Efficient Packet-Drop Thwarting and User-Privacy Preserving Protocols for Multi-hop Wireless Networks

Mahmoud, Mohamed Mohamed Elsalih Abdelsalam

08 April 2011

In multi-hop wireless network (MWN), the mobile nodes relay others’ packets for enabling new applications and enhancing the network deployment and performance. However, the selfish nodes drop the packets because packet relay consumes their resources without benefits, and the malicious nodes drop the packets to launch Denial-of-Service attacks. Packet drop attacks adversely degrade the network fairness and performance in terms of throughput, delay, and packet delivery ratio. Moreover, due to the nature of wireless transmission and multi-hop packet relay, the attackers can analyze the network traffic in undetectable way to learn the users’ locations in number of hops and their communication activities causing a serious threat to the users’ privacy. In this thesis, we propose efficient security protocols for thwarting packet drop attacks and preserving users’ privacy in multi-hop wireless networks. First, we design a fair and efficient cooperation incentive protocol to stimulate the selfish nodes to relay others’ packets. The source and the destination nodes pay credits (or micropayment) to the intermediate nodes for relaying their packets. In addition to cooperation stimulation, the incentive protocol enforces fairness by rewarding credits to compensate the nodes for the consumed resources in relaying others’ packets. The protocol also discourages launching Resource-Exhaustion attacks by sending bogus packets to exhaust the intermediate nodes’ resources because the nodes pay for relaying their packets. For fair charging policy, both the source and the destination nodes are charged when the two nodes benefit from the communication. Since micropayment protocols have been originally proposed for web-based applications, we propose a practical payment model specifically designed for MWNs to consider the significant differences between web-based applications and cooperation stimulation. Although the non-repudiation property of the public-key cryptography is essential for securing the incentive protocol, the public-key cryptography requires too complicated computations and has a long signature tag. For efficient implementation, we use the public-key cryptography only for the first packet in a series and use the efficient hashing operations for the next packets, so that the overhead of the packet series converges to that of the hashing operations. Since a trusted party is not involved in the communication sessions, the nodes usually submit undeniable digital receipts (proofs of packet relay) to a centralized trusted party for updating their credit accounts. Instead of submitting large-size payment receipts, the nodes submit brief reports containing the alleged charges and rewards and store undeniable security evidences. The payment of the fair reports can be cleared with almost no processing overhead. For the cheating reports, the evidences are requested to identify and evict the cheating nodes. Since the cheating actions are exceptional, the proposed protocol can significantly reduce the required bandwidth and energy for submitting the payment data and clear the payment with almost no processing overhead while achieving the same security strength as the receipt-based protocols. Second, the payment reports are processed to extract financial information to reward the cooperative nodes, and contextual information such as the broken links to build up a trust system to measure the nodes’ packet-relay success ratios in terms of trust values. A node’s trust value is degraded whenever it does not relay a packet and improved whenever it does. A node is identified as malicious and excluded from the network once its trust value reaches to a threshold. Using trust system is necessary to keep track of the nodes’ long-term behaviors because the network packets may be dropped normally, e.g., due to mobility, or temporarily, e.g., due to network congestion, but the high frequency of packet drop is an obvious misbehavior. Then, we propose a trust-based and energy-aware routing protocol to route traffics through the highly trusted nodes having sufficient residual energy in order to establish stable routes and thus minimize the probability of route breakage. A node’s trust value is a real and live measurement to the node’s failure probability and mobility level, i.e., the low-mobility nodes having large hardware resources can perform packet relay more efficiently. In this way, the proposed protocol stimulates the nodes not only to cooperate but also to improve their packet-relay success ratio and tell the truth about their residual energy to improve their trust values and thus raise their chances to participate in future routes. Finally, we propose a privacy-preserving routing and incentive protocol for hybrid ad hoc wireless network. Micropayment is used to stimulate the nodes’ cooperation without submitting payment receipts. We only use the lightweight hashing and symmetric-key-cryptography operations to preserve the users’ privacy. The nodes’ pseudonyms are efficiently computed using hashing operations. Only trusted parties can link these pseudonyms to the real identities for charging and rewarding operations. Moreover, our protocol protects the location privacy of the anonymous source and destination nodes. Extensive analysis and simulations demonstrate that our protocols can secure the payment and trust calculation, preserve the users’ privacy with acceptable overhead, and precisely identify the malicious and the cheating nodes. Moreover, the simulation and measurement results demonstrate that our routing protocols can significantly improve route stability and thus the packet delivery ratio due to stimulating the selfish nodes’ cooperation, evicting the malicious nodes, and making informed decisions regarding route selection. In addition, the processing and submitting overheads of the payment-reports are incomparable with those of the receipts in the receipt-based incentive protocols. Our protocol also requires incomparable overhead to the signature-based protocols because the lightweight hashing operations dominate the nodes’ operations.

Security

Trust system

Trust-based routing protocol

black hole attacks

Cooperation stimulation

Reputation systems

Privacy preserving protocols

anonymity

Electrical and Computer Engineering

Recommending privacy preferences in location-sharing services

Zhao, Yuchen

January 2017

Location-sharing services have become increasingly popular with the proliferation of smartphones and online social networks. People share their locations with each other to record their daily lives or satisfy their social needs. At the same time, inappropriate disclosure of location information poses threats to people's privacy. One of the reasons why people fail to protect their location privacy is the difficulty of using the current mechanisms to manually configure location-privacy settings. Since people's location-privacy preferences are context-aware, manual configuration is cumbersome. People's incapability and unwillingness to do so lead to unexpected location disclosures that violate their location privacy. In this thesis, we investigate the feasibility of using recommender systems to help people protect their location privacy. We examine the performance of location-privacy recommender systems and compare it with the state-of-the-art. We also conduct online user studies to understand people's acceptance of such recommender systems and their concerns. We revise our design of the systems according to the results of the user studies. We find that user-based collaborative filtering can accurately recommend location-privacy preferences and outperform the state-of-the-art when training data are insufficient. From users' perspective, their acceptance of location-privacy recommender systems is affected by the openness and the context of recommendations and their privacy concerns about the systems. It is feasible to use data obfuscation or decentralisation to alleviate people's concerns and meanwhile keep the systems robust against malicious data attacks.

621.382

Towards Engineering Trustworthy Distributed Reputation Systems Over The Blockchain

Grankvist, Georg, Moustakas, Paul

January 2022

Peer-to-peer (P2P) reputation systems, such as those used by eBay and Amazon, servean important role on the web, especially in E-commerce, as online reputation serves asa primary guiding factor for consumers in making informed decisions. The importanceof these systems, and also the increasing popularity of P2P and distributed systems, theissue of how to prevent and resist sybil and re-entry attacks becomes an important area ofresearch as they can impinge the integrity of those systems. To address this issue, in thisthesis, we propose an approach that encompasses a software architecture and processeswhich serves as a proof-of-concept of how to mitigate sybil and re-entry attacks on review based P2P distributed reputation systems. The architecture uses novel technologiessuch as blockchain, smart contracts, and non-fungible tokens (NFT) in conjunction withSwedish E-id provider BankID to build a sybil and re-entry attack resistant reputationsystem. To validate the feasibility of our approach, we developed a prototype and used itto run experiments to evaluate the functional correctness of the architecture as a mitigation solution

Blockchain

Ethereum

Smart Contract

NFT

Bank-ID

Software Architecture

Reputation Systems

Sybil Attack

Re-entry Attack

P2P

Distributed

Computer Systems

Datorsystem

"Olizovat stejný lžíce": regulace kvality uživatelsky generovaného obsahu serveru Scuk.cz a motivace jeho tvůrců / Zhe Scuk.cz Project: user-generated content from the perspective of quality control and creators' motivation. Case study

Kohoutová, Lucie

January 2013

This Master degree thesis deals with content quality regulation and motivation to participate in the Scuk.cz project - web server dedicated to reviews of restaurants and other culinary venues. The server represents a specific case of user-generated content (UGC) whose content comes from closed community of reviewers chosen among non-professional food lovers by the server's founder. Aim of this thesis is to describe this filtration and regulation process as well as the qualitative criteria applied to reviewers and reviews, both from the point of view of administrators and community members. It uses the theory of reputation systems as well as Carpentier's more dynamic concept of quality as the ever-changing result of democratic negotiations (in the context of community media, as Scuk.cz can be to a certain extent). Motivations for participation are explained with Bourdieu's concepts of social and cultural capital and their later derivations. Empirical part of the study is based on qualitative interviews with administrators and 11 community members and following thematical analysis. Interview data are completed with analysis of texts - Scuk guidelines, reviews and other community communication. We found out that the first access filter plays a key role in content regulation, creating like- minded...