Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
NETWORK TRAFFIC
INTRODUCTION
Joint security and routing analysis reveals the
vulnerabilities of secure network traffic.
Properties that assure secure applications and services in
wireless networks are:
1.Confidentiality
2.Integrity
Confidentiality: Ability to keep data secret from
unauthorized entities.
Integrity: Ability to verify that data has not been
maliciously or accidentally altered.
These properties can be compromised by network node
capture and extracting cryptographic keys from their
memories.
Using the cryptographic keys recovered in a node capture
attack, an adversary can compromise the confidentiality
and integrity of any messages secured using the
compromised keys.
The overall security of routed messages is dependent on
the routing protocol and network topology.
SECURING NETWORK ASSETS
Network Security
s
Compromise of a single
link leads to recovery of
all data.
Example 2: Fixed multi-path routing
c tion (1-f )
Fra
d
s
Fractio
n f
Compromise of a
single link leads to
recovery of a fraction
of data.
EXISTING SYSTEM
Focused on the ability of an adversary to compromise the
security of single-hop wireless links.
Messages in a wireless network traverse multiple links
and paths between a source and destination node, and a
message may be compromised by traversing a single
insecure link.
The impact of node capture attacks on the confidentiality
and integrity of network traffic is investigated.
Mapped the compromise of network traffic to the flow of
current through an electric circuit.
Proposed a metric for quantifying the vulnerability of the
traffic using the circuit mapping.
The vulnerability metric as a function of the routing and
the cryptographic protocols used to secure the network
traffic is computed.
PROPOSED SYSTEM
Two complementary vulnerability definitions using set
theoretic and circuit theoretic interpretations of the
security of network traffic is to be developed.
This allows a network analyst or an adversary to
determine weaknesses in the secure network.
A Greedy Node capture Approximation using
Vulnerability Evaluation(GNAVE)algorithm is
proposed.
Unknown security parameters can be estimated using
probabilistic analysis.
We define a class of route vulnerability metrics (RVMs)
to quantify the effective security of traffic traversing a
given route .
The minimum cost node capture attack problem as a
nonlinear integer programming minimization problem
need to be formulated.
ADVANTAGES
Here we maintain the overall integrity and confidentiality
among nodes path.
DISADVANTAGES
A message may be compromised by traversing a single
insecure link as the messages in a wireless network traverse
multiple links and paths between a source and destination
node.
CONCLUSION
Confidentiality and integrity (C/I) of data traversing
numerous links with differing security properties are
evaluated.
The node capture attacks using the vulnerability metric has
been formalized as a nonlinear integer programming
minimization problem and propose the GNAVE algorithm.
The availability of security parameters to the adversary is
discussed and the unknown parameters can be estimated
using probabilistic analysis.
The vulnerability evaluation using the proposed metrics and
node capture attacks are demonstrated using the GNAVE
algorithm through detailed examples and simulation.
REFERENCES
P. Tague, D. Slater, J. Rogers, and R. Poovendran,
“Vulnerabilityof Network Traffic Under Node Capture
Attacks Using Circuit Theoretic Analysis,”
Proc. IEEE INFOCOM ’08,pp. 664-672, Apr. 2008.
A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone,
Handbook of Applied Cryptography. CRC, 1996.
L. Eschenauer and V.D. Gligor,
“A Key-Management Scheme for Distributed Sensor
Networks,”
Proc. Ninth ACM Conf. Computer and Comm. Security
(CCS ’02), pp. 41-47, Nov. 2002.
P. Tague and R. Poovendran,
“Modeling Adaptive Node Capture Attacks in Multi-
Hop Wireless Networks,” Ad Hoc Networks,vol. 5, no. 6,
pp. 801-814, Aug. 2007.
H. Chan, A. Perrig, and D. Song,
“Random Key Predistribution Schemes for Sensor
Networks,”
Proc. IEEE Symp. Security andPrivacy (SP ’03), pp.
197-213, May 2003.
QUESTIONS???
Thank you for your time &
attention!