From: SECON 2012 Subject: [SECON 2012] Your paper #1569538259 ('Watchdogs to the rescue: Securing Wireless TCP') has been accepted Date: March 19, 2012 8:31:04 PM CDT To: Shehla Rana Cc: Nitin Vaidya Dear Ms. Shehla Rana, Congratulations! We are pleased to inform you that your paper #1569538259  ('Watchdogs to the rescue: Securing Wireless TCP') has been accepted to appear in the 9th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks (SECON), to be held in Seoul, Korea, from June 18-21, 2012. This year, SECON received over 350 submissions, 219 of which were reviewed. The review process was fairly rigorous which included TPC member reviews, an on-line discussion among the reviewers, TPC lead summary recommendations, additional reviews (when needed), and area TPC chair review and recommendations. Based on the TPC recommendations, a total of 68 papers were accepted for publication and presentation at SECON 2012. The reviews for your paper are included below and can also be viewed on EDAS at http://edas.info/showPaper.php?m=1569538259. We hope that you will find the reviewer comments helpful in finalizing your camera-ready manuscript which is due April 16, 2012. We will be sending detailed instructions for submitting your camera-ready manuscript shortly. A few things to note as you finalize your paper. In order for your paper to be published in the IEEE SECON 2012 proceedings and in IEEE Xplore, you need to ensure that: 1. At least one author of the paper register for the IEEE SECON 2012 conference at the full rate. 2. The non-refundable conference registration fee must be paid before uploading the final camera-ready paper 3. The paper must be presented at the conference during its appropriate session. 4. For authors with multiple accepted papers, one full registration can be applied to upto three papers. Finally we note that IEEE is committed to the principle that all persons shall have equal access to programs, facilities, services, and employment without regard to personal characteristics not related to ability, performance, or qualifications as determined by IEEE policy and/or applicable laws.  For more information on the IEEE policy visit http://www.ieee.org/nondiscrimination We look forward to receiving your final version, and to seeing you in Seoul, Korea in June 2012. Best regards, Suman Banerjee & Theodoros Salonidis IEEE SECON 2012 TPC Chairs ======= Review 1 ======= *** Familiarity: Rate your familiarity with the topic of the paper. Some knowledge (I am marginally aware of research work in this topic) (2) *** Recommendation: Your overall rating (Please try giving as few borderlines as possible). weak accept: top 30% of all submissions, but not top 20% (3) *** Contributions: What are the major issues addressed in the paper? Do you consider them important? Comment on the novelty, creativity, impact, and technical depth in the paper. This paper studies the approach of generalized watchdogs and proposes a suite of misbehavior detection protocols for improving the security of TCP in dense wireless networks. The authors identify the challenging requirements of designing misbehavior detection schemes for TCP and address the problem step by step by using adaptive watchdogs and source coding techniques. Through extensive simulations, it is shown that the proposed watchdog based misbehavior detection scheme can provide a lightweight alternative as compared to cryptographic based approaches. *** Strengths: What are the major reasons to accept the paper? [Be brief.] This paper makes a good attempt to investigate the misbehavior detection problem in TCP using watchdogs and coding techniques. The authors carefully address the challenges step by step in designing misbehavior detection systems for TCP security with generalized watchdogs. *** Weaknesses: What are the major reasons NOT to accept the paper? [Be brief.] There is no quantitative security analysis of the watchdog based misbehavior detection scheme, e.g., how much security guarantee can be provided in a specified network setting. *** Detailed Comments: Please provide detailed comments that will help the TPC assess the paper and help provide feedback to the authors. This paper demonstrates the feasibility of using the watchdogs for designing misbehavior detection systems in TCP over wireless networks. The authors carefully design the watchdog notification to ameliorate the throughput degradation and watchdog induced loss and use source coding technique to further increase the watchdog success probability. Extensive simulations are conducted to show the proposed watchdog based approach can provide simple, lightweight and reliable misbehavior detection. This paper is well-written and provides some interesting observations and results in the security design of misbehavior detection systems using watchdog based approach. Some other observations are as follows: 1. The description of the threat model is not very clear from the context. Although the authors characterize the behavior of the malicious relays in some specific simulation settings, I suggest the authors provide an explicit definition of the attacker before the scheme description. For example, malicious nodes may not only modify the packets but also send wrong notification information about the overheard packets when they act as watchdogs. 2. It is obvious that the successful detection of the misbehaviors depends on the number of malicious nodes and honest nodes in the network. Besides the simulation results, it would be better to provide some quantitative analysis or discussions on this issue. ======= Review 2 ======= *** Familiarity: Rate your familiarity with the topic of the paper. Expert (I conduct(ed) active research work in this topic) (4) *** Recommendation: Your overall rating (Please try giving as few borderlines as possible). accept: top 20% of all submissions, but not top 10% (4) *** Contributions: What are the major issues addressed in the paper? Do you consider them important? Comment on the novelty, creativity, impact, and technical depth in the paper. The paper studies the specifics of watchdogs when applied to TCP communication in wireless networks. The paper shows why existent techniques don't work well for TCP, proposes new mechanisms and also overcoming some of the introduced performance limitations by using coding at the source. *** Strengths: What are the major reasons to accept the paper? [Be brief.] Paper makes interesting observations about the limitations of existing watchdog approaches. New methods are proposed to address the limitations. NS2 simulations in realistic network scenarios are presented to  demonstrate the benefits of the new mechanisms. *** Weaknesses: What are the major reasons NOT to accept the paper? [Be brief.] Coding at the source introduces an additional delay. There is no discussion in the paper about this. *** Detailed Comments: Please provide detailed comments that will help the TPC assess the paper and help provide feedback to the authors. The paper is in general well-written and presents a good motivation for the work. Section II in particular presents some interesting insights into the use of watchdogs. I would have like to see a much cleaner separation between the conceptual description of the WD-TCP protocols and its implementation, maybe with some discussion of the possible implementation choices and the implication of each alternative. Presentation of graphs can be slightly improved, many graphs have very small fonts. ======= Review 3 ======= *** Familiarity: Rate your familiarity with the topic of the paper. Familiar (I am well aware of research work in this topic) (3) *** Recommendation: Your overall rating (Please try giving as few borderlines as possible). accept: top 20% of all submissions, but not top 10% (4) *** Contributions: What are the major issues addressed in the paper? Do you consider them important? Comment on the novelty, creativity, impact, and technical depth in the paper. The paper proposes a Watchdog based behaviour detection system for TCP traffic in wireless systems. The proposed Watchdog based scheme is lightweight as compared to the end to end encryption based schemes for packet tampering. NS-2 based simulations are used to compare Watchdog ED-TCP with Basic TCP, end-to-end encrypted TCP and the (6,5) coded WD-TCP. The paper addresses a challenging problem that is of great interest to the wireless community. Securing wireless TCP is a challenge since any solution needs to be efficient, lightweight and yield superior performance. The paper has novelty and is reasonably well written. *** Strengths: What are the major reasons to accept the paper? [Be brief.] The paper has novelty and technical depth. Results in the paper do convince the reader on the superiority of the proposed schemes. Some grey areas are pointed out in a later section. *** Weaknesses: What are the major reasons NOT to accept the paper? [Be brief.] The number of Watchdogs nodes needed to secure wireless TCP is not clear in the paper. In a realistic network (e.g., with 75 nodes), how many Watchdogs are needed to efficiently secure the network? Another grey area is the scenario when there are multiple watchdogs. What happens when a fraction of watchdogs turn malicious? I am not convinced about how one can infer (with a high probability) that one or more watchdogs are malicious in a reaonable amount of time. This, in my view, is a limitation of the paper. The explanation in Section V.A is somewhat weak. In Section V.B, why do the authors choose (6,5) coding? What is the basis of (6, 5) coding scheme? *** Detailed Comments: Please provide detailed comments that will help the TPC assess the paper and help provide feedback to the authors. The paper definitely addresses an important and a hard problem -- that of securing wireless TCP. The proposed watchdog mechanism is simple and seems efficient. The paper makes interesting reading and has novelty. The results in the paper are based on NS-2 simulations. I would have liked to see results where links have different data rates (e.g., link 1 has data rate r_1, link 2 has data rate r_2, etc). That would have made the setup more realistic. Though the paper has merit, one key concern is the scenario when watchdogs misbehave. The robustness and performance of the proposed scheme in this situation is not clear from the paper. In summary, the paper, if accepted, is bound to spawn deeper research in this important area. ======= Review 4 ======= *** Familiarity: Rate your familiarity with the topic of the paper. Expert (I conduct(ed) active research work in this topic) (4) *** Recommendation: Your overall rating (Please try giving as few borderlines as possible). weak reject: top 50% of all submissions, but not top 30% (2) *** Contributions: What are the major issues addressed in the paper? Do you consider them important? Comment on the novelty, creativity, impact, and technical depth in the paper. The paper seeks to generalize and extend the concept of watchdogs for wireless networks, in order to protect TCP traffic against en route corruption. The proposed protocol p is evaluated through simulations. *** Strengths: What are the major reasons to accept the paper? [Be brief.] The simulation based evaluation is systematic. Well-written. *** Weaknesses: What are the major reasons NOT to accept the paper? [Be brief.] Security weaknesses, analysis, novelty. *** Detailed Comments: Please provide detailed comments that will help the TPC assess the paper and help provide feedback to the authors. The long-now-proposed idea of watchdogs is revisited in a very specific context, seeking to protect TCP and to add features/extend the functionality. The idea is basically to allow watchdogs to communicate their findings to the destinations. The novelty is low in the sense that the idea of watchdogs is not by definitions limited to UDP traffic (although early publications went around that). Then, the idea of having overhearing nodes acting in some way is not new either various schemes that sometimes term the watchdogs differently (guard or monitoring or so). The combination of coding with the scheme adds to the novelty. The motivation is not clear: the semantics of TCP have their peculiarity, however, the feeding of an application with corrupted data is not basically different. Watchdog approaches are susceptible to what the literature calls black-mail or –listing attacks. Having faults thrown on ‘innocent’ nodes, either by falsely reporting misbehavior or by inducing a mis-detection. These aspects are not addressed. No evaluation of the protocol is performed in terms of the end-to-end delay and jitter.