Learn More
—Wireless sensor networks (WSNs) deployed in hostile environments are vulnerable to clone attacks. In such attack, an adversary compromises a few nodes, replicates them, and inserts arbitrary number of replicas into the network. Consequently , the adversary can carry out many internal attacks. Previous solutions on detecting clone attacks have several(More)
—Clustering has been widely used in wireless ad hoc networks for various purposes such as routing, broadcasting and Qos. Many clustering algorithms have been proposed. However, most of them implicitly assume that nodes behave honestly in the clustering process. In practice, there might be some malicious nodes trying to manipulate the clustering process to(More)
Many sensor network applications rely on sensors' location information. However, most of existing location algorithms assume a non-adversarial environment or assume beacons lying within 1-hop. In this paper, we fo- cus on Hop-Count based localization (multihop) and de- velop a Secure HOp-Count based LOCalization scheme, called SHOLOC, to make localization(More)
—Many secure localization algorithms have been proposed. In these algorithms, collusion attack is usually considered as the strongest attack when evaluating their performance. Also, for ensuring correct localization under the collusion attack, a necessary number of normal beacons are needed and a lower bound on this number has been established (assuming the(More)
An identity-based broadcast encryption cryptosystem enable senders to efficiently broadcast cipher texts to a large set of receivers, which can use arbitrary strings as public keys. In this kind of cryptosystem, if the Private Key Generator (PKG) is untrusted, you may suddenly learn that a private key corresponding to your Identity is used to decrypt some(More)
Today, there are many hybrid apps in which both native Android app UI and WebView UI are used. To protect the security and privacy of the communications, these hybrid apps all use HTTPS by WebView, a key component in modern web browser. In this paper, we show there is another type of SSL vulnerability that stems from the error-handling code in the hybrid(More)
Security of authentication protocols heavily relies on the confidentiality of credentials (or authenticators) like passwords and session IDs. However, unlike browser-based web applications for which highly evolved browsers manage the authenticators, Android apps have to construct their own management. We find that most apps simply locate their(More)