S. No. | IEEE TITLE | ABSTRACT | IEEE YEAR |
1 | Group Key Agreement with Local Connectivity | In this paper, we study a group key agreement problem where a user is only aware of his neighbors while the connectivity graph is arbitrary. In our problem, there is no centralized initialization for users. A group key agreement with these features is very suitable for social networks. Under our setting, we construct two efficient protocols with passive security. We obtain lower bounds on the round complexity for this type of protocol, which demonstrates that our constructions are round efficient. Finally, we construct an actively secure protocol from a passively secure one | 2016 |
2 | PBA: Prediction-Based Authentication for Vehicle-to-Vehicle Communications | In vehicular networks, broadcast communications are critically important, as many safety-related applications rely on single-hop beacon messages broadcast to neighbor vehicles. However, it becomes a challenging problem to design a broadcast authentication scheme for secure vehicle-to-vehicle communications. Especially when a large number of beacons arrive in a short time, vehicles are vulnerable to computation-based Denial of Service (DoS) attacks that excessive signature verification exhausts their computational resources. In this paper, we propose an efficient broadcast authentication scheme called Prediction-Based Authentication (PBA) to not only defend against computation-based DoS attacks, but also resist packet losses caused by high mobility of vehicles. In contrast to most existing authentication schemes, our PBA is an efficient and lightweight scheme since it is primarily built on symmetric cryptography. To further reduce the verification delay for some emergency applications, PBA is designed to exploit the sender vehicle’s ability to predict future beacons in advance. In addition, to prevent memory-based DoS attacks, PBA only stores shortened re-keyed Message Authentication Codes (MACs) of signatures without decreasing security. We analyze the security of our scheme and simulate PBA under varying vehicular network scenarios. The results demonstrate that PBA fast verifies almost 99 percent messages with low storage cost not only in high-density traffic environments but also in lossy wireless environments. | 2016 |
3 | Secure and Robust Multi-Constrained QoS Aware Routing Algorithm for VANETs | Secure QoS routing algorithms are a fundamental part of wireless networks that aim to provide services with QoS and security guarantees. In vehicular ad hoc networks (VANETs), vehicles perform routing functions, and at the same time act as end-systems thus routing control messages are transmitted unprotected over wireless channels. The QoS of the entire network could be degraded by an attack on the routing process, and manipulation of the routing control messages. In this paper, we propose a novel secure and reliable multi-constrained QoS aware routing algorithm for VANETs. We employ the ant colony optimisation (ACO) technique to compute feasible routes in VANETs subject to multiple QoS constraints determined by the data traffic type. Moreover, we extend the VANET-oriented evolving graph (VoEG) model to perform plausibility checks on the routing control messages exchanged among vehicles. Simulation results show that the QoS can be guaranteed while applying security mechanisms to ensure a reliable and robust routing service. | 2016 |
4 | A Pseudonym Management System to Achieve Anonymity in Vehicular Ad Hoc Networks | In this paper we propose a framework for providing anonymity to communicating cars in VANETs. The anonymity is accomplished based on a system of pseudonym generation, distribution, and replenishing. The road side units (RSUs) play a key role in the framework by receiving the originally generated pseudonyms from the trusted authority, and then distributing pseudonym sets to cars while shuffling the sets amongst themselves to maximize anonymity. The pseudonym distribution process among the RSUs and to the vehicles is highly adaptive to accommodate the needs of the vehicles. We develop a distributed optimization algorithm for the shuffling process and a novel mechanism for cars to change their pseudonyms. Experimental evaluations based on ns3 simulations demonstrate the effectiveness of the framework through showing relatively high values of the used metric, namely the anonymity set. | 2016 |
5 | Enabling Fine-Grained Multi-Keyword Search Supporting Classified Sub-Dictionaries over Encrypted Cloud Data | Using cloud computing, individuals can store their data on remote servers and allow data access to public users through the cloud servers. As the outsourced data are likely to contain sensitive privacy information, they are typically encrypted before uploaded to the cloud. This, however, significantly limits the usability of outsourced data due to the difficulty of searching over the encrypted data. In this paper, we address this issue by developing the fine-grained multi-keyword search schemes over encrypted cloud data. Our original contributions are three-fold. First, we introduce the relevance scores and preference factors upon keywords which enable the precise keyword search and personalized user experience. Second, we develop a practical and very efficient multi-keyword search scheme. The proposed scheme can support complicated logic search the mixed “AND”, “OR” and “NO” operations of keywords. Third, we further employ the classified sub-dictionaries technique to achieve better efficiency on index building, trapdoor generating and query. Lastly, we analyze the security of the proposed schemes in terms of confidentiality of documents, privacy protection of index and trapdoor, and unlinkability of trapdoor. Through extensive experiments using the real-world dataset, we validate the performance of the proposed schemes. Both the security analysis and experimental results demonstrate that the proposed schemes can achieve the same security level comparing to the existing ones and better performance in terms of functionality, query complexity and efficiency. | 2016 |
6 | netCSI: A Generic Fault Diagnosis Algorithm for Large-Scale Failures in Computer Networks | We present a framework and a set of algorithms for determining faults in networks when large scale outages occur. The design principles of our algorithm, netCSI, are motivated by the fact that failures are geographically clustered in such cases. We address the challenge of determining faults with incomplete symptom information due to a limited number of reporting nodes. netCSI consists of two parts: a hypotheses generation algorithm, and a ranking algorithm. When constructing the hypothesis list of potential causes, we make novel use of positive and negative symptoms to improve the precision of the results. In addition, we propose pruning and thresholding along with a dynamic threshold value selector, to reduce the complexity of our algorithm. The ranking algorithm is based on conditional failure probability models that account for the geographic correlation of the network objects in clustered failures. We evaluate the performance of netCSI for networks with both random and realistic topologies. We compare the performance of netCSI with an existing fault diagnosis algorithm, MAX-COVERAGE, and demonstrate an average gain of 128 percent in accuracy for realistic topologies. | 2016 |
7 | Privacy Protection for Wireless Medical Sensor Data | In recent years, wireless sensor networks have been widely used in healthcare applications, such as hospital and home patient monitoring. Wireless medical sensor networks are more vulnerable to eavesdropping, modification, impersonation and replaying attacks than the wired networks. A lot of work has been done to secure wireless medical sensor networks. The existing solutions can protect the patient data during transmission, but cannot stop the inside attack where the administrator of the patient database reveals the sensitive patient data. In this paper, we propose a practical approach to prevent the inside attack by using multiple data servers to store patient data. The main contribution of this paper is securely distributing the patient data in multiple data servers and employing the Paillier and ElGamal cryptosystems to perform statistic analysis on the patient data without compromising the patients’ privacy. | 2016 |
8 | Wireless Communications under Broadband Reactive Jamming Attacks | A reactive jammer jams wireless channels only when target devices are transmitting; Compared to constant jamming, reactive jamming is harder to track and compensate against [2], [38]. Frequency hopping spread spectrum (FHSS) and direct sequence spread spectrum (DSSS) have been widely used as countermeasures against jamming attacks. However, both will fail if the jammer jams all frequency channels or has high transmit power. In this paper, we propose an anti-jamming communication system that allows communication in the presence of a broadband and high power reactive jammer. The proposed system transmits messages by harnessing the reaction time of a reactive jammer. It does not assume a reactive jammer with limited spectrum coverage and transmit power, and thus can be used in scenarios where traditional approaches fail. We develop a prototype of the proposed system using GNURadio. Our experimental evaluation shows that when a powerful reactive jammer is present, the prototype still keeps communication, whereas other schemes such as 802.11 DSSS fail completely. | 2016 |