Sensor networks are designed with the assumption that nodes are willing to collaborate.  However, the open collaboration of nodes introduces privacy and security issues.  Therefore, ensuring privacy in wireless sensor networks is a challenging task.  Based on a multilevel security paradigm, in this paper we present a hierarchical key generation and distribution protocol for wireless sensor networks.  We show by simulation results that our key generation scheme outperforms the existing hierarchical key generation schemes thus it is suitable for sensor networks with limited computation and energy capabilities.  Furthermore, we present an energy efficient key diffusion protocol.  We also discuss the possible security threats involved with the proposed protocol and provide suitable solutions to such threats.

Access control is the key security service used for information and system security. The access control mechanisms can be used to enforce various security policies, but the desired access control objectives can only be achieved if the underlying software implementation is correct. It therefore becomes essential to not only verify that the implementation conforms to the given policy but also to confirm the absence of any violations in it. We propose a model-based strategy for testing implementations of access control systems that employ the RBAC policy specification. Our approach is based on the construction of a structural and behavioral model of the corresponding RBAC specification. The model is then used to generate static and dynamic test suites for the corresponding implementation. The code coverage and mutation score were used as metrics to determine the efficacy of the proposed approach in a case study. The results of the case study show that the tests generated using the proposed approach not only provide good control flow coverage of the implementation but are also effective in detecting faults induced via mutation operators.

Cross Domain Controlled Interface and Labeling (CDCIL) is intended to provide a capability that will allow web services in separate security policy domains to exchange eXtended Markup Language (XML) objects (messages, documents, web-based content) securely across domain boundaries, while preventing the flow of content not authorized to cross those boundaries. In this way, CDCIL will provide a framework for enabling the creation of a single service oriented architecture (SOA) composed of multiple security policy domains, each with its own security requirements and attributes.
The CDCIL services have been conceived as standards based web services that will provide mechanisms to (1) persistently bind a label (metadata header) containing flexibly-derived set of security attributes to XML objects exchanged by web services in different domains, and (2) enforce security policies that govern those exchanges. The CDCIL services go beyond other cross domain solutions being used to control XML exchanges in their ability to (1) accommodate a broader definition of

If we limit the contact rate of worm traffic, can we alleviate and ultimately contain Internet worms? This paper sets out to answer this question. Specifically, we are interested in analyzing different deployment strategies of rate control mechanisms and the effect thereof on suppressing the spread of worm code. We use both analytical models and simulation experiments. We find that rate control at individual hosts or edge routers yields a slowdown that is linear in the number of hosts (or routers) with the rate limiting filters. Limiting contact rate at the backbone routers, however, is substantially more effective - it renders a slowdown comparable to deploying rate-limiting filters at every individual host that is covered. This result holds true even when susceptible and infected hosts are patched and immunized dynamically. To provide context for our analysis, we examine real traffic traces obtained from a campus-computing network. We observe that rate throttling could be enforced with minimal impact on legitimate communications. Two worms observed in the traces, however, would be significantly slowed down.

A mix is a communication proxy that attempts to hide the correspondence between its incoming and outgoing messages. Timing attacks are a significant challenge for mix-based systems that wish to support interactive, low-latency applications. However, the potency of these attacks has not been studied carefully. In this paper, we investigate timing analysis attacks on low-latency mix systems and clarify the threat they pose. We propose a novel technique, defensive dropping, to thwart timing attacks. Through simulations and analysis, we show that defensive dropping can be effective against attackers who employ timing analysis.

The 802.11 standard specifies mechanisms for channel access, data delivery, authentication and privacy for wireless communication. The standard makes no provisions for faulty, selfish or malicious behavior assuming that nodes always act according to the specifications of the protocol. Thus, nodes running defective protocol implementations, misconfigured, or compromised can potentially cause significant disruption in the network.  In this paper we present an analysis of channel access denial of service attacks against 802.11b. We demonstrate the attacks through simulation and analyze them by considering the effect of multiple attackers, their relative positioning and the influence of the choice of high level protocols.  In addition, we identify and describe new attacks against the beacon-based synchronization mechanism used for channel access and by the power saving mode in 802.11a, b, and g. We provide simulation results that demonstrate their feasibility and analyze them considering the attacker’s effort versus the induced damage and effect on other protocols and services. Finally, we propose and discuss mitigation techniques for all the above attacks, demonstrating the efficacy of several of them through simulations.

Information Technology has become integral to organizations

This research studies and designs techniques for coordinated network monitoring, traffic conditioning, and flow control as integral components of the edge routers in a network domain. The enhanced edge routers yield secure network domains, and achieve better performance in terms of high data throughput, low delay, and low loss rates. The potential performance gain from the proposed techniques is critical for the current and emerging network services such as multimedia applications. Using simulation, we evaluate the edge router for data intensive applications such as FTP and delay sensitive applications such as Telnet and Web. The contributions of this thesis can be summarized as follows: