Heesook Choi

SET: Detecting node clones in sensor networks

Sensor nodes that are deployed in hostile environments are vulnerable to capture and compromise. An adversary may obtain private information from these sensors, clone and intelligently deploy them in the network to launch a variety of insider attacks. This attack process is broadly termed as a clone attack. Currently, the defenses against clone attacks are not only very few, but also suffer from selective interruption of detection and high overhead (computation and memory). In this paper, we propose a new effective and efficient scheme, called SET, to detect such clone attacks. The key idea of SET is to detect clones by computing set operations (intersection and union) of exclusive subsets in the network. First, SET securely forms exclusive unit subsets among one-hop neighbors in the network in a distributed way. This secure subset formation also provides the authentication of nodes’ subset membership. SET then employs a tree structure to compute non-overlapped set operations and integrates interleaved authentication to prevent unauthorized falsification of subset information during forwarding. Randomization is used to further make the exclusive subset and tree formation unpredictable to an adversary. We show the reliability and resilience of SET by analyzing the probability that an adversary may effectively obstruct the set operations. Performance analysis and simulations also demonstrate that the proposed scheme is more efficient than existing schemes from both communication and memory cost standpoints.

Establishing Pair-Wise Keys in Heterogeneous Sensor Networks

Many applications that make use of sensor networks require secure communication. Because asymmetric-key solutions are difficult to implement in such a resource-constrained environment, symmetric-key methods coupled with a priori key distribution schemes have been proposed to achieve the goals of data secrecy and integrity. These approaches typically assume that all sensors are similar in terms of capabilities, and hence deploy the same number of keys in all sensors in a network to provide the aforementioned protections. In this paper we demonstrate that a probabilistic unbalanced distribution of keys throughout the network that leverages the existence of a small percentage of more capable sensor nodes can not only provide an equal level of security but also reduce the consequences of node compromise. We demonstrate the effectiveness of this approach on small networks using a variety of trust models and then demonstrate the application of this method to very large systems. The approach and analysis presented in this paper can be applied to all protocols that use probabilistic keys including those that employ broadcast mechanisms, hash functions or polynomials for the generation of keys.

Efficient Hybrid Security Mechanisms for Heterogeneous Sensor Networks

Many applications that make use of sensor networks require secure communication. Because asymmetric-key solutions are difficult to implement in such a resource-constrained environment, symmetric-key methods coupled with a priori key distribution schemes have been proposed to achieve the goals of data secrecy and integrity. These approaches typically assume that all nodes are similar in terms of capabilities and, hence, deploy the same number of keys in all sensors in a network to provide the aforementioned protections. In this paper, we demonstrate that a probabilistic unbalanced distribution of keys throughout the network that leverages the existence of a small percentage of more capable sensor nodes can not only provide an equal level of security, but also reduce the consequences of node compromise. To fully characterize the effects of the unbalanced key management system, we design, implement, and measure the performance of a complementary suite of key establishment protocols known as LIGER. Using their predeployed keys, nodes operating in isolation from external networks can securely and efficiently establish keys with each other. Should resources such as a backhaul link to a key distribution center (KDC) become available, networks implementing LIGER automatically incorporate and benefit from such facilities. Detailed experiments demonstrate that the unbalanced distribution in combination with the multimodal LIGER suite offers a robust and practical solution to the security needs in sensor networks

ASR: anonymous and secure reporting of traffic forwarding activity in mobile ad hoc networks

Nodes forward data on behalf of each other in mobile ad hoc networks. In a civilian application, nodes are assumed to be selfish and rational, i.e., they pursue their own self-interest. Hence, the ability to accurately measure traffic forwarding is critical to ensure proper network operation. These measurements are also often used to credit nodes based on their level of participation, or to detect loss. Past solutions employ neighbor monitoring and reporting on traffic forwarding of nodes. These methods are not applicable in civilian networks in which neighbor nodes lack the desire or ability to perform the monitoring function. Such environments occur frequently in which neighbor hosts are resource constrained, or in networks where directional antennas are used and reliable eavesdropping is difficult or impossible. In this article, we propose a protocol that uses nodes on the data path to securely produce packet-forwarding reports. Reporting nodes are chosen randomly and secretly so that malicious nodes cannot modify their behavior based upon the monitoring point. The integrity and authenticity of reports are preserved through the use of secure link layer acknowledgments and monitoring reports. The robustness of the reporting mechanism is strengthened by forwarding the report to multiple destinations (source and destination). We explore the security, cost, and accuracy of our protocol.

Secure reporting of traffic forwarding activity in mobile ad hoc networks

Nodes forward data on behalf of each other in mobile ad hoc networks. In a civilian application, nodes are assumed to be selfish and rational, i.e., they pursue their own self-interest. Hence, the ability to accurately measure traffic forwarding is critical to ensure proper network operation. These measurements are often used to credit nodes based on their level of participation, or to detect loss. Past solutions employ neighbor monitoring and reporting on node forwarding traffic. These methods are not applicable in civilian networks where neighbor nodes lack the desire or ability to perform the monitoring function. Such environments occur frequently in which neighbor hosts are resource constrained, or in networks where directional antennas are used and reliable monitoring is difficult or impossible. In this paper, we propose a protocol that uses nodes on the data path to securely produce packet forwarding reports. Reporting nodes are chosen randomly and secretly so that malicious nodes cannot modify their behavior based upon the monitoring point. The integrity and authenticity of reports are preserved through the use of secure link layer acknowledgments and monitoring reports. The robustness of the reporting mechanism is strengthened by forwarding the report to multiple destinations (source and destination). We explore the security, cost, and accuracy of our protocol.

Mobile multi-layered IPsec

To achieve high throughput in wireless networks, smart forwarding and processing of packets in access routers is critical for overcoming the effects of the wireless links. However, these services cannot be provided if data sessions are protected using end-to-end encryption as with IPsec, because the information needed by these algorithms resides inside the portion of the packet that is encrypted, and can therefore not be used by the access routers. A previously proposed protocol, called Multi-layered IPsec (ML-IPsec) modifies IPsec in a way so that certain portions of the datagram may be exposed to intermediate network elements, enabling these elements to provide performance enhancements. In this paper we extend ML-IPsec to deal with mobility and make it suitable for wireless networks. We define and implement an efficient key distribution protocol to enable fast ML-IPsec session initialization, and two mobility protocols that are compatible with Mobile IP and maintain ML-IPsec sessions. Our measurements show that, depending on the mobility protocol chosen, integrated Mobile IP/ML-IPsec handoffs result in a pause of 53–100 milliseconds, of which only 28–75 milliseconds may be attributed to ML-IPsec. Further, we provide detailed discussion and performance measurements of our MML-IPsec implementation. We find the resulting protocol, when coupled with SNOOP, greatly increases throughput over scenarios using standard TCP over IPsec (165% on average). By profiling the MML-IPsec implementation, we determine the bottleneck to be sending packets over the wireless link. In addition, we propose and implement an extension to MML-IPsec, called dynamic MML-IPsec, in which a flow may switch between plaintext, IPsec and MML-IPsec. Using dynamic MML-IPsec, we can balance the tradeoff between performance and security.

User Behavior Modeling in a Cellular Network Using Latent Dirichlet Allocation

Insights into the behavior and preference of mobile device users from their web browsing/application activities are critical components of any successful dynamic content recommendation system, mobile advertisement platform, or web personalization initiative. In this paper we use an unsupervised topic model to understand the interests of the cellular users based upon their browsing profile. We posit that the length of time a user remains on a given website is positively correlated with the user’s interest in the website’s content. We propose an extended model to integrate this duration information efficiently by oversampling the URLs.

Channelization for Network Coding in Wireless Networks

Network coding is increasingly being investigated as an alternative to routing to increase throughput in packet networks. Like most data transfer schemes, the effectiveness of network coding may be limited by extreme congestion. When using network coding, these congested conditions are mitigated somewhat, but may still occur. We propose a selective channelization scheme in which links that experience congestion at a level that cannot be overcome by network coding are given reserved communication resources. This method has the following benefits. First, the algorithm proposed allows network coding full opportunity to overcome congestion before performing channelization, thus reducing the number of reserved resources used. Second, when triggered, the channelization of severely congested links greatly improves the end-to-end performance of flows that traverse the channelized link. To determine the point at which channelization should be triggered, we perform a thorough analysis of potential coding gains in a network facing errors due to collisions, and determine the point at which network coding loses its effectiveness.

Fingerprinting Data Based on Secret Mask

The value of massive data, e.g., customer service logs, is growing. Customer service log records are used to analyze market trends and diagnose service outage or performance degradation. Doing so, the data owner shares the log records with trusted third parties. The party, however, may violate the contract and illegally share with other non-trusted parties. To address this misbehavior, we propose a mask-based watermarking on the customer telecommunication log records. The watermark is added to the original data and later used to discover which party the owner shares the data. We analyze the utility of the watermarked data after applying our algorithm and also demonstrate that our algorithms are resilient against various attacks via risk analysis.