Duo Lu

Bio: Duo Lu is an academic researcher from Arizona State University. The author has contributed to research in topics: Interface (computing) & Password. The author has an hindex of 8, co-authored 18 publications receiving 184 citations. Previous affiliations of Duo Lu include Arizona's Public Universities.

A Secure Microservice Framework for IoT

Abstract: The Internet of Things (IoT) has connected an incredible diversity of devices in novel ways, which has enabled exciting new services and opportunities. Unfortunately, IoT systems also present several important challenges to developers. This paper proposes a vision for how we may build IoT systems in the future by reconceiving IoT's fundamental unit of construction not as a "thing", but rather as a widely and finely distributed "microservice" already familiar to web service engineering circles. Since IoT systems are quite different from more established uses of microservice architectures, success of the approach depends on adaptations that enable them to met the key challenges that IoT systems present. We argue that a microservice approach to building IoT systems can combine in a mutually enforcing way with patterns for microservices, API gateways, distribution of services, uniform service discovery, containers, and access control. The approach is illustrated using two case studies of IoT systems in personal health management and connected autonomous vehicles. Our hope is that the vision of a microservices approach will help focus research that can fill in current gaps preventing more effective, interoperable, and secure IoT services and solutions in a wide variety of contexts.

A Defense System for Defeating DDoS Attacks in SDN based Networks

Abstract: Software-Defined Networking (SDN) is a network architecture that aims at providing high flexibility through the decoupling of the network logic from the forwarding functions. The ease of programmability makes SDN a great platform implementation of various initiatives that involve application deployment, security solutions, and decentralized network management in a multi-tenant data center environment. Although this can introduce many applications in different areas and leads to the high impact on several aspects, security of SDN architecture remains an open question and needs to be revisited based on the new concept of SDN. Current SDN-based attack detection mechanisms have some limitations. In this paper, we investigate two of those limitations: Misbehavior Attack and NewFlow Attack. We propose a secure system that periodically collects network statistics from the forwarding elements and apply Machine Learning (ML) classification algorithms. Our framework ensures that the proposed solution makes the SDN architecture more self-adaptive, and intelligent while reacting to network changes.

A data driven in-air-handwriting biometric authentication system

Abstract: The gesture-based human-computer interface requires new user authentication technique because it does not have traditional input devices like keyboard and mouse In this paper, we propose a new finger-gesture-based authentication method, where the in-air-handwriting of each user is captured by wearable inertial sensors Our approach is featured with the utilization of both the content and the writing convention, which are proven to be essential for the user identification problem by the experiments A support vector machine (SVM) classifier is built based on the features extracted from the hand motion signals To quantitatively benchmark the proposed framework, we build a prototype system with a custom data glove device The experiment result shows our system achieve a 01% equal error rate (EER) on a dataset containing 200 accounts that are created by 116 users Compared to the existing gesture-based biometric authentication systems, the proposed method delivers a significant performance improvement

Personalized Learning in a Virtual Hands-on Lab Platform for Computer Science Education

Abstract: This Innovate Practice full paper presents a cloud-based personalized learning lab platform. Personalized learning is gaining popularity in online computer science education due to its characteristics of pacing the learning progress and adapting the instructional approach to each individual learner from a diverse background. Among various instructional methods in computer science education, hands-on labs have unique requirements of understanding learner’s behavior and assessing learner’s performance for personalization. However, it is rarely addressed in existing research. In this paper, we propose a personalized learning platform called ThoTh Lab specifically designed for computer science hands-on labs in a cloud environment. ThoTh Lab can identify the learning style from student activities and adapt learning material accordingly. With the awareness of student learning styles, instructors are able to use techniques more suitable for the specific student, and hence, improve the speed and quality of the learning process. With that in mind, ThoTh Lab also provides student performance prediction, which allows the instructors to change the learning progress and take other measurements to help the students timely. For example, instructors may provide more detailed instructions to help slow starters, while assigning more challenging labs to those quick learners in the same class. To evaluate ThoTh Lab, we conducted an experiment and collected data from an upper-division cybersecurity class for undergraduate students at Arizona State University in the US. The results show that ThoTh Lab can identify learning style with reasonable accuracy. By leveraging the personalized lab platform for a senior level cybersecurity course, our lab-use study also shows that the presented solution improves students engagement with better understanding of lab assignments, spending more effort on hands-on projects, and thus greatly enhancing learning outcomes.

VC-bots: a vehicular cloud computing testbed with mobile robots

Abstract: Smart vehicles with computing, sensing, and communication capabilities are gaining popularity. With various vehicular applications equipped, these smart vehicles not only improve driving safety, but also facilitate data collection and information sharing for traffic optimization, insurance estimation, and infotainment. However, developing and testing such cloud based vehicular application is challenging due to the high cost of running the application on actual cars in various traffic scenarios. For the same reason it is also difficult to understand and model the network protocol behavior among multiple vehicles. In this paper we proposed VC-bots, a vehicular cloud testbed using mobile robot vehicles, which can emulate different types of vehicles for testing vehicular network protocols and vehicular cloud applications in various scenarios, which can be easily reconfigured without any infrastructure assistance. To facilitate software integration, we also developed a message based service framework for applications running on the robot vehicle and in the cloud.

Real-Time Systems

Abstract: From the Publisher: Real-Time Systems is both a valuable reference for professionals and an advanced text for Computer Science and Computer Engineering students. Real world real-time applications based on research and practice State-of-the-art algorithms and methods for validation Methods for end-to-end scheduling and resource management More than 100 illustrations to enhance understanding Comprehensive treatment of the technology known as RMA (rate-monotonic analysis) methods A supplemental Companion Website www.prenhall.com/liu

Internet of Things as System of Systems: A Review of Methodologies, Frameworks, Platforms, and Tools

Abstract: The Internet of Things (IoT) is the latest example of the System of Systems (SoS), demanding for both innovative and evolutionary approaches to tame its multifaceted aspects. Over the years, different IoT methodologies, frameworks, platforms, and tools have been proposed by industry and academia, but the jumbled abundance of such development products have resulted into a high (and disheartening) entry-barrier to IoT system engineering. In this survey, we steer IoT developers by: 1) providing baseline definitions to identify the most suitable class of development products—methodologies, frameworks, platforms, and tools–for their purposes and 2) reviewing seventy relevant products through a comparative and practical approach, based on general SoS engineering features revised in the light of main IoT systems desiderata (i.e., interoperability, scalability, smartness, and autonomy). Indeed, we aim to lessen the confusion related to IoT methodologies, frameworks, platforms, and tools as well as to freeze their current state, for eventually easing the approach towards IoT system engineering.

DDoSNet: A Deep-Learning Model for Detecting Network Attacks

Abstract: Software-Defined Networking (SDN) is an emerging paradigm, which evolved in recent years to address the weaknesses in traditional networks. The significant feature of the SDN, which is achieved by disassociating the control plane from the data plane, facilitates network management and allows the network to be efficiently programmable. However, the new architecture can be susceptible to several attacks that lead to resource exhaustion and prevent the SDN controller from supporting legitimate users. One of these attacks, which nowadays is growing significantly, is the Distributed Denial of Service (DDoS) attack. DDoS attack has a high impact on crashing the network resources, making the target servers unable to support the valid users. The current methods deploy Machine Learning (ML) for intrusion detection against DDoS attacks in the SDN network using the standard datasets. However, these methods suffer several drawbacks, and the used datasets do not contain the most recent attack patterns - hence, lacking in attack diversity. In this paper, we propose DDoSNet, an intrusion detection system against DDoS attacks in SDN environments. Our method is based on Deep Learning (DL) technique, combining the Recurrent Neural Network (RNN) with autoencoder. We evaluate our model using the newly released dataset CICDDoS2019, which contains a comprehensive variety of DDoS attacks and addresses the gaps of the existing current datasets. We obtain a significant improvement in attack detection, as compared to other benchmarking methods. Hence, our model provides great confidence in securing these networks.