A Security Algorithm for Wireless Sensor Networks in the Internet of Things Paradigm

Conference ProceedingsIn this paper we explore the possibilities of having an algorithm that can protect Zigbee wireless sensor networks from intrusion; this is done from the Internet of Things paradigm. This algorithm is then realised as part of an intrusion detection system for Zigbee sensors used in wireless networks. The paper describes the algorithm used, the programming process, and the architecture of the system developed as well as the results achieved

FUZZY BASED SECURITY ALGORITHM FOR WIRELESS SENSOR NETWORKS IN THE INTERNET OF THINGS PARADIGM

Published ThesisThe world is embracing the idea of Internet of Things and Industrial Revolution 4.0. However, this acceptance of computerised evolution is met with a myriad of challenges, where consumers of this technology are also growing ever so anxious about the security of their personal data as well as reliability of data collected by the millions and even billions of sensors surrounding them. Wireless sensor networks are the main baseline technology driving Internet of things; by their very inherent nature, these networks are too vulnerable to attacks and yet the network security tools designed for conventional computer networks are not effective in countering these attacks. Wireless sensors have low computational resources, may be highly mobile and in most cases, these networks do not have a central point which can be marked as an authentication point for the sensors, any node can join or leave whenever they want. This leaves the sensors and the internet of things applications depending on them highly susceptible to attacks, which may compromise consumer information and leave security breaches in situation that need absolute security such as homes or even the cars they drive. There are many possibilities of things that could go wrong when hackers gain control of sensors in a car or a house. There have been many solutions offered to address security of Wireless Sensor Networks; however, most of those solutions are often not customised for African context. Given that most African countries have not kept pace with the development of these underlying technologies, blanket adoption of the solutions developed for consumption in the developed world has not yielded optimal results. The focus of this research was the development of an Intrusion Detection System that works in a hierarchical network structured Wireless Sensor Network, where cluster heads oversee groups of nodes and relay their data packets all the way to the sink node. This is a reactive Intrusion Detection System (IDS) that makes use of a fuzzy logic based algorithm for verification of intrusion detections. This system borrows characteristics of traditional Wireless Sensor Networks in that it is hosted external to the nodes; that is, on a computer or server connected to the sink node. The rational for this is the premise that developing the system in this manner optimises the power and processing resource of nodes because no part of the IDS is found in the nodes and they are left to focus purely on sensing. The Intrusion Detection System makes use of remote Over The Air programming to communicate with compromised nodes, to either shut down or reboot and is designed with the ZigBee protocol in mind. Additionally, this Intrusion Detection System is intended to being part of a larger Internet of Things integration framework being proposed at the Central University of Technology. This framework is aimed at developing an Internet of Things adoption strategy customised for African needs and regionally local consumers. To evaluate the effectiveness of the solution, the rate of false detections being picked out by the security algorithm were reduced through the use of fuzzy logic systems; this resulted in an accuracies of above 90 %. The algorithm is also very light when asymptotic notation is applied, making it ideal for Wireless Sensors. Lastly, we also put forward the Xbee version of the Triple Modular Redundancy architecture, customised for Wireless sensor networks in order to beef-up on the security solution presented in this dissertation

Practical approaches to mining of clinical datasets : from frameworks to novel feature selection

Research has investigated clinical data that have embedded within them numerous complexities and uncertainties in the form of missing values, class imbalances and high dimensionality. The research in this thesis was motivated by these challenges to minimise these problems whilst, at the same time, maximising classification performance of data and also selecting the significant subset of variables. As such, this led to the proposal of a data mining framework and feature selection method. The proposed framework has a simple algorithmic framework and makes use of a modified form of existing frameworks to address a variety of different data issues, called the Handling Clinical Data Framework (HCDF). The assessment of data mining techniques reveals that missing values imputation and resampling data for class balancing can improve the performance of classification. Next, the proposed feature selection method was introduced; it involves projecting onto principal component method (FS-PPC) and draws on ideas from both feature extraction and feature selection to select a significant subset of features from the data. This method selects features that have high correlation with the principal component by applying symmetrical uncertainty (SU). However, irrelevant and redundant features are removed by using mutual information (MI). However, this method provides confidence in the selected subset of features that will yield realistic results with less time and effort. FS-PPC is able to retain classification performance and meaningful features while consisting of non-redundant features. The proposed methods have been practically applied to analysis of real clinical data and their effectiveness has been assessed. The results show that the proposed methods are enable to minimise the clinical data problems whilst, at the same time, maximising classification performance of data

An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention

This thesis presents an analysis of, and enhanced security model for IndexedDB, the persistent HTML5 browser-based data store. In versions of HTML prior to HTML5, web sites used cookies to track user preferences locally. Cookies are however limited both in file size and number, and must also be added to every HTTP request, which increases web traffic unnecessarily. Web functionality has however increased significantly since cookies were introduced by Netscape in 1994. Consequently, web developers require additional capabilities to keep up with the evolution of the World Wide Web and growth in eCommerce. The response to this requirement was the IndexedDB API, which became an official W3C recommendation in January 2015. The IndexedDB API includes an Object Store, indices, and cursors and so gives HTML5 - compliant browsers a transactional database capability. Furthermore, once downloaded, IndexedDB data stores do not require network connectivity. This permits mobile web- based applications to work without a data connection. Such IndexedDB data stores will be used to store customer data, they will inevitably become targets for attackers. This thesis firstly argues that the design of IndexedDB makes it unavoidably insecure. That is, every implementation is vulnerable to attacks such as Cross Site Scripting, and even data that has been deleted from databases may be stolen using appropriate software tools. This is demonstrated experimentally on both mobile and desktop browsers. IndexedDB is however capable of high performance even when compared to servers running optimized local databases. This is demonstrated through the development of a formal performance model. The performance predictions for IndexedDB were tested experimentally, and the results showed high conformance over a range of usage scenarios. This implies that IndexedDB is potentially a useful HTML5 API if the security issues can be addressed. In the final component of this thesis, we propose and implement enhancements that correct the security weaknesses identified in IndexedDB. The enhancements use multifactor authentication, and so are resistant to Cross Site Scripting attacks. This enhancement is then demonstrated experimentally, showing that HTML5 IndexedDB may be used securely both online and offline. This implies that secure, standards compliant browser based applications with persistent local data stores may both feasible and efficient