9,547 research outputs found
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
Resilient Aggregation in Simple Linear Sensor Networks
A sensor network is a network comprised of many small, wireless, resource-limited nodes that sense data about their environment and report readings to a base station. One technique to conserve power in a sensor network is to aggregate sensor readings hop-by-hop as they travel towards a base station, thereby reducing the total number of messages required to collect each sensor reading. In an adversarial setting, the ability of a malicious node to alter this aggregate total must be limited. We present three aggregation protocols inspired by three natural key pre-distribution schemes for linear networks. Assuming no more than consecutive nodes are malicious, each of these protocols limits the capability of a malicious node to altering the aggregate total by at most a single valid sensor reading. Additionally, our protocols are able to detect malicious behavior as it occurs, allowing the protocol to be aborted early, thereby conserving energy in the remaining nodes. A rigorous proof of security is also given for each protocol
Fault-Tolerant Aggregation: Flow-Updating Meets Mass-Distribution
Flow-Updating (FU) is a fault-tolerant technique that has proved to be
efficient in practice for the distributed computation of aggregate functions in
communication networks where individual processors do not have access to global
information. Previous distributed aggregation protocols, based on repeated
sharing of input values (or mass) among processors, sometimes called
Mass-Distribution (MD) protocols, are not resilient to communication failures
(or message loss) because such failures yield a loss of mass. In this paper, we
present a protocol which we call Mass-Distribution with Flow-Updating (MDFU).
We obtain MDFU by applying FU techniques to classic MD. We analyze the
convergence time of MDFU showing that stochastic message loss produces low
overhead. This is the first convergence proof of an FU-based algorithm. We
evaluate MDFU experimentally, comparing it with previous MD and FU protocols,
and verifying the behavior predicted by the analysis. Finally, given that MDFU
incurs a fixed deviation proportional to the message-loss rate, we adjust the
accuracy of MDFU heuristically in a new protocol called MDFU with Linear
Prediction (MDFU-LP). The evaluation shows that both MDFU and MDFU-LP behave
very well in practice, even under high rates of message loss and even changing
the input values dynamically.Comment: 18 pages, 5 figures, To appear in OPODIS 201
Adatbiztonság és adatvédelem a mindent átható számítógépes technológia világában = Security and Privacy Issues in Pervasive Computing
(1) Több ugrásos vezeték nélküli hálózatok biztonsága: Ad hoc és szenzorhálózatokban használt útvonalválasztó protokollok biztonágának analízise, új bizonyíthatóan biztonságos protokollok tervezése (enairA, Secure tinyLUNAR). Új támadás-ellenálló adataggregációs algoritmusok tervezése (RANBAR, CORA) és analízise. Spontán kooperáció kialakulása feltételeinek vizsgálata ad hoc és szenzorhálózatokban, kooperáció ösztönzése késleltetéstűrő ad hoc hálózatokban (Barter). (2) Személyes biztonsági tokenek: A nem-megbízható terminál probléma vizsgálata, feltételes aláírásra épülő megoldás tervezése és analízise. (3) RFID biztonsági és adatvédelmi kérdések: Kulcsfa alapú azonosító-rejtő hitelesítés analízise, a privacy szintjének meghatározása. Optimális kulcsfa tervezése. Új azonosító-rejtő hitelesítő protokoll tervezése és összehasonlítása a kulcsfa alapú módszerrel. (4) Formális biztonsági modellek: Szimulációs paradigmára épülő biztonsági modell útvonalválasztó protokollok analízisére. Támadó-modellek és analízis módszer támadás-ellenálló adataggregáció vizsgálatára. Formális modell kidolgozása a korlátozott számítási képességekkel rendelkező humán felhasználó leírására. Privacy metrika kidolgozása azonosító-rejtő hitekesítő protokollok számára. Játékelméleti modellek a spontán koopráció vizsgálatára ad hoc és szenzor hálózatokban, valamint spam és DoS elleni védelmi mechanizmusok analízisére. | (1) Security of multi-hop wireless networks: Security analysis of routing protocols proposed for mobile ad hoc and sensor networks, development of novel routing protocols with provable security (enairA, Secure tinyLUNAR). Development of novel resilient aggregation algorithms for sensor networks (RANBAR, CORA). Analysis of conditions for the emergence of spontaneous cooperation in ad hoc and sensor networks, novel algorithm to foster cooperation in opportunistic ad hoc networks (Barter). (2) Security tokens: Analysis of the untrusted terminal problem, mitigation by using conditional signature based protocols. (3) RFID security and privacy: Analysis of key-tree based private authentication, novel metrics to measure the level of privacy. Design of optimal key-trees, novel private authentication protocols based on group keys. (4) Formal models: Modeling framework for routing protocols based on the simulation paradigm, proof techniques for analyzing the security of routing. Attacker models and analysis techniques for resilient aggregation in sensor networks. Formal model for representing the limited computing capacity of humans. Metrics for determining the level of privacy provided by private authentication protocols. Game theoretic models for studying cooperation in ad hoc and sensor networks, and for analysisng the performance of spam and DoS protection mechanisms
Spectra: Robust Estimation of Distribution Functions in Networks
Distributed aggregation allows the derivation of a given global aggregate
property from many individual local values in nodes of an interconnected
network system. Simple aggregates such as minima/maxima, counts, sums and
averages have been thoroughly studied in the past and are important tools for
distributed algorithms and network coordination. Nonetheless, this kind of
aggregates may not be comprehensive enough to characterize biased data
distributions or when in presence of outliers, making the case for richer
estimates of the values on the network. This work presents Spectra, a
distributed algorithm for the estimation of distribution functions over large
scale networks. The estimate is available at all nodes and the technique
depicts important properties, namely: robust when exposed to high levels of
message loss, fast convergence speed and fine precision in the estimate. It can
also dynamically cope with changes of the sampled local property, not requiring
algorithm restarts, and is highly resilient to node churn. The proposed
approach is experimentally evaluated and contrasted to a competing state of the
art distribution aggregation technique.Comment: Full version of the paper published at 12th IFIP International
Conference on Distributed Applications and Interoperable Systems (DAIS),
Stockholm (Sweden), June 201
- …