Communication Overhead of Network Coding Schemes Secure against Pollution Attacks

Network coding is a promising approach for increasing performance of multicast data transmission and reducing energy costs. Of course, it is essential to consider security aspects to ensure a reliable data transmission. Particularly, pollution attacks may have serious impacts in network coding since a single attacker can jam large parts of the network. Therefore, various approaches have been introduced to secure network coding against this type of attack. However, introducing security increases costs. Even though there are some performance analysis of secure schemes, to our knowledge there are no details whether these schemes are worthwhile to replace routing under the facet of efficiency. Thus, we discuss in this report parameters to assess the efficiency of secure network coding schemes. Using three network graphs, we evaluate parameters focusing on communication overhead for selected schemes. Our results show that there are still benefits in comparison to routing depending on the network topology

On detecting pollution attacks in inter-session network coding

Abstract—Dealing with pollution attacks in inter-session net-work coding is challenging due to the fact that sources, in addition to intermediate nodes, can be malicious. In this work, we precisely define corrupted packets in inter-session pollution based on the commitment of the source packets. We then propose three detection schemes: one hash-based and two MAC-based schemes: InterMacCPK and SpaceMacPM. InterMacCPK is the first multi-source homomorphic MAC scheme that supports multiple keys. Both MAC schemes can replace traditional MACs, e.g., HMAC, in networks that employ inter-session coding. All three schemes provide in-network detection, are collusion-resistant, and have very low online bandwidth and computation overhead. I

Esquemas de segurança contra ataques de poluição em codificação de rede sobre redes sem fios

Doutoramento em TelecomunicaçõesResumo em português não disponivelThe topic of this thesis is how to achieve e cient security against pollution attacks by exploiting the structure of network coding. There has recently been growing interest in using network coding techniques to increase the robustness and throughput of data networks, and reduce the delay in wireless networks, where a network coding-based scheme takes advantage of the additive nature of wireless signals by allowing two nodes to transmit simultaneously to the relay node. However, Network Coding (NC)-enabled wireless networks are susceptible to a severe security threat, known as data pollution attack, where a malicious node injects into the network polluted (i.e., corrupted) packets that prevent the destination nodes from decoding correctly. Due to recoding at the intermediate nodes, according to the core principle of NC, the polluted packets propagate quickly into other packets and corrupt bunches of legitimate packets leading to network resource waste. Hence, a lot of research e ort has been devoted to schemes against data pollution attacks. Homomorphic Message Authentication Code (MAC)-based schemes are a promising solution against data pollution attacks. However, most of them are susceptible to a new type of pollution attack, called tag pollution attack, where an adversary node randomly modi es tags appended to the end of the transmitted packets. Therefore, in this thesis, we rst propose a homomorphic message authentication code-based scheme, providing resistance against data pollution attacks and tag pollution attacks in XOR NC-enabled wireless networks. Moreover, we propose four homomorphic message authentication code-based schemes which provide resistance against data and tag pollution attacks in Random Linear Network Coding (RLNC). Our results show that our proposed schemes are more e cient compared to other competitive tag pollution immune schemes in terms of complexity, communication overhead and key storage overhead