Search results

1 – 10 of 327
To view the access options for this content please click here
Article

Abdelaziz Amara Korba, Mehdi Nafaa and Salim Ghanemi

Wireless multi-hop ad hoc networks are becoming very attractive and widely deployed in many kinds of communication and networking applications. However, distributed and…

Abstract

Purpose

Wireless multi-hop ad hoc networks are becoming very attractive and widely deployed in many kinds of communication and networking applications. However, distributed and collaborative routing in such networks makes them vulnerable to various security attacks. This paper aims to design and implement a new efficient intrusion detection and prevention framework, called EIDPF, a host-based framework suitable for mobile ad hoc network’s characteristics such as high node’s mobility, resource-constraints and rapid topology change. EIDPF aims to protect an AODV-based network against routing attacks that could target such network.

Design/methodology/approach

This detection and prevention framework is composed of three complementary modules: a specification-based intrusion detection system to detect attacks violating the protocol specification, a load balancer to prevent fast-forwarding attacks such as wormhole and rushing and adaptive response mechanism to isolate malicious node from the network.

Findings

A key advantage of the proposed framework is its capacity to efficiently avoid fast-forwarding attacks and its real-time detection of both known and unknown attacks violating specification. The simulation results show that EIDPF exhibits a high detection rate, low false positive rate and no extra communication overhead compared to other protection mechanisms.

Originality/value

It is a new intrusion detection and prevention framework to protect ad hoc network against routing attacks. A key strength of the proposed framework is its ability to guarantee a real-time detection of known and unknown attacks that violate the protocol specification, and avoiding wormhole and rushing attacks by providing a load balancing route discovery.

Details

Information & Computer Security, vol. 24 no. 4
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article

Degan Zhang, Changle Gong, Kaiwen Jiang, Xiaodan Zhang and Ting Zhang

This paper aims to put forward a kind of new method of intelligent trust engineering metrics for application of mobile ad hoc network (MANET).

Abstract

Purpose

This paper aims to put forward a kind of new method of intelligent trust engineering metrics for application of mobile ad hoc network (MANET).

Design/methodology/approach

The new method calculates the communication trust by using the number of data packets among the nodes of MANET, predicts intelligently the trust and calculates the comprehensive trust based on the historical trust; then calculates the energy trust based on the residual energy of the nodes of MANET, calculates the direct trust based on the communication trust and energy trust. The new method calculates the recommendation trust based on the recommendation reliability; adopts the adaptive weighting to calculate the integrated direct trust by considering the direct trust with recommendation trust.

Findings

Based on the integrated direct trust and the factor of trust propagation distance, the indirect trust among the nodes of MANET is calculated. The above process can be optimized based on the dynamic machine learning presented in this study. The advantage of the new method is its intelligent ability to discover malicious nodes.

Originality/value

The advantage of the new method is its intelligent ability to discover malicious nodes which can partition the network by falsely reporting other nodes as misbehaving and proceeds to protect the network. The authors have done the experiments based on the tool kits such as NS3, QualNet, OMNET++ and MATLAB. The experimental results show that this study’s approach can effectively avoid the attacks of malicious nodes, and more conformable to the actual engineering application of MANET.

Details

Engineering Computations, vol. 37 no. 5
Type: Research Article
ISSN: 0264-4401

Keywords

To view the access options for this content please click here
Article

Wenjuan Li and Weizhi Meng

This paper aims to propose and evaluate an intrusion sensitivity (IS)-based approach regarding the detection of pollution attacks in collaborative intrusion detection…

Abstract

Purpose

This paper aims to propose and evaluate an intrusion sensitivity (IS)-based approach regarding the detection of pollution attacks in collaborative intrusion detection networks (CIDNs) based on the observation that each intrusion detection system may have different levels of sensitivity in detecting specific types of intrusions.

Design/methodology/approach

In this work, the authors first introduce their adopted CIDN framework and a newly designed aggregation component, which aims to collect feedback, aggregate alarms and identify important alarms. The authors then describe the details of trust computation and alarm aggregation.

Findings

The evaluation on the simulated pollution attacks indicates that the proposed approach is more effective in detecting malicious nodes and reducing the negative impact on alarm aggregation as compared to similar approaches.

Research limitations/implications

More efforts can be made in improving the mapping of the satisfaction level, enhancing the allocation, evaluation and update of IS and evaluating the trust models in a large-scale network.

Practical implications

This work investigates the effect of the proposed IS-based approach in defending against pollution attacks. The results would be of interest for security specialists in deciding whether to implement such a mechanism for enhancing CIDNs.

Originality/value

The experimental results demonstrate that the proposed approach is more effective in decreasing the trust values of malicious nodes and reducing the impact of pollution attacks on the accuracy of alarm aggregation as compare to similar approaches.

Details

Information & Computer Security, vol. 24 no. 3
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article

Francis H. Shajin and Paulthurai Rajesh

This study aims to evaluate the direct trust value for each node and calculate the trust value of all nodes satisfying the condition and update the trust value and value…

Abstract

Purpose

This study aims to evaluate the direct trust value for each node and calculate the trust value of all nodes satisfying the condition and update the trust value and value each trust update interval for a secure and efficient communication between sender and destination node. Hence, a Trusted Secure Geographic Routing Protocol (TSGRP) has been proposed for detecting attackers (presence of the hacker), considering the trust value for a node produced by combining the location trusted information and the direct trusted information.

Design/methodology/approach

Amelioration in the research studies related to mobile ad hoc networks (MANETs) and wireless sensor networks has shown greater concern in the presence of malicious nodes, due to which the delivery percentage in any given network can degrade to a larger extent, and hence make the network less reliable and more vulnerable to security.

Findings

TSGRP has outperformed the conventional protocols for detecting attacks in MANET. TSGRP is establishing a trust-based secure communication between the sender and destination node. The evaluated direct trust value is used after the transmission of route-request and route-reply packets, to evaluate the direct trust value of each node and a secure path is established between the sender and the destination node. The effectiveness of the proposed TSGRP is evaluated through NS-2 simulation.

Originality/value

The simulation results show the delay of the proposed method is 92% less than PRISM approach and the overhead of the proposed TSGRP approach is 61% less than PRISM approach.

Details

International Journal of Pervasive Computing and Communications, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1742-7371

Keywords

To view the access options for this content please click here
Article

Aameek Singh, Bugra Gedik and Ling Liu

To provide mutual anonymity over traditionally un‐anonymous Distributed Hash Tables (DHT) based Peer‐to‐Peer overlay networks, while maintaining the desired scalability…

Abstract

Purpose

To provide mutual anonymity over traditionally un‐anonymous Distributed Hash Tables (DHT) based Peer‐to‐Peer overlay networks, while maintaining the desired scalability and guaranteed lookup properties of the DHTs.

Design/methodology/approach

Agyaat uses a novel hybrid‐overlay design, a fully decentralized topology without any trusted proxies. It anonymizes both the querying and responding peers through the use of unstructured topologies, called clouds, which are added onto the structured overlays. In addition, it regulates the cloud topologies to ensure the guaranteed location of data and scalability of routing. A unique characteristic of the design is the ability of users to tradeoff between desired anonymity and performance. The paper presents a thorough performance and anonymity analysis of the system, and also analyzes few anonymity compromising attacks and countermeasures.

Findings

The results indicate that Agyaat is able to provide mutual anonymity while maintaining the scalability of lookups, affecting the costs only by a constant factor.

Research limitations/implications

While Agyaat is able to meet its mutual anonymity and performance goals, there exist other security vulnerabilities like possible Denial‐of‐Service (DoS) attacks, both due to its design and the underlying DHT overlay. This is fertile ground for future work.

Originality/value

Agyaat uses a novel topology architecture and associated protocols that are conducive to providing mutually anonymous services.

Details

Internet Research, vol. 16 no. 2
Type: Research Article
ISSN: 1066-2243

Keywords

To view the access options for this content please click here
Article

N.V. Brindha and V.S. Meenakshi

Any node in a mobile ad hoc network (MANET) can act as a host or router at any time and so, the nodes in the MANET are vulnerable to many types of attacks. Sybil attack is…

Abstract

Purpose

Any node in a mobile ad hoc network (MANET) can act as a host or router at any time and so, the nodes in the MANET are vulnerable to many types of attacks. Sybil attack is one of the harmful attacks in the MANET, which produces fake identities similar to legitimate nodes in the network. It is a serious threat to the MANET when a malicious node uses the fake identities to enter the network illegally.

Design/methodology/approach

A MANET is an independent collection of mobile nodes that form a temporary or arbitrary network without any fixed infrastructure. The nodes in the MANET lack centralized administration to manage the network and change their links to other devices frequently.

Findings

So for securing a MANET, an approach based on biometric authentication can be used. The multimodal biometric technology has been providing some more potential solutions for the user to be able to devise an authentication in MANETs of high security.

Research limitations/implications

The Sybil detection approach, which is based on the received signal strength indicator (RSSI) variations, permits the node to be able to verify the authenticity of communicating nodes in accordance with their localizations.

Practical implications

As the MANET node suffers from a low level of memory and power of computation, there is a novel technique of feature extraction that is proposed for the multimodal biometrics that makes use of palm prints that are based on a charge-coupled device and fingerprints, along with the features that are fused.

Social implications

This paper proposes an RSSI-based multimodal biometric solution to detect Sybil attack in MANETs.

Originality/value

The results of the experiment have indicated that this method has achieved a performance which is better compared to that of the other methods.

Details

International Journal of Intelligent Unmanned Systems, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2049-6427

Keywords

To view the access options for this content please click here
Article

Zhen Cao, Jianbin Hu, Zhong Chen, Maoxing Xu and Xia Zhou

Wireless sensor networks, due to their potentially wide application perspectives, may proliferate in future. Two major stumbling blocks are the dynamic variance of the…

Abstract

Purpose

Wireless sensor networks, due to their potentially wide application perspectives, may proliferate in future. Two major stumbling blocks are the dynamic variance of the network caused by both the capacity constraint of sensor nodes and uncertainties of wireless links, and secure routing in the special security sensitive environment. Therefore, adaptable and defendable routing mechanism is in urgent need for the deployment of sensor networks. This paper aims to propose a feedback‐based secure routing protocol (FBSR).

Design/methodology/approach

Feedback from the neighboring nodes serves as the dynamic information of the current network, with which sensor nodes make forwarding decisions in a secure and energy aware manner. Feedback message is included in the MAC layer acknowledgement frame to avoid network congestion, and it is authenticated with the proposed Keyed One Way Hash Chain (Keyed‐OWHC) to avoid feedback fabrication. FBSR's resilience to node compromise is enhanced by statistic efforts accomplished by the base station.

Findings

Both mathematical analysis and simulation results show that FBSR is not only reliable but also energy efficient.

Originality/value

The paper introduces a novel routing scheme for wireless sensor networks.

Details

International Journal of Pervasive Computing and Communications, vol. 4 no. 1
Type: Research Article
ISSN: 1742-7371

Keywords

To view the access options for this content please click here
Article

R. Srilakshmi and Jayabhaskar Muthukuru

The mischievous nodes that defy the standard corrupt the exhibition of good nodes considerably. Therefore, an intrusion discovery mechanism should be included to the…

Abstract

Purpose

The mischievous nodes that defy the standard corrupt the exhibition of good nodes considerably. Therefore, an intrusion discovery mechanism should be included to the mobile ad-hoc network (MANET). In this paper, worm-hole and other destructive malignant attacks are propelled in MANET.

Design/methodology/approach

A wireless ad-hoc network also called as mobile ad-hoc network (MANET) is a gathering of hubs that utilizes a wireless channel to exchange information and coordinate together to establish information exchange among any pair of hubs, without any centralized structure. The security issue is a major difficulty while employing MANETs.

Findings

Consequently, the attacks due to the malicious node activity are detected using Hybrid Reactive Search and Bat (HRSB) mechanism to prevent the mischievous nodes from entering the network beneath the untruthful information. Moreover, the attack detection rate and node energy are predicted for determining the lifetime of the node.

Originality/value

The simulation outcomes of the proposed HRSB technique are evaluated with the prevailing methods. The comparison studies have proven the efficacy of the current research model by attaining high attack detection rate and achieving more network lifetime.

Details

International Journal of Intelligent Unmanned Systems, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2049-6427

Keywords

To view the access options for this content please click here
Article

Abdelhak Bentaleb, Saad Harous and Abdelhak Boubetra

Scalability is a fundamental problem in mobile ad hoc networks (MANETs), where network topology includes large number of nodes and demands a large number of packets in…

Abstract

Purpose

Scalability is a fundamental problem in mobile ad hoc networks (MANETs), where network topology includes large number of nodes and demands a large number of packets in network that characterized by dynamic topologies, existence of bandwidth constrained, variable capacity links, energy constraint and nodes are highly prone to security threats. The key purpose of this paper is to overview the efficiency of the proposed clustering scheme for large-scale MANETs and its performance evaluation and especially in the case of a large number of nodes in the network.

Design/methodology/approach

Designing clustering schemes for MANETs, which are efficient and scalable in the case of large number of mobile nodes, has received a great attention in the last few years. It is widely used to improve resources management, hierarchical routing protocol design, quality of service, network performance parameters such as routing delay, bandwidth consumption, throughput and security. MANETs are characterized by limited wireless bandwidth, nodes mobility that results in a high frequency of failure regarding wireless links, energy constraint and nodes are highly prone to security threats. Due to all these features, the design of a scalable and efficient clustering scheme is quite complex. Many clustering schemes have been proposed to divide nodes into clusters, focusing on different metrics and purposes.

Findings

To the best of the author's knowledge, the different proposed clustering schemes are not scalable when the network size increases to a very large number. The paper presents the clustering scheme in detail and its performance evaluation by simulating MANETs composed of a large number of mobile nodes. The authors compare the performance of the scheme with a number of existing clustering schemes such as lowest-ID, highest degree, and weighted clustering algorithm, based on a number of performance metrics. Simulation results show that the scheme performs better than other clustering schemes, based on the performance metrics considered, for large-scale MANETs.

Originality/value

This paper addresses the problem of scalability in MANETs when there are high numbers of node in the network. The paper analyses the performance of the proposed clustering scheme for large-scale MANETs. The obtained results show that the different proposed clustering schemes do not allow the scalability when the network size is very large. The scheme supports scalability efficiently when the number of nodes increases in the network (more than 2,000 nodes).

Details

International Journal of Pervasive Computing and Communications, vol. 10 no. 1
Type: Research Article
ISSN: 1742-7371

Keywords

To view the access options for this content please click here
Article

Tianbo Lu, Binxing Fang, Yuzhong Sun and Xueqi Cheng

As a peer‐to‐peer scalable anonymous communication system, WonGoo is a tradeoff between anonymity and efficiency. Usually, the longer the path, the stronger the anonymity…

Abstract

Purpose

As a peer‐to‐peer scalable anonymous communication system, WonGoo is a tradeoff between anonymity and efficiency. Usually, the longer the path, the stronger the anonymity, but at the same time the heavier the overhead. WonGoo lengthens the anonymity path and reduces the overhead, providing strong anonymity and high efficiency with layered encryption and random forwarding. The purpose of this paper is to analyze its performance in detail.

Design/methodology/approach

The paper focuses on measure the performance of WonGoo system with probability theory. First, it gives a brief description of the system and evaluate its payload. Then it presents a detailed security analysis of the system.

Findings

It is shown that WonGoo can protect against (n − 1) attack and provide variable anonymity, as well as how confident the collaborators can be that their immediate predecessor is in fact the path initiator. The paper measures the anonymity degree provided by WonGoo system based on information entropy and compare it with other anonymity systems.

Practical implications

The paper is helpful for the further development of WonGoo system. In addition, the results presented in this paper will be useful for users to design other anonymity system.

Originality/value

WonGoo is a peer‐to‐peer anonymity system that provides strong anonymity and high efficiency with layered encryption and random forwarding. The paper presents a detailed analysis of its performance with probability theory and measures its anonymity degree with information theory.

Details

International Journal of Pervasive Computing and Communications, vol. 3 no. 2
Type: Research Article
ISSN: 1742-7371

Keywords

1 – 10 of 327