Ta Vinh Thong

Secure vehicular communication systems: implementation, performance, and research challenges

Vehicular communication systems are on the verge of practical deployment. Nonetheless, their security and privacy protection is one of the problems that have been addressed only recently. In order to show the feasibility of secure VC, certain implementations are required. we discuss the design of a VC security system that has emerged as a result of the European SeVe-Com project. In this second article we discuss various issues related to the implementation and deployment aspects of secure VC systems. Moreover, we provide an outlook on open security research issues that will arise as VC systems develop from todays simple prototypes to full-fledged systems.

Formal verification of secure ad-hoc network routing protocols using deductive model-checking

Ad-hoc networks do not rely on a pre-installed infrastructure, but they are formed by end-user devices in a self-organized manner. A consequence of this principle is that end-user devices must also perform routing functions. However, end-user devices can easily be compromised, and they may not follow the routing protocol faithfully. Such compromised and misbehaving nodes can disrupt routing, and hence, disable the operation of the network. In order to cope with this problem, several secured routing protocols have been proposed for ad-hoc networks. However, many of them have design flaws that still make them vulnerable to attacks mounted by compromised nodes. In this paper, we propose a formal verification method for secure ad-hoc network routing protocols that helps increasing the confidence in a protocol by providing an analysis framework that is more systematic, and hence, less error-prone than the informal analysis. Our approach is based on a new process calculus that we specifically developed for secure ad-hoc network routing protocols and a deductive proof technique. The novelty of this approach is that contrary to prior attempts to formal verification of secure ad-hoc network routing protocols, our verification method can be made fully automated.

SDTP+: Securing a distributed transport protocol for WSNs using Merkle trees and Hash chains

Transport protocols for Wireless Sensor Networks (WSNs) are designed to fulfill both reliability and energy efficiency requirements. Distributed Transport for Sensor Networks (DTSN) [1] is one of the most promising transport protocols designed for WSNs because of its effectiveness; however, it does not address any security issues, hence it is vulnerable to many attacks. The first secure transport protocol for WSN was the secure distributed transport protocol (SDTP) [2], which is a security extension of DTSN. Unfortunately, it turns out that the security methods provided by SDTP are not sufficient; some tricky attacks get around the protection mechanism. In this paper, we describe the security gaps in the SDTP protocol, and we introduce SDTP+ for patching the weaknesses. We show that SDTP+ resists attacks on reliability and energy efficiency of the protocol, and also present an overhead analysis for showing its effectiveness.

On automating the verification of secure ad-hoc network routing protocols

Ad-hoc networks do not rely on a pre-installed infrastructure, but they are formed by end-user devices in a self-organized manner. A consequence of this principle is that end-user devices must also perform routing functions. However, end-user devices can easily be compromised, and they may not follow the routing protocol faithfully. Such compromised and misbehaving nodes can disrupt routing, and hence, disable the operation of the network. In order to cope with this problem, several secured routing protocols have been proposed for ad-hoc networks. However, many of them have design flaws that still make them vulnerable to attacks mounted by compromised nodes. In this paper, we propose a fully automatic verification method for secure ad-hoc network routing protocols that helps increasing the confidence in a protocol by providing an analysis framework that is more systematic, and hence, less error-prone than the informal analysis. Our method is based on a deductive proof technique and a backward reachability approach. The main novelty of this approach compared to the prior works is that beside providing expressive semantics and syntax for modelling and specifying secure routing protocols, it assumes an arbitrary topology, and a strong attacker model.

Query Auditing for Protecting Max/Min Values of Sensitive Attributes in Statistical Databases

In this paper, we define a novel setting for query auditing, where instead of detecting or preventing the disclosure of individual sensitive values, we want to detect or prevent the disclosure of aggregate values in the database. More specifically, we study the problem of detecting or preventing the disclosure of the maximum (minimum) value in the database, when the querier is allowed to issue average queries to the database. We propose efficient off-line and on-line query auditors for this problem in the full disclosure model, and an efficient simulatable on-line query auditor in the partial disclosure model.