CAREER: Fundamental Security-Performance Tradeoffs for Active Attacks Against Communication Networks

职业：针对通信网络的主动攻击的基本安全性能权衡

• 批准号: 1453718
• 负责人: Oliver Kosut
• 金额: $ 47.57万
• 依托单位: Arizona State University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-02-01 至 2021-01-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1453718&HistoricalAwards=false
• 关键词: CAREER; Fundamental; Security; Performance; Tradeoffs

The vast and distributed nature of communication networks makes them inherently vulnerable to attack. This research focuses on combating active attacks, in which a malicious intruder acts to subvert the natural behavior of the system. These attacks include distributed denial of service attacks, wireless jamming, man-in-the-middle attacks, and Byzantine attacks. This research takes an information-theoretic approach to characterizing the fundamental trade-offs between security (degree of protection against attacks) and performance (achievable communication rates among legitimate users) in communication networks. To this end, this research effort investigates (i) secure strategies including polytope codes and hash-based verification, (ii) analytical tools for deriving bounds on fundamental limits, (iii) solutions for combating the unique challenges of attacks in the wireless environment, such as fading, mobility, and asynchronism, and (iv) applying attack-resilient strategies to timely applications such as distributed storage systems and the smart grid.If left unchecked, active attacks could significantly undermine the reliability of networks of connected devices just as they are becoming increasingly vital to modern society. This research provides new techniques to bolster the resilience of communication networks in the presence of these potentially damaging attacks. In addition, this project incorporates efforts to educate and engage students of all ages in thinking about the security problems in their lives. These efforts include security competitions for undergraduates, an outreach program for high school students, and a graduate course.

通信网络的巨大和分布式性质使其固有地容易受到攻击。这项研究的重点是打击主动攻击，其中恶意入侵者的行为，以破坏系统的自然行为。这些攻击包括分布式拒绝服务攻击、无线干扰、中间人攻击和拜占庭攻击。本研究采用信息论方法来表征通信网络中安全性（针对攻击的保护程度）和性能（合法用户之间可实现的通信速率）之间的基本权衡。为此，这项研究工作调查（i）安全策略，包括多面体代码和基于散列的验证，（ii）分析工具，用于导出基本限制的界限，（iii）解决方案，用于应对无线环境中的攻击的独特挑战，如衰落，移动性和移动性，以及（iv）将攻击弹性策略应用于诸如分布式存储系统和智能电网等实时应用。如果不加以检查，主动攻击可能会严重破坏连接设备网络的可靠性，因为它们对现代社会越来越重要。这项研究提供了新的技术，以加强通信网络在这些潜在的破坏性攻击存在的弹性。此外，该项目还努力教育所有年龄段的学生，让他们思考自己生活中的安全问题。这些努力包括为本科生举办的安全竞赛，为高中生举办的推广计划和研究生课程。