1 PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks University of Waterloo & UOIT & INRIA Lille Presenter:

1

PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks

University of Waterloo & UOIT & INRIA Lille

Presenter: Rongxing Lu

Rongxing Lu, Xiaodong Lin, Tom Luan, Xiaohui Liang, Xu Li, Le Chen, and Xuemin (Sherman) Shen

2 R. Lu et al., PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks

Outline

• Introduction of Delay Tolerant Networks• Security & Privacy Challenges in DTNs• Proposed PReFilter Scheme • Security Analysis• Performance Evaluation• Conclusions

http://images.google.ca/imgres?imgurl=http://school.discoveryeducation.com/clipart/images/presentation-boy.gif&imgrefurl=http://school.discoveryeducation.com/clipart/clip/presentation-boy.html&h=320&w=360&sz=11&hl=en&start=4&um=1&tbnid=6nU_JAQRk_ZDtM:&tbnh=108&tbnw=121&prev=/images?q=presentation&um=1&hl=en&rlz=1T4AMSA_enCA269CA269


Introduction

• Infrastructure Non-infrastructure• High density Low density• Performance : Highly depend on mobility• Delay Tolerant Network (DTN)

High transmission delay Frequent link disruption Non-exist end-to-end connections


Applications of DTN

Inter-planetary communication

Networking in sparse rural area

Vehicular Ad-hoc Network

Underwater Sensor Network


DTN Routing

• DTN Routing increase the delivery ratio reduce the average delay

• Single copy Multi-copy• Balance Performance & Resource Consumption

Probabilistic routing Spray and wait Relaycast

D

S

[1] A. Lindgren, A. Doria, and O. Schelen, “Probabilistic routing in intermittently connected networks,” Mobile Computing and Communications Review, vol. 7, no. 3, pp. 19–20, 2003.[2] T. Spyropoulos, K. Psounis, and C. S. Raghavendra, “Spray and wait: an efficient routing scheme for intermittently connected mobile networks,” in Proc. of WDTN ’05, 2005, pp. 252–259.[3] U. Lee, S. Y. Oh, K.-W. Lee, and M. Gerla, “Relaycast: Scalable multicast routing in delay tolerant networks,” in Proc. of ICNP’08, 2008.


Security Challenges

• Without solving security issues well-designed DTN routing not practical

• Selfish issues incentive mechanism avoid black/grey hole

[1] S. Upendra, H. H. Song, L. Qiu, and Y. Zhang, “Incentive-aware routing in dtns,” in Proc. of ICNP’08, 2008, pp. 238–247.[2] R. Lu, X. Lin, H. Zhu, X. Shen, and B. R. Preiss, “Pi: a practical incentive protocol for delay tolerant networks,” IEEE Transactions on Wireless Communications, vol. 9, no. 4, pp. 1483–1493, 2010.

D

S

Selfish

Selfish

Selfish

Incentive


Security Challenges (2)

• Traffic storm problem caused by the malicious nodes false data waste scarce DTN resources

• Countermeasure fundamental packet authentication access control

detect false data by relay nodes drop false data early save scarce DTN resources

[1] N. Asokan, K. Kostiainen, P. G. J. Ott, and C. Luo, “Towards securing disruption-tolerant networking,” Nokia Research, Tech. Rep. NRC-TR-2007-007.[2] H. Zhu, X. Lin, R. Lu, X. Shen, D. Xing, and Z. Cao, “An opportunistic batch bundle authentication scheme for energy constrained DTNs,” in Proc. IEEE INFOCOM’10, 2010, pp. 605–613.

D

S


Security Challenges (3)

• Encrypted “junk” packet --- New Challenge encrypted, sent by the legitimate nodes “junk” of no interest to the destination decrypted, discarded by the destination

• But, before being discarded TTL expire or encounter with destination also waste scarce DTN resources

• No countermeasure, ▼

encrypted sent by legitimate nodes

D

S

BIG CHALLENGE


Our Contribution

• From traditional Email System DTN

• Differences Transmission: Infrastructure DTN nodes Filtering: centralized decentralized (effectively filter) Privacy: protected easily violated

• Our Contribution PReFilter: Privacy-preserving relay filtering for DTN

Filtering Keyword


Our PReFilter Scheme

• Each node sets its filtering keyword list• Distribute encrypted keyword list to its friends

friends can use the encrypted keyword list for filtering but cannot read the keywords in plaintext

• Packet format

iN

1iFP

2iFP

3iFP

4iFP

5iFP

Rule 1Rule 2- - -

1N

2N

3N4N

5N

Social Connection

Sparse DTN

1N

2N

3N

4N

5N

6N

7N

8N

Destination Keyword Payload TTL Authenticator


PReFilter Mechanism

S

D

Junk packet S Source D Destination Destination’s friend

Intermediate node w/o packet dropping Intermediate node with packet dropping


Security Analysis• Achieve privacy-preserving policy

distribution privacy-preserving filtering integrity, confidentiality


Performance Evaluation

1000 m x 1000 m

Simulation Area Random waypoint model


Performance EvaluationDelivery ratio in forwarding ordinary beneficial packets with different n, v and tr


Performance EvaluationAverage delay and network storage cost in forwarding ordinary beneficial packets with different n, v and tr


Performance EvaluationAverage network storage cost in forwarding a “junk” packet under PReFilter with different n, v and tr


Performance EvaluationAverage replicas distribution of a “junk” packet under with different n, v and tr


Conclusion

• In this talk, we have discussed a Privacy-preserving relay filtering (PReFilter) scheme for DTNs Privacy-preserving filtering policy distribution Relay node to filter “junk” packets as early as possible Avoid the significant waste of scarce DTN resources

• In our future work, Heterogeneous mobility of DTN nodes Distribute the filtering policy at high social friend nodes

Thank you!

Documents

1 PReFilter: An Efficient Privacy-preserving Relay Filtering Scheme for Delay Tolerant Networks University of Waterloo & UOIT & INRIA Lille Presenter: