Jian Ren

Michigan State University, Ист-Лансинг, Michigan, United States

Are you Jian Ren?

Claim your profile

Publications (70)57.65 Total impact

  • Di Tang, Tongtong Li, Jian Ren, Jie Wu
    [Show abstract] [Hide abstract]
    ABSTRACT: Lifetime optimization and security are two conflicting design issues for multi-hop wireless sensor networks (WSNs) with non-replenishable energy resources. In this paper, we first propose a novel secure and efficient Cost-Aware SEcure Routing (CASER) protocol to address these two conflicting issues through two adjustable parameters: energy balance control (EBC) and probabilistic-based random walking. We then discover that the energy consumption is severely disproportional to the uniform energy deployment for the given network topology, which greatly reduces the lifetime of the sensor networks. To solve this problem, we propose an efficient non-uniform energy deployment strategy to optimize the lifetime and message delivery ratio under the same energy resource and security requirement. We also provide a quantitative security analysis on the proposed routing protocol. Our theoretical analysis and OPNET simulation results demonstrate that the proposed CASER protocol can provide an excellent tradeoff between routing efficiency and energy balance, and can significantly extend the lifetime of the sensor networks in all scenarios. For the non-uniform energy deployment, our analysis shows that we can increase the lifetime and the total number of messages that can be delivered by more than four times under the same assumption. We also demonstrate that the proposed CASER protocol can achieve a high message delivery ratio while preventing routing traceback attacks.
    IEEE Transactions on Parallel and Distributed Systems 04/2015; 26(4):960-973. DOI:10.1109/TPDS.2014.2318296 · 2.17 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper considers primary user emulation attacks in cognitive radio networks operating in the white spaces of the digital TV (DTV) band. We propose a reliable AES-assisted DTV scheme, in which an AES-encrypted reference signal is generated at the TV transmitter and used as the sync bits of the DTV data frames. By allowing a shared secret between the transmitter and the receiver, the reference signal can be regenerated at the receiver and used to achieve accurate identification of the authorized primary users. In addition, when combined with the analysis on the autocorrelation of the received signal, the presence of the malicious user can be detected accurately whether or not the primary user is present. We analyze the effectiveness of the proposed approach through both theoretical analysis and simulation examples. It is shown that with the AES-assisted DTV scheme, the primary user, as well as malicious user, can be detected with high accuracy under primary user emulation attacks. It should be emphasized that the proposed scheme requires no changes in hardware or system structure except for a plug-in AES chip. Potentially, it can be applied directly to today's DTV system under primary user emulation attacks for more efficient spectrum sharing.
    IEEE Transactions on Information Forensics and Security 05/2014; 9(5):772-781. DOI:10.1109/TIFS.2014.2310355 · 2.07 Impact Factor
  • Jian Li, Yun Li, Jian Ren, Jie Wu
    [Show abstract] [Hide abstract]
    ABSTRACT: Message authentication is one of the most effective ways to thwart unauthorized and corrupted messages from being forwarded in wireless sensor networks (WSNs). For this reason, many message authentication schemes have been developed, based on either symmetric-key cryptosystems or public-key cryptosystems. Most of them, however, have the limitations of high computational and communication overhead in addition to lack of scalability and resilience to node compromise attacks. To address these issues, a polynomial-based scheme was recently introduced. However, this scheme and its extensions all have the weakness of a built-in threshold determined by the degree of the polynomial: when the number of messages transmitted is larger than this threshold, the adversary can fully recover the polynomial. In this paper, we propose a scalable authentication scheme based on elliptic curve cryptography (ECC). While enabling intermediate nodes authentication, our proposed scheme allows any node to transmit an unlimited number of messages without suffering the threshold problem. In addition, our scheme can also provide message source privacy. Both theoretical analysis and simulation results demonstrate that our proposed scheme is more efficient than the polynomial-based approach in terms of computational and communication overhead under comparable security levels while providing message source privacy.
    IEEE Transactions on Parallel and Distributed Systems 05/2014; 25(5):1223-1232. DOI:10.1109/TPDS.2013.119 · 2.17 Impact Factor
  • Jian Li, Tongtong Li, Jian Ren
    [Show abstract] [Hide abstract]
    ABSTRACT: Distributed storage plays a crucial role in the current cloud computing framework. After the theoretical bound for distributed storage was derived by the pioneer work of the regenerating code, Reed-Solomon code based regenerating codes were developed. The RS code based minimum storage regeneration code (RS-MSR) and the RS code based minimum bandwidth regeneration code (RS-MBR) can achieve the theoretical bounds on the MSR point and the MBR point respectively in code regeneration. They can also maintain the MDS property in code reconstruction. However, in the hostile network where the storage nodes can be compromised and the packets can be tampered with, the storage capacity of the network can be significantly affected. In this paper, we propose a Hermitian code based regenerating (H-MSR) code. We first prove that this code can achieve the theoretical MSR bound. We then propose data regeneration and reconstruction algorithms for the H-MSR code in both error-free network and hostile network. Theoretical evaluation shows that our proposed schemes can detect the erroneous decodings and correct more errors in the hostile network than the RS-MSR code with the same code rate. Our analysis also demonstrates that the proposed H-MSR code has a lower complexity than the RS-MSR code in both code regeneration and code reconstruction.
    IEEE INFOCOM 2014 - IEEE Conference on Computer Communications; 04/2014
  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper explores reliable data fusion in mobile access wireless sensor networks under Byzantine attacks. We consider the q-out-of-m rule, which is popular in distributed detection and can achieve a good tradeoff between the miss detection probability and the false alarm rate. However, a major limitation with it is that the optimal scheme parameters can only be obtained through exhaustive search, making it infeasible for large networks. In this paper, first, by exploiting the linear relationship between the scheme parameters and the network size, we propose simple but effective sub-optimal linear approaches. Second, for better flexibility and scalability, we derive a near-optimal closed-form solution based on the central limit theorem. Third, subjecting to a miss detection constraint, we prove that the false alarm rate of q-out-of-m diminishes exponentially as the network size increases, even if the percentage of malicious nodes remains fixed. Finally, we propose an effective malicious node detection scheme for adaptive data fusion under time-varying attacks; the proposed scheme is analyzed using the entropy-based trust model, and shown to be optimal from the information theory point of view. Simulation examples are provided to illustrate the performance of proposed approaches under both static and dynamic attacks.
    IEEE Transactions on Parallel and Distributed Systems 04/2014; 25(4):950-959. DOI:10.1109/TPDS.2013.74 · 2.17 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: This article introduces a unified framework for quantitative characterization of various wireless networks. We first revisit the evolution of centralized, ad-hoc and hybrid networks, and discuss the trade-off between structure-ensured reliability and efficiency, and ad-hoc enabled flexibility. Motivated by the observation that the number of hops for a basic node in the network to reach the base station or the sink has a direct impact on the network capacity, delay, efficiency and their evaluation techniques, we introduce the concept of the N-hop networks. It can serve as a general framework that includes most existing network models as special cases, and can also make the analytical characterization of the network performance more tractable. Moreover, for network security, it is observed that hierarchical structure enables easier tracking of user accountability and malicious node detection; on the other hand, the multi-layer diversity increases the network reliability under unexpected network failure or malicious attacks, and at the same time, provides a flexible platform for privacy protection.
    IEEE Wireless Communications 04/2014; 21(2):98-105. DOI:10.1109/MWC.2014.6812297 · 6.52 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Remote data integrity checking (RDIC) enables a server to prove to an auditor the integrity of a stored file. It is a useful technology for remote storage such as cloud storage. The auditor could be a party other than the data owner; hence, an RDIC proof is based usually on publicly available information. To capture the need of data privacy against an untrusted auditor, Hao et al. formally defined “privacy against third party verifiers” as one of the security requirements and proposed a protocol satisfying this definition. However, we observe that all existing protocols with public verifiability supporting data update, including Hao et al.’s proposal, require the data owner to publish some meta-data related to the stored data. We show that the auditor can tell whether or not a client has stored a specific file and link various parts of those files based solely on the published meta-data in Hao et al.’s protocol. In other words, the notion “privacy against third party verifiers” is not sufficient in protecting data privacy, and hence, we introduce “zero-knowledge privacy” to ensure the third party verifier learns nothing about the client’s data from all available information. We enhance the privacy of Hao et al.’s protocol, develop a prototype to evaluate the performance and perform experiment to demonstrate the practicality of our proposal.
    International Journal of Information Security 01/2014; DOI:10.1007/s10207-014-0263-8 · 0.94 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we propose a novel mobile access coordinated wireless sensor network (MC-WSN) architecture for reliable and efficient information exchange. In conventional sensor networks with mobile access points (SENMA), the mobile access points (MAs) traverse the network to collect information directly from individual sensors. While simplifying the routing process, a major limitation with SENMA is that a transmission is made only if an MA visits the corresponding source node; thus, data transmission is limited by the physical speed of the MAs and the length of their trajectory, resulting in low throughput and huge delay. The proposed MC-WSN architecture resolves this problem and provides an efficient solution for time-sensitive information exchange. In MC-WSN, the delay is effectively managed through hop number control. We analyze the throughput of the network, and show that the throughput of the MC-WSN is independent of the physical speed or the trajectory length of the mobile access point. The effectiveness of the proposed approach is demonstrated through simulations.
    2013 IEEE Globecom Workshops (GC Wkshps); 12/2013
  • Jian Li, Tongtong Li, Jian Ren
    [Show abstract] [Hide abstract]
    ABSTRACT: Linear network coding provides a new communication diagram to significantly increase the network capacity by allowing the relay nodes to encode the incoming messages. However, this communication diagram is fragile to communication errors and node compromising attacks. How to combat errors while maintaining the network efficiency is a challenging research problem. In this paper, we characterize a linear network coding through a series of cascaded linear error-control codes. This representation enables us to determine the independent source of errors in the cascaded network level. It could lead to a successful decoding of the original message and locating of the malicious network nodes. We provide comprehensive theoretical analysis on network coding in both unicast and multicast scenarios. Our research provides a new approach to understand network coding schemes and also a novel methodology to develop network coding schemes that can combat node compromising attacks and locate the malicious nodes.
    GLOBECOM 2013 - 2013 IEEE Global Communications Conference; 12/2013
  • Chao Yang, Jian Ren, Jianfeng Ma
    [Show abstract] [Hide abstract]
    ABSTRACT: With the rapid adoption of cloud storage services, a great deal of data is being stored at remote servers, so a new technology, client-side deduplication, which stores only a single copy of repeating data, is proposed to identify the client's deduplication and save the bandwidth of uploading copies of existing files to the server. It was recently found, however, that this promising technology is vulnerable to a new kind of attack in which by learning just a small piece of information about the file, namely its hash value, an attacker is able to obtain the entire file from the server. In this paper, to solve this problem, we propose a cryptographically secure and efficient scheme for a client to prove to the server his ownership on the basis of actual possession of the entire original file instead of only partial information about it. Our scheme utilizes the technique of spot checking in which the client only needs to access small portions of the original file, dynamic coefficients and randomly chosen indices of the original files. Our extensive security analysis shows that the proposed scheme can generate provable ownership of the file and maintain high detection probability of client misbehavior. Both performance analysis and simulation results demonstrate that our proposed scheme is much more efficient than the existing schemes, especially in reducing the burden of the client. Copyright © 2013 John Wiley & Sons, Ltd.
    Security and Communication Networks 07/2013; DOI:10.1002/sec.784 · 0.43 Impact Factor
  • Jian Ren, Lein Harn
    [Show abstract] [Hide abstract]
    ABSTRACT: Anonymous authentication enables any user to be authenticated without being identified. (t,n)-threshold ring signatures, introduced by Bresson et. al., are ring signature schemes that allow a group of t members to jointly sign a message anonymously in a ring of n members. Threshold ring signature schemes provide a nice tradeoff between anonymity and creditability since it allows multiple ring members to sign a message jointly. The complexity in both signature generation and signature verification of the threshold ring signature scheme proposed by Bresson et. al. is mathcal{O}(n^2). They also proposed an efficient threshold ring signature scheme based on an (n,t)-complete fair partition, with complexity mathcal{O}(n log n). In this paper, a new efficient (t,n)-threshold ring signature scheme is proposed. This scheme is constructed through a system of t linear equations and n variables, where t is generally a fixed number that is much smaller than n. The proposed threshold ring signature scheme can provide unconditional signer ambiguity, threshold unforgeability and provable security in the random oracle model. The complexity of signature generation and signature verification of the proposed threshold ring signature scheme are mathcal{O}(t log^2_2t) and mathcal{O}(n), respectively. Furthermore, the length of the threshold ring signature is the same as the regular ring signature introduced by Rivest et. al., which is 2n+2, while the length of the threshold ring signature scheme proposed by Bresson et. al. is 3n-t+3.
    IEEE Transactions on Wireless Communications 03/2013; 12(3):1018-1025. DOI:10.1109/TWC.2012.12.112120 · 2.76 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper considers architecture design of mobile access coordinated wireless sensor networks (MC-WSN) for reliable and efficient information exchange. In sensor networks with mobile access points (SENMA), the mobile access points collect information directly from individual sensors as they traverse the network, such that no routing is needed in data transmission. While being energy efficient, a major limitation with SENMA is the large delay in data collection, making it undesirable for timesensitive applications. In the proposed MC-WSN architecture, the sensor network is coordinated by powerful mobile access points (MA), such that the number of hops from each sensor to the MA is minimized and limited to a prespecified number through active network deployment and network topology design. Unlike in SENMA, where the data collection delay depends on the physical speed of the MA, in MC-WSN, the delay depends on the number of hops and the electromagnetic wave speed, and is independent of the physical speed of the MA. This innovative architecture is energy efficient, resilient, fast reacting and can actively prolong the lifetime of sensor networks. Our simulations show that the proposed MC-WSN can achieve higher energy-efficiency and orders of magnitude lower delay over SENMA, especially for large-scale networks.
    Communications (ICC), 2013 IEEE International Conference on; 01/2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: Wireless networks are challenged in efficiency and security. This article is devoted to the fundamental study of cognitive communications in wireless networks after analyzing the limitations in today??s cognitive radios. The research scope includes architecture design, resource management, anti-interference/interception system design through multi-layer diversity, routing anonymity, and security analysis.
    IEEE Wireless Communications 08/2012; 19(4):82-88. DOI:10.1109/MWC.2012.6272427 · 6.52 Impact Factor
  • Source
    Lei Zhang, Jian Ren, Tongtong Li
    [Show abstract] [Hide abstract]
    ABSTRACT: In this correspondence, we provide a general jamming model, through which all the existing models can be summarized and extended to the time-varying case under one unified framework. We analyze the time varying jamming power spectral density, and propose a new jamming classification scheme by introducing the concepts of time-varying jamming coherence time and time-frequency jamming coherence bandwidth. Specific methods on power spectrum estimation are provided for time-varying jamming that is stationary or locally stationary.
    IEEE Transactions on Signal Processing 07/2012; 60(7):3902-3907. DOI:10.1109/TSP.2012.2193574 · 3.20 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Secure and efficient communication between human being and managed devices is critical for Smart Grid and Smart Home. This article considers the architecture and design of a secure access gateway (SAG) for home area networks. The SAG serves as the interface between the remote users and the managed devices, such that real-time secure monitoring and control of the devices can be achieved through a Smart Phone. We try to address the security and capacity challenges using multilayer techniques. Security enhancement is ensured through network layer protocol development, as well as inherently secure physical layer transceiver design. Capacity improvement is achieved using dynamic resource management. Remote monitoring and control of home/office devices through a Smart Phone is coming closer to us more than ever before.
    IEEE Wireless Communications 06/2012; 19(3):66-73. DOI:10.1109/MWC.2012.6231161 · 6.52 Impact Factor
  • Source
    Yun Li, Jian Ren, Jie Wu
    [Show abstract] [Hide abstract]
    ABSTRACT: Wireless sensor networks (WSNs) have been widely used in many areas for critical infrastructure monitoring and information collection. While confidentiality of the message can be ensured through content encryption, it is much more difficult to adequately address source-location privacy (SLP). For WSNs, SLP service is further complicated by the nature that the sensor nodes generally consist of low-cost and low-power radio devices and computationally intensive cryptographic algorithms (such as public-key cryptosystems), and large scale broadcasting-based protocols may not be suitable. In this paper, we first propose criteria to quantitatively measure source-location information leakage in routing-based SLP protection schemes for WSNs. Through this model, we identify vulnerabilities of some well-known SLP protection schemes. We then propose a scheme to provide source-location privacy through routing to a randomly selected intermediate node (RSIN) and a network mixing ring (NMR). Our security analysis, based on the proposed criteria, shows that the proposed scheme can provide excellent SLP. Our comprehensive simulation results demonstrate that the proposed scheme is very efficient and can achieve a high message delivery ratio. We believe it can be used in many practical applications.
    IEEE Transactions on Parallel and Distributed Systems 03/2012; DOI:10.1109/TPDS.2011.260 · 2.17 Impact Factor
  • Source
    Yun Li, Jian Li, Jian Ren, Jie Wu
    [Show abstract] [Hide abstract]
    ABSTRACT: Message authentication is one of the most effective ways to thwart unauthorized and corrupted traffic from being forwarded in wireless sensor networks (WSNs). To provide this service, a polynomial-based scheme was recently introduced. However, this scheme and its extensions all have the weakness of a built-in threshold determined by the degree of the polynomial: when the number of messages transmitted is larger than this threshold, the adversary can fully recover the polynomial. In this paper, we propose a scalable authentication scheme based on elliptic curve cryptography (ECC). While enabling intermediate node authentication, our proposed scheme allows any node to transmit an unlimited number of messages without suffering the threshold problem. In addition, our scheme can also provide message source privacy. Both theoretical analysis and simulation results demonstrate that our proposed scheme is more efficient than the polynomial-based approach in terms of communication and computational overhead under comparable security levels while providing message source privacy.
    Proceedings - IEEE INFOCOM 01/2012; DOI:10.1109/INFCOM.2012.6195761
  • [Show abstract] [Hide abstract]
    ABSTRACT: While linear network coding can improve the throughput significantly in network environment with little additional computational overhead, it is fragile to communication errors and node compromising attacks. To combat the errors in network coding, both error-detection and error-correction based schemes have been proposed. In this paper, we provide a novel methodology to characterize linear network coding through error-control coding. Our main idea is to represent each linear network coding with an error-control coding. We provide comprehensive theoretical analysis on the relationships between linear network coding and error-control coding in both unicast and multicast scenarios. We find that these two codes are essentially identical in algebraic aspects. Our research provides a new approach to understand network coding schemes and also a novel methodology to develop network coding schemes that can combat communication errors and also node compromising attacks.
    Global Communications Conference (GLOBECOM), 2012 IEEE; 01/2012
  • [Show abstract] [Hide abstract]
    ABSTRACT: Along with the advent of reconfigurable radios, hostile jamming is no longer limited to military applications, but has become a serious threat for civilian wireless communications, where OFDM has been identified as one of the most efficient transmission technologies. In this paper, we consider reliable transmission of OFDM systems under multi-tone jamming. We propose to enhance the jamming resistance of OFDM through symbol level precoding. Our approach is to find the optimal precoder and decoder that can minimize the MSE between the transmitted and the estimated symbols, subject to a given transmit power constraint. Closed-form solutions are derived, and further demonstrated through simulation examples. It is observed that adding controlled redundancy at symbol level is an effective way to mitigate hostile jamming in OFDM systems.
    Global Communications Conference (GLOBECOM), 2012 IEEE; 01/2012
  • Di Tang, Tongtong Li, Jian Ren
    [Show abstract] [Hide abstract]
    ABSTRACT: SEAR is a novel secure and energy aware routing protocol proposed to address the energy balance and routing security through a balanced energy consumption and probabilistic random walking. Recently, a quantitative security measurement scheme for source-location privacy based on source-location disclosure index (SDI) and source-location space index (SSI) has been proposed. In this paper, we first derive a numerical formula to quantitatively estimate the routing efficiency through the number of routing hops for a given routing security level. We then consider the reverse problem: For a given routing cost factor, how to determine the maximum security level for a message to be transmitted. Our simulation results demonstrate that the theoretical results provide a very tight estimation of the actual routing hops for various security parameters. Finally, we prove that the SEAR scheme can provide provable security under the quantitative security measurement criteria.
    Communications (ICC), 2012 IEEE International Conference on; 01/2012

Publication Stats

246 Citations
57.65 Total Impact Points

Institutions

  • 2003–2014
    • Michigan State University
      • Department of Electrical and Computer Engineering
      Ист-Лансинг, Michigan, United States
  • 2008–2011
    • University of Missouri - Kansas City
      • Department of Computer Science and Electrical Engineering
      Kansas City, Missouri, United States
  • 2010
    • Temple University
      • Department of Computer and Information Science
      Philadelphia, Pennsylvania, United States