Presentation is loading. Please wait.

Presentation is loading. Please wait.

Effect of Intrusion Detection on Reliability Jin-Hee Cho, Member, IEEE, Ing-Ray Chen, Member, IEEE, and Phu-Gui Feng IEEE TRANSACTIONS ON RELIABILITY,

Published byArnold Higgins Modified over 8 years ago

Similar presentations

Presentation on theme: "Effect of Intrusion Detection on Reliability Jin-Hee Cho, Member, IEEE, Ing-Ray Chen, Member, IEEE, and Phu-Gui Feng IEEE TRANSACTIONS ON RELIABILITY,"— Presentation transcript:

1 Effect of Intrusion Detection on Reliability Jin-Hee Cho, Member, IEEE, Ing-Ray Chen, Member, IEEE, and Phu-Gui Feng IEEE TRANSACTIONS ON RELIABILITY, VOL. 59, NO. 1, MARCH 2010 1Clarence Bingsheng Wang – CS5214– M & E of CSs of Mission-Oriented Mobile Group Systems Reporter: Clarence Bingsheng Wang in Mobile Ad Hoc Networks

2 Effect of IDSs on Reliability Outline Introduction & Background System Model Performance Model Parameterization Numerical Results & Analysis Applicability & Conclusion Reference Q & A Clarence Bingsheng Wang – CS5214– M & E of CSs2

3 Effect of IDSs on Reliability Introduction Analyzing the effect of intrusion detection system (IDS) techniques on the reliability of a mission-oriented group communication in mobile ad hoc networks. Knowing design conditions for employing intrusion detection system (IDS) techniques that can enhance the reliability, and thus prolong the lifetime of GCS. Clarence Bingsheng Wang – CS5214– M & E of CSs3

4 Effect of IDSs on Reliability Introduction Identify the optimal rate at which IDS should be executed to maximize the system lifetime. Consider the effect of security threats, and Intrusion Detection Systems (IDSs) techniques on system lifetime of a mission-oriented Group Communication System (GCS) in Mobile Ad Hoc Networks (MANETs). Clarence Bingsheng Wang – CS5214– M & E of CSs4

5 Effect of IDSs on Reliability Background Mobile ad hoc networks (MANETs)  Move Independently: Rapid Change in Topology  Forward Traffic Clarence Bingsheng Wang – CS5214– M & E of CSs5

6 Effect of IDSs on Reliability Background Group Communication Systems. GGroup: “Directly Communicate” GGroup Partition GGroup Merge Security Protocol in MANETs CCharacteristics Actions Against Malicious Attacks PPrevention: “Security holes” DDetection: Mission-Oriented GCSs RRecovery Clarence Bingsheng Wang – CS5214– M & E of CSs6

7 Effect of IDSs on Reliability Background Optimal setting for IDS techniques  Maximize the security-induced failure time Clarence Bingsheng Wang – CS5214– M & E of CSs7 MMTSF: Mean time to security failure  Reflect the expected system lifetime

8 Effect of IDSs on Reliability System Model Connectivity-Oriented Mobile Group  Defined based on “Connectivity”  Single Hop: All members are connected  Multi Hops: Separation between groups Clarence Bingsheng Wang – CS5214– M & E of CSs8 Group Partition Failure /Mobility Group Merge

9 Effect of IDSs on Reliability System Model Mission-Oriented GCSs  Mission execution is an application-level goal built on top of connectivity-oriented group communications Clarence Bingsheng Wang – CS5214– M & E of CSs9

10 Effect of IDSs on Reliability System Model Secure Group Communications: Broadcast  Group Key  Encrypt the message for Confidentiality  Rekey: Group member Join/Leave/Eviction, Group Partition/Merge  Contributory key agreement protocol: GDH Clarence Bingsheng Wang – CS5214– M & E of CSs10

11 Effect of IDSs on Reliability Group Member’s Authenticity  Public/Private key pair  Challenge/Response mechanism  Assumption: The public keys of all group members preloaded into every node. No certificate authority (CA) in the MANET during mission period  A node’s public key servers as the identifier of the node Clarence Bingsheng Wang – CS5214– M & E of CSs11

12 Effect of IDSs on Reliability System Model-IDSs Clarence Bingsheng Wang – CS5214– M & E of CSs12

13 Effect of IDSs on Reliability System Model-IDSs Clarence Bingsheng Wang – CS5214– M & E of CSs13

14 Effect of IDSs on Reliability System Model-IDSs Clarence Bingsheng Wang – CS5214– M & E of CSs14 (a) The per-node false negative, and positive probabilities ( 1, and 2) (b) The number of vote-participants, (c) The estimate of the current number of compromised nodes which may collude with the objective to disrupt the service of the system.

15 Effect of IDSs on Reliability System Model-IDSs Intrusion tolerance  For the selection of participants, each node periodically exchanges its routing information, location, and identifier with its neighboring nodes  Candidates: all neighbor nodes of a target node  A coordinator is selected randomly so that the adversaries will not have specific targets Clarence Bingsheng Wang – CS5214– M & E of CSs15 Coordinator

16 Effect of IDSs on Reliability System Model-IDSs Clarence Bingsheng Wang – CS5214– M & E of CSs16

17 Effect of IDSs on Reliability System Model-IDSs Intrusion tolerance  Any node not following the protocol raises a flag as a potentially compromised node, and may get itself evicted when it is being evaluated as a target node.  The vote-participants are known to other nodes, and based on votes received, they can determine whether or not a target node is to be evicted. Clarence Bingsheng Wang – CS5214– M & E of CSs17

18 Effect of IDSs on Reliability System Model Failure Definition  Definition 1: The failure of any group leads to GCSs’ failure. (SF1)  Definition 2: The failures of all groups lead to GCSs’ failure. (SF2)  Condition 1: a compromised but undetected group member requests and subsequently obtains data using the group key. (C1)  Condition 2: more than 1/3 of group member nodes are compromised, but undetected by IDS (Byzantine Failure model) (C2) Clarence Bingsheng Wang – CS5214– M & E of CSs18

19 Effect of IDSs on Reliability System Model Network Connectivity, System Failure  Group nodes are connected within a single hop, forming a single group in the system without experiencing group merge or partition events Only a single group in the system, SF1 and SF2 (i.e., the two system failure definitions) are the same.  Group nodes are connected through multi-hops so that there are multiple groups in the system due to group partition/merge events because of node mobility or node failure. Clarence Bingsheng Wang – CS5214– M & E of CSs19

20 Effect of IDSs on Reliability System Model Reliability Metric: MTTSF  Indicates the lifetime of the GCSs before it fails.  A GCS fails when one mobile group fails, or when all mobile groups fail in the mission-oriented GCS, as defined by SF1 or SF2.  A mobile group fails when either C1 or C2 is true.  A lower MTTSF Implies a faster loss of system integrity, or availability.  The goal is to maximize MTTSF. Clarence Bingsheng Wang – CS5214– M & E of CSs20

21 Effect of IDSs on Reliability Performance Model Use places to deposit tokens. Use transitions to model events. Tracks the behavior of a single mobile group Tracks the number of mobile groups existing in the GCSs during the system lifetime A transition is eligible to fire when the firing conditions associated with the event are met, including (a) its input places each must contain at least one token, and (b) the associated enabling guard function, if it exists, must return true Clarence Bingsheng Wang – CS5214– M & E of CSs21

22 Effect of IDSs on Reliability Performance Model SPN Clarence Bingsheng Wang – CS5214– M & E of CSs22

23 Effect of IDSs on Reliability Performance Model Clarence Bingsheng Wang – CS5214– M & E of CSs23

24 Effect of IDSs on Reliability Performance Model Clarence Bingsheng Wang – CS5214– M & E of CSs24

25 Effect of IDSs on Reliability Performance Model Clarence Bingsheng Wang – CS5214– M & E of CSs25

26 Effect of IDSs on Reliability Performance Model Clarence Bingsheng Wang – CS5214– M & E of CSs26

27 Effect of IDSs on Reliability Performance Model Clarence Bingsheng Wang – CS5214– M & E of CSs27

28 Effect of IDSs on Reliability Performance Model Clarence Bingsheng Wang – CS5214– M & E of CSs28

29 Effect of IDSs on Reliability Performance Model Clarence Bingsheng Wang – CS5214– M & E of CSs29

30 Effect of IDSs on Reliability Parameterization Clarence Bingsheng Wang – CS5214– M & E of CSs30

31 Effect of IDSs on Reliability Parameterization Clarence Bingsheng Wang – CS5214– M & E of CSs31

32 Effect of IDSs on Reliability Parameterization Clarence Bingsheng Wang – CS5214– M & E of CSs32

33 Effect of IDSs on Reliability Parameterization Clarence Bingsheng Wang – CS5214– M & E of CSs33

34 Effect of IDSs on Reliability Parameterization Clarence Bingsheng Wang – CS5214– M & E of CSs34

35 Effect of IDSs on Reliability Parameterization Clarence Bingsheng Wang – CS5214– M & E of CSs35

36 Effect of IDSs on Reliability Clarence Bingsheng Wang – CS5214– M & E of CSs36

37 Effect of IDSs on Reliability Clarence Bingsheng Wang – CS5214– M & E of CSs37

38 Effect of IDSs on Reliability Clarence Bingsheng Wang – CS5214– M & E of CSs38

39 Effect of IDSs on Reliability Clarence Bingsheng Wang – CS5214– M & E of CSs39

40 Effect of IDSs on Reliability Clarence Bingsheng Wang – CS5214– M & E of CSs40

41 Effect of IDSs on Reliability Clarence Bingsheng Wang – CS5214– M & E of CSs41

42 Effect of IDSs on Reliability Applicability & Conclusion Clarence Bingsheng Wang – CS5214– M & E of CSs42 Attacker Behavior System Failure definitions Operational Conditions

43 Effect of IDSs on Reliability Applicability & Conclusion Results Clarence Bingsheng Wang – CS5214– M & E of CSs43 m m Node Density m m

44 Effect of IDSs on Reliability Reference 1. Jin-Hee Cho, Ing-Ray Chen, Phu-Gui Feng, “Effect of Intrusion Detection on Reliability of Mission-Oriented Mobile Group Systems in Mobile Ad Hoc Networks,” IEEE TRANSACTIONS ON RELIABILITY, pp. 231 – 241, VOL. 59, NO. 1, MARCH 2010. 2. Jin-Hee Cho, “Design and Analysis of QoS-Aware Key Management and Intrusion Detection Protocols for Secure Mobile Group Communications in Wireless Networks,” PhD. Dissertation, Nov. 12, 2008. 3. http://en.wikipedia.org/wiki/Challenge-response_authentication 4. http://en.wikipedia.org/wiki/Public-key_cryptography Clarence Bingsheng Wang – CS5214– M & E of CSs44

45 Effect of IDSs on Reliability Clarence Bingsheng Wang – CS5214– M & E of CSs45

Download ppt "Effect of Intrusion Detection on Reliability Jin-Hee Cho, Member, IEEE, Ing-Ray Chen, Member, IEEE, and Phu-Gui Feng IEEE TRANSACTIONS ON RELIABILITY,"

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Security in Mobile Ad Hoc Networks

Security in Mobile Ad Hoc Networks
Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,

Mitigating Routing Misbehavior in Mobile Ad-Hoc Networks Reference: Mitigating Routing Misbehavior in Mobile Ad Hoc Networks, Sergio Marti, T.J. Giuli,
1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.

1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.

1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Application of Bayesian Network in Computer Networks Raza H. Abedi.

Application of Bayesian Network in Computer Networks Raza H. Abedi.
URSA: Providing Ubiquitous and Robust Security Support for MANET

URSA: Providing Ubiquitous and Robust Security Support for MANET
Source-Location Privacy Protection in Wireless Sensor Network Presented by: Yufei Xu Xin Wu Da Teng.

Source-Location Privacy Protection in Wireless Sensor Network Presented by: Yufei Xu Xin Wu Da Teng.
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni

Jorge Hortelano, Juan Carlos Ruiz, Pietro Manzoni
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Effects of Applying Mobility Localization on Source Routing Algorithms for Mobile Ad Hoc Network Hridesh Rajan presented by Metin Tekkalmaz.

Effects of Applying Mobility Localization on Source Routing Algorithms for Mobile Ad Hoc Network Hridesh Rajan presented by Metin Tekkalmaz.
1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.

1 Key Management in Mobile Ad Hoc Networks Presented by Edith Ngai Spring 2003.
Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

Similar presentations

Ads by Google