Ad hoc network security and modeling with stochastic petri nets

Advances in wireless technology and portable computing along with demands for high user mobility have provided a major promotion toward the development of ad hoc networks. These networks feature dynamic topology, self-organization, limited bandwidth and battery power of a node. Unlike the existing commercial wireless systems and fixed infrastructure networks, they do not rely on specialized routers for path discovery and traffic routing. Security is an important issue in such networks. Typically, mobile nodes are significantly more susceptible to physical attacks than their wired counterparts. This research intends to investigate the ad hoc network routing security by proposing a performance enhanced Secure ad hoc On-demand Routing protocol (SOR). Specifically, it presents a method to embed Security Level into ad hoc on-demand routing protocols using node-disjoint multipath, and to use maximum hopcount to restrict the number of routing packets in a specific area. The proposed scheme enables the use of security as a marked factor to improve the relevance of the routes discovered by ad hoc routing protocols. It provides customizable security to the flow of routing protocol messages. In general, SOR offers an alternative way to implement security in on-demand routing protocols. Ad hoc network is too complex to allow analytical study for explicit performance expressions. This research presents a Stochastic Petri net-based approach to modeling and analysis of mobile ad hoc network. This work illustrates how this model is built as a scalable model and used to exploit the characteristics of the networks. The proposed scheme is a powerful analytical model that can be used to derive network performance much more easily than a simulation-based approach. Furthermore, the proposed model is extended to study the performance of ad hoc network security by adding multipath selection and security measurement parameters. This research gives a quantificational measurement to analyze the performance of a modified SPN model under the effect of multipath and attack of a hypothetical compromised node

Seventh Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools, Aarhus, Denmark, October 24-26, 2006

This booklet contains the proceedings of the Seventh Workshop on Practical Use of Coloured Petri Nets and the CPN Tools, October 24-26, 2006. The workshop is organised by the CPN group at the Department of Computer Science, University of Aarhus, Denmark. The papers are also available in electronic form via the web pages: http://www.daimi.au.dk/CPnets/workshop0

DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees

This paper presents the current state of the art on attack and defense modeling approaches that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical decomposition of complex scenarios into simple, easily understandable and quantifiable actions. Methods based on threat trees and Bayesian networks are two well-known approaches to security modeling. However there exist more than 30 DAG-based methodologies, each having different features and goals. The objective of this survey is to present a complete overview of graphical attack and defense modeling techniques based on DAGs. This consists of summarizing the existing methodologies, comparing their features and proposing a taxonomy of the described formalisms. This article also supports the selection of an adequate modeling technique depending on user requirements

Petri Net Based Model for Protocol Damage Detection and Protection

In this thesis we investigate the vulnerabilities present in protocols and the damage that can arise if these vulnerabilities are exploited by a malicious node. In particular, we model protocols using Petri nets. Petri nets allow us to simulate the protocols and reason about them. Attacks are also modeled using Petri nets. We develop a tool to correlate the protocol Petri net and the attack Petri net to identify the worst vulnerability in the protocol and a payoff function is applied to measure the potential damage. Once the weak link in the protocol is identified, we propose approaches to reduce or eliminate the identified vulnerability. The modified protocol is also modeled as a Petri net.Computer Science Departmen

Eighth Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools, Aarhus, Denmark, October 22-24, 2007

This booklet contains the proceedings of the Eighth Workshop on Practical Use of Coloured Petri Nets and the CPN Tools, October 22-24, 2007. The workshop is organised by the CPN group at the Department of Computer Science, University of Aarhus, Denmark. The papers are also available in electronic form via the web pages: http://www.daimi.au.dk/CPnets/workshop0