Yawen Wei

 

Biography

Research

Teaching

Publications

Honors and Awards

Professional Activities

 

 

Research

My general research interests span the areas of information assurance, applied cryptography, and computer forensics. In particular, I have been focusing on the design of security schemes to prevent wireless networks from malicious attacks, while keeping these solutions efficient for resource-constrained computing devices and suitable for distributed and scalable deployment. My broad research interests also include RFID system security, network protocol design, and web-based security.

At Iowa State University, I have gained many opportunities of working with many faculty members and graduate students on multiple projects. I really value these collaborations because researchers from different areas can often bring different specialties and fresh ideas, which helps lead to successful and quality research. Meanwhile, I actively attended international conferences and served as the Technical Program Committee member. All these experiences are definitely helpful and will provide me with a wide range of cooperation and funding opportunities in the future.

CURRENT RESEARCH

My Ph.D. thesis work explores in depth the design of a secure and reliable wireless sensor communication system with the capacity of observing the physical world and communicating with existing network infrastructures such as the global Internet. To achieve this goal, two main challenges are addressed. The first challenge is to provide correct location estimations to sensors, which is critical part of the information in sensors' observation reports. The second challenge is to assure data integrity and communication efficiency when sensors are interacting with Internet users.

Wireless Sensor Networks (WSNs) have become a very active research area in recent years. Many novel applications have been proposed and some are implemented in the real world. WSNs are consisted of sensors that are densely deployed throughout a physical space to monitor environmental conditions, process sensed information, and communicate the information to a base station. The base station is always wire-linked to the Internet and remotely controlled by Internet users. WSNs offer great flexibility to observe, monitor and control the physical world; on the other side, they also pose new challenges for security and privacy. The wireless communication is vulnerable to eavesdropping, interception, alteration and injection; more severely, sensors are constrained in computation capacity, transmission bandwidth, memory and power resources. Therefore, most traditional security mechanisms render impractical, and it becomes important to design lightweight and robust schemes to secure WSNs.

  • Secure Localization in WSNs

Assuring the correctness of sensors' locations is the first and fundamental step to guarantee smooth operations of WSNs because the location information is crucial for many applications. For example, in battlefield surveillance, a sensor which detects an enemy tank should report where its location is; in spatial IP address assignment scheme, each sensor needs to construct its IP address from its physical location; in many routing protocols, a sensor should know which neighbor is closest to the destination to forward a packet.

To determine sensors' locations, a sensor often needs to rely on other sensors' locations and/or the distance measurements to its neighbors, but those locations may be forged and the distance measurements may be manipulated by adversaries [1]. Therefore, we proposed a number of mechanisms to defend against various attacks and to increase sensors' localization accuracies.

Wormhole attack is a notorious attack in which the adversaries record the wireless messages heard at one location, transmit them through a wired link (wormhole) and replay at another location. Some existing schemes against wormhole attacks either require special hardware or tight synchronization, or incur high computation overhead on sensors. We proposed a lightweight anchor-grouping scheme [2], in which the anchors (the sensors equipped with GPS) dynamically form groups and encapsulate their locations with group indexes, and ordinary sensor estimates its location based on anchors with the maximally consistent group indexes. Our scheme is lightweight and is proved to be capable of efficiently filtering out wormhole attacks.

Pollution attack is especially detrimental to multi-hop localization schemes, where a sensor's corrupted location impacts locations of many other sensors and pollutes the entire sensor network. Therefore, it is important to eliminate bad location references as early as possible. We designed the first scheme COTA [3] to defend against pollution attacks. We proposed two methods (the statistic indicator and the geographical indicator) to generate a confidence tag for each localized sensor. The tag value indicates the quality of a sensor's location and is used as optimization weight in trilateration computations. The simulation results show that COTA effectively prevents the proliferation of location errors and achieves much lower average localization error for sensors.

Location verification is an important and necessary second-line of defense and takes place after localization phase has been terminated. The goal is to detect and eliminate abnormal locations of sensors. We proposed two verification algorithms [4], both of which utilize a verification center to explore the inconsistency between sensors' locations and their neighborhood observations to detect anomalies. Our algorithms do not require any specialized hardware or deployment knowledge of the sensor field, which is a great advantage compared to other verification algorithms. Later, we studied a more advanced problem of the verification of a sensor's location in a specific application-tolerant region. We proposed a probabilistic method [5] in which a two-dimensional distribution is estimated for each sensor's location, and the in-region confidence is calculated. Our method achieves high detection rate and low false positive rate, and is lightweight in term of both communication cost and hardware expense.

Implementation of the localization algorithms in WSNs is a challenging task given that WLAN signal strength cannot provide accurate distance measurements. We proposed and implemented a statistical indoor localization scheme [6, 7] using WLAN measurements. In our method, a radio strength map is built using LOESS local regression model on a training set, and sensors' locations are estimated using Maximum Likelihood Estimations. Compared with other localization schemes, our method is simpler, more systematic and more accurate as the average error can be bounded less than 2 meters.

  • Secure Data Transmission in WSNs

For many applications, the WSNs cannot operate as stand-alone networks. We must integrate WSNs with an existing network infrastructure such as Internet to enable a monitoring entity to gain remote access to the sensed data. However, it is challenging to design secure data transmission mechanisms which are lightweight enough to be squeeze into such a tiny system.

Network coding is a new forwarding technique which allows intermediate nodes to perform coding operations on input packets instead of the traditional duplicating. It can maximize network throughput and gain more applications in wireless networks, wireless sensor networks and P2P applications. However, the coding operations are vulnerable to both passive and active attacks [8]. To defend against the passive attacks, we designed an algorithm [9] which utilizes hash functions to preprocess the messages at the source. Unlike other mechanisms, our method does not increase the finite field size or sacrifice any network throughput. To detect and prevent the active attacks, we developed a homomorphic signature scheme [10] to secure linear coding, and proposed an interleaved-MAC scheme [11] to secure XOR coding. The latter one won a NSF funded project of $400,000.

Multicast services are essential for many interactive applications proposed in both WSNs and Internet. Our first effort was directed toward the design of efficient and scalable multicast architecture in the Internet. Generally, multicast services can be implemented either at IP layer or at application layer. However, each approach has its own limitations: The former cannot scale to large-size groups due to the reliability and resource constraints of end-hosts; the latter violates the stateless paradigm of Internet and incurs many difficulties to congestion control and flow control. We proposed a novel architecture [12] which uses centralized membership management and source-encoding forwarding technique to facilitate inter-domain multicasts. Simulations results indicate that our protocol can reduce the worst-case link stress by one magnitude compared to state-of-art protocols and can bound the extra network cost within one percent of the total cost in traditional IP multicast.

FUTURE RESEARCH

My long-term research goal is to develop effective and practical solutions to improve the assurance of computation and communication in future heterogeneous networking systems, and to assist law enforcement practitioners with cyber criminal investigations. In my previous research, I have mainly focused on secure localization and secure data transmission in wireless sensor networks. However, there are many more challenging issues in securing WSNs and other wireless networks. The war between security researchers and adversaries will never end, as the emergences of new applications and techniques will continuously pose new challenges for security. In my short-term research plan, I am interested in continuing the research related to the following topics.

  • Wireless Networks Security

To secure communications in wireless networks, secret keys provide the direct support to data confidentiality, integrity, authentication and authorization. I will conduct research in key management to address several challenging problems. First, since wireless nodes frequently join and leave a group due to unexpected failures, temporary disconnection or node update, it is an intriguing topic to design proper schemes to maintain group keys with low overhead and strong resilience to key disclosure. Second, group keys are desired to have self-healing property to accommodate unreliable wireless communication. This will add more complexity to key management designs. Third, group keys should be easily revoked due to compromised nodes. Majority voting cannot be applied trivially because the compromised nodes can cast votes against benign ones, thus better solutions will be explored.

My future work will also continue in providing data integrity and authentication for network coding systems. Our previous research about eavesdropping attacks and pollution attacks is the first step. There is a great diversity of unsolved problems. For example, how to defend against denial-of-service attacks where compromised intermediate nodes drop messages to cause incorrect decoding at the receivers? How to deal with situations where adversaries deploy some false sources to inject forged messages? How to mitigate the pollution attacks where multiple sources or multiple unicast-pairs exist?  

  • Computer Network Security

Computer forensics has been the research focus of our cyber forensics lab at Iowa State University for a number of years. I have worked with other researchers and served as teaching assistant for the course Computer Forensic for several semesters. Based on my direct experience, I firmly believe computer forensics is a promising direction to address the rapidly growing cyber crimes. Specifically, I am interested in tackling challenging problems in malicious botnets and online frauds.

Malicious botnets are networks of compromised hosts which can launch distributed denial-of-service attacks, send spam emails, serve phishing sites, and perform click frauds. Botnets can not only severely undermine the reliability of online commerce applications, but also pose a significant and growing threat to the Internet. Although some countermeasures have been proposed against traditional botnets, the developers of botnets may utilize more sophisticated mechanisms to evade detections. For example, P2P-based botnets use peer-to-peer networks for command and control communications, and are more concealable and robust compared with traditional centralized-organized botnets.

Online frauds such as spim, phishing and pharming have been rapidly growing as the Internet evolves as a global e-commerce infrastructure. I am especially interested in the auction fraud that targets Internet auction systems (e.g. eBay), and the click fraud that targets pay-per-click advertising. Auction frauds have been reported as the most prevalent Internet fraud because current widely-used reputation systems can be easily manipulated by fraudsters, who purchase good ''reputations'' with little cost or solicit helps from their accomplices to inflate their ''reputations''. Unfortunately, current mechanisms can hardly detect all potential frauds both accurately and efficiently. In click frauds, the fraudsters often use an automated script to imitate legitimate users to click on advertisements. Their purpose may be to cheat the payment from advertisers or to waste the financial resource of competitors. Detecting fraudulent clicks from a huge volume of click records is difficult and it will be one of the interesting areas of my future research.

  • RFID System Security

RFID system has many applications for both business and private individuals. In the foreseeable future, we would become as dependent on RFID technology as we are on e-mail or cellular phones today. Unsurprisingly, RFID systems are vulnerable to a number of malicious attacks such as eavesdropping, impersonating or physically compromising. We have devoted our efforts [13, 14] to design protocols that can achieve authentication, secure ownership transfer and secure search for low-cost RFID systems. There is still plenty of space for improvement. I am willing to devote my efforts to remove the possibility of tracking attacks which are launched by persistent active attackers. Also, I would remove the assumption that a secure backward channel exists between reader and tag in the two-party ownership transfer protocol. Furthermore, I want to utilize real ASIC hardware, including PUF and LFSR circuits, to provide more data on the stability and functionality of the proposed protocols.

In summary, my future research plan contains a variety of security issues in wireless networks, computer networks and RFID systems. My research will cover the areas of information assurance, applied cryptography, statistics, network protocols and digital forensics. I am sure that my past and current research experience will put me in an excellent position to conduct further in-depth investigations. Moreover, I can effectively incorporate my research and expertise into graduate and undergraduate curricula through course materials, homework and projects in traditional computer science/engineering courses. I expect such courses would attract students with diverse backgrounds and provide them with advanced technologies and valuable research experiences.