Recommendation based trust model with an effective defence scheme for MANETs

YesThe reliability of delivering packets through multi-hop intermediate nodes is a significant issue in the mobile ad hoc networks (MANETs). The distributed mobile nodes establish connections to form the MANET, which may include selfish and misbehaving nodes. Recommendation based trust management has been proposed in the literature as a mechanism to filter out the misbehaving nodes while searching for a packet delivery route. However, building a trust model that relies on the recommendations from other nodes in the network is vulnerable to the possible dishonest behaviour, such as bad-mouthing, ballot-stuffing, and collusion, of the recommending nodes. . This paper investigates the problems of attacks posed by misbehaving nodes while propagating recommendations in the existing trust models. We propose a recommendation based trust model with a defence scheme that utilises clustering technique to dynamically filter attacks related to dishonest recommendations within certain time based on number of interactions, compatibility of information and node closeness. The model is empirically tested in several mobile and disconnected topologies in which nodes experience changes in their neighbourhoods and consequently face frequent route changes. The empirical analysis demonstrates robustness and accuracy of the trust model in a dynamic MANET environment

Trust Computational Models for Mobile Ad Hoc Networks. Recommendation Based Trustworthiness Evaluation using Multidimensional Metrics to Secure Routing Protocol in Mobile Ad Hoc Networks.

Distributed systems like e-commerce and e-market places, peer-to-peer networks, social networks, and mobile ad hoc networks require cooperation among the participating entities to guarantee the formation and sustained existence of network services. The reliability of interactions among anonymous entities is a significant issue in such environments. The distributed entities establish connections to interact with others, which may include selfish and misbehaving entities and result in bad experiences. Therefore, trustworthiness evaluation using trust management techniques has become a significant issue in securing these environments to allow entities decide on the reliability and trustworthiness of other entities, besides it helps coping with defection problems and stimulating entities to cooperate. Recent models on evaluating trustworthiness in distributed systems have heavily focused on assessing trustworthiness of entities and isolate misbehaviours based on single trust metrics. Less effort has been put on the investigation of the subjective nature and differences in the way trustworthiness is perceived to produce a composite multidimensional trust metrics to overcome the limitation of considering single trust metric. In the light of this context, this thesis concerns the evaluation of entities’ trustworthiness by the design and investigation of trust metrics that are computed using multiple properties of trust and considering environment. Based on the concept of probabilistic theory of trust management technique, this thesis models trust systems and designs cooperation techniques to evaluate trustworthiness in mobile ad hoc networks (MANETs). A recommendation based trust model with multi-parameters filtering algorithm, and multidimensional metric based on social and QoS trust model are proposed to secure MANETs. Effectiveness of each of these models in evaluating trustworthiness and discovering misbehaving nodes prior to interactions, as well as their influence on the network performance has been investigated. The results of investigating both the trustworthiness evaluation and the network performance are promising.Ministry of Higher Education in Libya and the Libyan Cultural Attaché bureau in Londo

A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process

A layered security approach for cooperation enforcement in MANETs

In fully self-organized MANETs, nodes are naturally reluctant to spend their precious resources forwarding other nodes' packets and are therefore liable to exhibit selfish or sometimes malicious behaviour. This selfishness could potentially lead to network partitioning and network performance degradation. Cooperation enforcement schemes, such as reputation and trust based schemes have been proposed to counteract the issue of selfishness. The sole purpose of these schemes is to ensure selfish nodes bear the consequences of their bad actions. However, malicious nodes can exploit mobility and free identities available to breach the security of these systems and escape punishment or detection. Firstly, in the case of mobility, a malicious node can gain benefit even after having been detected by a reputation-based system, by interacting directly with its source or destination nodes. Secondly, since the lack of infrastructure in MANETs does not suit centralized identity management or centralized Trusted Third Parties, nodes can create zero-cost identities without any restrictions. As a result, a selfish node can easily escape the consequences of whatever misbehaviour it has performed by simply changing identity to clear all its bad history, known as whitewashing. Hence, this makes it difficult to hold malicious nodes accountable for their actions. Finally, a malicious node can concurrently create and control more than one virtual identity to launch an attack, called a Sybil attack. In the context of reputation-based schemes, a Sybil attacker can disrupt the detection accuracy by defaming other good nodes, self-promoting itself or exchanging bogus positive recommendations about one of its quarantined identities. This thesis explores two aspects of direct interactions (DIs), i. e. Dis as a selfish nodes' strategy and Dis produced by inappropriate simulation parameters. In the latter case DIs cause confusion in the results evaluation of reputation-based schemes. We propose a method that uses the service contribution and consumption information to discourage selfish nodes that try to increase their benefit through DIs. We also propose methods that categorize nodes' benefits in order to mitigate the confusion caused in the results evaluation. A novel layered security approach is proposed using proactive and reactive paradigms to counteract whitewashing and Sybil attacks. The proactive paradigm is aimed at removing the advantages that whitewashing can provide by enforcing a non-monetary entry fee per new identity, in the form of cooperation in the network. The results show that this method deters these attackers by reducing their benefits in the network. In the reactive case, we propose a lightweight approach to detect new identities of whitewashers and Sybil attackers on the MAC layer using the 802.11 protocol without using any extra hardware. The experiments show that a signal strength based threshold exists which can help us detect Sybil and whitewashers' identities. Through the help of extensive simulations and real-world testbed experimentations, we are able to demonstrate that our proposed solution detects Sybil or whitewashers' new identities with good accuracy and reduces the benefits of malicious activity even in the presence of mobility

Mitigate denial of service attacks in mobile ad-hoc networks

Wireless networks are proven to be more acceptable by users compared with wired networks for many reasons, namely the ease of setup, reduction in running cost, and ease of use in different situations such as disasters recovery. A Mobile ad-hoc network (MANET) is as an example of wireless networks. MANET consists of a group of hosts called nodes which can communicate freely via wireless links. MANET is a dynamic topology, self-configured, non-fixed infrastructure, and does not have any central administration that controls all nodes among the network. Every device, used in day-to-day living, is assumed to be a network device, and it is managed using Internet Protocols (IP). Information on every electronic device is collected using infrared sensors, voice or video sensors, Radio-Frequency Identification (RFID), etc. The new wireless networks and communications paradigm known as Internet of Things (IoT) is introduced which refers to the range of multiple interconnected devices which communicate and exchange data between one another. MANET becomes prone to many attacks mainly due to its specifications and challenges such as limited bandwidth, nodes mobility and limited energy. This research study focuses specifically on detecting Denial of Service attack (DoS) in MANET. The main purpose of DoS attack is to deprive legitimate users from using their authenticated services such as network resources. Thus, the network performance would degrade and exhaust the network resources such as computing power and bandwidth considerably which lead the network to be deteriorated. Therefore, this research aims to detect DoS attacks in both Single MANET (SM) and Multi MANETs (MM). A novel Monitoring, Detection, and Rehabilitation (MrDR) method is proposed in order to detect DoS attack in MANET. The proposed method is incorporating trust concept between nodes. Trust value is calculated in each node to decide whether the node is trusted or not. To address the problem when two or more MANETs merge to become one big MANET, the novel technique of Merging Using MrDR (MUMrDR) is also applied to detect DoS attack. As the mobility of nodes in MANET, the chance of MANETs merge or partition occurs. Both centralised and decentralised trust concepts are used to deal with IP address conflict and the merging process is completed by applying the MUMrDR method to detect DoS attacks in MM. The simulation results validate the effectiveness in the proposed method to detect different DoS attacks in both SM and MM

An Investigation into Trust and Reputation Frameworks for Autonomous Underwater Vehicles

As Autonomous Underwater Vehicles (AUVs) become more technically capable and economically feasible, they are being increasingly used in a great many areas of defence, commercial and environmental applications. These applications are tending towards using independent, autonomous, ad-hoc, collaborative behaviour of teams or fleets of these AUV platforms. This convergence of research experiences in the Underwater Acoustic Network (UAN) and Mobile Ad-hoc Network (MANET) fields, along with the increasing Level of Automation (LOA) of such platforms, creates unique challenges to secure the operation and communication of these networks. The question of security and reliability of operation in networked systems has usually been resolved by having a centralised coordinating agent to manage shared secrets and monitor for misbehaviour. However, in the sparse, noisy and constrained communications environment of UANs, the communications overheads and single-point-of-failure risk of this model is challenged (particularly when faced with capable attackers). As such, more lightweight, distributed, experience based systems of “Trust” have been proposed to dynamically model and evaluate the “trustworthiness” of nodes within a MANET across the network to prevent or isolate the impact of malicious, selfish, or faulty misbehaviour. Previously, these models have monitored actions purely within the communications domain. Moreover, the vast majority rely on only one type of observation (metric) to evaluate trust; successful packet forwarding. In these cases, motivated actors may use this limited scope of observation to either perform unfairly without repercussions in other domains/metrics, or to make another, fair, node appear to be operating unfairly. This thesis is primarily concerned with the use of terrestrial-MANET trust frameworks to the UAN space. Considering the massive theoretical and practical difference in the communications environment, these frameworks must be reassessed for suitability to the marine realm. We find that current single-metric Trust Management Frameworks (TMFs) do not perform well in a best-case scaling of the marine network, due to sparse and noisy observation metrics, and while basic multi-metric communications-only frameworks perform better than their single-metric forms, this performance is still not at a reliable level. We propose, demonstrate (through simulation) and integrate the use of physical observational metrics for trust assessment, in tandem with metrics from the communications realm, improving the safety, security, reliability and integrity of autonomous UANs. Three main novelties are demonstrated in this work: Trust evaluation using metrics from the physical domain (movement/distribution/etc.), demonstration of the failings of Communications-based Trust evaluation in sparse, noisy, delayful and non-linear UAN environments, and the deployment of trust assessment across multiple domains, e.g. the physical and communications domains. The latter contribution includes the generation and optimisation of cross-domain metric composition or“synthetic domains” as a performance improvement method

Secure Routing and Medium Access Protocols inWireless Multi-hop Networks

While the rapid proliferation of mobile devices along with the tremendous growth of various applications using wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless multi-hop networks has recently received considerable attention in the research community. These relevant security issues are fundamentally different from those of wireline networks due to the special characteristics of wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues are extremely hard to cope with due to the absence of trust relationships between the nodes. To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR, and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows. As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose effective countermeasures. As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters) to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest rather than punishing them

Secure Routing and Medium Access Protocols inWireless Multi-hop Networks

While the rapid proliferation of mobile devices along with the tremendous growth of various applications using wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless multi-hop networks has recently received considerable attention in the research community. These relevant security issues are fundamentally different from those of wireline networks due to the special characteristics of wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues are extremely hard to cope with due to the absence of trust relationships between the nodes. To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR, and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows. As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose effective countermeasures. As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters) to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest rather than punishing them

Towards Trustworthy, Efficient and Scalable Distributed Wireless Systems

Advances in wireless technologies have enabled distributed mobile devices to connect with each other to form distributed wireless systems. Due to the absence of infrastructure, distributed wireless systems require node cooperation in multi-hop routing. However, the openness and decentralized nature of distributed wireless systems where each node labors under a resource constraint introduces three challenges: (1) cooperation incentives that effectively encourage nodes to offer services and thwart the intentions of selfish and malicious nodes, (2) cooperation incentives that are efficient to deploy, use and maintain, and (3) routing to efficiently deliver messages with less overhead and lower delay. While most previous cooperation incentive mechanisms rely on either a reputation system or a price system, neither provides sufficiently effective cooperation incentives nor efficient resource consumption. Also, previous routing algorithms are not sufficiently efficient in terms of routing overhead or delay. In this research, we propose mechanisms to improve the trustworthiness, scalability, and efficiency of the distributed wireless systems. Regarding trustworthiness, we study previous cooperation incentives based on game theory models. We then propose an integrated system that combines a reputation system and a price system to leverage the advantages of both methods to provide trustworthy services. Analytical and simulation results show higher performance for the integrated system compared to the other two systems in terms of the effectiveness of the cooperation incentives and detection of selfish nodes. Regarding scalability in a large-scale system, we propose a hierarchical Account-aided Reputation Management system (ARM) to efficiently and effectively provide cooperation incentives with small overhead. To globally collect all node reputation information to accurately calculate node reputation information and detect abnormal reputation information with low overhead, ARM builds a hierarchical locality-aware Distributed Hash Table (DHT) infrastructure for the efficient and integrated operation of both reputation systems and price systems. Based on the DHT infrastructure, ARM can reduce the reputation management overhead in reputation and price systems. We also design a distributed reputation manager auditing protocol to detect a malicious reputation manager. The experimental results show that ARM can detect the uncooperative nodes that gain fraudulent benefits while still being considered as trustworthy in previous reputation and price systems. Also, it can effectively identify misreported, falsified, and conspiratorial information, providing accurate node reputations that truly reflect node behaviors. Regarding an efficient distributed system, we propose a social network and duration utility-based distributed multi-copy routing protocol for delay tolerant networks based on the ARM system. The routing protocol fully exploits node movement patterns in the social network to increase delivery throughput and decrease delivery delay while generating low overhead. The simulation results show that the proposed routing protocol outperforms the epidemic routing and spray and wait routing in terms of higher message delivery throughput, lower message delivery delay, lower message delivery overhead, and higher packet delivery success rate. The three components proposed in this dissertation research improve the trustworthiness, scalability, and efficiency of distributed wireless systems to meet the requirements of diversified distributed wireless applications

Analysis of cyber risk and associated concentration of research (ACR)² in the security of vehicular edge clouds

Intelligent Transportation Systems (ITS) is a rapidly growing research space with many issues and challenges. One of the major concerns is to successfully integrate connected technologies, such as cloud infrastructure and edge cloud, into ITS. Security has been identified as one of the greatest challenges for the ITS, and security measures require consideration from design to implementation. This work focuses on providing an analysis of cyber risk and associated concentration of research (ACR2). The introduction of ACR2 approach can be used to consider research challenges in VEC and open up further investigation into those threats that are important but under-researched. That is, the approach can identify very high or high risk areas that have a low research concentration. In this way, this research can lay the foundations for the development of further work in securing the future of ITS