Patrick Tague is an assistant research professor at CyLab and INI, based at Carnegie Mellon Silicon Valley. His research interests include network security for wireless networks, focusing on modeling and evaluating vulnerabilities in wireless ad-hoc and sensor networks and designing robust networking protocols for ad-hoc networks, wireless embedded systems, cognitive radio networks, and cyber-physical systems.
posted by Richard Power
CyLab Chronicles: Tell us about your area of research.
Patrick Tague: My research interests fall in the area of Network Security, focusing on wireless, ad-hoc, and sensor networks. In addition to classical cryptographic properties such as confidentiality, integrity, or authentication, I am interested in network operational properties such as availability, reliability, and performance that cannot necessarily be provided using cryptography alone. My past research has focused on identifying vulnerabilities in wireless networking protocols and developing techniques to mitigate the impact of attacks. For example, I investigated the impact of wireless jamming and interference on network throughput and developed a technique to dynamically optimize the allocation of network traffic over multiple routing paths based on historical interference patterns. Areas of future interest include security of networked control systems, privacy in mobile applications, and the effects of user and adversary mobility on network performance.
CyLab Chronicles: Let's explore the work described in your paper on "Jamming-Aware Traffic Allocation for Multiple-Path Routing Using Portfolio Selection." Please outline the context and the issues; and share some of your conclusions with us. How has the interplay between jamming and anti-jamming strategies evolved, and what issues does your work address?
Tague: The driving force of this work is the realization that jamming at the physical-layer impacts network performance at numerous higher protocol layers. Classical anti-jamming technology leverages diversity in the physical medium using multiple communication channels, separated in time, frequency, or code space. However, by jointly considering multiple protocol layers, additional sources of diversity become available. This cross-layered approach to anti-jamming parallels the recent exposure of highly-efficient jamming strategies using higher layer protocol information to conserve jammer resources. The idea studied in this work is to use the spatial diversity provided by multiple routing paths to improve the end-to-end data throughput achieved in the wireless network in the presence of jammers. However, the problem is complicated by the non-deterministic view of the jammers' actions available to the wireless network routers and data sources. In our approach, we propose to allow each source node to collect statistics about the jamming attack over relevant network links, in the form of packet loss rates, and to use a risk-averse financial model from portfolio selection theory to allocate network traffic over the set of routing paths.
CyLab Chronicles: Another paper of yours, "Mitigation of Control Channel Jamming under Node Capture Attacks," also highlights some intriguing work. Again, outline the context and the issues, if you will, and share some of your insights. What are some of the vulnerabilities unique to control channel jamming, and what forms of mitigation does your research look into?
Tague: In wireless networks with a central trusted authority, such as a base station or cell tower, control channels serve as a means for the authority to disseminate critical information and system maintenance messages to network users in a timely manner. If a jammer can target these control channels and prevent users from receiving system messages, critical information can be lost and lost maintenance messages can cause system breakdown. Hence, control channels can serve as a single point-of-failure and target for highly-efficient jamming attacks. In traditional control channel anti-jamming systems, users rely on secret information to determine the location (time, frequency, etc.) of hidden control channels. The use of these control channel keys prevents a jammer from specifically focusing the attack on the control channels. If the jamming adversary can capture a network device, however, the control channel keys can be recovered, and the jammer can determine the location of hidden control channels. In this work, we developed a key assignment framework that allows for improvements in the robustness of control channel anti-jamming under node capture attacks by incorporating additional degrees of redundancy and randomness. First, we provisioned for the assignment of multiple control channels keys to each user, providing a level of redundancy such that any user can receive control messages over a number of different control channels. Second, we applied the recent idea of random key predistribution to provide smooth degradation in message availability to system users.
CyLab Chronicles: A third aspect of your research that we would like to touch on is documented in "Evaluating the Vulnerability of Network Traffic Using Joint Security and Routing Analysis." What distinguishes your work in this area from other studies of node capture attacks, and what did you come up with?
Tague: One of the common themes of much of the previous work on node capture attacks is the idea that the adversary can compromise secure links by recovering the corresponding keys from captured nodes. The primary focus of this work on node capture attacks that hadn't been addressed previously is the idea that the compromise of secure links may also affect the secrecy/integrity of the network traffic flowing through the links. This relationship leads to the following questions: how to evaluate the effective end-to-end security; and how can an adversary improve the efficiency of node capture attacks by targeting end-to-end traffic instead of link compromise?
In this work, we approached the two above questions by deriving a metric to evaluate the end-to-end connection strength as a function of the link security and network topology using aspects of network flow analysis and electric circuit theory. This metric provides some idea of the result of building end-to-end security from link security and can also serve as an objective function for the adversary's attack strategy.
CyLab Chronicles: What is next for you along these lines of research? What direction will it take in the future?
Tague: In regard to modeling attacks and vulnerabilities, I am currently investigating the impact of the adversary's locality (i.e. the restriction of the adversary's actions to a local neighborhood) and mobility on network performance, especially in mobile networks. In the future, I hope to study the interactions between network users and adversaries in network architectures such as cognitive radio networks and networked control systems where loss of information has direct implications on system performance. Another problem of future interest is investigating trade-offs between availability, reliability, and trust in ad-hoc networks, especially those composed of distinct sets of users with different authorities (e.g. coalition networks).
See all CyLab Chronicles articles