Opportunistic networking in OMNeT

ABSTRACT We describe mechanisms for simulating opportunistic and delay-tolerant networks in the OMNeT++ discrete event simulator. The mechanisms allow for simulating open systems of wireless mobile nodes where mobility-or contact traces are used to drive the simulations. This way mobility generation is separated from the core OMNeT++ protocol simulations which facilitates importing synthetic or real data from external mobility generators, real mobility tracking data or real contact traces. The paper describes the design and implementation of our mechanisms for OMNeT++ and gives an example of how we have used these to simulate opportunistic wireless content distribution in an urban environment

Conclave: secure multi-party computation on big data (extended TR)

Secure Multi-Party Computation (MPC) allows mutually distrusting parties to run joint computations without revealing private data. Current MPC algorithms scale poorly with data size, which makes MPC on "big data" prohibitively slow and inhibits its practical use. Many relational analytics queries can maintain MPC's end-to-end security guarantee without using cryptographic MPC techniques for all operations. Conclave is a query compiler that accelerates such queries by transforming them into a combination of data-parallel, local cleartext processing and small MPC steps. When parties trust others with specific subsets of the data, Conclave applies new hybrid MPC-cleartext protocols to run additional steps outside of MPC and improve scalability further. Our Conclave prototype generates code for cleartext processing in Python and Spark, and for secure MPC using the Sharemind and Obliv-C frameworks. Conclave scales to data sets between three and six orders of magnitude larger than state-of-the-art MPC frameworks support on their own. Thanks to its hybrid protocols, Conclave also substantially outperforms SMCQL, the most similar existing system.Comment: Extended technical report for EuroSys 2019 pape

The security properties of in-network aggression

In-network aggregation is an important paradigm for current and future networked systems, enabling efficient cooperate processing of aggregate information, while providing sub-linear scalability properties. However, security of this important class of algorithms has to date not been sufficiently addressed. In this dissertation, we focus on the integrity properties of in-network aggregation algorithms, with emphasis on the sub-goals of correctness and completeness. We propose an efficient solution that provides strong correctness guarantees by ensuring individual node integrity a priori by applying the principles of trusted systems. To this end, we propose dedicated trusted sensor and aggregator modules. Trusted modules, in conjunction with cryptographic authentication and transport protocols, are applied to construct trusted aggregation overlays, giving strong guarantees in terms of correctness. We support our findings by a proof-of-concept prototype in a single aggregator model, as well as a design for a hierarchical in-network aggregation system. Completeness is a more elusive goal than correctness, if only for the fact that drops and message corruptions are a fact of life in distributed systems. Hence, it may not be possible to distinguish between benign and malicious losses. Building on the trusted systems solution for correctness, we propose a protocol that decreases the adversarial influence in a tree-based aggregation network. We exploit the fact that a secure protocol can be executed over a trusted overlay, enabling per-edge fault detection and dissemination of edge ratings. Simulation-based trials suggest that the presented protocol achieves significant reduction in the potential impact an adversary can have on the completeness of aggregate results

The security properties of in-network aggression

In-netvork aggregation is an important paradigm for current and future networked systems, enabling efficient cooperate processing of aggregate information, while providing sub-linear scalability properties. However, security of this important class of algorithms has to date not been sufficiently addressed. In this dissertation, we focus on the integrity properties of in-network aggregation algorithms, with emphasis on the sub-goals of correctness and completeness. We propose an efficient solution that provides strong correctness guarantees by ensuring individual node integrity a priori by applying the principles of trusted systems. To this end, we propose dedicated trusted sensor and aggregator modules. Trusted modules, in conjunction with cryptographic authentication and transport protocols, are applied to construct trusted aggregation overlays, giving strong guarantees in terms of correctness. We support our findings by a proof-of-concept prototype in a single aggregator model, as well as a design for a hierarchical in-network aggregation system. Completeness is a more elusive goal than correctness, if only for the fact that drops and message corruptions are a fact of life in distributed systems. Hence, it may not be possible to distinguish between benign and malicious losses. Building on the trusted systems solution for correctness, we propose a protocol that decreases the adversarial influence in a tree-based aggregation network. We exploit the fact that a secure protocol can be executed over a trusted overlay, enabling per-edge fault detection and dissemination of edge ratings. Simulation-based trials suggest that the presented protocol achieves significant reduction in the potential impact an adversary can have on the completeness of aggregate results

Gátt fyrir þráðlausa dreifingu á biðþolnu efni

Wireless ad-hoc networks are a viable alternative to the currently prevalent model of last-hop wireless links to an infrastructure network. Prior research has shown that mobility can be utilized to increase the capacity of wireless ad-hoc networks, by opportunistically utilizing peer-to-peer contacts. Pod- Net is a research project whose goal is to create a comprehensive personal broadcasting system in which participants opportunistically utilize random contacts to exchange content. This dissertation contributes to the PodNet system. A design of a multi-role node and a solicitation protocol for use in the PodNet system is presented. In particular, this dissertation considers gateway nodes, which procure content from sources on the Internet and provide to peers in the ad-hoc domain. This work is supported by an implementation in the form of a simulation model and a simple prototype of PodNet node software. Evaluation of the protocol and some initial explorations of a simple PodNet community are also discussed.Þráðlaus jafningjanet eru raunhæfur valkostur í stað þráðlausra tenginga við stoðkerfi sem algengt er í dag. Rannsóknir hafa sýnt að þegar jafningjar í slíkum netum eru hreyfanlegir má nýta tilfallandi innbyrðis tengingar milli þeirra til gagnaskipta. Hreyfanleikann má þannig nýta til að stuðla að dreifingu efnis. PodNet er rannsóknarverkefni sem hefur að markmiði að skapa heildstætt dreifikerfi sem nýtir tilfallandi tengingar milli hreyfanlegra jafningja til gagnaflutnings. Þessi ritgerð er innlegg í PodNet verkefnið. Hönnun fjölhæfs hnúts er sett fram og samskiptareglur eru skilgreindar. Þessi vinna er studd með útfærslu í formi hermilíkans og frumgerðar af hugbúnaði. Ein hnútategund er skoðuð sérstaklega: Það er gátt, sem sækir efni á Internetið og dreifir í jafningjanetinu. Einnig eru niðurstöður hermunar settar fram, auk prófana á samskiptareglum og frumathugana á hegðun PodNet hópa

Opportunistic Networking in OMNeT++

This work describes mechanisms for simulating opportunis-tic and delay-tolerant networks in the OMNeT++ discrete event simulator. The mechanisms allow for simulating open systems of wireless mobile nodes where mobility- or contact traces are used to drive the simulations. This way mobil-ity generation is separated from the core OMNeT++ proto-col simulations which facilitates importing synthetic or real data from external mobility generators, real mobility track-ing data or real contact traces. The paper describes the im-plementation of our mechanisms for OMNeT++ and gives an example of how we have used these to simulate oppor-tunistic wireless content distribution in an urban environ-ment. Categories and Subject Descriptors I.6.8 [Simulation and Modeling]: Types of Simulation

Towards Flexible and Secure Distributed Aggregation

Abstract. Distributed aggregation algorithms are important in many present and future computing applications. However, after a decade of research, there are still numerous open questions regarding the security of this important class of algorithms. We intend to address some of these questions, mainly those regarding resilience against active attackers, whose aim is to compromise the integrity of the aggregate computation. Our work is currently in its initial stages, but we have identified promising research leads, which we present in this paper

Secure multi-party sorting and applications

Abstract. Sorting is among the most fundamental and well-studied problems within computer science and a core step of many algorithms. In this article, we consider the problem of constructing a secure multi-party computing (MPC) protocol for sorting, building on previous results in the field of sorting networks. Apart from the immediate uses for sorting, our protocol can be used as a building-block in more complex algorithms. We present a weighted set intersection algorithm, where each party inputs a set of weighted elements and the output consists of the input elements with their weights summed. As a practical example, we apply our protocols in a network security setting for aggregation of security incident reports from multiple reporters, specifically to detect stealthy port scans in a distributed but privacy preserving manner. Both sorting and weighted set intersection use O ` n log 2 n ´ comparisons in O ` log 2 n ´ rounds with practical constants. Our protocols can be built upon any secret sharing scheme supporting multiplication and addition. We have implemented and evaluated the performance of sorting on the Sharemind secure multi-party computation platform, demonstrating the real-world performance of our proposed protocols