Secure and robust multi-constrained QoS aware routing algorithm for VANETs

Secure QoS routing algorithms are a fundamental part of wireless networks that aim to provide services with QoS and security guarantees. In Vehicular Ad hoc Networks (VANETs), vehicles perform routing functions, and at the same time act as end-systems thus routing control messages are transmitted unprotected over wireless channels. The QoS of the entire network could be degraded by an attack on the routing process, and manipulation of the routing control messages. In this paper, we propose a novel secure and reliable multi-constrained QoS aware routing algorithm for VANETs. We employ the Ant Colony Optimisation (ACO) technique to compute feasible routes in VANETs subject to multiple QoS constraints determined by the data traffic type. Moreover, we extend the VANET-oriented Evolving Graph (VoEG) model to perform plausibility checks on the exchanged routing control messages among vehicles. Simulation results show that the QoS can be guaranteed while applying security mechanisms to ensure a reliable and robust routing service

A Novel Physical Layer Secure Key Generation and Refreshment Scheme for Wireless Sensor Networks

Physical Layer Secure Key Generation (PL-SKG) schemes have received a lot of attention from the wireless security community in recent years because of the potential benefits that they could bring to the security landscape. These schemes aim to strengthen current security protocols by reducing the amount of key material that devices need for deployment. They do this by harnessing the common source of randomness provided by the wireless channel that the physical layer is communicating over. This is of particular importance in Wireless Sensor Networks (WSNs) where resources are particularly scarce and where issues such as key revocation and recovery make the design of efficient key management schemes extremely difficult. This paper discusses the issues and challenges encountered in the design and implementation of PL-SKG schemes on off-the-shelf wireless sensor networks. It then proposes a novel key generation scheme that takes advantage of both the power and simplicity of classic error correcting codes and also the diversity of frequency channels available on 802.15.4 compliant nodes to generate keys from received signal strength (RSS) readings. This paper shows that our key generation and refreshment scheme can achieve a near 100% key reconciliation rate whilst also providing perfect forward and backward security

A Centralised Wi-Fi Management Framework for D2D Communications in Dense Wi-Fi Networks

In Wi-Fi networks, Device-to-Device (D2D) communications aim to improve the efficiency of the network by supporting direct communication between users in close proximity. However, in a congested Wi-Fi network, establishing D2D connections through a locally managed self-organising approach will intensify the congestion and reduce the scalability of the solution. Therefore, a centralised management approach must be involved in orchestrating those actions to guarantee the sufficiency of D2D communications. In this paper, we propose a novel management framework for D2D communications in dense Wi-Fi networks. The proposed framework employs a Software-Defined Networking (SDN) based centralised controller in synergy with a novel Access Point (AP) channel assignment process. This framework is designed to proactively establish and manage D2D connections in Wi-Fi networks considering the available radio resources and the effect of the subsequent interference. Thus, improving the overall performance of the network and providing users with higher data rate. Through simulation, we validate the effectiveness of the proposed framework and demonstrate how D2D deployment considerably improves the Wi-Fi network efficiency especially when the data rate requirements are high. Furthermore, we show that our proposed framework achieves better performance than the widely deployed Least Congested Channel selection strategy (LCC)

Situation-aware QoS routing algorithm for vehicular Ad hoc networks

A wide range of services has been developed for Vehicular Ad hoc Networks (VANETs) ranging from safety to infotainment applications. An essential requirement for such services is that they are offered with Quality of Service (QoS) guarantees in terms of service reliability and availability. Searching for feasible routes subject to multiple QoS constraints is in general an NP-hard problem. Besides, routing reliability needs to be paid special attention as communication links frequently break in VANETs. In this paper, we propose employing the Situational Awareness (SA) concept and an Ant Colony System (ACS) based algorithm to develop a Situation- Aware Multi-constrained QoS (SAMQ) routing algorithm for VANETs. SAMQ aims to compute feasible routes between the communicating vehicles subject to multiple QoS constraints and pick the best computed route, if such a route exists. To mitigate the risks inherited from selecting the best computed route that may turn out to fail at any moment, SAMQ utilises the SA levels and ACS mechanisms to prepare certain countermeasures with the aim of assuring a reliable data transmission. Simulation results demonstrate that SAMQ is capable of achieving a reliable data transmission as compared to the existing QoS routing algorithms even when the network topology is highly dynamic.A wide range of services has been developed for Vehicular Ad hoc Networks (VANETs) ranging from safety to infotainment applications. An essential requirement for such services is that they are offered with Quality of Service (QoS) guarantees in terms of service reliability and availability. Searching for feasible routes subject to multiple QoS constraints is in general an NP-hard problem. Besides, routing reliability needs to be paid special attention as communication links frequently break in VANETs. In this paper, we propose employing the Situational Awareness (SA) concept and an Ant Colony System (ACS) based algorithm to develop a Situation- Aware Multi-constrained QoS (SAMQ) routing algorithm for VANETs. SAMQ aims to compute feasible routes between the communicating vehicles subject to multiple QoS constraints and pick the best computed route, if such a route exists. To mitigate the risks inherited from selecting the best computed route that may turn out to fail at any moment, SAMQ utilises the SA levels and ACS mechanisms to prepare certain countermeasures with the aim of assuring a reliable data transmission. Simulation results demonstrate that SAMQ is capable of achieving a reliable data transmission as compared to the existing QoS routing algorithms even when the network topology is highly dynamic

Investigation of routing reliability of vehicular ad hoc networks

In intelligent transportation systems, the cooperation between vehicles and the road side units is essential to bring these systems to fruition. Vehicular ad hoc networks (VANETs) are a promising technology to enable the communications among vehicles on one hand and between vehicles and road side units on the other hand. However, it is a challenging task to develop a reliable routing algorithm for VANETs due to the high mobility and the frequent changes of the network topology. Communication links are highly vulnerable to disconnection in VANETs; hence, the routing reliability of these ever-changing networks needs to be paid special attention. In this paper, we propose a new vehicular reliability model to facilitate the reliable routing in VANETs. The link reliability is defined as the probability that a direct communication link between two vehicles will stay continuously available over a specified time period. Furthermore, the link reliability value is accurately calculated using the location, direction and velocity information of vehicles along the road. We extend the well-known ad hoc on-demand distance vector (AODV) routing protocol to propose our reliable routing protocol AODV-R. Simulation results demonstrate that AODV-R outperforms significantly the AODV routing protocol in terms of better delivery ratio and less link failures while maintaining a reasonable routing control overhead

Blockchain-enabled Intrusion Detection and Prevention System of APTs within Zero Trust Architecture

In a world where organisations are embracing new IT working models such as Bring Your Own Device (BYOD) and remote working, the traditional mindset of defending the network perimeter is no longer sufficient. Zero Trust Architecture (ZTA) has recently emerged as a new security model in which the breach mindset dominates the threat model. By default, the ZTA considers any endpoint (i.e., device), user, or application to be untrusted until proven otherwise. Nonetheless, once proven by the endpoint, using Advanced Persistent Threats (APT), attackers can still take over an authenticated and authorised session via that endpoint. Therefore, they can perform several user/device centric malicious activities in addition to lateral movement rendering the endpoint the Achilles heel of ZTA. To effectively deter APT attack capabilities on the endpoints, this work proposes a Blockchain-enabled Intrusion Detection and Prevention System (BIDPS) that augments ZTA onto endpoints. The BIDPS aims to achieve two core outcomes: first, detect and prevent attackers’ techniques and tactics as per MITRE’s ATT&CK enterprise matrix earlier than the lateral movement stage, and secondly, strip trust out of the endpoint itself and place it on-chain, thus creating an immutable system of explicit trust. To evaluate the effectiveness of the BIDPS, a testbed was built where techniques of over ten APTs attacks were launched against the endpoint. BIDPS has a high rate of success defending against the launched attacks owing to its Blockchain’s immutability, fortifying the detection/prevention processes