EE 5723EE 4723 Course Projects Course Projects n

EE 5723/EE 4723 Course Projects

Course Projects n The course research project can be a design of new secure algorithms/protocols; an analysis/evaluation/implementation of existing secure algorithms, protocols, or systems; Identifying new attacks and vulnerabilities in MANET/VANET & WSN algorithms or protocols. ¨ Potential project topics will be distributed and discussed on the 4 th week. Students are encouraged to identify the topics based on their own background and interests. ¨ With a chosen topic, the students should identify an open problem, formulate a concrete proposal to address the problem, research related work, propose a new scheme or develop a novel analysis, and obtain results to evaluate their ideas. ¨ A 1~2 -page proposal is due on 6 th week which describes with a clear statement of the specific problem of your focused topic, and the expected results. A 2~3 -page mid-term project progress report is due on week 10, which describes the research topic, prior work relevant to the problem, the methodology to be followed, and preliminary results. A 8~10 page high-quality final report is due on week 15. A final in-class presentation from all project teams will be given during that week. ¨ Often a research project will demand performance evaluation via simulation. You are free to use whatever programming language (C/C++/Java, ns 2, OPNET, MATLAB) for your project simulation. n Each project team is formed up to 2 students. The project teams should be formed by the end of 5 th week. n The projects will be graded on the basis of both team success and individual effort. EE 5723/EE 4723 Spring 2010

Important Dates & Project Report n Important Dates ¨ Project proposal due: Feb. 18, 2010 ¨ Mid-term project progress due: March 18, 2010 ¨ Final project report due: April 22, 2010 ¨ Project presentations: April 20/22, 2010 n Project Report ¨ Preferably using word document ¨ 8 -12 pages including figures and references, ¨ 11 pt, double column, single space EE 5723/EE 4723 Spring 2010

Projects: Tasks involved n Identify your favorite problem n Propose a solution n Implement and evaluate your solution on simulators (eg. , ns-2, OPNET, Matlab, or C/C++/Java) n Run experiments to evaluate your solution n Write a technical report that is close to the quality of a conference paper n Present your results to the class n Demos (successful demos earn extra points) if necessary EE 5723/EE 4723 Spring 2010

Project Proposal n n n n Group members (up to 2 students form a team) Motivation Problem formulation Assumptions Project goals Approach, preliminary solutions, and their rationale Sketch of design and algorithms Simulation plan ¨ What are you going to simulate? ¨ What experiments are you going to run? ¨ What metrics are you going to use? n References EE 5723/EE 4723 Spring 2010

Project 1: Trust Establishment, Management, and Modeling in MANET/VANET n Problem/Motivation: ¨ MANET is distributed, nodes are non cooperative in nature. n No centralized certificate authority (CA), each node may sign its own certificate, therefore, trust evaluation is required since no PKI. ¨ n E. g. , distributed (PGP): involve signature trust and key legitimacy. In broad sense, trust evaluation among nodes in terms of various concerned behavior ¨ (e. g. , packet forwarding/dropping, recommendation, …. ) is needed for all protocol activities (distinguish “Well-behaved nodes” & “malicious nodes”) n Task: Develop trust evaluation (e. g. Credit/reputation-based strategy, Trust metrics), establishment and updating mechanisms n Goal: Scalable and less complex ¨ Trust Relay: a trust must be transitive n Deliverables: Mechanism/theoretical study; simulation/analytical study EE 5723/EE 4723 Spring 2010

Project 2: Security vs. Network Qo. S (network tradeoffs): Security-Qo. S Co-design n Problem: Different performance metrics may be in (partial) conflict Probably the most secure system is of minimal usability ¨ E. g. , energy efficiency/computation complexity vs cryptography strength ¨ n Tasks: Incorporating network metrics and security: scalability, communication overhead, computation complexity, energy efficiency, device capability, … ¨ Many conventional security solutions take a centralized approach: For the distributed WSN & MANET/VANET, how distributed mechanisms can be designed? ¨ n Deliverables: Mechanism/theoretical study; simulation/analytical study EE 5723/EE 4723 Spring 2010

Project 3: Countermeasure Misbehaviors at MAC Layer (including Intelligent Jamming) I n Problem: Misbehaving nodes may violate MAC rules ¨ Disobey protocol specs for selfish gains (Do. S attacks) ¨ Possible Nodes Misbehaviors n n n Causing collisions with other hosts’ RTS or CTS; Those hosts will exponentially backoff on packet loss, giving free channel to the misbehaving host Impatient Transmitter: Smaller backoff intervals; Shorter Interframe Spacings Tasks: ¨ Diagnose node misbehavior: Catch misbehaving nodes ¨ Discourage misbehavior: Punish misbehaving nodes EE 5723/EE 4723 Spring 2010

Project 3: Countermeasure Misbehaviors at MAC Layer II: Existing/Potential Approach n Watch idle times on the channel to detect when hosts wait too little ¨ Passive Single Observation: a receiver can try to diagnose behavior of nodes trying to send packets to the receiver n n ¨ Wireless channel introduces uncertainties; Not all hosts see channel idle at the same time Spatial channel variations bound the efficacy of misbehavior detection mechanisms Many existing proposals ignore channel variation when performing evaluations, making the evaluations less reliable Receiver does not know exact backoff value chosen by sender: Sender chooses random backoff; Hard to distinguish between maliciously chosen small values and a legitimate value Variations – Multiple Observers n n n In an ad hoc networks, a node can only diagnose, on its own, misbehavior by senders in its vicinity Potential for error due to channel variations Different hosts can cooperate to improve accuracy n Open problem: How to cooperate? How to “merge” information to arrive at a diagnosis? Node mobility introduce more challenges n Task: Design efficient/scalable protocols that improve the ability to detect misbehavior EE 5723/EE 4723 Spring 2010

Project 3: Countermeasure Misbehaviors at MAC Layer III: Existing/Potential Approach n Protocols that discourage misbehavior: Certain game-theoretic approaches & Incentive based approaches: It has been shown (Mac. Kenzie’s contribution) that there exists a Nash equilibrium strategy ¨ Problem: Game-theoretic solutions (so far) assume that all hosts see identical channel state ¨ n n ¨ n Not realistic Limits usefulness of solutions Task: Improvement Incentive-Based Mechanisms: Use payment schemes, charging per packet (Sprite: A Simple, Cheat-Proof, Credit-Based System for Mobile Ad-Hoc Networks, Infocom 2003) ¨ ¨ ¨ Misbehaving hosts can get more throughput, but at a higher cost This solution does not ensure fairness Also, misbehaving node can achieve lower delay at no extra cost Problem: This suggests that per-packet payment is not enough Task: Need to factor delay and fairness as well (harder) EE 5723/EE 4723 Spring 2010

Project 4: Adaptive Security Provisioning in MANET & WSN n Problem: Static security architectures cannot cope with rapidly changing security environment, including: ¨ ¨ n physical parameters threats network dynamics mission goals Goal: Adaptation to handle many dimensions of dynamics to enhance the overall security of system in an efficient way: ¨ Adaptive to user requirements n ¨ ¨ ¨ Adaptive to user devices: node security capability level adaptive to its resource Adaptive to operation environment: Adaptive to channel dynamics: n ¨ Cross-domain service for roaming users Adaptive to trust level among nodes Adaptive to dynamic membership and network scalability n n Partial connectivity, disconnectivity, full connectivity Adaptive to mobility n ¨ ¨ Differential security services used in government and military Node join, leave, fail Task: ¨ Systematic Security Provisioning Architecture and Framework n Develop Cross-layer adaptive security protocol scheme: Localized anonymity detection & reaction, global coordination EE 5723/EE 4723 Spring 2010

Project 5: Threat Model & Vulnerability Analysis & Security Metrics for Various MANET/VANET & WSN Applications n Problem: Modeling vulnerabilities ¨ VERY POOR state of understanding ¨ Needed by services and applications n Tasks: Threat Model, Vulnerability Analysis, Security Metrics, Security Assessment n Deliverables: EE 5723/EE 4723 Spring 2010

Project 6: Secure Communication (A view from Transport Layer): n n Problem: Availability of an authentic key is not enough to prevent traffic analysis, demand anonymity ¨ We may want to hide the source or the destination of a packet, or simply the amount of traffic between a given pair of nodes ¨ Traditional approaches for anonymous communication, for instance, based on MIX nodes or dummy traffic insertion, can be used in wireless ad hoc networks as well Task: Develop new anonymity mechanism for MANET/VANET or WSN ¨ It is possible to develop new approaches considering the broadcast nature of the wireless channel EE 5723/EE 4723 Spring 2010

Project 7: MANET/VANET Network Layer (Routing) Misbehavior - Selfish & uncooperative behaviors I n Many potential misbehaviors identified in various papers ¨ Route Discovery n n May disrupt route discovery and maintenance: Force use of poor routes (e. g. , long routes) May degrade performance by making good routes look bad ¨ Packet Forwarding n n A node “agrees” to join a route (for instance, by forwarding route request in DSR) but fails to forward packets correctly: Delay, drop, corrupt, misroute packets A node may do so to conserve energy, or to launch a denial-ofservice attack, due to failure of some sort, or because of overload EE 5723/EE 4723 Spring 2010

Project 7: MANET/VANET Network Layer (Routing) Misbehavior -Selfish & uncooperative behaviors II n Misbehavior Detection & Reaction ¨ n Difficult in MANET/VANET & WSN environment How to encourage Honesty in Wireless Networks (e. g. , CONFIDANT Protocol: E. g. Hosts Bearing Grudges) ¨ Reputation-based scheme n n n ¨ ¨ Honest mobile nodes will forward packets for one another Cheaters will forward just for themselves May be difficult to tell the difference … Nodes prefer to route through & for nodes with higher reputation Interesting concept, but cannot circumvent the difficulties in diagnosing misbehavior accurately n Each node determines whether its neighbor is misbehaving A node ALARMs its “friends” when a misbehaving hosts is detected Each node maintains reputation ratings for other nodes that are reduced on receipt of ALARMs ¨ How to decide on friends? What if “friends” cheat? ¨ ¨ EE 5723/EE 4723 Spring 2010

Project 7: MANET Network Layer (Routing) Misbehavior -Selfish & uncooperative behaviors III n Problem: Anomaly detection-Detect deviation from “normal” behavior ¨ ¨ Need to characterize “normal” Normal behavior hard to characterize accurately n ¨ Need to be able to determine when observed behavior departs significantly from the norm n n E. g. , the MAC layer approach for detecting deviation from “normal” distribution of contention window parameters can be considered an “anomaly detection” scheme Avoid false positives Task: ¨ Anomaly detection can be useful at network layer n How to characterize “normal” routing protocol behavior? Some of the routing mechanisms detect specific forms of abnormal behavior, but a more generic approach is desired ¨ Can we design a protocol-independent anomaly detection mechanism? Not clear ¨ EE 5723/EE 4723 Spring 2010

Project 8 : Secure localization (Authentication & Privacy) - Location Verification in WSN n Problem: Secure location discovery and verification of claims n Tasks: n Deliverables: Mechanism/theoretical study; simulation/analytical study EE 5723/EE 4723 Spring 2010

Project 9: Lightweight Security Primitives/Solutions in MANET & WSN (Including power-aware security mechanisms) n Problem: Severe Resource Constraints ¨ Ref: U-Tesla n Tasks: n Deliverables: Mechanism/theoretical study; simulation/analytical study EE 5723/EE 4723 Spring 2010

Project 10: Security for In-Network Processing & Tolerating Malicious Data- Resilient Aggregation (In-network aggregation introduces new security challenges) for WSN n Problem: Secure aggregation and in-network processing n Tasks: n Deliverables: Mechanism/theoretical study; simulation/analytical study EE 5723/EE 4723 Spring 2010

Project 11: Authentication Architecture and Protocols in MANET & WSN n Problem: Lack of KDC & CA n Tasks: n Deliverables: Mechanism/theoretical study; simulation/analytical study EE 5723/EE 4723 Spring 2010

Project 12: Vulnerability & Threat Model for Smart Grid or other Critical Infrastructures n Problem: Modeling vulnerabilities ¨VERY Infant state of understanding n Tasks: Threat Model, Vulnerability Analysis, Security Metrics, Security Assessment n Deliverables: EE 5723/EE 4723 Spring 2010

Programming Project Option n IDEA Programming (10%) ¨ At least two operation modes for choice ¨ Due in March 18, 2010 n Secure Instant Messenger with RSA (15%) ¨ Tentative ¨ Or realize RSA and any hashing algorithm; sign the hash of a file or message with private key as its signature; verify the signature with the pubic key ¨ Due in April 22, 2010 EE 5723/EE 4723 Spring 2010

Survey Project Option n Individual project n Any topic from presentation or research project topics n Wider and deeper than presentation ¨ More reference reading ¨ Deeper critiques: remaining problems, potential solutions & future developments n Important Date ¨ Same as research project EE 5723/EE 4723 Spring 2010

Project Proposal n Survey topic n Significance of specified topic n Preliminary reading notes n Planned directions for investigation n References EE 5723/EE 4723 Spring 2010