PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for

Download Report

Transcript PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for 

PReFilter: An Efficient Privacy-preserving Relay
Filtering Scheme for Delay Tolerant Networks
Rongxing Lu, Xiaodong Lin, Tom Luan,
Xiaohui Liang, Xu Li, Le Chen, and Xuemin (Sherman) Shen
University of Waterloo & UOIT & INRIA Lille
Presenter: Rongxing Lu
1
Outline
•
•
•
•
•
•
Introduction of Delay Tolerant Networks
Security & Privacy Challenges in DTNs
Proposed PReFilter Scheme
Security Analysis
Performance Evaluation
Conclusions
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
2
Introduction
•
•
•
•
Infrastructure  Non-infrastructure
High density  Low density
Performance : Highly depend on mobility
Delay Tolerant Network (DTN)



High transmission delay
Frequent link disruption
Non-exist end-to-end connections
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
3
Applications of DTN
Inter-planetary communication
Vehicular Ad-hoc Network
Networking in sparse rural area
Underwater Sensor Network
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
4
DTN Routing
• DTN Routing


D
increase the delivery ratio
reduce the average delay
• Single copy  Multi-copy
S
• Balance Performance & Resource Consumption



Probabilistic routing
Spray and wait
Relaycast
[1] A. Lindgren, A. Doria, and O. Schelen, “Probabilistic routing in intermittently connected networks,” Mobile Computing and
Communications Review, vol. 7, no. 3, pp. 19–20, 2003.
[2] T. Spyropoulos, K. Psounis, and C. S. Raghavendra, “Spray and wait: an efficient routing scheme for intermittently connected
mobile networks,” in Proc. of WDTN ’05, 2005, pp. 252–259.
[3] U. Lee, S. Y. Oh, K.-W. Lee, and M. Gerla, “Relaycast: Scalable multicast routing in delay tolerant networks,” in Proc. of
ICNP’08, 2008.
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
5
Security Challenges
• Without solving security issues

well-designed DTN routing not practical
• Selfish issues


incentive mechanism
avoid black/grey hole
D
Selfish
Selfish
Incentive
Selfish
S
[1] S. Upendra, H. H. Song, L. Qiu, and Y. Zhang, “Incentive-aware routing in dtns,” in Proc. of ICNP’08, 2008, pp. 238–247.
[2] R. Lu, X. Lin, H. Zhu, X. Shen, and B. R. Preiss, “Pi: a practical incentive protocol for delay tolerant networks,” IEEE
Transactions on Wireless Communications, vol. 9, no. 4, pp. 1483–1493, 2010.
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
6
Security Challenges (2)
• Traffic storm problem


caused by the malicious nodes
false data  waste scarce DTN resources
• Countermeasure


D
fundamental packet authentication
access control



detect false data by relay nodes
drop false data early
save scarce DTN resources
S
[1] N. Asokan, K. Kostiainen, P. G. J. Ott, and C. Luo, “Towards securing disruption-tolerant networking,” Nokia Research, Tech.
Rep. NRC-TR-2007-007.
[2] H. Zhu, X. Lin, R. Lu, X. Shen, D. Xing, and Z. Cao, “An opportunistic batch bundle authentication scheme for energy
constrained DTNs,” in Proc. IEEE INFOCOM’10, 2010, pp. 605–613.
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
7
Security Challenges (3)
• Encrypted “junk” packet --- New Challenge



encrypted, sent by the legitimate nodes
“junk” of no interest to the destination
decrypted, discarded by the destination
D
• But, before being discarded



TTL expire
or encounter with destination
also waste scarce DTN resources
• No countermeasure,


S
▼
encrypted
sent by legitimate nodes
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
8
Our Contribution
• From traditional Email System  DTN
Filtering
Keyword
• Differences



Transmission: Infrastructure  DTN nodes
Filtering: centralized  decentralized (effectively filter)
Privacy: protected  easily violated
• Our Contribution

PReFilter: Privacy-preserving relay filtering for DTN
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
9
Our PReFilter Scheme
• Each node sets its filtering keyword list
• Distribute encrypted keyword list to its friends


friends can use the encrypted keyword list for filtering
but cannot read the keywords in plaintext
1
FPi
N1
Rule 1
Rule 2
---
Ni
5
FPi
2
FPi
Social Connection
N5
N5
N2
N7
N2
N4
N1
4
FPi
3
FPi
N3
N4
N3
Sparse DTN
N8
N6
• Packet format
Destination
Keyword
Payload
TTL
Authenticator
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
10
PReFilter Mechanism
D
S
Junk packet
S
Source
D
Destination
Intermediate node w/o packet dropping
Destination’s friend
Intermediate node with packet dropping
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
11
Security Analysis
• Achieve
 privacy-preserving policy
distribution
 privacy-preserving filtering
 integrity, confidentiality
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
12
Performance Evaluation
1000 m x 1000 m
Simulation Area
Random waypoint model
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
13
Performance Evaluation
Delivery ratio in forwarding ordinary beneficial packets with different n,
v and tr
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
14
Performance Evaluation
Average delay and network storage cost in forwarding ordinary
beneficial packets with different n, v and tr
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
15
Performance Evaluation
Average network storage cost in forwarding a “junk” packet under
PReFilter with different n, v and tr
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
16
Performance Evaluation
Average replicas distribution of a “junk” packet under with different n,
v and tr
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
17
Conclusion
• In this talk, we have discussed a Privacypreserving relay filtering (PReFilter) scheme for
DTNs



Privacy-preserving filtering policy distribution
Relay node to filter “junk” packets as early as possible
Avoid the significant waste of scarce DTN resources
• In our future work,


Heterogeneous mobility of DTN nodes
Distribute the filtering policy at high social friend nodes
Thank you!
R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks
18