Results 1 - 10
of
17
J.P.: Revocation games in ephemeral networks
- In: Proceedings of the 16th ACM conference on Computer and communications security
, 2008
"... A frequently proposed solution to node misbehavior in mobile ad hoc networks is to use reputation systems. But in ephemeral networks- a new breed of mobile networks where contact times between nodes are short and neighbors change frequently- reputations are hard to build. In this case, local revocat ..."
Abstract
-
Cited by 9 (5 self)
- Add to MetaCart
(Show Context)
A frequently proposed solution to node misbehavior in mobile ad hoc networks is to use reputation systems. But in ephemeral networks- a new breed of mobile networks where contact times between nodes are short and neighbors change frequently- reputations are hard to build. In this case, local revocation is a faster and more efficient alternative. In this paper, we define a game-theoretic model to analyze the various local revocation strategies. We establish and prove the conditions leading to subgame-perfect equilibria. We also derive the optimal parameters for voting-based schemes. Then we design a protocol based on our analysis and the practical aspects that cannot be captured in the model. With realistic simulations on ephemeral networks we compare the performance and economic costs of the different techniques.
Optimal Revocations in Ephemeral Networks: A Game-Theoretic Framework
"... Abstract—Revocation of public-key certificates is an important security primitive. In this paper, we design a fully distributed local certificate revocation scheme for ephemeral networks- a class of extremely volatile wireless networks with short-duration and short-range communications- based on a g ..."
Abstract
-
Cited by 4 (2 self)
- Add to MetaCart
Abstract—Revocation of public-key certificates is an important security primitive. In this paper, we design a fully distributed local certificate revocation scheme for ephemeral networks- a class of extremely volatile wireless networks with short-duration and short-range communications- based on a game-theoretic approach. First, by providing incentives, we can guarantee the successful revocation of the malicious nodes even if they collude. Second, thanks to the records of past behavior, we dynamically adapt the parameters to nodes ’ reputations and establish the optimal Nash equilibrium (NE) on-the-fly, minimizing the social cost of the revocation. Third, based on the analytical results, we define a unique optimal NE selection protocol and evaluate its performance through simulations. We show that our scheme is effective in quickly and efficiently removing malicious devices from the network.
Limits on Revocation in VANETs
"... Abstract. We examine the limitations on revocation approaches in VANETs, including local revocation and global revocation. Local revocation schemes often use a local vote to identify and revoke an attacker. However, such votes often require that not only a majority of local nodes are honest, but tha ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract. We examine the limitations on revocation approaches in VANETs, including local revocation and global revocation. Local revocation schemes often use a local vote to identify and revoke an attacker. However, such votes often require that not only a majority of local nodes are honest, but that they also are able to detect the attack. We argue that these requirements may not be practical, particularly in the early stage of VANET deployment. Another local revocation approach, RevoGame [1], uses game theory to mitigate misbehavior in the VANET; however, we argue RevoGame does not correctly identify the players in the revocation game. We also analyze the limits of global revocation based on the misbehvaior accusations made and evidence gathered by each vehicle. Our analysis shows that no algorithm that uses only the accusation graph can identify attackers without false positives and false negatives.
1 Key Revocation Based on Dirichlet Multinomial Model for Mobile Ad Hoc Networks
"... Abstract — The absence of an online trusted authority makes the issue of key revocation in mobile ad hoc networks (MANETs) particularly challenging. In this paper, we present a novel selforganized key revocation scheme based on the Dirichlet multinomial model and identity-based cryptography (IBC). O ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract — The absence of an online trusted authority makes the issue of key revocation in mobile ad hoc networks (MANETs) particularly challenging. In this paper, we present a novel selforganized key revocation scheme based on the Dirichlet multinomial model and identity-based cryptography (IBC). Our key revocation scheme offers a theoretically sound basis for a node in MANETs to predict the behavior of other nodes based on its own observations and reports from peers. In our scheme, each node keeps track of three categories of behavior defined and classified by an external trusted authority, and updates its knowledge about other nodes ’ behavior with 3-dimension Dirichlet distribution. Differentiating between suspicious behavior and malicious behavior enables nodes to make multilevel response by either revoking keys of malicious nodes or ceasing the communication with suspicious nodes for some time to gather more information for making further decision. Furthermore, we also analyze the attack-resistant properties of our key revocation scheme through extensive simulations in the presence of independent and collusive adversaries, respectively. Index Terms — Mobile ad hoc networks, security, key revocation, identity-based cryptography, Dirichlet multinomial model. I.
Advance Access publication on January 13, 2011 doi:10.1093/comjnl/bxq101 A Game-based Sybil-resistant Strategy for Reputation Systems in
, 2010
"... A promising method to stimulate cooperation among the nodes of a self-organizing mobile ad hoc network is the application of reputation systems. In these systems, usually, a node uses the recommendations made by the others when evaluating the reputation of the node under consideration. This renders ..."
Abstract
- Add to MetaCart
A promising method to stimulate cooperation among the nodes of a self-organizing mobile ad hoc network is the application of reputation systems. In these systems, usually, a node uses the recommendations made by the others when evaluating the reputation of the node under consideration. This renders such systems vulnerable to the Sybil attack in which an attacker forges several identities and uses them to recommend itself as a well-behaved node. In this paper, we propose a multistage-game strategy for reputation systems that discourages Sybil attacks. The underlying notion in devising such a strategy is that a Sybil identity, to remain trustworthy, should be active and sincere in recommending the others. Thus, for an effective attack, the attacker should incur the cost of maintaining the trustworthiness of its Sybil identities. This feature can be exploited to design a reputation system in such a way that the attack becomes more costly than cooperation. It is shown that the proposed strategy makes a subgame-perfect equilibrium, which justifies its deployment in real-life networks.
Improved Certificate Revocation Method in Mobile Ad Hoc Network
"... The mobile Ad Hoc networks (MANETs) having wireless and dynamic nature. MANETs are more susceptible to security attacks rather than wired networks. So they are vulnerable to security attacks from malicious node due to which it is important to detect malicious nodes to avoid attacks. In this paper ce ..."
Abstract
- Add to MetaCart
(Show Context)
The mobile Ad Hoc networks (MANETs) having wireless and dynamic nature. MANETs are more susceptible to security attacks rather than wired networks. So they are vulnerable to security attacks from malicious node due to which it is important to detect malicious nodes to avoid attacks. In this paper certificate Authority (CA) provides it’s secret key to all nodes (normal).When node want to send data to other nodes Cluster Head (CH) broadcast R 2 mod N to all nodes and it gives challenge to that node whether it sending same data, if it sends RS mod N to CH with its secrete key which is provided by CA, then CH compares its data with itself data. If it is same, then it considers it is as a normal node otherwise as malicious node. Here CA should be legitimate. Finally if node is found as a malicious then revocation of certificate is done for that malicious node and other normal nodes are released due to which the number of normal nodes will increase in mobile network and it get secured from susceptible attacks.
Mitigating False Accusations Using Certificate Revocation for High- Multicast Routing in Wireless Mesh Networks
"... Wireless mesh network (WMN) are reliable, multiradio, multihop next generation wireless networks which are capable of delivering high throughput demanded applications through the integration of various technologies. WMN delivers efficient services for a large variety of applications on local, person ..."
Abstract
- Add to MetaCart
(Show Context)
Wireless mesh network (WMN) are reliable, multiradio, multihop next generation wireless networks which are capable of delivering high throughput demanded applications through the integration of various technologies. WMN delivers efficient services for a large variety of applications on local, personnel and campus environments. Multicasting is one of the major jor communication technologies primarily designed for bandwidth conservation and an efficient way of transferring data to a group of receivers in wireless mesh networks. Despite of the vantages of the WMN there can be several issues that affect the entire network performance which include the presence of attackers and the false accusations raised by the nodes. A mere way to identify the malicious node is to collect the information from nodes in the entire network. Nevertheless, in the above said approach, it is difficult to differentiate and identify the valid accusations made by legitimate nodes from false accusations made by malicious nodes. Also, the amount of traffic needed in order to exchange peculiar information on attackers and the necessary time to gather the information increases as the network size becomes more prominent. In this paper, we propose a certificate revocation mechanism which is able to revoke the certification of attackers in a limited period of time with a small amount of controlling traffic. By the clustering of nodes and introduction of multi multi-level level node reliability, the proposed scheme can mitigate the improper certificate revocation due to false accusations by malicious users.
Study and Analysis on Certificate Revocation in
"... systems play an important role to achieve network security. Handling the issue of certificate revocation in wired network is somewhat easy compared to the MANETs. In wired network when the certificate of a malicious node get revoked then the certificate authorities add the information about the revo ..."
Abstract
- Add to MetaCart
systems play an important role to achieve network security. Handling the issue of certificate revocation in wired network is somewhat easy compared to the MANETs. In wired network when the certificate of a malicious node get revoked then the certificate authorities add the information about the revoked node in to certificate revocation lists (CRLs) otherwise broadcast the CRLs to each and every node present in the network or either store them on accessible repositories. Whereas the certificate revocation is a challenging task in MANETs and also this conventional method of certificate revocation is not useful for MANETs due to absence of centralized repositories and trusted authorities. In this paper, we propose a threshold based certificate revocation scheme for MANETs which will revoke the certificate of malicious nodes as soon as it detect the first misbehavior of nodes. The proposed scheme also solves the improper certificate revocation which can occur due to false accusations made by malicious node also the problem of window of opportunity where revoked certificates get assigned as a valid to new nodes.
