Results 1 -
9 of
9
A Taxonomy for and Analysis of . . .
, 2009
"... Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the ..."
Abstract
-
Cited by 9 (0 self)
- Add to MetaCart
Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity of new surveillance technologies in cyberspace enables instant, undetectable, and unsolicited information collection about entities. Hence, anonymity and privacy are becoming increasingly important issues. Anonymization enables
Anonymity for Trust Holders using k-anonymity Chord
, 2006
"... Anonymity is important in a peer-to-peer system to protect peers that offer/request services. We propose an anonymity scheme on Chord to provide a peer k-anonymity protection against a global passive adversary who can sniff all the communication on a network. For collaborating adversaries, anonymity ..."
Abstract
- Add to MetaCart
(Show Context)
Anonymity is important in a peer-to-peer system to protect peers that offer/request services. We propose an anonymity scheme on Chord to provide a peer k-anonymity protection against a global passive adversary who can sniff all the communication on a network. For collaborating adversaries, anonymity is protected as long as they perform only passive attacks. An encryption scheme ensures that peers can authenticate the sender of an anonymous response. A trusted third party is not needed. We achieve a performance comparable to Chord. The efficiency and anonymity guarantees are shown theoretically. As a case scenario, anonymous access to trust information is studied on a trust model. Peers query the information stored by trust holders. We show how trust holders anonymously respond to such queries. Attack scenarios are discussed in detail to verify security of the scheme. Index Terms Peer-to-peer systems, anonymity, cryptography, trust management, security.
Algorithms for secure patrols in adversarial domains
, 2007
"... We consider the problem of providing decision support to a patrolling or security service in an adversarial domain. The idea is to create patrols that can achieve a high level of coverage or reward while taking into account the presence of an adversary. We assume that the adversary can learn or ob ..."
Abstract
- Add to MetaCart
(Show Context)
We consider the problem of providing decision support to a patrolling or security service in an adversarial domain. The idea is to create patrols that can achieve a high level of coverage or reward while taking into account the presence of an adversary. We assume that the adversary can learn or observe the patrolling strategy and use this to its advantage. We follow two different approaches depending on what is known about the adversary. If there is no information about the adversary we use a Markov Decision Process (MDP) to represent patrols and identify randomized solutions that minimize the information available to the adversary. This leads to algorithm BRLP, for policy randomization of MDPs. Second, when there is partial information about the adversary we decide on efficient patrols by solving a Bayesian Stackelberg game. Here, the leader decides first on a patrolling strategy and then an adversary, of possibly many adversary types, selects its best response for the given patrol. We provide an efficient MIP formulation to solve this NP-hard problem. Our experimental results show the efficiency of these algorithms and illustrate how these techniques provide optimal and secure patrolling policies.
An Information-Theoretic Framework for Analyzing Leak of Privacy in Distributed Hash Tables
"... ..."
(Show Context)
SCUBE: A DoS Resistant Distributed Search Protocol
"... Abstract – Many P2P-based storage systems use distributed indexing service for searching documents. There are two security issues when the nodes providing the index service are compromised by adversaries. First, the adversaries may delete the indexes or stop the program of indexing service, making t ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract – Many P2P-based storage systems use distributed indexing service for searching documents. There are two security issues when the nodes providing the index service are compromised by adversaries. First, the adversaries may delete the indexes or stop the program of indexing service, making the affected documents disappear in the search infrastructure. Second, the adversaries may leak the locations of the storage nodes hosting certain documents, making those nodes the target of DOS attacks. We propose a protocol called SCUBE which addresses these attacks by using secret-sharing based threshold cryptography and the concept of virtual addresses. The use of secretsharing enables us to achieve better security guarantees in comparison to traditional approaches like replication. Our results show that SCUBE performs appreciably well under different attack scenarios and incurs nominal overhead. A working prototype of SCUBE has also been implemented and tested on the Planetlab testbed. 1
Anonymous Access to Trust Information Using k-anonymity Chord
"... Abstract—In a reputation based trust network, each peer stores trust information of others and answers the trust queries, in addition to providing services to others. We present a cryptographic protocol on Chord, which provides anonymous access to trust information. Peers form anonymity groups and g ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract—In a reputation based trust network, each peer stores trust information of others and answers the trust queries, in addition to providing services to others. We present a cryptographic protocol on Chord, which provides anonymous access to trust information. Peers form anonymity groups and generate responses inside the group. Responder of a trust query has k-anonymity protection against an adversary who can sniff all communication on the network. Moreover, our encryption scheme ensures that the initiator of a trust query can check the validity of an anonymous reply. Keywords-anonymity, trust management, peer-to-peer I.
