Pandurang Kamat

Enhancing Source-Location Privacy in Sensor Network Routing

One of the most notable challenges threatening the successful deployment of sensor systems is privacy. Although many privacy-related issues can be addressed by security mechanisms, one sensor network privacy issue that cannot be adequately addressed by network security is source-location privacy. Adversaries may use RF localization techniques to perform hop-by-hop traceback to the source sensors location. This paper provides a formal model for the source-location privacy problem in sensor networks and examines the privacy characteristics of different sensor routing protocols. We examine two popular classes of routing protocols: the class of flooding protocols, and the class of routing protocols involving only a single path from the source to the sink. While investigating the privacy performance of routing protocols, we considered the tradeoffs between location-privacy and energy consumption. We found that most of the current protocols cannot provide efficient source-location privacy while maintaining desirable system performance. In order to provide efficient and private sensor communications, we devised new techniques to enhance source-location privacy that augment these routing protocols. One of our strategies, a technique we have called phantom routing, has proven flexible and capable of protecting the sources location, while not incurring a noticeable increase in energy overhead. Further, we examined the effect of source mobility on location privacy. We showed that, even with the natural privacy amplification resulting from source mobility, our phantom routing techniques yield improved source-location privacy relative to other routing methods

An identity-based security framework For VANETs

We present a security framework for Vehicular Ad hoc Networks (VANETs), using identity-based cryptography, to provide authentication, confidentiality, non-repudiation and message integrity. Additionally it provides scalable security and privacy using short-lived, authenticated and unforgeable, pseudonyms. This feature can be used by VANET applications that require quantifiable trust and privacy to provide differentiated service based on various levels of trust and privacy thresholds.

Lurking in the Shadows: Identifying Systemic Threats to Kernel Data

The integrity of kernel code and data is fundamental to the integrity of the computer system. Tampering with the kernel data is an attractive venue for rootkit writers since malicious modifications in the kernel are harder to identify compared to their user-level counterparts. So far however, the pattern followed for tampering is limited to hiding malicious objects in user-space. This involves manipulating a subset of kernel data structures that are related to intercepting user requests or affecting the users view of the system. Hence, defense techniques are built around detecting such hiding behavior. The contribution of this paper is to demonstrate a new class of stealthy attacks that only exist in kernel space and do not employ any hiding techniques traditionally used by rootkits. These attacks are stealthy because the damage done to the system is not apparent to the user or intrusion detection systems installed on the system and are symbolic of a more systemic problem present throughout the kernel. Our goal in building these attack prototypes was to show that such attacks are not only realistic, but worse; they cannot be detected by the current generation of kernel integrity monitors, without prior knowledge of the attack signature.

ORBIT Measurements framework and library (OML): motivations, implementation and features

In this paper we present ORBIT measurement framework and library (OML), which is a distributed software framework enabling real-time collection of data in a large distributed environment. The success of a multiuser distributed testbed facility depends largely on the ease of use, remote access as well as on the ease of collecting useful measurements from experimental runs. OML provides a flexible and dynamic way in which data is collected and made available for realtime access to the experimenters. Application programmers can use simple interfaces provided to transfer measurements and other performance data to a central repository. This paper focuses on the motivation, requirements, design, implementation and real world usage of OML that is designed to provide a scalable, controllable and easy to use mechanism for experimenters to collect useful results from the experiments conducted on the ORBIT testbed.

Temporal privacy in wireless sensor networks: Theory and practice

Although the content of sensor messages describing “events of interest” may be encrypted to provide confidentiality, the context surrounding these events may also be sensitive and therefore should be protected from eavesdroppers. An adversary armed with knowledge of the network deployment, routing algorithms, and the base-station (data sink) location can infer the temporal patterns of interesting events by merely monitoring the arrival of packets at the sink, thereby allowing the adversary to remotely track the spatio-temporal evolution of a sensed event. In this paper we introduce the problem of temporal privacy for delay-tolerant sensor networks, and propose adaptive buffering at intermediate nodes on the source-sink routing path to obfuscate temporal information from the adversary. We first present the effect of buffering on temporal privacy using an information-theoretic formulation, and then examine the effect that delaying packets has on buffer occupancy. We observe that temporal privacy and efficient buffer utilization are contrary objectives, and then present an adaptive buffering strategy that effectively manages these tradeoffs. Finally, we evaluate our privacy enhancement strategies using simulations, where privacy is quantified in terms of the adversarys mean square error.

Secure, pseudonymous, and auditable communication in vehicular ad hoc networks

Vehicular ad hoc networks (VANETs) represent a promising new communication technology that can facilitate many new forms of automotive applications. Many of the applications that will run on these networks will require a high degree of security and privacy. In this paper, we present a robust and efficient security framework for vehicular networks suited for both inter-vehicular and vehicle-to-infrastructure communication. Our system uses identity-based cryptography (IBC) to provide authentication, confidentiality, non-repudiation, and message integrity. It exploits the implicit authentication provided by IBC to significantly reduce the security/privacy-related communication overhead. Additionally, it provides scalable, user-customizable security and privacy using short-lived, authenticated, and unforgeable, pseudonyms. This feature can be used by VANET applications that require quantifiable trust and privacy to provide differentiated service based on various levels of trust and privacy thresholds. Copyright

Privacy in emerging wireless networks

Ad hoc wireless networks have emerged as a solution to providing ubiquitous, on-demand connectivity without the need for significant infrastructure deployment. In this thesis we address the privacy problems in two types of emerging wireless ad hoc networks, namely sensor and vehicular networks. Although the content of sensor messages describing “events of interest” may be encrypted to provide confidentiality, the context surrounding these events may also be sensitive and therefore should be protected from eavesdroppers. The source-location privacy problem occurs in sensor networks when adversaries use RF localization techniques to perform hop-by-hop traceback of messages to the source sensor’s location. Our work provides a formal model for this problem and examines the privacy characteristics of different sensor routing protocols. In order to provide efficient and private sensor communications, we devise new techniques to enhance source-location privacy that augment these routing protocols. Similarly, an adversary armed with knowledge of the network deployment, routing algorithms, and the data sink location can infer the temporal patterns and track the spatio-temporal evolution of a sensed event, by monitoring the packet arrivals at the sink. We introduce the temporal privacy problem for delay-tolerant sensor networks, provide an information theoretic formulation and propose adaptive buffering to obfuscate temporal information from the adversary. Sensor networks are also characterized by distinctive traffic patterns, wherein traffic mostly exists when events of interests occur. Due to the direct correlation between the type of event and size of data generated by it, an adversary observing a traffic burst can infer information about the type of event simply from the observed message size. We formulate this traffic privacy problem in terms of information entropy, present a quantifiable means to measure traffic privacy and propose solutions to enhance it. Vehicular ad hoc networks represent a promising new communication paradigm that can facilitate many new forms of automotive applications. We present a robust and efficient security and privacy framework, for such networks, that uses identity-based cryptography. We show that our framework provides authentication, confidentiality, non-repudiation and message-integrity. Further, it supports scalable, user-customizable privacy through short-lived, unforgeable, pseudonyms.