An Intrusion Detection Architecture for Clustered Wireless Ad Hoc Networks

Intrusion detection in wireless ad hoc networks is a challenging task because these networks change their topologies dynamically, lack concentration points where aggregated traffic can be analyzed, utilize infrastructure protocols that are susceptible to manipulation, and rely on noisy, intermittent wireless communications. Security remains a major challenge for these networks due their features of open medium, dynamically changing topologies, reliance on co-operative algorithms, absence of centralized monitoring points, and lack of clear lines of defense. In this paper, we present a cooperative, distributed intrusion detection architecture based on clustering of the nodes that addresses the security vulnerabilities of the network and facilitates accurate detection of attacks. The architecture is organized as a dynamic hierarchy in which the intrusion data is acquired by the nodes and is incrementally aggregated, reduced in volume and analyzed as it flows upwards to the cluster-head. The cluster-heads of adjacent clusters communicate with each other in case of cooperative intrusion detection. For intrusion related message communication, mobile agents are used for their efficiency in lightweight computation and suitability in cooperative intrusion detection. Simulation results show effectiveness and efficiency of the proposed architecture.Comment: 6 pages, 2 Figures, 2 tables. Second International Conference on Computational Intelligence, Communication Systems and Networks (CICSYSN 2010), Liverpool, UK, July 28 - 30, 201

A State-of-the-art Survey on IDS for Mobile Ad-Hoc Networks and Wireless Mesh Networks

An Intrusion Detection System (IDS) detects malicious and selfish nodes in a network. Ad hoc networks are often secured by using either intrusion detection or by secure routing. Designing efficient IDS for wireless ad-hoc networks that would not affect the performance of the network significantly is indeed a challenging task. Arguably, the most common thing in a review paper in the domain of wireless networks is to compare the performances of different solutions using simulation results. However, variance in multiple configuration aspects including that due to different underlying routing protocols, makes the task of simulation based comparative evaluation of IDS solutions somewhat unrealistic. In stead, the authors have followed an analytic approach to identify the gaps in the existing IDS solutions for MANETs and wireless mesh networks. The paper aims to ease the job of a new researcher by exposing him to the state of the art research issues on IDS. Nearly 80% of the works cited in this paper are published with in last 3 to 4 years.Comment: Accepted for publication in PDCTA 2011 to be held in Chennair during September 25-27, 201

Differentially Private Collaborative Intrusion Detection Systems For VANETs

Vehicular ad hoc network (VANET) is an enabling technology in modern transportation systems for providing safety and valuable information, and yet vulnerable to a number of attacks from passive eavesdropping to active interfering. Intrusion detection systems (IDSs) are important devices that can mitigate the threats by detecting malicious behaviors. Furthermore, the collaborations among vehicles in VANETs can improve the detection accuracy by communicating their experiences between nodes. To this end, distributed machine learning is a suitable framework for the design of scalable and implementable collaborative detection algorithms over VANETs. One fundamental barrier to collaborative learning is the privacy concern as nodes exchange data among them. A malicious node can obtain sensitive information of other nodes by inferring from the observed data. In this paper, we propose a privacy-preserving machine-learning based collaborative IDS (PML-CIDS) for VANETs. The proposed algorithm employs the alternating direction method of multipliers (ADMM) to a class of empirical risk minimization (ERM) problems and trains a classifier to detect the intrusions in the VANETs. We use the differential privacy to capture the privacy notation of the PML-CIDS and propose a method of dual variable perturbation to provide dynamic differential privacy. We analyze theoretical performance and characterize the fundamental tradeoff between the security and privacy of the PML-CIDS. We also conduct numerical experiments using the NSL-KDD dataset to corroborate the results on the detection accuracy, security-privacy tradeoffs, and design

A Review of Performance, Energy and Privacy of Intrusion Detection Systems for IoT

Internet of Things (IoT) is a disruptive technology with applications across diverse domains such as transportation and logistics systems, smart grids, smart homes, connected vehicles, and smart cities. Alongside the growth of these infrastructures, the volume and variety of attacks on these infrastructures has increased highlighting the significance of distinct protection mechanisms. Intrusion detection is one of the distinguished protection mechanisms with notable recent efforts made to establish effective intrusion detection for IoT and IoV. However, unique characteristics of such infrastructures including battery power, bandwidth and processors overheads, and the network dynamics can influence the operation of an intrusion detection system. This paper presents a comprehensive study of existing intrusion detection systems for IoT systems including emerging systems such as Internet of Vehicles (IoV). The paper analyzes existing systems in three aspects: computational overhead, energy consumption and privacy implications. Based on a rigorous analysis of the existing intrusion detection approaches, the paper also identifies open challenges for an effective and collaborative design of intrusion detection system for resource-constrained IoT system in general and its applications such as IoV. These efforts are envisaged to highlight state of the art with respect to intrusion detection for IoT and open challenges requiring specific efforts to achieve efficient intrusion detection within these systems

A Distributed Protocol for Detection of Packet Dropping Attack in Mobile Ad Hoc Networks

In multi-hop mobile ad hoc networks (MANETs),mobile nodes cooperate with each other without using any infrastructure such as access points or base stations. Security remains a major challenge for these networks due to their features of open medium, dynamically changing topologies, reliance on cooperative algorithms, absence of centralized monitoring points, and lack of clear lines of defense. Among the various attacks to which MANETs are vulnerable, malicious packet dropping attack is very common where a malicious node can partially degrade or completely disrupt communication in the network by consistently dropping packets. In this paper, a mechanism for detection of packet dropping attack is presented based on cooperative participation of the nodes in a MANET. The redundancy of routing information in an ad hoc network is utilized to make the scheme robust so that it works effectively even in presence of transient network partitioning and Byzantine failure of nodes. The proposed scheme is fully cooperative and thus more secure as the vulnerabilities of any election algorithm used for choosing a subset of nodes for cooperation are absent. Simulation results show the effectiveness of the protocol.Comment: 7 pages, 9 figures, 1 table. In Proceedings of the International Conference on Telecommunications and Malaysian International Conference on Communications (ICT-MICC'07), May 14-17, Penang, Malaysia. Paper ID: 74, Track: 3: Ad Hoc Routing and Protocols. ISBN: 1-4244-1094-

A Heuristic Reputation Based System to Detect Spam activities in a Social Networking Platform, HRSSSNP

The introduction of the social networking platform has drastically affected the way individuals interact. Even though most of the effects have been positive, there exist some serious threats associated with the interactions on a social networking website. A considerable proportion of the crimes that occur are initiated through a social networking platform [5]. Almost 33% of the crimes on the internet are initiated through a social networking website [5]. Moreover activities like spam messages create unnecessary traffic and might affect the user base of a social networking platform. As a result preventing interactions with malicious intent and spam activities becomes crucial. This work attempts to detect the same in a social networking platform by considering a social network as a weighted graph wherein each node, which represents an individual in the social network, stores activities of other nodes with respect to itself in an optimized format which is referred to as localized data-set. The weights associated with the edges in the graph represent the trust relationship between profiles. The weights of the edges along with the localized data-set is used to infer whether nodes in the social network are compromised and are performing spam or malicious activities.Comment: 5 Pages, 1 Figur

Wireless Sensor Networks Security: State of the Art

Wireless sensor networks (WSNs) have become one of the main research topics in computer science in recent years, primarily owing to the significant challenges imposed by these networks and their immense applicability. WSNs have been employed for a diverse group of monitoring applications, with emphasis on industrial control scenarios, traffic management, rescue operations, public safety, residential automation, weather forecasting, and several other fields. These networks constitute resource-constrained sensors for which security and energy efficiency are essential concerns. In this context, many research efforts have been focused on increasing the security levels and reducing the energy consumption in the network. This paper provides a state-of-the-art survey of recent works in this direction, proposing a new taxonomy for the security attacks and requirements of WSNs.Comment: 11 pages, 3 Figures, 2 Table

Applications of Data Mining Techniques for Vehicular Ad hoc Networks

Due to the recent advances in vehicular ad hoc networks (VANETs), smart applications have been incorporating the data generated from these networks to provide quality of life services. In this paper, we have proposed taxonomy of data mining techniques that have been applied in this domain in addition to a classification of these techniques. Our contribution is to highlight the research methodologies in the literature and allow for comparing among them using different characteristics. The proposed taxonomy covers elementary data mining techniques such as: preprocessing, outlier detection, clustering, and classification of data. In addition, it covers centralized, distributed, offline, and online techniques from the literature

Intrusion Detection on Smartphones

Smartphone technology is more and more becoming the predominant communication tool for people across the world. People use their smartphones to keep their contact data, to browse the internet, to exchange messages, to keep notes, carry their personal files and documents, etc. Users while browsing are also capable of shopping online, thus provoking a need to type their credit card numbers and security codes. As the smartphones are becoming widespread so do the security threats and vulnerabilities facing this technology. Recent news and articles indicate huge increase in malware and viruses for operating systems employed on smartphones (primarily Android and iOS). Major limitations of smartphone technology are its processing power and its scarce energy source since smartphones rely on battery usage. Since smartphones are devices which change their network location as the user moves between different places, intrusion detection systems for smartphone technology are most often classified as IDSs designed for mobile ad-hoc networks. The aim of this research is to give a brief overview of IDS technology, give an overview of major machine learning and pattern recognition algorithms used in IDS technologies, give an overview of security models of iOS and Android and propose a new host-based IDS model for smartphones and create proof-of-concept application for Android platform for the newly proposed model. Keywords: IDS, SVM, Android, iOS;Comment: 8 pages, 2 figure

Securing Cloud from Cloud Drain

Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role.The underlying concept of cloud computing dates back to the 50's but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud.In this paper, we will discuss about cloud security approaches. We have used the term Cloud-Drain to define data leakage in case of security compromise