5 research outputs found
Detection and Recovery From Pollution Attacks in Coding Based Distributed Storage Schemes
We address the problem of pollution attacks in coding based distributed storage systems. In a pollution attack, the adversary maliciously alters some of the stored encoded packets, which results in the incorrect decoding of a large part of the original data upon retrieval. We propose algorithms to detect and recover from such attacks. In contrast to existing approaches to solve this problem, our approach is not based on adding cryptographic checksums or signatures to the encoded packets, and it does not introduce any additional redundancy to the system. The results of our analysis show that our proposed algorithms are suitable for practical systems, especially in wireless sensor networks
Encaminhamento confiável e energeticamente eficiente para redes ad hoc
Doutoramento em InformáticaIn Mobile Ad hoc NETworks (MANETs), where cooperative behaviour is
mandatory, there is a high probability for some nodes to become overloaded
with packet forwarding operations in order to support neighbor data exchange.
This altruistic behaviour leads to an unbalanced load in the network in terms of
traffic and energy consumption. In such scenarios, mobile nodes can benefit
from the use of energy efficient and traffic fitting routing protocol that better
suits the limited battery capacity and throughput limitation of the network. This
PhD work focuses on proposing energy efficient and load balanced routing
protocols for ad hoc networks. Where most of the existing routing protocols
simply consider the path length metric when choosing the best route between a
source and a destination node, in our proposed mechanism, nodes are able to
find several routes for each pair of source and destination nodes and select the
best route according to energy and traffic parameters, effectively extending the
lifespan of the network. Our results show that by applying this novel
mechanism, current flat ad hoc routing protocols can achieve higher energy
efficiency and load balancing. Also, due to the broadcast nature of the wireless
channels in ad hoc networks, other technique such as Network Coding (NC)
looks promising for energy efficiency. NC can reduce the number of
transmissions, number of re-transmissions, and increase the data transfer rate
that directly translates to energy efficiency. However, due to the need to access
foreign nodes for coding and forwarding packets, NC needs a mitigation
technique against unauthorized accesses and packet corruption. Therefore, we
proposed different mechanisms for handling these security attacks by, in
particular by serially concatenating codes to support reliability in ad hoc
network. As a solution to this problem, we explored a new security framework
that proposes an additional degree of protection against eavesdropping
attackers based on using concatenated encoding. Therefore, malicious
intermediate nodes will find it computationally intractable to decode the
transitive packets. We also adopted another code that uses Luby Transform
(LT) as a pre-coding code for NC. Primarily being designed for security
applications, this code enables the sink nodes to recover corrupted packets
even in the presence of byzantine attacks.Nas redes móveis ad hoc (MANETs), onde o comportamento cooperativo é
obrigatório, existe uma elevada probabilidade de alguns nós ficarem
sobrecarregados nas operações de encaminhamento de pacotes no apoio à
troca de dados com nós vizinhos. Este comportamento altruísta leva a uma
sobrecarga desequilibrada em termos de tráfego e de consumo de energia.
Nestes cenários, os nós móveis poderão beneficiar do uso da eficiência
energética e de protocolo de encaminhamento de tráfego que melhor se
adapte à sua capacidade limitada da bateria e velocidade de processamento.
Este trabalho de doutoramento centra-se em propor um uso eficiente da
energia e protocolos de encaminhamento para balanceamento de carga nas
redes ad hoc. Actualmente a maioria dos protocolos de encaminhamento
existentes considera simplesmente a métrica da extensão do caminho, ou seja
o número de nós, para a escolha da melhor rota entre fonte (S) e um nó de
destino (D); no mecanismo aqui proposto os nós são capazes de encontrar
várias rotas por cada par de nós de origem e destino e seleccionar o melhor
caminho segundo a energia e parâmetros de tráfego, aumentando o tempo de
vida útil da rede. Os nossos resultados mostram que pela aplicação deste novo
mecanismo, os protocolos de encaminhamento ad hoc actuais podem alcançar
uma maior eficiência energética e balanceamento de carga.
Para além disso, devido à natureza de difusão dos canais sem fio em redes
ad-hoc, outras técnicas, tais como a Codificação de Rede (NC), parecem ser
também promissoras para a eficiência energética. NC pode reduzir o número
de transmissões, e número de retransmissões e aumentar a taxa de
transferência de dados traduzindo-se directamente na melhoria da eficiência
energética. No entanto, devido ao acesso dos nós intermediários aos pacotes
em trânsito e sua codificação, NC necessita de uma técnica que limite as
acessos não autorizados e a corrupção dos pacotes. Explorou-se o
mecanismo de forma a oferecer um novo método de segurança que propõe um
grau adicional de protecção contra ataques e invasões. Por conseguinte, os
nós intermediários mal-intencionados irão encontrar pacotes em trânsito
computacionalmente intratáveis em termos de descodificação. Adoptou-se
também outro código que usa Luby Transform (LT) como um código de précodificação
no NC. Projectado inicialmente para aplicações de segurança, este
código permite que os nós de destino recuperem pacotes corrompidos mesmo
em presença de ataques bizantinos
Secure Communication in Erasure Networks with State-feedback
The security and efficiency of communication are two of the main concerns for networks of today and the future. Our understanding of how to efficiently send information over various channels and networks has significantly increased in the past decade (see e.g., [1–3]), whereas our understanding of how to securely send information has not yet reached the same level. In this thesis, we advance the theory of secure communication by deriving capacity results and by developing coding schemes that provide information-theoretic security for erasure networks. We characterize the highest achievable secret-message rate in the presence of an eavesdropping adversary in various settings, where communication takes place over erasure channels with state-feedback. Our results provide such a characterization for a point-to-point erasure channel, for a broadcast erasure channel with multiple receivers, for a network with multiple parallel channels, a V-network and for a triangle network. We introduce several two-phase secure coding schemes that consist of a key generation phase and an encrypted message sending phase. Our schemes leverage several resources for security: channel erasures, feedback, common randomness and the topology of the network. We present coding schemes for all the above mentioned settings as well as for erasure networks with arbitrary topology. In all the cases where we provide exact characterization, a two-phase scheme achieves the secret-message capacity. All our proposed coding schemes use only linear operations and thus can serve as a basis for practical code designs. For networks, we develop a linear programming framework for describing secure coding schemes and for deriving new outer bounds. We use linear programs to describe our schemes and to prove their optimality. We derive new information theoretic outer bounds. In our intuitive interpretation, our proofs find the connection between the rate of the message and the rate of a secret key that is required to secure the message. Our results reveal nontrivial characteristics of secure communication in erasure networks. We find that – in contrast to non-secure communication – the secret message capacity of a cut does not simplify to the sum of the capacities of the channels that form the cut, moreover, the secret message capacity of a network does not simplify to the minimum secret message capacity of its cuts