Security threats in network coding-enabled mobile small cells

The recent explosive growth of mobile data traffic, the continuously growing demand for higher data rates, and the steadily increasing pressure for higher mobility have led to the fifth-generation mobile networks. To this end, network-coding (NC)-enabled mobile small cells are considered as a promising 5G technology to cover the urban landscape by being set up on-demand at any place, and at any time on any device. In particular, this emerging paradigm has the potential to provide significant benefits to mobile networks as it can decrease packet transmission in wireless multicast, provide network capacity improvement, and achieve robustness to packet losses with low energy consumption. However, despite these significant advantages, NC-enabled mobile small cells are vulnerable to various types of attacks due to the inherent vulnerabilities of NC. Therefore, in this paper, we provide a categorization of potential security attacks in NC-enabled mobile small cells. Particularly, our focus is on the identification and categorization of the main potential security attacks on a scenario architecture of the ongoing EU funded H2020-MSCA project “SECRET” being focused on secure network coding-enabled mobile small cells

Physical layer security against pollution attack in wireless relay networks using random network coding

Network coding can remarkably improve the network capacity by combining incoming packets at intermediate nodes. However, the packet combining also causes the network to be particularly vulnerable to the pollution attack that injects false data into the information flow of the network. This dissertation includes two studies on mitigating pollution attack in two-hop wireless relay network that employs random network coding. First, we investigate how the finite field size affects the network coding performance in terms of the probability of symbol error and the throughput in adversarial networks where the false data is injected by the malicious attackers at source nodes and/or relay nodes. Also, we examine how the optimal field size that minimizes the probability of symbol error or that maximizes throughput changes as the trustworthiness of node or the number of combined packets changes. Second, we propose two schemes for detecting the polluted packets and discarding them before decoding by exploiting physical layer information which is directly overheard from the source nodes. The proposed scheme I applies the threshold-based method to detect the presence of falsely injected data within each packet, while the proposed scheme II compares all received network-coded packets and selects the most trustable ones. Unlike many existing signature-based detection schemes, the proposed schemes do not require that additional information bits are attached into each packet

Encaminhamento confiável e energeticamente eficiente para redes ad hoc

Doutoramento em InformáticaIn Mobile Ad hoc NETworks (MANETs), where cooperative behaviour is mandatory, there is a high probability for some nodes to become overloaded with packet forwarding operations in order to support neighbor data exchange. This altruistic behaviour leads to an unbalanced load in the network in terms of traffic and energy consumption. In such scenarios, mobile nodes can benefit from the use of energy efficient and traffic fitting routing protocol that better suits the limited battery capacity and throughput limitation of the network. This PhD work focuses on proposing energy efficient and load balanced routing protocols for ad hoc networks. Where most of the existing routing protocols simply consider the path length metric when choosing the best route between a source and a destination node, in our proposed mechanism, nodes are able to find several routes for each pair of source and destination nodes and select the best route according to energy and traffic parameters, effectively extending the lifespan of the network. Our results show that by applying this novel mechanism, current flat ad hoc routing protocols can achieve higher energy efficiency and load balancing. Also, due to the broadcast nature of the wireless channels in ad hoc networks, other technique such as Network Coding (NC) looks promising for energy efficiency. NC can reduce the number of transmissions, number of re-transmissions, and increase the data transfer rate that directly translates to energy efficiency. However, due to the need to access foreign nodes for coding and forwarding packets, NC needs a mitigation technique against unauthorized accesses and packet corruption. Therefore, we proposed different mechanisms for handling these security attacks by, in particular by serially concatenating codes to support reliability in ad hoc network. As a solution to this problem, we explored a new security framework that proposes an additional degree of protection against eavesdropping attackers based on using concatenated encoding. Therefore, malicious intermediate nodes will find it computationally intractable to decode the transitive packets. We also adopted another code that uses Luby Transform (LT) as a pre-coding code for NC. Primarily being designed for security applications, this code enables the sink nodes to recover corrupted packets even in the presence of byzantine attacks.Nas redes móveis ad hoc (MANETs), onde o comportamento cooperativo é obrigatório, existe uma elevada probabilidade de alguns nós ficarem sobrecarregados nas operações de encaminhamento de pacotes no apoio à troca de dados com nós vizinhos. Este comportamento altruísta leva a uma sobrecarga desequilibrada em termos de tráfego e de consumo de energia. Nestes cenários, os nós móveis poderão beneficiar do uso da eficiência energética e de protocolo de encaminhamento de tráfego que melhor se adapte à sua capacidade limitada da bateria e velocidade de processamento. Este trabalho de doutoramento centra-se em propor um uso eficiente da energia e protocolos de encaminhamento para balanceamento de carga nas redes ad hoc. Actualmente a maioria dos protocolos de encaminhamento existentes considera simplesmente a métrica da extensão do caminho, ou seja o número de nós, para a escolha da melhor rota entre fonte (S) e um nó de destino (D); no mecanismo aqui proposto os nós são capazes de encontrar várias rotas por cada par de nós de origem e destino e seleccionar o melhor caminho segundo a energia e parâmetros de tráfego, aumentando o tempo de vida útil da rede. Os nossos resultados mostram que pela aplicação deste novo mecanismo, os protocolos de encaminhamento ad hoc actuais podem alcançar uma maior eficiência energética e balanceamento de carga. Para além disso, devido à natureza de difusão dos canais sem fio em redes ad-hoc, outras técnicas, tais como a Codificação de Rede (NC), parecem ser também promissoras para a eficiência energética. NC pode reduzir o número de transmissões, e número de retransmissões e aumentar a taxa de transferência de dados traduzindo-se directamente na melhoria da eficiência energética. No entanto, devido ao acesso dos nós intermediários aos pacotes em trânsito e sua codificação, NC necessita de uma técnica que limite as acessos não autorizados e a corrupção dos pacotes. Explorou-se o mecanismo de forma a oferecer um novo método de segurança que propõe um grau adicional de protecção contra ataques e invasões. Por conseguinte, os nós intermediários mal-intencionados irão encontrar pacotes em trânsito computacionalmente intratáveis em termos de descodificação. Adoptou-se também outro código que usa Luby Transform (LT) como um código de précodificação no NC. Projectado inicialmente para aplicações de segurança, este código permite que os nós de destino recuperem pacotes corrompidos mesmo em presença de ataques bizantinos