Lightweight Security for Network Coding

Under the emerging network coding paradigm, intermediate nodes in the network are allowed not only to store and forward packets but also to process and mix different data flows. We propose a low-complexity cryptographic scheme that exploits the inherent security provided by random linear network coding and offers the advantage of reduced overhead in comparison to traditional end-to-end encryption of the entire data. Confidentiality is achieved by protecting (or "locking") the source coefficients required to decode the encoded data, without preventing intermediate nodes from running their standard network coding operations. Our scheme can be easily combined with existing techniques that counter active attacks.Comment: Proc. of the IEEE International Conference on Communications (ICC 2008), Beijing, China, May 200

Network Information Flow with Correlated Sources

In this paper, we consider a network communications problem in which multiple correlated sources must be delivered to a single data collector node, over a network of noisy independent point-to-point channels. We prove that perfect reconstruction of all the sources at the sink is possible if and only if, for all partitions of the network nodes into two subsets S and S^c such that the sink is always in S^c, we have that H(U_S|U_{S^c}) < \sum_{i\in S,j\in S^c} C_{ij}. Our main finding is that in this setup a general source/channel separation theorem holds, and that Shannon information behaves as a classical network flow, identical in nature to the flow of water in pipes. At first glance, it might seem surprising that separation holds in a fairly general network situation like the one we study. A closer look, however, reveals that the reason for this is that our model allows only for independent point-to-point channels between pairs of nodes, and not multiple-access and/or broadcast channels, for which separation is well known not to hold. This ``information as flow'' view provides an algorithmic interpretation for our results, among which perhaps the most important one is the optimality of implementing codes using a layered protocol stack.Comment: Final version, to appear in the IEEE Transactions on Information Theory -- contains (very) minor changes based on the last round of review

Network Information Flow in Small World Networks

Recent results from statistical physics show that large classes of complex networks, both man-made and of natural origin, are characterized by high clustering properties yet strikingly short path lengths between pairs of nodes. This class of networks are said to have a small-world topology. In the context of communication networks, navigable small-world topologies, i.e. those which admit efficient distributed routing algorithms, are deemed particularly effective, for example in resource discovery tasks and peer-to-peer applications. Breaking with the traditional approach to small-world topologies that privileges graph parameters pertaining to connectivity, and intrigued by the fundamental limits of communication in networks that exploit this type of topology, we investigate the capacity of these networks from the perspective of network information flow. Our contribution includes upper and lower bounds for the capacity of standard and navigable small-world models, and the somewhat surprising result that, with high probability, random rewiring does not alter the capacity of a small-world network.Comment: 23 pages, 8 fitures, submitted to the IEEE Transactions on Information Theory, November 200

Algebraic Watchdog: Mitigating Misbehavior in Wireless Network Coding

We propose a secure scheme for wireless network coding, called the algebraic watchdog. By enabling nodes to detect malicious behaviors probabilistically and use overheard messages to police their downstream neighbors locally, the algebraic watchdog delivers a secure global self-checking network. Unlike traditional Byzantine detection protocols which are receiver-based, this protocol gives the senders an active role in checking the node downstream. The key idea is inspired by Marti et al.'s watchdog-pathrater, which attempts to detect and mitigate the effects of routing misbehavior. As an initial building block of a such system, we first focus on a two-hop network. We present a graphical model to understand the inference process nodes execute to police their downstream neighbors; as well as to compute, analyze, and approximate the probabilities of misdetection and false detection. In addition, we present an algebraic analysis of the performance using an hypothesis testing framework that provides exact formulae for probabilities of false detection and misdetection. We then extend the algebraic watchdog to a more general network setting, and propose a protocol in which we can establish trust in coded systems in a distributed manner. We develop a graphical model to detect the presence of an adversarial node downstream within a general multi-hop network. The structure of the graphical model (a trellis) lends itself to well-known algorithms, such as the Viterbi algorithm, which can compute the probabilities of misdetection and false detection. We show analytically that as long as the min-cut is not dominated by the Byzantine adversaries, upstream nodes can monitor downstream neighbors and allow reliable communication with certain probability. Finally, we present simulation results that support our analysis.Comment: 10 pages, 10 figures, Submitted to IEEE Journal on Selected Areas in Communications (JSAC) "Advances in Military Networking and Communications

A Multi-hop Multi-source Algebraic Watchdog

In our previous work "An Algebraic Watchdog for Wireless Network Coding", we proposed a new scheme in which nodes can detect malicious behaviors probabilistically, police their downstream neighbors locally using overheard messages; thus, provide a secure global "self-checking network". As the first building block of such a system, we focused on a two-hop network, and presented a graphical model to understand the inference process by which nodes police their downstream neighbors and to compute the probabilities of misdetection and false detection. In this paper, we extend the Algebraic Watchdog to a more general network setting, and propose a protocol in which we can establish "trust" in coded systems in a distributed manner. We develop a graphical model to detect the presence of an adversarial node downstream within a general two-hop network. The structure of the graphical model (a trellis) lends itself to well-known algorithms, such as Viterbi algorithm, that can compute the probabilities of misdetection and false detection. Using this as a building block, we generalize our scheme to multi-hop networks. We show analytically that as long as the min-cut is not dominated by the Byzantine adversaries, upstream nodes can monitor downstream neighbors and allow reliable communication with certain probability. Finally, we present preliminary simulation results that support our analysis.Comment: 5 pages, 2 figures, to appear in IEEE ITW Dublin 201

Modeling Network Coded TCP Throughput: A Simple Model and its Validation

We analyze the performance of TCP and TCP with network coding (TCP/NC) in lossy wireless networks. We build upon the simple framework introduced by Padhye et al. and characterize the throughput behavior of classical TCP as well as TCP/NC as a function of erasure rate, round-trip time, maximum window size, and duration of the connection. Our analytical results show that network coding masks erasures and losses from TCP, thus preventing TCP's performance degradation in lossy networks, such as wireless networks. It is further seen that TCP/NC has significant throughput gains over TCP. In addition, we simulate TCP and TCP/NC to verify our analysis of the average throughput and the window evolution. Our analysis and simulation results show very close concordance and support that TCP/NC is robust against erasures. TCP/NC is not only able to increase its window size faster but also to maintain a large window size despite losses within the network, whereas TCP experiences window closing essentially because losses are mistakenly attributed to congestion.Comment: 9 pages, 12 figures, 1 table, submitted to IEEE INFOCOM 201

Techniques for Enhanced Physical-Layer Security

Information-theoretic security--widely accepted as the strictest notion of security--relies on channel coding techniques that exploit the inherent randomness of propagation channels to strengthen the security of communications systems. Within this paradigm, we explore strategies to improve secure connectivity in a wireless network. We first consider the intrinsically secure communications graph (iS-graph), a convenient representation of the links that can be established with information-theoretic security on a large-scale network. We then propose and characterize two techniques--sectorized transmission and eavesdropper neutralization--which are shown to dramatically enhance the connectivity of the iS-graph.Comment: Pre-print, IEEE Global Telecommunications Conference (GLOBECOM'10), Miami, FL, Dec. 201

Wireless Secrecy in Large-Scale Networks

The ability to exchange secret information is critical to many commercial, governmental, and military networks. The intrinsically secure communications graph (iS-graph) is a random graph which describes the connections that can be securely established over a large-scale network, by exploiting the physical properties of the wireless medium. This paper provides an overview of the main properties of this new class of random graphs. We first analyze the local properties of the iS-graph, namely the degree distributions and their dependence on fading, target secrecy rate, and eavesdropper collusion. To mitigate the effect of the eavesdroppers, we propose two techniques that improve secure connectivity. Then, we analyze the global properties of the iS-graph, namely percolation on the infinite plane, and full connectivity on a finite region. These results help clarify how the presence of eavesdroppers can compromise secure communication in a large-scale network.Comment: To appear: Proc. IEEE Information Theory and Applications Workshop (ITA'11), San Diego, CA, Feb. 2011, pp. 1-10, Invited Pape

Informed Network Coding for Minimum Decoding Delay

Network coding is a highly efficient data dissemination mechanism for wireless networks. Since network coded information can only be recovered after delivering a sufficient number of coded packets, the resulting decoding delay can become problematic for delay-sensitive applications such as real-time media streaming. Motivated by this observation, we consider several algorithms that minimize the decoding delay and analyze their performance by means of simulation. The algorithms differ both in the required information about the state of the neighbors' buffers and in the way this knowledge is used to decide which packets to combine through coding operations. Our results show that a greedy algorithm, whose encodings maximize the number of nodes at which a coded packet is immediately decodable significantly outperforms existing network coding protocols.Comment: Proc. of the IEEE International Conference on Mobile Ad-hoc and Sensor Systems (IEEE MASS 2008), Atlanta, USA, September 200