2024
Advancing Computer Security for Radiation Detection Systems through IAEA Coordinated Research Project
R. Busquim e Silva and M. Rowland and G. White and K. El-Khatib and J. Roberto Castilho Piqueira and J. Li and T. Holczer
Proceedings of the 65th Annual Meeting of the Institute of Nuclear Materials Management, 2024.
Bibtex
| Abstract
| PDF
| Link
@inproceedings {
author = {R. Busquim e Silva and M. Rowland and G. White and K. El-Khatib and J. Roberto Castilho Piqueira and J. Li and Tamas Holczer},
title = {Advancing Computer Security for Radiation Detection Systems through IAEA Coordinated Research Project},
booktitle = {Proceedings of the 65th Annual Meeting of the Institute of Nuclear Materials Management},
year = {2024},
howpublished = "\url{https://m2.mtmt.hu/api/publication/35134559}"
}
Abstract
This work presents the results of the on-going International Atomic Energy Agency (IAEA) Coordinated Research Project (CRP) J02017 entitled Enhancing Computer Security for Radiation Detection Systems. Radiation detection systems are comprised of a large number of fixed and mobile radiation detectors used for safety and security purposes for nuclear power energy production, nuclear fuel cycle activities, nuclear research reactor operation, medical applications, transportation of nuclear material, environmental monitoring, border control and major public events (among others). The signals generated by radiation detection and physical protection systems produce alarms (and information) that are transmitted and monitored locally or remotely and additional alarm monitoring centers. The transmission of this information across a diverse range of communication channels increases the effectiveness of radiation monitoring and detection systems, and the timely responses to alarm conditions. During signal generation and transmission, processing or storage of information, there is the possibility of compromise and manipulation of data, requiring computer security measures to protect and preserve the confidentiality, integrity, and availability of the information being transmitted, assessed, and stored. The research also includes the physical protection systems that protect other radioactive material from theft or sabotage. The objective of the IAEA CRP on Enhancing Computer Security for Radiation Detection Systems is to develop methodologies and techniques to improve computer security of radiation detection equipment, physical protection systems, associated computer-based systems, data communications protocols and the network infrastructure that supports the use of these systems. This panel will discuss the ongoing IAEA CRP research addressing computer security issues related to radiation detection equipment, the need of cybersecurity capacity in specific nuclear security domains; the specific challenges involved with researching cybersecurity for nuclear security; and it will summarize key projects within the IAEA CRP J02017 and their potential benefits to capacity building efforts in Member States with mature nuclear security programs and newcomer countries.
On the Performance Evaluation of Protocol State Machine Reverse Engineering Methods
G. Ládi and T. Holczer
Journal of Communications Software and Systems, 2024.
Bibtex
| Abstract
| PDF
| Link
@article {
author = {Gergõ Ládi and Tamas Holczer},
title = {On the Performance Evaluation of Protocol State Machine Reverse Engineering Methods},
journal = {Journal of Communications Software and Systems},
year = {2024},
howpublished = "\url{https://doi.org/10.24138/jcomss-2023-0149}"
}
Keywords
protocol reverse engineering, protocol state machine, performance evaluation, runtime analysis, bounded runtime, incomplete input
Abstract
Having access to the specifications of network pro- tocols is essential for several reasons in IT security. When the specifications are not known, one may turn to protocol reverse engineering methods to reconstruct these, typically by analysing recorded network traffic or inspecting an executable that implements the protocol. First, the format and structure of the messages need to be recovered, then the state machine of the protocol itself. Over the years, several solutions have been proposed for both tasks. As a consequence, picking the right solution for a given scenario is often a complex problem that involves evaluating and comparing various solutions. In this paper, we review the current means of evaluating the perfor- mance of protocol state machine reverse engineering methods. To help alleviate the shortcomings of the current methodology, we propose two new metrics of performance to be measured: correctness and completeness of output for partial runs (when runtime is bounded). These, combined with previously used metrics should make it easier to pick the most ideal choice for a given use case. We also propose the examination of cases where the algorithms have to work with incomplete or inaccurate syntactical information. We showcase how these new metrics and related information may be useful for the evaluation and comparison of various algorithms by applying these new methods to evaluate the performance of a recent protocol state machine reverse engineering method.
Villamos rendszerek kiberbiztonsága az Ukrajnával kapcsolatos történések tükrében
J. Csatár and P. Görgey and T. Holczer
SCIENTIA ET SECURITAS, 2024.
Bibtex
| Abstract
| PDF
| Link
@article {
author = {János Csatár and Péter Görgey and Tamas Holczer},
title = {Villamos rendszerek kiberbiztonsága az Ukrajnával kapcsolatos történések tükrében},
journal = {SCIENTIA ET SECURITAS},
year = {2024},
howpublished = "\url{https://m2.mtmt.hu/api/publication/34777404}"
}
Keywords
electric power system, critical infrastructure, cyberattack
Abstract
All developed countries are highly dependent on the operation of electric power systems, and this dependence will probably increase. Many factors influence stable operation, some of which are random (weather or failures of devices and cables); however, human activities also have a significant impact on reliability. In this paper, we deal with special cases of attacks that achieve a detrimental effect on the electric power system by compromising the controlling and monitoring computer systems. To support the reader, we first analyze the key components of the physical and cyber parts of the system to provide an understanding of the intertwining of these domains – it is a cyber-physical system. We further elaborate on how an event can spread from one part to the other through domains. Then, a series of actual examples underlines the importance of this topic, focusing on malicious acts committed with the goal of sabotaging the power system. Thereafter, we analyze cyber-attacks committed during the last eight years in Ukraine. Most of these attacked the Ukrainian electric power system, aiming for blackouts and device destruction. Some of the attacks had severe consequences in other European countries as well. However, some attacks were successfully stopped before any harm was made. After analyzing the events, we conclude that threat actors’ focus shifted from causing short-term blackouts to device destruction and long-term breakdowns. In the last part of our paper, we enumerate mitigation methods for operators. Our enumeration is based on the PreDeCo principle, namely prevention, detection, and correction. In conclusion, the defender must separate its different purpose networks, use strong authentication and authorization, and have proper patch management policies. These techniques must be verified with regular penetration tests. As the Ukrainian examples show, the threat actor sometimes can avoid prevention techniques; thus, good detection is necessary. The detection is based on analyzing the output of intrusion detection systems and detailed logging facilities. The analysis should be done in the security operations center by experts with knowledge of both cyberspace and electric power systems operations. In case of an incident, the security operations center must make corrective steps with the possible help of external experts. The corrective steps include the understanding of the incident, the recovery from the incident, the prevention of future similar incidents, and the digital forensic of the incident.
2023
Holistic attack methods against power systems using the IEC 60870-5-104 protocol
J. Csatár and P. György and T. Holczer
Infocommunications Journal, Vol. XV, No. 3., 2023.
Bibtex
| Abstract
| PDF
| Link
@article {
author = {János Csatár and Péter György and Tamas Holczer},
title = {Holistic attack methods against power systems using the IEC 60870-5-104 protocol},
journal = {Infocommunications Journal, Vol. XV, No. 3.},
year = {2023},
howpublished = "\url{https://www.infocommunications.hu/documents/169298/4893630/InfocomJournal_2023_3_5.pdf}"
}
Keywords
IEC 60870-5-104, Attack, Security, Power system
Abstract
IEC 60870-5-104 is a widely used protocol for telecontrol in European power systems. However, security was not a design goal when it was originally published: This protocol lacks built-in security features such as encryption, integrity protection, or authentication. In this paper, we describe novel types of attacks against the protocol in a holistic way. Therefore, we also enumerate the possible entry points of the threat actors and demonstrate a new technique, where the malicious actor can precisely target the attack. These methods are demonstrated both on simulated environment and actual devices and compared with already published methods.
Machine Learning Based Time Series Generation for the Nuclear Industry
T. Holczer
Proceedings of the International Conference on Computer Security in the Nuclear World: Security for Safety. (2023), 2023.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Tamas Holczer},
title = {Machine Learning Based Time Series Generation for the Nuclear Industry},
booktitle = {Proceedings of the International Conference on Computer Security in the Nuclear World: Security for Safety. (2023)},
year = {2023}
}
Keywords
machine learning, time series, radiation detection system
Abstract
We need a lot of data for various purposes. We want to test new algorithms or make a cyber exercise, but sometimes we do not have enough original publicly available data. In this case we must generate synthetic data. A special case of data generation is where we need a time series. This paper discovers different methods of time series generation and test a method called TimeGAN for generating synthetic radiation detection system data. Similar approach can be used for temperature, pressure, or other synthetic time series relevant for the nuclear industry.
Privacy pitfalls of releasing in-vehicle network data
A. Gazdag and Sz. Lestyán and M. Remeli and G. Ács and T. Holczer and G. Biczók
Vehicular Communications, 2023.
Bibtex
| Abstract
| PDF
| Link
@article {
author = {András Gazdag and Szilvia Lestyan and Mina Remeli and Gergely Ács and Tamas Holczer and Gergely Biczók},
title = {Privacy pitfalls of releasing in-vehicle network data},
journal = {Vehicular Communications},
year = {2023},
howpublished = "\url{https://www.sciencedirect.com/science/article/pii/S2214209622001127?via%3Dihub}"
}
Keywords
In-vehicle network data; Privacy attacks; Driver re-identification; Trajectory reconstruction; Anonymization; Differential privacy
Abstract
The ever-increasing volume of vehicular data has enabled different service providers to access and monetize in-vehicle network data of millions of drivers. However, such data often carry personal or even potentially sensitive information, and therefore service providers either need to ask for drivers\' consent or anonymize such data in order to comply with data protection regulations. In this paper, we show that both fine-grained consent control as well as the adequate anonymization of in-network vehicular data are very challenging. First, by exploiting that in-vehicle sensor measurements are inherently interdependent, we are able to effectively i) re-identify a driver even from the raw, unprocessed CAN data with 97% accuracy, and ii) reconstruct the vehicle's complete location trajectory knowing only its speed and steering wheel position. Since such signal interdependencies are hard to identify even for data controllers, drivers' consent will arguably not be informed and hence may become invalid. Second, we show that the non-systematic application of different standard anonymization techniques (e.g., aggregation, suppression, signal distortion) often results in volatile, empirical privacy guarantees to the population as a whole but fails to provide a strong, worst-case privacy guarantee to every single individual. Therefore, we advocate the application of principled privacy models (such as Differential Privacy) to anonymize data with strong worst-case guarantee.
2021
Attacking IEC 60870-5-104 Protocol
P. György and T. Holczer
CEUR Workshop Proceedings, 2874 pp. 140-150. Paper: 13 , 11 p., 2021.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Péter György and Tamas Holczer},
title = {Attacking IEC 60870-5-104 Protocol},
booktitle = {CEUR Workshop Proceedings, 2874 pp. 140-150. Paper: 13 , 11 p.},
year = {2021}
}
Keywords
IEC-104, attack, security, power grid
Abstract
IEC 60870-5-104 is a widely used protocol for telecontrol in European power systems. Despite its wide usage, security was not a priority when the protocol was created. The IEC-104 protocol lacks important security features such as encryption, integrity protection, or authentication. In this paper, our goal is to show the risks of using this insecure protocol. To demonstrate it, we designed and implemented a wide range of different attacks. We also rated the stealthiness of these attacks in order to show that detection of an intruder is not always obvious. Our stealthy and successful attacks were carried out in a test environment with several virtual machines running an open-source implementation of the protocol.
Enhancing Safety and Security of Digital Instrumentation and Control System by Event Aggregation
R. Altschaffel and F. Zhang and J. Li and J. Hielscher and T. Holczer and W. Si and K. Lamshöft
12th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies, 2021.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Robert Altschaffel and Fan Zhang and Jianghai Li and Jonas Hielscher and Tamas Holczer and Wen Si and Kevin Lamshöft},
title = {Enhancing Safety and Security of Digital Instrumentation and Control System by Event Aggregation},
booktitle = {12th Nuclear Plant Instrumentation, Control and Human-Machine Interface Technologies},
year = {2021}
}
Keywords
NPP Cybersecurity, I&C Security, SIEM, IDS, Anomaly Detection
Abstract
Nuclear power plants (NPPs) are implementing or transitioning to digital instrumentation and control (I&C) systems to control underlying physical processes. Such systems present an attack surface of obvious interest to various subsets of potential attackers and hence lead to a relevance of cybersecurity in a nuclear context. This prompts the need for measures aimed at detecting anomalous behavior or unwanted events in the I&C systems. This paper performs a survey on existing approaches to detect such behavior. This survey covers different perspectives and a broad range of different anomalous or unwanted behavior in the physical process and all aspects of the digital I&C systems. The perspective benefits from the inclusion of experts from the field of NPP cybersecurity, automation engineering and IT security. This interdisciplinary perspective allows for the identification of different sets of relevant data and events which might contribute to the understanding of an abnormal or unwanted situation (malfunction or a cyber-attack). This paper discusses how this data should be collected, how it can be aggregated and in which way it can enhance the safety and security of digital I&C systems.
Protocol State Machine Reverse Engineering with a Teaching-Learning Approach
G. Székely and G. Ládi and T. Holczer and L. Buttyán
Acta Cybernetica, 2021.
Bibtex
| Abstract
| PDF
@article {
author = {Gábor Székely and Gergõ Ládi and Tamas Holczer and Levente Buttyán},
title = {Protocol State Machine Reverse Engineering with a Teaching-Learning Approach},
journal = {Acta Cybernetica},
year = {2021}
}
Keywords
automated protocol reverse engineering, state machines, Mealy machines
Abstract
In this work, we propose a novel solution to the problem of inferring the state machine of an unknown protocol. We extend and improve prior results on inferring Mealy machines, and present a new algorithm that accesses and interacts with a networked system that runs the unknown protocol in order to infer the Mealy machine representing the protocol’s state machine. To demonstrate the viability of our approach, we provide an implementation and illustrate the operation of our algorithm on a simple example protocol, as well as on two real-world protocols, Modbus and MQTT.
2020
GrAMeFFSI: Graph Analysis Based Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic
G. Ládi and L. Buttyán and T. Holczer
Infocommunications Journal, Vol. XII, No. 2, 2020.
Bibtex
| Abstract
| PDF
@article {
author = {Gergõ Ládi and Levente Buttyán and Tamas Holczer},
title = {GrAMeFFSI: Graph Analysis Based Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic},
journal = {Infocommunications Journal, Vol. XII, No. 2},
year = {2020}
}
Keywords
protocol reverse engineering, message format, field semantics, inference, binary protocols, network traffic, graph analysis, Modbus, MQTT
Abstract
Protocol specifications describe the interaction be- tween different entities by defining message formats and message processing rules. Having access to such protocol specifications is highly desirable for many tasks, including the analysis of botnets, building honeypots, defining network intrusion detection rules, and fuzz testing protocol implementations. Unfortunately, many protocols of interest are proprietary, and their specifications are not publicly available. Protocol reverse engineering is an approach to reconstruct the specifications of such closed proto- cols. Protocol reverse engineering can be tedious work if done manually, so prior research focused on automating the reverse engineering process as much as possible. Some approaches rely on access to the protocol implementation, but in many cases, the protocol implementation itself is not available or its license does not permit its use for reverse engineering purposes. Hence, in this paper, we focus on reverse engineering protocol specifications relying solely on recorded network traffic. More specifically, we propose GrAMeFFSI, a method based on graph analysis that can infer protocol message formats as well as certain field semantics for binary protocols from network traces. We demonstrate the usability of our approach by running it on packet captures of two known protocols, Modbus and MQTT, then comparing the inferred specifications to the official specifications of these protocols.
Nuclear Power Plant in a Box
R. Altschaffel and T. Holczer and R. A. Busquim e Silva and J. Li and P. György and M. Hildebrandt and M. Hewes
International Conference on Nuclear Security: Sustaining and Strengthening Efforts, International Atomic Energy Agency (IAEA), 2020.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Robert Altschaffel and Tamas Holczer and R. A. Busquim e Silva and Jianghai Li and Péter György and M. Hildebrandt and M. Hewes},
title = {Nuclear Power Plant in a Box},
booktitle = {International Conference on Nuclear Security: Sustaining and Strengthening Efforts},
publisher = {International Atomic Energy Agency (IAEA)},
year = {2020}
}
Abstract
The paper presents the development of an architecture to deploy a simulated nuclear power plant in order to support training and research. In contrast to other simulators, which focus on the underlying physical processes, this approach also covers the industrial control systems (ICS) supervising and controlling these processes. Additionally, the IT components required for the associated business processes are also included, allowing for training with regard to threats to these IT components, including cyber-attack scenarios.
Towards Reverse Engineering Protocol State Machines
G. Székely and G. Ládi and T. Holczer and L. Buttyán
The 12th Conference of PhD Students in Computer Science - Volume of short papers, 2020, pp. 70-73.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Gábor Székely and Gergõ Ládi and Tamas Holczer and Levente Buttyán},
title = {Towards Reverse Engineering Protocol State Machines},
booktitle = {The 12th Conference of PhD Students in Computer Science - Volume of short papers},
year = {2020},
pages = {70-73}
}
Abstract
In this work, we are addressing the problem of inferring the state machine of an unknown protocol. Our method is based on prior work on inferring Mealy machines. We require access to and interaction with a system that runs the unknown protocol, and we serve a state-of-the-art Mealy machine inference algorithm with appropriate input obtained from the system at hand. We implemented our method and illustrate its operation on a simple example protocol.
Virtualization-assisted Testing of Network Security Systems for NPPs
T. Holczer and G. Berman and S. M. Darricades and P. György and G. Ládi
International Conference on Nuclear Security: Sustaining and Strengthening Efforts, International Atomic Energy Agency (IAEA), 2020.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Tamas Holczer and G. Berman and S. M. Darricades and Péter György and Gergõ Ládi},
title = {Virtualization-assisted Testing of Network Security Systems for NPPs},
booktitle = {International Conference on Nuclear Security: Sustaining and Strengthening Efforts},
publisher = {International Atomic Energy Agency (IAEA)},
year = {2020}
}
Abstract
Nuclear power plants use different digital assets to control the processes. These assets are normally connected by computer networks, and are targets of potential cyber-attacks. To avoid or mitigate the effect of such an attack, different security controls are used in accordance with the guidelines. Before deploying a new cyber security control, it must be tested thoroughly. The paper proposes virtual testbeds made of virtual computers and networks for these tests and shows how three widely used open source firewalls perform in such a test.
2018
Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic
G. Ládi and L. Buttyán and T. Holczer
26th International Conference on Software, Telecommunications and Computer Networks, Workshop on Information and Communication Technologies, Proceedings, FESB, University of Split, 2018, pp. 1-6, ISBN 978-9-5329-0087-3.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Gergõ Ládi and Levente Buttyán and Tamas Holczer},
title = {Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic},
booktitle = {26th International Conference on Software, Telecommunications and Computer Networks, Workshop on Information and Communication Technologies, Proceedings},
publisher = {FESB, University of Split},
year = {2018},
pages = {1-6},
note = {ISBN 978-9-5329-0087-3}
}
Keywords
protocol reverse engineering; message format; field semantics; inference; binary protocols; network traffic; Modbus; MQTT
Abstract
Protocol specifications describe the interaction between different entities by defining message formats and message
processing rules. Having access to such protocol specifications is
highly desirable for many tasks, including the analysis of botnets,
building honeypots, defining network intrusion detection rules,
and fuzz testing protocol implementations. Unfortunately, many
protocols of interest are proprietary, and their specifications
are not publicly available. Protocol reverse engineering is an
approach to reconstruct the specifications of such closed protocols. Protocol reverse engineering can be tedious work if done
manually, so prior research focused on automating the reverse
engineering process as much as possible. Some approaches rely
on access to the protocol implementation, but in many cases, the
protocol implementation itself is not available or its license does
not permit its use for reverse engineering purposes. Hence, in
this paper, we focus on reverse engineering protocol specifications
based solely on recorded network traffic. More specifically, we
propose a method that can infer protocol message formats as
well as certain field semantics for binary protocols from network
traces. We demonstrate the usability of our approach by running
it on packet captures of two known protocols, Modbus and
MQTT, then comparing the inferred specifications to the known
specifications of these protocols.
Vehicular Can Traffic Based Microtracking for Accident Reconstruction
A. Gazdag and T. Holczer and L. Buttyán and Zs. Szalay
Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering, University of Miskolc, Miskolc, Hungary, 2018.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {András Gazdag and Tamas Holczer and Levente Buttyán and Zsolt Szalay},
title = {Vehicular Can Traffic Based Microtracking for Accident Reconstruction},
booktitle = {Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering},
publisher = {University of Miskolc, Miskolc, Hungary},
year = {2018}
}
Keywords
Digital forensics, CAN network
Abstract
Accident reconstruction is the process of reliably discovering what has happened before a serious event. We show how the most widely used intra vehicular network (namely the Controller Area Network, CAN) can be used in this process. We show how the actual velocity and steering wheel position transmitted on the CAN network can be used to reconstruct the trajectory of a vehicle. This trajectory is an essential input in the reconstruction process. In this paper, we show how the CAN traffic of an actual vehicle can be used to recon- struct the trajectory of the vehicle, and we evaluate our approach in several real life experiments including normal and pre-accident situations.
2016
Intrusion detection in Cyber Physical Systems Based on Process Modelling
A. Gazdag and T. Holczer and Gy. Miru
Proceedings of 16th European Conference on Cyber Warfare & Security, Academic conferences, 2016.
Bibtex
| Abstract
@inproceedings {
author = {András Gazdag and Tamas Holczer and Gyorgy Miru},
title = {Intrusion detection in Cyber Physical Systems Based on Process Modelling},
booktitle = {Proceedings of 16th European Conference on Cyber Warfare & Security},
publisher = {Academic conferences},
year = {2016}
}
Abstract
Cyber physical systems (CPS) are used to control chemical processes, and can be found in manufacturing, civil infrastructure, energy industry, transportation and in many more places. There is one common characteristic in these areas, their operation is critical as a malfunction can potential be life-threatening. In the past, an attack against the cyber part of the systems can lead to physical consequences. The first well known attack against a CPS was Stuxnet in 2010. It is challenging to develop countermeasures in this field without endangering the normal operation of the underlying system. In our research, our goal was to detect attacks without interfering with the cyber physical systems in any way. This can be realized by an anomaly detection system using passive network monitoring. Our approach is based on analysing the state of the physical process by interpreting the communication between the control system and the supervisory system. This state can be compared to a model based prediction of the system, which can serve as a solid base for intrusion detection. In order to realize our intrusion detection system, a testbed was built based on widely used Siemens PLCs. Our implementation consists of three main parts. The first task is to understand the network communication in order to gain information about the controlled process. This was realized by analysing and deeply understanding the publicly undocumented Siemens management protocol. The resulting protocol parser was integrated into the widely-used Bro network security monitoring framework. Gathering information about the process state for a prolonged time creates time series. With these time series, as the second step, statistical models of the physical process can be built to predict future states. As the final step, the new states of the physical process can be compared with the predicted states. Significant differences can be considered as an indicator of compromise.
2015
ROSCO: Repository of signed code
B. Bencsáth and L. Buttyán and T. Holczer and B. Kócsó and D. Papp
Virus Bulletin, 2015.
Bibtex
| PDF
@conference {
author = {Boldizsár Bencsáth and Levente Buttyán and Tamas Holczer and Balázs Kócsó and Dorottya Papp},
title = {ROSCO: Repository of signed code},
booktitle = {Virus Bulletin},
year = {2015}
}
Abstract
The design and implementation of a PLC honeypot for detecting cyber attacks against industrial control systems
L. Buttyán and M. Felegyhazi and T. Holczer
Proceedings of International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange, IAEA, 2015.
Bibtex
@inproceedings {
author = {Levente Buttyán and Mark Felegyhazi and Tamas Holczer},
title = {The design and implementation of a PLC honeypot for detecting cyber attacks against industrial control systems},
booktitle = {Proceedings of International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange},
publisher = {IAEA},
year = {2015}
}
Abstract
2014
Adatbányászat az informatikai biztonságban
A. Kiss and T. Holczer and K Szücs
INFODIDACT konferencia, Webdidaktika Alapítvány, 2014, ISBN: 9789631206272.
Bibtex
@conference {
author = {Attila Kiss and Tamas Holczer and Szücs Katalin},
title = {Adatbányászat az informatikai biztonságban},
booktitle = { INFODIDACT konferencia},
publisher = {Webdidaktika Alapítvány},
year = {2014},
note = {ISBN: 9789631206272}
}
Abstract
CryPLH: Intelligens ipari rendszerek célzott támadások elleni védelme PLC honeyp
T. Holczer and M. Felegyhazi and Gy. Miru and F. Juhasz and D. Buza
Kiss Natália Nagy Bálint Németh István Péter (Eds), Tudományos terek, pp. 9-20, DUF Press, 2014, ISBN: 9789632870755.
Bibtex
@inbook {
author = {Tamas Holczer and Mark Felegyhazi and Gyorgy Miru and Ferenc Juhasz and Daniel Buza},
editor = {Kiss Natália Nagy Bálint Németh István Péter (Eds)},
title = {CryPLH: Intelligens ipari rendszerek célzott támadások elleni védelme PLC honeyp},
chapter = {Tudományos terek},
pages = {9-20},
publisher = {DUF Press},
year = {2014},
note = {ISBN: 9789632870755}
}
Abstract
CryPLH: Protecting smart energy systems from targeted attacks with a PLC honeypot
D. Buza and F. Juhasz and Gy. Miru and M. Felegyhazi and T. Holczer
in Proceedings of SmartGridSec 2014, February 26, 2014.
Bibtex
| Abstract
| PDF
@article {
author = {Daniel Buza and Ferenc Juhasz and Gyorgy Miru and Mark Felegyhazi and Tamas Holczer},
title = {CryPLH: Protecting smart energy systems from targeted attacks with a PLC honeypot},
journal = {in Proceedings of SmartGridSec 2014},
month = {February 26},
year = {2014}
}
Keywords
PLC honeypot, critical infrastructures, advanced threat monitoring, industrial control systems security
Abstract
Smart grids consist of suppliers, consumers, and other parts. The main suppliers are normally supervised by industrial control sys- tems. These systems rely on programmable logic controllers (PLCs) to control industrial processes and communicate with the supervisory sys- tem. Until recently, industrial operators relied on the assumption that these PLCs are isolated from the online world and hence cannot be the target of attacks. Recent events, such as the infamous Stuxnet attack [15] directed the attention of the security and control system community to the vulnerabilities of control system elements, such as PLCs. In this paper, we design and implement the Crysys PLC honeypot (CryPLH) system to detect targeted attacks against industrial control systems. This PLC honeypot can be implemented as part of a larger security monitoring system. Our honeypot implementation improves upon existing solutions in several aspects: most importantly in level of interaction and ease of configuration. Results of an evaluation show that our honeypot is largely indistinguishable from a real device from the attacker’s perspective. As a collateral of our analysis, we were able to identify some security issues in the real PLC device we tested and implemented specific firewall rules to protect the device from targeted attacks.
2012
Secure and Reliable Clustering in Wireless Sensor Networks: A Critical Survey
P. Schaffer and K. Farkas and Á. Horváth and T. Holczer and L. Buttyán
accepted for publication in Elsevier Computer Networks, 2012.
Bibtex
| Abstract
@article {
author = {Peter Schaffer and Károly Farkas and Ádám Horváth and Tamas Holczer and Levente Buttyán},
title = {Secure and Reliable Clustering in Wireless Sensor Networks: A Critical Survey},
journal = {accepted for publication in Elsevier Computer Networks},
year = {2012}
}
Abstract
In the past few years, research interest has been increased towards wireless
sensor networks (WSNs) and their application in both the military and civil
domains. To support scalability in WSNs and increase network lifetime, nodes
are often grouped into disjoint clusters. However, secure and reliable clustering,
which is critical in WSNs deployed in hostile environments, has gained modest
attention so far or has been limited only to fault tolerance. In this paper, we
review the state-of-the-art of clustering protocols inWSNs with special emphasis
on security and reliability issues. First, we define the taxonomy of security and
reliability for cluster head election and clustering in WSNs. Then, we describe
and analyze the most relevant secure and reliable clustering protocols. Finally,
we propose countermeasures against typical attacks and show how they improve
the discussed protocols.
Traffic Analysis Attacks and Countermeasures in Wireless Body Area Sensor Networks
L. Buttyán and T. Holczer
IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN), IEEE, June, 2012.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Levente Buttyán and Tamas Holczer},
title = {Traffic Analysis Attacks and Countermeasures in Wireless Body Area Sensor Networks},
booktitle = {IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN)},
publisher = {IEEE},
month = {June},
year = {2012}
}
Abstract
In this paper, we study the problem of traffic
analysis attacks in wireless body area sensor networks. When
these networks are used in health-care for remote patient
monitoring, traffic analysis can reveal the type of medical sensors
mounted on the patient, and this information may be used
to infer the patient’s health problems. We show that simple
signal processing methods can be used effectively for performing
traffic analysis attacks and identifying the sensor types in a
rather weak adversary model. We then investigate possible
traffic obfuscation mechanisms aiming at hiding the regular
patterns in the observable wireless traffic. Among the investigated
countermeasures, traffic shaping, a mechanism that introduces
carefully chosen delays for message transmissions, appears to be
the best choice, as it achieves close to optimal protection and
incurs no overhead.
2011
Anonymous Aggregator Election and Data Aggregation in Wireless Sensor Networks
T. Holczer and L. Buttyán
International Journal of Distributed Sensor Networks, 2011, pp. 1-18, Article ID 828414.
Bibtex
| Abstract
| PDF
@article {
author = {Tamas Holczer and Levente Buttyán},
title = {Anonymous Aggregator Election and Data Aggregation in Wireless Sensor Networks},
journal = {International Journal of Distributed Sensor Networks},
year = {2011},
pages = {1-18},
note = {Article ID 828414}
}
Abstract
In mission critical cyber-physical systems, dependability is an important requirement at all layers of the system architecture. In this paper, we propose protocols that increase the dependability of wireless sensor networks, which are potentially useful building blocks in cyber physical systems. More specifically, we propose two private aggregator node election protocols, a private data aggregation protocol, and a corresponding private query protocol for sensor networks that allow for secure in-network data aggregation by making it difficult for an adversary to identify and then physically disable the designated aggregator nodes. Our advanced protocols resist strong adversaries that can physically compromise some nodes.
VeRA - Version Number and Rank Authentication in RPL
L. Buttyán and T. Holczer and A. Dvir
7th IEEE International Workshop on Wireless and Sensor Networks Security, IEEE, Valencia, Spain, October 17-22, 2011, pp. 709 - 714.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Levente Buttyán and Tamas Holczer and Amit Dvir},
title = {VeRA - Version Number and Rank Authentication in RPL},
booktitle = {7th IEEE International Workshop on Wireless and Sensor Networks Security},
publisher = {IEEE},
address = {Valencia, Spain},
month = {October 17-22},
year = {2011},
pages = {709 - 714}
}
Abstract
Designing a routing protocol for large low-power
and lossy networks (LLNs), consisting of thousands of con-strained nodes and unreliable links, presents new challenges.
The IPv6 Routing Protocol for Low-power and Lossy Networks
(RPL), have been developed by the IETF ROLL Working
Group as a preferred routing protocol to provide IPv6 routing
functionality in LLNs. RPL provides path diversity by building
and maintaining directed acyclic graphs (DAG) rooted at one
(or more) gateway. However, an adversary that impersonates
a gateway or has compromised one of the nodes close to the
gateway can divert a large part of network traffic forward
itself and/or exhaust the nodes’ batteries. Therefore in RPL,
special security care must be taken when the Destination Oriented
Directed Acyclic Graph (DODAG) root is updating the Version
Number by which reconstruction of the routing topology can
be initiated. The same care also must be taken to prevent
an internal attacker (compromised DODAG node) to publish
decreased Rank value, which causes a large part of the DODAG
to connect to the DODAG root via the attacker and give it the
ability to eavesdrop a large part of the network traffic forward
itself. Unfortunately, the currently available security services in
RPL will not protect against a compromised internal node that
can construct and disseminate fake messages. In this paper, a
new security service is described that prevents any misbehaving
node from illegitimately increasing the Version Number and
compromise illegitimate decreased Rank values.
2010
Hide-and-Lie: Enhancing Application-level Privacy in Opportunistic Networks
T. Holczer and L. Dóra
In Proceedings of the Second International Workshop on Mobile Opportunistic Networking ACM/SIGMOBILE MobiOpp 2010, Pisa, Italy, February 22-23, 2010.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Tamas Holczer and László DÓRA},
title = {Hide-and-Lie: Enhancing Application-level Privacy in Opportunistic Networks},
booktitle = {In Proceedings of the Second International Workshop on Mobile Opportunistic Networking ACM/SIGMOBILE MobiOpp 2010},
address = {Pisa, Italy},
month = {February 22-23},
year = {2010}
}
Abstract
A delay-tolerant network is a mobile ad hoc network where the
message dissemination is based on the store-carry-and-forward
principle. This principle raises new aspects of the privacy problem.
In particular, an attacker can build a user profile and trace the
nodes based on this profile even if the message exchange protocol
provides anonymity. In this paper, an attacker model is presented
and some proposed attackers are implemented. We analyze the
efficiency of both the attacks and the proposed defense mechanism,
called Hide-and-Lie Strategy. We show that without any defense
mechanism, the nodes are traceable, but with the Hide-and-Lie
Strategy, the success probability of an attacker can be made equal
to the success probability of the simple guessing. Furthermore, in
some scenarios, the Hide-and-Lie Strategy increases the message
delivery ratio. The number of downloaded messages and the maximal
memory size required to apply the proposed privacy defense mechanism
is also investigated.
Perfectly Anonymous Data Aggregation in Wireless Sensor Networks
T. Holczer and L. Buttyán
Proceedings of The 7th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2010), IEEE, San Francisco, November 8-12, 2010.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Tamas Holczer and Levente Buttyán},
title = {Perfectly Anonymous Data Aggregation in Wireless Sensor Networks},
booktitle = {Proceedings of The 7th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2010)},
publisher = {IEEE},
address = {San Francisco},
month = {November 8-12},
year = {2010}
}
Abstract
Clustering and data aggregation in wireless sensor networks improves
scalability, and helps the efficient use of scarce resources. Yet,
these mechanisms also introduce some security issues; in particular,
aggregator nodes become attractive targets of physical destruction
and jamming attacks. In order to mitigate this problem, we propose a
new private aggregator node election protocol that hides the
identity of the elected aggregator nodes both from external
eavesdroppers and from compromised nodes participating in the
protocol. We also propose a private data aggregation protocol and a
corresponding private query protocol which allows the aggregators to
collect sensor readings and respond to queries of the base station,
respectively, without revealing any useful information about their
identity to external eavesdroppers and to compromised nodes.
2009
Private Cluster Head Election in Wireless Sensor Networks
T. Holczer and L. Buttyán
Proceedings of the Fifth IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'09), IEEE, IEEE, Macau SAR, PRC, October 12 , 2009, pp. 1048-1053.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Tamas Holczer and Levente Buttyán},
title = {Private Cluster Head Election in Wireless Sensor Networks},
booktitle = {Proceedings of the Fifth IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'09)},
organization = {IEEE},
publisher = {IEEE},
address = {Macau SAR, PRC},
month = {October 12 },
year = {2009},
pages = {1048-1053}
}
Abstract
Clustering is a useful mechanism in wireless sensor networks
that helps to cope with scalability problems and, if
combined with in-network data aggregation, may increase
the energy efficiency of the network. At the same time, by
assigning a special role to the cluster head nodes, clustering
makes the network more vulnerable to attacks. In particular,
disabling a cluster head by physical destruction or jamming
may render the entire cluster inoperable temporarily until
the problem is detected and a new cluster head is elected.
Hence, the cluster head nodes may be attractive targets
of attacks, and one would like to make it difficult for
an adversary to identify them. The adversary can try to
identify the cluster head nodes in various ways, including
the observation of the cluster head election process itself and
the analysis of the traffic patterns after the termination of the
cluster head election. In this paper, we focus on the former
problem, which we call the private cluster head election
problem. This problem has been neglected so far, and as
a consequence, existing cluster head election protocols leak
too much information making the identification of the elected
cluster head nodes easy even for a passive external observer.
We propose the first private cluster head election protocol
for wireless sensor networks that is designed to hide the
identity of the elected cluster head nodes from an adversary
that can observe the execution of the protocol.
Secure Vehicle Communication (SeVeCom)
D. D. Cock and P. Ardelean and N. Asaj and S. Cosenza and M. Müter and A. Held and B. Wiedersheim and P. Papadimitratos and F. Kargl and T. Holczer
Demonstration. Mobisys, June, 2009.
Bibtex
| PDF
@misc {
author = {Danny De Cock and Petra Ardelean and Naim Asaj and Stefano Cosenza and Michael Müter and Albert Held and Björn Wiedersheim and Panagiotis Papadimitratos and Frank Kargl and Tamas Holczer},
title = {Secure Vehicle Communication (SeVeCom)},
howpublished = {Demonstration. Mobisys},
month = {June},
year = {2009}
}
Keywords
vehicular ad hoc network, security, privacy
Abstract
SLOW: A Practical Pseudonym Changing Scheme for Location Privacy in VANETs
W. Whyte and A. Weimerskirch and T. Holczer and L. Buttyán
Proceedings of the IEEE Vehicular Networking Conference, IEEE, IEEE, Tokyo, Japan, October 28-29, 2009, pp. 1-8.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {William Whyte and Andre Weimerskirch and Tamas Holczer and Levente Buttyán},
title = {SLOW: A Practical Pseudonym Changing Scheme for Location Privacy in VANETs},
booktitle = {Proceedings of the IEEE Vehicular Networking Conference},
organization = {IEEE},
publisher = {IEEE},
address = {Tokyo, Japan},
month = {October 28-29},
year = {2009},
pages = {1-8}
}
Abstract
Untraceability of vehicles is an important requirement
in future vehicle communications systems. Unfortunately,
heartbeat messages used by many safety applications provide
a constant stream of location data, and without any protection
measures, they make tracking of vehicles easy even for a passive
eavesdropper. One commonly known solution is to transmit
heartbeats under pseudonyms that are changed regularly in order
to obfuscate the trajectory of vehicles. However, this approach is
effective only if some silent period is kept during the pseudonym
change and several vehicles change their pseudonyms nearly
at the same time and at the same location. Unlike previous
works that proposed explicit synchronization between a group
of vehicles and/or required pseudonym change in a designated
physical area (i.e., a static mix zone), we propose a much simpler
approach that does not need any explicit cooperation between
vehicles and any infrastructure support. Our basic idea is that
vehicles should not transmit heartbeat messages when their speed
drops below a given threshold, say 30 km/h, and they should
change pseudonym during each such silent period. This ensures
that vehicles stopping at traffic lights or moving slowly in a traffic
jam will all refrain from transmitting heartbeats and change their
pseudonyms nearly at the same time and location. Thus, our
scheme ensures both silent periods and synchronized pseudonym
change in time and space, but it does so in an implicit way. We
also argue that the risk of a fatal accident at a slow speed is
low, and therefore, our scheme does not seriously impact safety-of-
life. In addition, refraining from sending heartbeat messages
when moving at low speed also relieves vehicles of the burden
of verifying a potentially large amount of digital signatures, and
thus, makes it possible to implement vehicle communications with
less expensive equipments.
2008
Secure vehicular communication systems: design and architecture
J. P. Hubaux and A. Kung and F. Kargl and Z. Ma and M. Raya and J. Freudiger and E. Schoch and T. Holczer and L. Buttyán and P. Papadimitratos
IEEE Communications Magazine, vol. 46, no. 11, November, 2008, pp. 100-109.
Bibtex
| Abstract
| PDF
@article {
author = {Jean-Pierre Hubaux and Antonio Kung and Frank Kargl and Zhendong Ma and Maxim Raya and Julien Freudiger and Elmar Schoch and Tamas Holczer and Levente Buttyán and Panagiotis Papadimitratos},
title = {Secure vehicular communication systems: design and architecture},
journal = {IEEE Communications Magazine},
volume = {46},
number = {11},
month = {November},
year = {2008},
pages = {100-109}
}
Abstract
Significant developments have taken place
over the past few years in the area of vehicular
communication systems. Now, it is well understood
in the community that security and protection
of private user information are a
prerequisite for the deployment of the technology.
This is so precisely because the benefits of
VC systems, with the mission to enhance transportation
safety and efficiency, are at stake.
Without the integration of strong and practical
security and privacy enhancing mechanisms, VC
systems can be disrupted or disabled, even by
relatively unsophisticated attackers. We address
this problem within the SeVeCom project, having
developed a security architecture that provides
a comprehensive and practical solution.
We present our results in a set of two articles in
this issue. In this first one, we analyze threats
and types of adversaries, identify security and
privacy requirements, and present a spectrum of
mechanisms to secure VC systems. We provide a
solution that can be quickly adopted and
deployed. In the second article we present our
progress toward the implementation of our
architecture and results on the performance of
the secure VC system, along with a discussion of
upcoming research challenges and our related
current results.
2007
Group-Based Private Authentication
G. Avoine and L. Buttyán and T. Holczer and I. Vajda
In Proceedings of the International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007), IEEE, Helsinki, Finland, Jun 18 , 2007.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Gildas Avoine and Levente Buttyán and Tamas Holczer and István VAJDA},
title = {Group-Based Private Authentication},
booktitle = {In Proceedings of the International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007)},
publisher = {IEEE},
address = {Helsinki, Finland},
month = {Jun 18 },
year = {2007}
}
Abstract
We propose a novel authentication scheme that ensures privacy of the provers. Our scheme is based on symmetric-key cryptography, and therefore, it is well-suited to resource constrained applications in large scale environments. A typical example for such an application is an RFID system, where the provers are low-cost RFID tags, and the number of the tags can potentially be very large. We analyze the proposed scheme and show that it is superior to the well-known key-tree based approach for private authentication both in terms of privacy and efficiency.
On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs
I. Vajda and T. Holczer and L. Buttyán
In Proceedings of the Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS2007), Springer, Cambridge, UK, July 2-3, , 2007.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {István VAJDA and Tamas Holczer and Levente Buttyán},
title = {On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs},
booktitle = {In Proceedings of the Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS2007)},
publisher = {Springer},
address = {Cambridge, UK},
month = {July 2-3, },
year = {2007}
}
Abstract
The promise of vehicular communications is to make road traffic safer and more efficient. However, besides the expected benefits, vehicular communications also introduce some privacy risk by making it easier to track the physical location of vehicles. One approach to solve this problem is that the vehicles use pseudonyms that they change with some frequency. In this paper, we study the effectiveness of this approach.We define a model based on the concept of the mix zone, characterize the tracking strategy of the adversary in this model, and introduce a metric to quantify the level of privacy enjoyed by the vehicles. We also report on the results of an extensive simulation where we used our model to determine the level of privacy achieved in realistic scenarios. In particular, in our simulation, we used a rather complex road map, generated traffic with realistic parameters, and varied the strength of the adversary by varying the number of her monitoring points. Our simulation results provide detailed information about the relationship between the strength of the adversary and the level of privacy achieved by changing pseudonyms.
2006
Optimal Key-Trees for Tree-Based Private Authentication
I. Vajda and T. Holczer and L. Buttyán
In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET), June, 2006, Springer.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {István VAJDA and Tamas Holczer and Levente Buttyán},
title = {Optimal Key-Trees for Tree-Based Private Authentication},
booktitle = {In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET)},
month = {June},
year = {2006},
note = {Springer}
}
Abstract
Key-tree based private authentication has been proposed by Molnar and Wagner as a neat way to efficiently solve the problem of privacy preserving authentication based on symmetric key cryptography. However, in the key-tree based approach, the level of privacy provided by the system to its members may decrease considerably if some members are compromised. In this paper, we analyze this problem, and show that careful design of the tree can help to minimize this loss of privacy. First, we introduce a benchmark metric for measuring the resistance of the system to a single compromised member. This metric is based on the well-known concept of anonymity sets. Then, we show how the parameters of the key-tree should be chosen in order to maximize the system's resistance to single member compromise under some constraints on the authentication delay. In the general case, when any member can be compromised, we give a lower bound on the level of privacy provided by the system. We also present some simulation results that show that this lower bound is quite sharp. The results of this paper can be directly used by system designers to construct optimal key-trees in practice; indeed, we consider this as the main contribution of our work.
Providing Location Privacy in Automated Fare Collection Systems
I. Vajda and T. Holczer and L. Buttyán
In Proceedings of the 15th IST Mobile and Wireless Communication Summit, Mykonos, Greece, June, 2006.
Bibtex
| PDF
@inproceedings {
author = {István VAJDA and Tamas Holczer and Levente Buttyán},
title = {Providing Location Privacy in Automated Fare Collection Systems},
booktitle = {In Proceedings of the 15th IST Mobile and Wireless Communication Summit, Mykonos, Greece},
month = {June},
year = {2006}
}
Abstract
2005
Spontaneous Cooperation in Multi-domain Sensor Networks
P. Schaffer and T. Holczer and L. Buttyán
In Proceedings of the 2nd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS), Springer, Visegrád, Hungary, July, 2005.
Bibtex
| Abstract
| PDF
@inproceedings {
author = {Peter Schaffer and Tamas Holczer and Levente Buttyán},
title = {Spontaneous Cooperation in Multi-domain Sensor Networks},
booktitle = {In Proceedings of the 2nd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS)},
publisher = {Springer},
address = {Visegrád, Hungary},
month = {July},
year = {2005}
}
Abstract
Sensor networks are large scale networks consisting of several nodes and some base stations. The nodes are monitoring the environment and send their measurement data towards the base stations possibly via multiple hops. Since the nodes are often battery powered, an important design criterion for sensor networks is the maximization of their lifetime. In this paper, we consider multi-domain sensor networks, by which we mean a set of sensor networks that co-exist at the same physical location but run by different authorities. In this setting, the lifetime of all networks can be increased if the nodes cooperate and also forward packets originating from foreign domains. There is a risk, however, that a selfish network takes advantage of the cooperativeness of the other networks and exploits them. We study this problem in a game theoretic setting, and show that, in most cases, there is a Nash equilibrium in the system, in which at least one of the strategies is cooperative, even without introducing any external incentives (e.g., payments).
2004
Incentives for Cooperation in Multi-hop Wireless Networks
L. Buttyán and T. Holczer and P. Schaffer
Híradástechnika, vol. LIX, no. 3, March, 2004, pp. 30--34, (in Hungarian).
Bibtex
| Abstract
| PDF
@article {
author = {Levente Buttyán and Tamas Holczer and Peter Schaffer},
title = {Incentives for Cooperation in Multi-hop Wireless Networks},
journal = {Híradástechnika},
volume = {LIX},
number = {3},
month = {March},
year = {2004},
pages = {30--34},
note = {(in Hungarian)}
}
Abstract
Cikkünkben bevezetjük a kooperációra való ösztönzés problémáját, ami tipikus problémaként jelentkezik a többugrásos vezetéknélküli hálózatokban. Röviden áttekintjük a nem-kooperatív viselkedési fajtákat, és a kooperációra ösztönzõ mechanizmusok típusait. Végül összefoglaljuk két általunk javasolt ösztönzõ mechanizmus fõbb elemeit, ötleteit.