scholarly journals Designing Efficient Sinkhole Attack Detection Mechanism in Edge-Based IoT Deployment

Sensors ◽  
2020 ◽  
Vol 20 (5) ◽  
pp. 1300
Author(s):  
Sumit Pundir ◽  
Mohammad Wazid ◽  
Devesh Pratap Singh ◽  
Ashok Kumar Das ◽  
Joel J. P. C. J. P. C. Rodrigues ◽  
...  
Keyword(s):  
Network Performance ◽  
False Positive Rate ◽  
Security Analysis ◽  
Base Station ◽  
Attack Detection ◽  
Delivery Ratio ◽  
Performance Parameters ◽  
Detection Mechanism ◽  
Detection Scheme ◽  
Edge Based

The sinkhole attack in an edge-based Internet of Things (IoT) environment (EIoT) can devastate and ruin the whole functioning of the communication. The sinkhole attacker nodes ( S H A s) have some properties (for example, they first attract the other normal nodes for the shortest path to the destination and when normal nodes initiate the process of sending their packets through that path (i.e., via S H A ), the attacker nodes start disrupting the traffic flow of the network). In the presence of S H A s, the destination (for example, sink node i.e., gateway/base station) does not receive the required information or it may receive partial or modified information. This results in reduction of the network performance and degradation in efficiency and reliability of the communication. In the presence of such an attack, the throughput decreases, end-to-end delay increases and packet delivery ratio decreases. Moreover, it may harm other network performance parameters. Hence, it becomes extremely essential to provide an effective and competent scheme to mitigate this attack in EIoT. In this paper, an intrusion detection scheme to protect EIoT environment against sinkhole attack is proposed, which is named as SAD-EIoT. In SAD-EIoT, the resource rich edge nodes (edge servers) perform the detection of different types of sinkhole attacker nodes with the help of exchanging messages. The practical demonstration of SAD-EIoT is also provided using the well known NS2 simulator to compute the various performance parameters. Additionally, the security analysis of SAD-EIoT is conducted to prove its resiliency against various types of S H A s. SAD-EIoT achieves around 95.83 % detection rate and 1.03 % false positive rate, which are considerably better than other related existing schemes. Apart from those, SAD-EIoT is proficient with respect to computation and communication costs. Eventually, SAD-EIoT will be a suitable match for those applications which can be used in critical and sensitive operations (for example, surveillance, security and monitoring systems).

RAD-EI: A routing attack detection scheme for edge-based Internet of Things environment

2019 ◽  
Vol 32 (15) ◽  
pp. e4024 ◽  
Author(s):  
Mohammad Wazid ◽  
Poonam Reshma Dsouza ◽  
Ashok Kumar Das ◽  
Vivekananda Bhat K ◽  
Neeraj Kumar ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Attack Detection ◽  
Detection Scheme ◽  
Internet Of Things Environment ◽  
Routing Attack ◽  
Edge Based

scholarly journals A Sequence Number Prediction Based Bait Detection Scheme to Mitigate Sequence Number Attacks in MANETs

2018 ◽  
Vol 2018 ◽  
pp. 1-13
Author(s):  
Rutvij H. Jhaveri ◽  
Aneri Desai ◽  
Ankit Patel ◽  
Yubin Zhong
Keyword(s):  
Network Performance ◽  
Ad Hoc ◽  
Secure Routing ◽  
Detection Mechanism ◽  
Neighboring Node ◽  
Detection Scheme ◽  
Data Packets ◽  
Sequence Number ◽  
Aodv Protocol ◽  
And Performance

The characteristics of MANET such as decentralized architecture, dynamic topologies make MANETs susceptible to various security attacks. Sequence number attacks are such type of security threats which tend to degrade the network functioning and performance by sending fabricated route reply packets (RREP) with the objective of getting involved in the route and drop some or all of the data packets during the data transmission phase. The sequence number adversary attempts to send a fabricated high destination number in the RREP packet which attracts the sender to establish a path through the adversary node. This paper proposes a proactive secure routing mechanism which is an improvement over the authors previously proposed scheme. It makes use of linear regression mechanism to predict the maximum destination sequence number that the neighboring node can insert in the RREP packet. As an additional security checkpoint, it uses a bait detection mechanism to establish confidence in marking a suspicious node as a malicious node. The proposed approach works in collaboration with the ad hoc on-demand distance vector routing (AODV) protocol. The simulation results depict that the approach improves the network performance in the presence of adversaries as compared to previously proposed scheme.

scholarly journals Intrusion Detection Techniques based on Cross Layer For Wireless Local Area Networks

2013 ◽  
Vol 5 (2) ◽  
pp. 94-97
Author(s):  
Dr. Vinod Kumar ◽  
Mr Sandeep Agarwal ◽  
Mr Avtar Singh
Keyword(s):  
Intrusion Detection ◽  
False Positive ◽  
False Positive Rate ◽  
Threshold Value ◽  
Base Station ◽  
Cross Layer ◽  
Delivery Ratio ◽  
Detection Techniques ◽  
Weight Value ◽  
Positive Rate

In this paper, we propose to design a cross-layer based intrusion detection technique for wireless networks. In this technique a combined weight value is computed from the Received Signal Strength (RSS) and Time Taken for RTS-CTS handshake between sender and receiver (TT). Since it is not possible for an attacker to assume the RSS exactly for a sender by a receiver, it is an useful measure for intrusion detection. We propose that we can develop a dynamic profile for the communicating nodes based on their RSS values through monitoring the RSS values periodically for a specific Mobile Station (MS) or a Base Station (BS) from a server. Monitoring observed TT values at the server provides a reliable passive detection mechanism for session hijacking attacks since it is an unspoofable parameter related to its measuring entity. If the weight value is greater than a threshold value, then the corresponding node is considered as an attacker. By suitably adjusting the threshold value and the weight constants, we can reduce the false positive rate, significantly. By simulation results, we show that our proposed technique attains low misdetection ratio and false positive rate while increasing the packet delivery ratio.

scholarly journals A Distributed Testbed for 5G Scenarios: An Experimental Study

Sensors ◽  
2019 ◽  
Vol 20 (1) ◽  
pp. 18 ◽  
Author(s):  
Mohammad Kazem Chamran ◽  
Kok-Lim Alvin Yau ◽  
Rafidah M. D. Noor ◽  
Richard Wong
Keyword(s):  
Decision Making ◽  
Network Performance ◽  
Software Radio ◽  
Base Station ◽  
Spectrum Efficiency ◽  
Small Cells ◽  
Delivery Ratio ◽  
Processing Unit ◽  
Wireless Medium ◽  
Control Message

This paper demonstrates the use of Universal Software Radio Peripheral (USRP), together with Raspberry Pi3 B+ (RP3) as the brain (or the decision making engine), to develop a distributed wireless network in which nodes can communicate with other nodes independently and make decision autonomously. In other words, each USRP node (i.e., sensor) is embedded with separate processing units (i.e., RP3), which has not been investigated in the literature, so that each node can make independent decisions in a distributed manner. The proposed testbed in this paper is compared with the traditional distributed testbed, which has been widely used in the literature. In the traditional distributed testbed, there is a single processing unit (i.e., a personal computer) that makes decisions in a centralized manner, and each node (i.e., USRP) is connected to the processing unit via a switch. The single processing unit exchanges control messages with nodes via the switch, while the nodes exchange data packets among themselves using a wireless medium in a distributed manner. The main disadvantage of the traditional testbed is that, despite the network being distributed in nature, decisions are made in a centralized manner. Hence, the response delay of the control message exchange is always neglected. The use of such testbed is mainly due to the limited hardware and monetary cost to acquire a separate processing unit for each node. The experiment in our testbed has shown the increase of end-to-end delay and decrease of packet delivery ratio due to software and hardware delays. The observed multihop transmission is performed using device-to-device (D2D) communication, which has been enabled in 5G. Therefore, nodes can either communicate with other nodes via: (a) a direct communication with the base station at the macrocell, which helps to improve network performance; or (b) D2D that improve spectrum efficiency, whereby traffic is offloaded from macrocell to small cells. Our testbed is the first of its kind in this scale, and it uses RP3 as the distributed decision-making engine incorporated into the USRP/GNU radio platform. This work provides an insight to the development of a 5G network.

scholarly journals LDAKM-EIoT: Lightweight Device Authentication and Key Management Mechanism for Edge-Based IoT Deployment

Sensors ◽  
2019 ◽  
Vol 19 (24) ◽  
pp. 5539 ◽  
Author(s):  
Mohammad Wazid ◽  
Ashok Kumar Das ◽  
Sachin Shetty ◽  
Joel J. P. C. Rodrigues ◽  
Youngho Park
Keyword(s):  
Key Management ◽  
Secure Communication ◽  
Network Performance ◽  
Security Analysis ◽  
Internet Security ◽  
Session Key ◽  
Open Communication ◽  
Management Mechanism ◽  
Novel Device ◽  
Edge Based

In recent years, edge computing has emerged as a new concept in the computing paradigm that empowers several future technologies, such as 5G, vehicle-to-vehicle communications, and the Internet of Things (IoT), by providing cloud computing facilities, as well as services to the end users. However, open communication among the entities in an edge based IoT environment makes it vulnerable to various potential attacks that are executed by an adversary. Device authentication is one of the prominent techniques in security that permits an IoT device to authenticate mutually with a cloud server with the help of an edge node. If authentication is successful, they establish a session key between them for secure communication. To achieve this goal, a novel device authentication and key management mechanism for the edge based IoT environment, called the lightweight authentication and key management scheme for the edge based IoT environment (LDAKM-EIoT), was designed. The detailed security analysis and formal security verification conducted by the widely used “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool prove that the proposed LDAKM-EIoT is secure against several attack vectors that exist in the infrastructure of the edge based IoT environment. The elaborated comparative analysis of the proposed LDAKM-EIoT and different closely related schemes provides evidence that LDAKM-EIoT is more secure with less communication and computation costs. Finally, the network performance parameters are calculated and analyzed using the NS2 simulation to demonstrate the practical facets of the proposed LDAKM-EIoT.

scholarly journals Sinkhole Attack Detection and Prevention using Agent Based Algorithm

2021 ◽  
Vol 23 (05) ◽  
pp. 526-544
Author(s):  
Ashwini V. Jatti ◽  
◽  
Dr V. J. K. Kishor Sonti ◽  
Keyword(s):  
Network Performance ◽  
Attack Detection ◽  
Packet Delivery Ratio ◽  
Delivery Ratio ◽  
Agent Based ◽  
Data Packets ◽  
Packet Delivery ◽  
Jitter Delay ◽  
Network Simulations ◽  
Simulation Results

This study presents sinkhole attack detection and prevention using agent-based algorithm. In this algorithm, agents are used to provide information to all node from its reliable neighbors by negotiation in three steps, thus nodes may not be able to pay the attention to the traffic made by sinkhole attacker. In this work, network scale of 500×500 m2 square areas have been considered. Series of simulation are carried in each experiment. Every simulation run is being organized to work for 10mins. Network performance is evaluated in terms of throughput, packet delivery ratio, jitter, delay in packets delivery, data packets received, data packets drop using network simulations software. Network simulation results depicts that in proposed algorithm, throughput increases by 15 to 20 percent, packet delivery ratio increases by 30 to 40%, decrease in the jitter by 10 to 15 %, delay in packets delivery is decreased by 15 to 20 %, data packets received are increased by 15 to 20 % and number of the data packets drop are decreased by 5 to 15 %. Based on simulation results throughput, packet delivery ratio and data packets received increased in proposed agent-based algorithm. However, it is observed that, jitter, delay in packets delivery and data packets drop were decreased.

scholarly journals MAR_Worm: Secure and Efficient Wormhole Detection Scheme through Trusted Neighbour Nodes in VANETs

2019 ◽  
Vol 9 (2S) ◽  
pp. 180-183
Keyword(s):  
Trust Management ◽  
Attack Detection ◽  
Ieee 802.11P ◽  
Intelligent Transport System ◽  
Network Simulator ◽  
Malicious Nodes ◽  
Detection Mechanism ◽  
Traffic Condition ◽  
Detection Scheme ◽  
Efficient Detection

VANET is an application and subclass of MANET’s, in which nodes are mobiles and considered as moving, communicating vehicles in a wireless adhoc network. Vehicles communicate through dedicated short rage communication (DSRC) via IEEE 802.11p protocol. With the progress of wireless technology, vehicular ad hoc network has become emerging technology to support real-time traffic condition, safety, entertainment, enhance driver experience and emergency navigation in intelligent transport system (ITS). Core of VANETs application is the communication between vehicle to vehicle (V2V), vehicle to roadside unit (V2RSU) and securing the data messages from malicious activities and attackers in the network. Securing V2V and V2RSU communication has raised challenging issues in detecting and avoiding malicious attackers for secure communications. VANET’s are exposed to different threats while routing data, wormhole attack is the most threatening routing attack which severely effects VANET routing data and causes incorrect routing by private tunnels and damages to VANET’s communication in terms of data leakage, data dropping, and delayed delivery. However existing attack detection schemes have failed to meet secured VANETs communication leading to packet loss. In this paper we propose an efficient wormhole detection mechanism by creating potential and trusted neighbour nodes discovery (TNND) in VANETs, which can detect malicious nodes through enabling common forwarding neighbour nodes as witness to monitor data packets are forwarded by malicious nodes. Basically this mechanism is based on trust management. This scheme is resilient and resistant against attackers launching malicious nodes to corrupt entire network. Simulation is carried on event driven network simulator and results shows efficient detection of wormhole nodes, increases packet delivery and performs better than existing detection scheme.

scholarly journals A three-tier scheme for sybil attack detection in heterogeneous IWSN

2020 ◽  
Vol 309 ◽  
pp. 02005
Author(s):  
Hui Wang
Keyword(s):  
Wireless Sensor Network ◽  
Sensor Network ◽  
High Energy ◽  
Residual Energy ◽  
Base Station ◽  
Attack Detection ◽  
Wireless Sensor ◽  
Sybil Attack ◽  
Security Risks ◽  
Detection Scheme

Industrial wireless sensor network is a new application of wireless sensor network in the field of industry in recent years. However, IWSN may be subject to different attacks and security risks, among which the Sybil attack is the most harmful type of base attack. According to the characteristics of wireless sensor networks in industrial environment, a new three-tier detection scheme is proposed. In the first-level, all common nodes and Sybil nodes were detected by RSSI-based quadratic difference method. In the second layer, the residual energy-based method is used to continue the detection of the nodes that have been detected in the first-level. The detection of first and second-level high-energy nodes is finally completed by the base station. The simulation results show that our proposed scheme significantly improves network lifetime and effectively improve the detection rate of Sybil nodes.

scholarly journals Systematic Cluster Head (CH) Selection Through Node-Grade Based Clustering (NGBC) in WSN

2018 ◽  
Vol 7 (4.36) ◽  
pp. 562 ◽  
Author(s):  
J. K. Deepak Keynes ◽  
D. Shalini Punithavathani
Keyword(s):  
Network Performance ◽  
Cluster Head ◽  
Threshold Energy ◽  
Base Station ◽  
Sensor Nodes ◽  
Delivery Ratio ◽  
Data Packets ◽  
Computational Ability ◽  
Performance Results ◽  
Ch Selection

As it is well known, in Wireless Sensor Networks, the sensor nodes will be either mobile or static. When mobility is concerned, on the whole network performance could be degraded, since the sensor nodes are furnished with restricted battery power, restricted memory, less computational ability and lower range of communication. So, a mechanism which is effective is needed there for forwarding the data packets with efficient energy management and coverage. With that note, the principle target of this work is to propose systematic method of CH selection based on the factors such as low mobility, density of the nodes and their remaining energy. Moreover, an innovative method called Node-Grade Based Clustering (NGBC) is proposed in this paper so as to select the CHs, studying the node’s energy and position regarding to their Base Station (BS), which will act as a sink for collected information. The CHs are replaced in every round based on its duty cycle on sensor nodes and Threshold Energy Rate (TER). Since the BS evaluates the quantity of every round a CH (Cluster Head) can sustain, it minimizes the quantity of energy consumed and increases the WSN’s lifetime. The results of the simulation demonstrate that the proposed algorithm attains higher coverage, efficiency in energy and network lifetime. Furthermore, the performance results in the work which is proposed, are distinguished with the algorithms proposed previously such as LEACH and HEED using some evaluation metrics like packet delivery ratio, throughput, energy consumption and end-to-end delay to prove the efficiency of energy efficient NGBC.  

An Approach to Discover the Stable Routes in BGP Confederations

2017 ◽  
Vol 8 (2) ◽  
pp. 134-147
Author(s):  
Shipra Shukla ◽  
Mahesh Kumar
Keyword(s):  
Routing Protocol ◽  
Network Performance ◽  
Autonomous Systems ◽  
Convergence Time ◽  
Delivery Ratio ◽  
Performance Parameters ◽  
Routing Policy ◽  
Routing Policies ◽  
Route Oscillations ◽  
Stable Network

This article describes how the current internet is a network of interconnected autonomous systems which is susceptible to route instability when transferring data. The BGP confederation is the essential intra-domain routing protocol that may cause instability on the Internet. So far, route instability has been widely studied for internal BGP. However, the existing routing policies such as APMS and H-SSPP are not adequate for the route stability of BGP confederations. In fact, these routing policies may degrade the network performance parameters in terms of the packet delivery ratio, convergence time, average throughput and the average end to end delay. Therefore, this article proposes the Flexible BGP Confederation Policy Management (FBCPM) to reduce the anomalies. The proposed approach detects the route instability in the networks and provides a policy to construct a stable network. The routing policy shrinks the route oscillations and forwarding loops. Furthermore, the simulation results confirm that the authors' proposed approach has improved network performance parameters compared to other existing approaches.

Sign in / Sign up

Export Citation Format

Share Document