This course is organized in a set (7) of frontal lectures and an experimental demo session.
Lessons are focused on security principles and techniques that can be applied to special case of wireless adhoc networks: the Wireless Sensor Networks (WSN) and the vehicular adhoc networks (Vehicular Adhoc NETwork, VANET).
WSNs are a class of ad-hoc wireless networks where nodes are smart sensors and transmitted data are measurements taken from environment. Moreover WSN are energy constrained networks (in terms of computing power and storage), infrastructureless (just the base station), usually deployed in unprotected environments. Measurements can be sensitive data and therefore securing data transmissions over WSNs is a primary issue. WSN can be nomadic.
VANETs are another class of ad-hoc wireless networks where nodes are truly mobile (vehicles). A vehicle node can be contain a WSN base station. Securing data transmissions with privacy preservation is a primary issue too (consider the transmission of drivers’ identity and their location information) and current solutions and challenges are introduced.
We refer to Security application as the ultimate step of the iterated process of vulnerability assessment and mitigation in compliancy to ISO 31000 standard. The determination of the minimum security corresponding to the predefined acceptable risk. System vulnerabilities determines the “Required Security Level” for a system. Vulnerabilities are intended as weaknesses againt “cyber” attacks finalized to compromise service capacity or to degradate service reliability.
Moreover ISO 31000 classifies passive and active countermeasures to vulnerabilities: passive functions typically include cryptographic techniques, hashing, message authentication codes, securing routing, while active security functions include system behavior estimation techniques to detect anomalies induced by attacks, namely in attempts of intrusion into the system (system misbehaving detection, recognition and classification of the attack), in literature denoted as Intrusion Detection Systems (IDSs).
The measure of security performance offered by the different security techniques determines the so-called "Offered Security Level” (or “Expected Security Level”).
Quntitative study of security starts from the information theoretic approach to security introduced by C. E. Shannon in 1949 with its masterwork “Communication Theory of Secrecy Systems”.
WSNs and VANETs exploit both the fundamental approaches to cryptography (symmetric, asymmetric) and specifically elliptic curves cryptography and identity-based technique as privacy preserving solution for VANETs as well as misbehavior estimators derived from the theory of Discrete Event Dynamic Systems and their formal representations and performnce indicators. A synthetic mathematical background for cryptography and intrusion detection applied to WSNs and VANETs is also presented.
The course refers to the specific sub-set of security approaches and techniques applicable to the WSN and VANET systems in view of their special features and energy and computational constraints. To date hybrid approaches which combine the benefits of different conventional approaches or suited simplifications appear to be more usable in practice.
Interesting contributes developed at the Center of Excellence DEWS are the family of cryptographic schemes denoted as TAKSx (Topology Authenticated Key Scheme) and the intrusion detection system WIDS (WPM-based Intrusion Detection System). TAKS and WIDS techniques have been designed at DEWS within the WINSOME Project (Wireless Sensor Network Secure System for Structural Integrity Monitoring and Alerting) aimed at the experimental realization of an integrated security platform with the development of applications based on WSN. The experiments were conducted on IEEE 802.15.4 WPAN networks.
- Docente: MARCO PUGLIESE