Eve M. Schooler

Toward content-centric privacy in ICN: attribute-based encryption and routing

We design a content-centric privacy scheme for Information-Centric Networking (ICN). We enhance ICNs ability to support data confidentiality by introducing attribute-based encryption into ICN and making it specific to the data attributes. Our approach is unusual in that it preserves ICNs goal to decouple publishers and subscribers for greater data accessibility, scalable multiparty communication and efficient data distribution. Inspired by application-layer publish-subscribe, we enable fine-grained access control with more expressive policies. Moreover, we propose an attribute-based routing scheme that offers interest confidentiality. A prototype system is implemented based on CCNx, a popular open source version of ICN, to showcase privacy preservation in Smart Neighborhood and Smart City applications.

Performance evaluation of Attribute-Based Encryption: Toward data privacy in the IoT

With the ever increasing number of connected devices and the over abundance of data generated by these devices, data privacy has become a critical concern in the Internet of Things (IoT). One promising privacy-preservation approach is Attribute-Based Encryption (ABE), a public key encryption scheme that enables fine-grained access control, scalable key management and flexible data distribution. This paper presents an in-depth performance evaluation of ABE that focuses on execution time, data and network overhead, energy consumption, and CPU and memory usage. We evaluate two major types of ABE, Key-Policy Attribute-Based Encryption (KP-ABE) and Ciphertext-Policy Attribute-Based Encryption (CP-ABE), on different classes of mobile devices including a laptop and a smartphone. To the best of our knowledge, this is the first comprehensive study of ABE dedicated solely to its performance. Our results provide insights into important practical issues of ABE, including what computing resources ABE requires in heterogeneous environments, at what cost ABE offers benefits, and under what situations ABE is best suited for use in the IoT.

A distributed host-based worm detection system

We present a method for detecting large-scale worm attacks using only end-host detectors. These detectors propagate and aggregate alerts to cooperating partners to detect large-scale distributed attacks in progress. The properties of the host-based detectors may in fact be relatively poor in isolation but when taken collectively result in a high-quality distributed worm detector. We implement a cooperative alert sharing protocol coupled with distributed sequential hypothesis testing to generate global alarms about distributed attacks. We evaluate the systems response in the presence of a variety of false alarm conditions and in the presence of an Internet worm attack. Our evaluation is conducted with agents on the Emulab and DETER emulated testbeds using real operating systems and computing platforms.

iHEMS: An information-centric approach to secure home energy management

Motivated by the “clean-slate” opportunity of the evolving Smart Grid, we propose an Information Centric Networking (ICN) approach for the home communications fabric and create an ICN-based secure publish-subscribe system to support home energy management. We design a secure group communication protocol with efficient key management specifically embedded in ICN for home data privacy. To validate the approach, we enhance an open-source ICN implementation and build a proof-of-concept Smart Home testbed.

Guest Editors' Introduction: Smart Energy Systems

The authors suggest that smart energy management will be an important application area for pervasive computing, as the pressing societal need for a solution is clear and there is a close fit with technologies and approaches being developed under the pervasive rubric. They present five full papers, including a comprehensive survey spanning four decades of smart energy research, recent results from a UK study of home-deployed smart energy systems that involved both persuasive media and diverse energy-consumption sensing, nonintrusive load identification and estimation, and minimally intrusive load shedding. A short Spotlight article highlights the need to systematically integrate human management into the complex control schemes that these smart grid schemes will enable.

The cubicle vs. the coffee shop: behavioral modes in enterprise end-users

Traditionally, user traffic profiling is performed by analyzing traffic traces collected on behalf of the user at aggregation points located in the middle of the network. However, the modern enterprise network has a highly mobile population that frequently moves in and out of its physical perimeter. Thus an in-the-network monitor is unlikely to capture full user activity traces when users move outside the enterprise perimeter. The distinct environments, such as the cubicle and the coffee shop (among others), that users visit, may each pose different constraints and lead to varied behavioral modes. It is thus important to ask: is the profile of a user constructed in one environment representative of the same user in another environment? In this paper, we answer in the negative for the mobile population of an enterprise. Using real corporate traces collected at nearly 400 end-hosts for approximately 5 weeks, we study how end-host usage differs across three environments: inside the enterprise, outside the enterprise but using a VPN, and entirely outside the enterprise network. Within these environments, we examine three types of features: (i) environment lifetimes, (ii) relative usage statistics of network services, and (iii) outlier detection thresholds as used for anomaly detection. We find significant diversity in end-host behavior across environments for many features, thus indicating that profiles computed for a user in one environment yield inaccurate representations of the same user in a different environment.

A Network-Aware Distributed Membership Protocol for Collaborative Defense

To counteract current trends in network malware, distributed solutions have been developed that harness the power of collaborative end-host sensors. While these systems greatly increase the ability to defend against attack, this comes at the cost of complexity due to the coordination of distributed hosts across the dynamic network. Many previous solutions for distributed membership maintenance are agnostic to network conditions and have high overhead, making them less than ideal in the dynamic enterprise environment. In this work, we propose a network-aware, distributed membership protocol, CLUSTER, which improves the performance of the overlay system by biasing neighbor selection towards beneficial nodes based on multiple system metrics and network social patterns (of devices and their users). We provide an extensible method for aggregating and comparing multiple, possibly unrelated metrics. We demonstrate the effectiveness and utility of our protocol through simulation using real-world data and topologies. As part of our results, we highlight our analysis of node churn statistics, offering a new distribution to accurately model enterprise churn.

Collaborative defence as a pervasive service: architectural insights and validation methodologies of a trial deployment

Network defence is an elusive art. The arsenal to defend our devices and networks from attack is constantly lagging behind the latest methods used by attackers to break into them. To counteract this trend, we developed a distributed approach comprised of collaborative end-host detectors. Simulations reveal dramatic improvements over stand-alone detectors in accuracy (fewer false alarms) and in quality (the ability to capture otherwise undetected stealthy anomalies). Although these results derive from botnet detection in enterprise networks, they have broader applicability to the self-manageability of pervasive computing devices. To test this claim, Intel Corporation partnered with British Telecommunications plc to launch a trial deployment. In this paper, we report on architectural insights and validation methodologies gleaned from the development of a testbed infrastructure and phased experiments. Finally, we propose Collaborative Defence as a blueprint for emergent collaborative systems and its measurement-everywhere approach as the adaptive underpinnings needed for pervasive services.

An Architectural Vision for a Data-Centric IoT: Rethinking Things, Trust and Clouds

The Internet of Things (IoT) is producing a tidal wave of data, much of it originating at the network edge, from applications with requirements unmet by the traditional back-end Cloud architecture. To address the disruption caused by the overabundance of data, this paper offers a holistic data-centric architectural vision for the data-centric IoT. It advocates that we rethink our approach to the design and definition of key elements: that we shift our focus from Things to Smart Objects; grow Trust organically; and evolve back-end Clouds toward Edge and Fog clouds, which leverage data-centric networks and enable optimal handling of upstream data flows. Along the way, we wax poetic about several blue-sky topics, assess the status of these elements in the context of related work, and identify known gaps in meeting this vision.

Collaborative defense as a pervasive service Architectural insights and validation methodologies of a trial deployment

Network defense is an elusive art. The arsenal to defend our devices from attack is constantly lagging behind the latest methods used by attackers to break into them and subsequently into our networks. To counteract this trend, we developed a distributed, scalable approach that harnesses the power of collaborative end-host detectors or sensors. Simulation results reveal order of magnitude improvements over stand-alone detectors in the accuracy of detection (fewer false alarms) and in the quality of detection (the ability to capture stealthy anomalies that would otherwise go undetected). Although these results arise out of a proof of concept in the arena of botnet detection in an Enterprise network, they have broader applicability to the area of network self-manageability of pervasive computing devices. To test the efficacy of these ideas further, Intel Corporation partnered with British Telecommunications plc to launch a trial deployment. In this paper, we report on results and insights gleaned from the development of a testbed infrastructure and phased experiments; (1) the design of a re-usable measurement-inference architecture into which 3rd party sensor developers can integrate a wide variety of “anomaly detection” algorithms to derive the same correlation-related performance benefits; (2) the development of a series of validation methodologies necessitated by the lack of mature tools and approaches to attest to the security of distributed networked systems; (3) the critical role of learning and adaptation algorithms to calibrate a fully-distributed architecture of varied devices in varied contexts, and (4) the utility of large-scale data collections to assess whats normal behavior for Enterprise end-host background traffic as well as malware command-and-control protocols. Finally, we propose Collaborative Defense as a blueprint for emergent collaborative systems and its measurement-everywhere approach as the adaptive underpinnings needed for pervasive services.