Securing Ad Hoc Wireless Sensor Networks under Byzantine Attacks by Implementing Non-Cryptographic Methods

Ad Hoc wireless sensor network (WSN) is a collection of nodes that do not need to rely on predefined infrastructure to keep the network connected. The level of security and performance are always somehow related to each other, therefore due to limited resources in WSN, cryptographic methods for securing the network against attacks is not feasible. Byzantine attacks disrupt the communication between nodes in the network without regard to its own resource consumption. This paper discusses the performance of cluster based WSN comparing LEACH with Advanced node based clusters under byzantine attacks. This paper also proposes an algorithm for detection and isolation of the compromised nodes to mitigate the attacks by non-cryptographic means. The throughput increases after using the algorithm for isolation of the malicious nodes, 33% in case of Gray Hole attack and 62% in case of Black Hole attack

Cost Effective Implementation of Fixed Point Adders for LUT based FPGAs using Technology Dependent Optimizations

Modern day field programmable gate arrays (FPGAs) have very huge and versatile logic resources resulting in the migration of their application domain from prototype designing to low and medium volume production designing. Unfortunately most of the work pertaining to FPGA implementations does not focus on the technology dependent optimizations that can implement a desired functionality with reduced cost. In this paper we consider the mapping of simple ripple carry fixed-point adders (RCA) on look-up table (LUT) based FPGAs. The objective is to transform the given RCA Boolean network into an optimized circuit netlist that can implement the desired functionality with minimum cost. We particularly focus on 6-input LUTs that are inherent in all the modern day FPGAs. Technology dependent optimizations are carried out to utilize this FPGA primitive efficiently and the result is compared against various adder designs. The implementation targets the XC5VLX30-3FF324 device from Xilinx Virtex-5 FPGA family. The cost of the circuit is expressed in terms of the resources utilized, critical path delay and the amount of on-chip power dissipated. Our implementation results show a reduction in resources usage by at least 50%; increase in speed by at least 10% and reduction in dynamic power dissipation by at least 30%. All this is achieved without any technology independent (architectural) modification

Reputation Driven Dynamic Access Control Framework for IoT atop PoA Ethereum Blockchain

Security and Scalability are two major challenges that IoT is currently facing. Access control to critical IoT infrastructure is considered as top security challenge that IoT faces. Data generated by IoT devices may be driving many hard real time systems, thus it is of utmost importance to guarantee integrity and authenticity of the data and resources at the first place itself. Due to heterogeneous and constrained nature of IoT devices, traditional IoT security frameworks are not able to deliver scalable, efficient and manageable mechanisms to meet the requirements of IoT devices. On the other hand Blockchain technology has shown great potential to bridge the missing gap towards building a truly decentralized, trustworthy, secure and scalable environment for IoT. Allowing access to IoT resources and data managed through Blockchain will provide an additional security layer backed by the strongest cryptographic algorithms available. In this work we present a reputation driven dynamic access control framework for small scale IoT applications based on Proof of Authority Blockchain, we name it as Rep-ACM. In RepACM framework we build two major services, one for Reputation building (for better IoT device behaviour regulations) and other for Misbehaviour detection (for detecting any Misbehaviour on object resource usage). Both of these services work in coordination with other services of proposed framework to determine who can access what and under what conditions access should be granted. For Proof of Concept (PoC) we created private Ethereum network consisting of two Raspberry Pi single board computers, one desktop computer and a laptop as nodes. We configured Ethereum protocol to use Istanbul Byzantine Fault Tolerance (IBFT) as Proof of Authority (PoA) consensus mechanism for performance optimization in constrained environment. We deployed our model on private network for feasibility and performance analysis

A novel multi-agent and multilayered game formulation for Intrusion Detection in Internet of Things (IoT)

The current era of smart computing and enabling technologies encompasses the Internet of Things (IoT) as a network of connected, intelligent objects where objects range from sensors to smartphones and wearables. Here, nodes or objects cooperate during communication scenarios to accomplish effective throughput performance. Despite the deployment of large-scale infrastructure-based communications with faster access technologies, IoT communication layers can still be affected with security vulnerabilities if nodes/objects do not cooperate and intend to take advantage of other nodes for fulfilling their malevolent interest. Therefore, it is essential to formulate an intrusion detection/prevention system that can effectively identify the malicious node and restrict it from further communication activities—thus, the throughput, and energy performance can be maximized to a significant extent. This study introduces a combined multi-agent and multilayered game formulation where it incorporates a trust model to assess each node/object, which is participating in IoT communications from a security perspective. The experimental test scenarios are numerically evaluated, where it is observed that the proposed approach attains significantly improves intrusion detection accuracy, delay, and throughput performance as compared to the existing baseline approaches

A Comprehensive Insight into Game Theory in relevance to Cyber Security

The progressively ubiquitous connectivity in the present information systems pose newer challenges tosecurity. The conventional security mechanisms have come a long way in securing the well-definedobjectives of confidentiality, integrity, authenticity and availability. Nevertheless, with the growth in thesystem complexities and attack sophistication, providing security via traditional means can beunaffordable. A novel theoretical perspective and an innovative approach are thus required forunderstanding security from decision-making and strategic viewpoint. One of the analytical tools whichmay assist the researchers in designing security protocols for computer networks is game theory. Thegame-theoretic concept finds extensive applications in security at different levels, including thecyberspace and is generally categorized under security games. It can be utilized as a robust mathematicaltool for modelling and analyzing contemporary security issues. Game theory offers a natural frameworkfor capturing the defensive as well as adversarial interactions between the defenders and the attackers.Furthermore, defenders can attain a deep understanding of the potential attack threats and the strategiesof attackers by equilibrium evaluation of the security games. In this paper, the concept of game theoryhas been presented, followed by game-theoretic applications in cybersecurity including cryptography.Different types of games, particularly those focused on securing the cyberspace, have been analysed andvaried game-theoretic methodologies including mechanism design theories have been outlined foroffering a modern foundation of the science of cybersecurity

Applicability of Mobile Contact Tracing in Fighting Pandemic (COVID-19): Issues, Challenges and Solutions

Contact Tracing is considered as the first and the most effective step towards containing an outbreak, as resources for mass testing and large quantity of vaccines are highly unlikely available for immediate utilization. Effective contact tracing can allow societies to reopen from lock-down even before availability of vaccines. The objective of mobile contact tracing is to speed up the manual interview based contact tracing process for containing an outbreak efficiently and quickly. In this article, we throw light on some of the issues and challenges pertaining to the adoption of mobile contact tracing solutions for fighting COVID-19. In essence, we proposed an Evaluation framework for mobile contact tracing solutions to determine their usability, feasibility, scalability and effectiveness. We evaluate some of the already proposed contact tracing solutions in light of our proposed framework. Furthermore, we present possible attacks that can be launched against contact tracing solutions along with their necessary countermeasures to thwart any possibility of such attacks

ECM-GT: design of efficient computational modelling based on game theoretical approach towards enhancing the security solutions in MANET

Game Theory is a useful tool for exploring the issues concerning Mobile Ad-Hoc Network (or MANET) security. In MANETs, coordination among the portable nodes is more significant, which encompasses their vulnerability challenges to several security assaults and the inability to run securely, when storing its resources and manage secure routing between the nodes. Hence, it is imperative to design an efficient routing protocol to secure all nodes from unknown behaviors. In the current research study, the game-theory approach is utilized for analytical purpose and addresses the security problems in MANETs. The game-theoretic approach is mainly adopted to find the malicious activities in the networks. In the proposed work, a Bayesian-Signaling game model is proposed which analyses the behavior of both regular/normal and malicious nodes. The game model proposed also provides the finest actions of autonomous tactics for every node. A Bayesian-Equilibrium (BE) offers the best solution for games to resolve the incomplete information by joining strategies and players payoff which form an equilibrium. By exploiting the BE mechanism, the system can detect the behavior of regular as well as malicious nodes. Therefore, Efficient ComputationalModelling based on Game Theory or ECM-GT methodology will reduce the utility of malicious nodes and increase the utility of regular nodes. Also, it stimulates the best co-operation among the nodes by exploiting the reputation system. On comparing our results with the existing systems, it was found that the proposed algorithm performed better in the detection of malicious nodes, throughput, false positive rate and detection of attacks

RFDA: Reliable framework for data administration based on split-merge policy

Emerging technologies in cloud environment have not only increased its use but also posed some severe issues. These issues can cause considerable harm not only to data storage but also to the large amount of data in distributed file structure which are being used in collaborative sharing. The data sharing technique in the cloud is prone to many flaws and is easily attacked. The conventional cryptographic mechanism is not robust enough to provide a secure authentication. In this paper, we overcome this issue with our proposed Reliable Framework for Data Administration (RFDA) using split-merge policy, developed to enhance data security. The proposed RFDA performs splitting of data in a unique manner using 128 AES encryption key. Different slots of the encrypted key are placed in different places of rack servers of different cloud zones. The effectiveness and efficiency of the proposed system are analyzed using comparative analysis from which it is seen that the proposed system has outperformed the existing and conventional security standard

Game theory analysis and modeling of sophisticated multi-collusion attack in MANETs

Mobile Adhoc Network (MANET) has been a core topic of research since the last decade. Currently, this form of networking paradigm is increasingly being construed as an integral part of upcoming urban applications of Internet-of-Things (IoT), consisting of massive connectivity of diverse types of nodes. There is a significant barrier to the applicability of existing routing approaches in conventional MANETs when integrated with IoT. This routing mismatch can lead to security risks for the MANET-based application tied with the IoT platform. This paper examines a pragmatic scenario as a test case wherein the mobile nodes must exchange multimedia signals for supporting real-time streaming applications. There exist two essential security requirements viz. i) securing the data packet and ii) understanding the unpredictable behavior of the attacker. The current study considers sophistication on the part of attacker nodes. They are aware of each other’s identity and thereby collude to conduct lethal attacks, which is rarely reflected in existing security modeling statistics. This research harnesses the potential modeling aspect of game theory to model the multiple-collusion attacker scenario. It contributes towards i) modeling strategies of regular/malicious nodes and ii) applying optimization principle using novel auxiliary information to formulate the optimal strategies. The model advances each regular node’s capability to carry out precise computation about the opponent player’s strategy prediction, i.e., malicious node. The simulation outcome of the proposed mathematical model in MATLAB ascertains that it outperforms the game theory’s baseline approach

Evolution and analysis of securehash algorithm (sha) family

With the rapid advancement of technologies and proliferation of intelligent devices, connecting to the internet challenges have grown manifold, such as ensuring communication security and keeping user credentials secret. Data integrity and user privacy have become crucial concerns in any ecosystem of advanced and interconnected communications. Cryptographic hash functions have been extensively employed to ensure data integrity in insecure environments. Hash functions are also combined with digital signatures to offer identity verification mechanisms and non-repudiation services. The federal organization National Institute of Standards and Technology (NIST) established the SHA to provide security and optimal performance over some time. The most well-known hashing standards are SHA-1, SHA-2, and SHA-3. This paper discusses the background of hashing, followed by elaborating on the evolution of the SHA family. The main goal is to present a comparative analysis of these hashing standards and focus on their security strength, performance and limitations against common attacks. The complete assessment was carried out using statistical analysis, performance analysis and extensive fault analysis over a defined test environment. The study outcome showcases the issues ofSHA-1 besides exploring the security benefits of all the dominant variants of SHA-2 and SHA-3. The study also concludes that SHA-3 is the best option to mitigate novice intruders while allowing better performance cost-effectivel