Towards security and privacy for emerging wireless networks

Novel network paradigms such as delay tolerant network (DTN), vehicular ad hoc network (VANET) have recently emerged to accommodate new wireless network application scenarios. DTN, designed to support networks characterized by intermittent connectivity and long delay, has been widely embraced for ad...

Full description

Saved in:
Bibliographic Details
Main Author: Pham, Thi Ngoc Diep
Other Authors: Yeo Chai Kiat
Format: Theses and Dissertations
Language:English
Published: 2016
Subjects:
Online Access:https://hdl.handle.net/10356/69407
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-69407
record_format dspace
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Engineering::Computer science and engineering
spellingShingle DRNTU::Engineering::Computer science and engineering
Pham, Thi Ngoc Diep
Towards security and privacy for emerging wireless networks
description Novel network paradigms such as delay tolerant network (DTN), vehicular ad hoc network (VANET) have recently emerged to accommodate new wireless network application scenarios. DTN, designed to support networks characterized by intermittent connectivity and long delay, has been widely embraced for ad hoc applications in extreme environments such as battlefield, disaster area, rural area, etc. VANET allows vehicles travelling on the roads to exchange data that can improve traffic safety and convenience. Despite the advances in operational standardizations of DTN and VANET, security and privacy remain as major problems to their deployments in practice. This motivates the author to study and resolve the unaddressed security and privacy issues in DTN and VANET in this dissertation. First, the author proposes SNDW to detect and localize wormhole attack in DTN. Existing works rely on high connectivity or end-to-end path information which are not available in DTN. In SNDW, infrastructure nodes are deployed to monitor the number of neighbors in the areas assigned to them. Since the attacker forwards beacons from one location to another, the number of neighbors around the wormhole endpoint increases. An infrastructure node within the wormhole's transmission range can detect a significant increase of neighbor counts, despite the low density and connectivity in DTN. Upon detection, it can alert the neighborhood about the attack and further pinpoint the wormhole locations. Second, the author proposes SDBG to detect collusion blackhole and greyhole attacks in DTN. Existing works could handle the attacks launched by individuals but fail to detect adversaries that cooperate to cheat the defense system. In SDBG, encounter record (ER) is created by a node to record the list of messages it sends and receives in an encounter with another node. Upon encounter, nodes exchange their recent ERs so that they can evaluate one another's behavior. Forwarding ratio metrics are defined to capture the attacker's features such as receiving messages more than forwarding and forwarding messages mostly generated by themselves. A node calculates the forwarding ratio metrics of the peer from its ERs to detect the individual attacker. However, adversaries might avoid being detected by colluding with one another to forge ERs that promote their forwarding ratio metrics. Observing that fake ERs are created with higher frequency and higher numbers of sent messages than normal ERs, the author designs a robust algorithm that filters fake ERs and detects colluding attackers. Third, the author proposes FDER to detect flooding attack in DTN without imposing strict rate-limit policy like previous works. Instead, burst-limit policy, which allows nodes to generate burst traffic in a short period, is introduced to accommodate the nodes' on-demand transmissions. Each node also uses ERs to infer a peer's new message transmission rate over time and the number of forwarded replicas per message, thereby detecting if the peer exceeds the thresholds of messages or replicas. Burst-limit policy provides flexibility to nodes with high-demand traffic but may affect the delivery performance of other nodes with lower-demand traffic. To ensure the performance fairness, the author designs a forwarding policy, in which nodes sending out new messages at high rate will have lower forwarding priority in the network. Finally, the author attempts to address the trade-off between trust management and privacy in VANET. Existing works only focus on trust or privacy separately or have not provided a satisfactory solution to both issues. The author proposes a secure and flexible framework, including two components, ALRS and ATMS, to enable vehicles to manage privacy and trust respectively. ALRS supports vehicles to recognize either identities or trust levels of other vehicles despite them updating the pseudonyms to protect their privacy. The linkability information is kept confidential from external attackers and unauthorized internal nodes using encryption and private set intersection technique. Besides, the linkability can be revoked easily to prevent nodes from being traced by other internal nodes. ATMS is a context-aware trust management scheme for nodes to make more informative evaluation of the received data, using the entity trust enabled by ALRS.
author2 Yeo Chai Kiat
author_facet Yeo Chai Kiat
Pham, Thi Ngoc Diep
format Theses and Dissertations
author Pham, Thi Ngoc Diep
author_sort Pham, Thi Ngoc Diep
title Towards security and privacy for emerging wireless networks
title_short Towards security and privacy for emerging wireless networks
title_full Towards security and privacy for emerging wireless networks
title_fullStr Towards security and privacy for emerging wireless networks
title_full_unstemmed Towards security and privacy for emerging wireless networks
title_sort towards security and privacy for emerging wireless networks
publishDate 2016
url https://hdl.handle.net/10356/69407
_version_ 1759856110551957504
spelling sg-ntu-dr.10356-694072023-03-04T00:47:36Z Towards security and privacy for emerging wireless networks Pham, Thi Ngoc Diep Yeo Chai Kiat School of Computer Science and Engineering DRNTU::Engineering::Computer science and engineering Novel network paradigms such as delay tolerant network (DTN), vehicular ad hoc network (VANET) have recently emerged to accommodate new wireless network application scenarios. DTN, designed to support networks characterized by intermittent connectivity and long delay, has been widely embraced for ad hoc applications in extreme environments such as battlefield, disaster area, rural area, etc. VANET allows vehicles travelling on the roads to exchange data that can improve traffic safety and convenience. Despite the advances in operational standardizations of DTN and VANET, security and privacy remain as major problems to their deployments in practice. This motivates the author to study and resolve the unaddressed security and privacy issues in DTN and VANET in this dissertation. First, the author proposes SNDW to detect and localize wormhole attack in DTN. Existing works rely on high connectivity or end-to-end path information which are not available in DTN. In SNDW, infrastructure nodes are deployed to monitor the number of neighbors in the areas assigned to them. Since the attacker forwards beacons from one location to another, the number of neighbors around the wormhole endpoint increases. An infrastructure node within the wormhole's transmission range can detect a significant increase of neighbor counts, despite the low density and connectivity in DTN. Upon detection, it can alert the neighborhood about the attack and further pinpoint the wormhole locations. Second, the author proposes SDBG to detect collusion blackhole and greyhole attacks in DTN. Existing works could handle the attacks launched by individuals but fail to detect adversaries that cooperate to cheat the defense system. In SDBG, encounter record (ER) is created by a node to record the list of messages it sends and receives in an encounter with another node. Upon encounter, nodes exchange their recent ERs so that they can evaluate one another's behavior. Forwarding ratio metrics are defined to capture the attacker's features such as receiving messages more than forwarding and forwarding messages mostly generated by themselves. A node calculates the forwarding ratio metrics of the peer from its ERs to detect the individual attacker. However, adversaries might avoid being detected by colluding with one another to forge ERs that promote their forwarding ratio metrics. Observing that fake ERs are created with higher frequency and higher numbers of sent messages than normal ERs, the author designs a robust algorithm that filters fake ERs and detects colluding attackers. Third, the author proposes FDER to detect flooding attack in DTN without imposing strict rate-limit policy like previous works. Instead, burst-limit policy, which allows nodes to generate burst traffic in a short period, is introduced to accommodate the nodes' on-demand transmissions. Each node also uses ERs to infer a peer's new message transmission rate over time and the number of forwarded replicas per message, thereby detecting if the peer exceeds the thresholds of messages or replicas. Burst-limit policy provides flexibility to nodes with high-demand traffic but may affect the delivery performance of other nodes with lower-demand traffic. To ensure the performance fairness, the author designs a forwarding policy, in which nodes sending out new messages at high rate will have lower forwarding priority in the network. Finally, the author attempts to address the trade-off between trust management and privacy in VANET. Existing works only focus on trust or privacy separately or have not provided a satisfactory solution to both issues. The author proposes a secure and flexible framework, including two components, ALRS and ATMS, to enable vehicles to manage privacy and trust respectively. ALRS supports vehicles to recognize either identities or trust levels of other vehicles despite them updating the pseudonyms to protect their privacy. The linkability information is kept confidential from external attackers and unauthorized internal nodes using encryption and private set intersection technique. Besides, the linkability can be revoked easily to prevent nodes from being traced by other internal nodes. ATMS is a context-aware trust management scheme for nodes to make more informative evaluation of the received data, using the entity trust enabled by ALRS. DOCTOR OF PHILOSOPHY (SCSE) 2016-12-27T04:35:59Z 2016-12-27T04:35:59Z 2016 Thesis Pham, T. N. D. (2016). Towards security and privacy for emerging wireless networks. Doctoral thesis, Nanyang Technological University, Singapore. https://hdl.handle.net/10356/69407 10.32657/10356/69407 en 195 p. application/pdf