6 research outputs found
A Novel Utility and GameTheoretic Based Security Mechanism for Mobile P2P Systems
Research on security in Peer-to-Peer (P2P) systems is dominated by reputation-based solutions. These solutions propagate opinions about other peers in order to help identify the best set of peers to utilize. In this paper, we model peers with utility functions and use those functions to examine the case in which an individual peer participates in an unfamiliar and untrusted system, similar to one in which a mobile peer can enter when moving into a new location. We additionally introduce a novel security mechanism for P2P systems called resource exploration in order to mitigate the problems inherent in reputation-based systems and analyze its effect on a 2-player game (between an attacker and the benign peer). 1
Secure and Privacy-Preserving Authentication Protocols for Wireless Mesh Networks
Wireless mesh networks (WMNs) have emerged as a promising concept to meet the
challenges in next-generation wireless networks such as providing flexible,
adaptive, and reconfigurable architecture while offering cost-effective
solutions to service providers. As WMNs become an increasingly popular
replacement technology for last-mile connectivity to the home networking,
community and neighborhood networking, it is imperative to design efficient and
secure communication protocols for these networks. However, several
vulnerabilities exist in currently existing protocols for WMNs. These security
loopholes can be exploited by potential attackers to launch attack on WMNs. The
absence of a central point of administration makes securing WMNs even more
challenging. The broadcast nature of transmission and the dependency on the
intermediate nodes for multi-hop communications lead to several security
vulnerabilities in WMNs. The attacks can be external as well as internal in
nature. External attacks are launched by intruders who are not authorized users
of the network. For example, an intruding node may eavesdrop on the packets and
replay those packets at a later point of time to gain access to the network
resources. On the other hand, the internal attacks are launched by the nodes
that are part of the WMN. On example of such attack is an intermediate node
dropping packets which it was supposed to forward. This chapter presents a
comprehensive discussion on the current authentication and privacy protection
schemes for WMN. In addition, it proposes a novel security protocol for node
authentication and message confidentiality and an anonymization scheme for
privacy protection of users in WMNs.Comment: 32 pages, 10 figures. The work is an extended version of the author's
previous works submitted in CoRR: arXiv:1107.5538v1 and arXiv:1102.1226v
SCOPE: Synergistic Content Distribution and Peer-to-Peer Networks
Distributing content on the Internet is an important economic, educational, social, and cultural endeavor. To this end, several existing efforts use traditional server-based content distribution networks (CDNs) to replicate and distribute Web and multimedia content of big content producers, such as news Web sites, or big businesses, such as online shopping websites, etc., to millions of Internet users. This approach places a large number of content servers at strategic locations on the Internet, incurring a very large deployment and operating cost. Therefore, it is available only to some wealthy companies/organizations. Individual users and small content publishers may rely on a more economical content dissemination approach based on recent peer-to-peer technology to distribute their own content. Nevertheless, it is the ephemeral and the limited resources nature of peer-to-peer networks that hinder a wide spread adoption of peer-to-peer technology as a reliable content distribution solution. It is, therefore, important that a new generation of cost-effective and reliable content distribution framework be proposed and investigated. Building on the successes and failures of previous content distribution approaches, the proposed research goal is to find and evaluate a Synergistic Content Distribution and Peer-to-Peer Networks (SCOPE). SCOPE leverages the reliability and the resourcefulness of traditional server-based CDNs while tapping on the economical and dynamic resources of peers
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
When Others Impinge upon Your Privacy:Interdependent Risks and Protection in a Connected World
Privacy is defined as the right to control, edit, manage, and delete information about oneself and decide when, how, and to what extent this information is communicated to others. Therefore, every person should ideally be empowered to manage and protect his own data, individually and independently of others. This assumption, however, barely holds in practice, because people are by nature biologically and socially interconnected. An individual's identity is essentially determined at the biological and social levels. First, a person is biologically determined by his DNA, his genes, that fully encode his physical characteristics. Second, human beings are social animals, with a strong need to create ties and interact with their peers. Interdependence is present at both levels. At the biological level, interdependence stems from genetic inheritance. At the social level, interdependence emerges from social ties. In this thesis, we investigate whether, in today's highly connected world, individual privacy is in fact achievable, or if it is almost impossible due to the inherent interdependence between people. First, we study interdependent privacy risks at the social level, focusing on online social networks (OSNs), the digital counterpart of our social lives. We show that, even if an OSN user carefully tunes his privacy settings in order to not be present in any search directory, it is possible for an adversary to find him by using publicly visible attributes of other OSN users. We demonstrate that, in OSNs where privacy settings are not aligned between users and where some users reveal a (even limited) set of attributes, it is almost impossible for a specific user to hide in the crowd. Our navigation attack complements existing work on inference attacks in OSNs by showing how we can efficiently find targeted profiles in OSNs, which is a necessary precondition for any targeted attack. Our attack also demonstrates the threat on OSN-membership privacy. Second, we investigate upcoming interdependent privacy risks at the biological level. More precisely, due to the recent drop in costs of genome sequencing, an increasing number of people are having their genomes sequenced and share them online and/or with third parties for various purposes. However, familial genetic dependencies induce indirect genomic privacy risks for the relatives of the individuals who share their genomes. We propose a probabilistic framework that relies upon graphical models and Bayesian inference in order to formally quantify genomic privacy risks. Then, we study the interplay between rational family members with potentially conflicting interests regarding the storage security and disclosure of their genomic data. We consider both purely selfish and altruistic behaviors, and we make use of multi-agent influence diagrams to efficiently derive equilibria in the general case where more than two relatives interact with each other. We also propose an obfuscation mechanism in order to reconcile utility with privacy in genomics, in the context where all family members are cooperative and care about each other's privacy. Third, we study privacy-enhancing systems, such as anonymity networks, where users do not damage other users' privacy but are actually needed in order to protect privacy. In this context, we show how incentives based on virtual currency can be used and their amount optimized in order to foster cooperation between users and eventually improve everyone's privacy.[...
Private and censorship-resistant communication over public networks
Society’s increasing reliance on digital communication networks is creating unprecedented opportunities for wholesale
surveillance and censorship. This thesis investigates the use of public networks such as the Internet to build
robust, private communication systems that can resist monitoring and attacks by powerful adversaries such as national
governments.
We sketch the design of a censorship-resistant communication system based on peer-to-peer Internet overlays in which
the participants only communicate directly with people they know and trust. This ‘friend-to-friend’ approach protects
the participants’ privacy, but it also presents two significant challenges. The first is that, as with any peer-to-peer
overlay, the users of the system must collectively provide the resources necessary for its operation; some users might
prefer to use the system without contributing resources equal to those they consume, and if many users do so, the
system may not be able to survive.
To address this challenge we present a new game theoretic model of the problem of encouraging cooperation between
selfish actors under conditions of scarcity, and develop a strategy for the game that provides rational incentives for
cooperation under a wide range of conditions.
The second challenge is that the structure of a friend-to-friend overlay may reveal the users’ social relationships to
an adversary monitoring the underlying network. To conceal their sensitive relationships from the adversary, the
users must be able to communicate indirectly across the overlay in a way that resists monitoring and attacks by other
participants.
We address this second challenge by developing two new routing protocols that robustly deliver messages across
networks with unknown topologies, without revealing the identities of the communication endpoints to intermediate
nodes or vice versa. The protocols make use of a novel unforgeable acknowledgement mechanism that proves that a
message has been delivered without identifying the source or destination of the message or the path by which it was
delivered. One of the routing protocols is shown to be robust to attacks by malicious participants, while the other
provides rational incentives for selfish participants to cooperate in forwarding messages