A Taxonomy on Misbehaving Nodes in Delay Tolerant Networks

Delay Tolerant Networks (DTNs) are type of Intermittently Connected Networks (ICNs) featured by long delay, intermittent connectivity, asymmetric data rates and high error rates. DTNs have been primarily developed for InterPlanetary Networks (IPNs), however, have shown promising potential in challenged networks i.e. DakNet, ZebraNet, KioskNet and WiderNet. Due to unique nature of intermittent connectivity and long delay, DTNs face challenges in routing, key management, privacy, fragmentation and misbehaving nodes. Here, misbehaving nodes i.e. malicious and selfish nodes launch various attacks including flood, packet drop and fake packets attack, inevitably overuse scarce resources (e.g., buffer and bandwidth) in DTNs. The focus of this survey is on a review of misbehaving node attacks, and detection algorithms. We firstly classify various of attacks depending on the type of misbehaving nodes. Then, detection algorithms for these misbehaving nodes are categorized depending on preventive and detective based features. The panoramic view on misbehaving nodes and detection algorithms are further analyzed, evaluated mathematically through a number of performance metrics. Future directions guiding this topic are also presented

Wormhole Attack Detection Algorithms in Wireless Network Coding Systems

Network coding has been shown to be an effective approach to improve the wireless system performance. However, many security issues impede its wide deployment in practice. Besides the well-studied pollution attacks, there is another severe threat, that of wormhole attacks, which undermines the performance gain of network coding. Since the underlying characteristics of network coding systems are distinctly different from traditional wireless networks, the impact of wormhole attacks and countermeasures are generally unknown. In this thesis, we quantify wormholes' devastating harmful impact on network coding system performance through experiments. Firstly, we propose a centralized algorithm to detect wormholes and show its correctness rigorously. For the distributed wireless network, we propose DAWN, a Distributed detection Algorithm against Wormhole in wireless Network coding systems, by exploring the change of the flow directions of the innovative packets caused by wormholes. We rigorously prove that DAWN guarantees a good lower bound of successful detection rate. We perform analysis on the resistance of DAWN against collusion attacks. We find that the robustness depends on the node density in the network, and prove a necessary condition to achieve collusion-resistance. DAWN does not rely on any location information, global synchronization assumptions or special hardware/middleware. It is only based on the local information that can be obtained from regular network coding protocols, and thus the overhead of our algorithms is tolerable. Extensive experimental results have verified the effectiveness and the efficiency of DAWN.Computer Scienc

Reinforcement learning-based trust and reputation model for spectrum leasing in cognitive radio networks

Cognitive Radio (CR), which is the next generation wireless communication system, enables unlicensed users or Secondary Users (SUs) to exploit underutilized spectrum (called white spaces) owned by the licensed users or Primary Users(PUs) so that bandwidth availability improves at the SUs, which helps to improve the overall spectrum utilization. Collaboration, which has been adopted in various schemes such distributed channel sensing and channel access, is an intrinsic characteristic of CR to improve network performance. However, the requirement to collaborate has inevitably open doors to various forms of attacks by malicious SUs, and this can be addressed using Trust and Reputation Management (TRM). Generally speaking, TRM detects malicious SUs including honest SUs that turn malicious. To achieve a more efficient detection, we advocate the use of Reinforcement Learning (RL), which is known to be flexible and adaptable to the changes in operating environment in order to achieve optimal network performance. Its ability to learn and re-learn throughout the duration of its existence provides intelligence to the proposed TRM model, and so the focus on RL-based TRM model in this paper. Our preliminary results show that the detection performance of RLbased TRM model has an improvement of 15% over the traditional TRM in a centralized cognitive radio network. The investigation in the paper serves as an important foundation for future work in this research field

Security and Privacy for Mobile Social Networks

With the ever-increasing demands of people's social interactions, traditional online social networking applications are being shifted to the mobile ones, enabling users' social networking and interactions anywhere anytime. Due to the portability and pervasiveness of mobile devices, such as smartphones, wearable devices and tablets, Mobile Social Network (MSN), as a promising social network platform, has become increasingly popular and brought immense benefits. In MSN, users can easily discover and chat with social friends in the vicinity even without the Internet; vehicle drivers and passengers can exchange traffic information, videos or images with other vehicles on the road; customers in a shopping mall can share sale information and recommend it to their friends. With MSNs, massive opportunities are created to facilitate people's social interactions and enlarge the inherent social circle. However, the flourish of MSNs also hinges upon fully understanding and managing the challenges, such as security threats and privacy leakage. Security and privacy concerns rise as the boom of MSN applications comes up, but few users have paid adequate attentions to protect their privacy-sensitive information from disclosing. First of all, to initiate social interactions, users sometimes exchange their social interests or preferences with each other (including strangers in the vicinity) without sufficient protections. As such, some private information may be inferred from the exchanged social interests by attackers and untrusted users. Secondly, some malicious attackers might forge fake identities or false contents, such as spam and advertisements, to disrupt MSNs or mislead other users. These attackers could even collude and launch a series of security threats to MSNs. In addition, massive social network data are usually stored in untrusted cloud servers, where data confidentiality, authentication, access control and privacy are of paramount importance. Last but not least, the trade-off between data availability and privacy should be taken into account when the data are stored, queried and processed for various MSN applications. Therefore, novel security and privacy techniques become essential for MSN to provide sufficient and adjustable protections. In this thesis, we focus on security and privacy for MSNs. Based on the MSN architecture and emerging applications, we first investigate security and privacy requirements for MSNs and introduce several challenging issues, i.e., spam, misbehaviors and privacy leakage. To tackle these problems, we propose efficient security and privacy preservation schemes for MSNs. Specifically, the main contributions of this thesis can be three-fold. Firstly, to address the issues of spam in autonomous MSNs, we propose a personalized fine-grained spam filtering scheme (PIF), which exploits social characteristics during data delivery. The PIF allows users to create personalized filters according to their social interests, and enables social friends to hold these filters, discarding the unwanted data before delivery. We also design privacy-preserving coarse-grained and fine-grained filtering mechanisms in the PIF to not only enable the filtering but also prevent users' private information included in the filters from disclosing to untrusted entities. Secondly, to detect misbehaviors during MSN data sharing, we propose a social-based mobile Sybil detection scheme (SMSD). The SMSD detects Sybil attackers by differentiating the abnormal pseudonym changing and contact behaviors, since Sybil attackers frequently or rapidly change their pseudonyms to cheat legitimate users. As the volume of contact data from users keeps increasing, the SMSD utilizes local cloud servers to store and process the users' contact data such that the burden of mobile users is alleviated. The SMSD also detects the collusion attacks and prevents user's data from malicious modification when employing the untrusted local cloud server for the detection. Thirdly, to achieve the trade-off between privacy and data availability, we investigate a centralized social network application, which exploits social network to enhance human-to-human infection analysis. We integrate social network data and health data to jointly analyze the instantaneous infectivity during human-to-human contact, and propose a novel privacy-preserving infection analysis approach (PIA). The PIA enables the collaboration among different cloud servers (i.e., social network cloud server and health cloud server). It employs a privacy-preserving data query method based on conditional oblivious transfer to enable data sharing and prevent data from disclosing to untrusted entities. A privacy-preserving classification-based infection analysis method is also proposed to enable the health cloud server to infer infection spread but preserve privacy simultaneously. Finally, we summarize the thesis and share several open research directions in MSNs. The developed security solutions and research results in this thesis should provide a useful step towards better understanding and implementing secure and privacy-preserving MSNs

F3TM: flooding factor based trust management framework for secure data transmission in MANETs

Due to the absence of infrastructure support, secure data dissemination is a challenging task in scalable mobile ad hoc networks (MANETs) environment. In most of the traditional routing techniques for MANETs, either security has not been taken into account or only one aspect of security concern has been addressed without optimizing the routing performance. This paper proposes Flooding Factor based Framework for Trust Management (F3TM) in MANETs. True flooding approach is utilized to identify attacker nodes based on the calculation of trust value. Route Discovery Algorithm is developed to discover an efficient and secure path for data forwarding using Experimental Grey Wolf algorithm for validating network nodes. Enhanced Multi-Swarm Optimization is used to optimize the identified delivery path. Simulations are carried out in ns2 to assess and compare the performance of F3TM with the state-of-the-art frameworks: CORMAN and PRIME considering the metrics including delay, packet delivery ration, overhead and throughput. The performance assessment attests the reliable security of F3TM compared to the state-of-the-art frameworks

Trust Management for P2P application in Delay Tolerant Mobile Ad-hoc Networks. An Investigation into the development of a Trust Management Framework for Peer to Peer File Sharing Applications in Delay Tolerant Disconnected Mobile Ad-hoc Networks.

Security is essential to communication between entities in the internet. Delay tolerant and disconnected Mobile Ad Hoc Networks (MANET) are a class of networks characterized by high end-to-end path latency and frequent end-to-end disconnections and are often termed as challenged networks. In these networks nodes are sparsely populated and without the existence of a central server, acquiring global information is difficult and impractical if not impossible and therefore traditional security schemes proposed for MANETs cannot be applied. This thesis reports trust management schemes for peer to peer (P2P) application in delay tolerant disconnected MANETs. Properties of a profile based file sharing application are analyzed and a framework for structured P2P overlay over delay tolerant disconnected MANETs is proposed. The framework is implemented and tested on J2ME based smart phones using Bluetooth communication protocol. A light weight Content Driven Data Propagation Protocol (CDDPP) for content based data delivery in MANETs is presented. The CDDPP implements a user profile based content driven P2P file sharing application in disconnected MANETs. The CDDPP protocol is further enhanced by proposing an adaptive opportunistic multihop content based routing protocol (ORP). ORP protocol considers the store-carry-forward paradigm for multi-hop packet delivery in delay tolerant MANETs and allows multi-casting to selected number of nodes. Performance of ORP is compared with a similar autonomous gossiping (A/G) protocol using simulations. This work also presents a framework for trust management based on dynamicity aware graph re-labelling system (DA-GRS) for trust management in mobile P2P applications. The DA-GRS uses a distributed algorithm to identify trustworthy nodes and generate trustable groups while isolating misleading or untrustworthy nodes. Several simulations in various environment settings show the effectiveness of the proposed framework in creating trust based communities. This work also extends the FIRE distributed trust model for MANET applications by incorporating witness based interactions for acquiring trust ratings. A witness graph building mechanism in FIRE+ is provided with several trust building policies to identify malicious nodes and detect collusive behaviour in nodes. This technique not only allows trust computation based on witness trust ratings but also provides protection against a collusion attack. Finally, M-trust, a light weight trust management scheme based on FIRE+ trust model is presented

A Hierarchical Structure towards Securing Data Transmission in Cognitive Radio Networks

Cognitive Radio (CR) technology is considered as a promising technology to overcome spectrum scarcity problem in wireless networks, by sharing the spectrum between both unlicensed users (secondary users, (SUs)) and licensed users (primary users, (PUs)), provided that the SUs respect the PUs’ rights to use the spectrum exclusively. An important technical area in cognitive radio networks (CRNs) is wireless security. A secure CRN must meet different security requirements, which are: confidentiality, integrity, availability and authentication. Data confidentiality is a mandatory requirement in cognitive radio networks, generally to maintain the privacy of the data owner (PU or SU). Integrity means that data is transmitted from the source to the destination without alteration. While availability is to release the channels assigned to one SU as soon as a PU wants to use its spectrum. Authentication in CRN means that each node has to authenticate itself before it can use the available spectrum channels. New classes of security threats and challenges in CRNs have been introduced that target the different layers of OSI model and affect the security requirements. Providing strong security may prove to be the most difficult aspect of making CR a long-term commercially-viable concept. Protection of routes used for data transmission is a critical prerequisite to ensure the robustness of iv the routing process. Therefore, route discovery must be done in such a way that lets each node find the best secure path(s) for its data transmission. In this work, network security of CRN is improved through proposing different models that are built to fulfil the security requirements mentioned above. Improving the network security enhances the network performance, taking into consideration the quality of service (QoS) desired by the different network nodes such as bandwidth and time delay. This work aims to combine the spectrum sensing phase and the spectrum management phase, as well as to detect all the adversary nodes that slow down the network performance by selectively holding and not forwarding packets to their next hop(s). We measure the network node’s reliability for using network resources through a value called belief level (BL), which is considered as the main parameter for our entire work. BL is used to monitor the nodes’ behavior during the spectrum sensing phase, and then it is used to form the best path(s) during the spectrum management phase. Particularly, this work follows a hierarchical structure that has three different layers. At the bottom layer, a novel authentication mechanism is developed to fulfil the authentication and the availability security requirements, which ends assigning a belief level (BL) to each node. At the middle layer, the nodes’ behavior during the spectrum sensing phase is monitored to detect all the adversary node(s). Finally, at the top layer, a novel routing algorithm is proposed that uses the nodes’ security (BL) as a routing metric. SUs collaborate with each other to monitor other nodes’ behavior. Users’ data confidentiality and integrity are satisfied through this hierarchical structure that uses the cluster-based, central authority, and nodes collaboration concepts. By doing so, the traffic carried in the CRN is secured and adversary nodes are detected and penalized

Blindspot: Indistinguishable Anonymous Communications

Communication anonymity is a key requirement for individuals under targeted surveillance. Practical anonymous communications also require indistinguishability - an adversary should be unable to distinguish between anonymised and non-anonymised traffic for a given user. We propose Blindspot, a design for high-latency anonymous communications that offers indistinguishability and unobservability under a (qualified) global active adversary. Blindspot creates anonymous routes between sender-receiver pairs by subliminally encoding messages within the pre-existing communication behaviour of users within a social network. Specifically, the organic image sharing behaviour of users. Thus channel bandwidth depends on the intensity of image sharing behaviour of users along a route. A major challenge we successfully overcome is that routing must be accomplished in the face of significant restrictions - channel bandwidth is stochastic. We show that conventional social network routing strategies do not work. To solve this problem, we propose a novel routing algorithm. We evaluate Blindspot using a real-world dataset. We find that it delivers reasonable results for applications requiring low-volume unobservable communication.Comment: 13 Page