Provably Assurable Wireless Networks under Arbitrary Malicious Behaviors
Principal Investigator: Saurabh Bagchi
Ad hoc wireless networks are becoming important platforms in several application domains, including military warfare and mission-critical sensor networks. However, the open nature of the wireless communication channels and the lack of infrastructure, have made these networks vulnerable to a wide range of security attacks. Securing such networks is particularly challenging due to two reasons. First, the adversary can physically compromise a node and acquire its private keys, rendering cryptographic mechanisms insufficient. Second, the adversary may have much stronger computation/communication capabilities than the legitimate ad hoc network nodes, and the malicious nodes can collude among themselves. This has created an imbalance in securing ad hoc networks—defense is hard and resource-consuming while attack is often easy and cheap.
In this project, we are developing a provably assurable ad hoc network protocol suite to invert this imbalance. By provably assurable, we mean that the system designer will be able to reason about provable security guarantees under specific limits on the fraction of the network that is compromised (say, no more than 30% of the nodes can get compromised). Such reasoning will be valid in the presence of a wide, and rigorously quantifiable, range of adversarial behaviors. In particular, our solution seeks to achieve the following goals.
- Easy to defend, hard to attack: By design, the network must be able to raise the bar for the attacker by orders-of-magnitude with only minimal (or linear) increase in the cost of defense.
- Tolerate arbitrary/Byzantine malicious behavior: Our solution should tolerate sophisticated, arbitrary, and even unknown, malicious activities from the compromised nodes.
We are using two major approaches to achieve these goals.
- Security by diversification and randomization: We provide mechanisms that intelligently induce randomization/diversification into the operation of the protocols, in order to make the system unpredictable to the attacker. Our mechanisms have the property that they scale with network size, i.e., as the network grows, it becomes progressively harder for the attacker to achieve adversarial goals (e.g., to partition the network).
- Distributed reputation mechanism: We are developing a distributed reputation mechanism whereby each node’s actions result in collective states being formed in the network. Such states are in the form of reputation values, and are organically created through all the node actions and maintained in a distributed manner. The reputation is used in determining the level of functionality that a node is allowed to perform, or the level of interaction that a node can have with another node.Project URL: http://www.ece.purdue.edu/~dcsl/projects.html
(See under “Intelligent Ad-Hoc Wireless Networks”)
Other PIs: Xiaojun Lin (Purdue University)
Students: Jinkyu Koo (Ph.D. Student) DongHoon Shin (Ph.D. Student) Matthew Tan Creti (Ph.D. Student)
Issa Khalil and Saurabh Bagchi, “Stealthy Attacks in Wireless Ad Hoc Networks: Detection and Countermeasure,” Accepted for publication in IEEE Transactions on Mobile Computing, pp. 1-35, notice of acceptance: August 2010.
Matthew Tan Creti, Matthew Beaman, Saurabh Bagchi, Zhiyuan Li, and Yung-Hsiang Lu, “Multigrade Security Monitoring for Ad-Hoc Wireless Networks,” At the 6th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS), pp. 342-352, October 12-15, 2009, Macau SAR, China.
Carlos Perez-Toro, Rajesh Krishna Panta, and Saurabh Bagchi, “RDAS: Reputation-Based Resilient Data Aggregation in Sensor Network,” At the 7th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks (SECON), pp. 1-9, June 21-25, 2010, Boston, MA.
Keywords: ad hoc networks, formal methods, Malware