Catálogo de publicaciones - libros

Compartir en
redes sociales


Wireless Network Security

Yang Xiao ; Xuemin Sherman Shen ; Ding-Zhu Du (eds.)

Resumen/Descripción – provisto por la editorial

No disponible.

Palabras clave – provistas por la editorial

No disponibles.

Disponibilidad
Institución detectada Año de publicación Navegá Descargá Solicitá
No detectada 2007 SpringerLink

Información

Tipo de recurso:

libros

ISBN impreso

978-0-387-28040-0

ISBN electrónico

978-0-387-33112-6

Editor responsable

Springer Nature

País de edición

Reino Unido

Fecha de publicación

Información sobre derechos de publicación

© Springer Science+Business Media, LLC 2007

Tabla de contenidos

High Performance Elliptic Curve Cryptographic Co-processor

Jonathan Lutz; M. Anwarul Hasan

For an equivalent level of security, elliptic curve cryptography uses shorter key sizes and is considered to be an excellent candidate for constrained environments like wireless/mobile communications. In FIPS 186-2, NIST recommends several finite fields to be used in the elliptic curve digital signature algorithm (ECDSA). Of the ten recommended finite fields, five are binary extension fields with degrees ranging from 163 to 571. The fundamental building block of the ECDSA, like any ECC based protocol, is elliptic curve scalar multiplication. This operation is also the most computationally intensive. In many situations it may be desirable to accelerate the elliptic curve scalar multiplication with specialized hardware.

In this chapter a high performance elliptic curve processor is described which is optimized for the NIST binary fields. The architecture is built from the bottom up starting with the field arithmetic units. The architecture uses a field multiplier capable of performing a field multiplication over the extension field with degree 163 in 0.060 microseconds. Architectures for squaring and inversion are also presented. The co-processor uses Lopez and Dahab ’s projective coordinate system and is optimized specifically for Koblitz curves. A prototype of the processor has been implemented for the binary extension field with degree 163 on a Xilinx XCV2000E FPGA. The prototype runs at 66 MHz and performs an elliptic curve scalar multiplication in 0.233 msec on a generic curve and 0.075 msec on a Koblitz curve.

Part I - Security in General Wireless/Mobile Networks | Pp. 3-42

An Adaptive Encryption Protocol in Mobile Computing

Hanping Lufei; Weisong Shi

Use of encryption for secure communication plays an important role in building applications in mobile computing environments. With the emergence of more and more heterogeneous devices and diverse networks, it is difficult, if not impossible, to use a one-size-fits-all encryption algorithm that always has the best performance in such a dynamic environment. We envision that the only way to accelerate the deployment of encryption algorithms is providing a flexible adaptation of choosing an appropriate encryption algorithm from multiple diverse algorithms according to the characteristics of heterogeneous mobile computing environments.

Based on the Fractal framework [ 1 ], we propose and implement an adaptive encryption protocol, which can dynamically choose a proper encryption algorithm based on applicationspecific requirements and device configurations. Performance evaluation results show that in the divergent environment with different devices and applications, the adaptive encryption protocol successfully selects the best encryption algorithm from the candidate algorithms, and minimizes the total time overhead and insures the security as well.

Part I - Security in General Wireless/Mobile Networks | Pp. 43-62

Pre-Authentication and Authentication Models in Ad Hoc Networks

Katrin Hoeper; Guang Gong

Providing entity authentication and authenticated key exchange among nodes are both target objectives in securing ad hoc networks. In this chapter, a security framework for authentication and authenticated key exchange in ad hoc networks is introduced. The framework is applicable to general ad hoc networks and formalizes network phases, protocol stages, and design goals. To cope with the diversity of ad hoc networks, many configuration parameters that are crucial to the security of ad hoc networks are discussed. Special attention is paid to the initial exchange of keys between pairs of nodes (pre-authentication) and the availability of a trusted third party in the network. Next, several pre-authentication and authentication models for ad hoc networks are discussed. The models can be implemented as a part of the proposed security framework and correspond to the wide range of ad hoc network applications. Advantages and disadvantages of the models are analyzed and suitable existing authentication and key exchange protocols are identified for each model.

Part II - Security in Ad Hoc Network | Pp. 65-82

Promoting Identity-Based Key Management in Wireless Ad Hoc Networks

Jianping Pan; Lin Cai; Xuemin Sherman Shen

In wireless ad hoc networks, mobile peers communicate with other peers over wireless links, without the support of preexisting infrastructures, which is an attractive form of peer communications for certain applications. Although many enabling technologies have progressed significantly in recent years, the highly-anticipated deployment of large-scale, heterogeneous wireless ad hoc networks still faces considerable technical challenges, among which achieving secure, trustworthy and dependable peer communications is a major one. In this chapter, we promote identity-based key management, which serves as a prerequisite for various security procedures. We first identify that peer identity plays an irreplaceable role in wireless ad hoc networks, where autonomous peers can join or leave such systems and change their location in these systems at any time. Next, we show that identity-based key management schemes are effective and efficient for bootstrapping any chosen security procedures, especially in wireless ad hoc networks where both over-the-air communication and on-board computing resources can be severely constrained. Finally, we illustrate identity-based secure communication schemes with a security enhancement to the Dynamic Source Routing protocol. We find that identity-based schemes are intrinsically suitable for and practically capable of securing wireless ad hoc networks and may have great impact on dealing with other network security issues.

Part II - Security in Ad Hoc Network | Pp. 83-102

A Survey of Attacks and Countermeasures in Mobile Ad Hoc Networks

Bing Wu; Jianmin Chen; Jie Wu; Mihaela Cardei

Security is an essential service for wired and wireless network communications. The success of mobile ad hoc network (MANET) will depend on people ’s confidence in its security. However, the characteristics of MANET pose both challenges and opportunities in achieving security goals, such as confidentiality, authentication, integrity, availability, access control, and non-repudiation. We provide a survey of attacks and countermeasures in MANET in this chapter. The countermeasures are features or functions that reduce or eliminate security vulnerabilities and attacks. First, we give an overview of attacks according to the protocol layers, and to security attributes and mechanisms. Then we present preventive approaches following the order of the layered protocol layers. We also put forward an overview of MANET intrusion detection systems (IDS), which are reactive approaches to thwart attacks and used as a second line of defense.

Part II - Security in Ad Hoc Network | Pp. 103-135

Secure Routing in Wireless Ad-Hoc Networks

Venkata C. Giruka; Mukesh Singhal

Routing in wireless ad-hoc networks is one of the fundamental tasks which helps nodes send and receive packets. Traditionally, routing protocols for wireless ad-hoc networks assume a non-adversarial and a cooperative network setting. In practice, there may be malicious nodes that may attempt to disrupt the network communication by launching attacks on the network or the routing protocol itself. In this chapter, we present several routing protocols for ad-hoc networks, the security issues related to routing, and securing routing protocols for mobile wireless ad-hoc networks.

Part II - Security in Ad Hoc Network | Pp. 137-158

A Survey on Intrusion Detection in Mobile Ad Hoc Networks

Tiranuch Anantvalee; Jie Wu

In recent years, the use of mobile ad hoc networks (MANETs) has been widespread in many applications, including some mission critical applications, and as such security has become one of the major concerns in MANETs. Due to some unique characteristics of MANETs, prevention methods alone are not sufficient to make them secure; therefore, detection should be added as another defense before an attacker can breach the system. In general, the intrusion detection techniques for traditional wireless networks are not well suited for MANETs. In this paper, we classify the architectures for intrusion detection systems (IDS) that have been introduced for MANETs. Current IDS ’s corresponding to those architectures are also reviewed and compared. We then provide some directions for future research.

Part II - Security in Ad Hoc Network | Pp. 159-180

Intrusion Detection in Cellular Mobile Networks

Bo Sun; Yang Xiao; Kui Wu

Security concerns have attracted a great deal of attentions for both service providers and end users in cellular mobile networks. As a second line of defense, Intrusion Detection Systems (IDSs) are indispensable for highly secure wireless networks. In this chapter, we first give a brief introduction to wired IDSs and wireless IDSs. Then we address the main challenges in designing IDSs for cellular mobile networks, including the topics of feature selection, detection techniques, and adaptability of IDSs. An anomaly-based IDS exploiting mobile users ’ location history is introduced to provide insights into the intricacy of building a concrete IDS for cellular mobile networks.

Part III - Security in Mobile Cellular Networks | Pp. 183-210

The Spread of Epidemics on Smartphones

Bo Zheng; Yongqiang Xiong; Qian Zhang; Chuang Lin

The emergence of epidemics such as worms and viruses on smartphones severely threaten the Internet and telecom networks. Two important features of smartphone, i.e., static shortcuts and mobile shortcuts, bring great challenge for traditional epidemic spread model. In this paper, we propose a novel epidemics spread model (ESS) for smartphone which is an SIR model based on the analysis of the unique features of smartphones. With this ESS model, we study the “ static shortcuts” and “ mobile shortcuts” effects brought by smartphones and consider the influence of the epidemic spread rate, network topology, patching and death rate as well as the initial pre-patch to the propagation of the smartphone epidemics. Critical condition of epidemic fast die out is derived from the ESS model, and the detailed analysis is given to the individual parameters in the model to study their effects to the epidemics spread. Extensive simulations in typical network topologies (smallworld network, power law graph, and Waxman network) have been performed to verify the ESS model and demonstrate the effectiveness and accuracy. The guidance to prevent the epidemics of smartphones is also given based on our theoretical analysis and the simulations.

Part III - Security in Mobile Cellular Networks | Pp. 211-241

Cross-Domain Mobility-Adaptive Authentication

Hahnsang Kim; Kang G. Shin

When mobile users with on-going sessions cross the domain boundary, their re-authentication affects significantly the inter-domain handoff latency as each inter-domain handoff requires remote contact with the home authentication server across domains, making it difficult to employ existing authentication protocols as they are. This chapter focuses on cross-domain authentication over wireless local area networks (WLANs) that minimizes the need for remote contact/access. We analyze the security requirements suggested by the IEEE 802.1 li authentication standard, and consider additional requirements to help reduce the authentication latency without compromising the level of security. We propose an enhanced protocol called the (MAP) that performs mutual authentication and hierarchical key derivation with minimal handshakes, relying on symmetric cryptographic functions. We also introduce (SCRs) that handle security context in conjunction with MAP, eliminating the need for continual remote contact with the home authentication server. In contrast to Kerberos that favors inter-domain authentication, MAP achieves a 26% reduction of authentication latency without degrading the level of security.

Part IV - Security in Wireless LANs | Pp. 245-271