Network Security – Overview

The focus of our research in the area of network security is set on infrastructureless and decentralized communication networks. Particular technologies we are in touch with are mobile ad hoc, mesh, and sensor networks as well as peer-to-peer systems and service oriented architectures. We thus consider an infrastructureless and a decentralized nature on each layer of the network stack. The (multihop) wireless data transmission and the lack of central trusted instances render the resulting communication substrate a challenging environment with respect to security. Allowing for establishing enhanced communication services beyond the reach of infrastructure-based, centralized systems on the one hand, infrastructureless and decentralized systems are beyond the protection of 'traditional' security mechanisms on the other hand. Well-known and established security mechanisms such as gateways and firewalls to protect network borders or RADIUS and Kerberos to manage user-authentication and access control can not be applied directly in the infrastructureless and decentralized domain. To deal with these challenges, our research aims at identifying and classifying threats on infrastructureless and decentralized networks and, upon this basis, developing appropriate security mechanisms. Current research topics include

GeoSec.KOM location-based intrusion response for mobile ad hoc networks - the misbehaving node is excluded from the network based on its location, not its address e.g. to render Sybil attacks ineffective
  • analysis and modeling of effects of misbehavior in mobile ad hoc networks, peer-to-peer systems and service oriented architectures,
  • location-based preventive and reactive security mechanisms for mobile ad hoc networks,
  • security mechanisms for structured peer-to-peer systems,
  • user-based cooperative decisions as basis for authentication and access control without central trusted instances and predefined security policies,
  • anonymizing approaches for service oriented architectures.


To obtain most comprehensive insights in these fields, we combine an investigation based on mathematical models with experiments in simulation environments as well as testbeds. Responsible for the research efforts on network security at the Multimedia Communications Lab (KOM) are Dipl.-Inform. André König and Dr.-Ing. Stefan Schulte in close cooperation with Prof. Dr.-Ing. Matthias Hollick of the Center for Advanced Security Research Darmstadt (CASED).

Contact

Prof. Dr.-Ing. Ralf Steinmetz

Technische Universität Darmstadt
Fachgebiet Multimedia Kommunikation
Rundeturmstr. 10
64283 Darmstadt
S3/20

+49 6151 16-6150

A A A | Print | Legal note | Sitemap | Search | Contact
to topto top