Secure Multi-Hop Infrastructure Access
|
|
- Catherine Stone
- 5 years ago
- Views:
Transcription
1 Secure Multi-Hop Infrastructure Access presented by Reza Curtmola (joint work with B. Awerbuch, D. Holmer, C. Nita-Rotaru and H. Rubens) Advanced Topics in Wireless Networks
2 Wireless Infrastructure Access Few pure wireless peer to peer apps yet (primarily emergency deployments) Un-tethered infrastructure access has been the wireless killer app (countless variations) Voice communication Internet access Local area network access Data gathering sensor networks Peripherals (headphones, mice, keyboards)
3 Single-Hop vs. Multi-Hop Advantages Well established Lower Complexity Issues Limited coverage Range Quality (gaps) Advantages Increased Coverage Enhanced performance Reduced Deployment Cost Overall Flexibility Challenges Routing protocol Mobility Scalability
4 Infrastructure Access Security Single-Hop Many years to develop current state of the art 997 WEP 00 WPA i / WPA Still outstanding issues? (see NDSS 004 paper) Multi-Hop Introduces a set of additional security concerns Existing work focuses only on the security of the ad hoc scenario
5 Network Model Gateway Authorized Node Adversary Revoked Node
6 Protocol Design Goals Security comparable to single-hop state of the art protocols Additional protection against multi-hop routing attacks Black Hole Flood Rushing Wormhole Efficient protocol operation Symmetric cryptography Scalable user management
7 Adversarial Model Access Point is trusted able to establish trust relationships with authorized nodes Authenticated nodes are trusted to perform the protocol correctly Adversaries are unauthenticated nodes Perform arbitrary attacks (e.g. drop, inject or modify packets) May collude to perform stronger attacks (e.g. tunnel packets)
8 Our Solution Take an existing solution: Pulse protocol [Infocom 04, Milcom 04, WONS 05] Multi-hop routing protocol Optimized for many-to-one communication pattern High Scalability Mobility Number of nodes Number of flows Build security mechanisms into it
9 Pulse Protocol Example
10 Pro-active Spanning Tree
11 Node Wishes to Communicate
12 Sends Packet to Gateway
13 Cryptographic Protection Participating nodes share a network wide symmetric key NSK Used to secure the routing service Established and maintained using a broadcast encryption scheme (BES) Source and destination use per flow unicast key (UK) to protect data payload seq number routing headers data payload HMAC NSK E NSK E UK
14 Secure Reliability Metric Secure ACKs are required for each data packet traversing a link Protocol gathers history of ACK failures Link weights inversely proportional to reliability Strategy is similar to ODSBR [WiSe 0]
15 Network Model Gateway Authorized Node Adversary Revoked Node
16 Adversarial Avoidance Example Gateway
17 Adversarial Avoidance Example Gateway
18 Adversarial Avoidance Example Gateway
19 Adversarial Avoidance Example Gateway
20 Adversarial Avoidance Example Gateway.
21 Adversarial Avoidance Example Gateway.
22 Wormhole Avoidance Example Gateway
23 Wormhole Avoidance Example Gateway
24 Wormhole Avoidance Example Gateway.
25 Wormhole Avoidance Example Gateway.
26 Wormhole Avoidance Example Gateway.
27 Attack mitigation Injecting, modifying packets use of NSK Replay attack use of nonces Flood rushing protocol relies on the metric, and not on timing information Black hole unreliable links are avoided using metric Wormhole creation is not prevented, but it is avoided using metric
28 Key Management Assumption: each node has a unique pre-established shared key PSK with the gateway Manually entered as in WEP or WPA / WPA personal mode or Automatically generated by interaction with an authentication server as in 80.x / EAP Goal: to efficiently manage the Network Shared Key (NSK) Selected and maintained by the gateway Add/revoke users Periodically refreshed
29 Broadcast Encryption Scheme Center broadcasts a message Only a subset of privileged (non-revoked) users can decrypt it Our requirements: Allows unbounded number of broadcasts Any subset of users can be defined as privileged A coalition of all revoked users cannot decrypt the broadcast
30 Subset Cover Framework CS or SD [Crypto 0], LSD [Crypto 0] The set of privileged users is represented as the union of s subsets of users A long-term key is associated with each subset A user knows a long-term key only if he belongs to the corresponding subset Center encrypts message s times under all the keys associated with subsets in the union LSD Properties Each node stores O(log / (n)) keys O(r) message size O(log(n)) computation at each node
31 Node Management Node addition Using PSK, a node obtains from the gateway the current NSK and the set of secrets for the BES Node revocation / NSK refresh Gateway generates a new NSK Gateway broadcasts encrypted NSK such that only non-revoked nodes are able to decrypt it Scalability advantage over Group Key management in 80.i which is O(n)
32 Complete Subtree U U U U 4 U 5 U 6 U 7 U 8 Broadcast: E K (KEK), E K7 (KEK), E K (KEK), E KEK (NSK )
33 Conclusion Protocol provides multi-hop infrastructure access Efficient, lightweight security Entirely based on symmetric cryptography Prevents a wide variety of attacks Leverages infrastructure for trust establishment
34 Real World Implementation Completed Features Linux Kernel Module with.4 and.6 compatibility Operates at layer Distributed virtual switch architecture provides seamless bridging Pulse Protocol Shortcuts and gratuitous reply Instantaneous loop freedom Fast parent switching (with loop freedom) Medium Time Metric route selection metric (WONS 004) 50 Nodes deployed across JHU Campus Tested with Internet Access, Ad hoc Access Points, Voice over IP Mobility tested at automobile speeds In Progress Security (NDSS Workshop 005) Flood Rushing, Wormholes, Black holes, any NON-Byzantine attack In kernel crypto implementation Leader Election Algorithm Fault tolerance, switches pulse source to most accessed destination Handle merge and partition Efficient Tree Flooding Similar to expanding ring search but with no duplicates
On Demand secure routing protocol resilient to Byzantine failures
On Demand secure routing protocol resilient to Byzantine failures Primary Reference: B. Awerbuch, D. Holmer, C. Nita-Rotaru, and H. Rubens, An on-demand secure routing protocol resilient to Byzantine failures,
More informationAn On-demand Secure Routing Protocol Resilient to Byzantine Failures. Routing: objective. Communication Vulnerabilities
An On-demand Secure Routing Protocol Resilient to Byzantine Failures Baruch Awerbuch Johns Hopkins University On-Demand vs. Proactive Routing Security Concerns On-Demand Source Authentication Caching presents
More informationAn On-demand Secure Routing Protocol Resilient to Byzantine Failures
An On-demand Secure Routing Protocol Resilient to Byzantine Failures Baruch Awerbuch Johns Hopkins University Joint work with David Holmer, Cristina Nita-Rotaru, and Herbert Rubens Based on paper at WiSe2002
More informationInternational Journal of Advance Research in Computer Science and Management Studies
Volume 2, Issue 10, October 2014 ISSN: 2321 7782 (Online) International Journal of Advance Research in Computer Science and Management Studies Research Article / Survey Paper / Case Study Available online
More informationOn the Survivability of Routing Protocols in Ad Hoc Wireless Networks
On the Survivability of Routing Protocols in Ad Hoc Wireless Networks Baruch Awerbuch, Reza Curtmola, David Holmer and Herbert Rubens Department of Computer Science Johns Hopkins University Baltimore,
More informationSecure Routing in Wireless Sensor Networks: Attacks and Countermeasures
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures By Chris Karlof and David Wagner Lukas Wirne Anton Widera 23.11.2017 Table of content 1. Background 2. Sensor Networks vs. Ad-hoc
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 7: Securing LANs. Chapter goals: security in practice: Security in the data link layer
Managing and Securing Computer Networks Guy Leduc Chapter 7: Securing LANs Computer Networking: A Top Down Approach, 7 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2016. (section 8.8) Also
More informationKey establishment in sensor networks
Key establishment in sensor networks -- introduction to wireless sensor networks -- needed key types -- LEAP -- random key pre-distribution (c) Levente Buttyán (buttyan@crysys.hu) Wireless sensor networks
More informationCERIAS Tech Report
CERIAS Tech Report 05-121 ON THE SURVIVABILITY OF ROUTING PROTOCOLS IN AD HOC WIRELESS NETWORKS by Baruch Awerbuch, Reza Curtmola, Herbert Rubens, David Holmer, and Cristina Nita-Rotaru Center for Education
More informationSecure Routing and Transmission Protocols for Ad Hoc Networks
MobiHoc 2002 Working Session on Security in Ad Hoc Networks Secure Routing and Transmission Protocols for Ad Hoc Networks Zygmunt J. Haas and P. Papadimitratos (Panos) Cornell University Wireless Networks
More informationCSC 4900 Computer Networks: Security Protocols (2)
CSC 4900 Computer Networks: Security Protocols (2) Professor Henry Carter Fall 2017 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message Integrity 8.4 End point Authentication
More informationWormhole Attack in Wireless Ad-Hoc Networks
Wormhole Attack in Wireless Ad-Hoc Networks Yahya Ghanbarzadeh, Ahmad Heidari, and Jaber Karimpour Abstract Wormhole attack is a severe attack in wireless ad-hoc networks. To establish a wormhole attack,
More informationSecurity Issues In Mobile Ad hoc Network Routing Protocols
Abstraction Security Issues In Mobile Ad hoc Network Routing Protocols Philip Huynh phuynh@uccs.edu Mobile ad hoc network (MANET) is gaining importance with increasing number of applications. It can be
More informationCSC 774 Advanced Network Security
CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security Dr. Peng Ning CSC 774 Adv. Net. Security 1 Wireless Sensor Networks 1. Network protocol (e.g., routing) 2. Data management (e.g.,
More informationSecure Routing for Mobile Ad-hoc Networks
Department of Computer Science IIT Kanpur CS625: Advanced Computer Networks Outline 1 2 3 4 Outline 1 2 3 4 Need Often setting up an infrastructure is infeasible Disaster relief Community networks (OLPC)
More informationKapitel 5: Mobile Ad Hoc Networks. Characteristics. Applications of Ad Hoc Networks. Wireless Communication. Wireless communication networks types
Kapitel 5: Mobile Ad Hoc Networks Mobilkommunikation 2 WS 08/09 Wireless Communication Wireless communication networks types Infrastructure-based networks Infrastructureless networks Ad hoc networks Prof.
More informationCHAPTER 4 IMPACT OF ROUTING ATTACKS IN LOCATION BASED ROUTING PROTOCOL
63 CHAPTER 4 IMPACT OF ROUTING ATTACKS IN LOCATION BASED ROUTING PROTOCOL 4.1 INTRODUCTION This chapter explains the impact of the blackhole, rushing, sybil and wormhole active attacks, in the route discovery
More informationSecurity in Mobile Ad-hoc Networks. Wormhole Attacks
Security in Mobile Ad-hoc Networks Wormhole Attacks What are MANETs Mobile Ad-hoc Network (MANET) is a collection of wireless mobile hosts without fixed network infrastructure and centralized administration.
More informationBYZANTINE ATTACK ON WIRELESS MESH NETWORKS: A SURVEY
BYZANTINE ATTACK ON WIRELESS MESH NETWORKS: A SURVEY Sunil Goyal1 M.Tech Student, Deptt. of CSE GKU TalwandiSabo,India Vinod sharma2 Assistant Professor, Deptt. of CSE GKU TalwandiSabo,India Abstract-The
More informationWireless Network Security Spring 2011
Wireless Network Security 14-814 Spring 2011 Patrick Tague Jan 20, 2011 Class #4 Broadcast information security Agenda Broadcast information security Broadcast authentication and encryption Key management
More informationKey establishment in sensor networks
Security and Cooperation in Wireless Networks http://secowinet.epfl.ch/ key types; establishment of link keys using a shortterm master key; random key predistribution: - the basic scheme, and - some improvements;
More informationCisco Live /11/2016
1 Cisco Live 2016 2 3 4 Connection Hijacking - prevents the authentication happening and then an attacker jumping in during the keyexchange messaging 5 6 7 8 9 Main Mode - (spoofing attack) DH performed
More informationWireless Network Security Spring 2013
Wireless Network Security 14-814 Spring 2013 Patrick Tague Class #11 Control-Plane Routing Misbehavior Agenda Control-Plane Routing Misbehavior MANET Routing Misbehavior at the control-plane Toward secure
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationSleep/Wake Aware Local Monitoring (SLAM)
Sleep/Wake Aware Local Monitoring (SLAM) Issa Khalil, Saurabh Bagchi, Ness Shroff Dependable Computing Systems Lab (DCSL) & Center for Wireless Systems and Applications (CWSA) School of Electrical and
More informationHacking MANET. Building and Breaking Wireless Peering Networks. Riley Caezar Eller
Hacking MANET Building and Breaking Wireless Peering Networks Riley Caezar Eller Why or Why Not MANET? Ideals Allows seamless roaming Works when infrastructure breaks Routing does not require administration
More informationMitigating Routing Misbehavior in Mobile Ad-Hoc Networks
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Monty Barber 21 April 2003 CSC774 Network Security Overview Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
More informationAnalysis of Multiple Trees on Path Discovery for Beacon-Based Routing Protocols
Analysis of Multiple Trees on Path Discovery for Beacon-Based Routing Protocols Baruch Awerbuch, David Holmer and Herbert Rubens Johns Hopkins University Department of Computer Science Baltimore, MD, USA
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationPRIVACY AND TRUST-AWARE FRAMEWORK FOR SECURE ROUTING IN WIRELESS MESH NETWORKS
PRIVACY AND TRUST-AWARE FRAMEWORK FOR SECURE ROUTING IN WIRELESS MESH NETWORKS 1 PRASHANTH JAYAKUMAR, 2 P.S.KHANAGOUDAR, 3 VINAY KAVERI 1,3 Department of CSE, GIT, Belgaum, 2 Assistant Professor, Dept.
More informationSECURE ROUTING PROTOCOLS IN AD HOC NETWORKS
SECURE ROUTING PROTOCOLS IN AD HOC NETWORKS INTRODUCTION 1. With the advancement in radio technologies like Bluetooth, IEEE 802.11or Hiperlan, a new concept of networking has emerged, known as ad hoc networks,
More informationPart I. Wireless Communication
1 Part I. Wireless Communication 1.5 Topologies of cellular and ad-hoc networks 2 Introduction Cellular telephony has forever changed the way people communicate with one another. Cellular networks enable
More informationAd Hoc Networks: Introduction
Ad Hoc Networks: Introduction Module A.int.1 Dr.M.Y.Wu@CSE Shanghai Jiaotong University Shanghai, China Dr.W.Shu@ECE University of New Mexico Albuquerque, NM, USA 1 Ad Hoc networks: introduction A.int.1-2
More informationCisco Catalyst 6500 Series Wireless LAN Services Module: Detailed Design and Implementation Guide
Cisco Catalyst 6500 Series Wireless LAN Services Module: Detailed Design and Implementation Guide Introduction This is the first of a series of documents on the design and implementation of a wireless
More informationWireless Network Security Spring 2015
Wireless Network Security Spring 2015 Patrick Tague Class #7 More WiFi Security 2015 Patrick Tague 1 Class #7 Continuation of WiFi security 2015 Patrick Tague 2 Device Private WiFi Networks AP Local AAA
More informationCS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis
CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE
More informationINFRINGEMENT PRECLUSION SYSTEM VIA SADEC: STEALTHY ATTACK DETECTION AND COUNTERMEASURE
INFRINGEMENT PRECLUSION SYSTEM VIA SADEC: STEALTHY ATTACK DETECTION AND COUNTERMEASURE Prof. Anil Kadam, Ms. Supriya Ghadage, Ms. Naina Verma, Ms. Nikita Sarvade And Swati chouhan ABSTRACT Department of
More informationCisco CCNA (ICND1, ICND2) Bootcamp
Cisco CCNA (ICND1, ICND2) Bootcamp Course Duration: 5 Days Course Overview This five-day course covers the essential topics of ICND1 and ICND2 in an intensive Bootcamp format. It teaches students the skills
More informationWireless Sensor Networks: Security Issues, Challenges and Solutions
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 4, Number 8 (2014), pp. 859-868 International Research Publications House http://www. irphouse.com Wireless Sensor Networks:
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,
More informationAn Efficient Scheme for Detecting Malicious Nodes in Mobile ad Hoc Networks
An Efficient Scheme for Detecting Malicious Nodes in Mobile ad Hoc Networks December 1. 2006 Jong Oh Choi Department of Computer Science Yonsei University jochoi@emerald.yonsei.ac.kr Contents Motivation
More informationIPSec. Slides by Vitaly Shmatikov UT Austin. slide 1
IPSec Slides by Vitaly Shmatikov UT Austin slide 1 TCP/IP Example slide 2 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service
More informationInternational Journal of Advance Engineering and Research Development
Scientific Journal of Impact Factor (SJIF): 3.134 ISSN (Online): 2348-4470 ISSN (Print) : 2348-6406 International Journal of Advance Engineering and Research Development Volume 1, Issue 11, November -2014
More informationCSC 774 Advanced Network Security
Computer Science CSC 774 Advanced Network Security Topic 4.3 Mitigating DoS Attacks against Broadcast Authentication in Wireless Sensor Networks 1 Wireless Sensor Networks (WSN) A WSN consists of a potentially
More informationINNOVATIVE SCIENCE AND TECHNOLOGY PUBLICATIONS. Manuscript Title A PACKET DROPPING ATTACK DETECTION FOR WIRELESS AD HOC NETWORK USING KEY MANAGEMENT
INNOVATIVE SCIENCE AND TECHNOLOGY PUBLICATIONS Manuscript Title A PACKET DROPPING ATTACK DETECTION FOR WIRELESS AD HOC NETWORK USING KEY MANAGEMENT 1 P.S.Kirthana, 2 Yasotha B.E.,M.Tech., P.G Scholar,
More informationSecure routing in ad hoc and sensor networks
Security and Cooperation in Wireless Networks Secure routing in ad hoc and sensor networks routing in ad hoc networks; attacks on routing; countermeasures and secured routing protocols; routing security
More informationSecure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks
Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks University of Cambridge Computer Laboratory 22nd IFIP TC-11 International Information Security Conference Sandton,
More informationWireless Network Security Spring 2016
Wireless Network Security Spring 2016 Patrick Tague Class #12 Routing Security; Forwarding Security 2016 Patrick Tague 1 SoW Presentation SoW Thursday in class I'll post a template Each team gets ~5 minutes
More informationOnboardICNg: a Secure Protocol for On-boarding IoT Devices in ICN
OnboardICNg: a Secure Protocol for On-boarding IoT Devices in ICN Alberto Compagno 1,3, Mauro Conti 2 and Ralph Droms 3 1 Sapienza University of Rome 2 University of Padua 3 Cisco Systems 3rd ACM Conference
More informationCERIAS Tech Report
CERIAS Tech Report 27-4 BSMR: BYZANTINE-RESILIENT SECURE MULTICAST IN MULTI-HOP WIRELESS NETWORKS by Reza Curtmola and Cristina Nita-Rotaru Center for Education and Research in Information Assurance and
More informationA SURVEY OF VARIOUS ROUTING PROBLEMS TO VARIOUS ATTACKS IN MOBILE AD HOC NETWORKS IN THE TRANSACTIONS
A SURVEY OF VARIOUS ROUTING PROBLEMS TO VARIOUS ATTACKS IN MOBILE AD HOC NETWORKS IN THE TRANSACTIONS M Jansirani Research scholar Research Department of Computer Science Government Arts College (Autonomous),
More informationSurvey of Cyber Moving Targets. Presented By Sharani Sankaran
Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber moving target technique refers to any technique that attempts to defend a system and increase the complexity of
More informationGETTING THE MOST OUT OF EVIL TWIN
GETTING THE MOST OUT OF EVIL TWIN B-SIDES ATHENS 2016 GEORGE CHATZISOFRONIOU (@_sophron) sophron@census-labs.com www.census-labs.com > WHOAMI Security Engineer at CENSUS S.A. Cryptography, Wi-Fi hacking,
More informationWireless Network Security Spring 2015
Wireless Network Security Spring 2015 Patrick Tague Class #10 Network Layer Threats; Identity Mgmt. 2015 Patrick Tague 1 Class #10 Summary of wireless network layer threats Specific threats related to
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 4.1: Network Security Basics Endadul Hoque Slide Acknowledgment Contents are based on slides from Cristina Nita-Rotaru (Northeastern) 2 Network Security INTRODUCTION 3 What
More informationStudent ID: CS457: Computer Networking Date: 5/8/2007 Name:
CS457: Computer Networking Date: 5/8/2007 Name: Instructions: 1. Be sure that you have 10 questions 2. Write your Student ID (email) at the top of every page 3. Be sure to complete the honor statement
More informationTrust-Propagation Based Authentication Protocol in Multihop Wireless Home Networks
Trust-Propagation Based Authentication Protocol in Multihop Wireless Home Networks Han Sang Kim, Jin Wook Lee*, Sandeep K. S. Gupta and Yann-Hang Lee Department of Computer Science and Engineering Arizona
More informationSecurity Issues In Mobile IP
Security Issues In Mobile IP Zhang Chao Tsinghua University Electronic Engineering 1 OUTLINE 1.Introduction 2.Typical threats 3. Mobile IPv6 and new threats 4.Open issues 2 OUTLINE 1.Introduction 2.Typical
More informationINTERNET PROTOCOL SECURITY (IPSEC) GUIDE.
INTERNET PROTOCOL SECURITY (IPSEC) GUIDE www.insidesecure.com INTRODUCING IPSEC NETWORK LAYER PACKET SECURITY With the explosive growth of the Internet, more and more enterprises are looking towards building
More informationDetection and Avoidance of Routing Attack in Mobile Ad-hoc Network using Intelligent Node
Detection and Avoidance of Routing Attack in Mobile Ad-hoc Network using Intelligent Node Abhiskek Ranjan, Venu Madhav Kuthadi, Rajalakshmi Selvaraj, and Tshilidzi Marwala Abstract the routing attacks
More informationCryptography and Network Security Chapter 16. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Chapter 16 IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death,
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationTinySec: A Link Layer Security Architecture for Wireless Sensor Networks. Presented by Paul Ruggieri
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry,, David Wagner Presented by Paul Ruggieri 1 Introduction What is TinySec? Link-layer security architecture
More informationChapter 24 Wireless Network Security
Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically
More informationWireless Network Security Spring 2016
Wireless Network Security Spring 2016 Patrick Tague Class #7 WiFi Security 1 Announcements Please do HW#2 in using the stable OMNET++ 4.6, not the beta version. Porting has proven difficult... Form project
More informationConfiguring VLANs CHAPTER
CHAPTER 13 This chapter describes how to configure your access point/bridge to operate with the VLANs set up on your wired LAN. These sections describe how to configure your access point/bridge to support
More informationFrequently Asked Questions WPA2 Vulnerability (KRACK)
Frequently Asked Questions WPA2 Vulnerability (KRACK) Release Date: October 20, 2017 Document version: 1.0 What is the issue? A research paper disclosed serious vulnerabilities in the WPA and WPA2 key
More informationNetwork Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2011
Network Security: Broadcast and Multicast Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2011 Outline 1. Broadcast and multicast 2. Receiver access control (i.e. data confidentiality)
More informationVirtual Private Networks
EN-2000 Reference Manual Document 8 Virtual Private Networks O ne of the principal features of routers is their support of virtual private networks (VPNs). This document discusses transmission security,
More informationJunos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services
Junos Security Chapter 8: IPsec VPNs 2012 Juniper Networks, Inc. All rights reserved. www.juniper.net Worldwide Education Services Chapter Objectives After successfully completing this chapter, you will
More informationSensor-to-cloud connectivity using Sub-1 GHz and
Sensor-to-cloud connectivity using Sub-1 GHz and 802.15.4 Nick Lethaby, IoT, Ecosystem Manager, Texas Instruments Agenda Key design considerations for a connected IoT sensor Overview of the Sub-1 GHz band
More informationhash chains to provide efficient secure solutions for DSDV [7].
A Ferry-based Intrusion Detection Scheme for Sparsely Connected Ad Hoc Networks M. Chuah, P.Yang, J. Han {chuah, pey24, jih26}@cse.lehigh.edu Department of Computer Science & Engineering Lehigh University
More informationSecuring Internet of things Infrastructure Standard and Techniques
Securing Internet of things Infrastructure Standard and Techniques Paper Author : Zubair A. Baig Name: Farooq Abdullah M.Sc Programming and Networks University of Oslo. Security internet of Things Standards
More informationDetecting Malicious Nodes For Secure Routing in MANETS Using Reputation Based Mechanism Santhosh Krishna B.V, Mrs.Vallikannu A.L
International Journal of Scientific & Engineering Research, Volume 1, Issue 3, December-2010 1 Detecting Malicious Nodes For Secure Routing in MANETS Using Reputation Based Mechanism Santhosh Krishna B.V,
More informationWhat's the buzz about HORNET?
1 What's the buzz about HORNET? 2 You've probably all seen the news "Internet-scale anonymity" "Without sacrificing security, the network supports data transfer speeds of up to 93GBps" "can be scaled at
More informationWPA Passive Dictionary Attack Overview
WPA Passive Dictionary Attack Overview TakehiroTakahashi This short paper presents an attack against the Pre-Shared Key version of the WPA encryption platform and argues the need for replacement. What
More informationPresented by: Mariam Ahmed Moustafa Faculty of Engineering, Alexandria University, Egypt. 24 March 2016 RIPE NCC / MENOG 16
Presented by: Mariam Ahmed Moustafa elansary.mam@gmail.com Faculty of Engineering, Alexandria University, Egypt 24 March 2016 RIPE NCC / MENOG 16 } Is a talented Researcher, Teaching Assistant, Co-Founder
More informationConfiguring the Client Adapter through Windows CE.NET
APPENDIX E Configuring the Client Adapter through Windows CE.NET This appendix explains how to configure and use the client adapter with Windows CE.NET. The following topics are covered in this appendix:
More informationClosed book. Closed notes. No electronic device.
414-S17 (Shankar) Exam 3 PRACTICE PROBLEMS Page 1/6 Closed book. Closed notes. No electronic device. 1. Anonymity Sender k-anonymity Receiver k-anonymity Authoritative nameserver Autonomous system BGP
More informationConfiguring Management Frame Protection
Information About Management Frame Protection, page 1 Restrictions for Management Frame Protection, page 3 (GUI), page 3 Viewing the Management Frame Protection Settings (GUI), page 3 (CLI), page 4 Viewing
More informationKun Sun, Peng Ning Cliff Wang An Liu, Yuzheng Zhou
Kun Sun, Peng Ning Cliff Wang An Liu, Yuzheng Zhou Abstract Accurate and synchronized time is crucial in many sensor network applications Time synchronization becomes an attractive target due to its importance
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationLecture 13: Routing in multihop wireless networks. Mythili Vutukuru CS 653 Spring 2014 March 3, Monday
Lecture 13: Routing in multihop wireless networks Mythili Vutukuru CS 653 Spring 2014 March 3, Monday Routing in multihop networks Figure out a path from source to destination. Basic techniques of routing
More informationLecture 7 - Applied Cryptography
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Lecture 7 - Applied Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger
More informationActive source routing for ad-hoc network: seamless integration of wireless environment
Active source routing for ad-hoc network: seamless integration of wireless environment 1. Introduction Active networking is the emerging technology that will provide new network environment where lots
More informationThis presentation covers Gen Z s Security capabilities.
This presentation covers Gen Z s Security capabilities. 1 2 Gen Z architecture assumes every component is an attack vector. This is critical to appreciate, as time and again cyber attacks have exploited
More informationLECTURE 9. Ad hoc Networks and Routing
1 LECTURE 9 Ad hoc Networks and Routing Ad hoc Networks 2 Ad Hoc Networks consist of peer to peer communicating nodes (possibly mobile) no infrastructure. Topology of the network changes dynamically links
More informationVPN Overview. VPN Types
VPN Types A virtual private network (VPN) connection establishes a secure tunnel between endpoints over a public network such as the Internet. This chapter applies to Site-to-site VPNs on Firepower Threat
More informationOverview. Overview. OTV Fundamentals. OTV Terms. This chapter provides an overview for Overlay Transport Virtualization (OTV) on Cisco NX-OS devices.
This chapter provides an overview for Overlay Transport Virtualization (OTV) on Cisco NX-OS devices., page 1 Sample Topologies, page 6 OTV is a MAC-in-IP method that extends Layer 2 connectivity across
More informationCS526: Information security
Cristina Nita-Rotaru CS526: Information security Anonymity systems. Based on slides by Chi Bun Chan 1: Terminology. Anonymity Anonymity (``without name ) means that a person is not identifiable within
More informationChapter 3 Part 2 Switching and Bridging. Networking CS 3470, Section 1
Chapter 3 Part 2 Switching and Bridging Networking CS 3470, Section 1 Refresher We can use switching technologies to interconnect links to form a large network What is a hub? What is a switch? What is
More informationGRE and DM VPNs. Understanding the GRE Modes Page CHAPTER
CHAPTER 23 You can configure Generic Routing Encapsulation (GRE) and Dynamic Multipoint (DM) VPNs that include GRE mode configurations. You can configure IPsec GRE VPNs for hub-and-spoke, point-to-point,
More informationEfficient Secured Model For Communication In Dynamic Multicast Groups
IOSR Journal of Engineering (IOSRJEN) ISSN (e): 2250-3021, ISSN (p): 2278-8719 Vol. 05, Issue 06 (June. 2015), V1 PP 55-59 www.iosrjen.org Efficient Secured Model For Communication In Dynamic Multicast
More informationVirtual Private Network
VPN and IPsec Virtual Private Network Creates a secure tunnel over a public network Client to firewall Router to router Firewall to firewall Uses the Internet as the public backbone to access a secure
More informationVLANs and Association Redirection. Jon Ellch
802.11 VLANs and Association Redirection Jon Ellch Contents 1 Foreword 2 2 Background 3 3 Introduction 4 3.1 The state of the art......................................... 4 4 PVLANs and virtual BSSIDs
More informationvcloud Director Tenant Portal Guide vcloud Director 8.20
vcloud Director Tenant Portal Guide vcloud Director 8.20 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation,
More informationWireless Network Security Spring 2011
Wireless Network Security 14-814 Spring 2011 Patrick Tague Feb 17, 2011 Class #12 Network layer security Announcements No more scheduled office hours after today Email or call me to make an appointment
More informationNetwork Administrator s Guide
Overview Network Administrator s Guide Beam is a comprehensive Smart Presence system that couples high-end video, high-end audio, and the freedom of mobility for a crisp and immersive, video experience
More informationDetection of Wormhole Attacks in Wireless Sensor Networks
Detection of Wormhole Attacks in Wireless Sensor Networks Ms Shweta Dalke RGPV: Electronics & Communication,Truba College of Engineering & Technology,Indore,INDIA Ms Pallavi Pahadiya RGPV: Electronics
More informationNetwork Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2010
Network Security: Broadcast and Multicast Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Broadcast and multicast 2. Receiver access control (i.e. data confidentiality)
More information