Towards security and privacy for emerging wireless networks
Pham, Thi Ngoc Diep
Date of Issue2016-12-27
School of Computer Science and Engineering
Novel network paradigms such as delay tolerant network (DTN), vehicular ad hoc network (VANET) have recently emerged to accommodate new wireless network application scenarios. DTN, designed to support networks characterized by intermittent connectivity and long delay, has been widely embraced for ad hoc applications in extreme environments such as battlefield, disaster area, rural area, etc. VANET allows vehicles travelling on the roads to exchange data that can improve traffic safety and convenience. Despite the advances in operational standardizations of DTN and VANET, security and privacy remain as major problems to their deployments in practice. This motivates the author to study and resolve the unaddressed security and privacy issues in DTN and VANET in this dissertation. First, the author proposes SNDW to detect and localize wormhole attack in DTN. Existing works rely on high connectivity or end-to-end path information which are not available in DTN. In SNDW, infrastructure nodes are deployed to monitor the number of neighbors in the areas assigned to them. Since the attacker forwards beacons from one location to another, the number of neighbors around the wormhole endpoint increases. An infrastructure node within the wormhole's transmission range can detect a significant increase of neighbor counts, despite the low density and connectivity in DTN. Upon detection, it can alert the neighborhood about the attack and further pinpoint the wormhole locations. Second, the author proposes SDBG to detect collusion blackhole and greyhole attacks in DTN. Existing works could handle the attacks launched by individuals but fail to detect adversaries that cooperate to cheat the defense system. In SDBG, encounter record (ER) is created by a node to record the list of messages it sends and receives in an encounter with another node. Upon encounter, nodes exchange their recent ERs so that they can evaluate one another's behavior. Forwarding ratio metrics are defined to capture the attacker's features such as receiving messages more than forwarding and forwarding messages mostly generated by themselves. A node calculates the forwarding ratio metrics of the peer from its ERs to detect the individual attacker. However, adversaries might avoid being detected by colluding with one another to forge ERs that promote their forwarding ratio metrics. Observing that fake ERs are created with higher frequency and higher numbers of sent messages than normal ERs, the author designs a robust algorithm that filters fake ERs and detects colluding attackers. Third, the author proposes FDER to detect flooding attack in DTN without imposing strict rate-limit policy like previous works. Instead, burst-limit policy, which allows nodes to generate burst traffic in a short period, is introduced to accommodate the nodes' on-demand transmissions. Each node also uses ERs to infer a peer's new message transmission rate over time and the number of forwarded replicas per message, thereby detecting if the peer exceeds the thresholds of messages or replicas. Burst-limit policy provides flexibility to nodes with high-demand traffic but may affect the delivery performance of other nodes with lower-demand traffic. To ensure the performance fairness, the author designs a forwarding policy, in which nodes sending out new messages at high rate will have lower forwarding priority in the network. Finally, the author attempts to address the trade-off between trust management and privacy in VANET. Existing works only focus on trust or privacy separately or have not provided a satisfactory solution to both issues. The author proposes a secure and flexible framework, including two components, ALRS and ATMS, to enable vehicles to manage privacy and trust respectively. ALRS supports vehicles to recognize either identities or trust levels of other vehicles despite them updating the pseudonyms to protect their privacy. The linkability information is kept confidential from external attackers and unauthorized internal nodes using encryption and private set intersection technique. Besides, the linkability can be revoked easily to prevent nodes from being traced by other internal nodes. ATMS is a context-aware trust management scheme for nodes to make more informative evaluation of the received data, using the entity trust enabled by ALRS.