We propose an anomaly detection method for finding patterns in network traffic that do not conform to legitimate (i.e., normal) behavior. The proposed method trains a baseline model describing the normal behavior of network traffic without using manually labeled traffic data. The trained baseline model is used as the basis for comparison with the audit network traffic. This anomaly detection works in an unsupervised manner through the use of time-periodic packet sampling, which is used in a manner that differs from its intended purpose – the lossy nature of packet sampling is used to extract normal packets from the unlabeled original traffic data. Evaluation using actual traffic traces showed that the proposed method has false positive and false negative rates in the detection of anomalies regarding TCP SYN packets comparable to those of a conventional method that uses manually labeled traffic data to train the baseline model. Performance variation due to the probabilistic nature of sampled traffic data is mitigated by using ensemble anomaly detection that collectively exploits multiple baseline models in parallel. Alarm sensitivity is adjusted for the intended use by using maximum- and minimum-based anomaly detection that effectively take advantage of the performance variations among the multiple baseline models. Testing using actual traffic traces showed that the proposed anomaly detection method performs as well as one using manually labeled traffic data and better than one using randomly sampled (unlabeled) traffic data.

Cloud computing has rising as a new popular service paradigm with typical advantages as ease of use, unlimited resources and pay-as-you-go pricing model. Cloud resources are more flexible and cost-effective than private or colocation resources thus more suitable for storing the outdated backup data that are infrequently accessed by continuous data protection (CDP) systems. However, the cloud achieves low cost at the same time may slow down the recovery procedure due to its low bandwidth and high latency. In this paper, a novel block-level CDP system architecture: MYCDP is proposed to utilize cloud resources as the back-end storage. Unlike traditional delta-encoding based CDP approaches which should traverse all the dependent versions and decode the recovery point, MYCDP adopts data deduplication mechanism to eliminate data redundancy between all versions of all blocks, and constructs a version index for all versions of the protected storage, thus it can use a query-and-fetch process to recover version data. And with a specific version index data structure and a disk/memory hybrid cache module, MYCDP reduces the storage space consumption and data transfer between local and cloud. It also supports deletion of arbitrary versions without risk of invalidating some other versions. Experimental results demonstrate that MYCDP can achieve much lower cost than traditional local based CDP approaches, while remaining almost the same recovery speed with the local based deduplication approach for most recovery cases. Furthermore, MYCDP can obtain both faster recovery and lower cost than cloud based delta-encoding CDP approaches for any recovery points. And MYCDP gets more profits while protecting multiple systems together.

The fast evolving credential attacks have been a great security challenge to current password-based information systems. Recently, biometrics factors like facial, iris, or fingerprint that are difficult to forge rise as key elements for designing passwordless authentication. However, capturing and analyzing such factors usually require special devices, hindering their feasibility and practicality. To this end, we present WiASK, a device-free WiFi sensing enabled Authentication System exploring Keystroke dynamics. More specifically, WiASK captures keystrokes of a user typing a pre-defined easy-to-remember string leveraging the existing WiFi infrastructure. But instead of focusing on the string itself which are vulnerable to password attacks, WiASK interprets the way it is typed, i.e., keystroke dynamics, into user identity, based on the biologically validated correlation between them. We prototype WiASK on the low-cost off-the-shelf WiFi devices and verify its performance in three real environments. Empirical results show that WiASK achieves on average 93.7% authentication accuracy, 2.5% false accept rate, and 5.1% false reject rate.

We demonstrate a single-channel 1.28 Tbit/s-525 km transmission using OTDM of subpicosecond DQPSK signals. In order to cope with transmission impairments due to time-varying higher-order PMD, which is one of the major limiting factors in such a long-haul ultrahigh-speed transmission, we newly developed an ultrafast time-domain optical Fourier transformation technique in a round-trip configuration. By applying this technique to subpicosecond pulses, transmission impairments were greatly reduced, and BER performance below FEC limit was obtained with increased system margin.

Slow development in battery technology and rapid advances in ultra-capacitor design have motivated us to investigate the possibility of using capacitors as the sole energy storage for wireless sensor nodes to support ubiquitous computing. The starting point of this work is TwinStar, which uses ultra-capacitor as the only energy storage unit. To efficiently use the harvested energy, we design and implement feedback control techniques to match the activity of sensor nodes with the dynamic energy supply from environments. We conduct system evaluation by deploying sensor devices under three typical real-world settings -- indoor, outdoor, and mobile backpack under a wide range of system settings. Results indicate our feedback control can effectively utilize energy and ensure system sustainability. Nodes running feedback control have longer operational time than the ones running non-feedback control.

Scalable video coding with different modulation and coding schemes (MCSs) applied to different video layers is very appropriate for wireless multicast services because it can provide different video quality to different users according to their channel conditions, and a promising solution to handle packet losses induced by fading wireless channels is the use of layered hybrid FEC/ARQ scheme according to light-weight feedback messages from users about how many packets they have received. It is important to choose an appropriate MCS for each layer, decide how many parity packets in one layer should be transmitted, and determine the resources allocated to multiple video sessions to apply scalable video coding to wireless multicast streaming. We prove that such resource allocation problem is NP-hard and propose an approximate optimal algorithm with a polynomial run time. The algorithm can get the optimal transmission configuration to maximize the expected utility for all users where the utility can be a generic non-negative, non-decreasing function of the received rate. The results from simulations revealed that our algorithm offer significant improvements to video quality over a nave algorithm, an optimal algorithm without feedback from users, and an algorithm with feedback from designated users, especially in scenarios with multiple video sessions and limited radio resources.

Established in self-organized mode between mobile terminals (MT), mobile Ad Hoc networks are characterized by a fast change of network topology, limited power dissipation of network node, limited network bandwidth and poor security of the network. Therefore, this paper proposes an efficient one round certificateless authenticated group key agreement (OR-CLAGKA) protocol to satisfy the security demand of mobile Ad Hoc networks. Based on elliptic curve public key cryptography (ECC), OR-CLAGKA protocol utilizes the assumption of elliptic curve discrete logarithm problems (ECDLP) to guarantee its security. In contrast with those certificateless authenticated group key agreement (GKA) protocols, OR-CLAGKA protocol can reduce protocol data interaction between group users and it is based on efficient ECC public key infrastructure without calculating bilinear pairings, which involves negligible computational overhead. Thus, it is particularly suitable to deploy OR-CLAGKA protocol on MT devices because of its limited computation capacity and power consumption. Also, under the premise of keeping the forward and backward security, OR-CLAGKA protocol has achieved appropriate optimization to improve the performance of Ad Hoc networks in terms of frequent communication interrupt and reconnection. In addition, it has reduced executive overheads of key agreement protocol to make the protocol more suitable for mobile Ad Hoc network applications.