A privacy-preserving reputation scheme for trust management on VANETs applications / Um esquema de reputação preservando a privacidade para o gerenciamento de confiança em aplicações VANETs

Jaimes, Luz Marina Santos

10 August 2017

Vehicles will use pseudonyms instead of relying on long-term certificates to provide security and privacy. Pseudonyms are short-term public key certificates that do not contain identity-linking information about the vehicle. However, there is a constant risk that authorised vehicles may send fake messages or behave selfishly, and this can affect the performance of the Vehicular Ad hoc NETwork (VANET). In this context, trust management is another important component of security services in VANETs, which provides a unified system for establishing a relationship between the nodes and helps by keeping record of the behaviour of the vehicles. Nevertheless, it is a challenging task to monitor the evolving pattern of the vehicular behaviour, since communication between the vehicles is anonymous. It is not easy to find a balanced solution that meets the requirements of security, privacy, and trust management in VANET. In view of this, we put forward a Preserving-Privacy Reputation Scheme (PPRS) applied to VANETs, in which a reputation server through a Roadside Unit receives feedback about the behaviour of the vehicles. The server updates and certifies the reputation of the vehicles by matching their anonymous identities with their real ones. Our scheme introduces geographical areas of security, in which the security of an area can be adapted to higher or lower levels depending on the reputation of the vehicles. In addition, complex reputation is examined, in which the reputation of a vehicle is linked to several behavioural factors. A further key area that is explored is the performance evaluation of PPRS which is conducted through a set of simulations in a grid scenario, based on an opportunistic message forwarding application. The results showed the effectiveness of PPRS in terms of assessing the behaviour of the vehicles and taking measures against the misbehaving vehicles. We used SUMO to simulate the mobility model; OMNET++ and Veins supported the simulation of the network model. In addition, Crypto++ was used to implement the elliptical curve cryptographic functions of signature and verification of messages, as recommended by the security standards. Finally, we employ a pseudonym changing strategy in which the reputation is discretised at two levels of reputation. The strategy was implemented in a realistic traffic simulation scenario, and was compared with the so called status and synchronous strategies through a serie of simulations. The results showed that the number of pseudonyms used in our strategy is lower than the strategies mentioned above, and maintains the rate of success of changing pseudonym achieved by the synchronous strategy. / Os veículos usarão pseudônimos em vez de certificados de longo prazo para fornecer segurança e privacidade. Os pseudônimos são certificados de chaves públicas de curto prazo que não contêm informação da identidade do veículo. No entanto, existe risco que veículos autorizados possam enviar mensagens falsas ou se comportar de maneira egoísta, e isso pode afetar o desempenho das redes veiculares (VANETs). Nesse contexto, o gerenciamento de confiança é um importante serviço de segurança nas VANETs, o qual fornece um sistema unificado para estabelecer relações entre os nós e ajuda a manter um registro do comportamento dos veículos. No entanto, é uma tarefa desafiante monitorar o padrão evolutivo do comportamento veicular, já que a comunicação entre os veículos é anônima. Não é uma tarefa fácil encontrar uma solução equilibrada que atenda aos requisitos de segurança, privacidade e gerenciamento de confiança em VANET. Em vista disso, apresentamos um Esquema de Reputação Preservando a Privacidade (ERPP) aplicado a VANETs, no qual um servidor de reputação através de uma unidade de acostamento recebe avaliações sobre o comportamento dos veículos. O servidor atualiza e certifica a reputação dos veículos relacionando seus identidades anônimas com as reais. ERPP introduz áreas geográficas de segurança, na qual a segurança de uma área pode ser adaptada a níveis mais elevados ou mais baixos dependendo da reputação dos veículos. Além, uma reputação complexa é examinada, na qual a reputação de um veículo está vinculada a vários fatores do comportamento. Uma outra área que é explorada é a avaliação de desempenho do ERPP o qual é conduzida através de simulações em um cenário urbano, com base na aplicação de encaminhamento oportunista de mensagens. Os resultados mostraram a eficácia do ERPP em termos de avaliar o comportamento dos veículos e tomar medidas contra os veículos mal comportados. Utilizamos SUMO para simular o modelo de mobilidade; OMNET++ e Veins suportaram o modelo de red; and Crypto++ foi usado para implementar as funções criptográficas de curvas elípticas de assinatura e verificação de mensagens como recomendam os padrões de segurança. Finalmente, empregamos uma estratégia de mudança de pseudônimo na qual a reputação é discretizada em dois níveis de reputação. A estratégia foi implementada em um cenário de simulação de tráfego realista e foi comparada com as estratégias nomeadas de estado e síncrona mediante simulações. Os resultados mostraram que o número de pseudônimos utilizados em nossa estratégia é menor que os esquemas mencionados, e mantém a taxa de sucesso de mudança de pseudônimo alcançada pela estratégia síncrona.

Gerenciamento de confiança

Mobile network

Rede móvel

Rede veicular

Reputation system

Security

Seguridade

Sistema de reputação

Trust management

Vehicular network

A privacy-preserving reputation scheme for trust management on VANETs applications / Um esquema de reputação preservando a privacidade para o gerenciamento de confiança em aplicações VANETs

Luz Marina Santos Jaimes

10 August 2017

Vehicles will use pseudonyms instead of relying on long-term certificates to provide security and privacy. Pseudonyms are short-term public key certificates that do not contain identity-linking information about the vehicle. However, there is a constant risk that authorised vehicles may send fake messages or behave selfishly, and this can affect the performance of the Vehicular Ad hoc NETwork (VANET). In this context, trust management is another important component of security services in VANETs, which provides a unified system for establishing a relationship between the nodes and helps by keeping record of the behaviour of the vehicles. Nevertheless, it is a challenging task to monitor the evolving pattern of the vehicular behaviour, since communication between the vehicles is anonymous. It is not easy to find a balanced solution that meets the requirements of security, privacy, and trust management in VANET. In view of this, we put forward a Preserving-Privacy Reputation Scheme (PPRS) applied to VANETs, in which a reputation server through a Roadside Unit receives feedback about the behaviour of the vehicles. The server updates and certifies the reputation of the vehicles by matching their anonymous identities with their real ones. Our scheme introduces geographical areas of security, in which the security of an area can be adapted to higher or lower levels depending on the reputation of the vehicles. In addition, complex reputation is examined, in which the reputation of a vehicle is linked to several behavioural factors. A further key area that is explored is the performance evaluation of PPRS which is conducted through a set of simulations in a grid scenario, based on an opportunistic message forwarding application. The results showed the effectiveness of PPRS in terms of assessing the behaviour of the vehicles and taking measures against the misbehaving vehicles. We used SUMO to simulate the mobility model; OMNET++ and Veins supported the simulation of the network model. In addition, Crypto++ was used to implement the elliptical curve cryptographic functions of signature and verification of messages, as recommended by the security standards. Finally, we employ a pseudonym changing strategy in which the reputation is discretised at two levels of reputation. The strategy was implemented in a realistic traffic simulation scenario, and was compared with the so called status and synchronous strategies through a serie of simulations. The results showed that the number of pseudonyms used in our strategy is lower than the strategies mentioned above, and maintains the rate of success of changing pseudonym achieved by the synchronous strategy. / Os veículos usarão pseudônimos em vez de certificados de longo prazo para fornecer segurança e privacidade. Os pseudônimos são certificados de chaves públicas de curto prazo que não contêm informação da identidade do veículo. No entanto, existe risco que veículos autorizados possam enviar mensagens falsas ou se comportar de maneira egoísta, e isso pode afetar o desempenho das redes veiculares (VANETs). Nesse contexto, o gerenciamento de confiança é um importante serviço de segurança nas VANETs, o qual fornece um sistema unificado para estabelecer relações entre os nós e ajuda a manter um registro do comportamento dos veículos. No entanto, é uma tarefa desafiante monitorar o padrão evolutivo do comportamento veicular, já que a comunicação entre os veículos é anônima. Não é uma tarefa fácil encontrar uma solução equilibrada que atenda aos requisitos de segurança, privacidade e gerenciamento de confiança em VANET. Em vista disso, apresentamos um Esquema de Reputação Preservando a Privacidade (ERPP) aplicado a VANETs, no qual um servidor de reputação através de uma unidade de acostamento recebe avaliações sobre o comportamento dos veículos. O servidor atualiza e certifica a reputação dos veículos relacionando seus identidades anônimas com as reais. ERPP introduz áreas geográficas de segurança, na qual a segurança de uma área pode ser adaptada a níveis mais elevados ou mais baixos dependendo da reputação dos veículos. Além, uma reputação complexa é examinada, na qual a reputação de um veículo está vinculada a vários fatores do comportamento. Uma outra área que é explorada é a avaliação de desempenho do ERPP o qual é conduzida através de simulações em um cenário urbano, com base na aplicação de encaminhamento oportunista de mensagens. Os resultados mostraram a eficácia do ERPP em termos de avaliar o comportamento dos veículos e tomar medidas contra os veículos mal comportados. Utilizamos SUMO para simular o modelo de mobilidade; OMNET++ e Veins suportaram o modelo de red; and Crypto++ foi usado para implementar as funções criptográficas de curvas elípticas de assinatura e verificação de mensagens como recomendam os padrões de segurança. Finalmente, empregamos uma estratégia de mudança de pseudônimo na qual a reputação é discretizada em dois níveis de reputação. A estratégia foi implementada em um cenário de simulação de tráfego realista e foi comparada com as estratégias nomeadas de estado e síncrona mediante simulações. Os resultados mostraram que o número de pseudônimos utilizados em nossa estratégia é menor que os esquemas mencionados, e mantém a taxa de sucesso de mudança de pseudônimo alcançada pela estratégia síncrona.

Gerenciamento de confiança

Rede móvel

Rede veicular

Seguridade

Sistema de reputação

Mobile network

Reputation system

Security

Trust management

Vehicular network

Secured trust and reputation system : analysis of malicious behaviors and optimization / Gestion de la confiance et de la réputation sécurisée : analyse des attaques possibles et optimisation

Bradai, Amira

29 September 2014

Les mécanismes de réputation offrent un moyen nouveau et efficace pour assurer le niveau nécessaire de confiance qui est indispensable au bon fonctionnement de tout système critique. Ce fonctionnement consiste à collecter les informations sur l’historique des participants et rendent public leur réputation. Le système guide les décisions en tenant compte de ces informations et ainsi faire des choix plussécurisés. Des mécanismes de réputation en ligne sont présents dans la plupart des sites e-commerce disponibles aujourd’hui. Les systèmes existants ont été conçus avec l’hypothèse que les utilisateurs partagent les informations honnêtement. Mais, beaucoup de systèmes de réputation sont en général un sujet d’attaque par les utilisateurs malveillants. L’attaque peut affecter la coopération, l’agrégation et l’´évaluation. Certains utilisateurs veulent utiliser les ressources du réseau, mais ne veulent pas contribuer en retour. Autres manipulent les évaluations de la confiance et donnent une mauvaise estimation. Nous avons vu récemment de plus en plus que ça devient évident que certains utilisateurs manipulent stratégiquement leurs évaluations et se comportent d’une façon malhonnête. Pour une protection adéquate contre ces utilisateurs, un système sécurisé pour la gestion de la réputation est nécessaire. Dans notre système, une entité centrale existe et peut agréger les informations. Cependant, Les réseaux pair à pair n’ont pas de contrôle central ou un référentiel ce qui rend la tâche plus difficile. Ainsi, le système de gestion de la réputation doit effectuer toutes les tâches de manière distribuée. Lorsque ce genre des systèmes est mis en œuvre, les pairs essaient de plus en plus de manipuler les informations. Cette thèse décrit les moyens pour rendre les mécanismes de réputation plus sécurisé en analysant les risques et en fournissant un mécanisme de défense. Différents types de comportements malveillants existent et pour chacun d’eux, nous présentons une analyse complète, des simulations et un exemple d’utilisation réel / Reputation mechanisms offer a novel and effective way of ensuring the necessary level of trust which is essential to the functioning of any critical system. They collect information about the history (i.e., past transactions) of participants and make public their reputation. Prospective participants guide their decisions by considering reputation information, and thus make more informative choices. Online reputation mechanisms enjoy huge success. They are present in most e-commerce sites available today, and are seriously taken into consideration by human users. Existing reputation systems were conceived with the assumption that users will share feedback honestly. But, such systems like those in peer to peer are generally compromise of malicious users. This leads to the problem in cooperation, aggregation and evaluation. Some users want to use resources from network but do not want to contribute back to the network. Others manipulate the evaluations of trust and provide wrong estimation. We have recently seen increasing evidence that some users strategically manipulate their reports and behave maliciously. For proper protecting against those users, some kind of reputation management system is required. In some system, a trusted third entity exists and can aggregate the information. However, Peer-to-peer networks don’t have any central control or repository. Large size of distributed and hybrid networks makes the reputation management more challenging task. Hence reputation management system should perform all the tasks in distributed fashion. When these kinds of systems are implemented, peers try to deceive them to take maximum advantage. This thesis describes ways of making reputation mechanisms more trustworthy and optimized by providing defense mechanism and analysis. Different kinds of malicious behaviors exist and for each one, we present a complete analysis, simulation and a real use case example in distributed and non-distributed way

Gestion de la confiance

Gestion de la réputation

Système distribué

Théorie des jeux

Modèle byzantin

Trust management

Reputation system

Distributed system

Game theory

Byzantine model

Um sistema de reputação para interação baseada em serviços

Molina, Fernando Henrique Ferrarezi

03 March 2016

Submitted by Daniele Amaral (daniee_ni@hotmail.com) on 2016-10-03T19:31:10Z No. of bitstreams: 1 DissFHFM.pdf: 5748298 bytes, checksum: d57e4d617ea74342f31ff21aef4eb98b (MD5) / Approved for entry into archive by Marina Freitas (marinapf@ufscar.br) on 2016-10-10T17:27:52Z (GMT) No. of bitstreams: 1 DissFHFM.pdf: 5748298 bytes, checksum: d57e4d617ea74342f31ff21aef4eb98b (MD5) / Approved for entry into archive by Marina Freitas (marinapf@ufscar.br) on 2016-10-10T17:27:59Z (GMT) No. of bitstreams: 1 DissFHFM.pdf: 5748298 bytes, checksum: d57e4d617ea74342f31ff21aef4eb98b (MD5) / Made available in DSpace on 2016-10-10T17:28:10Z (GMT). No. of bitstreams: 1 DissFHFM.pdf: 5748298 bytes, checksum: d57e4d617ea74342f31ff21aef4eb98b (MD5) Previous issue date: 2016-03-03 / Conselho Nacional de Desenvolvimento Científico e Tecnológico (CNPq) / Service-based communication is becoming increasingly relevant, as seen in the Internet of Things scenarios. Choosing an adequate service however can be a difficult task, as this form of communication may involve sensible resources and data. A trustworthy, safe, and privacy preserving mechanism is desirable for service selection. Reputation systems can help in this selection. This thesis presents a reputation system for service selection based on the security and privacy mechanisms of crypto-coins. In order to evaluate the performance of the proposed mechanism in the identification of low quality service providers we also investigated the use of different formulations used to determine a reputation based on peer voting. Results from simulation show the proposed system architecture is viable and supports large adoption via a scalable infrastructure. The performance analysis of different formulations for the calculus of reputations also shows that the recent behavior of an entity is the most impacting factor in establishing its reputation. / A comunicação por meio de serviços tem se tornado cada vez mais relevante, como em cenários da Internet das Coisas. A escolha entre serviços, contudo, pode ser uma tarefa difícil, já que essa forma de comunicação pode envolver recursos e dados sensíveis. Assim, é preciso um sistema de seleção de serviços que seja confiável, seguro e privado, garantindo que as expectativas dos utilizadores dos serviços sejam alcançadas. Sistemas de reputação podem ajudar nessa seleção. Assim, este trabalho apresenta um sistema de reputação distribuído para avaliação de interações baseadas em serviços utilizando conceitos da arquitetura de sistemas das cripto moedas. Para avaliar o desempenho na detecção de serviços de baixa qualidade utilizando o mecanismo proposto, apresenta-se também um estudo do comportamento de diferentes formulações para o cálculo de reputações. Resultados obtidos via simulação mostram que a arquitetura do sistema de reputação proposto é viável e permite uma ampla adoção com uma infraestrutura escalável. A análise do comportamento das formulações também permite concluir que o histórico recente do comportamento dos elementos avaliados é o fator que mais influencia na qualificação dos dispositivos.

D2D

Internet das coisas

Sistemas de reputação

Comunicação baseada em serviços

P2P

Internet of things

Reputation system

Service-based communication

一個以聲譽為基礎的協同合作信任夥伴選取模式 / A Reputation-based Model for Selecting Trusted Collaborative Partners

陳樂惠, Chen, Le Hui

Unknown Date

協同合作(collaboration)是一個以知識為基礎的互動及建構過程，從1990年中葉起在供應鏈中就被廣泛運用在各項議題中。協同供應鏈成員間的關係主要建立在專案上，彼此間可能沒有合作過的經驗，未來也可能沒有再次合作的機會；事實上，選擇值得信任的合作夥伴是協同供應鏈邁向成功的重要步驟。本研究發展了一個選取信任合作夥伴的模式，在於企業發現新的商業機會時，能選擇一個以往沒有合作經驗但具有高度初始信任(initial trust)的候選人。該模式主要採用聲譽系統(reputation system)和推薦網絡(referral networks)來選取最具有良好聲譽的候選人。我們的模式首先是利用推薦網絡蒐尋到與候選人合作過的第三者來取得候選人的主觀及客觀評選資料，接著利用蒐集到的資料計算出初始信任分數最高的候選人作為協同合作夥伴。在實驗中証實本研究確實可以協助企業選取到具有良好特質的候選人，同時本研究也找出了影響實驗結果的關鍵因素及其值。 / Collaboration is an interactive, constructive and knowledge-based process that has been widely discussed since the mid 1990s. Relationships among participants in the collaborative supply chain are based on projects; with participants have neither histories of interaction, nor any plan for future cooperation. However, selecting a right partner is a critical starting point for successful collaboration in supply chain management. This study develops a Reputation-Based Partner Selection Model (RBPS model) for selecting unknown collaborative partners to explore a new business opportunity, ensure that the partners have high levels of initial trust. The proposed model utilizes the referral networks and reputation system to identify the objective and subjective testimonies of partner candidates from third parties who had previously collaborated with the candidates. These information elements are aggregated into an initial-trust score, and the candidate with the highest score is selected to be a collaborative partner. The experiments were designed to test the model that can help the requestor enterprise to select a partner with the highest initial trust among multiple candidates. The results showed that the candidate, with fine temperament in three trust types (as competence, goodwill and predictability), was selected far more often than other competitors after multiple tests of computer simulations. Additionally, the critical factors and values that most affect the results of RBPS model to select the most reputable candidates were identified.

協同合作

協同供應鏈

初始信任

聲譽系統

推薦網絡

collaboration

collaborative supply chain

initial trust

reputation system

referral networks

The effect of reputation systems and on-line chat services on consumers' responses towards unfamiliar retailers

Zhang, Ruirui

07 November 2011

Creating effective functions in website designs that reduce consumers' anxiety in shopping online is a challenge common to most e-retailers. The present study investigated the roles of online reputation systems and instant chat services in decreasing customer perceived risk and increasing initial trust in unfamiliar e-retailers. Therefore, the reputation system when coupled with live chat service may be an effective external mechanism for providing potential consumers with critical decision making information. The present research focused on examining the respective value of live chat services and reputation systems in reducing potential consumers' perceived risk and simultaneously increasing their initial trust towards an unfamiliar e-retailer. The present research tested an e-retailing trust model based on the consumer decision making process. The model incorporated the following variables: (1) live chat service, and (2) reputation system, and explanatory variables: (1) perceived risk and (2) an initial trust. Customer prediction of purchasing is the response variable. The moderating role of interdependent and independent self-construal on online consumers’ behavior was also examined. Based on the review of literature, the following hypotheses were developed: (H1) Perceived risk associated with an unfamiliar web retailer will vary as a feature of the reputation system feature of a web retailer; where the reputation is positive, perceived risk will decrease. (H2) Perceived risk associated with an unfamiliar web retailer will vary as a feature of the instant chat feature of a web retailer; the mere presence of a live chat feature will decrease perceived risk. (H3) Initial trust associated with an unfamiliar web retailer will vary as a feature of the reputation system feature of a web retailer; where the reputation is viewed as negative, perceived risk will increase. (H4) Initial trust associated with an unfamiliar web retailer will very as a feature of the instant chat feature of a web retailer; the mere absence of a live chat feature will result in an increase in perceived risk. (H5) Purchase Intention will be influenced by the live chat function in the e-retailing website. (H6) Purchase Intention will be influenced by the evaluation system presented in the website. (H7) Purchase Intention will be influenced by the customers' perceived risk. (H8) Purchase intention will be influenced by the customers' initial trust. (H9) There is no interaction effect between the perceived risk and initial trust. (H10) Self-construal will moderate the effects on initial trust and perceived risk. A two by two factorial between-subjects experiment was conducted using a mock retail website design to examine the effect of reputation system and live chat service on customers. The findings demonstrated that the evaluation system significantly influences customers' perceived risk and initial trust, and directly influences customers' purchase intention. Perceived risk and initial trust influence customers' purchase intention independently. For future marketing implications, this research suggests that positive customer reviews, transaction history or other evaluation details in the web presentation is crucial for a starting e-retailer. Although there is no significant direct effect of self-construal on the perceived risk and initial trust, this research demonstrated that female and male have different self-construal and self-construal can be a good mediator to observe its effects on the customers' attitude and behavior. Furthermore, customers' initial trust and perceived risk determine their behavior separately which indicates that customers' initial trust increase doesn’t mean their perceived risk will decrease. / Graduation date: 2012

Reputation system

Live chat service

Purchase intention

Perceived risk

Initial trust

Teleshopping -- Public opinion

Teleshopping -- Customer services

Electronic commerce -- Public opinion

Electronic commerce -- Customer services

Consumers -- Attitudes

Consumer behavior

Rozhraní bezpečnostního systému pro WiFi sítě / User Interface for WiFi Network Security System

Hirš, Petr

January 2007

This master thesis deals with analysis of an implementation of a reputation system. I particularly focus on analysis of user interface and to find an approach for possible user interface improvements of such a reputation system. I describe possible solutions and I also compare my solution with similar existing systems that are also focused on network security. A part of the diploma thesis is devoted to user interface design. There is also mentioned a database design together with a way the users log on into the system. A few chapters are devoted to the area of data presentation and the usage of template system. In the work there are also described interesting issues that appeared during the implementation. In the conclusion of this work, there is an overall project evaluation and also several remarks about the possible upgrade.

Kooperative Angriffserkennung in drahtlosen Ad-hoc- und Infrastrukturnetzen

Groß, Stephan

21 December 2011

Mit der zunehmenden Verbreitung mobiler Endgeräte und Dienste ergeben sich auch neue Herausforderungen für ihre Sicherheit. Diese lassen sich nur teilweise mit herkömmlichen Sicherheitsparadigmen und -mechanismen meistern. Die Gründe hierfür sind in den veränderten Voraussetzungen durch die inhärenten Eigenschaften mobiler Systeme zu suchen. Die vorliegende Arbeit thematisiert am Beispiel von Wireless LANs die Entwicklung von Sicherheitsmechanismen für drahtlose Ad-hoc- und Infrastrukturnetze. Sie stellt dabei den umfassenden Schutz der einzelnen Endgeräte in den Vordergrund, die zur Kompensation fehlender infrastruktureller Sicherheitsmaßnahmen miteinander kooperieren. Den Ausgangspunkt der Arbeit bildet eine Analyse der Charakteristika mobiler Umgebungen, um grundlegende Anforderungen an eine Sicherheitslösung zu identifizieren. Anhand dieser werden existierende Lösungen bewertet und miteinander verglichen. Der so gewonnene Einblick in die Vor- und Nachteile präventiver, reaktiver und angriffstoleranter Mechanismen führt zu der Konzeption einer hybriden universellen Rahmenarchitektur zur Integration beliebiger Sicherheitsmechanismen in einem kooperativen Verbund. Die Validierung des Systementwurfs erfolgt anhand einer zweigeteilten prototypischen Implementierung. Den ersten Teil bildet die Realisierung eines verteilten Network Intrusion Detection Systems als Beispiel für einen Sicherheitsmechanismus. Hierzu wird eine Methodik beschrieben, um anomalie- und missbrauchserkennende Strategien auf beliebige Netzprotokolle anzuwenden. Die Machbarkeit des geschilderten Ansatzes wird am Beispiel von infrastrukturellem WLAN nach IEEE 802.11 demonstriert. Den zweiten Teil der Validierung bildet der Prototyp einer Kooperations-Middleware auf Basis von Peer-to-Peer-Technologien für die gemeinsame Angriffserkennung lose gekoppelter Endgeräte. Dieser kompensiert bisher fehlende Mechanismen zur optimierten Abbildung des Overlay-Netzes auf die physische Struktur drahtloser Netze, indem er nachträglich die räumliche Position mobiler Knoten in die Auswahl eines Kooperationspartners einbezieht. Die zusätzlich definierte Schnittstelle zu einem Vertrauensmanagementsystem ermöglicht die Etablierung von Vertrauensbeziehungen auf Kooperationsebene als wichtige Voraussetzung für den Einsatz in realen Umgebungen. Als Beispiel für ein Vertrauensmanagementsystem wird der Einsatz von Reputationssystemen zur Bewertung der Verlässlichkeit eines mobilen Knotens diskutiert. Neben einem kurzen Abriss zum Stand der Forschung in diesem Gebiet werden dazu zwei Vorschläge für die Gestaltung eines solchen Systems für mobile Ad-hoc-Netze gemacht. / The increasing deployment of mobile devices and accompanying services leads to new security challenges. Due to the changed premises caused by particular features of mobile systems, these obstacles cannot be solved solely by traditional security paradigms and mechanisms. Drawing on the example of wireless LANs, this thesis examines the development of security mechanisms for wireless ad hoc and infrastructural networks. It places special emphasis on the comprehensive protection of each single device as well as compensating missing infrastructural security means by cooperation. As a starting point this thesis analyses the characteristics of mobile environments to identify basic requirements for a security solution. Based on these requirements existing preventive, reactive and intrusion tolerant approaches are evaluated. This leads to the conception of a hybrid and universal framework to integrate arbitrary security mechanisms within cooperative formations. The resulting system design is then validated by a twofold prototype implementation. The first part consists of a distributed network intrusion detection system as an example for a security mechanism. After describing a methodology for applying anomaly- as well as misuse-based detection strategies to arbitrary network protocols, the feasibility of this approach is demonstrated for IEEE 802.11 infrastructural wireless LAN. The second part of the validation is represented by the prototype of a P2P-based cooperation middleware for collaborative intrusion detection by loosely coupled devices. Missing mechanisms for the improved mapping of overlay and physical network structures are compensated by subsequently considering the spatial position of a mobile node when choosing a cooperation partner. Furthermore, an additional interface to an external trust management system enables the establishment of trust relationships as a prerequisite for a deployment in real world scenarios. Reputation systems serve as an example of such a trust management system that can be used to estimate the reliability of a mobile node. After outlining the state of the art, two design patterns of a reputation system for mobile ad hoc networks are presented.

Kooperative Angriffserkennung

Angriffserkennung

WLAN

IEEE 802.11

drahtlose Infrastrukturnetze

drahtlose Ad-hoc-Netze

drahtlose Netze

Vertrauensmanagement

Reputationssystem

cooperative intrusion detection

intrusion detection

WLAN

IEEE 802.11

wireless infrastructural networks

wireless ad hoc networks

wireless networks

trust management

reputation system

ddc:004

rvk:ST 200

Kooperative Angriffserkennung in drahtlosen Ad-hoc- und Infrastrukturnetzen: Anforderungsanalyse, Systementwurf und Umsetzung

Groß, Stephan

01 December 2008

Mit der zunehmenden Verbreitung mobiler Endgeräte und Dienste ergeben sich auch neue Herausforderungen für ihre Sicherheit. Diese lassen sich nur teilweise mit herkömmlichen Sicherheitsparadigmen und -mechanismen meistern. Die Gründe hierfür sind in den veränderten Voraussetzungen durch die inhärenten Eigenschaften mobiler Systeme zu suchen. Die vorliegende Arbeit thematisiert am Beispiel von Wireless LANs die Entwicklung von Sicherheitsmechanismen für drahtlose Ad-hoc- und Infrastrukturnetze. Sie stellt dabei den umfassenden Schutz der einzelnen Endgeräte in den Vordergrund, die zur Kompensation fehlender infrastruktureller Sicherheitsmaßnahmen miteinander kooperieren. Den Ausgangspunkt der Arbeit bildet eine Analyse der Charakteristika mobiler Umgebungen, um grundlegende Anforderungen an eine Sicherheitslösung zu identifizieren. Anhand dieser werden existierende Lösungen bewertet und miteinander verglichen. Der so gewonnene Einblick in die Vor- und Nachteile präventiver, reaktiver und angriffstoleranter Mechanismen führt zu der Konzeption einer hybriden universellen Rahmenarchitektur zur Integration beliebiger Sicherheitsmechanismen in einem kooperativen Verbund. Die Validierung des Systementwurfs erfolgt anhand einer zweigeteilten prototypischen Implementierung. Den ersten Teil bildet die Realisierung eines verteilten Network Intrusion Detection Systems als Beispiel für einen Sicherheitsmechanismus. Hierzu wird eine Methodik beschrieben, um anomalie- und missbrauchserkennende Strategien auf beliebige Netzprotokolle anzuwenden. Die Machbarkeit des geschilderten Ansatzes wird am Beispiel von infrastrukturellem WLAN nach IEEE 802.11 demonstriert. Den zweiten Teil der Validierung bildet der Prototyp einer Kooperations-Middleware auf Basis von Peer-to-Peer-Technologien für die gemeinsame Angriffserkennung lose gekoppelter Endgeräte. Dieser kompensiert bisher fehlende Mechanismen zur optimierten Abbildung des Overlay-Netzes auf die physische Struktur drahtloser Netze, indem er nachträglich die räumliche Position mobiler Knoten in die Auswahl eines Kooperationspartners einbezieht. Die zusätzlich definierte Schnittstelle zu einem Vertrauensmanagementsystem ermöglicht die Etablierung von Vertrauensbeziehungen auf Kooperationsebene als wichtige Voraussetzung für den Einsatz in realen Umgebungen. Als Beispiel für ein Vertrauensmanagementsystem wird der Einsatz von Reputationssystemen zur Bewertung der Verlässlichkeit eines mobilen Knotens diskutiert. Neben einem kurzen Abriss zum Stand der Forschung in diesem Gebiet werden dazu zwei Vorschläge für die Gestaltung eines solchen Systems für mobile Ad-hoc-Netze gemacht. / The increasing deployment of mobile devices and accompanying services leads to new security challenges. Due to the changed premises caused by particular features of mobile systems, these obstacles cannot be solved solely by traditional security paradigms and mechanisms. Drawing on the example of wireless LANs, this thesis examines the development of security mechanisms for wireless ad hoc and infrastructural networks. It places special emphasis on the comprehensive protection of each single device as well as compensating missing infrastructural security means by cooperation. As a starting point this thesis analyses the characteristics of mobile environments to identify basic requirements for a security solution. Based on these requirements existing preventive, reactive and intrusion tolerant approaches are evaluated. This leads to the conception of a hybrid and universal framework to integrate arbitrary security mechanisms within cooperative formations. The resulting system design is then validated by a twofold prototype implementation. The first part consists of a distributed network intrusion detection system as an example for a security mechanism. After describing a methodology for applying anomaly- as well as misuse-based detection strategies to arbitrary network protocols, the feasibility of this approach is demonstrated for IEEE 802.11 infrastructural wireless LAN. The second part of the validation is represented by the prototype of a P2P-based cooperation middleware for collaborative intrusion detection by loosely coupled devices. Missing mechanisms for the improved mapping of overlay and physical network structures are compensated by subsequently considering the spatial position of a mobile node when choosing a cooperation partner. Furthermore, an additional interface to an external trust management system enables the establishment of trust relationships as a prerequisite for a deployment in real world scenarios. Reputation systems serve as an example of such a trust management system that can be used to estimate the reliability of a mobile node. After outlining the state of the art, two design patterns of a reputation system for mobile ad hoc networks are presented.

info:eu-repo/classification/ddc/004

ddc:004