DETECTION OF MALICIOUS PACKET DROPPING IN WIRELESS AD HOC NETWORKS BASED ON PRIVACY-PRESERVING PUBLIC

Security is one of the most important issues that have attracted a lot of research and development effort in past few years. In multi-hop wireless ad hoc network link error and malicious packet dropping are two sources for packet losses. Whether the losses are caused by link errors only, or by the combined effect of link errors and malicious drop are to be identified, can be known by observing a sequence of packet losses in the network. But in the insider-attack case, whereby malicious nodes that are part of the route exploit their knowledge of the communication context to selectively drop a small amount of packets critical to the network performance. Conventional algorithms that are based on detecting the packet loss rate cannot achieve satisfactory detection accuracy because the packet dropping rate in this case is comparable to the channel error rate. Hence to improve the detection accuracy, the correlations between lost packets is identified. The technique called Homomorphism linear authenticator (HLA) based public auditing architecture is developed that allows the detector to verify the truthfulness of the packet loss information reported by nodes. This technique provides privacy preserving, collusion proof, and incurs low communication and storage overheads. A packet-block based mechanism is also proposed, to reduce the computation overhead of the baseline scheme, which allows one to trade detection accuracy for lower computation complexit

RECOGNIZING ATTACKS OF PACKET DROPPING WITHIN WIRELESS SYSTEMS

We build up an effective algorithm for detection of selective packet drops made by insider attackers and it moreover provides a truthful as well as publicly verifiable decision statistics as a proof to maintain detection decision. In our work we are interested to find out whether the losses are due to link errors or else by the collective effect of malicious drop and link errors during the observation of the packet losses within the network. Identifying attacks of selective packet-dropping is particularly not easy in an extremely active wireless environment. The difficulty comes from prerequisite that we need to not only distinguish the place of packet dropping, but moreover to recognize whether the drop is planned or unintended. For improvisation of the accuracy of detection we recommend to utilize the correlations among lost packets and for ensuring of these correlations calculations, we build up a homomorphic linear authenticator based structure of public auditing allowing the detector to confirm truth of packet loss data reported by nodes.  This structure is collusion proof, privacy preserving, and incur low communication as well as storage overheads.  Our proposed system considers cross-statistics between lost packets to make a additional informative decision, and as a result is in sharp difference to conventional methods that depend only on distribution of number of lost packets

RECOGNIZING ATTACKS OF PACKET DROPPING WITHIN WIRELESS SYSTEMS

We build up an effective algorithm for detection of selective packet drops made by insider attackers and it moreover provides a truthful as well as publicly verifiable decision statistics as a proof to maintain detection decision. In our work we are interested to find out whether the losses are due to link errors or else by the collective effect of malicious drop and link errors during the observation of the packet losses within the network. Identifying attacks of selective packet-dropping is particularly not easy in an extremely active wireless environment. The difficulty comes from prerequisite that we need to not only distinguish the place of packet dropping, but moreover to recognize whether the drop is planned or unintended. For improvisation of the accuracy of detection we recommend to utilize the correlations among lost packets and for ensuring of these correlations calculations, we build up a homomorphic linear authenticator based structure of public auditing allowing the detector to confirm truth of packet loss data reported by nodes.  This structure is collusion proof, privacy preserving, and incur low communication as well as storage overheads.  Our proposed system considers cross-statistics between lost packets to make a additional informative decision, and as a result is in sharp difference to conventional methods that depend only on distribution of number of lost packets

DISCOVERY-MAINTAINING AND DISHONEST RECOGNITION OF PACKET REDUCING ATTACKS IN WIRELESS AD HOC NETWORKS

We create an effective formula for recognition of selective packet drops produced by insider attackers and it also additionally provides a truthful furthermore to freely verifiable decision statistics as being a proof to keep recognition decision. Within our work we're interested to discover once the losses be a consequence of link errors otherwise using the collective after effect of malicious drop and link errors with the observation within the packet losses inside the network. we enhance your homomorphic linear authenticator based structure of public auditing allowing the detector to make sure truth of packet loss data as reported by nodes.  This structure is collusion proof, privacy preserving, and incur low communication furthermore to storage overheads.  Our suggested system views mix-statistics between lost packets to make a additional informative decision, and thus reaches sharp impact on fliers and card printing that depend only on distribution of amount of lost packets

A Taxonomy on Misbehaving Nodes in Delay Tolerant Networks

Delay Tolerant Networks (DTNs) are type of Intermittently Connected Networks (ICNs) featured by long delay, intermittent connectivity, asymmetric data rates and high error rates. DTNs have been primarily developed for InterPlanetary Networks (IPNs), however, have shown promising potential in challenged networks i.e. DakNet, ZebraNet, KioskNet and WiderNet. Due to unique nature of intermittent connectivity and long delay, DTNs face challenges in routing, key management, privacy, fragmentation and misbehaving nodes. Here, misbehaving nodes i.e. malicious and selfish nodes launch various attacks including flood, packet drop and fake packets attack, inevitably overuse scarce resources (e.g., buffer and bandwidth) in DTNs. The focus of this survey is on a review of misbehaving node attacks, and detection algorithms. We firstly classify various of attacks depending on the type of misbehaving nodes. Then, detection algorithms for these misbehaving nodes are categorized depending on preventive and detective based features. The panoramic view on misbehaving nodes and detection algorithms are further analyzed, evaluated mathematically through a number of performance metrics. Future directions guiding this topic are also presented

SECURING PERFORMANCE OF THE NETWORK IN VIEW SELECTIVE DROPS

We're concerned in combating an insider attack and thinking about complexity of discovering happening of selective packet drops and recognize malicious node which are responsible for such drops. We develop accurate formula for recognition of selective packet drops which are produced by insider attackers. For making certain of computation of correlations, we create a homomorphic straight line authenticator that's on public auditing design basis that enables the detector to verify honesty of packet loss information that is as stated by nodes. In broad wireless means, link errors are relatively important, and may not be significantly lesser than packet shedding rate of insider attacker hence insider attacker can hide in backdrop of harsh funnel conditions.  Within our work during study of packet sequence losses inside the network, we're concerned in figuring out whether losses come from way of link errors simply, otherwise by collective aftereffect of link errors in addition to malicious drop. This arrangement is privacy preserving, and sustains low communication in addition to storage spending. Our formula additionally provides honest in addition to openly verifiable decision statistics as proof to keep recognition decision

Security aspects of communications in VANETs

The Fourth Industrial Revolution has begun and it promises breakthroughs in Artificial Intelligence, robotics, Machine Learning, Internet of Things, Digital Twin, and many other technologies that tackle advancements in the industries. The trend is headed towards automation and connectivity. In the automotive industry, advancements have been made towards integrating autonomous driving vehicles into Intelligent Transport Systems (ITS) with the use of Vehicular Ad-Hoc Networks (VANETs). The purpose of this type of network is to enable efficient communication between vehicles (V2V communication) or vehicles and infrastructure (V2I communication), to improve driving safety, to avoid traffic congestion, and to better coordinate transport networks. This direction towards limited (or lack of) human intervention implies vulnerability to cyber attacks. In this context, this paper provides a comprehensive classification of related state-of-the-art approaches following three key directions: 1) privacy, 2) authentication and 3) message integrity within VANETs. Discussions, challenges and open issues faced by the current and next generation of vehicular networks are also provided

Efficient Packet-Drop Thwarting and User-Privacy Preserving Protocols for Multi-hop Wireless Networks

In multi-hop wireless network (MWN), the mobile nodes relay others’ packets for enabling new applications and enhancing the network deployment and performance. However, the selfish nodes drop the packets because packet relay consumes their resources without benefits, and the malicious nodes drop the packets to launch Denial-of-Service attacks. Packet drop attacks adversely degrade the network fairness and performance in terms of throughput, delay, and packet delivery ratio. Moreover, due to the nature of wireless transmission and multi-hop packet relay, the attackers can analyze the network traffic in undetectable way to learn the users’ locations in number of hops and their communication activities causing a serious threat to the users’ privacy. In this thesis, we propose efficient security protocols for thwarting packet drop attacks and preserving users’ privacy in multi-hop wireless networks. First, we design a fair and efficient cooperation incentive protocol to stimulate the selfish nodes to relay others’ packets. The source and the destination nodes pay credits (or micropayment) to the intermediate nodes for relaying their packets. In addition to cooperation stimulation, the incentive protocol enforces fairness by rewarding credits to compensate the nodes for the consumed resources in relaying others’ packets. The protocol also discourages launching Resource-Exhaustion attacks by sending bogus packets to exhaust the intermediate nodes’ resources because the nodes pay for relaying their packets. For fair charging policy, both the source and the destination nodes are charged when the two nodes benefit from the communication. Since micropayment protocols have been originally proposed for web-based applications, we propose a practical payment model specifically designed for MWNs to consider the significant differences between web-based applications and cooperation stimulation. Although the non-repudiation property of the public-key cryptography is essential for securing the incentive protocol, the public-key cryptography requires too complicated computations and has a long signature tag. For efficient implementation, we use the public-key cryptography only for the first packet in a series and use the efficient hashing operations for the next packets, so that the overhead of the packet series converges to that of the hashing operations. Since a trusted party is not involved in the communication sessions, the nodes usually submit undeniable digital receipts (proofs of packet relay) to a centralized trusted party for updating their credit accounts. Instead of submitting large-size payment receipts, the nodes submit brief reports containing the alleged charges and rewards and store undeniable security evidences. The payment of the fair reports can be cleared with almost no processing overhead. For the cheating reports, the evidences are requested to identify and evict the cheating nodes. Since the cheating actions are exceptional, the proposed protocol can significantly reduce the required bandwidth and energy for submitting the payment data and clear the payment with almost no processing overhead while achieving the same security strength as the receipt-based protocols. Second, the payment reports are processed to extract financial information to reward the cooperative nodes, and contextual information such as the broken links to build up a trust system to measure the nodes’ packet-relay success ratios in terms of trust values. A node’s trust value is degraded whenever it does not relay a packet and improved whenever it does. A node is identified as malicious and excluded from the network once its trust value reaches to a threshold. Using trust system is necessary to keep track of the nodes’ long-term behaviors because the network packets may be dropped normally, e.g., due to mobility, or temporarily, e.g., due to network congestion, but the high frequency of packet drop is an obvious misbehavior. Then, we propose a trust-based and energy-aware routing protocol to route traffics through the highly trusted nodes having sufficient residual energy in order to establish stable routes and thus minimize the probability of route breakage. A node’s trust value is a real and live measurement to the node’s failure probability and mobility level, i.e., the low-mobility nodes having large hardware resources can perform packet relay more efficiently. In this way, the proposed protocol stimulates the nodes not only to cooperate but also to improve their packet-relay success ratio and tell the truth about their residual energy to improve their trust values and thus raise their chances to participate in future routes. Finally, we propose a privacy-preserving routing and incentive protocol for hybrid ad hoc wireless network. Micropayment is used to stimulate the nodes’ cooperation without submitting payment receipts. We only use the lightweight hashing and symmetric-key-cryptography operations to preserve the users’ privacy. The nodes’ pseudonyms are efficiently computed using hashing operations. Only trusted parties can link these pseudonyms to the real identities for charging and rewarding operations. Moreover, our protocol protects the location privacy of the anonymous source and destination nodes. Extensive analysis and simulations demonstrate that our protocols can secure the payment and trust calculation, preserve the users’ privacy with acceptable overhead, and precisely identify the malicious and the cheating nodes. Moreover, the simulation and measurement results demonstrate that our routing protocols can significantly improve route stability and thus the packet delivery ratio due to stimulating the selfish nodes’ cooperation, evicting the malicious nodes, and making informed decisions regarding route selection. In addition, the processing and submitting overheads of the payment-reports are incomparable with those of the receipts in the receipt-based incentive protocols. Our protocol also requires incomparable overhead to the signature-based protocols because the lightweight hashing operations dominate the nodes’ operations

Coordinated detection of forwarding faults in wireless community networks

Wireless Community Networks (WCN) are crowdsourced networks where equipment is contributed and managed by members from a community. WCN have three intrinsic characteristics that make forwarding faults more likely: inexpensive equipment, non-expert administration and openness. These characteristics hinder the robustness of network connectivity. We present KDet, a decentralized protocol for the detection of forwarding faults by establishing overlapping logical boundaries that monitor the behavior of the routers within them. KDet is designed to be collusion resistant, ensuring that compromised routers cannot cover for others to avoid detection. Another important characteristic of KDet is that it does not rely on path information: monitoring nodes do not have to know the complete path a packet follows, just the previous and next hop. As a result, KDet can be deployed as an independent daemon without imposing any change in the network, and it will bring improved network robustness. Results from theoretical analysis and simulation show the correctness of the algorithm, its accuracy in detecting forwarding faults, and a comparison in terms of cost and advantages over previous work, that confirms its practical feasibility in WCN.Peer ReviewedPostprint (author's final draft