Deeply Understanding Graph-Based Sybil Detection Techniques via Empirical Analysis on Graph Processing

Sybil attacks are one of the most prominent security problems of trust mechanisms in a distributed network with a large number of highly dynamic and heterogeneous devices,which expose serious threat to edge computing based distributed systems.Graphbased Sybil detection approaches extract social structures from target distributed systems,refine the graph via preprocessing methods and capture Sybil nodes based on the specific properties of the refined graph structure.Graph preprocessing is a critical component in such Sybil detection methods,and intuitively,the processing methods will affect the detection performance.Thoroughly understanding the dependency on the graph-processing methods is very important to develop and deploy Sybil detection approaches.In this paper,we design experiments and conduct systematic analysis on graph-based Sybil detection with respect to different graph preprocessing methods on selected network environments.The experiment results disclose the sensitivity caused by different graph transformations on accuracy and robustness of Sybil detection methods.

EScope:Effective Event Validation for IoT Systems Based on State Correlation

Typical Internet of Things(IoT)systems are event-driven platforms,in which smart sensing devices sense or subscribe to events(device state changes),and react according to the preconfigured trigger-action logic,as known as,automation rules.“Events”are essential elements to perform automatic control in an IoT system.However,events are not always trustworthy.Sensing fake event notifications injected by attackers(called event spoofing attack)can trigger sensitive actions through automation rules without involving authorized users.Existing solutions verify events via“event fingerprints”extracted by surrounding sensors.However,if a system has homogeneous sensors that have strong correlations among them,traditional threshold-based methods may cause information redundancy and noise amplification,consequently,decreasing the checking accuracy.Aiming at this,in this paper,we propose“EScope”,an effective event validation approach to check the authenticity of system events based on device state correlation.EScope selects informative and representative sensors using an Neural-Network-based(NN-based)sensor selection component and extracts a verification sensor set for event validation.We evaluate our approach using an existing dataset provided by Peeves.The experiment results demonstrate that EScope achieves an average 67%sensor amount reduction on 22 events compared with the existing work,and increases the event spoofing detection accuracy.

Anomalous Power-Usage Behavior Detection from Smart Home Wireless Communications

With the rapid development of Internet of things(IoT)technologies,smart home systems are getting more and more popular in our daily life.Besides provid-ing convenient functionality and tangible benefits,smart home systems expose users to security risks.In this paper,we proposed SHGuard,an anomaly detection approach based on power usage data exposed from wireless commu-nications in the smart home system.SHGuard monitors and collects the electricity-usage data sent from the smart sockets.Based on the collected data,we developed a method to identify/infer the type of device and formally defined the user behavior pattern according to the device event features,e.g.,frequent sequence pattern set,the support degree,the sequence length and the occurrence time of the power changing event.SHGuard extracts and builds the normal behavior pattern during the initialization stage.It continuously infers the smart devices’states by monitoring the electricity usage data and updates the user behavior patterns.Any abnormal behaviors will be detected once the current user behavior pattern deviates from the original pattern.We prototyped our method and evaluated SHGuard using UCI dataset.The experiment results illustrated the efficiency of SHGuard.