E-Book, Englisch, Band 19, 471 Seiten
Chen / Dimitriou / Zhou Security and Privacy in Communication Networks
1. Auflage 2009
ISBN: 978-3-642-05284-2
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
5th International ICST Conference, SecureComm 2009, Athens, Greece, September 14-18, 2009, Revised Selected Papers
E-Book, Englisch, Band 19, 471 Seiten
ISBN: 978-3-642-05284-2
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
This book constitutes the thoroughly refereed post-conference proceedings of the 5th International ICST Conference, SecureComm 2009, held in September 2009 in Athens, Greece. The 19 revised full papers and 7 revised short papers were carefully reviewed and selected from 76 submissions. The papers cover various topics such as wireless network security, network intrusion detection, security and privacy for the general internet, malware and misbehavior, sensor networks, key management, credentials and authentications, as well as secure multicast and emerging technologies.
Autoren/Hrsg.
Weitere Infos & Material
1;Preface;5
2;Organization;6
3;Table of Contents;9
4;Wireless Network Security I;9
4.1;Mitigating DoS Attacks on the Paging Channel by Efficient Encoding in Page Messages;12
4.1.1;Introduction;12
4.1.2;Paging Channel Operation;14
4.1.2.1;Paging Channel Operation;14
4.1.2.2;Paging Message Format;16
4.1.2.3;Paging Operation in Other Mobile Networks;17
4.1.2.4;Paging Channel Overload Problem;17
4.1.3;Efficient Encoding in Page Records;18
4.1.3.1;Approaches;19
4.1.3.2;Bandwidth Gain;22
4.1.3.3;Implementation Requirements;22
4.1.3.4;Advantages;22
4.1.4;Evaluation;23
4.1.4.1;Evaluation Based on Partial DoS Attack on Live Cellular Network;23
4.1.4.2;Simulating a Paging System;25
4.1.5;Related Work;28
4.1.6;Conclusion;30
4.1.7;References;30
4.2;FIJI: Fighting Implicit Jamming in 802.11 WLANs;32
4.2.1;Introduction;32
4.2.2;Background and PreviousWork;34
4.2.2.1;Performance Anomaly in 802.11WLANs;34
4.2.2.2;Jamming in Wireless Networks;36
4.2.3;FIJI to Combat the Implicit Jamming Attack;37
4.2.3.1;Detecting the Implicit-Jamming Attack;38
4.2.3.2;Shaping the Traffic at the AP to Alleviate Jammers;38
4.2.4;Implementation and Evaluation;41
4.2.4.1;The Implementation of FIJI;42
4.2.4.2;Experimental Set-Up and Methodology;42
4.2.4.3;Does FIJI Deliver?;44
4.2.5;The Scope of Our Study;48
4.2.6;Conclusion;49
4.2.7;References;50
4.3;Deny-by-Default Distributed Security Policy Enforcement in Mobile Ad Hoc Networks;52
4.3.1;Introduction;52
4.3.2;Threat Model;54
4.3.3;System Architecture;54
4.3.3.1;Feasibility;57
4.3.3.2;Capability Definition;57
4.3.3.3;Security Analysis;59
4.3.4;Related Work;59
4.3.5;Conclusions and Future Work;60
4.3.6;References;61
5;Network Intrusion Detection;9
5.1;Baiting Inside Attackers Using Decoy Documents;62
5.1.1;Introduction;62
5.1.2;Related Work;64
5.1.3;Threat Model - Level of Sophistication of the Attacker;66
5.1.4;Generating and Distributing Bait;67
5.1.4.1;Decoy Properties;67
5.1.4.2;The Decoy Document Distributor (D$^{3}$) System;72
5.1.4.3;Decoy Document Design;72
5.1.5;Evaluation;74
5.1.5.1;Masquerade Detection Using Decoy Documents as Bait;74
5.1.5.2;Beacon Implementation Tests;78
5.1.6;Conclusions;79
5.1.7;References;80
5.2;MULAN: Multi-Level Adaptive Network Filter;82
5.2.1;Introduction;82
5.2.2;Related Work;84
5.2.3;DoS Attacks;85
5.2.4;Notations and Definitions;86
5.2.5;The MULAN-Filter Design;86
5.2.5.1;Anticipated Traffic Behavior Profile;87
5.2.5.2;Data Structure;87
5.2.5.3;Special Levels for Specific Protocols;88
5.2.6;The Algorithm;89
5.2.6.1;Training Mode;89
5.2.6.2;Verification Mode;90
5.2.6.3;The Algorithm Parameters;91
5.2.6.4;Modeling Non-self-similar Traffic;93
5.2.6.5;Handling Short Attacks;94
5.2.7;Optimal Implementation;94
5.2.8;Experimental Results;96
5.2.8.1;Scalability;96
5.2.8.2;Accuracy;97
5.2.8.3;Controlling the Tree Size;99
5.2.9;Discussion and Future Work;100
5.2.10;References;100
5.3;Automated Classification of Network Traffic Anomalies;102
5.3.1;Introduction;102
5.3.2;Related Work;103
5.3.3;Anomaly Classification;104
5.3.3.1;Gathering Information;105
5.3.3.2;Classification;105
5.3.4;Validation;108
5.3.4.1;Data;109
5.3.4.2;Methodology;109
5.3.4.3;Results and Discussion;109
5.3.5;Conclusions;110
5.3.6;References;110
6;Security and Privacy for the General Internet;9
6.1;Formal Analysis of FPH Contract Signing Protocol Using Colored Petri Nets;112
6.1.1;Introduction;112
6.1.2;FPH Contract Signing Protocol;113
6.1.2.1;Ideal Features of a Contract Signing Protocol;113
6.1.2.2;Description of FPH Contract Signing Protocol;114
6.1.2.3;Informal Analysis of Fairness and Non-repudiation of FPH Protocol;115
6.1.3;Description of the Model Used for the Formal Analysis of Fair Exchange Protocols;116
6.1.3.1;Colored Petri Nets;116
6.1.3.2;General Assumptions and Methodology;117
6.1.3.3;Description of the Model;117
6.1.3.4;Query Functions;120
6.1.4;Formal Analysis of FPH Contract Signing Protocol;121
6.1.4.1;Evaluation of the Vulnerability to Previously Defined Attacks;121
6.1.4.2;Fairness Analysis;126
6.1.5;Conclusions and Future Work;129
6.1.6;References;130
6.2;On the Security of Bottleneck Bandwidth Estimation Techniques;132
6.2.1;Introduction;132
6.2.2;Bottleneck Bandwidth Estimation;134
6.2.3;Bandwidth Manipulation Attacks;136
6.2.3.1;System and Attacker Model;136
6.2.3.2;Attacks on Current Techniques;137
6.2.3.3;Demonstration of Delay Attacks;139
6.2.4;Trusted Infrastructure Support for Bandwidth Measurement;140
6.2.5;“Best-Effort” Solutions for Current Bandwidth Estimation Techniques;142
6.2.5.1;Mitigating Spoofing and Rushing Attacks;142
6.2.5.2;Alleviating Delay Attacks;142
6.2.6;Discussion and Outlook;149
6.2.7;Conclusions;150
6.2.8;References;150
6.3;An Eavesdropping Game with SINR as an Objective Function;153
6.3.1;Introduction;153
6.3.2;Problem Overview;155
6.3.3;Optimization with SINR as the Objective Function;155
6.3.4;An Eavesdropping Game with Unknown Gains;158
6.3.5;Either the Eavesdropper’s Channels Gains or the Main Channels Gains Are Unknown;161
6.3.6;The Worst Case for the Main Gains Are Known;162
6.3.7;The Optimization Problem with Unknown Noise and Eavesdropper’s Channel Gains;165
6.3.8;The Game with Unknown Noise in the Main Subchannels;166
6.3.9;Conclusion;168
6.3.10;References;168
6.3.11;A Appendix;169
7;Malware and Misbehavior;9
7.1;Ensemble: Community-Based Anomaly Detection for Popular Applications;174
7.1.1;Introduction;174
7.1.2;Related Work;175
7.1.3;Methodology;177
7.1.3.1;Profile Generation;178
7.1.3.2;The Environment Diversity Challenge;179
7.1.3.3;Anomaly Detection;179
7.1.4;Implementation;181
7.1.4.1;Generating Profiles and Anomaly Detection;182
7.1.4.2;Operational Model;182
7.1.4.3;Limitations of the Prototype;183
7.1.5;Evaluation and Experiments;183
7.1.5.1;Small Scale Real Deployment;183
7.1.5.2;Experimental Infrastructure;184
7.1.5.3;Local Profiles;185
7.1.5.4;Global Profiles;187
7.1.5.5;False Positives;188
7.1.5.6;False Negatives;190
7.1.5.7;Performance Evaluation;192
7.1.6;Limitations of Ensemble;193
7.1.6.1;Over-Generalization;193
7.1.6.2;Mimicry Attacks;193
7.1.7;Conclusions;194
7.1.8;References;194
7.2;Using Failure Information Analysis to Detect Enterprise Zombies;196
7.2.1;Introduction;196
7.2.2;An Empirical Survey of Application Failure Anomalies;198
7.2.2.1;Malware Trace Analysis;199
7.2.2.2;Failure Patterns of Normal Applications;202
7.2.2.3;On the Potential of Failure Analysis to Uncover Suspicious Activities;204
7.2.3;Architecture;204
7.2.3.1;System Overview;205
7.2.3.2;Building an FIA from Wireshark;205
7.2.3.3;L7-Based Automatic Protocol Inference;206
7.2.3.4;Multipoint Deployment;206
7.2.4;Correlation and Clustering Engine;207
7.2.4.1;Detecting Suspicious Hosts;208
7.2.4.2;Detecting Failure Groups;210
7.2.5;Evaluation;211
7.2.5.1;Classification and Detection Results;212
7.2.6;Related Work;214
7.2.7;Conclusion;215
7.2.8;References;215
7.3;Dealing with Liars: Misbehavior Identification via Rényi-Ulam Games;218
7.3.1;Introduction;218
7.3.2;Related Work;219
7.3.3;Network and Adversarial Models;221
7.3.4;Misbehavior Identification;222
7.3.4.1;Motivation and Problem Mapping;222
7.3.4.2;R\'{e}nyi-Ulam Inspired Auditing Strategies;223
7.3.4.3;Misbehaving Node Identification;230
7.3.4.4;Mobility;231
7.3.5;The Audit Mechanism;231
7.3.6;Performance Evaluation;232
7.3.6.1;Simulation Setup;232
7.3.6.2;Auditing Strategy Comparison;233
7.3.6.3;Comparison with Other Schemes;234
7.3.7;Conclusion;236
7.3.8;References;236
8;Wireless Network Security II, Sensor Networks;10
8.1;Multichannel Protocols for User-Friendly and Scalable Initialization of Sensor Networks;239
8.1.1;Introduction;239
8.1.2;Problem Statement and System Model;241
8.1.2.1;System Model;241
8.1.2.2;Attacker Model;241
8.1.3;Secret Key Deployment;242
8.1.3.1;Key Transmission and Verification;242
8.1.3.2;Sensor Node State Diagram;243
8.1.3.3;Initial Security Assessment;244
8.1.4;Public Key Deployment;245
8.1.4.1;Attacks on Visible Light Channel;246
8.1.4.2;“Public Key”–Based Deployment Protocol;248
8.1.4.3;Short Security Analysis;249
8.1.5;Implementation;250
8.1.5.1;Random Number Generator;250
8.1.6;Related Work;254
8.1.7;Conclusion;256
8.1.8;References;256
8.2;Aggregated Authentication (AMAC) Using Universal Hash Functions;259
8.2.1;Introduction;259
8.2.2;Preliminaries;260
8.2.2.1;Formal Definition of Aggregation and Related Work;260
8.2.2.2;MACs Based Upon Universal Hash Functions;262
8.2.3;New Designs;264
8.2.3.1;XOR Aggregation: How to Adapt the Krawczyk’s Approaches for WSNs;265
8.2.3.2;Aggregation over ${\mathbb F}_{p}$;267
8.2.3.3;Security Analysis in the AMAC Model;269
8.2.4;Performance Comparison;270
8.2.4.1;LEACH: Low-Energy Adaptative Clustering Hierarchy;271
8.2.4.2;Different Scenarios and Evaluation Parameters;271
8.2.4.3;Simulation and Results;271
8.2.5;Conclusion;273
8.2.6;References;274
8.3;Sec-TMP: A Secure Topology Maintenance Protocol for Event Delivery Enforcement in WSN;276
8.3.1;Introduction;276
8.3.2;Related Work;278
8.3.3;System Assumptions and Notation;279
8.3.4;Threat Model;280
8.3.5;Protocol Overview;281
8.3.6;Protocol Description;282
8.3.6.1;Protocol Start-Up;282
8.3.6.2;Probing State;283
8.3.6.3;Working State;285
8.3.6.4;Sleeping State;286
8.3.7;Security Analysis;286
8.3.7.1;Sec-TMP Security Property;287
8.3.7.2;Sec-TMP Resilience to Standard TMPs Attacks;289
8.3.7.3;Sec-TMP to Thwart Node Replication Attack;290
8.3.8;Simulations and Discussion;290
8.3.8.1;Network Lifetime and Area Coverage;291
8.3.8.2;Start-Up Completion Time;292
8.3.9;Concluding Remarks;293
8.3.10;References;293
8.4;Hierarchical Self-healing Key Distribution for Heterogeneous Wireless Sensor Networks;296
8.4.1;Introduction;296
8.4.2;Related Work;297
8.4.3;Heterogeneous WSN Architecture;298
8.4.4;Model and Definition;299
8.4.5;Our Construction;301
8.4.5.1;Scheme Details;301
8.4.5.2;Efficiency;302
8.4.5.3;Security Analysis;303
8.4.6;Conclusion;305
8.4.7;References;305
9;Key Management, Credentials, Authentications;10
9.1;User–Centric Identity Using ePassports;307
9.1.1;Introduction;307
9.1.2;The ICAO ePassport;308
9.1.2.1;Logical Data Structure;308
9.1.2.2;Security Controls;309
9.1.2.3;Software for Accessing ePassports;310
9.1.3;User-Centric Identity;311
9.1.3.1;Enrolling at the Identity Provider;312
9.1.3.2;Using a Managed Card to Authenticate at the Relying Party;312
9.1.4;Combining ePassports and User-Centric Identity;313
9.1.4.1;Enrolling the ePassport at the Identity Provider;314
9.1.4.2;Using the ePassport to Authenticate at a Relying Party;314
9.1.5;Discussion of Lessons Learned;316
9.1.5.1;The Need for an Online Identity Provider;316
9.1.5.2;The Need to Trust the Identity Provider;317
9.1.5.3;Not a Global PKI for Online User Authentication;318
9.1.6;Concluding Remarks;319
9.1.7;References;320
9.2;Defending against Key Abuse Attacks in KP-ABE Enabled Broadcast Systems;322
9.2.1;Introduction;322
9.2.1.1;Our Contribution;324
9.2.1.2;Related Work;325
9.2.2;Preliminaries;326
9.2.2.1;Bilinear Maps;326
9.2.2.2;Complexity Assumptions;326
9.2.3;Definitions and Models;327
9.2.3.1;Description of AFKP-ABE;327
9.2.3.2;Security Definition;327
9.2.4;Our Construction;329
9.2.4.1;Main Idea;329
9.2.4.2;AFKP-ABE Scheme;330
9.2.4.3;Security Proof;333
9.2.4.4;Efficiency Analysis;335
9.2.5;Application Scenarios of Our Scheme;335
9.2.6;Conclusion and Future Work;335
9.2.7;References;336
9.2.8;Appendix;337
9.3;Breaking and Building of Group Inside Signature;341
9.3.1;Introduction;341
9.3.2;Preliminaries;343
9.3.2.1;Bilinear Pairing;343
9.3.3;Cryptanalysis of Certificateless GIS and BGOS Schemes;343
9.3.3.1;Cryptanalysis of Certificateless GIS Scheme [5];343
9.3.3.2;Cryptanalysis of Another Certificateless GIS Scheme [6];344
9.3.3.3;Cryptanalysis of Broadcast Group Oriented Signature [7];345
9.3.4;Cryptanalysis of Identity Based ADGS Scheme [8];347
9.3.5;New ADGS Scheme(N-ADGS);348
9.3.5.1;Security Proof for N-ADGS;349
9.3.6;Conclusion;350
9.3.7;References;350
9.4;Use of ID-Based Cryptography for the Efficient Verification of the Integrity and Authenticity of Web Resources;351
9.4.1;Introduction;351
9.4.2;Background;352
9.4.2.1;Supporting Identity Based Cryptography (IBC) on the Internet;352
9.4.2.2;Digital Signatures for Web Resources;353
9.4.3;IBC for Web Resources;353
9.4.3.1;Mediated RSA (mRSA);354
9.4.3.2;Creating an Identity Based Infrastructure for Resource Authenticity;354
9.4.4;IBC over the Existing Web Infrastructure;356
9.4.4.1;IBC over the Existing Web Protocols;356
9.4.4.2;Scenarios for IBC Deployment on the Web;358
9.4.5;Conclusions and Further Work;359
9.4.6;References;360
10;Wireless Network Security III;10
10.1;Self-organized Anonymous Authentication in Mobile Ad Hoc Networks;361
10.1.1;Introduction;361
10.1.2;Related Work;363
10.1.3;Preliminaries;364
10.1.3.1;System Model;364
10.1.3.2;Threat Model;364
10.1.3.3;Problem Statement;364
10.1.4;Self-organized Anonymous Authentication;365
10.1.4.1;Overview;365
10.1.4.2;Anonymous Authentication with Ring Signatures;366
10.1.4.3;Anonymous Communications;367
10.1.5;Anonymity Analysis;368
10.1.5.1;Attack Description;368
10.1.5.2;Graph-Theoretic Model;369
10.1.5.3;Ring Construction Problem;371
10.1.6;Ring Construction Strategies;372
10.1.6.1;Random Graphs;373
10.1.6.2;K$^{out}$ Graphs;374
10.1.6.3;Geometric Graphs;375
10.1.7;Discussion;378
10.1.7.1;Untraceability;378
10.1.7.2;Sybil Attacks and Revocation;379
10.1.7.3;Cost;379
10.1.8;Conclusion;380
10.1.9;References;381
10.1.10;A Proof of Theorem 1;383
10.2;An Active Global Attack Model for Sensor Source Location Privacy: Analysis and Countermeasures;384
10.2.1;Introduction;384
10.2.2;An Active Global Adversary Model;386
10.2.2.1;Modeling of Network;386
10.2.2.2;Modeling of Events;387
10.2.2.3;Investigation of Attacker;387
10.2.3;Case Studies;390
10.2.3.1;The SSSA Scheme;390
10.2.3.2;The $k$-Anonymity Scheme;393
10.2.4;A Dynamic Source Anonymity Scheme;394
10.2.4.1;Problem Definitions;395
10.2.4.2;Scheme Description;396
10.2.4.3;Discussions;401
10.2.5;Related Work;401
10.2.6;Conclusion and Future Work;402
10.2.7;References;402
10.3;Rogue Access Point Detection Using Innate Characteristics of the 802.11 MAC;405
10.3.1;Introduction;405
10.3.2;Related Work;407
10.3.3;Problem with Magnitude-Based Classification;408
10.3.4;Scheme I – DCF Based Detection;409
10.3.4.1;Analysis;410
10.3.4.2;Classification Scheme;414
10.3.4.3;Experimental Setup and Validation of Wired-Side Approach;415
10.3.4.4;Accuracy Measures;416
10.3.5;Scheme II – Rate Adaptation Based Detection;417
10.3.5.1;Analysis;418
10.3.5.2;Classification Scheme;420
10.3.5.3;Experimental Setup and Validation of Wired-Side Approach;421
10.3.5.4;Accuracy Measures;422
10.3.6;Consolidated Model;422
10.3.6.1;Analysis;423
10.3.6.2;Classification Scheme;423
10.3.6.3;Experimental Setup;423
10.3.6.4;Accuracy Measures;424
10.3.7;Measure of Robustness and Scalability;424
10.3.8;Conclusion and Future Work;425
10.3.9;References;426
11;Secure Multicast, Emerging Technologies;11
11.1;A Novel Architecture for Secure and Scalable Multicast over IP Network;428
11.1.1;Introduction;428
11.1.2;Overview;430
11.1.3;Group Membership Management;430
11.1.3.1;Intra-domain Management;430
11.1.3.2;Inter-domain Management;431
11.1.3.3;Discussion;433
11.1.4;Group Key Management;434
11.1.4.1;Local Key Management;435
11.1.4.2;Global Key Management;435
11.1.5;Inter-domain Multicast Protocol;435
11.1.5.1;Preliminary Work;436
11.1.5.2;Construction of Hierarchical Dissemination Tree;436
11.1.5.3;Shim Header and Shim Payload;437
11.1.5.4;Tree Encoding on Source MA;438
11.1.5.5;Tree Decoding and Updating on Transit MAes;438
11.1.5.6;Discussions;439
11.1.6;Simulation Result;441
11.1.6.1;Link Stress;442
11.1.6.2;Protocol Overhead;443
11.1.6.3;Bandwidth Cost;443
11.1.7;Related Work;444
11.1.8;Conclusion;445
11.1.9;References;445
11.2;Reliable Resource Searching in P2P Networks;448
11.2.1;Introduction;448
11.2.2;Resource Location Authentication;451
11.2.3;Content Retrieval Authentication;454
11.2.4;References;457
11.3;The Frog-Boiling Attack: Limitations of Anomaly Detection for Secure Network Coordinate Systems;459
11.3.1;Introduction;459
11.3.2;Background;461
11.3.2.1;Network Coordinate Systems;461
11.3.2.2;Existing Attacks;462
11.3.2.3;Countermeasures;462
11.3.3;Proposed Attacks;463
11.3.4;Experimental Setup;464
11.3.5;Attack Evaluations;465
11.3.5.1;Previous Attacks;465
11.3.5.2;Basic-Targeted Attack;465
11.3.5.3;Aggressive Frog-Boiling;466
11.3.5.4;Network-Partition Attack;466
11.3.5.5;Closest-Node Attack;467
11.3.6;Conclusion;468
11.3.7;References;468
12;Author Index;470
