Multi-BSM: An Anomaly Detection and Position Falsification Attack Mitigation Approach in Connected Vehicles

With the dawn of the emerging technologies in the field of vehicular environment, connected vehicles are advancing at a rapid speed. The advancement of such technologies helps people daily, whether it is to reach from one place to another, avoid traffic, or prevent any hazardous incident from occurring. Safety is one of the main concerns regarding the vehicular environment when it comes to developing applications for connected vehicles. Connected vehicles depend on messages known as basic safety messages (BSMs) that are repeatedly broadcast in their communication range in order to obtain information regarding their surroundings. Different kinds of attacks can be initiated by a vehicle in the network with malicious intent by inserting false information in these messages, e.g., speed, direction, and position. This paper focuses on the position falsification attacks that can be carried out in the vehicular environment and be avoided using the multi-BSM approach. Multi-BSM uses consecutive multiple BSMs with different parameters to detect and warn other vehicles about position falsification attacks. Multi-BSM is compared to other anomaly detection algorithms and evaluated with rigorous simulations. Multi-BSM shows a high level of anomaly detection, even in high vehicle density, with up to 97% accuracy rate compared to the respective algorithms

Global Aggregation Node Selection Scheme in Federated Learning for Vehicular Ad Hoc Networks (VANETs)

Federated learning allows multiple users and parties to collaborate and train machine learning models in a distributed and privacy-preserving manner in Vehicular Adhoc Networks VANETs. This computing paradigm addresses privacy concerns; however, it comes at a considerable cost of network resources. After training the machine learning models in conventional federated learning frameworks, devices share that model with a central server, mostly cloud, where the global aggregation is performed. Multiple devices communicating with a central server raise network bandwidth and congestion concerns. To solve this problem, we proposed a federated learning framework for VANETs where instead of using a fixed global aggregator, we used variable global aggregation nodes. The global aggregation node is selected based on communication delay and workload in the proposed framework. We also believe that, in a vehicular Adhoc network, all network nodes cannot participate in the learning process due to network, computation, and energy resource limitations. We Also proposed a client selection algorithm that adapts itself and selects some clients based on specific criteria. Finally, the proposed technique is compared with the hierarchical federated learning framework (HFL) and FedAvg where proposed method outperformed in terms of accuracy

Mobility-aware hierarchical fog computing framework for Industrial Internet of Things (IIoT)

The Industrial Internet of Things (IIoTs) is an emerging area that forms the collaborative environment for devices to share resources. In IIoT, many sensors, actuators, and other devices are used to improve industrial efficiency. As most of the devices are mobile; therefore, the impact of mobility can be seen in terms of low-device utilization. Thus, most of the time, the available resources are underutilized. Therefore, the inception of the fog computing model in IIoT has reduced the communication delay in executing complex tasks. However, it is not feasible to cover the entire region through fog nodes; therefore, fog node selection and placement is still the challenging task. This paper proposes a multi-level hierarchical fog node deployment model for the industrial environment. Moreover, the scheme utilized the IoT devices as a fog node; however, the selection depends on energy, path/location, network properties, storage, and available computing resources. Therefore, the scheme used the location-aware module before engaging the device for task computation. The framework is evaluated in terms of memory, CPU, scalability, and system efficiency; also compared with the existing approach in terms of task acceptance rate. The scheme is compared with xFogSim framework that is capable to handle workload upto 1000 devices. However, the task acceptance ratio is higher in the proposed framework due to its multi-tier model. The workload acceptance ratio is 85% reported with 3000 devices; whereas, in xFogsim the ratio is reduced to approx. 68%. The primary reason for high workload acceptation is that the proposed solution utilizes the unused resources of the user devices for computations

Thwarting ICMP low-rate attacks against firewalls while minimizing legitimate traffic loss

© 2013 IEEE. Low-rate distributed denial of service (LDDoS) attacks pose more challenging threats that disrupt network security devices and services. Such type of attacks is difficult to detect and mitigate. In LDDoS attacks, attacker uses low-volume of malicious traffic that looks alike legitimate traffic. Thus, it can enter the network in silence without any notice. However, it may have severe effect on disrupting network services, depleting system resources, and degrading network speed to a point considering them as one of the most damaging attack types. There are many types of LDDoS such as application server and ICMP error messages based LDDoS. This paper is solely concerned with the ICMP error messages based LDDoS. The paper proposes a mechanism to mitigate low-rate ICMP error message attacks targeting security devices, such as firewalls. The mechanism is based on triggering a rejection rule to defend against corresponding detected attack as early as possible, in order to preserve firewall resources. The rejection rule has certain adaptive activity time, during which the rule continues to reject related low-rate attack packets. This activity time is dynamically predicted for the next rule activation period according to current and previous attack severity and statistical parameters. However, the rule activity time needs to be stabilized in a manner in order to prevent any additional overhead to the system as well as to prevent incremental loss of corresponding legitimate packets. Experimental results demonstrate that the proposed mechanism can efficiently defend against incremental evasion cycle of low-rate attacks, and monitor rejection rule activity duration to minimize legitimate traffic loss

Resiliency of Smart Power Meters to Common Security Attacks

AbstractThe development of Smart Grid power systems is gaining momentum in many countries leading to massive deployment of smart meters to realize the envisioned benefits. However, there are several concerns among the consumer communities and the service providers with respect to information security when it comes to the deployment of smart meters. This paper attempts to address the main challenge related to smart grid information security by examining the resiliency of smart meters to security threats and attacks. Several common information security attacks are being used to study their impact on the performance of smart meters in a controlled laboratory environment. Results obtained showed drastic effect on the functionality of smart meters and their associated data gathering servers

A Fog Computing Framework for Intrusion Detection of Energy-Based Attacks on UAV-Assisted Smart Farming

Precision agriculture and smart farming have received significant attention due to the advancements made in remote sensing technology to support agricultural efficiency. In large-scale agriculture, the role of unmanned aerial vehicles (UAVs) has increased in remote monitoring and collecting farm data at regular intervals. However, due to an open environment, UAVs can be hacked to malfunction and report false data. Due to limited battery life and flight times requiring frequent recharging, a compromised UAV wastes precious energy when performing unnecessary functions. Furthermore, it impacts other UAVs competing for charging times at the station, thus disrupting the entire data collection mechanism. In this paper, a fog computing-based smart farming framework is proposed that utilizes UAVs to gather data from IoT sensors deployed in farms and offloads it at fog sites deployed at the network edge. The framework adopts the concept of a charging token, where upon completing a trip, UAVs receive tokens from the fog node. These tokens can later be redeemed to charge the UAVs for their subsequent trips. An intrusion detection system is deployed at the fog nodes that utilize machine learning models to classify UAV behavior as malicious or benign. In the case of malicious classification, the fog node reduces the tokens, resulting in the UAV not being able to charge fully for the duration of the trip. Thus, such UAVs are automatically eliminated from the UAV pool. The results show a 99.7% accuracy in detecting intrusions. Moreover, due to token-based elimination, the system is able to conserve energy. The evaluation of CPU and memory usage benchmarks indicates that the system is capable of efficiently collecting smart-farm data, even in the presence of attacks

Integration of blockchain and collaborative intrusion detection for secure data transactions in industrial IoT: a survey

The advent of the Industrial Internet of Things (IIoT) integrates all manners of computing technologies, from tiny actuators to process-intensive servers. The distributed network of IoT devices relies on centralized architecture to compensate for their lack of resources. Within this complex network, it is crucial to ensure the security and privacy of data in the IIoT systems as they involve real-time functions that manage people’s movement and industrial materials like chemicals, radio-active goods, and large equipment. Intrusion Detection Systems (IDS) have been widely used to detect and thwart cyber-attacks on such systems. However, these are inefficient for the multi-layered IIoT networks which include heterogeneous protocol standards and topologies. With the need for a novel security method, the integration of collaborative IDS (CIDS) and blockchain has become a disruptive technology to ensure secure and trustable network transactions. Which detection methodology is suitable for this integration, and IIoT? Will blockchain render IIoT completely immune to cyber-attacks? In this paper, we provide a comprehensive review of the state of the art, analyze, and classify the integration approaches of CIDS and blockchain, and discuss suitable approaches for securing IIoT systems. We also categorize the major blockchain vulnerabilities with their potential losses to expose significant gaps for future research directions

Flexible Global Aggregation and Dynamic Client Selection for Federated Learning in Internet of Vehicles

Federated Learning (FL) enables collaborative and privacy-preserving training of machine learning models within the Internet of Vehicles (IoV) realm. While FL effectively tackles privacy concerns, it also imposes significant resource requirements. In traditional FL, trained models are transmitted to a central server for global aggregation, typically in the cloud. This approach often leads to network congestion and bandwidth limitations when numerous devices communicate with the same server. The need for Flexible Global Aggregation and Dynamic Client Selection in FL for the IoV arises from the inherent characteristics of IoV environments. These include diverse and distributed data sources, varying data quality, and limited communication resources. By employing dynamic client selection, we can prioritize relevant and high-quality data sources, enhancing model accuracy. To address this issue, we propose an FL framework that selects global aggregation nodes dynamically rather than a single fixed aggregator. Flexible global aggregation ensures efficient utilization of limited network resources while accommodating the dynamic nature of IoV data sources. This approach optimizes both model performance and resource allocation, making FL in IoV more effective and adaptable. The selection of the global aggregation node is based on workload and communication speed considerations. Additionally, our framework overcomes the constraints associated with network, computational, and energy resources in the IoV environment by implementing a client selection algorithm that dynamically adjusts participants according to predefined parameters. Our approach surpasses Federated Averaging (FedAvg) and Hierarchical FL (HFL) regarding energy consumption, delay, and accuracy, yielding superior results

The evolving SARS-CoV-2 epidemic in Africa: Insights from rapidly expanding genomic surveillance

INTRODUCTION Investment in Africa over the past year with regard to severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) sequencing has led to a massive increase in the number of sequences, which, to date, exceeds 100,000 sequences generated to track the pandemic on the continent. These sequences have profoundly affected how public health officials in Africa have navigated the COVID-19 pandemic. RATIONALE We demonstrate how the first 100,000 SARS-CoV-2 sequences from Africa have helped monitor the epidemic on the continent, how genomic surveillance expanded over the course of the pandemic, and how we adapted our sequencing methods to deal with an evolving virus. Finally, we also examine how viral lineages have spread across the continent in a phylogeographic framework to gain insights into the underlying temporal and spatial transmission dynamics for several variants of concern (VOCs). RESULTS Our results indicate that the number of countries in Africa that can sequence the virus within their own borders is growing and that this is coupled with a shorter turnaround time from the time of sampling to sequence submission. Ongoing evolution necessitated the continual updating of primer sets, and, as a result, eight primer sets were designed in tandem with viral evolution and used to ensure effective sequencing of the virus. The pandemic unfolded through multiple waves of infection that were each driven by distinct genetic lineages, with B.1-like ancestral strains associated with the first pandemic wave of infections in 2020. Successive waves on the continent were fueled by different VOCs, with Alpha and Beta cocirculating in distinct spatial patterns during the second wave and Delta and Omicron affecting the whole continent during the third and fourth waves, respectively. Phylogeographic reconstruction points toward distinct differences in viral importation and exportation patterns associated with the Alpha, Beta, Delta, and Omicron variants and subvariants, when considering both Africa versus the rest of the world and viral dissemination within the continent. Our epidemiological and phylogenetic inferences therefore underscore the heterogeneous nature of the pandemic on the continent and highlight key insights and challenges, for instance, recognizing the limitations of low testing proportions. We also highlight the early warning capacity that genomic surveillance in Africa has had for the rest of the world with the detection of new lineages and variants, the most recent being the characterization of various Omicron subvariants. CONCLUSION Sustained investment for diagnostics and genomic surveillance in Africa is needed as the virus continues to evolve. This is important not only to help combat SARS-CoV-2 on the continent but also because it can be used as a platform to help address the many emerging and reemerging infectious disease threats in Africa. In particular, capacity building for local sequencing within countries or within the continent should be prioritized because this is generally associated with shorter turnaround times, providing the most benefit to local public health authorities tasked with pandemic response and mitigation and allowing for the fastest reaction to localized outbreaks. These investments are crucial for pandemic preparedness and response and will serve the health of the continent well into the 21st century