Anonymity networks and access to information during conflicts: towards a distributed network organisation

Access to information is crucial during conflicts and other critical events such as population uprisings. An increasing number of social interactions happen in the cyberspace, while information exchanges at the infrastructural level (monitoring systems, sensor networks, etc.) are now also based on Internet and wireless links rather than ad hoc, isolated wired networks. However, the nature of the Internet allows powerful hostile actors to block, censor, or redirect communication to and from specific Internet services, through a number of available techniques. Anonymity networks such as Tor provide a way to circumvent traditional strategies for restricting access to online resources, and make communication harder to trace and identify. Tor, in particular, has been successfully used in past crises to evade censorship and Internet blockades (Egypt in 2011, and Iran in 2012). Anonymity networks can provide essential communication tools during conflicts, allowing information exchanges to be concealed from external observers, anonymised, and made resilient to imposed traffic controls and geographical restrictions. However, the design of networks such as Tor makes them vulnerable to large-scale denial of service attacks, as shown by the DDoS targeted at Tor hidden services in March 2015. In this paper, we analyse the structural weaknesses of Tor with regard to denial of service attacks, and propose a number of modifications to the structure of the Tor network aimed at improving its resilience to a large coordinated offensive run by a hostile actor in a conflict scenario. In particular, we introduce novel mechanisms that allow relay information to be propagated in a distributed and peer-to-peer manner. This eliminates the need for directory services, and allows the deployment of Tor-like networks in hostile environments, where centralised control is impossible. The proposed improvements concern the network organisation, but preserve the underlying onion routing mechanism that is at the base of Tor's anonymity

Intrusion detection in IPv6-enabled sensor networks.

In this research, we study efficient and lightweight Intrusion Detection Systems (IDS) for ad-hoc networks through the lens of IPv6-enabled Wireless Sensor Actuator Networks. These networks consist of highly constrained devices able to communicate wirelessly in an ad-hoc fashion, thus following the architecture of ad-hoc networks. Current state of the art IDS in IoT and WSNs have been developed considering the architecture of conventional computer networks, and as such they do not efficiently address the paradigm of ad-hoc networks, which is highly relevant in emerging network paradigms, such as the Internet of Things (IoT). In this context, the network properties of resilience and redundancy have not been extensively studied. In this thesis, we first identify a trade-off between the communication and energy overheads of an IDS (as captured by the number of active IDS agents in the network) and the performance of the system in terms of successfully identifying attacks. In order to fine-tune this trade-off, we model networks as Random Geometric Graphs; these are a rigorous approach that allows us to capture underlying structural properties of the network. We then introduce a novel IDS architectural approach that consists of a central IDS agent and set of distributed IDS agents deployed uniformly at random over the network area. These nodes are able to efficiently detect attacks at the networking layer in a collaborative manner by monitoring locally available network information provided by IoT routing protocols, such as RPL. The detailed experimental evaluation conducted in this research demonstrates significant performance gains in terms of communication overhead and energy dissipation while maintaining high detection rates. We also show that the performance of our IDS in ad-hoc networks does not rely on the size of the network but on fundamental underling network properties, such as the network topology and the average degree of the nodes. The experiments show that our proposed IDS architecture is resilient against frequent topology changes due to node failures

Trust models in wireless sensor networks: A survey

This paper introduces the security and trust concepts in wireless sensor networks and explains the difference between them, stating that even though both terms are used interchangeably when defining a secure system, they are not the same. The difference between reputation and trust is also explained, highlighting that reputation partially affects trust. The methodologies used to model trust and their references are presented. The factors affecting trust updating are summarised and some examples of the systems in which these factors have been implemented are given. The survey states that, even though researchers have started to explore the issue of trust in wireless sensor networks, they are still examining the trust associated with routing messages between nodes (binary events). However, wireless sensor networks are mainly deployed to monitor events and report data, both continuous and discrete. This leads to the development of new trust models addressing the continuous data issue and also to combine the data trust and the communication trust to infer the total trust. © 2010 Springer-Verlag Berlin Heidelberg

FUZZY BASED SECURITY ALGORITHM FOR WIRELESS SENSOR NETWORKS IN THE INTERNET OF THINGS PARADIGM

Published ThesisThe world is embracing the idea of Internet of Things and Industrial Revolution 4.0. However, this acceptance of computerised evolution is met with a myriad of challenges, where consumers of this technology are also growing ever so anxious about the security of their personal data as well as reliability of data collected by the millions and even billions of sensors surrounding them. Wireless sensor networks are the main baseline technology driving Internet of things; by their very inherent nature, these networks are too vulnerable to attacks and yet the network security tools designed for conventional computer networks are not effective in countering these attacks. Wireless sensors have low computational resources, may be highly mobile and in most cases, these networks do not have a central point which can be marked as an authentication point for the sensors, any node can join or leave whenever they want. This leaves the sensors and the internet of things applications depending on them highly susceptible to attacks, which may compromise consumer information and leave security breaches in situation that need absolute security such as homes or even the cars they drive. There are many possibilities of things that could go wrong when hackers gain control of sensors in a car or a house. There have been many solutions offered to address security of Wireless Sensor Networks; however, most of those solutions are often not customised for African context. Given that most African countries have not kept pace with the development of these underlying technologies, blanket adoption of the solutions developed for consumption in the developed world has not yielded optimal results. The focus of this research was the development of an Intrusion Detection System that works in a hierarchical network structured Wireless Sensor Network, where cluster heads oversee groups of nodes and relay their data packets all the way to the sink node. This is a reactive Intrusion Detection System (IDS) that makes use of a fuzzy logic based algorithm for verification of intrusion detections. This system borrows characteristics of traditional Wireless Sensor Networks in that it is hosted external to the nodes; that is, on a computer or server connected to the sink node. The rational for this is the premise that developing the system in this manner optimises the power and processing resource of nodes because no part of the IDS is found in the nodes and they are left to focus purely on sensing. The Intrusion Detection System makes use of remote Over The Air programming to communicate with compromised nodes, to either shut down or reboot and is designed with the ZigBee protocol in mind. Additionally, this Intrusion Detection System is intended to being part of a larger Internet of Things integration framework being proposed at the Central University of Technology. This framework is aimed at developing an Internet of Things adoption strategy customised for African needs and regionally local consumers. To evaluate the effectiveness of the solution, the rate of false detections being picked out by the security algorithm were reduced through the use of fuzzy logic systems; this resulted in an accuracies of above 90 %. The algorithm is also very light when asymptotic notation is applied, making it ideal for Wireless Sensors. Lastly, we also put forward the Xbee version of the Triple Modular Redundancy architecture, customised for Wireless sensor networks in order to beef-up on the security solution presented in this dissertation

Using trust to detect denial of service attacks in the internet of things over MANETs

The rapid growth of employing devices as tools in daily life and the technological revolution have led to the invention of a novel paradigm; the Internet of Things (IoT). It includes a group of ubiquitous devices that communicate and share data with each other. These devices use the Internet Protocol (IP) to manage network nodes through mobile ad hoc networks (MANET). IoT is beneficial to MANET as the nodes are self-organising and the information reach can be expanded according to the network range. Due to the nature of MANET, such as dynamic topology, a number of challenges are inherent, such as Denial of Service (DoS) attacks. DoS attacks prohibit legitimate users from accessing their authorised services. In addition, because of the high mobility of MANET, the network can merge with other networks. In this situation, two or more networks of untrusted nodes may join one another leaving each of the networks open to attack. This paper proposes a novel method to detect DoS attacks immediately prior to the merger of two MANETs. To demonstrate the applicability of the proposed approach, a Grayhole attack is used in this study to evaluate the performance of the proposed method in detecting attacks

A Critical Review of Practices and Challenges in Intrusion Detection Systems for IoT: Towards Universal and Resilient Systems

The Internet-of-Things (IoT) is rapidly becoming ubiquitous. However the heterogeneous nature of devices and protocols in use, the sensitivity of the data contained within, as well as the legal and privacy issues, make security for the IoT a growing research priority and industry concern. With many security practices being unsuitable due to their resource intensive nature, it is deemed important to include second line defences into IoT networks. These systems will also need to be assessed for their efficacy in a variety of different network types and protocols. To shed light on these issues, this paper is concerned with advancements in intrusion detection practices in IoT. It provides a comprehensive review of current Intrusion Detection Systems (IDS) for IoT technologies, focusing on architecture types. A proposal for future directions in IoT based IDS are then presented and evaluated. We show how traditional practices are unsuitable due to their inherent features providing poor coverage of the IoT domain. In order to develop a secure, robust and optimised solution for these networks, the current research for intrusion detection in IoT will need to move in a different direction. An example of which is proposed in order to illustrate how malicious nodes might be passively detected