A Taxonomy on Misbehaving Nodes in Delay Tolerant Networks

Delay Tolerant Networks (DTNs) are type of Intermittently Connected Networks (ICNs) featured by long delay, intermittent connectivity, asymmetric data rates and high error rates. DTNs have been primarily developed for InterPlanetary Networks (IPNs), however, have shown promising potential in challenged networks i.e. DakNet, ZebraNet, KioskNet and WiderNet. Due to unique nature of intermittent connectivity and long delay, DTNs face challenges in routing, key management, privacy, fragmentation and misbehaving nodes. Here, misbehaving nodes i.e. malicious and selfish nodes launch various attacks including flood, packet drop and fake packets attack, inevitably overuse scarce resources (e.g., buffer and bandwidth) in DTNs. The focus of this survey is on a review of misbehaving node attacks, and detection algorithms. We firstly classify various of attacks depending on the type of misbehaving nodes. Then, detection algorithms for these misbehaving nodes are categorized depending on preventive and detective based features. The panoramic view on misbehaving nodes and detection algorithms are further analyzed, evaluated mathematically through a number of performance metrics. Future directions guiding this topic are also presented

Flexible and dynamic network coding for adaptive data transmission in DTNs

Existing network coding approaches for Delay-Tolerant Networks (DTNs) do not detect and adapt to congestion in the network. In this paper we describe CafNC (Congestion aware forwarding with Network Coding) that combines adaptive network coding and adaptive forwarding in DTNs. In CafNC each node learns the status of its neighbours, and their egonetworks in order to detect coding opportunities, and codes as long as the recipients can decode. Our flexible design allows CafNC to efficiently support multiple unicast flows, with dynamic traffic demands and dynamic senders and receivers. We evaluate CafNC with two real connectivity traces and a realistic P2P application, introducing congestion by increasing the number of unicast flows in the network. Our results show that CafNC improves the success ratio, delay and packet loss, as the number of flows grows in comparison to no coding and hub-based static coding, while at the same time achieving efficient utilisation of network resources. We also show that static coding misses a number of coding opportunities and increases packet loss rates at times of increased congestion

Establishing trust relationships and secure channels in opportunistic networks

&nbsp;An effective system with techniques and algorithms that preserve the completeness and integrity of packets in a network and protects Opportunistic Networks from packet dropping and modification attacks has been proposed in this thesis. The techniques and attributes used to create the system involve using Merkle trees, trust, and reputation.<br /

Defense and traceback mechanisms in opportunistic wireless networks

&nbsp;In this thesis, we have identified a novel attack in OppNets, a special type of packet dropping attack where the malicious node(s) drops one or more packets (not all the packets) and then injects new fake packets instead. We name this novel attack as the Catabolism attack and propose a novel attack detection and traceback approach against this attack referred to as the Anabolism defence. As part of the Anabolism defence approach we have proposed three techniques: time-based, Merkle tree based and Hash chain based techniques for attack detection and malicious node(s) traceback. We provide mathematical models that show our novel detection and traceback mechanisms to be very effective and detailed simulation results show our defence mechanisms to achieve a very high accuracy and detection rate

Trustworthiness Mechanisms for Long-Distance Networks in Internet of Things

Aquesta tesi té com a objectiu aconseguir un intercanvi de dades fiable en un entorn hostil millorant-ne la confiabilitat mitjançant el disseny d'un model complet que tingui en compte les diferents capes de confiabilitat i mitjançant la implementació de les contramesures associades al model. La tesi se centra en el cas d'ús del projecte SHETLAND-NET, amb l'objectiu de desplegar una arquitectura d'Internet de les coses (IoT) híbrida amb comunicacions LoRa i d'ona ionosfèrica d'incidència gairebé vertical (NVIS) per oferir un servei de telemetria per al monitoratge del “permafrost” a l'Antàrtida. Per complir els objectius de la tesi, en primer lloc, es fa una revisió de l'estat de l'art en confiabilitat per proposar una definició i l'abast del terme de confiança. Partint d'aquí, es dissenya un model de confiabilitat de quatre capes, on cada capa es caracteritza pel seu abast, mètrica per a la quantificació de la confiabilitat, contramesures per a la millora de la confiabilitat i les interdependències amb les altres capes. Aquest model permet el mesurament i l'avaluació de la confiabilitat del cas d'ús a l'Antàrtida. Donades les condicions hostils i les limitacions de la tecnologia utilitzada en aquest cas d’ús, es valida el model i s’avalua el servei de telemetria a través de simulacions en Riverbed Modeler. Per obtenir valors anticipats de la confiabilitat esperada, l'arquitectura proposada es modela per avaluar els resultats amb diferents configuracions previ al seu desplegament en proves de camp. L'arquitectura proposada passa per tres principals iteracions de millora de la confiabilitat. A la primera iteració, s'explora l'ús de mecanismes de consens i gestió de la confiança social per aprofitar la redundància de sensors. En la segona iteració, s’avalua l’ús de protocols de transport moderns per al cas d’ús antàrtic. L’última iteració d’aquesta tesi avalua l’ús d’una arquitectura de xarxa tolerant al retard (DTN) utilitzant el Bundle Protocol (BP) per millorar la confiabilitat del sistema. Finalment, es presenta una prova de concepte (PoC) amb maquinari real que es va desplegar a la campanya antàrtica 2021-2022, descrivint les proves de camp funcionals realitzades a l'Antàrtida i Catalunya.Esta tesis tiene como objetivo lograr un intercambio de datos confiable en un entorno hostil mejorando su confiabilidad mediante el diseño de un modelo completo que tenga en cuenta las diferentes capas de confiabilidad y mediante la implementación de las contramedidas asociadas al modelo. La tesis se centra en el caso de uso del proyecto SHETLAND-NET, con el objetivo de desplegar una arquitectura de Internet de las cosas (IoT) híbrida con comunicaciones LoRa y de onda ionosférica de incidencia casi vertical (NVIS) para ofrecer un servicio de telemetría para el monitoreo del “permafrost” en la Antártida. Para cumplir con los objetivos de la tesis, en primer lugar, se realiza una revisión del estado del arte en confiabilidad para proponer una definición y alcance del término confiabilidad. Partiendo de aquí, se diseña un modelo de confiabilidad de cuatro capas, donde cada capa se caracteriza por su alcance, métrica para la cuantificación de la confiabilidad, contramedidas para la mejora de la confiabilidad y las interdependencias con las otras capas. Este modelo permite la medición y evaluación de la confiabilidad del caso de uso en la Antártida. Dadas las condiciones hostiles y las limitaciones de la tecnología utilizada en este caso de uso, se valida el modelo y se evalúa el servicio de telemetría a través de simulaciones en Riverbed Modeler. Para obtener valores anticipados de la confiabilidad esperada, la arquitectura propuesta es modelada para evaluar los resultados con diferentes configuraciones previo a su despliegue en pruebas de campo. La arquitectura propuesta pasa por tres iteraciones principales de mejora de la confiabilidad. En la primera iteración, se explora el uso de mecanismos de consenso y gestión de la confianza social para aprovechar la redundancia de sensores. En la segunda iteración, se evalúa el uso de protocolos de transporte modernos para el caso de uso antártico. La última iteración de esta tesis evalúa el uso de una arquitectura de red tolerante al retardo (DTN) utilizando el Bundle Protocol (BP) para mejorar la confiabilidad del sistema. Finalmente, se presenta una prueba de concepto (PoC) con hardware real que se desplegó en la campaña antártica 2021-2022, describiendo las pruebas de campo funcionales realizadas en la Antártida y Cataluña.This thesis aims at achieving reliable data exchange over a harsh environment by improving its trustworthiness through the design of a complete model that takes into account the different layers of trustworthiness and through the implementation of the model’s associated countermeasures. The thesis focuses on the use case of the SHETLAND-NET project, aiming to deploy a hybrid Internet of Things (IoT) architecture with LoRa and Near Vertical Incidence Skywave (NVIS) communications to offer a telemetry service for permafrost monitoring in Antarctica. To accomplish the thesis objectives, first, a review of the state of the art in trustworthiness is carried out to propose a definition and scope of the trustworthiness term. From these, a four-layer trustworthiness model is designed, with each layer characterized by its scope, metric for trustworthiness accountability, countermeasures for trustworthiness improvement, and the interdependencies with the other layers. This model enables trustworthiness accountability and assessment of the Antarctic use case. Given the harsh conditions and the limitations of the use technology in this use case, the model is validated and the telemetry service is evaluated through simulations in Riverbed Modeler. To obtain anticipated values of the expected trustworthiness, the proposal has been modeled to evaluate the performance with different configurations prior to its deployment in the field. The proposed architecture goes through three major iterations of trustworthiness improvement. In the first iteration, using social trust management and consensus mechanisms is explored to take advantage of sensor redundancy. In the second iteration, the use of modern transport protocols is evaluated for the Antarctic use case. The final iteration of this thesis assesses using a Delay Tolerant Network (DTN) architecture using the Bundle Protocol (BP) to improve the system’s trustworthiness. Finally, a Proof of Concept (PoC) with real hardware that was deployed in the 2021-2022 Antarctic campaign is presented, describing the functional tests performed in Antarctica and Catalonia

Congestion control framework for delay-tolerant communications

Detecting and dealing with congestion in delay tolerant networks is an important and challenging problem. Current DTN forwarding algorithms typically direct traffic towards particular nodes in order to maximise delivery ratios and minimise delays, but as traffic demands increase these nodes may become unusable. This thesis proposes Café, an adaptive congestion aware framework that reduces traffic entering congesting network regions by using alternative paths and dynamically adjusting sending rates, and CafRep, a replication scheme that considers the level of congestion and the forwarding utility of an encounter when dynamically deciding the number of message copies to forward. Our framework is a fully distributed, localised, adaptive algorithm that evaluates a contact’s next-hop potential by means of a utility comparison of a number of congestion signals, in addition to that contact’s forwarding utility, both from a local and regional perspective. We extensively evaluate our work using two different applications and three real connectivity traces showing that, independent of the network inter-connectivity and mobility patterns, our framework outperforms a number of major DTN routing protocols. Our results show that both Café and CafRep consistently outperform the state-of-the-art algorithms, in the face of increasing traffic demands. Additionally, with fewer replicated messages, our framework increases success ratio and the number of delivered packets, and reduces the message delay and the number of dropped packets, while keeping node buffer availability high and congesting at a substantially lower rate, demonstrating our framework’s more efficient use of network resources

Congestion control framework for delay-tolerant communications

Detecting and dealing with congestion in delay tolerant networks is an important and challenging problem. Current DTN forwarding algorithms typically direct traffic towards particular nodes in order to maximise delivery ratios and minimise delays, but as traffic demands increase these nodes may become unusable. This thesis proposes Café, an adaptive congestion aware framework that reduces traffic entering congesting network regions by using alternative paths and dynamically adjusting sending rates, and CafRep, a replication scheme that considers the level of congestion and the forwarding utility of an encounter when dynamically deciding the number of message copies to forward. Our framework is a fully distributed, localised, adaptive algorithm that evaluates a contact’s next-hop potential by means of a utility comparison of a number of congestion signals, in addition to that contact’s forwarding utility, both from a local and regional perspective. We extensively evaluate our work using two different applications and three real connectivity traces showing that, independent of the network inter-connectivity and mobility patterns, our framework outperforms a number of major DTN routing protocols. Our results show that both Café and CafRep consistently outperform the state-of-the-art algorithms, in the face of increasing traffic demands. Additionally, with fewer replicated messages, our framework increases success ratio and the number of delivered packets, and reduces the message delay and the number of dropped packets, while keeping node buffer availability high and congesting at a substantially lower rate, demonstrating our framework’s more efficient use of network resources

Applications in security and evasions in machine learning : a survey

In recent years, machine learning (ML) has become an important part to yield security and privacy in various applications. ML is used to address serious issues such as real-time attack detection, data leakage vulnerability assessments and many more. ML extensively supports the demanding requirements of the current scenario of security and privacy across a range of areas such as real-time decision-making, big data processing, reduced cycle time for learning, cost-efficiency and error-free processing. Therefore, in this paper, we review the state of the art approaches where ML is applicable more effectively to fulfill current real-world requirements in security. We examine different security applications' perspectives where ML models play an essential role and compare, with different possible dimensions, their accuracy results. By analyzing ML algorithms in security application it provides a blueprint for an interdisciplinary research area. Even with the use of current sophisticated technology and tools, attackers can evade the ML models by committing adversarial attacks. Therefore, requirements rise to assess the vulnerability in the ML models to cope up with the adversarial attacks at the time of development. Accordingly, as a supplement to this point, we also analyze the different types of adversarial attacks on the ML models. To give proper visualization of security properties, we have represented the threat model and defense strategies against adversarial attack methods. Moreover, we illustrate the adversarial attacks based on the attackers' knowledge about the model and addressed the point of the model at which possible attacks may be committed. Finally, we also investigate different types of properties of the adversarial attacks

Enable Reliable and Secure Data Transmission in Resource-Constrained Emerging Networks

The increasing deployment of wireless devices has connected humans and objects all around the world, benefiting our daily life and the entire society in many aspects. Achieving those connectivity motivates the emergence of different types of paradigms, such as cellular networks, large-scale Internet of Things (IoT), cognitive networks, etc. Among these networks, enabling reliable and secure data transmission requires various resources including spectrum, energy, and computational capability. However, these resources are usually limited in many scenarios, especially when the number of devices is considerably large, bringing catastrophic consequences to data transmission. For example, given the fact that most of IoT devices have limited computational abilities and inadequate security protocols, data transmission is vulnerable to various attacks such as eavesdropping and replay attacks, for which traditional security approaches are unable to address. On the other hand, in the cellular network, the ever-increasing data traffic has exacerbated the depletion of spectrum along with the energy consumption. As a result, mobile users experience significant congestion and delays when they request data from the cellular service provider, especially in many crowded areas. In this dissertation, we target on reliable and secure data transmission in resource-constrained emerging networks. The first two works investigate new security challenges in the current heterogeneous IoT environment, and then provide certain countermeasures for reliable data communication. To be specific, we identify a new physical-layer attack, the signal emulation attack, in the heterogeneous environment, such as smart home IoT. To defend against the attack, we propose two defense strategies with the help of a commonly found wireless device. In addition, to enable secure data transmission in large-scale IoT network, e.g., the industrial IoT, we apply the amply-and-forward cooperative communication to increase the secrecy capacity by incentivizing relay IoT devices. Besides security concerns in IoT network, we seek data traffic alleviation approaches to achieve reliable and energy-efficient data transmission for a group of users in the cellular network. The concept of mobile participation is introduced to assist data offloading from the base station to users in the group by leveraging the mobility of users and the social features among a group of users. Following with that, we deploy device-to-device data offloading within the group to achieve the energy efficiency at the user side while adapting to their increasing traffic demands. In the end, we consider a perpendicular topic - dynamic spectrum access (DSA) - to alleviate the spectrum scarcity issue in cognitive radio network, where the spectrum resource is limited to users. Specifically, we focus on the security concerns and further propose two physical-layer schemes to prevent spectrum misuse in DSA in both additive white Gaussian noise and fading environments

Routing protocols for next generation mobile wireless sensor networks

The recent research interest in wireless sensor networks has caused the development of many new applications and subsequently, these emerging applications have ever increasing requirements. One such requirement is that of mobility, which has inspired an entirely new array of applications in the form of mobile wireless sensor networks (MWSNs). In terms of communications, MWSNs present a challenging environment due to the high rate at which the topology may be changing. As such, the motivation of this work is to investigate potential communications solutions, in order to satisfy the performance demands of new and future MWSN applications. As such this work begins by characterising and evaluating the requirement of a large variety of these emerging applications. This thesis focuses on the area of routing, which is concerned with the reliable and timely delivery of data from multiple, mobile sensor nodes to a data sink. For this purpose the technique of gradient routing was identified as a suitable solution, since data can quickly be passed down a known gradient that is anchored at the sink. However, in a mobile network, keeping the gradient up-to-date is a key issue. This work proposes the novel use of a global time division multiple access (GTDMA) MAC as a solution to this problem, which mitigates the need for regularly flooding the network. Additionally, the concept of blind forwarding is utilised for its low overhead and high reliability through its inherent route diversity. The key contribution of this thesis is in three novel routing protocols, which use the aforementioned principles. The first protocol, PHASeR, uses a hop-count metric and encapsulates data from multiple nodes in its packets. The hop-count metric was chosen because it is simple and requires no additional hardware. The inclusion of encapsulation is intended to enable the protocol to cope with network congestion. The second protocol, LASeR, utilises location awareness to maintain a gradient and performs no encapsulation. Since many applications require location awareness, the communications systems may also take advantage of this readily available information and it can be used as a gradient metric. This protocol uses no encapsulation in order to reduce delay times. The third protocol, RASeR, uses the hop-count metric as a gradient and also does not perform encapsulation. The reduced delay time and the relaxed requirement for any existing method of location awareness makes this the most widely applicable of the three protocols. In addition to analytical expressions being derived, all three protocols are thoroughly tested through simulation. Results show the protocols to improve on the state-of-the-art and yield excellent performance over varying speeds, node numbers and data generation rates. LASeR shows the lowest overhead and delay, which comes from the advantage of having available location information. Alternatively, at the expense of increased overhead, RASeR gives comparatively high performance metrics without the need for location information. Overall, RASeR can be suitably deployed in the widest range of applications, which is taken further by including four additional modes of operation. These include a supersede mode for applications in which the timely delivery of the most recent data is prioritised. A reverse flooding mechanism, to enable the sink to broadcast control messages to the sensor nodes. An energy saving mode, which uses sleep cycles to reduce the networks power consumption, and finally a pseudo acknowledgement scheme to increase the reliability of the protocol. These additions enable RASeR to satisfy the needs of some of the most demanding MWSN applications. In order to assess the practicality of implementation, RASeR was also evaluated using a small testbed of mobile nodes. The successful results display the protocols feasibility to be implemented on commercially available hardware and its potential to be deployed in the real world. Furthermore, a key issue in the real world deployment of networks, is security and for this reason a fourth routing protocol was designed called RASeR-S. RASeR-S is based on RASeR, but introduces the use of encryption and suggests a security framework that should be followed in order to significantly reduce the possibility of a security threat. Whilst the main focus of this work is routing, alternative MAC layers are assessed for LASeR. Unlike the other two protocols, LASeR uses available location information to determine its gradient and as such, it is not reliant on the GTDMA MAC. For this reason several MAC layers are tested and the novel idea of dedicated sensing slots is introduced, as well as a network division multiple access scheme. The selected and proposed MACs are simulated and the GTDMA and two proposed protocols are shown to give the best results in certain scenarios. This work demonstrates the high levels of performance that can be achieved using gradient orientated routing in a mobile network. It has also shown that the use of a GTDMA MAC is an efficient solution to the gradient maintenance problem. The high impact of this work comes from the versatility and reliability of the presented routing protocols, which means they are able to meet the requirements of a large number of MWSN applications. Additionally, given the importance of security, RASeR-S has been designed to provide a secure and adaptable routing solution for vulnerable or sensitive applications