Group Key Rekeying Technique with Secure Data Encryption in MANETs

A Mobile Ad hoc Network (MANET) is a collection of autonomous nodes or mobile devices that can arrange themselves in various ways and operate without strict network administration. Ensuring security in mobile ad hoc network is a challenging issue and most of the applications in mobile ad hoc networks involve group-oriented communication. In Mobile ad-hoc network, each node treated as a terminal and also acts as an intermediate router. In this scenario, multi-hop occurs for communication in mobile ad hoc network. There may be a possibility of threats and malicious nodes in between source and destination. Providing the security in MANET is entirely different from the traditional wired network. In the present scenario, various applications of the mobile ad hoc network have been proposed and issues are solved by using the cryptographic techniques. Mostly cryptographic techniques are used to provide the security to MANETs. Cryptographic techniques will not be efficient security mechanism if the key management is weak. The purpose of key management is to provide secure procedures for handling keys in the cryptographic technique. The responsibilities of key management include key generation, key distribution, and key maintenance. Several key management schemes have been introduced for MANETs. The Group key management scheme is an efficient method for key management in MANET. In group key management scheme, rekeying is used whenever a new node joins or existing node leaves from the group. In this paper, we propose a periodic rekeying method (PRK) and analyze the performance of LKH rekeying techniques in a group key management schemes. The symmetric encryption techniques are analyzed with different parameters, such as Throughput and Energy consumption. Security and performance of rekeying protocols are analyzed through detailed study and simulation

Solutions and Tools for Secure Communication in Wireless Sensor Networks

Secure communication is considered a vital requirement in Wireless Sensor Network (WSN) applications. Such a requirement embraces different aspects, including confidentiality, integrity and authenticity of exchanged information, proper management of security material, and effective prevention and reaction against security threats and attacks. However, WSNs are mainly composed of resource-constrained devices. That is, network nodes feature reduced capabilities, especially in terms of memory storage, computing power, transmission rate, and energy availability. As a consequence, assuring secure communication in WSNs results to be more difficult than in other kinds of network. In fact, trading effectiveness of adopted solutions with their efficiency becomes far more important. In addition, specific device classes or technologies may require to design ad hoc security solutions. Also, it is necessary to efficiently manage security material, and dynamically cope with changes of security requirements. Finally, security threats and countermeasures have to be carefully considered since from the network design phase. This Ph.D. dissertion considers secure communication in WSNs, and provides the following contributions. First, we provide a performance evaluation of IEEE 802.15.4 security services. Then, we focus on the ZigBee technology and its security services, and propose possible solutions to some deficiencies and inefficiencies. Second, we present HISS, a highly scalable and efficient key management scheme, able to contrast collusion attacks while displaying a graceful degradation of performance. Third, we present STaR, a software component for WSNs that secures multiple traffic flows at the same time. It is transparent to the application, and provides runtime reconfigurability, thus coping with dynamic changes of security requirements. Finally, we describe ASF, our attack simulation framework for WSNs. Such a tool helps network designers to quantitatively evaluate effects of security attacks, produce an attack ranking based on their severity, and thus select the most appropriate countermeasures

Detection and Prevention System towards the Truth of Convergence on Decision Using Aumann Agreement Theorem

AbstractThe Detection and Prevention system against many attacks has been formulated in Mobile ad hoc networks to secure the data and to provide the uninterrupted service to the legitimate clients. The formulation of opinion of neighbors or belief value or Trust value plays vital role in the detection system to avoid attacks. The attack detection system always extracts the behaviors of nodes to identify the attack patterns and prediction of future attacks. The False positives and false negatives plays vital role on identification of attackers accurately without any false positives and negatives .Our system uses the Aumann agreement theorem for convergence of Truth on opinion based on the bound of confidence value, such that truth consensus will maintained, The accuracy of system will be enhanced through this methodolog

Group Key Management in Wireless Ad-Hoc and Sensor Networks

A growing number of secure group applications in both civilian and military domains is being deployed in WAHNs. A Wireless Ad-hoc Network (WARN) is a collection of autonomous nodes or terminals that communicate with each other by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. A Mobile Ad-hoc Network (MANET) is a special type of WARN with mobile users. MANET nodes have limited communication, computational capabilities, and power. Wireless Sensor Networks (WSNs) are sensor networks with massive numbers of small, inexpensive devices pervasive throughout electrical and mechanical systems and ubiquitous throughout the environment that monitor and control most aspects of our physical world. In a WAHNs and WSNs with un-trusted nodes, nodes may falsify information, collude to disclose system keys, or even passively refuse to collaborate. Moreover, mobile adversaries might invade more than one node and try to reveal all system secret keys. Due to these special characteristics, key management is essential in securing such networks. Current protocols for secure group communications used in fixed networks tend to be inappropriate. The main objective of this research is to propose, design and evaluate a suitable key management approach for secure group communications to support WAHNs and WSNs applications. Key management is usually divided into key analysis, key assignment, key generation and key distribution. In this thesis, we tried to introduce key management schemes to provide secure group communications in both WAHNs and WSNs. Starting with WAHNs, we developed a key management scheme. A novel architecture for secure group communications was proposed. Our proposed scheme handles key distribution through Combinatorial Key Distribution Scheme (CKDS). We followed with key generation using Threshold-based Key Generation in WAHNs (TKGS). For key assignment, we proposed Combinatorial Key Assignment Scheme (CKAS), which assigns closer key strings to co-located nodes. We claim that our architecture can readily be populated with components to support objectives such as fault tolerance, full-distribution and scalability to mitigate WAHNs constraints. In our architecture, group management is integrated with multicast at the application layer. For key management in WSNs, we started with DCK, a modified scheme suitable for WSNs. In summary, the DCK achieves the following: (1) cluster leader nodes carry the major part of the key management overhead; (2) DCK consumes less than 50% of the energy consumed by SHELL in key management; (3) localizing key refreshment and handling node capture enhances the security by minimizing the amount of information known by each node about other portions of the network; and (4) since DCK does not involve the use of other clusters to maintain local cluster data, it scales better from a storage point of view with the network size represented by the number of clusters. We went further and proposed the use of key polynomials with DCK to enhance the resilience of multiple node capturing. Comparing our schemes to static and dynamic key management, our scheme was found to enhance network resilience at a smaller polynomial degree t and accordingly with less storage per node

Adaptive trust and reputation system as a security service in group communications

Group communications has been facilitating many emerging applications which require packet delivery from one or more sender(s) to multiple receivers. Owing to the multicasting and broadcasting nature, group communications are susceptible to various kinds of attacks. Though a number of proposals have been reported to secure group communications, provisioning security in group communications remains a critical and challenging issue. This work first presents a survey on recent advances in security requirements and services in group communications in wireless and wired networks, and discusses challenges in designing secure group communications in these networks. Effective security services to secure group communications are then proposed. This dissertation also introduces the taxonomy of security services, which can be applied to secure group communications, and evaluates existing secure group communications schemes. This dissertation work analyzes a number of vulnerabilities against trust and reputation systems, and proposes a threat model to predict attack behaviors. This work also considers scenarios in which multiple attacking agents actively and collaboratively attack the whole network as well as a specific individual node. The behaviors may be related to both performance issues and security issues. Finally, this work extensively examines and substantiates the security of the proposed trust and reputation system. This work next discusses the proposed trust and reputation system for an anonymous network, referred to as the Adaptive Trust-based Anonymous Network (ATAN). The distributed and decentralized network management in ATAN does not require a central authority so that ATAN alleviates the problem of a single point of failure. In ATAN, the trust and reputation system aims to enhance anonymity by establishing a trust and reputation relationship between the source and the forwarding members. The trust and reputation relationship of any two nodes is adaptive to new information learned by these two nodes or recommended from other trust nodes. Therefore, packets are anonymously routed from the \u27trusted\u27 source to the destination through \u27trusted\u27 intermediate nodes, thereby improving anonymity of communications. In the performance analysis, the ratio of the ATAN header and data payload is around 0.1, which is relatively small. This dissertation offers analysis on security services on group communications. It illustrates that these security services are needed to incorporate with each other such that group communications can be secure. Furthermore, the adaptive trust and reputation system is proposed to integrate the concept of trust and reputation into communications. Although deploying the trust and reputation system incurs some overheads in terms of storage spaces, bandwidth and computation cycles, it shows a very promising performance that enhance users\u27 confidence in using group communications, and concludes that the trust and reputation system should be deployed as another layer of security services to protect group communications against malicious adversaries and attacks

Scalable and Secure Dynamic Key Management and Channel Aware Routing in Mobile Adhoc Networks

A MANET (Mobile Ad-hoc Network) is an infrastructure-less self configuring wireless networks of routers. Key management is at the center of providing network security via cryptographic mechanisms with a high-availability feature. Dynamic key is the efficient assistance for network scalability. Routing protocol used here is a form of reactive routing called CA-AOMDV and compared with Table driven routing called DSDV. Channel aware routing protocol quality of the channel which can be measured in terms of suitable metrics. This paper leads to an emphasis on Black hole attack and to develop a dynamic key framework using RSA algorithm

Security in Mobile Networks: Communication and Localization

Nowadays the mobile networks are everywhere. The world is becoming more dependent on wireless and mobile services, but the rapid growth of these technologies usually underestimates security aspects. As wireless and mobile services grow, weaknesses in network infrastructures become clearer. One of the problems is privacy. Wireless technologies can reduce costs, increase efficiencies, and make important information more readily and widely available. But, there are also risks. Without appropriate safeguards, these data can be read and modified by unauthorized users. There are many solutions, less and more effective, to protect the data from unauthorized users. But, a specific application could distinguish more data flows between authorized users. Protect the privacy of these information between subsets of users is not a trivial problem. Another problem is the reliability of the wireless service. Multi-vehicle systems composed of Autonomous Guided Vehicles (AGVs) are largely used for industrial transportation in manufacturing and logistics systems. These vehicles use a mobile wireless network to exchange information in order to coordinate their tasks and movements. The reliable dissemination of these information is a crucial operation, because the AGVs may achieve an inconsistent view of the system leading to the failure of the coordination task. This has clear safety implications. Going more in deep, even if the communication are confidential and reliable, anyway the positioning information could be corrupted. Usually, vehicles get the positioning information through a secondary wireless network system such as GPS. Nevertheless, the widespread civil GPS is extremely fragile in adversarial scenarios. An insecure distance or position estimation could produce security problems such as unauthorized accesses, denial of service, thefts, integrity disruption with possible safety implications and intentional disasters. In this dissertation, we face these three problems, proposing an original solution for each one