Sherif El-Kassas

A Survey on Trust and Reputation Schemes in Ad Hoc Networks

The dynamic and cooperative nature of ad hoc networks present substantial challenges in securing these networks. There is a natural incentive for nodes to only consume, but not contribute to the services of the system. Intentional misbehavior can aim at an advantage for the misbehaving node or just constitute vandalism, such as enabling a malicious node to mount an attack or a selfish node to save power. The use of reputation systems in many different areas of IT is increasing because of their widely publicized use in online auctions and product reviews. Reputation systems are used to decide who to trust, and to encourage trustworthy behavior. In this paper we introduce the concept, goals, features and architecture of reputation systems and survey the reputation and trust based security schemes that were proposed for ad hoc networks. Finally we conclude this paper.

Securing the AODV protocol using specification-based intrusion detection

This paper presents an implementation of an Intrusion Detection System (IDS) aiming to secure the AODV protocol designed for MANET. The IDS is designed as multiple static agents that run on a subset of the nodes in the network and executes a monitoring protocol that observes the process of route establishment. The monitoring protocol uses specification based intrusion detection to identify misuses to the routing messages. The IDS design is a correlation of previous work done in the field of MANET security. The IDS is implemented using ns-2 simulator and its ability to detect attacks was tested using previously devised attack scripts. Detailed specification for the runtime behavior of the AODV protocol was derived in the process of implementation

A Rigorous Methodology for Security Architecture Modeling and Verification

This paper introduces a rigorous methodology for utilizing threat modeling in building secure software architectures using SAM (Software Architecture Modeling framework) and verifying them formally using Symbolic Model Checking. Security mitigations are expressed as constraints over a high-level SAM model and are used to refine it into a secure constrained model. We also, propose a translation from SAM Secure models into the SMV model checker where the threats and the elicited security properties from the threat modeling process are used as inputs to the verification phase as well. This method is developed with the aim of bridging the gap between informal security requirements and their formal representation and verification.

Nedgty: Web services firewall

This paper describes the research conducted to develop Nedgty, the open source Web services firewall. Nedgty secures Web services by applying business specific rules in a centralized manner. It has the ability to secure Web services against denial of service, buffer overflow, and XML denial of service attacks; as well as having an authorization mechanism.

Immuning Routing Protocols from the Wormhole Attack in Wireless Ad Hoc Networks

Ad hoc networks can be rapidly deployed and reconfigured. Hence, they are very appealing as they can be tailored to lots of applications. Due to their features they are vulnerable to attacks. A particularly severe security attack, called the wormhole attack, has been introduced in the context of ad-hoc networks. During the attack a malicious node captures packets from one location in the network, and tunnels them to another malicious node at a distant point, which replays them locally. In this paper, we propose a scheme for the wormhole attack prevention in ad hoc networks. The scheme relies on the idea that usually the wormhole nodes participate in the routing in a repeated way as they attract most of the traffic. Therefore, each node will be assigned a cost depending in its participation in routing. The cost function is chosen to be exponential in powers of two such that to rapidly increase the cost of already used nodes. Besides preventing the network from the wormhole attack, the scheme provides a load balance among nodes to avoid exhausting nodes that are always cooperative in routing. In addition, a better network performance has been achieved in terms of traffic

Goal-Oriented, B-Based Formal Derivation of Security Design Specifications from Security Requirements

This paper proposes a requirements-driven security engineering approach for modeling, specifying, and analyzing application-specific security requirements that are formally derived into security design specifications preserving security requirements properties. The approach adopts and non-trivially extends the goal-oriented KAOS (Knowledge Acquisition in automated Specifications) framework developed by Lamsweerde to formally construct a complete, consistent, and clear security requirements model. The resulting model is then extended using the B method to produce security design specifications and further implementation while preserving requirements properties. In our approach, we firstly transform the KAOS requirements model to an abstract B model and secondly, we refine the model using B refinement mechanism to generate design specifications and implementation. This unique treatment of secure software engineering is systematic, constructive and considers security early in the development lifecycle while ensuring no loss of the security requirements properties of completeness, consistency and clarity at later development phases. Moreover, our approach allows for requirement traceability at the various phases of development.

Certification and Revocation Schemes in Ad Hoc Networks Survey and Challenges

Ad hoc networks have many features that make them attractive for the use in many applications. However, there are many unsolved problems in ad hoc networks; securing the network being one of the major concerns. The dynamic and cooperative nature of ad hoc networks present substantial challenges in securing these networks. In this paper, we focus on the role of Certification Authorities (CAs) in securing ad hoc networks communication. We introduce the concept of certification authorities and their selection, we survey and classify the certification schemes and give a brief overview on the revocation schemes. We conclude and end this paper by discussing some challenges and research issues in the certification and revocation in ad hoc networks.

A rigorous methodology for security architecture modeling and verification

This paper introduces a rigorous methodology for utilizing threat modeling in building secure software architectures using SAM (Software Architecture Modeling framework) and verifying them formally using Symbolic Model Checking. Security mitigations are expressed as constraints over a high-level SAM model and are used to refine it into a secure constrained model. We also, propose a translation from SAM Secure models into the SMV model checker where the threats and the elicited security properties from the threat modeling process are used as inputs to the verification phase as well. This method is developed with the aim of bridging the gap between informal security requirements and their formal representation and verification.

Integrating Formal Analysis and Design to Preserve Security Properties

The use of formal methods has long been advocated in the development of secure systems. Yet, methods for deriving design from requirements that guarantee retention of the intended security properties remain largely unrealized on a repeatable and consistent basis. We present the FADES (Formal Analysis and Design approach for Engineering Security) that integrates KAOS (Knowledge Acquisition in autOmated Specifications) with the B specification language to derive security design specifications and further implementation from security requirements. We demonstrate the capability of the approach to handle changes to security requirements by introducing corrective changes to the security requirements of a case study, the spy network system. The objective is to bridge the gap between formal requirements and design for security requirements. Our initial results show promise with FADES in preserving security properties and detecting security vulnerabilities early during requirements. Encouraged by these, we are more quantitatively assessing the FADES capabilities.

Threshold Cryptography and Authentication in Ad Hoc Networks Survey and Challenges

The dynamic and cooperative nature of ad hoc networks present challenges in securing these networks. There are recent research efforts in securing ad hoc networks. Amongst security approaches, there are threshold cryptography and authentication. In this paper we survey the threshold cryptography based schemes and the authentication schemes that have been proposed to secure ad hoc networks. We conclude this paper and identify the challenges and open research areas associated with each of these approaches.