On the Effectiveness of Monitoring for Intrusion Detection in Mobile Ad Hoc Networks

ABSTRACT Several intrusion detection techniques (IDTs) proposed for mobile ad hoc networks rely on each node passively monitoring the data forwarding by its next hop. This paper presents quantitative evaluations of false positives and their impact on monitoring-based intrusion detection for ad hoc networks. Experimental results show that, even for a simple three-node configuration, an actual ad hoc network suffers from high false positives; these results are validated by Markov and probabilistic models. However, this false positive problem cannot be observed by simulating the same network using popular ad hoc network simulators, such as ns-2, OPNET or Glomosim. To remedy this, a probabilistic noise generator model is implemented in the Glomosim simulator. With this revised noise model, the simulated network exhibits the aggregate false positive behavior similar to that of the experimental testbed. Simulations of larger (50-node) ad hoc networks indicate that monitoring-based intrusion detection has very high false positives. These false positives can reduce the network performance or increase the overhead. In a simple monitoring-based system where no secondary and more accurate methods are used, the false positives impact the network performance in two ways: reduced throughput in normal networks without attackers and inability to mitigate the effect of attacks in networks with attackers.

Optimal and Efficient Graph-Based Resource Allocation Algorithms for Multiservice Frame-Based OFDMA Networks
ABSTRACT This paper addresses the resource allocation problem in Orthogonal Frequency Division Multiple Access (OFDMA)-based wireless networks. The resource allocation problem is posed as an optimization problem with individual user constraints. This formulation provides a special structure that lends to efficient solution of the problem. We develop an optimal algorithm based on standard graph theory and Lagrangian relaxation. Based on the special structure of the problem, the proposed resource allocation algorithm attains the optimal solution at a much lower complexity compared to general-purpose optimization algorithms used by previous OFDMA resource allocation approaches. Moreover, the resource allocation problem solved by the proposed algorithm supports practical features such as discrete modulation set and multiple OFDM symbols per resource allocation decision. Furthermore, by assuming even power allocation across the OFDM subchannels, a suboptimal resource allocation algorithm with lower complexity is developed. The proposed algorithms enable the system designer to control the tradeoffs among system performance, system complexity, and the quality of service (QoS) experienced by the users. Extensive simulations are conducted to evaluate the performance and complexity of the proposed algorithms under different system operating conditions.

Exact Top-K Queries in Wireless Sensor Networks

ABSTRACT In this paper, we consider the exact top-k query problem in wireless sensor networks, i.e., where one seeks to find the k highest reported values as well as the complete set of nodes that reported them. Our primary contribution in this context is EXTOK, a provably correct and topology-independent new filtering-based algorithm for processing exact top-k queries. As a secondary contribution we confirm a previous result of ours by showing that the efficiency of top-k query processing algorithms, including EXTOK, can be further improved by simply choosing a proper underlying logical tree topology. We examine EXTOK's performance with respect to a number of parameters and different logical tree topologies while using both synthetic and real data sets. Our simulation reveal that EXTOK consistently outperforms the current state-of-the-art algorithm by a very significant margin and regardless of the underlying logical tree topology.

Efficient Hidden Vector Encryption for Conjunctive Queries on Encrypted Data

ABSTRACT Predicate encryption has received considerable attention in applications where private and sensitive data about users can be stored in untrusted database (DB) servers. It allows users to store encrypted data at DB servers, and yet retain the ability to search those databases without revealing anything else about the encrypted data. Hidden Vector Encryption (HVE) is a type of predicate encryption that supports the fine-grained conjunctive combination of equality queries, comparison queries, and subset queries on encrypted data. The currently known HVE schemes, which are all pairing-based, either work in composite-order groups or require a token size of O(ell ) and O(ell ) pairing computations for one search query with ell conjuncts. In this paper, we present a new HVE scheme that not only works in prime-order groups but also requires a token size of O(1) and only O(1) pairing computations regardless of ell. Our HVE construction also yields a more efficient, anonymous, identity-based encryption scheme than existing schemes, which is secure in the standard model. To achieve our goal, we introduce novel techniques for both hiding attributes in prime-order groups and reducing the number of pairing computations to O(1). Our techniques are quite general so that they can be applied to both symmetric and asymmetric bilinear maps.

Efficient Evaluation of Continuous Text Search Queries

ABSTRACT Consider a text filtering server that monitors a stream of incoming documents for a set of users, who register their interests in the form of continuous text search queries. The task of the server is to constantly maintain for each query a ranked result list, comprising the recent documents (drawn from a sliding window) with the highest similarity to the query. Such a system underlies many text monitoring applications that need to cope with heavy document traffic, such as news and email monitoring. In this paper, we propose the first solution for processing continuous text queries efficiently. Our objective is to support a large

number of user queries while sustaining high document arrival rates. Our solution indexes the streamed documents in main memory with a structure based on the principles of the inverted file, and processes document arrival and expiration events with an incremental threshold-based method. We distinguish between two versions of the monitoring algorithm, an eager and a lazy one, which differ in how aggressively they manage the thresholds on the inverted index. Using benchmark queries over a stream of real documents, we experimentally verify the efficiency of our methodology; both its versions are at least an order of magnitude faster than a competitor constructed from existing techniques, with lazy being the best approach overall.