Group Testing a tool of protecting Network Security

Similar documents
Application Denial of Service Attacks Detection using Group Testing Based Approach

Wireless Sensor Networks Chapter 14: Security in WSNs

DATA ANALYSIS II. Matrix Algorithms

CHAPTER 1 INTRODUCTION

Prediction of DDoS Attack Scheme

DENIAL OF SERVICE IN WIRELESS SENSOR NETWORKS: ISSUES AND CHALLENGES

A Negative Result Concerning Explicit Matrices With The Restricted Isometry Property

Industrial Communication. Securing Industrial Wireless

Hillstone T-Series Intelligent Next-Generation Firewall Whitepaper: Abnormal Behavior Analysis

Solution of Linear Systems

Course Curriculum for Master Degree in Electrical Engineering/Wireless Communications

Non-negative Matrix Factorization (NMF) in Semi-supervised Learning Reducing Dimension and Maintaining Meaning

This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.

Denial of Service attacks: analysis and countermeasures. Marek Ostaszewski

A NOVEL OVERLAY IDS FOR WIRELESS SENSOR NETWORKS

Metrics for Detection of DDoS Attacks

NEW applications of wireless multi-hop networks, such

Secure Authentication Methods for Preventing Jamming Attacks In Wireless Networks

EFFICIENT DETECTION IN DDOS ATTACK FOR TOPOLOGY GRAPH DEPENDENT PERFORMANCE IN PPM LARGE SCALE IPTRACEBACK

Adversary Modelling 1

SECURITY ASPECTS IN MOBILE AD HOC NETWORK (MANETS)

Review of Prevention techniques for Denial of Service Attacks in Wireless Sensor Network

Entropy-Based Collaborative Detection of DDoS Attacks on Community Networks

Huilan Chang 張 惠 蘭. Associate Professor, Applied Mathematics, National University of Kaohsiung

Security in Structured P2P Systems

Efficient Recovery of Secrets

How To Encrypt Data With A Power Of N On A K Disk

Lecture 7: Privacy and Security in Mobile Computing. Cristian Borcea Department of Computer Science NJIT

For Your Eyes Only: Protecting Data-in-Motion with Dispersive Virtualized Networks

A Practical Scheme for Wireless Network Operation

Adaptive Linear Programming Decoding

Security and protection of digital images by using watermarking methods

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen

International Journal of Recent Trends in Electrical & Electronics Engg., Feb IJRTE ISSN:

Customer Specific Wireless Network Solutions Based on Standard IEEE

Prevention, Detection and Mitigation of DDoS Attacks. Randall Lewis MS Cybersecurity

How To Write A Transport Layer Protocol For Wireless Networks

A Catechistic Method for Traffic Pattern Discovery in MANET

SECURE DATA TRANSMISSION USING INDISCRIMINATE DATA PATHS FOR STAGNANT DESTINATION IN MANET

DoS Attack and Its Countermeasure in Energy-Constrained Wireless Networks

DDOS WALL: AN INTERNET SERVICE PROVIDER PROTECTOR

Security for Ad Hoc Networks. Hang Zhao

Markovian Process and Novel Secure Algorithm for Big Data in Two-Hop Wireless Networks

Mobile Network Analysis - Hole Healing

IEOR 4404 Homework #2 Intro OR: Deterministic Models February 14, 2011 Prof. Jay Sethuraman Page 1 of 5. Homework #2

Analysis of an Artificial Hormone System (Extended abstract)

About the Authors Preface Acknowledgements List of Acronyms

Modeling and Performance Evaluation of Computer Systems Security Operation 1

To Provide Security & Integrity for Storage Services in Cloud Computing

Design and Experiments of small DDoS Defense System using Traffic Deflecting in Autonomous System

10 Cheating Prevention. The goals of cheating prevention. Taxonomy of Online Cheating 1 (4) Network Security. Taxonomy of Online Cheating 3 (4)

CS263: Wireless Communications and Sensor Networks

Securing MANET Using Diffie Hellman Digital Signature Scheme

Firewalls and Intrusion Detection

SECURE AND RELIABLE DATA TRANSMISSION IN WIRELESS SENSOR NETWORKS

Hosts Address Auto Configuration for Mobile Ad Hoc Networks

Vulnerabilities of Intrusion Detection Systems in Mobile Ad-hoc Networks - The routing problem

DOS ATTACKS IN INTRUSION DETECTION AND INHIBITION TECHNOLOGY FOR WIRELESS COMPUTER NETWORK

Load balancing in a heterogeneous computer system by self-organizing Kohonen network

Wireless Network Analysis. Complete Network Monitoring and Analysis for a/b/g/n

Quality Certificate for Kaspersky DDoS Prevention Software

Log-Likelihood Ratio-based Relay Selection Algorithm in Wireless Network

A Scheme for Implementing Load Balancing of Web Server

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

What is Linear Programming?

Introduction to Wireless Sensor Network Security

Medial Axis Construction and Applications in 3D Wireless Sensor Networks

Mobile Computing/ Mobile Networks

Security Based Data Transfer and Privacy Storage through Watermark Detection

DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES

Lecture 2 Linear functions and examples

Large-Scale IP Traceback in High-Speed Internet

Audio synthesis: MIDI Digital Audio Coding/Compression. Today: Intellectual property management for digital media. What is Digital Watermarking?

Thwarting Selective Insider Jamming Attacks in Wireless Network by Delaying Real Time Packet Classification

An Incomplete Cryptography based Digital Rights Management with DCFF

Denial of Service in Sensor Networks

Sub-class Error-Correcting Output Codes

Denial of Service Attacks in Wireless Networks: The case of Jammers

A Spectral Clustering Approach to Validating Sensors via Their Peers in Distributed Sensor Networks

CHAPTER 6 SECURE PACKET TRANSMISSION IN WIRELESS SENSOR NETWORKS USING DYNAMIC ROUTING TECHNIQUES

Applying Mesh Networking to Wireless Lighting Control

Adaptive Tolerance Algorithm for Distributed Top-K Monitoring with Bandwidth Constraints

CDMA TECHNOLOGY. Brief Working of CDMA

Lecture 2.1 : The Distributed Bellman-Ford Algorithm. Lecture 2.2 : The Destination Sequenced Distance Vector (DSDV) protocol

JDSU Partners with Infobright to Help the World s Largest Communications Service Providers Ensure the Highest Quality of Service

DERIVATIVES AS MATRICES; CHAIN RULE

Privacy and Security in the Internet of Things: Theory and Practice. Bob Baxley; HitB; 28 May 2015

STATISTICS AND DATA ANALYSIS IN GEOLOGY, 3rd ed. Clarificationof zonationprocedure described onpp

Observer Analyzer Provides In-Depth Management

6.02 Fall 2012 Lecture #5

Remote Home Security System Based on Wireless Sensor Network Using NS2

Security in Ad Hoc Network

An Application of Visual Cryptography To Financial Documents

Anomaly Intrusion Detection System in Wireless Sensor Networks: Security Threats and Existing Approaches

Adding New Level in KDD to Make the Web Usage Mining More Efficient. Abstract. 1. Introduction [1]. 1/10

A Novel Technique to Isolate and Detect Jamming Attack in MANET

Capacity Limits of MIMO Channels

Nonlinear Iterative Partial Least Squares Method

Network coding for security and robustness

Transcription:

Group Testing a tool of protecting Network Security Hung-Lin Fu 傅 恆 霖 Department of Applied Mathematics, National Chiao Tung University, Hsin Chu, Taiwan

Group testing (General Model) Consider a set N of n items consisting of at most d positive (used to be called defective) items with the others being negative (used to be called good) items. A group test, sometimes called a pool, can be applied to an arbitrary set S of items with two possible outcomes; negative: all items in S are negative; positive: at least one positive item in S, not knowing which one or how many.

Adaptive (Sequential) and Nonadaptive(Parallel) Algorithms Adaptive Algorithm: You ask the second question (query) after knowing the answer of the first one and continue. That is, the previous knowledge will be used later. Non-adaptive Algorithm: All the queries are designed beforehand and then you ask all the questions (queries) simultaneously.

Algorithms Adaptive algorithm Non-adaptive algorithm k-stage algorithm The most popular one is a 2-stage algorithm in which we use a non-adaptive algorithm first and then in the second stage we test the left suspected items one by one.

Save Money or Time An adaptive (sequential) algorithm conducts the tests one by one and the outcomes of all previous tests can be used to set up the later test. (Save money!?) A non-adaptive algorithm specifies a set of tests in advance so that they can be conducted simultaneously; thus forbidding using the information of previous tests. (Save time!) In general, an adaptive algorithm takes less queries (compare to a non-adaptive algorithm) to get the job done.

Adaptive Algorithm By the nature of this algorithm, we normally find all the positives by way of a search algorithm step by step. The most popular one is the splitting algorithm which takes around log 2 n steps to locate a positive items out of n items. In fact, this answer is best possible for one positive item by using the information lower bound.

Non-adaptive Algorithm A non-adaptive algorithm can be represented by a (0,1) matrix M = [m i,j ] such that columns are items, rows are tests and m i,j = 1 if and only if the j th item is involved in the i th test. The matrix represents a non-adaptive algorithm is also known as a pooling design.

An example (12 items and 9 tests) The blanks are zeros.

Set Notations Let M = [m i,j ] be a txn matrix mentioned above. Then we can use n sets (ordered) S i s to represent the matrix where S k = {i : m i,k = 1, i = 1, 2,, t}, k = 1, 2,, n. The following sets represent the above (0,1)-matrix: {1,2,3}, {4,5,6}, {7,8,9}, {1,4,7}, {2,5,8}, {3,6,9}, {1,5,9}, {2,6,7}, {3,4,8}, {1,6,8}, {2,4,9}, {3,5,7}.

Relation with Designs and Codes It is easier to apply combinatorial structures to construct pooling designs, therefore, we use sets (or codewords) for columns in nonadaptive algorithms. The set corresponding to a codeword (binary vector) is called the support of the codeword.

Various Models There are inhibitors. There is a threshold. Defective items are sets: complex model. Competitive model: the number of defectives is unknown. The defectives are mutually obscuring. Size constraint group testing.

Further Remarks We can approach this study via different topics such as combinatorial design, algebraic combinatorics, coding theory and graph theory. Group testing does play an important role in applications such as computational molecular biology, network security, image compression,, etc.

Compressed Sensing In compressed sensing (CS), we are given an n-dimensional sparse signal with support size K. Random (?) projections of the sparse signal are obtained. (We notice the projection if it is not orthogonal to the signal, i.e. the inner product of the two vectors is not equal to zero.) The goal is to identify the support set while minimizing the number of projections.

Outcome Vectors The vector y is an outcome vector which is corresponding to an input x. If M is 1-1, then we can decode x as long as we know its outcome vector. In order to get the job done with lower decoding complexity, extra properties for m is needed. (This is the combinatorial part!)

Signal: 010000010000 Outcome vector: 010111100 The blanks are zeros.

Network Security This is a topic which is too wide and large to be well studied. We can only pick up certain parts of network to see if we can do something about them. I am a combinatorial people and I know not much about network. We started to notice that group testing can play an important role on network security not long time ago, I am learning!

An Application of Size Constraint GT A size constraint GT is a pooling design such that both of the number of rows and the number of 1 s in each row are bounded by fixed constants respectively. For example, a pooling design has at most K rows and each row is of weight at most w. This design is working for Denial-of-Service (DoS) attack.

DoS Attack The Denial-of-Service (DoS) attack is aiming at disrupting application service rather than depleting the network resource. Owing to its high similarity to legitimate traffic and much lower launching overhead than classic DoS attack, this new assault type cannot be efficiently detected or prevented by existing detection solutions.

Continued The key problem to identifying attackers lies in how to group clients together on each server so that if a server is under attack, we can quickly identify these attackers without examining each request. Since the number of available pools (virtual servers) and the number of clients/requests in a pool (server) has its limitation, an SCGT is required.

The Challenges (1) How to construct a pooling design to enable prompt and accurate detection. (2) How to regulate the service requests to match the design in a practical system. (3) How to establish proper thresholds for server source usage indicator to generate accurate test outcomes.

Interference Free GT and Reactive Jamming Attacks Reactive Jamming attack has a great security threat to wireless sensor networks (WSN). There exist many studies against these attacks, however, these methods such as frequency hopping or channel surfing, require excessive computational capabilities on wireless devices.

Wireless Sensor Network

Key Idea We can apply an interference free group testing to identify the trigger nodes, whose transmissions activate any reactive jammers. The identification of these trigger nodes can help us to (1) design a better routing protocol by switching these nodes into only receivers to avoid activating jammers and (2) locate the jammers based on the trigger nodes, thus providing a mechanism against reactive jamming attacks.

Group Testing Works Here There are three types of nodes: (1) Victim nodes (VN): if a node v hears a jamming signal, then v is VN; (2) Unaffected nodes (UN): nodes are not being jammed, i.e., cannot hear the jamming signals; and (3) Boundary nodes (BN): vis said a BN if v is a UN who has a neighbor node as a victim. The purpose of BNs is to estimate the jamming range R where the VN set is to be tested to obtain the trigger nodes.

Wireless Sensor Network Nodes in grey and blue are VNs around jammer nodes, where blue nodes are also trigger nodes, which invoke the jammer nodes. Nodes surrounding the jammed area are BNs, while the others are UNs. 25

For more details about the above two applications, please refer to the book Group Testing Theory in Network Security written by My T. Thai.

Multimedia Fingerprintings To prevent attacks from unauthorized users we encrypt the copyrighted information. To hinder attacks from authorized users we fingerprint the copyrighted information. Normally, fingerprints are embedded (through watermarking techniques) into multimedia contents. Information is represented by waveforms, which are viewed as vectors in signal space.

Fingerprinting Code: An Example Copyrighted sequence: 0101010101010101010100011 Short sequences: 0001, 1010 Fingerprinted sequence: 0101110101010111010100011 Pirate sequences: 0101010101010101010100011 0101110100010111010100011

Copyrighted Information

Collusion Attacks The averaging attack (average multiple copies of the authorized content together) is the most feasible approach to perform collusion attacks. This attack reduces the power of each contributing fingerprint (fairness between colluders) and makes the colluded signal have perceptual quality.

Digital Fingerprinting Codes We try to find efficient fingerprinting codes which is effective for colluder-tracing. This is equivalent to require a good code which can be used by more users (large number of codewords) and also capable of tracing as many colluders as possible, moreover, the tracing algorithm had better with low complexity.

Apply Pooling Designs The idea of tracing colluders is similar to finding positive items in group testing. In group testing, in order to find d positive items, we use a d-disjunct matrix which has faster decoding algorithm or a d-separable matrix which has decoding algorithm with higher complexity. These matrices are (0,1) matrices. How about [0, q-1] matrices? Find good anti-collusion codes!

References for Fingerprinting Codes 1. M. Cheng, H.-L. Fu, J. Jiang, Y.-H. Lo and Y. Miao, Tracking codes: Another kind of codes with the identifiable parent property, submitted. 2. M. Cheng and Y. Miao, On anti-collusion codes and detection algorithms for multimedia fingerprinting, IEEE Trans. Inform. Theory 57 (2011), 4843 4851. 3. A. Barg, G.R. Blakley and G. Kabatiansky, Digital fingerprinting codes: Problem statements, constructions, identification of traitors, IEEE Trans. Inform. Theory 49 (2003), 852 865.

Keep Moving Forward!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information