Yuan-Cheng Lai’s research while affiliated with National Taiwan University of Science and Technology and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (50)


AI for AI-based intrusion detection as a service: Reinforcement learning to configure models, tasks, and capacities
  • Article

June 2024

·

9 Reads

·

Hao-Xuan Huang

·

·

Yuan-Cheng Lai




Figure 3. Collision, idle, and readable slots subject to the number of appearing tags (note that the curves of KQT and H-QT overlap in (c)). (a) Collision slots, (b) Idle slots, (c) Readable slots.
Figure 5. Total slots and identification time subject to tag ID length. (a) Total slots, (b) Identification time.
A Bit-Tracking Knowledge-Based Query Tree for RFID Tag Identification in IoT Systems
  • Article
  • Full-text available

April 2022

·

64 Reads

·

8 Citations

Sensors

In an IoT (Internet of Things) system where each IoT device has one/many RFID tags, there might be many RFID tags. However, when multiple tags respond to the reader’s interrogation at the same time, their signals collide. Due to the collision, the reader must request the colliding tags to retransmit their IDs, resulting in higher communication overhead and longer identification time. Therefore, this paper presents a Bit-tracking Knowledge-based Query Tree (BKQT), which uses two techniques: knowledge, which stores all the tag IDs that can possibly occur, and bit tracking, which allows the reader to detect the locations of the collided bits in a collision slot. BKQT constructs a query tree for all possible tags, called a k-tree, by using knowledge while it constructs bit-collision cases and the corresponding actions for each node in this k-tree by using bit tracking. In the identification process, BKQT traverses this constructed k-tree and thus identifies the colliding tags faster by taking the actions according to the happening bit-collision cases. From the simulation results, BKQT can improve the identification time by 44.3%, 46.4%, and 25.1%, compared with the previous knowledge-based protocols, Knowledge Query Tree (KQT), Heuristic Query Tree (H-QT), Query Tree with Shortcutting and Couple Resolution (QTSC), respectively.

Download


Figure 4. Experimental topology. Figure 4. Experimental topology.
Figure 9. Accuracy vs. number of switches.
Figure 10. FNR and FPR vs. number of switches.
Used notations.
Identifying Hybrid DDoS Attacks in Deterministic Machine-to-Machine Networks on a Per-Deterministic-Flow Basis

August 2021

·

42 Reads

·

2 Citations

Micromachines

The Deterministic Network (DetNet) is becoming a major feature for 5G and 6G networks to cope with the issue that conventional IT infrastructure cannot efficiently handle latency-sensitive data. The DetNet applies flow virtualization to satisfy time-critical flow requirements, but inevitably, DetNet flows and conventional flows interact/interfere with each other when sharing the same physical resources. This subsequently raises the hybrid DDoS security issue that high malicious traffic not only attacks the DetNet centralized controller itself but also attacks the links that DetNet flows pass through. Previous research focused on either the DDoS type of the centralized controller side or the link side. As DDoS attack techniques are evolving, Hybrid DDoS attacks can attack multiple targets (controllers or links) simultaneously, which are difficultly detected by previous DDoS detection methodologies. This study, therefore, proposes a Flow Differentiation Detector (FDD), a novel approach to detect Hybrid DDoS attacks. The FDD first applies a fuzzy-based mechanism, Target Link Selection, to determine the most valuable links for the DDoS link/server attacker and then statistically evaluates the traffic pattern flowing through these links. Furthermore, the contribution of this study is to deploy the FDD in the SDN controller OpenDayLight to implement a Hybrid DDoS attack detection system. The experimental results show that the FDD has superior detection accuracy (above 90%) than traditional methods under the situation of different ratios of Hybrid DDoS attacks and different types and scales of topology.


Buffering and prioritization in switches for fast processing table‐miss packets in software‐defined networks

International Journal of Communication Systems

In software‐defined networks, the switch forwards incoming packets according to forwarding rules recorded in the flow entries. When a switch receives a table‐miss packet, meaning no match with any flow entry, it sends this packet as a Packet‐In message to the controller for its further processing. Many Packet‐In messages will cause large overhead and long packet delay. This paper proposes a novel method, Packet‐In Buffering and Prioritization (PIBP), which buffers Packet‐In messages and prioritizes these messages to reduce the number of Packet‐In messages and accelerate their processing, respectively. The concept of PIBP is sending only the first table‐miss packet of each flow to the controller. The other table‐miss packets belonging to the same flow are temporarily stored in the switch. Moreover, these messages have a higher priority. That is, after the packet sent from the controller has been forwarded from the switch, the buffered packets belonging to the same flow are also immediately forwarded. We formally analyze the performance of PIBP with queuing theory. The analytical and simulation results show that PIBP can decrease the average delay of table‐miss packets compared with two typical methods, Priority Queue and Mismatched Packets Table. PIBP can achieve a better performance in comparison with the PQ method, no matter what value of packet arrival rate in each flow and flow arrival rate. When the controller is more congested, PIBP can get larger improvements compared with PQ. On the other hand, PIBP can outperform MPT when the switch does not have enough capacity to process packets soon. Finally, the accuracy of the proposed analytical model for PIBP has been validated through simulation.


Figure 5. Cont.
Figure 16. Comparison of the number of input links.
LFA detection and mitigation comparison table.
Default values for simulation.
CNN parameter setting.
A Spatiotemporal-Oriented Deep Ensemble Learning Model to Defend Link Flooding Attacks in IoT Network

February 2021

·

63 Reads

·

9 Citations

Sensors

(1) Background: Link flooding attacks (LFA) are a spatiotemporal attack pattern of distributed denial-of-service (DDoS) that arranges bots to send low-speed traffic to backbone links and paralyze servers in the target area. (2) Problem: The traditional methods to defend against LFA are heuristic and cannot reflect the changing characteristics of LFA over time; the AI-based methods only detect the presence of LFA without considering the spatiotemporal series attack pattern and defense suggestion. (3) Methods: This study designs a deep ensemble learning model (Stacking-based integrated Convolutional neural network–Long short term memory model, SCL) to defend against LFA: (a) combining continuous network status as an input to represent “continuous/combination attacking action” and to help CNN operation to extract features of spatiotemporal attack pattern; (b) applying LSTM to periodically review the current evolved LFA patterns and drop the obsolete ones to ensure decision accuracy and confidence; (c) stacking System Detector and LFA Mitigator module instead of only one module to couple with LFA detection and mediation at the same time. (4) Results: The simulation results show that the accuracy rate of SCL successfully blocking LFA is 92.95%, which is 60.81% higher than the traditional method. (5) Outcomes: This study demonstrates the potential and suggested development trait of deep ensemble learning on network security.


A knowledge-based Query Tree with Shortcutting and Couple-Resolution for RFID tag identification

June 2020

·

42 Reads

·

7 Citations

Computer Communications

In Radio Frequency Identification (RFID) systems, the reader identifies tags through communications over a shared wireless channel. However, when multiple tags transmit their IDs simultaneously, their signals collide, thereby prolonging the identification delay. However, in some applications, the RFID system has the availability of a database containing the IDs of all the tags that may possibly appear. The present study proposes a novel knowledge-based Query Tree with Shortcutting and Couple Resolution (QTSC) protocol for reducing the identification delay in RFID systems with such a database. In the proposed protocol, a knowledge-based query tree is first constructed to store the queries required to identify all the possible tags in the database. Then, at identifying appearing tags, the tags actually appear among possible tags, shortcutting and couple-resolution techniques are employed to skip redundant queries in the query tree and transmit two ID prefixes simultaneously within the same slot, respectively. The simulation results show that compared to the existing knowledge-based protocols, Knowledge Query Tree (KQT) and Heuristic Query Tree (HQT) protocols, QTSC reduces the identification delay by 60.5% and 39.0%, respectively.


Citations (38)


... Binary Search Tree (BS) (Umelo, 2022), Dynamic Binary Search Tree (DBS) , Regressive Binary Search Tree (RBS) [18], and so forth are examples of tree-based algorithms. A fast tree-based collision avoidance method (SDT) was proposed in study (Lai, 2022). SDT delivers only the known portion of the sequence number, finds the label, and returns to the parent node rather than the root node. ...

Reference:

The Bit Query for Labels in a Binary Tree-Based Anti-Collision Recognition Algorithm
A Bit-Tracking Knowledge-Based Query Tree for RFID Tag Identification in IoT Systems

Sensors

... Firstly, organisations should invest in AI-powered threat detection systems that can identify and respond to AI-driven attacks effectively [82,115,116]. This includes using ML algorithms to detect anomalous behaviour indicative of cyber threats, adversarial training, and model robustness checks [117]; [117][118][119][120]. Secondly, given the prevalence of phishing and social engineering attacks in the offensive AI dataset (see Table 5) and Fig. 2, Akinbowale et al. [1] and Tao et al. [104] emphasise that user training and awareness programs are crucial. ...

A Deep Learning Methodology to Detect Trojaned AI-based DDoS Defend Model
  • Citing Conference Paper
  • February 2022

... This categorization contains seven types of threats: redirection threat, physical threat, DDoS, environmental threat, First-In-First-Out (FIFO) threat, free riding threat and syn flood threat. In [47], the authors proposed a DDoS attack identification technique in machine-to-machine 6G networks. The proposed technique is an energy-efficient topology for the mitigation of DDoS attacks in the 6G network. ...

Identifying Hybrid DDoS Attacks in Deterministic Machine-to-Machine Networks on a Per-Deterministic-Flow Basis

Micromachines

... Second, the AI-based method should cooperate existed or traditional methods, instead of simply replacing them. That is, besides the general models [2][3][4][5][6] to maximize the throughput, there are also economic model [7] to maximize the profit of service provider, robustness model [8] to achieve high availability of telecommunication network, and confidential computing model [9] to provide confidentiality of private data without compromising on training performance. Replacing the existed methodology embedded in the current system may be costly and impractical, and the proposed AI-based method should be capable of cooperative learning and consider the privacy issues of confidential computing requirements. ...

A Spatiotemporal-Oriented Deep Ensemble Learning Model to Defend Link Flooding Attacks in IoT Network

Sensors

... There are several types of collisions, including multitag reader collisions, multi-reader-tag collisions, and reader-reader collisions [15]. The relevant schematic diagram is shown in Fig. 2. In Fig. 2a, there are two labels simultaneously present in the recognition range of reader R. When transmitting data to the reader simultaneously, none of the three labels can be recognized by reader R due to collision. ...

A knowledge-based Query Tree with Shortcutting and Couple-Resolution for RFID tag identification
  • Citing Article
  • June 2020

Computer Communications

... Fernet encryption is applied for video protection, while two anonymisation algorithms, Mixture of Gaussians (MOG2) and K-Nearest Neighbors (KNN), are utilised for foreground and background detection during retrieval. In [34], the author introduced a system that selectively encrypts key frames using a block-based permutation with noise before uploading them to the cloud. During retrieval, query videos undergo the same encryption process, and only sufficiently similar encrypted videos are downloaded to the local client and decrypted and compared with the query data. ...

Privacy-Preserving Encryption-Domain Video Retrieval over the Cloud via Block Transformations of Key Frames
  • Citing Conference Paper
  • May 2019

... The method reduced false positive rate in the detection procedure and attained higher precision in the SDN environment. Lai et al. (2019) introduced a flow-based Multilayer Perceptron Model (FBM) to automatically generate mass for detecting anomalies. In Multilayer Perceptron Model (MLP) used many hidden layers for comparing flow-based MLP (FBM) and packet-based MLP (PBM). ...

F1ow-based Anomaly Detection Using Multilayer Perceptron in Software Defined Networks
  • Citing Conference Paper
  • May 2019

... It shows a faster tag identification performance even with low SNR region. Lai et al 22 propose a query tree with knowledgebased splitting (QTKS) protocol. From the known database, QTKS constructs a knowledge-based query tree, which stores queries that can more quickly identify appearing tags, which belong to possible tags in the database. ...

Query Tree with Knowledge-based Splitting for RFID Tag Identification
  • Citing Conference Paper
  • October 2018

... Work by Fahmin et al. [12] developed an SDN queuing model with NFV under or outside the controller. SDN architectures with NFV are modeled and analyzed using a custom simulator the authors implemented (name not given). ...

Performance modeling and comparison of NFV integrated with SDN: Under or aside?

Journal of Network and Computer Applications

... Because of its limited on board energy, it was critical for the UE to maximize its energy efficiency [8]. The power consumption can be reduced by entering the UE to sleep mode [9]. To reduce the energy consumption, the LTE-A standard defines DRX mechanism [10] that allows UEs to turn off its components when no data is expected to be received. ...

An Interleaved-Sleeping-Listening scheduler for power saving in mobile stations
  • Citing Article
  • April 2018

Computers & Electrical Engineering