New strategies for revocation in ad-hoc networks

Tyler Moore, Jolyon Clulow, Shishir Nagaraja, Ross Anderson

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

35 Citations (Scopus)

Abstract

Responding to misbehavior in ad-hoc and sensor networks is difficult. We propose new techniques for deciding when to remove nodes in a decentralized manner. Rather than blackballing nodes that misbehave, a more efficient approach turns out to be reelection - requiring nodes to secure a majority or plurality of approval from their neighbors at regular intervals. This can be implemented in a standard model of voting in which the nodes form a club, or in a lightweight scheme where each node periodically broadcasts a 'buddy list' of neighbors it trusts. This allows much greater flexibility of trust strategies than a predetermined voting mechanism. We then consider an even more radical strategy still - suicide attacks - in which a node on perceiving another node to be misbehaving simply declares both of them to be dead. Other nodes thereafter ignore them both. Suicide attacks, found in a number of contexts in nature from bees to helper T-cells, turn out to be more efficient still for an interesting range of system parameters.

LanguageEnglish
Title of host publicationSecurity and Privacy in Ad-hoc and Sensor Networks - 4th European Workshop, ESAS 2007, Proceedings
EditorsF. Stajano , C. Meadows , S. Capkun , T. Moore
Place of PublicationBerlin
PublisherIEEE
Pages232-246
Number of pages15
Volume4572
ISBN (Print)9783540732747
DOIs
Publication statusPublished - 1 Dec 2007
Event4th European Workshop on Security and Privacy in Ad-hoc and Sensor Networks, ESAS 2007 - Cambridge, United Kingdom
Duration: 2 Jul 20073 Jul 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4572 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference4th European Workshop on Security and Privacy in Ad-hoc and Sensor Networks, ESAS 2007
CountryUnited Kingdom
CityCambridge
Period2/07/073/07/07

Fingerprint

Revocation
T-cells
Ad hoc networks
Ad Hoc Networks
Sensor networks
Vertex of a graph
Voting
Attack
Strategy
Broadcast
Decentralized
Sensor Networks
Standard Model
Flexibility
Interval

Keywords

  • credential revocation
  • key management
  • sensor networks
  • ad hoc networks
  • mathematical models
  • parameter estimation

Cite this

Moore, T., Clulow, J., Nagaraja, S., & Anderson, R. (2007). New strategies for revocation in ad-hoc networks. In F. Stajano , C. Meadows , S. Capkun , & T. Moore (Eds.), Security and Privacy in Ad-hoc and Sensor Networks - 4th European Workshop, ESAS 2007, Proceedings (Vol. 4572 , pp. 232-246). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4572 LNCS). Berlin: IEEE. https://doi.org/10.1007/978-3-540-73275-4_17
Moore, Tyler ; Clulow, Jolyon ; Nagaraja, Shishir ; Anderson, Ross. / New strategies for revocation in ad-hoc networks. Security and Privacy in Ad-hoc and Sensor Networks - 4th European Workshop, ESAS 2007, Proceedings. editor / F. Stajano ; C. Meadows ; S. Capkun ; T. Moore . Vol. 4572 Berlin : IEEE, 2007. pp. 232-246 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{5579e2bdf447465ea251b47fe260bb30,
title = "New strategies for revocation in ad-hoc networks",
abstract = "Responding to misbehavior in ad-hoc and sensor networks is difficult. We propose new techniques for deciding when to remove nodes in a decentralized manner. Rather than blackballing nodes that misbehave, a more efficient approach turns out to be reelection - requiring nodes to secure a majority or plurality of approval from their neighbors at regular intervals. This can be implemented in a standard model of voting in which the nodes form a club, or in a lightweight scheme where each node periodically broadcasts a 'buddy list' of neighbors it trusts. This allows much greater flexibility of trust strategies than a predetermined voting mechanism. We then consider an even more radical strategy still - suicide attacks - in which a node on perceiving another node to be misbehaving simply declares both of them to be dead. Other nodes thereafter ignore them both. Suicide attacks, found in a number of contexts in nature from bees to helper T-cells, turn out to be more efficient still for an interesting range of system parameters.",
keywords = "credential revocation, key management, sensor networks, ad hoc networks, mathematical models, parameter estimation",
author = "Tyler Moore and Jolyon Clulow and Shishir Nagaraja and Ross Anderson",
year = "2007",
month = "12",
day = "1",
doi = "10.1007/978-3-540-73275-4_17",
language = "English",
isbn = "9783540732747",
volume = "4572",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "IEEE",
pages = "232--246",
editor = "{Stajano }, F. and {Meadows }, C. and {Capkun }, S. and {Moore }, T.",
booktitle = "Security and Privacy in Ad-hoc and Sensor Networks - 4th European Workshop, ESAS 2007, Proceedings",

}

Moore, T, Clulow, J, Nagaraja, S & Anderson, R 2007, New strategies for revocation in ad-hoc networks. in F Stajano , C Meadows , S Capkun & T Moore (eds), Security and Privacy in Ad-hoc and Sensor Networks - 4th European Workshop, ESAS 2007, Proceedings. vol. 4572 , Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4572 LNCS, IEEE, Berlin, pp. 232-246, 4th European Workshop on Security and Privacy in Ad-hoc and Sensor Networks, ESAS 2007, Cambridge, United Kingdom, 2/07/07. https://doi.org/10.1007/978-3-540-73275-4_17

New strategies for revocation in ad-hoc networks. / Moore, Tyler; Clulow, Jolyon; Nagaraja, Shishir; Anderson, Ross.

Security and Privacy in Ad-hoc and Sensor Networks - 4th European Workshop, ESAS 2007, Proceedings. ed. / F. Stajano ; C. Meadows ; S. Capkun ; T. Moore . Vol. 4572 Berlin : IEEE, 2007. p. 232-246 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4572 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

TY - GEN

T1 - New strategies for revocation in ad-hoc networks

AU - Moore, Tyler

AU - Clulow, Jolyon

AU - Nagaraja, Shishir

AU - Anderson, Ross

PY - 2007/12/1

Y1 - 2007/12/1

N2 - Responding to misbehavior in ad-hoc and sensor networks is difficult. We propose new techniques for deciding when to remove nodes in a decentralized manner. Rather than blackballing nodes that misbehave, a more efficient approach turns out to be reelection - requiring nodes to secure a majority or plurality of approval from their neighbors at regular intervals. This can be implemented in a standard model of voting in which the nodes form a club, or in a lightweight scheme where each node periodically broadcasts a 'buddy list' of neighbors it trusts. This allows much greater flexibility of trust strategies than a predetermined voting mechanism. We then consider an even more radical strategy still - suicide attacks - in which a node on perceiving another node to be misbehaving simply declares both of them to be dead. Other nodes thereafter ignore them both. Suicide attacks, found in a number of contexts in nature from bees to helper T-cells, turn out to be more efficient still for an interesting range of system parameters.

AB - Responding to misbehavior in ad-hoc and sensor networks is difficult. We propose new techniques for deciding when to remove nodes in a decentralized manner. Rather than blackballing nodes that misbehave, a more efficient approach turns out to be reelection - requiring nodes to secure a majority or plurality of approval from their neighbors at regular intervals. This can be implemented in a standard model of voting in which the nodes form a club, or in a lightweight scheme where each node periodically broadcasts a 'buddy list' of neighbors it trusts. This allows much greater flexibility of trust strategies than a predetermined voting mechanism. We then consider an even more radical strategy still - suicide attacks - in which a node on perceiving another node to be misbehaving simply declares both of them to be dead. Other nodes thereafter ignore them both. Suicide attacks, found in a number of contexts in nature from bees to helper T-cells, turn out to be more efficient still for an interesting range of system parameters.

KW - credential revocation

KW - key management

KW - sensor networks

KW - ad hoc networks

KW - mathematical models

KW - parameter estimation

UR - http://www.scopus.com/inward/record.url?scp=38149015558&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-73275-4_17

DO - 10.1007/978-3-540-73275-4_17

M3 - Conference contribution book

SN - 9783540732747

VL - 4572

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 232

EP - 246

BT - Security and Privacy in Ad-hoc and Sensor Networks - 4th European Workshop, ESAS 2007, Proceedings

A2 - Stajano , F.

A2 - Meadows , C.

A2 - Capkun , S.

A2 - Moore , T.

PB - IEEE

CY - Berlin

ER -

Moore T, Clulow J, Nagaraja S, Anderson R. New strategies for revocation in ad-hoc networks. In Stajano F, Meadows C, Capkun S, Moore T, editors, Security and Privacy in Ad-hoc and Sensor Networks - 4th European Workshop, ESAS 2007, Proceedings. Vol. 4572 . Berlin: IEEE. 2007. p. 232-246. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-540-73275-4_17