题  目 ：Using Network Performance Feedback to Improve Network Security 时  间 ：2017 年10 月17 日 （ 星期二 ）14:00 PM 地  点 ：玉泉校区 信电楼119 、119 会议室 报告人 ：A/Prof. Yih-Chun Hu University of Illinois at Urbana-Champaign (UIUC), USA

专家介绍 ：

Dr. Yih-Chun Hu is an Associate Professor with the Department of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign, Urbana. His research interests are in security in networked systems, with particular interest in the areas of wireless, future Internet architectures, cyberphysical systems, and medical systems. He received the B.S. degree in computer science and pure mathematics from the University of Washington, Seattle, in 1997, and the Ph.D. degree in computer science from Carnegie Mellon University, Pittsburgh, PA, in 2003. After receiving his Ph.D. degree, he worked as a Post-Doctoral Researcher at the University of California, Berkeley. His current Google Scholar citation is 21980 with H-index 39 .

报告内容 ：

As the Internet plays a significant role in all facets of our lives, network security has come to be an important problem. Security and performance have long been thought to be orthogonal, or perhaps even opposing, goals. In this talk, I will discuss two areas where feedback from Network Performance can bring improved availability, one of the classical security properties. First, I will describe MiddlePolice, an approach that mitigates volumetric DDoS attacks, which overwhelm the bandwidth of a destination, and are amongst the most common DDoS attacks today. Most previous work either scrubs DDoS traffic inside the cloud using a one-size-fits-all scrubbing algorithm, or use network capabilities that restrict source sending rates to receiver-determined levels consent, but which require the network to enforce these capabilities. MiddlePolice seeks the best of both worlds: the deployability of DDoS-protection-as- a-service solutions and the destination-based control of network capability systems. I will present results showing that by allowing feedback from the destination to the provider, MiddlePolice can effectively enforce destination-chosen policies, while requiring no deployment from unrelated parties. Second, I will describe Secure MAC, a Medium Access Control protocol that is resilient to adversarial attacks. A Medium Access Control protocol is designed to help wireless transmitters avoid simultaneous transmission, increasing the system capacity by improving the signal-to-noise ratio. Previous MAC work considered model where all stations are selfish; the Nash equilibrium is that all stations transmit simultaneously. We consider a different model, in which most nodes are legitimate and protocol- compliant, where the balance of nodes are malicious and aim to minimize the capacity of the legitimate nodes. Despite this, we develop a MAC that converges to the best-possible performance under these circumstances; that is, we eventually relegate the malicious insider adversaries to outsider attackers that have no knowledge of the MAC layer in use.