2,881 research outputs found
Algebraic Watchdog: Mitigating Misbehavior in Wireless Network Coding
We propose a secure scheme for wireless network coding, called the algebraic
watchdog. By enabling nodes to detect malicious behaviors probabilistically and
use overheard messages to police their downstream neighbors locally, the
algebraic watchdog delivers a secure global self-checking network. Unlike
traditional Byzantine detection protocols which are receiver-based, this
protocol gives the senders an active role in checking the node downstream. The
key idea is inspired by Marti et al.'s watchdog-pathrater, which attempts to
detect and mitigate the effects of routing misbehavior.
As an initial building block of a such system, we first focus on a two-hop
network. We present a graphical model to understand the inference process nodes
execute to police their downstream neighbors; as well as to compute, analyze,
and approximate the probabilities of misdetection and false detection. In
addition, we present an algebraic analysis of the performance using an
hypothesis testing framework that provides exact formulae for probabilities of
false detection and misdetection.
We then extend the algebraic watchdog to a more general network setting, and
propose a protocol in which we can establish trust in coded systems in a
distributed manner. We develop a graphical model to detect the presence of an
adversarial node downstream within a general multi-hop network. The structure
of the graphical model (a trellis) lends itself to well-known algorithms, such
as the Viterbi algorithm, which can compute the probabilities of misdetection
and false detection. We show analytically that as long as the min-cut is not
dominated by the Byzantine adversaries, upstream nodes can monitor downstream
neighbors and allow reliable communication with certain probability. Finally,
we present simulation results that support our analysis.Comment: 10 pages, 10 figures, Submitted to IEEE Journal on Selected Areas in
Communications (JSAC) "Advances in Military Networking and Communications
Detecting Byzantine Attacks Without Clean Reference
We consider an amplify-and-forward relay network composed of a source, two
relays, and a destination. In this network, the two relays are untrusted in the
sense that they may perform Byzantine attacks by forwarding altered symbols to
the destination. Note that every symbol received by the destination may be
altered, and hence no clean reference observation is available to the
destination. For this network, we identify a large family of Byzantine attacks
that can be detected in the physical layer. We further investigate how the
channel conditions impact the detection against this family of attacks. In
particular, we prove that all Byzantine attacks in this family can be detected
with asymptotically small miss detection and false alarm probabilities by using
a sufficiently large number of channel observations \emph{if and only if} the
network satisfies a non-manipulability condition. No pre-shared secret or
secret transmission is needed for the detection of these attacks, demonstrating
the value of this physical-layer security technique for counteracting Byzantine
attacks.Comment: 16 pages, 7 figures, accepted to appear on IEEE Transactions on
Information Forensics and Security, July 201
Byzantine Attack and Defense in Cognitive Radio Networks: A Survey
The Byzantine attack in cooperative spectrum sensing (CSS), also known as the
spectrum sensing data falsification (SSDF) attack in the literature, is one of
the key adversaries to the success of cognitive radio networks (CRNs). In the
past couple of years, the research on the Byzantine attack and defense
strategies has gained worldwide increasing attention. In this paper, we provide
a comprehensive survey and tutorial on the recent advances in the Byzantine
attack and defense for CSS in CRNs. Specifically, we first briefly present the
preliminaries of CSS for general readers, including signal detection
techniques, hypothesis testing, and data fusion. Second, we analyze the spear
and shield relation between Byzantine attack and defense from three aspects:
the vulnerability of CSS to attack, the obstacles in CSS to defense, and the
games between attack and defense. Then, we propose a taxonomy of the existing
Byzantine attack behaviors and elaborate on the corresponding attack
parameters, which determine where, who, how, and when to launch attacks. Next,
from the perspectives of homogeneous or heterogeneous scenarios, we classify
the existing defense algorithms, and provide an in-depth tutorial on the
state-of-the-art Byzantine defense schemes, commonly known as robust or secure
CSS in the literature. Furthermore, we highlight the unsolved research
challenges and depict the future research directions.Comment: Accepted by IEEE Communications Surveys and Tutoiral
FairLedger: A Fair Blockchain Protocol for Financial Institutions
Financial institutions are currently looking into technologies for
permissioned blockchains. A major effort in this direction is Hyperledger, an
open source project hosted by the Linux Foundation and backed by a consortium
of over a hundred companies. A key component in permissioned blockchain
protocols is a byzantine fault tolerant (BFT) consensus engine that orders
transactions. However, currently available BFT solutions in Hyperledger (as
well as in the literature at large) are inadequate for financial settings; they
are not designed to ensure fairness or to tolerate selfish behavior that arises
when financial institutions strive to maximize their own profit.
We present FairLedger, a permissioned blockchain BFT protocol, which is fair,
designed to deal with rational behavior, and, no less important, easy to
understand and implement. The secret sauce of our protocol is a new
communication abstraction, called detectable all-to-all (DA2A), which allows us
to detect participants (byzantine or rational) that deviate from the protocol,
and punish them. We implement FairLedger in the Hyperledger open source
project, using Iroha framework, one of the biggest projects therein. To
evaluate FairLegder's performance, we also implement it in the PBFT framework
and compare the two protocols. Our results show that in failure-free scenarios
FairLedger achieves better throughput than both Iroha's implementation and PBFT
in wide-area settings
How to Specify and How to Prove Correctness of Secure Routing Protocols for MANET
Secure routing protocols for mobile ad hoc networks have been developed
recently, yet, it has been unclear what are the properties they achieve, as a
formal analysis of these protocols is mostly lacking. In this paper, we are
concerned with this problem, how to specify and how to prove the correctness of
a secure routing protocol. We provide a definition of what a protocol is
expected to achieve independently of its functionality, as well as
communication and adversary models. This way, we enable formal reasoning on the
correctness of secure routing protocols. We demonstrate this by analyzing two
protocols from the literature
- …