|
|
|
End-to-end reliability of communications is an important requirement in many applications of wireless sensor networks. For this reason, a number of reliable and energy efficient transport protocols specifically designed for wireless sensor networks have been proposed in the literature. However, most of those protocols completely neglect security issues. As a consequence, they ensure reliable communications and low energy consumption only in a benign environment, where packet losses and delays occur as a result of random errors in lower layers of the communication stack, but they fail in a hostile environment, where an adversary can forge or replay control packets of the protocol. We propose the first secure transport protocol for wireless sensor networks that resists against attacks on the reliability service provided by the protocol, as well as against energy depleting attacks. Our protocol is based on the Distributed Transport for Sensor Networks (DTSN) protocol, to which we add a security extension that consists in an efficient, symmetric key based authentication scheme for control packets.
Clustering and data aggregation in wireless sensor networks improves scalability, and helps the efficient use of scarce resources. Yet, these mechanisms also introduce some security issues; in particular, aggregator nodes become attractive targets of physical destruction and jamming attacks. In order to mitigate this problem, we propose a new private aggregator node election protocol that hides the identity of the elected aggregator nodes both from external eavesdroppers and from compromised nodes participating in the protocol. We also propose a private data aggregation protocol and a corresponding private query protocol which allows the aggregators to collect sensor readings and respond to queries of the base station, respectively, without revealing any useful information about their identity to external eavesdroppers and to compromised nodes.
Wireless sensor networks are often envisioned to operate in hostile environments, where an adversary can try to mount different types of attacks against the network. Given that wireless sensor networks are usually assumed to consists of resource constrained and physically unprotected devices that use wireless channels for communications, one of the major concerns is to protect the network against denial-of-service type attacks based on physical destruction of devices, exhaustion of their batteries, and jamming of the wireless channels. Such attacks may be addressed at different levels in the system architecture; however, in our work, we are interested in the question of what one can do about them by carefully designing the deployment configuration of the network, by which we mean the ensemble of the topology of the network and the assignment of the sink role to a subset of the nodes.
As a first step on this topic, currently, we are concerned with the problem of assigning the sink role to a subset of nodes in a wireless sensor network with a given topology such that the resulting network configuration achieves maximum robustness in case of denial-of-service type attacks. In order to measure robustness of configurations, we introduce new metrics based on the notion of graph strength. We argue that our metrics are more appropriate to measure the robustness of configurations than the widely known connectivity based metrics when the strength of the adversary cannot be estimated accurately. We formalize the problem of selecting the sink nodes as optimization problems aiming at either maximizing the achieved strength under a given budget constraint, or minimizing the used budget while achieving a certain level of strength. We prove that these optimization problems are NP-hard, and we propose efficient greedy heuristic algorithms that approximate the optimal solutions reasonably well.
We propose a fully automatic verification method for secure ad-hoc network routing protocols that helps increasing the confidence in a protocol by providing an analysis framework that is more systematic, and hence, less error-prone than the informal analysis. Our method is based on a deductive proof technique and a backward reachability approach. The main novelty of this approach compared to the prior works is that beside providing expressive semantics and syntax for modelling and specifying secure routing protocols, it assumes an arbitrary topology, and a strong attacker model.
Malware analysis can be an efficient way to combat malicious code, however, miscreants are constructing heavily armoured samples in order to stymie the observation of their artefacts. Security practitioners make heavy use of various virtualization techniques to create sandboxing environments that provide a certain level of isolation between the host and the code being analysed. However, most of these are easy to be detected and evaded. The introduction of hardware assisted virtualization (Intel VT and AMD-V) made the creation of novel, out-of-the-guest malware analysis platforms possible. These allow for a high level of transparency by residing completely outside the guest operating system being examined, thus conventional in-memory detection scans are ineffective. Furthermore, such analyzers resolve the shortcomings that stem from inaccurate system emulation, in-guest timings, privileged operations and so on. We are investigating novel approaches that make the detection of hardware assisted virtualization platforms and out-of-the-guest malware analysis frameworks possible. To demonstrate our concepts, we implemented an application framework called nEther that is capable of detecting the out-of-the-guest malware analysis framework called Ether.
Most contemporary embedded devices, such as wireless routers, digital cameras, and digital photo frames, have Web based management interfaces that allow an administrator to perform management tasks on the device from a Web browser connecting to the device's Web server. It has been shown earlier that many of these devices are vulnerable to Cross Site Scripting type attacks whereby some malicious JavaScript code can be injected in the Web pages stored on the device. When such infected pages are opened by the administrator, the malicious script is executed with admin privileges, and it can potentially fully compromise the embedded device. In this work, we demonstrate that such full compromise of embedded devices is indeed possible in practice by showing how the injected malicious script can install an arbitrarily modified firmware on the device. We developed a proof-of-concept implementation of such a hidden firmware update attack that targets Planex MZK-W04NU wireless routers. Currently, we are working on further exploitations of this vulnerability by extending the attack with the installation of botnet clients on embedded devices, and hence, creating embedded botnets. Our work proves that the risk of this type of attacks on embedded systems is considerable, and it will further increase in the future.
Most defense solutions against scammers are reactive. A typical defense is based on the detection of domains, URLs or IP addresses in a malicious context and the distribution of such detection information. We explore the potential of leveraging properties inherent to domain registrations and their appearance in DNS zone files to predict the malicious use of domains proactively, using only minimal observation of known-bad domains to drive our inference. Our initial analysis demonstrates that our inference procedure derives a substantial set of new domains from a given known-bad domain. A large set of these domains is later discovered as malicious and most of the remaining domains appear suspect (based on third-party assessments). For the inferred malicious domains, proactively blocking based on our predictions provides a median headstart of about 2 days versus using a reactive blacklist, though this gain varies widely for different domains.
Routing is a fundamental networking function, therefore an adversary can easily paralyze the operation of an entire network by attacking the routing protocol. Such attacks consist in manipulating the routing control messages resulting in the dissemination of incorrect routing information. Besides external adversaries, attacks can be mounted by compromised routers too, therefore simple message integrity protection and authentication techniques are not sufficient to solve the problem. We developed formal models in which precise definitions of secure routing can be given, and secure routing protocols proposed for multi-hop wireless networks can be rigorously analyzed. We also proposed new secure routing protocols (e.g., endairA) and security extensions to existing protocols.
Supporting user mobility and QoS-aware applications in wireless mesh networks requires that authentication of mesh clients and access authorizations should be fast such that the requirements of authentication and access control do not exclude the possibility of seamless handover between the mesh access points. We studied various approaches for fast re-authentication of mesh clients in multi-operator based mesh networks, and designed novel protocols. Some of those protocols were also implemented and tested in our mesh network test bed.
The promise of vehicular communications is to make road traffic safer and more efficient. However, besides the expected benefits, vehicular communications also introduce some privacy risk by making it easier to track the physical location of vehicles. One approach to solve this problem is that the vehicles use pseudonyms that they change with some frequency. We studied the effectiveness of this approach by defining a model based on the concept of the mix zone, characterizing the tracking strategy of the adversary in this model, and introducing a metric to quantify the level of privacy enjoyed by the vehicles. We also developed pseudonym changing algorithms for use in vehicular applications.
The problem of private authentication is to enable the authentication of a party, called the prover, to another party, called the verifier, in such a way that an adversary can neither identify nor track the prover. We considered the private authentication problem in a resource constrained application where only symmetric-key cryptography is feasible and tamper resistance is limited. In addition, we assumed that there are many potential provers. A typical example for such an application is an RFID system, where the provers are low-cost RFID tags and the verifier is a back-end system that interacts with the tags via reader devices. We proposed a novel solutions to this problem. One of our main contributions to this field was an algorithm for constructing optimal key-trees for the Molnar-Wagner key-tree based private authentication scheme. Another contribution was a new group key based private authentication protocol, which is superior to the key-tree based approach both in terms of privacy and efficiency.
An opportunistic network is a special type of wireless mobile ad-hoc network where the transfer of messages from their source to their destination is performed by the intermediate nodes in a store-carry-and-forward manner. In such networks, selfish nodes can exploit the services provided by other nodes by downloading messages that interest them, but refusing to store and distribute messages for the benefit of other nodes. We proposed a mechanism to discourage selfish behavior based on the principles of barter. We developed a game-theoretic model in which we showed that the proposed approach indeed stimulates cooperation of the nodes. In addition, thanks to the barter principle, the message delivery rate considerably increases, if the mobile nodes follow the Nash Equilibrium strategy compared to the data dissemination protocol when no encouraging mechanism is present.
We addressed the problem of pollution attacks in coding based distributed storage systems. In a pollution attack, the adversary maliciously alters some of the stored encoded packets, which results in the incorrect decoding of a large part of the original data upon retrieval. We proposed algorithms to detect and recover from such attacks. In contrast to existing approaches to solve this problem, our approach is not based on adding cryptographic checksums or signatures to the encoded packets; rather, we take advantage of the inherent redundancy in such distributed storage systems.
Hardware Security Modules (HSM) are indispensable in many applications, such as ATM networks, public key infrastructures, electronic ticketing in public transportation, electronic payment systems, and electronic commerce, in general. Besides physical tampering and side channel attacks, such HSMs can also be attacked through their APIs by exploiting some design weaknesses in the API's logic. Being fully software based, this kind of attacks is much less expensive than physical and side-channel attacks, and depending on the weaknesses that are exploited, it may have devastating effects.
We proposed an API verification method based on the applied pi-calculus that seems to be extremely well-suited for the formal modeling of security APIs, the precise definition of the security requirements, and the rigorous analysis of the provided security properties
Firewalls are routinely used today to protect internal networks from attacks originating from the Internet. However, firewalls are often misconfigured leaving security holes in the defense system. As firewalls can be stateful and firewall rule sets may contain a very large number of rules, such misconfigurations are hard to discover by informal analysis. We investigated how formal verification techniques can be used to alleviate this problem.
Today, an increasingly large portion of the e-mail traffic is spam. Indeed, our own measurements confirmed that the growth of spam traffic is exponential in time. While spam filters can effectively prevent most of this traffic from reaching the end-users, the amount of computations that need to be performed by filtering mail servers is considerably large. Unfortunately, when servers work at the limit of their capacity, they become extremely vulnerable to Denial-of-Service attacks. Adding more resources to increase capacity is not a scalable approach due to the exponential growth of spam traffic. Instead, the efficiency of spam filtering should be increased. For this purpose, we investigated novel, highly efficient spam filtering techniques based on the collaboration of filtering mail servers.
Roughly speaking, two types of DoS attacks against an on-line server can be distinguished: bandwidth consumption attacks and resource consumption attacks. In a bandwidth consumption attack, the attacker floods the server with requests so that the server becomes overloaded and cannot accept requests from legitimate clients anymore. In a resource consumption attack, the attacker sends some requests to the server such that the server uses up all of its resources to process the requests and that is why it can no longer accept requests from legitimate clients. We proposed solutions to both types of problems based on traffic monitoring and filtering, and client puzzles, respectively. In case of client puzzles, we used game theory to analyze the system and determine its desirable parameters.
Human users need trusted computers when they want to generate digital signatures. In many applications, in particular if the users are mobile, they need to carry their trusted computers with themselves. An appealing approach is to implement such trusted computers in smart cards. However, smart cards do not have a user interface, therefore, the user still needs a terminal in order to authorize the card to produce digital signatures. If the terminal is operated by a malicious entity, then it can mislead the user and obtain a digital signature on an arbitrary document. In order to mitigate this problem, we proposed a solution based on conditional signatures. More specifically, we proposed a framework for the controlled revocation of unintended digital signatures. In addition, we proposed various protocols within this framework with a special emphasis on privacy issues.
| Budapest University of Technology and Economics |
| Department of Telecommunications |
| CrySyS - Laboratory of Cryptography and Systems Security |