Secure networks and communications are fundamental to providing information assurance. Our Institute has broad expertise in this area that spans CCIS and ECE. The faculty involved in this effort include:

  • Stefano Basagni (ECE)
  • Agnes Chan (CCIS)
  • Guevara Noubir (CCIS)
  • Rajmohan Rajaraman (CCIS)
  • Masoud Salehi (ECE)
  • Ravi Sundaram (CCIS)

Different areas of expertise are current available in the Network and Communications Security thrust:

Networking and Algorithms

We envision the network of the future as being much more than a collection of laptops communicating wirelessly. They will be heterogeneous and consist of nodes with both sensing and self-organizing capabilities. PDAs, unmanned vehicles and satellites will be linked together through the Global Information Network (GRID).

Information Assurance requires us to provide security and robustness in a scalable and cost efficient manner that is simultaneously high-performance. These techniques will need to be adaptive to the network environment, adversarial conditions, and aware of the devices’ resource (e.g., energy, frequency bandwidth, computation power), and applications quality of service requirements. In order to make information dissemination more reliable and robust, research is required to build communication infrastructure (network backbones) for delivering the information from the network nodes to the appropriate collection points. We briefly define the main thrusts:

At the application level there is a need for secure and resource aware unicast communication (user-to-user or client-to-server). Many applications require secure multicast communication when sending data from one source to multiple receivers (e.g., video streaming, news broadcasting, and software update). Secure multicast raises challenging issues that are inherently different from unicast communication. Finally, a third type of communication paradigms that requires scalable security is group communication involving multiple sources and multiple destinations (e.g., collaborating work, games, and large scale distributed simulations).

The protocols that operate today’s networks are extremely vulnerable to attacks. These protocols were not designed with scalable security in mind. This is especially true for heterogeneous wireless networks where it is difficult to trace back malicious wireless adversaries. Such attacks can act at multiple levels of the protocol stack by exploiting properties of commonly used protocols. For example the transport layer can be attacked by forcing TCP multiplicative decrease mechanism to keep the congestion window small, the network layer routing can be disrupted by injecting erroneous or destroying control routing packets, the medium access control layer can be made inefficient by jamming control channels, or forcing large back-o windows. Finally, the physical layer can be easily jammed. Providing scalable robust and secure network operation requires a collaborative effort with the communication team, to redesign network protocol stacks to operate in a cross-layer adaptive way.

Network clustering and backbone formation algorithms, explicitly tailored for the specific nature of Wireless Sensor Networks (WSNs). The basic idea is to obtain scalable protocols by using only a fraction of the network nodes, while most of the other nodes are under-utilized, thus saving their energy. The selected nodes will form a backbone, which is used to perform most of the network functions. By providing WSNs-specific clustering and backbone formation protocols we aim at obtaining network scalability and energy efficiency without affecting data dissemination.

Topology control. We aim at providing effective methods for selecting node that can be dynamically "sent to sleep". It is well known that the radio interface is the part of a sensor node that consumes the most energy. By turning off this interface (a node’s "sleep mode") the lifetime of the node, and thus of the whole WSN, can be consistently prolonged. Most of the solutions proposed so far for WSNs depend heavily on the network being dense. We propose here efficient solutions that are density-independent.

Communications, Encryption and Watermarking

The ever increasing demand for high speed communication over wireless channels for applications such as wideband internet access and multimedia delivery has resulted in intensive research to provide reliability, security, robustness, and survivability under the hostile environment of the wireless communication over multipath fading channels. Limited handset power resources, strict bandwidth limitations, severe multipath fading, noise, interference, and the possibility of interception, jamming, and intentional malicious attacks are some of the most difficultcult challenges in the design of a robust, secure, reliable, and efficient communication system.

At the physical layer, the task of designing communication systems for high information assurance embodies tasks at the source coding, data encryption, channel coding, digital modulation system design and selection, and spread spectrum levels. The general trend here is not to design and optimize at individual stages, but rather come up with overall optimized design solutions across different stages of the physical layer and also cross-layer optimization for overall reliability and robustness.

At the source coding level, the main tasks include data compression, information hiding and embedding, watermarking, and information classification and prioritization. Examples of overall optimization tasks at this level include optimal joint source-channel code design, information prioritization at the source coding stage to be later used with Unequal Error Protecting (UEP) Codes in the channel coding stage, and information embedding and watermarking for cross layer robustness. Joint source-channel coding techniques can be used in conjunction with near-capacity achieving channel codes such as turbo codes and low density parity check codes to achieve excellent overall system performance, however robustness of these techniques to variations in source and channel statistics, and errors in estimation of channel parameters has not been widely studied and established. This is particularly true for fading channels in which knowledge of channel state information at the receiver side is crucial. An overall design strategy should provide answer to the question of robustness of these techniques and channel estimation techniques that result in overall optimized performance. Unequal error protecting codes, either in the framework of standard coding techniques, or bandwidth efficient coded modulation approaches, are the class of codes best suited to be used for transmission of sources with a natural or induced hierarchy. Prioritization in source coding based on recognition of the regions of interest in the source and rate allocation accordingly, or by using source coding techniques that induce a natural hierarchy in the encoded bits can be combined with unequal error protecting codes to achieve overall enhanced performance. These techniques have been extended to turbo codes and turbo coded modulation schemes and can be extended to other coding schemes as well.

Watermarking and data hiding techniques also require high degree of robustness particularly when the information is transmitted over a heterogeneous network using multiple standards. The data hiding or watermarking standard should be robust enough to keep the information hidden and resilient to malicious attack when transmitted over a network using a variety of standards in different parts of it. For instance the speech coding techniques used in standard wire-line telephone networks and cellular wireless transmission are not the same and transmission of the information embedded in speech over a network using different standards can make the information vulnerable when transferred from one standard to another. Design of robust data hiding and watermarking algorithms for such networks is one research goal in this project.