1,237 research outputs found
A New Method for Assessing the Resiliency of Large, Complex Networks
Designing resilient and reliable networks is a principle concern of planners and private firms. Traffic congestion whether recurring or as the result of some aperiodic event is extremely costly. This paper describes an alternative process and a model for analyzing the resiliency of networks that address some of the shortcomings of more traditional approaches – e.g., the four-step modeling process used in transportation planning. It should be noted that the authors do not view this as a replacement to current approaches but rather as a complementary tool designed to augment analysis capabilities. The process that is described in this paper for analyzing the resiliency of a network involves at least three steps: 1. assessment or identification of important nodes and links according to different criteria 2. verification of critical nodes and links based on failure simulations and 3. consequence. Raster analysis, graph-theory principles and GIS are used to develop a model for carrying out each of these steps. The methods are demonstrated using two, large interdependent networks for a metropolitan area in the United States.
HaG: Hash graph based key predistribution scheme for multiphase wireless sensor networks
Wireless Sensor Networks (WSN) consist of small sensor nodes which operate until their energy reserve is depleted. These nodes are generally deployed to the environments where network lifespan is much longer than the lifetime of a node. Therefore, WSN are typically operated in a multiphase fashion, as in [1-3, 9-10], which use different key pools for nodes deployed at different generations. In multiphase WSN, new nodes are periodically deployed to the environment to ensure constant local and global network connectivity. Also, key ring of these newly deployed nodes is selected from their deployment generation key pool to improve the resiliency of WSN. In this paper, we propose a key predistribution scheme for multiphase WSN which is resilient against permanent and temporary node capture attacks. In our Hash Graph based (HaG) scheme, every generation has its own key pool which is generated using the key pool of the previous generation. This allows nodes deployed at different generations to have the ability to establish secure channels. Likewise, a captured node can only be used to obtain keys for a limited amount of successive generations. We compare the connectivity and resiliency performance of our scheme with other multiphase key predistribution schemes and show that our scheme performs better when the attack rate is low. When the attack rate is high, our scheme still has better resiliency performance inasmuch as using less key ring size compared to the existing multiphase schemes
PADS: Practical Attestation for Highly Dynamic Swarm Topologies
Remote attestation protocols are widely used to detect device configuration
(e.g., software and/or data) compromise in Internet of Things (IoT) scenarios.
Unfortunately, the performances of such protocols are unsatisfactory when
dealing with thousands of smart devices. Recently, researchers are focusing on
addressing this limitation. The approach is to run attestation in a collective
way, with the goal of reducing computation and communication. Despite these
advances, current solutions for attestation are still unsatisfactory because of
their complex management and strict assumptions concerning the topology (e.g.,
being time invariant or maintaining a fixed topology). In this paper, we
propose PADS, a secure, efficient, and practical protocol for attesting
potentially large networks of smart devices with unstructured or dynamic
topologies. PADS builds upon the recent concept of non-interactive attestation,
by reducing the collective attestation problem into a minimum consensus one. We
compare PADS with a state-of-the art collective attestation protocol and
validate it by using realistic simulations that show practicality and
efficiency. The results confirm the suitability of PADS for low-end devices,
and highly unstructured networks.Comment: Submitted to ESORICS 201
Efficient Interconnectivity Among Networks Under Security Constraint
Interconnectivity among networks is essential for enhancing communication capabilities of networks such as the expansion of geographical range, higher data rate, etc. However, interconnections may initiate vulnerability (e.g., cyber attacks) to a secure network due to introducing gateways and opportunities for security attacks such as malware, which may propagate from the less secure network. In this paper, the interconnectivity among subnetworks is maximized under the constraint of security risk. The dynamics of propagation of security risk is modeled by the evil-rain influence model and the SIR (Susceptible-Infected-Recovered) epidemic model. Through extensive numerical simulations using different network topologies and interconnection patterns, it is shown that the efficiency of interconnectivity increases nonlinearly and vulnerability increases linearly with the number of interconnections among subnetworks. Finally, parametric models are proposed to find the number of interconnections for any given efficiency of interconnectivity and vulnerability of the secure network
Impact of Topology on Service Availability in a Smart Grid Advanced Metering Infrastructure
over the last decade, Wireless Sensor Networks (WSNs) have brought radical changes to the means and forms of communication for monitoring and control of a large number of applications including Smart Grid (SG). Traditional energy networks have been modernized to Smart Grids to boost the energy industry in the context of efficient and effective power management, performance, real-time control and information flow using two-way communication between utility provides and end-users. However, integrating two-way communication in smart grid comes at the cost of cyber security vulnerabilities and challenges. In the context of SG, node capture is a severe security threat due to the fact that a compromised node can significantly impact the operations and security of the SG network. In this paper, node compromise attack is explored on Advance Metering Infrastructure (AMI) with smart meters for Neighbor Area Networks (NANs) in star and mesh network topologies. Simulation of node compromise/failure for a SG network, using ZigBee nodes in simulation indicates that a partial mesh topology is more resilient to node capture attacks as compared to star topology. A larger number of nodes are reachable from the control center of the SG in a partial mesh topology compared to that in a star topology
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
- …