Globcom 0 - Communication and Information Systm Scurity Symposium Combating Ntwork Pollution Attacks: A Cascadd Error-Control Coding Approach Jian Li, Tongtong Li and Jian Rn Dpartmnt of Elctrical and Computr Enginring Michigan Stat Univrsity, East Lansing, MI Email: {lijian, tongli, rnjian}@msu.du Abstract Linar ntwork coding provids a nw communication diagram to significantly incras th ntwork capacity by allowing th rlay nods to ncod th incoming mssags. Howvr, this communication diagram is fragil to communication rrors and nod compromising attacks. How to combat rrors whil maintaining th ntwork fficincy is a challnging rsarch problm. In this papr, w charactriz a linar ntwork coding through a sris of cascadd linar rror-control cods. This rprsntation nabls us to dtrmin th indpndnt sourc of rrors in th cascadd ntwork lvl. It could lad to a succssful dcoding of th original mssag and locating of th malicious ntwork nods. W provid comprhnsiv thortical analysis on ntwork coding in both unicast and multicast scnarios. Our rsarch provids a nw approach to undrstand ntwork coding schms and also a novl mthodology to dvlop ntwork coding schms that can combat nod compromising attacks and locat th malicious nods. I. INTRODUCTION Ntwork coding was first introducd by Ahlswd t al. []. Ntwork coding provids a trad-off btwn communication capacity and computational complity in dirctd ntworks by allowing th rlay nods in th ntwork to ncod th incoming mssags bfor forwarding th mssags to th subsqunt nods. For sink nods to succssfully rtriv th original mssags, all th mssags transmittd in th ntwork must b rcivd rror fr. This rquirs th communication to b rror rsilint. Currntly th rsarch on combating rrors in ntwork coding is mainly focusd to linar ntwork coding [], []. It has bn provd that linar ntwork cods ar sufficint to achiv th multicast capacity. Thrfor, in this papr, w will focus on discussion to linar ntwork coding for th rst of this papr. Th approachs to implmnt rror control in linar ntwork coding can b dividd into two catgoris: rror-dtction at th intrmdiat nods, and rror-corrction at th sink nods. For rror dtction in ntwork coding, Krohn t al. [] proposd to vrify th mssags intgrity at th intrmdiat nods using homomorphic hash functions. Charls t al. [] usd th cryptographic tchniqu to captur and discard corruptd packts. Khdi and Li [] proposd th null kys algorithm, in which th ida of orthogonal spacs was utilizd. Qiao t al. [] improvd th null kys schm by collcting th rronous mssags. For rsarch on rror corrction, Cai t al. [] proposd to corrct rrors at sink nods using rror corrcting ntwork coding. Thy drivd th Hamming bound and th Gilbrt-Varshamov bound. Jaggi t al. [] dvlopd a two-part rat-rgion for thir cods basd on BEC channl cods. In our prvious work [0], w hav provn that ach ntwork coding can b transfrrd into an rror-control cod in a bipartit graph. Howvr, in th papr, w ignord th structur of th undrlying rror-control coding. In this papr by ploring th innr structur of ntwork coding, w can transfr a ntwork coding schm into a sris of cascadd rror-control cods. This mapping nabls us to idntify th minimum numbr of indpndnt rror pattrn in th corrsponding ntwork lvl and idntify th malicious ntwork nods. Th main contributions of this papr ar two-fold: ) W dvlop a mthodology to map ach ntwork coding into a sris of cascadd rror-control cods. ) W provid a novl approach to dsign fficint ntwork coding schms that can combat ntwork rrors and nod compromising attacks utilizing th innr structur of th ntwork cod. Th rst of this papr is organizd as follows: Sction II givs an ovrall of th prliminary. An illustrativ ampl is prsntd in Sction III. Sction IV analyzs th rlationship btwn th ntwork coding and th cascadd rror-control codings in unicast scnario and Sction V provids analysis in multicast cas. W conclud in Sction VI. II. PRELIMINARY A. Ntwork Coding In this papr, w adopt th notations of []. A ntwork is quivalnt to a dirctd graph G = (V,E), whr V rprsnts th st of vrtics corrsponding to th ntwork nods and E rprsnts all th dirctd dgs btwn vrtics corrsponding to th communication link. Th start vrt v of an dg is calld th tail of and writtn as v = tail(), whil th nd vrt u of an dg is calld th had of of and writtn as u = had(). W dfin th capacity of an dg as th numbr of symbols that can b transmittd through th dg in on tim unit. So th capacity should b non-ngativ intgrs. In this papr, w normaliz th capacity of on dg to. If a channl btwn two nods has capacity C largr than, w modl this channl as C multipl dgs ach with capacity. W assum th ntwork is dlay-fr [], that is all th dgs in th graph hav zro dlay. And th ntwork is acyclic, that is all th vrtics in th graph can b organizd in an ancstral ordring. U.S. Govrnmnt work not protctd by U.S. copyright
Globcom 0 - Communication and Information Systm Scurity Symposium For a sourc nod u, thr is a st of symbols X (u) = (,..., k ) to b snt. Each of th symbol is from th finit fild F p m, whr p is a prim numbr and m is a positiv intgr. For a link btwn rlay nods r and r, writtn as =(r,r ), th symbol y transmittd on it is th function of all th y such that had( )=r. And y can b writtn as: y = β, y, :had( )=r in which th ncoding cofficints β, F p m. For a sink nod v, thr is a st of incoming symbols y ( : tail( )= v) to b dcodd. As long as X (u) can b rtrivd, w say that th connction from u to v is possibl. If a rlay nod r is compromisd, th symbols transmittd on ach dg such that had() =r will b modifid. Th nods aftr nod r will b pollutd bcaus of th ntwork ncoding. Evntually th sink nod will rciv mor rronous symbols than thos originally brought by th malicious nod. In th sctions blow, w try to plor th innr structur of th ntwork cod to corrct th rrors and locat th malicious nod. B. Error-Control Cods W us (n, k) to rprsnt an rror-control cod in th finit fild F p m with gnrator matri G of siz k n. Suppos msg is a squnc of k symbols, th n-symbol codword c can b obtaind by c = msg G. All th codwords form a subspac of dimnsion k ovr th n dimnsional spac and ach of thm is at last d min distanc apart from th othrs, whr d min is dfind as th minimum hamming distanc for any two distinct codwords and y, i..: d min =min{d(, y) codwords :, y}, whr d(, y) is dfind as th numbr of positions at which th corrsponding symbols ar diffrnt btwn and y. Morovr, an rror-control cod can b dpictd by a bipartit graph with on sid of nods rprsnting th original mssag whil th othr sid of nods rprsnting th codword. Blow ar som important proprtis of th rror-control cod, according to which w can choos th propr cod paramtrs for our rror corrction rquirmnts. Thorm (Singlton bound []). For a (n, k) cod with th minimum distanc d, w hav k + d n +. Thorm ( []). For a (n, k) cod with th minimum distanc d, it can dtct all th d or lss rrors, or it can corrct all th d or lss rrors, whr dnots th largst intgr that is smallr than. Rd-Solomon (RS) cod is a class of rror-control cod that can achiv th Singlton bound. For an RS cod with paramtr (n, k), th minimum distanc d = n k+. Bcaus it has th maimum achivabl d min, it has a strong rrorcontrol capability. W can rprsnt RS cod by (n, k, n k +). Fig..,,, +, +, +, An illustrativ ampl of linar ntwork coding C. Systm Modl W st th ntwork as in []. Th ntwork consists of a sourc nod, rlay nods and sink nods. Mssags ar snt from sourc nod, ncodd thn snt out in rlay nods and finally dcodd in sink nods. Morovr, in this papr w will partition th ntwork into svral cascadd lvls and plor th innr structur of th ntwork cod, thus w must b abl to corrctly accss th outputs of all th rlay nods. To raliz this, w add a spcial monitor nod in th ntwork. This nod can collct th output ncodd mssags from all th rlay nods and can nvr b compromisd. III. AN ILLUSTRATIVE EXAMPLE Lt us amin th classic ampl [] shown in Fig.. In this ampl, sourc nod multicasts two symbols,, to sink nods and. By ncoding at nod, both nods and can rtriv th two symbols succssfully. In our prvious work [0], w mrgd th intrmdiat nods and paths and transfrrd th th ntwork cod into a bipartit graph. Whil in this papr, w try to plor th ntwork cod to hibit th innr structur of th ntwork cod. To plain our main ida, w will only focus on th communication btwn nod and nod (th shadd ara in Fig. ). Th analysis is similar to th communication btwn nod and nod. In this communication, symbol is passd to nod, nod, nod and nod through on hop, two hops, thr hops and two hops rspctivly, and symbol, is passd to nod, nod, nod and nod through on hop, two hops, thr hops and four hops rspctivly. As shown in Fig., if w add two virtual nods and v on dg, w can mak passd to nod through four hops, thus turn all of th intrmdiat nods into cascadd lvls. Each of th lvl can b sn as a singl ntwork cod, so w can rprsnt ach lvl using th bipartit graph shown in Fig. according to [0]. In this way, w plor th innr structur of th original ntwork cod, which is dtrmind by th ntwork topology. Th original ntwork cod can b viwd as cascadd rror-control cods [ ] 0 with th gnrator matrics, 0 [ ] 0 0,. 0 0 0 0
Globcom 0 - Communication and Information Systm Scurity Symposium, +, v, +, Lvl Lvl Lvl Path Sourc Path connctions among nods of adjacnt lvls Path n Lvl Lvl Lvl m Fig.. Partition a ntwork cod into svral lvls Sink Fig.. Transfr th ntwork coding schm in Fig. into a -lvl cascadd coding by adding virtual nods. Lvl Lvl Lvl Fig.. Th corrsponding bipartit graphs of cascadd lvls in Fig.,, Fig..,,,,,,, +, 0, z, z, z, z,, z, An ampl of point-to-point ntwork coding z Although in this ampl, thr is no rdundancy in th thr rror-control cods, th corrsponding ntwork cod cannot dtct or corrct rrors, it is sufficint to show that ntwork cod can b pandd to cascadd rror-control cods. In th nt sction, w will show that ntwork cods can b transfrrd into cascadd rror-control cods. In this way, w can charactriz and dsign ntwork cods basd on th undrlying cascadd rror-control cods for rror dtction/corrction and malicious nods locating. IV. CHARACTERIZATION OF NETWORK CODING USING CASCADED ERROR-CONTROL CODING IN POINT-TO-POINT COMMUNICATION In this sction, w will formally stat th rlationship btwn ntwork coding and cascadd rror-control coding in th point-to-point communication. Th sufficincy is studid first thn th ncssity. A. Th Sufficincy Lmma ( [0]). Evry ntwork cod schm can b rprsntd by an rror-control cod. Thorm. Evry ntwork cod schm can b pandd to a sris of cascadd rror-control cods. Sourc h m hops h hops h hops p p p m u Virtual Nodh p p p m h h h ma ma ma h h Fig.. Transfr incoming dgs of nods having multipl incoming dgs by adding virtual nods m u Proof: To prov this, w will first show that th ntwork cod can b partitiond into svral cascadd lvls of on hop ntwork cods. For ach of th nods that hav multipl incoming dgs in th ntwork, w add som virtual nods on ths dgs as shown in Fig.. For ach of th incoming dgs, thr may b svral paths through which mssags ar passd from th sourc nod to nod u including th dg. Among all th paths, w find th longst on and calculat its numbr of hops. Aftr calculating th hop valus h,...,h m for all th incoming dgs, w choos th maimum valu h ma. For ach of th incoming dg i, w add h ma h i virtual nods on it, making all th paths from sourc to nod u hav th sam count of hops. Th virtual nods simply forward th mssags passd on th corrsponding dgs. Aftr th opration in Fig. is prformd in all th nods having multipl incoming dgs, sinc all th paths from sourc nod to th sam th rlay nod hav th sam hop counts and th sink nod itslf must hav multipl incoming dgs, vry path from th sourc nod to th sink nod has th sam numbr of hops, thus th sam numbr of intrmdiat nods, including th rlay nods and th virtual nods. W can put th nods having th sam hop counts togthr as a lvl as shown in Fig.. Evry singl lvl can b viwd as on hop ntwork cod dtrmind by th connctions from nods of th prvious lvl. So vry ntwork cod can b partitiond into svral cascadd lvls of on hop ntwork cod. According to Lmma, ths on hop ntwork cods can b rprsntd by rror-control cods. So th cascadd ntwork cods can b rprsntd by concatnating th corrsponding rror-control cods togthr. W can pand any ntwork cod to a sris of cascadd rror-control cods. Taking th ntwork cod in Fig. as an ampl. Th sourc nod transmits thr symbols,,,, to sink
Globcom 0 - Communication and Information Systm Scurity Symposium v +,,, +,,,,,,, + +,,,, Lvl Lvl v v Fig.. Th corrsponding cascadd bipartit graph of Fig. nod in this ntwork cod. And sink nod can rciv ncodd symbols, which indicats that thr ar rdundancis in this ntwork coding. In [0], w analyz th sam cod and transfr it into a (, ) rror-control cod which can corrct rror. Hr w will show this cod can b transfrrd into a sris of cascadd rror-control cods. Following th oprations mntiond in th proof of Thorm, w can gt th corrsponding cascadd ntwork cods and cascadd rrorcontrol cods shown in Fig.. Nods and v ar addd as virtual nods to partition th original ntwork cod. Th first lvl rror-control cod is a (, ) cod and th scond lvl cod is a (, ) cod. If an rror occurs on dg, nod will rciv wrong. Th rror will propagat to th succding nods, thus thr will b two rronous and +, in th sink nod, which is byond th rror corrction capability of th (, ) rror-control cod. Th rrors cannot b dalt using th transforming mthods in [0]. Howvr, if th monitor nod can collct th output symbols of th first lvl (, ) cod, it can corrct th rronous symbol in nod. So th rror propagation is liminatd from th bginning. By ploring th innr structur of th ntwork cod, w can mak bttr us of th rdundancy in th ntwork. If nod is an malicious nod and snd out corruptd mssags, thr will b rrors in th output of both th first lvl rror-control cod and th scond lvl. Th rror is byond th capability of th cascadd rror-control cods, so w cannot corrct rrors or locat th malicious nod. In th sction blow, w will show that w can dsign ntwork cods corrsponding to propr cascadd rror-control cods to corrct rrors and locat malicious nods. B. Th Ncssity W hav provd that any ntwork cod can b viwd as a sris of cascadd rror-control cods, now w will considr th rvrs problm. For a point-to-point communication, a ntwork cod is fasibl only if it can succssfully dlivr all th dsird symbols from th sourc nod to th sink nod. For any (n, k) rror-control cod, w hav th following lmma: Lmma ( [0]). For a linar ntwork with sourc nod u, sink nod v and a dsird connction C =(u, v, X (u)), An (n,k) rror-control cod can b sn as a fasibl ntwork cod in th connction C if w hav th rlationship: k R(C), whr R(C) is th rat of th connction C. Thorm. For a linar ntwork and a dsird connction C =(u, v, X (u)), A sris of cascadd rror-control cods with paramtrs (n,n 0 ), (n,n ),...,(n m,n m ), can b sn as a fasibl ntwork cod in th connction C if w hav th rlationship: n 0 R(C). Proof: Suppos th original mssag is =(,..., k ), th output ncodd mssag for ach lvl of th cascadd rror-control cods is y i =(y i,,...,y i,ni )( i m) and th gnrator matri for ach of th cascadd rror-control cods is G i ( i m) of th siz n i n i. y i for ach lvl can b writtn as: y = G, y = y G,..., y m = y m G m. So th ntir ncoding quation for th cascadd rror-control cods can b writtn as y m = G G G m = G. If w viw th cascadd rror-control cods as an rrorcontrol cod with th gnrator matri G of th siz n 0 n m, th paramtr for th cod is (n m,n 0 ). According to Lmma, if n 0 R(C), th ntwork cod is fasibl. Basd on th analysis, by implmnting th rror-control cod for ach lvl of th cascadd rror-control cods, w can add appropriat rdundancis into th ntwork cod to control rrors and locat malicious nods. This can b don in two stps: ) According to th ntwork topology, dtrmin th numbr of lvls of th cascadd cods. According to th dsign rquirmnts (numbr of rrors to dtct or corrct, numbr of malicious nods to locat), dtrmin an appropriat cod rat and th typ of th rror-control cod for ach lvl. ) According to th sourc rat R(C), choos a propr n 0 such that n 0 R(C), and driv th rst of th n i ( i m) basd on th cod rat for ach lvl of th rror-control cods. Gnrat th gnrator matrics G,...,G m according to th cod typs and apply thm as th systm transfr matrics to ach lvl of th ntwork cods. C. Application in Combating nod comprising attack It is asy to vrify th following thorm. Thorm. Suppos d i,d i+ > ar th minimum distancs of adjacnt lvls (L i,l i+ ) of th cascadd ntwork cod. If d i + >d i+, thn rrors in L i+ sprad by a singl rror in L i is uncorrctabl by th L i+ s rror control cod. Howvr, thy can b corrctd by th L i s rror control cod. Lt us analyz th linar ntwork shown in Fig., th sourc nod is going to snd symbols,, to sink nod. This ntwork can b partitiond into lvls. Nods,,,
Globcom 0 - Communication and Information Systm Scurity Symposium Fig.. All mssags snt from Nods,,, y y, y, y, y, y, y, 0 y, y, y, y, y, y, y, y, y, y y,,0 Implmnt a lvl cascadd rror-control cod in ntwork coding All symbols from Lvl Lvl Lvl 0 0 Fig.. Th corrsponding cascadd bipartit graph of Fig. form th first lvl and nods,,,, 0, form th scond lvl. In ordr to gt th bst rror control capability, w implmnt two systmatic RS cods in th two lvls. Thy ar (,, ) cod for lvl and (,, ) cod for lvl. Th minimum distancs of th two cods ar both, thus both of thm can corrct rrors. Bcaus th rrors occurring nt to th sourc nod ar mor snsitiv. Thy may propagat to th subsqunt nods causing much mor rrors. W put th lowr rat cod that has strongr rror control capability at th first lvl. Whn thr is no rror in th ntwork, w hav (y i,,y i,,y i, )=(,, ),i=,. It is asy for th sink nod to dcod th mssags. If nod is a malicious nod and it snds out rronous y,,y,, th monitor nod can corrct ths rrors using th scond lvl RS cod and find out this malicious nod according to th ntwork topology. If nod is a malicious nod and it snds out rronous y,y,, th rrors will propagat to y,,y,,y,,y,,y,0,y,, which prvnts th scond lvl cod from corrcting th rrors. In th corrsponding cascadd bipartit graph Fig., th rrors ar markd with gry color. It is clar that rrors from lvl sprad to rrors in lvl. Evn if w transfr th ntwork cod into on (,, ) RS cod which is capabl of corrcting rrors according to [0], th rrors ar still too many to corrct. Howvr, basd on th fact that th rrors ar burst and corrlatd, aftr th monitor nod collcts th outputs of th first lvl, it can corrct th rrors occurring in nod using th first lvl RS cod, find out th malicious nod basd on th ntwork topology and corrct th rrors in th scond lvl. Our cascadd RS cod can corrct at most rrors by ploring th innr structur of th cod and is mor powrful than rgular RS cods. V. MULTICAST CASE Bcaus in point-to-point communication cas, our proofs for th rlationship (writtn as R nc,cc ) btwn ntwork cod and cascadd rror-control cods ar solly dpndd on th proofs for th rlationship (writtn as R nc,c ) btwn ntwork cod and rror-control cod in [0] (Thorm and Thorm in [0], Lmma and Lmma in this papr) and this kind of dpndnc has no rlationship with th spcific communication cas, w can prov that R nc,cc in th multicast cas is similar to that in th point-to-point communication cas, basd on th fact that in [0] R nc,c stays th sam in both point-to-point and multicast cass. VI. CONCLUSION In this papr, w first analyz th rlationship btwn th cascadd rror-control cods and th ntwork cod in unicast cas and prov that th two cods ar ssntially corrlatd. Furthrmor, w tnd this corrlation to multicast cas. This rsarch provids a nw mthodology that can combat th communication rrors and nod compromising attacks by dsigning fficint ntwork coding schm basd on cascadd rror-control cods and fully utilizing th innr structur of ntwork cods. ACKNOWLEDGEMENT This work was partially supportd by th U.S. National Scinc Foundation undr grants CNS-0, CND-, CNS-0, and ECCS-0 REFERENCES [] R. Ahlswd, N. Cai, S.-Y.Li, and R. Yung, Ntwork information flow, IEEE Transactions on Information Thory, vol., pp. 0, July 000. [] S.-Y. Li, R. W. Yung, and N. Cai, Linar ntwork coding, IEEE Transactions on Information Thory, vol., no., pp., 00. [] R. Kottr and M. Mdard, An algbraic approach to ntwork coding, IEEE/ACM Transactions on Ntworking, vol., no., pp., 00. [] M. Krohn, M. Frdman, and D. Mazirs, On-th-fly vrification of ratlss rasur cods for fficint contnt distribution, in IEEE Symposium on Scurity and Privacy 00, pp. 0, May 00. [] D. Charls, K. Jain, and K. Lautr, Signaturs for ntwork coding, in Proc. of CISS0, pp., 00. [] E. Khdi and B. Li, Null kys: Limiting malicious attacks via null spac proprtis of ntwork coding, in IEEE INFOCOM 00, pp., Apr. 00. [] W. Qiao, J. Li, and J. Rn, An fficint rror-dtction and rrorcorrction (dc) schm for ntwork coding, in IEEE Globcom 0, pp., Dc. 0. [] N. Cai and R. W. Yung, Ntwork coding and rror corrction, in Proc. of IEEE Information Thory Workshop (ITW 00), pp., 00. [] S. Jaggi, M. Langbrg, T. Ho, and M. Effros, Corrction of advrsarial rrors in ntworks, in Proc. of Intrnational Symposium on Information Thory (ISIT 00), pp., 00. [0] J. Li, C. Yang, D. Tang, T. Li, and J. Rn, Charactrization of linar ntwork coding for pollution dtction, Accptd in IEEE Globcom 0. [] S. Lin and D. J. Costllo, Error Control Coding. Prntic Hall, nd d., Jun 00.