Cryptographic Key Management in Delay Tolerant Networks (DTNs): A survey

Since their appearance at the dawn of the second millennium, Delay or Disruption Tolerant Networks (DTNs) have gradually evolved, spurring the development of a variety of methods and protocols for making them more secure and resilient. In this context, perhaps, the most challenging problem to deal with is that of cryptographic key management. To the best of our knowledge, the work at hand is the first to survey the relevant literature and classify the various so far proposed key management approaches in such a restricted and harsh environment. Towards this goal, we have grouped the surveyed key management methods into three major categories depending on whether the particular method copes with a) security initialization, b) key establishment, and c) key revocation. We have attempted to provide a concise but fairly complete evaluation of the proposed up-to-date methods in a generalized way with the aim of offering a central reference point for future research

Cryptographic Key Management in Delay Tolerant Networks (DTNs): A survey

Since their appearance at the dawn of the second millennium, Delay or Disruption Tolerant Networks (DTNs) have gradually evolved, spurring the development of a variety of methods and protocols for making them more secure and resilient. In this context, perhaps, the most challenging problem to deal with is that of cryptographic key management. To the best of our knowledge, the work at hand is the first to survey the relevant literature and classify the various so far proposed key management approaches in such a restricted and harsh environment. Towards this goal, we have grouped the surveyed key management methods into three major categories depending on whether the particular method copes with a) security initialization, b) key establishment, and c) key revocation. We have attempted to provide a concise but fairly complete evaluation of the proposed up-to-date methods in a generalized way with the aim of offering a central reference point for future research

Opportunistic Key Management in Delay Tolerant Networks

Key Management is considered to be a challenging task in Delay Tolerant Networks (DTNs) operating in environments with adverse communication conditions such as space, due to the practical limitations and constraints prohibiting effective closed loop communications. In this paper we propose opportunistic key management as a more suitable solution for key management in networks requiring opportunistic behaviour. We show that opportunistic key management is better exploited and utilized when used in conjunction with routing decisions by security aware DTN nodes

A policy-based security framework for ad-hoc networks

Imperial Users onl

An investigation to cybersecurity countermeasures for global internet infrastructure.

The Internet is comprised of entities. These entities are called Autonomous Systems (ASes). Each one of these ASes is managed by an Internet Service Provider (ISP). In return each group of ISPs are managed by Regional Internet Registry (RIR). Finally, all RIRs are managed by Internet Assigned Number Authority (IANA). The different ASes are globally connected via the inter-domain protocol that is Border Gateway Protocol (BGP). BGP was designed to be scalable to handle the massive Internet traffic; however, it has been studied for improvements for its lack of security. Furthermore, it relies on Transmission Control Protocol (TCP) which, in return, makes BGP vulnerable to whatever attacks TCP is vulnerable to. Thus, many researchers have worked on developing proposals for improving BGP security, due to the fact that it is the only external protocol connecting the ASes around the globe. In this thesis, different security proposals are reviewed and discussed for their merits and drawbacks. With the aid of Artificial Immune Systems (AIS), the research reported in this thesis addresses Man-In-The-Middle (MITM) and message replay attacks. Other attacks are discussed regarding the benefits of using AIS to support BGP; however, the focus is on MITM and message replay attacks. This thesis reports on the evaluation of a novel Hybrid AIS model compared with existing methods of securing BGP such as S-BGP and BGPsec as well as the traditional Negative Selection AIS algorithm. The results demonstrate improved precision of detecting attacks for the Hybrid AIS model compared with the Negative Selection AIS. Higher precision was achieved with S-BGP and BGPsec, however, at the cost of higher end-to-end delays. The high precision shown in the collected results for S-BGP and BGPsec is largely due to S-BGP encrypting the data by using public key infrastructure, while BGPsec utilises IPsec security suit to encapsulate the exchanged BGP packets. Therefore, neither of the two methods (S-BGP and BGPsec) are considered as Intrusion Detection Systems (IDS). Furthermore, S-BGP and BGPsec lack in the decision making and require administrative attention to mitigate an intrusion or cyberattack. While on the other hand, the suggested Hybrid AIS can remap the network topology depending on the need and optimise the path to the destination

Security management for mobile ad hoc network of networks (MANoN

Mobile Ad hoc Network of Networks (MANoN) are a group of large autonomous wireless nodes communicating on a peer-to-peer basis in a heterogeneous environment with no pre-defined infrastructure. In fact, each node by itself is an ad hoc network with its own management. MANoNs are evolvable systems, which mean each ad hoc network has the ability to perform separately under its own policies and management without affecting the main system; therefore, new ad hoc networks can emerge and disconnect from the MANoN without conflicting with the policies of other networks. The unique characteristics of MANoN makes such networks highly vulnerable to security attacks compared with wired networks or even normal mobile ad hoc networks. This thesis presents a novel security-management system based upon the Recommendation ITU-T M.3400, which is used to evaluate, report on the behaviour of our MANoN and then support complex services our system might need to accomplish. Our security management will concentrate on three essential components: Security Administration, Prevention and Detection and Containment and Recovery. In any system, providing one of those components is a problem; consequently, dealing with an infrastructure-less MANoN will be a dilemma, yet we approached each set group of these essentials independently, providing unusual solutions for each one of them but concentrating mainly on the prevention and detection category. The contributions of this research are threefold. First, we defined MANoN Security Architecture based upon the ITU-T Recommendations: X.800 and X.805. This security architecture provides a comprehensive, end-to-end security solution for MANoN that could be applied to every wireless network that satisfies a similar scenario, using such networks in order to predict, detect and correct security vulnerabilities. The security architecture identifies the security requirements needed, their objectives and the means by which they could be applied to every part of the MANoN, taking into consideration the different security attacks it could face. Second, realising the prevention component by implementing some of the security requirements identified in the Security Architecture, such as authentication, authorisation, availability, data confidentiality, data integrity and non-repudiation has been proposed by means of defining a novel Security Access Control Mechanism based on Threshold Cryptography Digital Certificates in MANoN. Network Simulator (NS-2) is a real network environment simulator, which is used to test the performance of the proposed security mechanism and demonstrate its effectiveness. Our ACM-MANoN results provide a fully distributed security protocol that provides a high level of secure, available, scalable, flexible and efficient management services for MANoN. The third contribution is realising the detection component, which is represented by providing a Behavioural Detection Mechanism based on nodes behavioural observation engaged with policies. This behaviour mechanism will be used to detect malicious nodes acting to bring the system down. This approach has been validated using an attacks case study in an unknown military environment to cope with misbehaving nodes

Robust and cheating-resilient power auctioning on Resource Constrained Smart Micro-Grids

The principle of Continuous Double Auctioning (CDA) is known to provide an efficient way of matching supply and demand among distributed selfish participants with limited information. However, the literature indicates that the classic CDA algorithms developed for grid-like applications are centralised and insensitive to the processing resources capacity, which poses a hindrance for their application on resource constrained, smart micro-grids (RCSMG). A RCSMG loosely describes a micro-grid with distributed generators and demand controlled by selfish participants with limited information, power storage capacity and low literacy, communicate over an unreliable infrastructure burdened by limited bandwidth and low computational power of devices. In this thesis, we design and evaluate a CDA algorithm for power allocation in a RCSMG. Specifically, we offer the following contributions towards power auctioning on RCSMGs. First, we extend the original CDA scheme to enable decentralised auctioning. We do this by integrating a token-based, mutual-exclusion (MUTEX) distributive primitive, that ensures the CDA operates at a reasonably efficient time and message complexity of O(N) and O(logN) respectively, per critical section invocation (auction market execution). Our CDA algorithm scales better and avoids the single point of failure problem associated with centralised CDAs (which could be used to adversarially provoke a break-down of the grid marketing mechanism). In addition, the decentralised approach in our algorithm can help eliminate privacy and security concerns associated with centralised CDAs. Second, to handle CDA performance issues due to malfunctioning devices on an unreliable network (such as a lossy network), we extend our proposed CDA scheme to ensure robustness to failure. Using node redundancy, we modify the MUTEX protocol supporting our CDA algorithm to handle fail-stop and some Byzantine type faults of sites. This yields a time complexity of O(N), where N is number of cluster-head nodes; and message complexity of O((logN)+W) time, where W is the number of check-pointing messages. These results indicate that it is possible to add fault tolerance to a decentralised CDA, which guarantees continued participation in the auction while retaining reasonable performance overheads. In addition, we propose a decentralised consumption scheduling scheme that complements the auctioning scheme in guaranteeing successful power allocation within the RCSMG. Third, since grid participants are self-interested we must consider the issue of power theft that is provoked when participants cheat. We propose threat models centred on cheating attacks aimed at foiling the extended CDA scheme. More specifically, we focus on the Victim Strategy Downgrade; Collusion by Dynamic Strategy Change, Profiling with Market Prediction; and Strategy Manipulation cheating attacks, which are carried out by internal adversaries (auction participants). Internal adversaries are participants who want to get more benefits but have no interest in provoking a breakdown of the grid. However, their behaviour is dangerous because it could result in a breakdown of the grid. Fourth, to mitigate these cheating attacks, we propose an exception handling (EH) scheme, where sentinel agents use allocative efficiency and message overheads to detect and mitigate cheating forms. Sentinel agents are tasked to monitor trading agents to detect cheating and reprimand the misbehaving participant. Overall, message complexity expected in light demand is O(nLogN). The detection and resolution algorithm is expected to run in linear time complexity O(M). Overall, the main aim of our study is achieved by designing a resilient and cheating-free CDA algorithm that is scalable and performs well on resource constrained micro-grids. With the growing popularity of the CDA and its resource allocation applications, specifically to low resourced micro-grids, this thesis highlights further avenues for future research. First, we intend to extend the decentralised CDA algorithm to allow for participants’ mobile phones to connect (reconnect) at different shared smart meters. Such mobility should guarantee the desired CDA properties, the reliability and adequate security. Secondly, we seek to develop a simulation of the decentralised CDA based on the formal proofs presented in this thesis. Such a simulation platform can be used for future studies that involve decentralised CDAs. Third, we seek to find an optimal and efficient way in which the decentralised CDA and the scheduling algorithm can be integrated and deployed in a low resourced, smart micro-grid. Such an integration is important for system developers interested in exploiting the benefits of the two schemes while maintaining system efficiency. Forth, we aim to improve on the cheating detection and mitigation mechanism by developing an intrusion tolerance protocol. Such a scheme will allow continued auctioning in the presence of cheating attacks while incurring low performance overheads for applicability in a RCSMG

An Investigation into Trust and Reputation Frameworks for Autonomous Underwater Vehicles

As Autonomous Underwater Vehicles (AUVs) become more technically capable and economically feasible, they are being increasingly used in a great many areas of defence, commercial and environmental applications. These applications are tending towards using independent, autonomous, ad-hoc, collaborative behaviour of teams or fleets of these AUV platforms. This convergence of research experiences in the Underwater Acoustic Network (UAN) and Mobile Ad-hoc Network (MANET) fields, along with the increasing Level of Automation (LOA) of such platforms, creates unique challenges to secure the operation and communication of these networks. The question of security and reliability of operation in networked systems has usually been resolved by having a centralised coordinating agent to manage shared secrets and monitor for misbehaviour. However, in the sparse, noisy and constrained communications environment of UANs, the communications overheads and single-point-of-failure risk of this model is challenged (particularly when faced with capable attackers). As such, more lightweight, distributed, experience based systems of “Trust” have been proposed to dynamically model and evaluate the “trustworthiness” of nodes within a MANET across the network to prevent or isolate the impact of malicious, selfish, or faulty misbehaviour. Previously, these models have monitored actions purely within the communications domain. Moreover, the vast majority rely on only one type of observation (metric) to evaluate trust; successful packet forwarding. In these cases, motivated actors may use this limited scope of observation to either perform unfairly without repercussions in other domains/metrics, or to make another, fair, node appear to be operating unfairly. This thesis is primarily concerned with the use of terrestrial-MANET trust frameworks to the UAN space. Considering the massive theoretical and practical difference in the communications environment, these frameworks must be reassessed for suitability to the marine realm. We find that current single-metric Trust Management Frameworks (TMFs) do not perform well in a best-case scaling of the marine network, due to sparse and noisy observation metrics, and while basic multi-metric communications-only frameworks perform better than their single-metric forms, this performance is still not at a reliable level. We propose, demonstrate (through simulation) and integrate the use of physical observational metrics for trust assessment, in tandem with metrics from the communications realm, improving the safety, security, reliability and integrity of autonomous UANs. Three main novelties are demonstrated in this work: Trust evaluation using metrics from the physical domain (movement/distribution/etc.), demonstration of the failings of Communications-based Trust evaluation in sparse, noisy, delayful and non-linear UAN environments, and the deployment of trust assessment across multiple domains, e.g. the physical and communications domains. The latter contribution includes the generation and optimisation of cross-domain metric composition or“synthetic domains” as a performance improvement method

Blockchain for economically sustainable wireless mesh networks

This is the peer reviewed version of the following article: Kabbinale, AR, Dimogerontakis, E, Selimi, M, et al. Blockchain for economically sustainable wireless mesh networks. Concurrency Computat Pract Exper. 2020; 32:e5349, which has been published in final form at https://doi.org/10.1002/cpe.5349. This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Self-Archiving.Decentralization, in the form of mesh networking and blockchain, two promising technologies, is coming to the telecommunications industry. Mesh networking allows wider low-cost Internet access with infrastructures built from routers contributed by diverse owners, whereas blockchain enables transparency and accountability for investments, revenue, or other forms of economic compensations from sharing of network traffic, content, and services. Crowdsourcing network coverage, combined with crowdfunding costs, can create economically sustainable yet decentralized Internet access. This means that every participant can invest in resources and pay or be paid for usage to recover the costs of network devices and maintenance. While mesh networks and mesh routing protocols enable self-organized networks that expand organically, cryptocurrencies and smart contracts enable the economic coordination among network providers and consumers. We explore and evaluate two existing blockchain software stacks, Hyperledger Fabric (HLF) and Ethereum geth with Proof of Authority (PoA) intended as a local lightweight distributed ledger, deployed in a real city-wide production mesh network and in laboratory network. We quantify the performance and bottlenecks and identify the current limitations and opportunities for improvement to serve locally the needs of wireless mesh networks, without the privacy and economic cost of relying on public blockchains.This paper has been supported by the AmmbrTech Group, the Spanish Government TIN2016‐77836‐C2‐2‐R and the European Community H2020 Programme netCommons (H2020‐688768). The authors would like to thank the people from the Guifi.net (Guifi‐Sants) community network for hosting the servers and supporting the experiments.Peer ReviewedPostprint (author's final draft