1,076 research outputs found
BlindSignedID: Mitigating Denial-of-Service Attacks on Digital Contact Tracing
Due to the recent outbreak of COVID-19, many governments suspended outdoor
activities and imposed social distancing policies to prevent the transmission
of SARS-CoV-2. These measures have had severe impact on the economy and
peoples' daily lives. An alternative to widespread lockdowns is effective
contact tracing during an outbreak's early stage. However, mathematical models
suggest that epidemic control for SARS-CoV-2 transmission with manual contact
tracing is implausible. To reduce the effort of contact tracing, many digital
contact tracing projects (e.g., PEPP-PT, DP-3T, TCN, BlueTrace, Google/Apple
Exposure Notification, and East/West Coast PACT) are being developed to
supplement manual contact tracing. However, digital contact tracing has drawn
scrutiny from privacy advocates, since governments or other parties may attempt
to use contact tracing protocols for mass surveillance. As a result, many
digital contact tracing projects build privacy-preserving mechanisms to limit
the amount of privacy-sensitive information leaked by the protocol. In this
paper, we examine how these architectures resist certain classes of attacks,
specifically DoS attacks, and present BlindSignedIDs, a privacy-preserving
digital contact tracing mechanism, which are verifiable ephemeral identifiers
to limit the effectiveness of MAC-compliant DoS attacks. In our evaluations, we
showed BlindSignedID can effectively deny bogus EphIDs, mitigating DoS attacks
on the local storage beyond 90% of stored EphIDs. Our example DoS attacks
showed that using 4 attackers can cause the gigabyte level DoS attacks within
normal working hours and days.Comment: 10 pages, 6 figure
Energy efficient privacy preserved data gathering in wireless sensor networks having multiple sinks
Wireless sensor networks (WSNs) generally have a many-to-one structure so that event information flows from sensors to a unique sink. In recent WSN applications, many-tomany structures are evolved due to need for conveying collected event information to multiple sinks at the same time. This study proposes an anonymity method bases on k-anonymity for preventing record disclosure of collected event information in WSNs. Proposed method takes the anonymity requirements of multiple sinks into consideration by providing different levels of privacy for each destination sink. Attributes, which may identify of an event owner, are generalized or encrypted in order to
meet the different anonymity requirements of sinks. Privacy guaranteed event information can be multicasted to all sinks instead of sending to each sink one by one. Since minimization of energy consumption is an important design criteria for WSNs, our method enables us to multicast the same event information
to multiple sinks and reduce energy consumption
Recommended from our members
Nonintrusive tracing in the Internet
Intruders that log in through a series of machines when conducting an attack are hard to trace because of the complex architecture of the Internet. The thumbprinting method provides an efficient way of tracing such intruders by determining whether two connections are part of the same connection chain. Because many connections are transient and therefore short in length, choosing the best time interval to thumbprint over can be an issue. In this paper, we provide a way to shorten the time interval used for thumbprinting. We then study some special properties of the thumbprinting function. We also study another mechanism for tracing intruders in the Internet based on a timestamping approach, which passively monitors flows between source and destination pairs. Given a potentially suspicious source, we identify its true destination. We compute the error probability of our algorithm and show that its value decreases exponentially as the observation time increases. Our simulation results show that our approach performs well
- …