Dr. Levente Buttyán

Associate Professor, Head of the Lab

buttyan (at) crysys.hu

web: www.hit.bme.hu/~buttyan/
office: I.E. 431
tel: +36 1 463 1803
fax: +36 1 463 3263

Current courses | Student projects | Publications

Short Bio

Levente Buttyán was born in 1970 in Salgótarján, Hungary. He received the M.Sc. degree in Computer Science from the Budapest University of Technology and Economics (BME) in 1995, and earned the Ph.D. degree from the Swiss Federal Institute of Technology - Lausanne (EPFL) in 2002.
In 2003, he joined the Department of Networked Systems and Services at BME, where he currently holds a position as an Associate Professor and leads the Laboratory of Cryptography and Systems Security (CrySyS Lab). He has done research on the design and analysis of secure protocols and privacy enhancing mechanisms for wireless networked embedded systems (including wireless sensor networks, mesh networks, vehicular communications, and RFID systems). Recently, he has been involved in the analysis of some high profile targeted malware, such as Duqu, Flame (aka sKyWIper), MiniDuke, and TeamSpy. Currently, his research interests are in embedded systems security (a.k.a. security for Internet of Things) and embedded systems forensics.

Current Courses

IT Security (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional career, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

IT Security (in English) (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional career, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

IT Security Bootcamp (VIHIAL00)

This BSc course introduces problems related to general IT security. It focuses on offensive security to demonstrate the mindset of an attacker. This is good motivational first course for IT security enthusiasts.

Coding and IT Security (VIHIBB01)

This BPorf course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course also gives an introduction to source coding and channel coding.

Cryptographic Protocols (VIHIMA05)

This course introduces problems related to communication security in wired and wireless networks, describes the principles and practical implementations of modern security protocols that address those problems, and sheds light on protocol design issues through the detailed analysis of existing security protocols.

Computer Security (VIHIMA06)

The course introduces security problems in computing systems, as well as the principles, practical mechanisms, and tools used to solve them. The term computer is interpreted in a broad sense, and it includes personal computers, servers, mobile devices, and embedded computers. The course covers physical security and OS level security of computers, software security issues at the application level, secure programming, and the problem of malicious software (malware).

Secure Software Development (VIHIAV33)

This course fills an important gap in the education of software engineers, - namely developing secure software applications. During this course, students will learn the most common mistakes in software development and how attackers exploit those mistakes (offensive security). Then, students get to know how to mitigate attacks and write secure software applications.

Applied Cryptography (in English) (VIHIA030)

This course gives an introduction to the basics of cryptography, explains how basic building blocks work, and demonstrates how secure systems can be engineered by properly using them. Besides the theoretical background, we use lot of illustrative examples and show practical applications. In addition, besides the technical details, we give an outlook to the legal and business aspects of using cryptography. This course is offered only to students of the Aquincum Institute of Technology, Budapest.

Student Project Proposals

IoT biztonság

Az Internet ma már nem csak nagy teljesítményű szerverekből, személyi számítógépekből és mobil eszközökből áll, hanem számtalan intelligens beágyazott eszközt is magában foglal. Az előrejelzések szerint 2020-ra 25 milliárd ilyen eszköz lesz hálózatba kötve, és ez számos új és érdekes alkalmazás előtt nyitja meg az utat (pl. okos gyárak és Ipar 4.0, egymással és az útmenti infrastruktúrával kommunikáló járművek, okos városok, épületek, ...). Az intelligens beágyazott eszközökkel kibővült Internet, azaz az Internet of Things (dolgok Internete) vagy röviden IoT, azonban számos informatikai biztonsági kockázatot is magában rejt. Az IoT előre törését a beágyazott számítógépek és a vezeték nélküli kommunikáció fejlődése, illetve ezen technológiák árának folyamatos csökkenése teszi lehetővé. Az alacsony ár, a költségek minimalizálása azonban általában az informatikai biztonság hiányát eredményezi. Ugyanakkor, egyes IoT alkalmazásokban a biztonság hiánya fizikai és anyagi károkhoz vezethet, adott esetben emberéleteket követelhet. Ezekben az alkalmazásokban tehát meg kell találni a megfelelő egyensúlyt a költségek és a rendszer által nyújtott biztonság szintje között.
A CrySyS Lab a vezetője a Nemzeti Kiválósági Programban támogatást nyert SETIT (Security Enhancing Techniques for the Internet of Things) projektnek, ami azt a célt tűzte maga elé, hogy drasztikusan csökkenti az IoT biztonsági kockázatait, és ezzel lehetővé teszi az IoT alkalmazások szélesebb körű elterjedését. A projekten belül, a labor az IoT alkalmazások futtatására szolgáló beágyazott számítási platform biztonságával foglalkozik. Ezen belül jelenleg az IoT malware témakörön dolgozunk, mely magában foglalja a kártékony programok detekcióját erőforrás korlétozott beágyazott eszközökön, illetve az IoT világban megjelenő malware minták elemzését, tárolását, és osztályozását.
A témakör iránt érdeklődő hallgatók a fenti projekt keretében az alábbi konkrét problémákon doglozhatnak:

Külső partner által javasolt téma (Microsec): Nagy kiterjedésű, valós idejű szolgáltatási hálózatok kommunikációs követelményei, hatékony és biztonságos kommunikációs protokollok alkalmazási lehetőségei

Napjainkban egyre nagyobb igény jelentkezik az ügyviteli folyamatok automatizálására, a személyes interakciók nélküli ügyintézésre. Ezen igény mentén egyre több helyen jelennek meg önkiszolgáló pontok, más néven kioszkok – gondoljunk csak például a gyorséttermi rendelések leadására szolgáló terminálokra, a csomagok átadására és átvételére használható automatákra, vagy az önkiszolgáló kasszákra. A jövőben várható a kioszkok további területeken történő térhódítása is, akár a korábbiaknál bonyolultabb ügyekben is, mint például a pénzintézetek, biztosítók, közművek ügyfélszolgálatainak tehermentesítésében.
A kioszkok jellemzően nyilvános helyen, gyakran személyes felügyelet, őrzés nélkül hozzáférhetőek az ügyfelek részére. Ugyanakkor a segítségükkel gyakran biztonságkritikus műveletet is végeznek, amelyek korábban rendszerint védett helyen található készülékről, megbízható ügyintézők közreműködésével volt lehetséges. Így a kioszkok megjelenése IT biztonság szempontjából új kihívást jelent.
A Hallgató feladata felmérni a kioszk hálózatok fenyegetettségeit, majd a rendelkezésre álló technológiák vizsgálatán keresztül meghatározni az alkalmazható megoldásokat. A feladat magába foglalja az elérhető VPN technológiák összehasonlítását, biztonságos hálózati kapcsolat kiépítéséhez használható alternatív technológiák felkutatását, a kapcsolat kiépítéséhez szükséges szimmetrikus/aszimmetrikus titkok disztribúciós lehetőségeit, valamint távoli tanúsítványmenedzsment megoldások vizsgálatát.
A téma vizsgálatára valós projekt keretében, ipari konzulens segítségével nyílik lehetőség a Microsec zrt-nél. A Microsec zrt. Magyarország egyik meghatározó informatikai vállalkozása. Piacvezető szerepet tölt be az elektronikus aláírással kapcsolatos szolgáltatások területén, Magyarországon az első eIDAS szerinti minősített bizalmi szolgáltatóként minősített elektronikus aláíró és bélyegző tanúsítványok kibocsátását, minősített időbélyegzést, valamint minősített archiválás szolgáltatást nyújt nagyvállalatoknak, pénzintézeteknek, úttörő szerepet vállalva a biztonságos, PKI alapú digitalizációban.

Külső partner által javasolt téma (Microsec): Kioszk alapú ügyfélkiszolgálási rendszerek fizikai és informatikai biztonsági követelményei és lehetséges megoldásai

Napjainkban egyre nagyobb igény jelentkezik az ügyviteli folyamatok automatizálására, a személyes interakciók nélküli ügyintézésre. Ezen igény mentén egyre több helyen jelennek meg önkiszolgáló pontok, más néven kioszkok – gondoljunk csak például a gyorséttermi rendelések leadására szolgáló terminálokra, a csomagok átadására és átvételére használható automatákra, vagy az önkiszolgáló kasszákra. A jövőben várható a kioszkok további területeken történő térhódítása is, akár a korábbiaknál bonyolultabb ügyekben is, mint például a pénzintézetek, biztosítók, közművek ügyfélszolgálatainak tehermentesítésében.
A kioszkok jellemzően nyilvános helyen, gyakran személyes felügyelet, őrzés nélkül hozzáférhetőek az ügyfelek részére. Ugyanakkor a segítségükkel gyakran biztonságkritikus műveletet is végeznek, amelyek korábban rendszerint védett helyen található készülékről, megbízható ügyintézők közreműködésével volt lehetséges. Így a kioszkok megjelenése IT biztonság szempontjából új kihívást jelent.
A Hallgató feladata megvizsgálni, hogy egy kioszk esetében milyen fizikai és szoftveres támadási lehetőségek állnak egy támadó rendelkezésére, és milyen technológiák és megoldások használhatóak ezen fenyegetettségek megszüntetésére.
A téma vizsgálatára valós projekt keretében, ipari konzulens segítségével nyílik lehetőség a Microsec zrt-nél. A Microsec zrt. Magyarország egyik meghatározó informatikai vállalkozása. Piacvezető szerepet tölt be az elektronikus aláírással kapcsolatos szolgáltatások területén, Magyarországon az első eIDAS szerinti minősített bizalmi szolgáltatóként minősített elektronikus aláíró és bélyegző tanúsítványok kibocsátását, minősített időbélyegzést, valamint minősített archiválás szolgáltatást nyújt nagyvállalatoknak, pénzintézeteknek, úttörő szerepet vállalva a biztonságos, PKI alapú digitalizációban.

Külső partner által javasolt téma (Microsec): Videós személyazonosítási megoldások vizsgálata

Hétköznapi ügyintézéseink során a szolgáltatók többségénél a személyazonosítás alappillére a felhasználó és igazolványainak személyes, fizikai jelenléte az azonosítás helyszínén. Gondoljunk csak általános ügyintézési tapasztalatainkra bankoknál, biztosítóknál, közmű-szolgáltatóknál. A személyes jelenlét, illetve a várakozás kellemetlenséggel és egészségügyi kockázattal jár, így egyre több iparágban biztosítanak lehetőséget online, videókapcsolaton keresztül történő azonosításra a személyes jelenlét helyett. A személyes azonosítás online térbe történő áthelyezése azonban új kihívások elé állítja a szolgáltatókat, a megváltozott körülmények között is biztosítani kell az azonosítás megbízhatóságát.
A Hallgató feladata az elérhető videós azonosítási platformok és a velük szemben támasztott követelmények felkutatása, összehasonlítása és legalább egy rendszer esetében az azonosítás megbízhatóságának vizsgálata a tekintetben, hogy milyen mértékben alkalmas a személyes azonosítás kiváltására, és egy esetleges támadó számára milyen lehetőségek állnak rendelkezésre fals pozitív azonosítási eredmény elérésére.
A téma vizsgálatára valós projekt keretében, ipari konzulens segítségével nyílik lehetőség a Microsec zrt-nél. A Microsec zrt. Magyarország egyik meghatározó informatikai vállalkozása. Piacvezető szerepet tölt be az elektronikus aláírással kapcsolatos szolgáltatások területén, Magyarországon az első eIDAS szerinti minősített bizalmi szolgáltatóként minősített elektronikus aláíró és bélyegző tanúsítványok kibocsátását, minősített időbélyegzést, valamint minősített archiválás szolgáltatást nyújt nagyvállalatoknak, pénzintézeteknek, úttörő szerepet vállalva a biztonságos, PKI alapú digitalizációban.

Külső partner által javasolt téma (TASZK Kft):


A Taszk Kft-nél három terület közül is lehet választani. Ezek közül 1 téma elindítására van lehetőség.

Instrumenting Smartphone Firmware Components for Security Analysis
Explore techniques for instrumenting ARM firmware binaries for code analysis purposes. Study various approaches from bare-metal instrumentation by code patching to using existing emulation and/or on-target frameworks (e.g. qemu, unicorn, frida), to utilizing ARM hardware debug extensions. Learn about various dynamic code analysis goals (e.g tracing, hooking, fuzzing, data flow analysis, etc) and their instrumentation requirements.
Stretch Goals: Furthering the research we envision the student creating a fully fledged case study of an either fully on-target or a hybrid emulated/on-target fuzzing framework utilizing instrumentation. We have several real-world targets (various firmware elements of modern smartphone SoCs) in mind for this.

Security Analysis of Custom Android Kernel Self-Defenses
Learn the basics of working with Android kernel image customizations: image formats, OTA updates, extraction, (re)building, writing modules. Study Linux kernel memory management concepts and how they pertain to exploit mitigations. Study the history of Linux kernel privilege escalation techniques and the evolution of known kernel self-defenses to counter them.
Stretch Goals: Building on a firm understanding of the prior art, conduct original research into the current state of Android kernel vendor customizations. We envision two tracks that this research can take. The first is a study of "patch gaping" of Linux kernel security bugs with respect to the mainline Linux kernel vs vendor-customized kernels of high-end smartphones. The second is a study of the (largely undocumented) custom mitigations that the leading Android device manufacturers introduce into their kernels.

Static Vulnerability Analysis Using Code Property Graph-based Query Languages
Study existing frameworks (such as bjoern and hexrays decompiler) that automate the extraction of semantic information from compiled binaries and expose a code property graph that can be used with a query language for identifying vulnerable code patterns.
Research how such frameworks could be extended or have alternatives developed for them on top of existing binary analysis solutions (such as disassembler/decompiler engines). Discover the advantages and limitations of this approach and what kinds of memory safety vulnerabilities can be efficiently queried with it.
Identify a target binary, study its attack surface, and define bug patterns of interest. Use/extend a framework to develop the desired bug pattern queries and carry out the manual analysis of the findings of the automated queries.

Publications

2020

Rootkit Detection on Embedded IoT Devices

R. Nagy, L. Buttyán

Conference of PhD Students in Computer Science (CSCS), 2020.

Bibtex | Abstract | PDF

@conference {
   author = {Roland Nagy, Levente Buttyán},
   title = { Rootkit Detection on Embedded IoT Devices},
   booktitle = {Conference of PhD Students in Computer Science (CSCS)},
   year = {2020}
}

Abstract

Rootkits are malicious programs that try to maintain their presence on infected computers while remaining invisible. They have been used to attack traditional computers (PCs and servers), but they may also target embedded IoT devices. In this work, we propose a rootkit detection approach for such embedded IoT devices, where the detection mechanism is executed in an isolated execution environment that protects it from manipulation by the rootkit. Our rootkit detection approach is focused on detecting Direct Kernel Object Manipu- lation (DKOM) and it is based on detecting inconsistencies caused by the presence of a rootkit in various Linux kernel data structures such as the process list, the process tree, and different scheduling queues. We also report on the current status of our implementation using OP-TEE, an open source Trusted Execution Environment.

Clustering IoT Malware based on Binary Similarity

M. Bak, D. Papp, Cs. Tamás, L. Buttyán

IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), 2020.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Marton Bak, Dorottya Papp, Csongor Tamás, Levente Buttyán},
   title = {Clustering IoT Malware based on Binary Similarity},
   booktitle = {IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)},
   year = {2020}
}

Abstract

In this paper, we propose to cluster malware samples based on their TLSH similarity. We apply this approach to clustering IoT malware samples as IoT botnets built from malware infected IoT devices are becoming an important trend. We study the performance of two distance-based clustering algorithms, k-medoid and OPTICS, on a large corpus of IoT malware samples when they are used with the TLSH difference metric to measure distances between samples. Our results show that neither of the two algorithms have acceptable clustering performance. Hence, we propose a new clustering algorithm, which achieves a performance superior to both k-medoid and OPTICS.

The cost of having been pwned: a security service provider's perspective

G. Biczók, M. Horváth, Sz. Szebeni, I. Lam, L. Buttyán

3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020, 2020.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Biczók, Máté Horváth, Szilveszter Szebeni, Istvan Lam, Levente Buttyán},
   title = {The cost of having been pwned: a security service provider's perspective},
   booktitle = {3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020},
   year = {2020}
}

Abstract

Account information from major online providers are getting exposed regularly; this gives rise to PWND services, providing a smart means to check whether a password or username/password tuple has already been leaked, rendering them ``pwned'' and therefore risky to use. However, state-of-the-art PWND mechanisms leak some information themselves. In this paper, we investigate how this minimal leaked information can speed up password cracking attacks of a powerful adversary, when the PWND mechanism is implemented on-premise by a service provider as an additional security measure during registration or password change. We analyze the costs and practicality of these attacks, and investigate simple mitigation techniques. We show that implementing a PWND mechanism can be beneficial, especially for security-focused service providers, but proper care needs to be taken. We also discuss behavioral factors to consider when deploying PWND services.

There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation

M. Horváth, L. Buttyán, G. Székely, D. Neubrandt

Information Security and Cryptology – ICISC 2019 : Revised selected papers, Springer, 2020, pp. 1-17.

Bibtex

@inproceedings {
   author = {Máté Horváth, Levente Buttyán, Gábor Székely, Dóra Neubrandt},
   title = {There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation},
   booktitle = {Information Security and Cryptology – ICISC 2019 : Revised selected papers},
   publisher = {Springer},
   year = {2020},
   pages = {1-17}
}

Abstract

Towards Reverse Engineering Protocol State Machines

G. Székely, G. Ládi, T. Holczer, L. Buttyán

The 12th Conference of PhD Students in Computer Science - Volume of short papers, 2020, pp. 70-73.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gábor Székely, Gergõ Ládi, Tamas Holczer, Levente Buttyán},
   title = {Towards Reverse Engineering Protocol State Machines},
   booktitle = {The 12th Conference of PhD Students in Computer Science - Volume of short papers},
   year = {2020},
   pages = {70-73}
}

Abstract

In this work, we are addressing the problem of inferring the state machine of an unknown protocol. Our method is based on prior work on inferring Mealy machines. We require access to and interaction with a system that runs the unknown protocol, and we serve a state-of-the-art Mealy machine inference algorithm with appropriate input obtained from the system at hand. We implemented our method and illustrate its operation on a simple example protocol.

Towards Secure Remote Firmware Update on Embedded IoT Devices

M. Juhász, D. Papp, L. Buttyán

Conference of PhD Students in Computer Science (CSCS), 2020.

Bibtex | Abstract | PDF

@conference {
   author = {Márton Juhász, Dorottya Papp, Levente Buttyán},
   title = {Towards Secure Remote Firmware Update on Embedded IoT Devices},
   booktitle = {Conference of PhD Students in Computer Science (CSCS)},
   year = {2020}
}

Abstract

An important security problem in IoT systems is the integrity protection of software, including the firmware and the operating system, running on embedded IoT devices. Digitally signed code and verified boot only partially solve this problem, because those mechanisms do not address the issue of run-time attacks that exploit software vulnerabilities. For this issue, the only known solution today is to fix the discovered vulnerabilities and update embedded devices with the fixed software. Such an update should be performed remotely in a secure and reliable way, as otherwise the update mechanism itself can be exploited to install compromised software on devices at large scale. In this work, we propose a system and related procedures for remotely updating the firmware and the operating system of embedded IoT devices securely and reliably.

2019

IoT Hacking - A Primer

D. Papp, K. Tamás, L. Buttyán

Infocommunications Journal, 2nd Issue, 2019.

Bibtex | Abstract | PDF

@article {
   author = {Dorottya Papp, Kristóf Tamás, Levente Buttyán},
   title = {IoT Hacking - A Primer},
   journal = {Infocommunications Journal, 2nd Issue},
   year = {2019}
}

Abstract

The Internet of Things (IoT) enables many new and exciting applications, but it also creates a number of new risks related to information security. Several recent attacks on IoT devices and systems illustrate that they are notoriously insecure. It has also been shown that a major part of the attacks resulted in full adversarial control over IoT devices, and the reason for this is that IoT devices themselves are weakly protected and they often cannot resist even the most basic attacks. Penetration testing or ethical hacking of IoT devices can help discovering and fixing their vulnerabilities that, if exploited, can result in highly undesirable conditions, including damage of expensive physical equipment or even loss of human life. In this paper, we give a basic introduction into hacking IoT devices. We give an overview on the methods and tools for hardware hacking, firmware extraction and unpacking, and performing basic firmware analysis. We also provide a survey on recent research on more advanced firmware analysis methods, including static and dynamic analysis of binaries, taint analysis, fuzzing, and symbolic execution techniques. By giving an overview on both practical methods and readily available tools as well as current scientific research efforts, our work can be useful for both practitioners and academic researchers.

Towards Detecting Trigger-based Behavior In Binaries: Uncovering the Correct Environment

D. Papp, T. Tarrach, L. Buttyán

International Conference on Software Engineering and Formal Methods (SEFM), 2019.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Dorottya Papp, Thorsten Tarrach, Levente Buttyán},
   title = {Towards Detecting Trigger-based Behavior In Binaries: Uncovering the Correct Environment},
   booktitle = {International Conference on Software Engineering and Formal Methods (SEFM)},
   year = {2019}
}

Keywords

Directed symbolic execution, Trigger-based behavior, Software verification

Abstract

In this paper, we present our first results towards detecting trigger-based behavior in binary programs. A program exhibits trigger-based behavior if it contains undocumented, often malicious functionality that is executed only under specific circumstances. In order to determine the inputs and environment required to trigger such behavior, we use directed symbolic execution and present techniques to overcome some of its practical limitations. Specifically, we propose techniques to overcome the environment problem and the path selection problem. We implemented our techniques and evaluated their performance on a real malware sample that launches denial-of-service attacks upon receiving specific remote commands. Thanks to our techniques, our implementation was able to determine those specific commands and all other requirements needed to trigger the malicious behavior in reasonable time.

2018

Detection of Injection Attacks in Compressed CAN Traffic Logs

A. Gazdag, D. Neubrandt, L. Buttyán, Zs. Szalay

International Workshop on Cyber Security for Intelligent Transportation Systems, Held in Conjunction with ESORICS 2018, Springer, 2018.

Bibtex | Abstract | PDF

@inproceedings {
   author = {András Gazdag, Dóra Neubrandt, Levente Buttyán, Zsolt Szalay},
   title = {Detection of Injection Attacks in Compressed CAN Traffic Logs},
   booktitle = {International Workshop on Cyber Security for Intelligent Transportation Systems, Held in Conjunction with ESORICS 2018},
   publisher = {Springer},
   year = {2018}
}

Keywords

Intrusion Detection, CAN Networks

Abstract

Prior research has demonstrated that modern cars are vulnerable to cyber attacks. As such attacks may cause physical accidents, forensic investigations must be extended into the cyber domain. In order to support this, CAN traffic in vehicles must be logged continuously, stored efficiently, and analyzed later to detect signs of cyber attacks. Efficient storage of CAN logs requires compressing them. Usually, this compressed logs must be decompressed for analysis purposes, leading to waste of time due to the decompression operation itself and most importantly due to the fact that the analysis must be carried out on a much larger amount of decompressed data. In this paper, we propose an anomaly detection method that works on the compressed CAN log itself. For compression, we use a lossless semantic compression algorithm that we proposed earlier. This compression algorithm achieves a higher compression ratio than traditional syntactic compression methods do such as gzip. Besides this advantage, in this paper, we show that it also supports the detection of injection attacks without decompression. Moreover, with this approach we can detect attacks with low injection frequency that were not detected reliably in previous works.

Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic

G. Ládi, L. Buttyán, T. Holczer

26th International Conference on Software, Telecommunications and Computer Networks, Workshop on Information and Communication Technologies, Proceedings, FESB, University of Split, 2018, pp. 1-6, ISBN 978-9-5329-0087-3.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergõ Ládi, Levente Buttyán, Tamas Holczer},
   title = {Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic},
   booktitle = {26th International Conference on Software, Telecommunications and Computer Networks, Workshop on Information and Communication Technologies, Proceedings},
   publisher = {FESB, University of Split},
   year = {2018},
   pages = {1-6},
   note = {ISBN 978-9-5329-0087-3}
}

Keywords

protocol reverse engineering; message format; field semantics; inference; binary protocols; network traffic; Modbus; MQTT

Abstract

Protocol specifications describe the interaction between different entities by defining message formats and message processing rules. Having access to such protocol specifications is highly desirable for many tasks, including the analysis of botnets, building honeypots, defining network intrusion detection rules, and fuzz testing protocol implementations. Unfortunately, many protocols of interest are proprietary, and their specifications are not publicly available. Protocol reverse engineering is an approach to reconstruct the specifications of such closed protocols. Protocol reverse engineering can be tedious work if done manually, so prior research focused on automating the reverse engineering process as much as possible. Some approaches rely on access to the protocol implementation, but in many cases, the protocol implementation itself is not available or its license does not permit its use for reverse engineering purposes. Hence, in this paper, we focus on reverse engineering protocol specifications based solely on recorded network traffic. More specifically, we propose a method that can infer protocol message formats as well as certain field semantics for binary protocols from network traces. We demonstrate the usability of our approach by running it on packet captures of two known protocols, Modbus and MQTT, then comparing the inferred specifications to the known specifications of these protocols.

Problem Domain Analysis of IoT-Driven Secure Data Markets

L. Buttyán, M. Horváth

Euro-CYBERSEC 2018. Communications in Computer and Information Science, Springer, 2018, Gelenbe E. et al. (eds.), pp. 57-67, vol. 821.

Bibtex | Abstract | PDF

@incollection {
   author = {Levente Buttyán, Máté Horváth},
   title = {Problem Domain Analysis of IoT-Driven Secure Data Markets},
   booktitle = {Euro-CYBERSEC 2018. Communications in Computer and Information Science},
   publisher = {Springer},
   year = {2018},
   editor = {Gelenbe E. et al. (eds.)},
   pages = {57-67},
   note = {vol. 821}
}

Abstract

The Internet of Things (IoT) provides us with a vast amount of new data day by day, however, currently, most of these are only stored without utilizing their full potential. The attractive concept of data markets can change this situation in the near future and thus we initiate the study of security aspects of such systems. In this work, as a first step, we analyse the data markets based on the possible security requirements of the different participants. We identify more than 30 possible scenarios and connect these to the relevant areas of cryptography. Our analysis also highlights several open problems motivating further research on certain cryptographic primitives.

Vehicular Can Traffic Based Microtracking for Accident Reconstruction

A. Gazdag, T. Holczer, L. Buttyán, Zs. Szalay

Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering, University of Miskolc, Miskolc, Hungary, 2018.

Bibtex | Abstract | PDF

@inproceedings {
   author = {András Gazdag, Tamas Holczer, Levente Buttyán, Zsolt Szalay},
   title = {Vehicular Can Traffic Based Microtracking for Accident Reconstruction},
   booktitle = {Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering},
   publisher = {University of Miskolc, Miskolc, Hungary},
   year = {2018}
}

Keywords

Digital forensics, CAN network

Abstract

Accident reconstruction is the process of reliably discovering what has happened before a serious event. We show how the most widely used intra vehicular network (namely the Controller Area Network, CAN) can be used in this process. We show how the actual velocity and steering wheel position transmitted on the CAN network can be used to reconstruct the trajectory of a vehicle. This trajectory is an essential input in the reconstruction process. In this paper, we show how the CAN traffic of an actual vehicle can be used to recon- struct the trajectory of the vehicle, and we evaluate our approach in several real life experiments including normal and pre-accident situations.

2017

Efficient Lossless Compression of CAN Traffic Logs

Zs. Szalay, L. Buttyán, A. Gazdag

IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom), IEEE, 2017.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Zsolt Szalay, Levente Buttyán, András Gazdag},
   title = {Efficient Lossless Compression of CAN Traffic Logs},
   booktitle = {IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom)},
   publisher = {IEEE},
   year = {2017}
}

Abstract

In this paper, we propose a compression method that allows for the efficient storage of large amounts of CAN traffic data, which is needed for the forensic investigations of accidents caused by cyber attacks on vehicles. Compression of recorded CAN traffic also reduces the time (or bandwidth) needed to off-load that data from the vehicle. In addition, our compression method allows analysts to perform log analysis on the compressed data, therefore, it contributes to reduced analysis time and effort. We achieve this by performing semantic compression on the CAN traffic logs, rather than simple syntactic compression. Our compression method is lossless, thus preserving all information for later analysis. Besides all the above advantages, the compression ratio that we achieve is better than the compression ratio of state-of-the-art syntactic compression methods, such as gzip.

Forensics aware lossless compression of CAN traffic logs

A. Gazdag, L. Buttyán, Zs. Szalay

Scientific Letters of the University of Zilina, 2017.

Bibtex | PDF

@article {
   author = {András Gazdag, Levente Buttyán, Zsolt Szalay},
   title = {Forensics aware lossless compression of CAN traffic logs},
   journal = {Scientific Letters of the University of Zilina},
   year = {2017}
}

Abstract

Towards Efficient Compression of CAN Traffic Logs

Zs. Szalay, L. Buttyán, A. Gazdag

Balázs Vehovszky, Krisztián Bán, János Takács, 34th International Colloquium on Advanced Manufacturing and Repairing Technologies in Vehicle Industry: 17-19 May 2017, Visegrád, Hungary. 190 p., Budapest University of Technology and Economics, 2017.

Bibtex | PDF

@inproceedings {
   author = {Zsolt Szalay, Levente Buttyán, András Gazdag},
   title = {Towards Efficient Compression of CAN Traffic Logs},
   editor = {Balázs Vehovszky, Krisztián Bán, János Takács},
   booktitle = {34th International Colloquium on Advanced Manufacturing and Repairing Technologies in Vehicle Industry: 17-19 May 2017, Visegrád, Hungary. 190 p.},
   publisher = {Budapest University of Technology and Economics},
   year = {2017}
}

Keywords

CAN, network traffic capture, semantic compression, forensic analysis

Abstract

Towards Semi-automated Detection of Trigger-based Behavior for Software Security Assurance

D. Papp, L. Buttyán, Z. Ma

Workshop on Software Assurance at ARES 2017, 2017.

Bibtex | Abstract | PDF

@conference {
   author = {Dorottya Papp, Levente Buttyán, Zhendong Ma},
   title = {Towards Semi-automated Detection of Trigger-based Behavior for Software Security Assurance},
   booktitle = {Workshop on Software Assurance at ARES 2017},
   year = {2017}
}

Abstract

A program exhibits trigger-based behavior if it performs undocumented, often malicious, functions when the environmental conditions and/or specific input values match some pre-specified criteria. Checking whether such hidden functions exist in the program is important for increasing trustworthiness of software. In this paper, we propose a framework to effectively detect trigger-based behavior at the source code level. Our approach is semi-automated: We use automated source code instrumentation and mixed concrete and symbolic execution to generate potentially suspicious test cases that may trigger hidden, potentially malicious functions. The test cases must be investigated by a human analyst manually to decide which of them are real triggers. While our approach is not fully automated, it greatly reduces manual work by allowing analysts to focus on a few test cases found by our automated tools.

2016

RoViM: Rotating Virtual Machines for Security and Fault-Tolerance

D. Papp, Z. Ma, L. Buttyán

EMC2 Summit at CPS Week 2016, 2016.

Bibtex | Abstract | PDF

@conference {
   author = {Dorottya Papp, Zhendong Ma, Levente Buttyán},
   title = {RoViM: Rotating Virtual Machines for Security and Fault-Tolerance},
   booktitle = {EMC2 Summit at CPS Week 2016},
   year = {2016}
}

Abstract

Nowadays, the field of embedded system experiences a number of changes. On one hand, recent cyber attacks against safety-critical systems demonstrate that malware can force safety-critical systems to endanger human lives and harm the environment. Therefore, a new requirement of security have arisen for safety-critical and embedded systems. However, security should be designed hand in hand with safety to resolve conflicts between the two fields. On the other hand, the emerging trend of virtualization has significant impact on the embedded market. The isolation and protection mechanisms of virtualization contributes to both safety and security via redundancy and the prevention of one virtual machine affecting another. In this paper we present RoViM, a system of rotating virtual machines providing proactive security for embedded devices. RoViM uses multiple virtual machines in the system which increases redundancy as a safety measure. Our design satisfies reachability, liveness and safety requirements and we present a proof-of-concept implementation with use case of an Internet Protocol Security (IPsec) gateway. We evaluate our design with formal verification and show that rotating virtual machines cause no significant change in the performance of the IPsec gateway.

2015

Duqu 2.0:A comparison to Duqu

B. Bencsáth, L. Buttyán, R. Kamarás, G. Vaspöri, G. Molnár, G. Ács-Kurucz

BME CrySyS Lab, 2015.

Bibtex | PDF

@techreport {
   author = {Boldizsár Bencsáth, Levente Buttyán, Roland Kamarás, Gábor Vaspöri, Gábor Molnár, Gábor Ács-Kurucz},
   title = {Duqu 2.0:A comparison to Duqu},
   institution = {BME CrySyS Lab},
   year = {2015}
}

Abstract

Embedded System Security: Threats, Vulnerabilities, and Attack Taxonomy

D. Papp, Z. Ma, L. Buttyán

IEEE International Confenrence on Privacy, Security, and Trust, 2015.

Bibtex | Abstract

@conference {
   author = {Dorottya Papp, Zhendong Ma, Levente Buttyán},
   title = {Embedded System Security: Threats, Vulnerabilities, and Attack Taxonomy},
   booktitle = {IEEE International Confenrence on Privacy, Security, and Trust},
   year = {2015}
}

Abstract

Embedded systems are the driving force for technological development in many domains such as automotive, healthcare, and industrial control in the emerging post-PC era. As more and more computational and networked devices are integrated into all aspects of our lives in a pervasive and ``invisible' way, security becomes critical for the dependability of all smart or intelligent systems built upon these embedded systems. In this paper, we conduct a systematic review of the existing threats and vulnerabilities in embedded systems based on public available data. Moreover, based on the information, we derive an attack taxonomy for embedded systems. We envision that the findings in this paper provide a valuable insight of the threat landscape facing embedded systems. The knowledge can be used for a better understanding and the identification of security risks in system analysis and design.

ROSCO: Repository of signed code

B. Bencsáth, L. Buttyán, T. Holczer, B. Kócsó, D. Papp

Virus Bulletin, 2015.

Bibtex | PDF

@conference {
   author = {Boldizsár Bencsáth, Levente Buttyán, Tamas Holczer, Balázs Kócsó, Dorottya Papp},
   title = {ROSCO: Repository of signed code},
   booktitle = {Virus Bulletin},
   year = {2015}
}

Abstract

The design and implementation of a PLC honeypot for detecting cyber attacks against industrial control systems

L. Buttyán, M. Felegyhazi, T. Holczer

Proceedings of International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange, IAEA, 2015.

Bibtex

@inproceedings {
   author = {Levente Buttyán, Mark Felegyhazi, Tamas Holczer},
   title = {The design and implementation of a PLC honeypot for detecting cyber attacks against industrial control systems},
   booktitle = {Proceedings of International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange},
   publisher = {IAEA},
   year = {2015}
}

Abstract

2014

An independent test of APT attack detection appliances

R. Kamarás, G. Vaspöri, G. Molnár, G. Ács-Kurucz, Z. Balázs, L. Buttyán, B. Bencsáth

MRG Effitas and BME CrySyS Lab, 2014.

Bibtex

@techreport {
   author = {Roland Kamarás, Gábor Vaspöri, Gábor Molnár, Gábor Ács-Kurucz, Zoltán Balázs, Levente Buttyán, Boldizsár Bencsáth},
   title = {An independent test of APT attack detection appliances},
   institution = {MRG Effitas and BME CrySyS Lab},
   year = {2014}
}

Abstract

Android Malware Analysis Based On Memory Forensics

L. Buttyán, A. Gazdag

Annual Scientific Conference of the Hungarian National Coordinating Center for Infocommunications (NIKK) 2014, Veszprém, Springer, 2014.

Bibtex

@inproceedings {
   author = {Levente Buttyán, András Gazdag},
   title = {Android Malware Analysis Based On Memory Forensics},
   booktitle = {Annual Scientific Conference of the Hungarian National Coordinating Center for Infocommunications (NIKK) 2014, Veszprém},
   publisher = {Springer},
   year = {2014}
}

Abstract

2013

A Survey of Security Issues in Hardware Virtualization

B. Bencsáth, L. Buttyán, G. Pék

ACM Computing Surveys (CSUR), vol. 45 , no. 3, June , 2013, doi:10.1145/2480741.2480757.

Bibtex | Abstract

@article {
   author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK},
   title = {A Survey of Security Issues in Hardware Virtualization},
   journal = { ACM Computing Surveys (CSUR)},
   volume = {45 },
   number = {3},
   month = {June },
   year = {2013},
   note = {doi:10.1145/2480741.2480757}
}

Abstract

Virtualization is a powerful technology to increase the efficiency of computing services; however, besides its advantages, it also raises a number of security issues. In this paper, we provide a thorough survey of those security issues in hardware virtualization. We focus on potential vulnerabilities and existing attacks on various virtualization platforms, but we also briefly sketch some possible countermeasures. To the best of our knowledge, this is the first survey of security issues in hardware virtualization with this level of details. Moreover, the adversary model and the structuring of the attack vectors are original contributions, never published before.

Designing Robust Network Topologies for Wireless Sensor Networks in Adversarial Environments

D. Szeszlér, L. Buttyán, A. Laszka

Pervasive and Mobile Computing, Elsevier, vol. 9, no. 4, August, 2013, pp. 546 - 563, (http://dx.doi.org/10.1016/j.pmcj.2012.05.001).

Bibtex | Abstract

@article {
   author = {Dávid Szeszlér, Levente Buttyán, Aron Laszka},
   title = {Designing Robust Network Topologies for Wireless Sensor Networks in Adversarial Environments},
   journal = {Pervasive and Mobile Computing, Elsevier},
   volume = { 9},
   number = {4},
   month = {August},
   year = {2013},
   pages = {546 - 563},
   note = {(http://dx.doi.org/10.1016/j.pmcj.2012.05.001)}
}

Abstract

In this paper, we address the problem of deploying sink nodes in a wireless sensor network such that the resulting network topology be robust. In order to measure network robustness, we propose a new metric, called persistence, which better captures the notion of robustness than the widely known connectivity based metrics. We study two variants of the sink deployment problem: sink selection and sink placement. We prove that both problems are NP-hard, and show how the problem of sink placement can be traced back to the problem of sink selection using an optimal search space reduction te chnique, which may be of independent interest. To solve the problem of sink selection, we propose efficient heuristic algorithms. Finally, we provide experim ental results on the performance of our proposed algorithms.

On formal and automatic security verification of WSN transport protocols

A. Dvir, L. Buttyán, T. V. Thong

ISRN Sensor Networks Journal, Hindawi, December, 2013, In Press.

Bibtex

@article {
   author = {Amit Dvir, Levente Buttyán, Ta Vinh Thong},
   title = {On formal and automatic security verification of WSN transport protocols },
   journal = {ISRN Sensor Networks Journal, Hindawi},
   month = {December},
   year = {2013},
   note = {In Press}
}

Abstract

SDTP+: Securing a Distributed Transport Protocol for WSNs using Merkle Trees and Hash Chains

T. V. Thong, L. Buttyán, A. Dvir

IEEE International Confenrence on Communications (ICC), 2013, pp. 1-6, Budapest, Hungary, June.

Bibtex | Abstract

@conference {
   author = {Ta Vinh Thong, Levente Buttyán, Amit Dvir},
   title = {SDTP+: Securing a Distributed Transport Protocol for WSNs using Merkle Trees and Hash Chains},
   booktitle = {IEEE International Confenrence on Communications (ICC)},
   year = {2013},
   pages = {1-6},
   address = {Budapest, Hungary},
   month = {June}
}

Abstract

Transport protocols for Wireless Sensor Networks (WSNs) are designed to fulfill both reliability and energy effi- ciency requirements. Distributed Transport for Sensor Networks (DTSN)is one of the most promising transport protocols designed for WSNs because of its effectiveness; however, it does not address any security issues, hence it is vulnerable to many attacks. The first secure transport protocol for WSN was the secure distributed transport protocol (SDTP) [2], which is a security extension of DTSN. Unfortunately, it turns out that the security methods provided by SDTP are not sufficient; some tricky attacks get around the protection mechanism. In this paper, we describe the security gaps in the SDTP protocol, and we introduce SDTP+ for patching the weaknesses. We show that SDTP+ resists attacks on reliability and energy efficiency of the protocol, and also present an overhead analysis for showing its effectiveness.

Technical Trends in Recent Targeted Attacks

M. Felegyhazi, L. Buttyán, B. Bencsáth, G. Pék

Presentation at Power of Community (POC 2013, Seoul, South Korea), November, 2013.

Bibtex

@misc {
   author = {Mark Felegyhazi, Levente Buttyán, Boldizsár Bencsáth, Gábor PÉK},
   title = {Technical Trends in Recent Targeted Attacks },
   howpublished = {Presentation at Power of Community (POC 2013, Seoul, South Korea)},
   month = {November},
   year = {2013}
}

Abstract

2012

A Machine Learning Based Approach for Predicting Undisclosed Attributes in Social Networks

G. Kótyuk, L. Buttyán

Proceedings of the IEEE Workshop on SEcurity and SOCial Networking (SESOC), IEEE, IEEE, Lugano, Switzerland, March, 2012, pp. 1-6.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Kótyuk, Levente Buttyán},
   title = {A Machine Learning Based Approach for Predicting Undisclosed Attributes in Social Networks},
   booktitle = {Proceedings of the IEEE Workshop on SEcurity and SOCial Networking (SESOC)},
   organization = {IEEE},
   publisher = {IEEE},
   address = {Lugano, Switzerland},
   month = {March},
   year = {2012},
   pages = {1-6}
}

Keywords

social networks, privacy, machine learning

Abstract

Online Social Networks have gained increased popularity in recent years. However, besides their many advanteges, they also represent privacy risks for the users. In order to control access to their private information, users of OSNs are typically allowed to set the visibility of their profile attributes, but this may not be sufficient, beacuse visible attributes, friendship relationships, and group memberships can be used to infer private information. In this paper, we propose a fully automated approach based on machine learning for inferring undisclosed attributes of OSN users. Our method can be used for both classification and regression tasks, and it makes large scale privacy attacks feasible. We also provide experimental results showing that our method achieves good performance in practice.

A Survey of Interdependent Security Games

L. Buttyán, M. Felegyhazi, A. Laszka

no. CRYSYS-TR-2012-11-15, CrySyS Lab, BME, Nov, 2012.

Bibtex | Abstract | PDF

@techreport {
   author = {Levente Buttyán, Mark Felegyhazi, Aron Laszka},
   title = {A Survey of Interdependent Security Games},
   number = {CRYSYS-TR-2012-11-15},
   institution = {CrySyS Lab, BME},
   month = {Nov},
   year = {2012}
}

Keywords

interdependent security, security economics, security games

Abstract

Interdependence of information systems is a fundamental property that shapes the problems in information security. The risks faced by system operators and users is not only determined by their own security posture, but is heavily affected by the security-related decisions of other connected systems. Therefore, defending networked systems relies on the correlated action of the system operators or users. In this survey, we summarize game-theoretic interdependence models, characterize the emerging security inefficiencies and present solution methods. Our goal is to distill the main insights from the state-of-the-art and to identify the areas that need more attention from the research community.

A Wireless Sensor and Actuator Network for Improving the Electrical Power Grid Dependability

A. Grilo, A. Casaca, P. Pereira, L. Buttyán, J. Goncalves, C. Fortunato

Euro-NF Conference on Next Generation Internet (NGI), IEEE, 2012.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Antonio M. Grilo, Augusto Casaca, Paulo Pereira, Levente Buttyán, José Goncalves, Carlos Fortunato},
   title = {A Wireless Sensor and Actuator Network for Improving the Electrical Power Grid Dependability},
   booktitle = {Euro-NF Conference on Next Generation Internet (NGI)},
   publisher = {IEEE},
   year = {2012}
}

Abstract

This paper presents an overview of a Wireless Sensor and Actuator Network (WSAN) used to monitor an electrical power grid distribution infrastructure. The WSAN employs appropriate sensors to monitor key grid components, integrating both safety and security services, which improve the grid distribution dependability. The supported applications include, among others, video surveillance of remote secondary substations, which imposes special requirements from the point of view of quality of service and reliability. The paper presents the hardware and software architecture of the system together with performance results.

Célzott informatikai támadások napjainkban

B. Bencsáth, G. Pék, L. Buttyán, M. Felegyhazi

Budapest New Tech Meetup, Budapest, Hungary., December, 2012.

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
   title = {Célzott informatikai támadások napjainkban},
   howpublished = {Budapest New Tech Meetup, Budapest, Hungary.},
   month = {December},
   year = {2012}
}

Abstract

Critical Infrastructure Security: Assessment, Prevention, Detection, Response

P. Langendoerfer, L. Buttyán, A. Casaca, E. Osipov, A. Hessler, C. Castelluccia, A. Alkassar

F. Flammini (ed), Wireless Sensor Networks for Critical Infrastructure Protection, pp. 155-167, WIT Press, 2012.

Bibtex

@inbook {
   author = {Peter Langendoerfer, Levente Buttyán, Augusto Casaca, Evgeny Osipov, Alban Hessler, Claude Castelluccia, Ammar Alkassar},
   editor = {F. Flammini (ed)},
   title = {Critical Infrastructure Security: Assessment, Prevention, Detection, Response},
   chapter = {Wireless Sensor Networks for Critical Infrastructure Protection},
   pages = {155-167},
   publisher = {WIT Press},
   year = {2012}
}

Abstract

Cryptography: The strongest link in the chain

L. Buttyán, B. Bencsáth

Hackin9 Extra, vol. 8, no. 1, January, 2012, pp. 8-11.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, Boldizsár Bencsáth},
   title = {Cryptography: The strongest link in the chain},
   journal = {Hackin9 Extra},
   volume = {8},
   number = {1},
   month = {January},
   year = {2012},
   pages = {8-11}
}

Abstract

IT security architectures that use cryptographic elements sometimes fail, but it is rarely cryptography to blame. The reason is more often the use of cryptography in an inappropriate way, or the use of algorithms that do not really qualify as cryptographic. High quality cryptography is in fact the strongest link in the chain, and there are good reasons for that.

Duqu, Flame, Gauss - new challenges for a new era

B. Bencsáth, L. Buttyán, M. Felegyhazi, G. Pék

EuroNOG 2012 conference, Budapest, 10-11 Sept 2012, September, 2012.

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Levente Buttyán, Mark Felegyhazi, Gábor PÉK},
   title = {Duqu, Flame, Gauss - new challenges for a new era },
   howpublished = {EuroNOG 2012 conference, Budapest, 10-11 Sept 2012},
   month = {September},
   year = {2012}
}

Abstract

Duqu: Analysis, Detection, and Lessons Learned

B. Bencsáth, G. Pék, L. Buttyán, M. Felegyhazi

ACM European Workshop on System Security (EuroSec), ACM, 2012.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
   title = {Duqu: Analysis, Detection, and Lessons Learned},
   booktitle = {ACM European Workshop on System Security (EuroSec)},
   publisher = {ACM},
   year = {2012}
}

Abstract

In September 2011, a European company sought our help to investigate a security incident that happened in their IT system. During the investigation, we discovered a new malware that was unknown to all mainstream anti-virus products, however, it showed striking similarities to the infamous Stuxnet worm. We named the new malware Duqu, and we carried out its rst analysis. Our ndings led to the hypothesis that Duqu was probably created by the same people who developed Stuxnet, but with a di erent purpose: unlike Stuxnet whose mission was to attack industrial equipment, Duqu is an information stealer rootkit. Nevertheless, both pieces of malware have a modular structure, and they can be re-con gured remotely from a Command and Control server to include virtually any kind of functionality. In this paper, we present an abridged version of our initial Duqu analysis, which is available in a longer format as a technical report. We also describe the Duqu detector toolkit, a set of heuristic tools that we developed to detect Duqu and its variants. Finally, we discuss a number of issues that we learned, observed, or identi ed during our Duqu analysis project concerning the problems of preventing, detecting, and handling targeted malware attacks; we believe that solving these issues represents a great challenge to the system security community.

Game-theoretic Robustness of Many-to-one Networks

L. Buttyán, D. Szeszlér, A. Laszka

3rd International Conference on Game Theory for Networks (GameNets), 2012, May.

Bibtex | Abstract

@conference {
   author = {Levente Buttyán, Dávid Szeszlér, Aron Laszka},
   title = {Game-theoretic Robustness of Many-to-one Networks},
   booktitle = {3rd International Conference on Game Theory for Networks (GameNets)},
   year = {2012},
   month = {May}
}

Abstract

In this paper, we study the robustness of networks that are characterized by many-to-one communications (e.g., access networks and sensor networks) in a game-theoretic model. More speci cally, we model the interactions between a network operator and an adversary as a two player zero-sum game, where the network operator chooses a spanning tree in the network, the adversary chooses an edge to be removed from the network, and the adversary's payo is proportional to the number of nodes that can no longer reach a designated node through the spanning tree. We show that the payo in every Nash equilibrium of the game is equal to the reciprocal of the persistence of the network. We describe optimal adversarial and operator strategies and give efficient, polynomial time algorithms to compute optimal strategies. We also generalize our game model to include varying node weights, as well as attacks against nodes.

Linear Loss Function for the Network Blocking Game: An Efficient Model for Measuring Network Robustness and Link Criticality

L. Buttyán, D. Szeszlér, A. Laszka

3rd Conference on Decision and Game Theory for Security (GameSec 2012), LNCS , November, 2012, pp. 152-170, Volume 7638.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, Dávid Szeszlér, Aron Laszka},
   title = {Linear Loss Function for the Network Blocking Game: An Efficient Model for Measuring Network Robustness and Link Criticality},
   booktitle = {3rd Conference on Decision and Game Theory for Security (GameSec 2012)},
   publisher = {LNCS },
   month = {November},
   year = {2012},
   pages = {152-170},
   note = {Volume 7638}
}

Abstract

In order to design robust networks, first, one has to be able to measure robustness of network topologies. In [1], a game-theoretic model, the network blocking game, was proposed for this purpose, where a network operator and an attacker interact in a zero-sum game played on a network topology, and the value of the equilibrium payoff in this game is interpreted as a measure of robustness of that topology. The payoff for a given pair of pure strategies is based on a loss-in-value function. Besides measuring the robustness of network topologies, the model can be also used to identify critical edges that are likely to be attacked. Unfortunately, previously proposed loss-in-value functions are either too simplistic or lead to a game whose equilibrium is not known to be computable in polynomial time. In this paper, we propose a new, linear loss-in-value function, which is meaningful and leads to a game whose equilibrium is efficiently computable. Furthermore, we show that the resulting game-theoretic robustness metric is related to the Cheeger constant of the topology graph, which is a well-known metric in graph theory.

Query Auditing for Protecting Max/Min Values of Sensitive Attributes in Statistical Databases

T. V. Thong, L. Buttyán

9th International Conference on Trust, Privacy & Security in Digital Business (TrustBus), Springer LNCS, July, 2012, pp. 1-15.

Bibtex | Abstract

@inproceedings {
   author = {Ta Vinh Thong, Levente Buttyán},
   title = {Query Auditing for Protecting Max/Min Values of Sensitive Attributes in Statistical Databases},
   booktitle = {9th International Conference on Trust, Privacy & Security in Digital Business (TrustBus)},
   publisher = {Springer LNCS},
   month = {July},
   year = {2012},
   pages = {1-15}
}

Keywords

Query Auditing, Statistical databases, Full disclosure, Partial disclosure, MIN, MAX aggregation queries

Abstract

In this paper, we de ne a novel setting for query auditing, where instead of detecting or preventing the disclosure of individual sensitive values, we want to detect or prevent the disclosure of aggregate values in the database. More speci cally, we study the problem of detecting or preventing the disclosure of the maximum (minimum) value in the database, when the querier is allowed to issue average queries to the database. We propose efficient o ffline and online query auditors for this problem in the full disclosure model, and an ecient simulatable online query auditor in the partial disclosure model.

Secure and Reliable Clustering in Wireless Sensor Networks: A Critical Survey

P. Schaffer, K. Farkas, Á. Horváth, T. Holczer, L. Buttyán

accepted for publication in Elsevier Computer Networks, 2012.

Bibtex | Abstract

@article {
   author = {Peter Schaffer, Károly Farkas, Ádám Horváth, Tamas Holczer, Levente Buttyán},
   title = {Secure and Reliable Clustering in Wireless Sensor Networks: A Critical Survey},
   journal = {accepted for publication in Elsevier Computer Networks},
   year = {2012}
}

Abstract

In the past few years, research interest has been increased towards wireless sensor networks (WSNs) and their application in both the military and civil domains. To support scalability in WSNs and increase network lifetime, nodes are often grouped into disjoint clusters. However, secure and reliable clustering, which is critical in WSNs deployed in hostile environments, has gained modest attention so far or has been limited only to fault tolerance. In this paper, we review the state-of-the-art of clustering protocols inWSNs with special emphasis on security and reliability issues. First, we define the taxonomy of security and reliability for cluster head election and clustering in WSNs. Then, we describe and analyze the most relevant secure and reliable clustering protocols. Finally, we propose countermeasures against typical attacks and show how they improve the discussed protocols.

sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks

B. Bencsáth, G. Pék, L. Buttyán, M. Felegyhazi

In collaboration with the sKyWIper Analysis Team , 2012.

Bibtex | PDF

@techreport {
   author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
   title = {sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks},
   institution = {In collaboration with the sKyWIper Analysis Team },
   year = {2012}
}

Abstract

Targeted attacks against Critical infrastructure: Stuxnet and beyond

B. Bencsáth, G. Pék, L. Buttyán, M. Felegyhazi

SCADA and Smart Grid Cyber Security Summit, 26-27 April 2012, April, 2012, London.

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
   title = {Targeted attacks against Critical infrastructure: Stuxnet and beyond},
   howpublished = {SCADA and Smart Grid Cyber Security Summit, 26-27 April 2012},
   month = {April},
   year = {2012},
   note = {London}
}

Abstract

Targeted Attacks of Recent Times

B. Bencsáth, L. Buttyán, G. Pék, M. Felegyhazi

Kaspersky SAS 2012 - Security Analyst Summit, Cancun, Mexico, February, 2012.

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK, Mark Felegyhazi},
   title = {Targeted Attacks of Recent Times },
   howpublished = {Kaspersky SAS 2012 - Security Analyst Summit, Cancun, Mexico},
   month = {February},
   year = {2012}
}

Abstract

Technical analysis and information sharing in the handling of high-profile targeted attacks

B. Bencsáth, L. Buttyán, G. Pék, M. Felegyhazi

2012 Workshop on Cyber Security and Global Affairs and Global Security Forum, 1-3 June 2012, June, 2012, Barcelona, Spain.

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK, Mark Felegyhazi},
   title = {Technical analysis and information sharing in the handling of high-profile targeted attacks },
   howpublished = {2012 Workshop on Cyber Security and Global Affairs and Global Security Forum, 1-3 June 2012},
   month = {June},
   year = {2012},
   note = {Barcelona, Spain}
}

Abstract

The cousins of Stuxnet: Duqu, Flame, Gauss, …

L. Buttyán, B. Bencsáth, G. Pék, M. Felegyhazi

ISCD 2012, Balatonöszöd, 3-4 Sep., September, 2012.

Bibtex

@misc {
   author = {Levente Buttyán, Boldizsár Bencsáth, Gábor PÉK, Mark Felegyhazi},
   title = {The cousins of Stuxnet: Duqu, Flame, Gauss, …},
   howpublished = {ISCD 2012, Balatonöszöd, 3-4 Sep.},
   month = {September},
   year = {2012}
}

Abstract

The Cousins of Stuxnet: Duqu, Flame, and Gauss

B. Bencsáth, G. Pék, L. Buttyán, M. Felegyhazi

Future Internet 2012, 4(4), doi:10.3390/fi4040971, 2012, pp. 971-1003, doi:10.3390/fi4040971, http://www.mdpi.com/journal/futureinternet/special_issues/stuxnet.

Bibtex | Abstract

@article {
   author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
   title = {The Cousins of Stuxnet: Duqu, Flame, and Gauss},
   journal = {Future Internet 2012, 4(4), doi:10.3390/fi4040971},
   year = {2012},
   pages = {971-1003},
   note = {doi:10.3390/fi4040971, http://www.mdpi.com/journal/futureinternet/special_issues/stuxnet}
}

Abstract

Stuxnet was the first targeted malware that received worldwide attention forcausing physical damage in an industrial infrastructure seemingly isolated from the onlineworld. Stuxnet was a powerful targeted cyber-attack, and soon other malware samples were discovered that belong to this family. In this paper, we will first present our analysis of Duqu, an information-collecting malware sharing striking similarities with Stuxnet. Wedescribe our contributions in the investigation ranging from the original detection of Duquvia finding the dropper file to the design of a Duqu detector toolkit. We then continue with the analysis of the Flame advanced information-gathering malware. Flame is unique in thesense that it used advanced cryptographic techniques to masquerade as a legitimate proxyfor the Windows Update service. We also present the newest member of the family, called Gauss, whose unique feature is that one of its modules is encrypted such that it can onlybe decrypted on its target system; hence, the research community has not yet been able to analyze this module. For this particular malware, we designed a Gauss detector serviceand we are currently collecting intelligence information to be able to break its very specialencryption mechanism. Besides explaining the operation of these pieces of malware, wealso examine if and how they could have been detected by vigilant system administrators manually or in a semi-automated manner using available tools. Finally, we discuss lessonsthat the community can learn from these incidents. We focus on technical issues, and avoidspeculations on the origin of these threats and other geopolitical questions.

Traffic Analysis Attacks and Countermeasures in Wireless Body Area Sensor Networks

L. Buttyán, T. Holczer

IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN), IEEE, June, 2012.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, Tamas Holczer},
   title = {Traffic Analysis Attacks and Countermeasures in Wireless Body Area Sensor Networks},
   booktitle = {IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN)},
   publisher = {IEEE},
   month = {June},
   year = {2012}
}

Abstract

In this paper, we study the problem of traffic analysis attacks in wireless body area sensor networks. When these networks are used in health-care for remote patient monitoring, traffic analysis can reveal the type of medical sensors mounted on the patient, and this information may be used to infer the patient’s health problems. We show that simple signal processing methods can be used effectively for performing traffic analysis attacks and identifying the sensor types in a rather weak adversary model. We then investigate possible traffic obfuscation mechanisms aiming at hiding the regular patterns in the observable wireless traffic. Among the investigated countermeasures, traffic shaping, a mechanism that introduces carefully chosen delays for message transmissions, appears to be the best choice, as it achieves close to optimal protection and incurs no overhead.

2011

Duqu: A Stuxnet-like malware found in the wild

B. Bencsáth, G. Pék, L. Buttyán, M. Felegyhazi

BME CrySyS Lab., October, 2011., First published in cut-down form as appendix to the Duqu report of Symantec.

Bibtex

@techreport {
   author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
   title = {Duqu: A Stuxnet-like malware found in the wild},
   institution = {BME CrySyS Lab.},
   month = {October},
   year = {2011.},
   note = {First published in cut-down form as appendix to the Duqu report of Symantec}
}

Abstract

Targeted attacks of recent days

B. Bencsáth, L. Buttyán

Kiberbiztonsági Konferencia, ZMNE, November 25, 2011..

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Levente Buttyán},
   title = {Targeted attacks of recent days},
   howpublished = {Kiberbiztonsági Konferencia, ZMNE},
   month = {November 25},
   year = {2011.}
}

Abstract

A Secure Distributed Transport Protocol for Wireless Sensor Networks

L. Buttyán, A. Grilo

Proceedings of the IEEE International Confenrence on Communications (ICC), IEEE, Kyoto, Japan, June 5-9, 2011, pp. 1-6.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, Antonio M. Grilo},
   title = {A Secure Distributed Transport Protocol for Wireless Sensor Networks},
   booktitle = {Proceedings of the IEEE International Confenrence on Communications (ICC)},
   publisher = {IEEE},
   address = {Kyoto, Japan},
   month = {June 5-9},
   year = {2011},
   pages = {1-6}
}

Abstract

We propose a secure distributed transport protocol for wireless sensor networks that resists against attacks on the reliability service provided by the protocol, as well as against energy depleting attacks. Our protocol is based on the Distributed Transport for Sensor Networks (DTSN) protocol, to which we add a security extension that consists in an efficient, symmetric key based authentication scheme for control packets. Besides describing the operation of our protocol, we also provide its analysis in terms of security and overhead.

Anonymous Aggregator Election and Data Aggregation in Wireless Sensor Networks

T. Holczer, L. Buttyán

International Journal of Distributed Sensor Networks, 2011, pp. 1-18, Article ID 828414.

Bibtex | Abstract | PDF

@article {
   author = {Tamas Holczer, Levente Buttyán},
   title = {Anonymous Aggregator Election and Data Aggregation in Wireless Sensor Networks},
   journal = {International Journal of Distributed Sensor Networks},
   year = {2011},
   pages = {1-18},
   note = {Article ID 828414}
}

Abstract

In mission critical cyber-physical systems, dependability is an important requirement at all layers of the system architecture. In this paper, we propose protocols that increase the dependability of wireless sensor networks, which are potentially useful building blocks in cyber physical systems. More specifically, we propose two private aggregator node election protocols, a private data aggregation protocol, and a corresponding private query protocol for sensor networks that allow for secure in-network data aggregation by making it difficult for an adversary to identify and then physically disable the designated aggregator nodes. Our advanced protocols resist strong adversaries that can physically compromise some nodes.

Backpressure Approach for Bypassing Jamming Attacks in Wireless Sensor Networks

L. Buttyán, A. Dvir

IEEE INFOCOM, Demo/Posters, Shanghai, China, April 11-15, 2011, pp. 1.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, Amit Dvir},
   title = {Backpressure Approach for Bypassing Jamming Attacks in Wireless Sensor Networks},
   publisher = {IEEE INFOCOM, Demo/Posters},
   address = {Shanghai, China},
   month = {April 11-15},
   year = {2011},
   pages = {1}
}

Abstract

The wireless medium used by sensor networks makes it easy for adversaries to launch jamming attacks that can block communication. In order to bypass the jamming area, tree-based routing protocols need to reconstruct the tree, a path or choosing new parent which is time consuming. In addition, bypassing congests the nodes at the border of the jamming area. In this paper, we present and implement a recovery algorithm based on a weighted backpressure function that bypasses the jamming area by spreading the congestion over a large subset of the sensor nodes, while no tree reconstruction and mapping of the jamming area are needed. As future work, we will implement and simulate our recovery algorithm using the IPv6 Routing Protocol for Low-power and Lossy Networks (RPL).

CLEARER: CrySyS Laboratory Security and Privacy Research Roadmap

L. Buttyán, M. Felegyhazi, B. Bencsáth

Proceedings of the First SysSec Workshop SysSec 2011, SysSec, Amsterdam, The Netherlands, July 6, 2011, pp. 73-76.

Bibtex | PDF

@inproceedings {
   author = {Levente Buttyán, Mark Felegyhazi, Boldizsár Bencsáth},
   title = {CLEARER: CrySyS Laboratory Security and Privacy Research Roadmap},
   booktitle = {Proceedings of the First SysSec Workshop SysSec 2011},
   publisher = {SysSec},
   address = { Amsterdam, The Netherlands},
   month = {July 6},
   year = {2011},
   pages = {73-76}
}

Abstract

Cryptography - the strongest chain element in the practice of cyber security

B. Bencsáth, L. Buttyán

Kiberbiztonsági Konferencia, ZMNE, November 25, 2011.

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Levente Buttyán},
   title = {Cryptography - the strongest chain element in the practice of cyber security},
   howpublished = {Kiberbiztonsági Konferencia, ZMNE},
   month = {November 25},
   year = {2011}
}

Abstract

Detection and Recovery From Pollution Attacks in Coding Based Distributed Storage Schemes

L. Czap, L. Buttyán, I. Vajda

IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 6, November/December, 2011.

Bibtex | Abstract | PDF

@article {
   author = {László CZAP, Levente Buttyán, István VAJDA},
   title = {Detection and Recovery From Pollution Attacks in Coding Based Distributed Storage Schemes},
   journal = {IEEE Transactions on Dependable and Secure Computing},
   volume = {8},
   number = {6},
   month = {November/December},
   year = {2011}
}

Abstract

We address the problem of pollution attacks in coding based distributed storage systems. In a pollution attack, the adversary maliciously alters some of the stored encoded packets, which results in the incorrect decoding of a large part of the original data upon retrieval. We propose algorithms to detect and recover from such attacks. In contrast to existing approaches to solve this problem, our approach is not based on adding cryptographic checksums or signatures to the encoded packets, and it does not introduce any additional redundancy to the system. The results of our analysis show that our proposed algorithms are suitable for practical systems, especially in wireless sensor networks.

Formal verification of secure ad-hoc network routing protocols using deductive model-checking

T. V. Thong, L. Buttyán

Periodica Polytechnica Journal, accepted for publication, 2011.

Bibtex | Abstract

@article {
   author = {Ta Vinh Thong, Levente Buttyán},
   title = {Formal verification of secure ad-hoc network routing protocols using deductive model-checking},
   journal = {Periodica Polytechnica Journal},
   month = {accepted for publication},
   year = {2011}
}

Keywords

Automated verification, secure routing protocols, model-cheking, process calculus

Abstract

Ad-hoc networks do not rely on a pre-installed infrastructure, but they are formed by end-user devices in a self-organized manner. A consequence of this principle is that end-user devices must also perform routing functions. However, end-user devices can easily be compromised, and they may not follow the routing protocol faithfully. Such compromised and misbehaving nodes can disrupt routing, and hence, disable the operation of the network. In order to cope with this problem, several secured routing protocols have been proposed for adhoc networks. However, many of them have design flaws that still make them vulnerable to attacks mounted by compromised nodes. In this paper, we propose a formal verification method for secure ad-hoc network routing protocols that helps increasing the confidence in a protocol by providing an analysis framework that is more systematic, and hence, less error-prone than the informal analysis. Our approach is based on a new process calculus that we specifically developed for secure ad-hoc network routing protocols and a deductive proof technique. The novelty of this approach is that contrary to prior attempts to formal verification of secure ad-hoc network routing protocols, our verification method can be made fully automated.

nEther: In-guest Detection of Out-of-the-guest Malware Analyzers

G. Pék, B. Bencsáth, L. Buttyán

ACM European Workshop on System Security (EuroSec), ACM, Salzburg, Austria, April 10, 2011, pp. 1-6.

Bibtex | PDF

@inproceedings {
   author = {Gábor PÉK, Boldizsár Bencsáth, Levente Buttyán},
   title = {nEther: In-guest Detection of Out-of-the-guest Malware Analyzers},
   booktitle = {ACM European Workshop on System Security (EuroSec)},
   publisher = {ACM},
   address = {Salzburg, Austria},
   month = {April 10},
   year = {2011},
   pages = {1-6}
}

Abstract

On automating the verification of secure ad-hoc network routing protocols

T. V. Thong, L. Buttyán

Springer Telecommunication Systems, accepted for publication, 2011, pp. 1-30, Article ID: 10.1007/s11235-011-9592-3.

Bibtex | Abstract

@article {
   author = {Ta Vinh Thong, Levente Buttyán},
   title = {On automating the verification of secure ad-hoc network routing protocols},
   journal = {Springer Telecommunication Systems},
   month = {accepted for publication},
   year = {2011},
   pages = {1-30},
   note = {Article ID: 10.1007/s11235-011-9592-3}
}

Keywords

Secure routing protocols, Automated security verification, Security, Cryptography, Mobile ad-hoc networks, Wireless communication, Formal analysis, Process calculus

Abstract

Ad-hoc networks do not rely on a pre-installed infrastructure, but they are formed by end-user devices in a self-organized manner. A consequence of this principle is that end-user devices must also perform routing functions. However, end-user devices can easily be compromised, and they may not follow the routing protocol faithfully. Such compromised and misbehaving nodes can disrupt routing, and hence, disable the operation of the network. In order to cope with this problem, several secured routing protocols have been proposed for ad-hoc networks. However, many of them have design flaws that still make them vulnerable to attacks mounted by compromised nodes. In this paper, we propose a fully automatic verification method for secure adhoc network routing protocols that helps increasing the con- fidence in a protocol by providing an analysis framework that is more systematic, and hence, less error-prone than the informal analysis. Our method is based on a deductive proof technique and a backward reachability approach. The main novelty of this approach compared to the prior works is that beside providing expressive semantics and syntax for modelling and specifying secure routing protocols, it assumes an arbitrary topology, and a strong attacker model.

Optimal Selection of Sink Nodes in Wireless Sensor Networks in Adversarial Environments

A. Laszka, L. Buttyán, D. Szeszlér

IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN), 2011, pp. 1-6, Lucca, Italy, June 20.

Bibtex | Abstract | PDF

@conference {
   author = {Aron Laszka, Levente Buttyán, Dávid Szeszlér},
   title = {Optimal Selection of Sink Nodes in Wireless Sensor Networks in Adversarial Environments},
   booktitle = {IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN)},
   year = {2011},
   pages = {1-6},
   address = {Lucca, Italy},
   month = {June 20}
}

Abstract

In this paper, we address the problem of assigning the sink role to a subset of nodes in a wireless sensor network with a given topology such that the resulting network configuration is robust against denial-of-service type attacks such as node destruction, battery exhaustion and jamming. In order to measure robustness, we introduce new metrics based on a notion defined in [1]. We argue that our metrics are more appropriate to measure the robustness of network configurations than the widely known connectivity based metrics. We formalize the problem of selecting the sink nodes as an optimization problem aiming at minimizing the deployment budget while achieving a certain level of robustness. We propose an efficient greedy heuristic algorithm that approximates the optimal solution reasonably well. [1] W. H. Cunningham, “Optimal attack and reinforcement of a network,” J. ACM, vol. 32, no. 3, pp. 549–561, 1985.

Recent advances in targeted malware attacks

B. Bencsáth, L. Buttyán, G. Pék, M. Felegyhazi

Fókuszban a CrySyS Lab. , December 14, 2011.

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK, Mark Felegyhazi},
   title = {Recent advances in targeted malware attacks },
   howpublished = {Fókuszban a CrySyS Lab. },
   month = {December 14},
   year = {2011}
}

Abstract

Recent advances in targeted malware attacks

B. Bencsáth, L. Buttyán, G. Pék, M. Felegyhazi

Schönherz - Simonyi Szakkollégium ., December 13, 2011.

Bibtex

@misc {
   author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK, Mark Felegyhazi},
   title = {Recent advances in targeted malware attacks },
   howpublished = {Schönherz - Simonyi Szakkollégium .},
   month = {December 13},
   year = {2011}
}

Abstract

VeRA - Version Number and Rank Authentication in RPL

L. Buttyán, T. Holczer, A. Dvir

7th IEEE International Workshop on Wireless and Sensor Networks Security, IEEE, Valencia, Spain, October 17-22, 2011, pp. 709 - 714.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, Tamas Holczer, Amit Dvir},
   title = {VeRA - Version Number and Rank Authentication in RPL},
   booktitle = {7th IEEE International Workshop on Wireless and Sensor Networks Security},
   publisher = {IEEE},
   address = {Valencia, Spain},
   month = {October 17-22},
   year = {2011},
   pages = {709 - 714}
}

Abstract

Designing a routing protocol for large low-power and lossy networks (LLNs), consisting of thousands of con-strained nodes and unreliable links, presents new challenges. The IPv6 Routing Protocol for Low-power and Lossy Networks (RPL), have been developed by the IETF ROLL Working Group as a preferred routing protocol to provide IPv6 routing functionality in LLNs. RPL provides path diversity by building and maintaining directed acyclic graphs (DAG) rooted at one (or more) gateway. However, an adversary that impersonates a gateway or has compromised one of the nodes close to the gateway can divert a large part of network traffic forward itself and/or exhaust the nodes’ batteries. Therefore in RPL, special security care must be taken when the Destination Oriented Directed Acyclic Graph (DODAG) root is updating the Version Number by which reconstruction of the routing topology can be initiated. The same care also must be taken to prevent an internal attacker (compromised DODAG node) to publish decreased Rank value, which causes a large part of the DODAG to connect to the DODAG root via the attacker and give it the ability to eavesdrop a large part of the network traffic forward itself. Unfortunately, the currently available security services in RPL will not protect against a compromised internal node that can construct and disseminate fake messages. In this paper, a new security service is described that prevents any misbehaving node from illegitimately increasing the Version Number and compromise illegitimate decreased Rank values.

XCS based hidden firmware modification on embedded devices

B. Bencsáth, L. Buttyán, T. Paulik

Proceedings of the IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom), IEEE, Split-Hvar-Dubrovnik, September 15-17, 2011, pp. 1-6.

Bibtex

@inproceedings {
   author = {Boldizsár Bencsáth, Levente Buttyán, Tamás Paulik},
   title = {XCS based hidden firmware modification on embedded devices},
   booktitle = {Proceedings of the IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom)},
   publisher = {IEEE},
   address = {Split-Hvar-Dubrovnik},
   month = {September 15-17},
   year = {2011},
   pages = {1-6}
}

Abstract

2010

Application of Wireless Sensor Networks in Critical Infrastructure Protection -- Challenges and Design Options

L. Buttyán, D. Gessner, A. Hessler, P. Langendoerfer

IEEE Wireless Communications Magazine, vol. 17, no. 5, October, 2010, pp. 44 - 49.

Bibtex | Abstract

@article {
   author = {Levente Buttyán, Dennis Gessner, Alban Hessler, Peter Langendoerfer},
   title = {Application of Wireless Sensor Networks in Critical Infrastructure Protection -- Challenges and Design Options},
   journal = {IEEE Wireless Communications Magazine},
   volume = {17},
   number = {5},
   month = {October},
   year = {2010},
   pages = {44 - 49}
}

Abstract

The protection of critical infrastructures provides an interesting application area for wireless sensor networks. Threats such as natural catastrophes, criminal or terrorist attacks against CIs are increasingly reported. The large-scale nature of CIs requires a scalable and low-cost technology for improving CI monitoring and surveillance. WSNs are a promising candidate to fulfill these requirements, but if the WSN becomes part of the CI in order to improve its reliability, then the dependability of the WSN itself needs to be significantly improved first. In this article we discuss the challenges and potential solutions to achieve dependability of WSNs taking into account accidental failures as well as intentional attacks. We inspect the whole system starting from individual sensor nodes via the protocol stack to the middleware layer above.

Barter Trade Improves Message Delivery in Opportunistic Networks

I. Vajda, M. Felegyhazi, L. Dóra, L. Buttyán

Elsevier Ad Hoc Networks, vol. 8, no. 1, January 10, 2010, pp. 1-14.

Bibtex | Abstract | PDF

@article {
   author = {István VAJDA, Mark Felegyhazi, László DÓRA, Levente Buttyán},
   title = {Barter Trade Improves Message Delivery in Opportunistic Networks},
   journal = {Elsevier Ad Hoc Networks},
   volume = {8},
   number = {1},
   month = {January 10},
   year = {2010},
   pages = {1-14}
}

Abstract

In opportunistic networks, selfish nodes can exploit the services provided by other nodes by downloading messages that interest them, but refusing to store and distribute messages for the benefit of other nodes. We propose a mechanism to discourage selfish behavior based on the principles of barter. We develop a game-theoretic model in which we show that the proposed approach indeed stimulates cooperation of the nodes. The results show that, in practical scenarios, the message delivery rate considerably increases, if the mobile nodes follow the Nash Equilibrium strategy in the proposed mechanism compared to the data dissemination protocol when no encouraging mechanism is present.

Cross-layer security and resilience in wireless mesh networks

A. Traganitis, V. Siris, L. Dóra, L. Buttyán, B. Bencsáth, I. Askoxylakis

N. Zorba, C. Skianis, and C. Verikoukis (eds), Cross Layer Designs in WLAN Systems, Troubador Publishing Ltd, Emerging Communication and Service Technologies Series, 2010.

Bibtex

@inbook {
   author = {A. Traganitis, Vasilios SIRIS, László DÓRA, Levente Buttyán, Boldizsár Bencsáth, Ioannis ASKOXYLAKIS},
   editor = {N. Zorba, C. Skianis, and C. Verikoukis (eds)},
   title = {Cross-layer security and resilience in wireless mesh networks},
   publisher = {Cross Layer Designs in WLAN Systems, Troubador Publishing Ltd, Emerging Communication and Service Technologies Series},
   year = {2010}
}

Abstract

Decision and Game Theory for Security

T. Alpcan, L. Buttyán, J. Baras

vol. LNCS 6442, Springer, 2010.

Bibtex

@book {
   author = {Tansu Alpcan, Levente Buttyán, John Baras},
   title = {Decision and Game Theory for Security},
   volume = {LNCS 6442},
   publisher = {Springer},
   year = {2010}
}

Abstract

Fast Certificate-based Authentication Scheme in Multi-operator maintained Wireless Mesh Networks

M. Petrocchi, F. Martinelli, L. Dóra, L. Buttyán

Elsevier Computer Communications, vol. 33, April, 2010, pp. 907-922.

Bibtex | Abstract | PDF

@article {
   author = {Marinella PETROCCHI, Fabio MARTINELLI, László DÓRA, Levente Buttyán},
   title = {Fast Certificate-based Authentication Scheme in Multi-operator maintained Wireless Mesh Networks},
   journal = {Elsevier Computer Communications},
   volume = {33},
   month = {April},
   year = {2010},
   pages = {907-922}
}

Abstract

In this paper, we consider QoS aware mesh networks that are maintained by multiple operators and they cooperate in the provision of networking services to the mesh clients. In order to support mobile users and seamless handover between the access points, the authentication delay has to be reduced. Many proposed fast authentication schemes rely on trust models that are not appropriate in a multi-operator environment. In this paper, we propose two certificate-based authentication schemes such that the authentication is performed locally between the access point and the mesh client. We assume that the access point is always a constrained device, and we propose different mechanisms for mesh clients with different computational performance. For constrained devices, we propose a mechanism where weak keys are used for digital signatures to decrease the latency of the authentication. The authenticity of the weak keys are provided by short-term certificates issued by the owner of the key. The short-term certificate has the digital signature generated by the owner's long-term key. We prove formally that the use of our weak key mechanism on the mesh client side is as secure as the use of some stronger keys. We perform a detailed performance evaluation on our proof-of-concept implementation, and we also compare our solution to the current standard methods.

Formal verification of secure ad-hoc network routing protocols using deductive model-checking

L. Buttyán, T. V. Thong

Proceedings of the IFIP Wireless and Mobile Networking Conference (WMNC), IFIP, Budapest, Hungary, October 18-20, 2010, pp. 1-6.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, Ta Vinh Thong},
   title = {Formal verification of secure ad-hoc network routing protocols using deductive model-checking},
   booktitle = {Proceedings of the IFIP Wireless and Mobile Networking Conference (WMNC)},
   publisher = {IFIP},
   address = {Budapest, Hungary},
   month = {October 18-20},
   year = {2010},
   pages = {1-6}
}

Abstract

Ad-hoc networks do not rely on a pre-installed infrastructure, but they are formed by end-user devices in a self-organized manner. A consequence of this principle is that end-user devices must also perform routing functions. However, end-user devices can easily be compromised, and they may not follow the routing protocol faithfully. Such compromised and misbehaving nodes can disrupt routing, and hence, disable the operation of the network. In order to cope with this problem, several secured routing protocols have been proposed for adhoc networks. However, many of them have design flaws that still make them vulnerable to attacks mounted by compromised nodes. In this paper, we propose a formal verification method for secure ad-hoc network routing protocols that helps increasing the confidence in a protocol by providing an analysis framework that is more systematic, and hence, less error-prone than the informal analysis. Our approach is based on a new process calculus that we specifically developed for secure ad-hoc network routing protocols and a deductive proof technique. The novelty of this approach is that contrary to prior attempts to formal verification of secure ad-hoc network routing protocols, our verification method can be made fully automated.

Misbehaving Router Detection in Link-state Routing for Wireless Mesh Networks

L. Dóra, L. Buttyán, G. Ács

In Proceedings of the Second IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'10), Montreal, Canada, June 14-17, 2010.

Bibtex | Abstract | PDF

@inproceedings {
   author = {László DÓRA, Levente Buttyán, Gergely Ács},
   title = {Misbehaving Router Detection in Link-state Routing for Wireless Mesh Networks},
   booktitle = {In Proceedings of the Second IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'10)},
   address = {Montreal, Canada},
   month = {June 14-17},
   year = {2010}
}

Abstract

In this paper, we address the problem of detecting misbehaving routers in wireless mesh networks and avoiding them when selecting routes. We assume that link-state routing is used, and we essentially propose a reputation system, where trusted gateway nodes compute Node Trust Values for the routers, which are fed back into the system and used in the route selection procedure. The computation of the Node Trust Values is based on packet counters maintained in association with each route and reported to the gateways by the routers in a regular manner. The feedback mechanism is based on limited scope flooding. The received Node Trust Values concerning a given router are aggregated, and the aggregate trust value of the router determines the probability with which that router is kept in the topology graph used for route computation. Hence, less trusted routers are excluded from the topology graph with higher probability, while the route selection still runs on a weighted graph (where the weights are determined by the announced link qualities), and it does not need to be changed. We evaluated the performance of our solution by means of simulations. The results show that our proposed mechanism can detect misbehaving routers reliably, and thanks to the feedback and the exclusion of the accused nodes from the route selection, we can decrease the number of packets dropped due to router misbehavior considerably. At the same time, our mechanism only slightly increases the average route length.

PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks

L. Buttyán, P. Schaffer

International Journal of Distributed Sensor Networks, vol. 2010, no. Article ID 679205, 2010.

Bibtex | Abstract

@article {
   author = {Levente Buttyán, Peter Schaffer},
   title = {PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks},
   journal = {International Journal of Distributed Sensor Networks},
   volume = {2010},
   number = {Article ID 679205},
   year = {2010}
}

Abstract

We introduce PANEL a position-based aggregator node election protocol for wireless sensor networks. The novelty of PANEL with respect to other aggregator node election protocols is that it supports asynchronous sensor network applications where the sensor readings are fetched by the base stations after some delay. In particular, the motivation for the design of PANEL was to support reliable and persistent data storage applications, such as TinyPEDS; see the study by Girao et al. (2007). PANEL ensures load balancing, and it supports intra and intercluster routing allowing sensor-to-aggregator, aggregator-to-aggregator, base station-toaggregator, and aggregator to-base station communications. We also compare PANEL with HEED; see the study by Younis and Fahmy (2004) in the simulation environment provided by TOSSIM, and show that, on one hand, PANEL creates more cohesive clusters than HEED, and, on the other hand, that PANEL is more energy efficient than HEED.

Perfectly Anonymous Data Aggregation in Wireless Sensor Networks

T. Holczer, L. Buttyán

Proceedings of The 7th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2010), IEEE, San Francisco, November 8-12, 2010.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Tamas Holczer, Levente Buttyán},
   title = {Perfectly Anonymous Data Aggregation in Wireless Sensor Networks},
   booktitle = {Proceedings of The 7th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2010)},
   publisher = {IEEE},
   address = {San Francisco},
   month = {November 8-12},
   year = {2010}
}

Abstract

Clustering and data aggregation in wireless sensor networks improves scalability, and helps the efficient use of scarce resources. Yet, these mechanisms also introduce some security issues; in particular, aggregator nodes become attractive targets of physical destruction and jamming attacks. In order to mitigate this problem, we propose a new private aggregator node election protocol that hides the identity of the elected aggregator nodes both from external eavesdroppers and from compromised nodes participating in the protocol. We also propose a private data aggregation protocol and a corresponding private query protocol which allows the aggregators to collect sensor readings and respond to queries of the base station, respectively, without revealing any useful information about their identity to external eavesdroppers and to compromised nodes.

Pollution Attack Defense for Coding Based Sensor Storage

L. Buttyán, L. Czap, I. Vajda

Proceedings of the International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC), IEEE, California, USA, June 7-9, 2010.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, László CZAP, István VAJDA},
   title = {Pollution Attack Defense for Coding Based Sensor Storage},
   booktitle = {Proceedings of the International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC)},
   publisher = {IEEE},
   address = {California, USA},
   month = {June 7-9},
   year = {2010}
}

Abstract

We present a novel information theoretic approach to make network coding based storage secure against pollution attacks in sensor networks. The approach is based on a new decoding algorithm which makes it possible to find adversarial blocks using one more encoded block than strictly necessary for decoding. Our scheme fits well to the requirements of sensor networks, because it operates without adding either computational or communication overhead to source and storage nodes, only the collector node needs to perform some additional computation. Our approach does not apply cryptography, hence it works in environments where no pre-shared keys, secure channels or PKI are available, which is often the case in sensor networks.

Security Analysis of Reliable Transport Layer Protocols for Wireless Sensor Networks

L. Buttyán, L. Csik

Proceedings fof the IEEE Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS), IEEE, Seattle, USA, March 21-25, 2010, pp. 1-6.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, László Csik},
   title = {Security Analysis of Reliable Transport Layer Protocols for Wireless Sensor Networks},
   booktitle = {Proceedings fof the IEEE Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS)},
   publisher = {IEEE},
   address = {Seattle, USA},
   month = {March 21-25},
   year = {2010},
   pages = {1-6}
}

Abstract

End-to-end reliability of communications is an important requirement in many applications of wireless sensor networks. For this reason, a number of reliable transport protocols specifically designed for wireless sensor networks have been proposed in the literature. Besides providing end-to-end reliability, some of those protocols also address the problems of fairness and congestion control, and they are all optimized for low energy consumption. However, in this paper, we show that most of those protocols completely neglect security issues. As a consequence, they ensure reliable communications and low energy consumption only in a benign environment, but they fail in a hostile environment, where an adversary can forge or replay control packets of the protocol. More specifically, our analysis shows that control packet injection and replay can cause permanent loss of data packets, and thus, such misdeeds make the hitherto reliable protocol unreliable. In addition, even if the protocol can recover from such an attack, the recovery overhead caused by forged or replayed control packets can be large, which gives an opportunity for energy depletion attacks.

2009

Security of Communication Networks (In Hungarian)

B. Bencsáth, L. Buttyán, I. Vajda

Híradástechnika, vol. LXIV, August, 2009..

Bibtex

@article {
   author = {Boldizsár Bencsáth, Levente Buttyán, István VAJDA},
   title = {Security of Communication Networks (In Hungarian)},
   journal = {Híradástechnika},
   volume = {LXIV},
   month = {August},
   year = {2009.}
}

Abstract

An Authentication Scheme for QoS-aware Multi-operator maintained Wireless Mesh Networks

L. Dóra, L. Buttyán

In Proceedings of the First IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'09), IEEE, Kos, Greece, June 15, 2009.

Bibtex | Abstract | PDF

@inproceedings {
   author = {László DÓRA, Levente Buttyán},
   title = {An Authentication Scheme for QoS-aware Multi-operator maintained Wireless Mesh Networks},
   booktitle = {In Proceedings of the First IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'09)},
   publisher = {IEEE},
   address = {Kos, Greece},
   month = {June 15},
   year = {2009}
}

Abstract

In this paper, we consider QoS aware mesh networks that are maintained by multiple operators and they cooperate in the provision of networking services to the mesh clients. In order to support mobile users and seamless handover between the access points, the authentication delay has to be reduced. Many proposed fast authentication schemes rely on trust models that are not appropriate in multi-operator environment. Here, we propose two certificate based authentication schemes such that the authentication is performed locally between the access point and the mesh client. We consider both powerful and constraint mesh clients and we propose certificate sets to decrease the authentication latency. We compare our proof-of-concept implementation to current widely used authentication methods like EAP-TLS, and we conclude that our proposed authentication scheme is considerably faster in all considered scenarios.

Consistency verification of stateful firewalls is not harder than the stateless case

L. Buttyán, G. Pék, T. V. Thong

Infocommunications Journal, vol. LXIV, no. 2009/2-3, March, 2009, pp. 1-8.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, Gábor PÉK, Ta Vinh Thong},
   title = {Consistency verification of stateful firewalls is not harder than the stateless case},
   journal = {Infocommunications Journal},
   volume = {LXIV},
   number = {2009/2-3},
   month = {March},
   year = {2009},
   pages = {1-8}
}

Keywords

Stateful firewall, FIREMAN, verification, security, inconsistency

Abstract

Firewalls play an important role in the enforcement of access control policies in contemporary networks. However, firewalls are effective only if they are configured correctly such that their access control rules are consistent and the firewall indeed implements the intended access control policy. Unfortunately, due to the potentially large number of rules and their complex relationships with each other, the task of firewall configuration is notoriously error-prone, and in practice, firewalls are often misconfigured leaving security holes in the protection system. In this paper, we address the problem of consistency verification of stateful firewalls that keep track of already existing connections. For the first sight, the consistency verification of stateful firewalls appears to be harder than that of stateless firewalls. We show that, in fact, this is not the case: consistency verification of stateful firewalls can be reduced to the stateless case, and hence, they have the same complexity. We also report on our prototype implemetation of an automated consistency verification tool that can handle stateful firewalls.

CORA: Correlation-based Resilient Aggregation in Sensor Networks

L. Buttyán, P. Schaffer, I. Vajda

Elsevier Ad Hoc Networks, vol. 7, no. 6, 2009, pp. 1035-1050.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, Peter Schaffer, István VAJDA},
   title = {CORA: Correlation-based Resilient Aggregation in Sensor Networks},
   journal = {Elsevier Ad Hoc Networks},
   volume = {7},
   number = {6},
   year = {2009},
   pages = {1035-1050}
}

Abstract

In this paper, we consider the problem of resilient data aggregation in sensor networks, namely, how to aggregate sensor readings collected by the base station when some of those sensor readings may be compromised. Note that an attacker can easily compromise the reading of a sensor by altering the environmental parameters measured by that sensor. We present a statistical framework that is designed to mitigate the effects of the attacker on the output of the aggregation function. The main novelty of our approach compared to most prior work on resilient data aggregation is that we take advantage of the naturally existing correlation between the readings produced by different sensors. In particular, we show how spatial correlation can be represented in the sensor network data model, and how it can be exploited to increase the resilience of data aggregation. The algorithms presented in this paper are flexible enough to be applied without any special assumption on the distribution of the sensor readings or on the strategy of the attacker. The effectiveness of the algorithms is evaluated analytically considering a typical attacker model with various parameters, and by means of simulation considering a sophisticated attacker.

On the security of communication network: now and tomorrow

B. Bencsáth, L. Buttyán, I. Vajda

Infocommunications Journal, vol. LXIV., no. no. 4., 2009, pp. pp. 3-7..

Bibtex

@article {
   author = {Boldizsár Bencsáth, Levente Buttyán, István VAJDA},
   title = {On the security of communication network: now and tomorrow},
   journal = {Infocommunications Journal},
   volume = {LXIV.},
   number = {no. 4.},
   year = {2009},
   pages = {pp. 3-7.}
}

Abstract

Private Cluster Head Election in Wireless Sensor Networks

T. Holczer, L. Buttyán

Proceedings of the Fifth IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'09), IEEE, IEEE, Macau SAR, PRC, October 12 , 2009, pp. 1048-1053.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Tamas Holczer, Levente Buttyán},
   title = {Private Cluster Head Election in Wireless Sensor Networks},
   booktitle = {Proceedings of the Fifth IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'09)},
   organization = {IEEE},
   publisher = {IEEE},
   address = {Macau SAR, PRC},
   month = {October 12 },
   year = {2009},
   pages = {1048-1053}
}

Abstract

Clustering is a useful mechanism in wireless sensor networks that helps to cope with scalability problems and, if combined with in-network data aggregation, may increase the energy efficiency of the network. At the same time, by assigning a special role to the cluster head nodes, clustering makes the network more vulnerable to attacks. In particular, disabling a cluster head by physical destruction or jamming may render the entire cluster inoperable temporarily until the problem is detected and a new cluster head is elected. Hence, the cluster head nodes may be attractive targets of attacks, and one would like to make it difficult for an adversary to identify them. The adversary can try to identify the cluster head nodes in various ways, including the observation of the cluster head election process itself and the analysis of the traffic patterns after the termination of the cluster head election. In this paper, we focus on the former problem, which we call the private cluster head election problem. This problem has been neglected so far, and as a consequence, existing cluster head election protocols leak too much information making the identification of the elected cluster head nodes easy even for a passive external observer. We propose the first private cluster head election protocol for wireless sensor networks that is designed to hide the identity of the elected cluster head nodes from an adversary that can observe the execution of the protocol.

Securing Multi-operator Based QoS-aware Mesh Networks: Requirements and Design Options

I. Vajda, D. Szili, V. Siris, L. Dóra, L. Buttyán, B. Bencsáth, I. Askoxylakis

Wireless Communications and Mobile Computing (Special Issue on QoS and Security in Wireless Networks), vol. 10, no. 5, 2009, pp. 622-646.

Bibtex | Abstract | PDF

@article {
   author = {István VAJDA, Dávid SZILI, Vasilios SIRIS, László DÓRA, Levente Buttyán, Boldizsár Bencsáth, Ioannis ASKOXYLAKIS},
   title = {Securing Multi-operator Based QoS-aware Mesh Networks: Requirements and Design Options},
   journal = {Wireless Communications and Mobile Computing (Special Issue on QoS and Security in Wireless Networks)},
   volume = {10},
   number = {5},
   year = {2009},
   pages = {622-646}
}

Abstract

Wireless mesh networking allows network operators and service providers to offer nearly ubiquitous broadband access at a low cost to customers. In this paper, we focus on QoS-aware mesh networks operated by multiple operators in a cooperative manner. In particular, we identify the general security requirements of such networks and we give an overview on the available design options for a security architecture aiming at satisfying those requirements. More specifically, we consider the problems of mesh client authentication and access control, protection of wireless communications, securing the routing, key management, and intrusion and misbehavior detection and recovery. Our aim is to structure this rich problem domain and to prepare the grounds for the design of a practically usable security architecture.

SLOW: A Practical Pseudonym Changing Scheme for Location Privacy in VANETs

W. Whyte, A. Weimerskirch, T. Holczer, L. Buttyán

Proceedings of the IEEE Vehicular Networking Conference, IEEE, IEEE, Tokyo, Japan, October 28-29, 2009, pp. 1-8.

Bibtex | Abstract | PDF

@inproceedings {
   author = {William Whyte, Andre Weimerskirch, Tamas Holczer, Levente Buttyán},
   title = {SLOW: A Practical Pseudonym Changing Scheme for Location Privacy in VANETs},
   booktitle = {Proceedings of the IEEE Vehicular Networking Conference},
   organization = {IEEE},
   publisher = {IEEE},
   address = {Tokyo, Japan},
   month = {October 28-29},
   year = {2009},
   pages = {1-8}
}

Abstract

Untraceability of vehicles is an important requirement in future vehicle communications systems. Unfortunately, heartbeat messages used by many safety applications provide a constant stream of location data, and without any protection measures, they make tracking of vehicles easy even for a passive eavesdropper. One commonly known solution is to transmit heartbeats under pseudonyms that are changed regularly in order to obfuscate the trajectory of vehicles. However, this approach is effective only if some silent period is kept during the pseudonym change and several vehicles change their pseudonyms nearly at the same time and at the same location. Unlike previous works that proposed explicit synchronization between a group of vehicles and/or required pseudonym change in a designated physical area (i.e., a static mix zone), we propose a much simpler approach that does not need any explicit cooperation between vehicles and any infrastructure support. Our basic idea is that vehicles should not transmit heartbeat messages when their speed drops below a given threshold, say 30 km/h, and they should change pseudonym during each such silent period. This ensures that vehicles stopping at traffic lights or moving slowly in a traffic jam will all refrain from transmitting heartbeats and change their pseudonyms nearly at the same time and location. Thus, our scheme ensures both silent periods and synchronized pseudonym change in time and space, but it does so in an implicit way. We also argue that the risk of a fatal accident at a slow speed is low, and therefore, our scheme does not seriously impact safety-of- life. In addition, refraining from sending heartbeat messages when moving at low speed also relieves vehicles of the burden of verifying a potentially large amount of digital signatures, and thus, makes it possible to implement vehicle communications with less expensive equipments.

2008

PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks

L. Buttyán, P. Schaffer

International Journal of Distributed Sensor Networks, September, 2008.

Bibtex | Abstract

@article {
   author = {Levente Buttyán, Peter Schaffer},
   title = {PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks},
   journal = {International Journal of Distributed Sensor Networks},
   month = {September},
   year = {2008}
}

Abstract

In this paper, we introduce PANEL, a position-based aggregator node election protocol for wireless sensor networks. The novelty of PANEL with respect to other aggregator node election protocols is that it supports asynchronous sensor network applications where the sensor readings are fetched by the base stations after some delay. In particular, the motivation for the design of PANEL was to support reliable and persistent data storage applications, such as TinyPEDS. PANEL ensures load balancing, and it supports intra- and inter-cluster routing allowing sensor to aggregator, aggregator to aggregator, base station to aggregator, and aggregator to base station communications. We also compare PANEL with HEED in the simulation environment provided by TOSSIM, and show that, on the one hand, PANEL creates more cohesive clusters than HEED, and, on the other hand, that PANEL is more energy efficient than HEED.

Secure vehicular communication systems: design and architecture

J. P. Hubaux, A. Kung, F. Kargl, Z. Ma, M. Raya, J. Freudiger, E. Schoch, T. Holczer, L. Buttyán, P. Papadimitratos

IEEE Communications Magazine, vol. 46, no. 11, November, 2008, pp. 100-109.

Bibtex | Abstract | PDF

@article {
   author = {Jean-Pierre Hubaux, Antonio Kung, Frank Kargl, Zhendong Ma, Maxim Raya, Julien Freudiger, Elmar Schoch, Tamas Holczer, Levente Buttyán, Panagiotis Papadimitratos},
   title = {Secure vehicular communication systems: design and architecture},
   journal = {IEEE Communications Magazine},
   volume = {46},
   number = {11},
   month = {November},
   year = {2008},
   pages = {100-109}
}

Abstract

Significant developments have taken place over the past few years in the area of vehicular communication systems. Now, it is well understood in the community that security and protection of private user information are a prerequisite for the deployment of the technology. This is so precisely because the benefits of VC systems, with the mission to enhance transportation safety and efficiency, are at stake. Without the integration of strong and practical security and privacy enhancing mechanisms, VC systems can be disrupted or disabled, even by relatively unsophisticated attackers. We address this problem within the SeVeCom project, having developed a security architecture that provides a comprehensive and practical solution. We present our results in a set of two articles in this issue. In this first one, we analyze threats and types of adversaries, identify security and privacy requirements, and present a spectrum of mechanisms to secure VC systems. We provide a solution that can be quickly adopted and deployed. In the second article we present our progress toward the implementation of our architecture and results on the performance of the secure VC system, along with a discussion of upcoming research challenges and our related current results.

Secure vehicular communication systems: implementation, performance, and research challenges

J. P. Hubaux, A. Kung, A. Held, G. Calandriello, T. V. Thong, B. Wiedersheim, E. Schoch, M. Müter, L. Buttyán, P. Papadimitratos, F. Kargl

IEEE Communications Magazine, vol. 46, no. 11, November, 2008, pp. 110-118.

Bibtex | Abstract | PDF

@article {
   author = {Jean-Pierre Hubaux, Antonio Kung, Albert Held, Giorgo Calandriello, Ta Vinh Thong, Björn Wiedersheim, Elmar Schoch, Michael Müter, Levente Buttyán, Panagiotis Papadimitratos, Frank Kargl},
   title = {Secure vehicular communication systems: implementation, performance, and research challenges},
   journal = {IEEE Communications Magazine},
   volume = {46},
   number = {11},
   month = {November},
   year = {2008},
   pages = {110-118}
}

Abstract

Vehicular communication systems are on the verge of practical deployment. Nonetheless, their security and privacy protection is one of the problems that have been addressed only recently. In order to show the feasibility of secure VC, certain implementations are required. we discuss the design of a VC security system that has emerged as a result of the European SeVe-Com project. In this second article we discuss various issues related to the implementation and deployment aspects of secure VC systems. Moreover, we provide an outlook on open security research issues that will arise as VC systems develop from today's simple prototypes to full-fledged systems.

Securing Coding Based Distributed Storage in Wireless Sensor Networks

L. Buttyán, L. Czap, I. Vajda

IEEE Workshop on Wireless and Sensor Network Security (WSNS), Atlanta, Georgia, USA, September 29-October 2, 2008.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, László CZAP, István VAJDA},
   title = {Securing Coding Based Distributed Storage in Wireless Sensor Networks},
   booktitle = {IEEE Workshop on Wireless and Sensor Network Security (WSNS)},
   address = {Atlanta, Georgia, USA},
   month = {September 29-October 2},
   year = {2008}
}

Abstract

We address the problem of pollution attacks in coding based distributed storage systems proposed for wireless sensor networks. In a pollution attack, the adversary maliciously alters some of the stored encoded packets, which results in the incorrect decoding of a large part of the original data upon retrieval. We propose algorithms to detect and recover from such attacks. In contrast to existing approaches to solve this problem, our approach is not based on adding cryptographic checksums or signatures to the encoded packets. We believe that our proposed algorithms are suitable in practical systems.

Security and Cooperation in Wireless Networks

L. Buttyán, J. P. Hubaux

Cambridge University Press, 2008.

Bibtex

@book {
   author = {Levente Buttyán, Jean-Pierre Hubaux},
   title = {Security and Cooperation in Wireless Networks},
   publisher = {Cambridge University Press},
   year = {2008}
}

Abstract

Security API analysis with the spi-calculus

L. Buttyán, T. V. Thong

Hiradástechnika, vol. LXIII, January, 2008, pp. 16-21.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, Ta Vinh Thong},
   title = {Security API analysis with the spi-calculus},
   journal = {Hiradástechnika},
   volume = {LXIII},
   month = {January},
   year = {2008},
   pages = {16-21}
}

Keywords

Security API, Spi-calculus, Verification

Abstract

API level vulnerabilities of hardware security modules represent a serious threat, thus, discovering and patching security holes in APIs are important. In this paper, we argue and illustrate that the application of formal verification methods is a promising approach for API analysis. In particular, we propose an API verification method based on process algebra. The proposed method seems to be extremely wellsuited for API analysis as it allows for the straightforward modelling of the API, the precise definition of the security requirements, and the rigorous verification of the security properties offered by the API.

2007

An User Authentication Scheme for Fast Handover Between WiFi Access Points

A. Bohák, L. Buttyán, L. Dóra

In Proceedings of the Third Annual International Wireless Internet Conference, ACM, Austin, Texas, USA, October 22-23, 2007, pp. 1-6, (invited paper).

Bibtex | Abstract | PDF

@inproceedings {
   author = {András BOHÁK, Levente Buttyán, László DÓRA},
   title = {An User Authentication Scheme for Fast Handover Between WiFi Access Points},
   booktitle = {In Proceedings of the Third Annual International Wireless Internet Conference},
   publisher = {ACM},
   address = {Austin, Texas, USA},
   month = {October 22-23},
   year = {2007},
   pages = {1-6},
   note = {(invited paper)}
}

Abstract

In this paper, we propose an authentication scheme that is designed to reduce the authentication delay during a WiFi handover process. We observe that the largest part of the delay is due to the remote communications between the access point and the AAA server that authorizes the access to the network. In order to eliminate remote communications, our scheme uses pre-authorization, and it pre-distributes authentication information to the access points that are the potential targets of a future handover. This ensures that only local communications (between the mobile station and the access point) take place during the handover itself. We describe the design of our scheme, as well as report on a proof-of-concept implementation. Our validation results show that our scheme breaks the dependency of the authentication delay on the round-trip time between the access point and the AAA server. This makes our scheme applicable in real time applications such as telephony and video streaming for WiFi users.

Architecture for Secure and Private Vehicular Communications

P. Papadimitratos, L. Buttyán, J. P. Hubaux, F. Kargl, A. Kung, M. Raya

Proceedings of the International Conference on ITS Telecommunications (ITST), -, Sophia Antipolis, France, June 6-8, , 2007, pp. 1-6.

Bibtex | Abstract

@inproceedings {
   author = {Panagiotis Papadimitratos, Levente Buttyán, Jean-Pierre Hubaux, Frank Kargl, Antonio Kung, Maxim Raya},
   title = {Architecture for Secure and Private Vehicular Communications},
   booktitle = {Proceedings of the International Conference on ITS Telecommunications (ITST)},
   publisher = {-},
   address = {Sophia Antipolis, France},
   month = {June 6-8, },
   year = {2007},
   pages = {1-6}
}

Abstract

The deployment of vehicular communication (VC) systems is strongly dependent on their security and privacy features. In this paper, we propose a security architecture for VC. The primary objectives of the architecture include the management of identities and cryptographic keys, the security of communications, and the integration of privacy enhancing technologies. Our design approach aims at a system that relies on well-understood components which can be upgraded to provide enhanced security and privacy protection in the future. This effort is undertaken by SeVeCom (http://www.sevecom.org), a transversal project providing security and privacy enhancing mechanisms compatible with the VC technologies currently under development by all EU funded projects.

Barter-based cooperation in delay-tolerant personal wireless networks

L. Buttyán, L. Dóra, M. Felegyhazi, I. Vajda

In Proceedings of the First IEEE WoWMoM Workshop on Autonomic and Opportunistic Communications, IEEE Computer Society Press, Helsinki, Finland, June 18 , 2007, pp. 1-6.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, László DÓRA, Mark Felegyhazi, István VAJDA},
   title = {Barter-based cooperation in delay-tolerant personal wireless networks},
   booktitle = {In Proceedings of the First IEEE WoWMoM Workshop on Autonomic and Opportunistic Communications},
   publisher = {IEEE Computer Society Press},
   address = {Helsinki, Finland},
   month = {June 18 },
   year = {2007},
   pages = {1-6}
}

Abstract

In this paper, we consider the application of delay-tolerant networks to personal wireless communications. In these networks, selfish nodes can exploit the services provided by other nodes by downloading messages that interest them, but refusing to store and distribute messages for the benefit of other nodes. We propose a mechanism to discourage selfish behavior based on the principles of barter. We develop a game-theoretic model in which we show that the proposed approach indeed stimulates cooperation of the nodes. In addition, the results show that the individually most beneficial behavior leads to the social optimum of the system.

Biztonsági API analízis a spi-kalkulussal

L. Buttyán, T. V. Thong

Hiradástechnika, vol. LXII/8, August, 2007, pp. 43-49.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, Ta Vinh Thong},
   title = {Biztonsági API analízis a spi-kalkulussal},
   journal = {Hiradástechnika},
   volume = {LXII/8},
   month = {August},
   year = {2007},
   pages = {43-49}
}

Keywords

Biztonsági API, Formális ellenõrzés, Spi-kalkulus

Abstract

Az API szintû támadások komoly veszélyt jelentenek a hardver biztonsági modulokra nézve, ezért fontos követelmény az API-ban rejlõ biztonsági lyukak felfedezése és foltozása. Az API analízis egyik igéretes iránya a formális verifikációs módszerek alkalmazása. Cikkünkben ezt az irányt követjük, s egy processz-algebra alapú API verifikációs módszert javaslunk, mely különösen alkalmasnak látszik a biztonsági API-k mûködésének formális leírására, a biztonsági követelmények precíz definiálására, és a megfogalmazott követelmények teljesítésének ellenõrzésére. Munkánk motiválása céljából ismertetünk nénány konkrét API szintû támadást is egy a gyakorlatban elterjedten használt hardver biztonsági modul ellen. Bevezetés

Group-Based Private Authentication

G. Avoine, L. Buttyán, T. Holczer, I. Vajda

In Proceedings of the International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007), IEEE, Helsinki, Finland, Jun 18 , 2007.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gildas Avoine, Levente Buttyán, Tamas Holczer, István VAJDA},
   title = {Group-Based Private Authentication},
   booktitle = {In Proceedings of the International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007)},
   publisher = {IEEE},
   address = {Helsinki, Finland},
   month = {Jun 18 },
   year = {2007}
}

Abstract

We propose a novel authentication scheme that ensures privacy of the provers. Our scheme is based on symmetric-key cryptography, and therefore, it is well-suited to resource constrained applications in large scale environments. A typical example for such an application is an RFID system, where the provers are low-cost RFID tags, and the number of the tags can potentially be very large. We analyze the proposed scheme and show that it is superior to the well-known key-tree based approach for private authentication both in terms of privacy and efficiency.

On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs

I. Vajda, T. Holczer, L. Buttyán

In Proceedings of the Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS2007), Springer, Cambridge, UK, July 2-3, , 2007.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István VAJDA, Tamas Holczer, Levente Buttyán},
   title = {On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs},
   booktitle = {In Proceedings of the Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS2007)},
   publisher = {Springer},
   address = {Cambridge, UK},
   month = {July 2-3, },
   year = {2007}
}

Abstract

The promise of vehicular communications is to make road traffic safer and more efficient. However, besides the expected benefits, vehicular communications also introduce some privacy risk by making it easier to track the physical location of vehicles. One approach to solve this problem is that the vehicles use pseudonyms that they change with some frequency. In this paper, we study the effectiveness of this approach.We define a model based on the concept of the mix zone, characterize the tracking strategy of the adversary in this model, and introduce a metric to quantify the level of privacy enjoyed by the vehicles. We also report on the results of an extensive simulation where we used our model to determine the level of privacy achieved in realistic scenarios. In particular, in our simulation, we used a rather complex road map, generated traffic with realistic parameters, and varied the strength of the adversary by varying the number of her monitoring points. Our simulation results provide detailed information about the relationship between the strength of the adversary and the level of privacy achieved by changing pseudonyms.

PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks

L. Buttyán, P. Schaffer

In Proceedings of the 4th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS), IEEE Press, Pisa, Italy, October 8-11, 2007.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, Peter Schaffer},
   title = {PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks},
   booktitle = {In Proceedings of the 4th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS)},
   publisher = {IEEE Press},
   address = {Pisa, Italy},
   month = {October 8-11},
   year = {2007}
}

Abstract

In this paper, we introduce PANEL, a position-based aggregator node election protocol for wireless sensor networks. The novelty of PANEL with respect to other aggregator node election protocols is that it supports asynchronous sensor network applications where the sensor readings are fetched by the base stations after some delay. In particular, the motivation for the design of PANEL was to support reliable and persistent data storage applications, such as TinyPEDS. PANEL ensures load balancing, and it supports intra- and inter-cluster routing allowing sensor to aggregator, aggregator to aggregator, base station to aggregator, and aggregator to base station communications. We also present simulation results showing that PANEL is very energy efficient.

Secure Routing in Wireless Sensor Networks

G. Ács, L. Buttyán

in J. Lopez and J. Zhou (eds.): Wireless Sensor Network Security (Cryptology and Information Security Series), IOS Press, 2007.

Bibtex | Abstract

@inbook {
   author = {Gergely Ács, Levente Buttyán},
   title = {Secure Routing in Wireless Sensor Networks},
   publisher = {in J. Lopez and J. Zhou (eds.): Wireless Sensor Network Security (Cryptology and Information Security Series), IOS Press},
   year = {2007}
}

Abstract

In this chapter, we study how sensor network routing protocols can be secured. First, we describe the adversary model, the objectives of attacks against routing, as well as the different attack methods that may be used in wireless sensor networks. All these are illustrated by example attacks on well-known sensor network routing protocols. Then, we describe various countermeasures that can be used in sensor networks to secure the routing protocols. These include link layer security measures, secure neighbor discovery techniques, authenticated broadcast algorithms, and multi-path routing techniques. Finally, we illustrate the application of some of these countermeasures by presenting and explaining the operation of some secured sensor network routing protocols.

Security and Privacy in Ad Hoc and Sensor Networks

L. Buttyán, V. Gligor, D. Westhoff

vol. LNCS 4357, Springer, 2007.

Bibtex

@book {
   author = {Levente Buttyán, Virgil Gligor, Dirk Westhoff},
   title = {Security and Privacy in Ad Hoc and Sensor Networks},
   volume = {LNCS 4357},
   publisher = {Springer},
   year = {2007}
}

Abstract

The Security Proof of a Link-state Routing Protocol for Wireless Sensor Networks

I. Vajda, L. Buttyán, G. Ács

October 8-11, In Proceedings of the 3rd IEEE Workshop on Wireless and Sensor Networks Security (WSNS 2007), IEEE Press, Pisa, Italy, 2007.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István VAJDA, Levente Buttyán, Gergely Ács},
   title = {The Security Proof of a Link-state Routing Protocol for Wireless Sensor Networks},
   editor = {October 8-11},
   booktitle = {In Proceedings of the 3rd IEEE Workshop on Wireless and Sensor Networks Security (WSNS 2007)},
   organization = {IEEE Press},
   address = {Pisa, Italy},
   year = {2007}
}

Abstract

In this paper, we present a flexible and mathematically rigorous modeling framework for analyzing the security of sensor network routing protocols. Then, we demonstrate the usage of this framework by formally proving that INSENS (Intrusion-Tolerant Routing in Wireless Sensor Networks), which is a secure sensor network routing protocol proposed in the literature independently of our work, can be proven to be secure in our model.

2006

A taxonomy of routing protocols for wireless sensor networks

L. Buttyán, G. Ács

Híradástechnika, December, 2006.

Bibtex | Abstract

@article {
   author = {Levente Buttyán, Gergely Ács},
   title = {A taxonomy of routing protocols for wireless sensor networks},
   journal = {Híradástechnika},
   month = {December},
   year = {2006}
}

Abstract

Wireless sensor networks are large scale networks consisting of a large number of tiny sensor nodes and a few base stations, which communicate using multi-hop wireless communications. The design of energy efficient routing protocols for such networks is a challenging task, which has been in the focus of the sensor network research community in the recent past. This effort resulted in a huge number of sensor network routing protocols. The proposed protocols show a high variety, which stems from the diverse requirements of the various envisioned application scenarios. In this work, we propose a taxonomy of sensor network routing protocols, and classify the mainstream protocols proposed in the literature using this taxonomy. We distinguish five families of protocols based on the way the next hop is selected on the route of a message, and briefly describe the operation of a representative member from each group.

Modelling Adversaries and Security Objectives for Routing Protocols in Wireless Sensor Networks

G. Ács, L. Buttyán, I. Vajda

In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'06), October, 2006.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Ács, Levente Buttyán, István VAJDA},
   title = {Modelling Adversaries and Security Objectives for Routing Protocols in Wireless Sensor Networks},
   booktitle = {In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'06)},
   month = {October},
   year = {2006}
}

Abstract

The literature is very broad considering routing protocols in wireless sensor networks (WSNs). However, security of these routing protocols has fallen beyond the scope so far. Routing is a fundamental functionality in wireless networks, thus hostile interventions aiming to disrupt and degrade the routing service have a serious impact on the overall operation of the entire network. In order to analyze the security of routing protocols in a precise and rigorous way, we propose a formal framework encompassing the definition of an adversary model as well as the "general" definition of secure routingin sensor networks. Both definitions take into account the feasible goals and capabilities of an adversary in sensor environments and the variety of sensor routing protocols. In spirit, our formal model is based on the simulation paradigm that is a successfully used technique to prove the security of various cryptographic protocols. However, we also highlight some differences between our model and other models that have been proposed for wired or wireless networks. Finally, we illustrate the practical usage of our model by presenting the formal description of a simple attack against an authenticated routing protocol, which is based on the well-known TinyOS routing.

Optimal Key-Trees for Tree-Based Private Authentication

I. Vajda, T. Holczer, L. Buttyán

In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET), June, 2006, Springer.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István VAJDA, Tamas Holczer, Levente Buttyán},
   title = {Optimal Key-Trees for Tree-Based Private Authentication},
   booktitle = {In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET)},
   month = {June},
   year = {2006},
   note = {Springer}
}

Abstract

Key-tree based private authentication has been proposed by Molnar and Wagner as a neat way to efficiently solve the problem of privacy preserving authentication based on symmetric key cryptography. However, in the key-tree based approach, the level of privacy provided by the system to its members may decrease considerably if some members are compromised. In this paper, we analyze this problem, and show that careful design of the tree can help to minimize this loss of privacy. First, we introduce a benchmark metric for measuring the resistance of the system to a single compromised member. This metric is based on the well-known concept of anonymity sets. Then, we show how the parameters of the key-tree should be chosen in order to maximize the system's resistance to single member compromise under some constraints on the authentication delay. In the general case, when any member can be compromised, we give a lower bound on the level of privacy provided by the system. We also present some simulation results that show that this lower bound is quite sharp. The results of this paper can be directly used by system designers to construct optimal key-trees in practice; indeed, we consider this as the main contribution of our work.

Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks

I. Vajda, L. Buttyán, G. Ács

IEEE Transactions on Mobile Computing, vol. 5, no. 11, 2006.

Bibtex | Abstract

@article {
   author = {István VAJDA, Levente Buttyán, Gergely Ács},
   title = {Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks},
   journal = {IEEE Transactions on Mobile Computing},
   volume = {5},
   number = {11},
   year = {2006}
}

Keywords

Mobile ad hoc networks, secure routing, provable security

Abstract

Routing is one of the most basic networking functions in mobile ad hoc networks. Hence, an adversary can easily paralyze the operation of the network by attacking the routing protocol. This has been realized by many researchers and several "secure" routing protocols have been proposed for ad hoc networks. However, the security of those protocols has mainly been analyzed by informal means only. In this paper, we argue that flaws in ad hoc routing protocols can be very subtle, and we advocate a more systematic way of analysis. We propose a mathematical framework in which security can be precisely defined and routing protocols for mobile ad hoc networks can be proved to be secure in a rigorous manner. Our framework is tailored for on-demand source routing protocols, but the general principles are applicable to other types of protocols too. Our approach is based on the simulation paradigm, which has already been used extensively for the analysis of key establishment protocols, but, to the best of our knowledge, it has not been applied in the context of ad hoc routing so far. We also propose a new on-demand source routing protocol, called endairA, and we demonstrate the use of our framework by proving that it is secure in our model.

Providing Location Privacy in Automated Fare Collection Systems

I. Vajda, T. Holczer, L. Buttyán

In Proceedings of the 15th IST Mobile and Wireless Communication Summit, Mykonos, Greece, June, 2006.

Bibtex | PDF

@inproceedings {
   author = {István VAJDA, Tamas Holczer, Levente Buttyán},
   title = {Providing Location Privacy in Automated Fare Collection Systems},
   booktitle = {In Proceedings of the 15th IST Mobile and Wireless Communication Summit, Mykonos, Greece},
   month = {June},
   year = {2006}
}

Abstract

RANBAR: RANSAC-Based Resilient Aggregation in Sensor Networks

I. Vajda, P. Schaffer, L. Buttyán

In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), ACM Press, Alexandria, VA, USA, October, 2006.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István VAJDA, Peter Schaffer, Levente Buttyán},
   title = {RANBAR: RANSAC-Based Resilient Aggregation in Sensor Networks},
   booktitle = {In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN)},
   publisher = {ACM Press},
   address = {Alexandria, VA, USA},
   month = {October},
   year = {2006}
}

Abstract

We present a novel outlier elimination technique designed for sensor networks. This technique is called RANBAR and it is based on the RANSAC (RANdom SAmple Consensus) paradigm, which is well-known in computer vision and in automated cartography. The RANSAC paradigm gives us a hint on how to instantiate a model if there are a lot of compromised data elements. However, the paradigm does not specify an algorithm and it uses a guess for the number of compromised elements, which is not known in general in real life environments. We developed the RANBAR algo- rithm following this paradigm and we eliminated the need for the guess. Our RANBAR algorithm is therefore capable to handle a high percent of outlier measurement data by leaning on only one preassumption, namely that the sample is i.i.d. in the unattacked case. We implemented the algo- rithm in a simulation environment and we used it to filter out outlier elements from a sample before an aggregation procedure. The aggregation function that we used was the average. We show that the algorithm guarantees a small dis- tortion on the output of the aggregator even if almost half of the sample is compromised. Compared to other resilient aggregation algorithms, like the trimmed average and the median, our RANBAR algorithm results in smaller distor- tion, especially for high attack strengths.

Resilient Aggregation with Attack Detection in Sensor Networks

L. Buttyán, P. Schaffer, I. Vajda

Second IEEE International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS), IEEE Computer Society Press, Pisa, Italy, March, 2006.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, Peter Schaffer, István VAJDA},
   title = {Resilient Aggregation with Attack Detection in Sensor Networks},
   booktitle = {Second IEEE International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS)},
   publisher = {IEEE Computer Society Press},
   address = {Pisa, Italy},
   month = {March},
   year = {2006}
}

Abstract

In this paper, we propose a new model of resilient data aggregation in sensor networks, where the aggregator analyzes the received sensor readings and tries to detect unexpected deviations before the aggregation function is called. In this model, the adversary does not only want to cause maximal distortion in the output of the aggregation function, but it also wants to remain undetected. The advantage of this approach is that in order to remain undetected, the adversary cannot distort the output arbitrarily, but rather the distortion is usually upper bounded, even for aggregation functions that were considered to be insecure earlier (e.g., the average). We illustrate this through an example in this paper.

Resilient Aggregation: Statistical Approaches

L. Buttyán, P. Schaffer, I. Vajda

Chapter 10, in N.P.Mahalik (ed.): Sensor Networks and Configuration, Springer, 2006.

Bibtex | Abstract | PDF

@inbook {
   author = {Levente Buttyán, Peter Schaffer, István VAJDA},
   title = {Resilient Aggregation: Statistical Approaches},
   chapter = {Chapter 10},
   publisher = {in N.P.Mahalik (ed.): Sensor Networks and Configuration, Springer},
   year = {2006}
}

Abstract

In typical sensor network applications, the sensors are left unattended for a long period of time. In addition, due to cost reasons, sensor nodes are usually not tamper resistant. Consequently, sensors can be easily captured and compromised by an adversary. Once compromised, a sensor can send authentique messages to other nodes and to the base station, but those messages may contain arbitrary data created by the adversray (e.g., bogus measurments). A similar effect can be achieved by manipulating the physical environment of uncompromised sensors so that they measure false values. Bogus data introduced by the adversary may considerably distort the output of the aggregation function at the base station, and may lead to wrong decisions. The goal of resilient aggregation is to perform the aggregation correctly despite the possibility of the above mentioned attacks. In this paper, we give an overview of the state-of-the-art in resilient aggregation in sensor networks, and briefly summarize the relevant techniques in the field of mathematical statistics. In addition, we introduce a particular approach for resilient aggregation in more details. This approach is based on RANSAC (RAndom SAmple Consensus), which we adopted for our purposes. We also present some initial simulation results showing that our RANSAC based approach can tolerate a high percentage of compromised nodes.

SEVECOM - Secure Vehicle Communication

T. Leinmueller, L. Buttyán, J. P. Hubaux, F. Kargl, P. Papadimitratos, M. Raya, E. Schoch

IST Mobile Summit, ??, June, 2006.

Bibtex | Abstract

@inproceedings {
   author = {Tim Leinmueller, Levente Buttyán, Jean-Pierre Hubaux, Frank Kargl, Panagiotis Papadimitratos, Maxim Raya, Elmar Schoch},
   title = {SEVECOM - Secure Vehicle Communication},
   booktitle = {IST Mobile Summit},
   publisher = {??},
   month = {June},
   year = {2006}
}

Abstract

Vehicle to Vehicle communication (V2V) and Vehicle to Infrastructure communication (V2I) promise to improve road safety and optimize road traffic through cooperative systems applications. A prerequisite for the successful deployment of vehicular communications is to make them secure. The specific operational environment (moving vehicles, sporadic connectivity, etc. ) makes the problem very novel and challenging. Because of the challenges, a research and development road map is needed. We consider SEVECOM [1] to be the first phase of a longer term undertaking. In this first phase, we aim to define a consistent and future-proof solution to the problem of V2V/V2I security. SEVECOM will focus on communications specific to road traffic. This includes messages related to traffic information, anonymous safety-related messages, and liability related messages.

Útvonalválasztó protokollok vezeték nélküli szenzorhálózatokban

L. Buttyán, G. Ács

Híradástecnika, November, 2006.

Bibtex | Abstract

@article {
   author = {Levente Buttyán, Gergely Ács},
   title = {Útvonalválasztó protokollok vezeték nélküli szenzorhálózatokban},
   journal = {Híradástecnika},
   month = {November},
   year = {2006}
}

Abstract

A szenzorhálózatok változatos alkalmazásai különbözõ követelményeket támasztanak az útvonalválasztó protokollokkal szemben. A különbözõ követelményeknek köszönhetõen igen sok javasolt protokoll található az irodalomban. Ebben a cikkben rendszerezzük ezeket a vonalválasztó protokollokat, és minden családból bemutatunk egy prominens képviselõt. A cikk újdonsága a rendszerezéshez használt szempontrendszer, mely a protokollok eddigieknél részletesebb taxonómiáját eredményezi.

WiFi biztonság - A jó, a rossz, és a csúf

L. Dóra, L. Buttyán

Híradástechnika, May, 2006.

Bibtex | Abstract | PDF

@article {
   author = {László DÓRA, Levente Buttyán},
   title = {WiFi biztonság - A jó, a rossz, és a csúf},
   journal = {Híradástechnika},
   month = {May},
   year = {2006}
}

Abstract

Jelen cikkben ismeretterjesztõ jellegû áttekintést adunk a WiFi biztonsághoz kapcsolódó szabványokról, a WEP-rõl és a 802.11i-rõl.

2005

A framework for the revocation of unintended digital signatures initiated by malicious terminals

I. Zs. Berta, L. Buttyán, I. Vajda

IEEE Transactions on Secure and Dependable Computing, vol. (Vol. 2, No. 3), July-September, 2005, pp. 268-272, http://csdl2.computer.org/....

Bibtex | Abstract

@article {
   author = {István Zsolt BERTA, Levente Buttyán, István VAJDA},
   title = {A framework for the revocation of unintended digital signatures initiated by malicious terminals},
   journal = {IEEE Transactions on Secure and Dependable Computing},
   volume = {(Vol. 2, No. 3)},
   month = {July-September},
   year = {2005},
   pages = {268-272},
   note = {http://csdl2.computer.org/...}
}

Abstract

Human users need trusted computers when they want to generate digital signatures. In many applications, in particular, if the users are mobile, they need to carry their trusted computers with themselves. Smart cards are easy to use, easy to carry, and relatively difficult to tamper with, but they do not have a user interface; therefore, the user still needs a terminal for authorizing the card to produce digital signatures. If the terminal is malicious, it can mislead the user and obtain a digital signature on an arbitrary document. In order to mitigate this problem, we propose a solution based on conditional signatures. More specifically, we propose a framework for the controlled revocation of unintended digital signatures. We also propose a solution with a special emphasis on privacy issues.

Ad hoc útvonalválasztó protokollok bizonyított biztonsága

G. Ács, L. Buttyán, I. Vajda

Híradástechnika, March, 2005.

Bibtex | Abstract

@article {
   author = {Gergely Ács, Levente Buttyán, István VAJDA},
   title = {Ad hoc útvonalválasztó protokollok bizonyított biztonsága},
   journal = {Híradástechnika},
   month = {March},
   year = {2005}
}

Keywords

ad hoc hálózatok, forrás alapú ad hoc útvonalválasztás, biztonságos útvonalválasztás, bizonyított biztonság, szimulációs paradigma

Abstract

Ebben a cikkben egy olyan formális módszert mutatunk be, amivel a vezeték nélküli ad hoc hálózatok számára javasolt, igény szerinti, forrás alapú útvonalválasztó protokollokat (on-demand source routing) lehet biztonsági szempontból elemezni. A módszer alapját a szimulációs paradigma adja, mely egy jól ismert, általános eljárás kriptográfiai protokollok biztonságának bizonyítására. A cikkben bemutatjuk a szimulációs paradigma adaptációját ad hoc útvonalválasztó protokollokra. Formálisan megfogalmazzuk, hogy mit értünk biztonságos útvonalválasztás alatt, melyhez felhasználjuk a statisztikai megkülönböztethetetlenség fogalmát. A módszer gyakorlati alkalmazását egy példán keresztül szemléltetjük, melyben röviden ismertetjük az endairA útvonalválasztó protokoll mûködését, és bebizonyítjuk, hogy a protokoll biztonságos az általunk definiált modellben.

Cooperative Packet Forwarding in Multi-Domain Sensor Networks

M. Felegyhazi, J. P. Hubaux, L. Buttyán

Proceedings of the First International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS 2005), March, 2005.

Bibtex

@inproceedings {
   author = {Mark Felegyhazi, , Levente Buttyán},
   title = {Cooperative Packet Forwarding in Multi-Domain Sensor Networks},
   booktitle = {Proceedings of the First International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS 2005)},
   month = {March},
   year = {2005}
}

Abstract

Mobility Helps Peer-to-Peer Security

S. Capkun, J. P. Hubaux, L. Buttyán

IEEE Transactions on Mobile Computing, to appear, 2005.

Bibtex

@article {
   author = {, , Levente Buttyán},
   title = {Mobility Helps Peer-to-Peer Security},
   journal = {IEEE Transactions on Mobile Computing},
   month = {to appear},
   year = {2005}
}

Abstract

Nash Equilibria of Packet Forwarding Strategies in Wireless Ad Hoc Networks

M. Felegyhazi, J. P. Hubaux, L. Buttyán

IEEE Transactions on Mobile Computing, to appear, 2005.

Bibtex

@article {
   author = {Mark Felegyhazi, , Levente Buttyán},
   title = {Nash Equilibria of Packet Forwarding Strategies in Wireless Ad Hoc Networks},
   journal = {IEEE Transactions on Mobile Computing},
   month = {to appear},
   year = {2005}
}

Abstract

Node Cooperation in Hybrid Ad hoc Networks

N. B. Salem, L. Buttyán, J. P. Hubaux, M. Jakobsson

IEEE Transactions on Mobile Computing, to appear, 2005.

Bibtex

@article {
   author = {N. Ben Salem, Levente Buttyán, , Markus Jakobsson},
   title = {Node Cooperation in Hybrid Ad hoc Networks},
   journal = {IEEE Transactions on Mobile Computing},
   month = {to appear},
   year = {2005}
}

Abstract

Provable Security for Ad Hoc Routing Protocols

G. Ács, L. Buttyán, I. Vajda

Híradástechnika, June, 2005.

Bibtex | Abstract

@article {
   author = {Gergely Ács, Levente Buttyán, István VAJDA},
   title = {Provable Security for Ad Hoc Routing Protocols},
   journal = {Híradástechnika},
   month = {June},
   year = {2005}
}

Keywords

ad hoc networks, on-demand ad hoc source routing, secure ad hoc routing, provable security, simulation paradigm

Abstract

In this article we present a new formal framework that can be used for analyzing the ecurity of on-demand source routing protocols proposed for wireless mobile ad hoc networks. Our approach is based on the simulation paradigm which is a well-known and general procedure to prove the security of cryptographic protocols. We give the formal definition of secure ad hoc routing in a precise and rigorous manner using the concept of statistical indistinguishability. We present an ad hoc source routing protocol, called endairA, and we illustrate the usage of our approach by proving that this protocol is secure in our model.

Provable Security of On-Demand Distance Vector Routing in Wireless Ad Hoc Networks

G. Ács, L. Buttyán, I. Vajda

In Proceedings of the Second European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), Visegrád, Hungary, July 13-14, 2005, 2005.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Ács, Levente Buttyán, István VAJDA},
   title = {Provable Security of On-Demand Distance Vector Routing in Wireless Ad Hoc Networks},
   booktitle = {In Proceedings of the Second European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), Visegrád, Hungary, July 13-14, 2005},
   year = {2005}
}

Abstract

In this paper, we propose a framework for the security analysis of on-demand, distance vector routing protocols for ad hoc networks, such as AODV, SAODV, and ARAN. The proposed approach is an adaptation of the simulation paradigm that is used extensively for the analysis of cryptographic algorithms and protocols, and it provides a rigorous method for proving that a given routing protocol is secure. We demonstrate the approach by representing known and new attacks on SAODV in our framework, and by proving that ARAN is secure in our model.

Spontaneous Cooperation in Multi-domain Sensor Networks

P. Schaffer, T. Holczer, L. Buttyán

In Proceedings of the 2nd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS), Springer, Visegrád, Hungary, July, 2005.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Peter Schaffer, Tamas Holczer, Levente Buttyán},
   title = {Spontaneous Cooperation in Multi-domain Sensor Networks},
   booktitle = {In Proceedings of the 2nd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS)},
   publisher = {Springer},
   address = {Visegrád, Hungary},
   month = {July},
   year = {2005}
}

Abstract

Sensor networks are large scale networks consisting of several nodes and some base stations. The nodes are monitoring the environment and send their measurement data towards the base stations possibly via multiple hops. Since the nodes are often battery powered, an important design criterion for sensor networks is the maximization of their lifetime. In this paper, we consider multi-domain sensor networks, by which we mean a set of sensor networks that co-exist at the same physical location but run by different authorities. In this setting, the lifetime of all networks can be increased if the nodes cooperate and also forward packets originating from foreign domains. There is a risk, however, that a selfish network takes advantage of the cooperativeness of the other networks and exploits them. We study this problem in a game theoretic setting, and show that, in most cases, there is a Nash equilibrium in the system, in which at least one of the strategies is cooperative, even without introducing any external incentives (e.g., payments).

Standards for Product Security Assessment

I. Zs. Berta, L. Buttyán, I. Vajda

Chapter 53, in IT Security Handbook, edited by Hossein Bidgoli, John Wiley and Sons, 2005, (to appear).

Bibtex

@inbook {
   author = {István Zsolt BERTA, Levente Buttyán, István VAJDA},
   title = {Standards for Product Security Assessment},
   chapter = {Chapter 53},
   publisher = {in IT Security Handbook, edited by Hossein Bidgoli, John Wiley and Sons},
   year = {2005},
   note = {(to appear)}
}

Abstract

Statistical Wormhole Detection in Sensor Networks

L. Dóra, L. Buttyán, I. Vajda

Refik Molva, Gene Tsudik, Dirk Westhoff, Lecture Notes in Computer Science, Springer-Verlag GmbH, 2005, pp. Volume 3813/ 2005, pp. 128 - 141, Security and Privacy in Ad-hoc and Sensor Networks: Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005.

Bibtex | Abstract | PDF

@inproceedings {
   author = {László DÓRA, Levente Buttyán, István VAJDA},
   title = {Statistical Wormhole Detection in Sensor Networks},
   editor = {Refik Molva, Gene Tsudik, Dirk Westhoff},
   booktitle = {Lecture Notes in Computer Science},
   publisher = {Springer-Verlag GmbH},
   year = {2005},
   pages = {Volume 3813/ 2005, pp. 128 - 141},
   note = {Security and Privacy in Ad-hoc and Sensor Networks: Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005}
}

Keywords

Sensor network, wormhole detection, chi-square

Abstract

n this paper, we propose two mechanisms for wormhole detection in wireless sensor networks. The proposed mechanisms are based on hypothesis testing and they provide probabilistic results. The first mechanism, called the Neighbor Number Test (NNT), detects the increase in the number of the neighbors of the sensors, which is due to the new links created by the wormhole in the network. The second mechanism, called the All Distances Test (ADT), detects the decrease of the lengths of the shortest paths between all pairs of sensors, which is due to the shortcut links created by the wormhole in the network. Both mechanisms assume that the sensors send their neighbor list to the base station, and it is the base station that runs the algorithms on the network graph that is reconstructed from the received neighborhood information. We describe these mechanisms and investigate their performance by means of simulation.

2004

A Formal Model of Rational Exchange and Its Application to the Analysis of Syverson's Protocol

L. Buttyán, J. P. Hubaux, S. Capkun

Journal on Computer Security, vol. 12, no. 3-4, 2004, pp. 551-587.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, , },
   title = {A Formal Model of Rational Exchange and Its Application to the Analysis of Syverson's Protocol},
   journal = {Journal on Computer Security},
   volume = {12},
   number = {3-4},
   year = {2004},
   pages = {551-587}
}

Abstract

We propose a formal model of rational exchange and exchange protocols in general, which is based on game theory. In this model, an exchange protocol is represented as a set of strategies in a game that is played by the protocol parties and the network that they use to communicate with each other. Within this model, we give a formal definition for rational exchange and various other properties of exchange protocols, including fairness. In particular, rational exchange is defined in terms of a Nash equilibrium in the protocol game. We also study the relationship between rational and fair exchange, and prove that fairness implies rationality, but not vice versa. Finally, we illustrate the usage of our formal model for the analysis of existing rational exchange protocols by analyzing a protocol proposed by Syverson. We show that the protocol is rational only under the assumption that the network is reliable.

Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Dynamic Case

M. Felegyhazi, J. P. Hubaux, L. Buttyán

Proceedings of the 2nd Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt 2004), March, 2004.

Bibtex

@inproceedings {
   author = {Mark Felegyhazi, , Levente Buttyán},
   title = {Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Dynamic Case},
   booktitle = {Proceedings of the 2nd Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt 2004)},
   month = {March},
   year = {2004}
}

Abstract

HUNEID - Hungarian Electronic ID smart card specifications

I. Zs. Berta, I. Vajda, L. Buttyán, B. Bencsáth, T. Veiland

Ministry of Informatics and Telecommunications (www.ihm.hu), http://www.itktb.hu/engine.aspx?page=showcontent&content=ias, 2004.

Bibtex

@techreport {
   author = {István Zsolt BERTA, István VAJDA, Levente Buttyán, Boldizsár Bencsáth, Tamás Veiland},
   title = {HUNEID - Hungarian Electronic ID smart card specifications},
   institution = {Ministry of Informatics and Telecommunications (www.ihm.hu)},
   address = {http://www.itktb.hu/engine.aspx?page=showcontent&content=ias},
   year = {2004}
}

Abstract

Incentives for Cooperation in Multi-hop Wireless Networks

L. Buttyán, T. Holczer, P. Schaffer

Híradástechnika, vol. LIX, no. 3, March, 2004, pp. 30--34, (in Hungarian).

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, Tamas Holczer, Peter Schaffer},
   title = {Incentives for Cooperation in Multi-hop Wireless Networks},
   journal = {Híradástechnika},
   volume = {LIX},
   number = {3},
   month = {March},
   year = {2004},
   pages = {30--34},
   note = {(in Hungarian)}
}

Abstract

Cikkünkben bevezetjük a kooperációra való ösztönzés problémáját, ami tipikus problémaként jelentkezik a többugrásos vezetéknélküli hálózatokban. Röviden áttekintjük a nem-kooperatív viselkedési fajtákat, és a kooperációra ösztönzõ mechanizmusok típusait. Végül összefoglaljuk két általunk javasolt ösztönzõ mechanizmus fõbb elemeit, ötleteit.

Kriptográfia és alkalmazásai

L. Buttyán, I. Vajda

Typotex Kiadó, 2004, Budapest, 445p.

Bibtex

@book {
   author = {Levente Buttyán, István VAJDA},
   title = {Kriptográfia és alkalmazásai},
   publisher = {Typotex Kiadó},
   year = {2004},
   note = {Budapest, 445p}
}

Abstract

Mitigating the Untrusted Terminal Problem Using Conditional Signatures

I. Zs. Berta, L. Buttyán, I. Vajda

Proceedings of International Conference on Information Technology ITCC 2004, IEEE, Las Vegas, NV, USA, April, 2004.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István Zsolt BERTA, Levente Buttyán, István VAJDA},
   title = {Mitigating the Untrusted Terminal Problem Using Conditional Signatures},
   booktitle = {Proceedings of International Conference on Information Technology ITCC 2004},
   publisher = {IEEE},
   address = { Las Vegas, NV, USA},
   month = {April},
   year = {2004}
}

Abstract

We study the problem of how a user at an untrusted terminal can generate digital signatures with the help of a smart card. This problem may arise in many practical applications; an example would be a user generating an electronic check at a merchant's terminal in a shop. The danger is that after receiving the PIN code of the card from the user, the terminal can obtain a signature from the card on an arbitrarily chosen document, that is different from the one displayed on the screen and confirmed by the user. We propose a solution to this problem which is based on a new concept called conditional signature. This leads to a new paradigm where digital signatures are not considered as non-repudiable proofs, at least until a short deadline.

Modelling Location Reveal Attacks in Mobile Systems

L. Zombik, L. Buttyán

Periodica Polytechnica, vol. 48, no. 1-2, 2004, pp. 85-100.

Bibtex

@article {
   author = {Laszlo Zombik, Levente Buttyán},
   title = {Modelling Location Reveal Attacks in Mobile Systems},
   journal = { Periodica Polytechnica},
   volume = {48},
   number = {1-2},
   year = {2004},
   pages = {85-100}
}

Abstract

Privacy Protecting Protocols for Revokable Digital Signatures

I. Zs. Berta, L. Buttyán, I. Vajda

Proceedings of Cardis 2004, Toulouse, France (to appear), Kluwer, 2004.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István Zsolt BERTA, Levente Buttyán, István VAJDA},
   title = {Privacy Protecting Protocols for Revokable Digital Signatures},
   booktitle = {Proceedings of Cardis 2004, Toulouse, France (to appear)},
   publisher = {Kluwer},
   year = {2004}
}

Abstract

Consider an application where a human user has to digitally sign a message. It is usually assumed that she has a trusted computer at her disposal, however, this assumption does not hold in several practical cases, especially if the user is mobile. Smart cards have been proposed to solve this problem, but they do not have a user interface, therefore the user still needs a (potentially untrusted) terminal to authorize the card to produce digital signatures. In order to mitigate this problem, we proposed a solution based on conditional signatures to provide a framework for the repudiation of unintended signatures. Our previous solution relies on a trusted third party who is able to link the issuer of the signature with the intended recipient, which may lead to severe privacy problems. In this paper we extend our framework and propose protocols that allow the user to retain her privacy with respect to this trusted third party.

Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks

G. Ács, L. Buttyán, I. Vajda

http://eprint.iacr.org/ under report number 2004/159., March, 2004.

Bibtex | Abstract

@techreport {
   author = {Gergely Ács, Levente Buttyán, István VAJDA},
   title = {Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks},
   institution = {http://eprint.iacr.org/ under report number 2004/159.},
   month = {March},
   year = {2004}
}

Keywords

Mobile ad hoc networks, secure routing, provable security

Abstract

Routing is one of the most basic networking functions in mobile ad hoc networks. Hence, an adversary can easily paralyze the operation of the network by attacking the routing protocol. This has been realized by many researchers, and several "secure" routing protocols have been proposed for ad hoc networks. However, the security of those protocols have mainly been analyzed by informal means only. In this paper, we argue that flaws in ad hoc routing protocols can be very subtle, and we advocate a more systematic way of analysis. We propose a mathematical framework in which security can be precisely defined, and routing protocols for mobile ad hoc networks can be analyzed rigorously. Our framework is tailored for on-demand source routing protocols, but the general principles are applicable to other types of protocols too. Our approach is based on the simulation paradigm, which has already been used extensively for the analysis of key establishment protocols, but to the best of our knowledge, it has not been applied in the context of ad hoc routing so far. We also propose a new on-demand source routing protocol, called endairA, and we demonstrate the usage of our framework by proving that it is secure in our model.

Towards Provable Security for Ad Hoc Routing Protocols

L. Buttyán, I. Vajda

Proceedings of the 2nd ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2004), ACM, October, 2004.

Bibtex

@inproceedings {
   author = {Levente Buttyán, István VAJDA},
   title = {Towards Provable Security for Ad Hoc Routing Protocols},
   booktitle = {Proceedings of the 2nd ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2004)},
   publisher = {ACM},
   month = {October},
   year = {2004}
}

Abstract

2003

A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks

N. B. Salem, L. Buttyán, J. P. Hubaux, M. Jakobsson

4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003), June, 2003.

Bibtex | Abstract

@inproceedings {
   author = {N. Ben Salem, Levente Buttyán, , Markus Jakobsson},
   title = {A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks},
   booktitle = {4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003)},
   month = {June},
   year = {2003}
}

Abstract

In multi-hop cellular networks, data packets have to be relayed hop by hop from a given mobile station to a base station and vice-versa. This means that the mobile stations must accept to forward information for the benefit of other stations. In this paper, we propose an incentive mechanism that is based on a charging/rewarding scheme and that makes collaboration rational for selfish nodes. We base our solution on symmetric cryptography to cope with the limited resources of the mobile stations. We provide a set of protocols and study their robustness with respect to various attacks. By leveraging on the relative stability of the routes, our solution leads to a very moderate overhead.

A game based analysis of the client puzzle approach to defend against DoS attacks

B. Bencsáth, L. Buttyán, I. Vajda

Proceedings of SoftCOM 2003 11. International conference on software, telecommunications and computer networks, Faculty of Electrical Engineering, Mechanical Engineering and Naval Architecture, University of Split, 2003, pp. 763-767.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Boldizsár Bencsáth, Levente Buttyán, István VAJDA},
   title = {A game based analysis of the client puzzle approach to defend against DoS attacks},
   booktitle = {Proceedings of SoftCOM 2003 11. International conference on software, telecommunications and computer networks},
   publisher = {Faculty of Electrical Engineering, Mechanical Engineering and Naval Architecture, University of Split},
   year = {2003},
   pages = {763-767}
}

Abstract

DoS attacks are aimed at the loss of or the reduction in availability, which is one of the most important general security requirements in computer networks. A promising approach proposed to alleviate the problem of DoS attacks is to use client puzzles. In this paper, we study this approach using the apparatus of game theory. In our analysis, we derive the optimal strategy for the attacked server (e.g., a web server on the Internet) in all conceivable cases. We also present two new client puzzles as examples.

A Micropayment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks

M. Jakobsson, J. P. Hubaux, L. Buttyán

Proceedings of Financial Crypto 2003, La Guadeloupe, January, 2003.

Bibtex | Abstract

@inproceedings {
   author = {Markus Jakobsson, , Levente Buttyán},
   title = {A Micropayment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks},
   booktitle = {Proceedings of Financial Crypto 2003},
   address = {La Guadeloupe},
   month = {January},
   year = {2003}
}

Abstract

We propose a micro-payment scheme for multi-hop cellular networks that encourages collaboration in packet forwarding by letting users benefit from relaying others` packets. At the same time as proposing mechanisms for detecting and rewarding collaboration, we introduce appropriate mechanisms for detecting and punishing various forms of abuse. We show that the resulting scheme -- which is exceptionally light-weight -- makes collaboration rational and cheating undesirable.

Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Static Case

M. Felegyhazi, L. Buttyán, J. P. Hubaux

8th International Conference on Personal Wireless Communications (PWC 2003), September, 2003.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Mark Felegyhazi, Levente Buttyán, },
   title = {Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Static Case},
   booktitle = {8th International Conference on Personal Wireless Communications (PWC 2003)},
   month = {September},
   year = {2003}
}

Abstract

In multi-hop wireless networks, every node is expected to forward packets for the benefit of other nodes. Yet, if each node is its own authority, then it may selfishly deny packet forwarding in order to save its own resources. Some researchers have proposed to introduce an incentive mechanism in the network that motivates the nodes to cooperate. In this paper, we address the question of whether such an incentive mechanism is necessary or cooperation between the nodes exists in the absence of it. We define a model in a game theoretic framework and identify the conditions under which cooperative strategies can form an equilibrium. As the problem is somewhat involved, we deliberately restrict ourselves to a static configuration.

From Fault-Tolerance to Security and Back

F. Gaertner, L. Buttyán, K. Kursawe

IEEE Distributed Systems Online, vol. 4, no. 9, 2003.

Bibtex

@article {
   author = {Felix Gaertner, Levente Buttyán, Klaus Kursawe},
   title = {From Fault-Tolerance to Security and Back},
   journal = { IEEE Distributed Systems Online},
   volume = {4},
   number = {9},
   year = {2003}
}

Abstract

Lightweight Authentication Protocols for Low-Cost RFID Tags

I. Vajda, L. Buttyán

2nd Workshop on Security in Ubiquitous Computing, in conjunction with Ubicomp 2003, October, 2003.

Bibtex | Abstract

@inproceedings {
   author = {István VAJDA, Levente Buttyán},
   title = {Lightweight Authentication Protocols for Low-Cost RFID Tags},
   booktitle = {2nd Workshop on Security in Ubiquitous Computing, in conjunction with Ubicomp 2003},
   month = {October},
   year = {2003}
}

Abstract

Providing security in low-cost RFID tags is a challenging task because tags are highly resource constrained and cannot support strong cryptography. Special lightweight algorithms and protocols need to be designed that take into account the limitations of the tags. In this paper, we propose a set of extremely lightweight tag authentication protocols. We also provide an analysis of the proposed protocols.

Mobility Helps Security in Ad Hoc Networks

S. Capkun, J. P. Hubaux, L. Buttyán

4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003), June, 2003.

Bibtex | Abstract

@inproceedings {
   author = {, , Levente Buttyán},
   title = {Mobility Helps Security in Ad Hoc Networks},
   booktitle = {4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003)},
   month = {June},
   year = {2003}
}

Abstract

Contrary to the common belief that mobility makes security more difficult to achieve, we show that node mobility can, in fact, be useful to provide security in ad hoc networks. We propose a technique in which security associations between nodes are established, when they are in the vicinity of each other, by exchanging appropriate cryptographic material. We show that this technique is generic, by explaining its application to fully self-organized ad hoc networks and to ad hoc networks placed under an (off-line) authority. We also propose an extension of this basic mechanism, in which a security association can be established with the help of a “friend”. We show that our mechanism can work in any network configuration and that the time necessary to set up the security associations is strongly influenced by several factors, including the size of the deployment area, the mobility patterns, and the number of friends; we provide a detailed investigation of this influence.

Report on a Working Session on Security in Wireless Ad Hoc Networks

L. Buttyán, J. P. Hubaux

ACM Mobile Computing and Communications Review (MC2R), vol. 7, no. 1, March, 2003.

Bibtex | PDF

@article {
   author = {Levente Buttyán, },
   title = {Report on a Working Session on Security in Wireless Ad Hoc Networks},
   journal = {ACM Mobile Computing and Communications Review (MC2R)},
   volume = {7},
   number = {1},
   month = {March},
   year = {2003}
}

Keywords

ad hoc networks, security, authentication, routing, intrusion detection, cooperation

Abstract

SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks

S. Capkun, L. Buttyán, J. P. Hubaux

Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2003), ACM, October, 2003.

Bibtex | Abstract

@inproceedings {
   author = {, Levente Buttyán, },
   title = {SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks},
   booktitle = {Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2003)},
   publisher = {ACM},
   month = {October},
   year = {2003}
}

Keywords

ad hoc networks, security, hash chains, hash trees, secure routing, wormhole detection, topology control

Abstract

In this paper we present SECTOR, a set of mechanisms for the secure verification of the time of encounters between nodes in multi-hop wireless networks. This information can be used notably to prevent wormhole attacks (without requiring any clock synchronization), to secure routing protocols based on last encounters (with only loose clock synchronization), and to control the topology of the network. SECTOR is based primarily on distance-bounding techniques, on one-way hash chains and on Merkle hash trees. We analyze the communication, computation and storage complexity of the proposed mechanisms and we show that, due to their ef- ficiency and simplicity, they are compliant with the limited resources of most mobile devices.

Self-Organized Public-Key Management for Mobile Ad Hoc Networks

S. Capkun, L. Buttyán, J. P. Hubaux

IEEE Transactions on Mobile Computing, vol. 2, no. 1, January-March, 2003.

Bibtex | Abstract

@article {
   author = {, Levente Buttyán, },
   title = {Self-Organized Public-Key Management for Mobile Ad Hoc Networks},
   journal = {IEEE Transactions on Mobile Computing},
   volume = {2},
   number = {1},
   month = {January-March},
   year = {2003}
}

Keywords

ad hoc networks, security, key management, PGP

Abstract

In contrast with conventional networks, mobile ad hoc networks usually do not provide online access to trusted authorities or to centralized servers, and they exhibit frequent partitioning due to link and node failures and to node mobility. For these reasons, traditional security solutions that require online trusted authorities or certificate repositories are not well-suited for securing ad hoc networks. In this paper, we propose a fully self-organized public-key management system that allows users to generate their publicprivate key pairs, to issue certificates, and to perform authentication regardless of the network partitions and without any centralized services. Furthermore, our approach does not require any trusted authority, not even in the system initialization phase.

Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks

L. Buttyán, J. P. Hubaux

ACM/Kluwer Mobile Networks and Applications, vol. 8, no. 5, October, 2003.

Bibtex | PDF

@article {
   author = {Levente Buttyán, },
   title = {Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks},
   journal = {ACM/Kluwer Mobile Networks and Applications},
   volume = {8},
   number = {5},
   month = {October},
   year = {2003}
}

Abstract

2002

A Formal Analysis of Syverson`s Rational Exchange Protocol

L. Buttyán, S. Capkun, J. P. Hubaux

Proceedings of IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June, 2002.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, , },
   title = {A Formal Analysis of Syverson`s Rational Exchange Protocol},
   booktitle = {Proceedings of IEEE Computer Security Foundations Workshop},
   address = {Cape Breton, Nova Scotia, Canada},
   month = {June},
   year = {2002}
}

Keywords

rational exchange, game theory, Nash equilibrium

Abstract

In this paper, we provide a formal analysis of a rational exchange protocol proposed by Syverson. A rational exchange protocol guarantees that misbehavior cannot generate benefits, and is therefore discouraged. The analysis is performed using our formal model, which is based on game theory. In this model, rational exchange is defined in terms of a Nash equilibrium.

Eliminating Man-in-the-Middle attacks of Malicious Terminals

L. Buttyán, I. Zs. Berta, I. Vajda

Workshop organised by the IST Coordination Point of the Ministry of Education, Budapest, 2002.

Bibtex | Abstract

@misc {
   author = {Levente Buttyán, István Zsolt BERTA, István VAJDA},
   title = {Eliminating Man-in-the-Middle attacks of Malicious Terminals},
   howpublished = {Workshop organised by the IST Coordination Point of the Ministry of Education, Budapest},
   year = {2002}
}

Abstract

Communication with a remote partner is considered over an insecure network, where the user can gain access only to a terminal, which cannot be trusted: an attacker is assumed to be able to fully control the terminal, so the user must consider the terminal as a potential attacker. Surprisingly many terminals belong to this class.

Assuming such an environment the problem of sending authentic messages is considered. Various cryptographic algorithms exist for algorithmic protection, however to run such highly complex algorithms, the user must rely on the computational power of an insecure terminal. Smart cards are often considered the ultimate tool for secure messaging from untrusted terminals. Although they are secure tamper-resistant microcomputers with strong cryptographic power, their lack of user interface (i.e. lack of direct access to its input/output channels) enables man-in-the middle attack from the terminal. Therefore involving a smart card cannot eliminate the basic problem, because any protocol between the user and the smart card would rely - once again - on the insecure terminal. It might seem obvious that the user should give all security goals up as hopeless.

We have come to the conclusion that the user is unable to send authentic messages to the card, so in case of untrusted terminals the signature of the card does not prove that the message originates from the user. This is why the authenticity of plaintext messages from insecure terminals cannot be guaranteed.

However the user as a human being has additional resources that can be exploited to increase the security level of the system. The user is an excellent 'biometric device'. Biometric data (e.g. speech, video, handwriting) carry the information content (plaintext) together with the identity of the sender, which is far more difficult to counterfeit than plaintext content. Moreover the human user has limited but trusted algorithmic capabilities too, having some secure memory and computational power.

Apart from encapsulating the identity of the user and the content of the message, biometric messages (or multimedia messages) also have structure. If the structure is violated, the message has obviously been tampered with.

The manipulation of biometric messages requires considerably more time and resources than that of plaintext ones. If the chosen biometric method is properly calibrated, the attacker may not only need massive computational power, but human interaction or biometric laboratories could be required to successfully counterfeit a biometric message. Thus, not only a large percentage of attackers have been excluded, but even the most advanced ones may require significantly more time to create a counterfeited biometric message than a plaintext one.

A protocol has been developed in our laboratory that combines the biometric powers of the user and cryptographic powers of the smart card to dramatically limit the time the attacker has to manipulate a message. In this case, the smart card acts as a secure time gate. The protocol verifies that only a small amount of time has passed between the recording of the biometric message and card signing it. Naturally, after the message passes through the smart card, attackers have no chance to manipulate.

The protocol also uses the smart card to securely introduce the user to the remote partner, so the latter would already be familiar with the biometric features of the user. Thus, the smart card not only ensures authenticity, but also enables communication without having to exchange biometric identities in advance.

Having investigated the problem of secure communication via insecure terminals, we propose a solution that enables the everyday user to send authentic messages. Combined usage of biometry and smart cards can increase security to a level suitable for several practical applications.

Small Worlds in Security Systems: an Analysis of the PGP Certificate Graph

L. Buttyán, S. Capkun, J. P. Hubaux

Proceedings of The ACM New Security Paradigms Workshop 2002, Norfolk, Virginia Beach, USA, September, 2002, pp. 8.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán, , },
   title = {Small Worlds in Security Systems: an Analysis of the PGP Certificate Graph},
   booktitle = {Proceedings of The ACM New Security Paradigms Workshop 2002},
   address = {Norfolk, Virginia Beach, USA},
   month = {September},
   year = {2002},
   pages = {8}
}

Keywords

PGP, small worlds, public-key management, self-organization

Abstract

We propose a new approach to securing self-organized mobile ad hoc networks. In this approach, security is achieved in a fully self-organized manner

2001

A Payment Scheme for Broadcast Multimedia Streams

N. B. Salem, L. Buttyán

Proceedings of 6th IEEE Symposium on Computers and Communications, Hammamet, Tunisia, July, 2001.

Bibtex | Abstract

@inproceedings {
   author = {N. Ben Salem, Levente Buttyán},
   title = {A Payment Scheme for Broadcast Multimedia Streams},
   booktitle = {Proceedings of 6th IEEE Symposium on Computers and Communications},
   address = {Hammamet, Tunisia},
   month = {July},
   year = {2001}
}

Keywords

electronic payment scheme, micropayment, user privacy, fairness, multimedia

Abstract

Streaming multimedia data on the Internet is developing as a mainstream technology, which attracts many users by providing a new and convenient form of access to online multimedia information. While its strong business potential is obvious, many problems related to charging, copyright protection, and privacy can delay or even hinder its extensive deployment. In this paper, we are concerned with the charging problem, and propose an electronic payment scheme to use for purchasing broadcast multimedia streams. Our design respects the pay-per-use principle, makes cheating uninteresting for both the user and the service provider, resists against forgery and over-spending, protects sensitive payment information and user privacy, and allows the identification of misbehaving users.

Building Blocks for Secure Services: Authenticated Key Transport and Rational Exchange Protocols

L. Buttyán

Swiss Federal Institute of Technology (EPFL), December, 2001.

Bibtex | Abstract | PDF

@phdthesis {
   author = {Levente Buttyán},
   title = {Building Blocks for Secure Services: Authenticated Key Transport and Rational Exchange Protocols},
   school = {Swiss Federal Institute of Technology (EPFL)},
   month = {December},
   year = {2001}
}

Keywords

authentication logic, protocol synthesis, game theory, formal verification, ad hoc networks, cooperation, nuglets

Abstract

This thesis is concerned with two security mechanisms: authenticated key transport and rational exchange protocols. These mechanisms are potential building blocks in the security architecture of a range of different services. Authenticated key transport protocols are used to build secure channels between entities, which protect their communications against eavesdropping and alteration by an outside attacker. In contrast, rational exchange protocols can be used to protect the entities involved in an exchange transaction from each other. This is important, because often the entities do not trust each other, and both fear that the other will gain an advantage by misbehaving. Rational exchange protocols alleviate this problem by ensuring that a misbehaving party cannot gain any advantages. This means that misbehavior becomes uninteresting and it should happen only rarely. The thesis is focused on the construction of formal models for authenticated key transport and rational exchange protocols. In the first part of the thesis, we propose a formal model for key transport protocols, which is based on a logic of belief. Building on this model, we also propose an original systematic protocol construction approach. The main idea is that we reverse some implications that can be derived from the axioms of the logic, and turn them into synthesis rules. The synthesis rules can be used to construct a protocol and to derive a set of assumptions starting from a set of goals. The main advantage is that the resulting protocol is guaranteed to be correct in the sense that all the specified goals can be derived from the protocol and the assumptions using the underlying logic. Another important advantage is that all the assumptions upon which the correctness of the protocol depends are made explicit. The protocol obtained in the synthesis process is an abstract protocol, in which idealized messages that contain logical formulae are sent on channels with various access properties. The abstract protocol can then be implemented in several ways by replacing the idealized messages and the channels with appropriate bit strings and cryptographic primitives, respectively. We illustrate the usage of the logic and the synthesis rules through an example: We analyze an authenticated key transport protocol proposed in the literature, identify several weaknesses, show how these can be exploited by various attacks, and finally, we redesign the protocol using the proposed systematic approach. We obtain a protocol that resists against the presented attacks, and in addition, it is simpler than the original one. In the second part of the thesis, we propose an original formal model for exchange protocols, which is based on game theory. In this model, an exchange protocol is represented as a set of strategies in a game played by the protocol parties and the network that they use to communicate with each other. We give formal definitions for various properties of exchange protocols in this model, including rationality and fairness. Most importantly, rationality is defined in terms of a Nash equilibrium in the protocol game. The model and the formal definitions allow us to rigorously study the relationship between rational exchange and fair exchange, and to prove that fairness implies rationality (given that the protocol satisfies some further usual properties), but the reverse is not true in general. We illustrate how the formal model can be used for rigorous verification of existing protocols by analyzing two exchange protocols, and formally proving that they satisfy the definition of rational exchange. We also present an original application of rational exchange: We show how the concept of rationality can be used to improve a family of micropayment schemes with respect to fairness without substantial loss in efficiency. Finally, in the third part of the thesis, we extend the concept of rational exchange, and describe how similar ideas can be used to stimulate the nodes of a self-organizing ad hoc network for cooperation. More precisely, we propose an original approach to stimulate the nodes for packet forwarding. Like in rational exchange protocols, our design does not guarantee that a node cannot deny packet forwarding, but it ensures that it cannot gain any advantages by doing so. We analyze the proposed solution analytically and by means of simulation.

Efficient Multi-Party Challenge-Response Protocols for Entity Authentication

L. Buttyán, A. Nagy, I. Vajda

Periodica Polytechnica, vol. 45, no. 1, April, 2001, pp. 43-64.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, , István VAJDA},
   title = {Efficient Multi-Party Challenge-Response Protocols for Entity Authentication},
   journal = {Periodica Polytechnica},
   volume = {45},
   number = {1},
   month = {April},
   year = {2001},
   pages = {43-64}
}

Keywords

challenge-response protocols, protocol graph, entity authentication, reflection attack

Abstract

In this paper, we address the problem of multi-party entity authen- tication. We prove that the lower bound on the number of messages of multi-party challenge-response protocols is 2n-1, where n is the num- ber of the participants of the protocol, and propose two protocols that achieve this lower bound. Our protocols are, thus, eÆcient in the sense that they use the minimum number of messages required to solve the multi-party entity authentication problem based on challenge-response principles.

Method for transmitting payment information between a terminal and a third equipment

L. Buttyán, E. Wiedmer, E. Lauper

May, 2001, International Patent Application.

Bibtex

@misc {
   author = {Levente Buttyán, , },
   title = {Method for transmitting payment information between a terminal and a third equipment},
   month = {May},
   year = {2001},
   note = {International Patent Application}
}

Keywords

electronic payment, smart card, authenticated session key establishment

Abstract

Nuglets: a Virtual Currency to Stimulate Cooperation in Self-Organized Mobile Ad Hoc Networks

L. Buttyán, J. P. Hubaux

no. DSC/2001/001, EPFL-DI-ICA, January, 2001.

Bibtex | Abstract

@techreport {
   author = {Levente Buttyán, },
   title = {Nuglets: a Virtual Currency to Stimulate Cooperation in Self-Organized Mobile Ad Hoc Networks},
   number = {DSC/2001/001},
   institution = {EPFL-DI-ICA},
   month = {January},
   year = {2001}
}

Keywords

mobile ad hoc networks, routing, cooperation, service availability

Abstract

In mobile ad hoc networks, it is usually assumed that all the nodes belong to the same authority

Rational Exchange -- A Formal Model Based on Game Theory

L. Buttyán, J. P. Hubaux

Proceedings of 2nd International Workshop on Electronic Commerce (WELCOM 2001), Heidelberg, Germany, November, 2001.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, },
   title = {Rational Exchange -- A Formal Model Based on Game Theory},
   booktitle = {Proceedings of 2nd International Workshop on Electronic Commerce (WELCOM 2001)},
   address = {Heidelberg, Germany},
   month = {November},
   year = {2001}
}

Keywords

electronic commerce, rational exchnage, fair exchange, formal model, game theory

Abstract

We introduce game theory as a formal framework in which exchange protocols can be modeled and their properties can be studied. We use this framework to give a formal definition for rational exchange relating it to the concept of Nash equilibrium in games. In addition, we study the relationship between rational exchange and fair exchange. We prove that fair exchange implies rational exchange, but the reverse is not true. The practical consequence of this is that rational exchange protocols may provide interesting solutions to the exchange problem by representing a trade-off between complexity and what they achieve. They could be particularly useful in mobile e-commerce applications.

Self-Organization in Mobile Ad-Hoc Networks: the Approach of Terminodes

L. Blazevic, L. Buttyán, S. Capkun, S. Giordano, J. P. Hubaux, J. Y. Le Boudec

IEEE Communications Magazine, vol. 39, no. 6, June, 2001.

Bibtex | Abstract

@article {
   author = {, Levente Buttyán, , , , },
   title = {Self-Organization in Mobile Ad-Hoc Networks: the Approach of Terminodes},
   journal = {IEEE Communications Magazine},
   volume = {39},
   number = {6},
   month = {June},
   year = {2001}
}

Keywords

self-organized network, MANET,self-organized routing, GPS-free positioning, incentive to cooperation, security

Abstract

The Terminodes project is designing a wide area, mobile ad-hoc network, which is meant to be used in a public environment, in our approach, the network is run by users themselves. We give a global description of the building blocks used by the basic operation of the network, they all rely on various concepts of self-organization. Routing uses a combination of geography-based information and local, MANET-like protocols. Terminode positioning is obtained either by GPS, or by a relative positioning method. Mobility management uses self-organized virtual regions. Terminodes employ a form of virtual money called ``nuglets

Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks

L. Buttyán, J. P. Hubaux

no. DSC/2001/046, EPFL-DI-ICA, August, 2001.

Bibtex | Abstract

@techreport {
   author = {Levente Buttyán, },
   title = {Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks},
   number = {DSC/2001/046},
   institution = {EPFL-DI-ICA},
   month = {August},
   year = {2001}
}

Keywords

terminodes

Abstract

In military and rescue applications of mobile ad hoc net tworks, all the nodes belong to the same authority; therefore, they are motivated to cooperate in order to support the basic functions of the network. In this paper, we consider the case when each node is its own authority and tries to maximize the benefits it gets from the network. More precisely, we assume that the nodes are not willing to forward packets for the benefit of other nodes. This problem may arise in civilian applications of mobile ad hoc networks. In order to stimulate the nodes for packet forwarding,we propose a simple mechanism based on a counter in each node. We study the behavior of the proposed mechanism analytically and by means of simulations, and detail the way in which it could be protected against misuse.

The Quest for Security in Mobile Ad Hoc Networks

J. P. Hubaux, L. Buttyán, S. Capkun

Proceedings of ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC), Long Beach, CA, USA, October, 2001.

Bibtex | Abstract

@inproceedings {
   author = {, Levente Buttyán, },
   title = {The Quest for Security in Mobile Ad Hoc Networks},
   booktitle = {Proceedings of ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC)},
   address = {Long Beach, CA, USA},
   month = {October},
   year = {2001}
}

Keywords

security, public-key infrastructure, PKI, self-organization, mobile ad hoc networking

Abstract

So far, research on mobile ad hoc networks has been focused primarily on routing issues. Security, on the other hand, has been given a lower priority. This paper provides an overview of security problems for mobile ad hoc networks, distinguishing the threats on basic mechanisms and on security mechanisms. It then describes our solution to protect the security mechanisms. The original features of this solution include that (i) it is fully decentralized and (ii) all nodes are assigned equivalent roles.

2000

A Pessimistic Approach to Trust in Mobile Agent Platforms

U. Wilhelm, S. Staamann, L. Buttyán

IEEE Internet Computing, vol. 4, no. 5, September, 2000, pp. 40-48.

Bibtex | PDF

@article {
   author = {, , Levente Buttyán},
   title = {A Pessimistic Approach to Trust in Mobile Agent Platforms},
   journal = {IEEE Internet Computing},
   volume = {4},
   number = {5},
   month = {September},
   year = {2000},
   pages = {40-48}
}

Keywords

mobile agents, trust, tamper resistant hardware

Abstract

Enforcing Service Availability in Mobile Ad-Hoc WANs

L. Buttyán, J. P. Hubaux

no. DSC/2000/025, EPFL-DI-ICA, May, 2000.

Bibtex | Abstract | PDF

@techreport {
   author = {Levente Buttyán, },
   title = {Enforcing Service Availability in Mobile Ad-Hoc WANs},
   number = {DSC/2000/025},
   institution = {EPFL-DI-ICA},
   month = {May},
   year = {2000}
}

Keywords

wireless, mobile, ad-hoc network, wide area network, Terminodes, incentive to co-operate, terminode beans

Abstract

In this paper, we address the problem of service availability in mobile ad-hoc WANs. We present a secure mechanism to stimulate end users to keep their devices turned on, to refrain from overloading the network, and to thwart tampering aimed at converting the device into a ``selfish`` one. Our solution is based on the application of a tamper resistant security module in each device and cryptographic protection of messages.

Enforcing Service Availability in Mobile Ad-Hoc WANs

L. Buttyán, J. P. Hubaux

Proceedings of IEEE/ACM Workshop on Mobile Ad Hoc Networking and Computing (MobiHOC), Boston, MA, USA, August, 2000.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, },
   title = {Enforcing Service Availability in Mobile Ad-Hoc WANs},
   booktitle = {Proceedings of IEEE/ACM Workshop on Mobile Ad Hoc Networking and Computing (MobiHOC)},
   address = {Boston, MA, USA},
   month = {August},
   year = {2000}
}

Keywords

wireless, mobile, ad-hoc network, wide area network, Terminodes, incentive to co-operate, terminode nuggets, beans

Abstract

In this paper, we address the problem of service availability in mobile ad-hoc WANs. We present a secure mechanism to stimulate end users to keep their devices turned on, to refrain from overloading the network, and to thwart tampering aimed at converting the device into a ``selfish`` one. Our solution is based on the application of a tamper resistant security module in each device and cryptographic protection of messages.

Extensions to an Authentication Technique Proposed for the Global Mobility Network

L. Buttyán, C. Gbaguidi, S. Staamann, U. Wilhelm

IEEE Transactions on Communications, vol. 48, no. 3, March, 2000.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán, , , },
   title = {Extensions to an Authentication Technique Proposed for the Global Mobility Network},
   journal = {IEEE Transactions on Communications},
   volume = {48},
   number = {3},
   month = {March},
   year = {2000}
}

Keywords

authentication protocol, global mobility network

Abstract

We present three attacks against the authentication protocol that has been proposed for the so called global mobility network in \cite{kn:Suz97}. We show that the attacks are feasible and propose corrections that make the protocol more robust and resistant against the presented attacks. Our aim is to highlight some basic design principles for cryptographic protocols, the adherence to which would have prevented these attacks.

Method for securing communications between a terminal and an additional user equipment

L. Buttyán, E. Wiedmer, E. Lauper

September, 2000, International Patent Application.

Bibtex

@misc {
   author = {Levente Buttyán, , },
   title = {Method for securing communications between a terminal and an additional user equipment},
   month = {September},
   year = {2000},
   note = {International Patent Application}
}

Keywords

authenticated session key establishment, user authentication, smart card

Abstract

Removing the financial incentive to cheat in micropayment schemes

L. Buttyán

IEE Electronics Letters, vol. 36, no. 2, January, 2000, pp. 132-133.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán},
   title = {Removing the financial incentive to cheat in micropayment schemes},
   journal = {IEE Electronics Letters},
   volume = {36},
   number = {2},
   month = {January},
   year = {2000},
   pages = {132-133}
}

Keywords

fairness, micropayment,

Abstract

Micropayment schemes usually do not provide fairness, which means that either the payer or the payee, or both, can cheat the other and gain a financial advantage by misbehaving in the protocols. We propose an extension to a family of micropayment schemes that removes the financial incentive to cheat. Our extension does not provide true fairness, but it makes misbehaving practically futile for both the payer and the payee. We achieve this without any substantial loss in efficiency, in most practical cases.

Toward Mobile Ad-Hoc WANs: Terminodes

J. P. Hubaux, J. Y. Le Boudec, S. Giordano, M. Hamdi, L. Blazevic, L. Buttyán, M. Vojnovic

no. DSC/2000/006, EPFL-DI-ICA, February, 2000.

Bibtex | Abstract | PDF

@techreport {
   author = {, , , , , Levente Buttyán, },
   title = {Toward Mobile Ad-Hoc WANs: Terminodes},
   number = {DSC/2000/006},
   institution = {EPFL-DI-ICA},
   month = {February},
   year = {2000}
}

Keywords

wireless mobile ad-hoc network, wide area network, terminodes, mobility management, virtual home region, geodesic packet forwarding, beans, security

Abstract

Terminodes are personal devices that provide the functions of both the terminals and the nodes of the network. A network of terminodes is an autonomous, fully self-organized, wireless network, independent of any infrastructure. It must be able to scale up to millions of units, without any fixed backbone nor server. In this paper we present the main challenges and discuss the main technical directions.

1999

Accountable Anonymous Access to Services in Mobile Communication Systems

L. Buttyán, J. P. Hubaux

Proceedings of 18th IEEE Symposium on Reliable Distributed Systems, Workshop on Electronic Commerce, Lausanne, Switzerland, October, 1999, pp. 384-389.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, },
   title = {Accountable Anonymous Access to Services in Mobile Communication Systems},
   booktitle = {Proceedings of 18th IEEE Symposium on Reliable Distributed Systems, Workshop on Electronic Commerce},
   address = {Lausanne, Switzerland},
   month = {October},
   year = {1999},
   pages = {384-389}
}

Keywords

electronic commerce, anonymity, accountability, ticket based service access, customer care agency

Abstract

We introduce a model that allows anonymous yet accountable access to services in mobile communication systems. This model is based on the introduction of a new business role, called the customer care agency, and a ticket based mechanism for service access. We introduce the general idea of ticket based service access, and present a categorisation of ticket types and ticket acquisition models. We analyse the role of customer care agencies and emphasise their advantages.

Accountable Anonymous Service Usage in Mobile Communication Systems

L. Buttyán, J. P. Hubaux

no. SSC/99/16, EPFL-DI-ICA, May, 1999.

Bibtex | Abstract

@techreport {
   author = {Levente Buttyán, },
   title = {Accountable Anonymous Service Usage in Mobile Communication Systems},
   number = {SSC/99/16},
   institution = {EPFL-DI-ICA},
   month = {May},
   year = {1999}
}

Keywords

ticket based service access, customer care, mobile computing, anonymity, accountability

Abstract

We introduce a model that allows of anonymous yet accountable service usage in mobile communication systems. This model is based on the introduction of a new business role, called the customer care agency, and a ticket based mechanism for service access. We motivate the introduction of customer care agencies by analyzing their role and emphasizing their advantages. We introduce the general idea of ticket based service access, present a categorization of ticket types and ticket acquisition models, and identify some possible attacks against ticket based systems. We illustrate how agencies and tickets work together by presenting a ticket based protocol between users, customer care agencies, and service providers. The protocol achieves authentication of the service provider to the user, establishment of a shared session key between the user and the service provider, and correct and undeniable charging. In addition, it provides revokable anonymity for users, which means that the identity of misbehaving users can be revealed.

Closed User Groups in Internet Service Centres

L. Buttyán, S. Staamann, A. Coignet, E. Ruggiano, U. Wilhelm, M. Zweiacker

Proceedings of DAIS`99, Helsinki, June, 1999.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, , , , , },
   title = {Closed User Groups in Internet Service Centres},
   booktitle = {Proceedings of DAIS`99},
   address = {Helsinki},
   month = {June},
   year = {1999}
}

Keywords

Access Control, Authorisation, Closed Users Groups, Middleware, CORBA, Security

Abstract

The paper presents a model for end-user directed access control to services in Internet service centres that, beside the classical Internet services (e.g., e-mail), offer a multitude of new services (e.g., on-line conferencing and auctioning) over the Internet. The model is based on the concept of closed user groups. The main idea is that at creation time each service instance and its components are assigned to a user group previously formed by a subset of the end-users, and access control is performed for access attempts through checking the group assignment of the accessed resource against the group memberships of the authenticated accessing end-user. Access control is directed by the end-users through the management of group memberships. We describe the concept of closed user groups, the management of group memberships, the enforcement of access control, and the realisation with off-the-shelf software for a middleware based service environment, which is haracterised by the use of CORBA, Java, and WWW technology.

Formal methods in the design of cryptographic protocols (state of the art)

L. Buttyán

no. SSC/1999/38, EPFL-DI-ICA, November, 1999.

Bibtex | Abstract

@techreport {
   author = {Levente Buttyán},
   title = {Formal methods in the design of cryptographic protocols (state of the art)},
   number = {SSC/1999/38},
   institution = {EPFL-DI-ICA},
   month = {November},
   year = {1999}
}

Keywords

cryptographic protocols, formal methods, verification, specification

Abstract

This paper is a state of the art review of the use of formal methods in the design of cryptographic rotocols.

Introducing Trusted Third Parties to the Mobile Agent Paradigm

U. Wilhelm, S. Staamann, L. Buttyán

in J. Vitek, C. Jensen: Proceedings of Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Springer-Verlag (LNCS 1603), 1999.

Bibtex | Abstract

@inbook {
   author = {, , Levente Buttyán},
   title = {Introducing Trusted Third Parties to the Mobile Agent Paradigm},
   publisher = {in J. Vitek, C. Jensen: Proceedings of Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Springer-Verlag (LNCS 1603)},
   year = {1999}
}

Keywords

Protecting Mobile Agents, Trust, Tamper Proof Environment

Abstract

Systems that support mobile agents are increasingly being used on the global Internet. An important application that is considered for these agents is electronic commerce, where agents roam the World Wide Web in search of goods for their owners. In these applications, an agent moves along some itinerary in order to search for the best offer for the good sought by the user. The problem with this approach is that malicious providers on the agent`s itinerary can damage the agent, tamper with the agent so that the agent itself becomes malicious, or forward the agent to any arbitrary provider that might not be on the agent`s itinerary. In this presentation we will primarily address the question how an agent can safely follow some pre-defined itinerary. We will identify the problem of trust as a major issue in this context and describe a trusted and tamper-proof hardware that can be used to enforce a policy. Based on this policy, we will show how the agent can take advantage of it in order to achieve the desired goal.

Multilateral Security in Middleware Based Telecommunications Architectures

S. Staamann, U. Wilhelm, L. Buttyán

in G. Mueller, K. Rannenberg, Proceedings of Multilateral Security in Communications, Addison-Wesley, 1999.

Bibtex | Abstract

@inbook {
   author = {, , Levente Buttyán},
   title = {Multilateral Security in Middleware Based Telecommunications Architectures},
   publisher = {in G. Mueller, K. Rannenberg, Proceedings of Multilateral Security in Communications, Addison-Wesley},
   year = {1999}
}

Keywords

multilateral security, middleware, CORBA, telecommunications, TINA

Abstract

The concept of middleware based architectures for telecommunication services in the broadband, multimedia, and information era is emerging. One representative example is the Telecommunications Information Networking Architecture (TINA), which is characterised by a variety of services, a multitude of service providers, a well defined business model, a middleware platform for service development and provision, and the assumption of advanced costumer premises equipment. Concepts for its security architecture are developed in the CrySTINA project. We introduce TINA, analyse it with regard to security and present the CrySTINA security architecture. CrySTINA is aligned with the OMG`s CORBA Security specification, but enhances it with regard to security interoperability despite the heterogeneity of security policies and technologies that must be expected in TINA networks. Thus, we present a model for the enforcement of security policies that supports the negotiation of security contexts.

Toward a Formal Model of Fair Exchange - a Game Theoretic Approach

L. Buttyán, J. P. Hubaux

no. SSC/1999/39, EPFL-DI-ICA, December, 1999.

Bibtex | Abstract | PDF

@techreport {
   author = {Levente Buttyán, },
   title = {Toward a Formal Model of Fair Exchange - a Game Theoretic Approach},
   number = {SSC/1999/39},
   institution = {EPFL-DI-ICA},
   month = {December},
   year = {1999}
}

Keywords

fair exchane protocol, formal model, game theory, electronic commerce

Abstract

A fair exchange protocol is a protocol, in which two (or more) mutually suspicious parties exchange their digital items in a way that neither party can gain an advantage over the other by misbehaving. Many fair exchange protocols have been proposed in the academic literature, but they provide rather different types of fairness. The formal comparison of these proposals remained difficult, mainly, because of the lack of a common formal framework, in which each can be modelled and formal fairness definitions can be given. In this paper, we propose to use game theory for this purpose. We show how to represent fair exchange protocols with game trees and give three definitions of fairness using standard game theoretic notions. We are not aware of any other work that uses the apparatus of game theory for modelling fair exchange protocols.

1998

A Note on an Authentication Technique Based on Distributed Security Management for the Global Mobility Network

C. Gbaguidi, S. Staamann, U. Wilhelm, L. Buttyán

no. SSC/98/18, EPFL-DI-ICA, April, 1998.

Bibtex | Abstract

@techreport {
   author = {, , , Levente Buttyán},
   title = {A Note on an Authentication Technique Based on Distributed Security Management for the Global Mobility Network},
   number = {SSC/98/18},
   institution = {EPFL-DI-ICA},
   month = {April},
   year = {1998}
}

Keywords

authentication protocol, belief logic, verification

Abstract

In this paper, we analyse the authentication protocol that has been proposed for the so called global mobility network in the October 1997 issue of the IEEE Journal on Selected Areas in Communications. Using a simple logic of authentication, we show that the protocol has flaws, and we present three different attacks that exploit these. We correct the protocol using a simple design tool that we have developed.

A Simple Logic for Authentication Protocol Design

L. Buttyán, S. Staamann, U. Wilhelm

Proceedings of IEEE Computer Security Foundations Workshop, Rockport, MA, USA, June, 1998, pp. 153-162.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán, , },
   title = {A Simple Logic for Authentication Protocol Design},
   booktitle = {Proceedings of IEEE Computer Security Foundations Workshop},
   address = {Rockport, MA, USA},
   month = {June},
   year = {1998},
   pages = {153-162}
}

Keywords

authentication protocol, belief logic, logic based design

Abstract

In this paper, we describe a simple logic. The logic uses the notion of channels that are generalisations of communication links with various security properties. The abstract nature of channels enables us to treat the protocol at a higher abstraction level than do most of the known logics for authentication, and thus, we can address the higher level functional properties of the system, without having to be concerned with the problems of the actual implementation. The major advantage of the proposed logic is its suitability for the design of authentication protocols. We give a set of synthetic rules that can be used by protocol designers to construct a protocol in a systematic way.

CrySTINA: Security in the Telecommunications Information Networking Architecture

S. Staamann, U. Wilhelm, L. Buttyán

no. SSC/98/4, EPFL-DI-ICA, January, 1998.

Bibtex | Abstract

@techreport {
   author = {, , Levente Buttyán},
   title = {CrySTINA: Security in the Telecommunications Information Networking Architecture},
   number = {SSC/98/4},
   institution = {EPFL-DI-ICA},
   month = {January},
   year = {1998}
}

Keywords

security, CORBA, TINA, DPE, interoperability

Abstract

TINA specifies an open architecture for telecommunication services in the broadband, multimedia, and information era. Its characteristics most relevant for security are a variety of services, a multitude of service providers, a well defined business model, a middleware platform for service development and provision, and the assumption of advanced costumer premises equipment. Concepts for its security architecture are developed in the CrySTINA project. We introduce the TINA-C architecture, analyse it with regard to security and present the CrySTINA security architecture. CrySTINA is aligned with the OMG`s CORBA Security specification, but enhances it with regard to security interoperability despite the heterogeneity of security policies and technologies that must be expected in TINA networks. Thus, we present a model for the enforcement of security policies that supports the negotiation of security contexts.

On the Problem of Trust in Mobile Agent Systems

U. Wilhelm, S. Staamann, L. Buttyán

Proceedings of Internet Society`s Symposium on Network and Distributed System Security, San Diego, CA, USA, March, 1998.

Bibtex | Abstract

@inproceedings {
   author = {, , Levente Buttyán},
   title = {On the Problem of Trust in Mobile Agent Systems},
   booktitle = {Proceedings of Internet Society`s Symposium on Network and Distributed System Security},
   address = {San Diego, CA, USA},
   month = {March},
   year = {1998}
}

Keywords

trust, mobile agent, tamper proof environment

Abstract

Systems that support mobile agents are increasingly being used on the global Internet. Security concerns dealing with the protection of the execution environment from malicious agents are extensively being tackled. We concentrate on the reverse problem, namely how a mobile agent can be protected from malicious behaviour of the execution environment, which is largely ignored. We will identify the problem of trust as the major issue in this context and describe a trusted and tamper-proof hardware that can be used to divide this problem among several principals, each of which has to be trusted with a special task. We show that the presented approach can be used to mitigate an important problem in the design of open systems.

Protecting the Itinerary of Mobile Agents

U. Wilhelm, S. Staamann, L. Buttyán

Proceedings of ECOOP Workshop on Mobile Object Systems: Secure Internet Mobile Communications, Brussels, Belgium, June, 1998.

Bibtex | Abstract

@inproceedings {
   author = {, , Levente Buttyán},
   title = {Protecting the Itinerary of Mobile Agents},
   booktitle = {Proceedings of ECOOP Workshop on Mobile Object Systems: Secure Internet Mobile Communications},
   address = {Brussels, Belgium},
   month = {June},
   year = {1998}
}

Keywords

mobile agent protection

Abstract

Systems that support mobile agents are increasingly being used on the global Internet. An important application that is considered for these agents is electronic commerce, where agents roam the World Wide Web in search of goods for their owners. In these applications, an agent moves along some itinerary in order to search for the best offer for the good sought by the user. The problem with this approach is that malicious providers on the agent`s itinerary can damage the agent, tamper with the agent so that the agent itself becomes malicious, or forward the agent to any arbitrary provider that might not be on the agent`s itinerary. In this presentation we will primarily address the question how an agent can safely follow some pre-defined itinerary. We will identify the problem of trust as a major issue in this context and describe a trusted and tamper-proof hardware that can be used to enforce a policy. Based on this policy, we will show how the agent can take advantage of it in order to achieve the desired goal.

Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach

S. Staamann, U. Wilhelm, L. Buttyán

no. SSC/98/4, EPFL-DI-ICA, January, 1998.

Bibtex | Abstract

@techreport {
   author = {, , Levente Buttyán},
   title = {Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach},
   number = {SSC/98/4},
   institution = {EPFL-DI-ICA},
   month = {January},
   year = {1998}
}

Keywords

security, TINA

Abstract

The article presents the first results of the CrySTINA project. We analyze and structure the security problem domain in the TINA-C architecture and present our approach to provide the necessary security functionality in the form of self-contained application-independent security services and security mechanisms as part of the DPE functionality. The DPE is assumed to be basically provided by CORBA products. Therefore, we introduce the CORBA security specification and investigate if and how the identified TINA security services can be implemented using the CORBA security functionality.

Security in TINA

S. Staamann, U. Wilhelm, L. Buttyán

Proceedings of IFIP-SEC`98, Wienna-Budapest, August, 1998.

Bibtex | Abstract

@inproceedings {
   author = {, , Levente Buttyán},
   title = {Security in TINA},
   booktitle = {Proceedings of IFIP-SEC`98},
   address = {Wienna-Budapest},
   month = {August},
   year = {1998}
}

Keywords

security, CORBA, DPE, TINA, interoperability

Abstract

TINA is a specification of an open architecture for telecommunication services in the broadband, multimedia, and information era. Its characteristics most relevant for security are a variety of services, a multitude of service providers, a well defined business model, a middleware platform for service development and provision, and the assumption of advanced costumer premises equipment. Concepts for its security architecture are developed in the CrySTINA project. We introduce the TINA-C architecture, analyse it with regard to security, and present the CrySTINA security architecture. CrySTINA is aligned with the OMG`s CORBA Security specification, but enhances it with regard to security interoperability despite the heterogeneity of security policies and technologies that must be expected in TINA networks. Thus, we present a model for the enforcement of security policies that supports the negotiation of security contexts.

1997

Data Security Issues of Computer Networks

L. Buttyán

Magyar Távközlés (Selected Papers from the Hungarian Telecommunications), 1997, pp. 50-57..

Bibtex

@article {
   author = {Levente Buttyán},
   title = {Data Security Issues of Computer Networks},
   journal = {Magyar Távközlés (Selected Papers from the Hungarian Telecommunications)},
   year = {1997},
   pages = {50-57.}
}

Abstract

On the Design of Strong Bit Permutations and Substitutions

L. Buttyán, I. Vajda

Budapest University of Technology, January, 1997.

Bibtex

@techreport {
   author = {Levente Buttyán, István VAJDA},
   title = {On the Design of Strong Bit Permutations and Substitutions},
   institution = {Budapest University of Technology},
   month = {January},
   year = {1997}
}

Abstract

On the Design of Substitution-Permutation Ciphers

I. Vajda, L. Buttyán

Budapest University of Technology, January, 1997.

Bibtex

@techreport {
   author = {István VAJDA, Levente Buttyán},
   title = {On the Design of Substitution-Permutation Ciphers},
   institution = {Budapest University of Technology},
   month = {January},
   year = {1997}
}

Abstract

Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach

S. Staamann, U. Wilhelm, A. Schiper, L. Buttyán, J. P. Hubaux

Proceedings of TINA`97, November, 1997.

Bibtex | Abstract

@inproceedings {
   author = {, , , Levente Buttyán, },
   title = {Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach},
   booktitle = {Proceedings of TINA`97},
   month = {November},
   year = {1997}
}

Keywords

security, TINA

Abstract

The article presents the first results of the CrySTINA project. We analyze and structure the security problem domain in the TINA-C architecture and present our approach to provide the necessary security functionality in the form of self-contained application-independent security services and security mechanisms as part of the DPE functionality. The DPE is assumed to be basically provided by CORBA products. Therefore, we introduce the CORBA security specification and investigate if and how the identified TINA security services can be implemented using the CORBA security functionality.

1996

Data Security Issues of Computer Networks (in Hungarian)

L. Buttyán

Magyar Távközlés, vol. VII., no. 4., April, 1996, pp. 11-19..

Bibtex

@article {
   author = {Levente Buttyán},
   title = {Data Security Issues of Computer Networks (in Hungarian)},
   journal = {Magyar Távközlés},
   volume = {VII.},
   number = {4.},
   month = {April},
   year = {1996},
   pages = {11-19.}
}

Abstract

1995

On Design Criteria of Conventional Block Ciphers (in Hungarian)

I. Vajda, L. Buttyán

Hiradástechnika, vol. XLVI., March, 1995, pp. 10-18., (awarded with the Pollak-Virag Award of the Hungarian Telecommunication Scientific Society).

Bibtex

@article {
   author = {István VAJDA, Levente Buttyán},
   title = {On Design Criteria of Conventional Block Ciphers (in Hungarian)},
   journal = {Hiradástechnika},
   volume = {XLVI.},
   month = {March},
   year = {1995},
   pages = {10-18.},
   note = {(awarded with the Pollak-Virag Award of the Hungarian Telecommunication Scientific Society)}
}

Abstract

S-box Design, (in Hungarian)

L. Buttyán

Budapest University of Technology, May, 1995.

Bibtex

@mastersthesis {
   author = {Levente Buttyán},
   title = {S-box Design, (in Hungarian)},
   school = {Budapest University of Technology},
   month = {May},
   year = {1995}
}

Abstract

Searching for the best linear approximation of DES-like cryptosystems

L. Buttyán, I. Vajda

IEE Electronics Letters, vol. 31, no. 11, May, 1995, pp. 873-874.

Bibtex

@article {
   author = {Levente Buttyán, István VAJDA},
   title = {Searching for the best linear approximation of DES-like cryptosystems},
   journal = {IEE Electronics Letters},
   volume = {31},
   number = {11},
   month = {May},
   year = {1995},
   pages = {873-874}
}

Abstract