Presentation is loading. Please wait.

Presentation is loading. Please wait.

Leszek Lilien, Zille Huma Kamal, Vijay Bhuse and Ajay Gupta

Published byHamdani Sugiarto Modified over 6 years ago

Similar presentations

Presentation on theme: "Leszek Lilien, Zille Huma Kamal, Vijay Bhuse and Ajay Gupta"— Presentation transcript:

1 Opportunistic Networks: The Concept and Research Challenges in Privacy and Security
Leszek Lilien, Zille Huma Kamal, Vijay Bhuse and Ajay Gupta WiSe (Wireless Sensornets) Lab Department of Computer Science Western Michigan University Kalamazoo, MI 49008 WSPWN’06, March 15-16, 2006

2 Basic Concepts for Opportunistic Networks
New paradigm and technology: opportunistic networks or oppnets Innovative Facing the challenge of pervasive computing Advancing leading-edge pervasive computing and networking know-how Oppnet deployed as a seed oppnet Localizes its nodes Configures itself Adapts to environment >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 2

3 Controller (distributed)
Startup: Seed Oppnet Oppnet starts as a seed oppnet Seed Nodes Link to the World Controller (distributed) Seed oppnet grows into an expanded oppnet March 15-16, 2006 3

4 Growth: Expanded Oppnet
Seed Nodes Link to the World Controller (distributed) Appliance (refrigerator) Computer Network Micro- wave Relay Overturned Vehicle with OnStar Cellphone Tower Satellite Heterogenous helpers join oppnet Add communication, computing, sensing, storage, other resources March 15-16, 2006 4

5 Oppnet Growth Activities
Detecting & identifying candidate helpers Contacting & inviting selected candidates Admitting & integrating helpers that join oppnet Offloading tasks to helpers Determining useful colaborative functionalities Managing offloaded tasks Clean up and release each helper when no longer needed March 15-16, 2006 5

6 Basic Oppnet Categories
2 major oppnet categories: Benevolent oppnets Malevolent oppnets Corresponding oppnets scenarios: Benevolent oppnet scenario: „Citizens Called to Arms” Malevolent oppnet scenario: „Bad Guys Gang Up” March 15-16, 2006 6

7 Benevolent Oppnet Scenario: „Citizens Called to Arms” (1)
7 Seed oppnet deployed after an earthquake (un- predictable emergency) Seed is ad hoc wireless network with very powerful nodes More energy, computing and communication resources Seed tries to detect candidate helpers For help in damage assessment and disaster recovery Uses any available detection method — including: Celphone- or radio-based detection Searching for nodes using the IP address range for the affected geographic area AI-based visual detection (next) March 15-16, 2006 7

8 Benevolent Oppnet Scenario: „Citizens Called to Arms” (2)
8 Example: Helper 1 monitoring a surveillance net detects an overturned car Helper 2 asked to recognize its license plate Helper 3 finds that the cars has OnStar link Helper 4 contacts BANs (Body Area Network) on or within bodies of car occupants via OnStar infrastructure Helper 5 evaluates obtained info and dispatches rescuers March 15-16, 2006 8

9 Benevolent Oppnet Scenario: „Citizens Called to Arms” (3)
9 Oppnet selects optimal subset of detected nodes Inviting devices, clusters & entire networks Helpers for communicating, sensing, computing Using „hidden” capabilities, e.g. for sensing: Desktop can „sense” presence of a potential victim at its keyboard Cellphones can „sense” location Even ones w/o GPS can be triangulated March 15-16, 2006 9

10 Benevolent Oppnet Scenario: „Citizens Called to Arms” (4)
10 Using „hidden” emergency functionalities Oppnet contacts 2 independent sensornets (SNs): water infrastructure control SN / public space surveillance SN SNs ordered to abandon normal functions & help in rescue & recovery operations Water infrastructure SN (with multisensor capabilities, under road surfaces) — ordered to sense vehicular movement and traffic jams Public space surveillance SN — ordered to search for images of human victims March 15-16, 2006 10

11 Malevolent Oppnet Scenario: „Bad Guys Gang Up” (1)
11 Scenario 1 — Terrorists create apparently harmless weather monito- ring sensornet (SN): SN becomes a seed of a malevolent opportunistic SN SN exploits other nodes from many other networks (w/o revealing its true goals) “Critical mass” of the opportunistic SN is reached (in terms of geographical spread and sensing capabilities) SN waits for wind patterns that can speed up spread of poisonous chemicals Collected data used to decide when to start chemical attack March 15-16, 2006 11

12 Malevolent Oppnet Scenario: „Bad Guys Gang Up” (2)
Scenario 2 — network at home starts spying on you: Becomes a seed oppnet Exploits other devices/nets to collect all info on you: From your fridge (& RFID-equipped food packaging): what/when you eat From your computer: keylogs your passwords, sensitive data From your cellphone: who you call & when From your networked camera: what photos you take From your home security surveillance system: your private images Cyberfly with camera eyes and microphone ears ... Huge privacy problem! / Huge security problem! Controls to counteract malevolent oppnets badly needed March 15-16, 2006 12

13 Related Research Interoperability Growth in P2P systems Grid Systems
Among wireless networks: WANs, MANs, LANs, PANs (personal) Much less research on interoperability between wired & wireless nets Ambient networks (big European Union project, next-generation Internet—for 2015/2020, smaller networks able to compose themselves into bigger ones) Growth in P2P systems Searching for peers in unstructured systems Grid Systems Integrating and managing heterogeneous systems Trojan Horses Mimic their spread capabilities in search for helpers Other Just to mention a few related areas, that you might have already felt throughout the talk, as oppnets have a flavoring of all of these areas > “growth” in oppnets is analogous to peer searching for other peers in an unstructured P2P systems March 15-16, 2006 13

14 Research Challenges in Basic Operations
Bypassed in this presentation Include: Challenges in Seed Oppnet Deployment E.g., localization, self-configuration, adatptability Challenges in Detecting Helper Systems E.g., primitives to detect candidates, identify and categorize them, evaluate and classify them (e.g., based on dependability and usefulness) Challenges in Inviting & Admitting Candidate Helpers E.g., select candidates to invite, develop protocols for candidates to accept or reject invitation, devise primitives /methods to manage expanded oppnet Etc., etc. for remaining operations >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 14

15 Research Challenges in Security and Privacy
1) Major privacy challenges in oppnets Oppnets are pervasive systems Must face all privacy challenges inherent to pervasive computing „Make it or break it” issue for oppnets (and pervasive comp.) 2) Security challenges in oppnets With secondary privacy challenges >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 15

16 Major Privacy Challenges (1)
Privacy challenges in oppnets Oppnets are and use pervasive systems Must face all privacy challenges inherent to pervasive computing „Make it or break it” issue for oppnets (and perv. comp) Privacy goals Protect helper resources from the host oppnet Protect oppnet from its helpers Protect environment from privacy violations by oppnet Also from malevolent oppnets >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 16

17 Major Privacy Challenges (2)
Classes of solutions to achieve the privacy goals Provide protected private areas within seed nodes/helpers Anonymize or pseudonimize entities within oppnet range Detect and neutralize malevolent oppnets Detect and neutralize exploiting oppnets for privacy violations Special solutions for emergency oppnet applications Strict privacy protection relaxed in life-or-death situations Must follow law and ethics Basic assumptions: Entity gives up only as much privacy as indispensable for becoming a helper Entity’s privacy disclosure is proportional to: Benefits for the entity, or A broader common good >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 17

18 Security Challenges (1)
Sources of security challenges Dependable authentication cannot be performed when helpers join oppnet Not possible to guarantee that malicious devices will not join Can detect notorius behavior after entity becomes a helper If available, reputation can be used beforehand Delivering secret keys securely to all and only non-malicious devices is very difficult Relying alone on crypto authentication mechanisms (e.g., Kerberos) not sufficient => security challenges in oppnets are bigger Incl. MITM, packet dropping, ID spoofing (masquerading), DoS >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 18

19 Security Challenges (2)
The major security (and privacy) challenges: Secure routing via increasing trust Helper privacy and oppnet privacy via intrusion detection (also above) Protecting data privacy and data integrity Identifying and preventing most dangerous attacks Intrusion detection All discussed next March 15-16, 2006 19

20 Secure Routing via Increased Trust
Maintain list of “more trusted” entities and list of „less trusted” entities Secure routing can use both lists Secure wireless ad hoc routing protocol most relevant for opnets: Ariadne [Hu, Perrig, and Johnson, 2002] On-demand protocol Works in the presence of compromised nodes Uses symmetric cryptography Authenticates routing messages Still, cannot use directly More heterogeneous (esp. w.r.t. wired/wireless transmission media) Can look for less energy-efficient oppnet solutions Can rely on growth to amass needed resources (even with a big safety margin) March 15-16, 2006 20

21 Helper Privacy and Oppnet Privacy via Intrusion Detection
Protect privacy via detecting intrusions, illegal resource accesses Helper privacy supported via: Access control (authentication and authorization) Intrusion detection 2nd line of privacy defense Meant to work by scaring away attackers More difficult than in many other nets Bec. of heterogeneity, spontaneous growth Oppnet privacy supported via: Catches helpers that become attackers March 15-16, 2006 21

22 Protecting Data Privacy and Data Integrity
Data privacy challenges Capture of even a single oppnet entity (especially in crisis when providing physical protection is even more difficult) cripples whole symmetric key cryptography scheme Attacker masquerading as controller (or cluster head) can distribute its own crypto keys Data integrity challenges Digital signatures are expensive computationally for lightweight devices (cellphone, PDA, etc.) Packet format convesrsions can be attacked Heterogeneous entities/media fragment/aggregate packets March 15-16, 2006 22

23 Identifying and Preventing Most Dangerous Attacks Examples
MITM: e.g., malicious device becomes a MITM on the communication line between a victim and first responders Solution: Use mutliple, heterogenous routes between victim and the center forredundant message Packet dropping: e.g., malicious device drops some packets between a victim and the center Solution: As above (will work if no adversary on at ≥ one route) DoS attacks: e.g., flooding emergency center with false requests for help Solution: Limit number of requests any device can generate. „Call back” the victim to confirm her emergency request. Other: DoS attacks on weak links, ID spoofing, ... March 15-16, 2006 23

24 Intrusion Detection (1)
Challenges: Securely distributing information about malicious entities in the presence of other (unknown) malicious entities Avoiding malicious entities while maintaining connectivity Real-time intrusion detection and response more difficult than in other networks types Bec. highly heterogeneous March 15-16, 2006 24

25 Intrusion Detection (2)
Possible intrusion detection approach: [Zamboni, 2001] Internal „software sensors” used as embedded detectors Intrusion detection performed by autonomous agents using embedded detectors Benefits of embedded detectors: More resistant to tampering or disabling, because they are a part of the program they monitor. Very low CPU overhead (not executing continuously) Perform direct monitoring have access to the internal data of programs they monitor) Detection data is safer—does not travel through an external path (a log file, for example) between its generation and its use March 15-16, 2006 25

26 Conclusions Oppnets are a new wide category of networks
Leverage resources they can detect in the vicinity Sensing / monitoring / computing / communication / etc. resources Particularly well suited to emergency operations Starts with a buildup of communications infrastructure Applicable for non-emergency situations as well High-payoff potential for this paradigm/technology Reduction of human suffering & loss of life Economic benefits Technological, educational & research benefits >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 26

27 Future Work Investigating oppnet fundamentals
Designing oppnet architecture With its associated components Methods, protocols, and algorithms Building a prototype For stimulation and feedback Necessary for fine-tuning oppnet design Proof of concept: technical prowess & economic benefits >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 27

28 for your time and attention!
Thank you very much for your time and attention! March 15-16, 2006 28

29 Selected WiSe Lab Publications on Sensornets, Oppnets & Pervasive Computing
* Directly related to oppnets L. Lilien and A. Gupta, ” Opportunistic Networks for Emergency Preparadness and Response” (submitted). (*) V. Bhuse, A. Gupta, and L. Lilien, "Research challenges in lightweight intrusion detection for sensornets" (submitted). L. Lilien and B. Bhargava, ”A Scheme for Privacy-preserving Data Dissemination,” IEEE Transactions on Systems, Man and Cybernetics (to appear). L. Lilien, Z. Kamal, V. Bhuse and A. Gupta, "Opportunistic Networks: The Concept and Research Challenges in Privacy and Security,” International Workshop on Research Challenges in Security and Privacy for Mobile and Wireless Networks (WSPWN 2006), Miami, Florida, March (*) T. Canli, M. Terwilliger, A. Gupta and A. Khokhar, "Power Efficient Algorithms for Computing Fast Fourier Transform over Wireless Sensor Networks," The Fourth ACS/IEEE Conference on Computer Systems and Applications, Dubai, UAE, March 2006. V. Bhuse, A. Gupta and L. Lilien, "DPDSN: Detection of packet-dropping attacks for wireless sensor networks," Proceedings of the 4th   International Trusted Internet Workshop (TIW), International Conference on High Performance Computing, Goa, India, December 2005. A. Gupta and V. Bhuse, "Anamoly Intrusion Detection in Wireless Sensor Networks," Journal of High Speed Networks,  vol. 15, issue 1, January-March 2006. M. Terwilliger, A. Gupta, A. Khokhar and G. Greenwood, "Localization using Evolution Strategies in Sensornets," Proceedings of the IEEE Congress on Evolutionary Computation, Edinburgh, UK, September 2005. V. Bhuse, A. Gupta, M. Terwilliger, Z. Yang and Z. Kamal, "Using Routing Data for Information Authentication in Sensor Networks," Proceedings of the 3rd   International Trusted Internet Workshop (TIW), International Conference on High Performance Computing, Bangalore, India, December 2004. T. Canli, M. Terwilliger, A. Gupta and A. Khokhar, "Power-Time Efficient Algorithm for Computing FFT in Sensor Networks," (Extended Abstract). Proceedings of the Second ACM Conference on Embedded Networked Sensor Systems (SenSys), Baltimore, Maryland, November 2004. B. Bhargava, L. Lilien, A. Rosenthal, and M. Winslett, “PervasiveTrust,” IEEE Intelligent Systems, vol. 19(5), Sep./Oct.2004, pp (*) B. Bhargava and L. Lilien, “Private and Trusted Collaborations,” Proc. Secure Knowledge Management (SKM 2004): A Workshop, Amherst, NY, Sep M. Jenamani, L. Lilien, and B. Bhargava, “Anonymizing Web Services Through a Club Mechanism with Economic Incentives,” Proc. International Conference on Web Services (ICWS 2004), San Diego, California, July 2004, pp Z. Kamal, M. Salahuddin, A. Gupta, M. Terwilliger, V. Bhuse and B. Beckmann, "Analytical Analysis of Data and Decision Fusion in Sensor Networks," The 2004 International Conference on Embedded Systems and Applications. Las Vegas, June 2004. M. Terwilliger, A. Gupta, V. Bhuse, Z. Kamal, and M. Salahuddin, "A Localization System Using Wireless Sensor Networks: A Comparison of Two Techniques," Proceedings of the 2004 Workshop on Positioning, Navigation and Communication, Hanover, Germany, March 2004 , pp V. Bhuse, A. Gupta and R. Pidva, "A Distributed Approach to Security in Sensornets," The 58th IEEE Semiannual Vehicular Technology Conference, Orlando, Florida, USA, October 2003. L. Lilien, “Developing Pervasive Trust Paradigm for Authentication and Authorization,” Proc. Third Cracow Grid Workshop (CGW’03), Kraków (Cracow), Poland, October 2003, pp (invited paper). March 15-16, 2006 29

30 WiSe Lab Experience in Sensornets – Selected Projects Since 1/03
* Results useful for oppnets Designing of WiSe Security Protocols: DSPS Location Tracker Using Motes (*) RHS: Remote Home Surveillance (*) Directed Diffusion: Attacks & Countermeasures Improving the Accuracy of Mote Measurements by Using Neural Networks SOMS: Smart Occupancy Monitoring System Using Motes (*) Comparative Study of Network Simulators Collaborative Image Processing (*) DENSe: a Development Environment for Networked Sensors Incorporating Mobile-ware in Distributed Computations / Grids (*) Extending the ns-2 Simulator to Satellite and WCN Simulations Smart Antennas for WCNs Energy Efficient MAC Protocols for IEEE x A Wireless Security Testing System (*) Mobile and Self-Calibrating Irrigation System Collective Communications for Sensornets (*) March 15-16, 2006 30

31 Wireless communication
Sensor Node Node Structure Event detection Wireless communication Sen- sors CPU Radio Neighboring Nodes Battery Node implementation (MICA-2) March 15-16, 2006 31

32 Impact of Oppnets on the Society
Impact on Emergency Preparadness and Response operations in Homeland Security (HS) — current app focus Tremendous leveraging potential in emergencies A wealth of freely available resources Reduction of human suffering & loss of life Increasing safety & efficiency of the first responders Impact on other applications in HS and outside HS Economic impact Technology transfer & commercialization Benefits for the computer industry Production of software / networking equipment Benefits for other industries Enhancing many products with standard oppnet interfaces E.g.: cars with oppnet-capable nodes — auto industry benefits March 15-16, 2006 32

33 Impact of Oppnets on Technology
Advancing the network know-how By development of the oppnet technology Enhancing distributed applications served by „regular” networks Enabling new application niches we can not even foresee Advancing other critical areas of computer technology Including wireless systems, sensornets, ad hoc systems & pervasive computing A side effect of oppnet developments Technology impacts speeded up & enhanced by the planned technology transfer plus commercialization activities March 15-16, 2006 33

34 Impact of Oppnets on Education & Research
Impact on students For project participants: hands-on B.S./M.S./Ph.D training For others: course enhancements / course projects / seminars Oppnet prototype used for lab experiments Dissemination of research results Publications, presentations, seminars, poster sessions, web site Public availability of the oppnet prototype, tools & data Outreach activities Including K-12 demos for underrepresented minorities All activities will broaden the America’s talent pool in critical technologies and applications Training more minority & female students at all levels March 15-16, 2006 34

35 Future Work: EPR Oppnet Initiative — Milestones
Building state-of-the-art lab facilities Constructing an oppnet prototype in the lab Developing performance analysis tools to support testing & fine-tuning activities Extending the prototype to include living-laboratory resources available in our sensor- & computer-rich building Testing the prototype within the living laboratory For fine-tuning design & implementation Obtaining external assessment of the prototype From computer & homeland security labs in MI, IN, IL March 15-16, 2006 35

36 March 15-16, 2006 36

37 March 15-16, 2006 37

38 Wireless communication
Sensor Node Node Structure Event detection Wireless communication Sen- sors CPU Radio Neighboring Nodes Battery Node implementation (MICA-2) March 15-16, 2006 38

39 Startup: Seed Oppnet Oppnet starts as a seed oppnet
Link to the World Wireless Nodes Base Station Seed oppnet grows into an expanded oppnet March 15-16, 2006 39

40 Growth: Expanded Oppnet
Wireless Nodes Link to the World Base Station Satellite Appliance (refrigerator) Cellphone Tower Microwave Relay Overturned Vehicle with OnStar Computer Network Heterogenous helpers join oppnet Add communication, computing, sensing, other resources March 15-16, 2006 40

41 Fig - Expanded Oppnet (size : 50%)
41 Best version above; worse, older version below: 41 March 15-16, 2006 41

42 >>FIX OR SKIP:<< Integrate Helper Resources
Select goals to be facilittated by helpers Determine tasks to be offloaded to helpers Coordinate all tasks ADD SOME MORE POINTS ANOTHER POINT ONE MORE POINT - Discuss what else to say here March 15-16, 2006 42

43 Oppnet Activities Deploy seed oppnet Need to grow? YES NO GROWTH
Detect candidate helpers (system) Enough good candidates? Command Center NO YES Admit candidates into oppnet Integrate helper’s resources Collaborative processing Work done? Clean up all helpers Release helpers YES NO March 15-16, 2006 43

44 UNFINISHED Section 2: Research Challenges for Basic Oppnets Operatons
Presented in the order defined by the order of basic oppnet operations Challenges in Seed Oppnet Deployment Localization / Self-configuration & reconfiguration / Adaptability Challenges in Detecting Helper Systems Develop primitives/methods to detect helpers Over heterogeneous communication media Wired/WiFi / Bluetooth / Satellite / Ham radios / … Identify and categorize detected candidates E.g., a system detect on Bluetooth: is it cellphone or laptop? Classify detected candidates Based on dependability and usefulness Evaluate candidates Can given candidate facilitate oppnet operations? Challenges in Inviting & Admitting Candidate Helpers Select candidates to invite Design primitives/methods to send invitations Develop methods that enable helper to accept or reject invitation Candidates are helpers not slaves But in emergency situations could be forced to joined Design primitives/methods to admit helper into oppnet Devise primitives/methods to manage expanded oppnet >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 44

45 This page left blank intentionally.
March 15-16, 2006 45

46 An Example Application: Emergency Preparedness and Response
Homeland Security — perhaps the most crucial challenge facing the United States today Emergency Preparedness and Response (EPR) — one of the 6 mission areas of Homeland Security - National Strategy for Homeland Security (July 2002) Our initiative: a new technology to improve effectiveness & efficiency of EPR March 15-16, 2006 46

47 Section 2: Research Challenges for Basic Oppnets Operatons
Presented in the order defined by the order of basic oppnet operations Security/privacy challenges covered later in Section 3 >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 47

48 Detect candidate helpers (system)
Deploy seed oppnet Need to grow? YES NO GROWTH Detect candidate helpers (system) Enough good candidates? Command Center NO YES Admit candidates into oppnet Integrate helper’s resources Collaborative processing Work done? Clean up all helpers Release helpers YES NO March 15-16, 2006 48

49 Challenges in Seed Oppnet Deployment
Localization Self-configuration & reconfiguration Adaptability >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 49

50 Detect candidate helpers (system)
Deploy seed oppnet Need to grow? YES NO GROWTH Detect candidate helpers (system) Enough good candidates? Command Center NO YES Admit candidates into oppnet Integrate helper’s resources Collaborative processing Work done? Clean up all helpers Release helpers YES NO March 15-16, 2006 50

51 Challenges in Detecting Helper Systems (1)
Develop primitives/methods to detect helpers Over heterogeneous communication media Wired/WiFi Bluetooth Satellite Ham radios  ability to integrate diverse technologies Satellite > e.g. OnStar systems, RFID Hierarchical approach for searching for helpers based on what oppnet goals are March 15-16, 2006 51

52 Challenges in Detecting Helper Systems (2)
Identify and categorize detected candidates E.g., a system detect on Bluetooth: is it cellphone or laptop? Classify detected candidates Based on dependability and usefulness Evaluate candidates Can given candidate facilitate oppnet operations? - Dependability in terms of trust, security, etc. March 15-16, 2006 52

53 Detect candidate helpers (system)
Deploy seed oppnet Need to grow? YES NO GROWTH Detect candidate helpers (system) Enough good candidates? Command Center NO YES Admit candidates into oppnet Integrate helper’s resources Collaborative processing Work done? Clean up all helpers Release helpers YES NO March 15-16, 2006 53

54 Invite & Admit Candidate Helpers
Select candidates to invite Design primitives/methods to send invitations Develop methods that enable helper to accept or reject invitation Candidates are helpers not slaves But in emergency situations could be forced to joined Design primitives/methods to admit helper into oppnet Devise primitives/methods to manage expanded oppnet When admitted: e.g. assign it a unique ID that allows its identification in the expanded oppnet Maybe increase redundancy by giving this node the ID of another node in the oppnet so that if a neighbor fails a node is not disconnected from the network Manage oppnet: How to use the system that just joined? Does it help in computation or communication or sensing What tasks to offload We use system and node interchangeably March 15-16, 2006 54

55 Detect candidate helpers (system)
Deploy seed oppnet Need to grow? YES NO GROWTH Detect candidate helpers (system) Enough good candidates? Command Center NO YES Admit candidates into oppnet Integrate helper’s resources Collaborative processing Work done? Clean up all helpers Release helpers YES NO March 15-16, 2006 55

56 Integrate Helper Resources
Select goals to be facilittated by helpers Determine tasks to be offloaded to helpers Coordinate all tasks - Discuss what else to say here March 15-16, 2006 56

57 Detect candidate helpers (system)
Deploy seed oppnet Need to grow? YES NO GROWTH Detect candidate helpers (system) Enough good candidates? Command Center NO YES Admit candidates into oppnet Integrate helper’s resources Collaborative processing Work done? Clean up all helpers Release helpers YES NO March 15-16, 2006 57

58 Collaborative Processing
Collaborative tasks: Growth Data collection and querying Data aggregation / information fusion Routing Assuring connectivity ... Issues: Effectiveness In emergencies, effectiveness outweighs efficiency Ideally, no cost on human life or suffering Efficiency Energy conservation Efficient querying Security and privacy Discuss points to be discussed March 15-16, 2006 58

59 Detect candidate helpers (system)
Deploy seed oppnet Need to grow? YES NO GROWTH Detect candidate helpers (system) Enough good candidates? Command Center NO YES Admit candidates into oppnet Integrate helper’s resources Collaborative processing Work done? Clean up all helpers Release helpers YES NO March 15-16, 2006 59

60 Clean Up and Release Helpers
Oppnet restores „original state” of helpers As close as possible to their state just before they joined Imperative to minimize intrusiveness of helper Oppnet releases helpers from „duty” - Was Dr Lilien going to add this slide? Or should I add some things in here March 15-16, 2006 60

61 Detect candidate helpers (system)
Deploy seed oppnet Need to grow? YES NO GROWTH Detect candidate helpers (system) Enough good candidates? Command Center NO YES Admit candidates into oppnet Integrate helper’s resources Collaborative processing Work done? Clean up all helpers Release helpers YES NO March 15-16, 2006 61

62 Command Center (CC) CC capable of interactive (human intervention) or autonomous actions CC tasks include: Determine/modify goals Activate actuators/sensors Manage oppnet Decide when/how to grow Optimize resources ... Facilitate human input for interactive heuristics Determine critical mass of seed oppnet & expanded oppnet Optimize oppnet configuration CC assures realization of oppnet goals (HCI methods ) >> for human intervention Other formalism to consider: - Defining a formal model of seed of oppnet and expanded oppnet March 15-16, 2006 62

63 Security Challenges (2)
The major security (and privacy) challenges: Increasing trust and secure routing Helper privacy and oppnet privacy (also above) Protecting data privacy Ensuring data integrity Identifying and preventing most dangerous attacks Intrusion detection March 15-16, 2006 63

64 This page left blank intentionally.
March 15-16, 2006 64

65 Security Challenges (old-3)
Intrusion detection Why? When prevention fails Lack of initial authentication mechanism Issues in intrusion detection Securely distributing information about malicious entities Heterogeneous – real-time intrusion detection and response March 15-16, 2006 65

66 ORIGINAL--Security Challenges (1)
Prevent malicious helpers from joining Common attacks MITM Packet dropping DoS attack on weak devices ID spoofing ... Finding „good” cryptographic primitives >> USE EXAMPLES TO SPECIFY WHEN IT IS A REAL CHALLENGE – even engage audience in this matter - To begin with oppnet seed is just a MANET that has the ability to “grow” e.g. OSN is a subclass of oppnets, in which the seed constitutes a sensor network So the challenges inherent to OSN would be those inherent to sensornets, which are also specialized MANETS, thus have some of the same challenges > localization, self-configuration, adaptability and further restricted by resources and hence, power conservation also becomes an inherent challenge > to develop efficient and power-aware algorithms The seed equipped with GPS should be able to localize itself and enable localization or facilitate in the localization of the expanded oppnet Adapt to the dynamic environment and dynamics of the network > may cause nodes to fail > seed re-configures P2P systems > centralized (Napster), decentralized & unstructured (Gnutella) > talk about the intrinsic difference in these two systems and how oppnet resemble unstructured P2P systems March 15-16, 2006 66

67 ORIGINAL-- Security Challenges (2)
Increasing trust Routing through more trusted systems Shared secrets for each communicating pair Using shared secrets with broadcast authentication Using digital signatures Assuring privacy Privacy of communications and data storage Communication patterns Broadcast/multicast from the base station Messages among nodes & from nodes to the base station March 15-16, 2006 67

68 ORIGINAL-- Security Challenges (3)
Intrusion detection Why? When prevention fails Lack of initial authentication mechanism Issues in intrusion detection Securely distributing information about malicious entities Heterogeneous – real-time intrusion detection and response March 15-16, 2006 68

Download ppt "Leszek Lilien, Zille Huma Kamal, Vijay Bhuse and Ajay Gupta"

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.

GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
May 22, 2006 © Leszek T. Lilien 2006 Opportunistic Networks: Specialized Ad Hoc Networks for Emergency Response Applications Leszek Lilien WiSe Lab (Wireless.

May 22, 2006 © Leszek T. Lilien 2006 Opportunistic Networks: Specialized Ad Hoc Networks for Emergency Response Applications Leszek Lilien WiSe Lab (Wireless.
A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.

A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
###-### title - PI - area WiSe (Wireless Sensornets) Laboratory WESTERN MICHIGAN UNIVERSITY WiSe Lab, Western Michigan University, Kalamazoo, MI 49008.

###-### title - PI - area WiSe (Wireless Sensornets) Laboratory WESTERN MICHIGAN UNIVERSITY WiSe Lab, Western Michigan University, Kalamazoo, MI
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
###-### title - PI - area WiSe (Wireless Sensornet) Laboratory WESTERN MICHIGAN UNIVERSITY WiSe Lab, Western Michigan University, Kalamazoo, MI 49008 www.cs.wmich.edu/wsn.

###-### title - PI - area WiSe (Wireless Sensornet) Laboratory WESTERN MICHIGAN UNIVERSITY WiSe Lab, Western Michigan University, Kalamazoo, MI
2/9/2006 Opportunistic Networks: The Concept and Research Challenges Leszek Lilien, Zille Huma Kamal and Ajay Gupta In cooperation with: Vijay Bhuse and.

2/9/2006 Opportunistic Networks: The Concept and Research Challenges Leszek Lilien, Zille Huma Kamal and Ajay Gupta In cooperation with: Vijay Bhuse and.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Wednesday, September 6, 2006 3rd International Conference on Trust, Privacy & Security in Digital Business Kraków, Poland, September 4-8, 2006 Panel Discussion:

Wednesday, September 6, rd International Conference on Trust, Privacy & Security in Digital Business Kraków, Poland, September 4-8, 2006 Panel Discussion:
Applied Cryptography for Network Security

Applied Cryptography for Network Security
CS 6910 – Pervasive Computing Section 0.B: Opportunistic Networks: Specialized Ad Hoc Networks for Emergency Response Applications Dr. Leszek Lilien WiSe.

CS 6910 – Pervasive Computing Section 0.B: Opportunistic Networks: Specialized Ad Hoc Networks for Emergency Response Applications Dr. Leszek Lilien WiSe.

Similar presentations

Ads by Google