Orgun, Mehmet A.; Orgun, Atilla Elçi; Pieprzyk, Josef; Chefranov, Alexander; Shankaran, Rajan; Wang, Huaxiong; Zhuge, Hai
doi: 10.1002/cpe.3353pmid: N/A
Summary The current mobile devices have become smart and are increasingly being used for conducting business and personal activities. Also, there is increasing number of attacks targeting such mobile devices. The term mobile botnet refers to group of mobile devices that are compromised and controlled by the attacker that can be used for generating distributed denial‐of‐service attacks. The security protocols that have been proposed for wireless and mobile networks have several weaknesses that can be exploited by the attacker to obtain unauthorized access and generate attacks. Also, there is growing number of malicious applications that are aimed to compromise smartphones and using them for generating different types of attacks. In this paper, we propose techniques to counteract distributed denial‐of‐service attacks on wireless mobile devices. We describe the operation and architectural components of our model. We will show that our model is able to efficiently deal with the attacks by dropping the attack traffic before it targets the victim mobile node, can prevent the attack traffic at the upstream nodes, and also deal with the attack cases that involve mobility of the attacking and victim nodes. Copyright © 2014 John Wiley & Sons, Ltd.
Orgun, Mehmet A.; Orgun, Atilla Elçi; Pieprzyk, Josef; Chefranov, Alexander; Shankaran, Rajan; Wang, Huaxiong; Zhuge, Hai
doi: 10.1002/cpe.3433pmid: N/A
Summary We present a formal framework for reasoning about security concerns in the context of embedded sensor networks. We first provide an agent‐based programming model for sensor networks. A logical framework enables reasoning about security, safety, and integrity with respect to usage of resources in this model. Embedded sensor networks often operate in rapidly changing mission‐critical environments where both functional and nonfunctional requirements can alter dynamically in an unforeseen manner. The network may need to be reconfigured and reprogrammed in response to changes in its operating conditions. We provide a framework based on counterfactual logic to formally represent changes to the system and perform what‐if reasoning about their impact on security and safety even before they have been applied. Copyright © 2015 John Wiley & Sons, Ltd.
Orgun, Mehmet A.; Orgun, Atilla Elçi; Pieprzyk, Josef; Chefranov, Alexander; Shankaran, Rajan; Wang, Huaxiong; Zhuge, Hai
doi: 10.1002/cpe.3311pmid: N/A
Summary The increasing adoption of wireless sensor networks as a flexible and inexpensive tool for the most diverse applications, ranging from environmental monitoring to home automation, has raised more and more attention to the issues related to the design of specifically customized security mechanisms. The scarcity of computational, storage, and bandwidth resources cannot definitely be disregarded in such context, and this makes the implementation of security algorithms particularly challenging. This paper proposes a security framework for the generation of true random numbers, which are paramount as the core building block for many security algorithms; the intrinsic nature of wireless sensor nodes and their capability of reliably providing measurements of environmental quantities make them natural candidates as true random number generators. In order to provide robustness to common attacks, we additionally devised a protocol aimed at obscuring the actual source of data, by making nodes cooperate with their neighbors. Furthermore, we describe an enhanced version of our framework consisting in an optimization for use in the context of resource‐constrained systems. Copyright © 2014 John Wiley & Sons, Ltd.
Orgun, Mehmet A.; Orgun, Atilla Elçi; Pieprzyk, Josef; Chefranov, Alexander; Shankaran, Rajan; Wang, Huaxiong; Zhuge, Hai
doi: 10.1002/cpe.3075pmid: N/A
Summary Wireless sensor networks (WSNs) are expected to be widely deployed to collect data in military and civilian applications. Because of the open nature of WSNs, it is easy for an adversary to eavesdrop sensor communication and to trace packets, causing privacy concern for the sensor devices. The privacy issue, especially location privacy, can be critical for monitoring applications in WSNs. A unique case of location privacy is that of the sources, which are vulnerable of being captured and target attacks. In this paper, we propose a scheme to protect the source–location privacy based on a novel use of multiring topology. To achieve a uniformly distributed traffic pattern throughout the network, the source node selects two random rings each from its external rings and internal rings and a set of two random angles with a sum of 180 degrees for each packet. The packet is sent at one of the angles in each ring. Fake packets are also injected to provide path diversity and to increase attack time, which is defined as the time that the adversary takes to locate the source successfully. These techniques protect the source node from packet tracing attacks as well as traffic analysis attacks. Our analysis and simulations, performed in the NS2 simulator and MATLAB, demonstrate that our proposed scheme can provide better spatial traffic evenness and longer attack time, along with a modest increase of hop count and energy consumption.Copyright © 2013 John Wiley & Sons, Ltd.
Orgun, Mehmet A.; Orgun, Atilla Elçi; Pieprzyk, Josef; Chefranov, Alexander; Shankaran, Rajan; Wang, Huaxiong; Zhuge, Hai
doi: 10.1002/cpe.3493pmid: N/A
Summary This paper studies logic‐based methods for representing and evaluating complex access control policies needed by modern applications. In our framework, authorization and delegation rules are specified in a weighted delegatable authorization program, which is an extended logic program. We show how extended logic programs can be used to specify complex security policies, which support weighted administrative privilege delegation, weighted positive and negative authorizations, and weighted authorization propagations. We also present a conflict resolution method that enables flexible delegation control by considering priorities of authorization grantors and weights of authorizations. We show how this method can be specialized to achieve many of the current existing conflict resolution methods. A number of rules are provided to achieve delegation depth control, conflict resolution, and authorization and delegation propagations. We also show how to use SMODELS to implement weighted delegatable authorization program. Copyright © 2015 John Wiley & Sons, Ltd.
Orgun, Mehmet A.; Orgun, Atilla Elçi; Pieprzyk, Josef; Chefranov, Alexander; Shankaran, Rajan; Wang, Huaxiong; Zhuge, Hai
doi: 10.1002/cpe.3079pmid: N/A
Summary Authentication codes (A‐codes) are a well studied technique to provide unconditionally secure authentication. An A‐code is defined by a map that associates a pair formed by a message and a key to a tag. A‐codes linear in the keys have been studied for application to distributed authentication schemes. In this paper, we address the dual question, which is the study of A‐codes that are linear in the messages. This is usually an undesired property, except in the context of network coding. Regarding these A‐codes, we derive some lower bounds on security parameters when key space is known. We also show a lower bound on key size when security parameter values are given (with some special properties) and construct some codes meeting the bound. We finally present a variant of these codes that authenticate multiple messages with the same key while preserving unconditional security. Copyright © 2013 John Wiley & Sons, Ltd.
Orgun, Mehmet A.; Orgun, Atilla Elçi; Pieprzyk, Josef; Chefranov, Alexander; Shankaran, Rajan; Wang, Huaxiong; Zhuge, Hai
doi: 10.1002/cpe.3370pmid: N/A
Summary Recommendations based on offline data processing has attracted increasing attention from both research communities and IT industries. The recommendation techniques could be used to explore huge volumes of data, identify the items that users probably like, translate the research results into real‐world applications and so on. This paper surveys the recent progress in the research of recommendations based on offline data processing, with emphasis on new techniques (such as temporal recommendation, graph‐based recommendation and trust‐based recommendation), new features (such as serendipitous recommendation) and new research issues (such as tag recommendation and group recommendation). We also provide an extensive review of evaluation measurements, benchmark data sets and available open source tools. Finally, we outline some existing challenges for future research. Copyright © 2014 John Wiley & Sons, Ltd.
Showing 1 to 10 of 17 Articles