Virtual closed networks: A secure approach to autonomous mobile ad hoc networks

The increasing autonomy of Mobile Ad Hoc Networks (MANETs) has enabled a great many large-scale unguided missions, such as agricultural planning, conservation and similar surveying tasks. Commercial and military institutions have expressed great interest in such ventures; raising the question of security as the application of such systems in potentially hostile environments becomes a desired function of such networks. Preventing theft, disruption or destruction of such MANETs through cyber-attacks has become a focus for many researchers as a result. Virtual Private Networks (VPNs) have been shown to enhance the security of Mobile Ad hoc Networks (MANETs), at a high cost in network resources during the setup of secure tunnels. VPNs do not normally support broadcast communication, reducing their effectiveness in high-traffic MANETs, which have many broadcast communication requirements. To support routing, broadcast updates and efficient MANET communication, a Virtual Closed Network (VCN) architecture is proposed. By supporting private, secure communication in unicast, multicast and broadcast modes, VCNs provide an efficient alternative to VPNs when securing MANETs. Comparative analysis of the set-up overheads of VCN and VPN approaches is provided between OpenVPN, IPsec, Virtual Private LAN Service (VPLS), and the proposed VCN solution: Security Using Pre-Existing Routing for MANETs (SUPERMAN)

Securing autonomous networks through virtual closure

The increasing autonomy of Mobile Ad Hoc Networks (MANETs) has enabled a great many large-scale unguided missions, such as agricultural planning, conservation and similar surveying tasks. Commercial and military institutions have expressed great interest in such ventures, raising the question of security as the application of such systems in potentially hostile environments. Preventing theft, disruption or destruction of such MANETs through cyber-attacks has become a focus for many researchers as a result. Virtual Private Networks (VPNs) have been shown to enhance the security of Mobile Ad hoc Networks (MANETs). VPNs do not normally support broadcast communication, reducing their effectiveness in high-traffic MANETs which have many broadcast communication requirements. To support routing, broadcast updates and efficient MANET communication a Virtual Closed Network (VCN) architecture is proposed. By supporting private, secure communication in unicast, multicast and broadcast modes, VCNs provide an efficient alternative to VPNs when securing MANETs. Comparative analysis of the set-up and security overheads of VCN and VPN approaches is provided between OpenVPN, IPsec, Virtual Private LAN Service (VPLS), and the proposed VCN solution: Security Using Pre-Existing Routing for MANETs (SUPERMAN)

Simulation framework of port operation and recovery planning

This study proposes a framework of simulation tool suites for ports to evaluate their response to disaster crisis and port security policies. The focus is containerized cargos that are imported through ports in the U.S. with final destinations also in the U.S. A crisis, such as a man-made or natural disaster, may cause a delay at the seaport. The down time of ports may result in severe economic losses. Thus, when a seaport cannot normally operate, it is important to minimize the impact caused by the disrupted freight flow. Port security policies also have a significant impact on the port operation efficiency. This model developed in this study evaluates the performance of re-routing strategies under different crisis scenarios and can help the user to find an effective re-routing decision and analyze security policies of a port. This model also analyzes security policies of the simulation port

Biometric Based Intrusion Detection System using Dempster-Shafer Theory for Mobile Ad hoc Network Security

In wireless mobile ad hoc network, mainly, two approaches are followed to protect the security such as prevention-based approaches and detection-based approaches. A Mobile Ad hoc Network (MANET) is a collection of autonomous wireless mobile nodes forming temporary network to interchange data (data packets) without using any fixed topology or centralized administration. In this dynamic network, each node changes its geographical position and acts as a router for forwarding packets to the other node. Current MANETs are basically vulnerable to different types of attacks. The multimodal biometric technology gives possible resolves for continuous user authentication and vulnerability in high security mobile ad hoc networks (MANETs). Dempster’s rule for combination gives a numerical method for combining multiple pieces of data from unreliable observers. This paper studies biometric authentication and intrusion detection system with data fusion using Dempster–Shafer theory in such MANETs. Multimodal biometric technologies are arrayed to work with intrusion detection to improve the limitations of unimodal biometric technique

A critical review of cyber-physical security for building automation systems

Modern Building Automation Systems (BASs), as the brain that enables the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as optimized automation via outsourced cloud analytics and increased building-grid integrations. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber-secure resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber-secure resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro

Sinkhole Detection in IOT using Elliptic Curve Digital Signature

A variety of smart applications, including homes, transportation, health, and robots in industries, are starting to gain interest due to the fast expansion of Internet of Things (IoT). Smart devices are made up of sensors and actuators that actively involved in monitoring, prediction, security, and information sharing in the IoT ecosystem. These state-of-the-art (SOTA) technologies enable people to monitor and manage their unified milieu in real-time. IoT devices are nevertheless regularly used in hostile situations, where attackers try to grab and penetrate them to take over the entire network. Due to the possibility of selective forwarding, sinkhole, blackhole, and wormhole attacks on IoT networks is a serious security risk. This research offers an effective method using a digital signature to detect and mitigate sinkhole attacks on IoT networks to resolve this problem. By doing a thorough security study of this suggested system, it shows how safe it is and how resistant it is to secure sinkhole attack detection. In this study, elliptic curve digital signature algorithm is used along with the node ranker to detect the sinkhole attack in IoT environment. According to the performance analysis and experimental findings compared to other research, the suggested system offers good detection accuracy and greatly lowers the overhead associated with computing, communication, and storage