Algorithms and Security
Research projects/collaborations

The expertise and know-how developed in the Algorithms & Security group has already resulted in the formation of significant and valuable synergies with academic institutions, corporate R&D labs, and industry. Some of the projects (national, European and Industrial) the group has been involved with are highlighted below. Through these projects, the group has promoted the scientific and technological image of AIT, especially in the fields of computer and network security, and has contributed to making AIT known through innovation, excellence and professionalism.
 




LOTUS (Localisation of Threat Substances in Urban Society) is a project approved for the European Union’s Seventh Framework Security Research Program, with an expected starting date around the end of 2008.

Objectives
The concept and objectives of the LOTUS project is to create a system by which illicit production of explosives and drugs can be detected during the production stage. During the production of explosives, drugs and chemical warfare agents, elevated amounts of precursors are normally present in the air which makes detection possible over a wide urban area. Detectors may be placed at fixed positions although most detectors should be mobile. When a suspicious substance is detected in elevated amounts, information about the type, location, amount and time is registered and sent to a data collection and evaluation centre for analysis. The demonstration system will be based on mobile devices mounted in law enforcement and/or other vehicles under community control

By using existing global infrastructures for positioning (GPS) and networking (GSM, GPRS or 3G) the LOTUS system can be used more or less anywhere in the world at relatively small cost for supporting installations and extra personnel. Special attention will be given to secure communication.

Role of AIT
Investigation and implementation of efficient algorithms and protocols for establishing secure communications between nodes and the information system data collection center or between the nodes themselves. Provision of system security against eavesdropping or feeding false information into the network; robustness against traffic analysis attacks. Design and evaluation of new cryptographic primitives suitable for nodes with constrained resources will be made.

The LOTUS early warning system



Consortium
FOI, The Swedish Defence Research Agency is the coordinator of the LOTUS Project. Partners are Portendo, Saab and Secrab (Sweden), Bruker Daltonik (Germany), Ramem and the University of Barcelona (Spain), Bruhn NewTech (Denmark), Athens Information Technology (Greece) and TNO (The Netherlands).




 

GSRT-PENED National project: Algorithms for smart dust networks

The proposed research focuses in algorithmic and systemic questions of wireless sensor networks - and particularly in networks of “intelligent dust” (smart dust). These networks consist of a large number (in the order of thousands) of exceptionally small devices (in the dimension of a few cubic centimeters and in the very near future, millimeters) that incorporate sensing, computational and communication capabilities. The collaboration of these devices in order to form a spontaneous, ad-hoc network for information gathering and processing has numerous applications and raises important technological as well as algorithmic challenges.

The proposed research includes the design of abstract but realistic models for these types of networks and the design, analysis and implementation of efficient and stable protocols and software. The focus is on the following aspects of computation on these types of networks:

  • Scalability constraints

  • New models of computation

  • Tackling new computational problems that appear in the operation of such networks

  • Design and implementation of new and efficient algorithms and protocols.

Consortium
This project is in collaboration with the Research Academic Computer Technology Institute (RACTI) of the University of Patras, Greece.




 


INTRALOT is a leading provider of state-of-the-art integrated gaming systems to lottery organizations worldwide, delivering cutting edge game content, network integration, transaction processing and value added services.
As part of an ongoing collaboration with Intralot, the Algorithms and Security group has been involved in a number of projects related to secure gaming solutions. Short descriptions for these projects can be seen below:


 

Secure communications framework
 

This project is about designing and implementing a security framework that will allow clients (mobile phones, PCs, etc.) to engage in multiplayer games using Intralot’s platform. Using the platform, a client, equipped with software that permits it to play Intralot capable games, may request access to join a game by interacting with a dedicated game server. The goal of this project is to protect the interactions between clients and game servers for such issues as game code download and integrity/security of communications.

Specific objectives included:

  • Investigation and design of secure code download processes and methods for achieving mobile code protection support.

  • Security of client-server transactions.

  • Analysis and robustness of proposed techniques.

  • Prototype implementation.

    The duration of the project was 1 year and was successfully delivered on July 2007


Software tamper-proofing
 

This project is about providing software protection to Intralot’s deployed code. An important protection measure for mobile code is the ability to prevent undetected modifications of itself. Such changes include both intended malicious changes by code users and changes effected by some other malicious program (e.g. virus).

The modification detection mechanism should be in position to disable the execution of the code and, if possible, notify the code’s owner.
Modification detection can be effected through the use of checksums, guards, or some form of assertion checking.

To prevent such tampering, code should be added that

  • Detects if the program has been altered, and

  • Causes the program to fail or change its behavior when tampering is evident.

Simple­minded tamper proofing code like “if tampered() then exit” is unacceptable because it can be easily defeated by locating the point of failure and then reversing the test of the detection code.
Various techniques will be evaluated (use of cryptographic hash functions, on the fly execution of a program, etc.) in order to produce a system that can be used in tamper-proofing.

Duration 1 year, Expected delivery: end of 2008
 

Fraud Detection and Response in Internet Gaming
 

Fraud refers to the intentional deception carried out by a person for the purpose of achieving some gain while causing injury to someone else. In this work, the topic to be studied is techniques to detect fraud against an Internet gaming operator or other player. Fraud detection in internet gaming seeks to reduce security risks by identifying potential perpetrators of fraud.

The result of this research proposal will be a system that is capable of detecting fraud in practice while maintaining false alarms to a comfortable operational level for the users of the system.

Requirements
 

  • Internet gaming fraud will defined in detail and known fraud scenarios in terms of threat modeling will be recorded and modeled. Part of the system functionality would be to detect “abnormal behavior” patterns that relate to fraud; one category of such patterns in player behavior could indicate a potential case of “identity compromise”.

  • The system should be able to counter-measure against “identity spoofing” attacks and prior to that, develop techniques for recognizing such attacks.

  • The system should support decision making processes in a workflow that will allow the user to see the evidence behind a suspected case of fraud and suggest counter-measures to react to a fraud attack depending on the attack scenario involved each time.

Duration 18 months, Expected delivery: end of 2009