CSE logo University of Washington Computer Science & Engineering

 Trustworthy Networks

  CSE Home     Up  About Us    Search    Contact Info 

People
 Tom Anderson
 Tadayoshi Kohno
 Srinivasan Seshan (CMU)
 David Wetherall
   

Overview

We are designing and building wireless and wired networks that users can trust to respect their privacy and operate reasonably despite interference. Most existing network security mechanisms use encryption to provide confidentiality and authenticity (e.g., WEP, IPSEC, SSL). While the use of standard cryptographic techniques can protect against the unintended disclosure of the contents of messages and undetected insertion of messages, these solutions are not by themselves sufficient. For example, basic encryption does not fully ensure user privacy because lower layer protocol information is sent in the clear and can be used for profiling and tracking, e.g., nearby parties observe MAC addresses in wireless networks, and ISPs observe IP addresses with wired networks. And it does not operate in a reasonable manner when there is interference. This is because unwanted communications can crowd out legitimate ones, e.g., collisions can jam wireless channels, and denial-of-service attacks can disrupt wired hosts. 

Our research takes network security one step beyond that provided by conventional security mechanisms. For example, motivated by the above-mentioned deficiencies with basic encryption, we are investigating methods for randomizing lower layer communications in order to reduce information leakage and the ability of an attacker to interfere with communications. In the wireless space, this is analogous to spread-spectrum communications, but applied at higher layers and to a complete network. In the wired space, these problems have been treated separately but with sometimes similar mechanisms, e.g., mix nets / Onion routing and SOS / Mayday, whereas we aim to address both problems with a single type of mechanism. 

Nike+iPod Sport Kit here!

Earlier Work

Our research builds on our existing efforts in the area of information leakage and denial-of-service prevention, including the papers below.

  • A DoS-limiting Network Architecture
    X. Yang, D. Wetherall, and T. Anderson
    Proceedings of ACM SIGCOMM 2005, Philadelphia, PA, August 2005.
  • Remote Physical Device Fingerprinting
    Tadayoshi Kohno, Andre Broido, and K.C. Claffy
    IEEE Symposium on Security and Privacy, May, 2005 [Conference version, Award paper]
    IEEE Transactions on Dependable and Secure Computing, Apr-Jun, 2005 [Journal version]

CSE logo Computer Science & Engineering
University of Washington
Box 352350
Seattle, WA  98195-2350
(206) 543-1695 voice, (206) 543-2969 FAX
[comments to djw]