1 / 19

A Multi-hop Multi-source Algebraic Watchdog

A Multi-hop Multi-source Algebraic Watchdog. Muriel Médard † Joint work with MinJi Kim † , João Barros ‡ † Massachusetts Institute of Technology ‡ University of Porto. Background. Secure network coding Network error correction [Yeung et al. 2006]

adriel
Télécharger la présentation

A Multi-hop Multi-source Algebraic Watchdog

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A Multi-hop Multi-source Algebraic Watchdog Muriel Médard† Joint work with MinJi Kim†, João Barros‡ †Massachusetts Institute of Technology ‡University of Porto

  2. Background • Secure network coding • Network error correction [Yeung et al. 2006] • Resilient coding in presence of Byzantine adversaries [Jaggi et al. 2007] • Confidential coding scheme [Vilela et al. 2008] • Signature scheme [Charles et al. 2006][Zhao et al. 2007] • Locating attackers [Siavoshani et al. 2008] • NOTE: downstream nodes check for adversaries, the upstream nodes unaware. • Watchdog and pathrater [Marti et al. 2000] • Extensions of Dynamic Source Routing • Detect/mitigate misbehavior of the next node • Use wireless medium: promiscuous monitoring • Algebraic Watchdog [Kim et al. 2009] • Combine the benefits of network coding and watchdog • Extend to multi-hop, multi-source setting

  3. Problem Statement • Wireless network G = (V, E1,E2). • V : Set of nodes in the network • E1: Set of hyperedges for connectivity/wireless links • E2: Set of hyperedges for interference • Transition probability known (Binary symmetric channel) • Is vm+1 consistent with… • Overheard packets from v2 , v3 ,… vm? • Channel statistics? Overhearing with noise in E2 Intended transmission in E1

  4. Problem Statement • How can upstream nodes (v1, v2, …,vm) detect misbehaving node (vm+1) with high probability? Overhearing with noise in E2 Intended transmission in E1 Routing: Packets individually recognizable Network Coding: Packets are mixed Errors from BSC channel : Probabilistic detection Few bit errors can make dramatic change in the algebraic interpretation

  5. Packet Structure coded data xi = Σ αj xj with error-correcting code Ci = (n, ki, di) • A node vi that receives messagesxj ’s and transmits pi • Note: hash is contained in one hop, dependent on in-degree • Goal:If vitransmits xi = e + Σ αj xjwheree≠0, detect it with high probability. • Even if |e| small, the algebraic interpretation may change dramatically. coding coefficients aj’s pi = aj’s aj’s h(xj) h(xj) h(xi) h(xi) xi hash of received messages h(xj) hash of message h(xi) header: protected with error correction codes

  6. Threat Model • Adversary • Eavesdrops its neighbors’ transmissions • Injects/corrupts packets • Computationally unbounded • Knows the channel statistics, but does not know the specific realization of the channel errors • Adversary’s objective: Corrupt information flow without being detected by other nodes • Our objective: limit errors introduced by the adversaries to be at most that of the channel

  7. Algebraic Watchdog • Focus on v1 • Listens to neighbors and infer the messages: Using transition matrix T • Combines the inferred messages to “guess” what the next hop node should transmit: Watchdog trellis & Viterbi-like algorithm • Check the “guessed message” with next-hop node’s transmission: Inverse transition matrix T-1

  8. Transition Matrix/List T Overheard information • Relates the overheard information from source vi to list of candidates (inferred list of xi) Inferred information xi Overheard information y Start state Edge weight proportional to probability of receiving given y is original message: Edge iff

  9. Watchdog Trellis Layer 2 α1x1 +α2x2 Layer 3 α1x1 +α2x2 +α3x3 Layer m Σ1≤i≤m αixi Layer 1 α1x1 Layer m-1 Σ1≤i≤m-1 αixi • Uses overheard & inferred information (candidates) to generate a list of “guesses” on what vm+1 should send Start state Combine infor-mation from v2 Combine infor-mation from vm-1 Combine infor-mation from vm What v1 already has “guesses” are states with positive weight at Layer m

  10. Overheard information [x̃m+1,h(xm+1)] Guesses Σ1≤i≤m αixi Inverse Transition Matrix T-1 Inferred linear combinations (guesses) Σ1≤i≤m αixi Overheard information • Using the “guesses” generated, checks that vm+1is well-behaving • Same as T, just inverse Edge iff y End node Edge weight proportional to probability of receivinggiven y is original message:

  11. Overheard information [x̃m+1,h(xm+1)] Decision Making Layer 2 α1x1 +α2x2 Layer 3 α1x1 +α2x2 +α3x3 Layer m Σ1≤i≤m αixi Layer 1 α1x1 Layer m-1 Σ1≤i≤m-1 αixi • Total weight of end state = p* = probability of overhearing given channel statistics • Can use various decision policy, such as threshold decision rule p*>t • Depending on the rule, different false positive/false negative probabilities Start state “Guesses” Endstate

  12. Simulation Results: Varying adversarial attack Adversarial relay (flips bit with probability padv) Honest relay (does not inject errors) • All channel noise: 10%, i.e. BSC(0.1) • 3 sources • 10-bit field size • 2-bit hash size When adversary injects more than channel noise (10%), the p*advand p*relayhave different distribution!

  13. Conclusions • Probabilistically police downstream neighbors in a multi-hop, multi-source network using network coding • Only discussed multi-source, two-hop setting • Trellis-like graphical model: • Capture inference process • Compute/approximate probabilities of consistency within the network (Viterbi-like algorithm) • Preliminary simulation results agree with the intuition Future Work: • Combine with reputation based protocol and some practical considerations

  14. Extra Slides

  15. Multi-hop Algebraic Watchdog • As long as the min-cut to any node from the source is not dominated by adversarial node, can detect malicious behavior

  16. Multi-hop Algebraic Watchdog S2 S0 v1 v4 v2 edges in E1 S0monitors v5 v5 v7 S1monitors v7 v3 S1monitors v8 v6 S2monitors v4 v8 S1 • As long as the min-cut to any node from the source is not dominated by adversarial node, can detect malicious behavior

  17. Simulation Results: Varying hash size Honest relay (does not inject errors) Adversarial relay (flips bit with probability 10%) Hash size (in bits) Hash size > 1 bit sufficient • All channel noise & adversarial attack level: 10%, i.e. BSC(0.1) • 3 sources • 10-bit field size

  18. Simulation Results: Varying channel noise Channel noise between sources Honest relay (does not inject errors) Adversarial relay (flips bit with probability 10%) When channel noise > 10% (adversarial attack level), then may not be able to detect the adversary! • Adversarial attack level: 10%, i.e. BSC(0.1) • 3 sources • 10-bit field size • 2-bit hash size

  19. Simulation results: Varying number of sources Number of sources Honest relay (does not inject errors) Adversarial relay (flips bit with probability 10%) v1can detect (even by itself) when there are moderate number of sources When only one source, v1 can detect adversary with high probability • All channel noise & adversarial attack level: 10%, i.e. BSC(0.1) • 3 sources • 10-bit field size • 2-bit hash size • v1 can not detect by itself when many sources • Need more hash or better overhearing channel • Does not take into account other nodes vi’s independent watchdog

More Related