The Experts below are selected from a list of 253770 Experts worldwide ranked by ideXlab platform
Shivakant Mishra - One of the best experts on this subject based on the ideXlab platform.
-
decorrelating wireless sensor network Traffic to inhibit Traffic Analysis attacks
Pervasive and Mobile Computing, 2006Co-Authors: Jing Deng, Richard Han, Shivakant MishraAbstract:Typical packet Traffic in a sensor network reveals pronounced patterns that allow an adversary analyzing packet Traffic to deduce the location of a base station. Once discovered, the base station can be destroyed, rendering the entire sensor network inoperative, since a base station is a central point of data collection and hence failure. This paper investigates a suite of decorrelation countermeasures aimed at disguising the location of a base station against Traffic Analysis attacks. A set of basic countermeasures is described, including hop-by-hop reencryption of the packet to change its appearance, imposition of a uniform packet sending rate, and removal of correlation between a packet's receipt time and its forwarding time. More sophisticated countermeasures are described that introduce randomness into the path taken by a packet. Packets may also fork into multiple fake paths to further confuse an adversary. A technique is introduced to create multiple random areas of high communication activity called hot spots to deceive an adversary as to the true location of the base station. The effectiveness of these countermeasures against Traffic Analysis attacks is demonstrated analytically and via simulation using three evaluation criteria: total entropy of the network, total overhead/energy consumed, and the ability to frustrate heuristic-based search techniques to locate a base station.
-
countermeasures against Traffic Analysis attacks in wireless sensor networks
International Workshop on Security, 2005Co-Authors: Jing Deng, Richard Han, Shivakant MishraAbstract:Wireless sensor networks are highly vulnerable to the failure of base stations. An adversary can render a wireless sensor network useless by launching remote, softwarebased attacks or physical attacks on the base stations. This paper addresses the problem of defending a base station against physical attacks by concealing the geographic location of a base station. Typical packet Traffic in a sensor network reveals pronounced patterns that allow an adversary analyzing packet Traffic to deduce the location of a base station. The paper investigates several countermeasures against Traffic Analysis techniques aimed at disguising the location of a base station. First, a degree of randomness is introduced in the multi-hop path a packet takes from a sensor node to a base station. Second, random fake paths are introduced to confuse an adversary from tracking a packet as it moves towards a base station. Finally, multiple, random areas of high communication activity are created to deceive an adversary as to the true location of the base station. The paper evaluates these techniques analytically and via simulation using three evaluation criteria: total entropy of the network, total energy consumed, and the ability to guard against heuristic-based techniques to locate a base station.
-
intrusion tolerance and anti Traffic Analysis strategies for wireless sensor networks
Dependable Systems and Networks, 2004Co-Authors: Jing Deng, Richard Han, Shivakant MishraAbstract:Wireless sensor networks face acute security concerns in applications such as battlefield monitoring. A central point of failure in a sensor network is the base station, which acts as a collection point of sensor data. In this paper, we investigate two attacks that can lead to isolation or failure of the base station. In one set of attacks, the base station is isolated by blocking communication between sensor nodes and the base station, e.g. by DOS attacks. In the second attack, the location of the base station is deduced by analyzing data Traffic towards the base station, which can lead to jamming and/or discovery and destruction of the base station. To defend against these attacks, two secure strategies are proposed. First, secure multi-path routing to multiple destination base stations is designed to provide intrusion tolerance against isolation of a base station. Second, anti-Traffic Analysis strategies are proposed to help disguise the location of the base station from eavesdroppers. A performance evaluation is provided for a simulated sensor network, as well as measurements of cryptographic overhead on real sensor nodes.
Xuemin Sherman Shen - One of the best experts on this subject based on the ideXlab platform.
-
network coding based privacy preservation against Traffic Analysis in multi hop wireless networks
IEEE Transactions on Wireless Communications, 2011Co-Authors: Yanfei Fan, Yixin Jiang, Haojin Zhu, Jiming Chen, Xuemin Sherman ShenAbstract:Privacy threat is one of the critical issues in multi-hop wireless networks, where attacks such as Traffic Analysis and flow tracing can be easily launched by a malicious adversary due to the open wireless medium. Network coding has the potential to thwart these attacks since the coding/mixing operation is encouraged at intermediate nodes. However, the simple deployment of network coding cannot achieve the goal once enough packets are collected by the adversaries. On the other hand, the coding/mixing nature precludes the feasibility of employing the existing privacy-preserving techniques, such as Onion Routing. In this paper, we propose a novel network coding based privacy-preserving scheme against Traffic Analysis in multi-hop wireless networks. With homomorphic encryption on Global Encoding Vectors (GEVs), the proposed scheme offers two significant privacy-preserving features, packet flow untraceability and message content confidentiality, for efficiently thwarting the Traffic Analysis attacks. Moreover, the proposed scheme keeps the random coding feature, and each sink can recover the source packets by inverting the GEVs with a very high probability. Theoretical Analysis and simulative evaluation demonstrate the validity and efficiency of the proposed scheme.
Jing Deng - One of the best experts on this subject based on the ideXlab platform.
-
decorrelating wireless sensor network Traffic to inhibit Traffic Analysis attacks
Pervasive and Mobile Computing, 2006Co-Authors: Jing Deng, Richard Han, Shivakant MishraAbstract:Typical packet Traffic in a sensor network reveals pronounced patterns that allow an adversary analyzing packet Traffic to deduce the location of a base station. Once discovered, the base station can be destroyed, rendering the entire sensor network inoperative, since a base station is a central point of data collection and hence failure. This paper investigates a suite of decorrelation countermeasures aimed at disguising the location of a base station against Traffic Analysis attacks. A set of basic countermeasures is described, including hop-by-hop reencryption of the packet to change its appearance, imposition of a uniform packet sending rate, and removal of correlation between a packet's receipt time and its forwarding time. More sophisticated countermeasures are described that introduce randomness into the path taken by a packet. Packets may also fork into multiple fake paths to further confuse an adversary. A technique is introduced to create multiple random areas of high communication activity called hot spots to deceive an adversary as to the true location of the base station. The effectiveness of these countermeasures against Traffic Analysis attacks is demonstrated analytically and via simulation using three evaluation criteria: total entropy of the network, total overhead/energy consumed, and the ability to frustrate heuristic-based search techniques to locate a base station.
-
countermeasures against Traffic Analysis attacks in wireless sensor networks
International Workshop on Security, 2005Co-Authors: Jing Deng, Richard Han, Shivakant MishraAbstract:Wireless sensor networks are highly vulnerable to the failure of base stations. An adversary can render a wireless sensor network useless by launching remote, softwarebased attacks or physical attacks on the base stations. This paper addresses the problem of defending a base station against physical attacks by concealing the geographic location of a base station. Typical packet Traffic in a sensor network reveals pronounced patterns that allow an adversary analyzing packet Traffic to deduce the location of a base station. The paper investigates several countermeasures against Traffic Analysis techniques aimed at disguising the location of a base station. First, a degree of randomness is introduced in the multi-hop path a packet takes from a sensor node to a base station. Second, random fake paths are introduced to confuse an adversary from tracking a packet as it moves towards a base station. Finally, multiple, random areas of high communication activity are created to deceive an adversary as to the true location of the base station. The paper evaluates these techniques analytically and via simulation using three evaluation criteria: total entropy of the network, total energy consumed, and the ability to guard against heuristic-based techniques to locate a base station.
-
intrusion tolerance and anti Traffic Analysis strategies for wireless sensor networks
Dependable Systems and Networks, 2004Co-Authors: Jing Deng, Richard Han, Shivakant MishraAbstract:Wireless sensor networks face acute security concerns in applications such as battlefield monitoring. A central point of failure in a sensor network is the base station, which acts as a collection point of sensor data. In this paper, we investigate two attacks that can lead to isolation or failure of the base station. In one set of attacks, the base station is isolated by blocking communication between sensor nodes and the base station, e.g. by DOS attacks. In the second attack, the location of the base station is deduced by analyzing data Traffic towards the base station, which can lead to jamming and/or discovery and destruction of the base station. To defend against these attacks, two secure strategies are proposed. First, secure multi-path routing to multiple destination base stations is designed to provide intrusion tolerance against isolation of a base station. Second, anti-Traffic Analysis strategies are proposed to help disguise the location of the base station from eavesdroppers. A performance evaluation is provided for a simulated sensor network, as well as measurements of cryptographic overhead on real sensor nodes.
Yanfei Fan - One of the best experts on this subject based on the ideXlab platform.
-
network coding based privacy preservation against Traffic Analysis in multi hop wireless networks
IEEE Transactions on Wireless Communications, 2011Co-Authors: Yanfei Fan, Yixin Jiang, Haojin Zhu, Jiming Chen, Xuemin Sherman ShenAbstract:Privacy threat is one of the critical issues in multi-hop wireless networks, where attacks such as Traffic Analysis and flow tracing can be easily launched by a malicious adversary due to the open wireless medium. Network coding has the potential to thwart these attacks since the coding/mixing operation is encouraged at intermediate nodes. However, the simple deployment of network coding cannot achieve the goal once enough packets are collected by the adversaries. On the other hand, the coding/mixing nature precludes the feasibility of employing the existing privacy-preserving techniques, such as Onion Routing. In this paper, we propose a novel network coding based privacy-preserving scheme against Traffic Analysis in multi-hop wireless networks. With homomorphic encryption on Global Encoding Vectors (GEVs), the proposed scheme offers two significant privacy-preserving features, packet flow untraceability and message content confidentiality, for efficiently thwarting the Traffic Analysis attacks. Moreover, the proposed scheme keeps the random coding feature, and each sink can recover the source packets by inverting the GEVs with a very high probability. Theoretical Analysis and simulative evaluation demonstrate the validity and efficiency of the proposed scheme.
-
an efficient privacy preserving scheme against Traffic Analysis attacks in network coding
International Conference on Computer Communications, 2009Co-Authors: Yanfei Fan, Yixin Jiang, Haojin Zhu, Xuemin ShenAbstract:Privacy threat is one of the critical issues in network coding, where attacks such as Traffic Analysis can be easily launched by a malicious adversary once enough encoded packets are collected. Furthermore, the encoding/mixing nature of net- work coding precludes the feasibility of employing the existing privacy-preserving techniques, such as Onion Routing, in network coding enabled networks. In this paper, we propose a novel pri- vacy-preserving scheme against Traffic Analysis in network coding. With homomorphic encryption operation on Global Encoding Vectors (GEVs), the proposed scheme offers two significant pri- vacy-preserving features, packet flow untraceability and message content confidentiality, for efficiently thwarting the Traffic Analysis attacks. Moreover, the proposed scheme keeps the random coding feature, and each sink can recover the source packets by inverting the GEVs with a very high probability. Theoretical Analysis and simulative evaluation demonstrate the validity and efficiency of the proposed scheme.
Yunhao Liu - One of the best experts on this subject based on the ideXlab platform.
-
Priv-Code: Preserving privacy against Traffic Analysis through network coding for multihop wireless networks
Proceedings - IEEE INFOCOM, 2012Co-Authors: Zhiguo Wan, Kai Xing, Yunhao LiuAbstract:Traffic Analysis presents a serious threat to wireless network privacy due to the open nature of wireless medium. Traditional solutions are mainly based on the mix mechanism proposed by David Chaum, but the main drawback is its low network performance due to mixing and cryptographic operations. We propose a novel privacy preserving scheme based on network coding called Priv-Code to counter against Traffic Analysis attacks for wireless communications. Priv-Code is able to provide strong privacy protection for wireless networks as the mix system because of its intrinsic mixing feature, and moreover, it can achieve better network performance owing to the advantage of network coding. We first construct a hypergraph-based network coding model for wireless networks, under which we formalize an optimization problem whose objective function is to make each node have identical transmission rate. Then we provide a decentralized algorithm for this optimization problem. After that we develop an information theoretic metric for privacy measurement using entropy, and based on this metric we demonstrate that Priv-Code achieves stronger privacy protection than the mix system while achieving better network performance.