A Framework for Localizing and Neutralization of Jammers in Wireless Networks.

The communication in wireless networks can be severely interrupted by Jammers and information about the jammers position can help to eliminate its attack. The main approach of this paper is to localize and neutralize the jammer in the network based on the energy(JSS) and finding the new route through the network i.e., best route through the network. The best route is defined as the minimum distance in the network that a sender node selects as its boundary or next hop node Thus, in this paper we aim to design a frame work to localize multiple jammers with high accuracy and minimal error factor. An effective means is to measure the strength of jamming signals (JSS). It conceives an evaluation feedback mechanism for localizing jammer as non linear optimization problem, to quantify result close to true jammer position. This paper focuses on localizing multiple jammer considering energy(JSS) as parameter for identifying a node as a jammer and using another parameter i.e., distance between nodes along with their energy(JSS) to find a best path for the communication in a network jammed scenario. DOI: 10.17762/ijritcc2321-8169.15057

A novel cheater and jammer detection scheme for IEEE 802.11-based wireless LANs

The proliferation of IEEE 802.11 networks has made them an easy and attractive target for malicious devices/adversaries which intend to misuse the available network. In this paper, we introduce a novel malicious entity detection method for IEEE 802.11 networks. We propose a new metric, the Beacon Access Time (BAT), which is employed in the detection process and inherits its characteristics from the fact that beacon frames are always given preference in IEEE 802.11 networks. An analytical model to define the aforementioned metric is presented and evaluated with experiments and simulations. Furthermore, we evaluate the adversary detection capabilities of our scheme by means of simulations and experiments over a real testbed. The simulation and experimental results indicate consistency and both are found to follow the trends indicated in the analytical model. Measurement results indicate that our scheme is able to correctly detect a malicious entity at a distance of, at least, 120 m. Analytical, simulation and experimental results signify the validity of our scheme and highlight the fact that our scheme is both efficient and successful in detecting an adversary (either a jammer or a cheating device). As a proof of concept, we developed an application that when deployed at the IEEE 802.11 Access Point, is able to effectively detect an adversary. (C) 2015 Elsevier B.V. All rights reserved.Postprint (author's final draft

Secure and Reliable Wireless Communication through End-to-End-based Solution

In the past few decades, network architectures and protocols are often designed to achieve a high throughput and a low latency. Security was rarely considered during the initial design phases. As a result, many network systems are insecure by design. Once they are widely deployed, the inherent vulnerabilities may be difficult to eliminate due to the prohibitive update cost. In this dissertation, we examine such types of vulnerabilities in various networks and design end-to-end-based solutions that allow end systems to address such loopholes. The end-to-end argument was originally proposed to let end hosts implement application-specific functions rather than letting intermediate network nodes (i.e., routers) perform unneeded functions. In this dissertation, we apply the end-to-end principle to address three problems in wireless networks that are caused by design flaw with following reasons: either because integrating solutions into a large number of already deployed intermediate nodes is not a viable option or because end hosts are in a better position to cope with the problems. First, we study the problem of jamming in a multihop wireless network. Jamming attacks are possible because wireless networks communicate over a shared medium. It is easy to launch a jamming attack but is difficult to defend against it. To ensure the end-to-end packet delivery, we propose a jamming-resilient multipath routing algorithm that maximizes end-to-end availability based on the availability history between sources and destinations. Second, we investigate caller ID spoofing attacks in telephone networks in which an attacker can send a fake caller ID to a callee rather than her real one to impersonate as someone else. Such attacks are possible because there is no caller ID authentication mechanism in operator interconnection protocols. Modifying current protocols to verify caller ID between operators may be infeasible due to the scale of deployed systems. So, we propose two schemes to detect caller ID spoofing attacks based on end-to-end verification. Finally, we examine evil twin access point attacks in wireless hotspots. In such attacks, an adversary sets up a phishing access point that has the same Service Set IDentification (SSID) as the legitimate ones in the hotspot. Such attacks are easy to launch because of how 802.11 standards are designed. Existing solutions take away convenience from the user while providing security. Our aim is to detect evil twin access point attacks in wireless hotspots without modifying how access point works in hotspots and without additional infrastructure support. We propose an end-to-end-based mechanism that can effectively detect evil twin access point attacks in wireless hotspots

Synoptic analysis techniques for intrusion detection in wireless networks

Current system administrators are missing intrusion alerts hidden by large numbers of false positives. Rather than accumulation more data to identify true alerts, we propose an intrusion detection tool that e?ectively uses select data to provide a picture of ?network health?. Our hypothesis is that by utilizing the data available at both the node and cooperative network levels we can create a synoptic picture of the network providing indications of many intrusions or other network issues. Our major contribution is to provide a revolutionary way to analyze node and network data for patterns, dependence, and e?ects that indicate network issues. We collect node and network data, combine and manipulate it, and tease out information about the state of the network. We present a method based on utilizing the number of packets sent, number of packets received, node reliability, route reliability, and entropy to develop a synoptic picture of the network health in the presence of a sinkhole and a HELLO Flood attacker. This method conserves network throughput and node energy by requiring no additional control messages to be sent between the nodes unless an attacker is suspected. We intend to show that, although the concept of an intrusion detection system is not revolutionary, the method in which we analyze the data for clues about network intrusion and performance is highly innovative

Cognitive Security Framework For Heterogeneous Sensor Network Using Swarm Intelligence

Rapid development of sensor technology has led to applications ranging from academic to military in a short time span. These tiny sensors are deployed in environments where security for data or hardware cannot be guaranteed. Due to resource constraints, traditional security schemes cannot be directly applied. Unfortunately, due to minimal or no communication security schemes, the data, link and the sensor node can be easily tampered by intruder attacks. This dissertation presents a security framework applied to a sensor network that can be managed by a cohesive sensor manager. A simple framework that can support security based on situation assessment is best suited for chaotic and harsh environments. The objective of this research is designing an evolutionary algorithm with controllable parameters to solve existing and new security threats in a heterogeneous communication network. An in-depth analysis of the different threats and the security measures applied considering the resource constrained network is explored. Any framework works best, if the correlated or orthogonal performance parameters are carefully considered based on system goals and functions. Hence, a trade-off between the different performance parameters based on weights from partially ordered sets is applied to satisfy application specific requirements and security measures. The proposed novel framework controls heterogeneous sensor network requirements,and balance the resources optimally and efficiently while communicating securely using a multi-objection function. In addition, the framework can measure the affect of single or combined denial of service attacks and also predict new attacks under both cooperative and non-cooperative sensor nodes. The cognitive intuition of the framework is evaluated under different simulated real time scenarios such as Health-care monitoring, Emergency Responder, VANET, Biometric security access system, and Battlefield monitoring. The proposed three-tiered Cognitive Security Framework is capable of performing situation assessment and performs the appropriate security measures to maintain reliability and security of the system. The first tier of the proposed framework, a crosslayer cognitive security protocol defends the communication link between nodes during denial-of-Service attacks by re-routing data through secure nodes. The cognitive nature of the protocol balances resources and security making optimal decisions to obtain reachable and reliable solutions. The versatility and robustness of the protocol is justified by the results obtained in simulating health-care and emergency responder applications under Sybil and Wormhole attacks. The protocol considers metrics from each layer of the network model to obtain an optimal and feasible resource efficient solution. In the second tier, the emergent behavior of the protocol is further extended to mine information from the nodes to defend the network against denial-of-service attack using Bayesian models. The jammer attack is considered the most vulnerable attack, and therefore simulated vehicular ad-hoc network is experimented with varied types of jammer. Classification of the jammer under various attack scenarios is formulated to predict the genuineness of the attacks on the sensor nodes using receiver operating characteristics. In addition to detecting the jammer attack, a simple technique of locating the jammer under cooperative nodes is implemented. This feature enables the network in isolating the jammer or the reputation of node is affected, thus removing the malicious node from participating in future routes. Finally, a intrusion detection system using `bait\u27 architecture is analyzed where resources is traded-off for the sake of security due to sensitivity of the application. The architecture strategically enables ant agents to detect and track the intruders threateningthe network. The proposed framework is evaluated based on accuracy and speed of intrusion detection before the network is compromised. This process of detecting the intrusion earlier helps learn future attacks, but also serves as a defense countermeasure. The simulated scenarios of this dissertation show that Cognitive Security Framework isbest suited for both homogeneous and heterogeneous sensor networks

A Mixed-Integer Programming Approach for Jammer Placement Problems for Flow-Jamming Attacks on Wireless Communication Networks

In this dissertation, we study an important problem of security in wireless networks. We study different attacks and defense strategies in general and more specifically jamming attacks. We begin the dissertation by providing a tutorial introducing the operations research community to the various types of attacks and defense strategies in wireless networks. In this tutorial, we give examples of mathematical programming models to model jamming attacks and defense against jamming attacks in wireless networks. Later we provide a comprehensive taxonomic classification of the various types of jamming attacks and defense against jamming attacks. The classification scheme will provide a one stop location for future researchers on various jamming attack and defense strategies studied in literature. This classification scheme also highlights the areas of research in jamming attack and defense against jamming attacks which have received less attention and could be a good area of focus for future research. In the next chapter, we provide a bi-level mathematical programming model to study jamming attack and defense strategy. We solve this using a game-theoretic approach and also study the impact of power level, location of jamming device, and the number of transmission channels available to transmit data on the attack and defense against jamming attacks. We show that by increasing the number of jamming devices the throughput of the network drops by at least 7%. Finally we study a special type of jamming attack, flow-jamming attack. We provide a mathematical programming model to solve the location of jamming devices to increase the impact of flow-jamming attacks on wireless networks. We provide a Benders decomposition algorithm along with some acceleration techniques to solve large problem instances in reasonable amount of time. We draw some insights about the impact of power, location and size of the network on the impact of flow-jamming attacks in wireless networks

A Mixed-Integer Programming Approach for Jammer Placement Problems for Flow-Jamming Attacks on Wireless Communication Networks

In this dissertation, we study an important problem of security in wireless networks. We study different attacks and defense strategies in general and more specifically jamming attacks. We begin the dissertation by providing a tutorial introducing the operations research community to the various types of attacks and defense strategies in wireless networks. In this tutorial, we give examples of mathematical programming models to model jamming attacks and defense against jamming attacks in wireless networks. Later we provide a comprehensive taxonomic classification of the various types of jamming attacks and defense against jamming attacks. The classification scheme will provide a one stop location for future researchers on various jamming attack and defense strategies studied in literature. This classification scheme also highlights the areas of research in jamming attack and defense against jamming attacks which have received less attention and could be a good area of focus for future research. In the next chapter, we provide a bi-level mathematical programming model to study jamming attack and defense strategy. We solve this using a game-theoretic approach and also study the impact of power level, location of jamming device, and the number of transmission channels available to transmit data on the attack and defense against jamming attacks. We show that by increasing the number of jamming devices the throughput of the network drops by at least 7%. Finally we study a special type of jamming attack, flow-jamming attack. We provide a mathematical programming model to solve the location of jamming devices to increase the impact of flow-jamming attacks on wireless networks. We provide a Benders decomposition algorithm along with some acceleration techniques to solve large problem instances in reasonable amount of time. We draw some insights about the impact of power, location and size of the network on the impact of flow-jamming attacks in wireless networks

Interference Mitigation and Localization Based on Time-Frequency Analysis for Navigation Satellite Systems

Interference Mitigation and Localization Based on Time-Frequency Analysis for Navigation Satellite SystemsNowadays, the operation of global navigation satellite systems (GNSS) is imperative across a multitude of applications worldwide. The increasing reliance on accurate positioning and timing information has made more serious than ever the consequences of possible service outages in the satellite navigation systems. Among others, interference is regarded as the primary threat to their operation. Due the recent proliferation of portable interferers, notably jammers, it has now become common for GNSS receivers to endure simultaneous attacks from multiple sources of interference, which are likely spatially distributed and transmit different modulations. To the best knowledge of the author, the present dissertation is the first publication to investigate the use of the S-transform (ST) to devise countermeasures to interference. The original contributions in this context are mainly: • the formulation of a complexity-scalable ST implementable in real time as a bank of filters; • a method for characterizing and localizing multiple in-car jammers through interference snapshots that are collected by separate receivers and analysed with a clever use of the ST; • a preliminary assessment of novel methods for mitigating generic interference at the receiver end by means the ST and more computationally efficient variants of the transform. Besides GNSSs, the countermeasures to interference proposed are equivalently applicable to protect any direct-sequence spread spectrum (DS-SS) communication