Malware Tolerant (Mesh-) Networks

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Standard

Malware Tolerant (Mesh-) Networks. / Denzel, Michael; Ryan, Mark.

Proceedings of the 17th International Conference on Cryptology And Network Security (CANS 2018) . Springer, 2018. p. 133-153 (Lecture Notes in Computer Science; Vol. 11124).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Denzel, M & Ryan, M 2018, Malware Tolerant (Mesh-) Networks. in Proceedings of the 17th International Conference on Cryptology And Network Security (CANS 2018) . Lecture Notes in Computer Science, vol. 11124, Springer, pp. 133-153, 17th International Conference on Cryptology And Network Security (CANS 2018) , Naples, Italy, 30/09/18. https://doi.org/10.1007/978-3-030-00434-7_7

APA

Denzel, M., & Ryan, M. (2018). Malware Tolerant (Mesh-) Networks. In Proceedings of the 17th International Conference on Cryptology And Network Security (CANS 2018) (pp. 133-153). (Lecture Notes in Computer Science; Vol. 11124). Springer. https://doi.org/10.1007/978-3-030-00434-7_7

Vancouver

Denzel M, Ryan M. Malware Tolerant (Mesh-) Networks. In Proceedings of the 17th International Conference on Cryptology And Network Security (CANS 2018) . Springer. 2018. p. 133-153. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-030-00434-7_7

Author

Denzel, Michael ; Ryan, Mark. / Malware Tolerant (Mesh-) Networks. Proceedings of the 17th International Conference on Cryptology And Network Security (CANS 2018) . Springer, 2018. pp. 133-153 (Lecture Notes in Computer Science).

Bibtex

@inproceedings{18a9b18289974593b9953138ac446e30,
title = "Malware Tolerant (Mesh-) Networks",
abstract = "Mesh networks, like e.g. smart-homes, are networks where every node has routing capabilities. These networks are usually flat, which means that one compromised device can potentially overtake the whole infrastructure, especially considering clone attacks.To counter attacks, we propose a network architecture which enhances flat networks, especially mesh networks, with isolation and automatic containment of malicious devices. Our approach consists of unprivileged devices, clustered into groups, and privileged “bridge” devices which can cooperatively apply filter rules like a distributed firewall. Since there is no ultimate authority (not even bridges) to control the whole network, our approach has no single point-of-failure – so-called intrusion or malware tolerance. That means, attacks on a single device will not compromise the whole infrastructure and are tolerated. Previous research on mesh networks [10, 3, 8, 9] relied on a single point-of-failure and is, thus, not intrusion or malware tolerant.Our architecture is dynamic in the sense that bridge devices can change, misbehaving devices can be isolated by outvoting them, and cryptographic keys evolve. This effectively turns the entire network into a moving target.We used the protocol verifier ProVerif to prove the security properties of our network architecture.",
keywords = "mesh network, malware tolerance, self-management, network security",
author = "Michael Denzel and Mark Ryan",
year = "2018",
month = sep,
day = "1",
doi = "10.1007/978-3-030-00434-7_7",
language = "English",
isbn = "978-3-030-00433-0",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "133--153",
booktitle = "Proceedings of the 17th International Conference on Cryptology And Network Security (CANS 2018)",
note = "17th International Conference on Cryptology And Network Security (CANS 2018) ; Conference date: 30-09-2018 Through 03-10-2018",

}

RIS

TY - GEN

T1 - Malware Tolerant (Mesh-) Networks

AU - Denzel, Michael

AU - Ryan, Mark

PY - 2018/9/1

Y1 - 2018/9/1

N2 - Mesh networks, like e.g. smart-homes, are networks where every node has routing capabilities. These networks are usually flat, which means that one compromised device can potentially overtake the whole infrastructure, especially considering clone attacks.To counter attacks, we propose a network architecture which enhances flat networks, especially mesh networks, with isolation and automatic containment of malicious devices. Our approach consists of unprivileged devices, clustered into groups, and privileged “bridge” devices which can cooperatively apply filter rules like a distributed firewall. Since there is no ultimate authority (not even bridges) to control the whole network, our approach has no single point-of-failure – so-called intrusion or malware tolerance. That means, attacks on a single device will not compromise the whole infrastructure and are tolerated. Previous research on mesh networks [10, 3, 8, 9] relied on a single point-of-failure and is, thus, not intrusion or malware tolerant.Our architecture is dynamic in the sense that bridge devices can change, misbehaving devices can be isolated by outvoting them, and cryptographic keys evolve. This effectively turns the entire network into a moving target.We used the protocol verifier ProVerif to prove the security properties of our network architecture.

AB - Mesh networks, like e.g. smart-homes, are networks where every node has routing capabilities. These networks are usually flat, which means that one compromised device can potentially overtake the whole infrastructure, especially considering clone attacks.To counter attacks, we propose a network architecture which enhances flat networks, especially mesh networks, with isolation and automatic containment of malicious devices. Our approach consists of unprivileged devices, clustered into groups, and privileged “bridge” devices which can cooperatively apply filter rules like a distributed firewall. Since there is no ultimate authority (not even bridges) to control the whole network, our approach has no single point-of-failure – so-called intrusion or malware tolerance. That means, attacks on a single device will not compromise the whole infrastructure and are tolerated. Previous research on mesh networks [10, 3, 8, 9] relied on a single point-of-failure and is, thus, not intrusion or malware tolerant.Our architecture is dynamic in the sense that bridge devices can change, misbehaving devices can be isolated by outvoting them, and cryptographic keys evolve. This effectively turns the entire network into a moving target.We used the protocol verifier ProVerif to prove the security properties of our network architecture.

KW - mesh network

KW - malware tolerance

KW - self-management

KW - network security

U2 - 10.1007/978-3-030-00434-7_7

DO - 10.1007/978-3-030-00434-7_7

M3 - Conference contribution

SN - 978-3-030-00433-0

T3 - Lecture Notes in Computer Science

SP - 133

EP - 153

BT - Proceedings of the 17th International Conference on Cryptology And Network Security (CANS 2018)

PB - Springer

T2 - 17th International Conference on Cryptology And Network Security (CANS 2018)

Y2 - 30 September 2018 through 3 October 2018

ER -