Security is important for many sensor network applications. Wireless Sensor Networks (WSN) are often deployed in hostile environments as static or mobile, where an adversary can physically capture some of the nodes. once a node is captured, adversary collects all the credentials like keys and identity etc. the attacker can re-program it and replicate the node in order to eavesdrop the transmitted messages or compromise the functionality of the network. Identity theft leads to two types attack: clone and sybil. In particularly a harmful attack against sensor networks where one or more node(s) illegitimately claims an identity as replicas is known as the node replication attack. The replication attack can be exceedingly injurious to many important functions of the sensor network such as routing, resource llocation, misbehavior detection, etc. This paper analyzes the threat posed by the replication attack and several novel techniques to detect and defend against the replication attack, and analyzes their effectiveness in both static and mobile WSN.
Providing The Security Against The DDOS Attack In Mobile Ad Hoc NetworksIOSR Journals
This document discusses providing security against distributed denial of service (DDOS) attacks in mobile ad hoc networks. It begins by introducing mobile ad hoc networks and some of their security vulnerabilities. It then discusses different types of attacks against MANETs, including black hole attacks, wormhole attacks, denial of service attacks, and distributed denial of service attacks. It proposes using an intrusion detection system to detect attacks and block attacking nodes. Simulation results are discussed to analyze the effectiveness of detection and mitigation techniques against DDOS attacks in terms of network performance metrics. The conclusion is that implementing queue management algorithms in network routers can help protect users during DDOS attacks by guaranteeing a certain level of bandwidth.
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKIJNSA Journal
Ubiquitous and pervasive applications, where the Wireless Sensor Networks are typically deployed, lead to the susceptibility to many kinds of security attacks. Sensors used for real time response capability also make it difficult to devise the resource intensive security protocols because of their limited battery, power, memory and processing capabilities. One of potent form of Denial of Service attacks is Wormhole attack that affects on the network layer. In this paper, the techniques dealing with wormhole attack are investigated and an approach for wormhole prevention is proposed. Our approach is based on the analysis of the two-hop neighbors forwarding Route Reply packet. To check the validity of the sender, a unique key between the individual sensor node and the base station is required to be generated by suitable scheme.
An ids scheme against black hole attack to secure aomdv routing in manet pijans
In Mobile Ad hoc Network (MANET) all the nodes are freely moves in the absence of without ant
centralized coordination system. Due to that the attackers or malicious nodes are easily affected that kind
of network and responsible for the routing misbehavior. The routing is network is mandatory to deliver
data in between source and destination. In this research we work on security field in MANET and proposed
a novel security scheme against routing misbehavior through Black hole attack. The Ad hoc On demand
Multipath Routing (AOMDV) protocol is consider for routing and also to improves the routing quality as
compare to single path routing protocol. The attacker is affected all the possible paths that is selected by
sender for sending data in network. The malicious nodes are forward optimistic reply at the time of routing
by that their identification is also a complex procedure. The proposed Intrusion Detection System (IDS)
scheme is identified the attacker information through hop count mechanism. The routing information of
actual data is reached to which intermediate node and the next hop information is exist at that node is
confirm by IDS scheme. The black hole attacker node Identification (ID) is forward in network by that in
future attacker is not participating in routing procedure. The proposed security scheme detects and
provides the deterrence against routing misbehavior through malicious attack. Here we compare the
routing performance of AOMDV, Attack and IDS scheme. The performance of normal multipath routing
and proposed IDS scheme is almost equal. The attacker has degrades the whole routing performance but
observed that in presence of attacker, routing misbehavior is completely block by the proposed IDS scheme
and recovers 95 % of data as compare to normal routing.
Investigation of detection & prevention sinkhole attack in manetijctet
This document discusses sinkhole attacks in mobile ad hoc networks (MANETs) and wireless sensor networks (WSNs). It provides background on sinkhole attacks, where a compromised node advertises a high quality route to attract network traffic. This can disrupt data transmission to the base station. The document reviews several existing detection techniques for sinkhole attacks, including algorithms using hop counting and mobile agents. It then proposes a new lightweight algorithm to detect sinkhole attacks in MANETs using network flow information collected by the base station and analysis of routing patterns to identify the intruder. The algorithm aims to provide secure and efficient sinkhole detection with low overhead.
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolIJMTST Journal
This document summarizes an enhanced adaptive acknowledgement protocol for securing wireless sensor network communication. It begins by describing security challenges in WSNs like the wireless medium, hostile environments, and resource constraints. It then discusses common security attacks like black hole and grey hole attacks. Existing acknowledgement schemes like Watchdog, TWOACK, and AACK are explained along with their limitations in detecting such attacks. The document proposes an Enhanced Adaptive Acknowledgement (EAACK) scheme that uses ACK, Secure ACK, and Misbehavior Report Authentication to better detect attacks while reducing overhead. EAACK aims to securely detect black hole, grey hole, and false misbehavior reporting in wireless sensor networks.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
PERFORMANCE EVALUATION OF WIRELESS SENSOR NETWORK UNDER HELLO FLOOD ATTACKIJCNCJournal
Wireless sensor network (WSN) is highly used in many fields. The network consists of tiny lightweight
sensor nodes and is largely used to scan or detect or monitor environments. Since these sensor nodes are
tiny and lightweight, they put some limitations on resources such as usage of power, processing given task,
radio frequency range. These limitations allow network vulnerable to many different types of attacks such
as hello flood attack, black hole, Sybil attack, sinkhole, and many more. Among these attacks, hello flood is
one of the most important attacks. In this paper,we have analyzed the performance of hello flood attack and
compared the network performance as number of attackers increases. Network performance is evaluated
by modifying the ad-hoc on demand distance vector (AODV) routing protocol by using NS2 simulator. It
has been tested under different scenarios like no attacker, single attacker, and multiple attackers to know
how the network performance changes. The simulation results show that as the number of attackers
increases the performance in terms of throughput and delay changes.
This document summarizes a research paper about denial of service (DoS) attacks on wireless sensor networks. It begins by outlining some key security goals for wireless sensor networks, including data confidentiality, integrity, availability, and authentication. It then discusses DoS attacks specifically, noting they aim to degrade efficient use of network resources. The document proposes that DoS attacks can occur at different layers of the OSI model. It provides examples of physical layer attacks like jamming and describes how frequency hopping can help counter jamming. In closing, it notes DoS attacks threaten the availability security goal for wireless sensor networks.
Providing The Security Against The DDOS Attack In Mobile Ad Hoc NetworksIOSR Journals
This document discusses providing security against distributed denial of service (DDOS) attacks in mobile ad hoc networks. It begins by introducing mobile ad hoc networks and some of their security vulnerabilities. It then discusses different types of attacks against MANETs, including black hole attacks, wormhole attacks, denial of service attacks, and distributed denial of service attacks. It proposes using an intrusion detection system to detect attacks and block attacking nodes. Simulation results are discussed to analyze the effectiveness of detection and mitigation techniques against DDOS attacks in terms of network performance metrics. The conclusion is that implementing queue management algorithms in network routers can help protect users during DDOS attacks by guaranteeing a certain level of bandwidth.
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKIJNSA Journal
Ubiquitous and pervasive applications, where the Wireless Sensor Networks are typically deployed, lead to the susceptibility to many kinds of security attacks. Sensors used for real time response capability also make it difficult to devise the resource intensive security protocols because of their limited battery, power, memory and processing capabilities. One of potent form of Denial of Service attacks is Wormhole attack that affects on the network layer. In this paper, the techniques dealing with wormhole attack are investigated and an approach for wormhole prevention is proposed. Our approach is based on the analysis of the two-hop neighbors forwarding Route Reply packet. To check the validity of the sender, a unique key between the individual sensor node and the base station is required to be generated by suitable scheme.
An ids scheme against black hole attack to secure aomdv routing in manet pijans
In Mobile Ad hoc Network (MANET) all the nodes are freely moves in the absence of without ant
centralized coordination system. Due to that the attackers or malicious nodes are easily affected that kind
of network and responsible for the routing misbehavior. The routing is network is mandatory to deliver
data in between source and destination. In this research we work on security field in MANET and proposed
a novel security scheme against routing misbehavior through Black hole attack. The Ad hoc On demand
Multipath Routing (AOMDV) protocol is consider for routing and also to improves the routing quality as
compare to single path routing protocol. The attacker is affected all the possible paths that is selected by
sender for sending data in network. The malicious nodes are forward optimistic reply at the time of routing
by that their identification is also a complex procedure. The proposed Intrusion Detection System (IDS)
scheme is identified the attacker information through hop count mechanism. The routing information of
actual data is reached to which intermediate node and the next hop information is exist at that node is
confirm by IDS scheme. The black hole attacker node Identification (ID) is forward in network by that in
future attacker is not participating in routing procedure. The proposed security scheme detects and
provides the deterrence against routing misbehavior through malicious attack. Here we compare the
routing performance of AOMDV, Attack and IDS scheme. The performance of normal multipath routing
and proposed IDS scheme is almost equal. The attacker has degrades the whole routing performance but
observed that in presence of attacker, routing misbehavior is completely block by the proposed IDS scheme
and recovers 95 % of data as compare to normal routing.
Investigation of detection & prevention sinkhole attack in manetijctet
This document discusses sinkhole attacks in mobile ad hoc networks (MANETs) and wireless sensor networks (WSNs). It provides background on sinkhole attacks, where a compromised node advertises a high quality route to attract network traffic. This can disrupt data transmission to the base station. The document reviews several existing detection techniques for sinkhole attacks, including algorithms using hop counting and mobile agents. It then proposes a new lightweight algorithm to detect sinkhole attacks in MANETs using network flow information collected by the base station and analysis of routing patterns to identify the intruder. The algorithm aims to provide secure and efficient sinkhole detection with low overhead.
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolIJMTST Journal
This document summarizes an enhanced adaptive acknowledgement protocol for securing wireless sensor network communication. It begins by describing security challenges in WSNs like the wireless medium, hostile environments, and resource constraints. It then discusses common security attacks like black hole and grey hole attacks. Existing acknowledgement schemes like Watchdog, TWOACK, and AACK are explained along with their limitations in detecting such attacks. The document proposes an Enhanced Adaptive Acknowledgement (EAACK) scheme that uses ACK, Secure ACK, and Misbehavior Report Authentication to better detect attacks while reducing overhead. EAACK aims to securely detect black hole, grey hole, and false misbehavior reporting in wireless sensor networks.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
PERFORMANCE EVALUATION OF WIRELESS SENSOR NETWORK UNDER HELLO FLOOD ATTACKIJCNCJournal
Wireless sensor network (WSN) is highly used in many fields. The network consists of tiny lightweight
sensor nodes and is largely used to scan or detect or monitor environments. Since these sensor nodes are
tiny and lightweight, they put some limitations on resources such as usage of power, processing given task,
radio frequency range. These limitations allow network vulnerable to many different types of attacks such
as hello flood attack, black hole, Sybil attack, sinkhole, and many more. Among these attacks, hello flood is
one of the most important attacks. In this paper,we have analyzed the performance of hello flood attack and
compared the network performance as number of attackers increases. Network performance is evaluated
by modifying the ad-hoc on demand distance vector (AODV) routing protocol by using NS2 simulator. It
has been tested under different scenarios like no attacker, single attacker, and multiple attackers to know
how the network performance changes. The simulation results show that as the number of attackers
increases the performance in terms of throughput and delay changes.
This document summarizes a research paper about denial of service (DoS) attacks on wireless sensor networks. It begins by outlining some key security goals for wireless sensor networks, including data confidentiality, integrity, availability, and authentication. It then discusses DoS attacks specifically, noting they aim to degrade efficient use of network resources. The document proposes that DoS attacks can occur at different layers of the OSI model. It provides examples of physical layer attacks like jamming and describes how frequency hopping can help counter jamming. In closing, it notes DoS attacks threaten the availability security goal for wireless sensor networks.
AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE ...IJNSA Journal
Security in any of the networks became an important issue in this paper we have implemented a security mechanism on Medium Access Control layer by Assured Neighbor based Security Protocol to provide authentication and confidentiality of packets along with High speed transmission for Ad hoc networks. Here we have divided the protocol into two different parts. The first part deals with Routing layer information; in this part we have tried to implement a possible strategy for detecting and isolating the malicious nodes. A trust counter for each node is determined which can be actively increased and decreased depending upon the trust value for the purpose of forwarding the packets from source node to destination node with the help of intermediate nodes. A threshold level is also predetermined to detect the malicious nodes. If the value of the node in trust counter is less than the threshold value then the node is denoted ‘malicious’. The second part of our protocol deals with the security in the link layer. For this security reason we have used CTR (Counter) approach for authentication and encryption. We have simulated all our strategies and schemes in NS-2, the result of which gives a conclusion that our proposed protocol i.e. Assured Neighbor based Security Protocol can perform high packet delivery against various intruders and also packet delivery ratio against mobility with low delays and low overheads.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document summarizes a research paper that aims to detect and prevent wormhole attacks in wireless sensor networks. It first provides background on wormhole attacks, where an attacker tunnels network traffic to another location to compromise routing. It then reviews related work detecting wormholes using cryptography, location verification, or intrusion detection. The paper proposes a system with guard nodes that collaboratively monitor links to detect compromised nodes. It describes modules for network topology establishment, attack establishment through different wormhole modes, and an elimination mechanism where guard nodes isolate attackers once malicious behaviors exceed thresholds. Simulations test the ability of this scheme to improve security against wormhole attacks in resource-constrained wireless sensor networks.
Detection and prevention of wormhole attack in mobile adhoc networksambitlick
This document discusses detection and prevention of wormhole attacks in mobile ad hoc networks. A wormhole attack is a powerful attack where two or more malicious nodes collude to tunnel packets between them, emulating a shorter route and attracting traffic. This can severely disrupt network communication. The paper proposes a novel trust-based scheme to identify wormhole-creating nodes without cryptography. Extensive simulations show the scheme effectively handles colluding malicious nodes without imposing extra network conditions.
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...ijsrd.com
The recent advancements in the wireless arena and their wide-spread utilization have introduced new security vulnerabilities. The wireless media being shared is exposed to outside world, so it is susceptible to various attacks at different layers of OSI network stack. For example, jamming and device tampering at the physical layer; disruption of the medium access control (MAC) layer; routing attacks like Blackhole, rushing, wormhole; targeted attacks on the transport protocol like session hijacking, SYN flooding or even attacks intended to disrupt specific applications through viruses, worms and Trojan Horses. Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing paths on MANET. In this paper, Wormhole detection algorithm (WDA) is proposed based on modifying the forwarding packet process that detects and isolates wormhole nodes in ad hoc on demand distance vector (AODV) routing protocol.
This document summarizes security issues and threats related to wireless sensor networks. It discusses how sensor networks deployed in hostile environments are vulnerable to attacks due to resource limitations. Common attacks include falsifying data, extracting private information, compromising network readings, and denial of service attacks. The document also analyzes security requirements at the link layer, including access control, message integrity, confidentiality, and discusses specific attacks like selective forwarding, sinkhole attacks, and HELLO flooding.
Attacks and counterattacks on wireless sensor networksijasuc
WSN is formed by autonomous nodes with partial memory, communication range, power, and bandwidth.
Their occupation depends on inspecting corporal and environmental conditions and communing through a
system and performing data processing. The application field is vast, comprising military, ecology,
healthcare, home or commercial and require a highly secured communication. The paper analyses different
types of attacks and counterattacks and provides solutions for the WSN threats.
This document provides an overview of security issues in wireless ad-hoc networks. It discusses the properties and functions of mobile ad-hoc networks (MANETs) including availability, authentication, confidentiality, and data integrity. It classifies attacks as internal/external and active/passive. Specific attacks like wormhole and black hole are described. Solutions to these attacks include packet leashes to restrict travel distance and binding user identity to trust levels. Key management is important, using group, symmetric, and shared keys. In conclusion, more research is needed to fully address security challenges in unpredictable wireless networks.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Analysis of denial of service (dos) attacks in wireless sensor networkseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Analysis of security threats in wireless sensor networkijwmn
Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide
in the past few years, so does the need for effective security mechanisms. The sensing technology
combined with processing power and wireless communication makes it lucrative for being exploited in
abundance in future. The inclusion of wireless communication technology also incurs various types of
security threats due to unattended installation of sensor nodes as sensor networks may interact with
sensitive data and /or operate in hostile unattended environments. These security concerns be addressed
from the beginning of the system design. The intent of this paper is to investigate the security related
issues in wireless sensor networks. In this paper we have explored general security threats in wireless
sensor network with extensive study.
This document discusses security challenges in mobile ad hoc networks (MANETs) and reviews several secure routing protocols proposed to address these challenges. It begins by introducing MANETs and explaining that routing in MANETs is difficult due to the dynamic topology. It then discusses common security goals for routing protocols like confidentiality, integrity, and availability. Several attacks on MANET routing protocols are described, including passive attacks like eavesdropping and active attacks like wormhole and blackhole attacks. The document proceeds to review six secure routing protocols for MANETs - DSDV, SAR, SAODV, SRP, Secure AODV using RSA signatures, and TORA - and describes their approaches to providing routing security. It concludes
WSN security faces many challenges due to limited sensor resources and operating in hostile environments. It requires high security levels to protect sensitive data while maintaining energy efficiency. However, current research has not fully addressed the conflict between security and limited resources. WSNs are vulnerable to various attacks like jamming, eavesdropping, and false routing. Providing security introduces additional processing and power demands on sensors. Many open research problems remain in developing scalable and dynamic security solutions for wireless sensor networks.
Energy Efficient and Secure, Trusted network discovery for Wireless Sensor Ne...IOSR Journals
This document describes a proposed energy efficient and secure trusted network discovery framework for wireless sensor networks called TARF. The framework aims to secure routing against attacks like sinkhole, wormhole, and Sybil attacks by evaluating the trustworthiness of neighboring nodes. It identifies untrustworthy nodes and routes around them. TARF also aims to be energy efficient. It uses elliptic curve cryptography for encryption and maintains a neighborhood table with trust and energy cost values to select low-cost, trusted next hop nodes for routing. The framework generates network certificates, starts sensor nodes, creates a trusted center, and has nodes find neighbors to select routing paths while avoiding attackers. Simulation results show certificate generation, node interfaces, the trusted center, and a node finding
Protecting Global Records Sharing with Identity Based Access Control ListEditor IJCATR
Generally, the information is stored in the database. Protecting sensitive information are encrypted before outsourcing to a
service provider. We send the request to service provider through SQL queries. The query expressiveness is limited by means of any
software-based cryptographical constructs then deployed, for server-side query working on the encrypted data.Data sharing in the
service provider is emerging as a promising technique for allowing users to access data. The growing number of customers who stores
their data in service provider is increasingly challenging users’ privacy and the security of data. The TrustedDB an outsourced
database prototype that allows clients to execute SQL queries with privacy and under regulatory compliance constraints by leveraging
server-hosted. Tamper-proof believed hardware in crucial query processing levels, thereby removing any limits on the type of
supported queries. It focuses on providing a dependable and secure data sharing service that allows users dynamic access to their
information. TrustedDB is constructed and runs on hardware, and its performance and costs are evaluated here.
Manet Security Breaches : Threat to A Secure Communication Platformpijans
Ad-hoc networks are the collection of autonomous nodes where all the nodes are configured dynamically
without any centralized management system. Mobile Adhoc Networks (MANETs) are self-configuring
network of mobile routers connected via a wireless link. However,the feature of decentralization and
dynamic configuration of nodes makes MANETs vulnerable to various security attacks,that are otherwise
not so common in a wired network. For mitigation of these attacks,several secured routing protocols are
being proposed till now. This paper provides the view of overall security breaches present in the Ad-hoc
Networks till now and will discuss in brief about the several proposed secure routing protocols.
Mobile ad-hoc networks are widely used in the tactical battlefield, emergency search and rescue missions. They are also well used in civilian ad-hoc situations like conferences and classrooms due to the ease and speed in setting up such networks. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. The wireless adhoc networks are mostly vulnerable to security attacks because of its features of open medium, dynamic topology, lack of centralized management and node mobility.
Study of Layering-Based Attacks in a Mobile Ad Hoc NetworksIRJET Journal
This document summarizes research on layering-based attacks in mobile ad hoc networks (MANETs). It begins with an abstract noting that MANETs are commonly used in military and disaster situations, but require high security due to challenges from their characteristics. The document then reviews constraints of MANETs like limited resources and transmission range. It examines security requirements for MANETs and various types of attacks against different network layers, including jamming, denial of service, link spoofing, selective forwarding, sinkhole, Sybil, black hole, and wormhole attacks. Finally, it concludes that no single mechanism can provide full security for MANETs due to their constraints, making security a challenge that requires mapping solutions to different aspects.
This document discusses security issues and proposed solutions for wireless sensor networks. It begins by defining wireless sensor networks and describing common applications. It then outlines several security threats like denial of service attacks, wormhole attacks, sybil attacks, and traffic analysis attacks. It also discusses proposed cryptography and authentication schemes to provide data confidentiality, integrity, and freshness. Finally, it advocates for a holistic security approach that considers all network layers rather than focusing on single layers.
Various OSI Layer Attacks and Countermeasure to Enhance the Performance of WS...IDES Editor
Wireless sensor networks are networks having non
wired infrastructure and dynamic topology. In OSI model each
layer is prone to various attacks, which halts the performance
of a network .In this paper several attacks on four layers of
OSI model are discussed and security mechanism is described
to prevent attack in network layer i.e wormhole attack. In
Wormhole attack two or more malicious nodes makes a covert
channel which attracts the traffic towards itself by depicting a
low latency link and then start dropping and replaying packets
in the multi-path route. This paper proposes promiscuous mode
method to detect and isolate the malicious node during
wormhole attack by using Ad-hoc on demand distance vector
routing protocol (AODV) with omnidirectional antenna. The
methodology implemented notifies that the nodes which are
not participating in multi-path routing generates an alarm
message during delay and then detects and isolate the
malicious node from network. We also notice that not only
the same kind of attacks but also the same kind of
countermeasures can appear in multiple layer. For example,
misbehavior detection techniques can be applied to almost all
the layers we discussed.
AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE ...IJNSA Journal
Security in any of the networks became an important issue in this paper we have implemented a security mechanism on Medium Access Control layer by Assured Neighbor based Security Protocol to provide authentication and confidentiality of packets along with High speed transmission for Ad hoc networks. Here we have divided the protocol into two different parts. The first part deals with Routing layer information; in this part we have tried to implement a possible strategy for detecting and isolating the malicious nodes. A trust counter for each node is determined which can be actively increased and decreased depending upon the trust value for the purpose of forwarding the packets from source node to destination node with the help of intermediate nodes. A threshold level is also predetermined to detect the malicious nodes. If the value of the node in trust counter is less than the threshold value then the node is denoted ‘malicious’. The second part of our protocol deals with the security in the link layer. For this security reason we have used CTR (Counter) approach for authentication and encryption. We have simulated all our strategies and schemes in NS-2, the result of which gives a conclusion that our proposed protocol i.e. Assured Neighbor based Security Protocol can perform high packet delivery against various intruders and also packet delivery ratio against mobility with low delays and low overheads.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document summarizes a research paper that aims to detect and prevent wormhole attacks in wireless sensor networks. It first provides background on wormhole attacks, where an attacker tunnels network traffic to another location to compromise routing. It then reviews related work detecting wormholes using cryptography, location verification, or intrusion detection. The paper proposes a system with guard nodes that collaboratively monitor links to detect compromised nodes. It describes modules for network topology establishment, attack establishment through different wormhole modes, and an elimination mechanism where guard nodes isolate attackers once malicious behaviors exceed thresholds. Simulations test the ability of this scheme to improve security against wormhole attacks in resource-constrained wireless sensor networks.
Detection and prevention of wormhole attack in mobile adhoc networksambitlick
This document discusses detection and prevention of wormhole attacks in mobile ad hoc networks. A wormhole attack is a powerful attack where two or more malicious nodes collude to tunnel packets between them, emulating a shorter route and attracting traffic. This can severely disrupt network communication. The paper proposes a novel trust-based scheme to identify wormhole-creating nodes without cryptography. Extensive simulations show the scheme effectively handles colluding malicious nodes without imposing extra network conditions.
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...ijsrd.com
The recent advancements in the wireless arena and their wide-spread utilization have introduced new security vulnerabilities. The wireless media being shared is exposed to outside world, so it is susceptible to various attacks at different layers of OSI network stack. For example, jamming and device tampering at the physical layer; disruption of the medium access control (MAC) layer; routing attacks like Blackhole, rushing, wormhole; targeted attacks on the transport protocol like session hijacking, SYN flooding or even attacks intended to disrupt specific applications through viruses, worms and Trojan Horses. Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing paths on MANET. In this paper, Wormhole detection algorithm (WDA) is proposed based on modifying the forwarding packet process that detects and isolates wormhole nodes in ad hoc on demand distance vector (AODV) routing protocol.
This document summarizes security issues and threats related to wireless sensor networks. It discusses how sensor networks deployed in hostile environments are vulnerable to attacks due to resource limitations. Common attacks include falsifying data, extracting private information, compromising network readings, and denial of service attacks. The document also analyzes security requirements at the link layer, including access control, message integrity, confidentiality, and discusses specific attacks like selective forwarding, sinkhole attacks, and HELLO flooding.
Attacks and counterattacks on wireless sensor networksijasuc
WSN is formed by autonomous nodes with partial memory, communication range, power, and bandwidth.
Their occupation depends on inspecting corporal and environmental conditions and communing through a
system and performing data processing. The application field is vast, comprising military, ecology,
healthcare, home or commercial and require a highly secured communication. The paper analyses different
types of attacks and counterattacks and provides solutions for the WSN threats.
This document provides an overview of security issues in wireless ad-hoc networks. It discusses the properties and functions of mobile ad-hoc networks (MANETs) including availability, authentication, confidentiality, and data integrity. It classifies attacks as internal/external and active/passive. Specific attacks like wormhole and black hole are described. Solutions to these attacks include packet leashes to restrict travel distance and binding user identity to trust levels. Key management is important, using group, symmetric, and shared keys. In conclusion, more research is needed to fully address security challenges in unpredictable wireless networks.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Analysis of denial of service (dos) attacks in wireless sensor networkseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Analysis of security threats in wireless sensor networkijwmn
Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide
in the past few years, so does the need for effective security mechanisms. The sensing technology
combined with processing power and wireless communication makes it lucrative for being exploited in
abundance in future. The inclusion of wireless communication technology also incurs various types of
security threats due to unattended installation of sensor nodes as sensor networks may interact with
sensitive data and /or operate in hostile unattended environments. These security concerns be addressed
from the beginning of the system design. The intent of this paper is to investigate the security related
issues in wireless sensor networks. In this paper we have explored general security threats in wireless
sensor network with extensive study.
This document discusses security challenges in mobile ad hoc networks (MANETs) and reviews several secure routing protocols proposed to address these challenges. It begins by introducing MANETs and explaining that routing in MANETs is difficult due to the dynamic topology. It then discusses common security goals for routing protocols like confidentiality, integrity, and availability. Several attacks on MANET routing protocols are described, including passive attacks like eavesdropping and active attacks like wormhole and blackhole attacks. The document proceeds to review six secure routing protocols for MANETs - DSDV, SAR, SAODV, SRP, Secure AODV using RSA signatures, and TORA - and describes their approaches to providing routing security. It concludes
WSN security faces many challenges due to limited sensor resources and operating in hostile environments. It requires high security levels to protect sensitive data while maintaining energy efficiency. However, current research has not fully addressed the conflict between security and limited resources. WSNs are vulnerable to various attacks like jamming, eavesdropping, and false routing. Providing security introduces additional processing and power demands on sensors. Many open research problems remain in developing scalable and dynamic security solutions for wireless sensor networks.
Energy Efficient and Secure, Trusted network discovery for Wireless Sensor Ne...IOSR Journals
This document describes a proposed energy efficient and secure trusted network discovery framework for wireless sensor networks called TARF. The framework aims to secure routing against attacks like sinkhole, wormhole, and Sybil attacks by evaluating the trustworthiness of neighboring nodes. It identifies untrustworthy nodes and routes around them. TARF also aims to be energy efficient. It uses elliptic curve cryptography for encryption and maintains a neighborhood table with trust and energy cost values to select low-cost, trusted next hop nodes for routing. The framework generates network certificates, starts sensor nodes, creates a trusted center, and has nodes find neighbors to select routing paths while avoiding attackers. Simulation results show certificate generation, node interfaces, the trusted center, and a node finding
Protecting Global Records Sharing with Identity Based Access Control ListEditor IJCATR
Generally, the information is stored in the database. Protecting sensitive information are encrypted before outsourcing to a
service provider. We send the request to service provider through SQL queries. The query expressiveness is limited by means of any
software-based cryptographical constructs then deployed, for server-side query working on the encrypted data.Data sharing in the
service provider is emerging as a promising technique for allowing users to access data. The growing number of customers who stores
their data in service provider is increasingly challenging users’ privacy and the security of data. The TrustedDB an outsourced
database prototype that allows clients to execute SQL queries with privacy and under regulatory compliance constraints by leveraging
server-hosted. Tamper-proof believed hardware in crucial query processing levels, thereby removing any limits on the type of
supported queries. It focuses on providing a dependable and secure data sharing service that allows users dynamic access to their
information. TrustedDB is constructed and runs on hardware, and its performance and costs are evaluated here.
Manet Security Breaches : Threat to A Secure Communication Platformpijans
Ad-hoc networks are the collection of autonomous nodes where all the nodes are configured dynamically
without any centralized management system. Mobile Adhoc Networks (MANETs) are self-configuring
network of mobile routers connected via a wireless link. However,the feature of decentralization and
dynamic configuration of nodes makes MANETs vulnerable to various security attacks,that are otherwise
not so common in a wired network. For mitigation of these attacks,several secured routing protocols are
being proposed till now. This paper provides the view of overall security breaches present in the Ad-hoc
Networks till now and will discuss in brief about the several proposed secure routing protocols.
Mobile ad-hoc networks are widely used in the tactical battlefield, emergency search and rescue missions. They are also well used in civilian ad-hoc situations like conferences and classrooms due to the ease and speed in setting up such networks. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. The wireless adhoc networks are mostly vulnerable to security attacks because of its features of open medium, dynamic topology, lack of centralized management and node mobility.
Study of Layering-Based Attacks in a Mobile Ad Hoc NetworksIRJET Journal
This document summarizes research on layering-based attacks in mobile ad hoc networks (MANETs). It begins with an abstract noting that MANETs are commonly used in military and disaster situations, but require high security due to challenges from their characteristics. The document then reviews constraints of MANETs like limited resources and transmission range. It examines security requirements for MANETs and various types of attacks against different network layers, including jamming, denial of service, link spoofing, selective forwarding, sinkhole, Sybil, black hole, and wormhole attacks. Finally, it concludes that no single mechanism can provide full security for MANETs due to their constraints, making security a challenge that requires mapping solutions to different aspects.
This document discusses security issues and proposed solutions for wireless sensor networks. It begins by defining wireless sensor networks and describing common applications. It then outlines several security threats like denial of service attacks, wormhole attacks, sybil attacks, and traffic analysis attacks. It also discusses proposed cryptography and authentication schemes to provide data confidentiality, integrity, and freshness. Finally, it advocates for a holistic security approach that considers all network layers rather than focusing on single layers.
Various OSI Layer Attacks and Countermeasure to Enhance the Performance of WS...IDES Editor
Wireless sensor networks are networks having non
wired infrastructure and dynamic topology. In OSI model each
layer is prone to various attacks, which halts the performance
of a network .In this paper several attacks on four layers of
OSI model are discussed and security mechanism is described
to prevent attack in network layer i.e wormhole attack. In
Wormhole attack two or more malicious nodes makes a covert
channel which attracts the traffic towards itself by depicting a
low latency link and then start dropping and replaying packets
in the multi-path route. This paper proposes promiscuous mode
method to detect and isolate the malicious node during
wormhole attack by using Ad-hoc on demand distance vector
routing protocol (AODV) with omnidirectional antenna. The
methodology implemented notifies that the nodes which are
not participating in multi-path routing generates an alarm
message during delay and then detects and isolate the
malicious node from network. We also notice that not only
the same kind of attacks but also the same kind of
countermeasures can appear in multiple layer. For example,
misbehavior detection techniques can be applied to almost all
the layers we discussed.
The document discusses security issues in mobile ad hoc networks (MANETs). It begins by introducing MANETs and noting their vulnerability to attacks due to lack of centralized authority. It then covers security goals, types of attacks (passive vs. active; internal vs. external), examples of passive attacks like eavesdropping and active attacks like jamming and wormholes. The document also discusses security schemes like intrusion detection and secure routing techniques. It concludes by identifying research issues around improving MANET security.
Different Types of Attacks and Detection Techniques in Mobile Ad Hoc NetworkEditor IJCATR
This document discusses different types of attacks against mobile ad hoc networks (MANETs) and detection techniques. It first provides background on MANETs and their security goals of availability, confidentiality, integrity, authentication, and non-repudiation. It then describes various attacks against MANETs, categorized by layer (application, transport, network) and type (passive, active, external, internal). At the network layer, specific attacks discussed include flooding, route tracking, message fabrication, blackhole, wormhole, grayhole, rushing, and link spoofing attacks. Detection techniques are also mentioned but not described in detail.
1) The document discusses providing security against distributed denial of service (DDOS) attacks in mobile ad hoc networks. It focuses on intrusion detection systems and detecting black hole and wormhole attacks.
2) Black hole attacks involve malicious nodes pretending to have valid routes to destinations in order to intercept packets. Wormhole attacks involve tunneling packets between two points in the network to attract traffic.
3) The document proposes using intrusion detection systems that use both signature-based and anomaly-based detection to identify these types of attacks without prior knowledge of signatures. It aims to provide a solution for detecting and mitigating DDOS attacks in ad hoc networks.
This document discusses security issues and attacks in mobile ad hoc networks (MANETs). It provides an introduction to MANETs and their characteristics. It outlines the general objectives of analyzing flooding attacks on MANETs and preventing such attacks for networks with high node mobility. It describes common attacks on MANETs such as flooding attacks, blackhole attacks, wormhole attacks, and Byzantine attacks. The document also discusses security mechanisms for MANETs including preventive cryptography-based approaches and reactive intrusion detection system approaches. It stresses the need for comprehensive security solutions to deal with the diverse attacks that are facilitated by the open and dynamic nature of MANETs.
Protocols for detection of node replication attack on wireless sensor networkIOSR Journals
This document summarizes two techniques for detecting node replication attacks in wireless sensor networks: centralized detection and distributed detection. Centralized detection involves nodes reporting information to a base station, which can detect replication by identifying conflicting location claims for the same node ID. Distributed detection techniques like witness-based strategies and deployment knowledge allow nodes to detect replication locally without a base station through methods like node broadcasting claims to witness nodes. The document analyzes the advantages and limitations of each approach.
1- Mobile ad hoc networks are formed dynamically by an
autonomous system of mobile nodes that are connected
via wireless links.
2- Multihop communication- node communicate with the
help of two or more node from source to destination.
3- No existing fixed infrastructure or centralized administration –No base station.
4- Mobile nodes are free to move randomly-Network topology changes frequently
5- May Operate as standalone fashion or also can be connected to the larger internet.
6- Each node work as router
Primary Goals of Security in MANET
To assure a reliable data transfer over the communication networks and to protect the system resources a number of security services are classified in five categories:-
1-Authentication:- The process of identifying an individual , usually based on a username and password.
2- Confidentially:- Confidentiality aims at protecting the data from disclosure to unauthorized person.
Network attacks against confidentiality
* Packet capturing
Password attack
Port scanning
Dumpster Diving
Wiretapping
Phishing and Pharming
2-Non repudiation:- Integrity guarantees that a message being transferred is never corrupted.
3- Integrity:- Integrity guarantees that a message being transferred is never corrupted.
network attack against integrity
Salami attack
trust relationship attacks
Man in the middle attack
Session hijacking attacks
4- Availability:- Its ensure that data ,network resources or network services are available to legitimate user when required.
network attack against availability
Denial of services attacks
Distributed denial of services attack
SYN flood attacks and ICMP flood attacks
Electrical power attacks
Server Room environment attacks
Key management
The security in networking is in many cases dependent on proper key management.
Key management consists of various services, of which each is vital for the security
of the networking systems
* Trust model:-Its must determine how much different element in the network can trust each other.
* Cryptosystem:- Public and symmetric key mechanism can be applied .
* Key creation:- It must determine which parties are allowed to generate key to themselves.
* Key storage :- In adhoc network any network element may have to store its own key and possibly key of other element as well.
* Key distribution:- The key management service must ensure that the generated keys are securely distributed to their owners.
DTADA: Distributed Trusted Agent Based Detection Approach For Doline And Sen...IOSR Journals
This document proposes a distributed trusted agent-based approach (DTADA) to detect and defend against cloning attacks and sinkhole attacks in wireless sensor networks. DTADA uses mobile agents that can move between nodes to detect attacks in a distributed manner without relying on a centralized authority. The mobile agents are programmed to identify inconsistencies that would indicate a cloning or sinkhole attack has occurred. The document reviews related work on centralized and local detection methods and their limitations. It then describes how DTADA uses mobile agents to efficiently detect attacks in a distributed way without high communication or energy costs.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Mobile ad hoc networks (MANETs) are collections of self-organizing mobile nodes with dynamic topologies and no centralized authority. Each node participating in the network acts both as host and a router. So each node can participate to transfer data packet to destination node but suppose one node in network is removed at time it is very difficult to maintain the information about all node. The main advantage and disadvantage of MANETs provides large number of degree of freedom and self-organizing capability of that make it completely different from other network. Due to the nature of MANETs, to design and development of secure routing is challenging task for researcher in an open and distributed communication environments. In MANET, the more security is required in comparison to wired network. If source node chooses this fake route, malicious nodes have the option of delivering the packets or dropping them.
Keywords: MANETs, Security, Cryptography.
Security Issues & Challenging Attributes in Mobile Ad-Hoc Networks (MANET)IRJET Journal
This document discusses security issues and challenges in mobile ad-hoc networks (MANETs). It begins with an introduction to MANETs and their key features. It then discusses different types of security attacks on MANETs, including active attacks like black hole attacks, wormhole attacks, and flooding attacks. It also covers passive attacks like eavesdropping. It analyzes security threats at different layers of the OSI model. Some of the major security challenges in MANETs are the lack of centralized monitoring, dynamic network topology, and limited resources. The document concludes that security is a major concern for applications using MANETs and more work is needed to develop efficient security algorithms for these networks.
Distributed Intrusion Detection System for Wireless Sensor NetworksIOSR Journals
This document discusses distributed intrusion detection systems for wireless sensor networks. It begins by providing background on wireless sensor networks and the security issues they face, such as denial of service attacks, routing attacks, and Sybil attacks. Traditional intrusion detection systems cannot be directly applied to wireless sensor networks due to their resource constraints. The document then examines the need for intrusion detection systems in wireless sensor networks to provide a second line of defense against attacks. It outlines features an intrusion detection system should have to be suitable for wireless sensor networks, such as being distributed, minimizing resource usage, and not trusting any single node. Finally, it categorizes different types of intrusion detection system architectures for wireless sensor networks, including stand-alone, distributed
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
Wireless sensor networks (WSNs) consists of small nodes with constrain capabilities. It enables numerous
applications with distributed network infrastructure. With its nature and application scenario, security of
WSN had drawn a great attention. In malicious environments for a functional WSN, security mechanisms
are essential. Malicious or internal attacker has gained attention as the most challenging attacks to
WSNs. Many works have been done to secure WSN from internal attacks but most of them relay on either
training data set or predefined thresholds. It is a great challenge to find or gain knowledge about the
Malicious. In this paper, we develop the algorithm in two stages. Initially, Abnormal Behaviour
Identification Mechanism (ABIM) which uses cosine similarity. Finally, Dempster-Shafer theory (DST)is
used. Which combine multiple evidences to identify the malicious or internal attacks in a WSN. In this
method we do not need any predefined threshold or tanning data set of the nodes.
A Review Paper on Network Layer attacks in MANETsijsrd.com
The security issues are the major consideration while implementing Mobile Ad hoc Networks (MANETs). Misbehavior of any node can do serious implications in this kind of dynamic network. A malicious or selfish node wants to preserve own resources along with using the services of other nodes and consumed their resources. Malicious nodes can break the rules and reduce the performance of well-behaved nodes significantly. This paper describes the different attacks and analysis of within Network Layer in MANETs.
Compared to wired networks, Ad hoc networks are more vulnerable to security attacks
due to the lack of trusted centralized authority, lack of trust relationships between nodes. This paper
focuses on Sybil attack and its detection. A malicious node can generate and control a large number
of logical identities on a single device. This gives the illusion to network as these are different
legitimate nodes. An algorithm is proposed using position verification to detect the Sybil attack. The
algorithm is implemented in Network Simulator and the throughput, and packet delivery ratio with
and without Sybil attack.
VARIOUS TYPES OF ATTACKS ON WIRELESS NETWORKSIRJET Journal
This document discusses various types of attacks on wireless networks, including sinkhole attacks, selective forwarding attacks, wormhole attacks, hello flood attacks, spoofed attacks, and colluding misrelay attacks. It provides details on how each attack works to disrupt wireless network operations or steal data. Sinkhole attacks aim to draw all network traffic to a compromised node. Selective forwarding attacks involve dropping packets selectively. Wormhole attacks tunnel traffic through an out-of-band connection between two attacker nodes. Hello flood attacks flood nodes with hello messages to disrupt routing. Spoofed attacks involve impersonating another user on the network. Colluding misrelay attacks involve groups of nodes cooperating to disrupt routing traffic flows. The document emphasizes that wireless
Similar to REPLICATION ATTACK MITIGATIONS FOR STATIC AND MOBILE WSN (20)
Determination of Equivalent Circuit parameters and performance characteristic...pvpriya2
Includes the testing of induction motor to draw the circle diagram of induction motor with step wise procedure and calculation for the same. Also explains the working and application of Induction generator
This study Examines the Effectiveness of Talent Procurement through the Imple...DharmaBanothu
In the world with high technology and fast
forward mindset recruiters are walking/showing interest
towards E-Recruitment. Present most of the HRs of
many companies are choosing E-Recruitment as the best
choice for recruitment. E-Recruitment is being done
through many online platforms like Linkedin, Naukri,
Instagram , Facebook etc. Now with high technology E-
Recruitment has gone through next level by using
Artificial Intelligence too.
Key Words : Talent Management, Talent Acquisition , E-
Recruitment , Artificial Intelligence Introduction
Effectiveness of Talent Acquisition through E-
Recruitment in this topic we will discuss about 4important
and interlinked topics which are
A high-Speed Communication System is based on the Design of a Bi-NoC Router, ...DharmaBanothu
The Network on Chip (NoC) has emerged as an effective
solution for intercommunication infrastructure within System on
Chip (SoC) designs, overcoming the limitations of traditional
methods that face significant bottlenecks. However, the complexity
of NoC design presents numerous challenges related to
performance metrics such as scalability, latency, power
consumption, and signal integrity. This project addresses the
issues within the router's memory unit and proposes an enhanced
memory structure. To achieve efficient data transfer, FIFO buffers
are implemented in distributed RAM and virtual channels for
FPGA-based NoC. The project introduces advanced FIFO-based
memory units within the NoC router, assessing their performance
in a Bi-directional NoC (Bi-NoC) configuration. The primary
objective is to reduce the router's workload while enhancing the
FIFO internal structure. To further improve data transfer speed,
a Bi-NoC with a self-configurable intercommunication channel is
suggested. Simulation and synthesis results demonstrate
guaranteed throughput, predictable latency, and equitable
network access, showing significant improvement over previous
designs
Tools & Techniques for Commissioning and Maintaining PV Systems W-Animations ...Transcat
Join us for this solutions-based webinar on the tools and techniques for commissioning and maintaining PV Systems. In this session, we'll review the process of building and maintaining a solar array, starting with installation and commissioning, then reviewing operations and maintenance of the system. This course will review insulation resistance testing, I-V curve testing, earth-bond continuity, ground resistance testing, performance tests, visual inspections, ground and arc fault testing procedures, and power quality analysis.
Fluke Solar Application Specialist Will White is presenting on this engaging topic:
Will has worked in the renewable energy industry since 2005, first as an installer for a small east coast solar integrator before adding sales, design, and project management to his skillset. In 2022, Will joined Fluke as a solar application specialist, where he supports their renewable energy testing equipment like IV-curve tracers, electrical meters, and thermal imaging cameras. Experienced in wind power, solar thermal, energy storage, and all scales of PV, Will has primarily focused on residential and small commercial systems. He is passionate about implementing high-quality, code-compliant installation techniques.
Open Channel Flow: fluid flow with a free surfaceIndrajeet sahu
Open Channel Flow: This topic focuses on fluid flow with a free surface, such as in rivers, canals, and drainage ditches. Key concepts include the classification of flow types (steady vs. unsteady, uniform vs. non-uniform), hydraulic radius, flow resistance, Manning's equation, critical flow conditions, and energy and momentum principles. It also covers flow measurement techniques, gradually varied flow analysis, and the design of open channels. Understanding these principles is vital for effective water resource management and engineering applications.
Null Bangalore | Pentesters Approach to AWS IAMDivyanshu
#Abstract:
- Learn more about the real-world methods for auditing AWS IAM (Identity and Access Management) as a pentester. So let us proceed with a brief discussion of IAM as well as some typical misconfigurations and their potential exploits in order to reinforce the understanding of IAM security best practices.
- Gain actionable insights into AWS IAM policies and roles, using hands on approach.
#Prerequisites:
- Basic understanding of AWS services and architecture
- Familiarity with cloud security concepts
- Experience using the AWS Management Console or AWS CLI.
- For hands on lab create account on [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
# Scenario Covered:
- Basics of IAM in AWS
- Implementing IAM Policies with Least Privilege to Manage S3 Bucket
- Objective: Create an S3 bucket with least privilege IAM policy and validate access.
- Steps:
- Create S3 bucket.
- Attach least privilege policy to IAM user.
- Validate access.
- Exploiting IAM PassRole Misconfiguration
-Allows a user to pass a specific IAM role to an AWS service (ec2), typically used for service access delegation. Then exploit PassRole Misconfiguration granting unauthorized access to sensitive resources.
- Objective: Demonstrate how a PassRole misconfiguration can grant unauthorized access.
- Steps:
- Allow user to pass IAM role to EC2.
- Exploit misconfiguration for unauthorized access.
- Access sensitive resources.
- Exploiting IAM AssumeRole Misconfiguration with Overly Permissive Role
- An overly permissive IAM role configuration can lead to privilege escalation by creating a role with administrative privileges and allow a user to assume this role.
- Objective: Show how overly permissive IAM roles can lead to privilege escalation.
- Steps:
- Create role with administrative privileges.
- Allow user to assume the role.
- Perform administrative actions.
- Differentiation between PassRole vs AssumeRole
Try at [killercoda.com](https://killercoda.com/cloudsecurity-scenario/)
Impartiality as per ISO /IEC 17025:2017 StandardMuhammadJazib15
This document provides basic guidelines for imparitallity requirement of ISO 17025. It defines in detial how it is met and wiudhwdih jdhsjdhwudjwkdbjwkdddddddddddkkkkkkkkkkkkkkkkkkkkkkkwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwioiiiiiiiiiiiii uwwwwwwwwwwwwwwwwhe wiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq gbbbbbbbbbbbbb owdjjjjjjjjjjjjjjjjjjjj widhi owqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq uwdhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhwqiiiiiiiiiiiiiiiiiiiiiiiiiiiiw0pooooojjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj whhhhhhhhhhh wheeeeeeee wihieiiiiii wihe
e qqqqqqqqqqeuwiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiqw dddddddddd cccccccccccccccv s w c r
cdf cb bicbsad ishd d qwkbdwiur e wetwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww w
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffw
uuuuhhhhhhhhhhhhhhhhhhhhhhhhe qiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii iqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc ccccccccccccccccccccccccccccccccccc bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbu uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuum
m
m mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm m i
g i dijsd sjdnsjd ndjajsdnnsa adjdnawddddddddddddd uw
Height and depth gauge linear metrology.pdfq30122000
Height gauges may also be used to measure the height of an object by using the underside of the scriber as the datum. The datum may be permanently fixed or the height gauge may have provision to adjust the scale, this is done by sliding the scale vertically along the body of the height gauge by turning a fine feed screw at the top of the gauge; then with the scriber set to the same level as the base, the scale can be matched to it. This adjustment allows different scribers or probes to be used, as well as adjusting for any errors in a damaged or resharpened probe.
Build the Next Generation of Apps with the Einstein 1 Platform.
Rejoignez Philippe Ozil pour une session de workshops qui vous guidera à travers les détails de la plateforme Einstein 1, l'importance des données pour la création d'applications d'intelligence artificielle et les différents outils et technologies que Salesforce propose pour vous apporter tous les bénéfices de l'IA.
REPLICATION ATTACK MITIGATIONS FOR STATIC AND MOBILE WSN
1. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
DOI : 10.5121/ijnsa.2011.3210 122
REPLICATION ATTACK MITIGATIONS FOR STATIC
AND MOBILE WSN
V.Manjula1
and Dr.C.Chellappan 2
1
Department of Computer science and Engineering, Anna University, Chennai, India
manjuvv@yahoo.com, drcc@annauniv.edu
ABSTRACT
Security is important for many sensor network applications. Wireless Sensor Networks (WSN) are often
deployed in hostile environments as static or mobile, where an adversary can physically capture some of
the nodes. once a node is captured, adversary collects all the credentials like keys and identity etc. the
attacker can re-program it and replicate the node in order to eavesdrop the transmitted messages or
compromise the functionality of the network. Identity theft leads to two types attack: clone and sybil. In
particularly a harmful attack against sensor networks where one or more node(s) illegitimately claims an
identity as replicas is known as the node replication attack. The replication attack can be exceedingly
injurious to many important functions of the sensor network such as routing, resource allocation,
misbehavior detection, etc.
This paper analyzes the threat posed by the replication attack and several novel techniques to
detect and defend against the replication attack, and analyzes their effectiveness in both static and mobile
WSN.
KEYWORDS
Security, Clone, Sybil, node replication attack, static and mobile WSN.
1. INTRODUCTION
A Wireless Sensor Network (WSN) is a collection of sensors with limited resources that
collaborate in order to achieve a common goal. Sensor nodes operate in hostile environments
such as battle fields and surveillance zones. Due to their operating nature, WSNs are often
unattended, hence prone to several kinds of novel attacks.
The mission-critical nature of sensor network applications implies that any compromise or loss
of sensory resource due to a malicious attack launched by the adversary-class can cause
significant damage to the entire network. Sensor nodes deployed in a battlefield may have
intelligent adversaries operating in their surroundings, intending to subvert damage or hijack
messages exchanged in the network. The compromise of a sensor node can lead to greater
damage to the network. The resource challenged nature of environments of operation of sensor
nodes largely differentiates them from other networks. All security solutions proposed for
sensor networks need to operate with minimal energy usage, whilst securing the network. So the
basic security requirements of WSN are availability, confidentiality, integrity and
communications [16].
We classify sensor network attacks into three main categories [7] [8]: Identity Attacks, Routing
Attacks & Network Intrusion. Identity attacks intend to steal the identities of legitimate nodes
operating in the sensor network. The identity attacks are Sybil attack and Clone (Replication)
attack. In a Sybil attack, the WSN is subverted by a malicious node which forges a large
number of fake identities in order to disrupt the network’s protocols. A node replication attack
is an attempt by the adversary to add one or more nodes to the network that use the same ID as
another node in the network.
2. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
Routing attack intend to place the Rogue nodes on a routing path from a source to the base
station may attempt to tamper with or discard le
attacks are Sinkhole Attack, False routing information attack, Selective forwarding attack, and
Wormholes. The adversary creates a large sphere of influence, which will attract all traffic
destined for the base station from nodes which may be several hops away from the
compromised node which is known as
fake routing control packets into the network. Compromised node may refuse to forward or
forward selective packets called as
more malicious colluding nodes create higher le
employed to transport packets between the tunnel end points.
Network intrusion is an unauthorized access to a system by either an external perpetrator, or by
an insider with lesser privileges.
In this paper we are concentrating on an identity attack called replication attack where one or
more nodes illegitimately claim an identity of legitimate node and replicated in whole WSN
network as shown Figure 1. Reason for choosing this attack is that it can form the basi
variety attacks such as Sybil attack, routing attacks and link layer attacks etc. also called as
denial of service attacks which affects
The detection of node replication attacks in a wireless sensor network is therefore a fundamental
problem. A few centralized and distributed solutions have recently been proposed. However,
these solutions are not satisfactory. First, they are energy and me
drawback for any protocol that is to be used in resource constrained environment such as a
sensor network. Further, they are vulnerable to specific adversary models introduced in this
paper.
The rest of this paper is organized as
attack nature; section 3 studies analysis of detection and countermeasure of replication attacks
and presents discussion and summary. In section 4 presents our proposed model and in section 5
concludes the paper.
2. SIGNIFICANCE OF REPLICATION
2.1 Goals
For a given sensor network, we assume that sensor node not tamper proof and deployed in
unattended location. The adversary can capture the node collect all the secret keys, da
code stored on it. All the credentials are exposed to the attacker. The attacker can easily
replicate it in a large number of clones and deploy them on the network. This node replication
attack can be the basis for launching a variety of attacks su
[7]. If there are many replicated nodes, they can multiply the damage to the network. Therefore,
we should quickly detect replicated nodes. The scheme should also revoke the replicated nodes,
International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
Routing attack intend to place the Rogue nodes on a routing path from a source to the base
station may attempt to tamper with or discard legitimate data packets. Some of the routing
False routing information attack, Selective forwarding attack, and
. The adversary creates a large sphere of influence, which will attract all traffic
ation from nodes which may be several hops away from the
compromised node which is known as sinkhole attack. False routing attack means that injecting
fake routing control packets into the network. Compromised node may refuse to forward or
forward selective packets called as Selective forwarding attack. In the wormhole attack
more malicious colluding nodes create higher level virtual tunnel in the network, which is
employed to transport packets between the tunnel end points.
Network intrusion is an unauthorized access to a system by either an external perpetrator, or by
an insider with lesser privileges.
re concentrating on an identity attack called replication attack where one or
more nodes illegitimately claim an identity of legitimate node and replicated in whole WSN
. Reason for choosing this attack is that it can form the basi
variety attacks such as Sybil attack, routing attacks and link layer attacks etc. also called as
which affects availability of network.
Figure1. Replication Attack
The detection of node replication attacks in a wireless sensor network is therefore a fundamental
problem. A few centralized and distributed solutions have recently been proposed. However,
these solutions are not satisfactory. First, they are energy and memory demanding: A serious
drawback for any protocol that is to be used in resource constrained environment such as a
sensor network. Further, they are vulnerable to specific adversary models introduced in this
The rest of this paper is organized as follows; section 2 presents the significance of replication
attack nature; section 3 studies analysis of detection and countermeasure of replication attacks
and presents discussion and summary. In section 4 presents our proposed model and in section 5
REPLICATION ATTACK AND BACKGROUND
For a given sensor network, we assume that sensor node not tamper proof and deployed in
unattended location. The adversary can capture the node collect all the secret keys, da
code stored on it. All the credentials are exposed to the attacker. The attacker can easily
replicate it in a large number of clones and deploy them on the network. This node replication
attack can be the basis for launching a variety of attacks such as DoS attacks and Sybil attacks
[7]. If there are many replicated nodes, they can multiply the damage to the network. Therefore,
we should quickly detect replicated nodes. The scheme should also revoke the replicated nodes,
International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
123
Routing attack intend to place the Rogue nodes on a routing path from a source to the base
gitimate data packets. Some of the routing
False routing information attack, Selective forwarding attack, and
. The adversary creates a large sphere of influence, which will attract all traffic
ation from nodes which may be several hops away from the
means that injecting
fake routing control packets into the network. Compromised node may refuse to forward or
wormhole attack, two or
vel virtual tunnel in the network, which is
Network intrusion is an unauthorized access to a system by either an external perpetrator, or by
re concentrating on an identity attack called replication attack where one or
more nodes illegitimately claim an identity of legitimate node and replicated in whole WSN
. Reason for choosing this attack is that it can form the basis of a
variety attacks such as Sybil attack, routing attacks and link layer attacks etc. also called as
The detection of node replication attacks in a wireless sensor network is therefore a fundamental
problem. A few centralized and distributed solutions have recently been proposed. However,
mory demanding: A serious
drawback for any protocol that is to be used in resource constrained environment such as a
sensor network. Further, they are vulnerable to specific adversary models introduced in this
follows; section 2 presents the significance of replication
attack nature; section 3 studies analysis of detection and countermeasure of replication attacks
and presents discussion and summary. In section 4 presents our proposed model and in section 5
BACKGROUND
For a given sensor network, we assume that sensor node not tamper proof and deployed in
unattended location. The adversary can capture the node collect all the secret keys, data, and
code stored on it. All the credentials are exposed to the attacker. The attacker can easily
replicate it in a large number of clones and deploy them on the network. This node replication
ch as DoS attacks and Sybil attacks
[7]. If there are many replicated nodes, they can multiply the damage to the network. Therefore,
we should quickly detect replicated nodes. The scheme should also revoke the replicated nodes,
3. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
124
so that nonfaulty nodes in the network cease to communicate with any nodes injected in this
fashion. We evaluate each protocol’s security by examining the probability of detecting an
attack given that the adversary inserts L replicas of a subverted node. The protocol must provide
robust detection even if the adversary captures additional nodes. We also evaluate the efficiency
of each protocol. The Communication (for both sending and receiving) among nodes requires at
least an order of magnitude power than any other operation. So our first priority to minimize the
communication cost for both whole network and individual nodes (hotspots quickly exhausts
power), which one of the limitation of WSN. Another limitation is memory. Thus any protocol
requiring a large amount of memory will be impractical.
2.2 Sensor Network Environments
A sensor network typically consists of hundreds, or even thousands, of small, low-cost nodes
distributed over a wide area. The nodes are expected to function in an unsupervised fashion
even if new nodes are added, or old nodes disappear (e.g., due to power loss or accidental
damage). While some networks include a central location for data collection, many operate in an
entirely distributed manner, allowing the operators to retrieve aggregated data from any of the
nodes in the network. Furthermore, data collection may only occur at irregular intervals.
For example, many military applications strive to avoid any centralized and fixed points of
failure. Instead, data is collected by mobile units (e.g., unmanned aerial units, foot soldiers, etc.)
that access the sensor network at unpredictable locations and utilize the first sensor node they
encounter as a conduit for the information accumulated by the network. Since these networks
often operate in an unsupervised fashion for long periods of time, we would like to detect a
node replication attack soon after it occurs. If we wait until the next data collection cycle, the
adversary has time to use its presence in the network to corrupt data, decommission legitimate
nodes, or otherwise subvert the network’s intended purpose.
We also assume that the adversary cannot readily create new IDs for nodes. Newsome et al.
describe several techniques to prevent the adversary from deploying nodes with arbitrary IDs.
For example, we can tie each node’s ID to the unique knowledge it possesses. If the network
uses a key predistribution scheme, then a node’s ID could correspond to the set of secret keys it
shares with its neighbors (e.g., a node’s ID is given by the hash of its secret keys). In this
system, an adversary gains little advantage by claiming to possess an ID without actually
holding the appropriate keys. Assuming the sensor network implements this safeguard, an
adversary cannot create a new ID without guessing the appropriate keys (for most systems, this
is infeasible), so instead the adversary must capture and clone a legitimate node.
3. SOLUTIONS TO REPLICATION ATTACKS AND
COUNTERMEASUREMENTS
Solutions to replication attack should follow three key design goals for replica detection
schemes. First, replica nodes should be detected with minimal communication, computational,
and storage overheads. Second, the detection schemes should be robust and highly resilient
against an attacker’s attempt to break them. More specifically, the schemes should detect
replicas unless the attacker compromises a substantial number of nodes. Finally, there should be
no false positives, meaning that only compromised and replica nodes would be detected and
revoked. This is important to prevent the attacker from turning a replica detection scheme into a
tool for denial of service attacks.
Replication attack detection protocols classified as in the Figure 2 are two categories of static
WSN: Centralized and Distributed approaches. These approaches have their own merits and
demerits. The main idea of these schemes are to have nodes report location claims that identify
their positions and attempt to detect conflicting reports that signal one node in multiple
locations. This requires every node to sign and send a location claim, and verify and store the
4. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
125
Replication Attack
Detection (static WSN)
Distributed DetectionCentralized
Detection
Witness Based
strategy
Node-to
network
Broadcasting
With Deployment
knowledge
Deterministic
Multicast
(DM)
Random
Multicast
(RM)
Line
Selected
Multicast
(LSM)
Randomized
Efficient
Distributed
detection
(RED)
Localized
Multicast –
(SDC, M-PMC)
Basic SET –
Local
Detection
With
predistibution
key
Finger print -
With
neighborhoods
Group
Deployment
Order of
Deployment
without
location
knowledge
Deployment
with location
knowledge
signed location claim of every other node. These protocols, except knowledge about
deployment order, are not suitable for mobile WSN since location changes time to time. Figure
3 shows replication attack mitigations in mobile WSN.
Figure 2. Replication Attack Detection Taxonomy for static WSN
Figure 3. Replication Attack Detection Taxonomy for mobile WSN
3.1 Centralized Detection Approaches
In static WSN, The centralized approaches are simple, local detection (SET) and With
the Context of random key predistribution and in mobile WSN, fast detection scheme
with Sequential probability ratio test (SPRT) have been analysed.
Replication attack detection
(mobile WSN)
Centralized Distributed
eXtremely Efficient
Detection (XED)
Efficient Distributed
Detection (EDD),
Storage - EDD
Fast detection - Sequential
probability ratio test
(SPRT)
Unary- Time-Location
Storage & Exchange
(UTLSE), Multi-Time-
location Storage &
Diffusion (MTLSD)
5. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
126
3.1.1 Simple Approach
In a simple Centralized approach, the Base Station (BS) acts as centralized entity, each node
sends a list of its neighbor nodes and their claimed locations to a base station. If the base station
finds that there are two far distant locations for one node ID, then the node clone must have
occurred. The BS simply broadcasts through the whole network to expel the cloned nodes.
Then, the BS will revoke the replicated nodes. This solution has several drawbacks, for
instance: Single point of failure (BS) or any compromise to BS, and high communication cost
due to the relevant number of exchanged messages. Furthermore, the nodes closest to the base
station will receive the brunt of the routing load and will become attractive targets for the
adversary. The protocol also delays revocation, since the base station must wait for all of the
reports to come in, analyze them for conflicts and then flood revocations throughout the
network. A distributed or local protocol could potentially revoke replicated nodes in a more
timely fashion.
3.1.2 Local Detection (SET)
Next proposed solutions rely on local detection [4]; using localized voting mechanism, a set of
neighbors can agree on the replication of a given node that has been replicated within the
neighborhood. However, this kind of method fails to detect replicated nodes that are not within
the same neighborhood. SET manages to reduce the communication cost of the preceding
approach by computing set operations of exclusive subsets in the network. First, SET launches
an exclusive subset maximal independent set (ESMIS) algorithm which forms exclusive unit
subsets among one-hop neighbors in an only one disjointed subset which are controlled by a
randomly decided leader.
Then those subsets, as in the basic scheme, are transmitted by leaders to the base station such
that it can construct all nodes locations and detect clones. Since the subset division procedure
eliminates redundancy in the node location reports, SET lowers the communication cost.
However, in order to prevent malicious nodes in the ESMIS algorithm, an authenticated subset
covering protocol has to be performed, which increases the communication overload and
complicates the detection procedure. SET also employs a tree structure to compute non-
overlapped set operations and integrates interleaved authentication to prevent unauthorized
falsification of subset information during forwarding. Randomization is used to further make the
exclusive subset and tree formation unpredictable to an adversary.
3.1.3 With the Context of Random Key Predistribution
Brooks et al. [9] propose a clone detection protocol in the context of random key
predistribution. The basic idea is that keys that are present on the cloned nodes are detected by
looking at how often they are used to authenticate nodes in the network. First each node makes
a counting Bloom filter of the keys it uses to communicate with neighboring nodes and appends
a nonce. Then Bloom filter and nonce are transferred to base station, which will count the
number of times each key is used in the network. Key usage exceeds a threshold can be thought
of as suspicious. In fact, it is detecting cloned keys rather than cloned nodes. In the protocol,
every node reports its keys to a base station and then the base station uses a statistical approach
to find cloned keys. A big problem in this kind of approaches is the high false negative and
positive rates. Furthermore, honesty of the malicious nodes while reporting their keys is
uncertain.
3.1.4 Fast detection with SPRT for Mobile WSN
This section presents the technique to detect replica attacks in mobile sensor networks. In static
sensor networks, a sensor node can be considered to be replicated if it is placed at more than one
location. However, if nodes are allowed to freely roam throughout the network, the above
6. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
127
technique does not work because the mobile node’s location will continuously change as it
moves. Hence, it is imperative to use some other technique to detect replica nodes in mobile
sensor networks. Fortunately, mobility provides us with a clue that can help resolve the mobile
replica detection problem. Specifically, a mobile sensor node should never move faster than the
system-configured maximum speed [12]. Accordingly, if we observe that the mobile node’s
speed is over the maximum speed, it is then highly likely that at least two nodes with the same
identity are present in the network. We propose a mobile replica detection scheme by leveraging
this intuition. It is based on the Sequential Probability Ratio Test (SPRT) which is a statistical
decision process. SPRT has been proven to be the best mechanism in terms of the average
number of observations that are required to reach a decision among all sequential and non-
sequential test processes. SPRT can be thought of as one dimensional random walk with lower
and upper limits. Before the random walk starts, null and alternate hypotheses are defined in
such a way that the null one is associated with the lower limit and the alternate one is associated
with the upper limit. A random walk starts from a point between two limits and moves toward
the lower or upper limit in accordance with each observation. If the walk reaches or exceeds the
lower or upper limit, it terminates and the null or alternate hypothesis is selected, respectively.
We believe that SPRT is well suited for tackling the mobile replica detection problem in the
sense that we can construct a random walk with two limits in such a way that each walk is
determined by the observed speed of a mobile node; the lower and upper limits are properly
configured to be associated with the shortfall and excess of the maximum speed of the mobile
node, respectively. We apply SPRT to the mobile replica detection problem as follows. Each
time a mobile sensor node moves to a new location, each of its neighbors asks for a signed
claim containing its location and time information and decides probabilistically whether to
forward the received claim to the base station. The base station computes the speed from every
two consecutive claims of a mobile node and performs the SPRT by taking speed as an
observed sample. Each time maximum speed is exceeded by the mobile node; it will expedite
the random walk to hit or cross the upper limit and thus lead to the base station accepting the
alternate hypothesis that the mobile node has been replicated. On the other hand, each time the
maximum speed of the mobile node is not reached, it will expedite the random walk to hit or
cross the lower limit and thus lead to the base station accepting the null hypothesis that mobile
node has not been replicated. Once the base station decides that a mobile node has been
replicated, it initiates revocation on the replica nodes.
3.2 Distributed Detection Approaches
Distributed detection approaches can be classified broadly in to three categories in Static WSN:
Node-to network Broadcasting, Witness Based strategy, and With Deployment knowledge.
eXtremely Efficient Detection (XED), Efficient Distributed Detection EDD), storage EDD,
Unary- Time-Location Storage & Exchange (UTLSE), and Multi-Time- location Storage &
Diffusion (MTLSD) are detection approaches in Mobile WSN.
3.2.1 Node-to network Broadcasting
This detection approach utilizes a simple broadcast protocol. Basically, each node in the
network uses an authenticated broadcast message to flood the network with its location
information. Each node stores the location information for its neighbors and if it receives a
conflicting claim, revokes the offending node. This protocol achieves 100% detection of all
duplicate location claims if the broadcasts reach every node. This assumption becomes false
when the adversary jams key areas or otherwise interferes with communication paths through
the network. Nodes could employ redundant messages or authenticated acknowledgment
techniques to try to thwart such an attack. In terms of efficiency, this protocol requires each
node to store location information about its d neighbors. One node’s location broadcast requires
O(n) messages, assuming the nodes employ a duplicate suppression algorithm in which each
7. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
128
node only broadcasts a given message once. Thus, the total communication cost for the protocol
is O(n2
). Given the simplicity of the scheme and the level of security achieved, this cost may be
justifiable for small networks. However, for large networks, the O(n2
) factor is too costly, so we
investigate schemes with a lower cost.
3.2.2 Witness Based strategy
Most of the existing distributed detection protocols [1], [4], [5] adopt the witness finding
strategy, in which each node finds a set of sensor nodes somewhere as the witnesses for
checking whether there are the same IDs used at different locations, to detect the replicas.
In Deterministic Multicast (DM) [1], to improve on the communication cost of the previous
protocol, we describe a detection protocol that only shares a node’s location claim with a
limited subset of deterministically chosen “witness” nodes. When a node broadcasts its location
claim, its neighbors forward that claim to a subset of the nodes called ‘witnesses’. The witnesses
are chosen as a function of the node’s ID. If the Adversary replicates a node, the witnesses will
receive two different location claims for the same node ID. The conflicting location claims
become evidence to trigger the revocation of the replicated node.
In the Random Multicast (RM) [1], when a node broadcasts its location, each of its neighbors
sends (with probability p) a digitally signed copy of the location claim to a set of randomly
selected nodes. Assuming there is a replicated node, if every neighbor randomly selects O(√n)
destinations, then exploiting the birthday paradox, there is a non negligible probability at least
one node will receive a pair of non coherent location claims. The node that detects the existence
of another node in two different locations within the same time-frame will be called witness.
The RM protocol implies high communication costs: Each neighbor has to send O(√n)
messages.
In the Line Selected Multicast (LSM)[1]protocol, uses the routing topology of the network to
detect replication, each node which forwards claims also saves the claim. That is, the
forwarding nodes are also witness nodes of a node which has the node ID in a claim. Therefore,
LSM gives a higher detection rate than that of RM. However, both protocols have relatively
lower detection rates compared with RED.
In the Randomized Efficient Distributed detection (RED) protocol [5], a trusted entity
broadcasts a one-time seed to the whole network. The location of the witness node of a node is
determined from the node ID and the seed. Because the seed changes every time, an attacker
cannot specify the location of a witness node in advance. The authors of RED said one can also
use distributed protocol without a trusted entity such as a local leader election mechanism to
create a one-time seed. However, the authors did not mention how to create it; moreover, the
local leader election mechanism creates a local leader from a small number of sensor nodes.
Even worse, the method does not consider the existence of compromised nodes. Therefore, we
cannot use it to create a global leader of a sensor network composed of a large number of nodes
with some of them compromised.
In Localized Multicast – (SDC, M-PMC)[4] scheme, each node sends a location claim message
to a predetermined cell which is grouped in a geographically separated region. Upon arriving at
a cell, this message is broadcasted and stored probabilistically at the witness nodes within the
cell. Therefore, the detection rate and the communication overhead are tightly related to the
number of nodes and the fraction of witness nodes, which store the location claim message in a
cell. However, this scheme is not robust when all nodes within a predetermined cell are
compromised.
In the Single Deterministic Cells (SDC) and Parallel Multiple Probabilistic Cells (PMPC)
approaches [4], a set of witness nodes located in the vicinity are chosen for each node by using a
public known Hash function. Based on the assumption that there is a very efficient way to
8. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
129
broadcast a pseudorandom number to all of the sensor nodes periodically, RED [5] also adopts
the witness finding strategy to detect the node replication attacks but with less communication
cost. The sensor network is considered to be a geographic grid. In the SDC protocol, witness
nodes candidates of one node are all nodes of a grid. The grid is statically determined by the
node ID, but which nodes in the grid actually become witness nodes are determined randomly.
In P-MPC, to increase resiliency to many compromised nodes, the candidate witness nodes for
one node are all nodes of several grids.
3.2.3 With Deployment knowledge
Bekara and Laurent-Maknavicious proposed a new protocol for securing WSN against nodes
replication attacks by limiting the order of deployment [9] and no knowledge of nodes
deployment locations. Their scheme requires sensors to be deployed progressively in successive
generations. Each node belongs to a unique generation. In their scheme, only newly deployed
nodes are able to establish pair-wise keys with their neighbors, and all nodes in the network
know the number of highest deployed generation. Therefore, the clone nodes will fail to
establish pair-wise keys with their neighbors since the clone nodes belong to an old deployed
generation.
Xing et al. [10] proposed an approach that achieves real-time detection of clone attacks in WSN.
In their approach, each sensor computes a fingerprint by incorporating the neighborhood
information through a superimposed s-disjunct code. Each node stores the fingerprint of all
neighbors. Whenever a node sends a message, the fingerprint should be included in the message
and thus neighbours can verify the fingerprint. The messages sent by clone nodes deployed in
other locations will be detected and dropped since the fingerprint does not belong to the same
“community”.
Group deployment knowledge scheme [6] is based on the assumption that nodes are deployed
in groups, which is realistic for many deployment scenarios. By taking advantage of group
deployment knowledge, the proposed schemes perform replica detection in a distributed,
efficient, and secure manner. The sensors can be preloaded with relevant knowledge about their
own group’s membership and all group locations. Then, the sensors in the same group should be
deployed at the same time in the location given to that group. Three schemes have been
discussed: Basic, Location claim and multi-group approaches. A basic way to stop replica
attack, each node only accept the messages from the member’s of their own group(trusted
nodes) not from other groups (untrusted nodes). It stops inter communication between groups.
Advantage of this basic scheme is low communication and computational or memory overhead.
But the problem is even honest nodes suffers for communication due to deployments points far
away from their group. The network becomes poorly connected and not suitable for high
resilient applications. To solve this problem, scheme 2 also forwards messages from untrusted
nodes as long as they provide provable evidence that they are not replicas, but based on only
predetermined locations for replica detection. Scheme 2 Achieves high replication detection
capability with less communication, computational and storage overheads than scheme 1. But
there is risk of DoS by flooding fake claims.
To protect against this kind of aggressive adversary, every sensor node sends its neighbor’s
location claims to multiple groups rather than a single group. This greatly improves our
scheme’s robustness, while this scheme has higher communication overhead. It can provide a
trade-off between the overhead and resilience to attack. This scheme provides very strong
resilience to node compromise. Since Attacker needs to compromise multiple groups of nodes
to prevent replicas being undetected. Disadvantage of this scheme is more overheads than
scheme 2.
9. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
130
3.2.4 Mobile WSN Distributed Detection approaches
In eXtremely Efficient Detection (XED)[13], the basic operations of this protocol are as follows:
Once two sensor nodes encounter each other, they respectively generate a random number, and
then exchange the random numbers. If the two nodes meet again, both of them request the other
for the random number exchanged at earlier time. If the other cannot reply or replies a number
which does not match the number stored in its memory, it announces the detection of a replica.
To a smart attacker, this scheme is weak, and he/she can establish secret channels among
replicas. By this way, replicas can share the random numbers, and make the protocol fail. Only
constant communication cost O(1) is required and the location information of sensor nodes
is unnecessary.
The basic idea behind Efficient and Distributed Detection (EDD) and Storage EDD [14]
schemes is: 1) for network without replicas, the number of times, µ1, that the node u encounters
a specific node v, should be limited in a given time interval of length T with high probability
2) for a network with two replicas v, the number of times µ2, that u encounters the replicas with
a same ID should be larger than a threshold within the time interval of length T. According to
these observations, if each node can discriminate between these two cases, each node has the
ability to identify the replicas. The EDD scheme composed of two steps: off-line and on-line.
Off-line step is performed by the network planner before sensor deployment, to calculate the
parameters time period T and threshold. Online step performed by each node per move. Each
checks whether the encountered nodes are replicas by comparing threshold with number of
encounter at the end of time interval T. This schemes leads to storage overhead since, each node
should maintain list L. To overcome this overhead Storage-efficient EDD scheme proposed. In
this SEDD scheme, instead of monitoring all the nodes, each node monitors only subset of
nodes called monitor set, in a specific time interval. Storage overhead reduced to cardinality of
monitor set.
Two novel mobility-assisted distributed [15] solutions to node replication detection in mobile
wireless sensor networks are UTLSE and MTLSD. These distributed approach which does not
require any routing signaling messages for detecting node replication attacks in mobile wireless
sensor networks. The fundamental idea is to make use of the mobility property: Only if two
nodes encounter each other, they exchange their time-location claims. That is, if a tracer
receives a time-location claim from its tracked neighbor node, it does not immediately transmit
this time-location claim to the witness if the witness is not currently within its communication
range, but stores that location claim until encountering the witness. In both protocols, after
receiving the time-location claims, witnesses carry these claims around the network instead of
transmitting them. That means data are forwarded only when appropriate witnesses encounter
each other. Unary- Time-Location Storage & Exchange (UTLSE) detects the replicas by each of
the two encountered witnesses which stores only one time-location claim. Multi-Time- location
Storage & Diffusion (MTLSD), by storing more time-location claims for each tracked node and
introducing time-location claims diffusion among witnesses, provides excellent resiliency and
sub-optimal detection probability with modest communication overhead. The detection
probability of the MTLSD protocol is greater than the probability of protocol UTLSE.
10. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
131
4. Summary of Replication attack
Table 1. Summary of Detection Mechanisms performance overheads
Schemes Communication cost Memory
SET O(n) O(d)
Node –to – Network
(Broadcast )
O(n2
) O(d)
Deterministic Multicast
O( g ln g√n / d ) O(g)
Randomized Multicast O(n2
) O(√n)
Line-Selected Multicast
(LSM)
O(n√n) O(√n)
RED O(r √n) O(r )
SDC O(rf √n) + O(s) g
P-MPC O(rf √n) + O(s) g
With Deployment Order
Knowledge (no location
knowledge)
< O(n√n) < O(√n)
With Neighborhood
knowledge - Fingerprint
O(numm √n) log2M
O(d) + min(M ,ω · log2
M)
With group Deployment
Knowledge(basic, location
claim, multi-group approach)
O(m) O(m)
O(m+d) O(d+2m)
3O(m+d) O(d+2m(1+Dmax ))
XED O(1)
EDD & SDD O(1) /O(n) O(n) /O(ξ)
UTLSE and MTLSD O(n) O(√n)
Where ,
n – No. of nodes in the network
d – Degree of neighboring nodes
g - no. of witness nodes
r- Communication radius
rf – No of neighboring nodes forwards location
claims
s - The number of sensors in a cell
m –group size
numm - total number of regular
data messages generated during network lifetime
M - the number of rows in the superimposed
s-disjunct code
ω - the column weight in the superimposed s-
disjunct code.
Dmax - maximum no. of times that a group
servers as the detector group
ξ – Distinct IDs from set of nodes as monitor
set
11. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
132
Conclusion
Table 1 shows the communication cost and storage cost for each technique. In this paper we discussed
classification of detection mechanisms for replication attack in static and mobile WSN. Distributed
detection approach is more advantages than centralized approaches since single point failure. In witness
based strategy of distributed approaches, randomness introduced in choosing witnesses at various levels
like whole network and limited to geographical grids to avoid prediction of future witnesses. If chosen
witness node itself compromised node or cloned node then detection of replication attack is uncertain.
There may be trade-off between memory, communication cost overhead and detection rate. All the
approaches dealt with static WSN. With the deployment knowledge (like order, neighborhoods, and
group members with locations) all the nodes in the network should know highest deployed generation
which impractical and cannot move join other groups since neighbors or fingerprints vary. Some WSN
application requires mobile nodes. The entire approaches become complex when considering for mobile
nodes which dealt with location claims(only) and Deployment knowledge are not suitable for mobile
WSN, since location changes time to time in mobile wireless sensor network. And some other approaches
for mobile WSN have been discussed.
ACKNOWLEDGEMENTS
The authors would like to thank NTRO sponsored Collaborative Directed Basic Research – Smart and
Secure Environment Project Lab for providing computing facilities and UGC for financial support by
providing fellowship.
REFERENCES
[1]. Parno B, Perrig A, Gligor V. “Distributed Detection of Node Replication Attacks in Sensor
Networks” In: Proceedings of the IEEE Symposium on Security and Privacy; 2005. p. 49 – 63.
[2]. Choi H, Zhu S, La Porta TF. “SET: Detecting node clones in sensor networks” In: Third
International Conference on Security and Privacy in Communications Networks and the Workshops
(SecureComm 2007); 2007. p. 341–350
[3]. Brooks R, Govindaraju PY, Pirretti M, Vijaykrishnan N, Kandemir MT. “On the Detection of Clones
in Sensor Networks Using Random Key Predistribution” IEEE Transactions on Systems, Man, and
Cybernetics, Part C: Applications and Reviews. 2007;37(6):1246–1258.
[4]. Zhu B, Addada VGK, Setia S, Jajodia S, Roy S. “Efficient Distributed Detection of Node
Replication Attacks in Sensor Networks” In: Twenty-Third Annual Computer Security Applications
Conference (ACSAC 2007); 2007. p. 257–267
[5]. M. Conti, R. Di Pietro, L.V. Mancini, and A. Mei “A randomized, efficient, and distributed protocol
for the detection of node replication attacks in wireless sensor networks” In ACM MobiHoc, pages
80–89, 2007
[6]. Jun –Won Ho, Donggang Liu, Mathhew wright, Sajal K.Das , “ Distributed detection of replica node
attacks with group deployment knowledge in wireless sensor networks”, Ad Hoc Networks, 2009,
1476 – 1488
[7]. Zubair A. Baig “Distributed Denial of Service Attack Detection in Wireless Sensor Networks”,
2008, thesis.
[8]. Hemanta Kumar Kalita and Avijit Kar, “Wireless Sensor Network Security Analysis, International
Journal of Next-Generation Networks (IJNGN),Vol.1, No.1, December 2009
12. International Journal of Network Security & Its Applications (IJNSA), Vol.3, No.2, March 2011
133
[9]. Yuichi Sei , Shinichi Honiden , “Distributed Detection of Node Replication Attacks resilient to
Many Compromised Nodes in Wireless Sensor Networks”, 2008 ICST
[10]. Bekara, M. Laurent-Maknavicius. “A new protocol for securing wireless sensor networks against
nodes replication attacks”, In Proceedings of the 3rd IEEE International Conference on Wireless and
Mobile Computing, Networking and Communications (WiMob), 2007.
[11]. K. Xing, F. Liu, X. Cheng, D. H.C. Du. “Real-time detection of clone attacks in wireless sensor
networks”, In Proceedings of the 28th International Conference on Distributed Computing Systems
(ICDCS), 2008.
[12]. Jun-won ho, Matthew wright, and Sajal k. Das, “fast detection of node replication attacks in mobile
sensor networks” , in IEEE ICNP 2008 (poster)
[13]. Chia-Mu, Y., Chun-Shien, Lu., and Sy-Yen, K. 2008. Mobile Sensor Network Resilient Against
Node Replication Attacks. SECON '08. 5th Annual IEEE Communications Society Conference on ,
vol., no., pp.597-599. (poster)
[14]. Chia-Mu Yu, Chun-Shien Lu and Sy-Yen Kuo, “Efficient distributed and detection of node
replication attacks in mobile sensor networks” IEEE 2009.
[15]. Xiaoming Deng, Yan Xiong, and Depin Chen , “Mobility-assisted Detection of the Replication
Attacks in Mobile Wireless Sensor Networks” 2010 IEEE 6th International Conference on Wireless
and Mobile Computing, Networking and Communications
[16]. Mohammad Saiful Islam Mamun and A.F.M. Sultanul Kabir, “Hierarchical Design Based Intrusion
Detection System For Wireless Ad Hoc Sensor Network” International Journal of Network Security
& Its Applications (IJNSA), Vol.2, No.3, July 2010
[17]. V.Manjula and Dr.C.Chellappan, “The Replication Attack in wireless Sensor Networks: Analysis &
Defenses” , CCIST 2011, Communications in Computer and Information Science, Volume 132,
Advances in Networks and Communications, Part II, Pages 169-178, book chapter, Springer –
Verlog.
Authors
V.Manjula received B.E.- Electronics and Communication Engineering (1995)from
Thanthai Periyar Govt. Institute of Technology, Vellore,Tamil Nadu, India under
Madras University and M.E. in Computer Science and Engineering(2000) from
Anna University , College Of Engineering Guindy, Chennai, India. Her current
research area is Wireless Sensor Network Security.
Dr.C.Chellappan is a Professor in the Department of Computer Science and
Engineering at Anna University, Chennai, India. He received his B.Sc. in Applied
Sciences and M.Sc in Applied Science– Applied Mathematics from PSG College
Technology, Coimbatore under University of Madras in 1972 and 1977. He
received his M.E and Ph.D in Computer Science and Engineering from Anna
University in 1982 and 1987. He was the Director of Ramanujam Computing
Centre (RCC) for 3 years at Anna University (2002–2005). He has published more
than 60 papers in reputed International Journals and Conferences. His research
areas are Computer Networks, Distributed/Mobile Computing and Soft Computing, Software Agent,
Object Oriented Design and Network Security.