The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Reports and Papers Archive


Browse All Papers »       Submit A Paper »

DICAS: Detection, Diagnosis and Isolation of Control Attacks in Sensor Networks

Issa Khalil, Saurabh Bagchi, Cristina Nina-Rotaru

in both military and civilian domains. However, the deployment scenarios, the functionality requirements, and the limited capabilities of these networks expose them to a wide-range of attacks against control traffic (such as wormholes, Sybil attacks, rushing attacks, etc). In this paper we propose a lightweight protocol called DICAS that mitigates these attacks by detecting, diagnosing, and isolating the malicious nodes. DICAS uses as a fundamental building block the ability of a node to oversee its neighboring nodes

Added 2007-05-31

LITEWORP: A Lightweight Countermeasure for the Wormhole Attack in Multihop Wireless Networks

Issa Khalil, Saurabh Bagchi, Ness B. Shroff

In multihop wireless systems, such as ad-hoc and sensor networks, the need for cooperation among nodes to relay each other

Added 2007-05-31

Efficient Correlated Action Selection

CERIAS TR 2007-25
Mikhail Atallah, Marina Blanton, Keith Frikken, and Jiangtao Li
Download: PDF

Participants in e-commerce and other forms of online collaborations tend to be selfish and rational, and therefore game theory has been recognized as particularly relevant to this area, especially when combined with notions from computational complexity and cryptography. In many common games, the joint strategy of the players is described by a list of pairs of actions, and one of those pairs is chosen according to a specified correlated probability distribution.  In traditional game theory, it is a trusted third party mediator that carries out the random selection, and reveals to each player that player’s recommended action from the selected pair. In such games that have a correlated equilibrium, each player follows the mediator’s recommendation because deviating from it cannot increase a player’s expected payoff.  Dodis et al. described a two-party protocol that eliminates, through cryptographic means, the third party mediator: Such games are replaced with games that do not require a third party mediator and have a computational Nash equilibrium. The protocol of Dodis et al. was designed and works well for a uniform distribution, but can be quite inefficient if applied to non-uniform distributions. Teague has subsequently built on this work and extended it to the case where the probabilistic strategy no longer assigns equal probabilities to all the pairs of moves, i.e., a pair can now have an associated probability that is much smaller (or larger) than the probability of other pairs. Our present paper improves on the work of Teague by providing an exponentially more efficient protocol for the same problem. The protocol uses tools that are of independent interest and that improve the round-complexity of recently presented protocols unrelated to the presently considered game-theoretic framework.

Added 2007-05-31

Secret Handshakes with Dynamic and Fuzzy Matching

CERIAS TR 2007-24
Giuseppe Ateniese, Marina Blanton, and Jonathan Kirsch
Download: PDF

The need for communication privacy over public networks is of growing concern in today’s society.  As a result, privacy-preserving authentication and key exchange protocols have become critical primitives in building secure distributed systems. Secret handshakes provide such a service by allowing two members of the same group to secretly and privately authenticate to each other and agree on a shared key for further communication.

This paper presents the first efficient secret handshake schemes with unlinkable, reusable credentials that do not rely on random oracles for their security (solving open problems from prior literature). In previous work, secret handshakes were extended with roles, so that a group member A can specify the role another group member B must have in order to successfully complete the protocol with A. We generalize the traditional and role-based secret handshake in two ways. First, we present a secret handshake with dynamic matching, in which each party can specify both the group and the role the other must have in order to complete the handshake. Second, we provide a novel extension of secret handshakes to include attributes, allowing the handshake to be based on approximate (or fuzzy) matching.

We demonstrate the practicality and efficiency of our protocols by evaluating a prototype implementation.  We integrate our dynamic matching protocol into IPsec, and we detail the performance tradeoffs associated with our fuzzy matching scheme. Our experiments indicate that our solutions offer attractive performance.

Added 2007-05-31

Efficient Techniques for Realizing Geo-Spatial Access Control

CERIAS TR 2007-23
Mikhail Atallah, Marina Blanton, and Keith Frikken
Download: PDF

The problem of key management for access control systems has been well-studied, and the literature contains several schemes for hierarchy-based and temporal-based access control. The problem of key management in such systems is how to assign keys to users such that each user is able to compute and have access to the appropriate resources while minimizing computation and storage requirements. In the current paper, we consider key management schemes for geo-spatial access control. That is, the access control policy assigns to a user a specific geographic area, and the user consequently obtains access to her area or information about it.

In this work, the geography is modeled as an m*n grid of cells (let m <= n). Each cell has its own key associated with it, and a user who wants to access the content of a cell needs to obtain its key. Each user obtains access to a rectangular area (or a finite collection of such rectangles) and is able compute keys corresponding to the cells that comprise her area.

Our main result is an efficient scheme with the following properties: (i) each user obtains a small constant number of secret keys that permit access to an arbitrary rectangular sub-grid, (ii) computation to derive the key of a specific cell in that rectangle consists of a constant number of efficient operations, and (iii) the server needs to maintain O(mn(log log m)^2 log^* m) public information accessible to all users. The public storage requirement is the worst-case bound and can be improved if the grid is partitioned into regions where the cells of a region share the same key.

Added 2007-05-31

Dynamic Cryptographic Hash Functions

CERIAS TR 2007-20
William Speirs
Download: PDF
Added 2007-05-06

Finite field of low characteristic in elliptic curve cryptography

CERIAS TR 2007-22
Shuo Shen
Download: PDF
Added 2007-05-04

Defense Science Study Group 2004-2005 Papers 1-11

P. Gould

Paper 1- Toward a Global Field Guide for Microorganisms

Paper 2- Tampering with DNA: National Security Needs for Detection and Design

Paper 3- Evaluating the Potential Bioterrorism Threat Posed by Influenza

Paper 4- The Merging of Man and Machine: Using Brain-Computer Interfaces (BCIs) to Augment Human Capabilities

Paper 5- Advances in Agricultural Biotechnology and Vulnerabilities in the U.S. Food Supply

Paper 6- Uncertainty Modeling in Cooperative Control: When Does the Teamwork Advantage Break Down?

Paper 7- Passive and Semi-Passive Nanomaterial-Based Sensors for Multi-Year Remote Detection

Paper 8- Next-Generation Shape Memory Polymer-Based Composite Materials for Military Applications

Paper 9- Improving Information Sharing to Prevent Future Terrorist Attacks

Paper 10- Cybersecurity Threats to Military and Civilian Critical Infrastructure

Paper 11- Novel Radio Frequency (RF) Detection Methods for Improvised Explosive Devices (IEDs)

Added 2007-05-01

Using artificial neural networks for forensic file type identification

CERIAS TR 2007-19
Ryan M. Harris
Download: PDF

Current forensic software relies upon accurate identification of file types in order to determine which files contain potential evidence. However, current type recognition mechanisms are susceptible to simple attacks that enable a criminal to confuse the detection algorithm. This study investigated whether artificial neural networks were superior to existing mechanisms at responding to modern evidence tampering techniques and concluded that the tested neural networks were not better than the existing methods.  However, the study yielded avenues for future investigation.

Added 2007-04-30

Enabling Confidentiality of Data Delivery in an Overlay Broadcasting System

Ruben Torres, Xin Sun, Aaron Walters, Cristina Nita-Rotaru and Sanjay Rao
Added 2007-04-29

Feasibility of DDoS attacks using P2P Systems and Prevention through Robust Membership Management

Xin Sun, Ruben Torres and Sanjay Rao

We show that malicious nodes in a peer-to-peer system may impact the external Internet environment, by causing large-scale distributed denial of service attacks on nodes not even part of the overlay system. This is in contrast to attacks that disrupt the normal functioning, and performance of the overlay system itself.  We formulate several principles critical to the design of membership management protocols robust to such attacks.  We show that (i) pull-based mechanisms are preferable to push-based mechanisms; (ii) it is critical to validate membership information received by a node, and even simple probe-based techniques can be quite effective; (iii) validating information by requiring corrobaration from multiple sources can provide good security properties with insignificant performance penalties; and (iv) it is important to bound the number of distinct logical identifier (e.g. IDs in a DHT) corresponding to the same physical identifier (e.g., IP address), which a participating node is unable to validate. We demonstrate the importance of these principles in the context of the KAD system for file distribution, and ESM system for video broadcasting. To our knowledge, this is the first systematic study of issues in the design of membership management algorithms in peer-to-peer systems so they may be robust to attacks exploiting them for DDoS attacks on external nodes.

Added 2007-04-29

IEEE International Carnahan Conferences Security Technology

CERIAS TR 2007-11
Blomekec, C. R., Howell, B.M., and Elliott, S.J.
Download: PDF

This paper will outline the results of an online survey about the perceptions of Indiana 4-H Youth Educators on the use of retinal imaging for the purpose of identifying 4-H livestock projects.

Added 2007-04-25

Data Mining and Privacy: An Overview

Christopher W. Clifton and Deirdre K. Mulligan and Raghu Ramakrishnan
Added 2007-04-23

Privacy Preserving Data Mining

Jaideep Vaidya and Chris Clifton and Michael Zhu
Added 2007-04-23

A Secure Distributed Framework for Achieving k-Anonymity

Wei Jiang and Chris Clifton
Added 2007-04-23