Zuochao Dou

Bio: Zuochao Dou is an academic researcher from New Jersey Institute of Technology. The author has contributed to research in topics: Authentication & Phishing. The author has an hindex of 5, co-authored 11 publications receiving 716 citations. Previous affiliations of Zuochao Dou include University of Rochester.

Unmanned Aerial Vehicles: A Survey on Civil Applications and Key Research Challenges

Abstract: The use of unmanned aerial vehicles (UAVs) is growing rapidly across many civil application domains, including real-time monitoring, providing wireless coverage, remote sensing, search and rescue, delivery of goods, security and surveillance, precision agriculture, and civil infrastructure inspection. Smart UAVs are the next big revolution in the UAV technology promising to provide new opportunities in different applications, especially in civil infrastructure in terms of reduced risks and lower cost. Civil infrastructure is expected to dominate more than $45 Billion market value of UAV usage. In this paper, we present UAV civil applications and their challenges. We also discuss the current research trends and provide future insights for potential UAV uses. Furthermore, we present the key challenges for UAV civil applications, including charging challenges, collision avoidance and swarming challenges, and networking and security-related challenges. Based on our review of the recent literature, we discuss open research challenges and draw high-level insights on how these challenges might be approached.

Systematization of Knowledge (SoK): A Systematic Review of Software-Based Web Phishing Detection

Abstract: Phishing is a form of cyber attack that leverages social engineering approaches and other sophisticated techniques to harvest personal information from users of websites. The average annual growth rate of the number of unique phishing websites detected by the Anti Phishing Working Group is 36.29% for the past six years and 97.36% for the past two years. In the wake of this rise, alleviating phishing attacks has received a growing interest from the cyber security community. Extensive research and development have been conducted to detect phishing attempts based on their unique content, network, and URL characteristics. Existing approaches differ significantly in terms of intuitions, data analysis methods, as well as evaluation methodologies. This warrants a careful systematization so that the advantages and limitations of each approach, as well as the applicability in different contexts, could be analyzed and contrasted in a rigorous and principled way. This paper presents a systematic study of phishing detection schemes, especially software based ones. Starting from the phishing detection taxonomy, we study evaluation datasets, detection features, detection techniques, and evaluation metrics. Finally, we provide insights that we believe will help guide the development of more effective and efficient phishing detection schemes.

Use of Network Latency Profiling and Redundancy for Cloud Server Selection

Abstract: As servers are placed in diverse locations in networked services today, it becomes vital to direct a client's request to the best server(s) to achieve both high performance and reliability. In this distributed setting, non-negligible latency and server availability become two major concerns, especially for highly-interactive applications. Profiling latencies and sending redundant data have been investigated as solutions to these issues. The notion of a cloudlet in mobile-cloud computing is also relevant in this context, as the cloudlet can supply these solution approaches on behalf of the mobile. In this paper, we investigate the effects of profiling and redundancy on latency when a client has a choice of multiple servers to connect to, using measurements from real experiments and simulations. We devise and test different server selection and data partitioning strategies in terms of profiling and redundancy. Our key findings are summarized as follows. First, intelligent server selection algorithms help find the optimal group of servers that minimize latency with profiling. Second, we can achieve good performance with relatively simple approaches using redundancy. Our analysis of profiling and redundancy provides insight to help designers determine how many servers and which servers to select to reduce latency.

Robust insider attacks countermeasure for hadoop: Design and implementation

Abstract: Hadoop is an open source software framework for storage and processing of large-scale datasets. The proliferation of cloud services and its corresponding increasing number of users lead to a larger attack surface, especially for internal threats. Therefore, in corporate data centers, it is essential to ensure the security, authenticity, and integrity of all the entities of Hadoop. The current secure implementations of Hadoop mainly utilize Kerberos, which is known to suffer from many security and performance issues, including the concentration of authentication credentials, single point of failure, and online availability. Most importantly, these Kerberos-based implementations do not guard against insider threats. In this paper, we propose an authentication framework for Hadoop that utilizes trusted platform module technology. The proposed approach provides significant security guarantees against insider threats, which manipulate the execution environment without the consent of legitimate clients. We have conducted extensive experiments to validate the performance and the security properties of our approach. The results demonstrate that the proposed approach alleviates many of the shortcomings of Kerberos-based state-of-the-art protocols and provides unique security guarantees with acceptable overhead. Moreover, we have formally proved the correctness and the security guarantees of our protocol via Burrows–Abadi–Needham logic.

TPM-Based Authentication Mechanism for Apache Hadoop

Abstract: Hadoop is an open source distributed system for data storage and parallel computations that is widely used. It is essential to ensure the security, authenticity, and integrity of all Hadoop’s entities. The current secure implementations of Hadoop rely on Kerberos, which suffers from many security and performance issues including single point of failure, online availability requirement, and concentration of authentication credentials. Most importantly, these solutions do not guard against malicious and privileged insiders. In this paper, we design and implement an authentication framework for Hadoop systems based on Trusted Platform Module (TPM) technologies. The proposed protocol not only overcomes the shortcomings of the state-of-the-art protocols, but also provides additional significant security guarantees that guard against insider threats. We analyze and compare the security features and overhead of our protocol with the state-of-the-art protocols, and show that our protocol provides better security guarantees with lower optimized overhead.

Towards 6G wireless communication networks: vision, enabling technologies, and new paradigm shifts

Abstract: The fifth generation (5G) wireless communication networks are being deployed worldwide from 2020 and more capabilities are in the process of being standardized, such as mass connectivity, ultra-reliability, and guaranteed low latency. However, 5G will not meet all requirements of the future in 2030 and beyond, and sixth generation (6G) wireless communication networks are expected to provide global coverage, enhanced spectral/energy/cost efficiency, better intelligence level and security, etc. To meet these requirements, 6G networks will rely on new enabling technologies, i.e., air interface and transmission technologies and novel network architecture, such as waveform design, multiple access, channel coding schemes, multi-antenna technologies, network slicing, cell-free architecture, and cloud/fog/edge computing. Our vision on 6G is that it will have four new paradigm shifts. First, to satisfy the requirement of global coverage, 6G will not be limited to terrestrial communication networks, which will need to be complemented with non-terrestrial networks such as satellite and unmanned aerial vehicle (UAV) communication networks, thus achieving a space-air-ground-sea integrated communication network. Second, all spectra will be fully explored to further increase data rates and connection density, including the sub-6 GHz, millimeter wave (mmWave), terahertz (THz), and optical frequency bands. Third, facing the big datasets generated by the use of extremely heterogeneous networks, diverse communication scenarios, large numbers of antennas, wide bandwidths, and new service requirements, 6G networks will enable a new range of smart applications with the aid of artificial intelligence (AI) and big data technologies. Fourth, network security will have to be strengthened when developing 6G networks. This article provides a comprehensive survey of recent advances and future trends in these four aspects. Clearly, 6G with additional technical requirements beyond those of 5G will enable faster and further communications to the extent that the boundary between physical and cyber worlds disappears.

Accessing From the Sky: A Tutorial on UAV Communications for 5G and Beyond

Abstract: Unmanned aerial vehicles (UAVs) have found numerous applications and are expected to bring fertile business opportunities in the next decade. Among various enabling technologies for UAVs, wireless communication is essential and has drawn significantly growing attention in recent years. Compared to the conventional terrestrial communications, UAVs’ communications face new challenges due to their high altitude above the ground and great flexibility of movement in the 3-D space. Several critical issues arise, including the line-of-sight (LoS) dominant UAV-ground channels and induced strong aerial-terrestrial network interference, the distinct communication quality-of-service (QoS) requirements for UAV control messages versus payload data, the stringent constraints imposed by the size, weight, and power (SWAP) limitations of UAVs, as well as the exploitation of the new design degree of freedom (DoF) brought by the highly controllable 3-D UAV mobility. In this article, we give a tutorial overview of the recent advances in UAV communications to address the above issues, with an emphasis on how to integrate UAVs into the forthcoming fifth-generation (5G) and future cellular networks. In particular, we partition our discussion into two promising research and application frameworks of UAV communications, namely UAV-assisted wireless communications and cellular-connected UAVs, where UAVs are integrated into the network as new aerial communication platforms and users, respectively. Furthermore, we point out promising directions for future research.

Health Monitoring and Management Using Internet-of-Things (IoT) Sensing with Cloud-Based Processing: Opportunities and Challenges

Abstract: Among the panoply of applications enabled by the Internet of Things (IoT), smart and connected health care is a particularly important one. Networked sensors, either worn on the body or embedded in our living environments, make possible the gathering of rich information indicative of our physical and mental health. Captured on a continual basis, aggregated, and effectively mined, such information can bring about a positive transformative change in the health care landscape. In particular, the availability of data at hitherto unimagined scales and temporal longitudes coupled with a new generation of intelligent processing algorithms can: (a) facilitate an evolution in the practice of medicine, from the current post facto diagnose-and-treat reactive paradigm, to a proactive framework for prognosis of diseases at an incipient stage, coupled with prevention, cure, and overall management of health instead of disease, (b) enable personalization of treatment and management options targeted particularly to the specific circumstances and needs of the individual, and (c) help reduce the cost of health care while simultaneously improving outcomes. In this paper, we highlight the opportunities and challenges for IoT in realizing this vision of the future of health care.

High-Resolution Monitoring of Himalayan Glacier Dynamics Using Unmanned Aerial Vehicles

Abstract: Himalayan glacier tongues are commonly debris covered and they are an important source of melt water. However, they remain relatively unstudied because of the inaccessibility of the terrain and the difficulties in field work caused by the thick debris mantles. Observations of debris-covered glaciers are therefore scarce and airborne remote sensing may bridge the gap between scarce field observations and coarse resolution space-borne remote sensing. In this study we deploy an Unmanned Aerial Vehicle (UAV) before and after the melt and monsoon season (May and October 2013) over the debris-covered tongue of the Lirung Glacier in Nepal. Based on stereo-imaging and the structure for motion algorithm we derive highly detailed ortho-mosaics and digital elevation models (DEMs), which we geometrically correct using differential GPS observations collected in the field. Based on DEM differencing and manual feature tracking we derive the mass loss and the surface velocity of the glacier at a high spatial accuracy. On average, mass loss is limited and the surface velocity is very small. However, the spatial variability of melt rates is very high, and ice cliffs and supra-glacial ponds show mass losses that can be an order of magnitude higher than the average. We suggest that future research should focus on the interaction between supra-glacial ponds, ice cliffs and englacial hydrology to further understand the dynamics of debris-covered glaciers. Finally, we conclude that UAV deployment has large potential in glaciology and it may revolutionize methods currently applied in studying glacier surface features.