| Search the Collection|Browse Subjects|Services|Library Information|Community |News & Events | |
|
|
|
|
|
|
|
|
||||
|
|||||||
Type of Document Dissertation Author Wang, Pan , Author's Email Address pwang3@ncsu.edu URN etd-02252007-152456 Title Securing Communication in Dynamic Network Environments Degree PhD Graduate Program Computer Engineering Advisory Committee
Advisor Name Title Douglas S. Reeves Committee Chair Peng Ning Committee Co-Chair Gregory T. Byrd Committee Member Wenye Wang Committee Member Keywords
- Network Security
- Communication
Date of Defense 2006-02-26 Availability unrestricted Abstract WANG, PAN. Securing Communication in Dynamic Network Environments. (Under thedirection of Professor Douglas S. Reeves and Associate Professor Peng Ning).
In dynamic network environments, users may come from different domains, and the number of users and the network topology may change unpredictably over time. How to protect the users' ommunication in such dynamic environments, therefore, is extremely challenging. This dissertation has investigated multiple research problems related to securing users' communication in dynamic network environments, focusing on two kinds of
dynamic networks, i.e., mobile ad hoc networks and overlay networks. It first introduces a
secure address auto-configuration scheme for mobile ad hoc networks, since a precondition
of network communication is that each user is configured with a unique network identifier
(address). This proposed auto-configuration scheme binds each address with a public key,
allows a user to self-authenticate itself, and thus greatly thwarts the address spoofing attacks, in the absence of centralized authentication services. Next, this thesis presents two storage-efficient stateless group key distribution schemes to protect the group communication of a dynamic set of users. These two key distribution schemes utilize one-way key chains with a logical tree. They allow an authorized user to get updated group keys even if the user goes off-line for a while, and significantly reduce the storage requirement at each user if compared with previous stateless key distribution schemes. Third, this thesis investigates the solution using cryptographic methods to enforce network access control in mobile ad hoc networks, whose dynamic natures make it difficult to directly apply traditional access control techniques such as firewalls. A functioning prototype demonstrates the proposed access control system is practical and effective. Finally, this dissertation introduces a k-anonymity communication protocol for overlay networks to protect the privacy of users' communication. Unlike the existing anonymous communication protocols that either cannot provide
provable anonymity or suffer from transmission collision, the proposed protocol is transmission collision free and provides provable k-anonymity for both the sender and the recipient. The analysis shows the proposed anonymous communication protocol is secure even under
a strong adversary model, in which the adversary controls a fraction of nodes, is able to
eavesdrop all network tra±c and maliciously modify/replay the transmitted messages. A
proof-of-concept implementation demonstrates the proposed protocol is practical.
Files
Filename Size Approximate Download Time (Hours:Minutes:Seconds)
28.8 Modem 56K Modem ISDN (64 Kb) ISDN (128 Kb) Higher-speed Access etd.pdf 820.77 Kb 00:03:47 00:01:57 00:01:42 00:00:51 00:00:04