Mitigating Denial-of-Service Attacks in MANET by Incentive-based Packet Filtering: A Game-theoreti

Defending against denial-of-service attacks (DoS) in a mobile ad hoc network (MANET) is challenging because the network topology is dynamic and nodes are selfish. In this paper, we propose a DoS mitigation technique that uses digital signatures to verify legitimate packets, and drop packets that do not pass the verification. Since nodes are selfish, they may not perform the verification in order to avoid paying the overhead. A bad packet that escapes verification along the whole network path will bring a penalty to all its forwarders. A network game can be formulated in which nodes along a network path, in optimizing their own benefits, are encouraged to act collectively to filter out bad packets. Analytical results show that Nash equilibrium can be attained for players in the proposed game, and significant benefits can be provided to forwarders such that many of the bad packets will be eliminated by verification.

Matching and Fairness in Threat-based Mobile Sensor Coverage

Mobile sensors can be used to effect complete coverage of a surveillance area for a given threat over time, thereby reducing the number of sensors necessary. The surveillance area may have a given threat profile as determined by the kind of threat, and accompanying meteorological, environmental, and human factors. In planning the movement of sensors, areas that are deemed higher threat should receive proportionately higher coverage. We propose a coverage algorithm for mobile sensors to achieve a coverage that will match – over the long term and as quantified by an RMSE metric – a given threat profile. Moreover, the algorithm has the following desirable proper ties: (1) stochastic, so that it is robust to contingencies and makes it hard for an adversary to anticipate the sensor’s movement; (2) efficient; and (3) practical, by avoiding movement over inaccessible areas. Fur ther to matching, we argue that a fairness measure of performance over the shor ter time scale is also important. We show that the RMSE and fairness are in general antagonistic, and argue for the need of a combined measure of performance, which we call efficacy. We show how a pause time parameter of the coverage algorithm can be used to control the tradeoff between the RMSE and fairness, and present an efficient offline algorithm to determine the optimal pause time maximizing the efficacy. Lastly, we discuss the effects of multiple sensors, under both independent and coordinated operation. Extensive simulation results – under realistic coverage scenarios – are presented for performance evaluation.

Performance Analysis of Stochastic Network Coverage with Limited Mobility

We analyze the ability of a stochastic coverage algorithm to achieve both accurate threat-based coverage and effective information capture. When mobile sensors are used to cover the region over time, the goal of threat-based coverage is to allocate the sensors’ coverage time between the subregions in proportion to their threat levels. We show that, in contrast to prior results on mobile coverage for maximizing simple event capture, limiting mobility by strategically pausing the sensor is important for threat-based coverage of physical world monitoring. Besides being energy efficient, pausing has two desirable effects. First, it can improve the accuracy of the threat-based coverage, in particular, the accuracy increases monotonically with a pause time parameter, and a large enough parameter will ensure exact matching of the sensor’s coverage profile with the region’s threat profile. Second, diverse natural phenomena require a non-negligible sensing time to overcome statistical uncertainties posed by the random nature of the phenomena. Suitable pausing allows a subregion to be observed long enough for reliable results.

Biometric Information Lifecycle Framework

The deployment and usage of biometric systems is increasing at a rapid rate as the technology becomes more mature and gains user acceptance. Large-scale civilian applications like Registered Traveler program and US-VISIT program rely heavily on biometric systems as part of its authentication process. Biometric systems are also deployed in commercial applications like Automated Teller Machines (ATM) to replace or complement ATM cards. Securing the user’s biometric information is just as important as securing the biometric system. Improving security of biometric systems does have a positive impact on securing biometric information, but securing the system does not imply that the information is also secure. The technology ecosystem needs to be analyzed taking into account its principle constituents: the biometric system, the biometric process and the biometric information lifecycle. The concept of information lifecycle management has been under development for some time now, but it has not been applied to biometric information. Biometric Information Lifecycle Management refers to a sustainable strategy of maintaining confidentiality, integrity and availability of biometric information and developing policies or its use. The Biometric Information Lifecycle comprises of the following phases: creation, transformation, storage, usage, and disposition. This research is a work in progress which will define the biometric information lifecycle phases, create a taxonomy of attacks on biometric information lifecycle phases, and improve the security and management of biometric information.

Assessment of Indiana Dept. of Corrections Image Capture Process

It has become apparent that data sharing capabilities across state departments and law enforcement agencies is an issue, especially in terms of tracking, monitoring, and identifying persons of interest. There is a need to assess the image capture process, as well as sharing capabilities, and to incorporate commercially available facial recognition technology to reduce the errors in identifying persons of interest. The objective of this project is to evaluate legacy face images, assess and standardize the image capture process across Indiana Dept. of Corrections (DOC) agencies, integrate facial recognition to link face databases, and integrate mobile devices in law enforcement vehicles for face recognition. This research will lead to improvements in the efficiency and quality of the face image capture process in DOC facilities and BMV branches and facilitate image sharing capabilities across State agencies.

A Novel Approach to Robust, Secured, and Cancellable Biometrics

Biometrics is to automatically identify or verify a person using physical, biological, and behavior characteristics, which include face, iris, fingerprints, hand geometry, voice, and etc. Compared to the traditional identification and verification methods (such as, some paper, plastic ID card, or password), biometrics is more convenient for users, reduces fraud, and can be more secure. Biometrics is becoming an important ally of security, intelligence, and law enforcement.

However, there are concerns about biometrics for daily life applications, such as security issues, privacy issues, standards, and etc. Among them, the biggest concern is the security of the biometric data. Unlike traditional identity methods, it is very hard, sometimes impossible, to re-issue a person’s biometric data. If biometric data is obtained, for example compromised due to identity theft, the user will lose control over them forever and lose his/her identity.

Some researchers proposed to encrypt biometric data. They are using quite standard methods such as Advanced Encryption Standard (AES) and Public key cryptosystem RSA and cryptographic hash functions. The main issue related to them is key and key management, which has been studied independently from biometrics. As a result, there is a lack of research on the dependent relation between biometrics and encryption/integrity/key management and on comprehensive mechanisms involving authentication, encryption, data integrity, and key management.

Recently, some biometric researchers have proposed cancellable biometrics, which allows the system to re-issue the biometric for a user. The key idea of the cancellable biometrics is to distort the biometric image/signal/features before matching. The distortion parameters can be easily changed, which provides the cancelable nature of the scheme.

However, few if any have combined encryption and cancellable biometrics together to ensure the security of biometric data in storage, transmission, and identification. The simple and naïve approach is to put them together by designing a cancellable biometric method and applying encryption. This approach does not take consideration of the characteristics of biometrics and would not be applicable to real-life scenarios.

In this project, we propose a robust, secured, and cancellable biometrics method, which incorporates the encryption/key/key management into the cancellable biometric method design to provide the optimum solution. The PIs are experts in the field of biometrics, security, and network administration, which are essential for the success of this project.

Secure, Composable, & Scalable Framework for Trusted Collaborative Computing

Collaborative Computing (CC) is a critical application domain within the Internet environment. A few examples of CC are multi-party computation, collaborative defense, tele-medicine and collaborative decision making. Participants in CC demand confidentiality, privacy, integrity, and controlled sharing of sensitive information. Also, CC environments involve many entities, which are dynamic, heterogeneous, distributed, and can be hostile. Currently, CC uses the Internet as the underlying infrastructure, which by design is not secure and suffers from incessant attacks ranging from eavesdropping to vulnerability exploitation. Hence, it is imperative for the success of CC to require a reliable and secure framework built on top of the Internet to remedy some of its limitations. CC, based on such an underlying framework, can be termed as Trusted Collaborative Computing (TCC). Thus, the long term objective of this research is to develop a framework that will enable TCC. This framework consists of: (1) (group-oriented) secure and anonymous communication, (2) finely-controlled data sharing and (3) secure, composable and scalable integration. The framework will effectively address the underlying challenges of secure communication and guaranteed access, anonymity, composability, interoperability, and scalability.

The core technique in the proposed TCC framework is Access Control Polynomial (ACP) which was just presented at and published in the proceedings of INFOCOM’08, one of the highest international conferences in the networking and security field. The short term yet intensive summer work is to implement and evaluate such an innovative ACP mechanism and related security modules. This work will significantly help the accomplishment of the long term objective and secure the application for external funding.

Trusted Medical Information System and Health Informatics

In December of 2004 a US Marine is severely wounded during combat operations in Iraq. After receiving world class treatment at Bethesda Naval Hospital and the Indianapolis VA medical center, the patient is able to carry on a normal civilian life in Indianapolis. Several months later the veteran gets in an accident and is transported via medi-vac to a non-VA facility trauma center in Indianapolis for care. The provider looks up the patient’s data using the Indiana Health Information Exchange and the patient has a highly positive outcome. This outcome is only because critically important medical data was made available to the provider at the right time via a collaborative database between local hospitals. This scenario is only possible if VA hospitals can securely manage sharing of data between non VA health care facilities and themselves. The security schema the VA needs to meet this is a highly secure, manageable, portable, scalable, granular to the record & field level and most importantly cost effective security architecture.

It is with great enthusiasm we present the VISTALOCK security schema to the Department of Veterans Affairs. The scientists who have invented this technology are offering the Department of Veterans Affairs the opportunity to collaborate with them by implementing the already developed and proven technology across the VA Health Care domain. The VISTALOCK security architecture, using TEGO technology, is designed to be flexible and adaptable to support the security needs of VA and ALL of its national, regional and local affiliates.

VISTALOCK addresses four major security functions needed in collaborative data exchange and sharing, that is, Hierarchical Access Control (HAC), Secure Group Communication (SGC); Differential Access Control (DAC); Secure Dynamic Conferencing (SDC), enforces confidentiality, integrity, authentication, and fine tuned authorized access of patient records with granularity to the field and record level based on Cryptography and Key Management, and provides the capabilities of scalability, efficiency, dynamics, flexibility, and transparence.

The VISTALOCK security system is a bolt on security architecture that works in addition to the existing system(s) for which it protects, it will require no changes to the VISTA database repository and will act as a security gateway for all VISTA data traffic between the client and host. The VA will be able to apply best of breed technology to its security architecture, by providing modular and portable security services to the Vista/HealtheVET system. This enables the VA to continue full speed ahead with HealtheVET development as planned while still enabling secured collaborative data sharing capabilities to its architecture with external local health care facilities and practices.

Secure Video Stream Framework for Dynamic and Anonymous Subscriber Groups

Secure video content distribution is a key aspect in the deployment of Telepresence Services and Video on Demand, two critical applications for the ecosystem targeted by Cisco products. Efficient mechanisms and systems need to be developed to guarantee confidentiality and controlled access to a broad range of broadcast video streams. At the same time, an effective framework for secure video content distribution should also guarantee subscribers’ privileges to access video streams matching their respective subscription and on-demand requirements.

In this project, we will build, by employing an innovative approach called Access Control Polynomial (ACP), a Secure Video Stream Framework for dynamic and anonymous subscriber groups. The framework will effectively address the underlying challenges of secure video stream broadcasting and guaranteed access, anonymity, dynamicity, granularity, and scalability.

Secure Group Communication Over wired/wireless networks

Secure group communications (SGC) refers to a setting in which a group of participants can send and receive messages (sent to the group members), in a way that outsiders are unable to glean information even if they are able to intercept the messages. SGC is important because several prevalent applications require it. These applications include teleconferencing, tele-medicine, real-time information services, distributed interactive simulations, collaborative work, interactive games and the deployment of VPN (Virtual Private Networks). The goals for this project are four-fold: 1. study various issues enabling SGC which include, but are not limited to, group key management, burst behavior and efficient burst operations, membership management, group member admission control, authentication and non-repudiation; 2. study and provide solutions for specific SGC scenarios such as dynamic conferencing and SGC with hierarchical access control; 3. investigate research challenges for SGC over wireless/mobile environments; 4. integrate research results into the curriculum and perform public dissemination of findings and software.

Footer

Intranet Site