827 research outputs found
Two-tier Intrusion Detection System for Mobile Ad Hoc Networks
Nowadays, a commonly used wireless network (i.e. Wi-Fi) operates with the aid of a fixed
infrastructure (i.e. an access point) to facilitate communication between nodes when they
roam from one location to another. The need for such a fixed supporting infrastructure
limits the adaptability of the wireless network, especially in situations where the
deployment of such an infrastructure is impractical. In addition, Wi-Fi limits nodes'
communication as it only provides facility for mobile nodes to send and receive
information, but not reroute the information across the network. Recent advancements in
computer network introduced a new wireless network, known as a Mobile Ad Hoc
Network (MANET), to overcome these limitations.
MANET has a set of unique characteristics that make it different from other kind of
wireless networks. Often referred as a peer to peer network, such a network does not have
any fixed topology, thus nodes are free to roam anywhere, and could join or leave the
network anytime they desire. Its ability to be setup without the need of any infrastructure is
very useful, especially in geographically constrained environments such as in a military
battlefield or a disaster relief operation. In addition, through its multi hop routing facility,
each node could function as a router, thus communication between nodes could be made
available without the need of a supporting fixed router or an access point. However, these
handy facilities come with big challenges, especially in dealing with the security issues.
This research aims to address MANET security issues by proposing a novel intrusion
detection system that could be used to complement existing prevention mechanisms that
have been proposed to secure such a network.
A comprehensive analysis of attacks and the existing security measures proved that there is
a need for an Intrusion Detection System (IDS) to protect MANETs against security threats.
The analysis also suggested that the existing IDS proposed for MANET are not immune
against a colluding blackmail attack due to the nature of such a network that comprises
autonomous and anonymous nodes. The IDS architecture as proposed in this study utilises
trust relationships between nodes to overcome this nodes' anonymity issue. Through a
friendship mechanism, the problems of false accusations and false alarms caused by
blackmail attackers in global detection and response mechanisms could be eliminated.
The applicability of the friendship concept as well as other proposed mechanisms to solve
MANET IDS related issues have been validated through a set of simulation experiments.
Several MANET settings, which differ from each other based on the network's density
level, the number of initial trusted friends owned by each node, and the duration of the
simulation times, have been used to study the effects of such factors towards the overall
performance of the proposed IDS framework. The results obtained from the experiments
proved that the proposed concepts are capable to at least minimise i f not fully eliminate the
problem currently faced in MANET IDS
Intrusion tolerant routing with data consensus in wireless sensor networks
Dissertação para obtenção do Grau de Mestre em
Engenharia InformáticaWireless sensor networks (WSNs) are rapidly emerging and growing as an important
new area in computing and wireless networking research. Applications of WSNs are numerous,
growing, and ranging from small-scale indoor deployment scenarios in homes
and buildings to large scale outdoor deployment settings in natural, industrial, military
and embedded environments. In a WSN, the sensor nodes collect data to monitor physical
conditions or to measure and pre-process physical phenomena, and forward that
data to special computing nodes called Syncnodes or Base Stations (BSs). These nodes
are eventually interconnected, as gateways, to other processing systems running applications.
In large-scale settings, WSNs operate with a large number of sensors – from hundreds
to thousands of sensor nodes – organised as ad-hoc multi-hop or mesh networks, working
without human supervision. Sensor nodes are very limited in computation, storage,
communication and energy resources. These limitations impose particular challenges in
designing large scale reliable and secure WSN services and applications. However, as
sensors are very limited in their resources they tend to be very cheap. Resilient solutions
based on a large number of nodes with replicated capabilities, are possible approaches to
address dependability concerns, namely reliability and security requirements and fault
or intrusion tolerant network services.
This thesis proposes, implements and tests an intrusion tolerant routing service for
large-scale dependable WSNs. The service is based on a tree-structured multi-path routing
algorithm, establishing multi-hop and multiple disjoint routes between sensors and
a group of BSs. The BS nodes work as an overlay, processing intrusion tolerant data consensus
over the routed data. In the proposed solution the multiple routes are discovered,
selected and established by a self-organisation process. The solution allows the WSN
nodes to collect and route data through multiple disjoint routes to the different BSs, with
a preventive intrusion tolerance approach, while handling possible Byzantine attacks and
failures in sensors and BS with a pro-active recovery strategy supported by intrusion and
fault tolerant data-consensus algorithms, performed by the group of Base Stations
Trust models in wireless sensor networks: A survey
This paper introduces the security and trust concepts in wireless sensor networks and explains the difference between them, stating that even though both terms are used interchangeably when defining a secure system, they are not the same. The difference between reputation and trust is also explained, highlighting that reputation partially affects trust. The methodologies used to model trust and their references are presented. The factors affecting trust updating are summarised and some examples of the systems in which these factors have been implemented are given. The survey states that, even though researchers have started to explore the issue of trust in wireless sensor networks, they are still examining the trust associated with routing messages between nodes (binary events). However, wireless sensor networks are mainly deployed to monitor events and report data, both continuous and discrete. This leads to the development of new trust models addressing the continuous data issue and also to combine the data trust and the communication trust to infer the total trust. © 2010 Springer-Verlag Berlin Heidelberg
Anomaly Recognition in Wireless Ad-hoc Network by using Ant Colony Optimization and Deep Learning
As a result of lower initial investment, greater portability, and lower operational expenses, wireless networks are rapidly replacing their wired counterparts. The new technology that is on the rise is the Mobile Ad-Hoc Network (MANET), which operates without a fixed network infrastructure, can change its topology on the fly, and requires no centralised administration to manage its individual nodes. As a result, MANETs must focus on network efficiency and safety. It is crucial in MANET to pay attention to outliers that may affect QoS settings. Nonetheless, despite the numerous studies devoted to anomaly detection in MANET, security breaches and performance difficulties keep coming back. There is an increased need to provide strategies and approaches that help networks be more safe and robust due to the wide variety of security and performance challenges in MANET. This study presents outlier detection strategies for addressing security and performance challenges in MANET, with a special focus on network anomaly identification. The suggested work utilises a dynamic threshold and outlier detection to tackle the security and performance challenges in MANETs, taking into account metrics such as end-to-end delay, jitter, throughput, packet drop, and energy usage
Design and implementation of architectures for the deployment of secure community wireless networks
Recientes avances en las tecnologías de la comunicación, así como la proliferación de nuevos dispositivos de computación, están plasmando nuestro entorno hacia un Internet ubicuo. Internet ofrece una plataforma global para acceder con bajo coste a una vasta gama de servicios de telecomunicaciones, como el correo electrónico, comercio electrónico, tele-educación, tele-salud y tele-medicina a bajo coste. Sin embargo, incluso en los países más desarrollados, un gran número de áreas rurales todavía están pobremente equipadas con una infraestructura básica de telecomunicaciones. Hoy en día, existen algunos esfuerzos para resolver esta falta de infraestructura, pero resultan todavía insuficientes.
Con este objetivo presentamos en esta tesis RuralNet, una red comunitaria inalámbrica para proveer acceso a Internet de forma personalizada a los subscriptores de un área rural. Los objetivos de este estudio han sido el desarrollo de una nueva arquitectura para ofrecer un acceso a Internet flexible y seguro para zonas rurales aisladas. RuralNet combina el paradigma de las redes mesh y el uso de los dispositivos inalámbricos embebidos más económicos para ofrecer un gran número de servicios y aplicaciones basados en Internet. La solución desarrollada por RuralNet es capaz de cubrir grandes áreas a bajo coste, y puede también ser fácilmente desplegado y extendido tanto en términos de cobertura como de servicios ofrecidos.
Dado que la implementación y la evaluación de RuralNet requiere un alto coste y una gran cantidad de mano de obra, hemos considerado que la simulación y la emulación eran una alternativa válida para ahorrar costes. Con este objetivo hemos desarrollado Castadiva, un emulador flexible proyectado para la evaluación de redes MANET y mesh. Castadiva es un emulador basado en dispositivos de bajo coste, utilizado para evaluar los protocolos y las aplicaciones desarrolladas.Hortelano Otero, J. (2011). Design and implementation of architectures for the deployment of secure community wireless networks [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/10079Palanci
AIDPS:Adaptive Intrusion Detection and Prevention System for Underwater Acoustic Sensor Networks
Underwater Acoustic Sensor Networks (UW-ASNs) are predominantly used for
underwater environments and find applications in many areas. However, a lack of
security considerations, the unstable and challenging nature of the underwater
environment, and the resource-constrained nature of the sensor nodes used for
UW-ASNs (which makes them incapable of adopting security primitives) make the
UW-ASN prone to vulnerabilities. This paper proposes an Adaptive decentralised
Intrusion Detection and Prevention System called AIDPS for UW-ASNs. The
proposed AIDPS can improve the security of the UW-ASNs so that they can
efficiently detect underwater-related attacks (e.g., blackhole, grayhole and
flooding attacks). To determine the most effective configuration of the
proposed construction, we conduct a number of experiments using several
state-of-the-art machine learning algorithms (e.g., Adaptive Random Forest
(ARF), light gradient-boosting machine, and K-nearest neighbours) and concept
drift detection algorithms (e.g., ADWIN, kdqTree, and Page-Hinkley). Our
experimental results show that incremental ARF using ADWIN provides optimal
performance when implemented with One-class support vector machine (SVM)
anomaly-based detectors. Furthermore, our extensive evaluation results also
show that the proposed scheme outperforms state-of-the-art bench-marking
methods while providing a wider range of desirable features such as scalability
and complexity
- …