Data Leak Detection As a Service: Challenges and Solutions

We describe a network-based data-leak detection (DLD) technique, the main feature of which is that the detection does not require the data owner to reveal the content of the sensitive data. Instead, only a small amount of specialized digests are needed. Our technique – referred to as the fuzzy fingerprint – can be used to detect accidental data leaks due to human errors or application flaws. The privacy-preserving feature of our algorithms minimizes the exposure of sensitive data and enables the data owner to safely delegate the detection to others.We describe how cloud providers can offer their customers data-leak detection as an add-on service with strong privacy guarantees. We perform extensive experimental evaluation on the privacy, efficiency, accuracy and noise tolerance of our techniques. Our evaluation results under various data-leak scenarios and setups show that our method can support accurate detection with very small number of false alarms, even when the presentation of the data has been transformed. It also indicates that the detection accuracy does not degrade when partial digests are used. We further provide a quantifiable method to measure the privacy guarantee offered by our fuzzy fingerprint framework

A collaborative trust management scheme for emergency communication using delay tolerant networks

Delay Tolerant Network (DTN) comprises of nodes with small and limited resources including power and memory capacity. We propose the use of DTN as an alternate means of communication for the dissemination of emergency information in a post-disaster evacuation operation. We investigate the performance of DTN in providing emergency communication support services under packet dropping attacks. We consider internally motivated attacks where the nodes that are part of the emergency rescue team are compromised with malicious behaviours thereby dropping packets to disrupt the message dissemination during the evacuation operation. A way to mitigating malicious behaviour and improve network performance of DTN is to use incentives in exchanging information between nodes. Unlike existing schemes, we consider the Basic Watchdog Detection System which detects and acts against misbehaving nodes to reduce their overall impact on the network performance. We design a Collaborative Trust Management Scheme (CTMS) which is based on the Bayesian detection watchdog approach to detect selfish and malicious behaviour in DTN nodes. We have evaluated our proposed CTMS through extensive simulations and compared our results with the other existing schemes. Our evaluations show that the use of adequate collaborative strategies between well behaved nodes could improve the performance of Watchdog schemes taking into account the delivery ratio, routing cost and the message delay from the source node to the destination node

A collaborative trust management scheme for emergency communication using delay tolerant networks

Delay Tolerant Network (DTN) comprises of nodes with small and limited resources including power and memory capacity. We propose the use of DTN as an alternate means of communication for the dissemination of emergency information in a post-disaster evacuation operation. We investigate the performance of DTN in providing emergency communication support services under packet dropping attacks. We consider internally motivated attacks where the nodes that are part of the emergency rescue team are compromised with malicious behaviours thereby dropping packets to disrupt the message dissemination during the evacuation operation. A way to mitigating malicious behaviour and improve network performance of DTN is to use incentives in exchanging information between nodes. Unlike existing schemes, we consider the Basic Watchdog Detection System which detects and acts against misbehaving nodes to reduce their overall impact on the network performance. We design a Collaborative Trust Management Scheme (CTMS) which is based on the Bayesian detection watchdog approach to detect selfish and malicious behaviour in DTN nodes. We have evaluated our proposed CTMS through extensive simulations and compared our results with the other existing schemes. Our evaluations show that the use of adequate collaborative strategies between well behaved nodes could improve the performance of Watchdog schemes taking into account the delivery ratio, routing cost and the message delay from the source node to the destination node

Information-centric communication in mobile and wireless networks

Information-centric networking (ICN) is a new communication paradigm that has been proposed to cope with drawbacks of host-based communication protocols, namely scalability and security. In this thesis, we base our work on Named Data Networking (NDN), which is a popular ICN architecture, and investigate NDN in the context of wireless and mobile ad hoc networks. In a first part, we focus on NDN efficiency (and potential improvements) in wireless environments by investigating NDN in wireless one-hop communication, i.e., without any routing protocols. A basic requirement to initiate informationcentric communication is the knowledge of existing and available content names. Therefore, we develop three opportunistic content discovery algorithms and evaluate them in diverse scenarios for different node densities and content distributions. After content names are known, requesters can retrieve content opportunistically from any neighbor node that provides the content. However, in case of short contact times to content sources, content retrieval may be disrupted. Therefore, we develop a requester application that keeps meta information of disrupted content retrievals and enables resume operations when a new content source has been found. Besides message efficiency, we also evaluate power consumption of information-centric broadcast and unicast communication. Based on our findings, we develop two mechanisms to increase efficiency of information-centric wireless one-hop communication. The first approach called Dynamic Unicast (DU) avoids broadcast communication whenever possible since broadcast transmissions result in more duplicate Data transmissions, lower data rates and higher energy consumption on mobile nodes, which are not interested in overheard Data, compared to unicast communication. Hence, DU uses broadcast communication only until a content source has been found and then retrieves content directly via unicast from the same source. The second approach called RC-NDN targets efficiency of wireless broadcast communication by reducing the number of duplicate Data transmissions. In particular, RC-NDN is a Data encoding scheme for content sources that increases diversity in wireless broadcast transmissions such that multiple concurrent requesters can profit from each others’ (overheard) message transmissions. If requesters and content sources are not in one-hop distance to each other, requests need to be forwarded via multi-hop routing. Therefore, in a second part of this thesis, we investigate information-centric wireless multi-hop communication. First, we consider multi-hop broadcast communication in the context of rather static community networks. We introduce the concept of preferred forwarders, which relay Interest messages slightly faster than non-preferred forwarders to reduce redundant duplicate message transmissions. While this approach works well in static networks, the performance may degrade in mobile networks if preferred forwarders may regularly move away. Thus, to enable routing in mobile ad hoc networks, we extend DU for multi-hop communication. Compared to one-hop communication, multi-hop DU requires efficient path update mechanisms (since multi-hop paths may expire quickly) and new forwarding strategies to maintain NDN benefits (request aggregation and caching) such that only a few messages need to be transmitted over the entire end-to-end path even in case of multiple concurrent requesters. To perform quick retransmission in case of collisions or other transmission errors, we implement and evaluate retransmission timers from related work and compare them to CCNTimer, which is a new algorithm that enables shorter content retrieval times in information-centric wireless multi-hop communication. Yet, in case of intermittent connectivity between requesters and content sources, multi-hop routing protocols may not work because they require continuous end-to-end paths. Therefore, we present agent-based content retrieval (ACR) for delay-tolerant networks. In ACR, requester nodes can delegate content retrieval to mobile agent nodes, which move closer to content sources, can retrieve content and return it to requesters. Thus, ACR exploits the mobility of agent nodes to retrieve content from remote locations. To enable delay-tolerant communication via agents, retrieved content needs to be stored persistently such that requesters can verify its authenticity via original publisher signatures. To achieve this, we develop a persistent caching concept that maintains received popular content in repositories and deletes unpopular content if free space is required. Since our persistent caching concept can complement regular short-term caching in the content store, it can also be used for network caching to store popular delay-tolerant content at edge routers (to reduce network traffic and improve network performance) while real-time traffic can still be maintained and served from the content store

Opportunistic Data Gathering and Dissemination in Urban Scenarios

In the era of the Internet of Everything, a user with a handheld or wearable device equipped with sensing capability has become a producer as well as a consumer of information and services. The more powerful these devices get, the more likely it is that they will generate and share content locally, leading to the presence of distributed information sources and the diminishing role of centralized servers. As of current practice, we rely on infrastructure acting as an intermediary, providing access to the data. However, infrastructure-based connectivity might not always be available or the best alternative. Moreover, it is often the case where the data and the processes acting upon them are of local scopus. Answers to a query about a nearby object, an information source, a process, an experience, an ability, etc. could be answered locally without reliance on infrastructure-based platforms. The data might have temporal validity limited to or bounded to a geographical area and/or the social context where the user is immersed in. In this envisioned scenario users could interact locally without the need for a central authority, hence, the claim of an infrastructure-less, provider-less platform. The data is owned by the users and consulted locally as opposed to the current approach of making them available globally and stay on forever. From a technical viewpoint, this network resembles a Delay/Disruption Tolerant Network where consumers and producers might be spatially and temporally decoupled exchanging information with each other in an adhoc fashion. To this end, we propose some novel data gathering and dissemination strategies for use in urban-wide environments which do not rely on strict infrastructure mediation. While preserving the general aspects of our study and without loss of generality, we focus our attention toward practical applicative scenarios which help us capture the characteristics of opportunistic communication networks

Proceedings of the Third International Mobile Satellite Conference (IMSC 1993)

Satellite-based mobile communications systems provide voice and data communications to users over a vast geographic area. The users may communicate via mobile or hand-held terminals, which may also provide access to terrestrial cellular communications services. While the first and second International Mobile Satellite Conferences (IMSC) mostly concentrated on technical advances, this Third IMSC also focuses on the increasing worldwide commercial activities in Mobile Satellite Services. Because of the large service areas provided by such systems, it is important to consider political and regulatory issues in addition to technical and user requirements issues. Topics covered include: the direct broadcast of audio programming from satellites; spacecraft technology; regulatory and policy considerations; advanced system concepts and analysis; propagation; and user requirements and applications

On social and technical aspects of managing mobile Ad-hoc communities

Soziale Software beschreibt eine Klasse von Anwendungen, die es Benutzern erlaubt ueber das Internet mit Freunden zu kommunizieren und Informationen auszutauschen. Mit zunehmender Leistungsfaehigkeit mobiler Prozessoren verwandeln sich Mobiltelefone in vollwertige Computer und eroeffnen neue Moeglichkeiten fuer die mobile Nutzung sozialer Software. Da Menschen Mobiltelefone haeufig bei sich fuehren, koennen vergleichbare mobile Anwendungen staerker auf ihre unmittelbare Umgebungssituation zugeschnitten werden. Moegliche Szenarien sind die Unterstuetzung realer Treffen und damit verbundenen Mitgliederinteraktionen. Client-Server-Plattformen, die dabei haeufig zum Einsatz kommen wurden allerdings nie fuer solche hochflexiblen Gruppensituationen konstruiert. Mobile Encounter Netzwerke (MENe) verprechen hier mehr Flexibilitaet. Ein MEN stellt eine mobiler Peer-to-Peer-Plattformen dar, das ueber ein kurzreichweitiges Funknetz betrieben wird. Mit diesem Netzwerk werden Beitraege ueber einen raeumlichen Diffusionsprozess von einem mobilen Endgeraet zum naechsten verbreitet. Das hat zwei entscheidende Vorteile: Zunaechst ist der direkte Nachrichtenaustausch besser geeignet zur Verbreitung von situationsspezifischer Information, da die Informationsrelevanz mit ihrer Entfehrnung abnimmt. Gleichzeitig koennen aber auch Inhalte, die fuer einen breiten Interessenkreis bestimmt sind ueber Mitglieder mit herausragenden Mobilitaetscharakteristik in weit entfernte Gebiete transportiert werden. Ein Nachteil ist jedoch der hohe Ressourcenverbrauch. Zur Loesung dieses Problems entwickeln wir ein Rahmenwerk zur Unterstuetzung mobiler ad-hoc Gruppen, das es uns erlaubt, Gruppensynergien gezielt auszunutzen. Dieses Rahmenwerk bietet Dienstleistungen zur Verwaltung der Gruppendynamik und zur Verbreitung von Inhalten an. Mittels soziale Netzwerkanalyse wird die technische Infrastruktur ohne notwendige Benutzereingriffe kontinuierlich an die reale Umgebungssituation angepasst. Dabei werden moegliche Beziehungen zwischen benachbarten Personen anhand frueher Begegnungen analysiert, spontane Gruppenbildungen mit Clusterverfahren identifiziert und jedem Gruppenmitglied eine geeignete Rolle durch eine Positionsanalyse zugewiesen. Eine Grundvorraussetzung fuer eine erfolgreiche Kooperation ist ein effizienter Wissensaustausch innerhalb einer Gemeinschaft. Wie die Small World-Theorie zeigt, koennen Menschen Wissen auch dann effizient verbreiten, wenn ihre Entscheidung nur auf lokaler Umgebungsinformation basiert. Verschiedene Forscher machten sich das zu nutze, indem sie kurze Verbreitungspfade durch eine Verkettung hochvernetzter Mitglieder innerhalb einer Gemeinschaft konstruierten. Allerdings laesst sich dieses Verfahren nicht einfach auf MENe uebertragen, da die Transferzeit im Gegensatz zu dem drahtgebundenen Internet beschraenkt ist. Unser Ansatz beruht daher, auf der von Reagan et al. vorgestellten Least Effort Transfer-Hypothese. Diese Hypothese besagt, dass Menschen Wissen nur dann weitergeben, wenn sich der Aufwand zur Informationsuebertragung innerhalb bestimmter Grenzen bewegt. Eine erfolgreiche Wissensuebertragung haengt in diesem Fall vom Hintergrundwissen aller Beteiligter ab, was wiederum von unterschiedlichen kognitiven und sozialen Faktoren abhaengt. Entsprechend leiten wir ein Diffusionsverfahren ab, dass in der Lage ist, Inhalte in verschiedene Kompexitaetstufen einzuteilen und Datenuebertragungen an die vorgefundene soziale Situation anzupassen. Mit einem Prototyp evaluieren wir die Machbarkeit der Gruppen- und Informationsmanagementkomponente unseres Rahmenwerkes. Da Laborexperimente keinen ausreichenden Aufschluss ueber Diffusionseigenschaften im groesseren Massstab geben koennen, simulieren wir die Beitragsdiffusion. Dazu dient uns eine Verkehrsimulation, bei der Agenten zusaetzlich mit aktivitaetsbezogenen, sozialen und territorialen Modellen erweitern werden. Um eine realitaetsnahe Simulation zu gewaehrleisten, werden diese Modelle in Uebereinstimmung mit verschiedenen Studien zum Stadtleben generiert. Der technische Uebertragungsprozess wird anhand der Ergebnisse einer vorangegangenen Prototypuntersuchung parametrisiert. Waehrend eines Simulationslaufes bewegen sich Agenten auf einem Stadtplan und sammeln Kontakt- und Beitragsdaten. Analysiert man anschliessend die Netzwerktopologie auf Small World-Eigenschaften, so findet man eine Netzstruktur mit einer ausgepraegten Neigung zum Clustering (Freundschaftsnetzwerke) und einer ueberdurschnittlichen kurzen Weglaenge. Offensichtlich reicht die Alltagsmobilitaet aus, um ausreichend viele Verknuepfungen zwischen Gemeinschaftmitgliedern zu bilden. Die nachfolgende Diffusionsanalyse zeigt, dass vergleichbare Reichweiten wie bei einem flutungsbasierten Ansatz erzielt werden, allerdings mit anfaenglichen Verzoegerungen. Da unser Verfahren bei einem Ortswechsel die Anzahl der Informationsuebermittler auf zentrale Gruppenmitglieder begrenzt, steht mehr Bandbreite fuer den Datenaustausch zur Verfuegung. Herkoemliche Mitglieder (ohne Leitungsaufgaben) tauschen Inhalte vornehmlich in zeitunkritschen Situationen aus. Das hat den positiven Nebeneffekt, dass im Cache erheblich weniger Kopien aussortiert werden muessen. Wechselt man waehrend der Simulation die Beitragskategorie so erkennt man, dass zeitabhaengige Inhalte besser ueber regelmaessige Kontakte und zeitunabhaengig Inhalte durch zufaellige Kontakte verbreitet werden. Eine abschliessende Precision-Recall Analyse zeigt, dass herkoemmliche Gruppenmitglieder eine bessere Genauigkeit (Precision), und zentrale Mitglieder eine bessere Trefferquote (Recall) im Vergleich zu traditionellen Ansaetzen besitzen. Eine Erklaerung dafuer ist, dass der von uns gewaehlte gruppenbasierte Cacheansatz zu weniger Saeuberungszyklen aller Gruppenmitglieder fuehrt und somit nachhaltiger ausgerichtet ist.Social software encompasses a range of software systems that allow users to interact and share data. This computer-mediated communication has become very popular with social networking sites like Facebook and Twitter. The evolvement of smart phones toward mobile computers opens new possibilities to use social software also in mobile usage scenarios. Since mobile phones are permanently carried by their owners, the support focus is, however, much stronger set on promoting and augmenting real group gatherings. Traditional client-server platforms are not flexible enough to support complex and dynamic human encounter behavior. Mobile encounter networks (MENs) which represent a mobile peer-to-peer platform on top of a short range wireless network promise better flexibility. MENs diffuse content from neighbor-to-neighbor in a spatial diffusion process. For physical group gatherings this is advantageous for two reasons. Direct device-to-device interactions encourage sharing of situation-dependent content. Moreover, content is not necessarily locked within friend groups and may trigger networking effects by reaching larger audiences through user mobility. One disadvantage is, however, the high resource usage. We develop a social software framework for mobile ad-hoc groups, which partly solves this problem. This framework supports services for the management of group dynamics and content diffusion within and between groups. Social network analysis as an inherent part of the framework is used to adapt internal community states continuously with real world encounter situations. We hereby qualify interpersonal relationships based on encounter and communication statistics, identify social groups through incremental clustering and assign diffusion roles through position analysis. To achieve efficient content dissemination we make use of social diffusion phenomena. Other researchers have experimented extensively with the small world model as it proofs that people transfer knowledge based on local knowledge but are still capable of diffusing it efficiently on a global scale. Their approach is often based on identifying short paths through member connectivity. However, this scenario is not applicable in MENs as transfer time is limited in contrast to the wired Internet. Our approach is therefore based on the least effort transfer theory. Following Reagan et al., who first postulated this hypothesis, people transfer knowledge only if the transfer effort is within specific limits, which depends on different social and cognitive factors. We derive routing mechanisms, which are capable of distinguishing between different content complexities and apply information about peer's expertise and social network to identify advantageous paths and content transfers options. We evaluate the feasibility of the group management and content transfer component with prototypes. Since labor settings do not allow to obtain information about large scale diffusion experiences, we also conduct a multi-agent simulation to evaluate the diffusion capabilities of the system. Experiences from an earlier prototype implementation have been used to quantify the technical routing process. To emulate realistic community life, we assigned to each agent an individual daily agenda, social contacts and territory preferences specified according to outcomes from different urban city life surveys. During the simulation agents move on a city map according to these models and collect contact and content specific data. Analyzing the network topology according to small world characteristics shows a structure with a high tendency for clustering (friend networks) and a short average path length. Daily urban mobility creates enough opportunities to form shortcuts through the community. Content diffusion analysis shows that our approach reaches a similar amount of peers as network flooding but with delays in the beginning. Since our approach artificially limits the number of intermediates to central community peers more bandwidth is available during traveling and more content can be transferred as in the case of the flooding approach. Ordinary peers seem to have significantly fewer content replications if an unlimited cache is assumed proofing that our mechanism is more efficient. By varying the content type used during the simulation we recognize that time dependent content is better disseminated through frequent contacts and time independent content through random contacts. Performing a precision-recall analysis on peers caches shows that ordinary peers gain an overall better context precision, and central peers a better community recall. One explanation is that the shared cache approach leads to fewer content replacements in the cache as for instance the least recently used cache strategy

Proceedings of the Third Edition of the Annual Conference on Wireless On-demand Network Systems and Services (WONS 2006)

Ce fichier regroupe en un seul documents l'ensemble des articles accéptés pour la conférences WONS2006/http://citi.insa-lyon.fr/wons2006/index.htmlThis year, 56 papers were submitted. From the Open Call submissions we accepted 16 papers as full papers (up to 12 pages) and 8 papers as short papers (up to 6 pages). All the accepted papers will be presented orally in the Workshop sessions. More precisely, the selected papers have been organized in 7 session: Channel access and scheduling, Energy-aware Protocols, QoS in Mobile Ad-Hoc networks, Multihop Performance Issues, Wireless Internet, Applications and finally Security Issues. The papers (and authors) come from all parts of the world, confirming the international stature of this Workshop. The majority of the contributions are from Europe (France, Germany, Greece, Italy, Netherlands, Norway, Switzerland, UK). However, a significant number is from Australia, Brazil, Canada, Iran, Korea and USA. The proceedings also include two invited papers. We take this opportunity to thank all the authors who submitted their papers to WONS 2006. You helped make this event again a success