We developed S-MobiEmu, an extensible envorinment for evaluating security technologies for MANETs. S-MobiEmu is based on MobiEmu, an emulation environment for MANET. S-MobiEmu implements a set of basic attacks, which can then be extended to implement complex attack scenarios. S-MobiEmu also includes a library of performance measurement functions. We have used S-MobiEmu to build a test environment for evaluating intrusion detection algorithms for MANETs. This work will be published in the First IEEE Conference on Security and Privacy for Emerging Areas in Communication Networks, September 2005.
We are also developing intrusion traceback techniques. In our protocol, a node can query its neighbors a packet involved in the attack. Each neighbor checks the packet against its Bloom filter of received packets. If there is a match, the neighbor will continue the traceback with its own neighbors. We showed that for serveral important classes of attacks, this simple technique can trace the attacker (or the victimized node) to its immediate neighborhood. This work will be published in the 2005 ACM Workshop on Wireless Security (WiSe 2005), September 2005.
We developed tinyPEAP, a system that implements PEAP, 802.1x and RADIUS. tinyPEAP provides user authentication and data encryption, and runs on low-end commodity wireless access points. tinyPEAP essentially brings enterprise-grade wireless LAN security to the home and small business environments. We have offered a free download of tinyPEAP via http://www.tinypeap.com. Since August 2004, we have had about 8,000 downloads.
Papers published in 2004-2005:
In the intrusion traceback work, we showed that for a many attacks, our simple Bloom filter based investigation protocol can locate the attacker or the victim to its neighborhood.
In the tinyPEAP work, we showed that it is possible to implement enterprise grade wireless security solutions in firmware (with small footprint).