A Candour-based Trust and Reputation Management System for Mobile Ad Hoc Networks

The decentralized administrative controlled-nature of mobile ad hoc networks (MANETs) presents security vulnerabilities which can lead to attacks such as malicious modification of packets. To enhance security in MANETs, Trust and Reputation Management systems (TRM) have been developed to serve as measures in mitigating threats arising from unusual behaviours of nodes. In this paper we propose a candour-based trust and reputation system which measures and models reputation and trust propagation in MANETs. In the proposed model Dirichlet Probability Distribution is employed in modelling the individual reputation of nodes and the trust of each node is computed based on the node’s actual network performance and the quality of the recommendations it gives about other nodes. Cooperative nodes in our model will be rewarded for expanding their energy in forwarding packets for other nodes or for disseminating genuine recommenda-tions. Uncooperative nodes are isolated and denied the available network resources. We employed the Ruffle algorithm which will ensure that cooperative nodes are allowed to activate sleep mode when their service is not required in forwarding packets for its neighbouring trustworthy nodes. The proposed TRM system enshrines fairness in its mode of operation as well as creating an enabling environment free from bias. It will also ensure a connected and capacity preserving network of trustworthy node

Using mobile agents to detect node compromise in path-based DoS attacks on wireless sensor networks

Wireless sensor networks represent a new generation of real-time&nbsp; embedded systems with significantly different communication constraints from the traditional networked systems. With their development, a new attack called a path-based DoS (PDoS) attack has appeared. In a PDoS attack, an adversary, either inside or outside the network, overwhelms sensor nodes by flooding a multi-hop endto- end communication path with either replayed packets or injected spurious packets. In this article, we propose a solution using mobile agents which can detect PDoS attacks easily.<br /

Lightweight authentication for recovery in wireless sensor networks

Wireless sensor networks (WSNs) suffer from a wide range of security attacks due to their limited processing and energy capabilities. Their use in numerous mission critical applications, however, requires that fast recovery from such attacks be achieved. Much research has been completed on detection of security attacks, while very little attention has been paid to recovery from an attack. In this paper, we propose a novel, lightweight authentication protocol that can secure network and node recovery operations such as re-clustering and reprogramming. Our protocol is based on hash functions and we compare the performance of two well-known lightweight hash functions, SHA-1 and Rabin. We demonstrate that our authentication protocol can be implemented efficiently on a sensor network test-bed with TelosB motes. Further, our experimental results show that our protocol is efficient both in terms of computational overhead and execution times which makes it suitable for low resourced sensor devices.<br /

Using mobile agents to detect and recover from node compromise in path-based DoS attacks in wireless sensor networks

Wireless sensor networks represent a new generation of real-time embedded systems with significantly different communication constraints from the traditional networked systems. With their development, a new attack called a path-based DoS (PDoS) attack has appeared. In a PDoS attack, an adversary, either inside or outside the network, overwhelms sensor nodes by flooding a multi-hop end-to end communication path with either replayed packets or injected spurious packets. Detection and recovery from PDoS attacks have not been given much attention in the literature. In this article, we propose a solution using mobile agents which can detect PDoS attacks easily and efficiently and recover the compromised nodes.<br /

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Secure Precise Clock Synchronization for Interconnected Body Area Networks

Secure time synchronization is a paramount service for wireless sensor networks (WSNs) constituted by multiple interconnected body area networks (BANs). We propose a novel approach to securely and efficiently synchronize nodes at BAN level and/or WSN level. Each BAN develops its own notion of time. To this effect, the nodes of a BAN synchronize with their BAN controller node. Moreover, controller nodes of different BANs cooperate to agree on a WSN global and/or to transfer UTC time. To reduce the number of exchanged synchronization messages, we use an environmental-aware time prediction algorithm. The performance analysis in this paper shows that our approach exhibits very advanced security, accuracy, precision, and low-energy trade-off. For comparable precision, our proposal outstands related clock synchronization protocols in energy efficiency and risk of attacks. These results are based on computations

A Qos Adaptive Routing Scheme (IGLAR) For Highly Dynamic Vehicular Networks with Support to Service and Priority

This paper proposes an improved geolocation based QoS aware routing algorithm (IGLAR), which focuses on identifying optimal paths for effective routing in highly dynamic mobile ad hoc network such as VANET based on vehicular traffic at cross roads over a static high way lane. The process of selection and utilizing the optimal QoS route gets updated on transmission. IGLAR works on route identification, route binding, update and deletion process based on the validation of adaptive QoS metrics, before the optimal route selection process between source and destination. This research work discusses on the survey and analysis the performance of GPSR [9], AODV [8], DYMO [12] and proposed scheme based on simulation test beds and scenario mapping using VanetMobiSim with NS-3 simulator. The proposed routing scheme IGLAR has been designed and implemented as per the DSRC specifications [13] and IEEE 802.11p MAC. Keywords: VANET, GPSR, AODV, DYMO, VanetMobisi

Formal modelling and analysis of denial of services attacks in wireless sensor networks

Wireless Sensor Networks (WSNs) have attracted considerable research attention in recent years because of the perceived potential benefits offered by self-organising, multi-hop networks consisting of low-cost and small wireless devices for monitoring or control applications in di±cult environments. WSN may be deployed in hostile or inaccessible environments and are often unattended. These conditions present many challenges in ensuring that WSNs work effectively and survive long enough to fulfil their functionalities. Securing a WSN against any malicious attack is a particular challenge. Due to the limited resources of nodes, traditional routing protocols are not appropriate in WSNs and innovative methods are used to route data from source nodes to sink nodes (base stations). To evaluate the routing protocols against DoS attacks, an innovative design method of combining formal modelling and computer simulations has been proposed. This research has shown that by using formal modelling hidden bugs (e.g. vulnerability to attacks) in routing protocols can be detected automatically. In addition, through a rigorous testing, a new routing protocol, RAEED (Robust formally Analysed protocol for wirEless sEnsor networks Deployment), was developed which is able to operate effectively in the presence of hello flood, rushing, wormhole, black hole, gray hole, sink hole, INA and jamming attacks. It has been proved formally and using computer simulation that the RAEED can pacify these DoS attacks. A second contribution of this thesis relates to the development of a framework to check the vulnerability of different routing protocols against Denial of Service(DoS) attacks. This has allowed us to evaluate formally some existing and known routing protocols against various DoS attacks iand these include TinyOS Beaconing, Authentic TinyOS using uTesla, Rumour Routing, LEACH, Direct Diffusion, INSENS, ARRIVE and ARAN protocols. This has resulted in the development of an innovative and simple defence technique with no additional hardware cost for deployment against wormhole and INA attacks. In the thesis, the detection of weaknesses in INSENS, Arrive and ARAN protocols was also addressed formally. Finally, an e±cient design methodology using a combination of formal modelling and simulation is propose to evaluate the performances of routing protocols against DoS attacks