Research
Current Research
Past Projects
I did the following projects when I was a grad student.
- Fast and Compact Detection of Significant Patterns in High-Speed
Networks.
(This work was performed when I was a summer intern at Bell Labs.)
High-speed networks may encounter unexpected but significant patterns from a
single flow, such as the generation of huge volume of data or a sudden surge
of data. These significant patterns may show violations of service
agreements or the emergence of malicious attacks. A major issue is to identify
such significant patterns. We propose a sequential hashing algorithm that
supports fast and accurate detection of these significant patterns while
minimizing both computational overhead and memory usage. We also propose
estimation schemes to quantify the significant patterns. We evaluate
the efficacy of our algorithm using real Internet traces.
- Security in 3G Networks.
(This work was performed when I was a summer intern at Bell Labs.)
Third Generation (3G) wireless networks have become increasingly popular for
transferring data over wireless at high speed. However, due to their
complicated signaling protocols, 3G networks provide fertile ground for new
forms of DoS attacks. We consider a novel DoS attack termed signaling
attack, which can potentially bring down an entire 3G network through
low-volume, low-rate data packets. We demonstrate the damage of the
signaling attack through trace-driven studies. We devise a statistical
online detection scheme that detects the presence of the signaling attack.
- Network Fault Diagnosis and Correction.
Catastrophic conditions, such as natural disasters or DoS attacks, may damage
various components of a network. Our goal is to identify the network faults
and repair them so as to enable the network to return to an operational state.
However, the recovery procedure is complicated since network faults can
occur at multiple layers within a protocol stack and network components can
span different administrative domains.
Therefore, we consider an end-to-end approach of inferring network faults
through aggregating information from multi-path connections, with an
optimization goal of minimizing the expected cost (e.g., personnel hours or
wages) of correcting all faulty nodes. We narrow down a subset of
nodes based on a potential function that we develop, and prove that an optimal
strategy should first inspect one of those nodes.
- Resilient and Secure Multipath Routing.
Conventional routing protocols often utilizes a single path to transfer data.
This allows attackers to easily compromise a data
session by shutting down an intermediate node or link on the data
communication path. It is therefore important to sustain the ongoing data
communication in the face of network failures and malicious attacks. In
view of this, we propose distributed solutions that route a fixed
throughput or the maximum possible throughput along the best set of
multiple paths, such that the worst-case throughput loss due to a single-link
attack is minimized. Also, we evaluate the robustness of the distributed
solutions toward multi-link attacks.
- Distributed Collaborative Key Agreement for Dynamic Peer
Groups.
We consider several group key agreement protocols that allow group-oriented
applications to establish a common secret group key for secure
multipoint-to-multipoint communication. These protocols have several important
characteristics:
- distributed nature in which there is no centralized key server,
- collaborative nature in which the group key is contributory (i.e.,
each group member contributes an equal share to the resulting group
key), and
- dynamic nature in which members may join and leave the group.
We evaluate the protocols via mathematical analysis and simulations. We also
implement a C API library called SEAL to realize the protocols in real
network settings.