Razvan Rughinis

Fault-Tolerant Flooding Time Synchronization Protocol for Wireless Sensor Networks

Time synchronization is one of the basic middleware services in Wireless Sensor Networks. It is required in various applications such as target tracking, sensor event ordering, sound delay measurements and time-division multiplexing. Fault-tolerance in needed in order to perform correctly in the presence of faulty nodes. We extended Flooding Time Synchronization Protocol to support fault-tolerance in the case of malicious nodes that lie about their global time. The proposed algorithm will detect inconsistent global time and start asking the neighbors about their received global time. After it gathers sufficient information from its neighbors so that it can compute a new time value, it decides if the initially received global time was correct or not. If it was incorrect, the new computed value is stored. Otherwise, it permits the initial global time to be stored on the sensor device.

An efficient privacy-preserving system for monitoring mobile users: making searchable encryption practical

Monitoring location updates from mobile users has important applications in several areas, ranging from public safety and national security to social networks and advertising. However, sensitive information can be derived from movement patterns, so protecting the privacy of mobile users is a major concern. Users may only be willing to disclose their locations when some condition is met, for instance in proximity of a disaster area, or when an event of interest occurs nearby. Currently, such functionality is achieved using searchable encryption. Such cryptographic primitives provide provable guarantees for privacy, and allow decryption only when the location satisfies some predicate. Nevertheless, they rely on expensive pairing-based cryptography (PBC), and direct application to the domain of location updates leads to impractical solutions. We propose secure and efficient techniques for private processing of location updates that complement the use of PBC and lead to significant gains in performance by reducing the amount of required pairing operations. We also implement two optimizations that further improve performance: materialization of results to expensive mathematical operations, and parallelization. Extensive experimental results show that the proposed techniques significantly improve performance compared to the baseline, and reduce the searchable encryption overhead to a level that is practical in a computing environment with reasonable resources, such as the cloud.

Adaptive Security Framework for Wireless Sensor Networks

Wireless Sensor Networks are used in a large number of tracking and monitoring applications. The level of security required by an application depends on the threat level, available resources, and security requirements. In this paper, we present a modular and extensible framework, called Adaptive Security Framework (ASF) that adjusts security to the detected threats, available energy and memory, and application requirements. The framework includes three types of components: the Context modules, the Security Adaptation module, and the Security layer. The security level is modified according to the output of the Context modules, and it is then used to enable the appropriate security primitives available in the Security layer. We evaluate our solution in multiple attack scenarios, we determine its resource consumption and we compare it to other State of the Art solutions. Our framework has the following advantages: it takes into consideration the context, but also allows for manual reconfiguration, it has a global, aggregated view of the context, it provides different authentication and encryption algorithms associated to each security level, it is extensible and modular.

Silicon carbide multilayer protective coating on carbon obtained by thermionic vacuum arc method

Abstract. Thermionic vacuum arc (TVA) method is currently developing, in particular, to work easily with heavy fusible material for the advantage presented by control of directing energy for the elements forming a plasma. The category of heavy fusible material can recall C and W (high-melting point materials), and are difficult to obtain or to control by other means. Carbon is now used in many areas of special mechanical, thermal, and electrical properties. We refer in particular to high-temperature applications where unwanted effects may occur due to oxidation. Changed properties may lead to improper functioning of the item or device. For example, increasing the coefficient of friction may induce additional heat on moving items. One solution is to protect the item in question by coating with proper materials. Silicon carbide (SiC) was chosen mainly due to compatibility with coated carbon substrate. Recently, SiC has been used as conductive transparent window for optical devices, particularly in thin film solar cells. Using the TVA method, SiC coatings were obtained as thin films (multilayer structures), finishing with a thermal treatment up to 1000°C. Structural properties and oxidation behavior of the multilayer films were investigated, and the measurements showed that the third layer acts as a stopping layer for oxygen. Also, the friction coefficient of the protected films is lower relative to unprotected carbon films.

Authentication and Anti-replay Security Protocol for Wireless Sensor Networks

Wireless Sensor Networks are used in domains such as medical monitoring, homeland security, industrial automation and military applications, therefore it is very critical to protect the network against malicious attacks. This paper presents a new security protocol that provides conversation authentication, integrity, intrusion prevention and anti-replay protection. The protocol uses two methods in order to meet these requirements: the last MAC method and an authentication handshake. The protocol has been implemented in TinyOS in two layers of the communication stack: the MAC and Authentication layer. The MAC layer is the implementation of the last MAC method and the Authentication layer generates and verifies the four messages exchanged during the authentication handshake. Authentication and Anti-replay Security Protocol has been tested with TOSSIM in various attack scenarios and has proved that it is able to reject malicious attempts to communicate with the network nodes.

Enhancing performance of searchable encryption in cloud computing

Predicate evaluation on encrypted data is a challenge that modern cryptography is starting to address. The advantages of constructing logical primitives that are able to operate on encrypted data are numerous, such as allowing untrusted parties to take decisions without actually having access to the plaintext. Systems that offer these methods are grouped under the name of searchable encryption systems. One of the challenges that searchable encryption faces today is related to computational and bandwidth costs, because the mathematical operations involved are expensive. Recent algorithms such as Hidden Vector Encryption exhibit improved efficiency, but for large scale systems the optimizations are often not enough. Many problems that can be solved using searchable encryption are embarrassingly parallel. Using a prototype, we show that parallel solutions offer sufficient cost reduction so that large scale applications become feasible.

A privacy-preserving location-based alert system

Monitoring user location updates has important applications in public safety, national security, etc. However, sensitive information can be derived from movement patterns, so user locations must be disclosed only when some condition is met, for instance in proximity of a disaster area. Searchable encryption techniques provide provable guarantees for privacy, and allow decryption only when the location satisfies some predicate. Nevertheless, they rely on expensive pairing-based cryptography, and direct application to location updates leads to impractical solutions. We propose an efficient technique that leads to significant gains in performance by reducing the amount of pairing operations. We also implement an optimization that reuses results to expensive mathematical operations. Experimental results show that the proposed techniques significantly improve performance compared to the baseline.

Attack Evaluation and Mitigation Framework

This paper proposes an implementation of an intrusion detection and prevention system in a Linux environment, with an extensive database of attack signatures, but also with a flexible interface for defining new signatures. The project relies on the analysis of current requirements and challenges in network security, leading to an evaluation of existing detection and network attack mitigation techniques. Attack evaluation and mitigation framework has a modular design, with multiple configuration options and availability during configuration. For increased accessibility, the solution provides a graphical interface available through a web browser, and a command line interface for the network administrator.

Big Data, Old Users, Personal Worlds: A Survey of Challenges and Resistance to Big Data Analytics in the EU

Organizations make extensive use of Big Data to classify and profile users, in order to effectively personalize their online messages. Big Data is also increasingly relied on as a photograph of society, creating expectations of an increasingly more accurate predictive science. Yet, there are systemic challenges in using Big Data as a comprehensive source of information, and there is also public resistance. We analyze Eurobarometer survey data from April 2016 to identify actual socio-demographical limitations of online traces, charting public awareness and attitudes towards the use of online information for content personalization across the European Union.

Computer-supported collaborative accounts of major depression: Digital rhetoric on Quora and Wikipedia

We analyze digital rhetoric in two computer-supported collaborative settings of writing and learning, focusing on major depression: Wikipedia and Quora. We examine the procedural rhetoric of access to and interaction with information, and the textual rhetoric of individual and aggregated entries. Through their different organization of authorship, publication and reading, the two settings create divergent accounts of depression. Key points of difference include: focus on symptoms and causes vs. experiences and advice, use of lists vs. metaphors and narratives, a/temporal structure, and personal and relational knowledge.