We study parallel algorithms for identifying the dead sensors in a mobile ad hoc wireless network and for resolving broadcast conflicts on a multiple access channel (MAC). Our approach involves the development and application of new group-testing algorithms, where we are asked to identify all the defective items in a set of items when we can test arbitrary subsets of items. In the standard group-testing problem, the result of a test is binary—the tested subset either contains defective items or not. In the versions we study in this paper, the result of each test is non-binary. For example, it may indicate whether the number of defective items contained in the tested subset is zero, one, or at least two (i.e., the results are 0, 1, or 2+). We give adaptive algorithms that are provably more efficient than previous group testing algorithms (even for generalized response models). We also show how our algorithms can be implemented in parallel, because they possess a property we call conciseness, which allows them to be used to solve dead sensor diagnosis and conflict resolution on a MAC. Dead sensor diagnosis poses an interesting challenge compared to MAC resolution, because dead sensors are not locally detectable, nor are they themselves active participants. Even so, we present algorithms that can be applied in both contexts that are more efficient than previous methods. We also give lower bounds for generalized group testing.

Abstract — Tampering of a database can be detected through the use of cryptographically-strong hash functions. Subsequently-applied forensic analysis algorithms can help determine when, what, and perhaps ultimately who and why. This paper presents a novel forensic analysis algorithm, the Tiled Bitmap Algorithm, which is more efficient than prior forensic analysis algorithms. It introduces the notion of a candidate set (all possible locations of detected tampering(s)) and provides a complete characterization of the candidate set and its cardinality. An optimal algorithm for computing the candidate set is also presented. Finally, the implementation of the Tiled Bitmap Algorithm is discussed, along with a comparison to other forensic algorithms in terms of space/time complexity and cost. An example of candidate set generation and proofs of the theorems and lemmata and of algorithm correctness can be found in the appendix.

We study query authentication schemes, algorithmic and cryptographic constructions that provide efficient and secure protocols for verifying the results of queries over structured data in untrusted or adversarial data distribution environments. We formally define the problem in a new data query and authentication setting that involves general query types answered in the RAM model of computation, and put forward a new approach for designing secure query authentication schemes that, through the new concept of query certification, aims to authenticate the validity of the answer, rather than the entire process that generates the answer. Our main results state that this new authentication framework achieves generality, namely any query type admits a secure query authentication scheme, and also supports an important type of modularity, namely the authentication of general queries based on the evaluation of relations over the data elements is reduced to the authentication of set-membership queries. Thus, in addition to general possibility results under general assumptions and characterization results using existing cryptographic techniques, we contribute a clear separation between algorithmics and cryptography in data-authentication protocol design, and sufficient conditions for achieving super-efficient answer verification in time asymptotically less than the time needed to answer the query.

Denial-of-Service (DoS) attacks remain a challenging problem in the Internet. In a DoS attack the attacker is attempting to make a resource unavailable to its intended legitimate clients. Furthermore, in order to employ massive attack power, the attacker usually launches a distributed denial of service (DDoS) attack, in which several subordinate hosts attack the target in concert. Denial-of-service attacks can result in significant loss of time and money for many organizations, thus, many defense mechanisms have been proposed. In this paper we propose a novel approach for detecting DoS attackers, which we call live baiting. Live baiting leverages group-testing theory, which aims at discovering defective members in a population using the minimum number of “tests”, to detect attackers with the minimum state. We analyzed the coverage, effectiveness, in terms of false positive and false negative probabilities, and efficiency, in terms of memory, message overhead, and computational complexity, of our approach. We validated our analysis using NS-2 simulations modeled after real Web traces. Live baiting detected hundreds of DoS attackers against a Web service within 90 seconds, with few false positives and almost zero false negatives. Moreover, live baiting substantially reduced the amount of state needed to detect DoS attackers, from order of total number of clients to order of number of attackers. This saving allows live baiting to scale to large services with millions of clients.

Data sharing with multiple parties over a third-party distribution framework requires that both data integrity and confidentiality be assured. One of the most widely used data organization structures is the tree structure. When such structures encode sensitive information (such as in the XML documents), it is crucial that integrity and confidentiality be assured not only for the content, but also for the structure. Digital signature schemes are commonly used to authenticate the integrity of the data. The most widely used such technique for tree structures is the Merkle hash technique, which however is known to be “not hiding”, thus leading to leakage of information. Most existing techniques for the integrity of hierarchical data structures are based on the Merkle hash technique and thus suffer from the problem of information leakages. We describe the types of leakages and inference attacks that can be carried out on the Merkle hash technique, in the context of integrity assurance. Assurance of integrity and confidentiality (no leakages) of tree-structured data is an important problem in the context of secure data publishing and content distribution systems. In this paper, we propose an integrity assurance scheme for tree data structures, which assures both confidentiality and integrity and is also efficient, especially in third-party distribution environments. Our integrity assurance technique, which we refer to as the “structural integrity assurance scheme”, is based on the structure

Abstract- The need for secure data storage has become a necessity of our time. Medical records, financial records, and legal information are all in need of secure storage. In the era of globalization and dynamic world economies, data outsourcing is inevitable. Security is major concern in data outsourcing environment, since data is under the custody of third party service provider. In present systems, third party can access & view data even though they are not authorized to do so or even when the data is outsourced to the auditors or allow the employee of the organization to do the updating in the database. This may lead to the serious data theft, data tampering & even data leakages causing severe business impact to data owner. There are certain many such cases occurred in financial & insurance sector where the data is been tampered by the auditors or by the employees of the organization itself. In this paper we have proposed a novel solution to overcome the problem of tamper detection by notarizing the original data. A heuristics approach is presented in our model where a validator system always authenticate the data for its originality using strong one way hash key functions like MD5 with authorized notarizer. By providing different digital signatures for different data owners, the proposed system provides a strong notarization & validation schemes to maintain high data security and integrity requirements.

Abstract—During the last decade, Reactive Jamming Attack has emerged as a great security threat to wireless sensor networks, due to its mass destruction to legitimate sensor communications and difficulty to be disclosed and defended. Considering the specific characteristics of reactive jammer nodes, a new scheme to deactivate them by efficiently identifying all trigger nodes, whose transmissions invoke the jammer nodes, has been proposed and developed. Such a trigger-identification procedure can work as an application-layer service and benefit many existing reactive-jamming defending schemes. In this paper, on the one hand, we leverage several optimization problems to provide a complete trigger-identification service framework for unreliable wireless sensor networks. On the other hand, we provide an improved algorithm with regard to two sophisticated jamming models, in order to enhance its robustness for various network scenarios. Theoretical analysis and simulation results are included to validate the performance of this framework.

The set of policies and the group of people need to access the valuable database by the authorized inter mediator, still the organizational employee also go through the authorized inter mediator. Cryptographic hashing is one of the best approach and work as a inter mediator. This paper show how to resolve when tampering arises in Database, what data was tampered and the identification of the person to tamper the data. These things are detected by using the forensic analysis. This paper presents a new forensic analysis algorithm, the tiled bitmap algorithm, which is more capable then the previous algorithm. It introduces the concept of a candidate set (all possible place of detected tampering(s)) and gives a full classification of the candidate set and its cardinality and prevent the intruder, the computing of the candidate set is also presented. There are certain cases happened in BANK and other sector where the data has been tamper by the assessor, outsider or by the employees of the organizations. The separate audit logs validate to observe and inspect the database along with the extra information and state of the data. Audit log play a central role in database. The space and time complexity is less in this forensic analysis algorithm.