A Probabilistic Characterization of Random and Malicious Communication Failures in Multi-Hop Networked Control

The control problem of a linear discrete-time dynamical system over a multi-hop network is explored. The network is assumed to be subject to packet drops by malicious and nonmalicious nodes as well as random and malicious data corruption issues. We utilize asymptotic tail-probability bounds of transmission failure ratios to characterize the links and paths of a network as well as the network itself. This probabilistic characterization allows us to take into account multiple failures that depend on each other, and coordinated malicious attacks on the network. We obtain a sufficient condition for the stability of the networked control system by utilizing our probabilistic approach. We then demonstrate the efficacy of our results in different scenarios concerning transmission failures on a multi-hop network.Comment: Correct typos in Sections 3-6. Make changes in the proofs of Theorems 3.4 and 4.

Networked Control under Random and Malicious Packet Losses

We study cyber security issues in networked control of a linear dynamical system. Specifically, the dynamical system and the controller are assumed to be connected through a communication channel that face malicious attacks as well as random packet losses due to unreliability of transmissions. We provide a probabilistic characterization for the link failures which allows us to study combined effects of malicious and random packet losses. We first investigate almost sure stabilization under an event-triggered control law, where we utilize Lyapunov-like functions to characterize the triggering times at which the plant and the controller attempt to exchange state and control data over the network. We then provide a look at the networked control problem from the attacker's perspective and explore malicious attacks that cause instability. Finally, we demonstrate the efficacy of our results with numerical examples

Analysis of Stochastic Switched Systems with Application to Networked Control Under Jamming Attacks

We investigate the stability problem for discrete-time stochastic switched linear systems under the specific scenarios where information about the switching patterns and the probability of switches are not available. Our analysis focuses on the average number of times each mode becomes active in the long run and, in particular, utilizes their lower- and upper-bounds. This setup is motivated by cyber security issues for networked control systems in the presence of packet losses due to malicious jamming attacks where the attacker's strategy is not known a priori. We derive a sufficient condition for almost sure asymptotic stability of the switched systems which can be examined by solving a linear programming problem. Our approach exploits the dynamics of an equivalent system that describes the evolution of the switched system's state at every few steps; the stability analysis may become less conservative by increasing the step size. The computational efficiency is further enhanced by exploiting the structure in the stability analysis problem, and we introduce an alternative linear programming problem that has fewer variables. We demonstrate the efficacy of our results by analyzing networked control problems where communication channels face random packet losses as well as jamming attacks.Comment: Change title of Section 3; Resize figure

P2P-PL: A Pattern Language to Design Efficient and Robust Peer-to-Peer Systems

To design peer-to-peer (P2P) software systems is a challenging task, because of their highly decentralized nature, which may cause unexpected emergent global behaviors. The last fifteen years have seen many P2P applications to come out and win favor with millions of users. From success histories of applications like BitTorrent, Skype, MyP2P we have learnt a number of useful design patterns. Thus, in this article we present a P2P pattern language (shortly, P2P-PL) which encompasses all the aspects that a fully effective and efficient P2P software system should provide, namely consistency of stored data, redundancy, load balancing, coping with asymmetric bandwidth, decentralized security. The patterns of the proposed P2P-PL are described in detail, and a composition strategy for designing robust, effective and efficient P2P software systems is proposed.Comment: 43 pages, 27 figure

An Efficient Security Mechanism for High-Integrity Wireless Sensor Networks

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Unfortunately, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes and intentional compromise of nodes by an insider attack in a WSN pose particularly difficult challenges to security engineers as these attacks cannot be defended by traditional cryptography-based mechanisms. In this paper, a security solution is proposed for detecting compromised and faulty nodes in a WSN. The mechanism also isolates a compromised node from the network so that it cannot participate in any network activity. The proposed mechanism is based on misbehavior classification, behaviour monitoring and trust management. It involves minimum computation and communication overhead and is ideally suited for a resource-constrained, high-integrity WSN.Comment: 9 pages, 1 figure. Proceedings of the International Conference on Advances in Information and Communication Technologies (ICICOT), Manipal, India, December 28-30, 2007, pp. 86 - 9

Resilient Monitoring in Heterogeneous Multi-robot Systems through Network Reconfiguration

We propose a framework for resilience in a networked heterogeneous multi-robot team subject to resource failures. Each robot in the team is equipped with resources that it shares with its neighbors. Additionally, each robot in the team executes a task, whose performance depends on the resources to which it has access. When a resource on a particular robot becomes unavailable (\eg a camera ceases to function), the team optimally reconfigures its communication network so that the robots affected by the failure can continue their tasks. We focus on a monitoring task, where robots individually estimate the state of an exogenous process. We encode the end-to-end effect of a robot's resource loss on the monitoring performance of the team by defining a new stronger notion of observability -- \textit{one-hop observability}. By abstracting the impact that {low-level} individual resources have on the task performance through the notion of one-hop observability, our framework leads to the principled reconfiguration of information flow in the team to effectively replace the lost resource on one robot with information from another, as long as certain conditions are met. Network reconfiguration is converted to the problem of selecting edges to be modified in the system's communication graph after a resource failure has occurred. A controller based on finite-time convergence control barrier functions drives each robot to a spatial location that enables the communication links of the modified graph. We validate the effectiveness of our framework by deploying it on a team of differential-drive robots estimating the position of a group of quadrotors.Comment: 12 pages, 5 figure

Exploiting the power of multiplicity: a holistic survey of network-layer multipath

The Internet is inherently a multipath network---for an underlying network with only a single path connecting various nodes would have been debilitatingly fragile. Unfortunately, traditional Internet technologies have been designed around the restrictive assumption of a single working path between a source and a destination. The lack of native multipath support constrains network performance even as the underlying network is richly connected and has redundant multiple paths. Computer networks can exploit the power of multiplicity to unlock the inherent redundancy of the Internet. This opens up a new vista of opportunities promising increased throughput (through concurrent usage of multiple paths) and increased reliability and fault-tolerance (through the use of multiple paths in backup/ redundant arrangements). There are many emerging trends in networking that signify that the Internet's future will be unmistakably multipath, including the use of multipath technology in datacenter computing; multi-interface, multi-channel, and multi-antenna trends in wireless; ubiquity of mobile devices that are multi-homed with heterogeneous access networks; and the development and standardization of multipath transport protocols such as MP-TCP. The aim of this paper is to provide a comprehensive survey of the literature on network-layer multipath solutions. We will present a detailed investigation of two important design issues, namely the control plane problem of how to compute and select the routes, and the data plane problem of how to split the flow on the computed paths. The main contribution of this paper is a systematic articulation of the main design issues in network-layer multipath routing along with a broad-ranging survey of the vast literature on network-layer multipathing. We also highlight open issues and identify directions for future work

A Survey of Distributed Consensus Protocols for Blockchain Networks

Since the inception of Bitcoin, cryptocurrencies and the underlying blockchain technology have attracted an increasing interest from both academia and industry. Among various core components, consensus protocol is the defining technology behind the security and performance of blockchain. From incremental modifications of Nakamoto consensus protocol to innovative alternative consensus mechanisms, many consensus protocols have been proposed to improve the performance of the blockchain network itself or to accommodate other specific application needs. In this survey, we present a comprehensive review and analysis on the state-of-the-art blockchain consensus protocols. To facilitate the discussion of our analysis, we first introduce the key definitions and relevant results in the classic theory of fault tolerance which help to lay the foundation for further discussion. We identify five core components of a blockchain consensus protocol, namely, block proposal, block validation, information propagation, block finalization, and incentive mechanism. A wide spectrum of blockchain consensus protocols are then carefully reviewed accompanied by algorithmic abstractions and vulnerability analyses. The surveyed consensus protocols are analyzed using the five-component framework and compared with respect to different performance metrics. These analyses and comparisons provide us new insights in the fundamental differences of various proposals in terms of their suitable application scenarios, key assumptions, expected fault tolerance, scalability, drawbacks and trade-offs. We believe this survey will provide blockchain developers and researchers a comprehensive view on the state-of-the-art consensus protocols and facilitate the process of designing future protocols.Comment: Accepted by the IEEE Communications Surveys and Tutorials for publicatio

Security and Privacy Challenges in Cognitive Wireless Sensor Networks

Wireless sensor networks (WSNs) have attracted a lot of interest in the research community due to their potential applicability in a wide range of real-world practical applications. However, due to the distributed nature and their deployments in critical applications without human interventions and sensitivity and criticality of data communicated, these networks are vulnerable to numerous security and privacy threats that can adversely affect their performance. These issues become even more critical in cognitive wireless sensor networks (CWSNs) in which the sensor nodes have the capabilities of changing their transmission and reception parameters according to the radio environment under which they operate in order to achieve reliable and efficient communication and optimum utilization of the network resources. This chapter presents a comprehensive discussion on the security and privacy issues in CWSNs by identifying various security threats in these networks and various defense mechanisms to counter these vulnerabilities. Various types of attacks on CWSNs are categorized under different classes based on their natures and targets, and corresponding to each attack class, appropriate security mechanisms are also discussed. Some critical research issues on security and privacy in CWSNs are also identified.Comment: 36 pages, 4 figures, 2 tables. The book chapter is accepted for publication in 201

Stabilization of Networked Control Systems under DoS Attacks and Output Quantization

This paper addresses quantized output feedback stabilization under Denial-of-Service (DoS) attacks. First, assuming that the duration and frequency of DoS attacks are averagely bounded and that an initial bound of the plant state is known, we propose an output encoding scheme that achieves exponential convergence with finite data rates. Next we show that a suitable state transformation allows us to remove the assumption on the DoS frequency. Finally, we discuss the derivation of state bounds under DoS attacks and obtain sufficient conditions on the bounds of DoS duration and frequency for achieving Lyapunov stability of the closed-loop system.Comment: We have added new results in Sections 3.6 and