The document describes a pairwise key establishment scheme for ad hoc networks. It proposes using cellular automata rules to dynamically establish shared keys between two nodes. Each node sends either a cellular automata rule or the initialization parameters to the other node. The receiving node then uses the rule and parameters along with cellular automata computations to independently derive the shared key. This allows keys to be established dynamically without transmitting the actual keys or requiring an online server. The scheme aims to provide secure communication through pairwise key establishment while being computationally efficient and not relying on predistributed keys.
Hierarchical Key Agreement Protocol for Wireless Sensor Networksidescitation
Wireless sensor network promises ubiquitous data
collection and processing for variety of commercial, healthcare
and military applications. Practical realization of WSN
applications is possible only after assuring network security.
Cryptographic key distribution is an important phase in
network security which establishes initial trust in the network.
Security protocol implementation in WSN is limited by
resource constrained nature of sensor nodes. The key
distribution algorithm satisfying security requirements of
given WSN application should be implemented with minimum
communication and memory overhead. As a solution to this
problem, hierarchical key management technique is proposed
in this paper. Symmetric key pre-distribution technique with
less computational overhead and ID-based asymmetric key
(IBK) distribution technique with less communication
overhead are applied simultaneously in the network at
different levels. Resilience strength and resource overhead of
the proposed scheme is compared with both symmetric and
asymmetric techniques.
A Trust Conscious Secure Route Data Communication in MANETSCSCJournals
Security in mobile adhoc networks is difficult to achieve, notably because of the vulnerability of wireless links, the limited physical protection of nodes, the dynamically changing topology, the absence of a certification authority, and the lack of a centralized monitoring or management point. The major difficulty in adhoc network occurs when a new node join network but not having any trusts relation with other node of network. We have proposed a new mechanism that provides trust conscious and secure data communication between the nodes. In this mechanism we will dynamically increase the trust from (Low to High) between the mobile nodes using proxy node. When mobile node needs secure data communication, it will generate a dynamic secret session key with the desired destination mobile node directly or via proxy mobile node. These dynamic secret session keys are generated using message digest and Diffie-Hellmann protocol.
Securing cluster based adhoc network through balanced clustering with distrib...eSAT Journals
Abstract In this paper, we address key management in cluster-based mobile ad hoc networks (MANETs). We present a fully-distributed ID-based multiple secrets key management scheme (IMKM). This scheme is implemented via a combination of ID-based multiple secrets and threshold cryptography. Ensuring secure communication in an ad hoc network is extremely challenging because of the dynamic nature of the network and the lack of centralized management. Our proposed analysis includes the effect of packet generation model, random deployment of sensors, dynamic cluster head assignment, data compression, and energy consumption model at the sensors. a new protocol called Equalized Cluster Head Election Routing Protocol (ECHERP), which pursues energy conservation through balanced clustering, is proposed. Performance evaluation of ECHERP is carried out through simulation tests. We also present a novel key predistribution scheme that uses deployment knowledge to divide deployment regions into overlapping clusters, each of which has its own distinct key space. Through careful construction of these clusters, network resilience is improved, we focus on the management of encryption keys in large-scale clustered WSNs. We propose a novel distributed key management scheme based on Exclusion Basis Systems (EBS); a combinatorial formulation of the group key management problem. Initially, clusters are formed in the network and the cluster heads are selected based on the energy cost, coverage and processing capacity. The sink assigns cluster key to every cluster and an EBS key set to every cluster head. The EBS key set contains the pairwise keys for intra-cluster and inter-cluster communication. During data transmission towards the sink, the data is made to pass through two phases of encryption thus ensuring security in the network. Our results include performance evaluation in terms of security metrics in clustered WSN and a detailed analysis of resource utilization. Keywords: cluster, deployment knowledge, energy efficiency key predistribution, event-driven, exclusion basis systems, hierarchical routing, ID-based cryptography, key agreement, key management, lifetime, location-aware protocols, mobile ad hoc network, Network coding, , random deployment, Security, secret sharing, secret key distribution, sensor networks, volatile environments, Wireless sensor networks secure group communications.
Security Model for Hierarchical Clustered Wireless Sensor NetworksCSCJournals
The proposed security system for the Wireless Sensor Network (WSN) is based on the WSN security design goal that ‘to design a completely secure WSN, security must be integrated into every node of the system’. This paper discusses on two main components of the security framework viz. the secure key management module and the secure routing scheme. The incorporation of security mechanism during the routing protocol design phase is the main focus of this paper. The proposed security framework viz. ‘Secure and Hierarchical, a Routing Protocol’ (SHARP) is designed for the wireless sensor network applications which is deployed particularly for data collection purpose in a battlefield where the security aspect of the network cannot be compromised at any cost. SHARP consists of three basic integrated modules and each module performs a well defined task to make the whole security framework a complete system on its own.
A key management approach for wireless sensor networksZac Darcy
In this paper we presenta key management approach for wireless sensor networks. This approach
facilitating an efficient scalable post-distribution key establishment that provides different security services.
We have developed and tested this approach under TinyOs. Result shows that this approach provides
acceptable resistance against node capture attacks and replay attacks. The provision of security services is
completely transparent to the user of the WSNs. Furthermore, being highly scalable and lightweight, this
approach is appropriate to be used in a wireless sensor network of hundreds of nodes.
Analyzing and Securing Data Transmission in Wireless Sensor Networks through ...ijtsrd
Wireless Sensor Networks are gaining popularity in various fields and areas. But these nodes are vulnerable as they are open networks and easily accessible. The major challenge is to have a secure data transmission between the nodes. To establish a secure transmission, we require a security scheme like a cryptographic algorithm, but this also requires a secure key distribution between nodes. The WSN’s have constraints like limited area, power and memory which restrict all the categories of cryptographic algorithm. Depending upon the criteria’s and constraints, cryptographic algorithm like Elliptic Curve Cryptography ECC is best suitable for WSN’s environment. ECC has a smaller key size, high security and less computation time which makes the node an efficient crypto system. In order to protect the security of data, we propose a novel secure transmission strategy based on Cryptography. In this design, we acquire sensitive information securely so as to make use of the advantage of encryption. Our approach deal with the weakness of limitation in sensor node resources and the security threats, it is suitable for stream data in sensor nodes. The simulation experiments also demonstrate that this approach is effective in transmitting sensitive data covertly with the characteristics of lower energy consumptions and invisibility. This paper describes the implementation of ECC cryptosystem for WSN for secure key and data transmission between the nodes. Shahid Ishaq | Rashmi Raj "Analyzing & Securing Data Transmission in Wireless Sensor Networks through Cryptography Techniques" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-3 , April 2020, URL: https://www.ijtsrd.com/papers/ijtsrd30328.pdf Paper Url :https://www.ijtsrd.com/engineering/electronics-and-communication-engineering/30328/analyzing-and-securing-data-transmission-in-wireless-sensor-networks-through-cryptography-techniques/shahid-ishaq
Hierarchical Key Agreement Protocol for Wireless Sensor Networksidescitation
Wireless sensor network promises ubiquitous data
collection and processing for variety of commercial, healthcare
and military applications. Practical realization of WSN
applications is possible only after assuring network security.
Cryptographic key distribution is an important phase in
network security which establishes initial trust in the network.
Security protocol implementation in WSN is limited by
resource constrained nature of sensor nodes. The key
distribution algorithm satisfying security requirements of
given WSN application should be implemented with minimum
communication and memory overhead. As a solution to this
problem, hierarchical key management technique is proposed
in this paper. Symmetric key pre-distribution technique with
less computational overhead and ID-based asymmetric key
(IBK) distribution technique with less communication
overhead are applied simultaneously in the network at
different levels. Resilience strength and resource overhead of
the proposed scheme is compared with both symmetric and
asymmetric techniques.
A Trust Conscious Secure Route Data Communication in MANETSCSCJournals
Security in mobile adhoc networks is difficult to achieve, notably because of the vulnerability of wireless links, the limited physical protection of nodes, the dynamically changing topology, the absence of a certification authority, and the lack of a centralized monitoring or management point. The major difficulty in adhoc network occurs when a new node join network but not having any trusts relation with other node of network. We have proposed a new mechanism that provides trust conscious and secure data communication between the nodes. In this mechanism we will dynamically increase the trust from (Low to High) between the mobile nodes using proxy node. When mobile node needs secure data communication, it will generate a dynamic secret session key with the desired destination mobile node directly or via proxy mobile node. These dynamic secret session keys are generated using message digest and Diffie-Hellmann protocol.
Securing cluster based adhoc network through balanced clustering with distrib...eSAT Journals
Abstract In this paper, we address key management in cluster-based mobile ad hoc networks (MANETs). We present a fully-distributed ID-based multiple secrets key management scheme (IMKM). This scheme is implemented via a combination of ID-based multiple secrets and threshold cryptography. Ensuring secure communication in an ad hoc network is extremely challenging because of the dynamic nature of the network and the lack of centralized management. Our proposed analysis includes the effect of packet generation model, random deployment of sensors, dynamic cluster head assignment, data compression, and energy consumption model at the sensors. a new protocol called Equalized Cluster Head Election Routing Protocol (ECHERP), which pursues energy conservation through balanced clustering, is proposed. Performance evaluation of ECHERP is carried out through simulation tests. We also present a novel key predistribution scheme that uses deployment knowledge to divide deployment regions into overlapping clusters, each of which has its own distinct key space. Through careful construction of these clusters, network resilience is improved, we focus on the management of encryption keys in large-scale clustered WSNs. We propose a novel distributed key management scheme based on Exclusion Basis Systems (EBS); a combinatorial formulation of the group key management problem. Initially, clusters are formed in the network and the cluster heads are selected based on the energy cost, coverage and processing capacity. The sink assigns cluster key to every cluster and an EBS key set to every cluster head. The EBS key set contains the pairwise keys for intra-cluster and inter-cluster communication. During data transmission towards the sink, the data is made to pass through two phases of encryption thus ensuring security in the network. Our results include performance evaluation in terms of security metrics in clustered WSN and a detailed analysis of resource utilization. Keywords: cluster, deployment knowledge, energy efficiency key predistribution, event-driven, exclusion basis systems, hierarchical routing, ID-based cryptography, key agreement, key management, lifetime, location-aware protocols, mobile ad hoc network, Network coding, , random deployment, Security, secret sharing, secret key distribution, sensor networks, volatile environments, Wireless sensor networks secure group communications.
Security Model for Hierarchical Clustered Wireless Sensor NetworksCSCJournals
The proposed security system for the Wireless Sensor Network (WSN) is based on the WSN security design goal that ‘to design a completely secure WSN, security must be integrated into every node of the system’. This paper discusses on two main components of the security framework viz. the secure key management module and the secure routing scheme. The incorporation of security mechanism during the routing protocol design phase is the main focus of this paper. The proposed security framework viz. ‘Secure and Hierarchical, a Routing Protocol’ (SHARP) is designed for the wireless sensor network applications which is deployed particularly for data collection purpose in a battlefield where the security aspect of the network cannot be compromised at any cost. SHARP consists of three basic integrated modules and each module performs a well defined task to make the whole security framework a complete system on its own.
A key management approach for wireless sensor networksZac Darcy
In this paper we presenta key management approach for wireless sensor networks. This approach
facilitating an efficient scalable post-distribution key establishment that provides different security services.
We have developed and tested this approach under TinyOs. Result shows that this approach provides
acceptable resistance against node capture attacks and replay attacks. The provision of security services is
completely transparent to the user of the WSNs. Furthermore, being highly scalable and lightweight, this
approach is appropriate to be used in a wireless sensor network of hundreds of nodes.
Analyzing and Securing Data Transmission in Wireless Sensor Networks through ...ijtsrd
Wireless Sensor Networks are gaining popularity in various fields and areas. But these nodes are vulnerable as they are open networks and easily accessible. The major challenge is to have a secure data transmission between the nodes. To establish a secure transmission, we require a security scheme like a cryptographic algorithm, but this also requires a secure key distribution between nodes. The WSN’s have constraints like limited area, power and memory which restrict all the categories of cryptographic algorithm. Depending upon the criteria’s and constraints, cryptographic algorithm like Elliptic Curve Cryptography ECC is best suitable for WSN’s environment. ECC has a smaller key size, high security and less computation time which makes the node an efficient crypto system. In order to protect the security of data, we propose a novel secure transmission strategy based on Cryptography. In this design, we acquire sensitive information securely so as to make use of the advantage of encryption. Our approach deal with the weakness of limitation in sensor node resources and the security threats, it is suitable for stream data in sensor nodes. The simulation experiments also demonstrate that this approach is effective in transmitting sensitive data covertly with the characteristics of lower energy consumptions and invisibility. This paper describes the implementation of ECC cryptosystem for WSN for secure key and data transmission between the nodes. Shahid Ishaq | Rashmi Raj "Analyzing & Securing Data Transmission in Wireless Sensor Networks through Cryptography Techniques" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-3 , April 2020, URL: https://www.ijtsrd.com/papers/ijtsrd30328.pdf Paper Url :https://www.ijtsrd.com/engineering/electronics-and-communication-engineering/30328/analyzing-and-securing-data-transmission-in-wireless-sensor-networks-through-cryptography-techniques/shahid-ishaq
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Refining data security in infrastructurenetworks support of multipath routingeSAT Journals
Abstract An infrastructure network is a self-organizing network with help of Access Point (AP) of wireless links connecting nodes to another. The nodes can communicate without an ad hoc. They form an uninformed topology(BSS/ESS), where the nodes play the role of routers and are free to move randomly. Infrastructure networks proved their efficiency being used in different fields but they are highly vulnerable to security attacks and dealing with this is one of the main challenges of these networks at present.In recent times some clarification are proposed to provide authentication, confidentiality, availability, secure routing and intrusion avoidance in infrastructure networks. Implementing security in such dynamically changing networks is a hard task. Infrastructure network characteristics should be taken into consideration to be clever to design efficient solutions. Here we spotlight on civilizing the flow transmission privacy in infrastructure networks based on multipath routing. Certainly, we take benefit of the being of multiple paths between nodes in an infrastructure network to increase the confidentiality robustness of transmitted data with the help of Access Point. In our approach the original message to secure is split into shares through access point that are encrypted and combined then transmitted along different disjointed existing paths between sender and receiver. Even if an intruderachieve something to get one or more transmitted distribute the likelihood that the unique message will be reconstituted is very squat.
Concealed Data Aggregation with Dynamic Intrusion Detection System to Remove ...csandit
Data Aggregation is a vital aspect in WSNs (Wireless Sensor Networks) and this is because it
reduces the quantity of data to be transmitted over the complex network. In earlier studies
authors used homomorphic encryption properties for concealing statement during aggregation
such that encrypted data can be aggregated algebraically without decrypting them. These
schemes are not applicable for multi applications which lead to proposal of Concealed Data
Aggregation for Multi Applications (CDAMA). It is designed for multi applications, as it
provides secure counting ability. In wireless sensor networks SN are unarmed and are
susceptible to attacks. Considering the defence aspect of wireless environment we have used
DYDOG (Dynamic Intrusion Detection Protocol Model) and a customized key generation
procedure that uses Digital Signatures and also Two Fish Algorithms along with CDAMA for
augmentation of security and throughput. To prove our proposed scheme’s robustness and
effectiveness, we conducted the simulations, inclusive analysis and comparisons at the ending.
ENHANCED THREE TIER SECURITY ARCHITECTURE FOR WSN AGAINST MOBILE SINK REPLI...ijwmn
Recent developments on Wireless Sensor Networks have made their application in a wide range
such as military sensing and tracking, health monitoring, traffic monitoring, video surveillance and so on.
Wireless sensor nodes are restricted to computational resources, and are always deployed in a harsh,
unattended or unfriendly environment. Therefore, network security becomes a tough task and it involves
the authorization of admittance to data in a network. The problem of authentication and pair wise key
establishment in sensor networks with mobile sink is still not solved in the mobile sink replication attacks.
In q-composite key pre distribution scheme, a large number of keys are compromised by capturing a
small fraction of sensor nodes by the attacker. The attacker can easily take a control of the entire network
by deploying a replicated mobile sinks. Those mobile sinks which are preloaded with compromised keys
are used authenticate and initiate data communication with sensor node. To determine the above problem
the system adduces the three-tier security framework for authentication and pair wise key establishment
between mobile sinks and sensor nodes. The previous system used the polynomial key pre distribution
scheme for the sensor networks which handles sink mobility and continuous data delivery to the
neighbouring nodes and sinks, but this scheme makes high computational cost and reduces the life time of
sensors. In order to overcome this problem a random pair wise key pre distribution scheme is suggested
and further it helps to improve the network resilience. In addition to this an Identity Based Encryption is
used to encrypt the data and Mutual authentication scheme is proposed for the identification and
isolation of replicated mobile sink from the network.
Performance and Simulation Study of TheProposed Direct, Indirect Trust Distri...cseij
ABSTRACT
In this paper, we propose a routing protocol that is based on securing the routing information from
unauthorized users. Even though routing protocols of this category are already proposed, they are not
efficient, in the sense that, they use the same kind of encryption algorithms (mostly high level) for every
Bit of routing information they pass from one intermediate node to another in the routing path. The
proposed mechanism is evaluated against selected alternative trust schemes, with the results showing that
our proposal achieves its goals.Our research aims at providing a secure and distributed
authentication service in the ad hoc networks.
LSR PROTOCOL BASED ON NODES POTENTIALITY IN TRUST AND RESIDUAL ENERGY FOR WSNSIJNSA Journal
In Wireless Sensor Networks (WSNs), all the nodes selected for packet routing must be trustworthy, and at the same time energetic too. Smooth conservation of nodes energies and the trust levels, are an important issues in WSN because they directly affects the life span and reliability of the nodes as well as the entire network. The energy utilization at every node must be very smooth and at the same time, packets should be forwarded via trusted nodes only. In this paper, we propose an Energy Efficient Link State Routing Protocol (EELSRP) using the potential nodes selected by applying the fuzzy logic on the trust and residual energy levels. This routing protocol finds the best route by balancing the nodesresidual energies and trust levels, and protects the WSN against routing attacks by eliminating the untrusted nodes before the creation of route.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
USING A DEEP UNDERSTANDING OF NETWORK ACTIVITIES FOR SECURITY EVENT MANAGEMENTIJNSA Journal
With the growing deployment of host-based and network-based intrusion detection systems in increasingly
large and complex communication networks, managing low-level alerts from these systems becomes
critically important. Probes of multiple distributed firewalls (FWs), intrusion detection systems (IDSs) or
intrusion prevention systems (IPSs) are collected throughout a monitored network such that large series of
alerts (alert streams) need to be fused. An alert indicates an abnormal behavior, which could potentially be
a sign for an ongoing cyber attack. Unfortunately, in a real data communication network, administrators
cannot manage the large number of alerts occurring per second, in particular since most alerts are false
positives. Hence, an emerging track of security research has focused on alert correlation to better identify
true positive and false positive. To achieve this goal we introduce Mission Oriented Network Analysis
(MONA). This method builds on data correlation to derive network dependencies and manage security
events by linking incoming alerts to network dependencies.
An efficient approach for secured communication in wireless sensor networks IJECEIAES
Wireless sensor network (WSN) have limited bandwidth, low computational functions, energy constraints. Inspite of these constraints, WSN is useful where communication happens without infrastructure support. The main concern of WSN is the security as the sensor nodes may be attacked and information may be hacked. Security of WSN should have the capability to ensure that the message received was sent by the particular sent node and not modified during transmission. WSN applications require lightweight and strong authentication mechanisms for obtaining data from unprivileged users. In wireless sensor networks, authentication is the effective method to stop unauthorized and undisrupted communication service. In order to strengthen the authenticated communication, several researchers have developed mechanisms. Some of the techniques work with identifying the attacked node or detecting injected bogus message in the network. Encryption and decryption are the popular methods of providing the security. These are based on either public-key or symmetric-key cryptosystems.Many of the existing solutions have limitations in communication and computational expertise. Also, the existing mechanisms lack in providing strength and scalability of the network. In order address these issues; a polynomial based method was introduced in recent days. Key distribution is a significant aspect in key management in WSNs. The simplest method of distribution of key is by hand which was used in the days of couriers. Now a day, most distribution of keys is done automatically. The automatic distribution of keys is essential and convenient in networks that require two parties to transmit their security keys in the same communication medium. In this work, a new type of key exchange mechanism is proposed. The proposed method for authentication among sensor nodes proves to be promising as per the simulation results. The nodes which are unknown to each other setup a private however arbitrary key for the symmetric key cryptosystem.
Key Management Scheme for Secure Group Communication in WSN with Multiple Gr...csandit
Security is one of the inherent challenges in the area of Wireless Sensor Network (WSN). At
present, majority of the security protocols involve massive iterations and complex steps of
encryptions thereby giving rise to degradation of quality of service. Many WSN applications are
based on secure group communication. In this paper, we have proposed a scheme for secure
group key management with simultaneous multiple groups. The scheme uses a key-based
approach for managing the groups and we show that membership change events can be
handled with less storage, communication and computation cost. The scheme also offers
authentication to the messages communicated within and among the groups.
Analysis of wifi and wimax and wireless network coexistenceIJCNCJournal
Wireless networks are very popular nowadays. Wireless Local Area Network (WLAN) that uses the IEEE 802.11 standard and WiMAX (Worldwide Interoperability for Microwave Access) that uses the IEEE802.16 standard are networks that we want to explore. WiMAX has been developed over 10 years, but it is still unknown by most people. However, compared with WLAN, it has many advantages in transmission speed and coverage area. This paper will introduce these two technologies and make comparisons between WiMAX and WiFi. In addition, wireless network coexistence of WLAN and WiMAX will be explored through simulation. Lastly we want to discuss the future of WiMAX in relation to WiFi.
Exact network reconstruction from consensus signals and one eigen valueIJCNCJournal
The basic inverse problem in spectral graph theory consists in determining the graph given its eigenvalue
spectrum. In this paper, we are interested in a network of technological agents whose graph is unknown,
communicating by means of a consensus protocol. Recently, the use of artificial noise added to consensus
signals has been proposed to reconstruct the unknown graph, although errors are possible. On the other
hand, some methodologies have been devised to estimate the eigenvalue spectrum, but noise could interfere
with the elaborations. We combine these two techniques in order to simplify calculations and avoid
topological reconstruction errors, using only one eigenvalue. Moreover, we use an high frequency noise to
reconstruct the network, thus it is easy to filter the control signals after the graph identification. Numerical
simulations of several topologies show an exact and robust reconstruction of the graphs.
Comparative analyisis on some possible partnership schemes of global ip excha...IJCNCJournal
IPX (IP eXchange) is GSMA’s proposal for IP interconnection model which supports multi services to offer
end-to-end QoS, security, interoperability, SLAs through a dedicated connection. It provides a commercial
and technical solution to manage IP traffic and follows the GSMA’s 4 key IP interworking principle such as
openness, quality, cascading payments, and efficient connectivity. In order to get global IPX reachability, it
is possible for an IPX provider to build partnership with other global IPX providers in business and
network configuration. There are some possible partnership schemes between IPX providers such as
peering mode, semi-hosted mode, full-hosted mode, or combination between these modes. The
implementation of the schemes will be case-by-case basis with some considerations based on (but not
limited to) IPX Provider’s network asset & coverage, services & features offer, commercial offer, and
customers. For an IPX provider to become competitive in IPX business and become a global IPX hub, some
value added should be considered such as cost efficiency and great network performance. To achieve it, an
IPX provider could implement some strategies such as build network sinergy between them and partners to
develop IPX Service as single offering, offer their customers with bundled access network and services. An
IPX provider should also consider their existing customer-based that can be a benefit to their bargaining
position to other potential IPX provider partners to determine price and business scheme for partnership.
Network coding combined with onion routing for anonymous and secure communica...IJCNCJournal
This paper presents a novel scheme that provides high level of security and privacy in a Wireless Mesh
Network (WMN). We combine an approach of Network Coding with multiple layered encryption of onion routing for a WMN. An added superior feature provides higher level of security and privacy. Sensitive network information is confined to 1-hop neighborhood which is available anyways in a wireless medium with nodes using a bivariate polynomial. The only routing information divulged to a relay node is about next hop. No plain text is ever transmitted and all data can only be decrypted by its source and destination.Prior work finds it difficult to enforce encryption with network coding without divulging in complete
routing information,hence losing privacy and anonymity. We compare our scheme with other existing approach for several networks. The preliminary results show this work to provide superior security and anonymity at low overhead cost.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Refining data security in infrastructurenetworks support of multipath routingeSAT Journals
Abstract An infrastructure network is a self-organizing network with help of Access Point (AP) of wireless links connecting nodes to another. The nodes can communicate without an ad hoc. They form an uninformed topology(BSS/ESS), where the nodes play the role of routers and are free to move randomly. Infrastructure networks proved their efficiency being used in different fields but they are highly vulnerable to security attacks and dealing with this is one of the main challenges of these networks at present.In recent times some clarification are proposed to provide authentication, confidentiality, availability, secure routing and intrusion avoidance in infrastructure networks. Implementing security in such dynamically changing networks is a hard task. Infrastructure network characteristics should be taken into consideration to be clever to design efficient solutions. Here we spotlight on civilizing the flow transmission privacy in infrastructure networks based on multipath routing. Certainly, we take benefit of the being of multiple paths between nodes in an infrastructure network to increase the confidentiality robustness of transmitted data with the help of Access Point. In our approach the original message to secure is split into shares through access point that are encrypted and combined then transmitted along different disjointed existing paths between sender and receiver. Even if an intruderachieve something to get one or more transmitted distribute the likelihood that the unique message will be reconstituted is very squat.
Concealed Data Aggregation with Dynamic Intrusion Detection System to Remove ...csandit
Data Aggregation is a vital aspect in WSNs (Wireless Sensor Networks) and this is because it
reduces the quantity of data to be transmitted over the complex network. In earlier studies
authors used homomorphic encryption properties for concealing statement during aggregation
such that encrypted data can be aggregated algebraically without decrypting them. These
schemes are not applicable for multi applications which lead to proposal of Concealed Data
Aggregation for Multi Applications (CDAMA). It is designed for multi applications, as it
provides secure counting ability. In wireless sensor networks SN are unarmed and are
susceptible to attacks. Considering the defence aspect of wireless environment we have used
DYDOG (Dynamic Intrusion Detection Protocol Model) and a customized key generation
procedure that uses Digital Signatures and also Two Fish Algorithms along with CDAMA for
augmentation of security and throughput. To prove our proposed scheme’s robustness and
effectiveness, we conducted the simulations, inclusive analysis and comparisons at the ending.
ENHANCED THREE TIER SECURITY ARCHITECTURE FOR WSN AGAINST MOBILE SINK REPLI...ijwmn
Recent developments on Wireless Sensor Networks have made their application in a wide range
such as military sensing and tracking, health monitoring, traffic monitoring, video surveillance and so on.
Wireless sensor nodes are restricted to computational resources, and are always deployed in a harsh,
unattended or unfriendly environment. Therefore, network security becomes a tough task and it involves
the authorization of admittance to data in a network. The problem of authentication and pair wise key
establishment in sensor networks with mobile sink is still not solved in the mobile sink replication attacks.
In q-composite key pre distribution scheme, a large number of keys are compromised by capturing a
small fraction of sensor nodes by the attacker. The attacker can easily take a control of the entire network
by deploying a replicated mobile sinks. Those mobile sinks which are preloaded with compromised keys
are used authenticate and initiate data communication with sensor node. To determine the above problem
the system adduces the three-tier security framework for authentication and pair wise key establishment
between mobile sinks and sensor nodes. The previous system used the polynomial key pre distribution
scheme for the sensor networks which handles sink mobility and continuous data delivery to the
neighbouring nodes and sinks, but this scheme makes high computational cost and reduces the life time of
sensors. In order to overcome this problem a random pair wise key pre distribution scheme is suggested
and further it helps to improve the network resilience. In addition to this an Identity Based Encryption is
used to encrypt the data and Mutual authentication scheme is proposed for the identification and
isolation of replicated mobile sink from the network.
Performance and Simulation Study of TheProposed Direct, Indirect Trust Distri...cseij
ABSTRACT
In this paper, we propose a routing protocol that is based on securing the routing information from
unauthorized users. Even though routing protocols of this category are already proposed, they are not
efficient, in the sense that, they use the same kind of encryption algorithms (mostly high level) for every
Bit of routing information they pass from one intermediate node to another in the routing path. The
proposed mechanism is evaluated against selected alternative trust schemes, with the results showing that
our proposal achieves its goals.Our research aims at providing a secure and distributed
authentication service in the ad hoc networks.
LSR PROTOCOL BASED ON NODES POTENTIALITY IN TRUST AND RESIDUAL ENERGY FOR WSNSIJNSA Journal
In Wireless Sensor Networks (WSNs), all the nodes selected for packet routing must be trustworthy, and at the same time energetic too. Smooth conservation of nodes energies and the trust levels, are an important issues in WSN because they directly affects the life span and reliability of the nodes as well as the entire network. The energy utilization at every node must be very smooth and at the same time, packets should be forwarded via trusted nodes only. In this paper, we propose an Energy Efficient Link State Routing Protocol (EELSRP) using the potential nodes selected by applying the fuzzy logic on the trust and residual energy levels. This routing protocol finds the best route by balancing the nodesresidual energies and trust levels, and protects the WSN against routing attacks by eliminating the untrusted nodes before the creation of route.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
USING A DEEP UNDERSTANDING OF NETWORK ACTIVITIES FOR SECURITY EVENT MANAGEMENTIJNSA Journal
With the growing deployment of host-based and network-based intrusion detection systems in increasingly
large and complex communication networks, managing low-level alerts from these systems becomes
critically important. Probes of multiple distributed firewalls (FWs), intrusion detection systems (IDSs) or
intrusion prevention systems (IPSs) are collected throughout a monitored network such that large series of
alerts (alert streams) need to be fused. An alert indicates an abnormal behavior, which could potentially be
a sign for an ongoing cyber attack. Unfortunately, in a real data communication network, administrators
cannot manage the large number of alerts occurring per second, in particular since most alerts are false
positives. Hence, an emerging track of security research has focused on alert correlation to better identify
true positive and false positive. To achieve this goal we introduce Mission Oriented Network Analysis
(MONA). This method builds on data correlation to derive network dependencies and manage security
events by linking incoming alerts to network dependencies.
An efficient approach for secured communication in wireless sensor networks IJECEIAES
Wireless sensor network (WSN) have limited bandwidth, low computational functions, energy constraints. Inspite of these constraints, WSN is useful where communication happens without infrastructure support. The main concern of WSN is the security as the sensor nodes may be attacked and information may be hacked. Security of WSN should have the capability to ensure that the message received was sent by the particular sent node and not modified during transmission. WSN applications require lightweight and strong authentication mechanisms for obtaining data from unprivileged users. In wireless sensor networks, authentication is the effective method to stop unauthorized and undisrupted communication service. In order to strengthen the authenticated communication, several researchers have developed mechanisms. Some of the techniques work with identifying the attacked node or detecting injected bogus message in the network. Encryption and decryption are the popular methods of providing the security. These are based on either public-key or symmetric-key cryptosystems.Many of the existing solutions have limitations in communication and computational expertise. Also, the existing mechanisms lack in providing strength and scalability of the network. In order address these issues; a polynomial based method was introduced in recent days. Key distribution is a significant aspect in key management in WSNs. The simplest method of distribution of key is by hand which was used in the days of couriers. Now a day, most distribution of keys is done automatically. The automatic distribution of keys is essential and convenient in networks that require two parties to transmit their security keys in the same communication medium. In this work, a new type of key exchange mechanism is proposed. The proposed method for authentication among sensor nodes proves to be promising as per the simulation results. The nodes which are unknown to each other setup a private however arbitrary key for the symmetric key cryptosystem.
Key Management Scheme for Secure Group Communication in WSN with Multiple Gr...csandit
Security is one of the inherent challenges in the area of Wireless Sensor Network (WSN). At
present, majority of the security protocols involve massive iterations and complex steps of
encryptions thereby giving rise to degradation of quality of service. Many WSN applications are
based on secure group communication. In this paper, we have proposed a scheme for secure
group key management with simultaneous multiple groups. The scheme uses a key-based
approach for managing the groups and we show that membership change events can be
handled with less storage, communication and computation cost. The scheme also offers
authentication to the messages communicated within and among the groups.
Analysis of wifi and wimax and wireless network coexistenceIJCNCJournal
Wireless networks are very popular nowadays. Wireless Local Area Network (WLAN) that uses the IEEE 802.11 standard and WiMAX (Worldwide Interoperability for Microwave Access) that uses the IEEE802.16 standard are networks that we want to explore. WiMAX has been developed over 10 years, but it is still unknown by most people. However, compared with WLAN, it has many advantages in transmission speed and coverage area. This paper will introduce these two technologies and make comparisons between WiMAX and WiFi. In addition, wireless network coexistence of WLAN and WiMAX will be explored through simulation. Lastly we want to discuss the future of WiMAX in relation to WiFi.
Exact network reconstruction from consensus signals and one eigen valueIJCNCJournal
The basic inverse problem in spectral graph theory consists in determining the graph given its eigenvalue
spectrum. In this paper, we are interested in a network of technological agents whose graph is unknown,
communicating by means of a consensus protocol. Recently, the use of artificial noise added to consensus
signals has been proposed to reconstruct the unknown graph, although errors are possible. On the other
hand, some methodologies have been devised to estimate the eigenvalue spectrum, but noise could interfere
with the elaborations. We combine these two techniques in order to simplify calculations and avoid
topological reconstruction errors, using only one eigenvalue. Moreover, we use an high frequency noise to
reconstruct the network, thus it is easy to filter the control signals after the graph identification. Numerical
simulations of several topologies show an exact and robust reconstruction of the graphs.
Comparative analyisis on some possible partnership schemes of global ip excha...IJCNCJournal
IPX (IP eXchange) is GSMA’s proposal for IP interconnection model which supports multi services to offer
end-to-end QoS, security, interoperability, SLAs through a dedicated connection. It provides a commercial
and technical solution to manage IP traffic and follows the GSMA’s 4 key IP interworking principle such as
openness, quality, cascading payments, and efficient connectivity. In order to get global IPX reachability, it
is possible for an IPX provider to build partnership with other global IPX providers in business and
network configuration. There are some possible partnership schemes between IPX providers such as
peering mode, semi-hosted mode, full-hosted mode, or combination between these modes. The
implementation of the schemes will be case-by-case basis with some considerations based on (but not
limited to) IPX Provider’s network asset & coverage, services & features offer, commercial offer, and
customers. For an IPX provider to become competitive in IPX business and become a global IPX hub, some
value added should be considered such as cost efficiency and great network performance. To achieve it, an
IPX provider could implement some strategies such as build network sinergy between them and partners to
develop IPX Service as single offering, offer their customers with bundled access network and services. An
IPX provider should also consider their existing customer-based that can be a benefit to their bargaining
position to other potential IPX provider partners to determine price and business scheme for partnership.
Network coding combined with onion routing for anonymous and secure communica...IJCNCJournal
This paper presents a novel scheme that provides high level of security and privacy in a Wireless Mesh
Network (WMN). We combine an approach of Network Coding with multiple layered encryption of onion routing for a WMN. An added superior feature provides higher level of security and privacy. Sensitive network information is confined to 1-hop neighborhood which is available anyways in a wireless medium with nodes using a bivariate polynomial. The only routing information divulged to a relay node is about next hop. No plain text is ever transmitted and all data can only be decrypted by its source and destination.Prior work finds it difficult to enforce encryption with network coding without divulging in complete
routing information,hence losing privacy and anonymity. We compare our scheme with other existing approach for several networks. The preliminary results show this work to provide superior security and anonymity at low overhead cost.
In network aggregation using efficient routing techniques for event driven se...IJCNCJournal
Sensors used in applications such as agriculture, weather , etc., monitoring physical parameters like soil moisture, temperature, humidity, will have to sustain their battery power for long intervals of time. In order to accomplish this, parameter which assists in reducing the consumption of power from battery need to be attended to. One of the factors affecting the consumption of energy is transmit and receive power. This energy consumption can be reduced by avoiding unnecessary transmission and reception. Efficient routing techniques and incorporating aggregation whenever possible can save considerable amount of energy. Aggregation reduces repeated transmission of relative values and also reduces lot of computation at the base station. In this paper, the benefits of aggregation over direct transmission in saving the amount of energy consumed is discussed. Routing techniques which assist aggregation are incorporated. Aspects like transmission of average value of sensed data around an area of the network, minimum value in the whole of the network, triggering of event when there is low battery are assimilated.
Performance comparison of mobile ad hoc network routing protocolsIJCNCJournal
Mobile Ad-hoc Network (MANET) is an infrastructure less and decentralized network which need a robust
dynamic routing protocol. Many routing protocols for such networks have been proposed so far to find
optimized routes from source to the destination and prominent among them are Dynamic Source Routing
(DSR), Ad-hoc On Demand Distance Vector (AODV), and Destination-Sequenced Distance Vector (DSDV)
routing protocols. The performance comparison of these protocols should be considered as the primary
step towards the invention of a new routing protocol. This paper presents a performance comparison of
proactive and reactive routing protocols DSDV, AODV and DSR based on QoS metrics (packet delivery
ratio, average end-to-end delay, throughput, jitter), normalized routing overhead and normalized MAC
overhead by using the NS-2 simulator. The performance comparison is conducted by varying mobility
speed, number of nodes and data rate. The comparison results show that AODV performs optimally well
not the best among all the studied protocols.
ON THE OPTIMIZATION OF BITTORRENT-LIKE PROTOCOLS FOR INTERACTIVE ON-DEMAND ST...IJCNCJournal
This paper proposes two novel optimized BitTorrent-like protocols for interactive multimedia streaming: the Simple Interactive Streaming Protocol (SISP) and the Exclusive Interactive Streaming Protocol (EISP). The former chiefly seeks a trade-off between playback continuity and data diversity, while the latter is mostly focused on playback continuity. To assure a thorough and up-to-date approach, related work is carefully examined and important open issues, concerning the design of BitTorrent-like algorithms, are analyzed as well. Through simulations, in a variety of near-real file replication scenarios, the novel protocols are evaluated using distinct performance metrics. Among the major findings, the final results show that the two novel proposals are efficient and, besides, focusing on playback continuity ends up being the best design concept to achieve high quality of service. Lastly, avenues for further research are included at the end of this paper as well
Comparative performance analysis of different modulation techniques for papr ...IJCNCJournal
One of the most important multi-carrier tran
smission techniques used in the latest wireless com
munication
arena is known as Orthogonal Frequency Division Mul
tiplexing (OFDM). It has several characteristics
such as providing greater immunity to multipath fad
ing & impulse noise, eliminating Inter Symbol
Interference (ISI) & Inter Carrier Interference (IC
I) using a guard interval known as Cyclic Prefix (C
P). A
regular difficulty of OFDM signal is high peak to a
verage power ratio (PAPR) which is defined as the r
atio
of the peak power to the average power of OFDM Sign
al. An improved design of amplitude clipping &
filtering technique of us previously reduced signif
icant amount of PAPR with slightly increase bit err
or rate
(BER) compare to an existing method in case of Quad
rature Phase Shift Keying (QPSK) & Quadrature
Amplitude Modulation (QAM). This paper investigates
a comparative performance analysis of the differen
t
higher order modulation techniques on that design.
AN EFFICIENT SPECTRUM SHARING METHOD BASED ON GENETIC ALGORITHM IN HETEROGENE...IJCNCJournal
With advances in wireless communication technologies, users can have rich contents not only via wired
networks but also via wireless networks such as Cellular, WiFi, and WiMAX. On the other hand, however, lack of spectrum resources becomes an important problem for future wireless networks. To overcome this problem, dynamic spectrum access technology receives much attention. In this paper, we propose a novel spectrum sharing method based on genetic algorithm in which a WiFi system temporarily uses a spectrum band of WiMAX system in WiFi/WiMAX integrated networks as a typical
heterogeneous wireless network. Finally, we confirm the effectiveness of the proposed method by simulation experiments
A Secure Data Communication System Using Cryptography and SteganographyIJCNCJournal
The information security has become one of the most significant problems in data communication. So it
becomes an inseparable part of data communication. In order to address this problem, cryptography and
steganography can be combined. This paper proposes a secure communication system. It employs
cryptographic algorithm together with steganography. The jointing of these techniques provides a robust
and strong communication system that able to withstand against attackers. In this paper, the filter bank
cipher is used to encrypt the secret text message, it provide high level of security, scalability and speed.
After that, a discrete wavelet transforms (DWT) based steganography is employed to hide the encrypted
message in the cover image by modifying the wavelet coefficients. The performance of the proposed system
is evaluated using peak signal to noise ratio (PSNR) and histogram analysis. The simulation results show
that, the proposed system provides high level of security.
A child's diet and his nutrition is a growing concern in Mexico. Obesity rates triple in last 3 decades in our
country. Thus, a novel and attractive tool designed for youth is deployed. It has as main objective reduce
this problem in a way friendly and intelligent. It includes a planning system based on propositional logic
named DLVK and a novel architecture that allows us to extend our solution to mobile devices. In this
proposal we consider goal-based agents that use more advanced structured representations and are usually
called planning agents. These agents are supposed to maximize their performance measure. Achieving this
is sometimes simplified if the agent can adopt a goal and aim at satisfying it. Thus, first we present the
well-known problem called The Wumpus world. Second, present an application to assist in the solution of
Nutrition in Mexico. Planning for nourishing using DLVK implemented for mobile devices through the WAP
protocol using GPRS service is deployed. Both problems viewed as a logic program (into DLVK) whose
answer sets corresponds to solutions. Plans correspond to answer sets for these programs, in the spirit of
answer set programming.
A preliminary evaluation of bandwidth allocation model dynamic switchingIJCNCJournal
Bandwidth Allocation Models (BAMs) are used in orde
r to define Bandwidth Constraints (BCs) in a per-
class basis for MPLS/DS-TE networks and effectively
define how network resources like bandwidth are
obtained and shared by applications. The BAMs propo
sed (MAM – Maximum Allocation Model, RDM –
Russian Dolls Model, G-RDM – Generic RDM and AllocT
C-Sharing) attempt to optimize the use of
bandwidth resources on a per-link basis with differ
ent allocation and resource sharing characteristics
. As
such, the adoption of distinct BAMs and/or changes
in network resource demands (network traffic profil
e)
may result in different network traffic allocation
and operational behavior for distinct BAMs. This pa
per
evaluates the resulting network characteristics (li
nk utilization, preemption and flows blocking) of u
sing
BAMs dynamically with different traffic scenarios.
In brief, it is investigated the dynamics of BAM
switching with distinct traffic scenarios. The pape
r presents initially the investigated BAMs in relat
ion to
their behavior and resource allocation characterist
ics. Then, distinct BAMs are compared using differe
nt
traffic scenarios in order to investigate the impac
t of a dynamic change of the BAM configured in the
network. Finally, the paper shows that the adoption
of a dynamic BAM allocation strategy may result in
benefits for network operation in terms of link uti
lization, preemption and flows blocking.
Peak detection using wavelet transformIJCNCJournal
A new work based-wavelet transform is designed to overcome one of the main drawbacks that found in the
present new technologies. Orthogonal Frequency Division Multiplexing (OFDM)is proposed in the
literature to enhance the multimedia resolution. However, the high peak power (PAPR) values will obstruct
such achievements. Therefore, a new proposition is found in this work, making use of the wavelet
transforms methods, and it is divided into three main stages; de-noising stage, thresholding stage and then
the replacement stage.
In order to check the system stages validity; a mathematical model has been built and its checked after
using a MATLAB simulation. A simulated bit error rate (BER) achievement will be compared with our
previously published work, where an enhancement from 8×10-1 to be 5×10-1 is achieved. Moreover, these
results will be compared to the work found in the literature, where we have accomplished around 27%
PAPR extra reduction.
As a result, the BER performance has been improved for the same bandwidth occupancy. Moreover and
due to the de-noise stage, the verification rate has been improved to reach 81%. This is in addition to the
noise immunity enhancement.
A Key Management Approach For Wireless Sensor NetworksZac Darcy
In this paper we presenta key management approach for wireless sensor networks. This approach
facilitating an efficient scalable post-distribution key establishment that provides different security services.
We have developed and tested this approach under TinyOs. Result shows that this approach provides
acceptable resistance against node capture attacks and replay attacks. The provision of security services is
completely transparent to the user of the WSNs. Furthermore, being highly scalable and lightweight, this
approach is appropriate to be used in a wireless sensor network of hundreds of nodes.
A Key Management Approach For Wireless Sensor NetworksZac Darcy
In this paper we presenta key management approach for wireless sensor networks. This approach
facilitating an efficient scalable post-distribution key establishment that provides different security services.
We have developed and tested this approach under TinyOs. Result shows that this approach provides
acceptable resistance against node capture attacks and replay attacks. The provision of security services is
completely transparent to the user of the WSNs. Furthermore, being highly scalable and lightweight, this
approach is appropriate to be used in a wireless sensor network of hundreds of nodes.
Data Transfer Security solution for Wireless Sensor NetworkEditor IJCATR
WSN is a wide growth area for specific resource limited application. Factor associated with technology like, the encryption
security, operating speed and power consumption for network. Here, we introduce a mechanism for secure transferring of data is WSN
and various security related issues. This energy-efficient encryption is a secure communication framework in which an algorithm is
used to encode the sensed data using like, RC5, AES and CAST Algorithm. The proposed scheme is most suitable for wireless sensor
networks that incorporate data centric routing protocols. An algorithm in sensor network is help to designers predict security
performance under a set of constraints for WSNs. This symmetric key function is used to guarantee secure communications between
in-network nodes and reliable operation cost. RC5 is good on the code point of view, but the key schedule consumes more resource
time for efficient security aspects.
Different Approaches for Secure and Efficient Key Management in Mobile Ad-Hoc...Editor IJMTER
A Mobile Ad-hoc Network (MANET) is a self configuring infrastructure less network of
mobile devices conducted by wireless. Each device in a MANET is free to move independently in any
direction and its change the link to other devices frequently. MANET includes both challenges and
opportunities in achieving security goals such as confidentiality, integrity and non repudiation. Key
management is a central component in MANAET security, the purpose of key management is to provide
secure procedures for handling cryptography key materials. Distributed key management is proposed
and deduces the condition under which the key sets distributed to the network nodes to provide MANET
security. Various key management schemes are discussed for secure wireless sensor network
communication. Peer Intermediaries for Key Establishment (PIKE), a class of key establishment
protocols that involves using one or more sensor nodes as a trusted intermediary to facilitate key
establishment. Pike protocols scale sub linearity with the number of nodes in the network and achieving
higher security against node compromise than other protocols. Authenticated Routing for Ad-hoc
Networks (ARAN) is proposed to detect and protect against malicious actions by third parties. ARAN
has minimal Performance costs for the increased security in terms of processing and networking
overhead. Self-organized Key Management is to propose cryptography procedures to make secure
transactions.
Cluster Based Misbehaviour Detection and Authentication Using Threshold Crypt...CSCJournals
In mobile ad hoc networks, the misbehaving nodes can cause dysfunction in the network resulting in damage of other nodes. In order to establish secure communication with the group members of a network, use of a shared group key for confidentiality and authentication is required. Distributing the shares of secret group key to the group members securely is another challenging task in MANET. In this paper, we propose a Cluster Based Misbehavior Detection and Authentication scheme using threshold cryptography in MANET. For secure data transmission, when any node requests a certificate from a cluster head (CH), it utilizes a threshold cryptographic technique to issue the certificate to the requested node for authentication. The certificate of a node is renewed or rejected by CH, based on its trust counter value. An acknowledgement scheme is also included to detect and isolate the misbehaving nodes. By simulation results, we show that the proposed approach reduces the overhead.
AN ANTI-CLONE ATTACK KEY MANAGEMENT SCHEME FOR WIRELESS SENSOR NETWORKScsandit
Wireless Sensor Networks (WSNs) are subject to various kinds of attacks such as replaying of
messages, battery exhausting, and nodes compromising. While most of these attacks can be
dealt with through cryptographic security protocols provided by key management schemes,
there are always a few that manage to really cause problems. One such attack that is most
common and significant in WSNs is cloning attack. In clone attack, the intruder tries to capture
and compromise some nodes and inject them into several locations throughout the network in
order to conduct other types of attacks. Moreover, if this attack is not detected early, then these
replicated injected nodes will consume a large amount of the network resources. In this paper,
we analyze several key management schemes that can be used for checking integrity and
preventing cloning attacks. After analyzing the problems associated with these schemes, we
propose a model that allows us to distinguish between legitimate nodes and cloned nodes in
such sensor networks.
2.espk external agent authentication and session key establishment using publ...EditorJST
Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed and deployed in a un attend environment, these are vulnerable to numerous security threats. In this paper, describe the design and implementation of public-key-(PK)-based protocols that allow authentication and session key establishment between a sensor network and a third party. WSN have limitations on computational capacity, battery etc which provides scope for challenging problems. We fundamentally focused on the security issue of WSNs The proposed protocol is efficient and secure in compared to other public key based protocols in WSNs.
AggreLEACH: Enhance Privacy Preserving in Wireless Sensor Networkijsrd.com
Privacy preservation is an important issue in today's context of extreme penetration of internet and mobile technology. It is more important in the case of wireless sensor network where collected data often requires in network processing and collaborative computing. Security is always booming in wireless sensor network. Privacy preserving data aggregation emerged as an important concern in designing data aggregation algorithm. Encryption schemes that support operation over cipher text are of utmost for wireless sensor networks & especially in LEACH protocol. The salient limit of LEACH is energy. Due to this limitation, it seems important to design Confidentiality scheme for WSN so that sensing data can be transmitted to the receiver securely and efficiently and the energy consumed must be minimum hence we proposed AggreLEACH in which confidentiality scheme i.e. holomorphic encryption is added to LEACH protocol. In holomorphic encryption data can be aggregated without decryption and hence less energy consumption. The objective is to provide secure data transmission between sensor node and aggregator. Simulation result are obtain in terms of two metrics- total energy Consumed of node, life-time of node. It is observed that the performance of AggreLEACH compare to LEACH. We have performed theoretical analysis as well as simulation to check the performance in terms of accuracy, complexity and security.
NEW ALGORITHM FOR WIRELESS NETWORK COMMUNICATION SECURITYijcisjournal
This paper evaluates the security of wireless communication network based on the fuzzy logic in Mat lab. A new algorithm is proposed and evaluated which is the hybrid algorithm. We highlight the valuable assets in designing of wireless network communication system based on network simulator (NS2), which is crucial to protect security of the systems. Block cipher algorithms are evaluated by using fuzzy logics and a hybrid
algorithm is proposed. Both algorithms are evaluated in term of the security level. Logic (AND) is used in the rules of modelling and Mamdani Style is used for the evaluations
Certain Investigations on Security Issues in Smart Grid over Wireless Communi...IJTET Journal
Smart Grid (SG) communication has recently received significant attentions to facilitate intelligent and distributed electric power transmission systems. The advent of the smart grid promises to user in an era that will bring intelligence, efficiency, and optimality to the power grid. Most of these challenges will occur as an Internet-like communications network is super imposed on top of the current power grid using wireless mesh network technologies with the 802.15.4, 802.11 and WiMAX Standards. Each of these will expose the power grid to security threats. Wireless communication offers the benefits of low cost, rapid deployment, shared communication medium, and mobility. It causes many security and privacy challenges. The concept of dynamic secret is applied to design an encryption scheme for smart grid in wireless communication. Between two parties of communication, the previous packets are coded as retransmission sequence, where retransmitted packet is marked as ―1‖ and the other is marked as ―0‖.During the communication, the retransmission sequence is generated at both sides to update the dynamic encryption key. Any missing or misjudging sequence would prevent the adversary from achieving key. A Smart Grid platform is built, employing the ZigBee protocol for wireless communication. The Simulation results show that the retransmission and packet loss in ZigBee communication are inevitable and unpredictable and it is impossible of the adversary to track the updating of dynamic encryption key. Even though the DES scheme can protect the encryption key from attackers, the hackers can obtain the keys some time, due to the block size 64 bits used by DES that makes the adversary (hacker) to hack the data. It introduces vulnerabilities and liner crypt analysis; this can be achieved by using AES scheme. The AES uses 128 bits block size for a single encryption key a data of 256 billion gigabytes can be transmitted thus its provide much more safety to user from hacker and it reduces the end to end delay and increases packet transmission rate.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
REAL-TIME MODE HOPPING OF BLOCK CIPHER ALGORITHMS FOR MOBILE STREAMINGijwmn
It has been shown that the encrypted information or ciphertext produced by symmetric-key block ciphers
with Electronic codebook mode is vulnerable to ciphertext searching, replay, insertion and deletion
because it encrypts each block independently. To compensate for this, each block of the encrypted
information should be encrypted dependently. The encrypted information should be operated with a
special mode. The operation mode should be changed. This paper analysis what an operational mode of
block ciphers needs to feedback exactly and proposes a simple real-time changing operation mode
technique that extends the existing mode changing opportunity. The new change operation mode
technique considers the sign differences between the intra-feedback information and the public-feedback
information, and then adaptively determines the corresponding change operation mode factor for each
data block. This mode hopping technique for mobile streaming security is highly suitable for recent block
computing in future various environments.
A NEW KEY ESTABLISHMENT SCHEME FOR WIRELESS SENSOR NETWORKSIJNSA Journal
Traditional key management techniques, such as public key cryptography or key distribution center (e.g., Kerberos), are often not effective for wireless sensor networks for the serious limitations in terms of computational power, energy supply, network bandwidth. In order to balance the security and efficiency, we propose a new scheme by employing LU Composition techniques for mutual authenticated pairwise key establishment and integrating LU Matrix with Elliptic Curve Diffie-Hellman for anonymous pathkey establishment. At the meantime, it is able to achieve efficient group key agreement and management. Analysis shows that the new scheme has better performance and provides authenticity and anonymity for sensor to establish multiple kinds of keys, compared with previous related works.
Random Key Pre-distribution Schemes using Multi-Path in Wireless Sensor Networksijceronline
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
A SURVEY ON WIRELESS SENSOR NETWORKS SECURITY WITH THE INTEGRATION OF CLUSTER...cscpconf
Keying technique in Wireless Sensor Networks(WSNs) is one of the most emerging fields ofWSN security. In order to provide security on WSN, the role of Key distribution technique is
considered to be very significant and thus the key management plays a crucial and fundamentalroles in the security service of WSNs. This paper reviews pairwise key establishment techniquealong with the architecture and the environment of WSN. The cluster based group key
agreement protocols for infrastructure base WSN are discussed in this paper. This paper also
reviews how the security can be provided to WSNs with the integration of clustering and keying
techniques. The survey also provides a more detailed discussion on the comparison between different cluster based group key agreement protocols.
A survey on wireless sensor networks security with the integration of cluster...csandit
Keying technique in Wireless Sensor Networks(WSNs) is one of the most emerging fields of
WSN security. In order to provide security on WSN, the role of Key distribution technique is
considered to be very significant and thus the key management plays a crucial and fundamental
roles in the security service of WSNs. This paper reviews pairwise key establishment technique
along with the architecture and the environment of WSN. The cluster based group key
agreement protocols for infrastructure base WSN are discussed in this paper. This paper also
reviews how the security can be provided to WSNs with the integration of clustering and keying
techniques. The survey also provides a more detailed discussion on the comparison between
different cluster based group key agreement protocols.
Vehicle Ad Hoc Networks (VANETs) have become a viable technology to improve traffic flow and safety on the roads. Due to its effectiveness and scalability, the Wingsuit Search-based Optimised Link State Routing Protocol (WS-OLSR) is frequently used for data distribution in VANETs. However, the selection of MultiPoint Relays (MPRs) plays a pivotal role in WS-OLSR's performance. This paper presents an improved MPR selection algorithm tailored to WS-OLSR, designed to enhance the overall routing efficiency and reduce overhead. The analysis found that the current OLSR protocol has problems such as redundancy of HELLO and TC message packets or failure to update routing information in time, so a WS-OLSR routing protocol based on improved-MPR selection algorithm was proposed. Firstly, factors such as node mobility and link changes are comprehensively considered to reflect network topology changes, and the broadcast cycle of node HELLO messages is controlled through topology changes. Secondly, a new MPR selection algorithm is proposed, considering link stability issues and nodes. Finally, evaluate its effectiveness in terms of packet delivery ratio, end-to-end delay, and control message overhead. Simulation results demonstrate the superior performance of our improved MR selection algorithm when compared to traditional approaches.
A Novel Medium Access Control Strategy for Heterogeneous Traffic in Wireless ...IJCNCJournal
So far, Wireless Body Area Networks (WBANs) have played a pivotal role in driving the development of intelligent healthcare systems with broad applicability across various domains. Each WBAN consists of one or more types of sensors that can be embedded in clothing, attached directly to the body, or even implanted beneath an individual's skin. These sensors typically serve asingle application. However, the traffic generated by each sensor may have distinct requirements. This diversity necessitates a dual approach: tailored treatment based on the specific needs of each traffic typeand the fulfillment of application requirements, such asreliability and timeliness. Never the less, the presence of energy constraints and the unreliable nature of wireless communications make QoS provisioning under such networks a non-trivial task. In this context, the current paper introduces a novel Medium AccessControl (MAC) strategy for the regular traffic applications of WBANs, designed to significantly enhance efficiency when compared to the established MAC protocols IEEE 802.15.4 and IEEE 802.15.6, with a particular focus on improving reliability, timeliness, and energy efficiency.
May_2024 Top 10 Read Articles in Computer Networks & Communications.pdfIJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
A Topology Control Algorithm Taking into Account Energy and Quality of Transm...IJCNCJournal
The efficient use of energy in wireless sensor networks is critical for extending node lifetime. The network topology is one of the factors that have a significant impact on the energy usage at the nodes and the quality of transmission (QoT) in the network. We propose a topology control algorithm for software-defined wireless sensor networks (SDWSNs) in this paper. Our method is to formulate topology control algorithm as a nonlinear programming (NP) problem with the objective to optimizing two metrics, maximum communication range, and desired degree. This NP problem is solved at the SDWSN controller by employing the genetic algorithm (GA) to determine the best topology. The simulation results show that the proposed algorithm outperforms the MaxPower algorithm in terms of average node degree and energy expansion ratio.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Advanced Privacy Scheme to Improve Road Safety in Smart Transportation SystemsIJCNCJournal
In -Vehicle Ad-Hoc Network (VANET), vehicles continuously transmit and receive spatiotemporal data with neighboring vehicles, thereby establishing a comprehensive 360-degree traffic awareness system. Vehicular Network safety applications facilitate the transmission of messages between vehicles that are near each other, at regular intervals, enhancing drivers' contextual understanding of the driving environment and significantly improving traffic safety. Privacy schemes in VANETs are vital to safeguard vehicles’ identities and their associated owners or drivers. Privacy schemes prevent unauthorized parties from linking the vehicle's communications to a specific real-world identity by employing techniques such as pseudonyms, randomization, or cryptographic protocols. Nevertheless, these communications frequently contain important vehicle information that malevolent groups could use to Monitor the vehicle over a long period. The acquisition of this shared data has the potential to facilitate the reconstruction of vehicle trajectories, thereby posing a potential risk to the privacy of the driver. Addressing the critical challenge of developing effective and scalable privacy-preserving protocols for communication in vehicle networks is of the highest priority. These protocols aim to reduce the transmission of confidential data while ensuring the required level of communication. This paper aims to propose an Advanced Privacy Vehicle Scheme (APV) that periodically changes pseudonyms to protect vehicle identities and improve privacy. The APV scheme utilizes a concept called the silent period, which involves changing the pseudonym of a vehicle periodically based on the tracking of neighboring vehicles. The pseudonym is a temporary identifier that vehicles use to communicate with each other in a VANET. By changing the pseudonym regularly, the APV scheme makes it difficult for unauthorized entities to link a vehicle's communications to its real-world identity. The proposed APV is compared to the SLOW, RSP, CAPS, and CPN techniques. The data indicates that the efficiency of APV is a better improvement in privacy metrics. It is evident that the AVP offers enhanced safety for vehicles during transportation in the smart city.
April 2024 - Top 10 Read Articles in Computer Networks & CommunicationsIJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
DEF: Deep Ensemble Neural Network Classifier for Android Malware DetectionIJCNCJournal
Malware is one of the threats to security of computer networks and information systems. Since malware instances are available sufficiently, there is increased interest among researchers on usage of Artificial Intelligence (AI). Of late AI-enabled methods such as machine learning (ML) and deep learning paved way for solving many real-world problems. As it is a learning-based approach, accumulated training samples help in improving thequality of training and thus leveraging malware detection accuracy. Existing deep learning methods are focusing on learning-based malware detection systems. However, there is need for improving the state of the art through ensemble approach. Towards this end, in this paper we proposed a framework known as Deep Ensemble Framework (DEF) for automatic malware detection. The framework obtains features from training samples. From given malware instance a grayscale image is generated. There is another process to extract the opcode sequences. Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM) techniques are used to obtain grayscale image and opcode sequence respectively. Afterwards, a stacking ensemble is employed in order to achieve efficient malware detection and classification. Malware samples collected fromthe Internet sources and Microsoft are used for theempirical study. An algorithm known as Ensemble Learning for Automatic Malware Detection (EL-AML) is proposed to realize our framework. Another algorithm named Pre-Process is proposed to assist the EL-AML algorithm for obtaining intermediate features required by CNN and LSTM.Empirical study reveals that our framework outperforms many existing methods in terms of speed-up and accuracy.
High Performance NMF Based Intrusion Detection System for Big Data IOT TrafficIJCNCJournal
With the emergence of smart devices and the Internet of Things (IoT), millions of users connected to the network produce massive network traffic datasets. These vast datasets of network traffic, Big Data are challenging to store, deal with and analyse using a single computer. In this paper we developed parallel implementation using a High Performance Computer (HPC) for the Non-Negative Matrix Factorization technique as an engine for an Intrusion Detection System (HPC-NMF-IDS). The large IoT traffic datasets of order of millions samples are distributed evenly on all the computing cores for both storage and speedup purpose. The distribution of computing tasks involved in the Matrix Factorization takes into account the reduction of the communication cost between the computing cores. The experiments we conducted on the proposed HPC-IDS-NMF give better results than the traditional ML-based intrusion detection systems. We could train the HPC model with datasets of one million samples in only 31 seconds instead of the 40 minutes using one processor), that is a speed up of 87 times. Moreover, we have got an excellent detection accuracy rate of 98% for KDD dataset.
A Novel Medium Access Control Strategy for Heterogeneous Traffic in Wireless ...IJCNCJournal
So far, Wireless Body Area Networks (WBANs) have played a pivotal role in driving the development of intelligent healthcare systems with broad applicability across various domains. Each WBAN consists of one or more types of sensors that can be embedded in clothing, attached directly to the body, or even implanted beneath an individual's skin. These sensors typically serve asingle application. However, the traffic generated by each sensor may have distinct requirements. This diversity necessitates a dual approach: tailored treatment based on the specific needs of each traffic typeand the fulfillment of application requirements, such asreliability and timeliness. Never the less, the presence of energy constraints and the unreliable nature of wireless communications make QoS provisioning under such networks a non-trivial task. In this context, the current paper introduces a novel Medium AccessControl (MAC) strategy for the regular traffic applications of WBANs, designed to significantly enhance efficiency when compared to the established MAC protocols IEEE 802.15.4 and IEEE 802.15.6, with a particular focus on improving reliability, timeliness, and energy efficiency.
A Topology Control Algorithm Taking into Account Energy and Quality of Transm...IJCNCJournal
The efficient use of energy in wireless sensor networks is critical for extending node lifetime. The network topology is one of the factors that have a significant impact on the energy usage at the nodes and the quality of transmission (QoT) in the network. We propose a topology control algorithm for software-defined wireless sensor networks (SDWSNs) in this paper. Our method is to formulate topology control algorithm as a nonlinear programming (NP) problem with the objective to optimizing two metrics, maximum communication range, and desired degree. This NP problem is solved at the SDWSN controller by employing the genetic algorithm (GA) to determine the best topology. The simulation results show that the proposed algorithm outperforms the MaxPower algorithm in terms of average node degree and energy expansion ratio.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Advanced Privacy Scheme to Improve Road Safety in Smart Transportation SystemsIJCNCJournal
In -Vehicle Ad-Hoc Network (VANET), vehicles continuously transmit and receive spatiotemporal data with neighboring vehicles, thereby establishing a comprehensive 360-degree traffic awareness system. Vehicular Network safety applications facilitate the transmission of messages between vehicles that are near each other, at regular intervals, enhancing drivers' contextual understanding of the driving environment and significantly improving traffic safety. Privacy schemes in VANETs are vital to safeguard vehicles’ identities and their associated owners or drivers. Privacy schemes prevent unauthorized parties from linking the vehicle's communications to a specific real-world identity by employing techniques such as pseudonyms, randomization, or cryptographic protocols. Nevertheless, these communications frequently contain important vehicle information that malevolent groups could use to Monitor the vehicle over a long period. The acquisition of this shared data has the potential to facilitate the reconstruction of vehicle trajectories, thereby posing a potential risk to the privacy of the driver. Addressing the critical challenge of developing effective and scalable privacy-preserving protocols for communication in vehicle networks is of the highest priority. These protocols aim to reduce the transmission of confidential data while ensuring the required level of communication. This paper aims to propose an Advanced Privacy Vehicle Scheme (APV) that periodically changes pseudonyms to protect vehicle identities and improve privacy. The APV scheme utilizes a concept called the silent period, which involves changing the pseudonym of a vehicle periodically based on the tracking of neighboring vehicles. The pseudonym is a temporary identifier that vehicles use to communicate with each other in a VANET. By changing the pseudonym regularly, the APV scheme makes it difficult for unauthorized entities to link a vehicle's communications to its real-world identity. The proposed APV is compared to the SLOW, RSP, CAPS, and CPN techniques. The data indicates that the efficiency of APV is a better improvement in privacy metrics. It is evident that the AVP offers enhanced safety for vehicles during transportation in the smart city.
DEF: Deep Ensemble Neural Network Classifier for Android Malware DetectionIJCNCJournal
Malware is one of the threats to security of computer networks and information systems. Since malware instances are available sufficiently, there is increased interest among researchers on usage of Artificial Intelligence (AI). Of late AI-enabled methods such as machine learning (ML) and deep learning paved way for solving many real-world problems. As it is a learning-based approach, accumulated training samples help in improving thequality of training and thus leveraging malware detection accuracy. Existing deep learning methods are focusing on learning-based malware detection systems. However, there is need for improving the state of the art through ensemble approach. Towards this end, in this paper we proposed a framework known as Deep Ensemble Framework (DEF) for automatic malware detection. The framework obtains features from training samples. From given malware instance a grayscale image is generated. There is another process to extract the opcode sequences. Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM) techniques are used to obtain grayscale image and opcode sequence respectively. Afterwards, a stacking ensemble is employed in order to achieve efficient malware detection and classification. Malware samples collected fromthe Internet sources and Microsoft are used for theempirical study. An algorithm known as Ensemble Learning for Automatic Malware Detection (EL-AML) is proposed to realize our framework. Another algorithm named Pre-Process is proposed to assist the EL-AML algorithm for obtaining intermediate features required by CNN and LSTM.Empirical study reveals that our framework outperforms many existing methods in terms of speed-up and accuracy.
High Performance NMF based Intrusion Detection System for Big Data IoT TrafficIJCNCJournal
With the emergence of smart devices and the Internet of Things (IoT), millions of users connected to the network produce massive network traffic datasets. These vast datasets of network traffic, Big Data are challenging to store, deal with and analyse using a single computer. In this paper we developed parallel implementation using a High Performance Computer (HPC) for the Non-Negative Matrix Factorization technique as an engine for an Intrusion Detection System (HPC-NMF-IDS). The large IoT traffic datasets of order of millions samples are distributed evenly on all the computing cores for both storage and speedup purpose. The distribution of computing tasks involved in the Matrix Factorization takes into account the reduction of the communication cost between the computing cores. The experiments we conducted on the proposed HPC-IDS-NMF give better results than the traditional ML-based intrusion detection systems. We could train the HPC model with datasets of one million samples in only 31 seconds instead of the 40 minutes using one processor), that is a speed up of 87 times. Moreover, we have got an excellent detection accuracy rate of 98% for KDD dataset.
IoT Guardian: A Novel Feature Discovery and Cooperative Game Theory Empowered...IJCNCJournal
Cyber intrusion attacks increasingly target the Internet of Things (IoT) ecosystem, exploiting vulnerable devices and networks. Malicious activities must be identified early to minimize damage and mitigate threats. Using actual benign and attack traffic from the CICIoT2023 dataset, this WORK aims to evaluate and benchmark machine-learning techniques for IoT intrusion detection. There are four main phases to the system. First, the CICIoT2023 dataset is refined to remove irrelevant features and clean up missing and duplicate data. The second phase employs statistical models and artificial intelligence to discover novel features. The most significant features are then selected in the third phase based on cooperative game theory. Using the original CICIoT2023 dataset and a dataset containing only novel features, we train and evaluate a variety of machine learning classifiers. On the original dataset, Random Forest achieved the highest accuracy of 99%. Still, with novel features, Random Forest's performance dropped only slightly (96%) while other models achieved significantly lower accuracy. As a whole, the work contributes substantial contributions to tailored feature engineering, feature selection, and rigorous benchmarking of IoT intrusion detection techniques. IoT networks and devices face continuously evolving threats, making it necessary to develop robust intrusion detection systems.
Enhancing Traffic Routing Inside a Network through IoT Technology & Network C...IJCNCJournal
IoT networking uses real items as stationary or mobile nodes. Mobile nodes complicate networking. Internet of Things (IoT) networks have a lot of control overhead messages because devices are mobile. These signals are generated by the constant flow of control data as such device identity, geographical positioning, node mobility, device configuration, and others. Network clustering is a popular overhead communication management method. Many cluster-based routing methods have been developed to address system restrictions. Node clustering based on the Internet of Things (IoT) protocol, may be used to cluster all network nodes according to predefined criteria. Each cluster will have a Smart Designated Node. SDN cluster management is efficient. Many intelligent nodes remain in the network. The network design spreads these signals. This paper presents an intelligent and responsive routing approach for clustered nodes in IoT networks. An existing method builds a new sub-area clustered topology. The Nodes Clustering Based on the Internet of Things (NCIoT) method improves message transmission between any two nodes. This will facilitate the secure and reliable interchange of healthcare data between professionals and patients. NCIoT is a system that organizes nodes in the Internet of Things (IoT) by grouping them together based on their proximity. It also picks SDN routes for these nodes. This approach involves selecting one option from a range of choices and preparing for likely outcomes problem addressing limitations on activities is a primary focus during the review process. Predictive inquiry employs the process of analyzing data to forecast and anticipate future events. This document provides an explanation of compact units. The Predictive Inquiry Small Packets (PISP) improved its backup system and partnered with SDN to establish a routing information table for each intelligent node, resulting in higher routing performance. Both principal and secondary roads are available for use. The simulation findings indicate that NCIoT algorithms outperform CBR protocols. Enhancements lead to a substantial 78% boost in network performance. In addition, the end-to-end latency dropped by 12.5%. The PISP methodology produces 5.9% more inquiry packets compared to alternative approaches. The algorithms are constructed and evaluated against academic ones.
IoT Guardian: A Novel Feature Discovery and Cooperative Game Theory Empowered...IJCNCJournal
Cyber intrusion attacks increasingly target the Internet of Things (IoT) ecosystem, exploiting vulnerable devices and networks. Malicious activities must be identified early to minimize damage and mitigate threats. Using actual benign and attack traffic from the CICIoT2023 dataset, this WORK aims to evaluate and benchmark machine-learning techniques for IoT intrusion detection. There are four main phases to the system. First, the CICIoT2023 dataset is refined to remove irrelevant features and clean up missing and duplicate data. The second phase employs statistical models and artificial intelligence to discover novel features. The most significant features are then selected in the third phase based on cooperative game theory. Using the original CICIoT2023 dataset and a dataset containing only novel features, we train and evaluate a variety of machine learning classifiers. On the original dataset, Random Forest achieved the highest accuracy of 99%. Still, with novel features, Random Forest's performance dropped only slightly (96%) while other models achieved significantly lower accuracy. As a whole, the work contributes substantial contributions to tailored feature engineering, feature selection, and rigorous benchmarking of IoT intrusion detection techniques. IoT networks and devices face continuously evolving threats, making it necessary to develop robust intrusion detection systems.
** Connect, Collaborate, And Innovate: IJCNC - Where Networking Futures Take ...IJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
Enhancing Traffic Routing Inside a Network through IoT Technology & Network C...IJCNCJournal
IoT networking uses real items as stationary or mobile nodes. Mobile nodes complicate networking. Internet of Things (IoT) networks have a lot of control overhead messages because devices are mobile. These signals are generated by the constant flow of control data as such device identity, geographical positioning, node mobility, device configuration, and others. Network clustering is a popular overhead communication management method. Many cluster-based routing methods have been developed to address system restrictions. Node clustering based on the Internet of Things (IoT) protocol, may be used to cluster all network nodes according to predefined criteria. Each cluster will have a Smart Designated Node. SDN cluster management is efficient. Many intelligent nodes remain in the network. The network design spreads these signals. This paper presents an intelligent and responsive routing approach for clustered nodes in IoT networks. An existing method builds a new sub-area clustered topology. The Nodes Clustering Based on the Internet of Things (NCIoT) method improves message transmission between any two nodes. This will facilitate the secure and reliable interchange of healthcare data between professionals and patients. NCIoT is a system that organizes nodes in the Internet of Things (IoT) by grouping them together based on their proximity. It also picks SDN routes for these nodes. This approach involves selecting one option from a range of choices and preparing for likely outcomes problem addressing limitations on activities is a primary focus during the review process. Predictive inquiry employs the process of analyzing data to forecast and anticipate future events. This document provides an explanation of compact units. The Predictive Inquiry Small Packets (PISP) improved its backup system and partnered with SDN to establish a routing information table for each intelligent node, resulting in higher routing performance. Both principal and secondary roads are available for use. The simulation findings indicate that NCIoT algorithms outperform CBR protocols. Enhancements lead to a substantial 78% boost in network performance. In addition, the end-to-end latency dropped by 12.5%. The PISP methodology produces 5.9% more inquiry packets compared to alternative approaches. The algorithms are constructed and evaluated against academic ones.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Embracing GenAI - A Strategic ImperativePeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Ijcnc050210
1. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
A PAIR-WISE KEY ESTABLISHMENT SCHEME FOR
AD HOC NETWORKS
Isra Sitan Al-Qasrawi1 and Obaida Mohammed Al-Hazaimeh2
1
Department of Information Technology, Al-balqa' Applied University,
AL-Huson University College, Irbid, Jordan.
israonnet@yahoo.com
2
Department of Information Technology, Al-balqa' Applied University,
AL-Huson University College, Irbid, Jordan.
dr_obaidam@yahoo.com
ABSTRACT
Ad hoc networks are a new wireless networking. However, these kinds of networks do not have an
underlying fixed infrastructure as well as tend to be vulnerable to a number of attacks due to dynamic
network topology and the lack of centralized network management functionality. In this paper, we have
proposed a new scheme that will allow two ad hoc nodes to establish a pair-wise shared key on the fly
(dynamic) during any stage of the network operations based on cellular automata (CA) rules without
requiring the use of on-line key distribution centre. Our proposed scheme consists of a simple, but strong
to provide a secure communication against node compromise due to pair-wise key establishment. In
addition, the proposed scheme is computationally efficient because it only relies on simple symmetric key
cryptography with high randomness, and meets desired levels of high reliability with low storage
requirements.
KEYWORDS
Ad Hoc networks, Pair-wise key establishment, Cellular Automata (CA), Key Pre-Distribution (KPD)
1. INTRODUCTION
Key management is one of the most important issues of any secure communication in any type of
network. It provides a way to maintaining the confidentiality of information from unauthorized
users. Keys are fixed length streams of random bits, which are known to only the authorized
nodes. Sender node encrypts information in the key to produce a stream of bits, which does not
reveal anything about the original information. Only particular receiver can come to know the
original information. For that reason, keys must be managed securely and efficiently. Key
management of any computer network depends upon its characteristics, limitations and
applications [1]. A wireless ad hoc network is a decentralized wireless network. It does not rely
on a preexisting infrastructure, such as access points in managed wireless networks. Instead, each
node participates in routing by forwarding data for other nodes, and so the determination of which
nodes forward data is made dynamically based on the network connectivity. These nodes are
small, with low power and low storage capacity. Quick deployment and minimal configuration
make ad hoc networks very suitable for emergency situations like military conflicts and natural
disasters. Such strong characteristics and critical demands make key management a non-trivial
problem in ad hoc networks.
DOI : 10.5121/ijcnc.2013.5210 125
2. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
Public key cryptography may provide some help in solving this problem, but most of Ad hoc
networks cannot afford to deploy public key cryptosystems due to the high overheads of storage,
communication, and computation.
Public key cryptography uses up more computer resources (i.e. memory, energy, etc). Therefore,
it is not suitable for ad hoc networks. i.e. 512-bit RSA signature generation takes 2 − 6 seconds on
a Palm Pilot, and generating a 1024-bit key can take as long as 15 minutes. Consequently, it is
better to use symmetric key cryptography [1].
The most important issue when using symmetric keys to providing secure communication is key
distribution. Key distribution in Ad Hoc networks is more difficult than in traditional wired
networks due to connectivity weakness. Furthermore, using traditional methods such as online
key distribution creates a single point of vulnerability.
One approach to avoid a single point of vulnerability is to pre-load all the nodes in the network
with their own keying information and with the keying information of all other network nodes,
prior to deployment. Then, neighboring nodes establish shared keys after deployment using
partial information exchanges. This scheme is called Key Pre-Distribution (KPD) scheme.
Because the same keys are spread over a number of nodes in the network and keying information
are exchanged between nodes, even a small number of compromised nodes can threaten the
security of the network [2]. A key pre-distribution scheme makes the network nonscalable and
introduces an inefficient offline initialization phase. These schemes do not allow for ad hoc
network establishment. Most secure routing schemes [2- 4] neglect the critical impact of secure
key management and assume pre-establishment and pre-sharing of secret key pairs [5].
Pair-wise Key Establishment is the most secure key management scheme for Ad Hoc networks,
where pair-wise key is established between every pair of nodes in the network. For example, if
the network has x nodes; every node will have x-1 keys stored in its memory. Pair-wise key
establishment not only provides authenticity and confidentiality, but also has the ability to
revocation the compromised nodes. Despite of all the benefits, the Pair-wise Key Establishment
facing some challenges such as it is not suitable for large networks. If the number x becomes too
large, the storage required per node increases linearly too. Therefore, appropriate strategies or
techniques are needed to carefully manage this problem. In this paper, the size of each key is just
a small string of bits, according to desired key length. We will illustrate the storage requirement
in evaluation section.
This paper is structured as follows: brief overview of related research, present the details of the
proposed pair-wise key establishment scheme, performance and security analysis, and conclusion.
2. RELATED WORK
Most of the proposed symmetric key cryptography schemes for pair-wise key establishment use
an on-line key distribution centre. These schemes do not allow for ad hoc network establishment.
In 1993 Gong proposed a new scheme for using threshold secret sharing technique to increase the
availability of authentication services [6]. We aim also to secret sharing the information needed to
establish pair-wise keys, but unlike Gong’s scheme, there is no need for any use of an on-line key
distribution centre. One solution to solve this problem is probabilistic keying schemes. Mitchell
and Piper [7] proposed a scheme based on probabilistic key sharing that does not depend on such
an on-line server. However, the storage requirements imposed on each node in their scheme
seems to be unbearable in the context of Ad Hoc networks.
126
3. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
A key management scheme based on probabilistic key sharing for distributed sensor networks
proposed by Eschenauer and Gligor [8] with central key servers like base stations. They proposed
using the pre-deployed keys for encrypting all communication between nodes. By the pre-
deployed keys, a session key between two nodes can also be established. However, the
established session key might not be exclusively known to the two nodes involved, because each
pre-deployed key is known to several nodes.
Few numbers of works were made researches in finding new techniques based on pair-wise key
establishment schemes in ad hoc networks. Many of them focused on wireless sensor networks
particularly. i.e. schemes which based on key pre-distribution, shared-key discovery, and path-
key establishment [9]. It requires x > 1 number of common keys for two nodes to establish a
shared key. There is a big opportunity to nodes to become compromised, because the keys used
by key pre-distribution are known to more than one pair of nodes. In our scheme, we avoid this
kind of attacks by just sharing a CA rule and two parameters used to establish the key. This
technique does not give an adversary any attack opportunity that she does not have because the
keys are never transmitted or shared. Similar technique called CAB for wireless sensor networks.
CAB is cellular automata based key management system that provides sensors with the ability of
establishing pair-wise keys during any phase of the network operation using preloaded CAs. The
computation in CAB is very simple and fast because it uses simple OR and XOR operations. It
also has rekeying capabilities and achieves high resilience against node compromise [10].
3. PROPOSED SCHEME
3.1. Cellular Automata (CA)
It is a discrete model consisting of a regular grid of cells, each in one of a finite number of states,
such as 0 and 1. The grid can be in any finite number of dimensions, typically one dimension
(which we decide to use in our scheme). For each cell c(i), a set of cells called its neighbours is
defined relative to the specified cell (left and right neighbours c(i-1), c(i+1)).
An initial state (t=0) is selected by assigning a state for each cell. A new generation is created
(increasing t by 1), according to a rule or a set of rules based on the previous state of a cell and its
neighbours, to determine the new state of each cell in the grid. The process of producing
successive generations of the grid by updating its cells is called evolution. The evolution of a CA
is influenced by three factors: its initial state, number of generations (iterations), and the rules.
The combination of these factors impact the randomness of the values that a CA outputs; which
will generate a key with high probability in our scheme. If we consider a three cells
neighbourhood, i.e. the concerned cell c(i) and its left and right neighbours ( c(i-1) , c(i+1) ) in a
one dimension and two states automaton (0,1) , there are only 23=8 possible combinations that
dictate a cell’s next state. So, each 1-dimensional rule can be easily represented with 1 byte.
According to that, 28=256 possible rules can be used with 1-dimensional CA ranging from 0 to
255, each of which can be indexed with an 8-bit binary number. The evolution of rule 30 is
shown in Table 1.
Table 1. Evolution of rule 30
Current states
111 110 101 100 011 010 001 000
Next state
0 0 0 1 1 1 1 0
The logic function of rule 30 we have the equation 1:
127
4. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
With the initial state of its centre cell set to (*) and other neighbouring cells set to ( ) space
notation, the output of a CA that uniformly applies rule 30 with 15 iterations in our code
implementation is shown in figure 1.
Figure 1. Rule 30 with 15 iterations
In figure 2 representing cells with 0 and 1, with 32-bit CA (Figure 1 representing by 0 and 1).
Figure 2. Representing 32-bits CA using 0 and 1
The last 32-bit string generated by 15th iteration is: 01001001110010001110100001001100. The
values that make up the centre column of cells are believed to be highly random, and are hence
used to compose a shared key. This is the base of generating keys in our scheme. In this paper, we
have taken four critical factors in consideration during key-establishment phase to provide the
highest probability, they are: the key length (i.e. 64, 128, 512, etc), the initial state for the CA,
number of iterations until reaching the last state, and finally, the rule.
3.2. Network Assumptions
There are many assumptions in network environments, these assumptions are summarized as the
following [6]:
A. There is no any neighbourhood information available to any node before deployment, and
there are no keys or rules are pre loaded into nodes. Each node discovers its neighbours
and shares parameters via local wireless broadcast after deployment.
B. If node A can hear node B, then B can also hear A. network links will be bidirectional by
using Omni-directional antennas.
128
5. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
C. Every node has space for storing hundreds of bytes or a few kilobytes of keying
information (in section 5, we show that for huge network of 1000 node and 1024-bit key
length, the storage requirement for each node is just 125 kilobytes).
D. There is no an on-line key distribution centre exists in the formed network as it is Ad Hoc
network, neither access points nor routers too.
3.3. Scheme Description
Ad Hoc networks are spread over a field. With the broadcast feature of wireless ad hoc networks,
the adversaries have the opportunity to perform a variety of attacks and capture nodes. For that
reason, keys must not be transmitted over the network. Also, preloaded keys according to key
pre-distribution schemes are not suitable too in Ad Hoc networks. Therefore, we propose a new
scheme that allows nodes to securely transmit small-sized parameters which prevent node capture
attacks.
If an adversary eavesdrops the link and capture the parameters, she will not have any opportunity
to guess the key, since parameters will not be sent together (source node will send the rule, and
the destination will send the number of iterations and the initial state). However, in the worst
case, if an adversary captures all parameters, she will not have the ability to compute the key, as
there is no any relation between them to be understandable, (an adversary will not distinguish the
different meanings of parameters). The proposed scheme is conducted in two phases: pair-wise
key-establishment phase, and key-refreshing phase.
3.3.1. Pair-wise key-establishment Phase
Pair-wise key is established between every pair of nodes without requiring the use of any on-line
key distribution center as shown in figure 3 (node A and B).
Figure 3. Pair-wise key-establishment between two nodes
In other words, the proposed scheme consists of the following steps:
Step 1: after deployment, when a node senses a neighbour in its range, it will send a message
with 8-bit random string, represents a 1-dimensional CA rule. For example, if node A decides to
use rule 45 to establish a shared key with node B, this 8-bit string will be sent: 00101101.
Step 2: node B will send a replied message to node A with two parameters used to configure their
common CA, represent number of iterations (generations) to apply the rule and the initial state for
the CA. Together with these parameters, the rule is applied to generate the pair-wise shared key
129
6. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
between nodes A and B . We can notice that the incorporation of additional parameters in
computing a pair-wise key is better than selecting a key based on some partial information for a
node. This will provide high randomness and no attack opportunity.
Step 3: if a node (e.g., node B) receives a CA rule (e.g., from node A) and replied with
parameters, this means it agreed upon the rule and will not generate other rule to be used with
node A.
Step 4: if a node (e.g., node B) received the same rule from two nodes (e.g., A and C), then it is
important to ensure that different values for the parameters will be chosen for each node. Notice
that for example, the number of initial state probabilities for a 128-bit key is 2128.
340,282,366,920,938,463,463,374,607,431,768,211,456. And the number of probabilities for
number of iterations is open. This means there is no any opportunity to generate the same key for
more than two nodes.
Step 5: if a node (e.g., node A) sends a CA rule to a neighbour (e.g., node B) and doesn't receive
any replied message, it will send the rule again, in case of no reply for the second time then node
A will consider B an adversary or a compromised node.
Step 6: in the next step, nodes A and B will compute the pair-wise shared key depending on the
rule, the initial state, and the number of iterations.
Step 7: if node A cannot communicate with node B directly, then an intermediate node C which
can communicate with A and B directly, will receive the A-B rule encrypted by A-C key, and
then transmit it again to node C encrypted by B-C key. By the same method, node C will receive
the A-B parameters from B encrypted by B-C key, and then transmit them to A using A-C key.
As a result, A and B will generate their shared key without allowing C to know the key, it read
the rule and parameters without knowing their purpose. The pair-wise key established between
any two nodes can thus be used to encrypt and decrypt messages exchanged between them.
3.3.2. Key Refreshing Phase
A network may need to refresh keys for multiple reasons (i.e. deployed nodes dynamically, and in
order to prevent adversaries from guessing secret keys). It is very resilient to change old key to
new one according to the high level of randomness available from the proposed scheme. It allows
nodes to refresh keys during any stage of the network operation, and independent of any previous
key refreshing phase. This phase will not lead to more power consumption and do not need more
storage space, because of its efficiency and secrecy during the key establishment.
In details, we have two cases for key refreshing phase; these cases are summarized as the
following:
1. If a new node has been deployed in the network, then it will sense for neighbours and
make a connection with them to establish pair-wise keys as we illustrated before in the
pair-wise key-establishment phase.
2. Key refreshing must be done at appropriate time intervals depending upon frequency of
key usage. New values of the parameters will be sent to compute the new key.
3.
Two critical points must be taken in consideration: first, it is very important to ensure that the
values of parameters used to establish the new key between A and B nods will not be the same
used to establish the previous key, to avoid establishing the same key.
Second, the time intervals that decided to establish a new key depends on the average time that
needed by an adversary to guess the key. For example, for a 40-bit key, there are 240 possible
values. By using a personal computer that can try 1 million keys per second, an attacker can try
all possible keys in about 14.3 days. So, the key-refreshing phase must be done before spending
130
7. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
14 days of using the previous key. It is clear that this depends on key length (k). Longer key
lengths increase the time needed to guess the key. As shown in equation 2.
4. SCHEME ANALYSIS
In this paper, we have proposed a new scheme that will allow two ad hoc nodes to establish a
pair-wise shared key on the fly (dynamic) during any stage of the network operations. The
performance and security analysis of the proposed scheme were conducted in the following
sections.
4.1. Security
Using symmetric key cryptography, both nodes share the same key for encryption and decryption.
To provide privacy, this pair-wise key needs to be kept secret. For that reason, the key must not
be transmitted between nodes over the network. In our scheme, the key is not transmitted at all,
just the CA rule and the parameters are exchanged between every pair of nodes. Even though the
CA used by two nodes may be known to the adversary, the key used by them is not automatically
revealed. This technique will keep the keys secret with a greater degree.
The key is established with the highest degree of randomness using the CA rules, and random
values of parameters. For illustration, the number of probabilities for choosing a CA rule = 256.
The number of iterations to be applied upon an initial state is open. May a node decides to apply 5
iterations and other one decides to apply 30 iterations. The number of probabilities to generate an
initial state with key of length (k) = 2k. For example, to generate a 256-bit key the number of
probabilities is 2.3158e+77. These three factors provide the highest degree of randomness in key
establishment. This high randomness will not provide any opportunity to more than two nodes to
share the same pair-wise key at all. On the other side, the incredible number of the key
probabilities will prevent node compromise. No adversary can compute the all probabilities to
guess the key. Again, CA provides enough randomness thus it is really impossible for attackers to
break the keys.
4.2. Computation Time
The proposed scheme is shown to be computationally efficient because operations are as simple
as generating binary strings depending on the values of 3 neighbourhoods c(i-1), c(i), c(i+1). The
CA rules calculations are very simple and less time consuming. Compared with CAB scheme, the
CA rules used in this proposed scheme are just 1 byte rules consisting of 256 probabilities, while
CAB rules may not be able to be represented by 1 byte, as a result they will consume more
computation time. Figure 4 shows the establishing 32-bit key with 10 iterations based on CA rule
54. It is does not take more than 30 milliseconds during the generation, (i.e. we have simulated a
key with short length such as 32 bits just to simplified the representation on the run screen).
131
8. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
Figure 4. Establishing 32-bit key with 10 iterations based on CA rule 54
The computation time (ms) needed for establishing different length keys with different number of
iterations based on CA rule 54 are calculated in table 2.
Table 2. Computation time for different key lengths (ms)
Key Length (bits)
No. of iterations
32 64 128 256 512 768 1024
5 10 10 15 46 78 160 200
10 30 30 31 109 171 330 450
20 37 50 78 265 358 630 870
30 50 70 156 327 592 946 1208
40 60 110 202 468 780 1267 1530
50 70 120 290 577 967 1557 1900
The following column charts showing the relationship between the key lengths and the
computation time (ms) in figure 5.
132
9. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
Figure 5. Column charts for key lengths and the computation time
In addition, the differences between the proposed scheme and CAB scheme in establishing a pair-
wise 1024-bit key by CA rule 45 based on the equation 3, and different number of iterations in
term of computation time are shown in figure 6.
Figure 6. The differences between the proposed scheme and CAB scheme
4.3. Communications Overhead
The communication overhead is very low, one byte CA rule and the two parameters (number of
iterations and the initial state) are exchanged between each pair of nodes to establish the pair-wise
key. This shared information is a few bytes only. Our scheme achieves lower communication
overhead than in-situ schemes such as iPAK and SBK [11, 12], whose communication needs
transmitting the share of a symmetric matrix or a symmetric bivariate polynomial.
4.4. Storage Requirements
The storage requirements of our scheme are determined by two factors: the number of nodes in
the network, and the key length. As we illustrated, a pair-wise key is established between every
pair of nodes in the network. If the network has x nodes; every node will have x-1 keys stored in
133
10. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
its memory. The larger the number of nodes and the larger the key, the larger the storage space is
needed, but it is not a constraint in our scheme, where the total storage space needed for each
node to store all keys is very little. i.e. for a network consisted of 300 nodes, and 256-bit key per
pair of nodes, every node needs to store 299 keys in its memory, with just 299*256/213= 9.34375
nearly 9 kilobytes. And for a huge network of 1000 nodes and 1024-bit key length, every node
needs to store 999 keys in its memory, with just 999*1024/213= 124.875 nearly 125 kilobytes.
Compared with CAB scheme, the storage space needed for each node to store the key information
is smaller in our scheme, based on the fact that node do not store pre loaded CA rules before
deployment, nor initial states or parameters after deployment. CAB does not store keys, but
instead it stores CA rules, which actually smaller than the key, but it needs every time to share the
parameters and compute the key. At the same time, symmetric key cryptography needs smaller
storage space compared with asymmetric one which use two keys one for encryption and another
one for decryption.
4.5. Key Refreshing Ability
In the proposed scheme, establishing a new pair-wise key will not lead to increase power
consumption, or wasting storage space. The key refreshing phase must be done frequently at
appropriate time intervals depending upon frequency of key usage, to prevent guessing the key by
time. Ad Hoc networks do not use an on-line key distribution centre, so no centralized server is
needed for establishing new keys. Nodes will refresh or initiate a key by exchanging CA rule and
the parameters as mentioned above. In case of refreshing key between two nodes, the CA rule and
the parameters must be encrypted by the previous key. And in case of establishing a key for
newly deployed nodes, the nodes will be agreed upon the CA rule and the parameters to be used.
4.6. Attacks Prevention
Proposed scheme is robust against many kinds of attacks (i.e. Eavesdropping attacks and Brute
force attacks). Eavesdropping attacks, all the messages sent between two nodes are being
encrypted by pair-wise key which are purely random, and if key length are of 160 bits then it is
impossible to break down the system by guessing attack. Longer key lengths decrease the
possibility of successful attacks by increasing the number of combinations that are possible.
However, the attacker cannot eavesdrop to explore the key, because no any keys are transmitted
over the network.
Brute force attacks, the adversary tries each possible key until the right key is found to decrypt
the message. Most attacks are successful before all possible keys are tried. The proposed scheme
minimizes the risk of this kind of attacks by choosing shorter key lifetimes (key refreshing
phase), and longer key lengths. A shorter key lifetime reduces the potential damage if one of the
keys is compromised. As we mentioned before, the time intervals that decided to establish a new
key depends on the average time that needed by an adversary to guess the key.
with longer key length, for example, for an 128-bit key, if you use a computer that allow you to
try 100 billion keys a second and you used 10 million of these computers, it takes about 1013
years to try every possible 128-bit key value.
Therefore, the longer the key, the more protection you provide to nodes from attacks. Nowadays,
symmetric keys that are 128-bits or longer are considered unbreakable by brute force attacks.
Moreover, our scheme establishes keys with 1024-bits and more with low computation time and
low storage requirements.
134
11. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
In other words, in this paper the key plays the major role in providing a higher level of security
where a key length of 1024-bit is chosen. But the key selection is done randomly so as to make it
more difficult to intercept.
4.7. Correlation Analysis
The correlation between any kinds of data is known as intrinsic features. The existence of this
feature can help attackers to trace the key. Therefore, correlation analysis is usually used to test
the security and the correlation between the key. To analyze the correlations between the keys,
Equation 4 is used to calculate the correlation coefficients.
The strength of the relationship between set of keys (i.e. Key 1, Key 2, Key 3,…, Key n) is
determined by a correlation coefficient, which ranges from -1 to +1. The closer the coefficient is
to +1/-1, the stronger is the relationship. This means that the keys are related and are the same. In
other words, if the correlation coefficient is equal to zero, then the keys are totally different. If the
correlation coefficient is perfect correlation then the keys are same [13, 14].
In correlation analysis, we randomly choose different keys. Analysis result, the correlation
coefficients for the set of keys is 0.0424 close to zero. This indicates that the keys are generated
using the proposed schema are not correlated.
5. CONCLUSION
This paper introduced a new pair-wise key-establishment scheme in Ad Hoc networks to compute
and generate pair-wise key on the fly between every two nodes during any stage of network
operation without requiring the use of any on-line key distribution centre. Although there have
been many researchers on this area, but most of the existing schemes have several weaknesses
either caused by low security level or increase the delay time due the design of the scheme itself.
The proposed scheme have been tested against different known attacks and proved to be secure
against them. Therefore, it can be consider as a good alternative because of the high level of
security with low computation time and low storage requirements.
135
12. International Journal of Computer Networks & Communications (IJCNC) Vol.5, No.2, March 2013
REFERENCES
[1] M. Brown, D. Cheung, D. Hankerson, J. Hernandez, M. Kirkup, and A. Menezes." PGP in
Constrained Wireless Devices". In 9th USENIX Security Symposium, August 2000.
[2] Hu, Y.C., Johnson, D.B., Perrig, A.: Ariadne: "A Secure OnDemand Routing Protocol for Ad Hoc
Networks". Eighth ACM International Conf. on Mobile Computing and Networking (Mobicom) 2002.
[3] Papadimitratos, P., Haas, Z.J.:" Secure Routing for Mobile Ad Hoc Networks". SCS Communication
Network and Distributed System Modeling and Simulation Conf. 2002.
[4] Acs, G., Buttyan, L., Vajda, I.: "Provably Secure On-demand Source Routing in Mobile Ad Hoc
Networks". IEEE Trans. on Mobile Computing 5(11), 1533– 1546, 2006.
[5] Zhou, L., Haas, Z.J.: "Securing Ad Hoc Networks". IEEE Network: Special Issue on Network
Security ,13(6) 24–30 ,1999.
[6] L. Gong. "Increasing Availability and Security of an Authentication Service". IEEE Journal on
Selected Areas in Communications, 11(5):657–662, 1993.
[7] C. Mitchell and F. Piper. "Key Storage in Secure Networks". Discrete Applied Mathematics. 21pp
215-228. 1988.
[8] L. Eschenauer and V. Gligor. "A Key-Management Scheme for Distributed Sensor Networks". ACM
CCS, 2002
[9] H. Chan, A. Perrig, and D. Song, “Random key predistribution schemes for sensor networks,”
Proceedings of the 2003 IEEE Symposium on Security and Privacy, p. 197, 2003.
[10] Y. Teymorian, Liran Ma, and Xiuzhen Cheng. CAB: A Cellular Automata-Based Key Management
Scheme for Wireless Sensor Networks. IEEE 2007.
[11] L. Ma, F. Liu, X. Cheng, and F. An, “An in-situ pair-wise key bootstrapping scheme for wireless
sensor networks,” IEEE Transactions on Parallel and Distributed Systems, 2006.
[12] F. Liu and X. Cheng, “SBK: A self-configuring framework for bootstrapping keys in sensor
networks”, IEEE International Conference on Mobile Ad-hoc and Sensor Systems, 2006.
[13] B.-H. Kang, D.-H. Lee, and C.-P. Hong, “High-Performance Psedorandom Number Generator Using
Two-Dimensional Cellular Automata,” in the Proceedings of the 4th IEEE International Symposium
on Electronic Design, Test & Applications, vol. 46, pp. 597-602, Hong Kong, 2008.
[14] M. Alani, “Testing Randomness in Ciphertext of Block-Ciphers Using DieHard Tests”, International
Journal of Computer Science and Network Security, vol. 10, pp. 53-57, 2010.
Authors
Author1 Isra Sitan Mohammed Al-Qasrawi received the B.S. degree in Computer Science from Al-Balqa'
Applied University, Jordan in 2004, the MSc in Computer Science from Yarmouk University, Jordan in
2009, Working as instructor in Al-Balqa' Applied University / Al-Huson University College- Department of
Information Technology.
Author2 Obaida Mohammad Awad Al-Hazaimeh received the B.S. degree in Computer Science from
Applied Science University (ASU), Jordan in 2004, the MSc in Computer Science/ Distributed system from
University Science Malaysia (USM), 2005, and PhD in Computer Science/ Network security
(Cryptography) for Real-Time Application (VoIP), 2010. Working as instructor in Al-Balqa' Applied
University / Al-Huson University College- Department of Information Technology.
136