An Extensive Validation of a SIR Epidemic Model to Study the Propagation of Jamming Attacks against IoT Wireless Networks.

This paper describes the utilization of an epidemic approach to study the propagation of jamming attacks, which can affect to different communication layers of all nodes in a variety of Internet of Things (IoT) wireless networks, regardless of the complexity and computing power of the devices. The jamming term considers both the more classical approach of interfering signals focusing on the physical level of the systems, and the cybersecurity approach that includes the attacks generated in upper layers like Medium Access Control (MAC), producing the same effect on the communication channel. In order to study the accuracy of the proposed epidemic model to estimate the propagation of jamming attacks, this paper uses the results of public simulations and experiments. It is of special interest the data obtained from experiments based on protocols such as Multi-Parent Hierarchical Protocol (MPH), Ad-hoc On-demand Distance Vector (AODV), and Dynamic Source Routing (DSR), working over the IEEE 802.15.4 standard. Then, using the formulation of the deterministic epidemiological model Susceptible–Infected–Recovered (SIR), together the abovementioned simulation, it has been seen that the proposed epidemic model could be used to estimate in that kind of IoT networks, the impact of the jamming attack in terms of attack severity and attack persistenceThis research has been partially supported by Ministerio de Economía, Industria y Competitividad (MINECO), Agencia Estatal de Investigación (AEI), and Fondo Europeo de Desarrollo Regional (FEDER, UE) under projects TIN2017-84844-C2-1-R and PGC2018-098813-B-C32

Caracterización y Análisis de la Propagación de Ciberataques Jamming en Redes de Sensores Inalámbricos mediante Modelos Epidemiológicos

En general, los resultados obtenidos en los experimentos demuestran que los modelos epidemiológicos propuestos son capaces de determinar curvas características de ataques jamming (incluso con datos empíricos limitados), similares a las curvas que se obtendrían en un brote epidémico. La investigación desarrollada para el análisis predictivo de la propagación de ataques jamming, puede considerarse especialmente relevante, teniendo posibles aplicaciones en soluciones de Ciberseguridad para redes de sensores inalámbricosLa presente Tesis Doctoral aborda el análisis de ciberataques tipo jamming contra redes de sensores inalámbricos, aunando dos campos de investigación tan dispares como son la Ciberseguridad y la Epidemiología. Como hipótesis de base, se propone que la dinámica de propagación de este ciberataque dentro una red de sensores inalámbricos, debe presentar un patrón muy similar al de la propagación de una enfermedad producida por un patógeno infeccioso o virus dentro de una población de humanos, y cuyo principal vector de contagio sea el aire. Para validar esta hipótesis, y basándose en criterios propios de la investigación de brotes epidémicos, se han realizado una serie de experimentos caracterizando la propagación de ataques jamming aleatorios y reactivos contra una red de sensores inalámbricos, utilizando tres modelos epidemiológicos. Un modelo Susceptible-Infectado-Recuperado perteneciente al grupo de los modelos mecanicistas; y dos modelos de crecimiento logístico, pertenecientes al grupo de los modelos fenomenológicos, los cuales suelen utilizarse para realizar pronósticos a corto y medio plazo de la evolución de una enfermedad dentro de una población. Este doble enfoque, tratando los ciberataques jamming desde un punto de vista retrospectivo y predictivo, se consigue gracias al establecimiento de una relación directa entre el número de nodos afectados por el ataque y la dinámica de propagación de éste, tal y como se propone en la teoría epidemiológica, donde se reportan los individuos afectados por la enfermedad a estudio

LS-AODV: A ROUTING PROTOCOL BASED ON LIGHTWEIGHT CRYPTOGRAPHIC TECHNIQUES FOR A FANET OF NANO DRONES

With the battlespace rapidly shifting to the cyber domain, it is vital to have secure, robust routing protocols for unmanned systems. Furthermore, the development of nano drones is gaining traction, providing new covert capabilities for operators at sea or on land. Deploying a flying ad hoc network (FANET) of nano drones on the battlefield comes with specific performance and security issues. This thesis provides a novel approach to address the performance and security concerns faced by FANET routing protocols, and, in our case, is specifically tailored to improve the Ad Hoc On-Demand Distance Vector (AODV) routing protocol. The proposed routing protocol, Lightweight Secure Ad Hoc On-Demand Distance Vector (LS-AODV), uses a lightweight stream cipher, Trivium, to encrypt routing control packets, providing confidentiality. The scheme also uses Chaskey-12-based message authentication codes (MACs) to guarantee the authenticity and integrity of control packets. We use a network simulator, NS-3, to compare LS-AODV against two benchmark routing protocols, AODV and the Optimized Link State Routing (OLSR) protocol, in order to gauge network performance and security benefits. The simulation results indicate that when the FANET is not under attack from black-hole nodes, LS-AODV generally outperforms OLSR but performs slightly worse than AODV. On the other hand, LS-AODV emerges as the protocol of choice when a FANET is subject to a black-hole attack.ONROutstanding ThesisLieutenant, United States NavyApproved for public release. Distribution is unlimited

Mesh-Mon: a Monitoring and Management System for Wireless Mesh Networks

A mesh network is a network of wireless routers that employ multi-hop routing and can be used to provide network access for mobile clients. Mobile mesh networks can be deployed rapidly to provide an alternate communication infrastructure for emergency response operations in areas with limited or damaged infrastructure. In this dissertation, we present Dart-Mesh: a Linux-based layer-3 dual-radio two-tiered mesh network that provides complete 802.11b coverage in the Sudikoff Lab for Computer Science at Dartmouth College. We faced several challenges in building, testing, monitoring and managing this network. These challenges motivated us to design and implement Mesh-Mon, a network monitoring system to aid system administrators in the management of a mobile mesh network. Mesh-Mon is a scalable, distributed and decentralized management system in which mesh nodes cooperate in a proactive manner to help detect, diagnose and resolve network problems automatically. Mesh-Mon is independent of the routing protocol used by the mesh routing layer and can function even if the routing protocol fails. We demonstrate this feature by running Mesh-Mon on two versions of Dart-Mesh, one running on AODV (a reactive mesh routing protocol) and the second running on OLSR (a proactive mesh routing protocol) in separate experiments. Mobility can cause links to break, leading to disconnected partitions. We identify critical nodes in the network, whose failure may cause a partition. We introduce two new metrics based on social-network analysis: the Localized Bridging Centrality (LBC) metric and the Localized Load-aware Bridging Centrality (LLBC) metric, that can identify critical nodes efficiently and in a fully distributed manner. We run a monitoring component on client nodes, called Mesh-Mon-Ami, which also assists Mesh-Mon nodes in the dissemination of management information between physically disconnected partitions, by acting as carriers for management data. We conclude, from our experimental evaluation on our 16-node Dart-Mesh testbed, that our system solves several management challenges in a scalable manner, and is a useful and effective tool for monitoring and managing real-world mesh networks

MPH-M, AODV-M and DSR-M Performance Evaluation under Jamming Attacks

In this work, we present the design of a mitigation scheme for jamming attacks integrated to the routing protocols MPH, AODV, and DSR. The resulting protocols are named MPH-M (Multi-Parent Hierarchical - Modified), AODV-M (Ad hoc On Demand Distance Vector - Modified), and DSR-M (Dynamic Source Routing - Modified). For the mitigation algorithm, if the detection algorithm running locally in each node produces a positive result then the node is isolated; second, the routing protocol adapts their paths avoiding the isolated nodes. We evaluated how jamming attacks affect different metrics for all these modified protocols. The metrics we employ to detect jamming attack are number of packet retransmissions, number of CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) retries while waiting for an idle channel and the energy wasted by the node. The metrics to evaluate the performance of the modified routing protocols are the throughput and resilience of the system and the energy used by the nodes. We evaluated all the modified protocols when the attacker position was set near, middle and far of the collector node. The results of our evaluation show that performance for MPH-M is much better than AODV-M and DSR-M. For example, the node energy for MPH-M is 138.13% better than AODV-M and 126.07% better than DSR-M. Moreover, we also find that MPH-M benefits much more of the mitigation scheme than AODV-M and DSR-M. For example, the node energy consumption is 34.61% lower for MPH-M and only 3.92% and 3.42% for AODV-M and DSR-M, respectively. On throughput, the MPH protocol presents a packet reception efficiency at the collector node of 16.4% on to AODV and DSR when there is no mitigation mechanism. Moreover, MPH-M has an efficiency greater than 7.7% with respect to AODV-M and DSR-M when there is a mitigation scheme. In addition, we have that with the mitigation mechanism AODV-M and DSR-M do not present noticeable modification. However, MPH-M improves its efficiency by 8.4%. We also measure the resilience of these algorithms from the average packet re-transmissions perspective, and we find that MPH-M has around a 15% lower change rate than AODV-M and DSR-M. The MPH-M recovery time is 5 s faster than AODV-M and 2 s faster than DSR-M

Improving Wireless Sensor Network Performance Using MAC Protocols

Wireless sensor networks offers a wide range of applications that can be used in includes environmental monitoring, health structural monitoring, high end applications and security. However, WSN requires a constant power source. To operate efficiently various proposed MAC schemes have been proposed with the aim of achieving low energy consumption or high throughput depending on the application. This thesis proposes a scheme that offers both low energy consumption and high network throughput to enhance MAC protocols which are based on the theory of S-MAC protocol. The proposed scheme utilizes two control packets (particularly SYNC and RTS) and mix there functionalities in one control packet (shall be called SEEK) then this packet will be forwarded to the down stream nodes in a multi-hop fashion. Then apply this method on a MAC protocol that is based on S-MAC theory. The simulation results show that it is feasible to achieve low energy consumption using the proposed algorithm presented in this thesis. In conclusion, this thesis has shown that it is feasible to manipulate the construction of control packets to achieve better operation for a MAC protocol

Directional Routing Techniques in VANET

Vehicle Ad hoc Networks (VANET) emerged as a subset of the Mobile Ad hoc Network (MANET) application; it is considered to be a substantial approach to the ITS (Intelligent Transportation System). VANETs were introduced to support drivers and improve safety issues and driving comfort, as a step towards constructing a safer, cleaner and more intelligent environment. At the present time vehicles are equipped with a number of sensors and devices, including On Board Units (OBU); this enables vehicles to sense situations affecting other vehicles and manage communications, by exploiting infrastructures such as the Road Side Unit (RSU); creating a Vehicle to Infrastructure (V2I) pathway, or interacting directly with other vehicles creating a Vehicle to Vehicle (V2V) pathway. Owing to the lack of infrastructures and difficulties involved in providing comprehensive coverage for all roads because of the high expense associated with installation, the investigation in this research concentrates on the V2V communication type rather than theV2I communication type. Many challenges have emerged in VANET, encouraging researchers to investigate their research in an attempt to meet these challenges. Routing protocol issues are considered to be a critical dilemma that needs to be tackled in VANET, particularly in a sparse environment, by designing an effcient routing mechanism that impacts on enhancing network performance in terms of disseminating messages to a desireddestination, balancing the generated packet (overhead) on the network and increasing the ratio of packet delivery with a reduced time delay. VANET has some unique characteristics compared to MANET; specifically it includes high mobility and constrained patterns restricted by roads, which lead to generation of a disconnected area occurring continuously between vehicles creating a Delay Tolerant Network (DTN). This is in opposition to applying the multi-hope technique properly to deliver the packet to its desire destination. The aim in this thesis comprises two main contributions. First developing novel routing protocols for a sparse environment in VANET with the context of utilising the mobility feature, with the aid of the equipped devices, such as Global Position System (GPS) and Navigation System (NS). This approach exploits the knowledge of Second Heading Direction (SHD), which represents the knowledge of the next road direction the vehicle is intending to take, in order to increase the packet delivery ratio, and to increase the route stability by decreasing instances of route breakage. This approach comprises two approaches; the first approach was designed for a highway scenario, by selecting the next hop node based on a filtration process, to forward the packet to the desired destination, while the second approach was developed for the intersection and roundabout scenario, in order to deliver the packet to the destination (unknown location). The formalising and specification of the VSHDRP has been performed using the CCA (Calculus of Context-aware Ambient), in order to evaluate the protocols behaviours, the protocol has been validated using the ccaPL. In addition the performance of the VSHDRP has been evaluated using the NS-2 simulator; comparing it with Greedy Perimeter Stateless Routing (GPSR) protocol, to reveal the strengths and weaknesses of the protocol. Second, developing a novel approach to broadcasting the HELLO beacon message adaptively in VANET based on the node's circumstances (direction and speed), in order to minimise the broadcasting of unnecessary HELLO beacon messages. A novel architecture has been built based on the adaptive HELLO beacon message, which clarifies how the OBU components are interacting with the connected sensors, in order to portray any changes in the vehicle's circumstances, so as to take the right decision to determine appropriate action. This architecture has been built based on the concept of a context aware system, which divides the architecture into three main phases; sensing processing and acting

Safety and Reliability - Safe Societies in a Changing World

The contributions cover a wide range of methodologies and application areas for safety and reliability that contribute to safe societies in a changing world. These methodologies and applications include: - foundations of risk and reliability assessment and management - mathematical methods in reliability and safety - risk assessment - risk management - system reliability - uncertainty analysis - digitalization and big data - prognostics and system health management - occupational safety - accident and incident modeling - maintenance modeling and applications - simulation for safety and reliability analysis - dynamic risk and barrier management - organizational factors and safety culture - human factors and human reliability - resilience engineering - structural reliability - natural hazards - security - economic analysis in risk managemen