SECURE NETWORK CODING USING COMPUTATIONAL INTELLIGENCE

A thesis submitted in the partial fulfillment of the requirements for the Degree of

DOCTOR OF PHILOSOPHY (PHD)

IN COMPUTER SCIENCE

BY:

MUHAMMAD IRSHAD NAZEER

REG. NO. COMP-2016-052

Supervisor:

Supervisor

PROF. DR. GHULAM ALI MALLAH

Co-Supervisor

PROF. DR. NOOR AHMED SHAIKH

DEPARTMENT OF COMPUTER SCIENCE

FACULTY OF PHYSICAL SECIENCES

SHAH ABDUL LATIF UNIVERSITY, KHAIRPUR

SINDH, PAKISTAN

2018

Author’s Declaration

I, Muhammad Irshad Nazeer, hereby state that my PhD thesis titled “Secure Network Coding

Using Computational Intelligence” is my own work and has not been submitted previously by

me for taking any degree for this University (Shah Abdul Latif University, Khairpur) or

anywhere else in the country/world.

At any time, if my statement is found to be incorrect even after my graduation, the university

has right to withdraw my PhD degree.

Name of Student: Muhammad Irshad Nazeer

Date __________________________

Plagiarism Undertaking

I, Muhammad Irshad Nazeer, PhD scholar solemnly declare that research work presented in

the thesis titled “Secure Network Coding Using Computational Intelligence” is solely my

research work with no significant contribution from any other person. Small contribution/help

wherever taken has been duly acknowledged and that complete thesis has been written by me.

I understand the zero-tolerance policy of the HEC and University (Shah Abdul Latif

University, Khairpur) towards plagiarism. Therefore, I, as an Author of the above titled

thesis declare that no portion of my thesis has been plagiarized and any material used as

reference is properly referred/cited.

I undertake that if I am found guilty of any formal plagiarism in the above titled thesis even

after award of PhD degree, the University reserves the rights to withdraw/revoke my degree

and the HEC and the University has the right to publish my name on the HEC/University

Website on which names of students are placed who submitted plagiarized thesis.

Student/Author Signature __________________

Name: Muhammad Irshad Nazeer

CERTIFICATE OF RESEARCH GUIDE(S)

This is to certify that the thesis entitled: “Secure Network Coding Using Computational

Intelligence” submitted to Shah Abdul Latif University, Khairpur in partial fulfillment of

requirements for the award of Degree of Doctor of Philosophy (PhD) in Computer Science, is

a record of original research work done by Mr. Muhammad Irshad Nazeer under my/our

supervision and guidance.

GUIDE/SUPERVISOR

Prof. Dr. Ghulam Ali Mallah

CO-SUPERVISOR

Prof. Dr. Noor Ahmed Shaikh

Certificate of Approval

This is to certify that the research work presented in this thesis, titled “Secure Network

Coding Using Computational Intelligence” was conducted by Mr. Muhammad Irshad Nazeer

under the supervision of Prof. Dr. Ghulam Ali Mallah and Prof. Dr. Noor Ahmed Shaikh. No

part of this thesis has been submitted anywhere else for any other degree. This thesis is

submitted to the Department of Computer Science in partial fulfillment of the requirements

for the degree of Doctor of Philosophy in the Field of Computer Science, Department of

Computer Science Shah Abdul Latif University, Khairpur. The thesis is evaluated by:

Examination Committee:

a) Prof. Dr. Zahid Hussain Abro Signature______________

Dean Faculty of Basic Sciences,

Quid-e-Awam University f Engineering,

Sciences and Technology, Nawab Shah,

External Examiner

b) Prof. Dr. M Sadiq Ali Khan Signature______________

Head of Computer Science Department

University of Karachi,

External Examiner

c) Prof. Dr. Ghulam Ali Mallah Signature______________

Professor and Chairman of Computer

Science department, SALU, Khairpur Mirs,

Supervisor/Internal Examiner

Name of Chairman/HOD____________________ Signature______________

Prof. Dr. Ghulam Ali Mallah

Name of Dean ____________________ Signature______________

Prof. Dr. Mumtaz Hussain Mahar

DEDICATION

To my parents

Teachers

friends

&

my family

Contents

List of Tables .............................................................................................................................. i

List of Figures ............................................................................................................................ ii

List of Abbreviations ................................................................................................................iii

Acknowledgment ...................................................................................................................... iv

Abstract ...................................................................................................................................... v

Introduction ................................................................................................................................ 1

1.1 Notations of Graph Theory and Background of Network Coding ................................... 1 1.2 How Network Coding Works?......................................................................................... 4

1.3 From Network Coding to Secure Network Coding ......................................................... 6

1.4 Techniques of Computational Intelligence Security and Network Coding ..................... 8 1.5 Problem Description and Research Questions. ................................................................ 9 1.6 Organization of Thesis ................................................................................................... 10

Literature and Background Studies .......................................................................................... 13

2.1 Definitions and Fundamentals Results in Network Coding ........................................... 15

2.2 Taxonomy of Network Coding schemes........................................................................ 17 2.3 Coding Techniques for Network Coding ....................................................................... 20

2.3.1 Linear network codes ........................................................................................... 22

2.1.1.1 Random linear network codes .......................................................................... 22

2.1.1.2 Quantum linear Network codes ....................................................................... 26

2.3.2 Rank matrix codes ................................................................................................ 26

2.3.3 Heuristic based approximate solution ................................................................. 26

2.4 Network Coding (NC) aware routing Protocols ............................................................ 27

2.5 Secure Network Coding Schemes .................................................................................. 28

2.5.1 Threshold Cryptography ..................................................................................... 30

2.5.2 Filtered Secret Sharing ......................................................................................... 31

2.5.3 Cryptography – Signature based ......................................................................... 32

2.5.4 Cryptography – Hash Function Homomorphism .............................................. 32

2.5.5 Rank Metric Codes ............................................................................................... 32

2.5.6 Based on Cost Criterion ....................................................................................... 32

2.5.7 Random Coefficients as a Tool of Security ......................................................... 32

2.5.8 Quantum Cryptography ....................................................................................... 33

2.6 Computational Intelligence Techniques in Security ...................................................... 33

2.6.1 Major Computational Intelligence Techniques and their uses in Network

Coding ............................................................................................................................. 34

2.6.1.1 Genetic Algorithms .......................................................................................... 34

2.6.1.2 Particle Swarm Optimization ........................................................................... 36

2.6.1.3 Ant Colony Optimization ................................................................................. 37

2.6.1.4 Simulated Annealing ....................................................................................... 37

2.6.2 Meeting Security Requirements using Computational Intelligence ................. 38

2.4.2.1 For authentication ............................................................................................ 39

2.4.2.2 for confidentiality............................................................................................. 40

2.4.2.3 Both Authentication and Confidentiality ......................................................... 40

Materials and Methods ............................................................................................................. 42

3.1 Description of Research Questions ................................................................................ 42 3.2 Research Methods .......................................................................................................... 44

3.2.1 Theoretical Methods ............................................................................................. 44

3.2.2 Empirical Methods................................................................................................ 44

3.3 Experiment Design......................................................................................................... 45

3.4 Simulation Tools....................................................................................................... 47

Results and Discussions ........................................................................................................... 51

4.1 Comparative Analysis of Secure Network Coding Schemes ......................................... 51

4.1.1 Taxonomy of attacks ............................................................................................. 51

4.1.2 Selected Schemes ................................................................................................... 53

4.1.3 Selecting Cryptographic Techniques in Peer to Peer Systems ......................... 65

4.1.4 Proposed Hybrid Model ....................................................................................... 73

4.2 A System Model for Incorporating Secure Network Coding in Existing Networks ..... 74

4.2.1 The Need and motivation for a System Model ................................................... 75

4.2.2 Definitions, Assumptions and Protocol Model ................................................... 76

4.2.2 Network Coding Protocol: System Model .......................................................... 77

4.2.3 Threat Model ......................................................................................................... 78

4.2.4 Proposed System Model for a Secure Network Coding Protocol ..................... 79

4.2.5 Threats Importance and Actions ......................................................................... 80

4.3 Generic Security requirements ....................................................................................... 81 4.4 Implementing Secure Network Coding using Computational Intelligence ................... 81

4.4.1 Implication of Genetic Algorithm in Cryptography to Enhance Security ...... 82

4.4.1 Comparative Analysis of Method ........................................................................ 87

4.4.2 Proposed Algorithm .............................................................................................. 89

4.2.2.1 Key Generation ................................................................................................ 92

4.4.2.2 Diffusion of Original Text .......................................................................... 92

4.4.2.3 Encryption of Text: ..................................................................................... 93

4.4.2.4 Performance of Genetic Crypto ....................................................................... 93

4.4.2.5 Role of other Computational Intelligence Techniques .................................... 95

4.5 Implementing Genetic Crypto to Secure Network Coding ............................................ 97

4.6 Conclusions and Future Work ..................................................................................... 105

4.6.1 Conclusions .......................................................................................................... 105

4.6.2 Future Work ........................................................................................................ 107

4.6.2.1 Efficient Hardware Implementation .............................................................. 107

4.6.2.2 Performance evaluation in Delay/Disruption Tolerant Networks (DTNs) .... 107

4.6.2.3 More Applications of Genetic Crypto............................................................ 107

4.6.2.4 Use in Defense Applications .......................................................................... 107

4.6.2.5 Developing and Incorporating this Work as a Network Service ................... 108

References .............................................................................................................................. 109

Appendix A List of Publication ............................................................................................. 120

i

List of Tables

Table-1: Organization of different coding schemes in terms of network type, network

configuration and number of sources and sinks ....................................................................... 18

Table-2: Survey of Network Coding Schemes ........................................................................ 24 Table-3: Pros and Cons of different schemes .......................................................................... 26 Table-4: List of available simulations tools and their specifications ....................................... 47 Table-5: Schemes under study ................................................................................................. 53 Table-6: Comparison of different schemes to Secure Network Coding .................................. 61

Table-7: Inner vs Outer Codes ................................................................................................. 63 Table-8: Grouping of schemes on the basis of encountered attacks ........................................ 63 Table-9: Limitations of Schemes under Study......................................................................... 63 Table-10: Security Strength of Schemes under Study ............................................................. 64 Table-11: Comparison of Peer to Peer protocols ..................................................................... 70

Table-12: Comparison of Genetic Crypto with DES and AES................................................ 93

ii

List of Figures

Figure-1: Inter-relation of other fields with Network Coding .................................................. 2 Figure-2: Graph representation .................................................................................................. 3 Figure-3: A network where intermediate nodes retransmit the received symbol ...................... 4

Figure-4: Transmission setting for data rate of 1.5 bits per unit time a) transmission of bits b1

and b2 b) transmission of bits b2 and b3 ..................................................................................... 5 Figure-5: Network of Figure-3 with one less link and with network codes .............................. 5 Figure-6: Coding at intermediate nodes ..................................................................................... 7 Figure-7: Taxonomy of Network Coding schemes .................................................................. 19

Figure-8: Taxonomy of Various Coding Techniques for Network Coding ............................. 20 Figure-9: Taxonomy of Applying Network Coding ................................................................ 21 Figure-10: Taxonomy of Network Codes ................................................................................ 22

Figure-11: Approaches to Secure Network Coding ................................................................. 29 Figure-12: Taxonomy of attack in Network Coding Communications ................................... 53 Figure-13: Security Requirements met by selected schemes ................................................... 61 Figure-14: A structure of Peer to Peer Network ...................................................................... 67

Figure-15: A hybrid model ...................................................................................................... 74 Figure-16: A system model for Secure Network Coding ........................................................ 79

Figure-17: Flow Chart of Genetic Algorithm .......................................................................... 84 Figure-18: Single Point Crossover ........................................................................................... 85 Figure-19: Two Point Crossover .............................................................................................. 85

Figure-20: Uniform Crossover ................................................................................................. 86 Figure-21: Mutation ................................................................................................................. 86

Figure-22: Genetic Crypto Flow Diagram ............................................................................... 89 Figure-23: Results of Implementation of Proposed Algorithm ............................................... 91

Figure-24: Avalanche Effect on 32 bit block of Plain Text ..................................................... 95 Figure-25: Evolutionary Computation Methods ...................................................................... 96

Figure-26: Evolutionary Computation Methods in Cryptography........................................... 96 Figure-27: Block Diagram of proposed Secure Network Coding Model ................................ 99

Figure-28: Flow diagram of the Overall Process ................................................................... 100 Figure-29: Flow diagram of Bootstrapping Process .............................................................. 101 Figure-30: Flow diagram of Key distribution Process ........................................................... 102

Figure-31: Flow diagram of applying Outer Code Process ................................................... 103 Figure-32: Amount of data to be Encrypted as compared to Traditional Encryption ........... 104

Figure-33: Time taken by Encryption and Decryption Process ............................................. 104

iii

List of Abbreviations

Ant Colony Optimization (ACO)

Computational Intelligence (CI)

Differential Evolution (DE)

Digital Signature Standard (DSS)

Distributed Hash Algorithm (SHA)

Genetic Algorithms (GAs)

GNU’s Not Unix (GNU)

Graphical User Interface (GUI)

Hash MAC (HMAC)

Internet Engineering Task Force (IETF)

Key Distribution Center (KDC)

Message authentication Code (MAC)

Network Coding (NC)

Network Coding Problem (NCP)

Particle Swarm Optimization (PSO)

Pseudo Identity Certificate (PIC)

Pseudo Trust (PT)

Request for Comments (RFC)

Secure Network Coding (SNC)

Simulated Annealing (SA)

Transmission Control Protocol and Internet Protocol (TCP/IP)

Wireless Sensor Networks (WSN)

Zero Knowledge Proof (ZKF)

iv

Acknowledgment

I am thankful to my supervisors Dr Ghulam Ali Mallah and Dr Noor Ahmed Shaikh for their

time and supervising me throughout my research.

I appreciate the support of Dr Mohammad Shahid Shaikh and Dr Zubair Ahmed Shaikh for

their encouragement and mentorship during my academic career.

I am thankful to Rakhi Batra, Raheel Ahmed Memon, Ubedullah alias Kashif Muhammad

Ismail Mangerio for their help in compilation work and coding some parts of algorithms and

Nasarullah Dharejo for proof reading.

I also acknowledge the support of HEC for my studies under Indigenous scholarship scheme.

v

Abstract

The Network Coding is a potential candidate for the future wireless communications because

it reduces number of transmissions and offers energy efficiency. Network Coding is

vulnerable to threats and attacks that can harm intermediate nodes or coding operations as a

whole. Though it exhibits an ability to incorporate security of transmitted data yet a lot of

work needs to be done in this regard. A number of schemes to incorporate security in

Network Coding have been presented by many researchers. There is an ongoing research to

cater security issues regarding Network Coding. Most of these works are focusing on one or a

few aspects of security into consideration as generic requirements for Network Coding

Protocols are not already formed.

This work considers security issues of Network Coding in general to make a system model to

deal the issues of security and develop generic security requirements. The objective is to

obtain generic security requirements of Secure Network Coding Problem by incorporating

system’s approach. This work proposes a hybrid approach by combining a key distribution

and code encryption approaches along with feasibility to use techniques of computational

intelligence particularly Genetic Algorithms (GAs) which can help to implement efficient

encoding and decoding. This combined approach can produce good results in terms of

security strength and with better key management while retaining the benefits of Network

Coding.

A comprehensive study of more a dozen Secure Network Coding schemes suggest that some

candidate solution can be combined to obtain more general and more secure way to protect

and manage secure communications over Network Coding enabled wireless ad-hoc

Networks. The comparative study, comparisons and commonalities lead towards bigger

perspective Incorporating Secure Network Coding has been seen from a system approach for

which this work introduces a system model for its implementation. In order to have more

general notion of security requires this work proposes a set of security requirements. To

fulfill these requirements approach from Computational Intelligence has been combined with

Network Coding. A Genetic Algorithm based Crypto System is introduced and tested in

vi

wireless ad-hoc network setting to which exhibit a strong avalanche. Simulations show good

performance of this cryptosystem used for Secure Network Coding Communications.

1

Chapter 1

Introduction

The field of Network Coding has emerged in the year 2000 and since then it has been

growing by leaps and bounds. Many researchers are looking it as a critical technology for

future communication networks. The importance of this field was magnified with

establishment of Institute of Network Coding at Chinese University of Hong Kong. There are

many research groups, individuals, communities contributing to the fundamentals of Network

Coding and developing application based on NC. The Network Coding and Reliable

Communications Group at MIT, Caltech, EPFL, and CUHK are to name a few of them.

Many international vendors related to Information Technology and Networking are also

investing in the research and development of Network Coding. The top three among these are

Microsoft, Intel, HP and Cisco.

The nature of field of Network Coding is interdisciplinary which lies at the cross borders of

the Computer Science and the Communication Theory. Network Coding requires two basic

fields for its understanding, the maximum flow of network which is mostly studied by

Computer Science folks and the coding techniques for communication which are mostly

studied by communication engineering folks. Mathematical Science is a common base

between Computer Science and Communication Engineering. Others fields derived from

these such as Information Theory (Network and Algorithmic) and coding theory are also vital

in understanding the field of Network Coding fully. Figure-1 shows the inter-relation of

above stated field with Network Coding.

This chapter provides an overview of characteristics of Network Coding field, its

background, working and transition towards Secure Network Coding. It also discusses the

role of Computational Intelligence techniques in security and network. The problem

identification, research questions and organization of this thesis are also part of this chapter.

1.1 Notations of Graph Theory and Background of Network Coding

One of the applications of graph theory is to represent a certain network. It may be a

marketing network, a transport network etc. where things are moved according to the rules of

2

business. The intension is to use a graph for the representation of a communication network.

The term communication network is used for a setup where two or multiple parties

communicate with one another. A collection of multiple devices (computers or smart phones)

connected through wires or without wires via some wireless link, is one of the example of a

communication network where data or voice is moved among the communicating nodes. In

this network the initiator of the call dials desired number to get connected to other party.

Figure-2 shows the graph that represents a communication network with seven nodes. Using

the notions of graph theory, each communication party is represented by a node called the

initiator node as “source” represented as a square box (colored green) and “non-source”,

otherwise, represented by a circle. The recipient will be called as “sink” (colored red). Node

other than source and sink are called intermediate nodes (colored blue). Each node is

connected by some link (wired or wireless) represented by the directed edges; hence this

graph is called a directed acyclic graph (DAG). The given graph has no cycle. Let V be the

set of vertexes (nodes) and E be the set of edges then the graph G is defined as ),( EVG .

In the graph shown in Figure 2, YXWUTSV ,,,,, where S is source, X and Y are sink

and WUT ,, are intermediate nodes and UZTYWXSUSTE ,,,, .

The maximum amount of transmission that can take place over a link (edge) is denoted by

capacity function ),( vuc where Vvu , . Assuming this quantity to be non-negative value, so

Network Coding

Information Theory

Computer Science

Communication Theory

Figure-1: Inter-relation of other fields with Network Coding

3

it can be written as 0),( vuc . In the Figure 2, each node has capacity of one bit. The reason

for using a graph for the representation of a network is the ease of storing graphs in computer

memory using adjacency matrix or incidence matrix of the graph. This is also the fact that

many fast algorithms exist for graph processing. The graph of Figure 2 is named as Butterfly

network due to its resemblance with Butterfly.

Given the network, a flow network can be formed by showing current flow/capacity along

each edge. There can be multiple paths (at least one) to reach destination from source

through intermediate nodes. Maximum flow of a flow network is an upper bound on the

amount of data that can be carried simultaneously exploiting all possibilities. There are ways,

methods or algorithms to determine maximum flow of a flow network like Ford Fulkerson

and Bellman Ford [1]. Determining maximum flow of a flow network prior to transmitting

on it is beneficial in making better resource utilization, and makes operations cost effective.

However, as matter of fact, the existing communication and routing approaches do not

determine maximum flow prior to transmission. Hence the link capacities may be left

unutilized. It is the use of Network Coding that takes the link capacities into consideration

prior to transmission so meeting the upper bounds of transmission rate in a given flow

network.

Figure-2: Graph representation

4

Network Coding was introduced in a seminal paper of Yeung et al [2]. One can conceive

Network Coding as a data processing technique which exploits the characteristics of

channels. The transmitted data is processed at intermediate nodes to get two main benefits,

first, higher bit rate and, second, reduced network latency and energy consumption.

Network Coding is more advantageous in wireless multicasts than uni-cast where it can be

applied for peer-to-peer content distribution networks and data transmission in Sensor

Networks.

Another beneficial application of Network Coding is rerouting where it helps avoid the link

failures and hence making the network more resilient [3].

1.2 How Network Coding Works?

Consider the network of Figure-3 which is the same butterfly network of Figure-2 but with an

additional channel from W to X , if one intends to send the symbols b1 and b2 generated by

source node S to both sink nodes Y and Z . One way to do this is that each intermediate

node retransmits the received symbol and each channel carries either b1 or b2. Here the data

rate is 2 symbols/unit time as two channels are being used between W and X. Consider the

scenario of having only one link between W and X , even then the maximum flow of 2 units

can be obtained but with lesser transmission rate. This situation is shown in Figure-4:

Figure-3: A network where intermediate nodes retransmit the received symbol

5

Figure-4: Transmission setting for data rate of 1.5 bits per unit time a) transmission of bits b1 and b2 b)

transmission of bits b2 and b3

In the first time unit Z receives b1 and b2 but Y only receives b1, in the second time unit Y

receives b2 and b3 and Z receives b3. This setting achieves a transmission rate of 1.5

symbols per unit time. To get the performance improvement, coding is introduced at

intermediate nodes W and X as shown in Figure 4. Here both symbols are coded using XOR.

At destination each node can get the desired symbol by simply decoding the XOR of both

symbols. This gives the desired flow and transmission rate of 2 symbols per unit time without

adding additional link.

Figure-5: Network of Figure-3 with one less link and with network codes

6

To understand the Network Coding problem formally, consider a network G with n number

of nodes. Let S and T represent set of source and sink nodes respectively. A node other

than source and sink node and participating in communication is called an intermediate node.

For a particular node, all the edges terminating on it are incoming edges while all edges

originating from this node are outing edges. If there is a need to transfer a particular data d

from a source node S to a set of sink nodeT , then q nodes )( nq on all the paths from

source to sink(s) will participate in this transfer by establishing a set of connections C . The

Network Coding operation requires all the intermediate nodes to encode information of all

incoming edges using a transformation matrix M and then send the encoded information

)(dM on all outgoing edges. Now given a pair ),( CG , finding a transfer matrix that

duplicates all bits produced at origin to the sink, is known as Network Coding Problem [4].

As graph theoretic approach was difficult to manage so an algebraic formulation of the

Network Coding problem is suggested in [4].To encode symbols of incoming edges, XOR is

the simplest coding strategy while other coding strategies include linear, random,

probabilistic, semi-deterministic and timed Network Coding [5].

1.3 From Network Coding to Secure Network Coding

The initial work on Network Coding contributed a lot to the fundamental theoretical aspects

where many practical aspects were not considered like assumption that prior knowledge

about the topology of given flow network. However, the subsequent work made its progress

toward practical aspects. There were many researches that supported this concept while some

others made good criticism. Wang et al [6] made a good discussion on the practical aspects

of Network Coding. One such important aspect was related to security of transmitted data. As

coding and decoding information is being supplied to intermediate nodes which further

transmit after decoding if the message is intended for intermediate node. In this way, there

are chances that intermediate node may inject false data or modify the received data or may

perform any other malicious activity. As a consequence any node can be compromised or link

data can be eavesdropped. Security issue of Network Coding attracted proper attention of

researchers by introducing Secure Network Coding filed. A number of Secure Network

Coding schemes have been suggested so far. As evaluation of solution of particular problem

is a beauty of scientific research. Same happened to the solution to Secure Network Coding

problem that each scheme has its merits, demerits and limitations.

7

Continuing with the model of communication for Network Coding that is being considered in

section-1.2, suppose a single source in the network wishes to transfer data to multiple sinks as

happens in the multicast situations. The source node produces a message

nXXXXX ,321 ,, X, where symbols are taken from set of alphabet represented by F. The

goal is to transmit this message without any error and decode the message correctly at the

destination. Using Network Coding approach an intermediate node needs to perform some

coding operation on received symbols and then re-transmits the symbols to the outgoing

link(s) as shown in Figure-6.

Figure-6: Coding at intermediate nodes

As it can be seen in Figure-7, the message at node W seems insecure due to following

reasons:

a) It can have access to any arbitrary set of edges, or

b) It can know symbol transmitted along edge, or

c) It can know network code, or

d) It can be aware of topology of the network.

As per practices of models of network security following assumption can be made about the

network security:

a) unlimited computational power is available with the adversary and

b) data being transmitted using Network Coding has not already been encrypted.

There are many attacks which can affect data security of Network Coding (NC)-based data

transmissions. Among these most important are Byzantine, impersonation, fabrication, black

8

hole, replay and wormhole attacks. The work by Dong et al discussed the threats and

challenges of Network Coding in detail [7] while the taxonomy of attacks and

countermeasures were presented by Lima [8]. On the notions of the general Network Coding

problem that was defined in section 1.2, Secure Network Coding Problem is the general

Network Coding problem with generic security requirement [9].

1.4 Techniques of Computational Intelligence Security and Network Coding

There is a trend to use computational intelligence approach in Network and information

security. The most popular Computational Intelligence techniques are Genetic Algorithms

(GAs), Particle Swam Optimization (PSO), Ant Colony Optimization (ACO) and Simulated

Annealing (SA). The brief definitions of the terms are given for referencing.

“A genetic algorithm is a search heuristic that is inspired by Charles Darwin’s theory of

natural evolution. This algorithm reflects the process of natural selection where the fittest

individuals are selected for reproduction in order to produce offspring of the next

generation.” [10]

“Particle Swarm Optimization (PSO) is a population-based stochastic optimization algorithm

motivated by intelligent collective behavior of some animals such as flocks of birds or

schools of fish.” [11]

“In computer science and operations research, the Ant Colony Optimization (ACO) is

a probabilistic technique for solving computational problems which can be reduced to finding

good paths through graphs.” [12]

“Simulated Annealing (SA) is an effective and general form of optimization. It is useful in

finding global optima in the presence of large numbers of local optima. “Annealing” refers to

an analogy with thermodynamics, specifically with the way that metals cool and anneal.

Simulated annealing uses the objective function of an optimization problem instead of the

energy of a material.” [13]

These techniques are being used for various tasks of optimization. Hu used Genetic

Algorithms (GAs) in Network Coding [14-[15]. Nallakannu et al used Particle Swarm

9

Optimization (PSO) for optimal peer selection during Network Coding enabled

communications [16]. He et al proposed a Particle Swarm Optimization (PSO) based

authentication scheme [17].

Sabri used Ant Colony Optimization (ACO) protocol in Network Coding [18]. Wag used Ant

Colony Optimization (ACO) for resource minimization [19]. Liying Zhang has covered

many aspects of Network Coding using Simulated Annealing [20].

1.5 Problem Description and Research Questions.

Based upon the facts presented so far that the benefits offered by Network Coding are being

hindered by its security issues. The solutions suggested to Secure Network Coding lack some

of the security requirements while the set of general security requirements is not yet defined

in literature. There is a potential the Computational Intelligence based technique can be

incorporated and this solution may improve the security.

The following is a bird’s eye view of the state of art of related work until now.

There are many ways to construct codes for Network Coding. These are listed as:

a) Linear network codes [21]

b) Random linear network codes [22]

c) Quantum linear Network Coding [23]

d) Rank matrix codes [24]

e) Heuristic based approximate solution [25]

To Secure Network Coding based communication following are some of the approaches:

a) Threshold Cryptography [26]

b) Filtered Secret Sharing [27]

c) Cryptography – signature based [28]

d) Cryptography – hash function homomorphism [29]

Each of the suggested schemes has its own advantages and disadvantages as they are meant

to operate in a particular environment or in specific application or introduces additional

computational overhead. The techniques of computational intelligence having inspired from

nature may help optimize this. The purpose of this research work is to focus on complexity

10

and generality issues related to Secure Network Coding. This work intends to combine and

optimize these schemes in a generic environment and for a generic application.

In order to describe research objectives in a more clear and vivid manner, main research

questions and sub questions against each of these research questions are defined as under:

Main Research Question-1: How can a code be constructed to support all the security

requirements in a computationally efficient manner while retaining all the benefits offered by

Network Coding?

Sub Research Question-1(a): What is current state of art in the field of Network Coding?

Sub Research Question-1(b): What will be constitution of requirements for generic Secure

Network Coding Problem?

Main Research Question-2: How benefit of computational intelligence can be availed to

optimize the algorithms?

Sub Research Question-2(a): What role Computational Intelligence may play in the problem

of Secure Network Coding?

Sub Research Question-2(b): What sort of Computational Intelligence techniques may fulfill

the requirements?

Sub Research Question-2(c): What will be the performance of such kind of solutions?

Through this research work, following contributions are made:

1) Comparisons and broader perspectives of Secure Network Coding schemes

2) A system model for incorporating Secure Network Coding in existing networks

3) A set of generic security requirements

4) Implement Secure Network Coding using Computational Intelligence (Genetic

Algorithms)

1.6 Organization of Thesis

Chapter-1 presents introduction of Network Coding, its background and its transition towards

Secure Network Coding, ideas in Computational Intelligence and the research orientation.

Rest of the thesis is organized in following chapters:

11

Chapter-2 presents literature review. It covers various coding techniques for Network

Coding, Network Coding aware routing Protocols, various approaches to Secure Network

Coding, Computational Intelligence (CI) techniques used in securing data and various

approaches of CI to meet security requirements.

Chapter-3 presents details of the chosen research methodology. It describes how theoretical

analysis of literature is done on literature and how experiment is designed. It also explains the

chosen simulation tools.

First part of Chapter-4 provides full insight on techniques of Network Coding. A comparison

is made for various schemes of Secure Network Coding proposed so far. With the goal to find

an efficient approach towards Secure Network Coding, different schemes used to Secure

Network Coding enabled networks are classified and analyzes in terms of confidentiality,

authentication and level of the security strength they provide. Based upon comparative study

of different schemes a conclusion can be made that a generalized model for Secure Network

Coding may work in broader perspective. The second part of this chapter presents

methodology to carry out the proposed work.

Second part of Chapter-4 presents system model for incorporating Secure Network Coding in

existing networks. It also describes a generic set of security requirements for Network Coding

protocols and systems. This work will serve in two ways, first it may be used as a reference

material for current Network Coding protocols and systems analysis; second, it will serve as

guidelines for extending and designing more Secure Network Coding protocols and systems.

This part also provides a contrast and similarity of these requirements to those that are

recommended for routing protocols by Internet Engineering Task Force (IETF).

Third part of Chapter-4 explores incorporation of Computational Intelligence techniques into

Secure Network Coding. A method which takes the advantage of theory of natural selection.

By using Genetic Algorithm the strength of the key is improved that ultimately make the

whole algorithm good enough.

Finally, the last part of Chapter-4, presents a comparative analysis between the proposed

method and two other cryptographic algorithms. It has been observed that the proposed

12

algorithm has better results in terms of the key strength but is less computational efficient

than other two. It also enlists contributions made by the research work, limitations and future

research proposed to enhance and extend the findings of this research.

13

Chapter 2

Literature and Background Studies

Network Coding exhibits advantages of Coding over Routing [30] particularly in wireless

broadcast setting. There are many ways and areas to exploit more of its benefits. This chapter

covers various coding techniques for Network Coding, Network Coding aware routing

Protocols, various approaches to Secure Network Coding, Computational Intelligence

techniques used in securing data and various approaches of Computational Intelligence to

meet security requirements.

To start with, first point that comes to mind is the justification for further investigation in

Network Coding and its associated topics. For more clarity of this point, some questions can

be formulated, answers to which would significantly highlight the advantages of Network

Coding and the need to further explore this field from research and development point of

view.

The first question is “Does store-and-forward routing give the highest data rate?” The answer

is No, the traditional store-and-forward routing does not offer the highest data rate. Rather in

most of the cases the channel capacity goes unused.

The second question is “How maximum flow be achieved in a Communication Network?”

The answer is that maximum flow is achieved in a Communication Network if and only if

data units are mixed at intermediate nodes.

The third question is “Can a communication link be saved in wireless networks?” The answer

is yes if and only if there is an ability to mix the flow of the link to another link.

The fourth question is “How content distribution in P2P networks can be improved?” The

answer is yes if and only if the content can be deduced from the ongoing mixed stream.

The fifth question is “How quality of highly demanded multicast can be improved?” The

answer is yes if and only if there is an ability to reduce number transmissions and re-

transmissions.

14

The sixth question is “How energy cost can be saved in Sensor Networks?” The answer is

again the same as of previous one i.e. yes if and only if there is an ability to reduce number of

transmissions. It implies that the use of antennas should be less often. Hence saving the

battery or energy.

In other words the answers to all above questions require some sort of mixing of data packets

at intermediate nodes such that statistical information obtained from this mixing will later be

used at destination nodes to reconstruct the original data.

The need for coding at intermediate nodes exits as traditional communication mechanisms are

neither designed to support the maximum flow that a network can admit nor do they make

sure to achieve this bound. So some technique is needed to obtain this upper bound. As the

cost of adding a new communication link is high so new links cannot be added to get this

performance improvement and obviously some processing can be afforded at intermediate

node by adding fast and inexpensive processing capability at intermediate nodes. Consider a

situation where nodes are spreading out at every node, for example the case of binary tree

network. Here one can verify that using routing, routing capacity is just limited to lesser than

or equal to two but if some coding is applied on data packets, this rate could be increased

significantly up to h where h is the height of the network.

Once the maximum flow is determined in a flow network i.e. communication network, the

next task is to work out how this maximum bound could be achieved. For this, there is a need

to understand the communication mechanism in a communication network. A communication

network uses switching for connectivity. There are two types of communication networks:

i) circuit-switched, and

ii) packet-switched

The circuit-switched network is always connection oriented while the packet-switched

network may be either connection oriented or connectionless. Most of the computer networks

nowadays are connectionless packet-switched. In connectionless packet-switched networks,

every packet has the information of its sender and receiver, packets are stored into a buffer on

intermediate node and then they are forwarded according to the route define in routing table

of that intermediate node also known as hop. Such networks are called store-and-forward

15

routing networks. This brings the need to understand different routing schemes i.e. unicast,

multicast, broadcast and any-cast network. Unicast is the sending of information packets to a

single destination. Multicast is the delivery of information to a group of destinations

simultaneously using the most efficient strategy to deliver the messages over each link of the

network only once, creating copies only when the links to the destinations split. Broadcasting

refers to transmitting a packet that will be received (conceptually) by every device on the

network. In practice, the scope of the broadcast is limited to a broadcast domain. In any-cast,

data is routed to the “nearest” or “best” destination as viewed by the routing topology.

Some important definitions, facts, and results are needed for discussion and proper

understanding of literature review and related work. These are presented in next section.

2.1 Definitions and Fundamentals Results in Network Coding

Definition-1: Network Coding - Network Coding is a particular inter-node data processing

technique that exploits characteristics of the channel (the broadcast communication channel)

in order to increase the capacity or the throughput of the network.

Definition-2: Intra flow Network Coding - Let S be the source in the given communication

network ),( EVG and packets generated by source are stored at intermediate nodes in a

buffer. The intra-flow Network Coding make codes on the basis of packets in the buffer and

forwards to next hop. Random Linear Network Coding is an example of intra-flow. The intra-

floor Network Coding make sure the link to link reliability.

Definition-3: Inter flow Network Coding – Let there is a collection of Communications

Networks. Let Si be the source in each given ith communication network ),( EVG and packets

generated by these different sources are stored at intermediate nodes in a buffer. The inter-

flow Network Coding make codes on the basis of packets in the buffer and forwards to next

hop. This is very useful on nodes which act as a relay.

Definition-4: Let ),( EVG be a communication network, with a source node. If U is a

legitimate user on an intermediate. Further assume A is a collection of edges which are

accessible by wiretapper such that EA . Then a collection ),,,( AUSG forms a wiretap

network. [31]

16

Definition-5: Network Cost - Let d quantify overhead of setting up a link e with capacity

c(e) then network cost is sconnection

idi

There are certain seminal theorems in theory of Network Coding. For better understanding of

Network Coding, it is also important to understand the following theorems:

Theorem-1: Law of Conservation of Information

For any intermediate node, the amount of information flow in is always equal to amount of

information flow out [2]. Though there has been a debate in literature about commodity or

non-commodity nature of information, it is very common for the graph theory to assume

information as a commodity to validate the law of conservation of information.

Theorem-2: Maximum achievable rate of communication

As opposed to the Classical Shannon’s work the theory of Network Coding says that:

R≤ maxflow G(V,E)

It means that the maximum achievable rate of commination R is at most maximum flow of

the network G instead of Channel Capacity [32].

Theorem-3: Network Coding problem is NP-hard So will be the Secure Network Coding

The work of Yao et. al. proves regarding complexity that the Network Coding problem

belongs to class NP-hard [33]. As Secure Network Coding Problem is an extension of the

Network Coding Problem so it will also belong to class NP-hard.

Following are some facts, theoretical assumptions and practical consideration when working

with Network Coding:

Fact-1: Network Coding is always done at intermediate node. There is no need of it on

source(s) or sink(s).

Fact-2: Network Coding allows mixing of data at intermediate nodes. This is essential to fully

utilize capacity of associated links.

17

Fact-3: Network Coding is Independent of routing protocols. The Network Coding has

flexibility to work with existing protocols. Even it has room to be incorporated with current

TCP model [34].

Fact-4: Network Coding is dependent on topology of network. It is very necessary to have

advance knowledge of topology of network to efficiently construct the network codes.

Theoretical Assumption-1: Initial Network Coding Theory assumes Synchronous Symbols

flow which possible mostly in delay-free network.

Theoretical Assumption-2: Initial Network Coding Theory also assumes that edges have

known capacities which is only possible in static networks.

Theoretical Assumption-3: Initial Network Coding Theory also assumes centralized topology

and full knowledge of topology is available before coding.

Practical Consideration-1: Most of the networks are delay-tolerant generating asynchronous

information flow. The schemes of Network Coding should deal this issue.

Practical Consideration-2: It is due to the stochastic nature of communications (especially

wireless) random delays and losses occur.

Practical Consideration-3: In case of ad-hoc networks, edge capacities are often unknown and

time-varying.

Practical Consideration-4: There may be difficulty in obtaining centralized knowledge of

topology. This may be due to some administrative or technical issue.

2.2 Taxonomy of Network Coding schemes

In literature, broad categories of Network Coding Schemes are be found namely: Linear

Network Codes, Static Network Codes, Convolutional Network Codes, Superposition

18

Network Codes, Block Network Codes and Random Network Codes. A taxonomy to

organize these schemes is based on number of sources and sinks, configuration of the

network and type of synchronization. Each parameter of classification is described below:

Number of sources and sinks: This can be decided depending upon the number of sources, the

type of mathematical tools to model given network changes. For single source network,

concepts of linear algebra and related mathematics are used and for multi-source network, the

concept of stochastic process are used and hence the probabilistic tools are required to deal

with such networks. For multi-source networks a single value cannot confine the data

transmission rate.

Configuration of the Network: The configuration of network varies due to several reasons. By

adding network configuration it is possible to get more realistic coding scheme. While for

some cases where configuration is fixed, some amount of processing can be saved. Both the

static and variable network configuration cases are considered here.

Synchronization: For the case of delay-free networks, there is no need for synchronization at

intermediate nodes as they maintain upstream to downstream order if they are acyclic. But for

more realistic network it is essential to deal with the cycles in the network.

Figure-7 shows the taxonomy of Network Coding schemes based on the parameters discussed

above.

Table-1 shows this organization of different coding schemes in terms of network type,

network configuration and number of sources and sinks.

Table-1: Organization of different coding schemes in terms of network type, network configuration and

number of sources and sinks

Coding Scheme Network Type Network

Configuration

No. of Sources No. of Sinks

Linear Network

Codes

Acyclic Fixed Single Multiple

Static Network

Codes

Acyclic Variable Single Multiple

19

Convolutional

Network Codes

Cyclic Fixed/variable Single Multiple

Superposition

Network Codes

Cyclic Fixed/variable Multiple Multiple

Block Network

Codes

Cyclic Fixed/variable Multiple Multiple

Random

Network Codes

Cyclic Fixed/variable Single/Multiple Multiple

Figure-7: Taxonomy of Network Coding schemes

Network Coding Scemes

Information generating source

Single - Algebraic methods

Multiple -probabilistic

(information theory)

Configuration

Fixed

Variable

Synchronization

Acyclic (no time dimension)

Cyclic

20

Figure-8: Taxonomy of Various Coding Techniques for Network Coding

By pivoting the taxonomy of Figure-7 on number of sources, a new taxonomy of Network

Coding (NC) is Figure-8.

2.3 Coding Techniques for Network Coding

In this section, the literature is explored to know the coding techniques used by various

Network Coding Schemes. The broad categories of such code construction and application

areas for these techniques and incorporation in current model of networking i.e. OSI are focus

points.

According to literature survey, Network Coding schemes have been incorporated at various

layers of OSI stack Network Coding. The taxonomy of applying Network Coding at various

layers of OSI stack and various domains is given in Figure-9. An example of applying

Network Coding is given in [35] which suggests a scheme for transmitting a signal by a node

so that it reaches several other nodes and vice versa at the same time. An example of applying

Network Coding at network layer can be found in [36] which suggest a practical scheme with

near to theoretical performance. A few examples of applying Network Coding at application

layer include on scheme by Gkantsidis et. al. [37] which deals large scale content

Single Source

Acyclic Networks

Fixed Config

Linear Network Codes

Variable Config

Static Network Codes

Cyclic Networks

Convolutional Network Codes

Multiple information

Source

Superposition Network Codes

Practical Random

Network Codes

21

distribution, and another by Dimakis et. al.[38], which deals with the distributed storage

systems. In addition to single layer based schemes are some cross-layer implementation. An

example of cross-layer scheme for Network Coding is by Katti [39]. As far as domains are

concerned Zhu [40] successfully tested Network Coding in the domain of Overlay Networks.

Following are the names of some Network Coding Schemes:

XOR for Single source acyclic network

Linear Network Code for Single Source Acyclic network

Static Network Codes for Single Source Acyclic network

Convolutional Network Codes for Single Source Cyclic network

Entropy based codes for Multiple Source networks.

There are many ways to construct codes for Network Coding. The very simple way is to

XOR the bits of messages received at intermediate node and then retransmit the code[39].

Figure-9: Taxonomy of Applying Network Coding

Applying NetworkCoding

Layers of OSI stack

Physical

Data Link

Network layer

Between Network and transport

Domains

Overlay Networks (application layer)

22

On the basis of literature survey of more than a dozen Network Coding schemes. The

suggested taxonomy of Network Coding schemes is shown in Figure-10.

Figure-10: Taxonomy of Network Codes

In the proceeding section each of these coding schemes is described.

2.3.1 Linear network codes

This is known as the first approach to construct Network Codes [41]. Using this approach a

block of data is represented as a vector then a linear transformation is made based on the data

vector and coefficients of linearity. These coefficients of linearity are taken over a certain

base field. This scheme is meant to achieve multicast and meets the maximum achievable rate

of communication. The code construction methods for linear codes are well discussed in [42]

for both cyclic and acyclic networks.

2.1.1.1 Random linear network codes

Random Linear Network Codes were first suggested by [43] close to obtain an optimal

throughput using a decentralized algorithm. The key idea is to send additional random linear

combinations until the receiver obtains the appropriate number of packets to decode the

message. In the linear random coding setting for single source multicast, decoding takes some

extra time due to using the Gauss-Jordan elimination method, however to cope this some

Network Codes

linear network codes

random linear network codes

Quantum linear Network codes

rank matrix codes

heuristic based approximate

solution

23

efficient decoding algorithms are also found in literature [44]. Table-2 shows the

comparison.

24

Table-2: Survey of Network Coding Schemes

Co

din

g S

chem

e

Des

ira

ble

pro

per

ties

Sy

nch

ron

iza

tio

n o

f

mes

sag

es

Eff

ect

on

pro

pa

ga

tio

n

del

ay

L

oca

l D

escr

ipti

on

(L

D)

Glo

ba

l D

escr

ipti

on

(GD

)

Is G

D c

om

po

sed

of

LD

? Algorithms/comput

ational methods

and its complexity

Su

ita

ble

fo

r

Rel

ate

d C

on

cep

ts

Lin

ear

Net

wo

rk C

od

es

Sp

ecia

l cl

asse

s: L

inea

r M

ult

icas

t, L

inea

r B

road

cast

an

d

Lin

ear

dis

per

sio

n

Law

of

con

serv

atio

n o

f in

form

atio

n

Ach

iev

able

max

flo

w r

ate.

And

D

im (

VT

) =

w f

or

dec

od

ing

Up

-str

eam

to

do

wn

-str

eam

i.e

eac

h m

essa

ge

is

enco

ded

ind

epen

den

tly

No

. N

o t

ime

dem

issi

on

edk ,

)( ,).(

.

TInd ded

e

fxk

fx

where d and e

belongs to

In(T) and

out(T)

respectively

y

e

s

Generic Linear

Network Coding

Algorithm 2.19 [1]

1

1

NN

Linear Multicast NC

Algorithm 2.31

[1][2]

N

Computational

details in [3]

Fast implementation

IkkMTEF )(

Mu

ltic

ast

and

Bro

adca

st n

etw

ork

s

Gra

ph

th

eory

,M

od

ern A

lgeb

ra

Sta

tic

Net

wo

rk C

od

es

Sp

ecia

l cl

asse

s: S

tati

c L

inea

r M

ult

icas

t S

tati

c L

inea

r B

road

cast

Sta

tic

Lin

ear

dis

per

sio

n

L

aw o

f co

nse

rvat

ion

of

info

rmat

ion

Ach

iev

able

max

flo

w r

ate.

Dim

(V

T)

= w

for

dec

od

ing

Up

-str

eam

to

do

wn

-str

eam

i.e

eac

h m

essa

ge

is

enco

ded

in

dep

end

entl

y

No

, N

o t

ime

dem

issi

on

edk ,

)( ,).(

.

TInd ded

e

fxk

fx

where d and e

belongs to

In(T) and

out(T)

respectively

y

e

s

Generic Linear

Network Coding

Algorithm 2.36[1]

1

1

NN

Mu

ltic

ast

and

Bro

adca

st n

etw

ork

s

Gra

ph

th

eory

,M

od

ern A

lgeb

ra

25

Co

nv

olu

tio

nal

Net

wo

rk

Co

des

zFzkFed

)(,,,

Pro

pag

atio

n a

nd

pro

cess

ing

of

seq

uen

tial

mes

sag

es

con

vo

lve

Yes

, ti

me

dim

ensi

on

inv

olv

es

0

,,

,)(

t

t

ted

ed

zk

zk

0

,)(

t

t

teezfzf N

o

Algorithm

mentioned

in [45]

Co

nv

olu

tio

nal

Mu

ltic

ast

Tim

e sp

atia

l d

om

ain

s

Fo

uri

er t

ran

sform

Su

per

po

siti

on

N

etw

ork

Co

des

As above A

s ab

ov

e

As

abo

ve

As

abo

ve

Random on

Alphabet

N

o

Algorithm

mentioned

In [32]

mu

ltis

ou

rce

mu

ltic

ast

Fo

uri

er T

ran

sfo

rm,

con

vo

luti

on

, ti

me

spac

e

cod

ing

etc

Blo

ck N

etw

ork

Co

des

As above

As

abo

ve

As

abo

ve

As

abo

ve

Random on

Alphabet

N

o

Algorithm

mentioned

In [46]

mu

ltis

ou

rce

mu

ltic

ast

Pro

bab

ilis

tic

To

ols

,

Info

rmat

ion

Th

eory

etc

Ran

do

m L

inea

r N

etw

ork

Co

des

As above

Up

-str

eam

to

do

wn

-str

eam

i.e

each

mes

sag

e is

en

cod

ed

ind

epen

den

tly

No

, N

o t

ime

dem

issi

on

edk ,

Random on

Alphabet

Y

e

s

Algorithm

mentioned

In [44] fo

r m

ost

gen

eral

net

work

En

tro

py

XO

R

Symbols

composed of

Galois Field

GF(2)

Up

-str

eam

to

do

wn

-str

eam

i.e

each

mes

sag

e is

en

cod

ed

ind

epen

den

tly

No

, N

o t

ime

dem

issi

on

N/A

Random on

Alphabet

Y

e

s

Algorithm

mentioned

In [47]

26

2.1.1.2 Quantum linear Network codes

In Quantum network, coding takes care of noiseless quantum channels where the information

is in quantum state [23]. One study that uses the quantum theory for Network Coding

presents quantum network code. These codes are applied to a multiple unicast scenario of

butterfly network [48].

2.3.2 Rank matrix codes

Rank metric approach is basically a remedy to random linear Network Coding where one

corrupted packed affects all others packets which make these packets into their combinations.

This is end-to-end error control coding [49].

2.3.3 Heuristic based approximate solution

Heuristics can play a good role for Network Coding. heuristics related to local topology

information were used in a work by [25] to get excellent performance.

Before paying attention towards review of Secure Network Coding scheme, an overall

comparison in terms of pros and cons of coding schemes is presented in Table-3.

Table-3: Pros and Cons of different schemes

Advantage Disadvantages

XOR Simplest Security issue

Linear Network Codes Coding can be implemented

at low computational cost

Flows law of conservation

of information

Theoretically no delay

Edges have unit (or known

integer) capacities

Centralized and full

Coding/decoding scheme has to

be agreed upon beforehand

Does not support variable

network topology

Does not meet practical

consideration

Practically Information travels

asynchronously in packets

27

knowledge of topology,

which is used to compute

encoding and decoding

functions

Packets subject to random

delays and losses

Edge capacities often unknown,

time-varying

Difficult to obtain centralized

knowledge, or to arrange

reliable broadcast of functions

Practical Random

Network Codes

Coding/decoding scheme

has not to be agreed upon

beforehand

Support variable network

topology

Meets practical

consideration

Considers Information

travels asynchronously in

packets

Considers random delays

and losses

Do not need centralized

knowledge, or to arrange

reliable broadcast of

functions

Probabilistic

Static support for variable network

configuration

Do not care delay and cycles in

the network

Convolution Convolution support delays

and cycle in the network

Cannot handle multiple

information sources

Superposition support multiple sources May be sub optimal in terms of

information flow rate regions

Block Codes support most general

network

Complex

2.4 Network Coding (NC) aware routing Protocols

The Network Coding (NC)-based (intra flow) and Network Coding (NC)-aware (inter flow)

protocols are not the same. The difference has been clarified in section-2.1. The routing

decisions in most of the NC-aware routing protocols look for coding opportunities available

at a forwarding node [50]. First example of NC-based aware (inter flow) protocols is COPE

[39].

28

The literature also suggests a combination of both Inter flow and Intra flow Network Coding

[51] to counter the problem of unnecessary forwarding of a packet. This work exploits the

random New Year recording with addition of opportunistic routing. This is also workable on

random topology.

2.5 Secure Network Coding Schemes

To Secure Network Coding based communication literature suggests many approaches. As it

has already been discussed in Section-2.1 that there are some contradictions between

theoretical assumptions and practical realities, the research has also addressed these

contradictions in later works. One such a work to make Network Coding practical is given in

[22] which assigns the coefficients of linearity randomly instead of computing them

algebraically. Extended work of this model incorporates some of the security concerns [52].

In this work data confidentiality is achieved by locking the encoding coefficients. The

limitation of this work is that in case if a compromised node intended to be a legitimate one

then this scheme is vulnerable to detect any arbitrary modification attack. In most of the

literature this situation is also referred as a Byzantine Attack [53]. Some ways to counter

Byzantine attacks in Network Coding can be found [53].

Figure-11 shows the taxonomy of these approaches. Each of these are described in detail in

preceding section.

29

Figure-11: Approaches to Secure Network Coding

Approches to Secure Network

Coding

Threshold Cryptography

Filtered Secret Sharing

Cryptographic Signatures

Cryptographic hash functions

Rank Metric Codes

Random Coefficients as a tool of security

Quantum Cryptography

30

2.5.1 Threshold Cryptography

There are many ways in cryptography to protect data from theft or cracking keys. Hashing,

encrypting and digitally singing mechanisms are to name a few. Most of these mechanisms

relay on the strength and safe keeping of the key of underlying algorithm. The handling of

key by a single node can create seems a single point of failure. Threshold Cryptography is yet

another mechanism helping distribution of the key over the network instead of being kept

with a single node of a network. Threshold Cryptography achieves secure transmission of the

data over publicly accessible links [26]. To elaborate its working further, suppose there is a

secret key that is going to be used to secure data transmission over a public network between

a sender and a receiver. This method reduces the probability of at least k nodes being

compromised simultaneously with the help of this sharing. Shimmer’s secret sharing [54]

provides this sort of practically viable scheme (mathematical model) . In order to encode or

decode data using Shimmer’s secret sharing scheme k out of n shares will be needed to

reconstruct the secret. Here n is also referred as number of participants. Shimmer’s secret

sharing works in two phases; set up and distribution. In first phase share of a secret are

constructed according to the mathematical model. In second space, these shares are

distributed among participating nodes. An attack is only successful if the adversary has

access to k out of n shares. Note that a dealer node is also required here to distribute the

secret among all nodes of the network. Section-2.1.1 discussed linear network codes which

were constructed to achieve optimal performance but the limitation of the model is obviously

its insecure transmissions. To fulfill the need of security into Linear Network Coding for

single source the authors of [55] incorporated a security condition using threshold secret

sharing. Their security model assumes that a limited number of links of the network can be

accessed by an adversary. This work served the purpose of security up to some extend but it

was only limited to single source multicast. To extend the benefit of threshold cryptography

and Shamir’s secret sharing in multiple source network the work done in [31] is also of great

importance.

The scheme proposed in [55] suggests that Shamir’s secret sharing is one aspect of a Wiretap

Network. Wiretap network of such type can be formed with three layers presuming the access

structure is already defined. The first layer or top layer contains source node S acting as

31

dealer. The second or middle layer consists of all intermediate nodes acting as participates.

The third or bottom layer is comprised of receivers.

It is important to look at capacity analysis of the approach presented in [55]. Capacity

analysis helps understand the maximum capability of network resources and the amount of

new resources needed to cater to future requirements and its associated cost. The work from

Feldman et.al. [56] gives good clues on capacity analysis of Secure linear Coding [55]

highlighting field size required for the construction of linear network codes.

There is a recent innovative idea to incorporate. Another scheme [57] deals with the use of

threshold cryptography for secret key distribution to multiple scattered nods of a sensor

network. Here a distributed reprogramming protocol is introduced. The working of the

protocol includes secure reprogramming, reduction of communication and reduction of

storage at each node of the participating network. The responsibility of trust delegation lies

with network owner who also manages the reprogramming rights of the users. To stop an

adversary from injecting malicious code, every user passes authentication before performing

any task the network.

2.5.2 Filtered Secret Sharing

In filtered secret the shares are not distributed among participating nodes. Those shares are

passed to a filter which produces some linear combinations of passed shares. These linear

combinations are greater in number than the actual number of shares. As it has been

discussed in section-2.3.1 that an attack is only successful if the adversary has access to k out

of n shares. Thus increasing the search space and making the attack more difficult for an

adversary.

A Secure Network Coding scheme based on the concept of filtered secret sharing has been

proposed in [58]. In most of the schemes of Network Coding, security has tradeoff with

bandwidth and or with the capacity of the network. Such tradeoffs are also discussed in the

preceding king scheme. The focus, so far, has been on various ways to secure transmissions

using Network Coding while ignoring important aspect of network cost To address network

cost along with security, the literature also suggests some schemes [59], [60]. These schemes

suggest the use of rank matrix codes to decrease network cost.

32

2.5.3 Cryptography – Signature based

The cryptographic method of digital signatures is very useful for authentication. A message is

digitally signed at source and signatures are recomputed at the discretion so an unauthorized

change can easily be detected. In fact some researchers use the digital signature to Secure

Network Coding enabled communication by keeping away the compromised nodes to harm

the network traffic. One of such a scale is presented [28]. Injecting malicious packets also

known as pollution attack have greater consequences.

Oggier et. al. [61] suggests a signature based solution to cancel pollution to reach the

destination. Han et. al. [62] suggested distributed signature schemes against Byzantine

attackers. Boneah et. al. [63] suggested tailor made signature to be used with Network

Coding.

2.5.4 Cryptography – Hash Function Homomorphism

Cryptographic hash functions are widely used to verify integrity of data a file or a message. It

simply relates a value of a fixed length to data or file or message. Hash Homomorphism

allows to compute combined hash of a group of blocks if the hash values of individual block

has already been computed. It is another layer to make hash more computationally strong.

Zaou et. al. in their first kind of use of homomorphic hash function to Secure Network

Coding come to you such hashes at node [29].

2.5.5 Rank Metric Codes

Silva et. al. [60]. This scheme is universal so it can be applied on top of any network and any

network code. It can resist eavesdropping and data injections but without taking care of the

network cost.

2.5.6 Based on Cost Criterion

Tan et. al. suggests the use cost criterion to make linear Network Coding secure [64].

2.5.7 Random Coefficients as a Tool of Security

33

There is a very interesting aspect of Network Coding that at one hand research progresses to

make Network Coding (NC) more secured while at the other hand the Network Coding itself

has certain room to make secured distribution of secret keys in ad-hoc network settings.

Oliveira et. al. [65]make a very clever way to do this .

2.5.8 Quantum Cryptography

Recent advances in quantum cryptography are very useful ensuring data as well as its

cryptanalysis. Quantum Cryptography and its implications are discussed in a separate work as

following [66]. Quantum cryptography has roots in quantum mechanics. The first ever

quantum key distribution scheme was developed by Bennett and Brassard [67]. Owari et. al.

proposes a scheme where information is transmitted in quantum states. This protocol does

not require any authentication in it. It is known as a single shot.

The pros and cons of Secure Network Coding Schemes will be discussed in Chapter-4.

2.6 Computational Intelligence Techniques in Security

In ad-hoc networks security provision is a challenge. In addition to security requirement in

standard networks nodes of these networks also require confidentiality of location, absence of

traffic diversion and fairness of cooperation among themselves. It becomes more challenging

due to the fact that there are very limited resources in terms of better power, processing and

memory.

Computational intelligence refers to models which have ability of learning and adaptation

according to some rules or guidance. Some famous techniques of computational intelligence

include neural networks, fuzzy logic and revolutionary algorithms. Among evolutionary

algorithms, the most common are Genetic Algorithms (GAs), Particle Swarm Optimization,

Ant Colony Optimization and Simulated Annealing.

Computational Intelligence (CI) has potential to address the problems raised in defense and

security domain ranging from physical security to intrusion prevention systems such as

superior video analytics, intrusion detection systems, unmanned underwater vehicles and

buried explosives detection during battlefield. Physical security and surveillance problems

tackled by computational intelligence have better results than traditional techniques.

34

Suspicious activities can be automatically detected near critical infrastructures [68] by

extracting the objects in video frames through background subtraction and classification by

artificial neural network and alerts are generated by examining the behavior of the objects.

Radar signal emitters [69] with particular attributes are detected by artificial neural network

based approach via removing missing values and feed-forwarding neural network for

classification. Cyber security threats and intrusion attacks are common and can be mitigated

by techniques mentioned ahead. Security breaches caused by dangerous Internet locations

[70] classified by learning from allowed and forbidden URL lists. On the basis of

classification decision of denying or allowing new URL is done. Rough Cognitive Networks

(RCNs) based methodologies used to classify network traffic [71] as normal or abnormal and

proved to be competitive model for intrusion detection systems. Advanced Persistent Threats

(APTs) mitigated by semi-supervised classification where anomaly score metric is used to

detect malicious traffic while data labeled by expert humans and classifiers built by using

genetic programming, support vector machines and decision trees.

2.6.1 Major Computational Intelligence Techniques and their uses in Network

Coding

There are very strong reasons to look for alternative method for path finding and other

resource optimization in Network Coding techniques and to secure as ad-hoc nature of

networks where Network Coding techniques could be used.

One of such alternatives is use of Computational Intelligence techniques which provide

approximate solution to various computational problems. These techniques are being used for

various tasks of optimization. Hu used Genetic Algorithms (GAs) in Network Coding [14]

[15]. Nallakannu et al used Particle Swarm Optimization (PSO) for optimal peer selection

during Network Coding enabled communications [16]. He et al proposed a Particle Swarm

Optimization (PSO) based authentication scheme [17]. Sabri used Ant Colony Optimization

(ACO) protocol in Network Coding [18]. Wag used Ant Colony Optimization (ACO) for

resource minimization [19]. Liying Zhang has covered many aspects of Network Coding

using Simulated Annealing [20].

2.6.1.1 Genetic Algorithms

35

Genetic Algorithms (GAs) are being used to solve the problems of optimization in many

domains. For the best and the robust search techniques, Genetic Algorithms (GAs) method is

used in many Network Coding applications. This method is very popular because it is solving

many problems related to multimodal and multidimensional optimization. The Genetic

Algorithm performance increases by some parameters like mutation probability and fixed

crossover. The optimization techniques for nonlinear problems are divided into two

categories deterministic and stochastic.

Deterministic techniques start with search procedure having some guess or clue about

solution. Deterministic techniques are not generic, because these techniques are built to solve

some particular problems.

In the first stage of the Genetic algorithm implementation a binary alphabets strings were

used for the chromosomes. The computational cost of binary alphabets Genetic Algorithm

was very high due to the costs of the deterministic techniques used for optimizations. The

binary Genetic algorithm has some drawbacks and is very difficult for that problem that is

large in search spaces and seeks high accuracy.

To build a Genetic algorithm, for particular problem there are three steps to be needed

solution coding, objective functions and acceptance criteria for resolving that particular

problem.

To highlight use of Genetic Algorithm in Network Coding Problem (NCP), the approach of

[14] as an example case in which a new Genetic Algorithms (GAs) is proposed for NCP to

improve its performance,. The following changes are made in existing algorithms:

New Chromosome Structure: the existing chromosome structures of Genetic Algorithms

(GAs) is based on binary matrix logging the vigorous state of links; which leads to two

problems, the first one is lack of correct/complete information flow on link, which ultimately

appears as absence of identification information of specific protocol and scheme, because of

incomplete information. Second is without correct/complete information flow on links, the

integration of well-suited heuristic rules is not possible. The proposed algorithm is based on

permutation representation and records entire required information of flow on link.

36

Evolutionary operators: The badly designed operators can degrade performance of Genetic

Algorithms (GAs). The permutation representation based proposed algorithm is conveying

the absolute information flow on link, which solves the mutation and crossover problems by

predetermining the link state of network topology.

Inclusion of new Heuristic Rules and integration of existing rules: for the success Genetic

Algorithms (GAs), the heuristic rules plays important role in its application, thus identifying

the kind of rules, and how to integrate them into algorithms effectively are challenging tasks.

The permutation representation makes this algorithm easy to integrate most needed NCP

specific rules along with inclusion of few new rules.

The comparative result shows that the proposed Genetic Algorithms (GAs) outperforms the

existing algorithms, and considered as more fitness function than previous. It not only keeps a

count on target rate and required resources but also considers actually achieved rate in real

environment.

2.6.1.2 Particle Swarm Optimization

To highlight the use of Particle Swarm Optimization (PSO) in Network Coding optimization

scheme described in [17] is leading one. The purpose of this scheme was to introduce a

dynamic authentication scheme for packets during propagation from source to destination

through multiple nodes and this study also provides the idea of batch authentication for

overhead reduction that is the weakness of other existing authentication techniques.

D-Authentication is an efficient solution for Network Coding against pollution attacks along

with collusion among malicious nodes. D-Authentication differs from other schemes by

tolerating collusion among malicious nodes and usage of linear vector subspaces of Network

Coding. It prevents transmission of corrupted blocks to downstream nodes that are, it limits

pollution attacks.

In D-Authentication scheme security against pollution attacks is based on set of verification

vectors dynamically generated by the source, used by participating nodes to verify incoming

packets and are referred as D-Auth vectors. The authenticity of vectors is protected by source

using digital signature.

37

Each participating node maintains two packet buffers, verified and unverified for verified and

unverified packets. Each node buffers the unverified packet into unverified buffer on

receiving and combines them in verified buffer after verification, which then is transmitted

ahead. Once receiving the D-Auth vector, a participating node first verifies the vector using

signature and then it publishes it to neighbors. Node verifies the integrity of corresponding

data block by checking if it holds a mathematical equality.

Further, individual packet authentication can be extended to efficient batch authentication, in

which node verifies the set of coded packets at one time.

In the simulations, the used network consists of 1000 nodes and block size is decided to be

128 with directed random graph topology consists of one source node. The simulator is

round-based, where in each round a node can upload and download the blocks. Malicious

nodes send polluted message on each of their outgoing link in each round and malicious

nodes are selected randomly. In the given setup after applying various schemes such as:

cooperative security and null keys scheme, D-Authentication scheme has given the better

results after averaging the results over several runs.

2.6.1.3 Ant Colony Optimization

There are certain evidences in literature [18-19] which deals with Network Coding multicast

problem. As traditional coding like linear codes work on very complicated mathematical

structures involving computation over finite field. This consumes both the processing and

buffering resources. Obviously number of coding operations needs to be minimized, the Ant

Colony Optimization is a feedback or reactive optimization techniques which can reactively

construct solution based on local and global information. It is very useful in the problems

seeking optimization where path finding is required. As Network Coding operations needs to

find all link-disjoint list sub-network so the Ant Colony Optimization (ACO) technique

seems a good option.

2.6.1.4 Simulated Annealing

To see the usefulness of Simulated Annealing (SA) in Network Coding Optimization, the

work of [20] is the first one. Authors in the paper “Research on Network Coding

38

Optimization Using Differential Evolution Based on Simulated Annealing” proposed a hybrid

Differential Evolution (DE) algorithm based on Simulated Annealing (SA) to solve the

Network Coding optimization problem.

Networking Coding is a type of data transfer mode, where the intermediate nodes in the

network forward or copy forward the information of upstream link. It allows intermediate

nodes to mix the information received from incoming links to generate new information and

then forward the newly generated information to downstream nodes. Thus, the intermediate

nodes play the role of encoder. Although Network Coding improves the throughput, load

balancing, and reduces transmission delay, yet it increases the complexity and overhead of

the network due to extra coding operation for information. This makes the Network Coding

an optimization problem about how to seek an optimal Network Coding scheme by

consuming network resources as few as possible.

Kim et al [72] proved that Network Coding optimization problem is NP-hard problem, and

used the Genetic algorithm to solve it. This method is not time efficient and also quality of

solution declines with the increase of problem size. Further, Storm et al [73] proposed

Differential Evolution (DE) algorithm optimization problem. The idea of DE algorithm is to

randomly select multiple individuals to construct difference vector to update the individual

and diversify the search direction of the individual. DE algorithm is a kind of greedy Genetic

Algorithms (GAs) algorithm with elitism. The issue with DE algorithm is its greedy selection

of operations which results in premature convergence of the solution. To maintain the

population diversity and search routes of DE, simulated annealing is introduced into DE to

select the better Network Coding schedule.

2.6.2 Meeting Security Requirements using Computational Intelligence

Recently, secure data transmission over network has become a vital and critical issue due to

increased demand of digital media transmission and unauthorized access of important data

[74].

Cryptography uses mathematical techniques for information security, data integrity,

confidentiality, non- repudiation and authentication. Cryptography is based on concepts of

Encryption and Decryption [75]

39

When data is sent from sender to receiver, the data is converted to some unreadable form

called encryption of data and at receiver side data is again converted to its original form

called decryption of data. Both encryption and decryption process require the key. For

protection of valuable information from unlawful imitation, eavesdropper’s attack and

modification, different types of cryptographic algorithms are designed. There are two major

types of such algorithms: symmetric cryptography [76] and asymmetric cryptography [77]. In

asymmetric key cryptography two different keys are used, one for encryption called public

key and one for decryption called private key. Only one same key is used in symmetric

scheme.

The applications of both schemes differ due to efficiency of scheme; symmetric scheme is

mostly used for encryption of data due to its high performance while asymmetric is often

used for digital signature and distribution of key. Moreover, no any symmetrical ciphering

technique such as AES, DES, Advanced AES, and IDEA has taken any benefit from most

recent advances in information processing technology. Various kinds of modern data

encryption techniques [75,78] are found in the literature.

2.4.2.1 For authentication

The recent trend among authentication mechanisms is using multi factor authentication

methods which may be a combination of any behavior, password and biometric. Another

advancement is the process of continuous authentication. The work presented in [79] focuses

on these line and helps selecting modalities of continuous authentication process by selecting

them adaptively. For selection of such modalities, this work proves that such a model is

promising using Genetic Algorithm technique.

The earlier use of Genetic algorithm is for authenticating images [80]. To do this the authors

[80] randomized the original image using cross over and mutation process of Genetic

Algorithm to form a binary string. The binary string is then passed to a pairing function

which forms the digest of the image. While a secret formed from random permutation act as a

key between both communicating parties. This scheme is collision resistant and gives better

performance than standard authentication scheme.

40

The work in [81] suggests the concept of dual server for authentication. The delegation rights

always remains with the server. Whenever a new node joins it is treated as an image of the

first server. The trust is maintained by a node value. This scheme uses the Genetic Algorithm

to find the new node network value.

The approach discussed in [82] is hybrid in the sense that it uses benefits of Genetic

Algorithms (GAs) and Particle Swarm Optimization for Public Key Cryptographic scheme.

This is because of fast and easy implementation of Particle Swarm Intelligence. Particle

Swarm Optimization (PSO) alone are fast and easy to implement along with memory ability

while genetic Algorithm has advantage of sharing information be a set of chromosomes to

reach an optimal solution. The purpose to use this combined approach here is to generate

strongest key from a set of stronger set of keys.

As far as other use of other Computational Intelligence techniques like Ant Colony

Optimization techniques and Simulated Annealing in provision of user authentication in ad-

hoc environment is concerned, there is no significant contribution from literature.

2.4.2.2 for confidentiality

Computational Intelligence techniques are workable for providing data confidentiality. There

is use of Genetic Algorithm in [74,83]where an image is encrypted using a pseudo random

sequence (chaos) for throughput limiting applications.

As far as other use of other Computational Intelligence techniques like Ant Colony

Optimization techniques, Ant Colony Optimization and Simulated Annealing in provision of

data confidentiality in ad-hoc environment, there is no significant contribution from

literature.

2.4.2.3 Both Authentication and Confidentiality

There are certain applications of Computational Intelligence in providing both authentication

and confidentiality of data. The research in [84] provides such a symmetric scheme using

genetic algorithm. First, an encryption algorithm is developed and implemented to achieve

41

the aforementioned purpose. This works in two phases. In first phase plain text is encrypted

with a key. In second phase the cipher text of first phase is encrypted using Genetic

algorithm.

Another scheme [85] presents the usefulness of Genetic algorithm in Key Selection. Whereas

in Key Selection is a process selecting strongest key from a finite search space. The fitness of

key is calculated Pearson’s Coefficient of auto-correlation. The scheme is tested against

frequency and gap attacks.

42

Chapter 3

Materials and Methods

This chapter presents research methodology, its details and rationale of choosing this

methodology explaining theoretical analysis of literature and design of experiment.

Adaptation of a mix of both theoretical and empirical methods of Computer Science research

is a good approach so experiment design, its parameters for performance and comparison of

available tools are described in detail. Explanation of the chosen simulation tools is also part

of this chapter.

The research work of this thesis is mainly based on two methods; first the literature surveys

and second simulation of the proposed work. The experiment is deigned in the form of an

artificial test-bed. This test-bed simulates a communication scenario using appropriate

simulation tools and programming language detail of which are given in relevant sections of

this chapter. The simulation parameter have been selected or derived from literature and

comparative studies.

3.1 Description of Research Questions

Selecting a research methodology is strongly related to the description of research question

that has been raised in section-5 of chapter-1. The research question and related sub

questions are described from the perspective of research methodology in following

paragraphs.

The first question is about development of a coding scheme or modification of some existing

schemes in such a way that the new scheme meets the set of security requirements as well as

it provides maximum benefit of Network Coding? To attempt answer of this question

investigators first need to know what is current state of art in the field of Network Coding

(NC). What are the approaches available in literature to make Network Coding (NC) secure?

What will be constitution of requirements for generic Secure Network Coding Problem?

To investigate the current state-of-the-art of Network Coding, theoretical literature survey is

needed from where some inferences can be made and deep learning of the domain knowledge

can be obtained. By selecting more than a dozen of such schemes, formation of taxonomies

43

and studies on the basis of these taxonomies are helpful. Second and third section of chapter-

2 was mainly focused on this point.

For the investigation of making Network Coding secure, necessary deduction method is

applied on theoretical work by conducting a literature survey of selected schemes. Fifth

section of Chapter-2 was mainly focused on this point.

The second main research question is about finding a way to avail Computational Intelligence

technique to optimize cryptographic algorithms or to find a new way to optimize

cryptographic computation. The answer of this question requires investigators to explore role

of Computational Intelligence in the problem of Secure Network Coding. The study of

Computational Intelligence techniques fulfilling security requirements and performance of

such kind of solutions is necessary before incorporating it in the proposed solution. To

explore the role Computational Intelligence has played in the problem of Secure Network

Coding a survey of the use and application of Computational Intelligence techniques in

provision of data or network security provided in Section-6 of chapter-2 focused this

perspective.

As the field of Network Coding is evolving with the passage of time, the standardization has

yet to come leaving researchers with no standards for security requirements in the case of

Network Coded communications. There is a need to come up with a set of security

requirements at par with that of TCP/IP communications. The deductions from literature

surveys and analogies of related RFCs are used to make the set of security requirement.

Second part of Chapter-4 point towards a blend of some schemes for the sake of security in

chapter-4.

In order to find suitable Computational Intelligence techniques satisfying security

requirements, the best candidates from already existing schemes having the potential for

integration with techniques of Computational Intelligence (CI). In other words, obtaining

solution by combining, either in an appropriate hierarchy or into layers, some schemes or

protocols to make Network Coding (NC) based communication secure. Searching for a

suitable scheme among the already proposed solutions, having potential to give an optimal

solution with some techniques of Computational Intelligence can work better. If so, the

question of performance of such solution will raise later. The simulation method helps to

44

verify the proposed solution and evaluate its performance. The theoretical methods of

security strength are also helpful in this regard.

3.2 Research Methods

As pointed earlier in this chapter, most portions of work presented in this thesis mainly uses

the literature survey and computer simulation methods.

3.2.1 Theoretical Methods

The theoretical analysis of literature includes logical analysis, cognitive synthesis, necessary

deduction, and analogy. The reason to select this method is that it provides deep learning of

these schemes but with a very low possibility of misleading conclusion.

Theoretical fundamentals of Computational Intelligence techniques are studied to see its

potential for provision of optimal solution in cryptography and Secure Network Coding.

Genetic algorithm may be a good point to start with and may lead to develop a solution with

better performance.

The following literature surveys are really important and significant in making further

research contribution:

A comprehensive survey of contemporary Network Coding schemes (section-2.3),

A comprehensive survey of Contemporary Secure Network Coding schemes (section-

2.5), and

A comprehensive survey of Computational Intelligence technique and it applications

in Data Security (section-2.6)

For carrying out following work, deduction and analogies are used.

Deduction of set of security requirements on the basis of literature survey

Development of system model supporting security requirement

3.2.2 Empirical Methods

45

In order to investigate existing models or before proposing a new one, practical evaluation of

these is very helpful in identifying gaps. Empirical research methods are very useful for this

purpose. Simulation method is used for empirically evaluation of research work due to

following reasons:

Standards and many details of Network Coding schemes are not final

Implementing real test-bed costs more.

Executing proposed model on real test-bed can be difficult and time consuming

Repetition of experiments is challenging

Experimenting in real time is difficult to pivot on one aspect and observe others

making it hard to isolate a single aspect.

Hence Simulations are well suited for evaluating coding schemes, protocols and new ideas in

the field of wireless communications. This way enables to look at every aspect and can

isolate one aspect from others, fine tune parameters and reconfigure the model.

Following work is based and computer program and computer simulation methods:

Implementation of solution modeling and analysis

Performance evaluation

The limitations of Simulation method are directly related to the limitation of simulation tool

and the developed model. The major one is the validity of the simulation tool. Others include

managing upper layers and dealing with scalability.

3.3 Experiment Design

For the sake of experiment, Network Coding operations are to be applied at application and

network layer. Coding this layer will introduce less overhead as compared to other upper

layer. Actually Network Coding is not designed keeping in view the OSI model; to

incorporate this in the OSI model a shim layer either above physical layer or somewhere at

higher physical layer so that data can be encoded or decoded soon after the symbols have

been detected.

46

For experiment purpose two scenarios as described later are selected. First scenario is “single

hop” and second is “multiple hops”. In each scenario data is to be sent from source device to

sink device reliably but through a lossy wireless link (characteristics are described in relevant

sections). The sink(s) or receiver(s) may exist in nearby location.

The system under study and its various scenarios are described below:

The butterfly network from literature is adopted. The test-bed contains a multi-hop wireless

communication network for which it is a base model as discussed in [36].

Scenario-A: Single Hop

1. Multicast

Sender sends a 32 byte data in ASCII format stored in a file to nearby nodes.

2. Best effort multicast for multimedia

Sender sends a butterfly image to receiver nodes.

We name this scenario as “Single-hop Butterfly Ad-hoc wireless Network”

Scenario-B: Multi hop

1. Multicast

Sender sends a 32 byte data in ASCII format stored in a file to sink nodes.

2. Best effort multicast for multimedia

Sender a butterfly image to receiver nodes over the multi hop butterfly network.

We name this scenario as “Multiple-hop Butterfly Ad-hoc wireless Network”

The objective of the study is to reliably and securely transmit the data, and observe

performance of implemented models.

The system under study will be using network service like neighbor discovery coding and

decoding services.

The performance metrics include throughput and Bit Error Rate. The parameters that can

control performance are:

47

Packet loss rate

Network Coding rate

Generation size

Galois field size

Number of transmitted packets

3.4 Simulation Tools

There are many software or computer programs or computer tools to simulate experiments in

Communications Networks. For the sake of simplicity and understating there is no any

technical difference between a software, computer tool and simulation tool except the level of

specificity and nature of their uses. As focus is wireless networking specially the broadcast

in ad-hoc wireless network, monitoring network as an abstract model using a computer

simulation tool is useful. Many computer based simulation tools help researchers to design,

configure and test their experiments. For selection of appropriate simulation tools for

experiments, list of available simulation tools along with their current version, license type

and implementation language is given in Table-4. These tools are evaluated by means of their

short description of each of these, the features it supports, easiness of modeling and use; and

its limitations. The purpose of this discussion is to explore each tool so that selection of tools

for work done in this thesis could be justified.

Table-4: List of available simulations tools and their specifications

Tool Version License Type Programming

Language

GloMoSim 2.03 Open source Parsec

J-Sim 2.17 Non-commercial Java

Kodo N/A Open source C++/C

Matlab 8 Commercial

Matlab

Programming

Language

Neco Neco 2.0 GNU Public License

2.0 Python

NetScale 12.2 Commercial xml

48

NetSim 10.2 Proprietary C, Java

NS2 3.27 Open-source C++, Python

OMNet++ OMNet++ 5.3

Released Open-source C++

Opnet 17.5 Commercial C++/Java

QualNet QualNet 8.1

and EXata 6.1. T Commercial Java

WiNeSim N/A Academic Graphical

GloMoSim:

GloMoSim [86] (Global Mobile information System) is a parallel discrete event simulator

network protocol simulator also simulates both wireless and wired network systems. It has

customizable GUI and offers heterogeneous environment.

J-Sim:

J-Sim [87] is simulation tool developed in JAVA. This tool can be used as a component-

based, compositional simulation environment. It has Console and GUI interfaces.

KODO:

Kodo [88] is basically a library having an efficient implementation of many Network Coding

schemes. Although the library has a variety of erasure codes but it's most interesting use is

implementation of many Network Coding schemes. It is available through commercial and

Research license. This library is a part of Steinwurf project. It offers many building blocks

and parameters that can be combined to do custom experimentation. This project offers free

license to researchers for evaluation and other research and development purposes

Matlab/Octive

A simple Matlab based Network Coding simulator [89] developed by Chamitha de Alwis. It

performs Network Coding on a butterfly network. It gives facility to change a limited set of

parameters.

49

NS-2:

NS-2 [90] is a discrete event network simulator. This tool is used to define topology, develop

a model, configure a node and link, execute the model, analyze performance and visualize

results in the form of graphs. Apparently it seems complex and time consuming as it does not

have Graphical User Interface (GUI) and one has to learn TCK to work with it.

NECO

NECO [91] is also a discrete event simulator specifically designed for Network Coding. It

has the ability to define topology, modularly specify the Network Coding protocol and to

visualize network operations. It also has a seamless statistic module. Though it available

freely and it functionality can be extended by adding Python scripts however its utilization in

Network Coding research could not be found.

NetSim:

NetSim [92] is a network discrete event simulation software and it is used for protocol

modeling, with great depth, high power and greater flexibility. It can create network scenarios

using NetSim’s GUI or XML configuration files. It has ability to interface with external

programs and modeling can also be done through XML configuration file

OMNet++:

OMNeT++ [93] (Objective Modular Network Test-bed in C++) is a generic modular

simulation framework. Experiment designers can use this to define topology, develop a

model, configure a node and link, execute the model, analyze performance and visualize

results in the form of graphs. It has GUI for simulation execution, links into simulation

executable and command-line user interface for simulation execution. Working in this is

relatively easy.

Opnet:

OPNET [94] simulator can simulate the behavior and performance of almost any type of

network. It has many built project scenarios.

QualNet:

The QualNet [95] network simulation software robust tool. It is used for both wired, wireless

networks and hybrid network. It offers optimal speed for scalability. Experiment designers

50

can use this to simulate high-fidelity models. Modification is not easy as it does not provide

access to source code.

WiNeSim

WiNeSim [96] is a simulation tool to model Wireless Networks with provision to attack

network. Experiment designers can quickly configure this using GUI. It has some pre-

implemented components of OMNeT++.

The factors that are required for selection of a simulators, computer programs and language

or environment are availability, easiness of uses, adaptability by research community and

efforts in terms of learning and implementation time. Among all of these NS-2 is old and

mature for WSN in this field. For the sake of this research presented in this thesis uses a

Matlab based simulator and Kodo library to implement Network Coding as it is easy to

implement. The Matlab based code is being run on Octave [97] under GNU while an

academic license has been obtained from Kodo to use it for research experiments.

51

Chapter 4

Results and Discussions

This chapter presents detailed comparison of Secure Network Coding schemes. Later, the

discussions are made on the basis of inference technique. Twelve schemes of Secure

Network Coding Schemes from the published research work are selected. The objective of

this comparative study is to find suitable candidate schemes, which in a form of combination

or in some structured or in a certain hierarchy gives a good solution to Secure Network

Coding Problem. The parameters to conduct this comparative study mainly include

confidentiality of data, authentication of message and users and the overall security strength

of a Secure Network Coding scheme. Authentication techniques available for peer-to-peer

system are reviewed to select a potential way of authentication. These reviews suggest a

broader perspective of Secure Network Coding into consideration and conclude with a

recommendation a hybrid Secure Network Coding scheme.

4.1 Comparative Analysis of Secure Network Coding Schemes1

Literature has reported certain limitation of Secure Network Coding schemes [98]. Take the

case of threshold cryptography based Secure Network Coding schemes where an adversary

has access to all k out of n outgoing edges (k shared required out of n shares). If this case

happens then this scheme will not be secured as it is assumed that an adversary has access to

less than k outgoing links [98]. This section provides details of selected schemes and

comparison of the schemes being studied followed by the trade-offs of different

requirements.

4.1.1 Taxonomy of attacks

In order to compare security strength various proposed Secure Network Coding Schemes,

consider taxonomy of attacks given in Figure-12.

1 Some initial findings of this work have been presented in published in proceedings of 2011 International

Conference on Computer and Emerging Technologies (ICCET), Khairpur, Pakistan, 22-23 April 2011 (pp 239-

244).

52

Active Attacks:

Traffic analysis – In straight-forward implementation of Network Coding, the flow of

Network Coded transmission cannot be kept hidden from the intermediate nodes as global

encoding information is available for the assurance that communication reaches its

destination.

Eavesdropping – Network Coding techniques are mostly implemented in wireless

communication. It is due to the open access of wireless medium that this communication is

very much vulnerable to eavesdropping until and unless any protection mechanism like

encryption is applied.

Passive Attacks:

Following are passive attacks to which Network Coding is vulnerable to:

Worm-hole – it is diversion of innovative packets by a compromised node. [99]

Byzantine – An attack where a fully compromised node having arbitrary behavior.

Pollution – It is injection of malicious or unwanted packets by any node of the network.

Wiretapping – It is unauthorized access of a link or a set of links be anyone.

Impersonation – a situation where source node is forged. A fake source acts instead of the

actual source.

Denial of Service (DoS) – It is to slow down the performance or throughput. Though intrinsic

feature of Network Coding discourage DoS in communication using Network Coding,

however a node can generate non-innovative packets (packets that do not increase the rank of

encoding matrix hence they are useless). This is also known as an Entropy Attack [100]. DoS

attacks can also be in following forms:

Jamming – It is bombardment of DoS.

Flooding – Series of DoS so that connection breaks.

Black-hole – A DoS such that node do not forward the received packets.

53

Figure-12: Taxonomy of attack in Network Coding Communications

4.1.2 Selected Schemes

Table-5 shows the name or titles of schemes under study. All of these schemes use

cryptographic approaches which are also mentioned in the table along with the relative

reference. The identity letter has been assigned to each scheme to refer it for the sake of

analysis and comparisons.

Table-5: Schemes under study

No. Identity Approach Name/Title Reference

1 Scheme-A Decentralized

Random Linear

Network Coding

with hash

symbols

Byzantine Modification

Detection in Multicast Networks

[53]

2 Scheme-B Decentralized

Random Linear

Network Coding

Secure Network Coding with a

Cost Criterion

[64]

Attacks in Network Coding

Active

Traffic analysis

Eavesdropping

Passive

Denial of Service (DoS)

Jamming

Flooding

black-hole

Worm-hole Byzantine

Pollution Wiretapping Impersonation

54

with cost criterion

3 Scheme-C standard Network

Coding with

signing subspace

vectors

Signature-based Scheme [101]

4 Scheme-D standard Linear

Network Coding

with

determination of a

rank of matrix

Security for Wiretap Networks

via Rank-Metric Codes

[24]

5 Scheme-E standard Linear

Network Coding

with

determination of a

rank of matrix

Universal Secure Network

Coding via Rank-Metric Codes

[102]

6 Scheme-F standard Linear

Network Coding

with hash

functions

Secure Network Coding Against

the Contamination and

Eavesdropping Adversaries

[103]

7 Scheme-G standard Linear

Network Coding

with random

information and

secret sharing

Secure Network Coding via

Filtered Secret Sharing

[58]

8 Scheme-H standard Network

Coding

A Network Coding Approach to

Secret Key Distribution

[65]

9 Scheme-I standard Network

Coding with

signature

Signatures for Network Coding [104]

10 Scheme-J standard Network

Coding with

lattice signature

(distance between

Secure Network Coding based

on lattice signature

[105]

55

message and its

signature)

11 Scheme-K Standard Network

Coding with light

version of

signatures

Compact Signatures for

Network Coding

[106]

12 Scheme-L Standard Network

Coding with a

method to boost

signatures

Efficient signature scheme for

Network Coding

[107]

13 Scheme-M distributed

polynomial-time

rate-optimal

network codes

Resilient Network Coding in the

presence of Byzantine

adversaries

[108]

14 Scheme-N Standard Network

Coding with a

verification test

for correct coding

by nodes

Going Beyond Pollution

Attacks: Forcing Byzantine

Clients to Code Correctly

[109]

15 Scheme-O Standard Network

Coding with tag

generation

method

MIS: malicious nodes

identification scheme in

network-coding-based peer-to-

peer streaming

[110]

16 Scheme-P Standard Network

Coding with an

identification

method based on

HMAC

A tag encoding scheme against

pollution attack to linear

Network Coding

[111]

17 Scheme-Q Standard Network

Coding with a

MAC function

An efficient signature-based

scheme for securing Network

Coding against pollution attacks

[112]

18 Scheme-R Standard Network

Coding with a

Locating Byzantine attackers in

intra-session Network Coding

[113]

56

linear signature

function

using SpaceMac

This discussion begins with description of each Secure Network Coding Schemes. Then

these schemes are seen in terms of different security requirements like security strength,

confidentiality, authentication etc. The in-depth comparative study of more than a dozen

different Secure Network Coding sachems leads to meet to combine appropriate schemes to

gain good security features using Network Coding.

The scheme-A [53] deals with Byzantine Modification Detection. It considers Single source

multiple sink multicast scenario where an adversary has access to a Subset of packets

transmitted over network. This scheme has been proved to provide Information theoretic

security. The method to secure transmissions involves Decentralized Random Linear

Network Coding with hash symbols. The limitation of this scheme is that at destination one

or more unmodified packets still may arrive.

The scheme-B [64] deals with wiretapping by an adversary. It considers single source

multiple sink multicast scenario where an adversary has access to a subset of packets

transmitted over network. This scheme has been proved to provide Average; probability of

eavesdropping as low as 0.01 security. The method to secure transmissions involves

Decentralized Random Linear Network Coding with cost criterion. The limitation of this

scheme is that A wiretapping adversary has interest for a known subset of transmitted

messages.

The scheme-C [101] deals with modification by malicious nodes. It considers Single source

multiple sink multicast scenario where an adversary has access to a compromised

intermediate node. This scheme has been proved to provide Equivalent to RSA security. The

method to secure transmissions involves standard Network Coding with signing subspace

vectors. The limitation of this scheme is that Adversaries may come in a position to fully

control the compromised forwarders.

The scheme-D [24] deals with wiretapping by an adversary. It considers Single source


57


security. The method to secure transmissions involves standard Linear Network Coding with

determination of a rank of matrix. The limitation of this scheme is that Whitepaper has access

to a subset of arbitrary chosen links.

The scheme-E [102] deals with wiretapping by an adversary and packet injection by

adversary into the network. It considers Single source multiple sink multicast scenario where

an adversary has access to a Subset of packets transmitted over network and can inject

packets. This scheme has been proved to provide Information theoretic security. The method

to secure transmissions involves standard Linear Network Coding with determination of a

rank of a matrix. The limitation of this scheme is that some information can be leaked but this

is of no use for an adversary.

The scheme-F [102] deals with contamination and eavesdropping. It considers Single source


transmitted over network and can inject packets. This scheme has been proved to provide

Equal to the strength of cryptographic algorithm security. The method to secure transmissions

involves standard Linear Network Coding with hash functions. The limitation of this scheme

is that intermediate nodes have access to the identifiers of the sinks and intermediate nodes

have limited computational power and the number of independent packets available to the

eavesdropper is less than the multicast capacity of the network.

The scheme-G [58] deals with wiretapping. It considers Single source multiple sink multicast

scenario where an adversary has access to a Subset of packets transmitted over network. This

scheme has been proved to provide information theoretic security. The method to secure

transmissions involves standard Linear Network Coding with random information and secret

sharing. The limitation of this scheme is that Filtered secret sharing is unsolvable in certain

cases. Maximum information length can require large field size.

The scheme-H [65] deals with the sharing of secret keys. It considers single source multiple

sink multicast scenario where an adversary has access to a subset of packets transmitted over

network. This scheme has been proved to provide Information theoretic security. The method

to secure transmissions involves standard Network Coding. The limitation of this scheme is

that immune to a single point of failure.

58

The scheme-I [104] deals with authentication and detection of malicious nodes. It considers

single source multiple sink multicast scenario where an adversary has access to a subset of

packets transmitted over network. This scheme has been proved to provide information

theoretic equal to Diffie-Hellman security. The method to secure transmissions involves

standard Network Coding with signature. The limitation of this scheme is that assumption

about availability of a separate secure channel for transmission of hash values in network.

The scheme-J [105] deals with authentication and detection of malicious nodes. It considers

Single source multiple sink multicast scenario where an adversary has access to inject

messages. This scheme has been proved to provide more than RSA security. The method to

secure transmissions involves standard Network Coding with lattice signature (distance

between message and its signature). The limitation of this scheme is that its practical aspects

are not clear.

The scheme-K [106] deals with pollution by Byzantine nodes. It considers Single source

multiple sink multicast scenario where an adversary has access to an arbitrary number of d

nodes. This scheme has been proved to provide more than that of Diffie-Hellman security.

The method to secure transmissions involves standard Network Coding with light version of

signatures. The limitation of this scheme is that security condition depends upon a receiving

minimum number of correct packets by sink nodes.

The scheme-L [107] deals with pollution by Byzantine nodes. It considers Single source



security. The method to secure transmissions involves Standard Network Coding with a

method to boost signatures. The limitation of this scheme is that assumption about

orthogonality of vectors.

The scheme-M [108] deals with pollution by Byzantine nodes. It considers Single source


nodes. This scheme has been proved to provide information theoretic security. The method to

secure transmissions involves distributed polynomial-time rate-optimal network codes. The

limitation of this scheme is that require modification at source and destination nodes.

59

The scheme-N [109] deals with pollution by Byzantine nodes. It considers Single source


nodes. This scheme has been proved to provide Information theoretic security. The method to

secure transmissions involves Standard Network Coding with a verification test for correct

coding by nodes. The limitation of this scheme is that use of 1024-bits integrity signature.

The scheme-O [110] deals with pollution by Byzantine nodes. It considers Single source


nodes but server is trusted. This scheme has been proved to provide information theoretic

security. The method to secure transmissions involves Standard Network Coding with tag

generation method. The limitation of this scheme is that trusting a server makes it single point

of failure.

The scheme-P [111] deals with pollution by Byzantine nodes. It considers Single source


nodes but server is trusted. This scheme is proved to provide information theoretic security.

The method to secure transmissions involves Standard Network Coding with an identification

method based on HMAC. The limitation of this scheme is that all time availability of KDC.

The scheme-Q [112] deals with pollution by Byzantine nodes. It considers Single source



secure transmissions involves Standard Network Coding with a MAC function. The

limitation of this scheme is that assumption that each message is appended with

its encoding vector.

The scheme-R [113] deals with pollution by Byzantine nodes. It considers Single source



secure transmissions involves Standard Network Coding with a linear signature function. The

limitation of this scheme is that low performance when there is lesser number or no attacks.

60

There is yet another case where network has links of unequal capacities. One scheme

suggested in [114] take into account this case and proves that cut-set bound is not

achievable.

Classification, Comparisons and Trade-offs

Eighteen sachems of Secure Network Coding are analyzed. These have been assigned an

English letter identity as shown in first column of Table-5. So for simplicity a scheme is

referred as a scheme with the respective English letter identity.

In Figure-13 Venn’s diagram is used to see if these meet following security requirement(s):

Confidentiality

Authentication

Both confidentiality and authentication

As it can be seen in Figure-13 that most of the schemes depends upon authentication

mechanism to cope attacks lake fabrication, traffic injection etc. The list of attacks

encountered by each scheme is given in Table-6. In addition to encountered attacks, Table-6

also lists whether or not a scheme focuses confidentiality or authentication and what is its

related security strength.

Confidentiality

Only

{B, D}

Confidentiality

and

Authentication

Both

{E, F, G, H}

Authentication

Only

{A,C, I, J, K, L,

M, N, O, P, Q, R}

61

Figure-13: Security Requirements met by selected schemes

Table-6: Comparison of different schemes to Secure Network Coding

Schemes Countered

Attacks

Confident

iality

Authenti

cation

Security Strength

A Byzantine modification

pollution attacks

No Yes Information theoretic

B Wiretapping by an

adversary

Yes No Average; probability of

eavesdropping as low as

0.01

C Modification by malicious

nodes

No Yes

Equivalent to rsa

D Wiretapping by an

adversary

Yes

No Information theoretic

E Wiretapping by an

adversary and packet

injection by adversary into

network

Yes Yes Information theoretic

F Contamination and

eavesdropping

Pollution, wiretapping

Yes

Yes Equal to the strength of

cryptographic algorithm

G Wiretapping

Pollution

Yes Yes Information theoretic

H Sharing of secret keys Yes Yes Information theoretic

62

I Authentication and

detection of malicious

nodes


equal to diffie-hellman

J Authentication and

detection of malicious

nodes

No yes More than rsa

K Pollution by Byzantine

nodes

No Yes More than Diffie-Hellman

L Pollution by Byzantine

nodes


M Pollution by Byzantine

nodes


N Pollution by Byzantine

nodes


O Pollution by Byzantine

nodes


P Pollution by Byzantine

nodes


Q Pollution by Bazantine

nodes


R Pollution by Byzantine

nodes


There are two main methods to make Network Coding secured. First method, which is known

as Inner Codes requires reconstructing or modifying an existing code in such a way that, the

reconstructed code or modification of previous scheme, now meets the security requirement.

The second method known as Outer Codes requires appending or combining some security

63

mechanism without any change to coding scheme to gain benefits of Network Coding. Table-

7 shows which schemes are Outer Codes and which are Inner Codes among scheme all the

schemes being studied. Here it can be clearly seen that most of the schemes are Outer Codes.

Only four out of eighteen schemes are Inner Codes. The reason for this can be the ease of

implementation and adoptability of a solution as a universal solution so that new solution can

be applied without modification of previous one.

Table-7: Inner vs Outer Codes

Inner Codes Outer Codes

A, B, G, M C, D, E, F, H, I, J, K, L, N, O, P, Q, R

Table-8 summarizes grouping of the schemes under study on the basis of encounter attacks.

Here it can easily be seen that most of the work is focused on Byzantine attacks.

Table-8: Grouping of schemes on the basis of encountered attacks

Sr. Attacks Schemes

1 Byzantine

Modification

A

2 Disclosure B, F

3 Pollution C, E, G, H, I, J, K, L, M, N, O, P, Q, R

4 Wiretapping D, E

5 Eavesdropping G, H

6 All of above H

As every scheme is with certain assumptions and limitations, a list of major limitation of each

scheme is given in Table-9.

Table-9: Limitations of Schemes under Study

Scheme Limitations

A At destination one or more unmodified packets still may arrive.

B A wiretapping adversary has interest for a known subset of transmitted

messages.

C Adversaries may come in a position to fully control the compromised

64

forwarders.

D Whitepaper has access to a subset of arbitrary chosen links.

E Some information can be leaked but this is of no use for an adversary.

F Intermediate nodes have access to the identifiers of the sinks and intermediate

nodes have limited computational power.

G The number of independent packets available to the eavesdropper is less than

the multicast capacity of the network.

H Filtered secret sharing is unsolvable in certain cases.

I Immune to a single point of failure.

Table-10 shows security strength of each scheme.

Table-10: Security Strength of Schemes under Study

Scheme Security Strength

A At destination one or more unmodified packets still

may arrive.

B A wiretapping adversary has interest for a known

subset of transmitted messages.

C Adversaries may come in a position to fully control the

compromised forwarders.

D Whitepaper has access to a subset of arbitrary chosen

links.

E Some information can be leaked but this is of no use

for an adversary.

F Intermediate nodes have access to the identifiers of the

sinks and intermediate nodes have limited

computational power and The number of independent

packets available to the eavesdropper is less than the

multicast capacity of the network.

G Filtered secret sharing is unsolvable in certain cases.

Maximum information length can require large field

size

H Immune to single point of failure.

65

I Assumption about availability of a separate secure

channel for transmission of hash values in network

J Its practical aspects are not clear

K Security condition depends upon a receiving minimum

number of correct packets by sink nodes

L Assumption about orthogonality of vectors

M Require modification at source and destination nodes

N Use of 1024 bits integrity signature

O Trusting a server makes it single point of failure

P All time availability of KDC

Q Assumption that each message is appended with

its encoding vector

R Low performance when there are lesser number or no

attacks

To discuss Tradeoff following are some attribute of an ideal scheme:

Consume lesser time (time efficient),

Consume fewer resources (resource efficient),

Have no vulnerabilities,

Ease of implementation, and

Good security strength.

The study shows many obvious trade-offs. One such trade-off is between cost and

vulnerability of the network, removing vulnerabilities incurs more network cost. The strength

of security has trade-off with computational overhead, stronger security incurs more

computational overhead. Keeping in view the requirements of application and availability and

amount of resources, the decision is made to choose between Inner Code and Outer Code.

4.1.3 Selecting Cryptographic Techniques in Peer to Peer Systems2

As observed in survey of Secure Network Coding schemes that most attacks are related to

authentication of nodes. To select a vivid authentication scheme to cater impersonation (non-

repudiation), eavesdropping and traffic analysis. In wireless ad-hoc network where Network

2 Some initial findings of this work have been presented in published in proceedings of 4th International

Conference on Computer and Emerging Technologies 2014, Khairpur Pakistan

66

Coding (NC) is applied mostly form peer-to-peer network hence cryptographic authentication

techniques are very common. The question arises with selection of such techniques suitable

for ad-hoc environments with lesser overhead on nodes. Selecting a good technique is an

open question. Use of Keys is widespread as first line authentication solution. The next

challenge in designing such a scheme is to choose the key size and Key exchange protocol.

In this section explore authentication techniques and key management Peer to Peer networks.

Six candidate solutions has been taken into consideration in order to select one to incorporate

in proposed model.

The most viable solutions in literature recommends deploying or assigning a node as third

party in client-server environment. However Peer to Peer environment it is very challenging

due to independence of each node, decentralization and openness. Yet some alternative to

central authority or third party in the form of a self-organized system is available [115].

Threshold cryptography is also suitable for implementation of distributed Public key

Infrastructure [116]. These solutions are viable but need certain improvements in terms of

security strength.

Peers or nodes need a high level of cooperation among themselves and a high degree of

decentralization for formation, maintenance and scalability of the network retaining Equality

and full control of data and resources associated with a node. There may also exist multiple

administrative domains which definitely require mutual work to manage the network.

The architecture of a Peer to Peer system can be partially centralized or totally decentralized.

In partially centralized system, a controller is responsible for management but it is also a

single point of failure in case of any disaster [117]. The controller node act as center node to

form star topology with the help of cooperating nodes. Whereas decentralized approach select

a super peer among themselves for management tasks. Apparently, the decentralized

approach seems better but it is most concerned with scalability issue.

67

There is also a possibility to make peers anonymous using cryptographic techniques for the

sake of content distribution. Assuming ),( EVG as a directed graph, the set of N vertexes V

as;

},,,,{ 321 NvvvvV

and set of links E as;

}:{ VVxxE

A simple Peer to Peer system is shown in Figure-14. Also, it can be seen in this figure that

malicious nodes can temper the security.

For the sake of authentication, peer identity is very important as unique identity is required to

make routing and other services easy. In traditional networks, nodes are identified generally

by using their IP address or sockets (combination of IP address and port number). As a matter

of fact this identification is subject to attack known as Sybil attack [118]. A Sybil attack

allows an attacker to create more than one distinct identity. Some solutions to Sybil attack

require the involvement of certifying authority or proof of work or reputation based and

voting system (e.g. Credence). Obviously these techniques cater the problem but put

computational and communication burden on the nodes thus causing decreased performance,

trust and non-applicability. Using Identity Based Encryption (IBE) makes the generation of

the trusted private key a challenging task. In ad-hoc network implementing Network Coding,

identification is still an open area and is challenging due to broadcast nature of

communications and varying layers of coding.

Integrity and confidentiality is an essential security requirement to assure that nothing has

happened to data during transmission.

Figure-14: A structure of Peer to Peer Network

68

Anonymity is not required in some case but can be desired as a security requirement to avoid

censorship of codes or nodes. Some schemes also suggest anonymity to prevent Byzantine

attacks. As far as anonymity of the content is concerned it may raise some legal and ethical

issues. One such an act could lead to violation Digital Millennium Copyright Act (DCMA)

[119] .

The attention can be made towards self-organized public key certificate system (DHT based)

[120] to get rid of trusted third party (central) and to identify peers. Self-organized public key

certificate system is proposed. In order to do so, each peer has three tables. First, a routing

table (definitely this would not be applicable in case of Network Coding transmissions).

Second, tables acting as certificate register storing hash of user name and respective

certificate. Third, it has a table storing IP record of all user names. In self-organized systems

certificate management is another important challenge due to sudden crash of a peer.

OneSwarm [121] is another protocol to provide privacy and improved performance. It

establishes an overlay of mesh to share public keys and DHT to resolve name conflict. To

locate data source, peers flood object lookups and get data over reverse path thus putting an

overhead. However a congestion aware feature of this protocol helps to reduce the overhead.

Identities are also stored using encryption.

The interesting fact here is that with Network Coding (NC) [122] nodes re-code data during

transmission from one hop to another to improve throughput [122]. There are chances of

incorrect coding and corruption of a data packet if a node becomes malicious. The

homomorphic signature scheme [116] solves this issue by real time verification of encoded

data.

The following procedure is adopted.

Let w be a data chunk such that ),,,,( 11 nmmm wwwww

Then signature σ of w is defined as

))(mod,,,,( 1111 qwswswsws nmnmmmmm

Signature verification is done by checking

g σ= ........1

1

wynmw

nmy

(mod q)

69

Another method is based on Threshold cryptography to setup distributed PKI [115]. It may

perform better than the byzantine agreement approach. The procedure is as under:

1. Generate of public secret key pair (P, S) through distributed Boneh and Franklin

algorithm

2. Share secret key according to homomorphic property of RSA. Generally, if S = (e, m)

denotes the RSA network secret key, pick s shares seee ,, 21 Such that eis

i 1

Identity is a fundamental element of any ad-hoc network to manage trust. On the contrary,

some nodes or user want anonymity. This creates a tradeoff between trust and anonymity.

Pseudo Trust [121] is a protocol attempts to manage trust while maintaining the anonymity.

This is achieved with a generation of un-forgeable and verifiable pseudonym by a using hash

function. This protocol also introduces authentication method using Zero-Knowledge Proof

(ZKP). It does not require a third party. It uses a central site store Pseudo Identity Certificates

(PIC) of peer. Every peer generates its Pseudo Identity (PI) and replaces it with its original

identity. Following is the procedure:

1. Choose two random large prime numbers p1 and p2 and compute n=p1xp2 then PT

adopts slightly modified SHA-1.

2. Initialize (by peer A) an anonymous session (Onion Routes OR) with existing peer

using APFS protocol TA to A,

},...}}{...{,{ATAAA KKmixTOR

And

A to TA

XTAT KKmixTXORAA,....}}{,{...,{

3. Authentication and Session Key Exchange: - ZKP protocol but without central server

is used in PT its strength is based on factoring of large integer. Initiator “I” may

receive multiple responses but it selects only highly reputed responder. For

authentication peer Initiate authentication procedure to verify that peer claiming to be

the holder of R so “I” sends

I---->T1---->TR---->R where T1--->TR is TCP connection and other OR

As reply

R ---ORTR----> TR: PICR, TR, f, response

70

T1 ---OR1----> I: PICR, TR, f, response

This involve mutual authentication i.e. peer “I” proves its identity as well as server R proves

its own identity. For generation of session keys between “I” and R Deffie-Hellman key

exchange protocol can be a good option, DSS could also be used for simplicity. The task of

bootstrap server is to publish a pair {P (512 bit or larger), Q (160 bits)} such that g, g Q =1

mod P. Pseudo Trust chooses AES encryption with key K=gab mod P. For this server R is

required to:

i) Compute a MAC, h(f || k), using hash h(), then

ii) Encrypt the file F attached with MAC into cipher text C and delivers to I

There is always a need of a strong mechanism for node identification and node assignment. A

protocol named Likir [123]makes strong identification of nodes in P2P systems. It assumes

that a user has two things; i) a RSA key pair, ii) openId account. The working procedure is as

under:

1. A node register on a web portal identification and certification. Do bootstrap

procedure and join Likir network.

2. Reputation System (RS) maintens reputation of each node

evidenceX = UserIdX ||content||applicationID

degree of badness D is measured as

D = | {(x, y) |x ∈ Good ∧ y ∈ Bad} |

Likir seems a complete suite to provide authentication and message integrity but with a lot

overhead.

Table-11 shows a comparison of six peer to peer protocols. It considers many important

parameters in the peer to peer systems and ways to address these with focus on cryptographic

techniques. In this regard, the most concerned is the PKI, key management techniques,

cryptographic hash techniques for message authentication and anonymity. Factors like

security strength, self-organization, fault tolerance and anonymity are selected to compare

protocols in the study.

Table-11: Comparison of Peer to Peer protocols

Task Self- OneSwarm Secure Distributed Pseudo Likir [123]

71

Organized

Public Key

Certificate

System

(DHT

Based)

[120]

[121] Network

Coding

[122]

PKI [115] Trust

[121]

Cryptograp

hy

Identifier-

Based

Public Key

Cryptogra

phy

Public Key

Cryptograp

hy,

Symmetric

(During

Transmissi

on)

Public Key

Cryptograp

hy

Threshold

Cryptograp

hy

Identity

Based

Public Key

And

Identity

Based

Cryptogra

phy

Key

Generation

Public-

Private

Key Pairs

By The

User

Public/Priv

ate Key

Pair 1024-

Bit

Public And

Secrete

Key

Public And

Secrete

Key 1024-

Bit

Session

Key,

Deffie-

Hellman

Public,

Private

RSA 1024

Vulnerabilit

y to

Attack(s)

Cybil

(Less)

Collusion

(Less)

Not

Evaluated

For Attacks

Cybil

(Less)

MIMA

Fails, P

Of Reply

Attacks

=2-K

Mitigate

Sybil,

Avoid

MIMA

Authenticat

ion

Yes Yes Not

Defined

Yes Yes Yes

Authenticat

ion

Mechanism

Certificate OpenId

and

Certificate

Data

Confidentia

lity

No Yes Yes Yes Yes Yes

Peer No Yes No No Yes No

72

Anonymity

Key

Distribution

Discrete

Hash

Table

Piggy-

Back On

Social

Networks,

E-Mail

Invitation,

Manually

BitTorrent

Based

Homomorp

hic

Property

Of RSA

Encipherin

g Function

No RSA

DHT For Peer

Organizati

on

For Name

Resolution

Service

Discrete

Logarithm

No No Kademlia

DHT

Signatures

Used

Yes Not

defined

Homomorp

hic

Signature

Scheme

RSA No RSA, IBS

Methodolog

y

Certificate

d Register

Table

Flooding Network

Coding

Sharing

Tree

Hash And

ZKP

Reputation

System

(RS)

Self-

Organizatio

n

Yes No No Yes Yes Yes

Involvemen

t of Trusted

Third Party

No No Yes No No Yes Less

Cryptograp

hic

Algorithm

SHA-1 RSA,

SSLv3,

SHA-1

Linear

Equation(

W = AU)

RSASSA-

PKCS1-v1-

5 and

SHA-1

AES RSA,

SHA-1

Self-

Healing

Yes Yes Depends Yes Yes No

Probability

for

Malicious

C

Cr

N

rr

rNP

2/

2/

kpfP )1(

Not

Defined

Not

Defined

2-K Exist But

Not

Defined

73

Peer

Overlay Chord Mesh Depends Kademlia

(Tree

Structure)

Unstructu

red

Secure

Kademlia

Here is the justification of the chosen parameters:

Cryptography - It looks for the type of cryptography being implied.

Key - It looks for the type, generation and management of keys

Attack - It looks for what type of attacks the protocol can handle or it is vulnerable to.

Authentication - It looks for what sort of authentication is being applied.

DHT - It looks for is there any involvement of Distributed Hash Table (DHT).

Signatures - It looks how the use of signature is fruitful.

Message Route – It looks for if there is any message routing protocols that have higher

throughput.

Self-Organization – It looks for if the system has any self-organization

Involvement of TTP - It looks for if the system has any involvement of TTP

Cryptographic Algorithm – it looks for what sort of cryptographic algorithm is used for

encryption and decryption.

Malicious Peer – it looks for how a malicious node can behave.

4.1.4 Proposed Hybrid Model

A lot of trade-offs have been observed in most of these schemes in the literature survey. One

way to handle trade-offs and get most out of most suitable schemes is combining them in some

way to get almost desired results. One viable solution that uses a layered approach is

suggested here. It combines two already proposed schemes in a way that it serves most of the

security requirements. This approach is shown in Figure-15.

The main idea is to separate key distribution from actual data transmissions. To do this, it is

suggested that first start the bootstrapping process and distribute keys using scheme suggested

74

in [65] . After that use the outer coding scheme proposed in [124] . The evaluation of this

model shows positive results.

Figure-15: A hybrid model

By bootstrapping is the process through which a node gets familiarization with other nodes or

its neighbors [125].

There is a need to describe a generic set of security requirements for Network Coding

protocols and systems. This work will serve two fold, first it may be used as a reference

material for current Network Coding protocols and systems analysis; second, it will serve as

guidelines for extension design and new, more secure, Network Coding protocols and

systems. This part of work also provides a contrast and similarity of these requirements with

those that are recommended for routing protocols by Internet Engineering Task Force (IETF).

4.2 A System Model for Incorporating Secure Network Coding in Existing

Networks

Now, it has been convinced that Network Coding (NC) protocols provide better congestion

control and reliability as compared to traditional routing protocols. These protocols/schemes

are responsible for distributing information to destinations attached to the network using the

75

unicast or broadcast nature of the channel[126]. The operating principle of Network Coding

[2] is as simple as coding or mixing packets and then unicast or broadcast them to next hop

node(s) instead of routing them to a predefined node as it happens in case of routing. This

process begins at a sender node where packets from same flow or multiple flows are coded.

At intermediate or forwarder node(s) these packets are decoded and then encoded. This

process is repeated until the transmitted packets reach destination or sink node(s). The

decoding information either travels with the coded packets or is available to all nodes by

some predefined mechanism so Network Coding is vulnerable to threats and attacks that can

harm intermediate nodes or coding operations as a whole. It is very important to identify

threats that can affect NETWORK CODING performance and hence limit the benefits

offered by it. For example, if a node drops the packets it received from predecessor node then

it may result in loss equivalent to half of the throughput [127].

4.2.1 The Need and motivation for a System Model

Network Coding can be discussed with respect to routing. Routing, being a well-established

and well implemented field, has lots of standardizations by Internet Engineering Task Force

(IETF). Request for Comments (RFCs) are available that play a role in the standardization of

routing and other mechanism in traditional store-and-forward networks. To best of

knowledge of the author, no work has been done on these notions in Network Coding.

To streamline the security aspects of Network Coding in the context of system aspects of a

protocol. This work as on lines of IETF presents a generic outline of threats to Network

Coding enabled communications and provides a generic set of security requirements to cope

with those security threats.

A number of Network Coding schemes and protocols have been suggested in literature [43,

127,128,129]. As these schemes are vulnerable to threats (e.g wiretapping, pollution attacks

etc.), a new paradigm of Network Coding Schemes called Secure Network Coding schemes

evolved to counter some of those threats [58,121]. In literature Network Coding schemes are

classified as state aware and stateless [64]or as intra flow and inter flow [51]. Both these

classifications draw the divide line on the level of complexity. There are certain Network

Coding Protocols that do not take into account the network state information (for example

RLNC[43]) and provide some built in security against impersonation attacks but not against

76

other types of attacks. Another class of Network Coding protocols that do take care of

network state information exploits opportunistic coding benefits so as to provide better

performance. According to another classification, some protocols mix packets of single flow

stream called intra-flow while other mix packets from multiple flows called inter-flow

protocols. If one sees at a glance on these protocols, one may come across the understanding

that these protocols may deviate slightly in terms of security requirements. The analysis and

comparisons of those Network Coding protocols/schemes in previous work [122]. None of

them is completely secured against all threats reported so far in literature. There are a few

articles written so far that give insight to the type of attacks, their description, their effect,

consequences and proposed solution to them in some cases[7,8] and no consideration has

been paid to generic case. So, there seems a lack of generic security requirements that should

be kept in mind while designing such protocols.

Throughout this text, words in capital letters and security terminologies are to be interpreted

as described in RFC 2119 [131] and RFC 2828 [132], respectively.

Assumption, definitions and Network Coding System model and its overview; and general

requirements to secure Network Coding protocols and systems are described in this section of

chapter.

4.2.2 Definitions, Assumptions and Protocol Model

To formalize the generic security requirements, the underlying definitions, assumptions and

system model are described as below:.

Assumptions

Only those protocols/schemes are considered which are correctly implemented and do not

consider the problems/actions due to poor implementation. In fact poor implementation

makes the protocol/scheme more vulnerable.

Definitions

Network: A well connected set of nodes G(V,E), where E is the set of links and V is the set

nodes.

77

Path: A path Network Coding based communication is a list of successive intermediate

systems through which the destination can be reached insuring the maximum flow.

Path Properties: Path properties may be obtained from the network information given as

G(V,E). In Network Coding the data dissemination is not path specific so it can be the

properties related to intermediate nodes. This can be done with help of trust model by

declaring a value of trust level.

Trusted Node: A node is trusted if it belongs to same control plane or has some agreement of

trust.

Evaluated Node: A node is evaluated if its trust of that node is evaluated on the basis of path

properties.

Expected Node: A node is expected if it provides path properties but no certainty.

Hazardous Node: A node is hazardous if path properties are not correct.

Encoding/Decoding Information: Information in any form useful for encoding and decoding

of other information.

Eavesdropping: It is accessing of flow on all links or its subset to find some coding/decoding

information, data etc. it can be an internal or external eavesdropping.

Byzantine Attacks: all attacks caused by an adversary node that mimic to a legitimate node.

Arbitrary sort of behavior is expected from such a node.

4.2.2 Network Coding Protocol: System Model

A generic system model for Network Coding protocols is presented here. This model can

support intra-flow, inter-flow, state aware and stateless protocols. It has three major

components as shown in Figure-16.

Network Information maintenance Component: This component keeps updates and maintains

information related to network nodes in the range.

78

Coding/Decoding Information Component: This component takes care of information

necessary for decoding and coding of packets at a node.

Layer Coordination Component: This component coordinate with lower/upper layers to

deliver, send, receive and forward a data or information message.

In case of stateless protocol the Network Information maintenance component is treat as

NULL.

4.2.3 Threat Model

Threat Sources: The threat source can be any of the components of system model as shown in

Figure-16. At each component, there can be an adversary with following assumptions:

Malfunctioning of coding/decoding information,

To disturb or kill neighboring nodes or nodes in its range,

To get something useful for itself.

The adversary (legitimate or illegitimate) can be equipped with following powers:

o Inserting a false packet,

o Computing power,

o Falsifying data and

79

o Taking control of a node.

4.2.4 Proposed System Model for a Secure Network Coding Protocol

There are two major categories of threats to Network Coding based communications at macro

level; first Eavesdropping and second Byzantine attacks. If micro perspective is taken,

following threats are expected for Network Coding Protocols

Threats to Network Information Maintenance Component are Network Information

Falsification, Network Information Modification and Wormhole attacks.

Network Information Falsification: An adversary node provides false information about links

next to it.

Network Information Modification: An adversary forwarding node provides modified link

state information.

Wormhole: Upon compromise, an adversary node shows a link as persistent but actually that

Figure-16: A system model for Secure Network Coding

80

link does not exist.

Threats to Coding/ Decoding Information Component can be Falsification, modification and

dropping of such information.

Threats to Layer Coordination component can be in form of Acknowledgement (ACK)

injection, dropping, modification and delay.

There are some other threats that occur when a node is totally compromised. These are

Pollution attacks, Packet Dropping attacks and Blackhole attacks.

Packet Pollution: In Packet Pollution, an attacker node injects corrupted packets.

Packet Dropping: A compromised node does not forward packets some of packets being

received by it.

Blackhole: A compromised node that denies forwarding the received packets at all.

4.2.5 Threats Importance and Actions

Taking into account the cost of loss of threats there shall be some consequence of threats.

These consequences are well known in literature and are named as Usurpation, Deception,

Disruption and Disclosure in the order of their importance.

There is a need to set security requirements such that they deal with prevention against the

conditions of consequences. This prevention may be against the existence of threat sources

and detect if there is some attack(s).

The actions that can result into usurpation are all falsification attacks. Any sort of pollution

attack, dropping or modifying a packet or ACK and wormhole would cause deception.

Injecting false packets will overload the node and hence cause disruption. All eavesdropping

attacks results into disclosure.

81

4.3 Generic Security requirements

Generic Requirements for Network Coding are listed blew. These are listed as a main

requirements (MR) then each MR is followed by sub requirements.

The First main requirement is:

MR(1) Correct coding/decoding information SHOULD be made available for the

encoding/decoding OR forwarding at a node. This process MUST be completed in time-

efficient manner.

Its sub requirements are:

MR(1.a) When encoding/decoding information is unavailable or incorrect, the first main

requirement means that a correct decoding information SHOULD be made available, either

through the use of another protocol or it SHOULD be discarded.

MR(1.b) When decoding information is available and correct, the first main requirement

means that misuse of the encoding/decoding information SHOULD NOT jeopardize

decoding information availability or correctness, as this would also compromise correct

forwarding.

The second main requirement is:

MR(2) The intermediate node MUST ignore the packets irrelevant to it.

The third main requirement is:

MR(3) The Network Information SHOULD be available in time-efficient manner provide

opportunistic coding.

4.4 Implementing Secure Network Coding using Computational Intelligence

Among many other Computational Intelligence approaches and set of evolutionary methods,

Genetic Algorithms (GAs) are being applied as it is being used to solve many problems by

modeling simplified genetic processes and are considered as a class of optimization

82

algorithms. By using Genetic Algorithm the strength of the key is improved that ultimately

make the whole algorithm strong enough. This chapter describes implication of Genetic

Algorithms (GAs) to provide security and its adaptation in to make Network Coding secure.

4.4.1 Implication of Genetic Algorithm in Cryptography to Enhance Security

Symmetric and asymmetric cryptosystems are not suitable to provide high level of security in

every application and environment. Modern hash function based systems are better than

traditional systems but the complex algorithms of generating invertible functions are very

time consuming. In traditional systems data is being encrypted with the key but still there are

possibilities of eavesdropping the key and altered text. Therefore, key must be strong and

unpredictable. A method which takes the advantage of theory of natural selection is chosen.

There are many applications of Genetic Algorithms (GAs) for optimization [6]. In the

proposed method, data is encrypted by a number of steps. First, a key is generated through

random number generator and by applying genetic operations. Next, data is diffused by

genetic operators and then logical operators are performed between the diffused data and the

key to encrypt the data. Finally, a comparative study has been carried out between the

proposed method and two other cryptographic algorithms. It has been observed that the

proposed algorithm has better results in terms of the key strength but is less computational

efficient than other two.

Cryptography uses mathematical techniques for information security, data integrity,

confidentiality, non- repudiation and authentication. Cryptography is based on concepts of

Encryption and Decryption [74]. When data is sent from sender to receiver, the data is

converted to some unreadable form called encryption of data and at receiver side data is again

converted to its original form called decryption of data. Both encryption and decryption

processes require the key. For protection of valuable information from unlawful imitation,

eavesdropper’s attack and modification, different types of cryptographic algorithms are

designed. There are two major types of such algorithms: symmetric cryptography [76] and

asymmetric cryptography [77]. In asymmetric key cryptography two different keys are used,

one for encryption called public key and one for decryption called private key. Only one

same key is used in symmetric scheme.

83

The applications of both schemes differ due to efficiency of scheme; symmetric scheme is

mostly used for encryption of data due to its high performance while asymmetric is often

used for digital signature and distribution of key. Moreover, no any symmetrical ciphering

technique such as AES, DES, Advanced AES, and IDEA has taken any benefit from most

recent advances in information processing technology. Various kinds of modern data

encryption techniques [78] are found in the literature. Genetic Algorithms (GAs) [133] are

among such techniques.

Genetic Algorithm is kind of adaptive search algorithms which make use of the mechanics of

natural selection and genetics. Genetic Algorithms (GAs) is part of Evolutionary Algorithms;

which are used to solve optimization problems with the help of biological mechanism like

selection, crossover and mutation [134].

The key idea of Genetic Algorithms (GAs) is to imitate the randomness of the nature where

natural selection process and behavior of natural system make population of individuals able

to adapt the surrounding. The survival and reproduction of the individuals is supported by

exclusion of less fitted individuals. The population is generated in such a way that the

individual with the highest fitness value is most likely to be replicated and unfitted individual

is discarded based on threshold set by an iterative application of set of stochastic genetic

operators[135].

84

Figure-17: Flow Chart of Genetic Algorithm

Genetic Algorithm performs following operations to transform the population to new

population based on fitness value:

1. Crossover is a genetic operator which joins two chromosomes to form a new

chromosome. The newly generated child chromosome is composed of chromosomes from

each parent.

Crossover is classified as single point, two point and uniform crossover.

Crossover

Initial Population

Selection

Mutation

One Generation

85

In Single Point only one crossover point is selected to generate new child (Figure-18).

In Two Point crossover two crossover points are selected to generate new child (Figure-

19).

In Uniform crossover bits are selected uniformly from each parent (Figure-20) [135].

Figure-19: Two Point Crossover

Figure-18: Single Point Crossover

86

Figure-20: Uniform Crossover

2. Mutation: In mutation after crossover at least one bit in each chromosome is changed

(Figure-21). [136]. This is performed to reflect the effect of surrounding in natural

genetic process. There are two major types of Mutation i-e Flipping of Bits and

Boundary Mutation. In Flipping of Bits one or more bits are converted into 0 to 1 or 1

to 0. In Boundary Mutation randomly upper or lower block in swapped in chromosome

[136].

Figure-21: Mutation

3. Selection: In selection, chromosomes are chosen from the population for generation of

new population. The selection is based on fitness value, higher the value more is the

chances to be selected. Selection is classified as Roulette-wheel Selection, Tournament

Selection; Truncation Selection [85].

4. Fitness Function: This is very important function of Genetic Algorithm because good

fitness functions are useful for exploring the search space efficiently and bad fitness

functions are confined to local optimum solution. Fitness Function can be categorized

as Constant fitness function and Mutable fitness function [136].

Key Selection in cryptography is kind of selection problem. The key with highest fitness and

randomness is selected. The applications of Genetic Algorithm are also in search heuristic

87

problems, which make the Genetic Algorithms (GAs) a reliable algorithm for key generation

and data encryption.

The key point of the proposed algorithm is if the quality (randomness) of the pseudorandom

numbers generated for keys is good then the keys generated will always be non-repeating and

purely random and ultimately increase the security and strength of keys.

4.4.1 Comparative Analysis of Method

With the help of Genetic Algorithms (GAs) most of the research has been done by different

researchers in the area of data encryption and key generation. Some of the work is defined in

this section.

Hassan et al [137] have used the concept of encryption and decryption with the help of

Genetic Algorithms (GAs) and RSA. First the key was generated with the help of Genetic

Algorithms (GAs) and then generated key was used in RSA to encrypt the data. In this way

the strong key was generated that was non-repeating too and this was not easy to break. This

algorithm is better in terms of key strength than DES, AES, and RSA etc. Sindhuja et al [138]

has given a symmetric key cryptosystem by applying Genetic Algorithms (GAs). Key matrix

and text matrix were added to create an additive matrix and then substitution cipher was

applied on additive matrix to create the intermediate cipher. Crossover and Mutation were

then applied on intermediate cipher to encrypt the data. This method is simple and easy to

implement.

Aarti Soni et al [139] proposed a new algorithm in which pseudorandom number generator

was used to generate the key. The random number generator used the current time of

computer for random numbers. Then genetic operations were performed on random numbers.

Finally selected key was used in AES symmetric algorithm to encrypt the image. The benefits

of this algorithm were increased efficiency, less computational time and irregularity of key.

The same method of key generation was also followed by Sania Jawed et al [140] but in this,

fitness value was calculated by applying Frequency and Gap test along with hams distance

between the two binary keys. This algorithm was implemented in Java technology where 100

chromosomes, 0.5 mutation rate, 2.5 crossover rate were selected for the algorithm.

88

Narendra K. Pareek et al [141] used the Genetic Algorithms (GAs) for encryption of gray

scale images. The performance analysis of scheme revealed that the algorithm possesses the

good statistical results, key sensitivity and can handle the plaintext attack, brute force attack,

entropy attack and differential attack. Kirshna et al [142] proposed cryptographic algorithm

by using genetic function. In this algorithm substitution matrix and double point crossover

was used to encrypt the data. This algorithm was implemented in Xilinx 13.2 version and

verified using Spartan 3e kit. Almarimi et al [74] dealt with security of electronic data over

network. The proposed algorithm integrated the Genetic Algorithms (GAs) and

pseudorandom sequence for encryption and decryption of data. Random sequence was

obtained by using nonlinear shift register. Time and speed of algorithm were calculated for

observing results.

Swati Mishra et al [85] Public Key Cryptography Using Genetic Algorithm worked to

generate a best fit key which could make code difficult to crack. Fitness of key was

calculated by Pearson coefficient of autocorrelation. Two keys public and private were

generated by using random number generator, crossover and then mutation. Finally Gap and

Frequency tests were applied to select the best sample of key. The process was repeated until

there was no best key. C++ programming was used to implement the algorithm and frequency

was tested by chi-square test.

Ankit et al [136] generated the key for stream cipher with the help of natural selection

process. The genetic operations were repeated until fitness value of any chromosome is less

than threshold. Once completed the final selection of key was done through Genetic

Algorithms (GAs). Selected key was unique and non-repeating. Kalaiselvi et al [143]

discussed the need of adaptive and dynamic cryptographic algorithm to reduce computational

cost and enhance security. In this paper two enhanced AES cryptosystems were proposed by

using Genetic Algorithms (GAs) in SP boxes. AES was modified to accommodate the

nonlinear Neural Network in SP network. This scheme ensured the increased security against

timing attacks and reduction of computational time.

Subhajit et al [144] encrypted an image by using genetic algorithm. Then statistical test was

performed to visualize the feasibility of solution. Jhingran et al [134] conducted survey on

applications of genetic algorithm in the field of cryptography. The work done by researchers

has impressive results but each research work has used some existing cryptographic

89

algorithm in combination with genetic operators. The motivation is to create novel

cryptographic algorithm with the help of Genetic operations, which is easy to implement and

secure in terms of key strength and attack time [145].

4.4.2 Proposed Algorithm

The proposed algorithm is named as Genetic Crypto and is divided into three major steps i-e

Key Generation, Data diffusion and Data Encryption (Figure-22).

Figure-22: Genetic Crypto Flow Diagram

Data Packet

Key Generation

Genetic Crypto

Data Packet

Data Diffusion

Data Encryption

90

The genetic operators are used in both key generation and data diffusion. Initial population is

generated through random number generator. For simplicity one point crossover and bit

filliping techniques are used for Crossover and Mutation respectively. Fitness value of key is

calculated through Shannon Entropy because entropy is one of important feature of

randomness. This algorithm is implemented in C# programing language, .net framework 4.5

in Visual Studio 2012. The interface and example result is shown in Figure-23.

91

Figure-23: Results of Implementation of Proposed Algorithm

92

4.2.2.1 Key Generation

The Key length can vary between 80-128 bits.

Step KG-1: Sixteen random characters are generated with the help of random number

generator from A-Z.

Step KG-2: Each randomly generated character is converted to binary format (8 bits)

Step KG-3: The result is stored in 2D array data structure.

Step KG-4: Sixteen prime random numbers are generated from 0-100.

Step KG-5: Each randomly generated number is converted to binary format (8 bits).

Step KG-6: The result is stored in 2D array data structure.

Step KG-7: Eight random numbers from 1 to 7 are generated for crossover points.

Step KG-8: The numbers are stored in array data structure.

Step KG-9: One point crossover is performed by taking one parent from array of

random prime number and one parent from array of random characters.

The crossover point is identified from the array of random numbers

generated in Step KG-8.

Step KG-10: Step KG-9 will be repeated until there is parent left for crossover.

Step KG-11: For Mutation, bit flipping mutation is used in which first and

last bit of each chromosome is inverted; means 0 will be converted to 1

and vice versa.

Step KG-12: Step KG-11 will be repeated for all the child chromosomes.

Step KG-13: After Mutation, Fitness function of each chromosome is calculated

through Shannon Entropy.

Step KG-14: Chromosomes with the Shannon Entropy of greater than 0.95 will be

merged and selected as key. If there is no any.

Step KG-15: Chromosome with entropy greater than 0.95 then the whole process will

be repeated again until there is no best fit key.

4.4.2.2 Diffusion of Original Text

Step DT-1: Data is converted to binary format.

Step DT-2: Binary data will be segmented into blocks. Each block size is 8 bits and

number of blocks (chromosomes) is size of data/8.

Step DT-3: The result is stored in 2D array data structure.

93

Step DT-4: Eight random numbers from 1 to 7 are generated for crossover points.

Step DT-5: The numbers are stored in array data structure.

Step DT-6: One point crossover is performed between adjacent parents in array of

binary data. The crossover point is identified from the array of random

numbers generated in Step DT-5.

Step DT-7: For Mutation, bit flipping mutation is used in which first and last bit of

each chromosome is inverted.

4.4.2.3 Encryption of Text:

Step ET-1: Length of key and length of data is calculated first. If any of them has

fewer bits than the other, 0s will be appended from left to make the length

of data and key equal.

Step DT-2: Logical XOR operation will be performed between diffused data and key

bit wise.

Step DT-3: The resulting set of bits is encrypted data.

4.4.2.4 Performance of Genetic Crypto

The proposed algorithm (Genetic Cipher) is compared with DES and AES symmetric key

cryptosystems in terms of encryption, decryption time and key strength. The key strength is

categorized by key search space size means how many alternative keys can be tried to break

the cipher, Attack Scenario means how much time is required by eavesdropper to attack on

data. The Encryption and decryption are calculated by implementing the algorithm and key

strength is in terms of attack time is calculated with help of GRC [146] Interactive Brute

Force key “Search Space” Calculator.

Table-12: Comparison of Genetic Crypto with DES and AES

DES AES Genetic Cipher

Encryption Time 068907 mm 084440 mm 27069 mm

Key Search Space

Size

4.85 * 1028 Keys 2.31 * 1057 Keys 1.11 * 10120

Keys

Attack Time (1000

k/s)

15.41 thousand

trillion days

7.34 hundred million

trillion days

3.53 hundred billion

trillion days

94

Table-12 shows that Encryption time of DES and AES is 068907mm and 084440 mm

respectively while Encryption time of Genetic Cipher is 27069 mm, which is higher than

both. The complex cryptographic algorithms with high provision of security are much better

than simple algorithm with less security in cryptography. This point is evidenced by measure

of key strength. In both categories key search space and attack time the Genetic Cipher

requires much higher time to break than DES and AES.

This Genetic Crypto adopted a new way to encrypt the data i-e using Genetic Algorithms

(GAs). First a key of length between 80 and 128 is generated by applying genetic operations

on randomly generated characters and prime numbers. Shannon Entropy is used to calculate

the fitness value of each chromosome. After key generation, data is diffused again by

applying crossover and mutation on data. At last key and diffused data are XORed for

encryption. The result shows that although the proposed algorithm take little longer

encryption time than DES and AES but the key strength is better than the other two compared

algorithms.

Observing avalanche Effect

The Genetic Crypto exhibits strong avalanche effect. Following is observation made during

experiment to test avalanche property of the algorithm. The test is run on 32-bit block of

plain text.

95

Figure-24: Avalanche Effect on 32 bit block of Plain Text

4.4.2.5 Role of other Computational Intelligence Techniques

There is a research work [147] only focused on evolutionary computation methods. This

section provides the overview of all possible evolutionary computation techniques/methods

such as Genetic Algorithms (GAs), Genetic Programming (GP), Tabu Search (TS), and

Simulated Annealing, which can be applied on modern cryptography. Among these methods,

Genetic Algorithms (GAs) and GP follow natural and biological evolution process of

Humans.

It has been observed that most of the evolutionary computation methods have been applied to

only those conventional systems but they do not have any viable application in real world.

Moreover, it is very difficult either to verify results from these methods or to reproduce them

in a different scenario.

0

5

10

15

20

25

30

35

0 5 10 15 20 25 30 35

Avanlache Effect

96

Figure-25: Evolutionary Computation Methods

Figure-26: Evolutionary Computation Methods in Cryptography

Evolutionary Computation methods

Genetic Algorithms

Genetic Programming

Tabu SearchSimulated Annealing

Evolutionary Computation Methods in Cryptography

ICIGA system

Evolving Hardware for RSA Systems

Finding Cryptographically Sound

Boolean Functions

Evolving Block Ciphers and

Cryptographic Hash Functions

Design of S-boxes

Simulated Annealing for S-

boxes

Genetic Algorithms for

Bijective S-boxes

Genetic Algorithms

for Self-inverse S-

boxes

Optimal Tabu-

genetic algorithm

for S-boxes

Design of Pseudorandom

Sequence

97

A. ICIGA (Improved Cryptography Inspired by Genetic Algorithms) Systems used

crossover and mutation concept of Genetic Algorithms (GAs) for encryption and

decryption, however, neither selection scheme nor fitness function is used. This

system helped in making faster encryption and decryption processes.

B. Evolving Hardware for RSA Systems

Cryptographic hardware circuit can evolve dynamically with respect to its environment by

using GP evolvable hardware methods.

C. Finding Cryptographically Sound Boolean Functions

Boolean function’s important property which is high nonlinearity can be achieved by using

Genetic Algorithms (GAs) algorithm together with hill-climbing techniques, and it can have

suitable results as compared to random search.

D. Evolving Block Ciphers and Cryptographic Hash Functions

GP was used to improve the nonlinearity while developing a block cipher and to reduce the

avalanche effect. They used these techniques and modified the parameter of new blocked

cipher known as Wheedham. Moreover, authors used Wheedham together with Miyaguchi-

Preenel construction to develop a new cryptographic hash function named as MPW-512.

E. Design of S-boxes

Simulated annealing for S-Boxes produces better results than human-made conventional S-

box.

F. Design of Pseudorandom Sequence

Cellular automata rules can be used to generate Pseudorandom number generators which can

be utilized in cryptography, and Genetic Algorithms (GAs) can be used to produce new

cellular automata rules.

4.5 Implementing Genetic Crypto to Secure Network Coding

98

Keeping in view the performance and security strength offered by Genetic Crypto, it will be

used for encryption and decryption requirement in the proposed model. Figure-27 shows the

block diagram of the overall proposed model of Secure Network Coding.

99

Error Control Mechanism (Encoding)

Random Linear Network Coding

Security Encoding/signing

Using Genetic Crypto

Error Control Mechanism (Decoding)

Security Decoding/verification

Using Genetic Crypto

Source

Destination

Error Control Mechanism (Encoding)

Simple Network Coding (XOR)

Error Control Mechanism (Decoding)

Boot Strapping, Key Distribution and Key

management

Boot Strapping, Key Distribution and Key

management

Figure-27: Block Diagram of proposed Secure Network Coding Model

100

The source and intermediate nodes know identifiers of the sinks and source and sink nodes

share symmetric keys to encrypt data as needed.

Boot-strapping

Key Distribution

Apply Random Linear Codes

Encrypt Coefficients using Genetic Codes

Sufficient # of packets

Decode at destination node

Figure-28: Flow diagram of the Overall Process

101

Scenario: Node A and C establishes secure connection through intermediate node B

Bootstrapping

Step E-1: Generating Keys: Generate a set of keys. These key must be statistically

independent.

Step E-2: Assigning Identities: Assign an identity to each node

global_key_identity(32 bits)=node_identity(24 bits)||local_key_identity(8 bits)

Step E-3: Generating OTP: Generate One Time pad (OTP). The size of OTP must

be equal to the size of Key. OTP ~ Bernoulli distribution with probability 0.5

Step E-4: Storing Encrypted Keys: Save (global_key_identifier, E(global_key

XOR OTP, )

Step E-5: Getting Neighbors information: Save |edges-out| keys in each node.

Each node is aware of its own node_identity and local_key_ identity

Key Distribution

Step K-1: Identity: Each node broadcast its identity through broad cast messages

and updates its list of neighbors

Generate a set of keys

Assigning Identities

Generating OTP

Storing Encrypted Keys

Getting Neighbors information

Figure-29: Flow diagram of Bootstrapping Process

102

Step K-2: Broadcasting HELLO message: B broadcast HELLO messages. In

return each node returns (number_of_neigbors, list_of_neigbors)

Step K-3: Look up for the communicating parties: The source looks as if the

destination is in the list_of_neighbors of any node. If so, B sends

global_key_identity of A || global_key_identity of C using Network Coding

operation

Step K-4: Performing Simple Network Coding: A and C performs XOR of the

received information with their own Key to get Key of each other.

This Bootstrapping and Key distribution guarantees that attacker can see keys from the XOR

messages. Any sort of injection can be detected by the legitimate node by rejecting invalid

key.

Applying Outer Codes

Encrypting coefficients using Genetic Crypto and sending through random Linear Network

Codes

A) Source Node

Step OCA-1: Generating data blocks: The source node has n block of data

Broadcasting Identity

Broadcasting HELLO message

Look up for the communicating parties

Performing Simple Network Coding

Figure-30: Flow diagram of Key distribution Process

103

Step OCA-2: Form random linear combinations: It forms a random linear

combination of the n packets (the current generation is set in a packet to be sent; •

Step OCA-3: Making Unlocked Coefficients: Adding unlocked coefficients

Step OCA-4: Making Locked Coefficients: Making global encoding vector using

genetic Crypto

B) Intermediate Node

Step OCI-1: Storing: store the received packets

Step OCI-2: Updating unlocked coefficients: change unlock and locked

coefficients

Step OC-1: Forward: forward the updated packets

C) Sink Node

Step OCS-1: Decoding unlocked coefficients: decode using unlocked

coefficients to get locked coefficients

Step OCS-2: Decrypting locked coefficients:

Step OCS-2: Recover the original message:

Generating data blocks

Form random linear combinations

Making Unlocked Coefficients

Making Locked Coefficients

Decoding unlocked coefficients

Decrypting locked coefficients

Recover the original message

Storing

Updating unlocked coefficients

Forward

Source Node Intermediate Node

Sink Node

Figure-31: Flow diagram of applying Outer Code Process

104

6.4 Evaluation of Proposed Model

For the evaluation following are plotted against number of nodes;

i) Amount of data to be encrypted as compared to tradition encryption

ii) Time taken by encryption decryption process

Figure-32: Amount of data to be Encrypted as compared to Traditional Encryption

Figure-33: Time taken by Encryption and Decryption Process

0 200 400 600 800 1000 1200

Am

on

t o

f e

ncr

ypte

d D

ata

Block Size (K Bytes)

Encrypted load

Encryption load - traditional

0

1

2

3

4

5

6

7

0 200 400 600 800 1000 1200

Tim

e in

mic

ro s

eco

nd

s

Block Size

Time taken by GeneticCrypto (micro seconds)

Time taken by AES (microseconds)

105

4.6 Conclusions and Future Work

Since the field of Network Coding is in its evolution phase, it is expected that its deployment

into commercial products soon. Since 2000 soon after the seminal work of Li et. al. it gained

due attention of researchers. Till now researches have been contributing a lot of schemes

with ever increasing efficiency optimization and mitigation of issues raised therefrom.

4.6.1 Conclusions

Earlier works are focused on the theoretical foundations while later work explored more

practical aspects.

Cross-domain work showed good collaboration among researches as well as industry backed

the research and development.

Some researchers looked at various problems in isolation. The research focus moves from

code construction to optimal practical solutions in simple Network Coding while in Secured

Network Coding it is from simple data confidentiality to a combination of confidentiality and

authentication along with intrusion prevention and detection.

The literature shows a lot of concentration on linear code specially the Random Linear

Network Codes as a significant work on Network Coding revolves around this concept.

There are many polynomial time approximate solutions/algorithms that can solve the problem

of Network Coding and hence the Secure Network Coding paradigm.

The current state-of-the-art Network Coding has been investigated and found that random

linear network codes are the most successful codes so far from the perspective of

implementations.

There has always been some trade-offs. Communication bandwidth, network cost and

security. A detailed comparison of different Network Coding security protocols in terms of

their capabilities has been presented which suggest that none of these serves to give benefits

approximately equal to the benefits of Network Coding alone however it was observed that

tradeoffs between network capacity and bandwidth or network cost and security can be made.

106

A combination of good candidates from the available pool of security scheme may serve the

intended purpose with throughput not equal to the throughput of Network Coding itself but

conceivably greater than the throughput of traditional communication networks.

Many security issues has been focused. Problem formulation, proposed approach and its

methodology suggests that by incorporating computational intelligence techniques

particularly Genetic Algorithms, a Secure Network Coding Scheme meets the generic

security requirements described in section-4.2.

Some of the existing schemes combined in an appropriate settings offered good results. The

model proposed in chapter-4 performed well in terms of security strength and offered better

key management.

Security aspects of Network Coding in the context of system aspects of a protocol makes this

model to support intra-flow, inter-flow, state aware and stateless communications.

A generic set of security requirements for Network Coding protocols and systems is used as a

reference material for current Network Coding protocols and systems analysis; second, it will

serve as guidelines for extension design and new, more secure, Network Coding protocols

and systems. It also provide a contrast and similarity of these requirements with those that are

recommended for routing protocols by Internet Engineering Task Force (IETF).

A new way to encrypt the data i.e. using Genetic Algorithms (GAs) using key of length

between 80 and 128 is and applying genetic operations on randomly generated characters and

prime numbers. Shannon Entropy is used to calculate the fitness value of each chromosome.

After key generation, data is diffused again by applying crossover and mutation on data. At

last key and diffused data are XORed for encryption. The result shows that although the

proposed algorithm take little longer encryption time than DES and AES but the key strength

is better than the other two compared algorithms.

The Genetic Crypto provided security in Network Coding (NC)-based transmission network

to test the proposed model. It was observed model performs well as compared to SPOC[124]

in terms of security strength and better key management.

107

4.6.2 Future Work

Future work can be done in following domains to seek further insight of this work.

4.6.2.1 Efficient Hardware Implementation

Efficient hardware implementation of a cryptosystem is always helpful in provision of fast

and efficient communications. A Genetic Crypto is composed simple computation operations

and offers good security strength so it is a suitable candidate for hardware implementation.

It also seems viable to experiment hardware implement of this model as a specific device that

could be commercialize later as a product.

4.6.2.2 Performance evaluation in Delay/Disruption Tolerant Networks (DTNs)

As many networks of this era are heterogeneous and their all-the-time availability is not

assured so there is need to test such systems in Delay/Disruption Tolerant Networks (DTNs).

For this performance evaluation of proposed model in such an environment could be an

interesting project.

4.6.2.3 More Applications of Genetic Crypto

In the future researchers can work to improve this algorithm for multimedia encryption like

images, video and audio. Efficiency in terms of time will be considered first. From the

evaluation point of view, this genetic cipher can be compared with other cryptographic

algorithms. Also, one can use more statistical techniques for evaluation of key randomness.

4.6.2.4 Use in Defense Applications

There are many situations where deployment of isolated network is required beyond the need

of ad-hoc network or any infrastructure-less environment. Such environment or situations are

need in many classified projects, defense organizations and law enforcement agencies.

108

The proposed work in thesis could be adopted and extended for private networks isolated

from the Internet or usual store and forward based Ethernet networks. It is recommended to

adopt this model along with the use of wifi-direct technology [148].

4.6.2.5 Developing and Incorporating this Work as a Network Service

There are certain proposals to use Network Coding a network service [149]. The proposed

system model has an ability to be implemented by Software Defined Network.

109

References

[1] C. C. E. Leiserson, R. R. L. Rivest, C. Stein, and T. H. Cormen, Introduction to

Algorithms, Third Edition, vol. 7. 2009.

[2] R. W. Yeung, S.-Y. R. Li, N. . Cai, and Z. . Zhang, “Network Coding Theory Part I:

Single Sources,” Found. Trends® Commun. Inf. Theory, vol. 2, no. 4, pp. 241–329,

2005.

[3] S. A. Aly, A. E. Kamal, and O. M. Al-Kofahi, “Network protection codes: Providing

self-healing in autonomic networks using network coding,” Comput. Networks, vol.

56, no. 1, pp. 99–111, 2012.

[4] R. Koetter and M. Medard, “An algebraic approach to network coding,” IEEE/ACM

Trans. Netw., vol. 11, no. 5, pp. 782–795, 2003.

[5] E. Fasolo, “Efficient Data Dissemination Protocols In Pervasive Wireless Networks,”

University of Padova, 2008.

[6] M. Wang and B. Li, “How practical is network coding?,” in IEEE International

Workshop on Quality of Service, IWQoS, 2006, pp. 274–278.

[7] J. Dong, R. Curtmola, R. Sethi, and C. Nita-Rotaru, “Toward secure network coding in

wireless networks: Threats and challenges,” 2008 4th Work. Secur. Netw. Protoc., pp.

33–38, 2008.

[8] L. Lima, J. P. Vilela, P. F. Oliveira, and J. Barros, “Network Coding Security: Attacks

and Countermeasures,” Symp. A Q. J. Mod. Foreign Lit., p. 8, 2008.

[9] N. Cai and T. Chan, “Theory of Secure Network Coding,” Proc. IEEE, vol. 99, no. 3,

pp. 421–437, 2011.

[10] J. E. Rowe, “Genetic algorithms,” in Springer Handbook of Computational

Intelligence, 2015.

[11] “Particle swarm optimization,” SpringerBriefs Appl. Sci. Technol., 2016.

[12] C. Blum and R. Groß, “Swarm intelligence in optimization and robotics,” in Springer

Handbook of Computational Intelligence, 2015.

[13] K. A. Dowsland and J. M. Thompson, “Simulated annealing,” in Handbook of Natural

Computing, 2012.

[14] X.-B. Hu, M. S. Leeson, and E. L. Hines, “An effective genetic algorithm for network

coding,” Comput. Oper. Res., vol. 39, no. 5, pp. 952–963, 2012.

[15] Y. Hongyan, “Network Coding Optimization Method Research Based on Genetic

110

Algorithm,” Appl. Mech. Mater., vol. 644–650, pp. 2059–2062, 2014.

[16] S. M. Nallakannu and R. Thiagarajan, “PSO-based optimal peer selection approach for

highly secure and trusted P2P system,” Secur. Commun. Networks, vol. 9, no. 13, pp.

2186–2199, 2016.

[17] F. D. Ming He, Hong Wang, Lin Chen, Zhenghu Gong, “An Efficient Dynamic

Authentication Scheme for Secure Network Coding.”

[18] D. M. Sabri, “Performance Analysis for Network Coding Using Ant Colony Routing,”

2012.

[19] Z. Wang, H. Xing, T. Li, Y. Yang, R. Qu, and Y. Pan, “A Modified Ant Colony

Optimization Algorithm for Network Coding Resource Minimization,” IEEE Trans.

Evol. Comput., vol. 20, no. 3, pp. 325–342, 2016.

[20] L. Zhang, X. Zhuo, and X. Zhao, “Research on Network Coding Optimization Using

Differential Evolution Based on Simulated Annealing,” in Advances in Swarm and

Computational Intelligence, 2015, pp. 346–353.

[21] S. Y. R. Li, R. W. Yeung, and N. Cai, “Linear network coding,” IEEE Trans. Inf.

Theory, vol. 49, no. 2, pp. 371–381, 2003.

[22] L. Lima, M. Medard, and J. Barros, “Random Linear Network Coding: A free

cipher?,” 2007 IEEE Int. Symp. Inf. Theory, no. 1, pp. 546–550, 2007.

[23] N. de Beaudrap and M. Roetteler, “Quantum linear network coding as one-way

quantum computation,” Tqc’14, p. 17, 2014.

[24] D. Silva and F. R. Kschischang, “Security for wiretap networks via rank-metric

codes,” in IEEE International Symposium on Information Theory - Proceedings, 2008,

pp. 176–180.

[25] S. Y. Cho, C. Adjih, and P. Jacquet, “Heuristics for network coding in wireless

networks,” in WICON, 2007.

[26] Y. Desmedt and Y. Frankel, “Threshold cryptosystems,” in Lecture Notes in Computer

Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes

in Bioinformatics), 1990, vol. 435 LNCS, pp. 307–315.

[27] T. M. J. Feldman C. Stein and R. A. Servedio, “Secure network coding via filtered

secret sharing,” in 42nd Annual Allerton Conf. Commun., Control and Comput.,

Monticello, Illinois, 2004.

[28] Z. Yu, Y. Wei, B. Ramkumar, and Y. Guan, “An efficient signature-based scheme for

securing network coding against pollution attacks,” in Proceedings - IEEE INFOCOM,

2008, pp. 2083–2091.

111

[29] Y. Zhou, H. Li, and J. Ma, “Secure network coding against the contamination and

eavesdropping adversaries,” Chinese J. Electron., vol. 18, no. 3, pp. 411–416, 2009.

[30] T. Ho, R. Koetter, M. Medard, D. R. Karger, and M. Effros, “The benefits of coding

over routing in a randomized setting,” in IEEE International Symposium on

Information Theory, 2003. Proceedings., 2003, p. 442.

[31] N. Cai and R. W. Yeung, “Secure network coding on a wiretap network,” IEEE Trans.

Inf. Theory, vol. 57, no. 1, pp. 424–435, 2011.

[32] C. Fragouli and E. Soljanin, “Network Coding Fundamentals,” Found. Trends® Netw.,

vol. 2, no. 1, pp. 1–133, 2006.

[33] H. Yao and E. Verbin, “Network coding is highly non-approximable,” in 2009 47th

Annual Allerton Conference on Communication, Control, and Computing, Allerton

2009, 2009, pp. 209–213.

[34] J. K. Sundararajan, D. Shah, M. Médard, S. Jakubczak, M. Mitzenmacher, and J.

Barros, “Network coding meets TCP: Theory and implementation,” Proc. IEEE, vol.

99, no. 3, pp. 490–512, 2011.

[35] S. Zhang and S. C. Liew, “Applying physical-layer network coding in wireless

networks,” Eurasip J. Wirel. Commun. Netw., vol. 2010, 2010.

[36] P. A. Chou, Y. Wu, and K. Jain, “Practical Network Coding,” in 41st Annual Allerton

Conference, 2003, pp. 1–10.

[37] C. Gkantsidis and P. R. Rodriguez, “Network coding for large scale content

distribution,” Proc. IEEE 24th Annu. Jt. Conf. IEEE Comput. Commun. Soc., vol. 4,

no. C, pp. 2235–2245, 2005.

[38] A. G. Dimakis, P. B. Godfrey, Y. Wu, M. J. Wainwright, and K. Ramchandran,

“Network Coding for Distributed Storage Systems,” Inf. Theory, IEEE Trans., vol. 56,

no. 9, pp. 4539–4551, 2010.

[39] S. Katti, H. Rahul, W. Hu, D. Katabi, M. Medard, and J. Crowcroft, “XORs in the air:

Practical wireless network coding,” IEEE/ACM Trans. Netw., vol. 16, no. 3, pp. 497–

510, 2008.

[40] Y. Z. Zhu, B. Li, and J. Guo, “Multicast with network coding in application-layer

overlay networks,” IEEE J. Sel. Areas Commun., vol. 22, no. 1, pp. 107–120, 2004.

[41] S. Y. R. Li, R. W. Yeung, and N. Cai, “Linear network coding,” IEEE Trans. Inf.

Theory, vol. 49, no. 2, pp. 371–381, 2003.

[42] A. Esmaeili, “Linear network codes on cyclic and acyclic networks,” University of

Victoria, 2016.

112

[43] L. Lima, M. Medard, and J. Barros, “Random Linear Network Coding: A free

cipher?,” 2007 IEEE Int. Symp. Inf. Theory, no. 1, pp. 546–550, 2007.

[44] J. Heide, M. V Pedersen, and F. H. P. Fitzek, “Decoding Algorithms for Random

Linear Network Codes,” in NETWORKING 2011 Workshops, 2011, pp. 129–136.

[45] R. W. Yeung and Z. Zhang, “Distributed source coding for satellite communications,”

IEEE Trans. Inf. Theory, 1999.

[46] R. Bassoli, H. Marques, J. Rodriguez, K. W. Shum, and R. Tafazolli, “Network coding

theory: A survey,” IEEE Communications Surveys and Tutorials. 2013.

[47] S. Katti, H. Rahul, W. Hu, D. Katabi, M. Medard, and J. Crowcroft, “XORs in the air:

Practical wireless network coding,” IEEE/ACM Trans. Netw., vol. 16, no. 3, pp. 497–

510, 2008.

[48] M. Owari, G. Kato, and M. Hayashi, “Single-shot secure quantum network coding on

butterfly network with free public communication,” Quantum Sci. Technol., vol. 3, no.

1, p. 14001, 2018.

[49] N. Chen, Z. Yan, M. Gadouleau, Y. Wang, and B. W. Suter, “Rank metric decoder

architectures for random linear network coding with error control,” IEEE Trans. Very

Large Scale Integr. Syst., vol. 20, no. 2, pp. 296–309, 2012.

[50] M. A. Iqbal, B. Dai, B. Huang, A. Hassan, and S. Yu, “Survey of network coding-

aware routing protocols in wireless networks,” Journal of Network and Computer

Applications, vol. 34, no. 6. pp. 1956–1970, 2011.

[51] P. Garrido, D. Gómez, R. Agüero, and J. Serrat, “Combination of Intra-flow Network

Coding and Opportunistic Routing: Reliable Communications over Wireless Mesh

Networks,” in Proceedings of the 8th International Conference on Simulation Tools

and Techniques, 2015, pp. 191–199.

[52] J. P. Vilela, L. Lima, and J. Barros, “Lightweight security for network coding,” in

IEEE International Conference on Communications, 2008, pp. 1750–1754.

[53] T. Ho, B. Leong, R. Koetter, M. Medard, M. Effros, and D. R. Karger, “Byzantine

modification detection in multicast networks with random network coding,” IEEE

Trans. Inf. Theory, vol. 54, no. 6, pp. 2798–2803, 2008.

[54] A. Shamir and A. Shamir, “How To Share a Secret,” Commun. ACM, vol. 22, no. 1,

pp. 612–613, 1979.

[55] C. Ning and R. W. Yeung, “Secure network coding,” Inf. Theory, 2002. Proceedings.

2002 IEEE Int. Symp., p. 323, 2002.

[56] R. A. S. J. Feldman, T. Malkin, “On the Capacity of Secure Network Coding,” in 42nd

113

Annual Allerton Conference on Communication, Control and Computing, Monticello,

Illinois, 2004.

[57] P. Manhas and P. Kaur, “Secure Network Coding Approach With Distributed

Reprogramming Protocol For Cluster Based Ad-hoc Networks In Dynamic Key

Management Of Wireless Sensor Networks [J],” Perform. Eval., vol. 2, no. 12, 2013.

[58] and R. A. S. J. Feldman, T. Malkin, C. Stein, “Secure network coding via filtered

secret sharing,” in 42nd Annual Allerton Conf. Commun., Control and Comput.,

Monticello, Illinois, 2004.

[59] D. Silva and F. R. Kschischang, “Security for wiretap networks via rank-metric

codes,” in IEEE International Symposium on Information Theory - Proceedings, 2008,

pp. 176–180.

[60] D. Silva and F. R. Kschischang, “Universal secure network coding via rank-metric

codes,” IEEE Trans. Inf. Theory, vol. 57, no. 2, pp. 1124–1135, 2011.

[61] F. Oggier and H. Fathi, “An authentication code against pollution attacks in network

coding,” IEEE/ACM Trans. Netw., vol. 19, no. 6, pp. 1587–1596, 2011.

[62] K. Han, T. Ho, R. Koetter, M. Médard, and F. Zhao, “On network coding for security,”

in Proceedings - IEEE Military Communications Conference MILCOM, 2007.

[63] D. Boneh, D. Freeman, J. Katz, and B. Waters, “Signing a linear subspace: Signature

schemes for network coding,” in Lecture Notes in Computer Science (including

subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),

2009, vol. 5443, pp. 68–87.

[64] J. Tan and M. Medard, “Secure network coding with a cost criterion,” in 2006 4th

International Symposium on Modeling and Optimization in Mobile, Ad Hoc and

Wireless Networks, WiOpt 2006, 2006.

[65] P. F. Oliveira and J. Barros, “A Network Coding Approach to Secret Key

Distribution,” IEEE Trans. Inf. Forensics Secur., vol. 3, no. 3, pp. 414–423, 2008.

[66] G. Abbas and M. I. Nazeer, “Quantum Cryptography and Its Implications,” in First

International Conference on Modern Communication & Computing Technologies

(MCCT’14), 2014.

[67] C. H. Bennett and G. Brassard, “Quantum Cryptography: Public Key Distribution, and

Coin-Tossing,” in Proc. 1984 IEEE International Conference on Computers, Systems,

and Signal Processing, 1984, pp. 175–179.

[68] P. Curtis, M. Harb, R. Abielmona, and E. Petriu, “Classification-driven video analytics

for critical infrastructure protection,” Stud. Comput. Intell., vol. 621, pp. 45–69, 2016.

114

[69] I. Jordanov and N. Petrov, Intelligent radar signal recognition and classification, vol.

621. 2015.

[70] P. De Las Cuevas, Z. Chelly, A. M. Mora, J. J. Merelo, and A. I. Esparcia-Alcázar,

“An improved decision system for url accesses based on a rough feature selection

technique,” Stud. Comput. Intell., vol. 621, pp. 139–167, 2015.

[71] G. Nápoles, I. Grau, R. Falcon, R. Bello, and K. Vanhoof, “A granular intrusion

detection system using rough cognitive networks,” Studies in Computational

Intelligence, vol. 621. pp. 169–191, 2015.

[72] M. Kim et al., “Evolutionary approaches to minimizing network coding resources,” in

Proceedings - IEEE INFOCOM, 2007, pp. 1991–1999.

[73] R. Storn and K. Price, “Differential Evolution -- A Simple and Efficient Heuristic for

global Optimization over Continuous Spaces,” J. Glob. Optim., vol. 11, no. 4, pp. 341–

359, Dec. 1997.

[74] A. Almarimi, A. Kumar, I. Almerhag, and N. Elzoghbi, “A NEW APPROACH FOR

DATA ENCRYPTION USING GENETIC Original Image Pseudorandom Binary

Sequence Generator using GA and Decryption Decrypted Image,” Computer (Long.

Beach. Calif)., pp. 2–6, 2014.

[75] D. R. Stinson, Cryptography: Theory and Practice, vol. 30. 2005.

[76] J. Daemen and V. Rijmen, The Design of Rijndael: AES - The Advanced Encryption

Standard. 2002.

[77] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures

and public-key cryptosystems,” Commun. ACM, vol. 21, no. 2, pp. 120–126, 1978.

[78] W. M. H. Company, Modern Cryptography: Theory and Practice, vol. 170, no. 2.

2003.

[79] A. K. Nag, D. Dasgupta, and K. Deb, “An Adaptive Approach for Active Multi-Factor

Authentication,” 9th Annu. Symp. Inf. Assur., pp. 39–47, 2014.

[80] A. Londhey and M. L. Das, “Efficient Image Authentication Scheme Using Genetic

Algorithms,” in Distributed Computing and Internet Technology, 2017, pp. 172–180.

[81] S. Panda, V. Rajappa, and A. Biradar, “Genetic Algorithm Based Secure

Authentication Protocol With Dual Central Server And Token Authentication In Large

Scale Mobile Ad-Hoc Networks,” in Global Telecommunications Conference, 2008.

IEEE GLOBECOM 2008. IEEE, 2008, pp. 1–6.

[82] S. Jhajharia, S. Mishra, and S. Bali, “Public Key Cryptography Using Particle Swarm

Optimization and Genetic Algorithms,” 2013.

115

[83] A. Kumar and M. K. Ghose, “Overview of information security using genetic

algorithm and chaos,” Inf. Secur. J., vol. 18, no. 6, pp. 306–315, 2009.

[84] S. Mondal and T. K. Mollah, “A Survey on Network Security Using Genetic

Algorithm,” Int. J. Innov. Res. Sci. Eng. Technol., vol. 5, no. 1, 2016.

[85] S. Mishra and S. Bali, “Public key cryptography using genetic algorithm.”

[86] L. Bajaj, M. Takai, R. Ahuja, and K. Tang, “Glomosim: A Scalable Network

Simulation Environment,” Comp. A J. Comp. Educ., vol. 28, no. 1, pp. 154–161, 1999.

[87] P. A. C. S. Neves, I. D. C. Veiga, and J. J. P. C. Rodrigues, “G-JSIM - A GUI tool for

wireless sensor networks simulations under J-SIM,” in Proceedings of the

International Symposium on Consumer Electronics, ISCE, 2008.

[88] M. V. Pedersen, J. Heide, and F. H. P. Fitzek, “Kodo: An open and research oriented

network coding library,” in Lecture Notes in Computer Science (including subseries

Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2011,

vol. 6827 LNCS, pp. 145–152.

[89] Chamitha de Alwis, “Network Coding Simulator.” 2015.

[90] K. Fall and K. Varadhan, “The network simulator (ns-2),” URL http//www. isi.

edu/nsnam/ns, 2007.

[91] Diogo Ferrira, J. Serra, and L. Lima, “NECO.” 2011.

[92] M. Lord and D. Memmi, “NetSim: a Simulation and Visualization Software for

Information Network Modeling,” e-Technologies, 2008 Int. MCETECH Conf. DOI -

10.1109/MCETECH.2008.12, pp. 167–177, 2008.

[93] A. Varga, “OMNeT++,” in Modeling and Tools for Network Simulation, 2010, pp. 35–

59.

[94] S. S. Adarshpal and Y. H. Vasil, “The Practical OPNET User Guide for Computer

Network Simulation Title,” Journal of Chemical Information and Modeling, vol. 53,

no. 9. pp. 1689–1699, 2013.

[95] SCALABLE Networks, “QualNet Network Simulator Software,” SCALABLE

Networks Technologies, 2017. [Online]. Available: http://web.scalable-

networks.com/qualnet-network-simulator-software.

[96] M. Emerson, J. Mathe, and S. Duncavage, “WiNeSim: A Wireless Network

Simulation Tool.”

[97] J. W. Eaton, “GNU Octave and reproducible research,” J. Process Control, vol. 22, no.

8, pp. 1433–1438, 2012.

[98] G. Liu and X. Wang, “Homomorphic subspace MAC scheme for secure network

116

coding,” ETRI J., vol. 35, no. 1, pp. 173–176, 2013.

[99] S. Ji, T. Chen, and S. Zhong, “Wormhole attack detection algorithms in wireless

network coding systems,” IEEE Trans. Mob. Comput., vol. 14, no. 3, pp. 660–674,

2015.

[100] A. J. Newell, R. Curtmola, and C. Nita-Rotaru, “Entropy attacks and countermeasures

in wireless network coding,” in Proceedings of the fifth ACM conference on Security

and Privacy in Wireless and Mobile Networks, 2012, pp. 185–196.

[101] D. Boneh, D. Freeman, J. Katz, and B. Waters, “Signing a linear subspace: Signature

schemes for network coding,” in Lecture Notes in Computer Science (including

subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),

2009, vol. 5443, pp. 68–87.

[102] D. Silva and F. R. Kschischang, “Universal secure network coding via rank-metric

codes,” IEEE Trans. Inf. Theory, vol. 57, no. 2, pp. 1124–1135, 2011.

[103] Y. Zhou, H. Li, and J. Ma, “Secure network coding against the contamination and

eavesdropping adversaries,” Chinese J. Electron., vol. 18, no. 3, pp. 411–416, 2009.

[104] D. Charles, K. Jain, and K. Lauter, “Signatures for network coding,” in 2006 IEEE

Conference on Information Sciences and Systems, CISS 2006 - Proceedings, 2007, pp.

857–863.

[105] S. Tao, P. Hengli, and L. Jianwei, “Secure network coding based on lattice signature,”

China Commun., vol. 11, no. 1, pp. 138–151, 2014.

[106] J. Katz and B. Waters, “Compact Signatures for Network Coding,” Security. pp. 1–14,

2006.

[107] E. Porat and E. Waisbard, “Efficient signature scheme for network coding,” in IEEE

International Symposium on Information Theory - Proceedings, 2012, pp. 1987–1991.

[108] S. Jaggi et al., “Resilient network coding in the presence of byzantine adversaries,”

IEEE Trans. Inf. Theory, vol. 54, no. 6, pp. 2596–2603, 2008.

[109] R. Popa and A. Chiesa, “Going Beyond Pollution Attacks: Forcing Byzantine Clients

to Code Correctly,” arXiv Prepr. arXiv …, pp. 1–20, 2011.

[110] Q. Wang, L. Vu, K. Nahrstedt, and H. Khurana, “MIS: Malicious nodes identification

scheme in network-coding-based peer-to-peer streaming,” in Proceedings - IEEE

INFOCOM, 2010.

[111] X. Wu, Y. Xu, C. Yuen, and L. Xiang, “A tag encoding scheme against pollution

attack to linear network coding,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 1, pp.

33–42, 2014.

117

[112] Z. Yu, Y. Wei, B. Ramkumar, and Y. Guan, “An efficient signature-based scheme for

securing network coding against pollution attacks,” in Proceedings - IEEE INFOCOM,

2008, pp. 2083–2091.

[113] A. Le and A. Markopoulou, “Locating Byzantine attackers in intra-session network

coding using SpaceMac,” in 2010 IEEE International Symposium on Network Coding,

NetCod 2010, 2010, pp. 19–24.

[114] T. Cui, T. Ho, and J. Kliewer, “On secure network coding with unequal link capacities

and restricted wiretapping sets,” in 2010 IEEE Information Theory Workshop, ITW

2010 - Proceedings, 2010.

[115] F. Lesueur, L. Me, and V. V. T. Tong, “An efficient distributed PKI for structured P2P

networks,” 2009 IEEE Ninth Int. Conf. Peer-to-Peer Comput., pp. 1–10, 2009.

[116] H. Kang, A. Yun, E. Vasserman, and H. Lee, “Secure Network Coding for a P2P

System,” ACM Conf. \ldots, 2009.

[117] R. Rodrigues and P. Druschel, “Peer-to-peer systems,” Commun. ACM, vol. 53, no. 10,

p. 72, 2010.

[118] K. Zhang, X. Liang, R. Lu, and X. Shen, “Sybil attacks and their defenses in the

internet of things,” IEEE Internet Things J., vol. 1, no. 5, pp. 372–383, 2014.

[119] R. Mansell and W. E. Steinmueller, “Copyright infringement online: The case of the

Digital Economy Act judicial review in the United Kingdom,” New Media Soc., vol.

15, no. 8, pp. 1312–1328, 2013.

[120] K. V. Nguyen, “Simplifying peer-to-peer device authentication using identity-based

cryptography,” in International Conference on Networking and Services 2006,

ICNS’06, 2006.

[121] L. Lu et al., “Pseudo trust: Zero-knowledge authentication in anonymous P2Ps,” IEEE

Trans. Parallel Distrib. Syst., vol. 19, no. 10, pp. 1325–1337, 2008.

[122] M. I. Nazeer and M. S. Shaikh, “Secure Network Coding Schemes: Comparisons and

Broader Perspective,” Sindh Univ. Res. Jour. (Sci. Ser.), vol. 43, no. 1A, pp. 85–90,

2011.

[123] L. M. Aiello, M. Milanesio, G. Ruffo, and R. Schifanella, “An identity-based approach

to secure P2P applications with Likir,” Peer-to-Peer Netw. Appl., 2011.

[124] J. P. Vilela, L. Lima, and J. Barros, “Lightweight security for network coding,” in

IEEE International Conference on Communications, 2008, pp. 1750–1754.

[125] J. R. Vacca, Computer and Information Security Handbook. Elsevier Science, 2012.

[126] J. Sen, “Security in wireless sensor networks,” Wirel. Sens. Networks Curr. Status

118

Futur. Trends, vol. 407, 2012.

[127] J. Dong, R. Curtmola, R. Sethi, and C. Nita-Rotaru, “Toward secure network coding in

wireless networks: Threats and challenges,” 2008 4th Work. Secur. Netw. Protoc., pp.

33–38, 2008.

[128] P. A. Chou and Y. Wu, “Network coding for the internet and wireless networks,” IEEE

Signal Process. Mag., vol. 24, no. 5, pp. 77–85, 2007.

[129] D. Wang, Q. Z. Q. Zhang, and J. L. J. Liu, “Partial Network Coding: Theory and

Application for Continuous Sensor Data Collection,” 200614th IEEE Int. Work. Qual.

Serv., pp. 93–101, 2006.

[130] O. M. Al-Kofahi and A. E. Kamal, “Max-flow protection using network coding,” IEEE

Int. Conf. Commun., 2011.

[131] S. Bradner and H. University, “RFC 2119 - Key words for use in RFCs to Indicate

Requirement Levels Status,” Network Working Group, 1997. [Online]. Available:

https://www.rfc-editor.org/rfc/pdfrfc/rfc2119.txt.pdf.

[132] R. Shirey, “RFC 2828–Internet security glossary, 2000,” URL http//www. faqs.

org/rfcs/rfc2828. html, 2000.

[133] D. E. Goldberg, Genetic Algorithms in Search, Optimization, and Machine Learning.

1989.

[134] R. Jhingran and A. Prof, “A Study on Cryptography using Genetic Algorithm Vikas

Thada Shivali Dhaka,” Int. J. Comput. Appl., vol. 118, no. 20, pp. 975–8887, 2015.

[135] S. Jhajharia, S. Mishra, and S. Bali, “Public key cryptography using neural networks

and genetic algorithms,” in 2013 Sixth International Conference on Contemporary

Computing (IC3), 2013, pp. 137–142.

[136] A. Kumar and K. Chatterjee, “An efficient stream cipher using Genetic Algorithm,”

2016 Int. Conf. Wirel. Commun. Signal Process. Netw., pp. 2322–2326, 2016.

[137] A.-K. S. O. Hassan, A. F. Shalash, and N. F. Saudy, “MODIFICATIONS ON RSA

CRYPTOSYSTEM USING GENETIC OPTIMIZATION,” Int. J. Res. Rev. Appl. Sci.,

vol. 19, no. 2, p. 150, 2014.

[138] S. K and P. D. S, “A Symmetric Key Encryption Technique Using Genetic

Algorithm.” .

[139] A. Soni and S. Agrawal, “Using Genetic Algorithm for Symmetric key Generation in

Image Encryption,” Int. J. Adv. Res. Comput. Eng. Technol., vol. 1, no. 10, pp. 2278–

1323, 2012.

[140] S. Jawaid and A. Jamal, “Article: Generating the Best Fit Key in Cryptography using

119

Genetic Algorithm,” Int. J. Comput. Appl., vol. 98, no. 20, pp. 33–39, Jul. 2014.

[141] N. K. Pareek and V. Patidar, “Medical image protection using genetic algorithm

operations,” Soft Comput., vol. 20, no. 2, pp. 763–772, 2014.

[142] G. M. K. and V. Lakshmi, “A Proposed Method for Cryptographic Technique by

Using Genetic Function,” Int. J. Emerg. Eng. Res. Technol., pp. 1–7, 2015.

[143] K. Kalaiselvi and A. Kumar, “Enhanced AES cryptosystem by using genetic algorithm

and neural network in S-box,” in 2016 IEEE International Conference on Current

Trends in Advanced Computing, ICCTAC 2016, 2016.

[144] S. Das, S. N. Mandal, and N. Ghoshal, “Diffusion and Encryption of Digital Image

Using Genetic Algorithm,” in Proceedings of the 3rd International Conference on

Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2014, 2015, pp.

729–736.

[145] D. Singh, P. Rani, and R. Kumar, “To design a genetic algorithm for cryptography to

enhance the security.”

[146] S. Gibson, “GRC’s | Password Haystacks: How Well Hidden is Your Needle?”

[Online]. Available: https://www.grc.com/haystack.htm. [Accessed: 25-Apr-2018].

[147] S. Picek and M. Golub, “On evolutionary computation methods in cryptography,”

2011 Proc. 34th Int. Conv. MIPRO, pp. 1496–1501, 2011.

[148] D. Camps-Mur, A. Garcia-Saavedra, and P. Serrano, “Device-to-device

communications with WiFi direct: Overview and experimentation,” IEEE Wirel.

Commun., vol. 20, no. 3, pp. 96–104, 2013.

[149] D. Szabó, A. Csoma, P. Megyesi, A. Gulyás, and F. H. P. Fitzek, “Network coding as a

service,” Infocommunications J., vol. 7, no. 4, pp. 2–11, 2015.

120

Appendix A: List of Publication

Journal Publication(s):

1. Shafaq Siddiqui , Sher Muhammad Daudpota, Abdul Rehman Somrani and

Muhammad Irshad Nazeer, “Opinion Mining: An approach to Feature

Engineering”, submitted for publication to Baheria University Journal of

Information and Communication technologies

2. Muhammad Irshad Nazeer, Ghulam Ali Mallah, Noor Ahmed Shaikh, Rakhi

Bhatra, Raheel Ahmed Memon, and Muhammad Ismail Mangrio (2018).

Implication of Genetic Algorithm in Cryptography to Enhance

Security. INTERNATIONAL JOURNAL OF ADVANCED COMPUTER

SCIENCE AND APPLICATIONS, 9(6), 375-379.

3. Raheel Ahmed Memon, Jianping Li, Anwar Ahmed Memon, Junaid Ahmed,

Muhammad Irshad Nazeer and Muhammad Ismail, “TSAN: Backbone

Network Architecture for Smart Grid of P.R China” International Journal of

Advanced Computer Science and Applications (IJACSA), 9(1),

2018. http://dx.doi.org/10.14569/IJACSA.2018.090171

4. Faryal Shamsi, Muhammad Irshad Nazeer, Raheel Ahmed Memon, and

Muhammad Ismail Mangrio. "Reflections of Practical Implementation of the

academic course Analysis and Design of Algorithms taught in the Universities

of Pakistan." Sukkur IBA Journal of Computing and Mathematical Sciences 1,

no. 2 (2017): 31-38.

5. Zulfiqar Ali Memon, Jawaid Ahmed Siddiqui, Javed Ahmed Shahani, Sana

Fatima,Irshad Nazeer , Ghulam Murtaza, "Gap Identification in Computer

Science Curriculum and IT Industry Skill Requirement in Pakistan" Sukkur

IBA Journal of Computing and Mathematical Sciences

6. Raheel Ahmed Memon, Muhammad Irshad Nazeer and Irfan Latif Memon,

“Extended Superblock Flash Translation Layer for NAND Flash Memory”,

Asian journal of engineering, sciences & technology, Special Issue pp 123-

126, August 2016. ISSN 2077-1142

7. Muhammad Irshad Nazeer and Mohammad Shahid Shaikh, " Secure Network

Coding Schemes: Comparisons and Broader Perspective" Sind Univ. Res.

http://dx.doi.org/10.14569/IJACSA.2018.090171

121

Jour. (Sci. Ser.) Vol.43 (1-A) 85-90 (2011). (HEC recognized "Y" category

journal, ISI indexed ISSN 1813-1743)

a) Conference Publication(s):

8. R. A. Memon, Jianping Li, J. Ahmed, F. Shah, I Nazeer, M. Ismail, K. Ali,

“Simulation and analysis of RSAFE and RSAFE Rerouting Protocol in

Network Simulator 2”, 14th International Conference on Wavelet Active

Media Technology and Information Processing (ICCWAMTIP), Chengdu,

China, Dec 2017

9. Muhammad Irshad Nazeer, Muhammad Ismail Mangrio, Irum Sindhu , Raheel

Ahmed Memon, "Amortized Analysis of Ant Colony Optimization"Modern

Trends in Science, Engineering & Technology (MTSET-2017)

10. Faryal Shamsi, Muhammad Irshad Nazeer, Raheel Ahmed Memon,

Muhammad Ismail Mangrio, "Practical implementation of academic course

Analysis and Design of Algorithms taught in the Universities of Pakistan"

International Conference on Computing and Mathematical Sciences –

ICCMS’2017, February 25-26, 2017

11. Zulfiqar Ali Memon, Jawaid Ahmed Siddiqui, Javed Ahmed Shahani, Sana

Fatima, Irshad Nazeer , Ghulam Murtaza, "Gap Identification in Computer

Science Curriculum and IT Industry Skill Requirement in Pakistan"

International Conference on Computing and Mathematical Sciences –

ICCMS’2017, February 25-26, 2017

12. Raheel Ahmed Memon, Muhammad Irshad Nazeer and Irfan Latif Memon,

“Extended Superblock Flash Translation Layer for NAND Flash Memory”,

International Conference on Emerging Trends in Engineering, Sciences and

Technology ICEEST-2016, 3rd June 2016.

13. Lashari, Ghulam Abbas, and Muhammad Irshad Nazeer. "Quantum

Cryptography and Its Implications. MCCT'14. First International Conference

on Modern Communication & Computing Technologies, Nawabshah,

Pakistan.

14. Ubaidullah Alias Kashif, Muhammad Irshad Nazeer and Zafar Rehman Awan,

"Selecting Cryptographic Techniques in Peer to Peer Systems." International

Conference on Computer and Emerging Technologies, 2014.ICCET'14. 14th

122

International Conference on Computer and Emerging Technologies, Khairpur

Pakistan.

15. Muhammad Irshad Nazeer and Mohammad Shahid Shaikh, "Efficient Secure

Network Coding Schemes" in the 2011 IEEE 14th International Multi-topic

Conference (INMIC), Karachi, Pakistan, 22-23 December 2011.

16. Muhammad Irshad Nazeer and Mohammad Shahid Shaikh, "A Comparison of

Secure Network Coding Schemes" in proceeding of the 2011 International

Conference on Computer and Emerging Technologies (ICCET), Khairpur,

Pakistan, 22-23 April 2011 (pp 239-244).

secure network coding using computational …

Documents