Abstract
Personal area networks such as home or small office LANs are usually more vulnerable to cyber-attacks than those with dedicated support staff and the ability to invest consistently in security defenses. In this paper I propose leveraging physical characteristics of these personal area networks in order to enable non-technical individuals to secure their networks or at least be aware that their devices have been compromised. This proposal leverages records of location for mobile devices, proximity authentication, and individual homophily. In this work, I summarize previous studies on securing personal networks, proximity authentication, and software attestation. I then present a preliminary design for the detection of and recovery from infection for personal area networks. Limitations and future work are also discussed.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bisdikian, C., Bhogwat, P., Golmie, N.: Wireless personal area networks. IEEE Network 15(5), 10–11 (2001)
Rogers, D.: Why Wireless Networks Are More Vulnerable Than Wired Networks, http://www.articlesbase.com/computers-articles/why-wireless-networks-are-more-vulnerable-than-wired-networks-886434.html (accessed 2009)
IEEE. IEEE 802.15 Working Group for WPAN, http://www.ieee802.org/15/
Niemegeers, I., Heemstra De Groot, S.: Research Issues in Ad-Hoc Distributed Personal Networking. Wireless Personal Communications 26(2-3), 149–167 (2003)
Hoebeke, J., Holderbeke, G., Moerman, I., Jacobsson, M., Prasad, V., Wangi, N., Niemegeers, I., Groot, S.: Personal Network Federations. In: Proceedings of the 15th IST Mobile and Wireless Communications Summit, Myconos, Greece (2006)
Jacobsson, M., Niemegeers, I.: Privacy and anonymity in personal networks. In: Pervasive Computing and Communications Workshops, pp. 130–135 (2005)
Patrikakis, C., Kyriazanos, D., Prasad, N.: Establishing Trust Through Anonymous and Private Information Exchange Over Personal Networks. Wireless Personal Communications 51(1), 121–135 (2009)
Patrikakis, C., Kyriazanos, D., Voulodimos, A., Nikolakopoulos, I.: Privacy and resource protection in Personal Network Federations. In: Proceedings of the 2nd International Conference on Pervasive Technologies Related to Assistive Environments, Corfu, Greece, pp. 29:1–29:5 (2009)
McCune, J., Perrig, A., Reiter, M.: Seeing-Is-Believing: using camera phones for human-verifiable authentication. In: IEEE Symposium on Security and Privacy, Oakland, CA, pp. 110–124 (2005)
Rasmussen, K., Castelluccia, C., Heydt-Benjamin, T., Capkun, S.: Proximity-based access control for implantable medical devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, IL, pp. 410–419 (2009)
Cai, L., Zeng, K., Chen, H., Mohapatra, P.: Good Neighbor: Ad Hoc Pairing of Nearby Wireless Devices by Multiple Antennas. In: Proceedings of the 18th Annual Network & Distributed System Security Conference (NDSS 2011), San Diego, CA (2011)
Varshavsky, A., Scannell, A., LaMarca, A., de Lara, E.: Amigo: Proximity-Based Authentication of Mobile Devices. In: Krumm, J., Abowd, G.D., Seneviratne, A., Strang, T. (eds.) UbiComp 2007. LNCS, vol. 4717, pp. 253–270. Springer, Heidelberg (2007)
Kalamandeen, A., Scannell, A., de Lara, E., Sheth, A., LaMarca, A.: Ensemble: Cooperative Proximity-based Authentication. In: Proceedings of the 8th International Conference on Mobile Systems, Applications, and Services, San Francisco, CA, pp. 331–344 (2010)
Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems. In: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, Brighton, United Kingdom, pp. 1–16 (2005)
Seshadri, A., Perrig, A., Doorn, L., Khosla, P.: SWATT: SoftWare-based ATTestation for Embedded Devices. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, p. 272 (2004)
Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, IL, pp. 400–409 (2009)
Jakobsson, M., Johansson, K.-A.: Retroactive detection of malware with applications to mobile platforms. In: Proceedings of the 5th USENIX Conference on Hot Topics in Security, Washington, DC, pp. 1–13 (2010)
Kanellis, P. (ed.): Digital Crime And Forensic Science in Cyberspace. Idea Group Publishing, Hershey (2006)
Malware Wiki, http://malware.wikia.com/wiki/Payload (accessed 2011)
CNN. Clone of ’Melissa’ virus infects the Internet, http://articles.cnn.com/2001-04-19/tech/virus.matcher_1_melissa-bug-windows-address-original-melissa-virus?_s=PM:TECH
CNN. Destructive ILOVEYOU computer virus strikes worldwide, http://articles.cnn.com/2000-05-04/tech/iloveyou.01_1_melissa-virus-antivirus-companies-iloveyou-virus?_s=PM:TECH
CNN. CIH virus may hit on Monday, http://www.cnn.com/TECH/computing/9904/23/cihvirus.idg/index.html?iref=allsearch
Schlegel, R., Zhang, K., Zhou, X., Intwala, M., Kapadia, A., Wang, X.: Soundcomber: A Stealthy and Context-Aware Sound Trojan for Smartphones. In: Proceedings of the 18th Annual Network & Distributed System Security Symposium (NDSS 2011), San Diego, CA, pp. 17–33 (2011)
Stafford, T., Urbaczewski, A.: Spyware: The Ghost in the Machine. Communications of The AIS (2004)
Mirkovic, J., Prier, G., Reiher, P.: Attacking DDoS at the Source. In: Proceedings of the 10th IEEE International Conference on Network Protocols, Washington, DC, pp. 312–321 (2002)
Levy, E.: The making of a spam zombie army. Dissecting the Sobig worms. In: Proceedings in IEEE Security & Privacy, Oakland, CA, pp. 58–59 (2003)
Pfleeger, C., Pfleeger, S.: Security in Computing, 4th edn. Pearson Education Inc., Boston (2006)
Skoudis, E., Zeltser, L.: Malware: fighting malicious code. Prentice Hall PTR, Upper Saddle River (2003)
Lawton, G.: Is It Finally Time to Worry about Mobile Malware? Computer 41(5), 12–14 (2008)
Juniper Networks Malicious Mobile Threats Report 2010/2011, http://www.juniper.net/us/en/local/pdf/whitepapers/2000415-en.pdf (accessed May 2011)
Eeten, M., Bauer, J., Asghari, H., Tabatabaie, S.: The Role of Internet Service Providers in Botnet Mitigation: An Empirical Analysis Based on Spam Data. In: Proceedings of The Ninth Workshop on the Economics of Information Security (WEIS 2010), Cambridge, MA (2010)
Kinateder, M., Rothermel, K.: Architecture and Algorithms for a Distributed Reputation System. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 1–16. Springer, Heidelberg (2003)
Dong, Z., Camp, L.: The Decreasing Value of Weak Ties in Recommended Networks. ACM SIGCAS Computers and Society 41(1) (2011)
Burr, W., Dodson, D., Polk, W.: Electronic authentication guideline: Recommendations of the National Institute of Standards and Technology (2006)
Jansen, W., Gavrila, S., Korolev, V.: Proximity-based Authentication for Mobile Devices. In: Proceedings of the 2005 International Conference, Las Vegas, NV, pp. 398–404 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dong, Z. (2012). Enabling Users to Self-manage Networks: Collaborative Anomaly Detection in Wireless Personal Area Networks. In: Blyth, J., Dietrich, S., Camp, L.J. (eds) Financial Cryptography and Data Security. FC 2012. Lecture Notes in Computer Science, vol 7398. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34638-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-34638-5_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34637-8
Online ISBN: 978-3-642-34638-5
eBook Packages: Computer ScienceComputer Science (R0)