458 research outputs found
PADS: Practical Attestation for Highly Dynamic Swarm Topologies
Remote attestation protocols are widely used to detect device configuration
(e.g., software and/or data) compromise in Internet of Things (IoT) scenarios.
Unfortunately, the performances of such protocols are unsatisfactory when
dealing with thousands of smart devices. Recently, researchers are focusing on
addressing this limitation. The approach is to run attestation in a collective
way, with the goal of reducing computation and communication. Despite these
advances, current solutions for attestation are still unsatisfactory because of
their complex management and strict assumptions concerning the topology (e.g.,
being time invariant or maintaining a fixed topology). In this paper, we
propose PADS, a secure, efficient, and practical protocol for attesting
potentially large networks of smart devices with unstructured or dynamic
topologies. PADS builds upon the recent concept of non-interactive attestation,
by reducing the collective attestation problem into a minimum consensus one. We
compare PADS with a state-of-the art collective attestation protocol and
validate it by using realistic simulations that show practicality and
efficiency. The results confirm the suitability of PADS for low-end devices,
and highly unstructured networks.Comment: Submitted to ESORICS 201
Graph-Based Multi-Label Classification for WiFi Network Traffic Analysis
Network traffic analysis, and specifically anomaly and attack detection, call for sophisticated tools relying on a large number of features. Mathematical modeling is extremely difficult, given the ample variety of traffic patterns and the subtle and varied ways that malicious activity can be carried out in a network. We address this problem by exploiting data-driven modeling and computational intelligence techniques. Sequences of packets captured on the communication medium are considered, along with multi-label metadata. Graph-based modeling of the data are introduced, thus resorting to the powerful GRALG approach based on feature information granulation, identification of a representative alphabet, embedding and genetic optimization. The obtained classifier is evaluated both under accuracy and complexity for two different supervised problems and compared with state-of-the-art algorithms. We show that the proposed preprocessing strategy is able to describe higher level relations between data instances in the input domain, thus allowing the algorithms to suitably reconstruct the structure of the input domain itself. Furthermore, the considered Granular Computing approach is able to extract knowledge on multiple semantic levels, thus effectively describing anomalies as subgraphs-based symbols of the whole network graph, in a specific time interval. Interesting performances can thus be achieved in identifying network traffic patterns, in spite of the complexity of the considered traffic classes
Routing, Localization And Positioning Protocols For Wireless Sensor And Actor Networks
Wireless sensor and actor networks (WSANs) are distributed systems of sensor nodes and actors that are interconnected over the wireless medium. Sensor nodes collect information about the physical world and transmit the data to actors by using one-hop or multi-hop communications. Actors collect information from the sensor nodes, process the information, take decisions and react to the events. This dissertation presents contributions to the methods of routing, localization and positioning in WSANs for practical applications. We first propose a routing protocol with service differentiation for WSANs with stationary nodes. In this setting, we also adapt a sports ranking algorithm to dynamically prioritize the events in the environment depending on the collected data. We extend this routing protocol for an application, in which sensor nodes float in a river to gather observations and actors are deployed at accessible points on the coastline. We develop a method with locally acting adaptive overlay network formation to organize the network with actor areas and to collect data by using locality-preserving communication. We also present a multi-hop localization approach for enriching the information collected from the river with the estimated locations of mobile sensor nodes without using positioning adapters. As an extension to this application, we model the movements of sensor nodes by a subsurface meandering current mobility model with random surface motion. Then we adapt the introduced routing and network organization methods to model a complete primate monitoring system. A novel spatial cut-off preferential attachment model and iii center of mass concept are developed according to the characteristics of the primate groups. We also present a role determination algorithm for primates, which uses the collection of spatial-temporal relationships. We apply a similar approach to human social networks to tackle the problem of automatic generation and organization of social networks by analyzing and assessing interaction data. The introduced routing and localization protocols in this dissertation are also extended with a novel three dimensional actor positioning strategy inspired by the molecular geometry. Extensive simulations are conducted in OPNET simulation tool for the performance evaluation of the proposed protocol
Communication between nodes for autonomic and distributed management
Doutoramento conjunto MAPi em InformáticaOver the last decade, the most widespread approaches for traditional management
were based on the Simple Network Management Protocol (SNMP) or Common
Management Information Protocol (CMIP). However, they both have several problems
in terms of scalability, due to their centralization characteristics. Although
the distributed management approaches exhibit better performance in terms of
scalability, they still underperform regarding communication costs, autonomy, extensibility,
exibility, robustness, and cooperation between network nodes. The
cooperation between network nodes normally requires excessive overheads for synchronization
and dissemination of management information in the network. For
emerging dynamic and large-scale networking environments, as envisioned in Next
Generation Networks (NGNs), exponential growth in the number of network devices
and mobile communications and application demands is expected. Thus, a
high degree of management automation is an important requirement, along with
new mechanisms that promote it optimally and e ciently, taking into account the
need for high cooperation between the nodes. Current approaches for self and autonomic
management allow the network administrator to manage large areas, performing
fast reaction and e ciently facing unexpected problems. The management
functionalities should be delegated to a self-organized plane operating within the
network, that decrease the network complexity and the control information ow,
as opposed to centralized or external servers. This Thesis aims to propose and
develop a communication framework for distributed network management which
integrates a set of mechanisms for initial communication, exchange of management
information, network (re) organization and data dissemination, attempting
to meet the autonomic and distributed management requirements posed by NGNs.
The mechanisms are lightweight and portable, and they can operate in di erent
hardware architectures and include all the requirements to maintain the basis for
an e cient communication between nodes in order to ensure autonomic network
management. Moreover, those mechanisms were explored in diverse network conditions
and events, such as device and link errors, di erent tra c/network loads
and requirements. The results obtained through simulation and real experimentation
show that the proposed mechanisms provide a lower convergence time, smaller
overhead impact in the network, faster dissemination of management information,
increase stability and quality of the nodes associations, and enable the support for
e cient data information delivery in comparison to the base mechanisms analyzed.
Finally, all mechanisms for communication between nodes proposed in this Thesis,
that support and distribute the management information and network control
functionalities, were devised and developed to operate in completely decentralized
scenarios.Durante a última década, protocolos como Simple Network Management Protocol
(SNMP) ou Common Management Information Protocol (CMIP) foram as abordagens
mais comuns para a gestão tradicional de redes. Essas abordagens têm
vários problemas em termos de escalabilidade, devido às suas características de
centralização. Apresentando um melhor desempenho em termos de escalabilidade,
as abordagens de gestão distribuída, por sua vez, são vantajosas nesse sentido,
mas também apresentam uma série de desvantagens acerca do custo elevado de
comunicação, autonomia, extensibilidade, exibilidade, robustez e cooperação entre
os nós da rede. A cooperação entre os nós presentes na rede é normalmente
a principal causa de sobrecarga na rede, uma vez que necessita de colectar, sincronizar
e disseminar as informações de gestão para todos os nós nela presentes.
Em ambientes dinâmicos, como é o caso das redes atuais e futuras, espera-se um
crescimento exponencial no número de dispositivos, associado a um grau elevado
de mobilidade dos mesmos na rede. Assim, o grau elevado de funções de automatiza
ção da gestão da rede é uma exigência primordial, bem como o desenvolvimento
de novos mecanismos e técnicas que permitam essa comunicação de forma optimizada
e e ciente. Tendo em conta a necessidade de elevada cooperação entre
os elementos da rede, as abordagens atuais para a gestão autonómica permitem
que o administrador possa gerir grandes áreas de forma rápida e e ciente frente
a problemas inesperados, visando diminuir a complexidade da rede e o uxo de
informações de controlo nela gerados. Nas gestões autonómicas a delegação de
operações da rede é suportada por um plano auto-organizado e não dependente
de servidores centralizados ou externos. Com base nos tipos de gestão e desa os
acima apresentados, esta Tese tem como principal objetivo propor e desenvolver
um conjunto de mecanismos necessários para a criação de uma infra-estrutura
de comunicação entre nós, na tentativa de satisfazer as exigências da gestão auton
ómica e distribuída apresentadas pelas redes de futura geração. Nesse sentido,
mecanismos especí cos incluindo inicialização e descoberta dos elementos da rede,
troca de informação de gestão, (re) organização da rede e disseminação de dados
foram elaborados e explorados em diversas condições e eventos, tais como: falhas
de ligação, diferentes cargas de tráfego e exigências de rede. Para além disso, os
mecanismos desenvolvidos são leves e portáveis, ou seja, podem operar em diferentes
arquitecturas de hardware e contemplam todos os requisitos necessários para
manter a base de comunicação e ciente entre os elementos da rede. Os resultados
obtidos através de simulações e experiências reais comprovam que os mecanismos
propostos apresentam um tempo de convergência menor para descoberta e troca
de informação, um menor impacto na sobrecarga da rede, disseminação mais rápida
da informação de gestão, aumento da estabilidade e a qualidade das ligações entre
os nós e entrega e ciente de informações de dados em comparação com os mecanismos
base analisados. Finalmente, todos os mecanismos desenvolvidos que fazem
parte da infrastrutura de comunicação proposta foram concebidos e desenvolvidos
para operar em cenários completamente descentralizados
Security techniques for sensor systems and the Internet of Things
Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues.
We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We develop nesCheck, a novel approach that combines static analysis and dynamic checking to efficiently enforce memory safety on TinyOS applications. As security guarantees come at a cost, determining which resources to protect becomes important. Our solution, OptAll, leverages game-theoretic techniques to determine the optimal allocation of security resources in IoT networks, taking into account fixed and variable costs, criticality of different portions of the network, and risk metrics related to a specified security goal.
Monitoring IoT devices and sensors during operation is necessary to detect incidents. We design Kalis, a knowledge-driven intrusion detection technique for IoT that does not target a single protocol or application, and adapts the detection strategy to the network features. As the scale of IoT makes the devices good targets for botnets, we design Heimdall, a whitelist-based anomaly detection technique for detecting and protecting against IoT-based denial of service attacks.
Once our monitoring tools detect an attack, determining its actual cause is crucial to an effective reaction. We design a fine-grained analysis tool for sensor networks that leverages resident packet parameters to determine whether a packet loss attack is node- or link-related and, in the second case, locate the attack source. Moreover, we design a statistical model for determining optimal system thresholds by exploiting packet parameters variances.
With our techniques\u27 diagnosis information, we develop Kinesis, a security incident response system for sensor networks designed to recover from attacks without significant interruption, dynamically selecting response actions while being lightweight in communication and energy overhead
- …