Visible to the public Biblio

Found 1962 results

Filters: Keyword is security  [Clear All Filters]
2017-10-19
Meraoumia, Abdallah, Laimeche, Lakhdar, Bendjenna, Hakim, Chitroub, Salim.  2016.  Do We Have to Trust the Deep Learning Methods for Palmprints Identification? Proceedings of the Mediterranean Conference on Pattern Recognition and Artificial Intelligence. :85–91.
A biometric technology is an emerging field of information technology which can be used to identifying identity of unknown individual based on some characteristics derived from specific physiological and/or behavioral characteristics that the individual possesses. Thus, among several biometric characteristics, which can be derived from the hand, palmprint has been effectively used to improve identification for last years. So far, majority of research works on this biometric trait are fundamentally based on a gray-scale image which acquired using a visible light. Recently, multispectral imaging technology has been used to make the biometric system more efficient. In this work, in order to increase the discriminating ability and the classification system accuracy, we propose a multimodal system which each spectral band of palmprint operates separately and their results are fused at matching score level. In our study, each spectral band is represented by features extracted by PCANet deep learning technique. The proposed scheme is validated using the available CASIA multispectral palmprint database of 100 users. The obtained results showed that the proposed method is very efficient, which can be improved the accuracy rate.
2017-10-13
Weichslgartner, Andreas, Wildermann, Stefan, Götzfried, Johannes, Freiling, Felix, Glaß, Michael, Teich, Jürgen.  2016.  Design-Time/Run-Time Mapping of Security-Critical Applications in Heterogeneous MPSoCs. Proceedings of the 19th International Workshop on Software and Compilers for Embedded Systems. :153–162.

Different applications concurrently running on modern MPSoCs can interfere with each other when they use shared resources. This interference can cause side channels, i.e., sources of unintended information flow between applications. To prevent such side channels, we propose a hybrid mapping methodology that attempts to ensure spatial isolation, i.e., a mutually-exclusive allocation of resources to applications in the MPSoC. At design time and as a first step, we compute compact and connected application mappings (called shapes). In a second step, run-time management uses this information to map multiple spatially segregated shapes to the architecture. We present and evaluate a (fast) heuristic and an (exact) SAT-based mapper, demonstrating the viability of the approach.

2017-10-10
Marxer, Claudio, Scherb, Christopher, Tschudin, Christian.  2016.  Access-Controlled In-Network Processing of Named Data. Proceedings of the 3rd ACM Conference on Information-Centric Networking. :77–82.

In content-based security, encrypted content as well as wrapped access keys are made freely available by an Information Centric Network: Only those clients which are able to unwrap the encryption key can access the protected content. In this paper we extend this model to computation chains where derived data (e.g. produced by a Named Function Network) also has to comply to the content-based security approach. A central problem to solve is the synchronized on-demand publishing of encrypted results and wrapped keys as well as defining the set of consumers which are authorized to access the derived data. In this paper we introduce "content-attendant policies" and report on a running prototype that demonstrates how to enforce data owner-defined access control policies despite fully decentralized and arbitrarily long computation chains.

2017-10-03
Compagno, Alberto, Conti, Mauro, Droms, Ralph.  2016.  OnboardICNg: A Secure Protocol for On-boarding IoT Devices in ICN. Proceedings of the 3rd ACM Conference on Information-Centric Networking. :166–175.

Information-Centric Networking (ICN) is an emerging networking paradigm that focuses on content distribution and aims at replacing the current IP stack. Implementations of ICN have demonstrated its advantages over IP, in terms of network performance and resource requirements. Because of these advantages, ICN is also considered to be a good network paradigm candidate for the Internet-of-Things (IoT), especially in scenarios involving resource constrained devices. In this paper we propose OnboardICNg, the first secure protocol for on-boarding (authenticating and authorizing) IoT devices in ICN mesh networks. OnboardICNg can securely onboard resource constrained devices into an existing IoT network, outperforming the authentication protocol selected for the ZigBee-IP specification: EAP-PANA, i.e., the Protocol for carrying Authentication for Network Access (PANA) combined with the Extensible Authentication Protocol (EAP). In particular we show that, compared with EAP-PANA, OnboardICNg reduces the communication and energy consumption, by 87% and 66%, respectively.

Henri, Sébastien, Vlachou, Christina, Herzen, Julien, Thiran, Patrick.  2016.  EMPoWER Hybrid Networks: Exploiting Multiple Paths over Wireless and ElectRical Mediums. Proceedings of the 12th International on Conference on Emerging Networking EXperiments and Technologies. :51–65.

Several technologies, such as WiFi, Ethernet and power-line communications (PLC), can be used to build residential and enterprise networks. These technologies often co-exist; most networks use WiFi, and buildings are readily equipped with electrical wires that can offer a capacity up to 1 Gbps with PLC. Yet, current networks do not exploit this rich diversity and often operate far below the available capacity. We design, implement, and evaluate EMPoWER, a system that exploits simultaneously several potentially-interfering mediums. It operates at layer 2.5, between the MAC and IP layers, and combines routing (to find multiple concurrent routes) and congestion control (to efficiently balance traffic across the routes). To optimize resource utilization and robustness, both components exploit the heterogeneous nature of the network. They are fair and efficient, and they operate only within the local area network, without affecting remote Internet hosts. We demonstrate the performance gains of EMPoWER, by simulations and experiments on a 22-node testbed. We show that PLC/WiFi, benefiting from the diversity offered by wireless and electrical mediums, provides significant throughput gains (up to 10x) and improves coverage, compared to multi-channel WiFi.

Enguehard, Marcel, Droms, Ralph, Rossi, Dario.  2016.  SLICT: Secure Localized Information Centric Things. Proceedings of the 3rd ACM Conference on Information-Centric Networking. :255–260.

While the potential advantages of geographic forwarding in wireless sensor networks (WSN) have been demonstrated for a while now, research in applying Information Centric Networking (ICN) has only gained momentum in the last few years. In this paper, we bridge these two worlds by proposing an ICN-compliant and secure implementation of geographic forwarding for ICN. We implement as a proof of concept the Greedy Perimeter Stateless Routing (GPSR) algorithm and compare its performance to that of vanilla ICN forwarding. We also evaluate the cost of security in 802.15.4 networks in terms of energy, memory and CPU footprint. We show that in sparse but large networks, GPSR outperforms vanilla ICN forwarding in both memory footprint and CPU consumption. However, GPSR is more energy intensive because of the cost of communications.

Enguehard, Marcel, Droms, Ralph, Rossi, Dario.  2016.  On the Cost of Secure Association of Information Centric Things. Proceedings of the 3rd ACM Conference on Information-Centric Networking. :207–208.

Information Centric Networking (ICN) paradigms nicely fit the world of wireless sensors, whose devices have tight constraints. In this poster, we compare two alternative designs for secure association of new IoT devices in existing ICN deployments, which are based on asymmetric and symmetric cryptography respectively. While the security properties of both approaches are equivalent, an interesting trade-off arises between properties of the protocol vs properties of its implementation in current IoT boards. Indeed, while the asymmetric-keys based approach incurs a lower traffic overhead (of about 30%), we find that its implementation is significantly more energy- and time-consuming due to the cost of cryptographic operations (it requires up to 41x more energy and 8x more time).

Chlebus, Bogdan S., Vaya, Shailesh.  2016.  Distributed Communication in Bare-bones Wireless Networks. Proceedings of the 17th International Conference on Distributed Computing and Networking. :1:1–1:10.

We consider wireless networks in which the effects of interference are determined by the SINR model. We address the question of structuring distributed communication when stations have very limited individual capabilities. In particular, nodes do not know their geographic coordinates, neighborhoods or even the size n of the network, nor can they sense collisions. Each node is equipped only with its unique name from a range \1, ..., N\. We study the following three settings and distributed algorithms for communication problems in each of them. In the uncoordinated-start case, when one node starts an execution and other nodes are awoken by receiving messages from already awoken nodes, we present a randomized broadcast algorithm which wakes up all the nodes in O(n log2 N) rounds with high probability. In the synchronized-start case, when all the nodes simultaneously start an execution, we give a randomized algorithm that computes a backbone of the network in O(Δ log7 N) rounds with high probability. Finally, in the partly-coordinated-start case, when a number of nodes start an execution together and other nodes are awoken by receiving messages from the already awoken nodes, we develop an algorithm that creates a backbone network in time O(n log2 N + Δ log7 N) with high probability.

Bello, Oumarou Mamadou, Taiwe, Kolyang Dina.  2016.  Mesh Node Placement in Wireless Mesh Network Based on Multiobjective Evolutionary Metaheuristic. Proceedings of the International Conference on Internet of Things and Cloud Computing. :59:1–59:6.

The necessity to deploy wireless mesh network is determined by the real world application requirements. WMN does not fit some application well due to latency issues and capacity related problem with paths having more than 2 hops. With the promising IEEE 802.11ac based device a better fairness for multi-hop communications are expected to support broadband application; the rate usually varies according to the link quality and network environment. Careful network planning can effectively improves the throughput and delay of the overall network. We provide model for the placement of router nodes as an optimization process to improve performance. Our aim is to propose a WMNs planning model based on multiobjective constraints like coverage, reliability, and cost of deployment. The bit rate guarantee therefore necessary to limit the number of stations connected to the access point; to takes into account delay and fairness of the network the user's behaviors are derived. We use a multiobjective evolutionary algorithm based metaheuristic to evaluate the performance of our proposed placement algorithm.

Majumder, Abhishek, Deb, Subhrajyoti, Roy, Sudipta.  2016.  Classification and Performance Analysis of Intra-domain Mobility Management Schemes for Wireless Mesh Network. Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies. :113:1–113:6.

Nowadays Wireless Mesh Networks (WMNs) has come up with a promising solution for modern wireless communications. But, one of the major problems with WMN is the mobility of the Mesh Clients (MCs). To offer seamless connectivity to the MCs, their mobility management is necessary. During mobility management one of the major concerns is the communication overhead incurred during handoff of the MCs. For addressing this concern, many schemes have been proposed by the researchers. In this paper, a classification of the existing intra domain mobility management schemes has been presented. The schemes have been numerically analyzed. Finally, their performance has been analyzed and compared with respect to handoff cost considering different mobility rates of the MCs.

Yang, Chen, Stoleru, Radu.  2016.  Hybrid Routing in Wireless Networks with Diverse Connectivity. Proceedings of the 17th ACM International Symposium on Mobile Ad Hoc Networking and Computing. :71–80.

Real world wireless networks usually have diverse connectivity characteristics. Although existing works have identified replication as the key to the successful design of routing protocols for these networks, the questions of when the replication should be used, by how much, and how to distribute packet copies are still not satisfactorily answered. In this paper, we investigate the above questions and present the design of the Hybrid Routing Protocol (HRP). We make a key observation that delay correlations can significantly impact performance improvements gained from packet replication. Thus, we propose a novel model to capture the correlations of inter-contact times among a group of nodes. HRP utilizes both direct delays feedback and the proposed model to estimate the replication gain, which is then fed into a novel regret-minimization algorithm to dynamically decide the amount of packet replication under unknown network conditions. We evaluate HRP through extensive simulations. We show that HRP achieves up to 3.5x delivery ratio improvement and up to 50% delay reduction, with comparable and even lower overhead than state-of-art routing protocols.

Jang, Si Young, Shin, Byoung Heon, Lee, Dongman.  2016.  Implementing a Dynamically Reconfigurable Wireless Mesh Network Testbed for Multi-Faceted QoS Support. Proceedings of the 11th International Conference on Future Internet Technologies. :95–98.

Various mobile applications require different QoS requirements, thus there is a need to resolve the application requirement into the underlying mesh network to support them. Existing approach to coordinate the application traffic requirement to underlying network has been applied in wired domains. However, it is complex in the wireless domain due to the mobility and diversity of mobile applications. Much interest is focused on resolving application QoS and match request to mesh network link availability. We propose a testbed architecture which allows dynamic configuration of mesh networks and coordination of each flow to support application-aware QoS. Our prototype testbed shows adaptive change in mesh network routing configuration depending on application requests.

Luu, Loi, Chu, Duc-Hiep, Olickel, Hrishi, Saxena, Prateek, Hobor, Aquinas.  2016.  Making Smart Contracts Smarter. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :254–269.

Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions dollars worth of virtual coins. In this paper, we investigate the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies. We introduce several new security problems in which an adversary can manipulate smart contract execution to gain profit. These bugs suggest subtle gaps in the understanding of the distributed semantics of the underlying platform. As a refinement, we propose ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. For developers writing contracts for the existing Ethereum system, we build a symbolic execution tool called Oyente to find potential security bugs. Among 19, 336 existing Ethereum contracts, Oyente flags 8, 833 of them as vulnerable, including the TheDAO bug which led to a 60 million US dollar loss in June 2016. We also discuss the severity of other attacks for several case studies which have source code available and confirm the attacks (which target only our accounts) in the main Ethereum network.

Juels, Ari, Kosba, Ahmed, Shi, Elaine.  2016.  The Ring of Gyges: Investigating the Future of Criminal Smart Contracts. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :283–295.

Thanks to their anonymity (pseudonymity) and elimination of trusted intermediaries, cryptocurrencies such as Bitcoin have created or stimulated growth in many businesses and communities. Unfortunately, some of these are criminal, e.g., money laundering, illicit marketplaces, and ransomware. Next-generation cryptocurrencies such as Ethereum will include rich scripting languages in support of smart contracts, programs that autonomously intermediate transactions. In this paper, we explore the risk of smart contracts fueling new criminal ecosystems. Specifically, we show how what we call criminal smart contracts (CSCs) can facilitate leakage of confidential information, theft of cryptographic keys, and various real-world crimes (murder, arson, terrorism). We show that CSCs for leakage of secrets (a la Wikileaks) are efficiently realizable in existing scripting languages such as that in Ethereum. We show that CSCs for theft of cryptographic keys can be achieved using primitives, such as Succinct Non-interactive ARguments of Knowledge (SNARKs), that are already expressible in these languages and for which efficient supporting language extensions are anticipated. We show similarly that authenticated data feeds, an emerging feature of smart contract systems, can facilitate CSCs for real-world crimes (e.g., property crimes). Our results highlight the urgency of creating policy and technical safeguards against CSCs in order to realize the promise of smart contracts for beneficial goals.

Zhang, Fan, Cecchetti, Ethan, Croman, Kyle, Juels, Ari, Shi, Elaine.  2016.  Town Crier: An Authenticated Data Feed for Smart Contracts. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :270–282.

Smart contracts are programs that execute autonomously on blockchains. Their key envisioned uses (e.g. financial instruments) require them to consume data from outside the blockchain (e.g. stock quotes). Trustworthy data feeds that support a broad range of data requests will thus be critical to smart contract ecosystems. We present an authenticated data feed system called Town Crier (TC). TC acts as a bridge between smart contracts and existing web sites, which are already commonly trusted for non-blockchain applications. It combines a blockchain front end with a trusted hardware back end to scrape HTTPS-enabled websites and serve source-authenticated data to relying smart contracts. TC also supports confidentiality. It enables private data requests with encrypted parameters. Additionally, in a generalization that executes smart-contract logic within TC, the system permits secure use of user credentials to scrape access-controlled online data sources. We describe TC's design principles and architecture and report on an implementation that uses Intel's recently introduced Software Guard Extensions (SGX) to furnish data to the Ethereum smart contract system. We formally model TC and define and prove its basic security properties in the Universal Composibility (UC) framework. Our results include definitions and techniques of general interest relating to resource consumption (Ethereum's "gas" fee system) and TCB minimization. We also report on experiments with three example applications. We plan to launch TC soon as an online public service.

Kiayias, Aggelos, Koutsoupias, Elias, Kyropoulou, Maria, Tselekounis, Yiannis.  2016.  Blockchain Mining Games. Proceedings of the 2016 ACM Conference on Economics and Computation. :365–382.

We study the strategic considerations of miners participating in the bitcoin's protocol. We formulate and study the stochastic game that underlies these strategic considerations. The miners collectively build a tree of blocks, and they are paid when they create a node (mine a block) which will end up in the path of the tree that is adopted by all. Since the miners can hide newly mined nodes, they play a game with incomplete information. Here we consider two simplified forms of this game in which the miners have complete information. In the simplest game the miners release every mined block immediately, but are strategic on which blocks to mine. In the second more complicated game, when a block is mined it is announced immediately, but it may not be released so that other miners cannot continue mining from it. A miner not only decides which blocks to mine, but also when to release blocks to other miners. In both games, we show that when the computational power of each miner is relatively small, their best response matches the expected behavior of the bitcoin designer. However, when the computational power of a miner is large, he deviates from the expected behavior, and other Nash equilibria arise.

Miles Carlsten, Harry Kalodner, S. Matthew Weinberg, Arvind Narayanan.  2016.  On the Instability of Bitcoin Without the Block Reward. CCS '16 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security.

Bitcoin provides two incentives for miners: block rewards and transaction fees. The former accounts for the vast majority of miner revenues at the beginning of the system, but it is expected to transition to the latter as the block rewards dwindle. There has been an implicit belief that whether miners are paid by block rewards or transaction fees does not affect the security of the block chain. We show that this is not the case. Our key insight is that with only transaction fees, the variance of the block reward is very high due to the exponentially distributed block arrival time, and it becomes attractive to fork a "wealthy" block to "steal" the rewards therein. We show that this results in an equilibrium with undesirable properties for Bitcoin's security and performance, and even non-equilibria in some circumstances. We also revisit selfish mining and show that it can be made profitable for a miner with an arbitrarily low hash power share, and who is arbitrarily poorly connected within the network. Our results are derived from theoretical analysis and confirmed by a new Bitcoin mining simulator that may be of independent interest.We discuss the troubling implications of our results for Bitcoin's future security and draw lessons for the design of new cryptocurrencies.

Kumaresan, Ranjit, Bentov, Iddo.  2016.  Amortizing Secure Computation with Penalties. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :418–429.

Motivated by the impossibility of achieving fairness in secure computation [Cleve, STOC 1986], recent works study a model of fairness in which an adversarial party that aborts on receiving output is forced to pay a mutually predefined monetary penalty to every other party that did not receive the output. These works show how to design protocols for secure computation with penalties that guarantees that either fairness is guaranteed or that each honest party obtains a monetary penalty from the adversary. Protocols for this task are typically designed in an hybrid model where parties have access to a "claim-or-refund" transaction functionality denote FCR*. In this work, we obtain improvements on the efficiency of these constructions by amortizing the cost over multiple executions of secure computation with penalties. More precisely, for computational security parameter λ, we design a protocol that implements l = poly\vphantom\\(λ) instances of secure computation with penalties where the total number of calls to FCR* is independent of l.

Luu, Loi, Narayanan, Viswesh, Zheng, Chaodong, Baweja, Kunal, Gilbert, Seth, Saxena, Prateek.  2016.  A Secure Sharding Protocol For Open Blockchains. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :17–30.

Cryptocurrencies, such as Bitcoin and 250 similar alt-coins, embody at their core a blockchain protocol –- a mechanism for a distributed network of computational nodes to periodically agree on a set of new transactions. Designing a secure blockchain protocol relies on an open challenge in security, that of designing a highly-scalable agreement protocol open to manipulation by byzantine or arbitrarily malicious nodes. Bitcoin's blockchain agreement protocol exhibits security, but does not scale: it processes 3–7 transactions per second at present, irrespective of the available computation capacity at hand. In this paper, we propose a new distributed agreement protocol for permission-less blockchains called ELASTICO. ELASTICO scales transaction rates almost linearly with available computation for mining: the more the computation power in the network, the higher the number of transaction blocks selected per unit time. ELASTICO is efficient in its network messages and tolerates byzantine adversaries of up to one-fourth of the total computational power. Technically, ELASTICO uniformly partitions or parallelizes the mining network (securely) into smaller committees, each of which processes a disjoint set of transactions (or "shards"). While sharding is common in non-byzantine settings, ELASTICO is the first candidate for a secure sharding protocol with presence of byzantine adversaries. Our scalability experiments on Amazon EC2 with up to \$1, 600\$ nodes confirm ELASTICO's theoretical scaling properties.

Kumaresan, Ranjit, Vaikuntanathan, Vinod, Vasudevan, Prashant Nalini.  2016.  Improvements to Secure Computation with Penalties. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :406–417.

Motivated by the impossibility of achieving fairness in secure computation [Cleve, STOC 1986], recent works study a model of fairness in which an adversarial party that aborts on receiving output is forced to pay a mutually predefined monetary penalty to every other party that did not receive the output. These works show how to design protocols for secure computation with penalties that tolerate an arbitrary number of corruptions. In this work, we improve the efficiency of protocols for secure computation with penalties in a hybrid model where parties have access to the "claim-or-refund" transaction functionality. Our first improvement is for the ladder protocol of Bentov and Kumaresan (Crypto 2014) where we improve the dependence of the script complexity of the protocol (which corresponds to miner verification load and also space on the blockchain) on the number of parties from quadratic to linear (and in particular, is completely independent of the underlying function). Our second improvement is for the see-saw protocol of Kumaresan et al. (CCS 2015) where we reduce the total number of claim-or-refund transactions and also the script complexity from quadratic to linear in the number of parties.

Karame, Ghassan.  2016.  On the Security and Scalability of Bitcoin's Blockchain. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :1861–1862.

The blockchain emerges as an innovative tool which proves to be useful in a number of application scenarios. A number of large industrial players, such as IBM, Microsoft, Intel, and NEC, are currently investing in exploiting the blockchain in order to enrich their portfolio of products. A number of researchers and practitioners speculate that the blockchain technology can change the way we see a number of online applications today. Although it is still early to tell for sure, it is expected that the blockchain will stimulate considerable changes to a large number of products and will positively impact the digital experience of many individuals around the globe. In this tutorial, we overview, detail, and analyze the security provisions of Bitcoin and its underlying blockchain-effectively capturing recently reported attacks and threats in the system. Our contributions go beyond the mere analysis of reported vulnerabilities of Bitcoin; namely, we describe and evaluate a number of countermeasures to deter threats on the system-some of which have already been incorporated in the system. Recall that Bitcoin has been forked multiple times in order to fine-tune the consensus (i.e., the block generation time and the hash function), and the network parameters (e.g., the size of blocks). As such, the results reported in this tutorial are not only restricted to Bitcoin, but equally apply to a number of "altcoins" which are basically clones/forks of the Bitcoin source code. Given the increasing number of alternative blockchain proposals, this tutorial extracts the basic security lessons learnt from the Bitcoin system with the aim to foster better designs and analysis of next-generation secure blockchain currencies and technologies.

2017-09-27
O'Neill, Mark, Ruoti, Scott, Seamons, Kent, Zappala, Daniel.  2016.  TLS Proxies: Friend or Foe? Proceedings of the 2016 Internet Measurement Conference. :551–557.
We measure the prevalence and uses of TLS proxies using a Flash tool deployed with a Google AdWords campaign. We generate 2.9 million certificate tests and find that 1 in 250 TLS connections are TLS-proxied. The majority of these proxies appear to be benevolent, however we identify over 1,000 cases where three malware products are using this technology nefariously. We also find numerous instances of negligent, duplicitous, and suspicious behavior, some of which degrade security for users without their knowledge. Distinguishing these types of practices is challenging in practice, indicating a need for transparency and user awareness.
Shastri, Ashka, Joshi, Jignesh.  2016.  A Wormhole Attack in Mobile Ad-hoc Network: Detection and Prevention. Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies. :31:1–31:4.
In Mobile Ad hoc Network (MANET) is a self-organizing session of communication between wireless mobile nodes build up dynamically regardless of any established infrastructure or central authority. In MANET each node behaves as a sender, receiver and router which are connected directly with one another if they are within the range of communication or else will depend on intermediate node if nodes are not in the vicinity of each other (hop-to-hop). MANET, by nature are very open, dynamic and distributed which make it more vulnerable to various attacks such as sinkhole, jamming, selective forwarding, wormhole, Sybil attack etc. thus acute security problems are faced more related to rigid network. A Wormhole attack is peculiar breed of attack, which cause a consequential breakdown in communication by impersonating legitimate nodes by malicious nodes across a wireless network. This attack can even collapse entire routing system of MANET by specifically targeting route establishment process. Confidentiality and Authenticity are arbitrated as any cryptographic primitives are not required to launch the attack. Emphasizing on wormhole attack attributes and their defending mechanisms for detection and prevention are discussed in this paper.
Ucar, Seyhan, Coleri Ergen, Sinem, Ozkasap, Oznur, Tsonev, Dobroslav, Burchardt, Harald.  2016.  SecVLC: Secure Visible Light Communication for Military Vehicular Networks. Proceedings of the 14th ACM International Symposium on Mobility Management and Wireless Access. :123–129.

Technology coined as the vehicular ad hoc network (VANET) is harmonizing with Intelligent Transportation System (ITS) and Intelligent Traffic System (ITF). An application scenario of VANET is the military communication where vehicles move as a convoy on roadways, requiring secure and reliable communication. However, utilization of radio frequency (RF) communication in VANET limits its usage in military applications, due to the scarce frequency band and its vulnerability to security attacks. Visible Light Communication (VLC) has been recently introduced as a more secure alternative, limiting the reception of neighboring nodes with its directional transmission. However, secure vehicular VLC that ensures confidential data transfer among the participating vehicles, is an open problem. In this paper, we propose a secure military light communication protocol (SecVLC) for enabling efficient and secure data sharing. We use the directionality property of VLC to ensure that only target vehicles participate in the communication. Vehicles use full-duplex communication where infra-red (IR) is utilized to share a secret key and VLC is used to receive encrypted data. We experimentally demonstrate the suitability of SecVLC in outdoor scenarios at varying inter-vehicular distances with key metrics of interest, including the security, data packet delivery ratio and delay.

2017-09-26
Konigsmark, S. T. Choden, Chen, Deming, Wong, Martin D. F..  2016.  Information Dispersion for Trojan Defense Through High-level Synthesis. Proceedings of the 53rd Annual Design Automation Conference. :87:1–87:6.

Emerging technologies such as the Internet of Things (IoT) heavily rely on hardware security for data and privacy protection. However, constantly increasing integration complexity requires automatic synthesis to maintain the pace of innovation. We introduce the first High-Level Synthesis (HLS) flow that produces a security enhanced hardware design to directly prevent Hardware Trojan Horse (HTH) injection by a malicious foundry. Through analysis of entropy loss and criticality decay, the presented algorithms implement highly efficient resource-targeted information dispersion to counter HTH insertion. The flow is evaluated on existing HLS benchmarks and a new IoT-specific benchmark and shows significant resource savings.