Weibo Gong

University of Massachusetts Amherst, Amherst Center, Massachusetts, United States

Are you Weibo Gong?

Claim your profile

Publications (97)39.7 Total impact

  • [Show abstract] [Hide abstract]
    ABSTRACT: The main duty of key management is to keep cryptographic keys in secret. However, it is difficulty to quantitatively assess that how well does a key management scheme protect the keys. In this paper, we propose to use reliability theory, which was mainly used to evaluate performance persistence for engineering systems, to estimate the performance of key management schemes. The reliability analysis leads to counter-intuitive results such as the widely deployed periodic key update scheme is ineffective when key thefts are possible. The analysis also shows that using password with an electronic security token for authentication is a strong security measure in the beginning but is unreliable in the long run. In general, the reliability analysis demonstrates that current key management schemes focus too much on postponing the first key theft from occurring but lack of considerations on quickly recovering stolen keys. In the later part of this paper, we discuss possible directions that may improve the reliability of key management schemes.
    No preview · Conference Paper · Jun 2014
  • Sheng Xiao · Weibo Gong · Don Towsley
    [Show abstract] [Hide abstract]
    ABSTRACT: This chapter extends the discussion of dynamic secrets from the secure communication between Alice and Bob to the cryptographic key management in a large scale networked environment. The deployment cost, the management complexity, and the scalability issues are addressed. Specifically, this chapter chooses the smart grid as the application scenario to explore the practicality of the key management scheme based on dynamic secrets. Smart grid is an emerging infrastructure and the directions have been changing constantly. In this chapter we make a primitive proposal for certain aspects of smart grid security assuming wide use of wireless communication devices. The smart grid is a vital integration of the traditional power grid and a communication network that enables real time information sharing and control across the grid. The communication capability among grid devices enables higher power utilization efficiency for the smart grid than the traditional power grids. However, it is challenging to architect a secure communication infrastructure to protect the smart grid from cyber-physical security threats. One major challenge is to design an efficient, scalable cryptographic key management scheme (KMS) for smart grid communication networks. A smart grid can contain millions of nodes in its communication network. These nodes can be remotely scattered, even in areas where the accessibility is severely limited, e.g. in a high latitude region where snow blocks the access road to some smart grid nodes in winter months. Such a network environment is unlike that found in typical computer network. A KMS designed for a traditional computer network will encounter performance hurdles or even be infeasible when directly applied to a smart grid communication network. This chapter presents a dynamic key management scheme (DKMS) as a lightweight, scalable key management solution for the smart grid communication network.
    No preview · Chapter · Jan 2014
  • Source
    Ting Zhu · Sheng Xiao · Yi Ping · Don Towsley · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: Due to volatile and rising energy prices, smart microgrids appear to be increasingly popular. Instead of one centrally located power plant, the microgrids will rely on solar panels and wind turbines on every house sharing renewable energy among houses. How to efficiently and optimally share energy is a challenging problem. In order to efficiently share renewable energy, routing protocols in the data network are needed, which introduces another design challenge that is how to feasibly detect and defend the major attacks against routing protocols for smart microgrids. Most of the existing secure routing protocols for other networks (such as ad hoc networks) either ignore the most challenging internal attacks such as spoofed route signaling and fabricated routing messages, or have often produced inefficient security mechanisms. In this paper, we develop a novel secure energy routing mechanism (SERM) for securely and optimally sharing renewable energy in smart microgrids. SERM detects most internal attacks by using message redundancy. The simulation results have demonstrated the effectiveness of our proposed secure energy routing mechanism.
    Full-text · Article · Oct 2011
  • Ruixi Yuan · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: The ever increasing complexity of the Internet has made it impossible to effectively manage the Internet infrastructure. In this paper, we argue that the increased complexity was due to the “random accidents” introduced throughout the evolution of the Internet, such as ad-hoc based routing, cross-layer optimizations. These ad-hoc events increased the vulnerability and degraded the manageability of Internet. We also propose a new framework for network design and deployment, termed “assurable communication networks (ACNs)” that places the manageability in the center in network architecture. We suggest that rigorous mathematical model be developed for the measurement on the impact of manageability and accountability. Keywordsnetwork architecture–complexity–manageability–measurement
    No preview · Article · Sep 2011 · Frontiers of Electrical and Electronic Engineering in China
  • Source
    Yan Cai · Tilman Wolf · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: Packet losses in the network have a considerable performance impact on transport-layer throughput. For reliable data transfer, lost packets require retransmissions and thus cause very long delays. This tail of the packet delay distribution causes performance problems. There are several approaches to trading off networking resources up-front to reduce long delays for some packets (e.g., forward error correction, network coding). We propose packet pacing as an alternative that changes traffic characteristics favorably by adding intentional delay in packet transmissions. This intentional delay counters the principle of best effort but can reduce the burstiness of traffic and improve overall network operation - in particular in network with small packet buffers. As a result, pacing improves transport-layer performance, providing a tradeoff example where small amounts of additional delay can significantly increase connection bandwidth. We present a Queue Length Based Pacing (QLBP) algorithm that paces network traffic using a single queue and that can be implemented with small computational and memory overhead. We present a detailed analysis on delay bounds and the quantitative impact of QLBP pacing on network traffic. Through simulation, we show how the proposed pacing technique can improve connection throughput in small-buffer networks.
    Preview · Article · Jun 2011 · IEEE Journal on Selected Areas in Communications
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Traffic burstiness is known to be undesirable for a router as it increases the router’s queue length and hence the queueing delays of data flows. This poses a security problem in which an attacker intentionally introduces traffic burstiness into routers. We consider a correlation attack, whose fundamental characteristic is to correlate multiple attack flows to generate synchronized small attack bursts, in an attempt to aggregate the bursts into a large burst at a target router.In this paper, we develop an analytical, fluid-based framework that models how the correlation attack disrupts router queues and how it can be mitigated. Using Poisson Counter Stochastic Differential Equations (PCSDEs), our framework captures the dynamics of a router queue for special cases and gives the closed-form average router queue length as a function of the inter-flow correlation. To mitigate the correlation attack, we apply our analytical framework to model different pacing schemes including Markov ON–OFF pacing and rate limiting, which are respectively designed to break down the inter-flow correlation and suppress the peak rates of bursts. We verify that our fluid models conform to packet-level ns2 simulation results.
    Full-text · Article · Feb 2011 · Computer Networks
  • [Show abstract] [Hide abstract]
    ABSTRACT: We present a new virtual indexing method for estimating host connection degrees for high speed links. It is based on the virtual connection degree sketch where a compact sketch of network traffic is built by generating the associated virtual bitmaps for each host. Each virtual bitmap consists of a fixed number of bits selected randomly from a shared bit array by a new method for recording the traffic flows of the corresponding host. The shared bit array is efficiently utilized by all hosts since its every bit is shared by the virtual bitmaps of multiple hosts. To reduce the “noise” contaminated in a host's virtual bitmaps due to sharing, we propose a new method to generate the “filtered” bitmap used to estimate host connection degree. Furthermore, it can be easily implemented in parallel and distributed processing environments. The experimental and testing results based on the actual network traffic show that the new method is accurate and efficient.
    No preview · Conference Paper · Jan 2011
  • Yan Cai · Tilman Wolf · Weibo Gong

    No preview · Article · Jan 2011
  • Yong He · Xiaojun Ma · Jie Sun · Ruixi Yuan · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: 802.11e HCCA (Hybrid coordination function Controlled Channel Access) exhibits good QoS provisioning for constant bit rate (CBR) video streams in a single collision domain. However, its performance degrades significantly for variable bit rate (VBR) video streams particularly in multi-collision domains. In addition, HCCA has the disadvantage of high complexity. In this paper, we introduce a deterministic backoff (DEB) method into the HCCA mechanism, which achieves virtual polling via carrier sense on the wireless channel. DEB inherits the merit of HCCA that achieves near collision-free channel access in single collision domain. It also exhibits robust performance in multi-collision domains. Simulation results show that DEB supports well both CBR and VBR video streams.
    No preview · Conference Paper · Jun 2010
  • A. Kadrolkar · R.X. Gao · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents an energy-efficient method for data transmission through improved data compression, based on the Walsh transform. The research is motivated by the need for optimal service life of wireless sensor networks, where individual sensor nodes are constrained by limited energy resources. A method of dynamically scaling sensor signals utilizing Walsh functions for data compression is presented. Theoretical background of the method is introduced, and its effectiveness is established through experimental study of electro-cardiogram (ECG) and bearing vibration signals. Results indicate that the method enables significant saving in the energy expenditure during wireless signal transmission.
    No preview · Conference Paper · Jun 2010
  • Yong He · Ruixi Yuan · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: In recent years, a series of power saving (PS) protocols has been proposed in the family of 802.11 standards to save energy for mobile devices. To evaluate their performance, many works have been carried out on testbeds or simulation platforms. However, till now, there is a lack of accurate theoretical models to analyze the performance for these protocols. In an effort to fill this gap, we present a Markov chain-based analytical model in this paper to model these PS protocols, with its focus on multicast services in wireless LANs. The proposed analytical model successfully captures the key characteristic of the power saving system: the data delivery procedure starts periodically at the previously negotiated time, but ends at a rather random time with its distribution depending on the end time of data delivery in the last delivery period as well as the arrival rate of incoming traffic. In the situations with light to moderate traffic loads and under the Poisson assumption for incoming traffic, the amount of data delivered between consecutive delivery periods possesses the Markov property, which builds up our Markov chain-based model. For incoming traffic with long-range dependence (LRD), a multistate Markov-Modulated Poisson Process (MMPP) is used to approximate the traffic, making the analytical model valid in more general cases. We verify our model by simulations on ns2 and the results show that the model can faithfully predict the performance of these PS protocols over a wide variety of testing scenarios.
    No preview · Article · May 2010 · IEEE Transactions on Mobile Computing
  • Yong He · Jie Sun · Ruixi Yuan · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: QoS provisioning for video streaming over 802.11 home networks is challenging due to the tight bandwidth and delay constraints. Currently, both 802.11e HCCA and EDCA have their disadvantages when delivering video over 802.11 networks. EDCA exhibits degraded QoS performance for increased number of stations, while HCCA has high complexity, and also suffers from the impact of inter-cell interference. In this paper, we propose a new backoff mechanism which is fundamentally different from traditional random backoff methods in 802.11. The mechanism achieves resource reservation by reusing one or multiple time slots for transmission in consecutive backoff cycles. The basic idea is borrowed from R-ALOHA, but several modifications are made to allow it to work in the context of CSMA network. An additive increase multiplicative decrease based algorithm is proposed to control resource allocation for video streaming in the 802.11 network. Theoretical analysis and numerical simulations are conducted to validate the effectiveness of the method and the algorithm.
    No preview · Article · May 2010 · IEEE Journal on Selected Areas in Communications
  • Source
    Sheng Xiao · Weibo Gong · D. Towsley
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper introduces a set of low-complexity algorithms that when coupled with link layer retransmission mechanisms, strengthen wireless communication security. Our basic idea is to generate a series of secrets from inevitable transmission errors and other random factors in wireless communications. Because these secrets are constantly extracted from the communication process in realtime, we call them dynamic secrets. Dynamic secrets have interesting security properties. They offer a complementary mechanism to existing security protocols. Even if the adversary exploits a vulnerability and steals the underlying system secret, security can be automatically replenished. In many scenarios, it is also possible to bootstrap a secure communication with the dynamic secrets.
    Full-text · Conference Paper · Apr 2010
  • Yan Cai · Bo Jiang · Tilman Wolf · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: For the optical packet-switching routers to be widely deployed in the Internet, the size of packet buffers on routers has to be significantly small. Such small-buffer networks rely on traffic with low levels of burstiness to avoid buffer overflows and packet losses. We present a pacing system that proactively shapes traffic in the edge network to reduce burstiness. Our queue length based pacing uses an adaptive pacing on a single queue and paces traffic indiscriminately where deployed. In this work, we show through analysis and simulation that this pacing approach introduces a bounded delay and that it effectively reduces traffic burstiness. We also show that it can achieve higher throughput than end-system based pacing.
    No preview · Conference Paper · Mar 2010
  • Source
    Yan Cai · Yong Liu · Weibo Gong · Tilman Wolf
    [Show abstract] [Hide abstract]
    ABSTRACT: Traffic burstiness has a significant impact on network performance. Burstiness can cause buffer overflows and packet drops and is particularly problematic in the context of small-buffer networks, which have been considered as a building block of the optical core infrastructure in the future Internet. To permit efficient operation of such networks, network traffic has to be ¿paced¿ by transmitting end-hosts or access links to avoid buffer overflows in the core. In this paper, we analyze the impact of traffic pacing on network performance using perturbation analysis. In particular, we study the impact of traffic burstiness on buffer occupancy of a tandem queueing network with infinite buffers. The input traffic is modeled as a marked point process which has the inter-arrival time and workload distributions containing scale parameters. Our results show that arrival traffic burstiness has a linear impact on the buffer occupancies. This linear relationship provides quantitative insight on the benefits of traffic pacing and thus provides understanding of how to improve the efficiency of small-buffer routers in the next-generation Internet.
    Preview · Conference Paper · Jan 2010
  • Sheng Xiao · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: Security becomes a prominent issue for mobile cloud computing since valuable information moves to the cloud. An important security problem is how the users identify themselves to the cloud. If an attacker is capable of faking or stealing user credentials, such as passwords and digital certificates, current security measures are not sufficient to safe-guard user’s valuable information in the cloud. This paper proposes a set of light weight algorithms to generate dynamic credential to defend against such powerful attackers. Many communication randomness, like the user mobility, were commonly believed harmful for security. In this paper, they are converted to helpful elements to generate dynamic credentials. Dynamic credential introduces interesting security properties.
    No preview · Conference Paper · Jan 2010
  • Sheng Xiao · Weibo Gong · Don Towsley
    [Show abstract] [Hide abstract]
    ABSTRACT: Uncertainty is the pseudonym for many unfavorable effects in both wired and wireless communications. When uncertainty presents itself, a receiver suffers from information loss and communication efficiency is limited. Moreover, an adversary eavesdropping on the communication also faces inevitable information loss. This information loss can be utilized by legitimate users for security purposes. In this paper, we introduce the framework of utilizing adversary's information loss as a security measure. Moreover, we propose a set of light-weight algorithms to generate a series of hash values, namely dynamic secrets, from communication traffic and then apply dynamic secrets to secure the communications.
    No preview · Article · Jan 2010 · Circuits, Systems and Computers, 1977. Conference Record. 1977 11th Asilomar Conference on
  • Yong He · Ruixi Yuan · Jie Sun · Weibo Gong
    [Show abstract] [Hide abstract]
    ABSTRACT: In this paper, we propose a semi-random backoff (SRB) mechanism to combat network collisions for 802.11 DCF/EDCA in wireless LANs. SRB is fundamentally different from traditional random backoff methods because it provides a form of resource reservation at no extra cost. The key idea of SRB is to set the backoff counter to a deterministic value upon a successful transmission. This allows a station to reuse a time slot in consecutive backoff cycles without colliding with other stations, thus achieving resource reservations. In cases of failed transmissions due to network collisions or channel errors, SRB automatically reverts to the standard random backoff method. SRB can be readily applied to both 802.11 DCF and 802.11e EDCA networks with minimum modification to the existing DCF/EDCA implementations. Theoretical analysis and simulations are conducted to evaluate this new method and our results validate its good performance in small to middle-sized 802.11 wireless LANs.
    No preview · Conference Paper · Nov 2009
  • [Show abstract] [Hide abstract]
    ABSTRACT: Demands for high data rate communication in an indoor environment require innovations on high speed and energy efficient channel equalizer designs. In this paper, we propose a `semi-analog' channel equalizer with high power efficiency and fast processing speed for 60 GHz channels. The proposed system consists of a channel estimator and a multipath canceler. The channel estimator uses a prolate spheroidal wave function (PSWF) with low peak-to-average power ratio (PAPR) to provide an accurate estimation of channel parameters, based on which the multipath canceler removes reflected signals due to multipath. We evaluate its performance in terms of bit error rate (BER) considering a real indoor propagation environment at 60 GHz.
    No preview · Conference Paper · Oct 2009
  • Source
    Tilman Wolf · Weibo Gong · Yan Cai
    [Show abstract] [Hide abstract]
    ABSTRACT: Next-generation all-optical packet-switched core networks use very small packet buffers. We argue that it is essential to focus on burstiness rather than bandwidth when conditioning traffic for effective network operation.
    Preview · Conference Paper · Aug 2009

Publication Stats

5k Citations
39.70 Total Impact Points


  • 1993-2014
    • University of Massachusetts Amherst
      • • School of Computer Science
      • • Department of Electrical and Computer Engineering
      Amherst Center, Massachusetts, United States
  • 2010
    • Tsinghua University
      • Department of Automation
      Peping, Beijing, China
  • 2007
    • Institute of Electrical & Electronics Engineers
      United States