Yu-Lun Huang

Learn More
In the last years there has been an increasing interest in the security of process control and SCADA systems. Furthermore, recent computer attacks such as the Stuxnet worm, have shown there are parties with the motivation and resources to effectively attack control systems. While previous work has proposed new security mechanisms for control systems, few(More)
This paper describes an approach for developing threat models for attacks on control systems. These models are useful for analyzing the actions taken by an attacker who gains access to control system assets and for evaluating the effects of the attacker’s actions on the physical process being controlled. The paper proposes models for integrity attacks and(More)
The authentication and key agreement (AKA) protocol of Universal Mobile Telecommunication System (UMTS), which is proposed to solve the vulnerabilities found in Global System for Mobile Communications (GSM) systems, is still vulnerable to redirection and man-in-the-middle attacks. An adversary can mount these attacks to eavesdrop or mischarge the(More)
The Authentication Key Agreement Scheme (AKA) of Universal Mobile Telecommunication System (UMTS) provides substantial enhancement to solve the vulnerabilities in GSM and other wireless communication systems. However, we discovered four security weaknesses of UMTS AKA, that is, redirection attack, man-in-the-middle attack, sequence number depletion, and(More)
This paper presents a wireless risk assessment method to help an administrator manage wireless network security. The assessment method consists of a risk model and an assessment measure. The risk model is in charge of modeling the wireless network risk. Security requirements, wireless attacks, and system configurations are considered in the model. The(More)
Modern obfuscation techniques are intended to discourage reverse engineering and malicious tampering of software programs. We study control-flow obfuscation, which works by modifying the control flow of the program to be obfuscated, and observe that it is difficult to evaluate the robustness of these obfuscation techniques. In this paper, we present a(More)
There is strong demand for solutions to security problems in various wireless networks, such as WiFi, WiMAX, 3GPP and WSN, not only for the individual networks themselves but also for the integration of these networks. A complete solution cannot be proposed by piecemeal proposals but requires a holistic examination of all security concerns. The solution(More)
Online social networks (OSNs) such as Facebook and MySpace are flourishing because more and more people are using OSNs to share their interests with friends. Because security and privacy issues on OSNs are major concerns, we propose a security framework for simultaneously authenticating multiple users to improve the efficiency and security of peer-to-peer(More)