On-Ching Yue

The Chinese University of Hong Kong, Hong Kong, Hong Kong

Are you On-Ching Yue?

Claim your profile

Publications (30)2.62 Total impact

  • Ka Chun Lam, Wing Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: In order to spread malware more effectively, hackers have started to target popular social networking services (SNS) due to the inherent trust-relationship between the SNS users and the interactive nature of the services. A common attacking approach is for a malware to automatically login using stolen SNS user credentials and then deliver malicious weblinks (Uniform Resource Locators (URLs)) to the people on the contact/friend-list of the stolen user account by embedding them in some short messages. The victim then gets infected by clicking on the links thought to be delivered by their friends. However, for this approach to be effective, the malware has to mimic human-like behavior which can be quite challenging for anything beyond one or two-liner conversations. In this paper, we introduce Hitchbot, which uses a stealthier way to deliver malicious URLs by hitch-hiking on legitimate conversations among SNS users. In particular, when a SNS user sends a web-link/URL to his/her friends, Hitchbot will quietly replace it with a similar-looking, but malicious one by intercepting the link at one of the several possible points along the interactive input/output chain of the system. Since the malicious link is delivered within some proper conversation context between the legitimate users, this makes it much more difficult for the victim (as well as the innocent spreader) to realize the attack and thus can increase the conversion rate while reducing the rate of being detected substantially. The social hitch-hiking approach also enables Hitchbot to bypass most existing defense schemes which mainly rely on anomaly detection for user- behavior or application/network traffic pattern. As a proof of concept, we have implemented Hitchbot as a client-based module to hitch-hike on common social networking services including the Yahoo and Microsoft Messaging clients and other web-browser-based social networking services such as Facebook and Myspace. To quantify the effectiveness of Hitchbot, we have conducted experiments to measure the behavior of users in exchanging, handling and operating on URLs. Possible defense schemes for detecting social hitch-hiking attacks are also discussed.
    Proceedings of the Global Communications Conference, GLOBECOM 2011, 5-9 December 2011, Houston, Texas, USA; 01/2011
  • Chi-ho Lam, Wing Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: Recently, several Traffic Digest-based Network Monitoring schemes including, Datalite[24], Proportional Union (Pu) [9] and the Quasi Maximum Likelihood approach (Qmle) [8] have been proposed to support distributed traffic measurement and analysis (TMA) for high-speed packet networks in general and network-wide Origination-Destination-pair-based Flow measurement estimation in particular. In these schemes, traffic flows defined by their O–D pair are mapped into a single traffic digest (TD) for measurement as they traverse through a monitoring point. It has been observed that the relative estimation error caused by such single-TD approach is significant for low-volume flows (mice) when they share the link with other large volume ones (elephants), which is quite common in practice. In this paper, we propose to enhance existing TD-based distributed traffic monitoring schemes by taking a localized optimal TD splitting strategy: flows sharing the same link are partitioned and mapped into different sub-TDs according to their previously estimated flow volume. By avoiding the mixing of “mice” and “elephant” flows in a single TD, we can significantly reduce the “noise-to-signal” ratio experienced by the former. Moreover, it can be shown that the reduction in such “noise-to-signal” ratio is more than enough to offset the negative effect caused by reduction in TD memory size for each sub-group (since the total memory size required across all sub-TDs is kept to be the same as that of the single-TD approach without splitting). We have derived analytical expressions of the optimal splitting threshold by minimizing the resultant maximum relative error of the flows sharing a link under various traffic distributions. Our simulation results using empirical traffic traces show that, with single-level TD-splitting, we can reduce the r.m.s. relative estimation error of all flows by 8–76%, depending on the baseline TMA scheme. More importantly, this can be translated to 15–94% savings in TD memory size while maintaining the same estimation error requirement. We also show that, by applying localized multi-level TD-splitting, further savings can be realized at the expense of additional implementation complexity.
    Computer Networks. 01/2011; 55:1379-1393.
  • Source
    Kin-Fai Li, Wing-Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: Dynamic Spectrum Access (DSA) networks can achieve higher spectrum efficiency by exploring the unused spectrum in licensed band. Most of the existing work focuses on maximizing the spectrum utilization while ignoring the immediate influence from the primary (licensed) users to the DSA traffic flows generated by secondary (often unlicensed) users. In this paper, we focus on providing reliability (in terms of a probabilistic life-time guarantee) to the DSA flows. We first propose 3 protection schemes, which provide different levels of pre-planned reliability to an end-to-end DSA flow. We will quantify the lifetime distributions of an end-to- end path in a DSA network under the aforementioned protection schemes. Based on our analysis of the end-to-end path lifetime distribution, various route selection algorithms are proposed to find paths with long lifetime under the corresponding protection scheme. Through simulations, we quantify the tradeoffs between required network capacity and uninterrupted call duration of DSA flows under different route selection algorithms.
    Proceedings of IEEE International Conference on Communications, ICC 2010, Cape Town, South Africa, 23-27 May 2010; 01/2010
  • Ho Yan Suen, Wing Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: Web access logs contain information which can be converted to represent the access history of individual users. A large number of essential attributes can be extracted from the access history. For example, the access counts of each webpage, the occurrence of different webpage access sequences and the time spent between consecutive accesses. Each of the above attributes represents a dimension in the feature space, and all the attributes together form a very high dimension space. Diffusion Wavelets can efficiently project the high dimensional data onto a low-dimensional space according to the correlations between various attributes, so that common anomaly detection algorithms can be applied. In this paper, we propose a system which leverages this technique to differentiate web-access requests generated by Denial of Service (DoS) attacks from legitimate ones. We demonstrate the effectiveness of the proposed system via simulation studies using real-world web access logs. For a simulated HTTP flooding attack which creates a 1000% overload at the web-server, the proposed scheme can reduce the ratio of the attack-to-legitimate requests admitted by the server from 200:1 to 30:1 so that more than 55% of the legitimate requests can still receive proper services under such a severe DoS attack.
    Proceedings of IEEE International Conference on Communications, ICC 2010, Cape Town, South Africa, 23-27 May 2010; 01/2010
  • Wai-Kit Sze, Wing Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: A fast RFID counting algorithm with performance guarantee can be used as a fundamental building block for other more sophisticated RFID query protocols and operations. Recently, Kodialam et. al. propose various low-latency RFID counting schemes with accuracy guarantees based on a probabilistic counting approach which does not require explicit identification of individual tags. However, the proposed schemes all assume a perfect communication channel between the reader and the tags which is unlikely to be true in practice. On the contrary, as demonstrated by recent empirical measurement studies, the radio communications between an RFID reader and a set of seemingly "in-range" tags are rather non-deterministic and can even be unreliable at times due to varying radio conditions. In this paper, we extend the algorithms in by taking into account the effects of radio channel unreliability. By modeling the spatial distribution of tags and the corresponding channel fading effects, we analyze the new requirements on the algorithm parameters used in (e.g. number of reader polling cycles, frame-size and persistent probability) in order to achieve a desired level of estimation accuracy. Another key observation is that, unlike the perfect channel case where one can indefinitely reduce the estimation error by increasing the number of reader polling cycles, with an unreliable radio channel, there is a lower-bound on the estimation error due to the inherent variation in the spatial distribution of the tags and the radio channel conditions. Towards this end, we have derived an expression for this lower-bound. We also demonstrate the efficacy of our analytical results and their corresponding guarantees in estimation accuracy via an simulation study.
    Proceedings of IEEE International Conference on Communications, ICC 2009, Dresden, Germany, 14-18 June 2009; 01/2009
  • Wee Lum Tan, Wing Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: Drive-thru Internet systems are multiple-access wireless networks in which users in moving vehicles can connect to a road-side access point (AP) to obtain Internet connectivity for some period of time as the vehicles pass through the AP's coverage range. In order to evaluate the type of communication services and the quality-of-service that these systems can provide, in this paper, we investigate the data communication performance of a vehicle in Drive-thru Internet systems. In particular, we derive practical analytical models with tractable solutions to characterize the average and the distribution of the number of bytes downloaded by a vehicle by the end of its sojourn through an AP's coverage range, in the presence of other vehicles contending for the same AP's resources. Our models are able to quantify the impact of road traffic density, vehicle speed, service penetration rate, AP's transmission range and the corresponding bit rate, on the amount of data downloaded by an individual vehicle. In terms of analysis technique, we map the study of our vehicular data downloading process into the transient analysis of a series of Markov reward processes. Our use of Markov reward model is novel in the sense that we only select from the corresponding Markov chain, a subset of relevant sample paths that matches the required behavior of our vehicular flow model. Using simulations, we also perform sensitivity analysis to verify our modeling assumptions. We believe our work offers a unique analytical framework based on which the interplay between vehicular traffic parameters and a vehicle's data communication performance in a Drive-thru Internet system can be studied and optimized in a systematic, quantitative manner.
    Proceedings of the Sixth International Workshop on Vehicular Ad Hoc Networks, VANET 2009, Beijing, China, September 25, 2009; 01/2009
  • [Show abstract] [Hide abstract]
    ABSTRACT: Opportunistic routing significantly improves the average progress per transmission over unicast routing by leveraging the opportunistic receptions of multiple potential forwarders in wireless mesh networks. Prior studies mainly focus on networks with omni-directional antenna only. Our previous work suggests that not every node contributes equally in a transmission. By concentrating the beam energy at a particular direction, directional antennas may further improve the performance of opportunistic routing in multi-hop wireless networks. In this paper, we derive an analytical model which allows the incorporation of various node distribution models, radio channel models and antenna models to evaluate the average progress per transmission. It is found that a directional antenna with high directivity does not always improve the performance of opportunistic routing and an optimal beamwidth exists for each particular network. When compared to the case of omni-directional antenna, a directional antenna with optimal beamwidth and direction settings can achieve 30 to 50% performance gain, in terms of average progress per transmission, under typical network configurations. Moreover, such performance gain can be as high as 100% for radio propagation environments where the packet reception probabilities fall off slowly with distance.
    INFOCOM 2009. 28th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, 19-25 April 2009, Rio de Janeiro, Brazil; 01/2009
  • Sai Kit Chui, On-Ching Yue, Wing Cheong Lau
    [Show abstract] [Hide abstract]
    ABSTRACT: A critical performance issue in providing VoIP service over wireless LANs is the voice packet delay due to handoffs as the user roams across different radio coverage regions. Most the recent research has focused on proactive approaches where control messages are transmitted from the mobile to prepare the access point and the other network nodes before the actual handoff occurs. Consequently, there is an increase in handoff control message traffic which will reduce the wireless LAN capacity to provide VoIP service. In this paper, we present a model for analyzing the effect of handoff control messages on the network capacity. To model the special "ON-OFF" characteristic of the voice sources in the real world, the Markov Modulated Poisson Process Model (MMPP) is used in the analysis. We assume that the control messages have higher priority than voice packets so that the service for voice packets also has an "ON-OFF" characteristic. The MMPP/MMPP/1 model was analyzed for different traffic characteristics (arrival rate and message lengths) depending on the handoff scheme used by the mobile stations in the network. For example, we show that the VoIP system capacity is reduced by 23% when the utilization of the control traffic is 4%. This analysis can provide a useful framework for the future development of different handoff schemes, trading off the higher success rate of handoff and decrease in network capacity.
    Wireless Conference, 2008. EW 2008. 14th European; 07/2008
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Recently, the idea of opportunistic routing has been widely explored to improve the performance of multi-hop wireless mesh networks. Most of the previous studies use simulations or empirical measurements to evaluate the performance gain of opportunistic routing and therefore are limited to relatively few types of scenarios. In this paper, we take an analytical approach to study the potential gain of opportunistic routing in multi- hop wireless networks. Unlike other analytical studies which use a deterministic channel model, our approach captures the key characteristics of opportunistic routing, i.e. its ability to take advantage of the numerous, yet unreliable wireless links in the network in a probabilistic manner and study the effectiveness of opportunistic routing under diverse radio propagation environment using lognormal shadowing and Rayleigh fading models. Our results show that, under typical network configurations and neglect overhead, the average progress per transmission of opportunistic routing in lognormal shadowing (Rayleigh fading) environment is about 3 (1.5) times higher than that of traditional unicast routing. Finally, we also demonstrate the potential benefits of using different forwarding regions and directional antennas in opportunistic routing.
    Communications, 2008. ICC '08. IEEE International Conference on; 06/2008
  • Source
    Kin-Fai Li, Wing-Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: Cognitive radio (CR) technology can achieve higher spectrum efficiency by exploring the unused spectrum in licensed band. Most of the existing work focuses on maximizing the spectrum utilization but ignores the immediate influence from primary users to network throughput. In this paper, we investigate the importance of planned link restoration in cognitive radio networks. We formulate the link restoration problem as an integer programming problem. By considering both channel assignment and interference between links, the link through-put can be guaranteed even when primary users appear, and therefore can provide the needed reliability for real-time wireless applications. We consider a link failure model which captures the induced link failures from multiple primary users operating on one frequency channel. Under this failure model, our algorithm explores the sharing of backup capacity. We compare our algorithm to two baseline restoration schemes. Our algorithm performs very well in terms of capacity usage and throughput reliability. By reserving 24.8% of network capacity, our algorithm meets the guarantee requirement in all simulation cases, while "no restoration" just meets the guarantee requirement in 50.8% of all simulation cases.
    Communications, 2008. ICC '08. IEEE International Conference on; 06/2008
  • Source
    Yin-Ki Ip, Wing-Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: The delay performance of delay tolerant networks (DTN) can be improved by adding or replacing mobile nodes with higher mobility or transmit power. In this paper, we examine the design trade-offs in heterogeneous DTNs with two types of mobile relay nodes: normal and super. First we present the range of parameters in the Random Direction (RD) mobility model in which we have validated the Markovian assumption on the node inter-encounter intervals. Next, we describe the two-dimensional continuous time Markov chain (CTMC) model with absorption state, used for evaluating the performance of the heterogeneous DTNs. We demonstrate that the performance improvement of adding super nodes is not linear. For example, replacing 10% of the normal nodes with super nodes ones can achieve 40% of the delay reduction versus replacing all of them. Finally, Fluid Flow Approximation (FFA) and Moment Closure Methods for solving the CTMC with various error rates (about 10%) were developed to allow faster analysis of networks with large number of nodes.
    Communications, 2008. ICC '08. IEEE International Conference on; 06/2008
  • Source
    Ka-Hung Hui, On-Ching Yue, Wing-Cheong Lau
    [Show abstract] [Hide abstract]
    ABSTRACT: We propose FRASA, Feedback Retransmission Approximation for Slotted ALOHA, to study the stability region of finite-user slotted ALOHA under collision channel. With FRASA, we derive in closed form the boundary of the stability region for any number of users in the system, which is shown to be accurate via simulations. We use convex hulls and supporting hyperplanes to construct convex and piece-wise linear outer and inner bounds on the stability region of FRASA respectively to facilitate network optimization. We hope the analytical findings with FRASA can provide more insights on the characterization of the capacity region of other types of wireless random access networks, and enable traffic engineering with linear constraints in the design of wireless mesh networks.
    Network Protocols, 2007. ICNP 2007. IEEE International Conference on; 11/2007
  • Source
    Ka-Hung Hui, Wing-Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: We study the stability of finite-user infinite-buffer slotted ALOHA with partial interference. For the case of two users, there is a gradual, transition from the collision channel to the orthogonal channel when the link separation increases. The stability region can be either convex or nonconvex, depending on the link separation and the transmission probability vector. A partial characterization on the boundary of the stability region in closed form for the case of general number of users is also given. We hope this work can provide insight in designing traffic engineering algorithms in wireless mesh networks with practical random access protocols like 802.11.
    Personal, Indoor and Mobile Radio Communications, 2007. PIMRC 2007. IEEE 18th International Symposium on; 10/2007
  • Source
    Ka-Hung Hui, Wing-Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: In evaluating the performance of a wireless network, the interference between wireless links plays a key role. In previous works, interference was assumed to be a binary phenomenon, i.e., either the links mutually interfere with each other, or they do not interfere. However, there were experimental results contradicting this binary assumption. We term this as partial interference . In this paper, we present an analytical framework to characterize partial interference in a single-channel wireless network under unsaturated traffic conditions, and use 802.11b with basic access scheme and differential binary phase shift keying as an illustration. An analogy is drawn between partial interference and code division multiple access to demonstrate their similarities. The gain in capacity across unit cut by exploiting partial interference can be as high as 67% under scheduling in a modified Manhattan network.
    Communications, 2007. ICC '07. IEEE International Conference on; 07/2007
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Real-time traffic has stringent delay requirement. However, bandwidth limited and error-prone wireless networks often show significant delay jitter. Traditional packet discarding schemes designed for high speed wired networks, such as random early detection (RED), are inadequate for wireless networks with high latency and delay variability. This paper describes an analytical framework for designing lifetime packet discard policies and proposes the channel state aware packet discard on expiration likelihood (CAPEL) algorithm, which only admits packets with expiration likelihood below a predefined requirement. Its effectiveness for improving goodput is quantified under a time varying channel modeled by the Markov-modulated Poisson process (MMPP). In addition, we use Gamma distribution to approximate the conditional system time distribution under the MMPP channel. It is verified to be accurate by simulation.
    Communications, 2007. ICC '07. IEEE International Conference on; 07/2007
  • Yin-Ki Ip, Wing Cheong Lau, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: Disruption tolerant network (DTN) refers to the type of sparse mobile ad hoc network where the nodes are connected intermittently. A common strategy to cope with intermittent network connectivity is to use multiple-copy routing for message delivery. However, the resultant replicates of messages incur significant burden on the bandwidth and storage requirements of each node. In this paper, we investigate the effect of excessive message-replications in multiple-copy routing in DTNs under communication bandwidth and buffer constraints. By modeling the message delivery process as a Markov chain, we first analytically derive the delivery latency as a function of message-replication limit for the single-message-delivery case. The performance of the multiple-message-multiple-flow case is then evaluated via extensive simulations. For the latter, we observe that there is an optimal value for the message-replication limit of each message beyond which network performance will degrade. Finally, we propose an alternative forwarding and message-dropping strategy to address the problem of unfairness found in the basic FIFO-with-blocking strategy. Our results show that the average message delivery delay can be reduced by as much as 25% with the proposed scheme.
    Proceedings of the 65th IEEE Vehicular Technology Conference, VTC Spring 2007, 22-25 April 2007, Dublin, Ireland; 01/2007
  • Ching-Wan Yuen, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: Real-time packets are not useful to the receiver if they cannot arrive at the destination within their lifetimes. Discarding packets that are likely to expire after being delivered over the wireless link can increase network efficiency. However, due to delay and bit rate variability of 3G networks, a fixed threshold for packet lifetime discard is not adequate to achieve good throughput under dynamic channel conditions. This paper proposes a channel state dependent (CSD) lifetime packet discard policy. Considering ARQ retransmission as the dominant cause of delay variation and bit rate transitions, a four-state Markov model is used to study the performance of the CSD discard scheme. It is shown that the CSD approach yields better goodput than the channel state indifferent (CSI) approach. Since the scheme relies on accurate estimation of the channel state, impact of delayed knowledge of the channel state is also discussed
    Proceedings of the 63rd IEEE Vehicular Technology Conference, VTC Spring 2006, 7-10 May 2006, Melbourne, Australia; 01/2006
  • Sai Kit Chui, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: With layer 2 and 3 handover algorithms, wireless LAN can allow users to roam between different access points without breaking the connection to the Internet. However, one of the biggest problems in roaming is the latency in the handoff process. Recently, Ramani and Savage (2005) have proposed a new scheme called SyncScan which can reduce the overall handoff latency in layer 2 by more than 80%. However, this scheme assumes that the beacon transmission schedule among the access points is known a priori, and the beacons are transmitted on time. In this paper, we will propose a self-organized access point coordination system to generate and maintain a conflict-free beacon transmission schedule. Also, we will present a performance evaluation of the SyncScan scheme by studying the effect of beacon transmission delay due to data traffic, and mobility on handover performance
    Proceedings of the 63rd IEEE Vehicular Technology Conference, VTC Spring 2006, 7-10 May 2006, Melbourne, Australia; 01/2006
  • Source
    Hsuan-Jung Su, On-Ching Yue
    [Show abstract] [Hide abstract]
    ABSTRACT: The rapid growth of wireless communication networks has provided subscribers with economical, and nearly ubiquitous, wireless access throughout the world. As a result, not only individual subscribers but also subscribers in government and public organizations have become dependent on commercial wireless services to perform their duties. With this said, commercial wireless services have become a more cost-effective means to assist national security and emergency preparedness as compared to the costly development of a private network. Sharing with commercial wireless services, however, could result in the blocking of security or emergency calls during or after a disaster when heavy traffic demand is placed on the surviving systems. We discuss enhancements to the mobile stations that make user initiated priority access possible. These enhancements can operate with or without the priority access provisioned in current or ongoing standards, and the additional complexity they impose is very marginal. With the combination of these enhancements, different levels of emergency call service can be provided to guarantee the success of emergency calls and shorten their setup time.
    Vehicular Technology Conference, 2004. VTC 2004-Spring. 2004 IEEE 59th; 06/2004
  • [Show abstract] [Hide abstract]
    ABSTRACT: UMTS radio link control (RLC) contains a suite of features and options that make it a challenging task for performance evaluation. We develop a periodic-polling-based retransmission model to analyze the RLC protocol. We derive the evolution of the queue length distribution that can be used to construct a Markov chain. While the task of obtaining a closed-form solution for this Markov chain given a general set of system parameters seems to be formidable, we have been able to obtain a closed-form solution for the average system occupancy for some interesting special cases. To validate the efficacy of the analytical model, we perform numerical calculation on the upper and lower bounds of the average packet delay and compare it with the simulation results. The results show that the lower bound derived is very tight.
    Global Telecommunications Conference, 2002. GLOBECOM '02. IEEE; 12/2002