Formal modelling and analysis of denial of services attacks in wireless sensor networks

Wireless Sensor Networks (WSNs) have attracted considerable research attention in recent years because of the perceived potential benefits offered by self-organising, multi-hop networks consisting of low-cost and small wireless devices for monitoring or control applications in di±cult environments. WSN may be deployed in hostile or inaccessible environments and are often unattended. These conditions present many challenges in ensuring that WSNs work effectively and survive long enough to fulfil their functionalities. Securing a WSN against any malicious attack is a particular challenge. Due to the limited resources of nodes, traditional routing protocols are not appropriate in WSNs and innovative methods are used to route data from source nodes to sink nodes (base stations). To evaluate the routing protocols against DoS attacks, an innovative design method of combining formal modelling and computer simulations has been proposed. This research has shown that by using formal modelling hidden bugs (e.g. vulnerability to attacks) in routing protocols can be detected automatically. In addition, through a rigorous testing, a new routing protocol, RAEED (Robust formally Analysed protocol for wirEless sEnsor networks Deployment), was developed which is able to operate effectively in the presence of hello flood, rushing, wormhole, black hole, gray hole, sink hole, INA and jamming attacks. It has been proved formally and using computer simulation that the RAEED can pacify these DoS attacks. A second contribution of this thesis relates to the development of a framework to check the vulnerability of different routing protocols against Denial of Service(DoS) attacks. This has allowed us to evaluate formally some existing and known routing protocols against various DoS attacks iand these include TinyOS Beaconing, Authentic TinyOS using uTesla, Rumour Routing, LEACH, Direct Diffusion, INSENS, ARRIVE and ARAN protocols. This has resulted in the development of an innovative and simple defence technique with no additional hardware cost for deployment against wormhole and INA attacks. In the thesis, the detection of weaknesses in INSENS, Arrive and ARAN protocols was also addressed formally. Finally, an e±cient design methodology using a combination of formal modelling and simulation is propose to evaluate the performances of routing protocols against DoS attacks

Telecommunications Networks

This book guides readers through the basics of rapidly emerging networks to more advanced concepts and future expectations of Telecommunications Networks. It identifies and examines the most pressing research issues in Telecommunications and it contains chapters written by leading researchers, academics and industry professionals. Telecommunications Networks - Current Status and Future Trends covers surveys of recent publications that investigate key areas of interest such as: IMS, eTOM, 3G/4G, optimization problems, modeling, simulation, quality of service, etc. This book, that is suitable for both PhD and master students, is organized into six sections: New Generation Networks, Quality of Services, Sensor Networks, Telecommunications, Traffic Engineering and Routing

Security Analysis of System Behaviour - From "Security by Design" to "Security at Runtime" -

The Internet today provides the environment for novel applications and processes which may evolve way beyond pre-planned scope and purpose. Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. Technical processes within critical infrastructures also have to cope with these developments. To tackle the complexity of the security analysis, the application of models is becoming standard practice. However, model-based support for security analysis is not only needed in pre-operational phases but also during process execution, in order to provide situational security awareness at runtime. This cumulative thesis provides three major contributions to modelling methodology. Firstly, this thesis provides an approach for model-based analysis and verification of security and safety properties in order to support fault prevention and fault removal in system design or redesign. Furthermore, some construction principles for the design of well-behaved scalable systems are given. The second topic is the analysis of the exposition of vulnerabilities in the software components of networked systems to exploitation by internal or external threats. This kind of fault forecasting allows the security assessment of alternative system configurations and security policies. Validation and deployment of security policies that minimise the attack surface can now improve fault tolerance and mitigate the impact of successful attacks. Thirdly, the approach is extended to runtime applicability. An observing system monitors an event stream from the observed system with the aim to detect faults - deviations from the specified behaviour or security compliance violations - at runtime. Furthermore, knowledge about the expected behaviour given by an operational model is used to predict faults in the near future. Building on this, a holistic security management strategy is proposed. The architecture of the observing system is described and the applicability of model-based security analysis at runtime is demonstrated utilising processes from several industrial scenarios. The results of this cumulative thesis are provided by 19 selected peer-reviewed papers

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Proceedings of the 22nd Conference on Formal Methods in Computer-Aided Design – FMCAD 2022

The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing

Semi-Quantum Conference Key Agreement (SQCKA)

A need in the development of secure quantum communications is the scalable extension of key distribution protocols. The greatest advantage of these protocols is the fact that its security does not rely on mathematical assumptions and can achieve perfect secrecy. In order to make these protocols scalable, has been developed the concept of Conference Key Agreements, among multiple users. In this thesis we propose a key distribution protocol among several users using a semi-quantum approach. We assume that only one of the users is equipped with quantum devices and generates quantum states, while the other users are classical, i.e., they are only equipped with a device capable of measuring or reflecting the information. This approach has the advantage of simplicity and reduced costs. We prove our proposal is secure and we present some numerical results on the lower bounds for the key rate. The security proof applies new techniques derived from some already well established work. From the practical point of view, we developed a toolkit called Qis|krypt⟩ that is able to simulate not only our protocol but also some well-known quantum key distribution protocols. The source-code is available on the following link: - https://github.com/qiskrypt/qiskrypt/.Uma das necessidades no desenvolvimento de comunicações quânticas seguras é a extensão escalável de protocolos de distribuição de chaves. A grande vantagem destes protocolos é o facto da sua segurança não depender de suposições matemáticas e poder atingir segurança perfeita. Para tornar estes protocolos escaláveis, desenvolveu-se o conceito de Acordo de Chaves de Conferência, entre múltiplos utilizadores. Nesta tese propomos um protocolo para distribuição de chaves entre vários utilizadores usando uma abordagem semi-quântica. Assumimos que apenas um dos utilizadores está equipado com dispositivos quânticos e é capaz de gerar estados quânticos, enquanto que os outros utilizadores são clássicos, isto é, estão apenas equipados com dispositivos capazes de efectuar uma medição ou refletir a informação. Esta abordagem tem a vantagem de ser mais simples e de reduzir custos. Provamos que a nossa proposta é segura e apresentamos alguns resultados numéricos sobre limites inferiores para o rácio de geração de chaves. A prova de segurança aplica novas técnicas derivadas de alguns resultados já bem estabelecidos. Do ponto de vista prático, desenvolvemos uma ferramenta chamada Qis|krypt⟩ que é capaz de simular não só o nosso protocolo como também outros protocolos distribuição de chaves bem conhecidos. O código fonte encontra-se disponível no seguinte link: - https://github.com/qiskrypt/qiskrypt/

Service introduction in an active network

Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, February 1999.Includes bibliographical references (p. 151-157).by David J. Wetherall.Ph.D