Two-tier Intrusion Detection System for Mobile Ad Hoc Networks

Nowadays, a commonly used wireless network (i.e. Wi-Fi) operates with the aid of a fixed infrastructure (i.e. an access point) to facilitate communication between nodes when they roam from one location to another. The need for such a fixed supporting infrastructure limits the adaptability of the wireless network, especially in situations where the deployment of such an infrastructure is impractical. In addition, Wi-Fi limits nodes' communication as it only provides facility for mobile nodes to send and receive information, but not reroute the information across the network. Recent advancements in computer network introduced a new wireless network, known as a Mobile Ad Hoc Network (MANET), to overcome these limitations. MANET has a set of unique characteristics that make it different from other kind of wireless networks. Often referred as a peer to peer network, such a network does not have any fixed topology, thus nodes are free to roam anywhere, and could join or leave the network anytime they desire. Its ability to be setup without the need of any infrastructure is very useful, especially in geographically constrained environments such as in a military battlefield or a disaster relief operation. In addition, through its multi hop routing facility, each node could function as a router, thus communication between nodes could be made available without the need of a supporting fixed router or an access point. However, these handy facilities come with big challenges, especially in dealing with the security issues. This research aims to address MANET security issues by proposing a novel intrusion detection system that could be used to complement existing prevention mechanisms that have been proposed to secure such a network. A comprehensive analysis of attacks and the existing security measures proved that there is a need for an Intrusion Detection System (IDS) to protect MANETs against security threats. The analysis also suggested that the existing IDS proposed for MANET are not immune against a colluding blackmail attack due to the nature of such a network that comprises autonomous and anonymous nodes. The IDS architecture as proposed in this study utilises trust relationships between nodes to overcome this nodes' anonymity issue. Through a friendship mechanism, the problems of false accusations and false alarms caused by blackmail attackers in global detection and response mechanisms could be eliminated. The applicability of the friendship concept as well as other proposed mechanisms to solve MANET IDS related issues have been validated through a set of simulation experiments. Several MANET settings, which differ from each other based on the network's density level, the number of initial trusted friends owned by each node, and the duration of the simulation times, have been used to study the effects of such factors towards the overall performance of the proposed IDS framework. The results obtained from the experiments proved that the proposed concepts are capable to at least minimise i f not fully eliminate the problem currently faced in MANET IDS

Sustainable Network by Enhancing Attribute-Based Selection Mechanism Using Lagrange Interpolation

The security framework in Ad-hoc Networks (ANET) continues to attract the attention of researchers, although significant work has been accomplished already. Researchers in the last couple of years have shown quite an improvement in Identity Dependent Cryptography (IDC). Security in ANET is hard to attain due to the vulnerability of links (Wireless). IDC encompasses Polynomial Interpolations (PI) such as Lagrange, curve-fitting, and spline to provide security by implementing Integrated Key Management (IKM). The PI structure trusts all the available nodes in the network and randomly picks nodes for the security key generation. This paper presents a solution to the trust issues raised in Lagrange’s-PI (LI) utilizing an artificial neural network and attribute-based tree structure. The proposed structure not only improves the trust factor but also enhances the accuracy measures of LI to provide a sustainable network system. Throughput, PDR, noise, and latency have been increased by 47%, 50%, 34%, and 30%, respectively, by using LI and incorporating the aforementioned techniques

Beyond retigabine: Design, identification, and pharmacological characterization of novel neuronal Kv7 channel activators

The Kv7 subfamily of voltage-gated potassium channels includes 5 members (Kv7.1-Kv7.5) having distinct expression patterns and physiological roles. Kv7.2 and Kv7.3 subunits are mainly expressed in the nervous system, where they underlie the so-called M-current (IKM), a sub-threshold K+ current controlling action potential generation. Neuronal Kv7 potassium channels are critical regulators of neuronal excitability; indeed, loss-of-function mutations in the genes encoding for Kv7.2 and Kv7.3 are responsible for a wide spectrum of early-onset epilepsies. On the other hand, retigabine is a strong activator of the Kv7 currents, representing the first antiepileptic drug acting on Kv7 channels. Approved in 2011 for adjunctive therapy in adults showing drug-resistant partial onset seizures with or without secondary generalization, retigabine suppresses neuronal hyperexcitability by shifting the Kv7.2/3 current activation threshold toward more hyperpolarized potentials, thereby increasing their maximal current. Unfortunately, retigabine, suffers from considerable drawbacks including poor selectivity for Kv7 subtypes, short half-life, poor brain penetration and chemical instability. The latter, represents one of the main clinical concern over retigabine; light exposure may cause photodegradation and oxidation, leading to dimer formation, which induces retinal and mucocutaneous blue-gray discoloration in patients taking the drugs more than 3 years. For these reasons, leading to a progressively reduced use of the drug, the manufacturing company (GSK) has decided to withdraw the drug from the market since June 2017. Since no KCNQ activator is currently available for clinical use, this work originates from our effort to identify novel and safer IKM activators. For this purpose, we synthesized a library of 41 retigabine derivatives, structurally characterized by modification that aim to overcome at least some of the limitations of retigabine and we developed a fluorescence-based assay to rapidly evaluate the effect of these derivatives on Kv7 channel

Enforcing Secure and Privacy-Preserving Information Brokering in Distributed Information Sharing

Today’s organizations raise an increasing need for information sharing via on-demand access. Information Brokering Systems (IBSs) have been proposed to connect large-scale loosely-federated data sources via a brokering overlay, in which the brokers make routing decisions to direct client queries to the requested data servers. Many existing IBSs assume that brokers are trusted and thus only adopt server-side access control for data confidentiality. However, privacy of data location and data consumer can still be inferred from metadata (such as query and access control rules) exchanged within the IBS, but little attention has been put on its protection. In this article, we propose a novel approach to preserve privacy of multiple stakeholders involved in the information brokering process. We are among the first to formally define two privacy attacks, namely attribute-correlation attack and inference attack, and propose two countermeasure schemes automaton segmentation and query segment encryption to securely share the routing decision making responsibility among a selected set brokering servers. With comprehensive security analysis and experimental results, we show that our approach seamlessly integrates security enforcement with query routing to provide system-wide security with insignificant overhead

SEMAN - uma proposta de Middleware seguro para as redes ad hoc móveis

Orientador : Prof. Dr. Luiz Carlos Pessoa AlbiniTese (doutorado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Ciência da Computação. Defesa: Curitiba, 04/04/2014Inclui referênciasResumo: Devido às particularidades das redes ad hoc móveis (MANETs - Mobile Ad Hoc Networks), como a topologia dinâmica, a ausência de infraestrutura e a sua característica decentralizada, a implementação de aplicações complexas e flexíveis para estas redes torna-se um desafio. Para permitir o desenvolvimento dessas aplicações, diversas soluções de middleware foram propostas. Contudo, as soluções encontradas não consideram plenamente os requisitos de segurança dessas redes. Este trabalho apresenta um estudo dos middlewares propostos para as MANETs, relatando o seu funcionamento e apresentando um comparativo das funcionalidades disponíveis. Esses middlewares são categorizados de acordo com a seguinte classificação, proposta neste trabalho: baseados em espaços de tuplas, baseados em P2P, baseados em contexto, cross-layer e orientados à aplicação. Em seguida, com base nas limitações estudadas, é proposto um novo middleware de segurança para as MANETs, chamado de SEcure Middleware for Ad hoc Mobile Networks (SEMAN - Middleware seguro para as redes ad hoc móveis), que fornece um conjunto de serviços de segurança para facilitar o desenvolvimento de aplicações distribuídas, complexas e flexíveis. Para fornecer tais serviços e garantir a segurança, o SEMAN considera o contexto das aplicações e organiza os nós em grupos, também baseados nesses contextos. O middleware prevê três módulos: serviço, processamento e segurança. O módulo de serviço é responsável por manter todos os serviços e aplicações que são disponibilizados pelo nó hospedeiro a outros nós da rede. O módulo de processamento é responsável por manter o funcionamento central do middleware, atendendo os pedidos e gerenciando o registro dos serviços e componentes disponíveis. O módulo de segurança é o ponto principal do middleware e o foco desta tese. Ele possui os componentes de gerenciamento de chaves, de confiança e de grupos. Todos esses componentes foram desenvolvidos pelo autor e são descritos neste trabalho. Eles são suportados por um núcleo de operações criptográficas e atuam de acordo com regras e políticas de segurança. A integração desses componentes fornece garantias de segurança contra ataques às aplicações que utilizam o middleware.Abstract: Due to the particularities of Mobile Ad Hoc Networks (MANETs), as their dynamic topology, lack of infrastructure and decentralized characteristic, the implementation of complex and flexible applications is a challenge. To enable the deployment of these applications, several middleware solutions were proposed. However, these solutions do not completely consider the security requirements of these networks. This thesis presents middleware solutions for MANETs, by describing their operations and presenting a comparative of the available functionalities. The middlewares were grouped according to this classification: tuple space-based, P2P-based, context-based, cross-layer and applicationoriented. Then, based on the limitations of the studied solutions, a new secure middleware is proposed, called SEcure Middleware for Ad hoc Networks (SEMAN), which provides a set of basic and secure services to MANETs aiming to facilitate the development of distributed, complex and flexible applications. To provide such services and ensure security to the applications, SEMAN considers the context of applications and organizes nodes into groups, also based on these contexts. The middleware includes three modules: service, processing, and security. Service module is responsible for maintaining all services and applications hosted by nodes. The processing module is responsible for maintaining the middleware core operation, listening the requests and managing the registry of available services and components. The security module is the main part of the middleware and the focus of this thesis. It has the following components: key management, trust management and group management. All these components were developed and are described in this work. They are supported by a cryptographic core and behave according to security rules and policies. The integration of these components provides security assurance against attacks to the applications that use the middleware

Spacelab system analysis: A study of the Marshall Avionics System Testbed (MAST)

An analysis of the Marshall Avionics Systems Testbed (MAST) communications requirements is presented. The average offered load for typical nodes is estimated. Suitable local area networks are determined

Intelligent Circuits and Systems

ICICS-2020 is the third conference initiated by the School of Electronics and Electrical Engineering at Lovely Professional University that explored recent innovations of researchers working for the development of smart and green technologies in the fields of Energy, Electronics, Communications, Computers, and Control. ICICS provides innovators to identify new opportunities for the social and economic benefits of society.　 This conference bridges the gap between academics and R&D institutions, social visionaries, and experts from all strata of society to present their ongoing research activities and foster research relations between them. It provides opportunities for the exchange of new ideas, applications, and experiences in the field of smart technologies and finding global partners for future collaboration. The ICICS-2020 was conducted in two broad categories, Intelligent Circuits & Intelligent Systems and Emerging Technologies in Electrical Engineering

High Speed and Low-Complexity Hardware Architectures for Elliptic Curve-Based Crypto-Processors

The elliptic curve cryptography (ECC) has been identified as an efficient scheme for public-key cryptography. This thesis studies efficient implementation of ECC crypto-processors on hardware platforms in a bottom-up approach. We first study efficient and low-complexity architectures for finite field multiplications over Gaussian normal basis (GNB). We propose three new low-complexity digit-level architectures for finite field multiplication. Architectures are modified in order to make them more suitable for hardware implementations specially focusing on reducing the area usage. Then, for the first time, we propose a hybrid digit-level multiplier architecture which performs two multiplications together (double-multiplication) with the same number of clock cycles required as the one for one multiplication. We propose a new hardware architecture for point multiplication on newly introduced binary Edwards and generalized Hessian curves. We investigate higher level parallelization and lower level scheduling for point multiplication on these curves. Also, we propose a highly parallel architecture for point multiplication on Koblitz curves by modifying the addition formulation. Several FPGA implementations exploiting these modifications are presented in this thesis. We employed the proposed hybrid multiplier architecture to reduce the latency of point multiplication in ECC crypto-processors as well as the double-exponentiation. This scheme is the first known method to increase the speed of point multiplication whenever parallelization fails due to the data dependencies amongst lower level arithmetic computations. Our comparison results show that our proposed multiplier architectures outperform the counterparts available in the literature. Furthermore, fast computation of point multiplication on different binary elliptic curves is achieved

Exact Diffusion Learning over Networks

In this dissertation, we study optimization, adaptation, and learning problems over connected networks. In these problems, each agent $k$ collects and learns from its own local data and is able to communicate with its local neighbors. While each single node in the network may not be capable of sophisticated behavior on its own, the agents collaborate to solve large-scale and challenging learning problems. Different approaches have been proposed in the literature to boost the learning capabilities of networked agents. Among these approaches, the class of diffusion strategies has been shown to be particularly well-suited due to their enhanced stability range over other methods and improved performance in adaptive scenarios. However, diffusion implementations suffer from a small inherent bias in the iterates. When a constant step-size is employed to solve deterministic optimization problems, the iterates generated by the diffusion strategy will converge to a small neighborhood around the desired global solution but not to the exact solution itself. This bias is not due to any gradient noise arising from stochastic approximation; it is instead due to the update structure in diffusion implementations. The existence of the bias leads to three questions: (1) What is the origin of this inherent bias? (2) Can it be eliminated? (3) Does the correction of the bias bring benefits to distributed optimization, distributed adaptation, or distributed learning?This dissertation provides affirmative solutions to these questions. Specifically, we design a new {\em exact diffusion} approach that eliminates the inherent bias in diffusion. Exact diffusion has almost the same structure as diffusion, with the addition of a ``correction'' step between the adaptation and combination steps. Next, this dissertation studies the performance of exact diffusion for the scenarios of distributed optimization, distributed adaptation, and distributed learning, respectively. For distributed optimization, exact diffusion is proven to converge exponentially fast to the {\em exact} global solution under proper conditions. For distributed adaptation, exact diffusion is proven to have better steady-state mean-square-error than diffusion, and this superiority is analytically shown to be more evident for sparsely-connected networks such as line, cycle, grid, and other topologies. In distributed learning, exact diffusion can be integrated with the amortized variance-reduced gradient method (AVRG) so that it converges exponentially fast to the exact global solution while employing stochastic gradients per iteration. This dissertation also compares exact diffusion with other state-of-the-art methods in literature. Intensive numerical simulations are provided to illustrate the theoretical results derived in the dissertation

Agile Knowledge Management; A Review, Reconceptualization, and Extension to Military Applications

The purpose of this research is to explore the conceptual background of agility in knowledge management, re-conceptualize it and extend it to military applications with a special focus on Counterinsurgency (COIN). An initial qualitative exploration of agility in knowledge management was performed. Three different concepts and their interrelationships were analyzed: (1) knowledge management, (2) agility in operations, and (3) military organizations in the COIN environment. Findings from this initial qualitative analysis were used to inductively redefine, re-conceptualize and extend the concept of Agile Knowledge Management (AKM), as well as, to compare and adapt the AKM concept to the military environment of COIN. An additional qualitative analysis was performed to validate the extended concept of AKM. While this study is mainly focused on AKM in dynamic multinational and joint military environment of COIN, conclusions may be applicable in a broader context. The results of this research can be used by engineering managers and knowledge management practitioners and academics with particular focus on the military environment as foundation for (a) further research and development in agile knowledge management (b) developing customized agile knowledge management education programs and (c) extending the concept of AKM and its application to other environments