1,103 research outputs found
Introducing Accountability to Anonymity Networks
Many anonymous communication (AC) networks rely on routing traffic through
proxy nodes to obfuscate the originator of the traffic. Without an
accountability mechanism, exit proxy nodes risk sanctions by law enforcement if
users commit illegal actions through the AC network. We present BackRef, a
generic mechanism for AC networks that provides practical repudiation for the
proxy nodes by tracing back the selected outbound traffic to the predecessor
node (but not in the forward direction) through a cryptographically verifiable
chain. It also provides an option for full (or partial) traceability back to
the entry node or even to the corresponding user when all intermediate nodes
are cooperating. Moreover, to maintain a good balance between anonymity and
accountability, the protocol incorporates whitelist directories at exit proxy
nodes. BackRef offers improved deployability over the related work, and
introduces a novel concept of pseudonymous signatures that may be of
independent interest.
We exemplify the utility of BackRef by integrating it into the onion routing
(OR) protocol, and examine its deployability by considering several
system-level aspects. We also present the security definitions for the BackRef
system (namely, anonymity, backward traceability, no forward traceability, and
no false accusation) and conduct a formal security analysis of the OR protocol
with BackRef using ProVerif, an automated cryptographic protocol verifier,
establishing the aforementioned security properties against a strong
adversarial model
Wireless Sensor Networks (WSNs): Security and Privacy Issues and Solutions
Wireless sensor networks (WSNs) have become one of the current research areas, and it proves to be a very supportive technology for various applications such as environmental-, military-, health-, home-, and office-based applications. WSN can either be mobile wireless sensor network (MWSN) or static wireless sensor network (SWSN). MWSN is a specialized wireless network consisting of considerable number of mobile sensors, however the instability of its topology introduces several performance issues during data routing. SWSNs consisting of static nodes with static topology also share some of the security challenges of MWSNs due to some constraints associated with the sensor nodes. Security, privacy, computation and energy constraints, and reliability issues are the major challenges facing WSNs, especially during routing. To solve these challenges, WSN routing protocols must ensure confidentiality, integrity, privacy preservation, and reliability in the network. Thus, efficient and energy-aware countermeasures have to be designed to prevent intrusion in the network. In this chapter, we describe different forms of WSNs, challenges, solutions, and a point-to-point multi-hop-based secure solution for effective routing in WSNs
A quantum key distribution protocol for rapid denial of service detection
We introduce a quantum key distribution protocol designed to expose fake
users that connect to Alice or Bob for the purpose of monopolising the link and
denying service. It inherently resists attempts to exhaust Alice and Bob's
initial shared secret, and is 100% efficient, regardless of the number of
qubits exchanged above the finite key limit. Additionally, secure key can be
generated from two-photon pulses, without having to make any extra
modifications. This is made possible by relaxing the security of BB84 to that
of the quantum-safe block cipher used for day-to-day encryption, meaning the
overall security remains unaffected for useful real-world cryptosystems such as
AES-GCM being keyed with quantum devices.Comment: 13 pages, 3 figures. v2: Shifted focus of paper towards DoS and added
protocol 4. v1: Accepted to QCrypt 201
Game Theory-Based Cooperation for Underwater Acoustic Sensor Networks: Taxonomy, Review, Research Challenges and Directions.
Exploring and monitoring the underwater world using underwater sensors is drawing a lot of attention these days. In this field cooperation between acoustic sensor nodes has been a critical problem due to the challenging features such as acoustic channel failure (sound signal), long propagation delay of acoustic signal, limited bandwidth and loss of connectivity. There are several proposed methods to improve cooperation between the nodes by incorporating information/game theory in the node's cooperation. However, there is a need to classify the existing works and demonstrate their performance in addressing the cooperation issue. In this paper, we have conducted a review to investigate various factors affecting cooperation in underwater acoustic sensor networks. We study various cooperation techniques used for underwater acoustic sensor networks from different perspectives, with a concentration on communication reliability, energy consumption, and security and present a taxonomy for underwater cooperation. Moreover, we further review how the game theory can be applied to make the nodes cooperate with each other. We further analyze different cooperative game methods, where their performance on different metrics is compared. Finally, open issues and future research direction in underwater acoustic sensor networks are highlighted
Anomaly Detection Analysis with Graph-Based Cyber Threat Hunting Scheme
As advanced persistence threats become more prevalent and cyber-attacks become more severe, cyber defense analysts will be required to exert greater effort to protect their systems. A continuous defense mechanism is needed to ensure no incidents occur in the system, one of which is cyber threat hunting. To prove that cyber threat hunting is important, this research simulated a cyber-attack that has successfully entered the system but was not detected by the IDS device even though it already has relatively updated rules. Based on the simulation result, this research designed a data correlation model implemented in a graph visualization with enrichment on-demand features to help analysts conduct cyber threat hunting with graph visualization to detect cyber-attacks. The data correlation model developed in this research can overcome this gap and increase the percentage of detection that was originally undetected / 0% by IDS, to be detected by more than 45% and can even be assessed to be 100% detected based on the anomaly pattern that was successfully found
LIRA-V:Lightweight Remote Attestation for Constrained RISC-V Devices
This paper presents LIRA-V, a lightweight system for performing remote
attestation between constrained devices using the RISC-V architecture. We
propose using read-only memory and the RISC-V Physical Memory Protection (PMP)
primitive to build a trust anchor for remote attestation and secure channel
creation. Moreover, we propose a bi-directional attestation protocol for
trusted device-to-device communication, which is subjected to formal symbolic
verification using Scyther. We present the design, implementation and
evaluation of LIRA-V using an off-the-shelf {RISC-V} microcontroller and
present performance results to demonstrate its suitability. To our knowledge,
we present the first remote attestation mechanism suitable for constrained
RISC-V devices, with applications to the Internet of Things (IoT) and Cyber
Physical Systems (CPS).Comment: Accepted at IEEE SafeThings (in conjunction with IEEE Security &
Privacy '21
- …