9 research outputs found
Detection of SYBIL Attack using Neighbour Nodes in Static WSN
As wireless sensor network is an emerging technology nowadays, it is prone to many attacks like denial of service, wormhole, clone, Sybil etc. Sybil attack is a harmful attack which affects the sensor network in routing the information. It is a malicious device that it takes multiple fake identities. This malicious device make the sensor node into Sybil node and get the information from other sensor node and send the different information to receiver or it keep the information with itself and delay the information to reach the receiver. To detect the Sybil node, we proposed a TIME-TO- TIME MESSAGE (TTM) model to detect the Sybil attack in wireless sensor network. In this method, each and every node in the sensor network will maintain an observation table for storing node id and location which is useful to detect the Sybil attack. The approach is simulated in a sensor network and the result shows a very good detection rate comparing with other existing algorithms.
DOI: 10.17762/ijritcc2321-8169.160414
Africa: cyber-security and its mutual impacts with computerisation, miniaturisation and location-based authentication
YesThe state of insecurity occasioned by fraudulent practices in Africa has been of concern economically, both at home and abroad. In this paper, we propose ways to mitigate this problem, using Nigeria as a case study. Based on surveys in West Africa, the paper examines the security situation in the continent and its mutual impacts with computerisation, miniaturisation and Location-Based Authentication (LBA). It was discovered that computerisation and miniaturisation had negative effects on cyber-security, as these were being exploited by fraudsters, using advance fee fraud; called 419. As a countermeasure, the paper examines the possibility of using LBA and digitisation of the GSM Mobile country codes down to city/area codes along with GSM/GPS authentications. These could also be combined with the use of a web-based Secret Sharing Scheme for services with very high security demands. The challenges of roaming were also examined and considered to be of negligible impact.Petroleum Technology Development Fund (PTDF
Intrusion Detection System for detecting internal threats in 6LoWPAN
6LoWPAN (IPv6 over Low-power Wireless Personal Area Network) is a standard developed by the Internet Engineering Task Force group to enable the Wireless Sensor Networks to connect to the IPv6 Internet. This standard is rapidly gaining popularity for its applicability, ranging extensively from health care to environmental monitoring. Security is one of the most crucial issues that need to be considered properly in 6LoWPAN. Common 6LoWPAN security threats can come from external or internal attackers. Cryptographic techniques are helpful in protecting the external attackers from illegally joining the network. However, because the network devices are commonly not tampered-proof, the attackers can break the cryptography codes of such devices and use them to operate like an internal source. These malicious sources can create internal attacks, which may downgrade significantly network performance. Protecting the network from these internal threats has therefore become one of the centre security problems on 6LoWPAN.
This thesis investigates the security issues created by the internal threats in 6LoWPAN and proposes the use of Intrusion Detection System (IDS) to deal with such threats. Our main works are to categorise the 6LoWPAN threats into two major types, and to develop two different IDSs to detect each of this type effectively. The major contributions of this thesis are summarised as below.
First, we categorise the 6LoWPAN internal threats into two main types, one that focuses on compromising directly the network performance (performance-type) and the other is to manipulate the optimal topology (topology-type), to later downgrade the network service quality indirectly. In each type, we select some typical threats to implement, and assess their particular impacts on network performance as well as identify performance metrics that are sensitive in the attacked situations, in order to form the basis detection knowledge. In addition, on studying the topology-type, we propose several novel attacks towards the Routing Protocol for Low Power and Lossy network (RPL - the underlying routing protocol in 6LoWPAN), including the Rank attack, Local Repair attack and DIS attack.
Second, we develop a Bayesian-based IDS to detect the performance-type internal threats by monitoring typical attacking targets such as traffic, channel or neighbour nodes. Unlike other statistical approaches, which have a limited view by just using a single metric to monitor a specific attack, our Bayesian-based IDS can judge an abnormal behaviour with a wiser view by considering of different metrics using the insightful understanding of their relations. Such wiser view helps to increase the IDS’s accuracy significantly.
Third, we develop a Specification-based IDS module to detect the topology-type internal threats based on profiling the RPL operation. In detail, we generalise the observed states and transitions of RPL control messages to construct a high-level abstract of node operations through analysing the trace files of the simulations. Our profiling technique can form all of the protocol’s legal states and transitions automatically with corresponding statistic data, which is faster and easier to verify compare with other manual specification techniques. This IDS module can detect the topology-type threats quickly with a low rate of false detection.
We also propose a monitoring architecture that uses techniques from modern technologies such as LTE (Long-term Evolution), cloud computing, and multiple interface sensor devices, to expand significantly the capability of the IDS in 6LoWPAN. This architecture can enable the running of both two proposed IDSs without much overhead created, to help the system to deal with most of the typical 6LoWPAN internal threats.
Overall, the simulation results in Contiki Cooja prove that our two IDS modules are effective in detecting the 6LoWPAN internal threats, with the detection accuracy is ranging between 86 to 100% depends on the types of attacks, while the False Positive is also satisfactory, with under 5% for most of the attacks. We also show that the additional energy consumptions and the overhead of the solutions are at an acceptable level to be used in the 6LoWPAN environment
System for Malicious Node Detection in IPv6-based Wireless Sensor Networks
U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske
mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža
temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6-
temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak
implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i
napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere.
Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM.
Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu
implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje
zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim
algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept
procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i
testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena
analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru
sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor
networks (WSN) as a consequence of tendency of their integration with other types of IPbased
networks. This thesis deals with the security aspects of these IPv6-based WSN. After
short review of the WSN concept, the implementation process of the IPv6 protocol into WSN
is elaborated in more details. Afterwards, there is a detailed analysis of security threats and
attacks which are present in IPv6-based WSN. For some of them possible countermeasures
are given. Furthermore, the proposal of the novel and modular security framework for IPv6-
based WSN is given. The structure and the functions of its modules are explained, and
recommendations for their implementation are given. Also, the solution of adaptive
distributed system for malicious node detection in IPv6-based WSN is given. The system is
based on distributed algorithms and collective decision-making process. Proposed system
introduces innovative concept of probability estimation for malicious behavior of sensor
nodes. The system is implemented and tested through several different scenarios in three
different network topologies. Finally, performed analysis showed that proposed system is
energy efficient and has good capability for detection of malicious nodes
System for Malicious Node Detection in IPv6-based Wireless Sensor Networks
U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske
mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža
temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6-
temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak
implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i
napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere.
Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM.
Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu
implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje
zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim
algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept
procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i
testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena
analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru
sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor
networks (WSN) as a consequence of tendency of their integration with other types of IPbased
networks. This thesis deals with the security aspects of these IPv6-based WSN. After
short review of the WSN concept, the implementation process of the IPv6 protocol into WSN
is elaborated in more details. Afterwards, there is a detailed analysis of security threats and
attacks which are present in IPv6-based WSN. For some of them possible countermeasures
are given. Furthermore, the proposal of the novel and modular security framework for IPv6-
based WSN is given. The structure and the functions of its modules are explained, and
recommendations for their implementation are given. Also, the solution of adaptive
distributed system for malicious node detection in IPv6-based WSN is given. The system is
based on distributed algorithms and collective decision-making process. Proposed system
introduces innovative concept of probability estimation for malicious behavior of sensor
nodes. The system is implemented and tested through several different scenarios in three
different network topologies. Finally, performed analysis showed that proposed system is
energy efficient and has good capability for detection of malicious nodes
System for Malicious Node Detection in IPv6-based Wireless Sensor Networks
U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske
mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža
temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6-
temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak
implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i
napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere.
Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM.
Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu
implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje
zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim
algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept
procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i
testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena
analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru
sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor
networks (WSN) as a consequence of tendency of their integration with other types of IPbased
networks. This thesis deals with the security aspects of these IPv6-based WSN. After
short review of the WSN concept, the implementation process of the IPv6 protocol into WSN
is elaborated in more details. Afterwards, there is a detailed analysis of security threats and
attacks which are present in IPv6-based WSN. For some of them possible countermeasures
are given. Furthermore, the proposal of the novel and modular security framework for IPv6-
based WSN is given. The structure and the functions of its modules are explained, and
recommendations for their implementation are given. Also, the solution of adaptive
distributed system for malicious node detection in IPv6-based WSN is given. The system is
based on distributed algorithms and collective decision-making process. Proposed system
introduces innovative concept of probability estimation for malicious behavior of sensor
nodes. The system is implemented and tested through several different scenarios in three
different network topologies. Finally, performed analysis showed that proposed system is
energy efficient and has good capability for detection of malicious nodes
Recommended from our members
Cryptography and Computer Communications Security. Extending the Human Security Perimeter through a Web of Trust
This work modifies Shamir’s algorithm by sharing a random key that is used to lock up the secret data; as against sharing the data itself. This is significant in cloud computing, especially with homomorphic encryption. Using web design, the resultant scheme practically globalises secret sharing with authentications and inherent secondary applications. The work aims at improving cybersecurity via a joint exploitation of human factors and technology; a human-centred cybersecurity design as opposed to technology-centred. The completed functional scheme is tagged CDRSAS.
The literature on secret sharing schemes is reviewed together with the concepts of human factors, trust, cyberspace/cryptology and an analysis on a 3-factor security assessment process. This is followed by the relevance of passwords within the context of human factors. The main research design/implementation and system performance are analysed, together with a proposal for a new antidote against 419 fraudsters. Two twin equations were invented in the investigation process; a pair each for secret sharing and a risk-centred security assessment technique.
The building blocks/software used for the CDRSAS include Shamir’s algorithm, MD5, HTML5, PHP, Java, Servlets, JSP, Javascript, MySQL, JQuery, CSS, MATLAB, MS Excel, MS Visio, and Photoshop. The codes are developed in Eclipse IDE, and the Java-based system runs on Tomcat and Apache, using XAMPP Server. Its code units have passed JUnit tests. The system compares favourably with SSSS.
Defeating socio-cryptanalysis in cyberspace requires strategies that are centred on human trust, trust-related human attributes, and technology. The PhD research is completed but there is scope for future work.Petroleum Technology Development Fund (PTDF), Abuja, Nigeria