes. In such a system, embedded computers and networks monitor and control the physical processes through a feedback loop, in which physical processes affect computations and vice versa. In recent years, CPS has caught much attention in many different aspects of research, such as security and privacy. In this dissertation, we focus on supporting security in CPS and its communication networks.
First, we investigate the electric power system, which is an important CPS in modern society. As crucial and valuable infrastructure, the electric power system inevitably becomes the target of malicious users and attackers. In our work, we point out that the electric power system is vulnerable to potential cyber attacks, and we introduce a new type of attack model, in which an attack cannot be completely identified, even though its presence may be detected. To defend against such an attack, we present an efficient heuristic algorithm to narrow down the attack region, and then enumerate all feasible attack scenarios. Furthermore, based on the feasible attack scenarios, we design an optimization strategy to minimize the damage caused by the attack. Finally, we present an algorithm for the control center of the system to efficiently exclude some of the feasible attack scenarios by utilizing limited physical-check resources, and we show an efficient strategy for the attacker to launch an unidentifiable attack with the least effort.
Next, we study cognitive radio networks, which are a typical communication network in CPS in the areas of security and privacy. As for the security of cognitive radio networks, we point out that a prominent existing algorithm in cooperative spectrum sensing works poorly under certain attack models. Namely, when an attacker compromises a set of nodes in the network, and injects self-consistent, but false, data to these compromised nodes simultaneously. In defense of this attack, we present a modified combinatorial optimization algorithm that utilizes the branch-and-bound method in a decision tree to identify all possible false data efficiently.
In regard to privacy in cognitive radio networks, we consider incentive based cognitive radio transactions, where the primary users sell time slices of their licensed spectrum to secondary users in the network. There are two concerns in such a transaction. The first is the primary user's interest, and the second is the secondary user's privacy. To verify that the payment made by a secondary user is trustworthy, the primary user needs detailed spectrum utilization information from the secondary user. However, disclosing this detailed information compromises the secondary user's privacy. To solve this dilemma, we propose a privacy-preserving scheme by repeatedly using commitment schemes and zero-knowledge proof schemes. We provide that the secondary user's privacy is protected, and at the same time the primary user's payment calculation is accurate.
Short Bio:
Zhengrui Qin is a Ph.D. candidate in the Department of Computer Science at William & Mary. His research interests include cyber security and mobile computing. He previously received M.S. and B.S. from Dartmouth College and Beijing University, respectively.
A cyber-physical system (CPS) is a sensing and communication platform that features tight integration and combination of computation, networking, and physical processes. In such a system, embedded computers and networks monitor and control the physical processes through a feedback loop, in which physical processes affect computations and vice versa. In recent years, CPS has caught much attention in many different aspects of research, such as security and privacy. In this dissertation, we focus on supporting security in CPS and its communication networks.
First, we investigate the electric power system, which is an important CPS in modern society. As crucial and valuable infrastructure, the electric power system inevitably becomes the target of malicious users and attackers. In our work, we point out that the electric power system is vulnerable to potential cyber attacks, and we introduce a new type of attack model, in which an attack cannot be completely identified, even though its presence may be detected. To defend against such an attack, we present an efficient heuristic algorithm to narrow down the attack region, and then enumerate all feasible attack scenarios. Furthermore, based on the feasible attack scenarios, we design an optimization strategy to minimize the damage caused by the attack. Finally, we present an algorithm for the control center of the system to efficiently exclude some of the feasible attack scenarios by utilizing limited physical-check resources, and we show an efficient strategy for the attacker to launch an unidentifiable attack with the least effort.
Next, we study cognitive radio networks, which are a typical communication network in CPS in the areas of security and privacy. As for the security of cognitive radio networks, we point out that a prominent existing algorithm in cooperative spectrum sensing works poorly under certain attack models. Namely, when an attacker compromises a set of nodes in the network, and injects self-consistent, but false, data to these compromised nodes simultaneously. In defense of this attack, we present a modified combinatorial optimization algorithm that utilizes the branch-and-bound method in a decision tree to identify all possible false data efficiently.
In regard to privacy in cognitive radio networks, we consider incentive based cognitive radio transactions, where the primary users sell time slices of their licensed spectrum to secondary users in the network. There are two concerns in such a transaction. The first is the primary user's interest, and the second is the secondary user's privacy. To verify that the payment made by a secondary user is trustworthy, the primary user needs detailed spectrum utilization information from the secondary user. However, disclosing this detailed information compromises the secondary user's privacy. To solve this dilemma, we propose a privacy-preserving scheme by repeatedly using commitment schemes and zero-knowledge proof schemes. We provide that the secondary user's privacy is protected, and at the same time the primary user's payment calculation is accurate.
Short Bio:
Zhengrui Qin is a Ph.D. candidate in the Department of Computer Science at William & Mary. His research interests include cyber security and mobile computing. He previously received M.S. and B.S. from Dartmouth College and Beijing University, respectively.