Seminars‎ > ‎

Defense against Pollution Attacks in Network Coding

Date: Friday, February 17th, 2012

Time: 12noon-1pm

Place: Tesla Room 53-125 Engr IV

Abstract

Network coding advocates that intermediate nodes in a network should mix incoming packets instead of forwarding them, and the receivers should decode to obtain the original packets. Network coding is inherently vulnerable to pollution attacks: malicious nodes can corrupt packets, which, when mixed with legitimate packets, have an amplified effect, eventually preventing decoding of packets and wasting system resources. So far, defense schemes have been developed using hash functions, signatures, and MACs, but several challenges remain open: (i) For intra-session coding, there still is a need for a complete scheme that can both quickly detect attacks and accurately identify attackers, and (ii) for inter-session coding, it is still a challenge to provide detection with low online bandwidth and computation overhead.

In this talk, I will present three defense schemes against pollution attacks. The first scheme is based on a single-source homomorphic MAC scheme called SpaceMac. This scheme can quickly detect attacks and accurately locate attackers in fixed-topology networks that employ intra-session network coding. SpaceMac provides support for expanding subspaces; it builds on and generalizes the first homomorphic MAC scheme introduced for network coding by Agrawal and Boneh [ACNS ‘09]. The second scheme combines SpaceMac and TESLA to provide the same protection for dynamic-topology P2P networks. The last scheme is based on a novel multi-source homomorphic MAC scheme, called InterMac. It can provide in-network detection with improved bandwidth and computation efficiency compared to the first homomorphic signature scheme proposed for inter-session coding by Agrawal et al. [PKC ’10]. Our schemes are collusion resistant and have low bandwidth and computation overhead. We implemented SpaceMac as an open source library in both Java and C++, which runs on both PCs and Android devices, and we made it available online. If time permits, I will also describe our work on security for network coding storage and our experience with implementing network coding on mobile phones.

Biosketch

Anh Le is a Ph.D. candidate in the Computer Science Program at University of California, Irvine under the supervision of Prof. A. Markopoulou. He received a B.S. degree in Computer Science – Mathematics from the University of Manitoba, Canada in 2006 and a M.Math. degree in Computer Science from the University of Waterloo, Canada in 2008. He had an internship with the Google’s Privacy Working Group in 2011. His research interests are in the area of security and privacy, including network coding security, browser and smart phone privacy, collaborative firewalls, phishing detection, and network intrusion detection systems. URL: http://www.ics.uci.edu/~anhml/

Comments