Node clone detection using a stable overlay network

Wireless sensor networks consist of number of sensor nodes widely distributed in particular region to communicate and sharing the environmental information and also these data’s are stored in central location for further data prediction. Such nodes are susceptible to cloning attack where the adversary captures a node, replicates with the same identity as that of the captured node and deploys the clone back into the network, causing severe harm to the network. Hence to thwart such attacks, a distributed detection protocol is used with initiator-observer-inspector roles assigned randomly for the nodes to witness the clone and thereby broadcast the evidence through a balanced overlay network. Use of such balanced network provides high security level and reduces the communication cost when compared to other overlay networks with a reasonably less storage consumption

Distribuirani obrambeni mehanizmi za clone napade temeljeni na algoritmu za istraživanje gravitacije (GSA) u WSN

Wireless Sensor Networks (WSN) are often deployed in hostile environment and are vulnerable to attacks because of the resource constrained nature of the sensors. Clone attack in WSN is one of the major issues where the messages are eavesdropped, the captured node is cloned, and multiple nodes with same identity are produced by attacker. In order to overcome these issues, in this paper, a Distributed Defense Mechanism for Clone Attacks based on Gravitational Search Algorithm (GSA) in WSN is proposed. For efficiently detecting the suspect nodes, the nodes in the channel can be divided into witness node and the claimer node. The witness nodes are responsible for the suspect nodes detection, whereas the claimer nodes should provide their identities for the detection process. For the witness nodes selection, we utilize the GSA to pick out the best witness nodes set. After selecting the witness nodes, clone attack detection is performed by observing the behavior of the neighbor nodes. On detecting the clone attack, revocation procedure is triggered to revoke the clone attack in the witness nodes. By simulation results, it can be concluded that the proposed algorithm provides better protection to clone attacks by reducing the packet drop and increasing the packet delivery ratio.Bežične senzorske mreže (WSN) često su raspoređene u neprijateljskom okruženju i ranjive su na napade zbog prirode senzora koji su tehnološki ograničeni. Clone napad u WSN jedan je od glavnih problema gdje se poruke prisluškuju, zarobljeni čvor se klonira te napadač proizvede višestruke čvorove istog identiteta. Kako bi nadvladali te probleme, ovaj rad predlaže distribuirani obrambeni mehanizam za clone napade temeljen na algoritmu za istraživanje gravitacije (GSA) u WSN. Kako bi se sumnjivi čvorovi efikasno detektirali, čvorovi u kanalu mogu se podijeliti u čvorove svjedoke i tražene čvorove. Čvorovi svjedoci odgovorni su za otkrivanje sumnjivih čvorova, dok traženi čvorovi trebaju za potrebe procesa detekcije navesti svoj identitet. Za izbor čvorova svjedoka, koristi se GSA kako bi se izabrala grupa čvorova koji su najprikladniji. Nakon izbora čvorova svjedoka, otkivanje clone napada vrši se promatranjem ponašanja susjednih čvorova. Otkrivanjem clone napada aktivira se proces opoziva kako bi se opozvao clone napad u čvorovima svjedocima. Prema rezultatima dobivenim iz simulacije može se zaključiti kako predloženi algoritam pruža bolju zaštitu od clone napada smanjivanjem odbacivanja paketa i povećavanjem omjera isporuke paketa

Efficient Authentication, Node Clone Detection, and Secure Data Aggregation for Sensor Networks

Sensor networks are innovative wireless networks consisting of a large number of low-cost, resource-constrained sensor nodes that collect, process, and transmit data in a distributed and collaborative way. There are numerous applications for wireless sensor networks, and security is vital for many of them. However, sensor nodes suffer from many constraints, including low computation capability, small memory, limited energy resources, susceptibility to physical capture, and the lack of infrastructure, all of which impose formidable security challenges and call for innovative approaches. In this thesis, we present our research results on three important aspects of securing sensor networks: lightweight entity authentication, distributed node clone detection, and secure data aggregation. As the technical core of our lightweight authentication proposals, a special type of circulant matrix named circulant-P2 matrix is introduced. We prove the linear independence of matrix vectors, present efficient algorithms on matrix operations, and explore other important properties. By combining circulant-P2 matrix with the learning parity with noise problem, we develop two one-way authentication protocols: the innovative LCMQ protocol, which is provably secure against all probabilistic polynomial-time attacks and provides remarkable performance on almost all metrics except one mild requirement for the verifier's computational capacity, and the HB$^C$ protocol, which utilizes the conventional HB-like authentication structure to preserve the bit-operation only computation requirement for both participants and consumes less key storage than previous HB-like protocols without sacrificing other performance. Moreover, two enhancement mechanisms are provided to protect the HB-like protocols from known attacks and to improve performance. For both protocols, practical parameters for different security levels are recommended. In addition, we build a framework to extend enhanced HB-like protocols to mutual authentication in a communication-efficient fashion. Node clone attack, that is, the attempt by adversaries to add one or more nodes to the network by cloning captured nodes, imposes a severe threat to wireless sensor networks. To cope with it, we propose two distributed detection protocols with difference tradeoffs on network conditions and performance. The first one is based on distributed hash table, by which a fully decentralized, key-based caching and checking system is constructed to deterministically catch cloned nodes in general sensor networks. The protocol performance of efficient storage consumption and high security level is theoretically deducted through a probability model, and the resulting equations, with necessary adjustments for real application, are supported by the simulations. The other is the randomly directed exploration protocol, which presents notable communication performance and minimal storage consumption by an elegant probabilistic directed forwarding technique along with random initial direction and border determination. The extensive experimental results uphold the protocol design and show its efficiency on communication overhead and satisfactory detection probability. Data aggregation is an inherent requirement for many sensor network applications, but designing secure mechanisms for data aggregation is very challenging because the aggregation nature that requires intermediate nodes to process and change messages, and the security objective to prevent malicious manipulation, conflict with each other to a great extent. To fulfill different challenges of secure data aggregation, we present two types of approaches. The first is to provide cryptographic integrity mechanisms for general data aggregation. Based on recent developments of homomorphic primitives, we propose three integrity schemes: a concrete homomorphic MAC construction, homomorphic hash plus aggregate MAC, and homomorphic hash with identity-based aggregate signature, which provide different tradeoffs on security assumption, communication payload, and computation cost. The other is a substantial data aggregation scheme that is suitable for a specific and popular class of aggregation applications, embedded with built-in security techniques that effectively defeat outside and inside attacks. Its foundation is a new data structure---secure Bloom filter, which combines HMAC with Bloom filter. The secure Bloom filter is naturally compatible with aggregation and has reliable security properties. We systematically analyze the scheme's performance and run extensive simulations on different network scenarios for evaluation. The simulation results demonstrate that the scheme presents good performance on security, communication cost, and balance

A New Approach for Node Replica Detection in WSN

Wireless sensor networks are a collection of sensor nodes scattered over the area for data collection. But the main problem is it is in danger to the node clone. To identify Node clone proposing  distributed hash table  which a fully decentralized, key-based caching and checking system .next introducing  distributed detection protocol provides  good communication performance for large  sensor networks. sensor-MAC a new MAC protocol explicitly designed for wireless sensor networks for reducing energy consumption. Our protocol also has good scalability and collision avoidance capabilit

OnionBots: Subverting Privacy Infrastructure for Cyber Attacks

Over the last decade botnets survived by adopting a sequence of increasingly sophisticated strategies to evade detection and take overs, and to monetize their infrastructure. At the same time, the success of privacy infrastructures such as Tor opened the door to illegal activities, including botnets, ransomware, and a marketplace for drugs and contraband. We contend that the next waves of botnets will extensively subvert privacy infrastructure and cryptographic mechanisms. In this work we propose to preemptively investigate the design and mitigation of such botnets. We first, introduce OnionBots, what we believe will be the next generation of resilient, stealthy botnets. OnionBots use privacy infrastructures for cyber attacks by completely decoupling their operation from the infected host IP address and by carrying traffic that does not leak information about its source, destination, and nature. Such bots live symbiotically within the privacy infrastructures to evade detection, measurement, scale estimation, observation, and in general all IP-based current mitigation techniques. Furthermore, we show that with an adequate self-healing network maintenance scheme, that is simple to implement, OnionBots achieve a low diameter and a low degree and are robust to partitioning under node deletions. We developed a mitigation technique, called SOAP, that neutralizes the nodes of the basic OnionBots. We also outline and discuss a set of techniques that can enable subsequent waves of Super OnionBots. In light of the potential of such botnets, we believe that the research community should proactively develop detection and mitigation methods to thwart OnionBots, potentially making adjustments to privacy infrastructure.Comment: 12 pages, 8 figure

Assessing Security Risks with the Internet of Things

For my honors thesis I have decided to study the security risks associated with the Internet of Things (IoT) and possible ways to secure them. I will focus on how corporate, and individuals use IoT devices and the security risks that come with their implementation. In my research, I found out that IoT gadgets tend to go unnoticed as a checkpoint for vulnerability. For example, often personal IoT devices tend to have the default username and password issued from the factory that a hacker could easily find through Google. IoT devices need security just as much as computers or servers to keep the security, confidentiality, and availability of data in the right hands

A web-based approach to engineering adaptive collaborative applications

Current methods employed to develop collaborative applications have to make decisions and speculate about the environment in which the application will operate within, the network infrastructure that will be used and the device type the application will operate on. These decisions and assumptions about the environment in which collaborative applications were designed to work are not ideal. These methods produce collaborative applications that are characterised as being inflexible, working on homogeneous networks and single platforms, requiring pre-existing knowledge of the data and information types they need to use and having a rigid choice of architecture. On the other hand, future collaborative applications are required to be flexible; to work in highly heterogeneous environments; be adaptable to work on different networks and on a range of device types. This research investigates the role that the Web and its various pervasive technologies along with a component-based Grid middleware can play to address these concerns. The aim is to develop an approach to building adaptive collaborative applications that can operate on heterogeneous and changing environments. This work proposes a four-layer model that developers can use to build adaptive collaborative applications. The four-layer model is populated with Web technologies such as Scalable Vector Graphics (SVG), the Resource Description Framework (RDF), Protocol and RDF Query Language (SPARQL) and Gridkit, a middleware infrastructure, based on the Open Overlays concept. The Middleware layer (the first layer of the four-layer model) addresses network and operating system heterogeneity, the Group Communication layer enables collaboration and data sharing, while the Knowledge Representation layer proposes an interoperable RDF data modelling language and a flexible storage facility with an adaptive architecture for heterogeneous data storage. And finally there is the Presentation and Interaction layer which proposes a framework (Oea) for scalable and adaptive user interfaces. The four layer model has been successfully used to build a collaborative application, called Wildfurt that overcomes challenges facing collaborative applications. This research has demonstrated new applications for cutting-edge Web technologies in the area of building collaborative applications. SVG has been used for developing superior adaptive and scalable user interfaces that can operate on different device types. RDF and RDFS, have also been used to design and model collaborative applications providing a mechanism to define classes and properties and the relationships between them. A flexible and adaptable storage facility that is able to change its architecture based on the surrounding environments and requirements has also been achieved by combining the RDF technology with the Open Overlays middleware, Gridkit