Dr. Levente Buttyán

Professor, Head of the Lab

buttyan (at) crysys.hu

web: www.hit.bme.hu/~buttyan/
office: I.E. 431
tel: +36 1 463 1803

Current courses | Student projects | Publications

Short Bio

Levente Buttyán was born in 1970 in Salgótarján, Hungary. He received the M.Sc. degree in Computer Science from the Budapest University of Technology and Economics (BME) in 1995, and earned the Ph.D. degree from the Swiss Federal Institute of Technology - Lausanne (EPFL) in 2002.
In 2003, he joined the Department of Networked Systems and Services at BME, where he currently holds a position as an Associate Professor and leads the Laboratory of Cryptography and Systems Security (CrySyS Lab). He has done research on the design and analysis of secure protocols and privacy enhancing mechanisms for wireless networked embedded systems (including wireless sensor networks, mesh networks, vehicular communications, and RFID systems). Recently, he has been involved in the analysis of some high profile targeted malware, such as Duqu, Flame (aka sKyWIper), MiniDuke, and TeamSpy. Currently, his research interests are in embedded systems security (a.k.a. security for Internet of Things) and embedded systems forensics.

Current Courses

IT Security (VIHIAC01)

This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional career, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.

IT Security (in English) (VIHIAC01)

IT Security Bootcamp (VIHIAL00)

This BSc course introduces problems related to general IT security. It focuses on offensive security to demonstrate the mindset of an attacker. This is good motivational first course for IT security enthusiasts.

Coding and IT Security (VIHIBB01)

This BProf course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course also gives an introduction to source coding and channel coding.

Cryptographic Protocols (VIHIMA05)

This course introduces problems related to communication security in wired and wireless networks, describes the principles and practical implementations of modern security protocols that address those problems, and sheds light on protocol design issues through the detailed analysis of existing security protocols.

Computer Security (VIHIMA06)

The course introduces security problems in computing systems, as well as the principles, practical mechanisms, and tools used to solve them. The term computer is interpreted in a broad sense, and it includes personal computers, servers, mobile devices, and embedded computers. The course covers physical security and OS level security of computers, software security issues at the application level, secure programming, and the problem of malicious software (malware).

Applied Cryptography (in English) (VIHIA030)

This course gives an introduction to the basics of cryptography, explains how basic building blocks work, and demonstrates how secure systems can be engineered by properly using them. Besides the theoretical background, we use lot of illustrative examples and show practical applications. In addition, besides the technical details, we give an outlook to the legal and business aspects of using cryptography. This course is offered only to students of the Aquincum Institute of Technology, Budapest.

Student Project Proposals

Embedded systems security

Embedded systems consists of special purpose embedded computers connected with networks, and nowadays, they are not isolated from the public Internet. Hence, embedded systems are subject to attacks originating from cyberspace. In the CrySyS Lab, we are working on making embedded systems secure and resistant to attacks. A particular domain of interest is malware detection on embedded IoT devices. We poposed a lightweigth, yet effective malware detection mechanism, called SIMBIoTA, which can be used on resource constrained embedded devices. We are looking for students interested in improving SIMBIoTA and comparing its capabilities to other malware detection approaches. We also have a large IoT malware dataset that we use for research purposes. Students can work on enhancing this dataset, e.g., by developing visualization tools for it. In addition, we are also interested in topics like hacking existing IoT platforms, binary program analysis techniques, the analysis of the TLS protocol and the visualization of some known attacks on it, as well as on side-channel attacks on post-quantum cryptographic schemes.

Publications

2022

IoT Malware Detection with Machine Learning

L. Buttyán and R. Ferenc

ERCIM News (129), Special Issue on Fighting Cybercrime, 2022.

Bibtex | Link

@article {
   author = {Levente Buttyán and Rudolf Ferenc},
   title = {IoT Malware Detection with Machine Learning},
   journal = {ERCIM News (129), Special Issue on Fighting Cybercrime},
   year = {2022},
   howpublished = "\url{https://ercim-news.ercim.eu/en129/special/iot-malware-detection-with-machine-learning}"
}

Abstract

SIMBIoTA-ML: Light-weight, Machine Learning-based Malware Detection for Embedded IoT Devices

D. Papp and G. Ács and R. Nagy and L. Buttyán

International Conference on Internet of Things, Big Data and Security (IoTBDS), 2022.

Bibtex | Abstract | PDF

@conference {
   author = {Dorottya Papp and Gergely Ács and Roland Nagy and Levente Buttyán},
   title = {SIMBIoTA-ML: Light-weight, Machine Learning-based Malware Detection for Embedded IoT Devices},
   booktitle = {International Conference on Internet of Things, Big Data and Security (IoTBDS)},
   year = {2022}
}

Keywords

IoT, embedded systems, malware detection, machine learning

Abstract

Embedded devices are increasingly connected to the Internet to provide new and innovative applications in many domains. However, these devices can also contain security vulnerabilities, which allow attackers to compromise them using malware. In this paper, we present SIMBIoTA-ML, a light-weight antivirus solution that enables embedded IoT devices to take advantage of machine learning-based malware detection. We show that SIMBIoTA-ML can respect the resource constraints of embedded IoT devices, and it has a true positive malware detection rate of ca. 95%, while having a low false positive detection rate at the same time. In addition, the detection process of SIMBIoTA-ML has a near-constant running time, which allows IoT developers to better estimate the delay introduced by scanning a file for malware, a property that is advantageous in real-time applications, notably in the domain of cyber-physical systems.

2021

Correlation-based Anomaly Detection for the CAN Bus

A. Gazdag and Gy. Lupták and L. Buttyán

Euro-CYBERSEC, Nice, France, 2021.

Bibtex | Abstract | PDF

@conference {
   author = {András Gazdag and György Lupták and Levente Buttyán},
   title = {Correlation-based Anomaly Detection for the CAN Bus},
   booktitle = {Euro-CYBERSEC, Nice, France},
   year = {2021}
}

Keywords

Controller Area Network, Anomaly Detection, Correlation

Abstract

Previous attacks have shown that in-vehicle networks have vulnerabilities and a successful attack could lead to significant financial loss and danger to life. In this paper, we propose a Pearson correlation based anomaly detection algorithm to detect CAN message modification attacks. The algorithm does not need a priori information about the com- munication: it identifies signals based on statistical properties, finds the important correlation coefficients for the correlating signals, and detects attacks as deviations from a previously learned normal state.

Protocol State Machine Reverse Engineering with a Teaching-Learning Approach

G. Székely and G. Ládi and T. Holczer and L. Buttyán

Acta Cybernetica, 2021.

Bibtex | Abstract | PDF

@article {
   author = {Gábor Székely and Gergõ Ládi and Tamas Holczer and Levente Buttyán},
   title = {Protocol State Machine Reverse Engineering with a Teaching-Learning Approach},
   journal = {Acta Cybernetica},
   year = {2021}
}

Keywords

automated protocol reverse engineering, state machines, Mealy machines

Abstract

In this work, we propose a novel solution to the problem of inferring the state machine of an unknown protocol. We extend and improve prior results on inferring Mealy machines, and present a new algorithm that accesses and interacts with a networked system that runs the unknown protocol in order to infer the Mealy machine representing the protocol’s state machine. To demonstrate the viability of our approach, we provide an implementation and illustrate the operation of our algorithm on a simple example protocol, as well as on two real-world protocols, Modbus and MQTT.

Rootkit Detection on Embedded IoT Devices

R. Nagy and K. Németh and D. Papp and L. Buttyán

Acta Cybernetica, 2021.

Bibtex | Abstract | PDF

@article {
   author = {Roland Nagy and Krisztián Németh and Dorottya Papp and Levente Buttyán},
   title = {Rootkit Detection on Embedded IoT Devices},
   journal = {Acta Cybernetica},
   year = {2021}
}

Keywords

embedded systems, Internet of Things, security, malware

Abstract

IoT systems are subject to cyber attacks, including infecting embedded IoT devices with rootkits. Rootkits are malicious software that typically run with elevated privileges, which makes their detection challenging. In this paper, we address this challenge: we propose a rootkit detection approach for embedded IoT devices that takes advantage of a trusted execution environ- ment (TEE), which is often supported on popular IoT platforms, such as ARM based embedded boards. The TEE provides an isolated environment for our rootkit detection algorithms, and prevents the rootkit from interfering with their execution even if the rootkit has root privileges on the untrusted part of the IoT device. Our rootkit detection algorithms identify modifications made by the rootkit to the code of the operating system kernel, to system pro- grams, and to data influencing the control flow (e.g., hooking system calls), as well as inconsistencies created by the rootkit in certain kernel data struc- tures (e.g., those responsible to handle process related information). We also propose algorithms to detect rootkit components in the persistent storage of the device. Besides describing our approach and algorithms in details, we also report on a prototype implementation and on the evaluation of our design and implementation, which is based on testing our prototype with rootkits that we developed for this purpose.

SIMBIoTA: Similarity-Based Malware Detection on IoT Devices

Cs. Tamás and D. Papp and L. Buttyán

6th International Conference on Internet of Things, Big Data and Security (IoTBDS), 23–25 April, 2021., 2021.

Bibtex | Abstract | PDF

@conference {
   author = {Csongor Tamás and Dorottya Papp and Levente Buttyán},
   title = {SIMBIoTA: Similarity-Based Malware Detection on IoT Devices},
   booktitle = {6th International Conference on Internet of Things, Big Data and Security (IoTBDS), 23–25 April, 2021.},
   year = {2021}
}

Keywords

IoT, embedded systems, malware detection, binary similarity, locality sensitive hashing

Abstract

Embedded devices connected to the Internet are threatened by malware, and currently, no antivirus product is available for them. We present SIMBIoTA, a new approach for detecting malware on such IoT devices. SIMBIoTA relies on similarity-based malware detection, and it has a number of notable advantages: moderate storage requirements on resource constrained IoT devices, a fast and lightweight malware detection process, and a surprisingly good detection performance, even for new, never-before-seen malware. These features make SIMBIoTA a viable antivirus solution for IoT devices, with competitive detection performance and limited resource requirements.

T-RAID: TEE-based Remote Attestation for IoT Devices

R. Nagy and M. Bak and D. Papp and L. Buttyán

Euro-CYBERSEC, Nice, France, 2021.

Bibtex | Abstract | PDF

@conference {
   author = {Roland Nagy and Marton Bak and Dorottya Papp and Levente Buttyán},
   title = {T-RAID: TEE-based Remote Attestation for IoT Devices},
   booktitle = {Euro-CYBERSEC, Nice, France},
   year = {2021}
}

Keywords

Internet of Things, embedded systems, malware, remote attestation, Trusted Execution Environment

Abstract

The Internet of Things (IoT) consists of network-connected embedded devices that enable a multitude of new applications, but also create new risks. In particular, embedded IoT devices can be infected by malware. Operators of IoT systems not only need malware detection tools, but also scalable methods to reliably and remotely verify malware freedom of their IoT devices. In this paper, we address this problem by proposing T-RAID, a remote attestation scheme for IoT devices that takes advantage of the security guarantees provided by a Trusted Execution Environment running on each device.

TEE Based Protection of Cryptographic Keys on Embedded IoT Devices

D. Papp and M. Zombor and L. Buttyán

Annales Mathematicae et Informaticae, 2021.

Bibtex | Abstract | PDF

@article {
   author = {Dorottya Papp and Máté Zombor and Levente Buttyán},
   title = {TEE Based Protection of Cryptographic Keys on Embedded IoT Devices},
   journal = {Annales Mathematicae et Informaticae},
   year = {2021}
}

Keywords

Trusted Execution Environment, cryptographic keys, key manage- ment

Abstract

The Internet of Things (IoT) consists of billions of embedded devices connected to the Internet. Secure remote management of many of these devices requires them to store and use long-term cryptographic keys. In this work we propose to protect cryptographic keys in embedded IoT devices using a Trusted Execution Environment (TEE) which is supported on many embedded platforms. Our approach provides similar protection as secure co-processors, but does not actually require an additional secure hardware element.

2020

Clustering IoT Malware based on Binary Similarity

M. Bak and D. Papp and Cs. Tamás and L. Buttyán

IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), 2020.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Marton Bak and Dorottya Papp and Csongor Tamás and Levente Buttyán},
   title = {Clustering IoT Malware based on Binary Similarity},
   booktitle = {IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)},
   year = {2020}
}

Abstract

In this paper, we propose to cluster malware samples based on their TLSH similarity. We apply this approach to clustering IoT malware samples as IoT botnets built from malware infected IoT devices are becoming an important trend. We study the performance of two distance-based clustering algorithms, k-medoid and OPTICS, on a large corpus of IoT malware samples when they are used with the TLSH difference metric to measure distances between samples. Our results show that neither of the two algorithms have acceptable clustering performance. Hence, we propose a new clustering algorithm, which achieves a performance superior to both k-medoid and OPTICS.

Cryptographic Obfusctaion - A Survey

M. Horváth and L. Buttyán

SpringerBriefs in Computer Science, 2020.

Bibtex | Link

@book {
   author = {Máté Horváth and Levente Buttyán},
   title = {Cryptographic Obfusctaion - A Survey},
   publisher = {SpringerBriefs in Computer Science},
   year = {2020},
   howpublished = "\url{https://eprint.iacr.org/2015/412}"
}

Abstract

Development of a Man-in-the-Middle Attack Device for the CAN Bus

A. Gazdag and Cs. Ferenczi and L. Buttyán

Proceedings of the 1st Conference on Information Technology and Data Science, 2020, pp. 115-130.

Bibtex | Abstract | PDF

@inproceedings {
   author = {András Gazdag and Csongor Ferenczi and Levente Buttyán},
   title = {Development of a Man-in-the-Middle Attack Device for the CAN Bus},
   booktitle = {Proceedings of the 1st Conference on Information Technology and Data Science},
   year = {2020},
   pages = {115-130}
}

Keywords

Vehicle Security, CAN, ISO 11898, Man-in-the-Middle attack

Abstract

Modern vehicles are full of embedded controllers called ECUs (Electronic Control Units). They are responsible for different functionalities involving processing information from sensors and controlling actuators. To perform their functions, ECUs also need to communicate with each other. Most ve- hicles use a Controller Area Network (CAN) for ECU communication. The original design of the CAN bus was focusing on safety and reliability prop- erties. Security was not an issue because these networks were considered to be isolated systems. These assumptions were correct for a long time, but they no longer hold. Modern vehicles have many interfaces towards the outside world, which renders the internal network accessible to an attacker. Bluetooth, Wifi, wireless Tire Pressure Monitoring System (TPMS), or the On-Board Diagnostics (OBD) port are all options for attackers to either di- rectly access the CAN network or compromise a component attached to it. It is possible to inject fake messages, or potentially, to modify messages on the CAN, and hence, forcing some ECUs to act upon these fake messages, which may influence the overall behaviour of the vehicle. Modification attacks are complex both to carry out and to detect. The main difficulty of modification attacks is that the sender checks whether the transmitted bits correctly appear on the bus or not for safety reasons. The only network level way to circumvent this protection is to physically separate the sender and the attacked ECU on the CAN bus. This can be achieved with a physical layer Man-in-the-Middle attack. We built a proof-of-concept hard- ware device capable of modifying the CAN traffic in real-time to demonstrate that this attack is possible. It has two CAN interfaces to read messages from the original CAN bus and either just forward or modify-and-forward traffic to the attacked CAN bus. We showed with measurements that we can perform a message modification attack while keeping the introduced delay within what is allowed by the CAN specification.

GrAMeFFSI: Graph Analysis Based Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic

G. Ládi and L. Buttyán and T. Holczer

Infocommunications Journal, Vol. XII, No. 2, 2020.

Bibtex | Abstract | PDF

@article {
   author = {Gergõ Ládi and Levente Buttyán and Tamas Holczer},
   title = {GrAMeFFSI: Graph Analysis Based Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic},
   journal = {Infocommunications Journal, Vol. XII, No. 2},
   year = {2020}
}

Keywords

protocol reverse engineering, message format, field semantics, inference, binary protocols, network traffic, graph analysis, Modbus, MQTT

Abstract

Protocol specifications describe the interaction be- tween different entities by defining message formats and message processing rules. Having access to such protocol specifications is highly desirable for many tasks, including the analysis of botnets, building honeypots, defining network intrusion detection rules, and fuzz testing protocol implementations. Unfortunately, many protocols of interest are proprietary, and their specifications are not publicly available. Protocol reverse engineering is an approach to reconstruct the specifications of such closed proto- cols. Protocol reverse engineering can be tedious work if done manually, so prior research focused on automating the reverse engineering process as much as possible. Some approaches rely on access to the protocol implementation, but in many cases, the protocol implementation itself is not available or its license does not permit its use for reverse engineering purposes. Hence, in this paper, we focus on reverse engineering protocol specifications relying solely on recorded network traffic. More specifically, we propose GrAMeFFSI, a method based on graph analysis that can infer protocol message formats as well as certain field semantics for binary protocols from network traces. We demonstrate the usability of our approach by running it on packet captures of two known protocols, Modbus and MQTT, then comparing the inferred specifications to the official specifications of these protocols.

Rootkit Detection on Embedded IoT Devices

R. Nagy and L. Buttyán

Conference of PhD Students in Computer Science (CSCS), 2020.

Bibtex | Abstract | PDF

@conference {
   author = {Roland Nagy and Levente Buttyán},
   title = {Rootkit Detection on Embedded IoT Devices},
   booktitle = {Conference of PhD Students in Computer Science (CSCS)},
   year = {2020}
}

Abstract

Rootkits are malicious programs that try to maintain their presence on infected computers while remaining invisible. They have been used to attack traditional computers (PCs and servers), but they may also target embedded IoT devices. In this work, we propose a rootkit detection approach for such embedded IoT devices, where the detection mechanism is executed in an isolated execution environment that protects it from manipulation by the rootkit. Our rootkit detection approach is focused on detecting Direct Kernel Object Manipu- lation (DKOM) and it is based on detecting inconsistencies caused by the presence of a rootkit in various Linux kernel data structures such as the process list, the process tree, and different scheduling queues. We also report on the current status of our implementation using OP-TEE, an open source Trusted Execution Environment.

The cost of having been pwned: a security service provider's perspective

G. Biczók and M. Horváth and Sz. Szebeni and I. Lam and L. Buttyán

3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020, 2020.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Biczók and Máté Horváth and Szilveszter Szebeni and Istvan Lam and Levente Buttyán},
   title = {The cost of having been pwned: a security service provider's perspective},
   booktitle = {3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020},
   year = {2020}
}

Abstract

Account information from major online providers are getting exposed regularly; this gives rise to PWND services, providing a smart means to check whether a password or username/password tuple has already been leaked, rendering them ``pwned'' and therefore risky to use. However, state-of-the-art PWND mechanisms leak some information themselves. In this paper, we investigate how this minimal leaked information can speed up password cracking attacks of a powerful adversary, when the PWND mechanism is implemented on-premise by a service provider as an additional security measure during registration or password change. We analyze the costs and practicality of these attacks, and investigate simple mitigation techniques. We show that implementing a PWND mechanism can be beneficial, especially for security-focused service providers, but proper care needs to be taken. We also discuss behavioral factors to consider when deploying PWND services.

There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation

M. Horváth and L. Buttyán and G. Székely and D. Neubrandt

Information Security and Cryptology – ICISC 2019 : Revised selected papers, Springer, 2020, pp. 1-17.

Bibtex | Abstract | Link

@inproceedings {
   author = {Máté Horváth and Levente Buttyán and Gábor Székely and Dóra Neubrandt},
   title = {There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation},
   booktitle = {Information Security and Cryptology – ICISC 2019 : Revised selected papers},
   publisher = {Springer},
   year = {2020},
   pages = {1-17},
   howpublished = "\url{https://eprint.iacr.org/2019/1302}"
}

Abstract

Private Function Evaluation (PFE) enables two parties to jointly execute a computation such that one of them provides the input while the other chooses the function to compute. According to the traditional security requirements, a PFE protocol should leak no more information, neither about the function nor the input, than what is revealed by the output of the computation. Existing PFE protocols inherently restrict the scope of computable functions to a certain function class with given output size, thus ruling out the direct evaluation of such problematic functions as the identity map, which would entirely undermine the input privacy requirement. We observe that when not only the input x is confidential but certain partial information g(x) of it as well, standard PFE fails to provide meaningful input privacy if g and the function f to be computed fall into the same function class. Our work investigates the question whether it is possible to achieve a reasonable level of input and function privacy simultaneously even in the above cases. We propose the notion of Controlled PFE (CPFE) with different flavours of security and answer the question affirmatively by showing simple, generic realizations of the new notions. Our main construction, based on functional encryption (FE), also enjoys strong reusability properties enabling, e.g. fast computation of the same function on different inputs. To demonstrate the applicability of our approach, we show a concrete instantiation of the FE-based protocol for inner product computation that enables secure statistical analysis (and more) under the standard Decisional Diffie--Hellman assumption.

Towards Reverse Engineering Protocol State Machines

G. Székely and G. Ládi and T. Holczer and L. Buttyán

The 12th Conference of PhD Students in Computer Science - Volume of short papers, 2020, pp. 70-73.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gábor Székely and Gergõ Ládi and Tamas Holczer and Levente Buttyán},
   title = {Towards Reverse Engineering Protocol State Machines},
   booktitle = {The 12th Conference of PhD Students in Computer Science - Volume of short papers},
   year = {2020},
   pages = {70-73}
}

Abstract

In this work, we are addressing the problem of inferring the state machine of an unknown protocol. Our method is based on prior work on inferring Mealy machines. We require access to and interaction with a system that runs the unknown protocol, and we serve a state-of-the-art Mealy machine inference algorithm with appropriate input obtained from the system at hand. We implemented our method and illustrate its operation on a simple example protocol.

Towards Secure Remote Firmware Update on Embedded IoT Devices

M. Juhász and D. Papp and L. Buttyán

Conference of PhD Students in Computer Science (CSCS), 2020.

Bibtex | Abstract | PDF

@conference {
   author = {Márton Juhász and Dorottya Papp and Levente Buttyán},
   title = {Towards Secure Remote Firmware Update on Embedded IoT Devices},
   booktitle = {Conference of PhD Students in Computer Science (CSCS)},
   year = {2020}
}

Abstract

An important security problem in IoT systems is the integrity protection of software, including the firmware and the operating system, running on embedded IoT devices. Digitally signed code and verified boot only partially solve this problem, because those mechanisms do not address the issue of run-time attacks that exploit software vulnerabilities. For this issue, the only known solution today is to fix the discovered vulnerabilities and update embedded devices with the fixed software. Such an update should be performed remotely in a secure and reliable way, as otherwise the update mechanism itself can be exploited to install compromised software on devices at large scale. In this work, we propose a system and related procedures for remotely updating the firmware and the operating system of embedded IoT devices securely and reliably.

2019

IoT Hacking - A Primer

D. Papp and K. Tamás and L. Buttyán

Infocommunications Journal, 2nd Issue, 2019.

Bibtex | Abstract | PDF

@article {
   author = {Dorottya Papp and Kristóf Tamás and Levente Buttyán},
   title = {IoT Hacking - A Primer},
   journal = {Infocommunications Journal, 2nd Issue},
   year = {2019}
}

Abstract

The Internet of Things (IoT) enables many new and exciting applications, but it also creates a number of new risks related to information security. Several recent attacks on IoT devices and systems illustrate that they are notoriously insecure. It has also been shown that a major part of the attacks resulted in full adversarial control over IoT devices, and the reason for this is that IoT devices themselves are weakly protected and they often cannot resist even the most basic attacks. Penetration testing or ethical hacking of IoT devices can help discovering and fixing their vulnerabilities that, if exploited, can result in highly undesirable conditions, including damage of expensive physical equipment or even loss of human life. In this paper, we give a basic introduction into hacking IoT devices. We give an overview on the methods and tools for hardware hacking, firmware extraction and unpacking, and performing basic firmware analysis. We also provide a survey on recent research on more advanced firmware analysis methods, including static and dynamic analysis of binaries, taint analysis, fuzzing, and symbolic execution techniques. By giving an overview on both practical methods and readily available tools as well as current scientific research efforts, our work can be useful for both practitioners and academic researchers.

Towards Detecting Trigger-based Behavior In Binaries: Uncovering the Correct Environment

D. Papp and T. Tarrach and L. Buttyán

International Conference on Software Engineering and Formal Methods (SEFM), 2019.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Dorottya Papp and Thorsten Tarrach and Levente Buttyán},
   title = {Towards Detecting Trigger-based Behavior In Binaries: Uncovering the Correct Environment},
   booktitle = {International Conference on Software Engineering and Formal Methods (SEFM)},
   year = {2019}
}

Keywords

Directed symbolic execution, Trigger-based behavior, Software verification

Abstract

In this paper, we present our first results towards detecting trigger-based behavior in binary programs. A program exhibits trigger-based behavior if it contains undocumented, often malicious functionality that is executed only under specific circumstances. In order to determine the inputs and environment required to trigger such behavior, we use directed symbolic execution and present techniques to overcome some of its practical limitations. Specifically, we propose techniques to overcome the environment problem and the path selection problem. We implemented our techniques and evaluated their performance on a real malware sample that launches denial-of-service attacks upon receiving specific remote commands. Thanks to our techniques, our implementation was able to determine those specific commands and all other requirements needed to trigger the malicious behavior in reasonable time.

2018

Detection of Injection Attacks in Compressed CAN Traffic Logs

A. Gazdag and D. Neubrandt and L. Buttyán and Zs. Szalay

International Workshop on Cyber Security for Intelligent Transportation Systems, Held in Conjunction with ESORICS 2018, Springer, 2018.

Bibtex | Abstract | PDF

@inproceedings {
   author = {András Gazdag and Dóra Neubrandt and Levente Buttyán and Zsolt Szalay},
   title = {Detection of Injection Attacks in Compressed CAN Traffic Logs},
   booktitle = {International Workshop on Cyber Security for Intelligent Transportation Systems, Held in Conjunction with ESORICS 2018},
   publisher = {Springer},
   year = {2018}
}

Keywords

Intrusion Detection, CAN Networks

Abstract

Prior research has demonstrated that modern cars are vulnerable to cyber attacks. As such attacks may cause physical accidents, forensic investigations must be extended into the cyber domain. In order to support this, CAN traffic in vehicles must be logged continuously, stored efficiently, and analyzed later to detect signs of cyber attacks. Efficient storage of CAN logs requires compressing them. Usually, this compressed logs must be decompressed for analysis purposes, leading to waste of time due to the decompression operation itself and most importantly due to the fact that the analysis must be carried out on a much larger amount of decompressed data. In this paper, we propose an anomaly detection method that works on the compressed CAN log itself. For compression, we use a lossless semantic compression algorithm that we proposed earlier. This compression algorithm achieves a higher compression ratio than traditional syntactic compression methods do such as gzip. Besides this advantage, in this paper, we show that it also supports the detection of injection attacks without decompression. Moreover, with this approach we can detect attacks with low injection frequency that were not detected reliably in previous works.

Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic

G. Ládi and L. Buttyán and T. Holczer

26th International Conference on Software, Telecommunications and Computer Networks, Workshop on Information and Communication Technologies, Proceedings, FESB, University of Split, 2018, pp. 1-6, ISBN 978-9-5329-0087-3.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergõ Ládi and Levente Buttyán and Tamas Holczer},
   title = {Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic},
   booktitle = {26th International Conference on Software, Telecommunications and Computer Networks, Workshop on Information and Communication Technologies, Proceedings},
   publisher = {FESB, University of Split},
   year = {2018},
   pages = {1-6},
   note = {ISBN 978-9-5329-0087-3}
}

Keywords

protocol reverse engineering; message format; field semantics; inference; binary protocols; network traffic; Modbus; MQTT

Abstract

Protocol specifications describe the interaction between different entities by defining message formats and message processing rules. Having access to such protocol specifications is highly desirable for many tasks, including the analysis of botnets, building honeypots, defining network intrusion detection rules, and fuzz testing protocol implementations. Unfortunately, many protocols of interest are proprietary, and their specifications are not publicly available. Protocol reverse engineering is an approach to reconstruct the specifications of such closed protocols. Protocol reverse engineering can be tedious work if done manually, so prior research focused on automating the reverse engineering process as much as possible. Some approaches rely on access to the protocol implementation, but in many cases, the protocol implementation itself is not available or its license does not permit its use for reverse engineering purposes. Hence, in this paper, we focus on reverse engineering protocol specifications based solely on recorded network traffic. More specifically, we propose a method that can infer protocol message formats as well as certain field semantics for binary protocols from network traces. We demonstrate the usability of our approach by running it on packet captures of two known protocols, Modbus and MQTT, then comparing the inferred specifications to the known specifications of these protocols.

Problem Domain Analysis of IoT-Driven Secure Data Markets

L. Buttyán and M. Horváth

Euro-CYBERSEC 2018. Communications in Computer and Information Science, Springer, 2018, Gelenbe E. et al. (eds.), pp. 57-67, vol. 821.

Bibtex | Abstract | PDF

@incollection {
   author = {Levente Buttyán and Máté Horváth},
   title = {Problem Domain Analysis of IoT-Driven Secure Data Markets},
   booktitle = {Euro-CYBERSEC 2018. Communications in Computer and Information Science},
   publisher = {Springer},
   year = {2018},
   editor = {Gelenbe E. et al. (eds.)},
   pages = {57-67},
   note = {vol. 821}
}

Abstract

The Internet of Things (IoT) provides us with a vast amount of new data day by day, however, currently, most of these are only stored without utilizing their full potential. The attractive concept of data markets can change this situation in the near future and thus we initiate the study of security aspects of such systems. In this work, as a first step, we analyse the data markets based on the possible security requirements of the different participants. We identify more than 30 possible scenarios and connect these to the relevant areas of cryptography. Our analysis also highlights several open problems motivating further research on certain cryptographic primitives.

Vehicular Can Traffic Based Microtracking for Accident Reconstruction

A. Gazdag and T. Holczer and L. Buttyán and Zs. Szalay

Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering, University of Miskolc, Miskolc, Hungary, 2018.

Bibtex | Abstract | PDF

@inproceedings {
   author = {András Gazdag and Tamas Holczer and Levente Buttyán and Zsolt Szalay},
   title = {Vehicular Can Traffic Based Microtracking for Accident Reconstruction},
   booktitle = {Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering},
   publisher = {University of Miskolc, Miskolc, Hungary},
   year = {2018}
}

Keywords

Digital forensics, CAN network

Abstract

Accident reconstruction is the process of reliably discovering what has happened before a serious event. We show how the most widely used intra vehicular network (namely the Controller Area Network, CAN) can be used in this process. We show how the actual velocity and steering wheel position transmitted on the CAN network can be used to reconstruct the trajectory of a vehicle. This trajectory is an essential input in the reconstruction process. In this paper, we show how the CAN traffic of an actual vehicle can be used to recon- struct the trajectory of the vehicle, and we evaluate our approach in several real life experiments including normal and pre-accident situations.

2017

Efficient Lossless Compression of CAN Traffic Logs

A. Gazdag and L. Buttyán and Zs. Szalay

IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom), IEEE, 2017.

Bibtex | Abstract | PDF

@inproceedings {
   author = {András Gazdag and Levente Buttyán and Zsolt Szalay},
   title = {Efficient Lossless Compression of CAN Traffic Logs},
   booktitle = {IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom)},
   publisher = {IEEE},
   year = {2017}
}

Abstract

In this paper, we propose a compression method that allows for the efficient storage of large amounts of CAN traffic data, which is needed for the forensic investigations of accidents caused by cyber attacks on vehicles. Compression of recorded CAN traffic also reduces the time (or bandwidth) needed to off-load that data from the vehicle. In addition, our compression method allows analysts to perform log analysis on the compressed data, therefore, it contributes to reduced analysis time and effort. We achieve this by performing semantic compression on the CAN traffic logs, rather than simple syntactic compression. Our compression method is lossless, thus preserving all information for later analysis. Besides all the above advantages, the compression ratio that we achieve is better than the compression ratio of state-of-the-art syntactic compression methods, such as gzip.

Forensics aware lossless compression of CAN traffic logs

A. Gazdag and L. Buttyán and Zs. Szalay

Scientific Letters of the University of Zilina, 2017.

Bibtex | Abstract | PDF

@article {
   author = {András Gazdag and Levente Buttyán and Zsolt Szalay},
   title = {Forensics aware lossless compression of CAN traffic logs},
   journal = {Scientific Letters of the University of Zilina},
   year = {2017}
}

Keywords

CAN, network traffic capture, semantic compression, forensic analysis

Abstract

In this paper, we propose a compression method that allows for the efficient storage of large amounts of CAN traffic data, which is needed for the forensic investigations of accidents caused by the cyber-attacks on vehicles. Compression of recorded CAN traffic also reduces the time (or bandwidth) needed to off-load that data from the vehicle. In addition, our compression method allows analysts to perform log analysis on the compressed data. It is shown that the proposed compression format is a powerful tool to find traces of a cyber-attack. We achieve this by performing semantic compression on the CAN traffic logs, rather than the simple syntactic compression. Our compression method is lossless, thus preserving all information for later analysis. Besides all the above advantages, the compression ratio that we achieve is better than the compression ratio of the state-of-the-art syntactic compression methods, such as zip.

Towards Efficient Compression of CAN Traffic Logs

A. Gazdag and L. Buttyán and Zs. Szalay

34th International Colloquium on Advanced Manufacturing and Repairing Technologies in Vehicle Industry, 2017.

Bibtex | Abstract | PDF

@inproceedings {
   author = {András Gazdag and Levente Buttyán and Zsolt Szalay},
   title = {Towards Efficient Compression of CAN Traffic Logs},
   booktitle = {34th International Colloquium on Advanced Manufacturing and Repairing Technologies in Vehicle Industry},
   year = {2017}
}

Keywords

CAN, network traffic capture, semantic compression, forensic analysis

Abstract

Towards Semi-automated Detection of Trigger-based Behavior for Software Security Assurance

D. Papp and L. Buttyán and Z. Ma

Workshop on Software Assurance at ARES 2017, 2017.

Bibtex | Abstract | PDF

@conference {
   author = {Dorottya Papp and Levente Buttyán and Zhendong Ma},
   title = {Towards Semi-automated Detection of Trigger-based Behavior for Software Security Assurance},
   booktitle = {Workshop on Software Assurance at ARES 2017},
   year = {2017}
}

Abstract

A program exhibits trigger-based behavior if it performs undocumented, often malicious, functions when the environmental conditions and/or specific input values match some pre-specified criteria. Checking whether such hidden functions exist in the program is important for increasing trustworthiness of software. In this paper, we propose a framework to effectively detect trigger-based behavior at the source code level. Our approach is semi-automated: We use automated source code instrumentation and mixed concrete and symbolic execution to generate potentially suspicious test cases that may trigger hidden, potentially malicious functions. The test cases must be investigated by a human analyst manually to decide which of them are real triggers. While our approach is not fully automated, it greatly reduces manual work by allowing analysts to focus on a few test cases found by our automated tools.

2016

RoViM: Rotating Virtual Machines for Security and Fault-Tolerance

D. Papp and Z. Ma and L. Buttyán

EMC2 Summit at CPS Week 2016, 2016.

Bibtex | Abstract | PDF

@conference {
   author = {Dorottya Papp and Zhendong Ma and Levente Buttyán},
   title = {RoViM: Rotating Virtual Machines for Security and Fault-Tolerance},
   booktitle = {EMC2 Summit at CPS Week 2016},
   year = {2016}
}

Abstract

Nowadays, the field of embedded system experiences a number of changes. On one hand, recent cyber attacks against safety-critical systems demonstrate that malware can force safety-critical systems to endanger human lives and harm the environment. Therefore, a new requirement of security have arisen for safety-critical and embedded systems. However, security should be designed hand in hand with safety to resolve conflicts between the two fields. On the other hand, the emerging trend of virtualization has significant impact on the embedded market. The isolation and protection mechanisms of virtualization contributes to both safety and security via redundancy and the prevention of one virtual machine affecting another. In this paper we present RoViM, a system of rotating virtual machines providing proactive security for embedded devices. RoViM uses multiple virtual machines in the system which increases redundancy as a safety measure. Our design satisfies reachability, liveness and safety requirements and we present a proof-of-concept implementation with use case of an Internet Protocol Security (IPsec) gateway. We evaluate our design with formal verification and show that rotating virtual machines cause no significant change in the performance of the IPsec gateway.

2015

Duqu 2.0:A comparison to Duqu

B. Bencsáth and L. Buttyán and R. Kamarás and G. Vaspöri and G. Molnár and G. Ács-Kurucz

BME CrySyS Lab, 2015.

Bibtex | PDF

@techreport {
   author = {Boldizsár Bencsáth and Levente Buttyán and Roland Kamarás and Gábor Vaspöri and Gábor Molnár and Gábor Ács-Kurucz},
   title = {Duqu 2.0:A comparison to Duqu},
   institution = {BME CrySyS Lab},
   year = {2015}
}

Abstract

Embedded System Security: Threats, Vulnerabilities, and Attack Taxonomy

D. Papp and Z. Ma and L. Buttyán

IEEE International Confenrence on Privacy, Security, and Trust, 2015.

Bibtex | Abstract

@conference {
   author = {Dorottya Papp and Zhendong Ma and Levente Buttyán},
   title = {Embedded System Security: Threats, Vulnerabilities, and Attack Taxonomy},
   booktitle = {IEEE International Confenrence on Privacy, Security, and Trust},
   year = {2015}
}

Abstract

Embedded systems are the driving force for technological development in many domains such as automotive, healthcare, and industrial control in the emerging post-PC era. As more and more computational and networked devices are integrated into all aspects of our lives in a pervasive and ``invisible' way, security becomes critical for the dependability of all smart or intelligent systems built upon these embedded systems. In this paper, we conduct a systematic review of the existing threats and vulnerabilities in embedded systems based on public available data. Moreover, based on the information, we derive an attack taxonomy for embedded systems. We envision that the findings in this paper provide a valuable insight of the threat landscape facing embedded systems. The knowledge can be used for a better understanding and the identification of security risks in system analysis and design.

ROSCO: Repository of signed code

B. Bencsáth and L. Buttyán and T. Holczer and B. Kócsó and D. Papp

Virus Bulletin, 2015.

Bibtex | PDF

@conference {
   author = {Boldizsár Bencsáth and Levente Buttyán and Tamas Holczer and Balázs Kócsó and Dorottya Papp},
   title = {ROSCO: Repository of signed code},
   booktitle = {Virus Bulletin},
   year = {2015}
}

Abstract

The design and implementation of a PLC honeypot for detecting cyber attacks against industrial control systems

L. Buttyán and M. Felegyhazi and T. Holczer

Proceedings of International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange, IAEA, 2015.

Bibtex

@inproceedings {
   author = {Levente Buttyán and Mark Felegyhazi and Tamas Holczer},
   title = {The design and implementation of a PLC honeypot for detecting cyber attacks against industrial control systems},
   booktitle = {Proceedings of International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange},
   publisher = {IAEA},
   year = {2015}
}

Abstract

2014

An independent test of APT attack detection appliances

R. Kamarás and G. Vaspöri and G. Molnár and G. Ács-Kurucz and Z. Balázs and L. Buttyán and B. Bencsáth

MRG Effitas and BME CrySyS Lab, 2014.

Bibtex

@techreport {
   author = {Roland Kamarás and Gábor Vaspöri and Gábor Molnár and Gábor Ács-Kurucz and Zoltán Balázs and Levente Buttyán and Boldizsár Bencsáth},
   title = {An independent test of APT attack detection appliances},
   institution = {MRG Effitas and BME CrySyS Lab},
   year = {2014}
}

Abstract

Android Malware Analysis Based On Memory Forensics

A. Gazdag and L. Buttyán

Annual Scientific Conference of the Hungarian National Coordinating Center for Infocommunications (NIKK), Springer, 2014.

Bibtex

@inproceedings {
   author = {András Gazdag and Levente Buttyán},
   title = {Android Malware Analysis Based On Memory Forensics},
   booktitle = {Annual Scientific Conference of the Hungarian National Coordinating Center for Infocommunications (NIKK)},
   publisher = {Springer},
   year = {2014}
}

Abstract

2013

A Survey of Security Issues in Hardware Virtualization

B. Bencsáth and L. Buttyán and G. Pék

ACM Computing Surveys (CSUR), vol. 45 , no. 3, June , 2013, doi:10.1145/2480741.2480757.

Bibtex | Abstract

@article {
   author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK},
   title = {A Survey of Security Issues in Hardware Virtualization},
   journal = { ACM Computing Surveys (CSUR)},
   volume = {45 },
   number = {3},
   month = {June },
   year = {2013},
   note = {doi:10.1145/2480741.2480757}
}

Abstract

Virtualization is a powerful technology to increase the efficiency of computing services; however, besides its advantages, it also raises a number of security issues. In this paper, we provide a thorough survey of those security issues in hardware virtualization. We focus on potential vulnerabilities and existing attacks on various virtualization platforms, but we also briefly sketch some possible countermeasures. To the best of our knowledge, this is the first survey of security issues in hardware virtualization with this level of details. Moreover, the adversary model and the structuring of the attack vectors are original contributions, never published before.

Designing Robust Network Topologies for Wireless Sensor Networks in Adversarial Environments

D. Szeszlér and L. Buttyán and A. Laszka

Pervasive and Mobile Computing, Elsevier, vol. 9, no. 4, August, 2013, pp. 546 - 563, (http://dx.doi.org/10.1016/j.pmcj.2012.05.001).

Bibtex | Abstract

@article {
   author = {Dávid Szeszlér and Levente Buttyán and Aron Laszka},
   title = {Designing Robust Network Topologies for Wireless Sensor Networks in Adversarial Environments},
   journal = {Pervasive and Mobile Computing, Elsevier},
   volume = { 9},
   number = {4},
   month = {August},
   year = {2013},
   pages = {546 - 563},
   note = {(http://dx.doi.org/10.1016/j.pmcj.2012.05.001)}
}

Abstract

In this paper, we address the problem of deploying sink nodes in a wireless sensor network such that the resulting network topology be robust. In order to measure network robustness, we propose a new metric, called persistence, which better captures the notion of robustness than the widely known connectivity based metrics. We study two variants of the sink deployment problem: sink selection and sink placement. We prove that both problems are NP-hard, and show how the problem of sink placement can be traced back to the problem of sink selection using an optimal search space reduction te chnique, which may be of independent interest. To solve the problem of sink selection, we propose efficient heuristic algorithms. Finally, we provide experim ental results on the performance of our proposed algorithms.

On formal and automatic security verification of WSN transport protocols

A. Dvir and L. Buttyán and T. V. Thong

ISRN Sensor Networks Journal, Hindawi, December, 2013, In Press.

Bibtex

@article {
   author = {Amit Dvir and Levente Buttyán and Ta Vinh Thong},
   title = {On formal and automatic security verification of WSN transport protocols },
   journal = {ISRN Sensor Networks Journal, Hindawi},
   month = {December},
   year = {2013},
   note = {In Press}
}

Abstract

SDTP+: Securing a Distributed Transport Protocol for WSNs using Merkle Trees and Hash Chains

T. V. Thong and L. Buttyán and A. Dvir

IEEE International Confenrence on Communications (ICC), 2013, pp. 1-6, Budapest, Hungary, June.

Bibtex | Abstract

@conference {
   author = {Ta Vinh Thong and Levente Buttyán and Amit Dvir},
   title = {SDTP+: Securing a Distributed Transport Protocol for WSNs using Merkle Trees and Hash Chains},
   booktitle = {IEEE International Confenrence on Communications (ICC)},
   year = {2013},
   pages = {1-6},
   address = {Budapest, Hungary},
   month = {June}
}

Abstract

Transport protocols for Wireless Sensor Networks (WSNs) are designed to fulfill both reliability and energy effi- ciency requirements. Distributed Transport for Sensor Networks (DTSN)is one of the most promising transport protocols designed for WSNs because of its effectiveness; however, it does not address any security issues, hence it is vulnerable to many attacks. The first secure transport protocol for WSN was the secure distributed transport protocol (SDTP) [2], which is a security extension of DTSN. Unfortunately, it turns out that the security methods provided by SDTP are not sufficient; some tricky attacks get around the protection mechanism. In this paper, we describe the security gaps in the SDTP protocol, and we introduce SDTP+ for patching the weaknesses. We show that SDTP+ resists attacks on reliability and energy efficiency of the protocol, and also present an overhead analysis for showing its effectiveness.

Technical Trends in Recent Targeted Attacks

M. Felegyhazi and L. Buttyán and B. Bencsáth and G. Pék

Presentation at Power of Community (POC 2013, Seoul, South Korea), November, 2013.

Bibtex

@misc {
   author = {Mark Felegyhazi and Levente Buttyán and Boldizsár Bencsáth and Gábor PÉK},
   title = {Technical Trends in Recent Targeted Attacks },
   howpublished = {Presentation at Power of Community (POC 2013, Seoul, South Korea)},
   month = {November},
   year = {2013}
}

Abstract

2012

A Machine Learning Based Approach for Predicting Undisclosed Attributes in Social Networks

G. Kótyuk and L. Buttyán

Proceedings of the IEEE Workshop on SEcurity and SOCial Networking (SESOC), IEEE, IEEE, Lugano, Switzerland, March, 2012, pp. 1-6.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Kótyuk and Levente Buttyán},
   title = {A Machine Learning Based Approach for Predicting Undisclosed Attributes in Social Networks},
   booktitle = {Proceedings of the IEEE Workshop on SEcurity and SOCial Networking (SESOC)},
   organization = {IEEE},
   publisher = {IEEE},
   address = {Lugano, Switzerland},
   month = {March},
   year = {2012},
   pages = {1-6}
}

Keywords

social networks, privacy, machine learning

Abstract

Online Social Networks have gained increased popularity in recent years. However, besides their many advanteges, they also represent privacy risks for the users. In order to control access to their private information, users of OSNs are typically allowed to set the visibility of their profile attributes, but this may not be sufficient, beacuse visible attributes, friendship relationships, and group memberships can be used to infer private information. In this paper, we propose a fully automated approach based on machine learning for inferring undisclosed attributes of OSN users. Our method can be used for both classification and regression tasks, and it makes large scale privacy attacks feasible. We also provide experimental results showing that our method achieves good performance in practice.

A Survey of Interdependent Security Games

L. Buttyán and M. Felegyhazi and A. Laszka

no. CRYSYS-TR-2012-11-15, CrySyS Lab, BME, Nov, 2012.

Bibtex | Abstract | PDF

@techreport {
   author = {Levente Buttyán and Mark Felegyhazi and Aron Laszka},
   title = {A Survey of Interdependent Security Games},
   number = {CRYSYS-TR-2012-11-15},
   institution = {CrySyS Lab, BME},
   month = {Nov},
   year = {2012}
}

Keywords

interdependent security, security economics, security games

Abstract

Interdependence of information systems is a fundamental property that shapes the problems in information security. The risks faced by system operators and users is not only determined by their own security posture, but is heavily affected by the security-related decisions of other connected systems. Therefore, defending networked systems relies on the correlated action of the system operators or users. In this survey, we summarize game-theoretic interdependence models, characterize the emerging security inefficiencies and present solution methods. Our goal is to distill the main insights from the state-of-the-art and to identify the areas that need more attention from the research community.

A Wireless Sensor and Actuator Network for Improving the Electrical Power Grid Dependability

A. Grilo and A. Casaca and P. Pereira and L. Buttyán and J. Goncalves and C. Fortunato

Euro-NF Conference on Next Generation Internet (NGI), IEEE, 2012.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Antonio M. Grilo and Augusto Casaca and Paulo Pereira and Levente Buttyán and José Goncalves and Carlos Fortunato},
   title = {A Wireless Sensor and Actuator Network for Improving the Electrical Power Grid Dependability},
   booktitle = {Euro-NF Conference on Next Generation Internet (NGI)},
   publisher = {IEEE},
   year = {2012}
}

Abstract

This paper presents an overview of a Wireless Sensor and Actuator Network (WSAN) used to monitor an electrical power grid distribution infrastructure. The WSAN employs appropriate sensors to monitor key grid components, integrating both safety and security services, which improve the grid distribution dependability. The supported applications include, among others, video surveillance of remote secondary substations, which imposes special requirements from the point of view of quality of service and reliability. The paper presents the hardware and software architecture of the system together with performance results.

Célzott informatikai támadások napjainkban

B. Bencsáth and G. Pék and L. Buttyán and M. Felegyhazi

Budapest New Tech Meetup, Budapest, Hungary., December, 2012.

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
   title = {Célzott informatikai támadások napjainkban},
   howpublished = {Budapest New Tech Meetup, Budapest, Hungary.},
   month = {December},
   year = {2012}
}

Abstract

Critical Infrastructure Security: Assessment, Prevention, Detection, Response

P. Langendoerfer and L. Buttyán and A. Casaca and E. Osipov and A. Hessler and C. Castelluccia and A. Alkassar

F. Flammini (ed), Wireless Sensor Networks for Critical Infrastructure Protection, pp. 155-167, WIT Press, 2012.

Bibtex

@inbook {
   author = {Peter Langendoerfer and Levente Buttyán and Augusto Casaca and Evgeny Osipov and Alban Hessler and Claude Castelluccia and Ammar Alkassar},
   editor = {F. Flammini (ed)},
   title = {Critical Infrastructure Security: Assessment, Prevention, Detection, Response},
   chapter = {Wireless Sensor Networks for Critical Infrastructure Protection},
   pages = {155-167},
   publisher = {WIT Press},
   year = {2012}
}

Abstract

Cryptography: The strongest link in the chain

L. Buttyán and B. Bencsáth

Hackin9 Extra, vol. 8, no. 1, January, 2012, pp. 8-11.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and Boldizsár Bencsáth},
   title = {Cryptography: The strongest link in the chain},
   journal = {Hackin9 Extra},
   volume = {8},
   number = {1},
   month = {January},
   year = {2012},
   pages = {8-11}
}

Abstract

IT security architectures that use cryptographic elements sometimes fail, but it is rarely cryptography to blame. The reason is more often the use of cryptography in an inappropriate way, or the use of algorithms that do not really qualify as cryptographic. High quality cryptography is in fact the strongest link in the chain, and there are good reasons for that.

Duqu, Flame, Gauss - new challenges for a new era

B. Bencsáth and L. Buttyán and M. Felegyhazi and G. Pék

EuroNOG 2012 conference, Budapest, 10-11 Sept 2012, September, 2012.

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Levente Buttyán and Mark Felegyhazi and Gábor PÉK},
   title = {Duqu, Flame, Gauss - new challenges for a new era },
   howpublished = {EuroNOG 2012 conference, Budapest, 10-11 Sept 2012},
   month = {September},
   year = {2012}
}

Abstract

Duqu: Analysis, Detection, and Lessons Learned

B. Bencsáth and G. Pék and L. Buttyán and M. Felegyhazi

ACM European Workshop on System Security (EuroSec), ACM, 2012.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
   title = {Duqu: Analysis, Detection, and Lessons Learned},
   booktitle = {ACM European Workshop on System Security (EuroSec)},
   publisher = {ACM},
   year = {2012}
}

Abstract

In September 2011, a European company sought our help to investigate a security incident that happened in their IT system. During the investigation, we discovered a new malware that was unknown to all mainstream anti-virus products, however, it showed striking similarities to the infamous Stuxnet worm. We named the new malware Duqu, and we carried out its rst analysis. Our ndings led to the hypothesis that Duqu was probably created by the same people who developed Stuxnet, but with a dierent purpose: unlike Stuxnet whose mission was to attack industrial equipment, Duqu is an information stealer rootkit. Nevertheless, both pieces of malware have a modular structure, and they can be re-congured remotely from a Command and Control server to include virtually any kind of functionality. In this paper, we present an abridged version of our initial Duqu analysis, which is available in a longer format as a technical report. We also describe the Duqu detector toolkit, a set of heuristic tools that we developed to detect Duqu and its variants. Finally, we discuss a number of issues that we learned, observed, or identied during our Duqu analysis project concerning the problems of preventing, detecting, and handling targeted malware attacks; we believe that solving these issues represents a great challenge to the system security community.

Game-theoretic Robustness of Many-to-one Networks

L. Buttyán and D. Szeszlér and A. Laszka

3rd International Conference on Game Theory for Networks (GameNets), 2012, May.

Bibtex | Abstract

@conference {
   author = {Levente Buttyán and Dávid Szeszlér and Aron Laszka},
   title = {Game-theoretic Robustness of Many-to-one Networks},
   booktitle = {3rd International Conference on Game Theory for Networks (GameNets)},
   year = {2012},
   month = {May}
}

Abstract

In this paper, we study the robustness of networks that are characterized by many-to-one communications (e.g., access networks and sensor networks) in a game-theoretic model. More specically, we model the interactions between a network operator and an adversary as a two player zero-sum game, where the network operator chooses a spanning tree in the network, the adversary chooses an edge to be removed from the network, and the adversary's payo is proportional to the number of nodes that can no longer reach a designated node through the spanning tree. We show that the payo in every Nash equilibrium of the game is equal to the reciprocal of the persistence of the network. We describe optimal adversarial and operator strategies and give efficient, polynomial time algorithms to compute optimal strategies. We also generalize our game model to include varying node weights, as well as attacks against nodes.

Linear Loss Function for the Network Blocking Game: An Efficient Model for Measuring Network Robustness and Link Criticality

L. Buttyán and D. Szeszlér and A. Laszka

3rd Conference on Decision and Game Theory for Security (GameSec 2012), LNCS , November, 2012, pp. 152-170, Volume 7638.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and Dávid Szeszlér and Aron Laszka},
   title = {Linear Loss Function for the Network Blocking Game: An Efficient Model for Measuring Network Robustness and Link Criticality},
   booktitle = {3rd Conference on Decision and Game Theory for Security (GameSec 2012)},
   publisher = {LNCS },
   month = {November},
   year = {2012},
   pages = {152-170},
   note = {Volume 7638}
}

Abstract

In order to design robust networks, first, one has to be able to measure robustness of network topologies. In [1], a game-theoretic model, the network blocking game, was proposed for this purpose, where a network operator and an attacker interact in a zero-sum game played on a network topology, and the value of the equilibrium payoff in this game is interpreted as a measure of robustness of that topology. The payoff for a given pair of pure strategies is based on a loss-in-value function. Besides measuring the robustness of network topologies, the model can be also used to identify critical edges that are likely to be attacked. Unfortunately, previously proposed loss-in-value functions are either too simplistic or lead to a game whose equilibrium is not known to be computable in polynomial time. In this paper, we propose a new, linear loss-in-value function, which is meaningful and leads to a game whose equilibrium is efficiently computable. Furthermore, we show that the resulting game-theoretic robustness metric is related to the Cheeger constant of the topology graph, which is a well-known metric in graph theory.

Query Auditing for Protecting Max/Min Values of Sensitive Attributes in Statistical Databases

T. V. Thong and L. Buttyán

9th International Conference on Trust, Privacy & Security in Digital Business (TrustBus), Springer LNCS, July, 2012, pp. 1-15.

Bibtex | Abstract

@inproceedings {
   author = {Ta Vinh Thong and Levente Buttyán},
   title = {Query Auditing for Protecting Max/Min Values of Sensitive Attributes in Statistical Databases},
   booktitle = {9th International Conference on Trust, Privacy & Security in Digital Business (TrustBus)},
   publisher = {Springer LNCS},
   month = {July},
   year = {2012},
   pages = {1-15}
}

Keywords

Query Auditing, Statistical databases, Full disclosure, Partial disclosure, MIN, MAX aggregation queries

Abstract

In this paper, we dene a novel setting for query auditing, where instead of detecting or preventing the disclosure of individual sensitive values, we want to detect or prevent the disclosure of aggregate values in the database. More specically, we study the problem of detecting or preventing the disclosure of the maximum (minimum) value in the database, when the querier is allowed to issue average queries to the database. We propose efficient offline and online query auditors for this problem in the full disclosure model, and an ecient simulatable online query auditor in the partial disclosure model.

Secure and Reliable Clustering in Wireless Sensor Networks: A Critical Survey

P. Schaffer and K. Farkas and Á. Horváth and T. Holczer and L. Buttyán

accepted for publication in Elsevier Computer Networks, 2012.

Bibtex | Abstract

@article {
   author = {Peter Schaffer and Károly Farkas and Ádám Horváth and Tamas Holczer and Levente Buttyán},
   title = {Secure and Reliable Clustering in Wireless Sensor Networks: A Critical Survey},
   journal = {accepted for publication in Elsevier Computer Networks},
   year = {2012}
}

Abstract

In the past few years, research interest has been increased towards wireless sensor networks (WSNs) and their application in both the military and civil domains. To support scalability in WSNs and increase network lifetime, nodes are often grouped into disjoint clusters. However, secure and reliable clustering, which is critical in WSNs deployed in hostile environments, has gained modest attention so far or has been limited only to fault tolerance. In this paper, we review the state-of-the-art of clustering protocols inWSNs with special emphasis on security and reliability issues. First, we define the taxonomy of security and reliability for cluster head election and clustering in WSNs. Then, we describe and analyze the most relevant secure and reliable clustering protocols. Finally, we propose countermeasures against typical attacks and show how they improve the discussed protocols.

sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks

B. Bencsáth and G. Pék and L. Buttyán and M. Felegyhazi

In collaboration with the sKyWIper Analysis Team , 2012.

Bibtex | PDF

@techreport {
   author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
   title = {sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks},
   institution = {In collaboration with the sKyWIper Analysis Team },
   year = {2012}
}

Abstract

Targeted attacks against Critical infrastructure: Stuxnet and beyond

B. Bencsáth and G. Pék and L. Buttyán and M. Felegyhazi

SCADA and Smart Grid Cyber Security Summit, 26-27 April 2012, April, 2012, London.

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
   title = {Targeted attacks against Critical infrastructure: Stuxnet and beyond},
   howpublished = {SCADA and Smart Grid Cyber Security Summit, 26-27 April 2012},
   month = {April},
   year = {2012},
   note = {London}
}

Abstract

Targeted Attacks of Recent Times

B. Bencsáth and L. Buttyán and G. Pék and M. Felegyhazi

Kaspersky SAS 2012 - Security Analyst Summit, Cancun, Mexico, February, 2012.

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK and Mark Felegyhazi},
   title = {Targeted Attacks of Recent Times },
   howpublished = {Kaspersky SAS 2012 - Security Analyst Summit, Cancun, Mexico},
   month = {February},
   year = {2012}
}

Abstract

Technical analysis and information sharing in the handling of high-profile targeted attacks

B. Bencsáth and L. Buttyán and G. Pék and M. Felegyhazi

2012 Workshop on Cyber Security and Global Affairs and Global Security Forum, 1-3 June 2012, June, 2012, Barcelona, Spain.

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK and Mark Felegyhazi},
   title = {Technical analysis and information sharing in the handling of high-profile targeted attacks },
   howpublished = {2012 Workshop on Cyber Security and Global Affairs and Global Security Forum, 1-3 June 2012},
   month = {June},
   year = {2012},
   note = {Barcelona, Spain}
}

Abstract

The cousins of Stuxnet:Duqu, Flame, Gauss, …

L. Buttyán and B. Bencsáth and G. Pék and M. Felegyhazi

ISCD 2012, Balatonöszöd, 3-4 Sep., September, 2012.

Bibtex

@misc {
   author = {Levente Buttyán and Boldizsár Bencsáth and Gábor PÉK and Mark Felegyhazi},
   title = {The cousins of Stuxnet:Duqu, Flame, Gauss, …},
   howpublished = {ISCD 2012, Balatonöszöd, 3-4 Sep.},
   month = {September},
   year = {2012}
}

Abstract

The Cousins of Stuxnet: Duqu, Flame, and Gauss

B. Bencsáth and G. Pék and L. Buttyán and M. Felegyhazi

Future Internet 2012, 4(4), doi:10.3390/fi4040971, 2012, pp. 971-1003, doi:10.3390/fi4040971, http://www.mdpi.com/journal/futureinternet/special_issues/stuxnet.

Bibtex | Abstract

@article {
   author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
   title = {The Cousins of Stuxnet: Duqu, Flame, and Gauss},
   journal = {Future Internet 2012, 4(4), doi:10.3390/fi4040971},
   year = {2012},
   pages = {971-1003},
   note = {doi:10.3390/fi4040971, http://www.mdpi.com/journal/futureinternet/special_issues/stuxnet}
}

Abstract

Stuxnet was the first targeted malware that received worldwide attention forcausing physical damage in an industrial infrastructure seemingly isolated from the onlineworld. Stuxnet was a powerful targeted cyber-attack, and soon other malware samples were discovered that belong to this family. In this paper, we will first present our analysis of Duqu, an information-collecting malware sharing striking similarities with Stuxnet. Wedescribe our contributions in the investigation ranging from the original detection of Duquvia finding the dropper file to the design of a Duqu detector toolkit. We then continue with the analysis of the Flame advanced information-gathering malware. Flame is unique in thesense that it used advanced cryptographic techniques to masquerade as a legitimate proxyfor the Windows Update service. We also present the newest member of the family, called Gauss, whose unique feature is that one of its modules is encrypted such that it can onlybe decrypted on its target system; hence, the research community has not yet been able to analyze this module. For this particular malware, we designed a Gauss detector serviceand we are currently collecting intelligence information to be able to break its very specialencryption mechanism. Besides explaining the operation of these pieces of malware, wealso examine if and how they could have been detected by vigilant system administrators manually or in a semi-automated manner using available tools. Finally, we discuss lessonsthat the community can learn from these incidents. We focus on technical issues, and avoidspeculations on the origin of these threats and other geopolitical questions.

Traffic Analysis Attacks and Countermeasures in Wireless Body Area Sensor Networks

L. Buttyán and T. Holczer

IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN), IEEE, June, 2012.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and Tamas Holczer},
   title = {Traffic Analysis Attacks and Countermeasures in Wireless Body Area Sensor Networks},
   booktitle = {IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN)},
   publisher = {IEEE},
   month = {June},
   year = {2012}
}

Abstract

In this paper, we study the problem of traffic analysis attacks in wireless body area sensor networks. When these networks are used in health-care for remote patient monitoring, traffic analysis can reveal the type of medical sensors mounted on the patient, and this information may be used to infer the patient’s health problems. We show that simple signal processing methods can be used effectively for performing traffic analysis attacks and identifying the sensor types in a rather weak adversary model. We then investigate possible traffic obfuscation mechanisms aiming at hiding the regular patterns in the observable wireless traffic. Among the investigated countermeasures, traffic shaping, a mechanism that introduces carefully chosen delays for message transmissions, appears to be the best choice, as it achieves close to optimal protection and incurs no overhead.

2011

Duqu: A Stuxnet-like malware found in the wild

B. Bencsáth and G. Pék and L. Buttyán and M. Felegyhazi

BME CrySyS Lab., October, 2011., First published in cut-down form as appendix to the Duqu report of Symantec.

Bibtex

@techreport {
   author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
   title = {Duqu: A Stuxnet-like malware found in the wild},
   institution = {BME CrySyS Lab.},
   month = {October},
   year = {2011.},
   note = {First published in cut-down form as appendix to the Duqu report of Symantec}
}

Abstract

Targeted attacks of recent days

B. Bencsáth and L. Buttyán

Kiberbiztonsági Konferencia, ZMNE, November 25, 2011..

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Levente Buttyán},
   title = {Targeted attacks of recent days},
   howpublished = {Kiberbiztonsági Konferencia, ZMNE},
   month = {November 25},
   year = {2011.}
}

Abstract

A Secure Distributed Transport Protocol for Wireless Sensor Networks

L. Buttyán and A. Grilo

Proceedings of the IEEE International Confenrence on Communications (ICC), IEEE, Kyoto, Japan, June 5-9, 2011, pp. 1-6.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and Antonio M. Grilo},
   title = {A Secure Distributed Transport Protocol for Wireless Sensor Networks},
   booktitle = {Proceedings of the IEEE International Confenrence on Communications (ICC)},
   publisher = {IEEE},
   address = {Kyoto, Japan},
   month = {June 5-9},
   year = {2011},
   pages = {1-6}
}

Abstract

We propose a secure distributed transport protocol for wireless sensor networks that resists against attacks on the reliability service provided by the protocol, as well as against energy depleting attacks. Our protocol is based on the Distributed Transport for Sensor Networks (DTSN) protocol, to which we add a security extension that consists in an efficient, symmetric key based authentication scheme for control packets. Besides describing the operation of our protocol, we also provide its analysis in terms of security and overhead.

Anonymous Aggregator Election and Data Aggregation in Wireless Sensor Networks

T. Holczer and L. Buttyán

International Journal of Distributed Sensor Networks, 2011, pp. 1-18, Article ID 828414.

Bibtex | Abstract | PDF

@article {
   author = {Tamas Holczer and Levente Buttyán},
   title = {Anonymous Aggregator Election and Data Aggregation in Wireless Sensor Networks},
   journal = {International Journal of Distributed Sensor Networks},
   year = {2011},
   pages = {1-18},
   note = {Article ID 828414}
}

Abstract

In mission critical cyber-physical systems, dependability is an important requirement at all layers of the system architecture. In this paper, we propose protocols that increase the dependability of wireless sensor networks, which are potentially useful building blocks in cyber physical systems. More speciﬁcally, we propose two private aggregator node election protocols, a private data aggregation protocol, and a corresponding private query protocol for sensor networks that allow for secure in-network data aggregation by making it difﬁcult for an adversary to identify and then physically disable the designated aggregator nodes. Our advanced protocols resist strong adversaries that can physically compromise some nodes.

Backpressure Approach for Bypassing Jamming Attacks in Wireless Sensor Networks

L. Buttyán and A. Dvir

IEEE INFOCOM, Demo/Posters, Shanghai, China, April 11-15, 2011, pp. 1.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and Amit Dvir},
   title = {Backpressure Approach for Bypassing Jamming Attacks in Wireless Sensor Networks},
   publisher = {IEEE INFOCOM, Demo/Posters},
   address = {Shanghai, China},
   month = {April 11-15},
   year = {2011},
   pages = {1}
}

Abstract

The wireless medium used by sensor networks makes it easy for adversaries to launch jamming attacks that can block communication. In order to bypass the jamming area, tree-based routing protocols need to reconstruct the tree, a path or choosing new parent which is time consuming. In addition, bypassing congests the nodes at the border of the jamming area. In this paper, we present and implement a recovery algorithm based on a weighted backpressure function that bypasses the jamming area by spreading the congestion over a large subset of the sensor nodes, while no tree reconstruction and mapping of the jamming area are needed. As future work, we will implement and simulate our recovery algorithm using the IPv6 Routing Protocol for Low-power and Lossy Networks (RPL).

CLEARER: CrySyS Laboratory Security and Privacy Research Roadmap

L. Buttyán and M. Felegyhazi and B. Bencsáth

Proceedings of the First SysSec Workshop SysSec 2011, SysSec, Amsterdam, The Netherlands, July 6, 2011, pp. 73-76.

Bibtex | PDF

@inproceedings {
   author = {Levente Buttyán and Mark Felegyhazi and Boldizsár Bencsáth},
   title = {CLEARER: CrySyS Laboratory Security and Privacy Research Roadmap},
   booktitle = {Proceedings of the First SysSec Workshop SysSec 2011},
   publisher = {SysSec},
   address = { Amsterdam, The Netherlands},
   month = {July 6},
   year = {2011},
   pages = {73-76}
}

Abstract

Cryptography - the strongest chain element in the practice of cyber security

B. Bencsáth and L. Buttyán

Kiberbiztonsági Konferencia, ZMNE, November 25, 2011.

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Levente Buttyán},
   title = {Cryptography - the strongest chain element in the practice of cyber security},
   howpublished = {Kiberbiztonsági Konferencia, ZMNE},
   month = {November 25},
   year = {2011}
}

Abstract

Detection and Recovery From Pollution Attacks in Coding Based Distributed Storage Schemes

L. Czap and L. Buttyán and I. Vajda

IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 6, November/December, 2011.

Bibtex | Abstract | PDF

@article {
   author = {László CZAP and Levente Buttyán and István VAJDA},
   title = {Detection and Recovery From Pollution Attacks in Coding Based Distributed Storage Schemes},
   journal = {IEEE Transactions on Dependable and Secure Computing},
   volume = {8},
   number = {6},
   month = {November/December},
   year = {2011}
}

Abstract

We address the problem of pollution attacks in coding based distributed storage systems. In a pollution attack, the adversary maliciously alters some of the stored encoded packets, which results in the incorrect decoding of a large part of the original data upon retrieval. We propose algorithms to detect and recover from such attacks. In contrast to existing approaches to solve this problem, our approach is not based on adding cryptographic checksums or signatures to the encoded packets, and it does not introduce any additional redundancy to the system. The results of our analysis show that our proposed algorithms are suitable for practical systems, especially in wireless sensor networks.

Formal verification of secure ad-hoc network routing protocols using deductive model-checking

T. V. Thong and L. Buttyán

Periodica Polytechnica Journal, accepted for publication, 2011.

Bibtex | Abstract

@article {
   author = {Ta Vinh Thong and Levente Buttyán},
   title = {Formal verification of secure ad-hoc network routing protocols using deductive model-checking},
   journal = {Periodica Polytechnica Journal},
   month = {accepted for publication},
   year = {2011}
}

Keywords

Automated verification, secure routing protocols, model-cheking, process calculus

Abstract

Ad-hoc networks do not rely on a pre-installed infrastructure, but they are formed by end-user devices in a self-organized manner. A consequence of this principle is that end-user devices must also perform routing functions. However, end-user devices can easily be compromised, and they may not follow the routing protocol faithfully. Such compromised and misbehaving nodes can disrupt routing, and hence, disable the operation of the network. In order to cope with this problem, several secured routing protocols have been proposed for adhoc networks. However, many of them have design flaws that still make them vulnerable to attacks mounted by compromised nodes. In this paper, we propose a formal verification method for secure ad-hoc network routing protocols that helps increasing the confidence in a protocol by providing an analysis framework that is more systematic, and hence, less error-prone than the informal analysis. Our approach is based on a new process calculus that we specifically developed for secure ad-hoc network routing protocols and a deductive proof technique. The novelty of this approach is that contrary to prior attempts to formal verification of secure ad-hoc network routing protocols, our verification method can be made fully automated.

nEther: In-guest Detection of Out-of-the-guest Malware Analyzers

G. Pék and B. Bencsáth and L. Buttyán

ACM European Workshop on System Security (EuroSec), ACM, Salzburg, Austria, April 10, 2011, pp. 1-6.

Bibtex | PDF

@inproceedings {
   author = {Gábor PÉK and Boldizsár Bencsáth and Levente Buttyán},
   title = {nEther: In-guest Detection of Out-of-the-guest Malware Analyzers},
   booktitle = {ACM European Workshop on System Security (EuroSec)},
   publisher = {ACM},
   address = {Salzburg, Austria},
   month = {April 10},
   year = {2011},
   pages = {1-6}
}

Abstract

On automating the verification of secure ad-hoc network routing protocols

T. V. Thong and L. Buttyán

Springer Telecommunication Systems, accepted for publication, 2011, pp. 1-30, Article ID: 10.1007/s11235-011-9592-3.

Bibtex | Abstract

@article {
   author = {Ta Vinh Thong and Levente Buttyán},
   title = {On automating the verification of secure ad-hoc network routing protocols},
   journal = {Springer Telecommunication Systems},
   month = {accepted for publication},
   year = {2011},
   pages = {1-30},
   note = {Article ID: 10.1007/s11235-011-9592-3}
}

Keywords

Secure routing protocols, Automated security veriﬁcation, Security, Cryptography, Mobile ad-hoc networks, Wireless communication, Formal analysis, Process calculus

Abstract

Ad-hoc networks do not rely on a pre-installed infrastructure, but they are formed by end-user devices in a self-organized manner. A consequence of this principle is that end-user devices must also perform routing functions. However, end-user devices can easily be compromised, and they may not follow the routing protocol faithfully. Such compromised and misbehaving nodes can disrupt routing, and hence, disable the operation of the network. In order to cope with this problem, several secured routing protocols have been proposed for ad-hoc networks. However, many of them have design ﬂaws that still make them vulnerable to attacks mounted by compromised nodes. In this paper, we propose a fully automatic veriﬁcation method for secure adhoc network routing protocols that helps increasing the con- ﬁdence in a protocol by providing an analysis framework that is more systematic, and hence, less error-prone than the informal analysis. Our method is based on a deductive proof technique and a backward reachability approach. The main novelty of this approach compared to the prior works is that beside providing expressive semantics and syntax for modelling and specifying secure routing protocols, it assumes an arbitrary topology, and a strong attacker model.

Optimal Selection of Sink Nodes in Wireless Sensor Networks in Adversarial Environments

A. Laszka and L. Buttyán and D. Szeszlér

IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN), 2011, pp. 1-6, Lucca, Italy, June 20.

Bibtex | Abstract | PDF

@conference {
   author = {Aron Laszka and Levente Buttyán and Dávid Szeszlér},
   title = {Optimal Selection of Sink Nodes in Wireless Sensor Networks in Adversarial Environments},
   booktitle = {IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN)},
   year = {2011},
   pages = {1-6},
   address = {Lucca, Italy},
   month = {June 20}
}

Abstract

In this paper, we address the problem of assigning the sink role to a subset of nodes in a wireless sensor network with a given topology such that the resulting network configuration is robust against denial-of-service type attacks such as node destruction, battery exhaustion and jamming. In order to measure robustness, we introduce new metrics based on a notion defined in [1]. We argue that our metrics are more appropriate to measure the robustness of network configurations than the widely known connectivity based metrics. We formalize the problem of selecting the sink nodes as an optimization problem aiming at minimizing the deployment budget while achieving a certain level of robustness. We propose an efficient greedy heuristic algorithm that approximates the optimal solution reasonably well. [1] W. H. Cunningham, “Optimal attack and reinforcement of a network,” J. ACM, vol. 32, no. 3, pp. 549–561, 1985.

Recent advances in targeted malware attacks

B. Bencsáth and L. Buttyán and G. Pék and M. Felegyhazi

Fókuszban a CrySyS Lab. , December 14, 2011.

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK and Mark Felegyhazi},
   title = {Recent advances in targeted malware attacks },
   howpublished = {Fókuszban a CrySyS Lab. },
   month = {December 14},
   year = {2011}
}

Abstract

Recent advances in targeted malware attacks

B. Bencsáth and L. Buttyán and G. Pék and M. Felegyhazi

Schönherz - Simonyi Szakkollégium ., December 13, 2011.

Bibtex

@misc {
   author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK and Mark Felegyhazi},
   title = {Recent advances in targeted malware attacks },
   howpublished = {Schönherz - Simonyi Szakkollégium .},
   month = {December 13},
   year = {2011}
}

Abstract

VeRA - Version Number and Rank Authentication in RPL

L. Buttyán and T. Holczer and A. Dvir

7th IEEE International Workshop on Wireless and Sensor Networks Security, IEEE, Valencia, Spain, October 17-22, 2011, pp. 709 - 714.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and Tamas Holczer and Amit Dvir},
   title = {VeRA - Version Number and Rank Authentication in RPL},
   booktitle = {7th IEEE International Workshop on Wireless and Sensor Networks Security},
   publisher = {IEEE},
   address = {Valencia, Spain},
   month = {October 17-22},
   year = {2011},
   pages = {709 - 714}
}

Abstract

Designing a routing protocol for large low-power and lossy networks (LLNs), consisting of thousands of con-strained nodes and unreliable links, presents new challenges. The IPv6 Routing Protocol for Low-power and Lossy Networks (RPL), have been developed by the IETF ROLL Working Group as a preferred routing protocol to provide IPv6 routing functionality in LLNs. RPL provides path diversity by building and maintaining directed acyclic graphs (DAG) rooted at one (or more) gateway. However, an adversary that impersonates a gateway or has compromised one of the nodes close to the gateway can divert a large part of network trafﬁc forward itself and/or exhaust the nodes’ batteries. Therefore in RPL, special security care must be taken when the Destination Oriented Directed Acyclic Graph (DODAG) root is updating the Version Number by which reconstruction of the routing topology can be initiated. The same care also must be taken to prevent an internal attacker (compromised DODAG node) to publish decreased Rank value, which causes a large part of the DODAG to connect to the DODAG root via the attacker and give it the ability to eavesdrop a large part of the network trafﬁc forward itself. Unfortunately, the currently available security services in RPL will not protect against a compromised internal node that can construct and disseminate fake messages. In this paper, a new security service is described that prevents any misbehaving node from illegitimately increasing the Version Number and compromise illegitimate decreased Rank values.

XCS based hidden firmware modification on embedded devices

B. Bencsáth and L. Buttyán and T. Paulik

Proceedings of the IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom), IEEE, Split-Hvar-Dubrovnik, September 15-17, 2011, pp. 1-6.

Bibtex

@inproceedings {
   author = {Boldizsár Bencsáth and Levente Buttyán and Tamás Paulik},
   title = {XCS based hidden firmware modification on embedded devices},
   booktitle = {Proceedings of the IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom)},
   publisher = {IEEE},
   address = {Split-Hvar-Dubrovnik},
   month = {September 15-17},
   year = {2011},
   pages = {1-6}
}

Abstract

2010

Application of Wireless Sensor Networks in Critical Infrastructure Protection -- Challenges and Design Options

L. Buttyán and D. Gessner and A. Hessler and P. Langendoerfer

IEEE Wireless Communications Magazine, vol. 17, no. 5, October, 2010, pp. 44 - 49.

Bibtex | Abstract

@article {
   author = {Levente Buttyán and Dennis Gessner and Alban Hessler and Peter Langendoerfer},
   title = {Application of Wireless Sensor Networks in Critical Infrastructure Protection -- Challenges and Design Options},
   journal = {IEEE Wireless Communications Magazine},
   volume = {17},
   number = {5},
   month = {October},
   year = {2010},
   pages = {44 - 49}
}

Abstract

The protection of critical infrastructures provides an interesting application area for wireless sensor networks. Threats such as natural catastrophes, criminal or terrorist attacks against CIs are increasingly reported. The large-scale nature of CIs requires a scalable and low-cost technology for improving CI monitoring and surveillance. WSNs are a promising candidate to fulfill these requirements, but if the WSN becomes part of the CI in order to improve its reliability, then the dependability of the WSN itself needs to be significantly improved first. In this article we discuss the challenges and potential solutions to achieve dependability of WSNs taking into account accidental failures as well as intentional attacks. We inspect the whole system starting from individual sensor nodes via the protocol stack to the middleware layer above.

Barter Trade Improves Message Delivery in Opportunistic Networks

I. Vajda and M. Felegyhazi and L. Dóra and L. Buttyán

Elsevier Ad Hoc Networks, vol. 8, no. 1, January 10, 2010, pp. 1-14.

Bibtex | Abstract | PDF

@article {
   author = {István VAJDA and Mark Felegyhazi and László DÓRA and Levente Buttyán},
   title = {Barter Trade Improves Message Delivery in Opportunistic Networks},
   journal = {Elsevier Ad Hoc Networks},
   volume = {8},
   number = {1},
   month = {January 10},
   year = {2010},
   pages = {1-14}
}

Abstract

In opportunistic networks, selfish nodes can exploit the services provided by other nodes by downloading messages that interest them, but refusing to store and distribute messages for the benefit of other nodes. We propose a mechanism to discourage selfish behavior based on the principles of barter. We develop a game-theoretic model in which we show that the proposed approach indeed stimulates cooperation of the nodes. The results show that, in practical scenarios, the message delivery rate considerably increases, if the mobile nodes follow the Nash Equilibrium strategy in the proposed mechanism compared to the data dissemination protocol when no encouraging mechanism is present.

Cross-layer security and resilience in wireless mesh networks

A. Traganitis and V. Siris and L. Dóra and L. Buttyán and B. Bencsáth and I. Askoxylakis

N. Zorba, C. Skianis, and C. Verikoukis (eds), Cross Layer Designs in WLAN Systems, Troubador Publishing Ltd, Emerging Communication and Service Technologies Series, 2010.

Bibtex

@inbook {
   author = {A. Traganitis and Vasilios SIRIS and László DÓRA and Levente Buttyán and Boldizsár Bencsáth and Ioannis ASKOXYLAKIS},
   editor = {N. Zorba, C. Skianis, and C. Verikoukis (eds)},
   title = {Cross-layer security and resilience in wireless mesh networks},
   publisher = {Cross Layer Designs in WLAN Systems, Troubador Publishing Ltd, Emerging Communication and Service Technologies Series},
   year = {2010}
}

Abstract

Decision and Game Theory for Security

T. Alpcan and L. Buttyán and J. Baras

vol. LNCS 6442, Springer, 2010.

Bibtex

@book {
   author = {Tansu Alpcan and Levente Buttyán and John Baras},
   title = {Decision and Game Theory for Security},
   volume = {LNCS 6442},
   publisher = {Springer},
   year = {2010}
}

Abstract

Fast Certificate-based Authentication Scheme in Multi-operator maintained Wireless Mesh Networks

M. Petrocchi and F. Martinelli and L. Dóra and L. Buttyán

Elsevier Computer Communications, vol. 33, April, 2010, pp. 907-922.

Bibtex | Abstract | PDF

@article {
   author = {Marinella PETROCCHI and Fabio MARTINELLI and László DÓRA and Levente Buttyán},
   title = {Fast Certificate-based Authentication Scheme in Multi-operator maintained Wireless Mesh Networks},
   journal = {Elsevier Computer Communications},
   volume = {33},
   month = {April},
   year = {2010},
   pages = {907-922}
}

Abstract

In this paper, we consider QoS aware mesh networks that are maintained by multiple operators and they cooperate in the provision of networking services to the mesh clients. In order to support mobile users and seamless handover between the access points, the authentication delay has to be reduced. Many proposed fast authentication schemes rely on trust models that are not appropriate in a multi-operator environment. In this paper, we propose two certificate-based authentication schemes such that the authentication is performed locally between the access point and the mesh client. We assume that the access point is always a constrained device, and we propose different mechanisms for mesh clients with different computational performance. For constrained devices, we propose a mechanism where weak keys are used for digital signatures to decrease the latency of the authentication. The authenticity of the weak keys are provided by short-term certificates issued by the owner of the key. The short-term certificate has the digital signature generated by the owner's long-term key. We prove formally that the use of our weak key mechanism on the mesh client side is as secure as the use of some stronger keys. We perform a detailed performance evaluation on our proof-of-concept implementation, and we also compare our solution to the current standard methods.

Formal verification of secure ad-hoc network routing protocols using deductive model-checking

L. Buttyán and T. V. Thong

Proceedings of the IFIP Wireless and Mobile Networking Conference (WMNC), IFIP, Budapest, Hungary, October 18-20, 2010, pp. 1-6.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and Ta Vinh Thong},
   title = {Formal verification of secure ad-hoc network routing protocols using deductive model-checking},
   booktitle = {Proceedings of the IFIP Wireless and Mobile Networking Conference (WMNC)},
   publisher = {IFIP},
   address = {Budapest, Hungary},
   month = {October 18-20},
   year = {2010},
   pages = {1-6}
}

Abstract

Misbehaving Router Detection in Link-state Routing for Wireless Mesh Networks

L. Dóra and L. Buttyán and G. Ács

In Proceedings of the Second IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'10), Montreal, Canada, June 14-17, 2010.

Bibtex | Abstract | PDF

@inproceedings {
   author = {László DÓRA and Levente Buttyán and Gergely Ács},
   title = {Misbehaving Router Detection in Link-state Routing for Wireless Mesh Networks},
   booktitle = {In Proceedings of the Second IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'10)},
   address = {Montreal, Canada},
   month = {June 14-17},
   year = {2010}
}

Abstract

In this paper, we address the problem of detecting misbehaving routers in wireless mesh networks and avoiding them when selecting routes. We assume that link-state routing is used, and we essentially propose a reputation system, where trusted gateway nodes compute Node Trust Values for the routers, which are fed back into the system and used in the route selection procedure. The computation of the Node Trust Values is based on packet counters maintained in association with each route and reported to the gateways by the routers in a regular manner. The feedback mechanism is based on limited scope flooding. The received Node Trust Values concerning a given router are aggregated, and the aggregate trust value of the router determines the probability with which that router is kept in the topology graph used for route computation. Hence, less trusted routers are excluded from the topology graph with higher probability, while the route selection still runs on a weighted graph (where the weights are determined by the announced link qualities), and it does not need to be changed. We evaluated the performance of our solution by means of simulations. The results show that our proposed mechanism can detect misbehaving routers reliably, and thanks to the feedback and the exclusion of the accused nodes from the route selection, we can decrease the number of packets dropped due to router misbehavior considerably. At the same time, our mechanism only slightly increases the average route length.

PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks

L. Buttyán and P. Schaffer

International Journal of Distributed Sensor Networks, vol. 2010, no. Article ID 679205, 2010.

Bibtex | Abstract

@article {
   author = {Levente Buttyán and Peter Schaffer},
   title = {PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks},
   journal = {International Journal of Distributed Sensor Networks},
   volume = {2010},
   number = {Article ID 679205},
   year = {2010}
}

Abstract

We introduce PANEL a position-based aggregator node election protocol for wireless sensor networks. The novelty of PANEL with respect to other aggregator node election protocols is that it supports asynchronous sensor network applications where the sensor readings are fetched by the base stations after some delay. In particular, the motivation for the design of PANEL was to support reliable and persistent data storage applications, such as TinyPEDS; see the study by Girao et al. (2007). PANEL ensures load balancing, and it supports intra and intercluster routing allowing sensor-to-aggregator, aggregator-to-aggregator, base station-toaggregator, and aggregator to-base station communications. We also compare PANEL with HEED; see the study by Younis and Fahmy (2004) in the simulation environment provided by TOSSIM, and show that, on one hand, PANEL creates more cohesive clusters than HEED, and, on the other hand, that PANEL is more energy efficient than HEED.

Perfectly Anonymous Data Aggregation in Wireless Sensor Networks

T. Holczer and L. Buttyán

Proceedings of The 7th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2010), IEEE, San Francisco, November 8-12, 2010.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Tamas Holczer and Levente Buttyán},
   title = {Perfectly Anonymous Data Aggregation in Wireless Sensor Networks},
   booktitle = {Proceedings of The 7th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2010)},
   publisher = {IEEE},
   address = {San Francisco},
   month = {November 8-12},
   year = {2010}
}

Abstract

Clustering and data aggregation in wireless sensor networks improves scalability, and helps the efficient use of scarce resources. Yet, these mechanisms also introduce some security issues; in particular, aggregator nodes become attractive targets of physical destruction and jamming attacks. In order to mitigate this problem, we propose a new private aggregator node election protocol that hides the identity of the elected aggregator nodes both from external eavesdroppers and from compromised nodes participating in the protocol. We also propose a private data aggregation protocol and a corresponding private query protocol which allows the aggregators to collect sensor readings and respond to queries of the base station, respectively, without revealing any useful information about their identity to external eavesdroppers and to compromised nodes.

Pollution Attack Defense for Coding Based Sensor Storage

L. Buttyán and L. Czap and I. Vajda

Proceedings of the International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC), IEEE, California, USA, June 7-9, 2010.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and László CZAP and István VAJDA},
   title = {Pollution Attack Defense for Coding Based Sensor Storage},
   booktitle = {Proceedings of the International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC)},
   publisher = {IEEE},
   address = {California, USA},
   month = {June 7-9},
   year = {2010}
}

Abstract

We present a novel information theoretic approach to make network coding based storage secure against pollution attacks in sensor networks. The approach is based on a new decoding algorithm which makes it possible to find adversarial blocks using one more encoded block than strictly necessary for decoding. Our scheme fits well to the requirements of sensor networks, because it operates without adding either computational or communication overhead to source and storage nodes, only the collector node needs to perform some additional computation. Our approach does not apply cryptography, hence it works in environments where no pre-shared keys, secure channels or PKI are available, which is often the case in sensor networks.

Security Analysis of Reliable Transport Layer Protocols for Wireless Sensor Networks

L. Buttyán and L. Csik

Proceedings fof the IEEE Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS), IEEE, Seattle, USA, March 21-25, 2010, pp. 1-6.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and László Csik},
   title = {Security Analysis of Reliable Transport Layer Protocols for Wireless Sensor Networks},
   booktitle = {Proceedings fof the IEEE Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS)},
   publisher = {IEEE},
   address = {Seattle, USA},
   month = {March 21-25},
   year = {2010},
   pages = {1-6}
}

Abstract

End-to-end reliability of communications is an important requirement in many applications of wireless sensor networks. For this reason, a number of reliable transport protocols specifically designed for wireless sensor networks have been proposed in the literature. Besides providing end-to-end reliability, some of those protocols also address the problems of fairness and congestion control, and they are all optimized for low energy consumption. However, in this paper, we show that most of those protocols completely neglect security issues. As a consequence, they ensure reliable communications and low energy consumption only in a benign environment, but they fail in a hostile environment, where an adversary can forge or replay control packets of the protocol. More specifically, our analysis shows that control packet injection and replay can cause permanent loss of data packets, and thus, such misdeeds make the hitherto reliable protocol unreliable. In addition, even if the protocol can recover from such an attack, the recovery overhead caused by forged or replayed control packets can be large, which gives an opportunity for energy depletion attacks.

2009

Security of Communication Networks (In Hungarian)

B. Bencsáth and L. Buttyán and I. Vajda

Híradástechnika, vol. LXIV, August, 2009..

Bibtex

@article {
   author = {Boldizsár Bencsáth and Levente Buttyán and István VAJDA},
   title = {Security of Communication Networks (In Hungarian)},
   journal = {Híradástechnika},
   volume = {LXIV},
   month = {August},
   year = {2009.}
}

Abstract

An Authentication Scheme for QoS-aware Multi-operator maintained Wireless Mesh Networks

L. Dóra and L. Buttyán

In Proceedings of the First IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'09), IEEE, Kos, Greece, June 15, 2009.

Bibtex | Abstract | PDF

@inproceedings {
   author = {László DÓRA and Levente Buttyán},
   title = {An Authentication Scheme for QoS-aware Multi-operator maintained Wireless Mesh Networks},
   booktitle = {In Proceedings of the First IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'09)},
   publisher = {IEEE},
   address = {Kos, Greece},
   month = {June 15},
   year = {2009}
}

Abstract

Consistency verification of stateful firewalls is not harder than the stateless case

L. Buttyán and G. Pék and T. V. Thong

Infocommunications Journal, vol. LXIV, no. 2009/2-3, March, 2009, pp. 1-8.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and Gábor PÉK and Ta Vinh Thong},
   title = {Consistency verification of stateful firewalls is not harder than the stateless case},
   journal = {Infocommunications Journal},
   volume = {LXIV},
   number = {2009/2-3},
   month = {March},
   year = {2009},
   pages = {1-8}
}

Keywords

Stateful firewall, FIREMAN, verification, security, inconsistency

Abstract

Firewalls play an important role in the enforcement of access control policies in contemporary networks. However, firewalls are effective only if they are configured correctly such that their access control rules are consistent and the firewall indeed implements the intended access control policy. Unfortunately, due to the potentially large number of rules and their complex relationships with each other, the task of firewall configuration is notoriously error-prone, and in practice, firewalls are often misconfigured leaving security holes in the protection system. In this paper, we address the problem of consistency verification of stateful firewalls that keep track of already existing connections. For the first sight, the consistency verification of stateful firewalls appears to be harder than that of stateless firewalls. We show that, in fact, this is not the case: consistency verification of stateful firewalls can be reduced to the stateless case, and hence, they have the same complexity. We also report on our prototype implemetation of an automated consistency verification tool that can handle stateful firewalls.

CORA: Correlation-based Resilient Aggregation in Sensor Networks

L. Buttyán and P. Schaffer and I. Vajda

Elsevier Ad Hoc Networks, vol. 7, no. 6, 2009, pp. 1035-1050.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and Peter Schaffer and István VAJDA},
   title = {CORA: Correlation-based Resilient Aggregation in Sensor Networks},
   journal = {Elsevier Ad Hoc Networks},
   volume = {7},
   number = {6},
   year = {2009},
   pages = {1035-1050}
}

Abstract

In this paper, we consider the problem of resilient data aggregation in sensor networks, namely, how to aggregate sensor readings collected by the base station when some of those sensor readings may be compromised. Note that an attacker can easily compromise the reading of a sensor by altering the environmental parameters measured by that sensor. We present a statistical framework that is designed to mitigate the effects of the attacker on the output of the aggregation function. The main novelty of our approach compared to most prior work on resilient data aggregation is that we take advantage of the naturally existing correlation between the readings produced by different sensors. In particular, we show how spatial correlation can be represented in the sensor network data model, and how it can be exploited to increase the resilience of data aggregation. The algorithms presented in this paper are flexible enough to be applied without any special assumption on the distribution of the sensor readings or on the strategy of the attacker. The effectiveness of the algorithms is evaluated analytically considering a typical attacker model with various parameters, and by means of simulation considering a sophisticated attacker.

On the security of communication network: now and tomorrow

B. Bencsáth and L. Buttyán and I. Vajda

Infocommunications Journal, vol. LXIV., no. no. 4., 2009, pp. pp. 3-7..

Bibtex

@article {
   author = {Boldizsár Bencsáth and Levente Buttyán and István VAJDA},
   title = {On the security of communication network: now and tomorrow},
   journal = {Infocommunications Journal},
   volume = {LXIV.},
   number = {no. 4.},
   year = {2009},
   pages = {pp. 3-7.}
}

Abstract

Private Cluster Head Election in Wireless Sensor Networks

T. Holczer and L. Buttyán

Proceedings of the Fifth IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'09), IEEE, IEEE, Macau SAR, PRC, October 12 , 2009, pp. 1048-1053.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Tamas Holczer and Levente Buttyán},
   title = {Private Cluster Head Election in Wireless Sensor Networks},
   booktitle = {Proceedings of the Fifth IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'09)},
   organization = {IEEE},
   publisher = {IEEE},
   address = {Macau SAR, PRC},
   month = {October 12 },
   year = {2009},
   pages = {1048-1053}
}

Abstract

Clustering is a useful mechanism in wireless sensor networks that helps to cope with scalability problems and, if combined with in-network data aggregation, may increase the energy efficiency of the network. At the same time, by assigning a special role to the cluster head nodes, clustering makes the network more vulnerable to attacks. In particular, disabling a cluster head by physical destruction or jamming may render the entire cluster inoperable temporarily until the problem is detected and a new cluster head is elected. Hence, the cluster head nodes may be attractive targets of attacks, and one would like to make it difficult for an adversary to identify them. The adversary can try to identify the cluster head nodes in various ways, including the observation of the cluster head election process itself and the analysis of the traffic patterns after the termination of the cluster head election. In this paper, we focus on the former problem, which we call the private cluster head election problem. This problem has been neglected so far, and as a consequence, existing cluster head election protocols leak too much information making the identification of the elected cluster head nodes easy even for a passive external observer. We propose the first private cluster head election protocol for wireless sensor networks that is designed to hide the identity of the elected cluster head nodes from an adversary that can observe the execution of the protocol.

Securing Multi-operator Based QoS-aware Mesh Networks: Requirements and Design Options

I. Vajda and D. Szili and V. Siris and L. Dóra and L. Buttyán and B. Bencsáth and I. Askoxylakis

Wireless Communications and Mobile Computing (Special Issue on QoS and Security in Wireless Networks), vol. 10, no. 5, 2009, pp. 622-646.

Bibtex | Abstract | PDF

@article {
   author = {István VAJDA and Dávid SZILI and Vasilios SIRIS and László DÓRA and Levente Buttyán and Boldizsár Bencsáth and Ioannis ASKOXYLAKIS},
   title = {Securing Multi-operator Based QoS-aware Mesh Networks: Requirements and Design Options},
   journal = {Wireless Communications and Mobile Computing (Special Issue on QoS and Security in Wireless Networks)},
   volume = {10},
   number = {5},
   year = {2009},
   pages = {622-646}
}

Abstract

Wireless mesh networking allows network operators and service providers to offer nearly ubiquitous broadband access at a low cost to customers. In this paper, we focus on QoS-aware mesh networks operated by multiple operators in a cooperative manner. In particular, we identify the general security requirements of such networks and we give an overview on the available design options for a security architecture aiming at satisfying those requirements. More speciﬁcally, we consider the problems of mesh client authentication and access control, protection of wireless communications, securing the routing, key management, and intrusion and misbehavior detection and recovery. Our aim is to structure this rich problem domain and to prepare the grounds for the design of a practically usable security architecture.

SLOW: A Practical Pseudonym Changing Scheme for Location Privacy in VANETs

W. Whyte and A. Weimerskirch and T. Holczer and L. Buttyán

Proceedings of the IEEE Vehicular Networking Conference, IEEE, IEEE, Tokyo, Japan, October 28-29, 2009, pp. 1-8.

Bibtex | Abstract | PDF

@inproceedings {
   author = {William Whyte and Andre Weimerskirch and Tamas Holczer and Levente Buttyán},
   title = {SLOW: A Practical Pseudonym Changing Scheme for Location Privacy in VANETs},
   booktitle = {Proceedings of the IEEE Vehicular Networking Conference},
   organization = {IEEE},
   publisher = {IEEE},
   address = {Tokyo, Japan},
   month = {October 28-29},
   year = {2009},
   pages = {1-8}
}

Abstract

Untraceability of vehicles is an important requirement in future vehicle communications systems. Unfortunately, heartbeat messages used by many safety applications provide a constant stream of location data, and without any protection measures, they make tracking of vehicles easy even for a passive eavesdropper. One commonly known solution is to transmit heartbeats under pseudonyms that are changed regularly in order to obfuscate the trajectory of vehicles. However, this approach is effective only if some silent period is kept during the pseudonym change and several vehicles change their pseudonyms nearly at the same time and at the same location. Unlike previous works that proposed explicit synchronization between a group of vehicles and/or required pseudonym change in a designated physical area (i.e., a static mix zone), we propose a much simpler approach that does not need any explicit cooperation between vehicles and any infrastructure support. Our basic idea is that vehicles should not transmit heartbeat messages when their speed drops below a given threshold, say 30 km/h, and they should change pseudonym during each such silent period. This ensures that vehicles stopping at traffic lights or moving slowly in a traffic jam will all refrain from transmitting heartbeats and change their pseudonyms nearly at the same time and location. Thus, our scheme ensures both silent periods and synchronized pseudonym change in time and space, but it does so in an implicit way. We also argue that the risk of a fatal accident at a slow speed is low, and therefore, our scheme does not seriously impact safety-of- life. In addition, refraining from sending heartbeat messages when moving at low speed also relieves vehicles of the burden of verifying a potentially large amount of digital signatures, and thus, makes it possible to implement vehicle communications with less expensive equipments.

2008

PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks

L. Buttyán and P. Schaffer

International Journal of Distributed Sensor Networks, September, 2008.

Bibtex | Abstract

Abstract

In this paper, we introduce PANEL, a position-based aggregator node election protocol for wireless sensor networks. The novelty of PANEL with respect to other aggregator node election protocols is that it supports asynchronous sensor network applications where the sensor readings are fetched by the base stations after some delay. In particular, the motivation for the design of PANEL was to support reliable and persistent data storage applications, such as TinyPEDS. PANEL ensures load balancing, and it supports intra- and inter-cluster routing allowing sensor to aggregator, aggregator to aggregator, base station to aggregator, and aggregator to base station communications. We also compare PANEL with HEED in the simulation environment provided by TOSSIM, and show that, on the one hand, PANEL creates more cohesive clusters than HEED, and, on the other hand, that PANEL is more energy efficient than HEED.

Secure vehicular communication systems: design and architecture

J. P. Hubaux and A. Kung and F. Kargl and Z. Ma and M. Raya and J. Freudiger and E. Schoch and T. Holczer and L. Buttyán and P. Papadimitratos

IEEE Communications Magazine, vol. 46, no. 11, November, 2008, pp. 100-109.

Bibtex | Abstract | PDF

@article {
   author = {Jean-Pierre Hubaux and Antonio Kung and Frank Kargl and Zhendong Ma and Maxim Raya and Julien Freudiger and Elmar Schoch and Tamas Holczer and Levente Buttyán and Panagiotis Papadimitratos},
   title = {Secure vehicular communication systems: design and architecture},
   journal = {IEEE Communications Magazine},
   volume = {46},
   number = {11},
   month = {November},
   year = {2008},
   pages = {100-109}
}

Abstract

Significant developments have taken place over the past few years in the area of vehicular communication systems. Now, it is well understood in the community that security and protection of private user information are a prerequisite for the deployment of the technology. This is so precisely because the benefits of VC systems, with the mission to enhance transportation safety and efficiency, are at stake. Without the integration of strong and practical security and privacy enhancing mechanisms, VC systems can be disrupted or disabled, even by relatively unsophisticated attackers. We address this problem within the SeVeCom project, having developed a security architecture that provides a comprehensive and practical solution. We present our results in a set of two articles in this issue. In this first one, we analyze threats and types of adversaries, identify security and privacy requirements, and present a spectrum of mechanisms to secure VC systems. We provide a solution that can be quickly adopted and deployed. In the second article we present our progress toward the implementation of our architecture and results on the performance of the secure VC system, along with a discussion of upcoming research challenges and our related current results.

Secure vehicular communication systems: implementation, performance, and research challenges

J. P. Hubaux and A. Kung and A. Held and G. Calandriello and T. V. Thong and B. Wiedersheim and E. Schoch and M. Müter and L. Buttyán and P. Papadimitratos and F. Kargl

IEEE Communications Magazine, vol. 46, no. 11, November, 2008, pp. 110-118.

Bibtex | Abstract | PDF

@article {
   author = {Jean-Pierre Hubaux and Antonio Kung and Albert Held and Giorgo Calandriello and Ta Vinh Thong and Björn Wiedersheim and Elmar Schoch and Michael Müter and Levente Buttyán and Panagiotis Papadimitratos and Frank Kargl},
   title = {Secure vehicular communication systems: implementation, performance, and research challenges},
   journal = {IEEE Communications Magazine},
   volume = {46},
   number = {11},
   month = {November},
   year = {2008},
   pages = {110-118}
}

Abstract

Vehicular communication systems are on the verge of practical deployment. Nonetheless, their security and privacy protection is one of the problems that have been addressed only recently. In order to show the feasibility of secure VC, certain implementations are required. we discuss the design of a VC security system that has emerged as a result of the European SeVe-Com project. In this second article we discuss various issues related to the implementation and deployment aspects of secure VC systems. Moreover, we provide an outlook on open security research issues that will arise as VC systems develop from today's simple prototypes to full-fledged systems.

Securing Coding Based Distributed Storage in Wireless Sensor Networks

L. Buttyán and L. Czap and I. Vajda

IEEE Workshop on Wireless and Sensor Network Security (WSNS), Atlanta, Georgia, USA, September 29-October 2, 2008.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and László CZAP and István VAJDA},
   title = {Securing Coding Based Distributed Storage in Wireless Sensor Networks},
   booktitle = {IEEE Workshop on Wireless and Sensor Network Security (WSNS)},
   address = {Atlanta, Georgia, USA},
   month = {September 29-October 2},
   year = {2008}
}

Abstract

We address the problem of pollution attacks in coding based distributed storage systems proposed for wireless sensor networks. In a pollution attack, the adversary maliciously alters some of the stored encoded packets, which results in the incorrect decoding of a large part of the original data upon retrieval. We propose algorithms to detect and recover from such attacks. In contrast to existing approaches to solve this problem, our approach is not based on adding cryptographic checksums or signatures to the encoded packets. We believe that our proposed algorithms are suitable in practical systems.

Security and Cooperation in Wireless Networks

L. Buttyán and J. P. Hubaux

Cambridge University Press, 2008.

Bibtex

@book {
   author = {Levente Buttyán and Jean-Pierre Hubaux},
   title = {Security and Cooperation in Wireless Networks},
   publisher = {Cambridge University Press},
   year = {2008}
}

Abstract

Security API analysis with the spi-calculus

L. Buttyán and T. V. Thong

Hiradástechnika, vol. LXIII, January, 2008, pp. 16-21.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and Ta Vinh Thong},
   title = {Security API analysis with the spi-calculus},
   journal = {Hiradástechnika},
   volume = {LXIII},
   month = {January},
   year = {2008},
   pages = {16-21}
}

Keywords

Security API, Spi-calculus, Verification

Abstract

API level vulnerabilities of hardware security modules represent a serious threat, thus, discovering and patching security holes in APIs are important. In this paper, we argue and illustrate that the application of formal verification methods is a promising approach for API analysis. In particular, we propose an API verification method based on process algebra. The proposed method seems to be extremely wellsuited for API analysis as it allows for the straightforward modelling of the API, the precise definition of the security requirements, and the rigorous verification of the security properties offered by the API.

2007

An User Authentication Scheme for Fast Handover Between WiFi Access Points

A. Bohák and L. Buttyán and L. Dóra

In Proceedings of the Third Annual International Wireless Internet Conference, ACM, Austin, Texas, USA, October 22-23, 2007, pp. 1-6, (invited paper).

Bibtex | Abstract | PDF

@inproceedings {
   author = {András BOHÁK and Levente Buttyán and László DÓRA},
   title = {An User Authentication Scheme for Fast Handover Between WiFi Access Points},
   booktitle = {In Proceedings of the Third Annual International Wireless Internet Conference},
   publisher = {ACM},
   address = {Austin, Texas, USA},
   month = {October 22-23},
   year = {2007},
   pages = {1-6},
   note = {(invited paper)}
}

Abstract

In this paper, we propose an authentication scheme that is designed to reduce the authentication delay during a WiFi handover process. We observe that the largest part of the delay is due to the remote communications between the access point and the AAA server that authorizes the access to the network. In order to eliminate remote communications, our scheme uses pre-authorization, and it pre-distributes authentication information to the access points that are the potential targets of a future handover. This ensures that only local communications (between the mobile station and the access point) take place during the handover itself. We describe the design of our scheme, as well as report on a proof-of-concept implementation. Our validation results show that our scheme breaks the dependency of the authentication delay on the round-trip time between the access point and the AAA server. This makes our scheme applicable in real time applications such as telephony and video streaming for WiFi users.

Architecture for Secure and Private Vehicular Communications

P. Papadimitratos and L. Buttyán and J. P. Hubaux and F. Kargl and A. Kung and M. Raya

Proceedings of the International Conference on ITS Telecommunications (ITST), -, Sophia Antipolis, France, June 6-8, , 2007, pp. 1-6.

Bibtex | Abstract

@inproceedings {
   author = {Panagiotis Papadimitratos and Levente Buttyán and Jean-Pierre Hubaux and Frank Kargl and Antonio Kung and Maxim Raya},
   title = {Architecture for Secure and Private Vehicular Communications},
   booktitle = {Proceedings of the International Conference on ITS Telecommunications (ITST)},
   publisher = {-},
   address = {Sophia Antipolis, France},
   month = {June 6-8, },
   year = {2007},
   pages = {1-6}
}

Abstract

The deployment of vehicular communication (VC) systems is strongly dependent on their security and privacy features. In this paper, we propose a security architecture for VC. The primary objectives of the architecture include the management of identities and cryptographic keys, the security of communications, and the integration of privacy enhancing technologies. Our design approach aims at a system that relies on well-understood components which can be upgraded to provide enhanced security and privacy protection in the future. This effort is undertaken by SeVeCom (http://www.sevecom.org), a transversal project providing security and privacy enhancing mechanisms compatible with the VC technologies currently under development by all EU funded projects.

Barter-based cooperation in delay-tolerant personal wireless networks

L. Buttyán and L. Dóra and M. Felegyhazi and I. Vajda

In Proceedings of the First IEEE WoWMoM Workshop on Autonomic and Opportunistic Communications, IEEE Computer Society Press, Helsinki, Finland, June 18 , 2007, pp. 1-6.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and László DÓRA and Mark Felegyhazi and István VAJDA},
   title = {Barter-based cooperation in delay-tolerant personal wireless networks},
   booktitle = {In Proceedings of the First IEEE WoWMoM Workshop on Autonomic and Opportunistic Communications},
   publisher = {IEEE Computer Society Press},
   address = {Helsinki, Finland},
   month = {June 18 },
   year = {2007},
   pages = {1-6}
}

Abstract

In this paper, we consider the application of delay-tolerant networks to personal wireless communications. In these networks, selfish nodes can exploit the services provided by other nodes by downloading messages that interest them, but refusing to store and distribute messages for the benefit of other nodes. We propose a mechanism to discourage selfish behavior based on the principles of barter. We develop a game-theoretic model in which we show that the proposed approach indeed stimulates cooperation of the nodes. In addition, the results show that the individually most beneficial behavior leads to the social optimum of the system.

Biztonsági API analízis a spi-kalkulussal

L. Buttyán and T. V. Thong

Hiradástechnika, vol. LXII/8, August, 2007, pp. 43-49.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and Ta Vinh Thong},
   title = {Biztonsági API analízis a spi-kalkulussal},
   journal = {Hiradástechnika},
   volume = {LXII/8},
   month = {August},
   year = {2007},
   pages = {43-49}
}

Keywords

Biztonsági API, Formális ellenõrzés, Spi-kalkulus

Abstract

Az API szintû támadások komoly veszélyt jelentenek a hardver biztonsági modulokra nézve, ezért fontos követelmény az API-ban rejlõ biztonsági lyukak felfedezése és foltozása. Az API analízis egyik igéretes iránya a formális verifikációs módszerek alkalmazása. Cikkünkben ezt az irányt követjük, s egy processz-algebra alapú API verifikációs módszert javaslunk, mely különösen alkalmasnak látszik a biztonsági API-k mûködésének formális leírására, a biztonsági követelmények precíz definiálására, és a megfogalmazott követelmények teljesítésének ellenõrzésére. Munkánk motiválása céljából ismertetünk nénány konkrét API szintû támadást is egy a gyakorlatban elterjedten használt hardver biztonsági modul ellen. Bevezetés

Group-Based Private Authentication

G. Avoine and L. Buttyán and T. Holczer and I. Vajda

In Proceedings of the International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007), IEEE, Helsinki, Finland, Jun 18 , 2007.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gildas Avoine and Levente Buttyán and Tamas Holczer and István VAJDA},
   title = {Group-Based Private Authentication},
   booktitle = {In Proceedings of the International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007)},
   publisher = {IEEE},
   address = {Helsinki, Finland},
   month = {Jun 18 },
   year = {2007}
}

Abstract

We propose a novel authentication scheme that ensures privacy of the provers. Our scheme is based on symmetric-key cryptography, and therefore, it is well-suited to resource constrained applications in large scale environments. A typical example for such an application is an RFID system, where the provers are low-cost RFID tags, and the number of the tags can potentially be very large. We analyze the proposed scheme and show that it is superior to the well-known key-tree based approach for private authentication both in terms of privacy and efficiency.

On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs

I. Vajda and T. Holczer and L. Buttyán

In Proceedings of the Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS2007), Springer, Cambridge, UK, July 2-3, , 2007.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István VAJDA and Tamas Holczer and Levente Buttyán},
   title = {On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs},
   booktitle = {In Proceedings of the Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS2007)},
   publisher = {Springer},
   address = {Cambridge, UK},
   month = {July 2-3, },
   year = {2007}
}

Abstract

The promise of vehicular communications is to make road traffic safer and more efficient. However, besides the expected benefits, vehicular communications also introduce some privacy risk by making it easier to track the physical location of vehicles. One approach to solve this problem is that the vehicles use pseudonyms that they change with some frequency. In this paper, we study the effectiveness of this approach.We define a model based on the concept of the mix zone, characterize the tracking strategy of the adversary in this model, and introduce a metric to quantify the level of privacy enjoyed by the vehicles. We also report on the results of an extensive simulation where we used our model to determine the level of privacy achieved in realistic scenarios. In particular, in our simulation, we used a rather complex road map, generated traffic with realistic parameters, and varied the strength of the adversary by varying the number of her monitoring points. Our simulation results provide detailed information about the relationship between the strength of the adversary and the level of privacy achieved by changing pseudonyms.

PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks

L. Buttyán and P. Schaffer

In Proceedings of the 4th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS), IEEE Press, Pisa, Italy, October 8-11, 2007.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and Peter Schaffer},
   title = {PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks},
   booktitle = {In Proceedings of the 4th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS)},
   publisher = {IEEE Press},
   address = {Pisa, Italy},
   month = {October 8-11},
   year = {2007}
}

Abstract

In this paper, we introduce PANEL, a position-based aggregator node election protocol for wireless sensor networks. The novelty of PANEL with respect to other aggregator node election protocols is that it supports asynchronous sensor network applications where the sensor readings are fetched by the base stations after some delay. In particular, the motivation for the design of PANEL was to support reliable and persistent data storage applications, such as TinyPEDS. PANEL ensures load balancing, and it supports intra- and inter-cluster routing allowing sensor to aggregator, aggregator to aggregator, base station to aggregator, and aggregator to base station communications. We also present simulation results showing that PANEL is very energy efficient.

Secure Routing in Wireless Sensor Networks

G. Ács and L. Buttyán

in J. Lopez and J. Zhou (eds.): Wireless Sensor Network Security (Cryptology and Information Security Series), IOS Press, 2007.

Bibtex | Abstract

@inbook {
   author = {Gergely Ács and Levente Buttyán},
   title = {Secure Routing in Wireless Sensor Networks},
   publisher = {in J. Lopez and J. Zhou (eds.): Wireless Sensor Network Security (Cryptology and Information Security Series), IOS Press},
   year = {2007}
}

Abstract

In this chapter, we study how sensor network routing protocols can be secured. First, we describe the adversary model, the objectives of attacks against routing, as well as the different attack methods that may be used in wireless sensor networks. All these are illustrated by example attacks on well-known sensor network routing protocols. Then, we describe various countermeasures that can be used in sensor networks to secure the routing protocols. These include link layer security measures, secure neighbor discovery techniques, authenticated broadcast algorithms, and multi-path routing techniques. Finally, we illustrate the application of some of these countermeasures by presenting and explaining the operation of some secured sensor network routing protocols.

Security and Privacy in Ad Hoc and Sensor Networks

L. Buttyán and V. Gligor and D. Westhoff

vol. LNCS 4357, Springer, 2007.

Bibtex

@book {
   author = {Levente Buttyán and Virgil Gligor and Dirk Westhoff},
   title = {Security and Privacy in Ad Hoc and Sensor Networks},
   volume = {LNCS 4357},
   publisher = {Springer},
   year = {2007}
}

Abstract

The Security Proof of a Link-state Routing Protocol for Wireless Sensor Networks

I. Vajda and L. Buttyán and G. Ács

October 8-11, In Proceedings of the 3rd IEEE Workshop on Wireless and Sensor Networks Security (WSNS 2007), IEEE Press, Pisa, Italy, 2007.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István VAJDA and Levente Buttyán and Gergely Ács},
   title = {The Security Proof of a Link-state Routing Protocol for Wireless Sensor Networks},
   editor = {October 8-11},
   booktitle = {In Proceedings of the 3rd IEEE Workshop on Wireless and Sensor Networks Security (WSNS 2007)},
   organization = {IEEE Press},
   address = {Pisa, Italy},
   year = {2007}
}

Abstract

In this paper, we present a flexible and mathematically rigorous modeling framework for analyzing the security of sensor network routing protocols. Then, we demonstrate the usage of this framework by formally proving that INSENS (Intrusion-Tolerant Routing in Wireless Sensor Networks), which is a secure sensor network routing protocol proposed in the literature independently of our work, can be proven to be secure in our model.

2006

A taxonomy of routing protocols for wireless sensor networks

L. Buttyán and G. Ács

Híradástechnika, December, 2006.

Bibtex | Abstract

@article {
   author = {Levente Buttyán and Gergely Ács},
   title = {A taxonomy of routing protocols for wireless sensor networks},
   journal = {Híradástechnika},
   month = {December},
   year = {2006}
}

Abstract

Wireless sensor networks are large scale networks consisting of a large number of tiny sensor nodes and a few base stations, which communicate using multi-hop wireless communications. The design of energy efficient routing protocols for such networks is a challenging task, which has been in the focus of the sensor network research community in the recent past. This effort resulted in a huge number of sensor network routing protocols. The proposed protocols show a high variety, which stems from the diverse requirements of the various envisioned application scenarios. In this work, we propose a taxonomy of sensor network routing protocols, and classify the mainstream protocols proposed in the literature using this taxonomy. We distinguish five families of protocols based on the way the next hop is selected on the route of a message, and briefly describe the operation of a representative member from each group.

Modelling Adversaries and Security Objectives for Routing Protocols in Wireless Sensor Networks

G. Ács and L. Buttyán and I. Vajda

In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'06), October, 2006.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Ács and Levente Buttyán and István VAJDA},
   title = {Modelling Adversaries and Security Objectives for Routing Protocols in Wireless Sensor Networks},
   booktitle = {In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'06)},
   month = {October},
   year = {2006}
}

Abstract

The literature is very broad considering routing protocols in wireless sensor networks (WSNs). However, security of these routing protocols has fallen beyond the scope so far. Routing is a fundamental functionality in wireless networks, thus hostile interventions aiming to disrupt and degrade the routing service have a serious impact on the overall operation of the entire network. In order to analyze the security of routing protocols in a precise and rigorous way, we propose a formal framework encompassing the definition of an adversary model as well as the "general" definition of secure routingin sensor networks. Both definitions take into account the feasible goals and capabilities of an adversary in sensor environments and the variety of sensor routing protocols. In spirit, our formal model is based on the simulation paradigm that is a successfully used technique to prove the security of various cryptographic protocols. However, we also highlight some differences between our model and other models that have been proposed for wired or wireless networks. Finally, we illustrate the practical usage of our model by presenting the formal description of a simple attack against an authenticated routing protocol, which is based on the well-known TinyOS routing.

Optimal Key-Trees for Tree-Based Private Authentication

I. Vajda and T. Holczer and L. Buttyán

In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET), June, 2006, Springer.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István VAJDA and Tamas Holczer and Levente Buttyán},
   title = {Optimal Key-Trees for Tree-Based Private Authentication},
   booktitle = {In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET)},
   month = {June},
   year = {2006},
   note = {Springer}
}

Abstract

Key-tree based private authentication has been proposed by Molnar and Wagner as a neat way to efficiently solve the problem of privacy preserving authentication based on symmetric key cryptography. However, in the key-tree based approach, the level of privacy provided by the system to its members may decrease considerably if some members are compromised. In this paper, we analyze this problem, and show that careful design of the tree can help to minimize this loss of privacy. First, we introduce a benchmark metric for measuring the resistance of the system to a single compromised member. This metric is based on the well-known concept of anonymity sets. Then, we show how the parameters of the key-tree should be chosen in order to maximize the system's resistance to single member compromise under some constraints on the authentication delay. In the general case, when any member can be compromised, we give a lower bound on the level of privacy provided by the system. We also present some simulation results that show that this lower bound is quite sharp. The results of this paper can be directly used by system designers to construct optimal key-trees in practice; indeed, we consider this as the main contribution of our work.

Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks

I. Vajda and L. Buttyán and G. Ács

IEEE Transactions on Mobile Computing, vol. 5, no. 11, 2006.

Bibtex | Abstract

@article {
   author = {István VAJDA and Levente Buttyán and Gergely Ács},
   title = {Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks},
   journal = {IEEE Transactions on Mobile Computing},
   volume = {5},
   number = {11},
   year = {2006}
}

Keywords

Mobile ad hoc networks, secure routing, provable security

Abstract

Routing is one of the most basic networking functions in mobile ad hoc networks. Hence, an adversary can easily paralyze the operation of the network by attacking the routing protocol. This has been realized by many researchers and several "secure" routing protocols have been proposed for ad hoc networks. However, the security of those protocols has mainly been analyzed by informal means only. In this paper, we argue that flaws in ad hoc routing protocols can be very subtle, and we advocate a more systematic way of analysis. We propose a mathematical framework in which security can be precisely defined and routing protocols for mobile ad hoc networks can be proved to be secure in a rigorous manner. Our framework is tailored for on-demand source routing protocols, but the general principles are applicable to other types of protocols too. Our approach is based on the simulation paradigm, which has already been used extensively for the analysis of key establishment protocols, but, to the best of our knowledge, it has not been applied in the context of ad hoc routing so far. We also propose a new on-demand source routing protocol, called endairA, and we demonstrate the use of our framework by proving that it is secure in our model.

Providing Location Privacy in Automated Fare Collection Systems

I. Vajda and T. Holczer and L. Buttyán

In Proceedings of the 15th IST Mobile and Wireless Communication Summit, Mykonos, Greece, June, 2006.

Bibtex | PDF

@inproceedings {
   author = {István VAJDA and Tamas Holczer and Levente Buttyán},
   title = {Providing Location Privacy in Automated Fare Collection Systems},
   booktitle = {In Proceedings of the 15th IST Mobile and Wireless Communication Summit, Mykonos, Greece},
   month = {June},
   year = {2006}
}

Abstract

RANBAR: RANSAC-Based Resilient Aggregation in Sensor Networks

I. Vajda and P. Schaffer and L. Buttyán

In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), ACM Press, Alexandria, VA, USA, October, 2006.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István VAJDA and Peter Schaffer and Levente Buttyán},
   title = {RANBAR: RANSAC-Based Resilient Aggregation in Sensor Networks},
   booktitle = {In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN)},
   publisher = {ACM Press},
   address = {Alexandria, VA, USA},
   month = {October},
   year = {2006}
}

Abstract

We present a novel outlier elimination technique designed for sensor networks. This technique is called RANBAR and it is based on the RANSAC (RANdom SAmple Consensus) paradigm, which is well-known in computer vision and in automated cartography. The RANSAC paradigm gives us a hint on how to instantiate a model if there are a lot of compromised data elements. However, the paradigm does not specify an algorithm and it uses a guess for the number of compromised elements, which is not known in general in real life environments. We developed the RANBAR algo- rithm following this paradigm and we eliminated the need for the guess. Our RANBAR algorithm is therefore capable to handle a high percent of outlier measurement data by leaning on only one preassumption, namely that the sample is i.i.d. in the unattacked case. We implemented the algo- rithm in a simulation environment and we used it to filter out outlier elements from a sample before an aggregation procedure. The aggregation function that we used was the average. We show that the algorithm guarantees a small dis- tortion on the output of the aggregator even if almost half of the sample is compromised. Compared to other resilient aggregation algorithms, like the trimmed average and the median, our RANBAR algorithm results in smaller distor- tion, especially for high attack strengths.

Resilient Aggregation with Attack Detection in Sensor Networks

L. Buttyán and P. Schaffer and I. Vajda

Second IEEE International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS), IEEE Computer Society Press, Pisa, Italy, March, 2006.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and Peter Schaffer and István VAJDA},
   title = {Resilient Aggregation with Attack Detection in Sensor Networks},
   booktitle = {Second IEEE International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS)},
   publisher = {IEEE Computer Society Press},
   address = {Pisa, Italy},
   month = {March},
   year = {2006}
}

Abstract

In this paper, we propose a new model of resilient data aggregation in sensor networks, where the aggregator analyzes the received sensor readings and tries to detect unexpected deviations before the aggregation function is called. In this model, the adversary does not only want to cause maximal distortion in the output of the aggregation function, but it also wants to remain undetected. The advantage of this approach is that in order to remain undetected, the adversary cannot distort the output arbitrarily, but rather the distortion is usually upper bounded, even for aggregation functions that were considered to be insecure earlier (e.g., the average). We illustrate this through an example in this paper.

Resilient Aggregation: Statistical Approaches

L. Buttyán and P. Schaffer and I. Vajda

Chapter 10, in N.P.Mahalik (ed.): Sensor Networks and Configuration, Springer, 2006.

Bibtex | Abstract | PDF

@inbook {
   author = {Levente Buttyán and Peter Schaffer and István VAJDA},
   title = {Resilient Aggregation: Statistical Approaches},
   chapter = {Chapter 10},
   publisher = {in N.P.Mahalik (ed.): Sensor Networks and Configuration, Springer},
   year = {2006}
}

Abstract

In typical sensor network applications, the sensors are left unattended for a long period of time. In addition, due to cost reasons, sensor nodes are usually not tamper resistant. Consequently, sensors can be easily captured and compromised by an adversary. Once compromised, a sensor can send authentique messages to other nodes and to the base station, but those messages may contain arbitrary data created by the adversray (e.g., bogus measurments). A similar effect can be achieved by manipulating the physical environment of uncompromised sensors so that they measure false values. Bogus data introduced by the adversary may considerably distort the output of the aggregation function at the base station, and may lead to wrong decisions. The goal of resilient aggregation is to perform the aggregation correctly despite the possibility of the above mentioned attacks. In this paper, we give an overview of the state-of-the-art in resilient aggregation in sensor networks, and briefly summarize the relevant techniques in the field of mathematical statistics. In addition, we introduce a particular approach for resilient aggregation in more details. This approach is based on RANSAC (RAndom SAmple Consensus), which we adopted for our purposes. We also present some initial simulation results showing that our RANSAC based approach can tolerate a high percentage of compromised nodes.

SEVECOM - Secure Vehicle Communication

T. Leinmueller and L. Buttyán and J. P. Hubaux and F. Kargl and P. Papadimitratos and M. Raya and E. Schoch

IST Mobile Summit, ??, June, 2006.

Bibtex | Abstract

@inproceedings {
   author = {Tim Leinmueller and Levente Buttyán and Jean-Pierre Hubaux and Frank Kargl and Panagiotis Papadimitratos and Maxim Raya and Elmar Schoch},
   title = {SEVECOM - Secure Vehicle Communication},
   booktitle = {IST Mobile Summit},
   publisher = {??},
   month = {June},
   year = {2006}
}

Abstract

Vehicle to Vehicle communication (V2V) and Vehicle to Infrastructure communication (V2I) promise to improve road safety and optimize road traffic through cooperative systems applications. A prerequisite for the successful deployment of vehicular communications is to make them secure. The specific operational environment (moving vehicles, sporadic connectivity, etc. ) makes the problem very novel and challenging. Because of the challenges, a research and development road map is needed. We consider SEVECOM [1] to be the first phase of a longer term undertaking. In this first phase, we aim to define a consistent and future-proof solution to the problem of V2V/V2I security. SEVECOM will focus on communications specific to road traffic. This includes messages related to traffic information, anonymous safety-related messages, and liability related messages.

Útvonalválasztó protokollok vezeték nélküli szenzorhálózatokban

L. Buttyán and G. Ács

Híradástecnika, November, 2006.

Bibtex | Abstract

@article {
   author = {Levente Buttyán and Gergely Ács},
   title = {Útvonalválasztó protokollok vezeték nélküli szenzorhálózatokban},
   journal = {Híradástecnika},
   month = {November},
   year = {2006}
}

Abstract

A szenzorhálózatok változatos alkalmazásai különbözõ követelményeket támasztanak az útvonalválasztó protokollokkal szemben. A különbözõ követelményeknek köszönhetõen igen sok javasolt protokoll található az irodalomban. Ebben a cikkben rendszerezzük ezeket a vonalválasztó protokollokat, és minden családból bemutatunk egy prominens képviselõt. A cikk újdonsága a rendszerezéshez használt szempontrendszer, mely a protokollok eddigieknél részletesebb taxonómiáját eredményezi.

WiFi biztonság - A jó, a rossz, és a csúf

L. Dóra and L. Buttyán

Híradástechnika, May, 2006.

Bibtex | Abstract | PDF

@article {
   author = {László DÓRA and Levente Buttyán},
   title = {WiFi biztonság - A jó, a rossz, és a csúf},
   journal = {Híradástechnika},
   month = {May},
   year = {2006}
}

Abstract

Jelen cikkben ismeretterjesztõ jellegû áttekintést adunk a WiFi biztonsághoz kapcsolódó szabványokról, a WEP-rõl és a 802.11i-rõl.

2005

A framework for the revocation of unintended digital signatures initiated by malicious terminals

I. Zs. Berta and L. Buttyán and I. Vajda

IEEE Transactions on Secure and Dependable Computing, vol. (Vol. 2, No. 3), July-September, 2005, pp. 268-272.

Bibtex | Abstract

@article {
   author = {István Zsolt BERTA and Levente Buttyán and István VAJDA},
   title = {A framework for the revocation of unintended digital signatures initiated by malicious terminals},
   journal = {IEEE Transactions on Secure and Dependable Computing},
   volume = {(Vol. 2, No. 3)},
   month = {July-September},
   year = {2005},
   pages = {268-272}
}

Abstract

Human users need trusted computers when they want to generate digital signatures. In many applications, in particular, if the users are mobile, they need to carry their trusted computers with themselves. Smart cards are easy to use, easy to carry, and relatively difficult to tamper with, but they do not have a user interface; therefore, the user still needs a terminal for authorizing the card to produce digital signatures. If the terminal is malicious, it can mislead the user and obtain a digital signature on an arbitrary document. In order to mitigate this problem, we propose a solution based on conditional signatures. More specifically, we propose a framework for the controlled revocation of unintended digital signatures. We also propose a solution with a special emphasis on privacy issues.

Ad hoc útvonalválasztó protokollok bizonyított biztonsága

G. Ács and L. Buttyán and I. Vajda

Híradástechnika, March, 2005.

Bibtex | Abstract

@article {
   author = {Gergely Ács and Levente Buttyán and István VAJDA},
   title = {Ad hoc útvonalválasztó protokollok bizonyított biztonsága},
   journal = {Híradástechnika},
   month = {March},
   year = {2005}
}

Keywords

ad hoc hálózatok, forrás alapú ad hoc útvonalválasztás, biztonságos útvonalválasztás, bizonyított biztonság, szimulációs paradigma

Abstract

Ebben a cikkben egy olyan formális módszert mutatunk be, amivel a vezeték nélküli ad hoc hálózatok számára javasolt, igény szerinti, forrás alapú útvonalválasztó protokollokat (on-demand source routing) lehet biztonsági szempontból elemezni. A módszer alapját a szimulációs paradigma adja, mely egy jól ismert, általános eljárás kriptográfiai protokollok biztonságának bizonyítására. A cikkben bemutatjuk a szimulációs paradigma adaptációját ad hoc útvonalválasztó protokollokra. Formálisan megfogalmazzuk, hogy mit értünk biztonságos útvonalválasztás alatt, melyhez felhasználjuk a statisztikai megkülönböztethetetlenség fogalmát. A módszer gyakorlati alkalmazását egy példán keresztül szemléltetjük, melyben röviden ismertetjük az endairA útvonalválasztó protokoll mûködését, és bebizonyítjuk, hogy a protokoll biztonságos az általunk definiált modellben.

Cooperative Packet Forwarding in Multi-Domain Sensor Networks

M. Felegyhazi and J. P. Hubaux and L. Buttyán

Proceedings of the First International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS 2005), March, 2005.

Bibtex

@inproceedings {
   author = {Mark Felegyhazi and and Levente Buttyán},
   title = {Cooperative Packet Forwarding in Multi-Domain Sensor Networks},
   booktitle = {Proceedings of the First International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS 2005)},
   month = {March},
   year = {2005}
}

Abstract

Mobility Helps Peer-to-Peer Security

S. Capkun and J. P. Hubaux and L. Buttyán

IEEE Transactions on Mobile Computing, to appear, 2005.

Bibtex

@article {
   author = { and and Levente Buttyán},
   title = {Mobility Helps Peer-to-Peer Security},
   journal = {IEEE Transactions on Mobile Computing},
   month = {to appear},
   year = {2005}
}

Abstract

Nash Equilibria of Packet Forwarding Strategies in Wireless Ad Hoc Networks

M. Felegyhazi and J. P. Hubaux and L. Buttyán

IEEE Transactions on Mobile Computing, to appear, 2005.

Bibtex

@article {
   author = {Mark Felegyhazi and and Levente Buttyán},
   title = {Nash Equilibria of Packet Forwarding Strategies in Wireless Ad Hoc Networks},
   journal = {IEEE Transactions on Mobile Computing},
   month = {to appear},
   year = {2005}
}

Abstract

Node Cooperation in Hybrid Ad hoc Networks

N. B. Salem and L. Buttyán and J. P. Hubaux and M. Jakobsson

IEEE Transactions on Mobile Computing, to appear, 2005.

Bibtex

@article {
   author = {N. Ben Salem and Levente Buttyán and and Markus Jakobsson},
   title = {Node Cooperation in Hybrid Ad hoc Networks},
   journal = {IEEE Transactions on Mobile Computing},
   month = {to appear},
   year = {2005}
}

Abstract

Provable Security for Ad Hoc Routing Protocols

G. Ács and L. Buttyán and I. Vajda

Híradástechnika, June, 2005.

Bibtex | Abstract

@article {
   author = {Gergely Ács and Levente Buttyán and István VAJDA},
   title = {Provable Security for Ad Hoc Routing Protocols},
   journal = {Híradástechnika},
   month = {June},
   year = {2005}
}

Keywords

ad hoc networks, on-demand ad hoc source routing, secure ad hoc routing, provable security, simulation paradigm

Abstract

In this article we present a new formal framework that can be used for analyzing the ecurity of on-demand source routing protocols proposed for wireless mobile ad hoc networks. Our approach is based on the simulation paradigm which is a well-known and general procedure to prove the security of cryptographic protocols. We give the formal definition of secure ad hoc routing in a precise and rigorous manner using the concept of statistical indistinguishability. We present an ad hoc source routing protocol, called endairA, and we illustrate the usage of our approach by proving that this protocol is secure in our model.

Provable Security of On-Demand Distance Vector Routing in Wireless Ad Hoc Networks

G. Ács and L. Buttyán and I. Vajda

In Proceedings of the Second European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), Visegrád, Hungary, July 13-14, 2005, 2005.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Ács and Levente Buttyán and István VAJDA},
   title = {Provable Security of On-Demand Distance Vector Routing in Wireless Ad Hoc Networks},
   booktitle = {In Proceedings of the Second European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), Visegrád, Hungary, July 13-14, 2005},
   year = {2005}
}

Abstract

In this paper, we propose a framework for the security analysis of on-demand, distance vector routing protocols for ad hoc networks, such as AODV, SAODV, and ARAN. The proposed approach is an adaptation of the simulation paradigm that is used extensively for the analysis of cryptographic algorithms and protocols, and it provides a rigorous method for proving that a given routing protocol is secure. We demonstrate the approach by representing known and new attacks on SAODV in our framework, and by proving that ARAN is secure in our model.

Spontaneous Cooperation in Multi-domain Sensor Networks

P. Schaffer and T. Holczer and L. Buttyán

In Proceedings of the 2nd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS), Springer, Visegrád, Hungary, July, 2005.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Peter Schaffer and Tamas Holczer and Levente Buttyán},
   title = {Spontaneous Cooperation in Multi-domain Sensor Networks},
   booktitle = {In Proceedings of the 2nd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS)},
   publisher = {Springer},
   address = {Visegrád, Hungary},
   month = {July},
   year = {2005}
}

Abstract

Sensor networks are large scale networks consisting of several nodes and some base stations. The nodes are monitoring the environment and send their measurement data towards the base stations possibly via multiple hops. Since the nodes are often battery powered, an important design criterion for sensor networks is the maximization of their lifetime. In this paper, we consider multi-domain sensor networks, by which we mean a set of sensor networks that co-exist at the same physical location but run by different authorities. In this setting, the lifetime of all networks can be increased if the nodes cooperate and also forward packets originating from foreign domains. There is a risk, however, that a selfish network takes advantage of the cooperativeness of the other networks and exploits them. We study this problem in a game theoretic setting, and show that, in most cases, there is a Nash equilibrium in the system, in which at least one of the strategies is cooperative, even without introducing any external incentives (e.g., payments).

Standards for Product Security Assessment

I. Zs. Berta and L. Buttyán and I. Vajda

Chapter 53, in IT Security Handbook, edited by Hossein Bidgoli, John Wiley and Sons, 2005, (to appear).

Bibtex

@inbook {
   author = {István Zsolt BERTA and Levente Buttyán and István VAJDA},
   title = {Standards for Product Security Assessment},
   chapter = {Chapter 53},
   publisher = {in IT Security Handbook, edited by Hossein Bidgoli, John Wiley and Sons},
   year = {2005},
   note = {(to appear)}
}

Abstract

Statistical Wormhole Detection in Sensor Networks

L. Dóra and L. Buttyán and I. Vajda

Refik Molva, Gene Tsudik, Dirk Westhoff, Lecture Notes in Computer Science, Springer-Verlag GmbH, 2005, pp. Volume 3813/ 2005, pp. 128 - 141, Security and Privacy in Ad-hoc and Sensor Networks: Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005.

Bibtex | Abstract | PDF

@inproceedings {
   author = {László DÓRA and Levente Buttyán and István VAJDA},
   title = {Statistical Wormhole Detection in Sensor Networks},
   editor = {Refik Molva, Gene Tsudik, Dirk Westhoff},
   booktitle = {Lecture Notes in Computer Science},
   publisher = {Springer-Verlag GmbH},
   year = {2005},
   pages = {Volume 3813/ 2005, pp. 128 - 141},
   note = {Security and Privacy in Ad-hoc and Sensor Networks: Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005}
}

Keywords

Sensor network, wormhole detection, chi-square

Abstract

n this paper, we propose two mechanisms for wormhole detection in wireless sensor networks. The proposed mechanisms are based on hypothesis testing and they provide probabilistic results. The first mechanism, called the Neighbor Number Test (NNT), detects the increase in the number of the neighbors of the sensors, which is due to the new links created by the wormhole in the network. The second mechanism, called the All Distances Test (ADT), detects the decrease of the lengths of the shortest paths between all pairs of sensors, which is due to the shortcut links created by the wormhole in the network. Both mechanisms assume that the sensors send their neighbor list to the base station, and it is the base station that runs the algorithms on the network graph that is reconstructed from the received neighborhood information. We describe these mechanisms and investigate their performance by means of simulation.

2004

A Formal Model of Rational Exchange and Its Application to the Analysis of Syverson's Protocol

L. Buttyán and J. P. Hubaux and S. Capkun

Journal on Computer Security, vol. 12, no. 3-4, 2004, pp. 551-587.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and and },
   title = {A Formal Model of Rational Exchange and Its Application to the Analysis of Syverson's Protocol},
   journal = {Journal on Computer Security},
   volume = {12},
   number = {3-4},
   year = {2004},
   pages = {551-587}
}

Abstract

We propose a formal model of rational exchange and exchange protocols in general, which is based on game theory. In this model, an exchange protocol is represented as a set of strategies in a game that is played by the protocol parties and the network that they use to communicate with each other. Within this model, we give a formal definition for rational exchange and various other properties of exchange protocols, including fairness. In particular, rational exchange is defined in terms of a Nash equilibrium in the protocol game. We also study the relationship between rational and fair exchange, and prove that fairness implies rationality, but not vice versa. Finally, we illustrate the usage of our formal model for the analysis of existing rational exchange protocols by analyzing a protocol proposed by Syverson. We show that the protocol is rational only under the assumption that the network is reliable.

Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Dynamic Case

M. Felegyhazi and J. P. Hubaux and L. Buttyán

Proceedings of the 2nd Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt 2004), March, 2004.

Bibtex

@inproceedings {
   author = {Mark Felegyhazi and and Levente Buttyán},
   title = {Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Dynamic Case},
   booktitle = {Proceedings of the 2nd Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt 2004)},
   month = {March},
   year = {2004}
}

Abstract

HUNEID - Hungarian Electronic ID smart card specifications

I. Zs. Berta and I. Vajda and L. Buttyán and B. Bencsáth and T. Veiland

Ministry of Informatics and Telecommunications (www.ihm.hu), 2004.

Bibtex

@techreport {
   author = {István Zsolt BERTA and István VAJDA and Levente Buttyán and Boldizsár Bencsáth and Tamás Veiland},
   title = {HUNEID - Hungarian Electronic ID smart card specifications},
   institution = {Ministry of Informatics and Telecommunications (www.ihm.hu)},
   year = {2004}
}

Abstract

Incentives for Cooperation in Multi-hop Wireless Networks

L. Buttyán and T. Holczer and P. Schaffer

Híradástechnika, vol. LIX, no. 3, March, 2004, pp. 30--34, (in Hungarian).

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and Tamas Holczer and Peter Schaffer},
   title = {Incentives for Cooperation in Multi-hop Wireless Networks},
   journal = {Híradástechnika},
   volume = {LIX},
   number = {3},
   month = {March},
   year = {2004},
   pages = {30--34},
   note = {(in Hungarian)}
}

Abstract

Cikkünkben bevezetjük a kooperációra való ösztönzés problémáját, ami tipikus problémaként jelentkezik a többugrásos vezetéknélküli hálózatokban. Röviden áttekintjük a nem-kooperatív viselkedési fajtákat, és a kooperációra ösztönzõ mechanizmusok típusait. Végül összefoglaljuk két általunk javasolt ösztönzõ mechanizmus fõbb elemeit, ötleteit.

Kriptográfia és alkalmazásai

L. Buttyán and I. Vajda

Typotex Kiadó, 2004, Budapest, 445p.

Bibtex

@book {
   author = {Levente Buttyán and István VAJDA},
   title = {Kriptográfia és alkalmazásai},
   publisher = {Typotex Kiadó},
   year = {2004},
   note = {Budapest, 445p}
}

Abstract

Mitigating the Untrusted Terminal Problem Using Conditional Signatures

I. Zs. Berta and L. Buttyán and I. Vajda

Proceedings of International Conference on Information Technology ITCC 2004, IEEE, Las Vegas, NV, USA, April, 2004.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István Zsolt BERTA and Levente Buttyán and István VAJDA},
   title = {Mitigating the Untrusted Terminal Problem Using Conditional Signatures},
   booktitle = {Proceedings of International Conference on Information Technology ITCC 2004},
   publisher = {IEEE},
   address = { Las Vegas, NV, USA},
   month = {April},
   year = {2004}
}

Abstract

We study the problem of how a user at an untrusted terminal can generate digital signatures with the help of a smart card. This problem may arise in many practical applications; an example would be a user generating an electronic check at a merchant's terminal in a shop. The danger is that after receiving the PIN code of the card from the user, the terminal can obtain a signature from the card on an arbitrarily chosen document, that is different from the one displayed on the screen and confirmed by the user. We propose a solution to this problem which is based on a new concept called conditional signature. This leads to a new paradigm where digital signatures are not considered as non-repudiable proofs, at least until a short deadline.

Modelling Location Reveal Attacks in Mobile Systems

L. Zombik and L. Buttyán

Periodica Polytechnica, vol. 48, no. 1-2, 2004, pp. 85-100.

Bibtex

@article {
   author = {Laszlo Zombik and Levente Buttyán},
   title = {Modelling Location Reveal Attacks in Mobile Systems},
   journal = { Periodica Polytechnica},
   volume = {48},
   number = {1-2},
   year = {2004},
   pages = {85-100}
}

Abstract

Privacy Protecting Protocols for Revokable Digital Signatures

I. Zs. Berta and L. Buttyán and I. Vajda

Proceedings of Cardis 2004, Toulouse, France (to appear), Kluwer, 2004.

Bibtex | Abstract | PDF

@inproceedings {
   author = {István Zsolt BERTA and Levente Buttyán and István VAJDA},
   title = {Privacy Protecting Protocols for Revokable Digital Signatures},
   booktitle = {Proceedings of Cardis 2004, Toulouse, France (to appear)},
   publisher = {Kluwer},
   year = {2004}
}

Abstract

Consider an application where a human user has to digitally sign a message. It is usually assumed that she has a trusted computer at her disposal, however, this assumption does not hold in several practical cases, especially if the user is mobile. Smart cards have been proposed to solve this problem, but they do not have a user interface, therefore the user still needs a (potentially untrusted) terminal to authorize the card to produce digital signatures. In order to mitigate this problem, we proposed a solution based on conditional signatures to provide a framework for the repudiation of unintended signatures. Our previous solution relies on a trusted third party who is able to link the issuer of the signature with the intended recipient, which may lead to severe privacy problems. In this paper we extend our framework and propose protocols that allow the user to retain her privacy with respect to this trusted third party.

Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks

G. Ács and L. Buttyán and I. Vajda

http://eprint.iacr.org/ under report number 2004/159., March, 2004.

Bibtex | Abstract

@techreport {
   author = {Gergely Ács and Levente Buttyán and István VAJDA},
   title = {Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks},
   institution = {http://eprint.iacr.org/ under report number 2004/159.},
   month = {March},
   year = {2004}
}

Keywords

Mobile ad hoc networks, secure routing, provable security

Abstract

Routing is one of the most basic networking functions in mobile ad hoc networks. Hence, an adversary can easily paralyze the operation of the network by attacking the routing protocol. This has been realized by many researchers, and several "secure" routing protocols have been proposed for ad hoc networks. However, the security of those protocols have mainly been analyzed by informal means only. In this paper, we argue that flaws in ad hoc routing protocols can be very subtle, and we advocate a more systematic way of analysis. We propose a mathematical framework in which security can be precisely defined, and routing protocols for mobile ad hoc networks can be analyzed rigorously. Our framework is tailored for on-demand source routing protocols, but the general principles are applicable to other types of protocols too. Our approach is based on the simulation paradigm, which has already been used extensively for the analysis of key establishment protocols, but to the best of our knowledge, it has not been applied in the context of ad hoc routing so far. We also propose a new on-demand source routing protocol, called endairA, and we demonstrate the usage of our framework by proving that it is secure in our model.

Towards Provable Security for Ad Hoc Routing Protocols

L. Buttyán and I. Vajda

Proceedings of the 2nd ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2004), ACM, October, 2004.

Bibtex

@inproceedings {
   author = {Levente Buttyán and István VAJDA},
   title = {Towards Provable Security for Ad Hoc Routing Protocols},
   booktitle = {Proceedings of the 2nd ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2004)},
   publisher = {ACM},
   month = {October},
   year = {2004}
}

Abstract

2003

A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks

N. B. Salem and L. Buttyán and J. P. Hubaux and M. Jakobsson

4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003), June, 2003.

Bibtex | Abstract

@inproceedings {
   author = {N. Ben Salem and Levente Buttyán and and Markus Jakobsson},
   title = {A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks},
   booktitle = {4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003)},
   month = {June},
   year = {2003}
}

Abstract

In multi-hop cellular networks, data packets have to be relayed hop by hop from a given mobile station to a base station and vice-versa. This means that the mobile stations must accept to forward information for the beneﬁt of other stations. In this paper, we propose an incentive mechanism that is based on a charging/rewarding scheme and that makes collaboration rational for selﬁsh nodes. We base our solution on symmetric cryptography to cope with the limited resources of the mobile stations. We provide a set of protocols and study their robustness with respect to various attacks. By leveraging on the relative stability of the routes, our solution leads to a very moderate overhead.

A game based analysis of the client puzzle approach to defend against DoS attacks

B. Bencsáth and L. Buttyán and I. Vajda

Proceedings of SoftCOM 2003 11. International conference on software, telecommunications and computer networks, Faculty of Electrical Engineering, Mechanical Engineering and Naval Architecture, University of Split, 2003, pp. 763-767.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Boldizsár Bencsáth and Levente Buttyán and István VAJDA},
   title = {A game based analysis of the client puzzle approach to defend against DoS attacks},
   booktitle = {Proceedings of SoftCOM 2003 11. International conference on software, telecommunications and computer networks},
   publisher = {Faculty of Electrical Engineering, Mechanical Engineering and Naval Architecture, University of Split},
   year = {2003},
   pages = {763-767}
}

Abstract

DoS attacks are aimed at the loss of or the reduction in availability, which is one of the most important general security requirements in computer networks. A promising approach proposed to alleviate the problem of DoS attacks is to use client puzzles. In this paper, we study this approach using the apparatus of game theory. In our analysis, we derive the optimal strategy for the attacked server (e.g., a web server on the Internet) in all conceivable cases. We also present two new client puzzles as examples.

A Micropayment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks

M. Jakobsson and J. P. Hubaux and L. Buttyán

Proceedings of Financial Crypto 2003, La Guadeloupe, January, 2003.

Bibtex | Abstract

@inproceedings {
   author = {Markus Jakobsson and and Levente Buttyán},
   title = {A Micropayment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks},
   booktitle = {Proceedings of Financial Crypto 2003},
   address = {La Guadeloupe},
   month = {January},
   year = {2003}
}

Abstract

We propose a micro-payment scheme for multi-hop cellular networks that encourages collaboration in packet forwarding by letting users benefit from relaying others` packets. At the same time as proposing mechanisms for detecting and rewarding collaboration, we introduce appropriate mechanisms for detecting and punishing various forms of abuse. We show that the resulting scheme -- which is exceptionally light-weight -- makes collaboration rational and cheating undesirable.

Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Static Case

M. Felegyhazi and L. Buttyán and J. P. Hubaux

8th International Conference on Personal Wireless Communications (PWC 2003), September, 2003.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Mark Felegyhazi and Levente Buttyán and },
   title = {Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Static Case},
   booktitle = {8th International Conference on Personal Wireless Communications (PWC 2003)},
   month = {September},
   year = {2003}
}

Abstract

In multi-hop wireless networks, every node is expected to forward packets for the benefit of other nodes. Yet, if each node is its own authority, then it may selfishly deny packet forwarding in order to save its own resources. Some researchers have proposed to introduce an incentive mechanism in the network that motivates the nodes to cooperate. In this paper, we address the question of whether such an incentive mechanism is necessary or cooperation between the nodes exists in the absence of it. We define a model in a game theoretic framework and identify the conditions under which cooperative strategies can form an equilibrium. As the problem is somewhat involved, we deliberately restrict ourselves to a static configuration.

From Fault-Tolerance to Security and Back

F. Gaertner and L. Buttyán and K. Kursawe

IEEE Distributed Systems Online, vol. 4, no. 9, 2003.

Bibtex

@article {
   author = {Felix Gaertner and Levente Buttyán and Klaus Kursawe},
   title = {From Fault-Tolerance to Security and Back},
   journal = { IEEE Distributed Systems Online},
   volume = {4},
   number = {9},
   year = {2003}
}

Abstract

Lightweight Authentication Protocols for Low-Cost RFID Tags

I. Vajda and L. Buttyán

2nd Workshop on Security in Ubiquitous Computing, in conjunction with Ubicomp 2003, October, 2003.

Bibtex | Abstract

@inproceedings {
   author = {István VAJDA and Levente Buttyán},
   title = {Lightweight Authentication Protocols for Low-Cost RFID Tags},
   booktitle = {2nd Workshop on Security in Ubiquitous Computing, in conjunction with Ubicomp 2003},
   month = {October},
   year = {2003}
}

Abstract

Providing security in low-cost RFID tags is a challenging task because tags are highly resource constrained and cannot support strong cryptography. Special lightweight algorithms and protocols need to be designed that take into account the limitations of the tags. In this paper, we propose a set of extremely lightweight tag authentication protocols. We also provide an analysis of the proposed protocols.

Mobility Helps Security in Ad Hoc Networks

S. Capkun and J. P. Hubaux and L. Buttyán

4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003), June, 2003.

Bibtex | Abstract

@inproceedings {
   author = { and and Levente Buttyán},
   title = {Mobility Helps Security in Ad Hoc Networks},
   booktitle = {4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003)},
   month = {June},
   year = {2003}
}

Abstract

Contrary to the common belief that mobility makes security more diﬃcult to achieve, we show that node mobility can, in fact, be useful to provide security in ad hoc networks. We propose a technique in which security associations between nodes are established, when they are in the vicinity of each other, by exchanging appropriate cryptographic material. We show that this technique is generic, by explaining its application to fully self-organized ad hoc networks and to ad hoc networks placed under an (oﬀ-line) authority. We also propose an extension of this basic mechanism, in which a security association can be established with the help of a “friend”. We show that our mechanism can work in any network conﬁguration and that the time necessary to set up the security associations is strongly inﬂuenced by several factors, including the size of the deployment area, the mobility patterns, and the number of friends; we provide a detailed investigation of this inﬂuence.

Report on a Working Session on Security in Wireless Ad Hoc Networks

L. Buttyán and J. P. Hubaux

ACM Mobile Computing and Communications Review (MC2R), vol. 7, no. 1, March, 2003.

Bibtex | PDF

@article {
   author = {Levente Buttyán and },
   title = {Report on a Working Session on Security in Wireless Ad Hoc Networks},
   journal = {ACM Mobile Computing and Communications Review (MC2R)},
   volume = {7},
   number = {1},
   month = {March},
   year = {2003}
}

Keywords

ad hoc networks, security, authentication, routing, intrusion detection, cooperation

Abstract

SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks

S. Capkun and L. Buttyán and J. P. Hubaux

Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2003), ACM, October, 2003.

Bibtex | Abstract

@inproceedings {
   author = { and Levente Buttyán and },
   title = {SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks},
   booktitle = {Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2003)},
   publisher = {ACM},
   month = {October},
   year = {2003}
}

Keywords

ad hoc networks, security, hash chains, hash trees, secure routing, wormhole detection, topology control

Abstract

In this paper we present SECTOR, a set of mechanisms for the secure veriﬁcation of the time of encounters between nodes in multi-hop wireless networks. This information can be used notably to prevent wormhole attacks (without requiring any clock synchronization), to secure routing protocols based on last encounters (with only loose clock synchronization), and to control the topology of the network. SECTOR is based primarily on distance-bounding techniques, on one-way hash chains and on Merkle hash trees. We analyze the communication, computation and storage complexity of the proposed mechanisms and we show that, due to their ef- ﬁciency and simplicity, they are compliant with the limited resources of most mobile devices.

Self-Organized Public-Key Management for Mobile Ad Hoc Networks

S. Capkun and L. Buttyán and J. P. Hubaux

IEEE Transactions on Mobile Computing, vol. 2, no. 1, January-March, 2003.

Bibtex | Abstract

@article {
   author = { and Levente Buttyán and },
   title = {Self-Organized Public-Key Management for Mobile Ad Hoc Networks},
   journal = {IEEE Transactions on Mobile Computing},
   volume = {2},
   number = {1},
   month = {January-March},
   year = {2003}
}

Keywords

ad hoc networks, security, key management, PGP

Abstract

In contrast with conventional networks, mobile ad hoc networks usually do not provide online access to trusted authorities or to centralized servers, and they exhibit frequent partitioning due to link and node failures and to node mobility. For these reasons, traditional security solutions that require online trusted authorities or certificate repositories are not well-suited for securing ad hoc networks. In this paper, we propose a fully self-organized public-key management system that allows users to generate their publicprivate key pairs, to issue certificates, and to perform authentication regardless of the network partitions and without any centralized services. Furthermore, our approach does not require any trusted authority, not even in the system initialization phase.

Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks

L. Buttyán and J. P. Hubaux

ACM/Kluwer Mobile Networks and Applications, vol. 8, no. 5, October, 2003.

Bibtex | PDF

@article {
   author = {Levente Buttyán and },
   title = {Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks},
   journal = {ACM/Kluwer Mobile Networks and Applications},
   volume = {8},
   number = {5},
   month = {October},
   year = {2003}
}

Abstract

2002

A Formal Analysis of Syverson`s Rational Exchange Protocol

L. Buttyán and S. Capkun and J. P. Hubaux

Proceedings of IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June, 2002.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and and },
   title = {A Formal Analysis of Syverson`s Rational Exchange Protocol},
   booktitle = {Proceedings of IEEE Computer Security Foundations Workshop},
   address = {Cape Breton, Nova Scotia, Canada},
   month = {June},
   year = {2002}
}

Keywords

rational exchange, game theory, Nash equilibrium

Abstract

In this paper, we provide a formal analysis of a rational exchange protocol proposed by Syverson. A rational exchange protocol guarantees that misbehavior cannot generate benefits, and is therefore discouraged. The analysis is performed using our formal model, which is based on game theory. In this model, rational exchange is defined in terms of a Nash equilibrium.

Eliminating Man-in-the-Middle attacks of Malicious Terminals

L. Buttyán and I. Zs. Berta and I. Vajda

Workshop organised by the IST Coordination Point of the Ministry of Education, Budapest, 2002.

Bibtex | Abstract

@misc {
   author = {Levente Buttyán and István Zsolt BERTA and István VAJDA},
   title = {Eliminating Man-in-the-Middle attacks of Malicious Terminals},
   howpublished = {Workshop organised by the IST Coordination Point of the Ministry of Education, Budapest},
   year = {2002}
}

Abstract

Communication with a remote partner is considered over an insecure network, where the user can gain access only to a terminal, which cannot be trusted: an attacker is assumed to be able to fully control the terminal, so the user must consider the terminal as a potential attacker. Surprisingly many terminals belong to this class.

Assuming such an environment the problem of sending authentic messages is considered. Various cryptographic algorithms exist for algorithmic protection, however to run such highly complex algorithms, the user must rely on the computational power of an insecure terminal. Smart cards are often considered the ultimate tool for secure messaging from untrusted terminals. Although they are secure tamper-resistant microcomputers with strong cryptographic power, their lack of user interface (i.e. lack of direct access to its input/output channels) enables man-in-the middle attack from the terminal. Therefore involving a smart card cannot eliminate the basic problem, because any protocol between the user and the smart card would rely - once again - on the insecure terminal. It might seem obvious that the user should give all security goals up as hopeless.

We have come to the conclusion that the user is unable to send authentic messages to the card, so in case of untrusted terminals the signature of the card does not prove that the message originates from the user. This is why the authenticity of plaintext messages from insecure terminals cannot be guaranteed.

However the user as a human being has additional resources that can be exploited to increase the security level of the system. The user is an excellent 'biometric device'. Biometric data (e.g. speech, video, handwriting) carry the information content (plaintext) together with the identity of the sender, which is far more difficult to counterfeit than plaintext content. Moreover the human user has limited but trusted algorithmic capabilities too, having some secure memory and computational power.

Apart from encapsulating the identity of the user and the content of the message, biometric messages (or multimedia messages) also have structure. If the structure is violated, the message has obviously been tampered with.

The manipulation of biometric messages requires considerably more time and resources than that of plaintext ones. If the chosen biometric method is properly calibrated, the attacker may not only need massive computational power, but human interaction or biometric laboratories could be required to successfully counterfeit a biometric message. Thus, not only a large percentage of attackers have been excluded, but even the most advanced ones may require significantly more time to create a counterfeited biometric message than a plaintext one.

A protocol has been developed in our laboratory that combines the biometric powers of the user and cryptographic powers of the smart card to dramatically limit the time the attacker has to manipulate a message. In this case, the smart card acts as a secure time gate. The protocol verifies that only a small amount of time has passed between the recording of the biometric message and card signing it. Naturally, after the message passes through the smart card, attackers have no chance to manipulate.

The protocol also uses the smart card to securely introduce the user to the remote partner, so the latter would already be familiar with the biometric features of the user. Thus, the smart card not only ensures authenticity, but also enables communication without having to exchange biometric identities in advance.

Having investigated the problem of secure communication via insecure terminals, we propose a solution that enables the everyday user to send authentic messages. Combined usage of biometry and smart cards can increase security to a level suitable for several practical applications.

Small Worlds in Security Systems: an Analysis of the PGP Certificate Graph

L. Buttyán and S. Capkun and J. P. Hubaux

Proceedings of The ACM New Security Paradigms Workshop 2002, Norfolk, Virginia Beach, USA, September, 2002, pp. 8.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Levente Buttyán and and },
   title = {Small Worlds in Security Systems: an Analysis of the PGP Certificate Graph},
   booktitle = {Proceedings of The ACM New Security Paradigms Workshop 2002},
   address = {Norfolk, Virginia Beach, USA},
   month = {September},
   year = {2002},
   pages = {8}
}

Keywords

PGP, small worlds, public-key management, self-organization

Abstract

We propose a new approach to securing self-organized mobile ad hoc networks. In this approach, security is achieved in a fully self-organized manner

2001

A Payment Scheme for Broadcast Multimedia Streams

N. B. Salem and L. Buttyán

Proceedings of 6th IEEE Symposium on Computers and Communications, Hammamet, Tunisia, July, 2001.

Bibtex | Abstract

@inproceedings {
   author = {N. Ben Salem and Levente Buttyán},
   title = {A Payment Scheme for Broadcast Multimedia Streams},
   booktitle = {Proceedings of 6th IEEE Symposium on Computers and Communications},
   address = {Hammamet, Tunisia},
   month = {July},
   year = {2001}
}

Keywords

electronic payment scheme, micropayment, user privacy, fairness, multimedia

Abstract

Streaming multimedia data on the Internet is developing as a mainstream technology, which attracts many users by providing a new and convenient form of access to online multimedia information. While its strong business potential is obvious, many problems related to charging, copyright protection, and privacy can delay or even hinder its extensive deployment. In this paper, we are concerned with the charging problem, and propose an electronic payment scheme to use for purchasing broadcast multimedia streams. Our design respects the pay-per-use principle, makes cheating uninteresting for both the user and the service provider, resists against forgery and over-spending, protects sensitive payment information and user privacy, and allows the identification of misbehaving users.

Building Blocks for Secure Services: Authenticated Key Transport and Rational Exchange Protocols

L. Buttyán

Swiss Federal Institute of Technology (EPFL), December, 2001.

Bibtex | Abstract | PDF

@phdthesis {
   author = {Levente Buttyán},
   title = {Building Blocks for Secure Services: Authenticated Key Transport and Rational Exchange Protocols},
   school = {Swiss Federal Institute of Technology (EPFL)},
   month = {December},
   year = {2001}
}

Keywords

authentication logic, protocol synthesis, game theory, formal verification, ad hoc networks, cooperation, nuglets

Abstract

This thesis is concerned with two security mechanisms: authenticated key transport and rational exchange protocols. These mechanisms are potential building blocks in the security architecture of a range of different services. Authenticated key transport protocols are used to build secure channels between entities, which protect their communications against eavesdropping and alteration by an outside attacker. In contrast, rational exchange protocols can be used to protect the entities involved in an exchange transaction from each other. This is important, because often the entities do not trust each other, and both fear that the other will gain an advantage by misbehaving. Rational exchange protocols alleviate this problem by ensuring that a misbehaving party cannot gain any advantages. This means that misbehavior becomes uninteresting and it should happen only rarely. The thesis is focused on the construction of formal models for authenticated key transport and rational exchange protocols. In the first part of the thesis, we propose a formal model for key transport protocols, which is based on a logic of belief. Building on this model, we also propose an original systematic protocol construction approach. The main idea is that we reverse some implications that can be derived from the axioms of the logic, and turn them into synthesis rules. The synthesis rules can be used to construct a protocol and to derive a set of assumptions starting from a set of goals. The main advantage is that the resulting protocol is guaranteed to be correct in the sense that all the specified goals can be derived from the protocol and the assumptions using the underlying logic. Another important advantage is that all the assumptions upon which the correctness of the protocol depends are made explicit. The protocol obtained in the synthesis process is an abstract protocol, in which idealized messages that contain logical formulae are sent on channels with various access properties. The abstract protocol can then be implemented in several ways by replacing the idealized messages and the channels with appropriate bit strings and cryptographic primitives, respectively. We illustrate the usage of the logic and the synthesis rules through an example: We analyze an authenticated key transport protocol proposed in the literature, identify several weaknesses, show how these can be exploited by various attacks, and finally, we redesign the protocol using the proposed systematic approach. We obtain a protocol that resists against the presented attacks, and in addition, it is simpler than the original one. In the second part of the thesis, we propose an original formal model for exchange protocols, which is based on game theory. In this model, an exchange protocol is represented as a set of strategies in a game played by the protocol parties and the network that they use to communicate with each other. We give formal definitions for various properties of exchange protocols in this model, including rationality and fairness. Most importantly, rationality is defined in terms of a Nash equilibrium in the protocol game. The model and the formal definitions allow us to rigorously study the relationship between rational exchange and fair exchange, and to prove that fairness implies rationality (given that the protocol satisfies some further usual properties), but the reverse is not true in general. We illustrate how the formal model can be used for rigorous verification of existing protocols by analyzing two exchange protocols, and formally proving that they satisfy the definition of rational exchange. We also present an original application of rational exchange: We show how the concept of rationality can be used to improve a family of micropayment schemes with respect to fairness without substantial loss in efficiency. Finally, in the third part of the thesis, we extend the concept of rational exchange, and describe how similar ideas can be used to stimulate the nodes of a self-organizing ad hoc network for cooperation. More precisely, we propose an original approach to stimulate the nodes for packet forwarding. Like in rational exchange protocols, our design does not guarantee that a node cannot deny packet forwarding, but it ensures that it cannot gain any advantages by doing so. We analyze the proposed solution analytically and by means of simulation.

Efficient Multi-Party Challenge-Response Protocols for Entity Authentication

L. Buttyán and A. Nagy and I. Vajda

Periodica Polytechnica, vol. 45, no. 1, April, 2001, pp. 43-64.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and and István VAJDA},
   title = {Efficient Multi-Party Challenge-Response Protocols for Entity Authentication},
   journal = {Periodica Polytechnica},
   volume = {45},
   number = {1},
   month = {April},
   year = {2001},
   pages = {43-64}
}

Keywords

challenge-response protocols, protocol graph, entity authentication, reflection attack

Abstract

In this paper, we address the problem of multi-party entity authen- tication. We prove that the lower bound on the number of messages of multi-party challenge-response protocols is 2n-1, where n is the num- ber of the participants of the protocol, and propose two protocols that achieve this lower bound. Our protocols are, thus, eÆcient in the sense that they use the minimum number of messages required to solve the multi-party entity authentication problem based on challenge-response principles.

Method for transmitting payment information between a terminal and a third equipment

L. Buttyán and E. Wiedmer and E. Lauper

May, 2001, International Patent Application.

Bibtex

@misc {
   author = {Levente Buttyán and and },
   title = {Method for transmitting payment information between a terminal and a third equipment},
   month = {May},
   year = {2001},
   note = {International Patent Application}
}

Keywords

electronic payment, smart card, authenticated session key establishment

Abstract

Nuglets: a Virtual Currency to Stimulate Cooperation in Self-Organized Mobile Ad Hoc Networks

L. Buttyán and J. P. Hubaux

no. DSC/2001/001, EPFL-DI-ICA, January, 2001.

Bibtex | Abstract

@techreport {
   author = {Levente Buttyán and },
   title = {Nuglets: a Virtual Currency to Stimulate Cooperation in Self-Organized Mobile Ad Hoc Networks},
   number = {DSC/2001/001},
   institution = {EPFL-DI-ICA},
   month = {January},
   year = {2001}
}

Keywords

mobile ad hoc networks, routing, cooperation, service availability

Abstract

In mobile ad hoc networks, it is usually assumed that all the nodes belong to the same authority

Rational Exchange -- A Formal Model Based on Game Theory

L. Buttyán and J. P. Hubaux

Proceedings of 2nd International Workshop on Electronic Commerce (WELCOM 2001), Heidelberg, Germany, November, 2001.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and },
   title = {Rational Exchange -- A Formal Model Based on Game Theory},
   booktitle = {Proceedings of 2nd International Workshop on Electronic Commerce (WELCOM 2001)},
   address = {Heidelberg, Germany},
   month = {November},
   year = {2001}
}

Keywords

electronic commerce, rational exchnage, fair exchange, formal model, game theory

Abstract

We introduce game theory as a formal framework in which exchange protocols can be modeled and their properties can be studied. We use this framework to give a formal definition for rational exchange relating it to the concept of Nash equilibrium in games. In addition, we study the relationship between rational exchange and fair exchange. We prove that fair exchange implies rational exchange, but the reverse is not true. The practical consequence of this is that rational exchange protocols may provide interesting solutions to the exchange problem by representing a trade-off between complexity and what they achieve. They could be particularly useful in mobile e-commerce applications.

Self-Organization in Mobile Ad-Hoc Networks: the Approach of Terminodes

L. Blazevic and L. Buttyán and S. Capkun and S. Giordano and J. P. Hubaux and J. Y. Le Boudec

IEEE Communications Magazine, vol. 39, no. 6, June, 2001.

Bibtex | Abstract

@article {
   author = { and Levente Buttyán and and and and },
   title = {Self-Organization in Mobile Ad-Hoc Networks: the Approach of Terminodes},
   journal = {IEEE Communications Magazine},
   volume = {39},
   number = {6},
   month = {June},
   year = {2001}
}

Keywords

self-organized network, MANET,self-organized routing, GPS-free positioning, incentive to cooperation, security

Abstract

The Terminodes project is designing a wide area, mobile ad-hoc network, which is meant to be used in a public environment, in our approach, the network is run by users themselves. We give a global description of the building blocks used by the basic operation of the network, they all rely on various concepts of self-organization. Routing uses a combination of geography-based information and local, MANET-like protocols. Terminode positioning is obtained either by GPS, or by a relative positioning method. Mobility management uses self-organized virtual regions. Terminodes employ a form of virtual money called ``nuglets

Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks

L. Buttyán and J. P. Hubaux

no. DSC/2001/046, EPFL-DI-ICA, August, 2001.

Bibtex | Abstract

@techreport {
   author = {Levente Buttyán and },
   title = {Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks},
   number = {DSC/2001/046},
   institution = {EPFL-DI-ICA},
   month = {August},
   year = {2001}
}

Keywords

terminodes

Abstract

In military and rescue applications of mobile ad hoc net tworks, all the nodes belong to the same authority; therefore, they are motivated to cooperate in order to support the basic functions of the network. In this paper, we consider the case when each node is its own authority and tries to maximize the benefits it gets from the network. More precisely, we assume that the nodes are not willing to forward packets for the benefit of other nodes. This problem may arise in civilian applications of mobile ad hoc networks. In order to stimulate the nodes for packet forwarding,we propose a simple mechanism based on a counter in each node. We study the behavior of the proposed mechanism analytically and by means of simulations, and detail the way in which it could be protected against misuse.

The Quest for Security in Mobile Ad Hoc Networks

J. P. Hubaux and L. Buttyán and S. Capkun

Proceedings of ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC), Long Beach, CA, USA, October, 2001.

Bibtex | Abstract

@inproceedings {
   author = { and Levente Buttyán and },
   title = {The Quest for Security in Mobile Ad Hoc Networks},
   booktitle = {Proceedings of ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC)},
   address = {Long Beach, CA, USA},
   month = {October},
   year = {2001}
}

Keywords

security, public-key infrastructure, PKI, self-organization, mobile ad hoc networking

Abstract

So far, research on mobile ad hoc networks has been focused primarily on routing issues. Security, on the other hand, has been given a lower priority. This paper provides an overview of security problems for mobile ad hoc networks, distinguishing the threats on basic mechanisms and on security mechanisms. It then describes our solution to protect the security mechanisms. The original features of this solution include that (i) it is fully decentralized and (ii) all nodes are assigned equivalent roles.

2000

A Pessimistic Approach to Trust in Mobile Agent Platforms

U. Wilhelm and S. Staamann and L. Buttyán

IEEE Internet Computing, vol. 4, no. 5, September, 2000, pp. 40-48.

Bibtex | PDF

@article {
   author = { and and Levente Buttyán},
   title = {A Pessimistic Approach to Trust in Mobile Agent Platforms},
   journal = {IEEE Internet Computing},
   volume = {4},
   number = {5},
   month = {September},
   year = {2000},
   pages = {40-48}
}

Keywords

mobile agents, trust, tamper resistant hardware

Abstract

Enforcing Service Availability in Mobile Ad-Hoc WANs

L. Buttyán and J. P. Hubaux

no. DSC/2000/025, EPFL-DI-ICA, May, 2000.

Bibtex | Abstract | PDF

@techreport {
   author = {Levente Buttyán and },
   title = {Enforcing Service Availability in Mobile Ad-Hoc WANs},
   number = {DSC/2000/025},
   institution = {EPFL-DI-ICA},
   month = {May},
   year = {2000}
}

Keywords

wireless, mobile, ad-hoc network, wide area network, Terminodes, incentive to co-operate, terminode beans

Abstract

In this paper, we address the problem of service availability in mobile ad-hoc WANs. We present a secure mechanism to stimulate end users to keep their devices turned on, to refrain from overloading the network, and to thwart tampering aimed at converting the device into a ``selfish`` one. Our solution is based on the application of a tamper resistant security module in each device and cryptographic protection of messages.

Enforcing Service Availability in Mobile Ad-Hoc WANs

L. Buttyán and J. P. Hubaux

Proceedings of IEEE/ACM Workshop on Mobile Ad Hoc Networking and Computing (MobiHOC), Boston, MA, USA, August, 2000.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and },
   title = {Enforcing Service Availability in Mobile Ad-Hoc WANs},
   booktitle = {Proceedings of IEEE/ACM Workshop on Mobile Ad Hoc Networking and Computing (MobiHOC)},
   address = {Boston, MA, USA},
   month = {August},
   year = {2000}
}

Keywords

wireless, mobile, ad-hoc network, wide area network, Terminodes, incentive to co-operate, terminode nuggets, beans

Abstract

Extensions to an Authentication Technique Proposed for the Global Mobility Network

L. Buttyán and C. Gbaguidi and S. Staamann and U. Wilhelm

IEEE Transactions on Communications, vol. 48, no. 3, March, 2000.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán and and and },
   title = {Extensions to an Authentication Technique Proposed for the Global Mobility Network},
   journal = {IEEE Transactions on Communications},
   volume = {48},
   number = {3},
   month = {March},
   year = {2000}
}

Keywords

authentication protocol, global mobility network

Abstract

We present three attacks against the authentication protocol that has been proposed for the so called global mobility network in \cite{kn:Suz97}. We show that the attacks are feasible and propose corrections that make the protocol more robust and resistant against the presented attacks. Our aim is to highlight some basic design principles for cryptographic protocols, the adherence to which would have prevented these attacks.

Method for securing communications between a terminal and an additional user equipment

L. Buttyán and E. Wiedmer and E. Lauper

September, 2000, International Patent Application.

Bibtex

@misc {
   author = {Levente Buttyán and and },
   title = {Method for securing communications between a terminal and an additional user equipment},
   month = {September},
   year = {2000},
   note = {International Patent Application}
}

Keywords

authenticated session key establishment, user authentication, smart card

Abstract

Removing the financial incentive to cheat in micropayment schemes

L. Buttyán

IEE Electronics Letters, vol. 36, no. 2, January, 2000, pp. 132-133.

Bibtex | Abstract | PDF

@article {
   author = {Levente Buttyán},
   title = {Removing the financial incentive to cheat in micropayment schemes},
   journal = {IEE Electronics Letters},
   volume = {36},
   number = {2},
   month = {January},
   year = {2000},
   pages = {132-133}
}

Keywords

fairness, micropayment,

Abstract

Micropayment schemes usually do not provide fairness, which means that either the payer or the payee, or both, can cheat the other and gain a financial advantage by misbehaving in the protocols. We propose an extension to a family of micropayment schemes that removes the financial incentive to cheat. Our extension does not provide true fairness, but it makes misbehaving practically futile for both the payer and the payee. We achieve this without any substantial loss in efficiency, in most practical cases.

Toward Mobile Ad-Hoc WANs: Terminodes

J. P. Hubaux and J. Y. Le Boudec and S. Giordano and M. Hamdi and L. Blazevic and L. Buttyán and M. Vojnovic

no. DSC/2000/006, EPFL-DI-ICA, February, 2000.

Bibtex | Abstract | PDF

@techreport {
   author = { and and and and and Levente Buttyán and },
   title = {Toward Mobile Ad-Hoc WANs: Terminodes},
   number = {DSC/2000/006},
   institution = {EPFL-DI-ICA},
   month = {February},
   year = {2000}
}

Keywords

wireless mobile ad-hoc network, wide area network, terminodes, mobility management, virtual home region, geodesic packet forwarding, beans, security

Abstract

Terminodes are personal devices that provide the functions of both the terminals and the nodes of the network. A network of terminodes is an autonomous, fully self-organized, wireless network, independent of any infrastructure. It must be able to scale up to millions of units, without any fixed backbone nor server. In this paper we present the main challenges and discuss the main technical directions.

1999

Accountable Anonymous Access to Services in Mobile Communication Systems

L. Buttyán and J. P. Hubaux

Proceedings of 18th IEEE Symposium on Reliable Distributed Systems, Workshop on Electronic Commerce, Lausanne, Switzerland, October, 1999, pp. 384-389.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and },
   title = {Accountable Anonymous Access to Services in Mobile Communication Systems},
   booktitle = {Proceedings of 18th IEEE Symposium on Reliable Distributed Systems, Workshop on Electronic Commerce},
   address = {Lausanne, Switzerland},
   month = {October},
   year = {1999},
   pages = {384-389}
}

Keywords

electronic commerce, anonymity, accountability, ticket based service access, customer care agency

Abstract

We introduce a model that allows anonymous yet accountable access to services in mobile communication systems. This model is based on the introduction of a new business role, called the customer care agency, and a ticket based mechanism for service access. We introduce the general idea of ticket based service access, and present a categorisation of ticket types and ticket acquisition models. We analyse the role of customer care agencies and emphasise their advantages.

Accountable Anonymous Service Usage in Mobile Communication Systems

L. Buttyán and J. P. Hubaux

no. SSC/99/16, EPFL-DI-ICA, May, 1999.

Bibtex | Abstract

@techreport {
   author = {Levente Buttyán and },
   title = {Accountable Anonymous Service Usage in Mobile Communication Systems},
   number = {SSC/99/16},
   institution = {EPFL-DI-ICA},
   month = {May},
   year = {1999}
}

Keywords

ticket based service access, customer care, mobile computing, anonymity, accountability

Abstract

We introduce a model that allows of anonymous yet accountable service usage in mobile communication systems. This model is based on the introduction of a new business role, called the customer care agency, and a ticket based mechanism for service access. We motivate the introduction of customer care agencies by analyzing their role and emphasizing their advantages. We introduce the general idea of ticket based service access, present a categorization of ticket types and ticket acquisition models, and identify some possible attacks against ticket based systems. We illustrate how agencies and tickets work together by presenting a ticket based protocol between users, customer care agencies, and service providers. The protocol achieves authentication of the service provider to the user, establishment of a shared session key between the user and the service provider, and correct and undeniable charging. In addition, it provides revokable anonymity for users, which means that the identity of misbehaving users can be revealed.

Closed User Groups in Internet Service Centres

L. Buttyán and S. Staamann and A. Coignet and E. Ruggiano and U. Wilhelm and M. Zweiacker

Proceedings of DAIS`99, Helsinki, June, 1999.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and and and and and },
   title = {Closed User Groups in Internet Service Centres},
   booktitle = {Proceedings of DAIS`99},
   address = {Helsinki},
   month = {June},
   year = {1999}
}

Keywords

Access Control, Authorisation, Closed Users Groups, Middleware, CORBA, Security

Abstract

The paper presents a model for end-user directed access control to services in Internet service centres that, beside the classical Internet services (e.g., e-mail), offer a multitude of new services (e.g., on-line conferencing and auctioning) over the Internet. The model is based on the concept of closed user groups. The main idea is that at creation time each service instance and its components are assigned to a user group previously formed by a subset of the end-users, and access control is performed for access attempts through checking the group assignment of the accessed resource against the group memberships of the authenticated accessing end-user. Access control is directed by the end-users through the management of group memberships. We describe the concept of closed user groups, the management of group memberships, the enforcement of access control, and the realisation with off-the-shelf software for a middleware based service environment, which is haracterised by the use of CORBA, Java, and WWW technology.

Formal methods in the design of cryptographic protocols (state of the art)

L. Buttyán

no. SSC/1999/38, EPFL-DI-ICA, November, 1999.

Bibtex | Abstract

@techreport {
   author = {Levente Buttyán},
   title = {Formal methods in the design of cryptographic protocols (state of the art)},
   number = {SSC/1999/38},
   institution = {EPFL-DI-ICA},
   month = {November},
   year = {1999}
}

Keywords

cryptographic protocols, formal methods, verification, specification

Abstract

This paper is a state of the art review of the use of formal methods in the design of cryptographic rotocols.

Introducing Trusted Third Parties to the Mobile Agent Paradigm

U. Wilhelm and S. Staamann and L. Buttyán

in J. Vitek, C. Jensen: Proceedings of Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Springer-Verlag (LNCS 1603), 1999.

Bibtex | Abstract

@inbook {
   author = { and and Levente Buttyán},
   title = {Introducing Trusted Third Parties to the Mobile Agent Paradigm},
   publisher = {in J. Vitek, C. Jensen: Proceedings of Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Springer-Verlag (LNCS 1603)},
   year = {1999}
}

Keywords

Protecting Mobile Agents, Trust, Tamper Proof Environment

Abstract

Systems that support mobile agents are increasingly being used on the global Internet. An important application that is considered for these agents is electronic commerce, where agents roam the World Wide Web in search of goods for their owners. In these applications, an agent moves along some itinerary in order to search for the best offer for the good sought by the user. The problem with this approach is that malicious providers on the agent`s itinerary can damage the agent, tamper with the agent so that the agent itself becomes malicious, or forward the agent to any arbitrary provider that might not be on the agent`s itinerary. In this presentation we will primarily address the question how an agent can safely follow some pre-defined itinerary. We will identify the problem of trust as a major issue in this context and describe a trusted and tamper-proof hardware that can be used to enforce a policy. Based on this policy, we will show how the agent can take advantage of it in order to achieve the desired goal.

Multilateral Security in Middleware Based Telecommunications Architectures

S. Staamann and U. Wilhelm and L. Buttyán

in G. Mueller, K. Rannenberg, Proceedings of Multilateral Security in Communications, Addison-Wesley, 1999.

Bibtex | Abstract

@inbook {
   author = { and and Levente Buttyán},
   title = {Multilateral Security in Middleware Based Telecommunications Architectures},
   publisher = {in G. Mueller, K. Rannenberg, Proceedings of Multilateral Security in Communications, Addison-Wesley},
   year = {1999}
}

Keywords

multilateral security, middleware, CORBA, telecommunications, TINA

Abstract

The concept of middleware based architectures for telecommunication services in the broadband, multimedia, and information era is emerging. One representative example is the Telecommunications Information Networking Architecture (TINA), which is characterised by a variety of services, a multitude of service providers, a well defined business model, a middleware platform for service development and provision, and the assumption of advanced costumer premises equipment. Concepts for its security architecture are developed in the CrySTINA project. We introduce TINA, analyse it with regard to security and present the CrySTINA security architecture. CrySTINA is aligned with the OMG`s CORBA Security specification, but enhances it with regard to security interoperability despite the heterogeneity of security policies and technologies that must be expected in TINA networks. Thus, we present a model for the enforcement of security policies that supports the negotiation of security contexts.

Toward a Formal Model of Fair Exchange - a Game Theoretic Approach

L. Buttyán and J. P. Hubaux

no. SSC/1999/39, EPFL-DI-ICA, December, 1999.

Bibtex | Abstract | PDF

@techreport {
   author = {Levente Buttyán and },
   title = {Toward a Formal Model of Fair Exchange - a Game Theoretic Approach},
   number = {SSC/1999/39},
   institution = {EPFL-DI-ICA},
   month = {December},
   year = {1999}
}

Keywords

fair exchane protocol, formal model, game theory, electronic commerce

Abstract

A fair exchange protocol is a protocol, in which two (or more) mutually suspicious parties exchange their digital items in a way that neither party can gain an advantage over the other by misbehaving. Many fair exchange protocols have been proposed in the academic literature, but they provide rather different types of fairness. The formal comparison of these proposals remained difficult, mainly, because of the lack of a common formal framework, in which each can be modelled and formal fairness definitions can be given. In this paper, we propose to use game theory for this purpose. We show how to represent fair exchange protocols with game trees and give three definitions of fairness using standard game theoretic notions. We are not aware of any other work that uses the apparatus of game theory for modelling fair exchange protocols.

1998

A Note on an Authentication Technique Based on Distributed Security Management for the Global Mobility Network

C. Gbaguidi and S. Staamann and U. Wilhelm and L. Buttyán

no. SSC/98/18, EPFL-DI-ICA, April, 1998.

Bibtex | Abstract

@techreport {
   author = { and and and Levente Buttyán},
   title = {A Note on an Authentication Technique Based on Distributed Security Management for the Global Mobility Network},
   number = {SSC/98/18},
   institution = {EPFL-DI-ICA},
   month = {April},
   year = {1998}
}

Keywords

authentication protocol, belief logic, verification

Abstract

In this paper, we analyse the authentication protocol that has been proposed for the so called global mobility network in the October 1997 issue of the IEEE Journal on Selected Areas in Communications. Using a simple logic of authentication, we show that the protocol has flaws, and we present three different attacks that exploit these. We correct the protocol using a simple design tool that we have developed.

A Simple Logic for Authentication Protocol Design

L. Buttyán and S. Staamann and U. Wilhelm

Proceedings of IEEE Computer Security Foundations Workshop, Rockport, MA, USA, June, 1998, pp. 153-162.

Bibtex | Abstract

@inproceedings {
   author = {Levente Buttyán and and },
   title = {A Simple Logic for Authentication Protocol Design},
   booktitle = {Proceedings of IEEE Computer Security Foundations Workshop},
   address = {Rockport, MA, USA},
   month = {June},
   year = {1998},
   pages = {153-162}
}

Keywords

authentication protocol, belief logic, logic based design

Abstract

In this paper, we describe a simple logic. The logic uses the notion of channels that are generalisations of communication links with various security properties. The abstract nature of channels enables us to treat the protocol at a higher abstraction level than do most of the known logics for authentication, and thus, we can address the higher level functional properties of the system, without having to be concerned with the problems of the actual implementation. The major advantage of the proposed logic is its suitability for the design of authentication protocols. We give a set of synthetic rules that can be used by protocol designers to construct a protocol in a systematic way.

CrySTINA: Security in the Telecommunications Information Networking Architecture

S. Staamann and U. Wilhelm and L. Buttyán

no. SSC/98/4, EPFL-DI-ICA, January, 1998.

Bibtex | Abstract

@techreport {
   author = { and and Levente Buttyán},
   title = {CrySTINA: Security in the Telecommunications Information Networking Architecture},
   number = {SSC/98/4},
   institution = {EPFL-DI-ICA},
   month = {January},
   year = {1998}
}

Keywords

security, CORBA, TINA, DPE, interoperability

Abstract

TINA specifies an open architecture for telecommunication services in the broadband, multimedia, and information era. Its characteristics most relevant for security are a variety of services, a multitude of service providers, a well defined business model, a middleware platform for service development and provision, and the assumption of advanced costumer premises equipment. Concepts for its security architecture are developed in the CrySTINA project. We introduce the TINA-C architecture, analyse it with regard to security and present the CrySTINA security architecture. CrySTINA is aligned with the OMG`s CORBA Security specification, but enhances it with regard to security interoperability despite the heterogeneity of security policies and technologies that must be expected in TINA networks. Thus, we present a model for the enforcement of security policies that supports the negotiation of security contexts.

On the Problem of Trust in Mobile Agent Systems

U. Wilhelm and S. Staamann and L. Buttyán

Proceedings of Internet Society`s Symposium on Network and Distributed System Security, San Diego, CA, USA, March, 1998.

Bibtex | Abstract

@inproceedings {
   author = { and and Levente Buttyán},
   title = {On the Problem of Trust in Mobile Agent Systems},
   booktitle = {Proceedings of Internet Society`s Symposium on Network and Distributed System Security},
   address = {San Diego, CA, USA},
   month = {March},
   year = {1998}
}

Keywords

trust, mobile agent, tamper proof environment

Abstract

Systems that support mobile agents are increasingly being used on the global Internet. Security concerns dealing with the protection of the execution environment from malicious agents are extensively being tackled. We concentrate on the reverse problem, namely how a mobile agent can be protected from malicious behaviour of the execution environment, which is largely ignored. We will identify the problem of trust as the major issue in this context and describe a trusted and tamper-proof hardware that can be used to divide this problem among several principals, each of which has to be trusted with a special task. We show that the presented approach can be used to mitigate an important problem in the design of open systems.

Protecting the Itinerary of Mobile Agents

U. Wilhelm and S. Staamann and L. Buttyán

Proceedings of ECOOP Workshop on Mobile Object Systems: Secure Internet Mobile Communications, Brussels, Belgium, June, 1998.

Bibtex | Abstract

@inproceedings {
   author = { and and Levente Buttyán},
   title = {Protecting the Itinerary of Mobile Agents},
   booktitle = {Proceedings of ECOOP Workshop on Mobile Object Systems: Secure Internet Mobile Communications},
   address = {Brussels, Belgium},
   month = {June},
   year = {1998}
}

Keywords

mobile agent protection

Abstract

Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach

S. Staamann and U. Wilhelm and L. Buttyán

no. SSC/98/4, EPFL-DI-ICA, January, 1998.

Bibtex | Abstract

@techreport {
   author = { and and Levente Buttyán},
   title = {Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach},
   number = {SSC/98/4},
   institution = {EPFL-DI-ICA},
   month = {January},
   year = {1998}
}

Keywords

security, TINA

Abstract

The article presents the first results of the CrySTINA project. We analyze and structure the security problem domain in the TINA-C architecture and present our approach to provide the necessary security functionality in the form of self-contained application-independent security services and security mechanisms as part of the DPE functionality. The DPE is assumed to be basically provided by CORBA products. Therefore, we introduce the CORBA security specification and investigate if and how the identified TINA security services can be implemented using the CORBA security functionality.

Security in TINA

S. Staamann and U. Wilhelm and L. Buttyán

Proceedings of IFIP-SEC`98, Wienna-Budapest, August, 1998.

Bibtex | Abstract

@inproceedings {
   author = { and and Levente Buttyán},
   title = {Security in TINA},
   booktitle = {Proceedings of IFIP-SEC`98},
   address = {Wienna-Budapest},
   month = {August},
   year = {1998}
}

Keywords

security, CORBA, DPE, TINA, interoperability

Abstract

TINA is a specification of an open architecture for telecommunication services in the broadband, multimedia, and information era. Its characteristics most relevant for security are a variety of services, a multitude of service providers, a well defined business model, a middleware platform for service development and provision, and the assumption of advanced costumer premises equipment. Concepts for its security architecture are developed in the CrySTINA project. We introduce the TINA-C architecture, analyse it with regard to security, and present the CrySTINA security architecture. CrySTINA is aligned with the OMG`s CORBA Security specification, but enhances it with regard to security interoperability despite the heterogeneity of security policies and technologies that must be expected in TINA networks. Thus, we present a model for the enforcement of security policies that supports the negotiation of security contexts.

1997

Data Security Issues of Computer Networks

L. Buttyán

Magyar Távközlés (Selected Papers from the Hungarian Telecommunications), 1997, pp. 50-57..

Bibtex

@article {
   author = {Levente Buttyán},
   title = {Data Security Issues of Computer Networks},
   journal = {Magyar Távközlés (Selected Papers from the Hungarian Telecommunications)},
   year = {1997},
   pages = {50-57.}
}

Abstract

On the Design of Strong Bit Permutations and Substitutions

L. Buttyán and I. Vajda

Budapest University of Technology, January, 1997.

Bibtex

@techreport {
   author = {Levente Buttyán and István VAJDA},
   title = {On the Design of Strong Bit Permutations and Substitutions},
   institution = {Budapest University of Technology},
   month = {January},
   year = {1997}
}

Abstract

On the Design of Substitution-Permutation Ciphers

I. Vajda and L. Buttyán

Budapest University of Technology, January, 1997.

Bibtex

@techreport {
   author = {István VAJDA and Levente Buttyán},
   title = {On the Design of Substitution-Permutation Ciphers},
   institution = {Budapest University of Technology},
   month = {January},
   year = {1997}
}

Abstract

Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach

S. Staamann and U. Wilhelm and A. Schiper and L. Buttyán and J. P. Hubaux

Proceedings of TINA`97, November, 1997.

Bibtex | Abstract

@inproceedings {
   author = { and and and Levente Buttyán and },
   title = {Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach},
   booktitle = {Proceedings of TINA`97},
   month = {November},
   year = {1997}
}

Keywords

security, TINA

Abstract

1996

Data Security Issues of Computer Networks (in Hungarian)

L. Buttyán

Magyar Távközlés, vol. VII., no. 4., April, 1996, pp. 11-19..

Bibtex

@article {
   author = {Levente Buttyán},
   title = {Data Security Issues of Computer Networks (in Hungarian)},
   journal = {Magyar Távközlés},
   volume = {VII.},
   number = {4.},
   month = {April},
   year = {1996},
   pages = {11-19.}
}

Abstract

1995

On Design Criteria of Conventional Block Ciphers (in Hungarian)

I. Vajda and L. Buttyán

Hiradástechnika, vol. XLVI., March, 1995, pp. 10-18., (awarded with the Pollak-Virag Award of the Hungarian Telecommunication Scientific Society).

Bibtex

@article {
   author = {István VAJDA and Levente Buttyán},
   title = {On Design Criteria of Conventional Block Ciphers (in Hungarian)},
   journal = {Hiradástechnika},
   volume = {XLVI.},
   month = {March},
   year = {1995},
   pages = {10-18.},
   note = {(awarded with the Pollak-Virag Award of the Hungarian Telecommunication Scientific Society)}
}

Abstract

S-box Design, (in Hungarian)

L. Buttyán

Budapest University of Technology, May, 1995.

Bibtex

@mastersthesis {
   author = {Levente Buttyán},
   title = {S-box Design, (in Hungarian)},
   school = {Budapest University of Technology},
   month = {May},
   year = {1995}
}

Abstract

Searching for the best linear approximation of DES-like cryptosystems

L. Buttyán and I. Vajda

IEE Electronics Letters, vol. 31, no. 11, May, 1995, pp. 873-874.

Bibtex

@article {
   author = {Levente Buttyán and István VAJDA},
   title = {Searching for the best linear approximation of DES-like cryptosystems},
   journal = {IEE Electronics Letters},
   volume = {31},
   number = {11},
   month = {May},
   year = {1995},
   pages = {873-874}
}