ee5723/ee4723 - course projects. spring 2010 ee5723/ee4723 course projects the course research...
Post on 20-Dec-2015
215 views
TRANSCRIPT
EE5723/EE4723 - Course Projects
Spring 2010EE5723/EE4723
Course Projects The course research project can be a design of new secure algorithms/protocols; an
analysis/evaluation/implementation of existing secure algorithms, protocols, or systems; Identifying new attacks and vulnerabilities in MANET/VANET & WSN algorithms or protocols.
Potential project topics will be distributed and discussed on the 4th week. Students are encouraged to identify the topics based on their own background and interests.
With a chosen topic, the students should identify an open problem, formulate a concrete proposal to address the problem, research related work, propose a new scheme or develop a novel analysis, and obtain results to evaluate their ideas.
A 1~2-page proposal is due on 6th week which describes with a clear statement of the specific problem of your focused topic, and the expected results. A 2~3-page mid-term project progress report is due on week 10, which describes the research topic, prior work relevant to the problem, the methodology to be followed, and preliminary results. A 8~10-page high-quality final report is due on week 15. A final in-class presentation from all project teams will be given during that week.
Often a research project will demand performance evaluation via simulation. You are free to use whatever programming language (C/C++/Java, ns2, OPNET, MATLAB) for your project simulation.
Each project team is formed up to 2 students. The project teams should be formed by the end of 5th week.
The projects will be graded on the basis of both team success and individual effort.
Spring 2010EE5723/EE4723
Important DatesProject proposal due: Feb. 18, 2010Mid-term project progress due: March 18, 2010Final project report due: April 22, 2010Project presentations: April 20/22, 2010
Project ReportPreferably using word document8-12 pages including figures and references,11pt, double column, single space
Important Dates & Project Report
Spring 2010EE5723/EE4723
Identify your favorite problem
Propose a solution
Implement and evaluate your solution on simulators (eg., ns-2, OPNET, Matlab, or C/C++/Java)
Run experiments to evaluate your solution
Write a technical report that is close to the quality of a conference paper
Present your results to the class
Demos (successful demos earn extra points) if necessary
Projects: Tasks involved
Spring 2010EE5723/EE4723
Group members (up to 2 students form a team) Motivation Problem formulation Assumptions Project goals Approach, preliminary solutions, and their rationale Sketch of design and algorithms Simulation plan
What are you going to simulate? What experiments are you going to run? What metrics are you going to use?
References
Project Proposal
Spring 2010EE5723/EE4723
Problem/Motivation: MANET is distributed, nodes are non cooperative in nature.
No centralized certificate authority (CA), each node may sign its own certificate, therefore, trust evaluation is required since no PKI.
E.g., distributed (PGP): involve signature trust and key legitimacy. In broad sense, trust evaluation among nodes in terms of various
concerned behavior (e.g., packet forwarding/dropping, recommendation,….) is needed for all
protocol activities (distinguish “Well-behaved nodes” & “malicious nodes”)
Task: Develop trust evaluation (e.g. Credit/reputation-based strategy, Trust metrics), establishment and updating mechanisms
Goal: Scalable and less complex Trust Relay: a trust must be transitive
Deliverables: Mechanism/theoretical study; simulation/analytical study
Project 1: Trust Establishment, Management, and Modeling in MANET/VANET
Spring 2010EE5723/EE4723
Project 2: Security vs. Network QoS (network tradeoffs): Security-QoS Co-design Problem: Different performance metrics may be in
(partial) conflict Probably the most secure system is of minimal usability E.g., energy efficiency/computation complexity vs cryptography
strength
Tasks: Incorporating network metrics and security: scalability,
communication overhead, computation complexity, energy efficiency, device capability, …
Many conventional security solutions take a centralized approach: For the distributed WSN & MANET/VANET, how distributed mechanisms can be designed?
Deliverables: Mechanism/theoretical study; simulation/analytical study
Spring 2010EE5723/EE4723
Project 3: Countermeasure Misbehaviors at MAC Layer (including Intelligent Jamming) I
Problem: Misbehaving nodes may violate MAC rules Disobey protocol specs for selfish gains (DoS attacks) Possible Nodes Misbehaviors
Causing collisions with other hosts’ RTS or CTS; Those hosts will exponentially backoff on packet loss, giving free channel to the misbehaving host
Impatient Transmitter: Smaller backoff intervals; Shorter Interframe Spacings
Tasks: Diagnose node misbehavior: Catch misbehaving nodes Discourage misbehavior: Punish misbehaving nodes
Spring 2010EE5723/EE4723
Project 3: Countermeasure Misbehaviors at MAC Layer II: Existing/Potential Approach
Watch idle times on the channel to detect when hosts wait too little Passive Single Observation: a receiver can try to diagnose behavior of nodes
trying to send packets to the receiver Wireless channel introduces uncertainties; Not all hosts see channel idle at the
same time Spatial channel variations bound the efficacy of misbehavior detection mechanisms Many existing proposals ignore channel variation when performing evaluations,
making the evaluations less reliable Receiver does not know exact backoff value chosen by sender: Sender chooses
random backoff; Hard to distinguish between maliciously chosen small values and a legitimate value
Variations – Multiple Observers In an ad hoc networks, a node can only diagnose, on its own, misbehavior by
senders in its vicinity Potential for error due to channel variations Different hosts can cooperate to improve accuracy
Open problem: How to cooperate? How to “merge” information to arrive at a diagnosis? Node mobility introduce more challenges
Task: Design efficient/scalable protocols that improve the ability to detect misbehavior
Spring 2010EE5723/EE4723
Project 3: Countermeasure Misbehaviors at MAC Layer III: Existing/Potential Approach Protocols that discourage misbehavior: Certain game-theoretic
approaches & Incentive based approaches: It has been shown (MacKenzie’s contribution) that there exists a Nash
equilibrium strategy Problem: Game-theoretic solutions (so far) assume that all hosts see
identical channel state Not realistic Limits usefulness of solutions
Task: Improvement
Incentive-Based Mechanisms: Use payment schemes, charging per packet (Sprite: A Simple, Cheat-Proof, Credit-Based System for Mobile Ad-Hoc Networks, Infocom 2003) Misbehaving hosts can get more throughput, but at a higher cost This solution does not ensure fairness Also, misbehaving node can achieve lower delay at no extra cost Problem: This suggests that per-packet payment is not enough Task: Need to factor delay and fairness as well (harder)
Spring 2010EE5723/EE4723
Project 4: Adaptive Security Provisioning in MANET & WSN Problem: Static security architectures cannot cope with rapidly changing
security environment, including: physical parameters threats network dynamics mission goals
Goal: Adaptation to handle many dimensions of dynamics to enhance the overall security of system in an efficient way:
Adaptive to user requirements Differential security services used in government and military
Adaptive to user devices: node security capability level adaptive to its resource Adaptive to operation environment: Adaptive to channel dynamics:
Partial connectivity, disconnectivity, full connectivity Adaptive to mobility
Cross-domain service for roaming users Adaptive to trust level among nodes Adaptive to dynamic membership and network scalability
Node join, leave, fail
Task: Systematic Security Provisioning Architecture and Framework
Develop Cross-layer adaptive security protocol scheme: Localized anonymity detection & reaction, global coordination
Spring 2010EE5723/EE4723
Project 5: Threat Model & Vulnerability Analysis & Security Metrics for Various MANET/VANET & WSN Applications
Problem: Modeling vulnerabilities VERY POOR state of understandingNeeded by services and applications
Tasks: Threat Model, Vulnerability Analysis, Security Metrics, Security Assessment
Deliverables:
Spring 2010EE5723/EE4723
Problem: Availability of an authentic key is not enough to prevent traffic analysis, demand anonymity We may want to hide the source or the destination of a packet, or
simply the amount of traffic between a given pair of nodes
Traditional approaches for anonymous communication, for instance, based on MIX nodes or dummy traffic insertion, can be used in wireless ad hoc networks as well
Task: Develop new anonymity mechanism for MANET/VANET or WSN It is possible to develop new approaches considering the broadcast
nature of the wireless channel
Project 6: Secure Communication (A view from Transport Layer):
Spring 2010EE5723/EE4723
Project 7:MANET/VANET Network Layer (Routing) Misbehavior - Selfish & uncooperative behaviors I
Many potential misbehaviors identified in various papers Route Discovery
May disrupt route discovery and maintenance: Force use of poor routes (e.g., long routes)
May degrade performance by making good routes look bad
Packet Forwarding A node “agrees” to join a route (for instance, by forwarding route
request in DSR) but fails to forward packets correctly: Delay, drop, corrupt, misroute packets
A node may do so to conserve energy, or to launch a denial-of-service attack, due to failure of some sort, or because of overload
Spring 2010EE5723/EE4723
Project 7:MANET/VANET Network Layer (Routing) Misbehavior -Selfish & uncooperative behaviors II Misbehavior Detection & Reaction
Difficult in MANET/VANET & WSN environment How to encourage Honesty in Wireless Networks (e.g.,
CONFIDANT Protocol: E.g. Hosts Bearing Grudges) Reputation-based scheme
Honest mobile nodes will forward packets for one another Cheaters will forward just for themselves May be difficult to tell the difference …
Nodes prefer to route through & for nodes with higher reputation Interesting concept, but cannot circumvent the difficulties in diagnosing
misbehavior accurately Each node determines whether its neighbor is misbehaving
A node ALARMs its “friends” when a misbehaving hosts is detected Each node maintains reputation ratings for other nodes that are
reduced on receipt of ALARMs How to decide on friends? What if “friends” cheat?
Spring 2010EE5723/EE4723
Project 7:MANET Network Layer (Routing) Misbehavior
-Selfish & uncooperative behaviors III Problem: Anomaly detection-Detect deviation from “normal” behavior
Need to characterize “normal” Normal behavior hard to characterize accurately
E.g., the MAC layer approach for detecting deviation from “normal” distribution of contention window parameters can be considered an “anomaly detection” scheme
Need to be able to determine when observed behavior departs significantly from the norm
Avoid false positives
Task: Anomaly detection can be useful at network layer
How to characterize “normal” routing protocol behavior? Some of the routing mechanisms detect specific forms of abnormal behavior,
but a more generic approach is desired Can we design a protocol-independent anomaly detection mechanism? Not
clear
Spring 2010EE5723/EE4723
Problem: Secure location discovery and verification of claims
Tasks:
Deliverables: Mechanism/theoretical study; simulation/analytical study
Project 8 : Secure localization (Authentication & Privacy) - Location Verification in WSN
Spring 2010EE5723/EE4723
Problem: Severe Resource ConstraintsRef: U-Tesla
Tasks:
Deliverables: Mechanism/theoretical study; simulation/analytical study
Project 9: Lightweight Security Primitives/Solutions in MANET & WSN (Including power-aware security mechanisms)
Spring 2010EE5723/EE4723
Project 10: Security for In-Network Processing & Tolerating Malicious Data- Resilient Aggregation (In-network aggregation introduces new security challenges) for WSN
Problem: Secure aggregation and in-network processing
Tasks:
Deliverables: Mechanism/theoretical study; simulation/analytical study
Spring 2010EE5723/EE4723
Project 11: Authentication Architecture and Protocols in MANET & WSN
Problem: Lack of KDC & CA
Tasks:
Deliverables: Mechanism/theoretical study; simulation/analytical study
Spring 2010EE5723/EE4723
Project 12: Vulnerability & Threat Model for Smart Grid or other Critical Infrastructures
Problem: Modeling vulnerabilities VERY Infant state of understanding
Tasks: Threat Model, Vulnerability Analysis, Security Metrics, Security Assessment
Deliverables:
Spring 2010EE5723/EE4723
Programming Project Option IDEA Programming (10%)
At least two operation modes for choice Due in March 18, 2010
Secure Instant Messenger with RSA (15%) Tentative Or realize RSA and any hashing algorithm; sign the
hash of a file or message with private key as its signature; verify the signature with the pubic key
Due in April 22,2010
Spring 2010EE5723/EE4723
Survey Project Option
Individual project
Any topic from presentation or research project topics
Wider and deeper than presentation More reference reading Deeper critiques: remaining problems, potential
solutions & future developments
Important Date Same as research project
Spring 2010EE5723/EE4723
Survey topic
Significance of specified topic
Preliminary reading notes
Planned directions for investigation
References
Project Proposal