lecture project

24
EE5723/EE4723 - Course Projects

Upload: maria-qadeer

Post on 06-Sep-2015

220 views

Category:

Documents


3 download

DESCRIPTION

Lecture Project

TRANSCRIPT

  • EE5723/EE4723 - Course Projects

  • Course Projects The course research project can be a design of new secure algorithms/protocols; an analysis/evaluation/implementation of existing secure algorithms, protocols, or systems; Identifying new attacks and vulnerabilities in MANET/VANET & WSN algorithms or protocols.

    Potential project topics will be distributed and discussed on the 4th week. Students are encouraged to identify the topics based on their own background and interests.

    With a chosen topic, the students should identify an open problem, formulate a concrete proposal to address the problem, research related work, propose a new scheme or develop a novel analysis, and obtain results to evaluate their ideas.

    A 1~2-page proposal is due on 6th week which describes with a clear statement of the specific problem of your focused topic, and the expected results. A 2~3-page mid-term project progress report is due on week 10, which describes the research topic, prior work relevant to the problem, the methodology to be followed, and preliminary results. A 8~10-page high-quality final report is due on week 15. A final in-class presentation from all project teams will be given during that week.

    Often a research project will demand performance evaluation via simulation. You are free to use whatever programming language (C/C++/Java, ns2, OPNET, MATLAB) for your project simulation.

    Each project team is formed up to 2 students. The project teams should be formed by the end of 5th week.

    The projects will be graded on the basis of both team success and individual effort.

  • Important Dates & Project ReportImportant DatesProject proposal due: Feb. 18, 2010Mid-term project progress due: March 18, 2010Final project report due: April 22, 2010Project presentations: April 20/22, 2010

    Project ReportPreferably using word document8-12 pages including figures and references,11pt, double column, single space

  • Projects: Tasks involvedIdentify your favorite problem

    Propose a solution

    Implement and evaluate your solution on simulators (eg., ns-2, OPNET, Matlab, or C/C++/Java)

    Run experiments to evaluate your solution

    Write a technical report that is close to the quality of a conference paper

    Present your results to the class

    Demos (successful demos earn extra points) if necessary

  • Project ProposalGroup members (up to 2 students form a team)MotivationProblem formulationAssumptionsProject goalsApproach, preliminary solutions, and their rationaleSketch of design and algorithmsSimulation planWhat are you going to simulate?What experiments are you going to run?What metrics are you going to use?References

  • Problem/Motivation:MANET is distributed, nodes are non cooperative in nature. No centralized certificate authority (CA), each node may sign its own certificate, therefore, trust evaluation is required since no PKI.E.g., distributed (PGP): involve signature trust and key legitimacy.In broad sense, trust evaluation among nodes in terms of various concerned behavior (e.g., packet forwarding/dropping, recommendation,.) is needed for all protocol activities (distinguish Well-behaved nodes & malicious nodes)

    Task: Develop trust evaluation (e.g. Credit/reputation-based strategy, Trust metrics), establishment and updating mechanisms

    Goal: Scalable and less complex Trust Relay: a trust must be transitive

    Deliverables: Mechanism/theoretical study; simulation/analytical studyProject 1: Trust Establishment, Management, and Modeling in MANET/VANET

  • Project 2: Security vs. Network QoS (network tradeoffs): Security-QoS Co-designProblem: Different performance metrics may be in (partial) conflictProbably the most secure system is of minimal usabilityE.g., energy efficiency/computation complexity vs cryptography strength

    Tasks:Incorporating network metrics and security: scalability, communication overhead, computation complexity, energy efficiency, device capability, Many conventional security solutions take a centralized approach: For the distributed WSN & MANET/VANET, how distributed mechanisms can be designed?

    Deliverables: Mechanism/theoretical study; simulation/analytical study

  • Project 3: Countermeasure Misbehaviors at MAC Layer (including Intelligent Jamming) IProblem: Misbehaving nodes may violate MAC rulesDisobey protocol specs for selfish gains (DoS attacks)Possible Nodes MisbehaviorsCausing collisions with other hosts RTS or CTS; Those hosts will exponentially backoff on packet loss, giving free channel to the misbehaving host Impatient Transmitter: Smaller backoff intervals; Shorter Interframe Spacings

    Tasks:Diagnose node misbehavior: Catch misbehaving nodesDiscourage misbehavior: Punish misbehaving nodes

  • Project 3: Countermeasure Misbehaviors at MAC Layer II: Existing/Potential ApproachWatch idle times on the channel to detect when hosts wait too littlePassive Single Observation: a receiver can try to diagnose behavior of nodes trying to send packets to the receiverWireless channel introduces uncertainties; Not all hosts see channel idle at the same timeSpatial channel variations bound the efficacy of misbehavior detection mechanismsMany existing proposals ignore channel variation when performing evaluations, making the evaluations less reliableReceiver does not know exact backoff value chosen by sender: Sender chooses random backoff; Hard to distinguish between maliciously chosen small values and a legitimate valueVariations Multiple ObserversIn an ad hoc networks, a node can only diagnose, on its own, misbehavior by senders in its vicinityPotential for error due to channel variationsDifferent hosts can cooperate to improve accuracy

    Open problem: How to cooperate? How to merge information to arrive at a diagnosis? Node mobility introduce more challenges

    Task: Design efficient/scalable protocols that improve the ability to detect misbehavior

  • Project 3: Countermeasure Misbehaviors at MAC Layer III: Existing/Potential ApproachProtocols that discourage misbehavior: Certain game-theoretic approaches & Incentive based approaches:It has been shown (MacKenzies contribution) that there exists a Nash equilibrium strategyProblem: Game-theoretic solutions (so far) assume that all hosts see identical channel stateNot realisticLimits usefulness of solutionsTask: Improvement

    Incentive-Based Mechanisms: Use payment schemes, charging per packet (Sprite: A Simple, Cheat-Proof, Credit-Based System for Mobile Ad-Hoc Networks, Infocom 2003)Misbehaving hosts can get more throughput, but at a higher costThis solution does not ensure fairnessAlso, misbehaving node can achieve lower delay at no extra costProblem: This suggests that per-packet payment is not enoughTask: Need to factor delay and fairness as well (harder)

  • Project 4: Adaptive Security Provisioning in MANET & WSNProblem: Static security architectures cannot cope with rapidly changing security environment, including:physical parametersthreatsnetwork dynamicsmission goals

    Goal: Adaptation to handle many dimensions of dynamics to enhance the overall security of system in an efficient way:Adaptive to user requirementsDifferential security services used in government and militaryAdaptive to user devices: node security capability level adaptive to its resource Adaptive to operation environment:Adaptive to channel dynamics:Partial connectivity, disconnectivity, full connectivityAdaptive to mobilityCross-domain service for roaming usersAdaptive to trust level among nodesAdaptive to dynamic membership and network scalabilityNode join, leave, fail

    Task:Systematic Security Provisioning Architecture and FrameworkDevelop Cross-layer adaptive security protocol scheme: Localized anonymity detection & reaction, global coordination

  • Project 5: Threat Model & Vulnerability Analysis & Security Metrics for Various MANET/VANET & WSN ApplicationsProblem: Modeling vulnerabilities VERY POOR state of understandingNeeded by services and applications

    Tasks: Threat Model, Vulnerability Analysis, Security Metrics, Security Assessment

    Deliverables:

  • Project 6: Secure Communication (A view from Transport Layer):Problem: Availability of an authentic key is not enough to prevent traffic analysis, demand anonymityWe may want to hide the source or the destination of a packet, or simply the amount of traffic between a given pair of nodes

    Traditional approaches for anonymous communication, for instance, based on MIX nodes or dummy traffic insertion, can be used in wireless ad hoc networks as well

    Task: Develop new anonymity mechanism for MANET/VANET or WSNIt is possible to develop new approaches considering the broadcast nature of the wireless channel

  • Project 7:MANET/VANET Network Layer (Routing) Misbehavior - Selfish & uncooperative behaviors IMany potential misbehaviors identified in various papersRoute Discovery May disrupt route discovery and maintenance: Force use of poor routes (e.g., long routes)May degrade performance by making good routes look bad

    Packet ForwardingA node agrees to join a route (for instance, by forwarding route request in DSR) but fails to forward packets correctly: Delay, drop, corrupt, misroute packets A node may do so to conserve energy, or to launch a denial-of-service attack, due to failure of some sort, or because of overload

  • Misbehavior Detection & Reaction Difficult in MANET/VANET & WSN environmentHow to encourage Honesty in Wireless Networks (e.g., CONFIDANT Protocol: E.g. Hosts Bearing Grudges)Reputation-based schemeHonest mobile nodes will forward packets for one anotherCheaters will forward just for themselvesMay be difficult to tell the difference Nodes prefer to route through & for nodes with higher reputationInteresting concept, but cannot circumvent the difficulties in diagnosing misbehavior accuratelyEach node determines whether its neighbor is misbehavingA node ALARMs its friends when a misbehaving hosts is detectedEach node maintains reputation ratings for other nodes that are reduced on receipt of ALARMsHow to decide on friends? What if friends cheat?Project 7:MANET/VANET Network Layer (Routing) Misbehavior -Selfish & uncooperative behaviors II

  • Problem: Anomaly detection-Detect deviation from normal behaviorNeed to characterize normalNormal behavior hard to characterize accuratelyE.g., the MAC layer approach for detecting deviation from normal distribution of contention window parameters can be considered an anomaly detection schemeNeed to be able to determine when observed behavior departs significantly from the normAvoid false positives

    Task:Anomaly detection can be useful at network layerHow to characterize normal routing protocol behavior?Some of the routing mechanisms detect specific forms of abnormal behavior, but a more generic approach is desiredCan we design a protocol-independent anomaly detection mechanism? Not clearProject 7:MANET Network Layer (Routing) Misbehavior -Selfish & uncooperative behaviors III

  • Project 8 : Secure localization (Authentication & Privacy) - Location Verification in WSNProblem: Secure location discovery and verification of claims

    Tasks:

    Deliverables: Mechanism/theoretical study; simulation/analytical study

  • Project 9: Lightweight Security Primitives/Solutions in MANET & WSN (Including power-aware security mechanisms)Problem: Severe Resource ConstraintsRef: U-Tesla

    Tasks:

    Deliverables: Mechanism/theoretical study; simulation/analytical study

  • Project 10: Security for In-Network Processing & Tolerating Malicious Data- Resilient Aggregation (In-network aggregation introduces new security challenges) for WSNProblem: Secure aggregation and in-network processing

    Tasks:

    Deliverables: Mechanism/theoretical study; simulation/analytical study

  • Project 11: Authentication Architecture and Protocols in MANET & WSN Problem: Lack of KDC & CA

    Tasks:

    Deliverables: Mechanism/theoretical study; simulation/analytical study

  • Project 12: Vulnerability & Threat Model for Smart Grid or other Critical InfrastructuresProblem: Modeling vulnerabilities VERY Infant state of understanding

    Tasks: Threat Model, Vulnerability Analysis, Security Metrics, Security Assessment

    Deliverables:

  • Programming Project OptionIDEA Programming (10%)At least two operation modes for choiceDue in March 18, 2010

    Secure Instant Messenger with RSA (15%)TentativeOr realize RSA and any hashing algorithm; sign the hash of a file or message with private key as its signature; verify the signature with the pubic keyDue in April 22,2010

  • Survey Project OptionIndividual project

    Any topic from presentation or research project topics

    Wider and deeper than presentationMore reference readingDeeper critiques: remaining problems, potential solutions & future developments

    Important DateSame as research project

  • Survey topic

    Significance of specified topic

    Preliminary reading notes

    Planned directions for investigation

    ReferencesProject Proposal