**Feb. 2020 - June. 2020**
Followed up and improved a recent research about encrypted image retrieval system working on the cloud that could preserve user privacy.
**Brief introduction of system:**
* This system aims to solve the problem that in a cloud image retrieval system, the cloud server could analyse user's requests and damage user privacy.
* This system uses compressed binary CNN fully connected layer outputs to represent image features, and uses the distance among image features as the classification basis to generate a tree for retrieval. By encrypting the tree and user's requests with random matrix, the cloud server can only use encrypted features to calculate distance between user's request and tree nodes during the retrieval process, and thus the system can preserve user privacy.
**Completed improvements:**
* Because the original system's tree generation process only merges nodes with high similarity, the subtrees of the generated tree may have obvious height differences, and it will leads to low accuracy since the features of nodes with small depth in the tree will become vague. By involving new threshold and check process, the system will get a chance to merge nodes with low similarity at the right time. Experiments show that the accuracy of the modified system is 8\% higher than that of the original system on average, and when more categories of images are used, the accuracy gap between the modified system and the original system is more obvious.
* The original system's retrieval process will only pick one node which has the smallest distance with user's request at each level, so the original system doesn't perform well when there are similar nodes at the same level. By involving more (Experiments shows that the maximum of 3 nodes perform the best) similar nodes into consideration, modified system could reach higher accuracy.
**Further improvements:**
* It is inevitable that the features of nodes will become more vague during the tree generation process, and it will get worse if there are more categories of images involved, so that using tags during the tree generation process may achieve higher accuracy and it can also simplify the retrieval process.
**Apr. 2019 - May. 2019**
Analysed 500 DNS servers’ responses towards 20 different domain names with traceroute, nslookup and wireshark.
**Brief introduction:**
* This research tests 500 DNS servers provided by Hunan university, google, and different ISPs in China. The 20 tested domain names include 15 common domain names in China, 3 domain names of google and 2 inexistent domain names. By analysing these DNS servers’ reply, a series of DNS security problems has been found.
**Conclusion:**
* Different ISPs in China have different strategies toward inexistent domain names. DNS server provided by China Mobile will direct user to its ads page if requested domain name doesn’t exist while other ISPs will not.
* ISPs used to use DNS hijack to direct users to a new website with iframe that contains the original page to feed ads, which has become rare, possibly due to the wide use of content security policy and X-Frame-Options.
* A small amount(3 out of 28) of DNS servers provided by China railway telcom and DNS servers provided by Hunan university can resolve all domain names correctly, while all DNS servers provided by other ISPs will give false replies toward domain names of google.
* When users assign ”8.8.8.8” as their DNS server and query domain names of google, ISPs will analyse their requests and reply a false IP before the real DNS server
* Though DoH(DNS over Https) can stop ISPs from analysing users' queries, due to the small amount of DNS servers that accept DoH, it is still easy for ISPs to ban or substitute these DNS servers.
**Apr. 2019 - May. 2019**
Simulated different methods of DNS attacks and evaluated some approaches that could mitigate these attacks.
**Attack analysed:**
* Local DNS server cache poison
* DNS hijack based on arp spoofing
**Evaluated approaches:**
* If local DNS server uses random UDP ports for DNS queries, attackers only have slightly chance(1/(2^48)) to figure out the correct DNS query id and UDP port at the same time, and thus the possibility that the local DNS server will receive false responses from attackers is very small.
* Instead of using UDP to have DNS queries, DoT(DNS over TLS) and DoH(DNS over Https) can both encrypt DNS queries and the encrypted traffic is mixed with other normal traffic, which makes it difficult for attackers to figure out and analyse users' DNS queries.
**Apr. 2019 - Apr. 2019** PUF(physical unclonable function) is a kind of security chip that could generate unclonable output by using process variation. This project used different machine learning models(LR, SVM, CMA-ES) to predict the output of PUF. Experiments showed that LR, SVM, CMA-ES can all predict PUF's output precisely.
**Apr. 2019 - Apr. 2019** This project cracked google inception V2 model and let it make wrong prediction by adding specific noise to image samples.
**Mar. 2019 - Apr. 2019** Effectuated a switch with basic traffic forwarding function and ARP table updating function with Verilog. By evaluating the traffic (frequency and quantity of ARP packets and conflicts with original arp table) the switch could also detect potential ARP attacks.
**Feb. 2019 - Mar. 2019** Analysed suspicious traffic of common attacks and found out their features. **Suspicious traffic analysed:** * Traffic of DNS amplification attack * Traffic of SYN flood attack * Traffic of slow Dos attack
**Oct. 2018 - Dec. 2018** This project implemented an encryption tool with a series of encryption algorithms, basic key exchange function and signature function. **Implemented algorithms:** * Symmetric encryption: DES, AES * Stream cipher: RC4 * Asymmetric encryption: RSA * Hash: SHA-1, MD5 * Key exchange: DH
**Sep. 2018 - Nov. 2018** Implemented a plug-in of Xposed framework which could monitor all applications and control their behaviors. This plug-in could monitor/audit/block sensitive API calls related to user privacy by hooking all these APIs. Blacklist and whitelist were also involved in this plug-in to help manage applications.