A novel approach for the fast detection of black holes in mobile ad hoc networks

Mobile ad hoc networks are infrastructure-less wireless networks that rely on node cooperation to properly work. In this kind of networks, attack detection and reaction is a key issue to the whole network. The most common threat in mobile ad hoc network scenarios consists in the presence of a certain percentage of selfish nodes, which try to reduce the consumption of their own resources to prolong their battery lifetime. Those nodes do not collaborate on forwarding activities, therefore affecting the overall network performance. Watchdogs are well-known mechanisms to detect threats and attacks from misbehaved and selfish nodes in computer networks. The problem behind the use of watchdogs is that while they can be quite effective in detecting selfishness by using their traffic overhearing behaviour, they can also cause a relatively high level of false negatives, thereby reducing their accuracy. This article proposes a collaborative approach for detecting selfish nodes in mobile ad hoc networks. It is based on using a set of collaborative watchdogs, which collaborate to enhance their individual and collective performance. By using both an analytical study and simulation, we demonstrate that our approach is able to improve accuracy and detection speed, while reducing the impact of false-negative eventsThis work was partially supported by the Ministerio de Ciencia e Innovacion, Spain, under grant TIN2011-27543-C03-01.Serrat Olmos, MD.; Hernández Orallo, E.; Cano Escribá, JC.; Tavares De Araujo Cesariny Calafate, CM.; Manzoni, P. (2013). A novel approach for the fast detection of black holes in mobile ad hoc networks. Concurrent Engineering: Research and Applications. 21(3):177-185. https://doi.org/10.1177/1063293X13493448S177185213Buchegger, S., & Le Boudec, J.-Y. (2005). Self-policing mobile ad hoc networks by reputation systems. IEEE Communications Magazine, 43(7), 101-107. doi:10.1109/mcom.2005.1470831Buttyán, L., & Hubaux, J.-P. (2003). Mobile Networks and Applications, 8(5), 579-592. doi:10.1023/a:1025146013151Groenevelt, R., Nain, P., & Koole, G. (2005). The message delay in mobile ad hoc networks. Performance Evaluation, 62(1-4), 210-228. doi:10.1016/j.peva.2005.07.018Hortelano, J., Calafate, C. T., Cano, J. C., de Leoni, M., Manzoni, P., & Mecella, M. (2010). Black-Hole Attacks in P2P Mobile Networks Discovered through Bayesian Filters. Lecture Notes in Computer Science, 543-552. doi:10.1007/978-3-642-16961-8_77Li, Y., Su, G., Wu, D. O., Jin, D., Su, L., & Zeng, L. (2011). The Impact of Node Selfishness on Multicasting in Delay Tolerant Networks. IEEE Transactions on Vehicular Technology, 60(5), 2224-2238. doi:10.1109/tvt.2011.2149552Marti, S., Giuli, T. J., Lai, K., & Baker, M. (2000). Mitigating routing misbehavior in mobile ad hoc networks. Proceedings of the 6th annual international conference on Mobile computing and networking - MobiCom ’00. doi:10.1145/345910.345955T.V.P, S., & A, S. (2010). Modeling the Behavior of Selfish Forwarding Nodes to Stimulate Cooperation in MANET. International journal of Network Security & Its Applications, 2(2), 147-160. doi:10.5121/ijnsa.2010.2212Xu, L., Lin, Z., & Ye, A. (2006). Analysis and Countermeasure of Selfish Node Problem in Mobile Ad Hoc Network. 2006 10th International Conference on Computer Supported Cooperative Work in Design. doi:10.1109/cscwd.2006.253072Zhong, S., Chen, J., & Yang, Y. R. (s. f.). Sprite: a simple, cheat-proof, credit-based system for mobile ad-hoc networks. IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428). doi:10.1109/infcom.2003.1209220Zhu, H., Fu, L., Xue, G., Zhu, Y., Li, M., & Ni, L. M. (2010). Recognizing Exponential Inter-Contact Time in VANETs. 2010 Proceedings IEEE INFOCOM. doi:10.1109/infcom.2010.546226

An Enhanced AODV Protocol for Avoiding Black Holes in MANET

© 2018 The Authors. Published by Elsevier Ltd. Black hole attack is one of the well-known attacks on Mobile Ad hoc Networks, MANET. This paper discusses this problem and proposes a new approach based on building a global reputation system that helps AODV protocol in selecting the best path to destination, when there is more than one possible route. The proposed protocol enhances the using of watchdogs in AODV by collecting the observations and broadcasting them to all nodes in the network using a low overhead approach. Moreover, the proposed protocol takes into account the detection challenge when a black hole continuously moves

Design and implementation of architectures for the deployment of secure community wireless networks

Recientes avances en las tecnologías de la comunicación, así como la proliferación de nuevos dispositivos de computación, están plasmando nuestro entorno hacia un Internet ubicuo. Internet ofrece una plataforma global para acceder con bajo coste a una vasta gama de servicios de telecomunicaciones, como el correo electrónico, comercio electrónico, tele-educación, tele-salud y tele-medicina a bajo coste. Sin embargo, incluso en los países más desarrollados, un gran número de áreas rurales todavía están pobremente equipadas con una infraestructura básica de telecomunicaciones. Hoy en día, existen algunos esfuerzos para resolver esta falta de infraestructura, pero resultan todavía insuficientes. Con este objetivo presentamos en esta tesis RuralNet, una red comunitaria inalámbrica para proveer acceso a Internet de forma personalizada a los subscriptores de un área rural. Los objetivos de este estudio han sido el desarrollo de una nueva arquitectura para ofrecer un acceso a Internet flexible y seguro para zonas rurales aisladas. RuralNet combina el paradigma de las redes mesh y el uso de los dispositivos inalámbricos embebidos más económicos para ofrecer un gran número de servicios y aplicaciones basados en Internet. La solución desarrollada por RuralNet es capaz de cubrir grandes áreas a bajo coste, y puede también ser fácilmente desplegado y extendido tanto en términos de cobertura como de servicios ofrecidos. Dado que la implementación y la evaluación de RuralNet requiere un alto coste y una gran cantidad de mano de obra, hemos considerado que la simulación y la emulación eran una alternativa válida para ahorrar costes. Con este objetivo hemos desarrollado Castadiva, un emulador flexible proyectado para la evaluación de redes MANET y mesh. Castadiva es un emulador basado en dispositivos de bajo coste, utilizado para evaluar los protocolos y las aplicaciones desarrolladas.Hortelano Otero, J. (2011). Design and implementation of architectures for the deployment of secure community wireless networks [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/10079Palanci

Intelligent detection of black hole attacks for secure communication in autonomous and connected vehicles

Detection of Black Hole attacks is one of the most challenging and critical routing security issues in vehicular ad hoc networks (VANETs) and autonomous and connected vehicles (ACVs). Malicious vehicles or nodes may exist in the cyber-physical path on which the data and control packets have to be routed converting a secure and reliable route into a compromised one. However, instead of passing packets to a neighbouring node, malicious nodes bypass them and drop any data packets that could contain emergency alarms. We introduce an intelligent black hole attack detection scheme (IDBA) tailored to ACV. We consider four key parameters in the design of the scheme, namely, Hop Count, Destination Sequence Number, Packet Delivery Ratio (PDR), and End-to-End delay (E2E). We tested the performance of our IDBA against AODV with Black Hole (BAODV), Intrusion Detection System (IdsAODV), and EAODV algorithms. Extensive simulation results show that our IDBA outperforms existing approaches in terms of PDR, E2E, Routing Overhead, Packet Loss Rate, and Throughput

A Model of Data Forwarding in MANETs for Lightweight Detection of Malicious Packet Dropping

This work introduces a model of data forwarding in MANETs which is used for recognizing malicious packet dropping behaviors. First, different legitimate packet discard situations are modeled, such as those generated by collisions, channel errors or mobility related droppings. Second, we propose an anomaly-based IDS system based on an enhanced windowing method to carry out the collection and analysis of selected crosslayer features. Third, a real deployment of the IDS is also considered by suggesting a methodology for the collection of the selected features in a distributed manner. We evaluate our proposal in a simulation framework and the experimental results show a considerable enhancement in detection results when compared with other approaches in the literature. For instance, our scheme shows a 22% improvement in terms of true positives rate and a remarkable 83% improvement in terms of false positives rate when compared to previous well-known statistical solutions. Finally, it is notable the simplicity and lightweightness of the proposal

Optimising routing and trustworthiness of ad hoc networks using swarm intelligence

This thesis was submitted for the degree of Doctor of Philsophy and awarded by Brunel UniversityThis thesis proposes different approaches to address routing and security of MANETs using swarm technology. The mobility and infrastructure-less of MANET as well as nodes misbehavior compose great challenges to routing and security protocols of such a network. The first approach addresses the problem of channel assignment in multichannel ad hoc networks with limited number of interfaces, where stable route are more preferred to be selected. The channel selection is based on link quality between the nodes. Geographical information is used with mapping algorithm in order to estimate and predict the links’ quality and routes life time, which is combined with Ant Colony Optimization (ACO) algorithm to find most stable route with high data rate. As a result, a better utilization of the channels is performed where the throughput increased up to 74% over ASAR protocol. A new smart data packet routing protocol is developed based on the River Formation Dynamics (RFD) algorithm. The RFD algorithm is a subset of swarm intelligence which mimics how rivers are created in nature. The protocol is a distributed swarm learning approach where data packets are smart enough to guide themselves through best available route in the network. The learning information is distributed throughout the nodes of the network. This information can be used and updated by successive data packets in order to maintain and find better routes. Data packets act like swarm agents (drops) where they carry their path information and update routing information without the need for backward agents. These data packets modify the routing information based on different network metrics. As a result, data packet can guide themselves through better routes. In the second approach, a hybrid ACO and RFD smart data packet routing protocol is developed where the protocol tries to find shortest path that is less congested to the destination. Simulation results show throughput improvement by 30% over AODV protocol and 13% over AntHocNet. Both delay and jitter have been improved more than 96% over AODV protocol. In order to overcome the problem of source routing introduced due to the use of the ACO algorithm, a solely RFD based distance vector protocol has been developed as a third approach. Moreover, the protocol separates reactive learned information from proactive learned information to add more reliability to data routing. To minimize the power consumption introduced due to the hybrid nature of the RFD routing protocol, a forth approach has been developed. This protocol tackles the problem of power consumption and adds packets delivery power minimization to the protocol based on RFD algorithm. Finally, a security model based on reputation and trust is added to the smart data packet protocol in order to detect misbehaving nodes. A trust system has been built based on the privilege offered by the RFD algorithm, where drops are always moving from higher altitude to lower one. Moreover, the distributed and undefined nature of the ad hoc network forces the nodes to obligate to cooperative behaviour in order not to be exposed. This system can easily and quickly detect misbehaving nodes according to altitude difference between active intermediate nodes

Maximizing Network Lifetime using Fuzzy Based Secure Data Aggregation Protocol (FSDAP) in a Wireless Sensor Networks

Secure Data Aggregation in Wireless Senor Networks (WSNs) is a challenging issue. The various protocols has been suggested in the recent past such as EDIT[13], ADA[8], TSDA[9], SEDAN[10]. These protocols effectively meet the constraints of WSNs. In this paper, we have proposed a Fuzzy Based Secure Data Aggregation protocol (FSDAP) which is an efficient localized protocol. The FSDAP protocol is designed with three phases. The first phase selects Aggregator Node using ANS algorithm. An ANS algorithm involves two steps to elect an Aggregator Node in the clustered network. In first step, the cluster head is selected based on the Euclidean distance and in second step, the cluster head is selected based on the fuzzy product and fuzzy value (α). Then, in second phase, a selected AN eliminates data redundancy sensed by all sensor nodes within the cluster. Finally, in third phase, the FSDAP protocol effectively detects malicious node and provides secure data transmission path. Thus, the proposed protocol, FSDAP utilizes the node’s resource parameter uniformly, which in turn improves Network Lifetime, maximizes Throughput Rate, maximizes Packet Delivery Ratio and minimizes End-to-End Delay. The FSDAP is simulated using the NS2 simulator and compared with centroid algorithms Fuzzy C-Means and K-Means algorithm and a secure aggregation protocol implemented using SAR (Secure Aware Ad hoc Routing). The time complexity of FSDAP protocol is O(m2n)

A layered security approach for cooperation enforcement in MANETs

In fully self-organized MANETs, nodes are naturally reluctant to spend their precious resources forwarding other nodes' packets and are therefore liable to exhibit selfish or sometimes malicious behaviour. This selfishness could potentially lead to network partitioning and network performance degradation. Cooperation enforcement schemes, such as reputation and trust based schemes have been proposed to counteract the issue of selfishness. The sole purpose of these schemes is to ensure selfish nodes bear the consequences of their bad actions. However, malicious nodes can exploit mobility and free identities available to breach the security of these systems and escape punishment or detection. Firstly, in the case of mobility, a malicious node can gain benefit even after having been detected by a reputation-based system, by interacting directly with its source or destination nodes. Secondly, since the lack of infrastructure in MANETs does not suit centralized identity management or centralized Trusted Third Parties, nodes can create zero-cost identities without any restrictions. As a result, a selfish node can easily escape the consequences of whatever misbehaviour it has performed by simply changing identity to clear all its bad history, known as whitewashing. Hence, this makes it difficult to hold malicious nodes accountable for their actions. Finally, a malicious node can concurrently create and control more than one virtual identity to launch an attack, called a Sybil attack. In the context of reputation-based schemes, a Sybil attacker can disrupt the detection accuracy by defaming other good nodes, self-promoting itself or exchanging bogus positive recommendations about one of its quarantined identities. This thesis explores two aspects of direct interactions (DIs), i. e. Dis as a selfish nodes' strategy and Dis produced by inappropriate simulation parameters. In the latter case DIs cause confusion in the results evaluation of reputation-based schemes. We propose a method that uses the service contribution and consumption information to discourage selfish nodes that try to increase their benefit through DIs. We also propose methods that categorize nodes' benefits in order to mitigate the confusion caused in the results evaluation. A novel layered security approach is proposed using proactive and reactive paradigms to counteract whitewashing and Sybil attacks. The proactive paradigm is aimed at removing the advantages that whitewashing can provide by enforcing a non-monetary entry fee per new identity, in the form of cooperation in the network. The results show that this method deters these attackers by reducing their benefits in the network. In the reactive case, we propose a lightweight approach to detect new identities of whitewashers and Sybil attackers on the MAC layer using the 802.11 protocol without using any extra hardware. The experiments show that a signal strength based threshold exists which can help us detect Sybil and whitewashers' identities. Through the help of extensive simulations and real-world testbed experimentations, we are able to demonstrate that our proposed solution detects Sybil or whitewashers' new identities with good accuracy and reduces the benefits of malicious activity even in the presence of mobility