Attacks and Defenses Utilizing Cross-Layer Interactions in MANET

Cross-layer protocol design is one of the prevailing methodologies that have recently been adopted in networking research and leads to significant performance benefits. In this study, we assess the performance of cross-layer interaction and investigate its effects with regard to security and information assurance of mobile ad hoc wireless networks. Using attacks in realistic wireless networks as a prototype, we find that natural cross-layer interactions between physical, MAC and network layer protocols in MANET can turn out to be a weak point, causing various attacks and intrusions. However, by allowing a controlled synergy between layers affected by attacks, we facilitate timely detection of such attacks that are otherwise difficult to detect and may have devastating effects on network functionality and operation.

Detection and Classification of Network Intrusions using Hidden Markov Models

This paper demonstrates that it is possible to model attacks witha low number of states and classify them using Hidden MarkovModels with very low False Alarm rate and very few FalseNegatives. We also show that the models developed can be used forboth detection and classification. We put emphasis on detectionand classification of network intrusions and attacks using HiddenMarkov Models and training on anomalous sequences. We test severalalgorithms, apply different rules for classification and evaluatethe relative performance of these. Several of the attack examplespresented exploit buffer overflow vulnerabilities, due toavailability of data for such attacks. We emphasize that thepurpose of our algorithms is not only the detection andclassification of buffer overflows; they are designed fordetecting and classifying a broad range of attacks

PROTEIN QUALITY OF BREAD WHEAT

The storage proteins content and their composition have important role in determination of protein quality in bread wheat. The aim of this work is analysis of gluten content, loaf volume and their relationship with gliadin and high molecular weight glutenin subunits in bread wheat. In investigation included 10 wheat genotypes grown in two vegetation seasons (2015/16 and 2016/17) with different climatic conditions. In the first year, the genotype G-3634-2 had the lowest dry gluten content (21.20%) and loaf volume (380 ml), while genotype G-3622-1, had the highest dry gluten content (26.54%) and loaf volume (500 ml). In second year, the lowest dry gluten content (23.44%) and the lowest loaf volume was in wheat G-3601-4 (400 ml), while in genotype G-3622-1, found the highest dry gluten content (29.86%) and loaf volume (540 ml). Wheat genotypes which possess glutenin subunits 2* encoded by Glu-A1b, 7+9 encoded by Glu-B1c, and 5+10 encoded by Glu-D1d. For improving bread making quality are necessary select and wheat genotypes in terms of gluten protein composition (gliadin and glutenin’s) and higher gluten content

Detection of Greedy Individual and Colluding MAC Layer Attackers

Selfish behavior at the Medium Access (MAC) Layer can have devastating side effects on the performance of wireless networks, with effects similar to those of Denial of Service (DoS) attacks. In this paper we consider the problem of detection and prevention of node misbehavior at the MAC layer, focusing on the back-off manipulation by selfish nodes. We propose an algorithm that ensures honest behavior of non-colluding participants. Furthermore, we analyze the problem of colluding selfish nodes, casting the problem within a minimax robust detection framework, providing a detection rule of optimum performance for the worst-case attack. Finally, we compare the effects of colluding attackers with a single attacker in terms of the detection delay. Although our approach is general and can serve as a guideline for the design of any probabilistic distributed MAC protocol, we focus our analysis on the IEEE 802.11 MAC

Intrusion Detection System Resiliency to Byzantine Attacks: The Case Study of Wormholes in OLSR

In this paper we extend the work presented in [1], [2] by quantifying the effects of in-band wormhole attacks on Intrusion Detection Systems. More specifically, we propose a mathematical framework for obtaining performance bounds of Byzantine attackers and the Intrusion Detection System (IDS) in terms of detection delay. We formulate the problem of distributed collaborative defense against coordinated attacks in MANET as a dynamic game problem. In our formulation we have on the one hand a group of attackers that observe what is going on in the network and coordinate their attack in an adaptive manner. On the other side, we have a group of defending nodes (the IDS nodes) that collaboratively observe the network and coordinate their actions against the attackers. Using extensions of the game theoretic framework of [3] we provide a mathematical framework for efficient identification of the worst attacks and damages that the attackers can achieve, as well as the best response of the defenders. This approach leads to quantifying resiliency of the routing-attack IDS with respect to Byzantine attacks

System (IDS).INTRUSION DETECTION FOR DEFENSE AT THE MAC AND ROUTING LAYERS OF WIRELESS NETWORKS

The pervasiveness of wireless devices and the architectural organization of wireless networks in distributed communities, where no notion of trust can be assumed, are the main reasons for the growing interest in the issue of compliance to protocol rules. Nevertheless, the random nature of protocol operation together with the inherent difficulty of monitoring in the open and highly volatile wireless medium poses significant challenges. In this thesis, the problem of detection of node misbehavior at the MAC layer and impact of such behavior on two different routing protocols in the Network Layer is considered. Starting from a model where the behavior of a node is observable, we cast the problem within a min-max robust detection framework, with the objective to provide a detection rule of optimum performance for the worst-case attack in the MAC layer. With this framework we capture the uncertainty of attacks launched by intelligent adaptive attackers and concentrate on the class of attacks that are most significant in terms of incurred performance losses. Furthermore, we show that our ideas can be extended to the case where observations are hindered by interference due to concurrent transmissions and deriv

Detection and classification of network intrusions using hidden mark models

Abstract — This paper demonstrates that it is possible to model attacks with a low number of states and classify them using Hidden Markov Models with very low False Alarm rate and very few False Negatives. We also show that the models developed can be used for both detection and classification. We put emphasis on detection and classification of network intrusions and attacks using Hidden Markov Models and training on anomalous sequences. We test several algorithms, apply different rules for classification and evaluate the relative performance of these. Several of the attack examples presented exploit buffer overflow vulnerabilities, due to availability of data for such attacks. We emphasize that the purpose of our algorithms is not only the detection and classification of buffer overflows; they are designed for detecting and classifying a broad range of attacks. I