Scribd
Upload
46 views

Distributed Intrusion

The document discusses distributed intrusion detection of Byzantine attacks in wireless networks using random linear network coding (RLNC). It notes that while RLNC is robust against packet losses, it is vulnerable to packet-modifying attacks where modified packets can propagate errors across the network. The paper proposes an algorithm to locate compromised Byzantine nodes in a network using RLNC by detecting abnormal nodes, and uses a shift scheme to reduce the number of normal nodes mistakenly identified as compromised. Simulation results show the algorithm performs well at locating adversary nodes.

Uploaded by

benito agus
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
46 views

Distributed Intrusion

The document discusses distributed intrusion detection of Byzantine attacks in wireless networks using random linear network coding (RLNC). It notes that while RLNC is robust against packet losses, it is vulnerable to packet-modifying attacks where modified packets can propagate errors across the network. The paper proposes an algorithm to locate compromised Byzantine nodes in a network using RLNC by detecting abnormal nodes, and uses a shift scheme to reduce the number of normal nodes mistakenly identified as compromised. Simulation results show the algorithm performs well at locating adversary nodes.

Uploaded by

benito agus
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
You are on page 1/ 4

Distributed Intrusion Detection of Byzantine Attacks in Wireless Networks with Random Linear Network Coding

Jen-Yeu Chen
Department of Electrical Engineering National Dong Hwa University Email:[email protected]

Yi-Ying Tseng

Department of Electrical Engineering National Dong Hwa University Email:[email protected] C. Security issue of network coding Network coding shows its variety of possibilities and benefit in information dissemination, however, it also introduces new type of security issue. The most serious security challenges posed by network coding thus seem to come from various types of Byzantine attacks, especially packet-modifying attack. In particular, RLNC has been shown very robust to packet losses induced by node misbehavior [5]. Nevertheless, when it comes to packet-modifying attack, RLNC has become quite vulnerable. In RLNC, one intermediate nodes will linearly combine received packets and generate new packets to next multiple receivers. If this node has been compromised and generates error packets, other nodes received those error packets will also be modified for those error packets will stay in buffer and keep being combined with normal packets. Hence, nodes of each path these error packets go through would become new compromised nodes without self-awareness and disseminate more error packets. In other word, the error due to modified packets will propagate in network with RLNC. Eventually, the whole communication network may be crushed just because of one single adversary node. Fig. 1 shows how a single adversary node propagates error. The paper is organized as follows: Section II illustrates pros and cons of related works on Byzantine attacks, Section III describes our model and algorithm, Section IV gives the simulation results and analysis, Section V shows mathematical analysis. Section VI concludes the paper with a summary of the results and discussion of further work.

C. Masalah keamanan coding jaringan Jaringan coding menunjukkan ragam kemungkinan dan manfaat dalam penyebaran informasi, namun juga memperkenalkan baru jenis masalah keamanan. Tantangan keamanan yang paling serius ditimbulkan oleh jaringan coding sehingga tampaknya datang dari berbagai

jenis serangan Bizantium, terutama paket-memodifikasi serangan. Secara khusus, RLNC telah terbukti sangat kuat untuk paket kerugian yang disebabkan oleh simpul perilaku [5]. Namun demikian, ketika datang ke paket-memodifikasi serangan, RLNC telah menjadi sangat rentan. Dalam RLNC, satu node intermediate akan linear menggabungkan paket yang diterima dan menghasilkan paket-paket baru untuk berikutnya beberapa penerima. Jika node ini telah diganggu dan menghasilkan paket kesalahan, node lain menerima paket-paket kesalahan juga akan dimodifikasi untuk paket-paket kesalahan akan tinggal dalam buffer dan tetap menjadi dikombinasikan dengan paket normal. Oleh karena itu, node dari setiap jalur paket-paket kesalahan melalui akan menjadi baru node dikompromikan tanpa kesadaran diri dan menyebarkan lebih paket kesalahan. Dengan kata lain, kesalahan akibat diubah paket akan merambat dalam jaringan dengan RLNC. Akhirnya, seluruh jaringan komunikasi dapat hancur hanya karena satu node musuh tunggal. Gambar. 1 menunjukkan bagaimana musuh yang tunggal simpul menyebarkan kesalahan. Makalah ini disusun sebagai berikut: Bagian II menggambarkan pro dan kontra karya terkait dengan serangan Bizantium, Bagian III menggambarkan model kami dan algoritma, Bagian IV memberikan Hasil simulasi dan analisis, Bagian V menunjukkan matematika analisis. Bagian VI menyimpulkan kertas dengan ringkasan hasil dan pembahasan pekerjaan lebih lanjut .
II. RELATED WORK Existing method mostly modifies the format of coded packet against Byzantine attacks, and can be divided into two main categories: (1) misbehavior detection, and (2) end-to-end error correction. A. Misbehavior Detection Misbehavior detection applies error control technique or information-theoretic frameworks of encryptography to detect the modification introduced by Byzantine attackers. By types of nodes who take care of coding burden, misbehavior detection can be further divided into generation-based and packetbased. Generation-based detection takes similar advantage as error-correcting codes and lays expensive computation tasks on destination nodes. As long as enough information is retrieved by destinations, modification can be detected. [6] proposes an information-theoretic approach for detecting Byzantine modification in networks employing RLNC. Each exogenous source packet is augmented with a flexible number of hash symbols that are obtained as a polynomial function of the data symbol. This approach depends only on the adversary not knowing the random coefficient of all other packets received by the sink nodes when designing its adversarial packets. The hash schemes can be used without the need of secret key distribution but the use of block code forces an priori decision on the coding rate. Moreover, the main disadvantage of generation-based detection schemes is that only nodes with enough packets from a generation are able to detect modifications and thus, result in large end-to-end delays.

On the contrary to generation-based detection schemes, packet-based detection schemes allow intermediate nodes in the network detecting modified data on the fly and drop modified packets instead of only relying on destinations, VI. CONCLUSIONS AND FURTHER WORK We have proposed a locating algorithm in appliance of RLNC to locate compromised Byzantine nodes in a network. Our algorithm can locate the areas in where adversary nodes locate with some normal nodes being mistaken as adversary nodes. To reduce the number of mistaken nodes, we use a shift scheme to eliminate the probability of being mistaken. The simulation results show that our algorithm performs well in Guassian distribution pattern for adversary nodes. In the worst case, uniform distribution pattern for adversary nodes, we still can locate most adversary nodes and reduce almost 10% of mistaken ratio by shift scheme. We also gives discussion about the best policy for shift scheme. Fixing the shift range

II. HUBUNGAN KERJA Metode yang ada sebagian besar memodifikasi format kode paket terhadap serangan Bizantium, dan dapat dibagi menjadi dua utama kategori: (1) deteksi perilaku, dan (2) kesalahan end-to-end koreksi. A. Kenakalan Deteksi Deteksi perilaku menggunakan teknik atau error control kerangka informasi teoritis encryptography untuk mendeteksi modifikasi yang diperkenalkan oleh penyerang Bizantium. Dengan jenis node yang menjaga coding beban, deteksi perilaku dapat dibagi lagi menjadi generasi-based dan packetbased. Deteksi berbasis Generasi mengambil keuntungan yang sama seperti error-correcting kode dan meletakkan tugas perhitungan mahal di node tujuan. Selama informasi yang cukup diambil oleh tujuan, modifikasi dapat dideteksi. [6] mengusulkan pendekatan-teori informasi untuk mendeteksi Bizantium modifikasi dalam jaringan mempekerjakan RLNC. Setiap eksogen paket sumber ditambah dengan sejumlah fleksibel hash simbol yang diperoleh sebagai fungsi polinomial dari simbol data. Pendekatan ini hanya bergantung pada musuh tidak mengetahui koefisien acak semua paket lainnya yang diterima oleh node tenggelam ketika merancang paket adversarial. Skema hash dapat digunakan tanpa perlu rahasia distribusi kunci namun penggunaan blok kode memaksa suatu apriori keputusan pada tingkat coding. Selain itu, kelemahan utama skema deteksi generasi berbasis adalah bahwa hanya node dengan cukup paket dari generasi yang mampu mendeteksi modifikasi dan dengan demikian, hasil dalam jumlah besar penundaan end-to-end.

Pada bertentangan dengan skema deteksi pembangkit berbasis, skema deteksi berbasis paket memungkinkan node intermediate di jaringan mendeteksi data yang dimodifikasi dengan cepat dan penurunan paket dimodifikasi bukan hanya mengandalkan tujuan, VI. KESIMPULAN DAN BEKERJA LEBIH LANJUT Kami telah mengusulkan algoritma mencari di dalam alat RLNC untuk menemukan node Bizantium dikompromikan dalam jaringan. Algoritma kami dapat menemukan area di mana musuh node menemukan dengan beberapa node yang normal yang keliru sebagai musuh node. Untuk mengurangi jumlah node keliru, kita menggunakan pergeseran skema untuk menghilangkan kemungkinan sedang keliru. Itu Hasil simulasi menunjukkan bahwa algoritma ini berkinerja baik di Pola distribusi Guassian untuk node musuh. Dalam terburuk kasus, pola distribusi seragam untuk node musuh, kita masih dapat menemukan sebagian besar node musuh dan mengurangi hampir 10% rasio keliru oleh skema pergeseran. Kami juga memberikan diskusi tentang kebijakan terbaik untuk skema pergeseran. Memperbaiki rentang pergeseran

You might also like