ee5723/ee4723 - course projects. spring 2010 ee5723/ee4723 course projects the course research...

EE5723/EE4723 - Course Projects

Spring 2010EE5723/EE4723

Course Projects The course research project can be a design of new secure algorithms/protocols; an

analysis/evaluation/implementation of existing secure algorithms, protocols, or systems; Identifying new attacks and vulnerabilities in MANET/VANET & WSN algorithms or protocols.

Potential project topics will be distributed and discussed on the 4th week. Students are encouraged to identify the topics based on their own background and interests.

With a chosen topic, the students should identify an open problem, formulate a concrete proposal to address the problem, research related work, propose a new scheme or develop a novel analysis, and obtain results to evaluate their ideas.

A 1~2-page proposal is due on 6th week which describes with a clear statement of the specific problem of your focused topic, and the expected results. A 2~3-page mid-term project progress report is due on week 10, which describes the research topic, prior work relevant to the problem, the methodology to be followed, and preliminary results. A 8~10-page high-quality final report is due on week 15. A final in-class presentation from all project teams will be given during that week.

Often a research project will demand performance evaluation via simulation. You are free to use whatever programming language (C/C++/Java, ns2, OPNET, MATLAB) for your project simulation.

Each project team is formed up to 2 students. The project teams should be formed by the end of 5th week.

The projects will be graded on the basis of both team success and individual effort.


Important DatesProject proposal due: Feb. 18, 2010Mid-term project progress due: March 18, 2010Final project report due: April 22, 2010Project presentations: April 20/22, 2010

Project ReportPreferably using word document8-12 pages including figures and references,11pt, double column, single space

Important Dates & Project Report


Identify your favorite problem

Propose a solution

Implement and evaluate your solution on simulators (eg., ns-2, OPNET, Matlab, or C/C++/Java)

Run experiments to evaluate your solution

Write a technical report that is close to the quality of a conference paper

Present your results to the class

Demos (successful demos earn extra points) if necessary

Projects: Tasks involved


Group members (up to 2 students form a team) Motivation Problem formulation Assumptions Project goals Approach, preliminary solutions, and their rationale Sketch of design and algorithms Simulation plan

What are you going to simulate? What experiments are you going to run? What metrics are you going to use?

References

Project Proposal


Problem/Motivation: MANET is distributed, nodes are non cooperative in nature.

No centralized certificate authority (CA), each node may sign its own certificate, therefore, trust evaluation is required since no PKI.

E.g., distributed (PGP): involve signature trust and key legitimacy. In broad sense, trust evaluation among nodes in terms of various

concerned behavior (e.g., packet forwarding/dropping, recommendation,….) is needed for all

protocol activities (distinguish “Well-behaved nodes” & “malicious nodes”)

Task: Develop trust evaluation (e.g. Credit/reputation-based strategy, Trust metrics), establishment and updating mechanisms

Goal: Scalable and less complex Trust Relay: a trust must be transitive

Deliverables: Mechanism/theoretical study; simulation/analytical study

Project 1: Trust Establishment, Management, and Modeling in MANET/VANET


Project 2: Security vs. Network QoS (network tradeoffs): Security-QoS Co-design Problem: Different performance metrics may be in

(partial) conflict Probably the most secure system is of minimal usability E.g., energy efficiency/computation complexity vs cryptography

strength

Tasks: Incorporating network metrics and security: scalability,

communication overhead, computation complexity, energy efficiency, device capability, …

Many conventional security solutions take a centralized approach: For the distributed WSN & MANET/VANET, how distributed mechanisms can be designed?



Project 3: Countermeasure Misbehaviors at MAC Layer (including Intelligent Jamming) I

Problem: Misbehaving nodes may violate MAC rules Disobey protocol specs for selfish gains (DoS attacks) Possible Nodes Misbehaviors

Causing collisions with other hosts’ RTS or CTS; Those hosts will exponentially backoff on packet loss, giving free channel to the misbehaving host

Impatient Transmitter: Smaller backoff intervals; Shorter Interframe Spacings

Tasks: Diagnose node misbehavior: Catch misbehaving nodes Discourage misbehavior: Punish misbehaving nodes


Project 3: Countermeasure Misbehaviors at MAC Layer II: Existing/Potential Approach

Watch idle times on the channel to detect when hosts wait too little Passive Single Observation: a receiver can try to diagnose behavior of nodes

trying to send packets to the receiver Wireless channel introduces uncertainties; Not all hosts see channel idle at the

same time Spatial channel variations bound the efficacy of misbehavior detection mechanisms Many existing proposals ignore channel variation when performing evaluations,

making the evaluations less reliable Receiver does not know exact backoff value chosen by sender: Sender chooses

random backoff; Hard to distinguish between maliciously chosen small values and a legitimate value

Variations – Multiple Observers In an ad hoc networks, a node can only diagnose, on its own, misbehavior by

senders in its vicinity Potential for error due to channel variations Different hosts can cooperate to improve accuracy

Open problem: How to cooperate? How to “merge” information to arrive at a diagnosis? Node mobility introduce more challenges

Task: Design efficient/scalable protocols that improve the ability to detect misbehavior


Project 3: Countermeasure Misbehaviors at MAC Layer III: Existing/Potential Approach Protocols that discourage misbehavior: Certain game-theoretic

approaches & Incentive based approaches: It has been shown (MacKenzie’s contribution) that there exists a Nash

equilibrium strategy Problem: Game-theoretic solutions (so far) assume that all hosts see

identical channel state Not realistic Limits usefulness of solutions

Task: Improvement

Incentive-Based Mechanisms: Use payment schemes, charging per packet (Sprite: A Simple, Cheat-Proof, Credit-Based System for Mobile Ad-Hoc Networks, Infocom 2003) Misbehaving hosts can get more throughput, but at a higher cost This solution does not ensure fairness Also, misbehaving node can achieve lower delay at no extra cost Problem: This suggests that per-packet payment is not enough Task: Need to factor delay and fairness as well (harder)


Project 4: Adaptive Security Provisioning in MANET & WSN Problem: Static security architectures cannot cope with rapidly changing

security environment, including: physical parameters threats network dynamics mission goals

Goal: Adaptation to handle many dimensions of dynamics to enhance the overall security of system in an efficient way:

Adaptive to user requirements Differential security services used in government and military

Adaptive to user devices: node security capability level adaptive to its resource Adaptive to operation environment: Adaptive to channel dynamics:

Partial connectivity, disconnectivity, full connectivity Adaptive to mobility

Cross-domain service for roaming users Adaptive to trust level among nodes Adaptive to dynamic membership and network scalability

Node join, leave, fail

Task: Systematic Security Provisioning Architecture and Framework

Develop Cross-layer adaptive security protocol scheme: Localized anonymity detection & reaction, global coordination


Project 5: Threat Model & Vulnerability Analysis & Security Metrics for Various MANET/VANET & WSN Applications

Problem: Modeling vulnerabilities VERY POOR state of understandingNeeded by services and applications

Tasks: Threat Model, Vulnerability Analysis, Security Metrics, Security Assessment

Deliverables:


Problem: Availability of an authentic key is not enough to prevent traffic analysis, demand anonymity We may want to hide the source or the destination of a packet, or

simply the amount of traffic between a given pair of nodes

Traditional approaches for anonymous communication, for instance, based on MIX nodes or dummy traffic insertion, can be used in wireless ad hoc networks as well

Task: Develop new anonymity mechanism for MANET/VANET or WSN It is possible to develop new approaches considering the broadcast

nature of the wireless channel

Project 6: Secure Communication (A view from Transport Layer):


Project 7:MANET/VANET Network Layer (Routing) Misbehavior - Selfish & uncooperative behaviors I

Many potential misbehaviors identified in various papers Route Discovery

May disrupt route discovery and maintenance: Force use of poor routes (e.g., long routes)

May degrade performance by making good routes look bad

Packet Forwarding A node “agrees” to join a route (for instance, by forwarding route

request in DSR) but fails to forward packets correctly: Delay, drop, corrupt, misroute packets

A node may do so to conserve energy, or to launch a denial-of-service attack, due to failure of some sort, or because of overload


Project 7:MANET/VANET Network Layer (Routing) Misbehavior -Selfish & uncooperative behaviors II Misbehavior Detection & Reaction

Difficult in MANET/VANET & WSN environment How to encourage Honesty in Wireless Networks (e.g.,

CONFIDANT Protocol: E.g. Hosts Bearing Grudges) Reputation-based scheme

Honest mobile nodes will forward packets for one another Cheaters will forward just for themselves May be difficult to tell the difference …

Nodes prefer to route through & for nodes with higher reputation Interesting concept, but cannot circumvent the difficulties in diagnosing

misbehavior accurately Each node determines whether its neighbor is misbehaving

A node ALARMs its “friends” when a misbehaving hosts is detected Each node maintains reputation ratings for other nodes that are

reduced on receipt of ALARMs How to decide on friends? What if “friends” cheat?


Project 7:MANET Network Layer (Routing) Misbehavior

-Selfish & uncooperative behaviors III Problem: Anomaly detection-Detect deviation from “normal” behavior

Need to characterize “normal” Normal behavior hard to characterize accurately

E.g., the MAC layer approach for detecting deviation from “normal” distribution of contention window parameters can be considered an “anomaly detection” scheme

Need to be able to determine when observed behavior departs significantly from the norm

Avoid false positives

Task: Anomaly detection can be useful at network layer

How to characterize “normal” routing protocol behavior? Some of the routing mechanisms detect specific forms of abnormal behavior,

but a more generic approach is desired Can we design a protocol-independent anomaly detection mechanism? Not

clear


Problem: Secure location discovery and verification of claims

Tasks:


Project 8 : Secure localization (Authentication & Privacy) - Location Verification in WSN


Problem: Severe Resource ConstraintsRef: U-Tesla

Tasks:


Project 9: Lightweight Security Primitives/Solutions in MANET & WSN (Including power-aware security mechanisms)


Project 10: Security for In-Network Processing & Tolerating Malicious Data- Resilient Aggregation (In-network aggregation introduces new security challenges) for WSN

Problem: Secure aggregation and in-network processing

Tasks:



Project 11: Authentication Architecture and Protocols in MANET & WSN

Problem: Lack of KDC & CA

Tasks:



Project 12: Vulnerability & Threat Model for Smart Grid or other Critical Infrastructures

Problem: Modeling vulnerabilities VERY Infant state of understanding

Tasks: Threat Model, Vulnerability Analysis, Security Metrics, Security Assessment

Deliverables:


Programming Project Option IDEA Programming (10%)

At least two operation modes for choice Due in March 18, 2010

Secure Instant Messenger with RSA (15%) Tentative Or realize RSA and any hashing algorithm; sign the

hash of a file or message with private key as its signature; verify the signature with the pubic key

Due in April 22,2010


Survey Project Option

Individual project

Any topic from presentation or research project topics

Wider and deeper than presentation More reference reading Deeper critiques: remaining problems, potential

solutions & future developments

Important Date Same as research project


Survey topic

Significance of specified topic

Preliminary reading notes

Planned directions for investigation

References

Project Proposal

ee5723/ee4723 - course projects. spring 2010 ee5723/ee4723 course projects the course research...

Documents

project simulation

project teams

project presentations

final project report

course research project

potential project topics

th week

ee5723ee4723 course