436 research outputs found
Network Codes Resilient to Jamming and Eavesdropping
We consider the problem of communicating information over a network secretly
and reliably in the presence of a hidden adversary who can eavesdrop and inject
malicious errors. We provide polynomial-time, rate-optimal distributed network
codes for this scenario, improving on the rates achievable in previous work.
Our main contribution shows that as long as the sum of the adversary's jamming
rate Zo and his eavesdropping rate Zi is less than the network capacity C,
(i.e., Zo+Zi<C), our codes can communicate (with vanishingly small error
probability) a single bit correctly and without leaking any information to the
adversary. We then use this to design codes that allow communication at the
optimal source rate of C-Zo-Zi, while keeping the communicated message secret
from the adversary. Interior nodes are oblivious to the presence of adversaries
and perform random linear network coding; only the source and destination need
to be tweaked. In proving our results we correct an error in prior work by a
subset of the authors in this work.Comment: 6 pages, to appear at IEEE NetCod 201
Network Codes Resilient to Jamming and Eavesdropping
We consider the problem of communicating information over a network secretly and reliably in the presence of a hidden adversary who can eavesdrop and inject malicious errors. We provide polynomial-time distributed network codes that are information-theoretically rate-optimal for this scenario, improving on the rates achievable in prior work by Ngai et al. Our main contribution shows that as long as the sum of the number of links the adversary can jam (denoted by Z_O) and the number of links he can eavesdrop on (denoted by Z_I) is less than the network capacity (denoted by C) (i.e., Z(O) + Z_I < C), our codes can communicate (with vanishingly small error probability) a single bit correctly and without leaking any information to the adversary. We then use this scheme as a module to design codes that allow communication at the source rate of C - Z_O when there are no security requirements, and codes that allow communication at the source rate of C - Z_O - Z_I while keeping the communicated message provably secret from the adversary. Interior nodes are oblivious to the presence of adversaries and perform random linear network coding; only the source and destination need to be tweaked. We also prove that the rate-region obtained is information-theoretically optimal. In proving our results, we correct an error in prior work by a subset of the authors in this paper
Routing for Security in Networks with Adversarial Nodes
We consider the problem of secure unicast transmission between two nodes in a
directed graph, where an adversary eavesdrops/jams a subset of nodes. This
adversarial setting is in contrast to traditional ones where the adversary
controls a subset of links. In particular, we study, in the main, the class of
routing-only schemes (as opposed to those allowing coding inside the network).
Routing-only schemes usually have low implementation complexity, yet a
characterization of the rates achievable by such schemes was open prior to this
work. We first propose an LP based solution for secure communication against
eavesdropping, and show that it is information-theoretically rate-optimal among
all routing-only schemes. The idea behind our design is to balance information
flow in the network so that no subset of nodes observe "too much" information.
Interestingly, we show that the rates achieved by our routing-only scheme are
always at least as good as, and sometimes better, than those achieved by
"na\"ive" network coding schemes (i.e. the rate-optimal scheme designed for the
traditional scenario where the adversary controls links in a network rather
than nodes.) We also demonstrate non-trivial network coding schemes that
achieve rates at least as high as (and again sometimes better than) those
achieved by our routing schemes, but leave open the question of characterizing
the optimal rate-region of the problem under all possible coding schemes. We
then extend these routing-only schemes to the adversarial node-jamming
scenarios and show similar results. During the journey of our investigation, we
also develop a new technique that has the potential to derive non-trivial
bounds for general secure-communication schemes
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
Coding against a Limited-view Adversary: The Effect of Causality and Feedback
We consider the problem of communication over a multi-path network in the
presence of a causal adversary. The limited-view causal adversary is able to
eavesdrop on a subset of links and also jam on a potentially overlapping subset
of links based on the current and past information. To ensure that the
communication takes place reliably and secretly, resilient network codes with
necessary redundancy are needed. We study two adversarial models - additive and
overwrite jamming and we optionally assume passive feedback from decoder to
encoder, i.e., the encoder sees everything that the decoder sees. The problem
assumes transmissions are in the large alphabet regime. For both jamming
models, we find the capacity under four scenarios - reliability without
feedback, reliability and secrecy without feedback, reliability with passive
feedback, reliability and secrecy with passive feedback. We observe that, in
comparison to the non-causal setting, the capacity with a causal adversary is
strictly increased for a wide variety of parameter settings and present our
intuition through several examples.Comment: 15 page
Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey
This paper provides a comprehensive review of the domain of physical layer
security in multiuser wireless networks. The essential premise of
physical-layer security is to enable the exchange of confidential messages over
a wireless medium in the presence of unauthorized eavesdroppers without relying
on higher-layer encryption. This can be achieved primarily in two ways: without
the need for a secret key by intelligently designing transmit coding
strategies, or by exploiting the wireless communication medium to develop
secret keys over public channels. The survey begins with an overview of the
foundations dating back to the pioneering work of Shannon and Wyner on
information-theoretic security. We then describe the evolution of secure
transmission strategies from point-to-point channels to multiple-antenna
systems, followed by generalizations to multiuser broadcast, multiple-access,
interference, and relay networks. Secret-key generation and establishment
protocols based on physical layer mechanisms are subsequently covered.
Approaches for secrecy based on channel coding design are then examined, along
with a description of inter-disciplinary approaches based on game theory and
stochastic geometry. The associated problem of physical-layer message
authentication is also introduced briefly. The survey concludes with
observations on potential research directions in this area.Comment: 23 pages, 10 figures, 303 refs. arXiv admin note: text overlap with
arXiv:1303.1609 by other authors. IEEE Communications Surveys and Tutorials,
201
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Resilient Network Coding in the Presence of Byzantine Adversaries
Network coding substantially increases network throughput. But since it involves mixing of information inside the network, a single corrupted packet generated by a malicious node can end up contaminating all the information reaching a
destination, preventing decoding.
This paper introduces distributed polynomial-time rate-optimal network codes that work in the presence of Byzantine nodes. We present algorithms that target adversaries with different attacking capabilities. When the adversary can eavesdrop on all links and jam zO links, our first algorithm achieves a rate of C - 2zO, where C is the network capacity. In contrast, when the adversary has limited eavesdropping capabilities, we provide algorithms that achieve the higher rate of C - zO.
Our algorithms attain the optimal rate given the strength of the adversary. They are information-theoretically secure. They operate in a distributed manner, assume no knowledge of the topology, and can be designed and implemented in polynomial time. Furthermore, only the source and destination need to be modified; nonmalicious nodes inside the network are oblivious to the presence of adversaries and implement a classical distributed network code. Finally, our algorithms work over wired and wireless networks
- …