Secure Dynamic MANET On-demand (SEDYMO) Routing Protocol

This paper describes the state of the art of secure ad hoc routing protocols and presents SEDYMO, a mechanism to secure a dynamic multihop ad hoc routing protocol. The proposed solution defeats internal and external attacks usinga trustworthiness model based on a distributed certification authority. Digital signatures and hash chains are used to ensure the correctness of the protocol. The protocol is compared with other alternatives in terms of security strength, energy efficiency and time delay. Both computational and transmission costs are considered and it is shown that the secure protocol overhead is not a critical factor compared to the high network interface cost.

An approach to mitigate denial of service attacks in ieee 802.11 networks

Wireless networks are widely deployed and have many uses, for example in critical embedded systems. The applications of this kind of network meets the common needs of most embedded systems and addressing the particularities of each scenario, such as limitations of computing resources and energy supply. Problems such as denial of service attacks are common place and cause great inconvenience. Thus, this study presents simulations of denial of service attacks on 802.11 wireless networks using the network simulator OMNeT++. Furthermore, we present an approach to mitigate such attack, obtaining significant results for improving wireless networks.

Detecting unknown attacks in wireless sensor networks that contain mobile nodes

As wireless sensor networks are usually deployed in unattended areas, security policies cannot be updated in a timely fashion upon identification of new attacks. This gives enough time for attackers to cause significant damage. Thus, it is of great importance to provide protection from unknown attacks. However, existing solutions are mostly concentrated on known attacks. On the other hand, mobility can make the sensor network more resilient to failures, reactive to events, and able to support disparate missions with a common set of sensors, yet the problem of security becomes more complicated. In order to address the issue of security in networks with mobile nodes, we propose a machine learning solution for anomaly detection along with the feature extraction process that tries to detect temporal and spatial inconsistencies in the sequences of sensed values and the routing paths used to forward these values to the base station. We also propose a special way to treat mobile nodes, which is the main novelty of this work. The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques. These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion. The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.

Computer Networks Security Models - A New Approach for Denial-of-Services Attacks Mitigation

Computer networks are a critical factor for the performance of a modern company. Managing networks is as important as managing any other aspect of the company’s performance and security. There are many tools and appliances for monitoring the traffic and analyzing the network flow security. They use different approaches and rely on a variety of characteristics of the network flows. Network researchers are still working on a common approach for security baselining that might enable early watch alerts. This research focuses on the network security models, particularly the Denial-of-Services (DoS) attacks mitigation, based on a network flow analysis using the flows measurements and the theory of Markov models. The content of the paper comprises the essentials of the author’s doctoral thesis.

Sensor Intelligence for Tackling Energy-Drain Attacks on Wireless Sensor Networks

In this paper we propose a model for intelligent agents (sensors) on a Wireless Sensor Network to guard against energy-drain attacks in an energy-efficient and autonomous manner. This is intended to be achieved via an energy-harvested Wireless Sensor Network using a novel architecture to propagate knowledge to other sensors based on automated reasoning from an attacked sensor.

Detecting stealthy attacks: Efficient monitoring of suspicious activities on computer networks

Stealthy attackers move patiently through computer networks - taking days, weeks or months to accomplish their objectives in order to avoid detection. As networks scale up in size and speed, monitoring for such attack attempts is increasingly a challenge. This paper presents an efficient monitoring technique for stealthy attacks. It investigates the feasibility of proposed method under number of different test cases and examines how design of the network affects the detection. A methodological way for tracing anonymous stealthy activities to their approximate sources is also presented. The Bayesian fusion along with traffic sampling is employed as a data reduction method. The proposed method has the ability to monitor stealthy activities using 10-20% size sampling rates without degrading the quality of detection.

Intrusion tolerant routing with data consensus in wireless sensor networks

Dissertação para obtenção do Grau de Mestre em Engenharia Informática

Properties of functional brain networks correlate with frequency of psychogenic non-epileptic seizures.

Abnormalities in the topology of brain networks may be an important feature and etiological factor for psychogenic non-epileptic seizures (PNES). To explore this possibility, we applied a graph theoretical approach to functional networks based on resting state EEGs from 13 PNES patients and 13 age- and gender-matched controls. The networks were extracted from Laplacian-transformed time-series by a cross-correlation method. PNES patients showed close to normal local and global connectivity and small-world structure, estimated with clustering coefficient, modularity, global efficiency, and small-worldness (SW) metrics, respectively. Yet the number of PNES attacks per month correlated with a weakness of local connectedness and a skewed balance between local and global connectedness quantified with SW, all in EEG alpha band. In beta band, patients demonstrated above-normal resiliency, measured with assortativity coefficient, which also correlated with the frequency of PNES attacks. This interictal EEG phenotype may help improve differentiation between PNES and epilepsy. The results also suggest that local connectivity could be a target for therapeutic interventions in PNES. Selective modulation (strengthening) of local connectivity might improve the skewed balance between local and global connectivity and so prevent PNES events.

Error and attack tolerance of layered complex networks.

Many complex systems may be described by not one but a number of complex networks mapped on each other in a multi-layer structure. Because of the interactions and dependencies between these layers, the state of a single layer does not necessarily reflect well the state of the entire system. In this paper we study the robustness of five examples of two-layer complex systems: three real-life data sets in the fields of communication (the Internet), transportation (the European railway system), and biology (the human brain), and two models based on random graphs. In order to cover the whole range of features specific to these systems, we focus on two extreme policies of system's response to failures, no rerouting and full rerouting. Our main finding is that multi-layer systems are much more vulnerable to errors and intentional attacks than they appear from a single layer perspective.

Robust Detection of Incumbents in Cognitive Radio Networks Using Groups

Cognitive radio is a wireless technology aimed at improvingthe efficiency use of the radio-electric spectrum, thus facilitating a reductionin the load on the free frequency bands. Cognitive radio networkscan scan the spectrum and adapt their parameters to operate in the unoccupiedbands. To avoid interfering with licensed users operating on a givenchannel, the networks need to be highly sensitive, which is achieved byusing cooperative sensing methods. Current cooperative sensing methodsare not robust enough against occasional or continuous attacks. This articleoutlines a Group Fusion method that takes into account the behavior ofusers over the short and long term. On fusing the data, the method is basedon giving more weight to user groups that are more unanimous in their decisions.Simulations have been performed in a dynamic environment withinterferences. Results prove that when attackers are present (both reiterativeor sporadic), the proposed Group Fusion method has superior sensingcapability than other methods.

On an IDS Model for Mobile Ad Hoc Networks

Manet security has a lot of open issues. Due to its character-istics, this kind of network needs preventive and corrective protection. Inthis paper, we focus on corrective protection proposing an anomaly IDSmodel for Manet. The design and development of the IDS are consideredin our 3 main stages: normal behavior construction, anomaly detectionand model update. A parametrical mixture model is used for behav-ior modeling from reference data. The associated Bayesian classi¯cationleads to the detection algorithm. MIB variables are used to provide IDSneeded information. Experiments of DoS and scanner attacks validatingthe model are presented as well.

A Fair and Secure Cluster Formation Process for Ad Hoc Networks

An efficient approach for organizing large ad hoc networks is to divide the nodesinto multiple clusters and designate, for each cluster, a clusterhead which is responsible forholding intercluster control information. The role of a clusterhead entails rights and duties.On the one hand, it has a dominant position in front of the others because it manages theconnectivity and has access to other node¿s sensitive information. But on the other hand, theclusterhead role also has some associated costs. Hence, in order to prevent malicious nodesfrom taking control of the group in a fraudulent way and avoid selfish attacks from suitablenodes, the clusterhead needs to be elected in a secure way. In this paper we present a novelsolution that guarantees the clusterhead is elected in a cheat-proof manner.