Smart attacks based on control packets vulnerabilities with IEEE 802.11 MAC

International audienceIn this paper, we show new smart attacks which were not dealt with in the solutions proposed recently. We focus on the Medium Access Control (MAC), particularly the IEEE 802.11 and we study some hidden vulnerabilities based on the control packets. The malicious nodes can exploit these vulnerabilities to reduce the network's performance, to disturb the monitoring, routing processes and to escape the Intrusion Detection System (IDS). Furthermore, we show how vulnerabilities can be exploited and how these attacks can be implemented by the attacker. Moreover, attacks' algorithms and the security analysis are presented. We investigate on the effect of these attacks with the simulations and the experimentations. The simulations' results and their analysis illustrate the negative impact of these attacks on the network. In addition, the experimentation results demonstrate the feasibility to real exploitation of these attacks and they confirm the simulation's results

Security and pseudo-anonymity with a cluster-based approach for MANET

International audienceIn this paper, we propose an anonymous protocol to secure nodes which have important roles in the network. We focus in the clustering approach to secure the mobile ad hoc networks (MANETs). In each cluster, a confident node is selected to ensure the certification authority (CA) roles; however, the cluster security depends in the security of the CA node. Therefore, we present an anonymous dynamic demilitarized zone (ADDMZ) to protect the CA node identity and to avoid the single point of failure in the cluster. ADDMZ is formed by a set of confident nodes which have a high trust level between them and their goal is to filter the communication between the cluster member node and the CA node. Moreover, we draw one's inspiration from military defence mechanisms such as: camouflage and identity change mechanisms. We present protocol to realize these mechanisms by using the identity based cryptographic from bilinear maps. The security analysis is proposed to discuss the proposed protocols

RSSI-based Localization Algorithms using Spatial Diversity in Wireless Sensor Networks

Accepted for publication in International Journal of Ad Hoc and Ubiquitous Computing (IJAHUC)International audienceMany localization algorithms in Wireless Sensor Networks (WSNs) are based on received signal strength indication (RSSI). Although they present some advantages in terms of complexity and energy consumption, RSSI values, especially in indoor environments, are very unstable due to fading induced by shadowing effect and multipath propagation. In this paper, we propose a comparative study of RSSI-based localization algorithms using spatial diversity in WSNs. We consider different kinds of single / multiple antenna systems: Single Input Single Output (SISO) system, Single Input Multiple Output (SIMO) system, Multiple Input Single Output (MISO) system and Multiple Input Multiple Output (MIMO) system. We focus on the well known trilateration and multilateration localization algorithms to evaluate and compare different antenna systems. Exploiting spatial diversity by using multiple antenna systems improve significantly the accuracy of the location estimation. We use three diversity combining techniques at the receiver: Maximal Ratio Combiner (MRC), Equal Gain Combining (EGC) and Selection Combining (SC). The obtained results show that the localization performance in terms of position accuracy is improved when using multiple antennas. Specifically, using multiple antennas at the both sides present better performance than using multiple antennas at the transmitter as well as the receiver side. We also conclude that MRC diversity combining technique outperforms EGC that as well outperforms SC

Reputation aware obfuscation for mobile opportunistic networks

© 2013 IEEE. Current anonymity techniques for mobile opportunistic networks typically use obfuscation algorithms to hide node's identity behind other nodes. These algorithms are not well suited to sparse and disconnection prone networks with large number of malicious nodes and new opportunistic, adaptive. So, new, opportunistic, adaptive fully localized mechanisms are needed for improving user anonymity. This paper proposes reputation aware localized adaptive obfuscation for mobile opportunistic networks that comprises of two complementary techniques: opportunistic collaborative testing of nodes' obfuscation behaviour (OCOT) and multidimensional adaptive anonymisation (AA). OCOT-AA is driven by both explicit and implicit reputation building, complex graph connectivity analytics and obfuscation history analyses. We show that OCOT-AA is very efficient in terms of achieving high levels of node identity obfuscation and managing low delays for answering queries between sources and destinations while enabling fast detection and avoidance of malicious nodes typically within the fraction of time within the experiment duration. We perform extensive experiments to compare OCOT-AA with several other competitive and benchmark protocols and show that it outperforms them across a range of metrics over a one month real-life GPS trace. To demonstrate our proposal more clearly, we propose new metrics that include best effort biggest length and diversity of the obfuscation paths, the actual percentage of truly anonymised sources' IDs at the destinations and communication quality of service between source and destination

Relative fairness and optimized throughput for mobile ad hoc networks

International audienceAlthough IEEE 802.11 provides several transmission rates, a suitable rate adaptation taking into account the relative fairness among all competitive stations, according to the underlying channel quality remains a challenge in Mobile Ad hoc Networks (MANETs). The absence of any fixed infrastructure and any centralized control makes the existing solutions for WLANs like CARA (collision-aware rate adaptation) [4] not appropriate for MANETs. In this paper, we propose a new analytical model with a suitable approach to ensure a relative fairness among all competitive nodes of a particular channel. Our model deals with the channel quality while respecting the nodes, based on transmission successes and failures in a mobility context. Finally, each node calculates its own probability to access the channel in a distributed manner. We evaluate the performance of our scheme with others in the context of MANET via extensive and detailed simulations. The performance differentials are analysed using varying network load and transmission range. The simulation results illustrate that our proposed approach ensures a better tradeoff between fairness and throughput

Efficient location privacy-aware forwarding in opportunistic mobile networks

This paper proposes a novel fully distributed and collaborative k-anonymity protocol (LPAF) to protect users’ location information and ensure better privacy while forwarding queries/replies to/from untrusted location-based service (LBS) over opportunistic mobile networks (OppMNets. We utilize a lightweight multihop Markov-based stochastic model for location prediction to guide queries toward the LBS’s location and to reduce required resources in terms of retransmission overheads. We develop a formal analytical model and present theoretical analysis and simulation of the proposed protocol performance. We further validate our results by performing extensive simulation experiments over a pseudo realistic city map using map-based mobility models and using real-world data trace to compare LPAF to existing location privacy and benchmark protocols. We show that LPAF manages to keep higher privacy levels in terms of k-anonymity and quality of service in terms of success ratio and delay, as compared with other protocols, while maintaining lower overheads. Simulation results show that LPAF achieves up to an 11% improvement in success ratio for pseudorealistic scenarios, whereas real-world data trace experiments show up to a 24% improvement with a slight increase in the average delay

How MIMO cross-layer design enables QoS while detecting non-cooperative nodes in wireless multi-hop networks

In Journal of Network and Computer Applications (JNCA). DOI: 10.1016/j.jnca.2014.07.011International audienceWireless Multi-hop Networks (WMNs) are based on the cooperation between nodes. The non-cooperative (selfish) nodes can affect the quality of services (QoS) delivered by the network. The solutions proposed in literature are based on the monitoring mechanism to detect non-cooperative nodes. However, the monitoring mechanism has to tackle a significant false alarm rate. The origin of these issues is mainly related to the interferences and the costs of the monitoring mechanism. In WMNs based on Single-Input Single-Output (SISO) technology, the interferences at the monitor (detector) node can affect the assessment and the accuracy of the monitor node's observation. In this paper, we use Multi-Input and Multi-Output (MIMO) technology to tackle these drawbacks and to perform the monitoring mechanism without affecting the QoS. We propose a new MAC protocol based on the well-known SPACE-MAC protocol, named MIMODog. The collision at the monitor node can be avoided by tuning the antennas' weights. Therefore, the signal coming from other nodes than the monitored one can be nullified. Thus, this solution allows an important improvement of the accuracy of the monitor node's observation. Moreover, we propose a monitoring capacity analysis using graph theory particularly Conflict Graph (CG), and asymptotic study. We illustrate that the capacity consumed in the case of MIMODog is costly compared to SPACE-MAC, but the accuracy of the observation is better. We demonstrate that the number of monitor nodes is $\Theta(\frac{M}{\sqrt{n\ln n}})$ for a MIMO network with randomly located nodes n, each equipped with M antennas. Indeed, numerical results nlnn illustrate that by using MIMODog, the network can have a constant improvement M on an asymptotic number of monitor nodes compared to SISO 802.11 DCF MAC

Social delay tolerant approach for safety services in vehicular networks

Vehicular networks have attracted attention for recent years due to their various and emerging applications supporting secure and convenient driving. Regarding specific features of vehicular networks, we propose a new Social-aware Vehicular DTN protocol (SocVe) respectively for a type of safety applications such as emergency support services. We evaluate our protocol in short contact and intermittent connection scenarios extracting from mobility data set in Hanoi city. We conduct comparative performance evaluation of SocVe in multiple scenarios with different destination centralities against a geographical protocol

A trust-based architecture for managing certificates in vehicular ad hoc networks

International audienceIn this paper, we propose a secure and distributed public key infrastructure for VANETs. It is based on an hybrid trust model which is used to determine the trust metric (Tm) of vehicles. It consists on a monitoring system processing on two aspects: the cooperation of vehicles and the legitimacy of the broadcasted data. We propose a fuzzy-based solution in order to decide about the honesty of vehicles. Then, the vehicles which are trusted (Tm = 1), also, they have at least one trusted neighbor can candidate to serve as certification authorities CAs in their clusters. In order to increase the stability of our distributed architecture, the CA candidate which has the lowest relative mobility will be elected as certification authority CA. A set of simulations is conducted. We evaluate particularly the efficiency and the stability of the clustering algorithm as a function of the speed, the average number of vehicles on the platoon and the percentage of trusted vehicles