4,349 research outputs found
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
Detection And Prevention Of Types Of Attacks Using Machine Learning Techniques In Cognitive Radio Networks
A number of studies have been done on several types of data link and network layer attacks and defenses for CSS in CRNs, but there are still a number of challenges unsolved and open issues waiting for solutions. Specifically, from the perspective of attackers, when launching the attack, users have to take into account of the factors of attack gain, attack cost and attack risk, together. From the perspective of defenders, there are also three aspects deserving consideration: defense reliability, defense efficiency and defense universality. The attacks and defenses are mutually coupled from each other. Attackers need to adjust their strategies to keep their negative effects on final decisions and avoid defenders’ detection, while defenders have to learn and analyze attack behaviors and designs effective defense rules. Indeed, attack and defense ought to be considered together. the proposed methodology overcomes the problems of several data link and network layer attacks and it effects in CSS(Co-operative Spectrum Sensing) of CNRs using Machine Learning based Defense, Cross layers optimization techniques and Defence based Prevention mechanisms
IoT Sentinel: Automated Device-Type Identification for Security Enforcement in IoT
With the rapid growth of the Internet-of-Things (IoT), concerns about the
security of IoT devices have become prominent. Several vendors are producing
IP-connected devices for home and small office networks that often suffer from
flawed security designs and implementations. They also tend to lack mechanisms
for firmware updates or patches that can help eliminate security
vulnerabilities. Securing networks where the presence of such vulnerable
devices is given, requires a brownfield approach: applying necessary protection
measures within the network so that potentially vulnerable devices can coexist
without endangering the security of other devices in the same network. In this
paper, we present IOT SENTINEL, a system capable of automatically identifying
the types of devices being connected to an IoT network and enabling enforcement
of rules for constraining the communications of vulnerable devices so as to
minimize damage resulting from their compromise. We show that IOT SENTINEL is
effective in identifying device types and has minimal performance overhead
Secure Routing in Wireless Mesh Networks
Wireless mesh networks (WMNs) have emerged as a promising concept to meet the
challenges in next-generation networks such as providing flexible, adaptive,
and reconfigurable architecture while offering cost-effective solutions to the
service providers. Unlike traditional Wi-Fi networks, with each access point
(AP) connected to the wired network, in WMNs only a subset of the APs are
required to be connected to the wired network. The APs that are connected to
the wired network are called the Internet gateways (IGWs), while the APs that
do not have wired connections are called the mesh routers (MRs). The MRs are
connected to the IGWs using multi-hop communication. The IGWs provide access to
conventional clients and interconnect ad hoc, sensor, cellular, and other
networks to the Internet. However, most of the existing routing protocols for
WMNs are extensions of protocols originally designed for mobile ad hoc networks
(MANETs) and thus they perform sub-optimally. Moreover, most routing protocols
for WMNs are designed without security issues in mind, where the nodes are all
assumed to be honest. In practical deployment scenarios, this assumption does
not hold. This chapter provides a comprehensive overview of security issues in
WMNs and then particularly focuses on secure routing in these networks. First,
it identifies security vulnerabilities in the medium access control (MAC) and
the network layers. Various possibilities of compromising data confidentiality,
data integrity, replay attacks and offline cryptanalysis are also discussed.
Then various types of attacks in the MAC and the network layers are discussed.
After enumerating the various types of attacks on the MAC and the network
layer, the chapter briefly discusses on some of the preventive mechanisms for
these attacks.Comment: 44 pages, 17 figures, 5 table
Towards Securing Peer-to-peer SIP in the MANET Context: Existing Work and Perspectives
The Session Initiation Protocol (SIP) is a key building block of many social applications, including VoIP communication and instant messaging. In its original architecture, SIP heavily relies on servers such as proxies and registrars. Mobile Ad hoc NETworks (MANETs) are networks comprised of mobile devices that communicate over wireless links, such as tactical radio networks or vehicular networks. In such networks, no fixed infrastructure exists and server-based solutions need to be redesigned to work in a peer-to-peer fashion. We survey existing proposals for the implementation of SIP over such MANETs and analyze their security issues. We then discuss potential solutions and their suitability in the MANET context
To NACK or not to NACK? Negative Acknowledgments in Information-Centric Networking
Information-Centric Networking (ICN) is an internetworking paradigm that
offers an alternative to the current IP\nobreakdash-based Internet
architecture. ICN's most distinguishing feature is its emphasis on information
(content) instead of communication endpoints. One important open issue in ICN
is whether negative acknowledgments (NACKs) at the network layer are useful for
notifying downstream nodes about forwarding failures, or requests for incorrect
or non-existent information. In benign settings, NACKs are beneficial for ICN
architectures, such as CCNx and NDN, since they flush state in routers and
notify consumers. In terms of security, NACKs seem useful as they can help
mitigating so-called Interest Flooding attacks. However, as we show in this
paper, network-layer NACKs also have some unpleasant security implications. We
consider several types of NACKs and discuss their security design requirements
and implications. We also demonstrate that providing secure NACKs triggers the
threat of producer-bound flooding attacks. Although we discuss some potential
countermeasures to these attacks, the main conclusion of this paper is that
network-layer NACKs are best avoided, at least for security reasons.Comment: 10 pages, 7 figure
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Improving The Fault Tolerance of Ad Hoc Routing Protocols using Aspect-oriented Programming
[ES] Las redes ad hoc son redes inalámbricas distribuidas formadas por nodos móviles que se ubican
libremente y dinámicamente, capaces de organizarse de manera propia en topologías arbitrarias y
temporales, a través de la actuación de los protocolos de encaminamiento. Estas redes permiten a las
personas y dispositivos conectarse sin problemas rápidamente, en áreas sin una infraestructura de
comunicaciones previa y con un bajo coste. Muchos estudios demuestran que los protocolos de
encaminamiento ad hoc se ven amenazados por una variedad de fallos accidentales y maliciosos, como
la saturación de vecinos, que puede afectar a cualquier tipo de red ad hoc, y el ruido ambiental, que
puede afectar en general a todas las redes inalámbricas. Por lo tanto, el desarrollo y la implementación
de estrategias de tolerancia a fallos para mitigar el efecto de las fallos, es esencial para el uso práctico
de este tipo de redes. Sin embargo, los mecanismos de tolerancia a fallos suelen estar implementados
de manera específica, dentro del código fuente de los protocolos de encaminamiento que hace que i)
ser reescrito y reorganizado cada vez que una nueva versión de un protocolo se libera, y ii) tener un
carácter completamente remodelado y adaptado a las nuevas versiones de los protocolos. Esta tesis de
máster explora la viabilidad de utilizar programación orientada a aspectos (AOP), para desarrollar e
implementar los mecanismos de tolerancia a fallos adecuados para toda una familia de protocolos de
encaminamiento, es decir, las versiones actuales y futuras de un protocolo determinado (OLSR en este
caso). Por otra parte, se propone una nueva metodología para ampliar estos mecanismos a diferentes
familias de protocolos proactivos (OLSR, BATMAN y Babel) con un nuevo concepto de AOP, el metaaspecto.
La viabilidad y efectividad de la propuesta se ha evaluado experimentalmente, estableciendo
así un nuevo método para mejorar la implementación de la portabilidad y facilidad de mantenimiento
de los mecanismos de tolerancia a fallos en los protocolos de enrutamiento ad hoc y, por lo tanto, la
fiabilidad de las redes ad hoc.[EN] Ad hoc networks are distributed networks consisting of wireless mobile nodes that can freely and
dynamically self-organize into arbitrary and temporary topologies, through the operation of routing
protocols. These networks allow people and devices to seamlessly interconnect rapidly in areas with no
pre-existing communication infrastructure and with a low cost. Many studies show that ad hoc routing
protocols are threatened by a variety of accidental and malicious faults, like neighbour saturation,
which may affect any kind of ad hoc network, and ambient noise, which may impact all wireless
networks in general. Therefore, developing and deploying fault tolerance strategies to mitigate the
effect of such faults is essential for the practical use of this kind of networks. However, those fault
tolerance mechanisms are usually embedded into the source code of routing protocols which causes
that i) they must be rewritten and redeployed whenever a new version of a protocol is released, and ii)
they must be completely redeveloped and adapted to new routing protocols. This master thesis
explores the feasibility of using Aspect-Oriented Programming (AOP) to develop and deploy fault
tolerance mechanisms suitable for a whole family of routing protocols, i.e. existing and future versions
of a given protocol (OLSR in this case). Furthermore, a new methodology is proposed to extend these
mechanisms to different families of proactive protocols (OLSR, B.A.T.M.A.N and Babel) using a new
concept in AOP, the meta-aspect. The feasibility and effectiveness of the proposal is experimentally
assessed, thus establishing a new method to improve the deployment, portability, and maintainability
of fault tolerance mechanisms for ad hoc routing protocols and, therefore, the dependability of ad hoc
networks.Bustos Rodríguez, AJ. (2012). Improving The Fault Tolerance of Ad Hoc Routing Protocols using Aspect-oriented Programming. http://hdl.handle.net/10251/18421Archivo delegad
- …