Square Key Matrix Management Scheme in Wireless Sensor Networks

In this paper we propose a symmetric cryptographic approach named Square Key Matrix Management Scheme (SKMaS) in which a sensor node named Key Distribution Server (KDS) is responsible for the security of key management. When the system starts up, the KDS sends its individual key and two sets of keys to sensor nodes. With the IDs, any two valid sensor nodes, e.g. i and j, can individually identify the corresponding communication keys (CKs) to derive a dynamic shared key (DSK) for encrypting/decrypting messages transmitted between them. When i leaves the underlying network, the CKs and the individually keys currently utilized by i can be reused by a newly joining sensor, e.g. h. However, when h joins the network, if no such previously-used IDs are available, h will be given a new ID, CKs and the individually key by the KDS. The KDS encrypts the CKs, with which an existing node q can communicate with h, with individual key so that only q rather than h can correctly decrypt the CKs. The lemmas and security analyses provided in this paper prove that the proposed system can protect at least three common attacks

A DoS/DDoS Attack Detection System Using Chi-Square Statistic Approach

Nowadays, users can easily access and download network attack tools, which often provide friendly interfaces and easily operated features, from the Internet. Therefore, even a naive hacker can also launch a large scale DoS or DDoS attack to prevent a system, i.e., the victim, from providing Internet services. In this paper, we propose an agent based intrusion detection architecture, which is a distributed detection system, to detect DoS/DDoS attacks by invoking a statistic approach that compares source IP addresses' normal and current packet statistics to discriminate whether there is a DoS/DDoS attack. It first collects all resource IPs' packet statistics so as to create their normal packet distribution. Once some IPs' current packet distribution suddenly changes, very often it is an attack. Experimental results show that this approach can effectively detect DoS/DDoS attacks

A Real-Time Intrusion Detection System using Data Mining Technique

Presently, most computers authenticate user ID and password before users can login these systems. However, danger soon comes if the two items are known to hackers. In this paper, we propose a system, named Intrusion Detection and Identification System (IDIS), which builds a profile for each user in an intranet to keep track his/her usage habits as forensic features with which IDIS can identify who the underlying user in the intranet is. Our experimental results show that the recognition accuracy of students of computer science department is up to 98.99%