Search results

The purpose of this study is to extensively explore the vehicular network paradigm, challenges faced by them and provide a reasonable solution for securing these vulnerable networks. Vehicle-to-everything (V2X) communication has brought the long-anticipated goal of safe, convenient and sustainable transportation closer to reality. The connected vehicle (CV) paradigm is critical to the intelligent transportation systems vision. It imagines a society free of a troublesome transportation system burdened by gridlock, fatal accidents and a polluted environment. The authors cannot overstate the importance of CVs in solving long-standing mobility issues and making travel safer and more convenient. It is high time to explore vehicular networks in detail to suggest solutions to the challenges encountered by these highly dynamic networks.

This paper compiles research on various V2X topics, from a comprehensive overview of V2X networks to their unique characteristics and challenges. In doing so, the authors identify multiple issues encountered by V2X communication networks due to their open communication nature and high mobility, especially from a security perspective. Thus, this paper proposes a trust-based model to secure vehicular networks. The proposed approach uses the communicating nodes’ behavior to establish trustworthy relationships. The proposed model only allows trusted nodes to communicate among themselves while isolating malicious nodes to achieve secure communication.

Despite the benefits offered by V2X networks, they have associated challenges. As the number of CVs on the roads increase, so does the attack surface. Connected cars provide numerous safety-critical applications that, if compromised, can result in fatal consequences. While cryptographic mechanisms effectively prevent external attacks, various studies propose trust-based models to complement cryptographic solutions for dealing with internal attacks. While numerous trust-based models have been proposed, there is room for improvement in malicious node detection and complexity. Optimizing the number of nodes considered in trust calculation can reduce the complexity of state-of-the-art solutions. The theoretical analysis of the proposed model exhibits an improvement in trust calculation, better malicious node detection and fewer computations.

The proposed model is the first to add another dimension to trust calculation by incorporating opinions about recommender nodes. The added dimension improves the trust calculation resulting in better performance in thwarting attacks and enhancing security while also reducing the trust calculation complexity.

Wireless multi-hop ad hoc networks are becoming very attractive and widely deployed in many kinds of communication and networking applications. However, distributed and collaborative routing in such networks makes them vulnerable to various security attacks. This paper aims to design and implement a new efficient intrusion detection and prevention framework, called EIDPF, a host-based framework suitable for mobile ad hoc network’s characteristics such as high node’s mobility, resource-constraints and rapid topology change. EIDPF aims to protect an AODV-based network against routing attacks that could target such network.

This detection and prevention framework is composed of three complementary modules: a specification-based intrusion detection system to detect attacks violating the protocol specification, a load balancer to prevent fast-forwarding attacks such as wormhole and rushing and adaptive response mechanism to isolate malicious node from the network.

A key advantage of the proposed framework is its capacity to efficiently avoid fast-forwarding attacks and its real-time detection of both known and unknown attacks violating specification. The simulation results show that EIDPF exhibits a high detection rate, low false positive rate and no extra communication overhead compared to other protection mechanisms.

It is a new intrusion detection and prevention framework to protect ad hoc network against routing attacks. A key strength of the proposed framework is its ability to guarantee a real-time detection of known and unknown attacks that violate the protocol specification, and avoiding wormhole and rushing attacks by providing a load balancing route discovery.

This paper aims to put forward a kind of new method of intelligent trust engineering metrics for application of mobile ad hoc network (MANET).

The new method calculates the communication trust by using the number of data packets among the nodes of MANET, predicts intelligently the trust and calculates the comprehensive trust based on the historical trust; then calculates the energy trust based on the residual energy of the nodes of MANET, calculates the direct trust based on the communication trust and energy trust. The new method calculates the recommendation trust based on the recommendation reliability; adopts the adaptive weighting to calculate the integrated direct trust by considering the direct trust with recommendation trust.

Based on the integrated direct trust and the factor of trust propagation distance, the indirect trust among the nodes of MANET is calculated. The above process can be optimized based on the dynamic machine learning presented in this study. The advantage of the new method is its intelligent ability to discover malicious nodes.

The advantage of the new method is its intelligent ability to discover malicious nodes which can partition the network by falsely reporting other nodes as misbehaving and proceeds to protect the network. The authors have done the experiments based on the tool kits such as NS3, QualNet, OMNET++ and MATLAB. The experimental results show that this study’s approach can effectively avoid the attacks of malicious nodes, and more conformable to the actual engineering application of MANET.

This paper aims to propose and evaluate an intrusion sensitivity (IS)-based approach regarding the detection of pollution attacks in collaborative intrusion detection networks (CIDNs) based on the observation that each intrusion detection system may have different levels of sensitivity in detecting specific types of intrusions.

In this work, the authors first introduce their adopted CIDN framework and a newly designed aggregation component, which aims to collect feedback, aggregate alarms and identify important alarms. The authors then describe the details of trust computation and alarm aggregation.

The evaluation on the simulated pollution attacks indicates that the proposed approach is more effective in detecting malicious nodes and reducing the negative impact on alarm aggregation as compared to similar approaches.

More efforts can be made in improving the mapping of the satisfaction level, enhancing the allocation, evaluation and update of IS and evaluating the trust models in a large-scale network.

This work investigates the effect of the proposed IS-based approach in defending against pollution attacks. The results would be of interest for security specialists in deciding whether to implement such a mechanism for enhancing CIDNs.

The experimental results demonstrate that the proposed approach is more effective in decreasing the trust values of malicious nodes and reducing the impact of pollution attacks on the accuracy of alarm aggregation as compare to similar approaches.

This study aims to evaluate the direct trust value for each node and calculate the trust value of all nodes satisfying the condition and update the trust value and value each trust update interval for a secure and efficient communication between sender and destination node. Hence, a Trusted Secure Geographic Routing Protocol (TSGRP) has been proposed for detecting attackers (presence of the hacker), considering the trust value for a node produced by combining the location trusted information and the direct trusted information.

Amelioration in the research studies related to mobile ad hoc networks (MANETs) and wireless sensor networks has shown greater concern in the presence of malicious nodes, due to which the delivery percentage in any given network can degrade to a larger extent, and hence make the network less reliable and more vulnerable to security.

TSGRP has outperformed the conventional protocols for detecting attacks in MANET. TSGRP is establishing a trust-based secure communication between the sender and destination node. The evaluated direct trust value is used after the transmission of route-request and route-reply packets, to evaluate the direct trust value of each node and a secure path is established between the sender and the destination node. The effectiveness of the proposed TSGRP is evaluated through NS-2 simulation.

The simulation results show the delay of the proposed method is 92% less than PRISM approach and the overhead of the proposed TSGRP approach is 61% less than PRISM approach.

To provide mutual anonymity over traditionally un‐anonymous Distributed Hash Tables (DHT) based Peer‐to‐Peer overlay networks, while maintaining the desired scalability and guaranteed lookup properties of the DHTs.

Agyaat uses a novel hybrid‐overlay design, a fully decentralized topology without any trusted proxies. It anonymizes both the querying and responding peers through the use of unstructured topologies, called clouds, which are added onto the structured overlays. In addition, it regulates the cloud topologies to ensure the guaranteed location of data and scalability of routing. A unique characteristic of the design is the ability of users to tradeoff between desired anonymity and performance. The paper presents a thorough performance and anonymity analysis of the system, and also analyzes few anonymity compromising attacks and countermeasures.

The results indicate that Agyaat is able to provide mutual anonymity while maintaining the scalability of lookups, affecting the costs only by a constant factor.

While Agyaat is able to meet its mutual anonymity and performance goals, there exist other security vulnerabilities like possible Denial‐of‐Service (DoS) attacks, both due to its design and the underlying DHT overlay. This is fertile ground for future work.

Agyaat uses a novel topology architecture and associated protocols that are conducive to providing mutually anonymous services.

In the final step, the trust model is applied to the on-demand federated multipath distance vector routing protocol (AOMDV) to introduce path trust as a foundation for routing selection in the route discovery phase, construct a trusted path, and implement a path warning mechanism to detect malicious nodes in the route maintenance phase, respectively.

A trust-based on-demand multipath distance vector routing protocol is being developed to address the problem of flying ad-hoc network being subjected to internal attacks and experiencing frequent connection interruptions. Following the construction of the node trust assessment model and the presentation of trust evaluation criteria, the data packet forwarding rate, trusted interaction degree and detection packet receipt rate are discussed. In the next step, the direct trust degree of the adaptive fuzzy trust aggregation network compute node is constructed. After then, rely on the indirect trust degree of neighbouring nodes to calculate the trust degree of the node in the network. Design a trust fluctuation penalty mechanism, as a second step, to defend against the switch attack in the trust model.

When compared to the lightweight trust-enhanced routing protocol (TEAOMDV), it significantly improves the data packet delivery rate and throughput of the network significantly.

Additionally, it reduces the amount of routing overhead and the average end-to-end delay.

In vehicular ad hoc networks (VANETs), the information transmitted is broadcast in a free access environment. Therefore, VANETs are vulnerable against attacks that can directly perturb the performance of the networks and then provoke big fall of capability. Black hole attack is an example such attack, where the attacker node pretends that having the shortest path to the destination node and then drops the packets. This paper aims to present a new method to detect the black hole attack in real-time in a VANET network.

This method is based on capability indicators that are widely used in industrial production processes. If the different capability indicators are greater than 1.33 and the stability ratio (S_r) is greater than 75%, the network is stable and the vehicles are communicating in an environment without the black hole attack. When the malicious nodes representing the black hole attacks are activated one by one, the fall of capability becomes more visible and the network is unstable, out of control and unmanaged, due to the presence of the attacks. The simulations were conducted using NS-3 for the network simulation and simulation of urban mobility for generating the mobility model.

The proposed mechanism does not impose significant overheads or extensive modifications in the standard Institute of Electrical and Electronics Engineers 802.11p or in the routing protocols. In addition, it can be implemented at any receiving node which allows identifying malicious nodes in real-time. The simulation results demonstrated the effectiveness of proposed scheme to detect the impact of the attack very early, especially with the use of the short-term capability indicators (Cp, Cpk and Cpm) of each performance metrics (throughput and packet loss ratio), which are more efficient at detecting quickly and very early the small deviations over a very short time. This study also calculated another indicator of network stability which is S_r, which allows to make a final decision if the network is under control and that the vehicles are communicating in an environment without the black hole attack.

According to the best of the authors’ knowledge, the method, using capability indicators for detecting the black hole attack in VANETs, has not been presented previously in the literature.

Any node in a mobile ad hoc network (MANET) can act as a host or router at any time and so, the nodes in the MANET are vulnerable to many types of attacks. Sybil attack is one of the harmful attacks in the MANET, which produces fake identities similar to legitimate nodes in the network. It is a serious threat to the MANET when a malicious node uses the fake identities to enter the network illegally.

A MANET is an independent collection of mobile nodes that form a temporary or arbitrary network without any fixed infrastructure. The nodes in the MANET lack centralized administration to manage the network and change their links to other devices frequently.

So for securing a MANET, an approach based on biometric authentication can be used. The multimodal biometric technology has been providing some more potential solutions for the user to be able to devise an authentication in MANETs of high security.

The Sybil detection approach, which is based on the received signal strength indicator (RSSI) variations, permits the node to be able to verify the authenticity of communicating nodes in accordance with their localizations.

As the MANET node suffers from a low level of memory and power of computation, there is a novel technique of feature extraction that is proposed for the multimodal biometrics that makes use of palm prints that are based on a charge-coupled device and fingerprints, along with the features that are fused.

This paper proposes an RSSI-based multimodal biometric solution to detect Sybil attack in MANETs.

The results of the experiment have indicated that this method has achieved a performance which is better compared to that of the other methods.

This study aims to present a novel system for detection and prevention of black hole and wormhole attacks in wireless sensor network (WSN) based on deep learning model. Here, different phases are included such as assigning the nodes, data collection, detecting black hole and wormhole attacks and preventing black hole and wormhole attacks by optimal path communication. Initially, a set of nodes is assumed for carrying out the communication in WSN. Further, the black hole attacks are detected by the Bait process, and wormhole attacks are detected by the round trip time (RTT) validation process. The data collection procedure is done with the Bait and RTT validation process with attribute information. The gathered data attributes are given for the training in which long short-term memory (LSTM) is used that includes the attack details. This is used for attack detection process. Once they are detected, those attacks are removed from the network using the optimal path selection process. Here, the optimal shortest path is determined by the improvement in the whale optimization algorithm (WOA) that is called as fitness rate-based whale optimization algorithm (FR-WOA). This shortest path communication is carried out based on the multi-objective function using energy, distance, delay and packet delivery ratio as constraints.

This paper implements a detection and prevention of attacks model based on FR-WOA algorithm for the prevention of attacks in the WSNs. With this, this paper aims to accomplish the desired optimization of multi-objective functions.

From the analysis, it is found that the accuracy of the optimized LSTM is better than conventional LSTM. The energy consumption of the proposed FR-WOA with 35 nodes is 7.14% superior to WOA and FireFly, 5.7% superior to grey wolf optimization and 10.3% superior to particle swarm optimization.

This paper develops the FR-WOA with optimized LSTM detecting and preventing black hole and wormhole attacks from WSN. To the best of the authors’ knowledge, this is the first work that uses FR-WOA with optimized LSTM detecting and preventing black hole and wormhole attacks from WSN.