Tassos Dimitriou

A Lightweight RFID Protocol to protect against Traceability and Cloning attacks

RFID identification is a new technology that will become ubiquitous as RFID tags will be applied to every-day items in order to yield great productivity gains or “smart” applications for users. However, this pervasive use of RFID tags opens up the possibility for various attacks violating user privacy. In this work we present an RFID authentication protocol that enforces user privacy and protects against tag cloning. We designed our protocol with both tag-to-reader and reader-to-tag authentication in mind; unless both types of authentication are applied, any protocol can be shown to be prone to either cloning or privacy attacks. Our scheme is based on the use of a secret shared between tag and database that is refreshed to avoid tag tracing. However, this is done in such a way so that efficiency of identification is not sacrificed. Additionally, our protocol is very simple and it can be implemented easily with the use of standard cryptographic hash functions. In analyzing our protocol, we identify several attacks that can be applied to RFID protocols and we demonstrate the security of our scheme. Furthermore, we show how forward privacy is guaranteed; messages seen today will still be valid in the future, even after the tag has been compromised.

Intrusion detection of sinkhole attacks in wireless sensor networks

In this paper, we present an Intrusion Detection System designed for wireless sensor networks and show how it can be configured to detect Sinkhole attacks. A Sinkhole attack forms a serious threat to sensor networks. We study in depth this attack by presenting how it can be launched in realistic networks that use the MintRoute protocol of TinyOS. MintRoute is the most widely used routing protocol in sensor network deployments, using the link quality metric to build the corresponding routing tree. Having implemented this attack in TinyOS, we embed the appropriate rules in our IDS system that will enable it to detect successfully the intruder node. We demonstrate this in our own sensor network deployment and we also present simulation results to confirm the effectiveness and accuracy of the algorithm in the general case of random topologies.

LIDeA: a distributed lightweight intrusion detection architecture for sensor networks

Wireless sensor networks are vulnerable to adversaries as they are frequently deployed in open and unattended environments. Preventive mechanisms can be applied to protect them from an assortment of attacks. However, more sophisticated methods, like intrusion detection systems, are needed to achieve a more autonomic and complete defense mechanism, even against attacks that have not been anticipated in advance. In this paper, we present a lightweight intrusion detection system, called LIDeA, designed for wireless sensor networks. LIDeA is based on a distributed architecture, in which nodes overhear their neighboring nodes and collaborate with each other in order to successfully detect an intrusion. We show how such a system can be implemented in TinyOS, which components and interfaces are needed, and what is the resulting overhead imposed.

Cooperative Intrusion Detection in Wireless Sensor Networks

We consider the problem of cooperative intrusion detection in wireless sensor networks where the nodes are equipped with local detector modules and have to identify the intruder in a distributed fashion. The detector modules issue suspicions about an intrusion in the sensors neighborhood. We formally define the problem of intrusion detection and identify necessary and sufficient conditions for its solvability. Based on these conditions we develop a generic algorithm for intrusion detection and present simulations and experiments which show the effectiveness of our approach.

Location privacy in urban sensing networks: research challenges and directions [Security and Privacy in Emerging Wireless Networks]

During the last few years there has been an increasing number of people-centric sensing projects. These combine location information with sensors available on mobile phones, giving birth to a different dimension in sensing our environment and providing us with new opportunities to create collective intelligence systems to address urban-scale problems such as air pollution, noise, and traffic. However, as people are directly involved in the collection process, they often inadvertently reveal information about themselves, raising new and important privacy concerns. While standard privacy enhancing technologies exist, they do not fully cover the many peculiarities of these new pervasive applications. The ubiquitous nature of the communication and the storage of location traces compose a complex set of threats on privacy, which we overview in this article. Then we go through the latest advances in security and privacy protection strategies, and discuss how they fit with this new paradigm of people-centric sensing applications. We hope this work will better highlight the need for privacy in urban sensing applications and spawn further research in this area.

SuperTrust: a secure and efficient framework for handling trust in super-peer networks

In this paper, we describe SuperTrust, a novel and efficient framework designed to handle trust relationships in Super-peer networks. What distinguishes SuperTrust from other works is that trust reports remain encrypted and are never opened during the submission or aggregation processes, thus guaranteeing privacy, anonymity, fairness, persistence and eligibility of transactions.

Efficient Delivery of Information in Sensor Networks Using Smart Antennas

In this work we present a new routing protocol for sensor networks that utilizes smart antennas to propagate information about a sensed event towards a receiving center. Our protocol is suited for those cases where unexpected changes to the environment must be propagated quickly back to the base station without the use of complicated protocols that may deplete the network from its resources. The novelty of our approach lies in the fact that our protocol uses only local information and total absence of coordination between sensors; during a simple initialization phase each node uses the beam that lies towards the direction of the base station to transmit data and the beam lying on the opposite side of the plane to receive data. We provide detailed experimental analysis that demonstrates the feasibility of this approach, the necessity of using smart antennas in sensor networks and the advantages that are presented to communications due to their use. In particular, we demonstrate that sensed data are propagated by activating only the sensors that lie very close to the optimal path between the source of the event and the destination, resulting in low activation of the network’s sensors. Furthermore, our protocol is very easy to implement and more importantly it is scalable as it remains independent of network size.

Protecting biometric templates with image watermarking techniques

Biometric templates are subject to modifications for identity fraud especially when they are stored in databases. In this paper, a new approach to protecting biometric templates with image watermarking techniques is proposed. The novelty of this approach is that we have combined lattice and block-wise image watermarking techniques to maintain image quality along with cryptographic techniques to embed fingerprint templates into facial images and vice-versa. Thus, protecting them from being modified.

A probabilistic algorithm for efficient and robust data propagation in wireless sensor networks

Abstract We study the problem of data propagation in sensor networks, comprised of a large number of very small and low-cost nodes, capable of sensing, communicating and computing. The distributed co-operation of such nodes may lead to the accomplishment of large sensing tasks, having useful applications in practice. We present a new protocol for data propagation towards a control center (“sink”) that avoids flooding by probabilistically favoring certain (“close to optimal”) data transmissions. Motivated by certain applications (see [I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, E. Cayirci, Wireless sensor networks: a survey, Journal of Computer Networks 38 (2002) 393–422], [C. Intanagonwiwat, R. Govindan, D. Estrin, Directed diffusion: a scalable and robust communication paradigm for sensor networks, in: 6th ACM/IEEE Annual International Conference on Mobile Computing (MOBICOM 2000), 2000, pp. 56–67]) and also as a starting point for a rigorous analysis, we study here lattice-shaped sensor networks. We however show that this lattice shape emerges even in randomly deployed sensor networks of sufficient sensor density. Our work is inspired and builds upon the directed diffusion paradigm of [C. Intanagonwiwat, R. Govindan, D. Estrin, Directed diffusion: a scalable and robust communication paradigm for sensor networks, in: 6th ACM/IEEE Annual International Conference on Mobile Computing (MOBICOM 2000), 2000, pp. 56–67]. This protocol is very simple to implement in sensor devices, uses only local information and operates under total absence of co-ordination between sensors. We consider a network model of randomly deployed sensors of sufficient density. As shown by a geometry analysis, the protocol is correct , since it always propagates data to the sink, under ideal network conditions (no failures). Using stochastic processes, we show that the protocol is very energy efficient . Also, when part of the network is inoperative, the protocol manages to propagate data very close to the sink, thus in this sense it is robust . We finally present and discuss large-scale simulation findings validating the analytical results.

People-centric sensing in assistive healthcare: Privacy challenges and directions

As the domains of pervasive computing and sensor networking are expanding, there is an ongoing trend towards assistive living and healthcare support environments that can effectively assimilate these technologies according to human needs. Most of the existing research in assistive healthcare follows a more passive approach and has focused on collecting and processing data using a static-topology and an application-aware infrastructure. However, with the technological advances in sensing, computation, storage, and communications, a new era is about to emerge changing the traditional view of sensor-based assistive environments where people are passive data consumers, with one where people carry mobile sensing elements involving large volumes of data related to everyday human activities. This evolution will be driven by people-centric sensing and will turn mobile phones into global mobile sensing devices enabling thousands new personal, social, and public sensing applications. In this paper, we discuss our vision for people-centric sensing in assistive healthcare environments and study the security challenges it brings. This highly dynamic and mobile setting presents new challenges for information security, data privacy and ethics, caused by the ubiquitous nature of data traces originating from sensors carried by people. We aim to instigate discussion on these critical issues because people-centric sensing will never succeed without adequate provisions on security and privacy. To that end, we discuss the latest advances in security and privacy protection strategies that hold promise in this new exciting paradigm. We hope this work will better highlight the need for privacy in people-centric sensing applications and spawn further research in this area. Copyright