Performance Ameliorations of AODV by Black Hole Attack Detection Utilizing IDSAODV as Well as Reverse AODV

The so-called Black Hole Attack is among the most perilous and widespread security attacks in MANET nets, researchers have been tasked with developing strategies to detect it. Two of these methods are the Intrusion Detection System AODV (IDSAODV) as well as the Extended AODV. The present paper attempts to investigate the impact of a Black Hole Attack on the functionality of the network in the existence of single or more attackers. It also evaluates the Extended AODV and IDSAODV in a net in order to see how effectively they could detect and mitigate the attack. For the aim of evaluating its performance, the researchers utilized Throughput, Normalized Routing Load (NRL), and Packet Delivery Ratio (PDR). The comprehensive simulation results show that the IDSAODV application decreased the effect of the attacks. However, it raised the rate of packet delivery to sixty eight percent at the identical time. Reverse AODV, on the other hand, provided superior outcomes, with a PDR of 100%, but also resulted in an exceedingly higher NRL than the IDSAODV. Likewise, the simulation findings demonstrated that the attacking node's position tormented the IDSAODV's functionality

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

Two-tier Intrusion Detection System for Mobile Ad Hoc Networks

Nowadays, a commonly used wireless network (i.e. Wi-Fi) operates with the aid of a fixed infrastructure (i.e. an access point) to facilitate communication between nodes when they roam from one location to another. The need for such a fixed supporting infrastructure limits the adaptability of the wireless network, especially in situations where the deployment of such an infrastructure is impractical. In addition, Wi-Fi limits nodes' communication as it only provides facility for mobile nodes to send and receive information, but not reroute the information across the network. Recent advancements in computer network introduced a new wireless network, known as a Mobile Ad Hoc Network (MANET), to overcome these limitations. MANET has a set of unique characteristics that make it different from other kind of wireless networks. Often referred as a peer to peer network, such a network does not have any fixed topology, thus nodes are free to roam anywhere, and could join or leave the network anytime they desire. Its ability to be setup without the need of any infrastructure is very useful, especially in geographically constrained environments such as in a military battlefield or a disaster relief operation. In addition, through its multi hop routing facility, each node could function as a router, thus communication between nodes could be made available without the need of a supporting fixed router or an access point. However, these handy facilities come with big challenges, especially in dealing with the security issues. This research aims to address MANET security issues by proposing a novel intrusion detection system that could be used to complement existing prevention mechanisms that have been proposed to secure such a network. A comprehensive analysis of attacks and the existing security measures proved that there is a need for an Intrusion Detection System (IDS) to protect MANETs against security threats. The analysis also suggested that the existing IDS proposed for MANET are not immune against a colluding blackmail attack due to the nature of such a network that comprises autonomous and anonymous nodes. The IDS architecture as proposed in this study utilises trust relationships between nodes to overcome this nodes' anonymity issue. Through a friendship mechanism, the problems of false accusations and false alarms caused by blackmail attackers in global detection and response mechanisms could be eliminated. The applicability of the friendship concept as well as other proposed mechanisms to solve MANET IDS related issues have been validated through a set of simulation experiments. Several MANET settings, which differ from each other based on the network's density level, the number of initial trusted friends owned by each node, and the duration of the simulation times, have been used to study the effects of such factors towards the overall performance of the proposed IDS framework. The results obtained from the experiments proved that the proposed concepts are capable to at least minimise i f not fully eliminate the problem currently faced in MANET IDS

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of-the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: quality-of-service and video communication, routing protocol and cross-layer design. A few interesting problems about security and delay-tolerant networks are also discussed. This book is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

Cognitive Security Framework For Heterogeneous Sensor Network Using Swarm Intelligence

Rapid development of sensor technology has led to applications ranging from academic to military in a short time span. These tiny sensors are deployed in environments where security for data or hardware cannot be guaranteed. Due to resource constraints, traditional security schemes cannot be directly applied. Unfortunately, due to minimal or no communication security schemes, the data, link and the sensor node can be easily tampered by intruder attacks. This dissertation presents a security framework applied to a sensor network that can be managed by a cohesive sensor manager. A simple framework that can support security based on situation assessment is best suited for chaotic and harsh environments. The objective of this research is designing an evolutionary algorithm with controllable parameters to solve existing and new security threats in a heterogeneous communication network. An in-depth analysis of the different threats and the security measures applied considering the resource constrained network is explored. Any framework works best, if the correlated or orthogonal performance parameters are carefully considered based on system goals and functions. Hence, a trade-off between the different performance parameters based on weights from partially ordered sets is applied to satisfy application specific requirements and security measures. The proposed novel framework controls heterogeneous sensor network requirements,and balance the resources optimally and efficiently while communicating securely using a multi-objection function. In addition, the framework can measure the affect of single or combined denial of service attacks and also predict new attacks under both cooperative and non-cooperative sensor nodes. The cognitive intuition of the framework is evaluated under different simulated real time scenarios such as Health-care monitoring, Emergency Responder, VANET, Biometric security access system, and Battlefield monitoring. The proposed three-tiered Cognitive Security Framework is capable of performing situation assessment and performs the appropriate security measures to maintain reliability and security of the system. The first tier of the proposed framework, a crosslayer cognitive security protocol defends the communication link between nodes during denial-of-Service attacks by re-routing data through secure nodes. The cognitive nature of the protocol balances resources and security making optimal decisions to obtain reachable and reliable solutions. The versatility and robustness of the protocol is justified by the results obtained in simulating health-care and emergency responder applications under Sybil and Wormhole attacks. The protocol considers metrics from each layer of the network model to obtain an optimal and feasible resource efficient solution. In the second tier, the emergent behavior of the protocol is further extended to mine information from the nodes to defend the network against denial-of-service attack using Bayesian models. The jammer attack is considered the most vulnerable attack, and therefore simulated vehicular ad-hoc network is experimented with varied types of jammer. Classification of the jammer under various attack scenarios is formulated to predict the genuineness of the attacks on the sensor nodes using receiver operating characteristics. In addition to detecting the jammer attack, a simple technique of locating the jammer under cooperative nodes is implemented. This feature enables the network in isolating the jammer or the reputation of node is affected, thus removing the malicious node from participating in future routes. Finally, a intrusion detection system using `bait\u27 architecture is analyzed where resources is traded-off for the sake of security due to sensitivity of the application. The architecture strategically enables ant agents to detect and track the intruders threateningthe network. The proposed framework is evaluated based on accuracy and speed of intrusion detection before the network is compromised. This process of detecting the intrusion earlier helps learn future attacks, but also serves as a defense countermeasure. The simulated scenarios of this dissertation show that Cognitive Security Framework isbest suited for both homogeneous and heterogeneous sensor networks

A framework for traffic flow survivability in wireless networks prone to multiple failures and attacks

Transmitting packets over a wireless network has always been challenging due to failures that have always occurred as a result of many types of wireless connectivity issues. These failures have caused significant outages, and the delayed discovery and diagnostic testing of these failures have exacerbated their impact on servicing, economic damage, and social elements such as technological trust. There has been research on wireless network failures, but little on multiple failures such as node-node, node-link, and link–link failures. The problem of capacity efficiency and fast recovery from multiple failures has also not received attention. This research develops a capacity efficient evolutionary swarm survivability framework, which encompasses enhanced genetic algorithm (EGA) and ant colony system (ACS) survivability models to swiftly resolve node-node, node-link, and link-link failures for improved service quality. The capacity efficient models were tested on such failures at different locations on both small and large wireless networks. The proposed models were able to generate optimal alternative paths, the bandwidth required for fast rerouting, minimized transmission delay, and ensured the rerouting path fitness and good transmission time for rerouting voice, video and multimedia messages. Increasing multiple link failures reveal that as failure increases, the bandwidth used for rerouting and transmission time also increases. This implies that, failure increases bandwidth usage which leads to transmission delay, which in turn slows down message rerouting. The suggested framework performs better than the popular Dijkstra algorithm, proactive, adaptive and reactive models, in terms of throughput, packet delivery ratio (PDR), speed of transmission, transmission delay and running time. According to the simulation results, the capacity efficient ACS has a PDR of 0.89, the Dijkstra model has a PDR of 0.86, the reactive model has a PDR of 0.83, the proactive model has a PDR of 0.83, and the adaptive model has a PDR of 0.81. Another performance evaluation was performed to compare the proposed model's running time to that of other evaluated routing models. The capacity efficient ACS model has a running time of 169.89ms on average, while the adaptive model has a running time of 1837ms and Dijkstra has a running time of 280.62ms. With these results, capacity efficient ACS outperforms other evaluated routing algorithms in terms of PDR and running time. According to the mean throughput determined to evaluate the performance of the following routing algorithms: capacity efficient EGA has a mean throughput of 621.6, Dijkstra has a mean throughput of 619.3, proactive (DSDV) has a mean throughput of 555.9, and reactive (AODV) has a mean throughput of 501.0. Since Dijkstra is more similar to proposed models in terms of performance, capacity efficient EGA was compared to Dijkstra as follows: Dijkstra has a running time of 3.8908ms and EGA has a running time of 3.6968ms. In terms of running time and mean throughput, the capacity efficient EGA also outperforms the other evaluated routing algorithms. The generated alternative paths from these investigations demonstrate that the proposed framework works well in preventing the problem of data loss in transit and ameliorating congestion issue resulting from multiple failures and server overload which manifests when the process hangs. The optimal solution paths will in turn improve business activities through quality data communications for wireless service providers.School of ComputingPh. D. (Computer Science

Privacy preservation in Internet of Things: a secure approach for distributed group authentication through Paillier cryptosystem

Ho creato un applicativo in java per l'autenticazione distribuita di gruppo in ambienti con risorse limitate come Internet of things. L'applicativo è stato testato su una rete MANET da 2 a 5 nodi

Mechanism design and game theoretical models for intrusion detection

In this thesis, we study the problems related to intrusion detection systems in Mobile Ad hoc Networks (MANETs). Specifically, we are addressing the leader election in the presence of selfish nodes, the tradeoff between security and IDS's resource consumption, and the multi-fragment intrusion detection via sampling. To balance the resource consumption among all the nodes and prolong the lifetime of a MANET, the nodes with the most remaining resources should be elected as the leaders. Selfishness is one of the main problems facing such a model where nodes can behave selfishly during the election or after. To address this issue, we present a solution based on the theory of mechanism design. More specifically, the solution provides nodes with incentives in the form of reputations to encourage nodes in participating honestly in the election process. The amount of incentives is based on the Vickrey-Clarke-Groves (VCG) mechanism to ensure that truth-telling is the dominant strategy of any node. To catch and punish a misbehaving elected leader, checkers are selected randomly to monitor the behavior of a leader. To reduce the false-positive rate, a cooperative game-theoretic model is proposed to analyze the contribution of each checker on the catch decision. A multi-stage catch mechanism is also introduced to reduce the performance overhead of checkers. Additionally, we propose a series of local election algorithms that lead to globally optimal election results. Note that the leader election model, which is known as moderate model is only suitable when the probability of attacks is low. Once the probability of attacks is high, victims should launch their own IDSs. Such a robust model is, however, costly with respect to energy, which leads nodes to die fast. Clearly, to reduce the resource consumption of IDSs and yet keep its effectiveness, a critical issue is: When should we shift from moderate to robust mode? Here, we formalize this issue as a nonzero-sum non-cooperative game-theoretical model that takes into consideration the tradeoff between security and IDS resource consumption. Last but not least, we consider the problem of detecting multi-fragments intrusions that are launched from a MANET targeting another network. To generalize our solution, we consider the intrusion to be launched from any type of networks. The detection is accomplished by sampling a subset of the transmitted packets over selected network links or router interfaces. Given a sampling budget, our framework aims at developing a network packet sampling strategy to effectively reduce the success chances of an intruder. Non-cooperative game theory is used to express the problem formally. Finally, empirical results are provided to support our solutions

Analysis and design of security mechanisms in the context of Advanced Persistent Threats against critical infrastructures

Industry 4.0 can be defined as the digitization of all components within the industry, by combining productive processes with leading information and communication technologies. Whereas this integration has several benefits, it has also facilitated the emergence of several attack vectors. These can be leveraged to perpetrate sophisticated attacks such as an Advanced Persistent Threat (APT), that ultimately disrupts and damages critical infrastructural operations with a severe impact. This doctoral thesis aims to study and design security mechanisms capable of detecting and tracing APTs to ensure the continuity of the production line. Although the basic tools to detect individual attack vectors of an APT have already been developed, it is important to integrate holistic defense solutions in existing critical infrastructures that are capable of addressing all potential threats. Additionally, it is necessary to prospectively analyze the requirements that these systems have to satisfy after the integration of novel services in the upcoming years. To fulfill these goals, we define a framework for the detection and traceability of APTs in Industry 4.0, which is aimed to fill the gap between classic security mechanisms and APTs. The premise is to retrieve data about the production chain at all levels to correlate events in a distributed way, enabling the traceability of an APT throughout its entire life cycle. Ultimately, these mechanisms make it possible to holistically detect and anticipate attacks in a timely and autonomous way, to deter the propagation and minimize their impact. As a means to validate this framework, we propose some correlation algorithms that implement it (such as the Opinion Dynamics solution) and carry out different experiments that compare the accuracy of response techniques that take advantage of these traceability features. Similarly, we conduct a study on the feasibility of these detection systems in various Industry 4.0 scenarios