Spring 2006

Abstract:

Wireless networks consisting of low-power sensing devices are becoming a ubiquitous part of the computing landscape. The emerging applications of these sensor networks range from healthcare to warfare. Most of these applications require protection of sensitive information. However, developing security services (confidentiality, authentication, etc.) for sensor networks in a manner that meets the stringent resource constraints is a challenging task. This challenge is further complicated by the ad hoc nature, intermittent wireless connectivity, large scale, and unattended deployment of sensor networks. As a result, sensor networks are highly vulnerable to physical node capture and other attacks that may compromise critical security data, including encryption keys used for confidentiality and authentication. Consequently, it is necessary to provide sensor network key management services that, in addition to being resource-efficient, are highly resilient to attacks. We observe that sensor networks are inherently collaborative environments in which sensor nodes self-organize and operate in groups that typically are dynamic and mission-driven. In this talk, we present a dynamic group-keying scheme for large-scale long-lived sensor networks consisting of low-end sensor nodes clustered around more capable gateway nodes. Our solution is built upon Exclusion Basis Systems, a combinatorial formulation of the group key management problem.

The scheme distributes key management functionality among multiple nodes. Using cluster-based administrative keys, the scheme can localize the impact of attacks as well as considerably improve the efficiency of maintaining freshness of communication keys. A primary advantage is the scheme’s resilience to both multi-sensor and gateway captures.

Biography

Mohamed Eltoweissy is an associate professor in the Bradley Department of Electrical and Computer Engineering at Virginia Tech. He also holds a courtesy appointment in Computer Science. Eltoweissy is founder and director of the Center for Cyber Assurance and Trust (CyCare). Eltoweissy has over 80 publications in archival journals and respected books and conference proceedings. Among Eltoweissy’s research contributions are novel combinatorial-based survivable key management schemes for sensor and ad hoc networks, service-centric architecture for sensor networks, and stochastic models for the optimization of security protocols. Eltoweissy is also active in serving on program committees and NSF panels, in journal editorials and organization of professional meetings. Eltoweissy is a senior member of IEEE, and a member of ACM, ACM SIGBED, and ACM SIGSAC. In 2003, Eltoweissy was nominated for the Virginia SCHEV outstanding faculty awards; the highest honor for faculty in Virginia.

More Information:

http://europa.nvc.cs.vt.edu/~toweissy/

Abstract:

In this talk, we consider filtering false reports in braided multipath routing sensor networks. While multipath routing provides better resilience to various faults in sensor networks, it has two problems regarding the authentication design. One is that, due to the large number of partially overlapped routing paths between the source and sink nodes, the authentication overhead could be very high if these paths are authenticated individually; the other is that false reports may escape the authentication check through the newly identified node association attack. We propose enhancements to solve both problems such that secure and efficient authentication can be achieved in multipath routing. The proposed scheme is (t+1)-resilient, i.e. it is secure with up to t compromised nodes. The upper bound number of hops that a false report may be forwarded in the network is O(t^2).

Biography

Dr. Youtao Zhang is an assistant Professor in the Department of Computer Science, University of Pittsburgh. He completed his PhD in Computer Science at the University of Arizona in 2002. Prior to joining Pitt in 2006, he was an assistant professor in the Department of Computer Science, University of Texas at Dallas.

His research interests are in the area of the computer security, program analysis and compiler optimization, and computer architecture. He is the recipient of US NSF Career Award in 2005, the distinguished paper award of the IEEE/ACM International Conference on Software Engineering (ICSE) conference in 2003, the most original paper award of the International Conference on Parallel Processing (ICPP) conference in 2003.

He is a member of the ACM and the IEEE.

More Information:

http://www.cs.pitt.edu/~zhangyt/

Abstract:

Recent technological advances have made it possible to develop distributed sensor networks consisting of a large number of low-cost, low-power, and multi-functional sensor nodes that communicate in short distances through wireless links. Such sensor networks are ideal candidates for a wide range of applications such as monitoring of critical infrastructures and military operations. Many sensor network applications require sensors' locations to function correctly. Due to the cost reason and other operational constraints, it is usually necessary to provide a location discovery service to facilitate sensor nodes to determine their locations.

Location discovery in sensor networks is vulnerable to malicious attacks in hostile environments. The security of location discovery can certainly be enhanced by authentication. However, the possible node compromises and the fact that location determination uses certain physical features (e.g., received signal strength) of radio signals make authentication not as effective as in traditional security applications. This talk will present two methods to tolerate malicious attacks against beacon-based location discovery in sensor networks. The first method filters out malicious beacon signals on the basis of the “consistency'' among multiple beacon signals, while the second method tolerates malicious beacon signals by adopting an iteratively refined voting scheme. Both methods can survive malicious attacks even if the attacks bypass authentication, provided that the benign beacon signals constitute the majority of the beacon signals. This talk will also describe the implementation of these techniques on MICA2 motes running TinyOS, and the evaluation through both simulation and field experiments.

Biography

Peng Ning is currently an assistant professor of Computer Science in the College of Engineering at North Carolina State University. He received his PhD degree in Information Technology from George Mason University in 2001. Prior to his PhD study, he received an ME degree in Communication and Electronic Systems in 1997, and a BS degree in Information Science in 1994, both from University of Science and Technology of China. Peng Ning's research interests are mainly in computer and network security. His recent work is mostly in intrusion detection and security in ad-hoc and sensor networks. Peng Ning's research has been supported by the National Science Foundation (NSF), the Army Research Office (ARO), the Advanced Research and Development Activity (ARDA), and the NCSU/Duke Center for Advanced Computing and Communication (CACC). Peng Ning is a recipient of NSF CAREER award. He is on the editorial boards of Ad-Hoc & Sensor Networks: an International Journal and IEE Proceedings Information Security, and is a guest editor for Journal of Computer Security Special Issue on Security of Ad-Hoc and Sensor Networks. Peng Ning has served on organizing committees or program committees for over twenty technical conferences or workshops related to computer and network security. Peng Ning is a founding member of the NCSU Cyber Defense Laboratory. He is a member of the ACM, the ACM SIGSAC, the IEEE, and the IEEE Computer Society.

More Information:

http://www.csc.ncsu.edu/directories/faculty_info.php?id=1664
http://discovery.csc.ncsu.edu/~pning/

Abstract:

This presentation describes an experimental approach to analyze scans and determine their impact on attacks. Within the security community scans are usually considered as precursors to an attack. However, very few studies have been conducted to quantify the validity of this hypothesis. In this presentation, attack data are collected using a test-bed dedicated to monitoring attackers. The collected data consists of port scans, ICMP scans, vulnerability scans, successful attacks and management traffic. Two experiments were performed to validate the hypothesis of linking port scans and vulnerability scans to the number of packets observed per connection. The analyzed data consists of fourty eight days of data collected from two target computers on a heavily utilized subnet. The experimental results showed that over 50% of the attacks were not linked to any scan type. Among the scans associated with an attack, the more frequently occurring were vulnerability scans and combinations of port and vulnerability scans. Port scans do not seem to be a good indicator of an associated attack since only 3% of them are linked to attacks. Thirty five percent of the observed attacks were preceded by at least one scan. An average of seven port scans and three vulnerability scans preceded an attack. From analyzing the average time separating a scan preceding an attack, we observed that this time was in tens of minutes for all three types of scans.

Biography

Michel Cukier is an Assistant Professor in the Center for Reliability Engineering in the Department of Mechanical Engineering at the University of Maryland, College Park.Michel Cukier received a physics engineering degree from the Free University of Brussels, Belgium, in 1991, and the Doctor in engineering degree from the National Polytechnic Institute of Toulouse, France, in 1996. During 1991-1992, he was an instructor at the Free University of Brussels. From 1992 to 1996, he was at LAAS-CNRS, Toulouse, France for his doctoral work on coverage estimation of fault-tolerant systems. From 1996 to 2001, he was a researcher in the Perform research group in the Coordinated Science Laboratory at the University of Illinois, Urbana-Champaign. His research interests included intrusion tolerance by adaptation in distributed systems, adaptive fault tolerance in distributed systems, the evaluation of fault-tolerant systems combining modeling and fault injection, and the estimation of fault tolerance coverage. As part of this work, he is a co-developer of the AQuA Architecture, an architecture that provides dependable distributed objects.

His current research interests include security evaluation, intrusion tolerance, distributed system validation, fault injection, and software testing.

He is member of the IEEE and the IEEE Computer Society.

More Information:

http://www.enee.umd.edu/meet/faculty/cukier.php3
http://www.enme.umd.edu/facstaff/faculty/assistant/cukier.html

Abstract:

Many business transactions over the Internet involve the exchange of digital products between two parties -- electronic mails, digital audio and video, electronic contract signing and digital signatures, to name a few. Often these transactions occur between players that do not always have identifiable place of doing business and hence do not trust each other. Consequently, there exists ample scope for any of the parties involved, to misbehave and gain advantage over the other party. To overcome this problem researchers have proposed protocols that ensure fairness, that is, no party can gain an advantage even if the party misbehaves. Most works in this area focus on gathering evidence during the protocol execution that is used later, in case of a dispute. The actual handling of the dispute is done manually, after the protocol execution, and is outside the scope of the protocol.

However, in an electronic commerce environment, where the merchants and customers may disappear quickly, such "after-the-fact" protection may be inadequate. In this work we propose an e-commerce protocol for trading digital products over the Internet. The novel features of our protocol include: (1) ensuring fair exchange, (2) not requiring manual dispute resolution in case of unfair behavior by any party, (3) assuring each party that the item he is about to receive is indeed the correct one, (4) not requiring the active involvement of a trusted third party unless a problem occurs, and (5) ensuring anonymity for the customer.

Biography

Indrakshi Ray is an Assistant Professor of Computer Science at Colorado State University. She received her Ph.D. from George Mason University in the area of Information Technology. Her research spans the areas of computer security, e-commerce, database systems and formal methods. Her research is currently supported by grants from the Airforce Office of Scientific Research, the Airforce Research Laboratory, the Federal Aviation Administration and the National Science Foundation.

She was the Program Chair for the 17th IFIP WG 11.3 Conference on Data and Applications Security and the 11th Symposium on Access Control Models and Technologies. She served as the Program Committee Member for numerous conferences in Computer Security and Database Technology, such as, ACM Conference on Computer and Communications Security, ACM Symposium on Access Control Models and Technologies, and Extending Database Technology.

He is member of the IEEE and the IEEE Computer Society.

More Information:

http://www.cs.colostate.edu/~iray/

Abstract:

Many security protocols hypothesize the existence of a trusted third party (TTP) to ease handling of computation and data too sensitive for the other parties involved. However, using a TTP to solve real-world security problems generates the same reaction as using fairies or magic: TTPs do not really exist.

This talk will present my research and development work building TTPs based on hardware techniques that (to various degrees of assurance) can help ensure that devices can carry out computation unmolested, and using such hardware-based TTPs to solve real-world problems.

Biography

Sean's current research at Dartmouth College focuses on how to build trustworthy systems in the real world. He previously worked as a scientist at IBM T.J. Watson Research Center, doing secure coprocessor design, implementation and validation, and at Los Alamos National Laboratory, doing security designs and analyses for a wide range of primarily public-sector clients. His book "Trusted Computing Platforms: Design and Applications" (Springer, 2005) provides a deeper presentation of this research journey.

Sean was educated at Princeton (B.A., Math) and CMU (M.S., Ph.D., Computer Science).

More Information:

http://www.cs.dartmouth.edu/~sws/

Abstract:

Privacy Preserving Data Mining (PPDM) enables one or several parties to conduct normal data mining operations without actually knowing the data (or some part of the data). PPDM recently has received more and more attention because of increasing privacy concerns. One of the promising approaches for PPDM is randomization, in which, data are randomized before being disclosed to the data miner. In this talk, I will first give an overview of the randomization methods for continuous data and categorical data.

Privacy of randomization has not been well understood in the PPDM community.

We have developed and studied two attacks to reconstruct original data from a disguised data set based on data correlations. One method uses the Principal Component Analysis (PCA) technique, and the other method uses the Maximum Likelihood Estimation (MLE) technique. We have conducted theoretical and experimental analysis on the relationship between data correlations and the amount of private information that can be disclosed. Our studies have shown that when the correlations are high, the original data can be reconstructed more accurately, i.e., more private information can be disclosed. We have also proposed a modified randomization scheme to defeat such data reconstruction attacks.

Biography

Dr. Wenliang (Kevin) Du is an assistant professor in the Department of Electrical Engineering and Computer Science at Syracuse University. He got his Bachelor's Degree from the University of Science and Technology of China in 1993, and his Ph.D degree from Purdue University in 2001. His research focuses on three quite different areas: sensor-network security, privacy-preserving data mining, and computer security education using instructional operating systems.

His research has been supported by the National Science Foundation (NSF) and the Army Research Office (ARO). He is a recipient of the best paper award in the 19th International Parallel and Distributed Processing Symposium (IPDPS 2005). He is a guest co-editor for Journal of Computer Security Special Issue on Security of Ad-Hoc and Sensor Networks.

More Information:

http://www.cis.syr.edu/~wedu/