Murtuza Jadliwala

Quantifying trust in mobile ad-hoc networks

This paper introduces a trust-domain based security architecture for mobile ad-hoc networks (MANETs). The aim of this architecture is twofold: to use trust as a basis to establish keys between nodes in a MANET, and to utilize trust as a metric for establishing secure distributed control in infrastructure-less MANETs. We define metrics for nodes to establish and manage trust, and use this mutual trust to make decisions on establishing group and pair-wise keys in the network. The impact of mobility of the nodes on trust establishment is considered and further its use as a means of propagating trust through the network is investigated. We introduce the concept of self-organizing trust-based physical-logical domains (PLDs) as a means of grouping nodes for distributed control in the network.

Towards a Theory of Robust Localization Against Malicious Beacon Nodes

Localization in the presence of malicious beacon nodes is an important problem in wireless networks. Although significant progress has been made on this problem, some fundamental theoretical questions still remain unanswered: in the presence of malicious beacon nodes, what are the necessary and sufficient conditions to guarantee a bounded error during 2-dimensional location estimation? Under these necessary and sufficient conditions, what class of localization algorithms can provide that error bound? In this paper, we try to answer these questions. Specifically, we show that, when the number of malicious beacons is greater than or equal to some threshold, there is no localization algorithm that can have a bounded error. Furthermore, when the number of malicious beacons is below that threshold, we identify a class of localization algorithms that can ensure that the localization error is bounded. We also outline two algorithms in this class, one of which is guaranteed to finish in polynomial time (in the number of beacons providing information) in the worst case, while the other is based on a heuristic and is practically efficient. For completeness, we also extend the above results to the 3-dimensional case. Experimental results demonstrate that our solution has very good localization accuracy and computational efficiency.

Secure Distance-Based Localization in the Presence of Cheating Beacon Nodes

Secure distance-based localization in the presence of cheating beacon (or anchor) nodes is an important problem in mobile wireless ad hoc and sensor networks. Despite significant research efforts in this direction, some fundamental questions still remain unaddressed: In the presence of cheating beacon nodes, what are the necessary and sufficient conditions to guarantee a bounded error during a two-dimensional distance-based location estimation? Under these necessary and sufficient conditions, what class of localization algorithms can provide this error bound? In this paper, we attempt to answer these and other related questions by following a careful analytical approach. Specifically, we first show that when the number of cheating beacon nodes is greater than or equal to a given threshold, there do not exist any two-dimensional distance-based localization algorithms that can guarantee a bounded error. Furthermore, when the number of cheating beacons is below this threshold, we identify a class of distance-based localization algorithms that can always guarantee a bounded localization error. Finally, we outline three novel distance-based localization algorithms that belong to this class of bounded error localization algorithms. We verify their accuracy and efficiency by means of extensive simulation experiments using both simple and practical distance estimation error models.

Representation and analysis of coordinated attacks

In this paper, we propose a formal model of coordinated attacks in which several attackers cooperate towards a common malicious goal. The model investigates both attack planning and vulnerability analysis, thereby providing a uniform approach to system and adversary modelling. In addition, the model is general enough to explain both coordinated and single attacks. In the paper, we define the notion of coordinated-attack graph, propose an algorithm for efficient generation of coordinated-attack graphs, demonstrate how coordinated-attack can be used for vulnerability analysis, and discuss an implementation of a coordinated-attack graph. Coordinated-attack graphs can facilitate a wide range of tasks, such as model checking, opponent modelling, intrusion response, sensor configuration, and so forth. In addition, they can be used in robotic warfare, where several intelligent software agents automatically produce and launch coordinated attacks.

Privacy in mobile computing for location-sharing-based services

Location-Sharing-Based Services (LSBS) complement Location-Based Services by using locations from a group of users, and not just individuals, to provide some contextualized service based on the locations in the group. However, there are growing concerns about the misuse of location data by third-parties, which fuels the need for more privacy controls in such services. We address the relevant problem of privacy in LSBSs by providing practical and effective solutions to the privacy problem in one such service, namely the fair rendezvous point (FRVP) determination service. The privacy preserving FRVP (PPFRVP) problem is general enough and nicely captures the computations and privacy requirements in LSBSs. In this paper, we propose two privacy-preserving algorithms for the FRVP problem and analytically evaluate their privacy in both passive and active adversarial scenarios. We study the practical feasibility and performance of the proposed approaches by implementing them on Nokia mobile devices. By means of a targeted user-study, we attempt to gain further understanding of the popularity, the privacy and acceptance of the proposed solutions.

Privacy-Preserving Optimal Meeting Location Determination on Mobile Devices

Equipped with state-of-the-art smartphones and mobile devices, todays highly interconnected urban population is increasingly dependent on these gadgets to organize and plan their daily lives. These applications often rely on current (or preferred) locations of individual users or a group of users to provide the desired service, which jeopardizes their privacy; users do not necessarily want to reveal their current (or preferred) locations to the service provider or to other, possibly untrusted, users. In this paper, we propose privacy-preserving algorithms for determining an optimal meeting location for a group of users. We perform a thorough privacy evaluation by formally quantifying privacy-loss of the proposed approaches. In order to study the performance of our algorithms in a real deployment, we implement and test their execution efficiency on Nokia smartphones. By means of a targeted user-study, we attempt to get an insight into the privacy-awareness of users in location-based services and the usability of the proposed solutions.

(Smart)watch your taps: side-channel keystroke inference attacks using smartwatches

In this paper, we investigate the feasibility of keystroke inference attacks on handheld numeric touchpads by using smartwatch motion sensors as a side-channel. The proposed attack approach employs supervised learning techniques to accurately map the uniqueness in the captured wrist movements to each individual keystroke. Experimental evaluation shows that keystroke inference using smartwatch motion sensors is not only fairly accurate, but also better than similar attacks previously demonstrated using smartphone motion sensors.

On the scalable collection of metering data in smart grids through message concatenation

Advanced Metering Infrastructure (AMI) initiatives are a popular tool to incorporate changes for modernizing the electricity grid, reduce peak loads, and meet energy-efficiency targets. There is the looming issue of how to communicate and handle consumer data collected by electric utilities and manage limited communication network resources. Several data relay points are required to collect data distributedly and send them through a communication backhaul. This work studies the smart meter message concatenation (SMMC) problem of how to concatenate multiple small smart metering messages arriving at data concentrator units (DCUs) in order to reduce protocol overhead and thus network utilization. This problem needs to deal with the added constraint that each originating message from its source may have its own stated deadline that must be taken into account during the concatenation process. Six heuristic algorithms are proposed and evaluated to gain a better understanding of the best data volume reduction policies that can be applied at data concentrators of smart grids.

Detecting malicious groups of agents

In this paper, we study coordinated attacks launched by multiple malicious agents and the problem of detecting malicious groups of attackers. The paper proposes a formal method and an algorithm for detecting action interference between users. It has to be pointed out that some members of a malicious group may not necessarily perform illegal actions, for example, they can prepare and organize an attack without taking active part in the actual attack execution. In addition, members of a malicious group may not necessarily know each other. The method we propose tries to solve these problems by building a coordination graph which includes all users who, in some way or another, cooperate with each other, i.e., the maximal malicious group of cooperating users including not only the executers of the attack but also their assistants. The paper also proposes formal metrics on coordination graphs that help differentiate central from peripheral attackers.

Scalable Meter Data Collection in Smart Grids Through Message Concatenation

Advanced metering infrastructure (AMI) initiatives are a popular tool to incorporate changes for modernizing the electricity grid, reduce peak loads, and meet energy efficiency targets. There is the looming issue of how to communicate and handle consumer data collected by electric utilities and manage limited communication network resources. Several data relay points are required to collect data distributedly and send them through a communication backhaul. This paper studies the smart meter message concatenation (SMMC) problem of how to efficiently concatenate multiple small smart metering messages arriving at data concentrator units in order to reduce protocol overhead and thus network utilization. This problem needs to deal with the added constraint that each originating message from its source may have its own stated deadline that must be taken into account during the concatenation process. This paper provides hardness results for the SMMC problem, and proposes six heuristics and evaluates them to gain a better understanding of the best data volume reduction policies that can be applied at data concentrators of AMI infrastructures. These results are further tested for feasibility under practical settings based on aspects, such as network and processing delays, tightness of application deadlines, and lossy backhaul links.