DONG CHEN

Utilities are rapidly deploying smart meters that measure electricity usage in real-time. Unfortunately, smart meters indirectly leak sensitive information about a home's occupancy, which is easy to detect because it highly correlates with simple statistical metrics, such as power's mean, variance, and range. To prevent occupancy detection, we propose using the thermal energy storage of electric water heaters already present in many homes. In essence, our approach, which we call combined heat… Show more

Utilities are rapidly deploying smart meters that measure electricity usage in real-time. Unfortunately, smart meters indirectly leak sensitive information about a home's occupancy, which is easy to detect because it highly correlates with simple statistical metrics, such as power's mean, variance, and range. To prevent occupancy detection, we propose using the thermal energy storage of electric water heaters already present in many homes. In essence, our approach, which we call combined heat and privacy (CHPr), modulates a water heater's power usage to make it look like someone is always home. We design a CHPr-enabled water heater that regulates its energy usage to thwart a variety of occupancy detection attacks without violating its objective---to provide hot water on demand---and evaluate it in simulation using real data. Our results show that a standard 50-gal CHPr-enabled water heater prevents a wide range of state-of-the-art occupancy detection attacks. Show less

Electric utilities are rapidly deploying smart meters that record and transmit electricity usage in real-time. As prior research shows, smart meter data indirectly leaks sensitive, and potentially valuable, information about a home’s activities. An important example of the sensitive information smart meters reveal is occupancy—whether or not someone is home and when. As prior work also shows, occupancy is surprisingly easy to detect, since it highly correlates with simple statistical metrics… Show more

Electric utilities are rapidly deploying smart meters that record and transmit electricity usage in real-time. As prior research shows, smart meter data indirectly leaks sensitive, and potentially valuable, information about a home’s activities. An important example of the sensitive information smart meters reveal is occupancy—whether or not someone is home and when. As prior work also shows, occupancy is surprisingly easy to detect, since it highly correlates with simple statistical metrics, such as power’s mean, variance, and range. Unfortunately, prior research that uses chemical energy storage, e.g., batteries, to prevent appliance power signature detection is prohibitively expensive when applied to occupancy detection. To address this problem, we propose preventing occupancy detection using the thermal energy storage of large elastic heating loads already present in many homes, such as electric water and space heaters. In essence,
our approach, which we call Combined Heat and Privacy (CHPr), controls the power usage of these large loads to make it look like someone is always home. We design a CHPr-enabled water
heater that regulates its energy usage to mask occupancy without violating its objective, e.g., to provide hot water on demand, and evaluate it in simulation and using a prototype. Our results
show that a 50-gallon CHPr-enabled water heater decreases the Matthews Correlation Coefficient (a standard measure of a binary classifier’s performance) of a threshold-based occupancy
detection attack in a representative home by 10x (from 0:44 to 0:045), effectively preventing occupancy detection at no extra cost. Show less

Detailed information about a home’s occupancy is necessary to implement many advanced energy-efficiency optimizations. How- ever, monitoring occupancy directly is intrusive, typically requir- ing the deployment of multiple environmental sensors, e.g., mo- tion, acoustic, CO2, etc. In this paper, we explore the potential for Non-Intrusive Occupancy Monitoring (NIOM) by using electricity data from smart meters to infer occupancy. We first observe that a home’s pattern of electricity usage… Show more

Detailed information about a home’s occupancy is necessary to implement many advanced energy-efficiency optimizations. How- ever, monitoring occupancy directly is intrusive, typically requir- ing the deployment of multiple environmental sensors, e.g., mo- tion, acoustic, CO2, etc. In this paper, we explore the potential for Non-Intrusive Occupancy Monitoring (NIOM) by using electricity data from smart meters to infer occupancy. We first observe that a home’s pattern of electricity usage generally changes when oc- cupants are present due to their interact with electrical loads. We empirically evaluate these interactions by monitoring ground truth occupancy in two homes, then correlating it with changes in statisti- cal metrics of smart meter data, such as power’s mean and variance, over short intervals. In particular, we use each metric’s maximum value at night as a proxy for its maximum value in an unoccupied home, and then signal occupancy whenever the daytime value ex- ceeds it. Our results highlight NIOM’s potential and its challenges. Show less

The emergence of Cyber-Physical Systems (CPSs) heralds the ubiquitous and autonomous globally interconnected networks of embedded devices with their own means of interaction with the physical environment. The complex interactions with the physical environment significantly increase security risks. Especially, for mission-critical CPSs, sensitive data are closely related to security issues and are accessed only by authorized users. Role based access control is an essential component for… Show more

The emergence of Cyber-Physical Systems (CPSs) heralds the ubiquitous and autonomous globally interconnected networks of embedded devices with their own means of interaction with the physical environment. The complex interactions with the physical environment significantly increase security risks. Especially, for mission-critical CPSs, sensitive data are closely related to security issues and are accessed only by authorized users. Role based access control is an essential component for protecting CPSs from unauthorized access. However, existing mechanisms are inadequate. We argue that role assignment should not depend on the remaining energy of a node but its reputation. This paper proposes a role-based access control model, R2BAC, for CPSs using reputation. The definitions and evaluation metrics of trust and reputation are given in order to evaluate the behavior of the nodes. Then reputation evaluation scheme and role assignment scheme are presented, respectively. In addition, we give the proofs of correctness and complexity analysis for R2BAC. Eventually, a wide set of simulations are provided to evaluate its performance. Show less

Access control is an essential security component in protecting sensitive data and services from unauthorized access to the resources in mission-critical Cyber-Physical Systems (CPSs). CPSs are different from conventional information processing systems in such that they involve interactions between the cyber world and the physical world. Therefore, existing access control models cannot be used directly and even become disabled in an emergency situation. This paper proposes an adaptive Access… Show more

Access control is an essential security component in protecting sensitive data and services from unauthorized access to the resources in mission-critical Cyber-Physical Systems (CPSs). CPSs are different from conventional information processing systems in such that they involve interactions between the cyber world and the physical world. Therefore, existing access control models cannot be used directly and even become disabled in an emergency situation. This paper proposes an adaptive Access Control model for Emergences (AC4E) for mission-critical CPSs. The principal aim of AC4E is to control the criticalities in these systems by executing corresponding responsive actions. AC4E not only provides the ability to control access to data and services in normal situations, but also grants the correct set of access privileges, at the correct time, to the correct set of subjects in emergency situations. It can facilitate adaptively responsive actions altering the privileges to specific subjects in a proactive manner without the need for any explicit access requests. A semiformal validation of the AC4E model is presented, with respect to responsiveness, correctness, safety, non-repudiation and concurrency, respectively. Then a case study is given to demonstrate how the AC4E model detects, responds, and controls the emergency events for a typical CPS adaptively in a proactive manner. Eventually, a wide set of simulations and performance comparisons of the proposed AC4E model are presented. Show less

n this paper, we present a survey of security and privacy preserving issues in M2M communications in Cyber-Physical Systems. First, we discuss the security challenges in M2M communications in wireless networks of Cyber-Physical Systems and outline the constraints, attack issues, and a set of challenges that need to be addressed for building secure Cyber-Physical Systems. Then, a secure architecture suitable for Cyber-Physical Systems is proposed to cope with these security issues. Eventually… Show more

n this paper, we present a survey of security and privacy preserving issues in M2M communications in Cyber-Physical Systems. First, we discuss the security challenges in M2M communications in wireless networks of Cyber-Physical Systems and outline the constraints, attack issues, and a set of challenges that need to be addressed for building secure Cyber-Physical Systems. Then, a secure architecture suitable for Cyber-Physical Systems is proposed to cope with these security issues. Eventually, the corresponding countermeasures to the security issues are discussed from four aspects: access control, intrusion detection, authentication and privacy preserving, respectively. Along the way we highlight the advantages and disadvantages of various existing security schemes and further compare and evaluate these schemes from each of these four aspects. We also point out the open research issues in each subarea and conclude with possible future research directions on security in Cyber-Physical Systems. It is believed that once these challenges are surmounted, applications with intrinsic security considerations will become immediately realizable. Show less

Trillions things of Internet of Things (IOT) or Cyber-Physical Systems (CPS) employ a unique global addressing scheme to interact to each other and corporate with others to provide intelligent services. However, people may resist the IOT as long as there is no public confidence that it will not cause any serious threats to their privacy. An effective secure key management for things authentication is the prerequisite of the security operations. Studying on the characteristics of things in the… Show more

Trillions things of Internet of Things (IOT) or Cyber-Physical Systems (CPS) employ a unique global addressing scheme to interact to each other and corporate with others to provide intelligent services. However, people may resist the IOT as long as there is no public confidence that it will not cause any serious threats to their privacy. An effective secure key management for things authentication is the prerequisite of the security operations. Studying on the characteristics of things in the IOT deeply, this paper proposes a lightweight security key management scheme for Things to Things (T2T) communication in wireless networks of IOT which are usually composed of heterogeneous sensors/actuators or smart sensor-embedded things. Eventually, we evaluate the proposed scheme on storage overhead, communication overhead, computation overhead and resilience against nodes compromise attack, respectively. Show less

Since a large scale Wireless Sensor Network (WSN) is to be completely integrated into Internet as a core part of Internet of Things (IoT) or Cyber Physical System (CPS), it is necessary to consider various security challenges that come with IoT/CPS, such as the detection of malicious attacks. Sensors or sensor embedded things may establish direct communication between each other using 6LoWPAN protocol. A trust and reputation model is recognized as an important approach to defend a large… Show more

Since a large scale Wireless Sensor Network (WSN) is to be completely integrated into Internet as a core part of Internet of Things (IoT) or Cyber Physical System (CPS), it is necessary to consider various security challenges that come with IoT/CPS, such as the detection of malicious attacks. Sensors or sensor embedded things may establish direct communication between each other using 6LoWPAN protocol. A trust and reputation model is recognized as an important approach to defend a large distributed sensor networks in IoT/CPS against malicious node attacks, since trust establishment mechanisms can stimulate collaboration among distributed computing and communication entities, facilitate the detection of untrustworthy entities, and assist decision-making process of various protocols. In this paper, based on in-depth understanding of trust establishment process and quantitative comparison among trust establishment methods, we present a trust and reputation model TRM-IoT to enforce the cooperation between things in a network of IoT/CPS based on their behaviors. The accuracy, robustness and lightness of the proposed model is validated through a wide set of simulations. Show less

Internet of Things (IOT) is a novel paradigm developed on the basis of existing technologies and closely related to RFID, WSN, CPS, Pervasive Computing and M2M (Machine to Machine). IOT has broad prospects in transportation, logistics, healthcare, smart environment, personal living and social domain. This paper researches on the concept, characteristics and supporting technology of IOT, proposes an interconnection architecture of IOT from the view of business process and data flow. Then… Show more

Internet of Things (IOT) is a novel paradigm developed on the basis of existing technologies and closely related to RFID, WSN, CPS, Pervasive Computing and M2M (Machine to Machine). IOT has broad prospects in transportation, logistics, healthcare, smart environment, personal living and social domain. This paper researches on the concept, characteristics and supporting technology of IOT, proposes an interconnection architecture of IOT from the view of business process and data flow. Then agent-based and 6LoWPAN-based access models towards sensors or sensor embedded things in IOT are presented and discussed. Eventually, supporting technologies of IOT are summarized. Show less

Resource discovery is a fundamental problem in grid systems. Original approaches to provide grid resource discovery services are either centralized or hierarchical and proved to be inefficient when the scale of grid systems rapidly increases. A P2P network is a distributed system with the attributes of dynamicity and scalability. P2P systems have the same goal as grid systems: to share and exchange various resources. With their development, P2P systems and grid systems can be combined into a… Show more

Resource discovery is a fundamental problem in grid systems. Original approaches to provide grid resource discovery services are either centralized or hierarchical and proved to be inefficient when the scale of grid systems rapidly increases. A P2P network is a distributed system with the attributes of dynamicity and scalability. P2P systems have the same goal as grid systems: to share and exchange various resources. With their development, P2P systems and grid systems can be combined into a new system which has their attributes. In this paper, a novel hierarchical P2P based grid model based on the existing grid resource discovery models is discussed. In our model, Chord and Gnutella are selected as the typical protocols to form the virtual P2P layer. Through the experiment results, we argue that the 3C-2G model performs better than the other models in resource discovery among grids oriented to the same application field. Show less

With the development of the IoT, different wireless communication technologies and edge network infrastructures are continuously integrated. Therefore, the corresponding communication network environment has become more complex and the security issues involved in the IoT are more complex than any existing network infrastructures. The trust relationship between the heterogeneous entities, security communication, security system and other security issues are more complex and difficult to solve… Show more

With the development of the IoT, different wireless communication technologies and edge network infrastructures are continuously integrated. Therefore, the corresponding communication network environment has become more complex and the security issues involved in the IoT are more complex than any existing network infrastructures. The trust relationship between the heterogeneous entities, security communication, security system and other security issues are more complex and difficult to solve. In order to solve this kind of security problems, this paper gives the system structure, analyzes the security challenges and threats, proposes a novel security architecture for the IoT based on the research of these security demands, and eventually gives details of the designed security verification system. Show less

ACE is a freely available, open-source object-oriented framework that implements many core design patterns for concurrent communication software. ACE provides reusable C++ wrappers, frameworks and real-time ORB available for most operating systems. In this paper, we introduce the functionality of ACE components, design an effective and portable IPC platform framework based on ACE middleware and implement the IPC platform system in C++. Eventually, we test our IPC platform, compare it with the… Show more

ACE is a freely available, open-source object-oriented framework that implements many core design patterns for concurrent communication software. ACE provides reusable C++ wrappers, frameworks and real-time ORB available for most operating systems. In this paper, we introduce the functionality of ACE components, design an effective and portable IPC platform framework based on ACE middleware and implement the IPC platform system in C++. Eventually, we test our IPC platform, compare it with the non-ACE system and conclude its advantages and drawbacks.
Show less

Chord has been widely used as a routing protocol in structured peer-to-peer overlay networks. A fundamental problem of peer-to-peer applications is to efficiently locate the node that stores a particular data item. In fact, performance of structured peer-to-peer overlay networks depends on the routing protocols. The original Chord routing protocol based on DHT uses Finger Table to route. However, in the original model, there is redundancy information in the Finger Table. This paper analyzes the… Show more

Chord has been widely used as a routing protocol in structured peer-to-peer overlay networks. A fundamental problem of peer-to-peer applications is to efficiently locate the node that stores a particular data item. In fact, performance of structured peer-to-peer overlay networks depends on the routing protocols. The original Chord routing protocol based on DHT uses Finger Table to route. However, in the original model, there is redundancy information in the Finger Table. This paper analyzes the routing algorithm of Chord protocol and presents an improvement strategy of original Chord routing algorithm. Results from theoretical analysis and experiments show that the routing performance of structured Chord-based overlay networks is improved. Show less