Network Security

Botnet Tracking

Botnets are one of the major threats to the Internet today. This project aims to shed light on this phenomenon. Towards this goal, we established a scalable distributed data collection infrastructure to capture and track large collections of Botnets. Currently, our system is tailored to capture Botnets that use IRC to disseminate the Botmaster commands to his Bot armies. Our infrastructure collects Malware using a distributed Honeynet. The collected Malware is then analyzed to discover new IRC Botnets and extract their features to enable infiltration and longitudinal lightweight tracking. For more information, please visit the project's web page.

Mobile Malware

In recent years, there has been widespread adoption of wireless networks, as a medium for communication e.g. metro-area WiFi networks, campus/enterprise wireless deployments etc. These developments bring with themselves, their own set of security maladies. Mobility of nodes can be exploited to spread malware among wireless nodes moving across network domains. Propagation of malware across network boundaries occurs trivially because, nodes can easily traverse firewalls and other such perimeter defenses. This project aims to explore the space of worm modeling, detection and containment of such mobile malware.

Wireless Sensor Networks

Life Under Your Feet

LYUF is a joint project with Katalin Szlavecz from JHU Department of Earth and Planetary Sciences and Alex Szalay from JHU Department of Physics & Astronomy. The purpose of the project is to use WSNs to study the environmental parameters of the soil on various spatial and temporal scales at a much finer granularity than before. As part of the project we did several deployments using both MicaZ and TelosB/Sky and gather data spanning more than 23 months. We are now moving to a bigger scale and plan to deploy around 200 nodes.

You can learn more about our current deployment status from the deployment's blog.

MEDiSN: Medical Emergency Detection in Sensor Networks

Staff shortages and an increasingly aging population are straining the ability of emergency departments to provide high-quality care. Additionally, there is a growing concern about the ability of hospitals and EMS responders to provide effective care during disaster events. To automate the patient monitoring process and improve efficiency, quality of care, and the volume of patients treated, we have developed MEDiSN, a wireless sensor network for monitoring patients’ vital signs in hospitals and disaster events. The MEDiSN system is undergoing multiple tests at a number of hospitals in the Baltimore-Washington area.

Koala

Many sensor network applications belong to a class refered to as simple data collection, and these applications have some interesting characteristics. For example, the data does not have rigid real-time latency requirement, nor does it require in-network processing. In fact, an efficient data collection protocol can really help extending the network lifetime.

Koala is a reliable data retrieval system designed to operate at permille (0.1%) duty cycles. It achieves this goal by keeping the network's node in deep sleep most of the time and reviving them through an efficient network-wide wake-up mechanism. Koala uses the Flexible Control Protocol (FCP), a multi-hop data download protocol. A base station uses neighborhood connecitivity information of each node to calculate the download path. We have successfully integrated Koala with Life Under Your Feet (LUYF) projects, and we are currently evaluating field performance.

Typhoon

Reliable large-object dissemination protocols have mostly used in in-network reprogramming. Typhoon aims to reduce dissemination completion time, which reduces the extend of service interruption in the network. In addition, it reduces motes' idle listening time, a major consumer of energy during dissemination. Typhoon sends unicast packets in order for the sender to receive packet acknowledgements quickly. In addition, nodes can snoop packets to reduce the number of total requests. To allow multiple data transfers, every transfer takes place on a channel that is differet from each other and from the common channel. Another benefit of channel diversity is in improving pipelining performance. For more information, please refer to our EWSN 2008 publication.

Deluge T2

To server our own needs for over-the-air reprogramming and as a service to the WSN community we ported the Deluge2 to TinyOS 2. The code was included in the official distribution starting with version TinyOS 2.0.2.

tinyos.py

tinyos.py is a Python implementation of the T2 serial communication. An earlier version was included in the tools package of TinyOS 2.0.2 as part of the Deluge T2. In Nov 2007 the code was committed to the tinyos-2.x-contrib CVS repository.

Multimodal Target Tracking

We describe the design and implementation of solutions for localization problems in multi-modal wireless sensor networks. The problem of network self-localization, namely determining the positions of the nodes that comprise the network, is addressed optically using a set of pan-tilt-zoom (PTZ) cameras to search for a small light-source attached to each of the sensor nodes. Once the locations and headings of the network's nodes are estimated by the cameras, the network can be used to detect and estimate the location of objects traveling through it. Target localization is performed within the network, using information from magnetometers connected to the sensor nodes. We evaluate the performance of the proposed target localization algorithms through simulations and an implementation running on MicaZ motes. Find more.

Past Projects

• DNS Performance
• Using overlay networks to improve VoIP performance
• Landslide detection