6,765 research outputs found
An Intrusion Detection Architecture for Clustered Wireless Ad Hoc Networks
Intrusion detection in wireless ad hoc networks is a challenging task because
these networks change their topologies dynamically, lack concentration points
where aggregated traffic can be analyzed, utilize infrastructure protocols that
are susceptible to manipulation, and rely on noisy, intermittent wireless
communications. Security remains a major challenge for these networks due their
features of open medium, dynamically changing topologies, reliance on
co-operative algorithms, absence of centralized monitoring points, and lack of
clear lines of defense. In this paper, we present a cooperative, distributed
intrusion detection architecture based on clustering of the nodes that
addresses the security vulnerabilities of the network and facilitates accurate
detection of attacks. The architecture is organized as a dynamic hierarchy in
which the intrusion data is acquired by the nodes and is incrementally
aggregated, reduced in volume and analyzed as it flows upwards to the
cluster-head. The cluster-heads of adjacent clusters communicate with each
other in case of cooperative intrusion detection. For intrusion related message
communication, mobile agents are used for their efficiency in lightweight
computation and suitability in cooperative intrusion detection. Simulation
results show effectiveness and efficiency of the proposed architecture.Comment: 6 pages, 2 Figures, 2 tables. Second International Conference on
Computational Intelligence, Communication Systems and Networks (CICSYSN
2010), Liverpool, UK, July 28 - 30, 201
A State-of-the-art Survey on IDS for Mobile Ad-Hoc Networks and Wireless Mesh Networks
An Intrusion Detection System (IDS) detects malicious and selfish nodes in a
network. Ad hoc networks are often secured by using either intrusion detection
or by secure routing. Designing efficient IDS for wireless ad-hoc networks that
would not affect the performance of the network significantly is indeed a
challenging task. Arguably, the most common thing in a review paper in the
domain of wireless networks is to compare the performances of different
solutions using simulation results. However, variance in multiple configuration
aspects including that due to different underlying routing protocols, makes the
task of simulation based comparative evaluation of IDS solutions somewhat
unrealistic. In stead, the authors have followed an analytic approach to
identify the gaps in the existing IDS solutions for MANETs and wireless mesh
networks. The paper aims to ease the job of a new researcher by exposing him to
the state of the art research issues on IDS. Nearly 80% of the works cited in
this paper are published with in last 3 to 4 years.Comment: Accepted for publication in PDCTA 2011 to be held in Chennair during
September 25-27, 201
Differentially Private Collaborative Intrusion Detection Systems For VANETs
Vehicular ad hoc network (VANET) is an enabling technology in modern
transportation systems for providing safety and valuable information, and yet
vulnerable to a number of attacks from passive eavesdropping to active
interfering. Intrusion detection systems (IDSs) are important devices that can
mitigate the threats by detecting malicious behaviors. Furthermore, the
collaborations among vehicles in VANETs can improve the detection accuracy by
communicating their experiences between nodes. To this end, distributed machine
learning is a suitable framework for the design of scalable and implementable
collaborative detection algorithms over VANETs. One fundamental barrier to
collaborative learning is the privacy concern as nodes exchange data among
them. A malicious node can obtain sensitive information of other nodes by
inferring from the observed data. In this paper, we propose a
privacy-preserving machine-learning based collaborative IDS (PML-CIDS) for
VANETs. The proposed algorithm employs the alternating direction method of
multipliers (ADMM) to a class of empirical risk minimization (ERM) problems and
trains a classifier to detect the intrusions in the VANETs. We use the
differential privacy to capture the privacy notation of the PML-CIDS and
propose a method of dual variable perturbation to provide dynamic differential
privacy. We analyze theoretical performance and characterize the fundamental
tradeoff between the security and privacy of the PML-CIDS. We also conduct
numerical experiments using the NSL-KDD dataset to corroborate the results on
the detection accuracy, security-privacy tradeoffs, and design
A Review of Performance, Energy and Privacy of Intrusion Detection Systems for IoT
Internet of Things (IoT) is a disruptive technology with applications across
diverse domains such as transportation and logistics systems, smart grids,
smart homes, connected vehicles, and smart cities. Alongside the growth of
these infrastructures, the volume and variety of attacks on these
infrastructures has increased highlighting the significance of distinct
protection mechanisms. Intrusion detection is one of the distinguished
protection mechanisms with notable recent efforts made to establish effective
intrusion detection for IoT and IoV. However, unique characteristics of such
infrastructures including battery power, bandwidth and processors overheads,
and the network dynamics can influence the operation of an intrusion detection
system. This paper presents a comprehensive study of existing intrusion
detection systems for IoT systems including emerging systems such as Internet
of Vehicles (IoV). The paper analyzes existing systems in three aspects:
computational overhead, energy consumption and privacy implications. Based on a
rigorous analysis of the existing intrusion detection approaches, the paper
also identifies open challenges for an effective and collaborative design of
intrusion detection system for resource-constrained IoT system in general and
its applications such as IoV. These efforts are envisaged to highlight state of
the art with respect to intrusion detection for IoT and open challenges
requiring specific efforts to achieve efficient intrusion detection within
these systems
A Distributed Protocol for Detection of Packet Dropping Attack in Mobile Ad Hoc Networks
In multi-hop mobile ad hoc networks (MANETs),mobile nodes cooperate with each
other without using any infrastructure such as access points or base stations.
Security remains a major challenge for these networks due to their features of
open medium, dynamically changing topologies, reliance on cooperative
algorithms, absence of centralized monitoring points, and lack of clear lines
of defense. Among the various attacks to which MANETs are vulnerable, malicious
packet dropping attack is very common where a malicious node can partially
degrade or completely disrupt communication in the network by consistently
dropping packets. In this paper, a mechanism for detection of packet dropping
attack is presented based on cooperative participation of the nodes in a MANET.
The redundancy of routing information in an ad hoc network is utilized to make
the scheme robust so that it works effectively even in presence of transient
network partitioning and Byzantine failure of nodes. The proposed scheme is
fully cooperative and thus more secure as the vulnerabilities of any election
algorithm used for choosing a subset of nodes for cooperation are absent.
Simulation results show the effectiveness of the protocol.Comment: 7 pages, 9 figures, 1 table. In Proceedings of the International
Conference on Telecommunications and Malaysian International Conference on
Communications (ICT-MICC'07), May 14-17, Penang, Malaysia. Paper ID: 74,
Track: 3: Ad Hoc Routing and Protocols. ISBN: 1-4244-1094-
A Heuristic Reputation Based System to Detect Spam activities in a Social Networking Platform, HRSSSNP
The introduction of the social networking platform has drastically affected
the way individuals interact. Even though most of the effects have been
positive, there exist some serious threats associated with the interactions on
a social networking website. A considerable proportion of the crimes that occur
are initiated through a social networking platform [5]. Almost 33% of the
crimes on the internet are initiated through a social networking website [5].
Moreover activities like spam messages create unnecessary traffic and might
affect the user base of a social networking platform. As a result preventing
interactions with malicious intent and spam activities becomes crucial. This
work attempts to detect the same in a social networking platform by considering
a social network as a weighted graph wherein each node, which represents an
individual in the social network, stores activities of other nodes with respect
to itself in an optimized format which is referred to as localized data-set.
The weights associated with the edges in the graph represent the trust
relationship between profiles. The weights of the edges along with the
localized data-set is used to infer whether nodes in the social network are
compromised and are performing spam or malicious activities.Comment: 5 Pages, 1 Figur
Wireless Sensor Networks Security: State of the Art
Wireless sensor networks (WSNs) have become one of the main research topics
in computer science in recent years, primarily owing to the significant
challenges imposed by these networks and their immense applicability. WSNs have
been employed for a diverse group of monitoring applications, with emphasis on
industrial control scenarios, traffic management, rescue operations, public
safety, residential automation, weather forecasting, and several other fields.
These networks constitute resource-constrained sensors for which security and
energy efficiency are essential concerns. In this context, many research
efforts have been focused on increasing the security levels and reducing the
energy consumption in the network. This paper provides a state-of-the-art
survey of recent works in this direction, proposing a new taxonomy for the
security attacks and requirements of WSNs.Comment: 11 pages, 3 Figures, 2 Table
Applications of Data Mining Techniques for Vehicular Ad hoc Networks
Due to the recent advances in vehicular ad hoc networks (VANETs), smart
applications have been incorporating the data generated from these networks to
provide quality of life services. In this paper, we have proposed taxonomy of
data mining techniques that have been applied in this domain in addition to a
classification of these techniques. Our contribution is to highlight the
research methodologies in the literature and allow for comparing among them
using different characteristics. The proposed taxonomy covers elementary data
mining techniques such as: preprocessing, outlier detection, clustering, and
classification of data. In addition, it covers centralized, distributed,
offline, and online techniques from the literature
Intrusion Detection on Smartphones
Smartphone technology is more and more becoming the predominant communication
tool for people across the world. People use their smartphones to keep their
contact data, to browse the internet, to exchange messages, to keep notes,
carry their personal files and documents, etc. Users while browsing are also
capable of shopping online, thus provoking a need to type their credit card
numbers and security codes. As the smartphones are becoming widespread so do
the security threats and vulnerabilities facing this technology. Recent news
and articles indicate huge increase in malware and viruses for operating
systems employed on smartphones (primarily Android and iOS). Major limitations
of smartphone technology are its processing power and its scarce energy source
since smartphones rely on battery usage. Since smartphones are devices which
change their network location as the user moves between different places,
intrusion detection systems for smartphone technology are most often classified
as IDSs designed for mobile ad-hoc networks. The aim of this research is to
give a brief overview of IDS technology, give an overview of major machine
learning and pattern recognition algorithms used in IDS technologies, give an
overview of security models of iOS and Android and propose a new host-based IDS
model for smartphones and create proof-of-concept application for Android
platform for the newly proposed model. Keywords: IDS, SVM, Android, iOS;Comment: 8 pages, 2 figure
Securing Cloud from Cloud Drain
Today, in the world of communication, connected systems is growing at a rapid
pace. To accommodate this growth the need for computational power and storage
is also increasing at a similar rate. Companies are investing a large amount of
resources in buying, maintaining and ensuring availability of the system to
their customers. To mitigate these issues, cloud computing is playing a major
role.The underlying concept of cloud computing dates back to the 50's but the
term entering into widespread usage can be traced to 2006 when Amazon.com
announced the Elastic Compute Cloud.In this paper, we will discuss about cloud
security approaches. We have used the term Cloud-Drain to define data leakage
in case of security compromise
- …