Analysis of Security Attacks & Taxonomy in Underwater Wireless Sensor Networks

Abstract: Underwater Wireless Sensor Networks (UWSN) have gained more attention from researchers in recent years due to their advancement in marine monitoring, deployment of various applications, and ocean surveillance. The UWSN is an attractive field for both researchers and the industrial side. Due to the harsh underwater environment, own capabilities, open acoustic channel, it's also vulnerable to malicious attacks and threats. Attackers can easily take advantage of these characteristics to steal the data between the source and destination. Many review articles are addressed some of the security attacks and Taxonomy of the Underwater Wireless Sensor Networks. In this study, we have briefly addressed the Taxonomy of the UWSNs from the most recent research articles related to the well-known research databases. This paper also discussed the security threats on each layer of the Underwater Wireless sensor networks. This study will help the researcher’s design the routing protocols to cover the known security threats and help industries manufacture the devices to observe these threats and security issues

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Defending Against Randomly Located Eavesdroppers by Establishing a Protecting Region

The security problem in wireless sensor networks faces severe challenges, due to the openness of the sensor network channel and the mobility and diversity of the terminals. When facing randomly located eavesdroppers, the situation is much more complex. This paper studies the security performance of a wireless sensor network where randomly located passive and active eavesdroppers are both considered. Compared to a passive eavesdropper, an active eavesdropper can perform both eavesdropping and malicious jamming simultaneously in a wireless sensor network. Based on beamforming and artificial noise (AN), we propose a practical way to defend against the eavesdropper by establishing a protecting region. An appropriate metric, the hybrid outage probability, which takes both the transmission outage probability and the secrecy outage probability into consideration, is utilized to evaluate the security performance. In addition, the concept of safe transmission range is defined to evaluate the security performance. Simulation results are provided to depict the insecure region and verify the harm of the active eavesdropper to the transmission in the wireless sensor network

Embracing interference in wireless systems

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, February 2013."February 2013." Cataloged from PDF version of thesis.Includes bibliographical references (p. 169-183).The wireless medium is a shared resource. If nearby devices transmit at the same time, their signals interfere, resulting in a collision. In traditional networks, collisions cause the loss of the transmitted information. For this reason, wireless networks have been designed with the assumption that interference is intrinsically harmful and must be avoided. This dissertation takes an alternate approach: Instead of viewing interference as an inherently counterproductive phenomenon that should to be avoided, we design practical systems that transform interference into a harmless, and even a beneficial phenomenon. To achieve this goal, we consider how wireless signals interact when they interfere, and use this understanding in our system designs. Specifically, when interference occurs, the signals get mixed on the wireless medium. By understanding the parameters of this mixing, we can invert the mixing and decode the interfered packets; thus, making interference harmless. Furthermore, we can control this mixing process to create strategic interference that allow decodability at a particular receiver of interest, but prevent decodability at unintended receivers and adversaries. Hence, we can transform interference into a beneficial phenomenon that provides security. Building on this approach, we make four main contributions: We present the first WiFi receiver that can successfully reconstruct the transmitted information in the presence of packet collisions. Next, we introduce a WiFi receiver design that can decode in the presence of high-power cross-technology interference from devices like baby monitors, cordless phones, microwave ovens, or even unknown technologies. We then show how we can harness interference to improve security. In particular, we develop the first system that secures an insecure medical implant without any modification to the implant itself. Finally, we present a solution that establishes secure connections between any two WiFi devices, without having users enter passwords or use pre-shared secret keys.by Shyamnath Gollakota.Ph.D

Enhancing the security of wireless sensor network based home automation systems

Home automation systems (HASs)seek to improve the quality of life for individuals through the automation of household devices. Recently, there has been a trend, in academia and industry, to research and develop low-cost Wireless Sensor Network (WSN) based HASs (Varchola et al. 2007). WSNs are designed to achieve a low-cost wireless networking solution, through the incorporation of limited processing, memory, and power resources. Consequently, providing secure and reliable remote access for resource limited WSNs, such as WSN based HASs, poses a significant challenge (Perrig et al. 2004). This thesis introduces the development of a hybrid communications approach to increase the resistance of WSN based HASs to remote DoS flooding attacks targeted against a third party. The approach is benchmarked against the dominant GHS remote access approach for WSN based HASs (Bergstrom et al. 2001), on a WSN based HAS test-bed, and shown to provide a minimum of a 58.28%, on average 59.85%, and a maximum of 61.45% increase in remote service availability during a DoS attack. Additionally, a virtual home incorporating a cryptographic based DoS detection algorithm, is developed to increase resistance to remote DoS flooding attacks targeted directly at WSN based HASs. The approach is benchmarked against D-WARD (Mirkovic 2003), the most effective DoS defence identified from the research, and shown to provide a minimum 84.70%, an average 91.13% and a maximum 95.6% reduction in packets loss on a WSN based HAS during a DoS flooding attack. Moreover, the approach is extended with the integration of a virtual home, hybrid communication approach, and a distributed denial of defence server to increase resistance to remote DoS attacks targeting the home gateway. The approach is again benchmarked against the D-WARD defence and shown to decrease the connection latency experienced by remote users by a minimum of 90.14%, an average 90.90%, and a maximum 91.88%.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

An Accountability Architecture for the Internet

In the current Internet, senders are not accountable for the packets they send. As a result, malicious users send unwanted traffic that wastes shared resources and degrades network performance. Stopping such attacks requires identifying the responsible principal and filtering any unwanted traffic it sends. However, senders can obscure their identity: a packet identifies its sender only by the source address, but the Internet Protocol does not enforce that this address be correct. Additionally, affected destinations have no way to prevent the sender from continuing to cause harm. An accountable network binds sender identities to packets they send for the purpose of holding senders responsible for their traffic. In this dissertation, I present an accountable network-level architecture that strongly binds senders to packets and gives receivers control over who can send traffic to them. Holding senders accountable for their actions would prevent many of the attacks that disrupt the Internet today. Previous work in attack prevention proposes methods of binding packets to senders, giving receivers control over who sends what to them, or both. However, they all require trusted elements on the forwarding path, to either assist in identifying the sender or to filter unwanted packets. These elements are often not under the control of the receiver and may become corrupt. This dissertation shows that the Internet architecture can be extended to allow receivers to block traffic from unwanted senders, even in the presence of malicious devices in the forwarding path. This dissertation validates this thesis with three contributions. The first contribution is DNA, a network architecture that strongly binds packets to their sender, allowing routers to reject unaccountable traffic and recipients to block traffic from unwanted senders. Unlike prior work, which trusts on-path devices to behave correctly, the only trusted component in DNA is an identity certification authority. All other entities may misbehave and are either blocked or evicted from the network. The second contribution is NeighborhoodWatch, a secure, distributed, scalable object store that is capable of withstanding misbehavior by its constituent nodes. DNA uses NeighborhoodWatch to store receiver-specific requests block individual senders. The third contribution is VanGuard, an accountable capability architecture. Capabilities are small, receiver-generated tokens that grant the sender permission to send traffic to receiver. Existing capability architectures are not accountable, assume a protected channel for obtaining capabilities, and allow on-path devices to steal capabilities. VanGuard builds a capability architecture on top of DNA, preventing capability theft and protecting the capability request channel by allowing receivers to block senders that flood the channel. Once a sender obtains capabilities, it no longer needs to sign traffic, thus allowing greater efficiency than DNA alone. The DNA architecture demonstrates that it is possible to create an accountable network architecture in which none of the devices on the forwarding path must be trusted. DNA holds senders responsible for their traffic by allowing receivers to block senders; to store this blocking state, DNA relies on the NeighborhoodWatch DHT. VanGuard extends DNA and reduces its overhead by incorporating capabilities, which gives destinations further control over the traffic that sources send to them

Platform Embedded Security Technology Revealed

Computer scienc

A Taxonomy for and Analysis of Anonymous Communications Networks

Any entity operating in cyberspace is susceptible to debilitating attacks. With cyber attacks intended to gather intelligence and disrupt communications rapidly replacing the threat of conventional and nuclear attacks, a new age of warfare is at hand. In 2003, the United States acknowledged that the speed and anonymity of cyber attacks makes distinguishing among the actions of terrorists, criminals, and nation states difficult. Even President Obama’s Cybersecurity Chief-elect recognizes the challenge of increasingly sophisticated cyber attacks. Now through April 2009, the White House is reviewing federal cyber initiatives to protect US citizen privacy rights. Indeed, the rising quantity and ubiquity of new surveillance technologies in cyberspace enables instant, undetectable, and unsolicited information collection about entities. Hence, anonymity and privacy are becoming increasingly important issues. Anonymization enables entities to protect their data and systems from a diverse set of cyber attacks and preserves privacy. This research provides a systematic analysis of anonymity degradation, preservation and elimination in cyberspace to enhance the security of information assets. This includes discovery/obfuscation of identities and actions of/from potential adversaries. First, novel taxonomies are developed for classifying and comparing well-established anonymous networking protocols. These expand the classical definition of anonymity and capture the peer-to-peer and mobile ad hoc anonymous protocol family relationships. Second, a unique synthesis of state-of-the-art anonymity metrics is provided. This significantly aids an entity’s ability to reliably measure changing anonymity levels; thereby, increasing their ability to defend against cyber attacks. Finally, a novel epistemic-based mathematical model is created to characterize how an adversary reasons with knowledge to degrade anonymity. This offers multiple anonymity property representations and well-defined logical proofs to ensure the accuracy and correctness of current and future anonymous network protocol design