VTechWorks staff will be away for the Thanksgiving holiday beginning at noon on Wednesday, November 27, through Friday, November 29. We will resume normal operations on Monday, December 2. Thank you for your patience.

Browsing by Author "Li, Ao"

Now showing 1 - 2 of 2
  • Thumbnail Image
    MS-PTP: Protecting Network Timing from Byzantine Attacks
    Shi, Shanghao; Xiao, Yang; Du, Changlai; Shahriar, Md Hasan; Li, Ao; Zhang, Ning; Hou, Y. Thomas; Lou, Wenjing (ACM, 2023-05-29)
    Time-sensitive applications, such as 5G and IoT, are imposing increasingly stringent security and reliability requirements on network time synchronization. Precision time protocol (PTP) is a de facto solution to achieve high precision time synchronization. It is widely adopted by many industries. Existing efforts in securing the PTP focus on the protection of communication channels, but little attention has been given to the threat of malicious insiders. In this paper, we first present the security vulnerabilities of PTP and discuss why the current defense mechanisms are unable to counter Byzantine insiders. We demonstrate how a malicious insider can spoof a time source to arbitrarily shift the system time of a victim node on an IoT testbed.We further demonstrate the harmful consequence of the attack on a real Turtlebot3 robotic platform as the robot fails to locate itself and follows a false trajectory. As a countermeasure, we propose multi-source PTP, in short, MS-PTP, a Byzantine-resilient network time synchronization mechanism that relies on time crowdsourcing. MS-PTP changes the current PTP’s single source hierarchy to a multi-source client-server architecture, in which PTP clients take responses from multiple time servers and apply a novel secure aggregation scheme to eliminate the effect of malicious responses from unreliable sources. MS-PTP is able to counter 𝑓 Byzantine failures when the total number of time sources 𝑛 used by a client satisfies 𝑛 ≥ 3𝑓 + 1. We provide rigorous proof for its non-parametric accuracy guarantee—achieving bounded error regardless of the Byzantine population. We implemented a prototype of MS-PTP on our IoT testbed and the results show its resilience against Byzantine insiders while maintaining high synchronization accuracy.
  • Thumbnail Image
    Software and Behavior Diversification for Swarm Robotics Systems
    Li, Ao; Chang, Sinyin; Li, Guorui; Chang, Yuanhaur; Fisher, Nathan; Chantem, Thidapat (Tam) (ACM, 2023-11-26)
    Inspired by natural swarms, swarm robotics systems are used in safety-critical tasks due to their scalability, redundancy, and adaptability. However, their design exposes them to two primary vulnerabilities. First, their homogeneity makes them vulnerable to large-scale attacks. Second, logical flaws within swarm algorithms can be exploited, leading to mission failures or crashes. While existing studies can effectively identify these vulnerabilities using system testing and verification, they are often time-consuming and might require repetition following software updates. To this end, we propose a complementary, two-level diversification approach. The first level tackles system homogeneity through software diversification. The second level introduces algorithmic randomness to minimize the exploitability of logical flaws. By leveraging a social force model, we can ensure that the introduced randomized behaviors do not compromise safety. Our evaluations show that the performance overheads remain within acceptable limits, notably at 2% for missions characterized by self-organizing behaviors.