Network Economics and Security Engineering

Similar documents
Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks

Recommendation/Reputation. Ennan Zhai

Sybil defenses via social networks

Using VCG based Designing and Electing Secure Leader Model for Intrusion Detection System in Manet

On Network formation, (Sybil attacks and Reputation systems)

Effective Cluster Based Certificate Revocation with Vindication Capability in MANETS Project Report

Clustering Based Certificate Revocation Scheme for Malicious Nodes in MANET

Sleep/Wake Aware Local Monitoring (SLAM)

IEEE 2013 JAVA PROJECTS Contact No: KNOWLEDGE AND DATA ENGINEERING

Cluster based certificate revocation For mobile ad hoc networks

Supplementary file for SybilDefender: A Defense Mechanism for Sybil Attacks in Large Social Networks

An overview of Trust, Naming and Addressing and Establishment of security associations

SybilGuard: Defending Against Sybil Attacks via Social Networks

ShadowWalker: Peer-to-peer Anonymous Communication Using Redundant Structured Topologies

Synchronization and Dissemination in Self-Organizing Communication Networks

Random Simplicial Complexes

Code Verification Work of Sybil Attack in Wireless Sensor Network

Defense of Trust Management Vulnerabilities in Distributed Networks

DISTRIBUTED systems are vulnerable to sybil attacks [1],

Securing MANETs using Cluster-based Certificate Revocation Method: An Overview

The Pennsylvania State University The Graduate School PARTIAL-REVOCATION BASED TRUST MANAGEMENT IN AD HOC NETWORKS

SybilGuard: Defending Against Sybil Attacks via Social Networks

Evaluating the Wisdom of Crowds in Assessing Phishing Sites

Are we breached? Deloitte's Cyber Threat Hunting

Entropy-Based Recommendation Trust Model for Machine to Machine Communications

Wireless Network Security : Spring Arjun Athreya March 3, 2011 Survey: Trust Evaluation

Herbivore: An Anonymous Information Sharing System

CS224W: Analysis of Networks Jure Leskovec, Stanford University

Fault-Aware Flow Control and Multi-path Routing in Wireless Sensor Networks

NETWORKING. 8. ITDNW08 Congestion Control for Web Real-Time Communication

Pisces: Anonymous Communication Using Social Networks

A Composite Trust based Public Key Management in MANETs

AN ad-hoc network is a group of nodes without requiring

ZoneTrust: Fast Zone-Based Node Compromise Detection and Revocation in Wireless Sensor Networks Using Sequential Hypothesis Testing

Sybil-Resilient Online Content Rating

Introduction and Statement of the Problem

INTRUSION DETECTION SYSTEM RESILIENCY TO BYZANTINE ATTACKS: THE CASE STUDY OF WORMHOLES IN OLSR

Topology Enhancement in Wireless Multihop Networks: A Top-down Approach

Efficient Detection and Elimination of Vampire Attacks in Wireless Ad-Hoc Sensor Networks

CLUSTER-BASED CERTIFICATE REVOCATION IN MOBILE AD-HOC NETWORK USING FUZZY LOGIC Dipti S Sawant 1, Prof. E. Jayanthi 2 1,2

This article appeared in a journal published by Elsevier. The attached copy is furnished to the author for internal non-commercial research and

Wireless Network Security Spring 2014

Featuring Trust and Reputation Management Systems for Constrained Hardware Devices*

A Comparative Evaluation of Intrusion Detection Architectures for Mobile Ad Hoc Networks

On Pairwise Connectivity of Wireless Multihop Networks

Peer-to-peer systems and overlay networks

Saarland University Faculty of Natural Sciences and Technology I Department of Computer Science. Masters Thesis

Peer-to-Peer Systems and Security

Eclipse Attacks on Overlay Networks: Threats and Defenses

Simulation of Workflow and Threat Characteristics for Cyber Security Incident Response Teams

Secure Algorithms and Data Structures for Massive Networks

Exploiting Users' Inconsistent Preferences in Online Social Networks to Discover Private Friendship Links

Overview. Background: Sybil Attack. Background: Defending Against Sybil Attack. Social Networks. Multiplayer Games. Class Feedback Discussion

Keywords: Detection, Disruption Tolerant Networks, Mitigation, Routing Misbehavior, Security.

Evolutionary design of attack strategies

CCRVC- Cluster Based Certificate Revocation with Vindication Capability for Mobile ADHOC Networks

An Analysis of Dynamic Delay Tolerant Network Strategies for Preventing Selfish Behavior Network

c 2010 Prateek Mittal

Secure Routing and Transmission Protocols for Ad Hoc Networks

Mitigating Routing Misbehavior in Mobile Ad Hoc Networks

Cooperative Computing for Autonomous Data Centers

arxiv: v1 [cs.cr] 30 May 2014

A Study on Certificate Revocation in Mobile Ad Hoc Networks

Distributed Agent-Based Intrusion Detection for the Smart Grid

CISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security. A Brief Overview of Security & Privacy Issues

Security for Structured Peer-to-peer Overlay Networks. Acknowledgement. Outline. By Miguel Castro et al. OSDI 02 Presented by Shiping Chen in IT818

Reputation Based Trust Management for Wireless Sensor Networks and Its Application to Secure Routing

Technical Report. Cooperative attack and defense in distributed networks. Tyler Moore. Number 718. June Computer Laboratory

Detecting Denial of Service Attacks in Tor

A Survey of Attack and Defense Techniques for Reputation Systems

Secure Routing in Peer-to-Peer Distributed Hash Tables

Truth, Lies, and Random Bits

Byzantine Attack and Defense in Cognitive. Radio Networks: A Survey

Threats & Vulnerabilities in Online Social Networks

Introduction to Traffic Analysis. George Danezis University of Cambridge, Computer Laboratory

CSE 258 Lecture 6. Web Mining and Recommender Systems. Community Detection

Future and Emerging Threats in ICT

Robust Decentralized Authentication for Public Keys and Geographic Location

Algorand: Scaling Byzantine Agreements for Cryptocurrencies

DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM

A Survey of BGP Security Review

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

GNUnet Distributed Data Storage

Trustworthy Distributed Computing on Social Networks

CSE 158 Lecture 6. Web Mining and Recommender Systems. Community Detection

ABSTRACT. Communication is usually done through means of network where there is a lot of intrusion

Facebook Immune System 人人安全中心姚海阔

DETECTION OF PACKET FORWARDING MISBEHAVIOR IN WIRELESS NETWORK

Certificate Revocation in Mobile Ad Hoc Networks

Peer-to-Peer Systems. Network Science: Introduction. P2P History: P2P History: 1999 today

Secure Multi-Party Computation Without Agreement

Wireless Network Security Spring 2013

Using Game Theory To Solve Network Security. A brief survey by Willie Cohen

A Mechanism for Detection of Cooperative Black Hole Attack in Mobile Ad Hoc Networks

Summary of Cyber Security Issues in the Electric Power Sector

Void main Technologies

Sl.No Project Title Year

Big Data Analytics for Host Misbehavior Detection

Introduction to Peer-to-Peer Systems

CANA Security Architecture

Transcription:

(joint with Ross Anderson and Shishir Nagaraja) Computer Laboratory University of Cambridge DIMACS January 18, 2007

Outline Relevant network properties 1 Relevant network properties 2 3

Motivation Relevant network properties Many computing applications are network-based World-wide web Internet backbone Peer-to-peer networks Wireless sensor networks Social networks Network externalities matter: the decisions of others impact a user s best response Interactions on these networks can be modeled as repeated games with evolving strategies Network properties influence dominant strategy outcomes

How do we represent a network?

Relevant network properties Network topology Network dynamics Adversarial model Different attacker goals Different attacker capabilities

Network topology Fully-connected graph Lattice Random graph (Erdős-Rényi) Geometric random graph Scale-free degree distribution Small-world topology

Network dynamics Node mobility Lessens likelihood of repeated interaction Allows malicious nodes to maximize attack Churn Lessens likelihood of repeated interaction Makes punishment by exclusion difficult Makes Sybil attacks likely Intermittent connectivity Makes fair resource contribution difficult to establish Each of the above dynamics creates an informational asymmetry

Attacker goals Network partition Good strategy for a communications network, maybe not for a file-sharing network with built-in redundancy Disrupt operations of normal protocols (e.g., message routing) Avoid detection and punishment Maximize eavesdropping capability

Attacker capabilities Global knowledge Powerful adversary can identify central nodes Local knowledge Random walk to infer network topology

Topology of covert conflict Scale-free network No application-level network dynamics (mobility, churn, etc.) Attacker goal: network partition Defender goal: maximize connectivity Attacker has global knowledge of network topology, defender has local knowledge Goal: study interaction between dynamic attack and defense strategy

Attack and defense mechanisms Attack mechanisms Remove nodes with high degree Remove nodes with high betweenness centrality Defense mechanisms Naive replenishment Localized rings Localized cliques

Attack under naive replenishment

Attack and ring/clique defenses

We would like to apply a similar repeated game simulation framework to other network applications Vary attacker models and goals Vary network topology and dynamics to study effect on security mechanisms Test viability of security mechanisms by varying strategies Promising applications Communications surveillance by a limited adversary(danezis and Wittneben, WEIS 2006) Punishment mechanisms in decentralized computer networks

Punishment mechanisms in decentralized computer networks When devices misbehave, often there is no central authority available to identify and punish malicious behavior Solution: collective-decision mechanism Reputation system Blackballing with threshold voting Attacker goals Avoid punishment while misbehaving Abuse strategy to disconnect the network We have explored this space, and have proposed alternative mechanisms

Alternative mechanisms for addressing misbehavior Blackballing Nodes cast accusatory votes upon observing misbehavior; once enough votes are cast against a node, it is removed Reelection Devices cast positive votes affirming their friends; strangers only interact when they can demonstrate having a sufficient number of friends Suicide Nodes unilaterally decide when to remove a malicious node, but must sacrifice itself to demonstrate its sincerity

Open questions in the strategy space For blackballing and reelection, nodes can individually set thresholds according to their risk attitude Network topology and dynamics determine which strategy works best Scale-free degree distribution makes high-degree nodes immune to thresholds and low-degree nodes susceptible Likewise, suicide can be used to target high-value nodes Which strategy, if any, will dominate?

Potential game frameworks Hiding attacker Initially, half of nodes are assigned to each strategy Small fraction of nodes set as malicious (attacker goal: avoid punishment) Each round: 1 Attack (some nodes misbehave) 2 Defend (implement strategy) 3 Adapt strategy if node identifies an unpunished neighbor Active attacker Initially, half of nodes are assigned to each strategy Small fraction of nodes set as malicious (attacker goal: remove as many honest nodes as possible) Each round: 1 Attack (malicious nodes falsely accuse honest nodes) 2 Defend (honest nodes try to punish attackers) 3 Probabilistically change strategy if node identifies unpunished neighbors

Relevant network properties The structure and dynamics of networks can vary greatly It is not well understood how differences in network composition impact secure operation Simulations using a repeated game framework looks promising Much more work to be done!

More... Relevant network properties http://www.cl.cam.ac.uk/~twm29/

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback