1 / 27

When Watchdog Meets Coding

When Watchdog Meets Coding. Guanfeng Liang, Rachit Agarwal , Nitin Vaidya Coordinated Science Laboratory Dept. Electrical & Computer Engineering UIUC. Backgrounds. Security requirements Confidentiality Authenticity Integrity Why integrity? Why detection?

jontae
Download Presentation

When Watchdog Meets Coding

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. When Watchdog Meets Coding Guanfeng Liang, RachitAgarwal, NitinVaidya Coordinated Science Laboratory Dept. Electrical & Computer Engineering UIUC

  2. Backgrounds • Security requirements • Confidentiality • Authenticity • Integrity • Why integrity? Why detection? • Least requirement for communication to make sense. : detection

  3. Coding: the Theorists(detection at destination) • Coding theory: C-t (Singleton bound) • Network coding: • Capacity=C-t, achieved with linear network codes [Yeung&Cai’06] • Achieved with random linear network coding, w.h.p. [Jaggi et al.’07] • Assumption: the adversary can attack any t unit capacity links

  4. Watchdogs: the Practitioners(detection in the network) • Wireless multihop networks [Marti et al.’00] • Broadcast nature of wireless medium • Misbehaving nodes are monitored by neighboring nodes

  5. Coding: Theoretical Aspect A • What is the capacity for detection? • C=R, t=R, so C-t=0? • Linear codes can only achieve K • Non-linear network coding is necessary S D R xyz abc R K<R Attack! W ≠ abc xyz No! Capacity is R!

  6. Watchdog: Practical Aspect • Only a fraction of transmissions are overheard by the watchdog • fading, collision, interference, etc. • Problem: probability of detection can be very low if attacks infrequently

  7. A solution for the practical aspect

  8. Our Idea: Coding + Watchdog • Observation: watchdogs can’t detect if #bad pkts < threshold_w • Error detecting code to force the attacker to tamper more pkts • #bad pkts must > threshold_c to avoid detected by the decoder • To avoid being detected • threshold_c <#bad pkts < threshold_w • If threshold_c < threshold_w, detected w.h.p.

  9. Base Case • Assumptions: • Time slotted • Link SR, RD reliable • 1 pkt per slot • With probability q, W overhears both transmissions of a packet Duck Sam Wendy

  10. (n,k) MDS (Maximum Distance Separable) code at source • Attack is detected if no more than n-k pkts altered • “Smart” attacker: tamper at least n-k+1 pkts • Probability of not being detected

  11. Construct a (n,k) MDS code such that • Then • Example:

  12. Tradeoff: Throughput and Security • If a watchdog monitors more than one flow, contention at the watchdog. Duck1 Duck2 Sam Wendy Simon

  13. Tradeoff under Slotted ALOHA • Slotted ALOHA: access probability • Throughput • Probability of overhearing both transmissions

  14. Construct a (n,k) MDS code such that • Effective throughput

  15. Not detecting the attack Effective throughput

  16. What if the watchdog is under attack?

  17. Locating Misbehaving Node • The watchdog may be the one that misbehaves in reality • A misbehaving watchdog may raise false alarms any time • Need at lease 3 nodes to identify 1 bad node

  18. W1/W2 send 1 if attack detected, 0 otherwise • ML decision rule: • 00: no bad node • 11: R is bad • 10: W1 is bad • 01: W2 is bad Winnie Duck Sam Wendy

  19. Note: a misbehaving watchdog will always be correctly located. The attacker has no incentive to attack watchdogs. • If relay is under attack

  20. Accusing a good watchdog Not detecting the attack

  21. Conclusion • Misbehavior (tampering attack) detection • Source coding + watchdog • Error detection codes prevents attackers from evading watchdogs • Watchdogs prevent attacker from evading of error detection codes • Simple and easy to implement • can be added to any existing watchdog mechanisms

  22. Watchdog and coding live together happily ever after…

  23. Outline • Motivation and backgrounds • Coding + Watchdog • Detecting attack • Identifying misbehaving node • Conclusion

  24. Longer Path S 6 9 D 8 3 1 2 4 5

  25. One interesting example for linear network codes A a 1 E a a 2 a, b 1 b b 1 C S D 1 1 a, a+b F a+b 2 a+b B 1 A a E a,= a a, b b b,= C S D b a, a+b F a+b a+b B

  26. Broadcast Transform S R D W S S’ R R’ D W

More Related