The 5th International Workshop on the Security, Privacy, and Digital Forensics of Mobile Systems and Networks (MobiSec 2021)

Session MobiSec-OS

Opening Session

8:30 AM — 8:40 AM EDT
May 10 Mon, 8:30 AM — 8:40 AM EDT

Session Chair

Yun Lin (Harbin Engineering University, China)

Session MobiSec-S1-NS

Network Security

8:40 AM — 10:10 AM EDT
May 10 Mon, 8:40 AM — 10:10 AM EDT

Data Privacy Security Guaranteed Network Intrusion Detection System Based on Federated Learning

Jibo Shi (Harbin Engineering University, China), Bin Ge (Harbin Engineering University, China), Yang Liu (Beijing Insititute of Astronautical Systems Engineering, China), Yu Yan (Harbin Engineering University, China), Shuang Li (Harbin Engineering University, China)

With the development of computer software, the amount of network data has increased geometrically. Therefore, how to quickly identify attacks from a large amount of network information is a meaningful research direction. The intrusion detection system (IDS) is the core barrier to protect the host from attack. It can distinguish the characteristics of intrusion behavior and the intrusion action from the data of the host. However, with the huge increase in the amount of data now, the efficiency of identifying data characteristics is getting lower and lower. In addition, smart terminal equipment such as notebooks, smart phones and wearable devices are also emerging, and these devices are connected to the internet through wireless or wired means. The physical data generated by terminal equipment involves huge amount of personal sensitive data, which poses a challenge to data privacy and security. In order to solve this problem, this paper proposes a network intrusion detection method based on federated learning and conducting experiments on the UNSW-NB15 dataset and CICIDS2018 dataset. The simulation results show that the method proposed in this paper can protect data privacy under the premise of achieving acceptable accuracy of intrusion traffic identification.

A Network Intrusion Detection Method Based on CNN and CBAM

Yang Liu (Beijing Insititute of Astronautical Systems Engineering, China), Jian Kang (Beijing Insititute of Astronautical Systems Engineering, China), Yiran Li (Beijing Institute of Technology, China), Bin Ji (Beijing Institute of Astronautical Systems Engineering, China)

The arrival of the 5G era has opened a new era of the interconnection of everything for the world. Artificial intelligence, autonomous driving, and smart cities have all reached their peaks due to the advent of 5G. However, the network environment is becoming more complex, and the types of cyberattacks are gradually increasing. Once the network device is attacked, the loss it brings cannot be calculated. The intrusion detection system is a very effective measure in protecting network security. In this paper, we proposed a novel network intrusion detection model based on Convolutional Neural Network, which introduces the Convolutional Block Attention Module. Experiments are constructed based on the CIC-IDS2018 dataset. We compare the proposed model with DNN and CNN. The results show that the accuracy of the proposed model can reach 99.8752% in the two-classification case and 97.2887% in the multi-classification case.

Lightweight and Reliable Decentralized Reward System using Blockchain

Jiawei Yuan (University of Massachusetts Dartmouth, USA), Laurent Njilla (Air Force Research Laboratory, USA)

Crowdsensing has become increasingly popular in recent years by leveraging the sensing capability of the ubiquitous Internet of Things (IoT) and mobile devices. A critical component to enable effective crowdsensing is a reliable reward system to motivate the participation of crowdsensing. In traditional crowdsensing applications, the assessment of data quality and the evaluation of each participant's rewards are performed by the central server. Hence, their fairness and reliability are based on the assumption that the server will behave correctly. Once the server suffers from software or hardware failures, or even cheats on purpose, the profit of participants cannot be guaranteed. In this paper, we propose a reliable decentralized reward system for crowdsensing by harnessing the blockchain technique. Different from existing blockchain-based crowdsensing solutions that utilize expensive consensus mechanisms in terms of computation or financial cost, we explore the power of reputation system that exists in most crowdsensing applications and securely integrate it into blockchain to design a proof of reputation consensus mechanism. On top of it, an efficient and reliable reward system using blockchain is further designed. We evaluated the performance of our proposed reward system using numerical analysis as well as simulation.

Anomaly Detection in Smart Home Networks Using Kalman Filter

Nasser Alsabilah (Howard University, USA), Danda B. Rawat (Howard University, USA)

Throughout the recent decade, smart homes have made an enormous expansion around the world among residential customers; hence the most intimate place for people became connected to cyberspace. This environment attracts more hackers because of the amount and nature of data. Therefore, the cybersecurity here is a real concern for many reasons, and the conventional security methods are not effective in the smart home environment. Many examples of cybersecurity breaches were reported within smart homes to either gain information from connected smart devices, exploit smart home devices within botnet networks to execute Distributed Denial of Service (DDoS) as well and others. Therefore, there is an insistent demand to detect these malicious attacks targeting smart appliances to protect security and privacy. This paper proposes a novel approach as a real-time cybersecurity monitoring system based on tracking the smart home behavior using a Kalman Filter algorithm to create an optimal normal behavior for the smart connected devices, Energy consumption as an input to the proposed system, and the Shapiro-Wilk test to detect abnormal behavior.

Session Chair

Yun Lin (Harbin Engineering University, China), Lei Chen (Georgia Southern University, USA)

Session MobiSec-S2-MSS

Mobile System Security

10:30 AM — 12:00 PM EDT
May 10 Mon, 10:30 AM — 12:00 PM EDT

Incremental Learning Based Radio Frequency Fingerprint Identification Using Intelligent Representation

Mingqian Liu (Xidian University, China), Jiakun Wang (Xidian University, China), Cheng Qian (University of Virginia, USA)

As a subversive revolutionary technology of wireless security, 5G physical security technology is a key means to realize the integration of security and communication. Different from the traditional endogenous security mechanism which uses the characteristics of wireless channel, this paper adopts the radio frequency fingerprint identification technology as the method to realize the physical layer security. Existing training data may arrive in batches, not all at once. If we practice from scratch, we waste both time and previous training results as well as storage space. Therefore, in this paper we propose the idea of incremental learning to improve the neural network put forward the idea of incremental learning to improve the neural network. If we receive part of the data, we can train part of it. On the premise of ensuring certain recognition accuracy, the training time and storage space are reduced. In this paper, the received signals are extracted by traditional methods, such as Hilbert Huang transform, I/Q date input, Bi-spectral transform, etc., and then input into the neural network for training classification and incremental learning for training. Simulation results show that the recognition accuracy can reach 95% with 5dB SNR, and the training time can be reduced by nearly 50% with incremental learning.

Secret Key Generation Scheme Based on Generative Adversarial Networks in FDD Systems

Zongyue Hou (Southeast University, China), Xinwei Zhang (Southeast University, China)

In frequency division duplexing (FDD) systems, the uplink and downlink transmit information in different frequency bands, so it is difficult to use channel reciprocity to generate secret key. Existing key generation methods for FDD systems have excessive overhead and security problems. This paper uses deep learning to predict the downlink CSI from the uplink CSI, so that two users can generate highly similar downlink CSI in FDD systems. We then propose a key generation scheme based on boundary equilibrium generative adversarial network (BEGAN), including channel estimation, reciprocal channel feature construction, quantization, information reconciliation and privacy amplification. Numerical simulation results are presented to verify the feasibility and effectiveness of the proposed scheme.

Trust-based Model for Securing Vehicular Networks Against RSU Attacks

Aljawharah Alnasser (King Saud University, Saudi Arabia), Hongjian Sun (Durham University, United Kingdom (Great Britain))

Intelligent Transportation System (ITS) is one of the Internet of Things (IoT) systems that can achieve reliable transportation by providing communications between vehicles and infrastructure units. The interaction between them is called Vehicle-to-Everything (V2X) communication that is bridged by LTE-V2X protocol. However, a V2X communication link faces a significant challenge in cyber-security. Road entities and Road Side Units (RSUs) are exposed to various cyber-attacks, including internal and external attacks. Internal attackers have valid credentials; thus, detecting them is still a challenge. As a result, a trust model was suggested by existing work to protect the network against internal attackers. In this paper, a global trust-based model is proposed for securing V2X communications against RSU attacks. Trust decision is made based on two levels: distributed and global levels. Each road entity can make its local decision based on the distributed trust model. Additionally, the central server has the responsibility to make the global decision and reduce the impact of various RSU attacks. Also, multiple experiments are conducted with different percentage of malicious RSUs to measure the performance of the proposed model. Simulation results show that the proposed model achieves lowest Packet Dropping Rate (PDR) values for various number of malicious nodes in comparison with existing models.

A Privacy-Aware Framework Integration into a Human-in-the-Loop IoT System

Jorge Eduardo Rivadeneira (University of Coimbra & CISUC - Center for Informatics and Systems, Portugal), Jorge Sá Silva (University of Coimbra, Portugal), Ricardo Colomo-Palacios (Østfold University College, Norway), André Rodrigues (Centre of Informatics and Systems of the University of Coimbra & Polytechnic Institute of Coimbra, ISCAC, Portugal), José Marcelo Silva Lopes Fernandes (University of Coimbra, Portugal), Fernando Boavida (University of Coimbra, Portugal)

The progressive incorporation of humans as active players within the Internet of Things domain, has positioned the smartphone as one of the main elements of this environment. The multiple functionalities that this device offers, along with its rapid evolution, have benefited usability, thus improving user experience, making this appliance a versatile pocket assistant. Nowadays, these devices comprise a large number of special-purpose sensors capable of collecting a variety of information, that along with the data from other mobile applications such as online social networks, is the fuel for new IoT systems. Much of this data is used to offer innovative services in several areas, making the smartphone an ideal medium for acquiring information. Unfortunately, the control of data flows between smartphones and new IoT systems is scarce, triggering concerns around users' privacy. Also, we could add to the list the limited privacy preservation mechanisms in current mobile operating systems. It is for this reason that this article aims to propose a privacy-preserving framework that can be integrated into people-centric IoT systems. Besides introducing the architecture of our PACHA framework, the manuscript will present the new vision of our ISABELA platform derived from the integration with the privacy-preserving model.

Session Chair

Wenjia Li (New York Institute of Technology, USA), Jibo Shi (Harbin Engineering University, China)

Made with in Toronto · Privacy Policy · INFOCOM 2020 · © 2021 Duetone Corp.