Mission
  Members
  Teaching
  Research
  Publications
  Consulting
  Appearance in press
  Sponsors
  Infrastructure
  Contact information
  Miscellaneous
  Alumni
 
magyar · english
  

Research topics and projects in the CrySyS Lab

 

Research topics

Current research topics:

Secure routing in multi-hop wireless networks

As routing is a fundamental networking function, an adversary can easily paralyze the operation of an entire network by attacking the routing protocol. Such attacks consist in manipulating the routing messages that result in the dissemination of incorrect routing information. Unfortunately, simple message integrity protection and authentication techniques are not sufficient to solve this problem, because routing messages often need to be modified by intermediate nodes, which may be compromised, and thus, exhibit arbitrary behavior. Therefore, besides message integrity protection and authentication, secure routing protocols use other protection mechanisms, and they tend to be difficult to analyze. We develop formal models in which precise definitions of secure routing can be given, and secure routing protocols proposed for multi-hop wireless networks can be rigorously analyzed. Our ultimate objective is to better understand the design principles of secure routing protocols and to apply those principles for designing secure routing protocols for ad hoc and sensor networks.

Participating researchers: Gergely Ács, Levente Buttyán, István Vajda
Related projects: UbiSecSens, EU-MESH, Security and Privacy in Ubiquitous Computing
Selected publications:

  • G. Ács, L. Buttyán, and I. Vajda, Provable Security of On-Demand Distance Vector Routing in Wireless Ad Hoc Networks, Second European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), Visegrád, Hungary, July 13-14, 2005.

  • G. Ács, L. Buttyán, and I. Vajda, Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks, IEEE Transactions on Mobile Computing, Vol. 5, No. 11, November 2006.

  • G. Ács, L. Buttyán, and I. Vajda, Modelling Adversaries and Security Objectives for Routing Protocols in Wireless Sensor Networks, 4th ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2006), Alexandria, VA, October 30, 2006.

  • G. Ács, L. Buttyán, and I. Vajda, The security proof of a link-state routing protocol for wireless sensor networks, IEEE Workshop on Wireless and Sensor Networks Security (WSNS 2007), Pisa, Italy, October 2007.

Resilient data aggregation in sensor networks

Sensor nodes are often unattended and easy to capture. In addition, sensors are rarely tamper resistant, therefore, captured nodes can be compromised and they can exhibit arbitrary behavior. Furthermore, it is often easy to modify the local environmental parameters measured by a sensor node; for example, a light sensor can be misled by a small lamp. All these mean that sensor readings provided by individual sensor nodes cannot be blindly trusted, even if they are cryptographically protected. Hence, before aggregating collected sensorial data at cluster heads or at base stations, consistency verification and filtering should be applied. We design resilient data aggregation schemes that eliminate the effect of corrupted data on the aggregated value. Our approach is based on statistical methods such as RANdom SAmple Consensus (RANSAC) and exploiting spatial and temporal correlations of sensor readings.

Participating researchers: Péter Schaffer, István Vajda, Levente Buttyán
Related projects: UbiSecSens, Security and Privacy in Ubiquitous Computing
Selected publications:

  • L. Buttyán, P. Schaffer, and I. Vajda, Resilient Aggregation: Statistical Approaches, In N. P. Mahalik, editor, Sensor Network and Configuration, Springer, 2006.

  • L. Buttyán, P. Schaffer, and I. Vajda, RANBAR: RANSAC-Based Resilient Aggregation in Sensor Networks, 4th ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2006), Alexandria, VA, October 30, 2006.

  • P. Schaffer and I. Vajda, CORA: Correlation-based Resilient Aggregation in Sensor Networks, ACM/IEEE International Symposium on Modeling, Analysis and Simulation of Wireless and Mobile Systems (MSWiM 2007), Chania, Crete, Greece, October, 2007.

Dependable transport protocols for sensor networks

End-to-end reliability of communications is an important requirement in many applications of wireless sensor networks. For this reason, a number of reliable transport protocols specifically designed for wireless sensor networks have been proposed in the literature. Besides providing end-to-end reliability, some of those protocols also address the problems of fairness and congestion control, and they are all optimized for low energy consumption. However, most of those protocols completely neglect security issues. As a consequence, they ensure reliable communications and low energy consumption only in a benign environment, where packet losses and delays occur as a result of random errors in lower layers of the communication stack, but they fail in a hostile environment, where an adversary can forge or replay control packets of the protocol. More specifically, our analysis shows that control packet injection and replay can cause permanent loss of data packets, and thus, such misdeeds make the hitherto reliable protocol unreliable. In addition, even if the protocol can recover from such an attack, the recovery overhead caused by forged or replayed control packets can be large, which gives an opportunity for energy depleting attacks. As sensor nodes usually operate on batteries, which are often very difficult or even impossible to recharge or replace, energy depletion attacks can jeopardize the entire mission of the network. Besides the security analysis of the most important reliable sensor network transport protocols, we also intend to propose some general design principles to make them more resistant against malicious attacks.

Participating researchers: László Csik, Levente Buttyán
Related projects: UbiSecSens, Security and Privacy in Ubiquitous Computing

Fast client re-authentication in wireless mesh networks

Supporting user mobility and QoS-aware applications in wireless mesh networks means that re-authentication of mesh clients and access authorizations should be fast such that the requirements of authentication and access control do not exclude the possibility of seamless handover between the mesh access points. In addition, in multi-operator environments, such handovers may occur between access points belonging to different administrative domains, and hence, the re-authentication and access control scheme must be able to handle this situation. We study various approaches for fast re-authentication of mesh clients in multi-operator based mesh networks, and design appropriate protocols. We also intend to set-up a mesh test bed in our lab where we can test and validate our designs.

Participating researchers: László Dóra, Levente Buttyán, István Vajda, Boldizsár Bencsáth
Related projects: EU-MESH, Mobility supporting security architectures
Selected publications:

  • A. Bohák, L. Buttyán and L. Dóra, An authentication scheme for fast handover between WiFi access points, ACM Wireless Internet Conference (WICON 2007), Austin, Texas, USA, October 2007.

Location privacy in vehicular communication systems

The promise of vehicular communications is to make road traffic safer and more efficient. However, besides the expected benefits, vehicular communications also introduce some privacy risk by making it easier to track the physical location of vehicles. One approach to solve this problem is that the vehicles use pseudonyms that they change with some frequency. We study the effectiveness of this approach by defining a model based on the concept of the mix zone, characterizing the tracking strategy of the adversary in this model, and introducing a metric to quantify the level of privacy enjoyed by the vehicles. We also develop various pseudonym changing algorithms for use in vehicular applications.

Participating researchers: Tamás Holczer, Levente Buttyán, István Vajda
Related projects: SeVeCom, Mobility supporting security architectures, Security and Privacy in Ubiquitous Computing
Selected publications:

  • L. Buttyán, T. Holczer, and I. Vajda, On the effectiveness of changing pseudonyms to provide location privacy in VANETs, European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2007), Cambridge, UK, July 2007.

Private authentication protocols for RFID systems

The problem of private authentication is to enable the authentication of a party, called the prover, to another party, called the verifier, in such a way that an adversary can neither identify nor track the prover. We consider the private authentication problem in a resource constrained application where only symmetric-key cryptography is feasible and tamper resistance is limited. In addition, we assume that there are many potential provers. A typical example for such an application is an RFID system, where the provers are low-cost RFID tags and the verifier is a back-end system that interacts with the tags via reader devices.

An approach based on key-trees has been proposed in the literature as a neat way to efficiently solve the problem of privacy preserving authentication based on symmetric key cryptography. However, in the key-tree based approach, the level of privacy provided by the system to its members may decrease considerably if some members are compromised. We analyze this problem, and show that careful design of the tree can help to minimize this loss of privacy. We also propose a novel group key based private authentication protocol, and show that it is superior to the key-tree based approach both in terms of privacy and efficiency using the normalized average anonymity set size as the privacy metric. Furthermore, we are also interested in various other privacy metrics and their relationships to each other.

Participating researchers: Tamás Holczer, Levente Buttyán, István Vajda
Related projects: Mobility supporting security architectures, Security and Privacy in Ubiquitous Computing
Selected publications:

  • L. Buttyán, T. Holczer, and I. Vajda, Optimal Key-Trees for Tree-Based Private Authentication, International Workshop on Privacy Enhancing Technologies (PET 2006), Cambridge, UK, June, 2006.

  • G. Avoine, L. Buttyán, T. Holczer, and I. Vajda, Group-Based Private Authentication, IEEE Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007), Helsinki, Finland, June 2007.

Encouraging cooperative data dissemination in opportunistic ad hoc networks

An opportunistic network is a special type of wireless mobile ad-hoc network where the transfer of messages from their source to their destination is performed by the intermediate nodes in a store-carry-and-forward manner. In such networks, selfish nodes can exploit the services provided by other nodes by downloading messages that interest them, but refusing to store and distribute messages for the benefit of other nodes. We propose a mechanism to discourage selfish behavior based on the principles of barter. We develop a game-theoretic model in which we show that the proposed approach indeed stimulates cooperation of the nodes. In addition, thanks to the barter principle, the message delivery rate considerably increases, if the mobile nodes follow the Nash Equilibrium strategy compared to the data dissemination protocol when no encouraging mechanism is present.

Participating researchers: László Dóra, Levente Buttyán, Márk Félegyházi, István Vajda
Related projects: BIONETS, Security and Privacy in Ubiquitous Computing
Selected publications:

  • L. Buttyán, L. Dóra, M. Félegyházi, and I. Vajda, Barter-based cooperation in delay-tolerant personal wireless networks, IEEE Workshop on Autonomic and Opportunistic Communications (AOC 2007), Helsinki, Finland, June 2007.

Security issues in network coding based communication and storage systems

We address the problem of pollution attacks in coding based distributed storage systems. In a pollution attack, the adversary maliciously alters some of the stored encoded packets, which results in the incorrect decoding of a large part of the original data upon retrieval. We propose algorithms to detect and recover from such attacks. In contrast to existing approaches to solve this problem, our approach is not based on adding cryptographic checksums or signatures to the encoded packets; rather, we take advantage of the inherent redundancy in such distributed storage systems.

Participating researchers: István Vajda, Levente Buttyán, Dániel Béres, László Czap
Selected publications:

  • L. Buttyán, L. Czap, and I. Vajda, Securing Coding Based Distributed Storage in Wireless Sensor Networks, IEEE Workshop on Wireless and Sensor Network Security (WSNS), Atlanta, USA, September 2008.

 

Formal analysis of security APIs with the applied pi-calculus

Hardware Security Modules (HSM) are indispensable in many applications, such as ATM networks, public key infrastructures, electronic ticketing in public transportation, electronic payment systems, and electronic commerce, in general. A HSM is a hardware device (including the firmware and software components) which has some tamper resistance properties, and it is used to store cryptographic keys and to perform various security-critical cryptographic operations. Besides physical tampering and side channel attacks, HSMs can also be attacked through their APIs by exploiting some design weaknesses in the API's logic. Being fully software based, this kind of attacks is much less expensive than physical and side-channel attacks, and depending on the weaknesses that are exploited, it may have devastating effects. One promising approach of API analysis is to apply some formal verification method such as those used in software engineering. We follow this approach, and propose an API verification method based on the applied pi-calculus that seems to be extremely well-suited for the formal modeling of security APIs, the precise definition of the security requirements, and the rigorous analysis of the provided security properties. We demonstrate our approach through the analysis of the SeVeCom HSM API.

Participating researchers: Vinh Thong Ta, Levente Buttyán
Related projects: SeVeCom
 

Formal analysis of firewalls

Firewalls are routinely used today to protect internal networks from attacks originating from the Internet. However, firewalls are often misconfigured leaving security holes in the defense system. As firewalls can be stateful and firewall rule sets may contain a very large number of rules, such misconfigurations are hard to discover by informal analysis. We are investigating how formal verification techniques can be used to alleviate this problem.

Participating researchers: Vinh Thong Ta, Levente Buttyán, Boldizsár Bencsáth
 

Increasing the efficiency of spam filtering

Today, an increasingly large portion of the e-mail traffic is spam. Indeed, our own measurements confirmed that the growth of spam traffic is exponential in time. While spam filters can effectively prevent most of this traffic from reaching the end-users, the amount of computations that need to be performed by filtering mail servers is considerably large. Unfortunately, when servers work at the limit of their capacity, they become extremely vulnerable to Denial-of-Service attacks. Adding more resources to increase capacity is not a scalable approach due to the exponential growth of spam traffic. Instead, the efficiency of spam filtering should be increased. We follow this approach and investigate novel, highly efficient spam filtering techniques based on the collaboration of filtering mail servers.

Participating researchers: Boldizsár Bencsáth

 

Research topics in the past:

Detection and recovery from network DoS attacks

Availability is an important general security requirement in computer networks. Availability of a system means that it provides services according to the system design whenever users request them. If only accidental failures are considered, then replication methods can be used to ensure availability. Replication in itself, however, is not enough against malicious attacks that are specifically aimed at the loss of or reduction in availability. Such attacks are commonly called Denial of Service (DoS) attacks. Roughly speaking, two types of DoS attacks against an on-line server can be distinguished: bandwidth consumption attacks and resource consumption attacks. In a bandwidth consumption attack, the attacker floods the server with requests so that the server becomes overloaded and cannot accept requests from legitimate clients anymore. In a resource consumption attack, the attacker sends some requests to the server such that the server uses up all of its resources to process the requests and that is why it can no longer accept requests from legitimate clients. We propose solutions to both types of problems based on traffic monitoring and filtering, and client puzzles, respectively. In case of client puzzles, we use game theory to analyze the system and determine its desirable parameters.

Participating researchers: Boldizsár Bencsáth, István Vajda, Levente Buttyán
Selected publications:

  • B. Bencsáth, I. Vajda, and L. Buttyán, A Game Based Analysis of the Client Puzzle Approach to Defend Against DoS Attacks, IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom 2003), Split, Dubrovnik, Ancona, Venice, 7-10 October, 2003.

  • B. Bencsáth, I. Vajda, Protection Against DDoS Attacks Based On Traffic Level Measurements, International Symposium on Collaborative Technologies and Systems, San Diego, CA, USA, January 2004.

  • B. Bencsáth, I. Vajda, Efficient Directory Harvest Attacks and Countermeasures, International Journal of Network Security, Vol. 5, No. 3, 2007.

 

The untrusted terminal problem

Human users need trusted computers when they want to generate digital signatures. In many applications, in particular if the users are mobile, they need to carry their trusted computers with themselves. An appealing approach is to implement such trusted computers in smart cards. Smart cards are easy to use, easy to carry, and relatively difficult to tamper with; in addition, experience shows that they can be deployed on a large scale. However, smart cards do not have a user interface, therefore, the user still needs a terminal in order to authorize the card to produce digital signatures. If the terminal is operated by a malicious entity, then it can mislead the user and obtain a digital signature on an arbitrary document. In order to mitigate this problem, we propose a solution based on conditional signatures. More specifically, we propose a framework for the controlled revocation of unintended digital signatures. In addition, we propose various protocols within this framework with a special emphasis on privacy issues.

Participating researchers: István Zsolt Berta, Levente Buttyán, István Vajda
Related projects: Security and Privacy in Ubiquitous Computing
Selected publications:

  • I. Berta, L. Buttyán, and I. Vajda, Mitigating the Untrusted Terminal Problem Using Conditional Signatures, International IEEE Conference on Information Technology (ITCC 2004), Las Vegas, NV, USA, April 5-7, 2004.

  • I. Berta, L. Buttyán, and I. Vajda, Privacy Protecting Protocols for Revokable Digital Signatures, 6th IFIP Conference on Smart Card Research and Advanced Application (CARDIS 2004), Toulouse, France, August 23-26, 2004.

  • I. Berta, L. Buttyán, and I. Vajda, A framework for the revocation of unintended digital signatures initiated by malicious terminals, IEEE Transactions on Dependable and Secure Computing, Vol. 2, No. 3, July-September 2005.

 
Research projects

Current research projects:

WSAN4CIP: Wireless Sensor and Actuator Networks for Critical Infrastructure Protection

EU-MESH: Enhanced, Ubiquitous, and Dependable Broadband Access using MESH Networks

The goal of EU-MESH is to develop, evaluate, and trial a system of software modules for building dependable multi-radio multi-channel mesh networks with QoS support that provide ubiquitous and ultra-high speed broadband access. The system will be based on a converged infrastructure that uses a wireless mesh network to aggregate the capacity from both subscriber broadband access lines and provider fixed broadband links to form a virtual capacity pool, and provide access to this capacity pool for both stationary and mobile users. It will support low operation and management costs, through novel configuration and management procedures that achieve efficient usage of both the wireless spectrum and fixed broadband access lines. This will increase the competitiveness of existing providers, lower the barrier for small enterprises to enter the mobile broadband access market, and enable innovative services. Within this project, we lead the Security Work Package, and we develop a comprehensive security architecture for the EU-MESH network including mesh client authentication and access control, protected wireless communications between mesh routers, and secure routing.

Project data:

BIONETS: Biologically-Inspired Autonomic Networks and Services

Nature and society exhibit many instances of systems in which large populations are able to reach efficient equilibrium states and to develop effective collaboration and survival strategies, able to work in the absence of central control and to exploit local interactions. BIONETS seeks inspiration from these systems to provide a fully integrated network and service environment that scales to large amounts of heterogeneous devices, and that is able to adapt and evolve in an autonomic way. The motivation for this comes from emerging trends towards pervasive computing and communication environments, where myriads of networked devices with very different features will enhance our five senses, and our communication and tool manipulation capabilities. Thus, the goal of BIONETS is to provide a biologically-inspired open networking paradigm for the creation, dissemination, execution, and evolution of autonomic services able to adapt to the surrounding environment and user needs, to evolve without direct human supervision, and able to deal with large-scale networks of heterogeneous nodes ranging from small, cheap devices to more complex network nodes.

Project data:

  • duration: 4 years (2006 - 2009)
  • funded by: EU (027748)
  • type: Integrated Project (IP)
  • info: http://www.bionets.eu

 

Research projects in the past:

UbiSec&Sens: Ubiquitous Sensing and Security in the European Homeland

Wireless Sensor Networks (WSN) are an exciting development with very large potential to have a significant beneficial impact on every aspect of our lives. UbiSec&Sens aims at developing a comprehensive security toolbox for medium and large scale WSNs, such that the components of this toolbox enable the rapid development of trusted sensor network applications. The following toolbox components are designed in the project: new cryptographic algorithms (e.g., the PRESENT block cipher and the TinyRNG random number generator), robust key pre-distribution schemes (e.g., RoK), secure routing protocols (e.g., Secure-TinyLUNAR), resilient data aggregation schemes (e.g., RANBAR and CORA), secure in-network processing schemes (e.g., CDA), secure distributed storage schemes (e.g., DSM and TinyPEDS), secure dynamic code update schemes, and a flexible configuration kit to easily assemble new applications from these components.

Project data:

SeVeCom: Secure Vehicular Communications

Vehicular communications (VC) and inter-vehicular communications (IVC) bring the promise of improved road safety and optimized road traffic through co-operative systems applications. To this end, a number of initiatives have been launched, such as the Car-2-Car Communication Consortium (C2C-CC) in Europe, or DSRC in North America. A prerequisite for the successful deployment of vehicular communications is to make them secure. For example, it is essential to make sure that life-critical information cannot be modified by an attacker; it should also protect as far as possible the privacy of the drivers and passengers. The specific operational environment (moving vehicles, sporadic connectivity, ...) makes the problem very novel and challenging.

SeVeCom addresses security of future vehicle communication networks, including both the security and privacy of inter-vehicular and vehicle-infrastructure communication. Its objective is to define the security architecture of such networks, as well as to propose a roadmap for progressive deployment of security functions in these networks.

Project data:

DESEREC: Dependable Security by Enhanced Reconfigurability

Most of European critical activities rely on networked Information Systems, highly interconnected. The performance of such Information Systems could be jeopardized by incidents of various kinds. DESEREC aims at developing countermeasures that respond both to attacks from the outside (e.g., aiming at Intrusion or Denial of Service), and to intrinsic failures of whatever origin (hardware failure, software fault, environment). DESEREC combines the following three approaches:

  • Modelling and simulation: DESEREC devises and develops innovative approaches and tools to design, model, simulate, and plan ICT-based critical infrastructures to dramatically improve their resilience.

  • Detection: DESEREC integrates various kinds of detection mechanism to ensure a fast detection of severe incidents but also to be able to detect incidents based on a complex combination of unrelated events or to an abnormal behavior of the system.

  • Response: DESEREC provides a framework for computer-aided and automated counter-measures initiatives in order to respond in a quick and appropriate way to a large range of incident to mitigate the threats to the dependability and rapidly thwarts the problem. Re-configuration of Information Systems is the utmost mechanism for their survivability.

Project data:

  • duration: 3 years (2006 - 2008)
  • funded by: EU (026600)
  • type: Integrated Project (IP)
  • info: http://www.deserec.org

Mobility supporting security architectures

This was project No 2.3.1 of the Mobile Innovation Center (MIK), a unique R&D and technology innovation center in Hungary for future wireless communication technologies (3G/4G), which is based on university knowledge-base and existing industrial background. The general objective of the project was to study the relationship between mobility (users, devices, and services) and security. In particular, the project was concerned with the following problems:

  • Design issues of mobility supporting security architectures
  • Security of mobile applications and services
  • Location privacy of mobile users

Project data:

MobilSEC: Strong user and device authentication in mobile environments

The general objective of the MobilSEC/SoftSecure project was to develop new user authentication mechanisms that provide stronger security than the traditional username/password approach, but still do not require special hardware such as smart cards or other physical security tokens. In this project, we developed a graphical password scheme, implemented a prototype of the scheme, and performed a usability study with the help of ~150 students from the Budapest University of Technology and Economics.

Project data:

  • duration: 2 years (2006 - 2007)
  • funded by: NKTH (Jedlik program, 2-023-2005)

Security and Privacy in Ubiquitous Computing

The vision of ubiquitous computing is to surround people with all kinds of embedded computing devices that could assist them in their everyday activity and make their life easier. In order to take full advantage of this new paradigm, it is expected that these devices will form networks through which they can communicate with each other and reach existing computing infrastructures such as the Internet. Besides its potential advantages, the ubiquitous computing paradigm also raises several problems related to security and privacy. Broadly speaking, these problems can be divided into two classes: First, there are traditional security and privacy problems that also arise in a ubiquitous computing environment (e.g., authenication, integrity protection, availability, anonymity), but these must be solved under fundemantally different conditions and assumptions. Second, there are brand new security and privacy problems that arise due to the very nature of the ubiquitous computing environment. An example for the latter is the problem of cooperation among potentially selfish mobile nodes.

The following specific research topics were investigated in this project:

  • Security of wireless ad hoc networks (including sensor networks, vehicular networks, and opportunistic ad hoc networks)

  • Security and privacy in RFID systems
  • Applications of personal security tokens (e.g., smart cards)

  • Development of formal security models in which the proposed security and privacy protecting mechanisms can be evaluated

Project data:

  • duration: 4 years (2004 - 2007)
  • funded by: OTKA (T046664)

HUNEID: Hungarian Electronic ID Card Project

HUNEID was part of a larger project funded by the Ministry of Informatics and Communication called "Detailed requirement specification for the usage of electronic signatures and smart cards in order to ensure IT security of public administration". The objective of the HUNEID project was the development of the specifications for the HUNgarian Electronic ID (HUNEID) card and its prototype implementation. We played an instrumental role in the specification and implementation. The resulting documentation is available on-line at http://www.itktb.hu/engine.aspx?page=ias. This project ended in 2004.