Two-tier Intrusion Detection System for Mobile Ad Hoc Networks

Nowadays, a commonly used wireless network (i.e. Wi-Fi) operates with the aid of a fixed infrastructure (i.e. an access point) to facilitate communication between nodes when they roam from one location to another. The need for such a fixed supporting infrastructure limits the adaptability of the wireless network, especially in situations where the deployment of such an infrastructure is impractical. In addition, Wi-Fi limits nodes' communication as it only provides facility for mobile nodes to send and receive information, but not reroute the information across the network. Recent advancements in computer network introduced a new wireless network, known as a Mobile Ad Hoc Network (MANET), to overcome these limitations. MANET has a set of unique characteristics that make it different from other kind of wireless networks. Often referred as a peer to peer network, such a network does not have any fixed topology, thus nodes are free to roam anywhere, and could join or leave the network anytime they desire. Its ability to be setup without the need of any infrastructure is very useful, especially in geographically constrained environments such as in a military battlefield or a disaster relief operation. In addition, through its multi hop routing facility, each node could function as a router, thus communication between nodes could be made available without the need of a supporting fixed router or an access point. However, these handy facilities come with big challenges, especially in dealing with the security issues. This research aims to address MANET security issues by proposing a novel intrusion detection system that could be used to complement existing prevention mechanisms that have been proposed to secure such a network. A comprehensive analysis of attacks and the existing security measures proved that there is a need for an Intrusion Detection System (IDS) to protect MANETs against security threats. The analysis also suggested that the existing IDS proposed for MANET are not immune against a colluding blackmail attack due to the nature of such a network that comprises autonomous and anonymous nodes. The IDS architecture as proposed in this study utilises trust relationships between nodes to overcome this nodes' anonymity issue. Through a friendship mechanism, the problems of false accusations and false alarms caused by blackmail attackers in global detection and response mechanisms could be eliminated. The applicability of the friendship concept as well as other proposed mechanisms to solve MANET IDS related issues have been validated through a set of simulation experiments. Several MANET settings, which differ from each other based on the network's density level, the number of initial trusted friends owned by each node, and the duration of the simulation times, have been used to study the effects of such factors towards the overall performance of the proposed IDS framework. The results obtained from the experiments proved that the proposed concepts are capable to at least minimise i f not fully eliminate the problem currently faced in MANET IDS

A Cross-Layer Approach for Minimizing Interference and Latency of Medium Access in Wireless Sensor Networks

In low power wireless sensor networks, MAC protocols usually employ periodic sleep/wake schedule to reduce idle listening time. Even though this mechanism is simple and efficient, it results in high end-to-end latency and low throughput. On the other hand, the previously proposed CSMA/CA-based MAC protocols have tried to reduce inter-node interference at the cost of increased latency and lower network capacity. In this paper we propose IAMAC, a CSMA/CA sleep/wake MAC protocol that minimizes inter-node interference, while also reduces per-hop delay through cross-layer interactions with the network layer. Furthermore, we show that IAMAC can be integrated into the SP architecture to perform its inter-layer interactions. Through simulation, we have extensively evaluated the performance of IAMAC in terms of different performance metrics. Simulation results confirm that IAMAC reduces energy consumption per node and leads to higher network lifetime compared to S-MAC and Adaptive S-MAC, while it also provides lower latency than S-MAC. Throughout our evaluations we have considered IAMAC in conjunction with two error recovery methods, i.e., ARQ and Seda. It is shown that using Seda as the error recovery mechanism of IAMAC results in higher throughput and lifetime compared to ARQ.Comment: 17 pages, 16 figure

Common investigation process model for database forensic investigation discipline

Current digital forensic process models are often found to be unsatisfactory due to the fact that they do not provide process model with opportunities to be actively involved database forensic investigation. This study presents common database forensic investigation process, which is proposed by reviewing a few particular digital investigation process models that have created and then identified the frequently common processes phases concentrates. Results of this study showed that with the determining of the frequently shared process, it could be easier for the new users to recognize the processes and also to serve as the basic fundamental concept for the improvement of a new set of processes. Thus, proposing this kind of process model may help to resolve the problems and difficulties associated with database forensic in general

Dynamic broadcasting in vehicular ad hoc networks

Vehicular Ad hoc Network (VANET) is a subclass of mobile ad hoc networks (MANETs). VANETs provide a variety of interesting applications. Many of these applications rely on broadcasting of messages to other vehicles. The simplest broadcasting algorithm is flooding. Because of a large number of vehicles during peak hour, blindly flooding may lead to packet collision and high contention named broadcast storm problem. This paper presents a broadcasting approach for safety messages that dynamically adjust waiting time of a vehicle according to the number of neighbor vehicles and distance to source. We evaluate the performance of our proposed approach in terms of reachability, reliability. The simulation results show our protocol introduces better performance than flooding and random waiting time protocol

Towards adapting metamodeling approach for the mobile forensics investigation domain

Mobile phones have become quite important tools in the modern world. The forensics field heavily relies on knowledge as an important resource. Due to the ongoing changes in digital technology, the power of knowledge enables innovation and assists in establishing proper standards and procedures. As such, it is necessary to establish a relationship between the information derived from knowledge to form new concepts and ideas. Knowledge in mobile forensics is scattered and huge. Hence, this leads to lack of knowledge management in mobile forensics. In addition, lead to complexity of investigation for new investigators, ambiguity in concepts and terminologies of mobile forensics domain and waste time to understand mobile forensics domain. Therefore, mobile forensics investigators are quite suffering with forensics investigation processes in their domain. This paper will develop a new approach for mobile forensics domain which is based on metamodeling. This approach contributes to unify common concepts of mobile forensics. It also provides many benefits which include simplifying the investigation process and guide investigations team, capture and reuse specialized forensic knowledge and support training and knowledge management activities. Furthermore, it reduces complexity and ambiguity in mobile forensic domai Towards Adapting Metamodeling approach for the Mobile Forensics Investigation Domain

Langkawi as an event destination in Malaysia: An assessment of the calendar of events

Events are important in tourism as they can enhance the attraction of tourist destinations and enrich the experiences of tourists.In general, events are commonly classified as special hallmark, mega, sports, arts and exhibitions. In the context of large-scaled events, particularly mega and hallmark, it is claimed that destination hosts can win international recognition and boost the destination‘s image. Additionally, hosting other types of events such as political and state occasions, cultural celebrations and arts festivals can generate a positive impact, revitalise traditions and culture; enhance national pride; and develop a sense of belonging. Although it is acknowledged that a tourist‘s destination can be an important venue for hosting events, there are limited studies which focus on the topics of event destination in the context of Malaysia. Therefore, the main aim of this paper is to explore the types and levels of events which are commonly organised in Langkawi, a prime tourist destination in Malaysia. In assessing this island as an event destination, the calendar of events published by the Langkawi Development Authority (LADA) from May 2010 to 2014 was analysed using a content analysis method.Overall, numerous types of events, including mega, major and community, were held in Langkawi during this period. Amongst the well-known and recurring events included in this calendar are the Langkawi International Maritime and Aerospace Exhibition (LIMA), Le Tour de Langkawi and Langkawi International Lawn Bowls.The majority of these events fall into three main categories: i) sports and recreation, ii) cultural, arts and entertainment and iii) business and trade exhibitions.The analysis of Langkawi as an event destination demonstrates that a well-known tourist destination is ideal for organising different types and levels of events. This also shows that hosting such events can be one of the ways for destinations to attract a steady stream of tourists‘ arrivals annually

Leveraging Human Thinking Style for User Attribution in Digital Forensic Process

User attribution, the process of identifying a human in a digital medium, is a research area that has receive significant attention in information security research areas, with a little research focus on digital forensics. This study explored the probability of the existence of a digital fingerprint based on human thinking style, which can be used to identify an online user. To achieve this, the study utilized Server-side web data of 43-respondents were collected for 10-months as well as a self-report thinking style measurement instrument. Cluster dichotomies from five thinking styles were extracted. Supervised machine-learning techniques were then applied to distinguish individuals on each dichotomy. The result showed that thinking styles of individuals on different dichotomies could be reliably distinguished on the Internet using a Meta classifier of Logistic model tree with bagging technique. The study further modeled how the observed signature can be adopted for a digital forensic process, using high-level universal modeling language modeling process- specifically, the behavioral state-model and use-case modeling process. In addition to the application of this result in forensics process, this result finds relevance and application in human-centered graphical user interface design for recommender system as well as in e-commerce services. It also finds application in online profiling processes, especially in e-learning system