Secure Data Transmission in Mobile Ad Hoc Networks

The vision of nomadic computing with its ubiquitous access has stimulated much interest in the Mobile Ad Hoc Networking (MANET) technology. However, its proliferation strongly depends on the availability of security provisions, among other factors. In the open, collaborative MANET environment practically any node can maliciously or selfishly disrupt and deny communication of other nodes. In this paper, we present and evaluate the Secure Message Transmission (SMT) protocol, which safeguards the data transmission against arbitrary malicious behavior of other nodes. SMT is a lightweight, yet very effective, protocol that can operate solely in an end-to-end manner. It exploits the redundancy of multipath routing and adapts its operation to remain efficient and effective even in highly adverse environments. SMT is capable of delivering up to 250% more data messages than a protocol that does not secure the data transmission. Moreover, SMT outperforms an alternative single-path protocol, a secure data forwarding protocol we term Secure Single Path (SSP) protocol. SMT imposes up to 68% less routing overhead than SSP, delivers up to 22% more data packets and achieves end-to-end delays that are up to 94% lower than those of SSP. Thus, SMT is better suited to support QoS for real-time communications in the ad hoc networking environment. The security of data transmission is achieved without restrictive assumptions on the network nodes' trust and network membership, without the use of intrusion detection schemes, and at the expense of moderate multi-path transmission overhead only

Secure rendezvous and static containment in multi-agent systems with adversarial intruders

In this paper we propose a novel distributed local interaction protocol for networks of multi-agent systems (MASs) in a multi-dimensional space under directed time-varying graph with the objective to achieve secure rendezvous or static containment within the convex hull of a set of leader agents. We consider the scenario where a set of anonymous adversarial agents may intrude the network (or may be hijacked by a cyber-attack) and show that the proposed strategy guarantees the achievement of the global objective despite the continued influence of the adversaries which cannot be detected nor identified by the collaborative agents. We characterize the convergence properties of the proposed protocol in terms of the characteristics of the underlying network topology of the multi-agent system. Numerical simulations and examples corroborate the theoretical results

Analysis of Secure Routing Scheme for MANET

Mobile ad hoc networks pose various kinds of security problems, caused by their nature of collaborative and open systems and by limited availability of resources. In our work we look at AODV in detail, study and analyses various attacks that can be possible on it. Then we look into some existing mechanism for securing AODV protocol. Our proposed work is an extension to Adaptive-SAODV of the secure AODV protocol extension, which includes tuning strategies aimed at improving its performance. In A-SAODV an intermediate node makes an adaptive reply decision for an incoming request that helps to balance its load that is over-burdened by signing and verification task of incoming messages. Namely, we propose a modification to adaptive mechanism that tunes SAODV behavior. In our paper we have proposed an extension to Adaptive-SAODV of the secure AODV protocol extension, which includes further filtering strategies aimed at further improving its network performance. We have analyzed the how our proposed algorithm can help in further improvement of performance in adaptive SAODV and also compared its performance with existing mechanisms using simulation

Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries

We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes is expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment. We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a single light-weight scheme which outperforms the others. Using extensive simulation results over real Internet topologies, we demonstrate that our scheme is scalable to very large networks, with up to millions of nodes. The second model we consider is the malicious peers model, where peers can behave arbitrarily, deliberately trying to affect the results of the computation as well as compromising the privacy of other peers. For this model we provide a fourth scheme to defend the execution of the computation against the malicious peers. The proposed scheme has a higher complexity relative to the semi-honest model. Overall, we provide the Peer-to-Peer network designer a set of tools to choose from, based on the desired level of security.Comment: Submitted to Peer-to-Peer Networking and Applications Journal (PPNA) 200

A Quantum Key Distribution Network Through Single Mode Optical Fiber

Quantum key distribution (QKD) has been developed within the last decade that is provably secure against arbitrary computing power, and even against quantum computer attacks. Now there is a strong need of research to exploit this technology in the existing communication networks. In this paper we have presented various experimental results pertaining to QKD like Raw key rate and Quantum bit error rate (QBER). We found these results over 25 km single mode optical fiber. The experimental setup implemented the enhanced version of BB84 QKD protocol. Based upon the results obtained, we have presented a network design which can be implemented for the realization of large scale QKD networks. Furthermore, several new ideas are presented and discussed to integrate the QKD technique in the classical communication networks.Comment: This paper has been submitted to the 2006 International Symposium on Collaborative Technologies and Systems (CTS 2006)May 14-17, 2006, Las Vegas, Nevada, US

Enhancing security and dependability of industrial networks with opinion dynamics

Opinion Dynamics poses a novel technique to accurately locate the patterns of an advanced attack against an industrial infrastructure, compared to traditional intrusion detection systems. This distributed solution provides pro table information to identify the most a ected areas within the network, which can be leveraged to design and deploy tailored response mechanisms that ensure the continuity of the service. In this work, we base on this multi-agent collaborative approach to propose a response technique that permits the secure delivery of messages across the network. For such goal, our contribution is twofold: rstly, we rede ne the existing algorithm to assess not only the compromise of nodes, but also the security and quality of service of communication links; secondly, we develop a routing protocol that prioritizes the secure paths throughout the topology considering the information obtained from the detection system.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tec

A Neighborhood-Based Trust Protocol for Secure Collaborative Routing in Wireless Mobile D2D HetNets

Heterogeneous Device-to-Device mobile networks are characterised by frequent network disruption and unreliability of peers delivering messages to destinations. Trust-based protocols has been widely used to mitigate the security and performance problems in D2D networks. Despite several efforts made by previous researchers in the design of trust-based routing for efficient collaborative networks, there are fewer related studies that focus on the peers’ neighbourhood as a routing metrics’ element for a secure and efficient trust-based protocol. In this paper, we propose and validate a trust-based protocol that takes into account the similarity of peers’ neighbourhood coefficients to improve routing performance in mobile HetNets environments. The results of this study demonstrate that peers’ neighborhood connectivity in the network is a characteristic that can influence peers’ routing performance. Furthermore, our analysis shows that our proposed protocol only forwards the message to the companions with a higher probability of delivering the packets, thus improving the delivery ratio and minimizing latency and mitigating the problem of malicious peers ( using packet dropping strategy)

Non-collaborative Attackers and How and Where to Defend Flawed Security Protocols (Extended Version)

Security protocols are often found to be flawed after their deployment. We present an approach that aims at the neutralization or mitigation of the attacks to flawed protocols: it avoids the complete dismissal of the interested protocol and allows honest agents to continue to use it until a corrected version is released. Our approach is based on the knowledge of the network topology, which we model as a graph, and on the consequent possibility of creating an interference to an ongoing attack of a Dolev-Yao attacker, by means of non-collaboration actuated by ad-hoc benign attackers that play the role of network guardians. Such guardians, positioned in strategical points of the network, have the task of monitoring the messages in transit and discovering at runtime, through particular types of inference, whether an attack is ongoing, interrupting the run of the protocol in the positive case. We study not only how but also where we can attempt to defend flawed security protocols: we investigate the different network topologies that make security protocol defense feasible and illustrate our approach by means of concrete examples.Comment: 29 page