Security measures

This dissertation presents the results of research that led to the development of a novel reputation and trust-based monitoring paradigm for secure and reliable computing in Wireless Sensor Networks (WSNs). WSNs have undergone tremendous technological advances over the last few years. They have caused a giant leap toward "proactive computing," a paradigm where computers anticipate human needs and, when necessary, act on their behalf. Therefore, we cannot deploy such a critical technology without first addressing the security and privacy challenges to ensure that it does not turn against those whom it is meant to benefit. The core application of WSNs is to detect and report events, be it military or civilian applications. The building blocks of a WSN are small, battery-powered, lowcost, self-contained devices called "sensors" that measure factors like light, temperature, pressure, vibration, motion, etc. A WSN usually consists of hundreds of thousands of sensors that operate in unattended, hostile territories to monitor a given geographical area. Once deployed, the wireless sensors self-organize into ad-hoc wireless networks in order to cope with the dynamics of the surveillance field. During the post deployment phase, the wireless sensors aggregate data, then process and generate a report, which is subsequently relayed from one sensor to the next using secure multi-hop routing until the data reaches its desired destination, which is usually the sink. Since sensors operate in unattended and hostile territories, the adversary can capture a sensor node physically and extract all the information stored onboard, including cryptographic keying material. With this unique situation, WSNs are subject to a unique attack referred to as an "Insider Attack," in which the adversary becomes a legitimate member of the network being represented by the captured node.

Multi-hop wireless networks are infrastructure-less networks consisting of mobile or stationary wireless devices, which include multi-hop wireless mesh networks and multi-hop wireless sensor networks. These networks are characterized by limited bandwidth and energy resources, unreliable communication, and a lack of central control. These characteristics lead to the research challenges of multi-hop wireless networks. Building up routing schemes with good balance among the routing QoS (such as reliability, cost, and delay) is a paramount concern to achieve high performance wireless networks. These QoS metrics are internally correlated. Most existing works did not fully utilize this correlation. We design a metric to balance the trade-off between reliability and cost, and build up a framework of utility-based routing model in multi-hop wireless networks. This dissertation focuses on the variations with applications of utility-based routing models, designing new concepts, and developing new algorithms for them. A review of existing routing algorithms and the basic utility-based routing model for multi-hop wireless networks has been provided at the beginning. An efficient algorithm, called MaxUtility, has been proposed for the basic utility-based routing model. MaxUtility is an optimal algorithm that can find the best routing path with the maximum expected utility.

This research addresses communication security in the highly constrained wireless sensor environment. The goal of the research is twofold: (1) to develop a key management scheme that provides these constrained systems with the basic security requirements and evaluate its effectiveness in terms of scalability, efficiency, resiliency, connectivity, and flexibility, and (2) to implement this scheme on an appropriate routing platform and measure its efficiency.

Consider a scenario where a server S shares a symmetric key kU with each user U. Building on a 2-party solution of Bohli et al., we describe an authenticated 3-party key establishment which remains secure if a computational Bilinear Diffie Hellman problem is hard or the server is uncorrupted. If the BDH assumption holds during a protocol execution, but is invalidated later, entity authentication and integrity of the protocol are still guaranteed. Key establishment protocols based on hardness assumptions, such as discrete logarithm problem (DLP) and integer factorization problem (IFP) are vulnerable to quantum computer attacks, whereas the protocols based on other hardness assumptions, such as conjugacy search problem and decomposition search problem can resist such attacks. The existing protocols based on the hardness assumptions which can resist quantum computer attacks are only passively secure. Compilers are used to convert a passively secure protocol to an actively secure protoc ol. Compilers involve some tools such as, signature scheme and a collision-resistant hash function. If there are only passively secure protocols but not a signature scheme based on same assumption then the application of existing compilers requires the use of such tools based on different assumptions. But the introduction of new tools, based on different assumptions, makes the new actively secure protocol rely on more than one hardness assumptions. We offer an approach to derive an actively secure two-party protocol from a passively secure two-party protocol without introducing further hardness assumptions. This serves as a useful formal tool to transform any basic algebric method of public key cryptography to the real world applicaticable cryptographic scheme. In a recent preprint, Vivek et al. propose a compiler to transform a passively secure 3-party key establishment to a passively secure group key establishment. To achieve active security, they apply this compiler to Joux's

A social network is a structure of individuals and organizations, which are connected by one or more types of interdependency, such as friendship, affinity, common interests or knowledge. Social networks use Web 2.0 technology, which is mostly based on a service-oriented architecture. We are studying patterns for social networks in this environment. A pattern is an encapsulated solution to a software problem in a given context, secure threats are possible in this context. We present a collection of patterns associated with the most important aspects of social networks, with emphasis on controlling the actions of the users of these networks.

Implementing Shamir's secret sharing scheme using floating point arithmetic would provide a faster and more efficient secret sharing scheme due to the speed in which GPUs perform floating point arithmetic. However, with the loss of a finite field, properties of a perfect secret sharing scheme are not immediately attainable. The goal is to analyze the plausibility of Shamir's secret sharing scheme using floating point arithmetic achieving the properties of a perfect secret sharing scheme and propose improvements to attain these properties. Experiments indicate that property 2 of a perfect secret sharing scheme, "Any k-1 or fewer participants obtain no information regarding the shared secret", is compromised when Shamir's secret sharing scheme is implemented with floating point arithmetic. These experimental results also provide information regarding possible solutions and adjustments. One of which being, selecting randomly generated points from a smaller interval in one of the proposed schemes of this thesis. Further experimental results indicate improvement using the scheme outlined. Possible attacks are run to test the desirable properties of the different schemes and reinforce the improvements observed in prior experiments.

This work presents the development of the Statistical Location-Assisted Broadcast (SLAB) protocol, a multi-hop wireless broadcast protocol designed for vehicular ad-hoc networking (VANET). Vehicular networking is an important emerging application of wireless communications. Data dissemination applications using VANET promote the ability for vehicles to share information with each other and the wide-area network with the goal of improving navigation, fuel consumption, public safety, and entertainment. A critical component of these data dissemination schemes is the multi-hop wireless broadcast protocol. Multi-hop broadcast protocols for these schemes must reliably deliver broadcast packets to vehicles in a geographically bounded region while consuming as little wireless bandwidth as possible. This work contains substantial research results related to development of multi-hop broadcast protocols for VANET, culminating in the design of SLAB. Many preliminary research and development efforts have been required to arrive at SLAB. First, a high-level wireless broadcast simulation tool called WiBDAT is developed. Next, a manual optimization procedure is proposed to create efficient threshold functions for statistical broadcast protocols. This procedure is then employed to design the Distribution-Adaptive Distance with Channel Quality (DADCQ) broadcast protocol, a preliminary cousin of SLAB. DADCQ is highly adaptive to node density, node spatial distribution pattern, and wireless channel quality in realistic VANET scenarios. However, the manual design process used to create DADCQ has a few deficiencies. In response to these problems, an automated design procedure is created that uses a black-box global optimization algorithm to search for efficient threshold functions that are evaluated using WiBDAT. SLAB is finally designed using this procedure.

This thesis consists of the development of a web based wireless sensor network (WSN) monitoring system using smartphones. Typical WSNs consist of networks of wireless sensor nodes dispersed over predetermined areas to acquire, process, and transmit data from these locations. Often it is the case that the WSNs are located in areas too hazardous or inaccessible to humans. We focused on the need for access to this sensed data remotely and present our reference architecture to solve this problem. We developed this architecture for web-based wireless sensor network monitoring and have implemented a prototype that uses Crossbow Mica sensors and Android smartphones for bridging the wireless sensor network with the web services for data storage and retrieval. Our application has the ability to retrieve sensed data directly from a wireless senor network composed of Mica sensors and from a smartphones onboard sensors. The data is displayed on the phone's screen, and then, via Internet connection, they are forwarded to a remote database for manipulation and storage. The attributes sensed and stored by our application are temperature, light, acceleration, GPS position, and geographical direction. Authorized personnel are able to retrieve and observe this data both textually and graphically from any browser with Internet connectivity or through a native Android application. Web-based wireless sensor network architectures using smartphones provides a scalable and expandable solution with applicability in many areas, such as healthcare, environmental monitoring, infrastructure health monitoring, border security, and others.

The purpose of this study was to explore and describe the pre-disaster planning processes and practices used by Florida's community college administrators as of December 2008. FEMA's Building a Disaster Resistant University (DRU) model was the conceptual lens for this study. A mixed methods research design included 15 surveys completed by Florida community college business officers and six semi-structured interviews with staff most involved in pre-disaster planning. Data were compared to DRU guidelines to establish whether processes and practices were congruent with the DRU. Six quantitative findings were reported in this study. First, 5 of 14 (35.7%) survey respondents appointed a project manager ; second, 14 of 15 respondents (93.3%) conducted a risk assessment ; third, 13 of 15 (87%) respondents reported contacting 2 to14 stakeholders; fourth, 14 of 15 (93.3%) survey respondents conducted an inventory of buildings and infrastructure assets; fifth, majority of survey respondents ( 87.7%) reported they identified mitigation goals and objectives; sixth, 8 of 14 (57.1%) respondents' president formally adopted the pre-disaster mitigation plan.

Video identification or copy detection is a challenging problem and is becoming increasingly important with the popularity of online video services. The problem addressed in this thesis is the identification of a given video clip in a given set of videos. For a given query video, the system returns all the instance of the video in the data set. This identification system uses video signatures based on video tomography. A robust and low complexity video signature is designed and implemented. The nature of the signature makes it independent to the most commonly video transformations. The signatures are generated for video shots and not individual frames, resulting in a compact signature of 64 bytes per video shot. The signatures are matched using simple Euclidean distance metric. The results show that videos can be identified with 100% recall and over 93% precision. The experiments included several transformations on videos.