Biblio

This paper presents Forensic methods for detection and prevention of multiple attacks along with neural networks like Denial-of-Service (DoS), probe, vampire, and User-to-Root (U2R) attacks, in a Mobile Ad hoc Network (MANET). We accomplish attacker(s) detection and prevention percentage upto 99% in varied node density scenarios 50/100/150.

As the demand for smart devices in homes increases, more and more manufacturers have been launching these devices on a mass scale. But what they are missing out on is taking care of the security part of these IoT devices which results in a more vulnerable system. This paper presents an idea through a small-scale working model and the studies that made the same possible. IoT devices face numerous threats these days with the ease of access to powerful hacking tools such as aircrack-ng which provides services like monitoring, attacking and cracking Wifi networks. The essential thought of the proposed system is to give an idea of how some common attacks are carried out, how these attacks work and to device some form of prevention as an additional security layer for IoT devices in general. The system proposed here prevents most forms of attacks that target the victim IoT device using their MAC addresses. These include DoS and DDoS attacks, both of which are the main focus of this paper. This paper also points out some of the future research work that can be followed up.

The dynamic nature of the wireless channel poses a challenge to services requiring seamless and uniform network quality of service (QoS). Self-healing, a promising approach under the self-organizing networks (SON) paradigm, and has been shown to deal with unexpected network faults in cellular networks. In this paper, we use simple machine learning (ML) algorithms inspired by SON developments in cellular networks. Evaluation results show that the proposed approach identifies the faulty APs. Our proposed approach improves throughput by 63.6% and reduces packet loss rate by 16.6% compared with standard 802.11.

Wireless mesh networks (WMNs) are known for possessing good attributes such as low up-front cost, easy network maintenance, and reliable service coverage. This has largely made them to be adopted in various environments such as; school campus networks, community networking, pervasive healthcare, office and home automation, emergency rescue operations and ubiquitous wireless networks. The routing nodes are equipped with self-organized and self-configuring capabilities. However, the routing mechanisms of WMNs depend on the collaboration of all participating nodes for reliable network performance. The authors of this paper have noted that most routing algorithms proposed for WMNs in the last few years are designed with the assumption that all the participating nodes will collaboratively be involved in relaying the data packets originated from a source to a multi-hop destination. Such design approach however exposes WMNs to vulnerability such as malicious packet drop attack. This paper presents an evaluation of the effect of the black hole attack with other influential factors in WMNs. In this study, NS-3 simulator was used with AODV as the routing protocol. The results show that the packet delivery ratio and throughput of WMN under attack decreases sharply as compared to WMN free from attack. On an average, 47.41% of the transmitted data packets were dropped in presence of black hole attack.

The Internet of Things leads to the inter-connectivity of a wide range of devices. This heterogeneity of hardware and software poses significant challenges to security. Constrained IoT devices often do not have enough resources to carry the overhead of an intrusion protection system or complex security protocols. A typical initial step in network security is a network scan in order to find vulnerable nodes. In the context of IoT, the initiator of the scan can be particularly interested in finding constrained devices, assuming that they are easier targets. In IoT networks hosting devices of various types, performing a scan with a high discovery rate can be a challenging task, since low-power networks such as IEEE 802.15.4 are easily overloaded. In this paper, we propose an approach to increase the efficiency of network scans by combining them with active network measurements. The measurements allow the scanner to differentiate IoT nodes by the used network technology. We show that the knowledge gained from this differentiation can be used to control the scan strategy in order to reduce probe losses.

Opportunistic Networks are delay-tolerant mobile networks with intermittent node contacts in which data is transferred with the store-carry-forward principle. Owners of smartphones and smart objects form such networks due to their social behaviour. Opportunistic Networking can be used in remote areas with no access to the Internet, to establish communication after disasters, in emergency situations or to bypass censorship, but also in parallel to familiar networking. In this work, we create a mobile network application that connects Android devices over Wi-Fi, offers identification and encryption, and gathers information for routing in the network. The network application is constructed in such a way that third party applications can use the network application as network layer to send and receive data packets. We create secure and reliable connections while maintaining a high transmission speed, and with the gathered information about the network we offer knowledge for state of the art routing protocols. We conduct tests on connectivity, transmission range and speed, battery life and encryption speed and show a proof of concept for routing in the network.

When a large scale disaster strikes, it demands an efficient communication and coordination among first responders to save life and other community resources. Normally, the traditional communication infrastructures such as landline phone or cellular networks are damaged and dont provide adequate communication services to first responders for exchanging emergency related information. Wireless mesh networks is the promising alternatives in such type of situations. The security requirements for emergency response communications include privacy, data integrity, authentication, access control and availability. To build a secure communication system, usually the first attempt is to employ cryptographic keys. In critical-mission wireless mesh networks, a mesh router needs to maintain secure data communication with its neighboring mesh routers. The effective designs on fast pairwise key generation and rekeying for mesh routers are critical for emergency response and are essential to protect unicast traffic. In this paper, we present a security-enhanced session key generation and rekeying protocols EHPFS (enhanced 4-way handshake with PFS support). It eliminate the DoS attack problem of the 4-way handshake in 802.11s. EHPFS provides additional support for perfect forward secrecy (PFS). Even in case a Primary Master Key (PMK) is exposed, the session key PTK will not be compromised. The performance and security analysis show that EHPFS is efficient.

The wireless boundaries of networks are becoming increasingly important from a security standpoint as the proliferation of 802.11 WiFi technology increases. Concurrently, the complexity of 802.11 access point implementation is rapidly outpacing the standardization process. The result is that nascent wireless functionality management is left up to the individual provider's implementation, which creates new vulnerabilities in wireless networks. One such functional improvement to 802.11 is the virtual access point (VAP), a method of broadcasting logically separate networks from the same physical equipment. Network reconnaissance benefits from VAP identification, not only because network topology is a primary aim of such reconnaissance, but because the knowledge that a secure network and an insecure network are both being broadcast from the same physical equipment is tactically relevant information. In this work, we present a novel graph-theoretic approach to VAP identification which leverages a body of research concerned with establishing community structure. We apply our approach to both synthetic data and a large corpus of real-world data to demonstrate its efficacy. In most real-world cases, near-perfect blind identification is possible highlighting the effectiveness of our proposed VAP identification algorithm.

Summary form only given, as follows. The complete presentation was not made available for publication as part of the conference proceedings. This hands-on workshop will combine minimal instruction with strong hands-on emphasis on practical lab exercises for attendees to practice the topics covered - the expected duration will be 90 minutes. The hands-on labs will give attendees the opportunity to run real-time Coverity analysis on a number of given codebases, to find vulnerabilities in both (a) and (b) categories (buffer overruns, cross-site scripting XSS, SQL Injections etc. with actionable advice on approaches and options to eliminate them The workshop attendees will be given access to their own dedicated virtual machines in our cloud-based lab platform. The VMs will be pre-configured with all the necessary software and sample codebases. Participant should bring their laptops with Wi-Fi network card, and a contemporary browser, such as Chrome, IE, FF, Safari or similar with HTML5 support, which they should run to validate compliance with our pre-check test. At the session start, attendees will be provided with access codes to remotely connect to their virtual lab machines using the Wi-Fi connectivity provided by the IEEE Sec Dev 2016 Conference.

Among the current Wi-Fi two security models (Enterprise and Personal), while the Enterprise model (802.1X) offers an effective framework for authenticating and controlling the user traffic to a protected network, the Personal model (802.11) offers the cheapest and the easiest to setup solution. However, the drawback of the personal model implementation is that all access points and client radio NIC on the wireless LAN should use the same encryption key. A major underlying problem of the 802.11 standard is that the pre-shared keys are cumbersome to change. So if those keys are not updated frequently, unauthorized users with some resources and within a short timeframe can crack the key and breach the network security. The purpose of this paper is to propose and implement an effective method for the system administrator to manage the users connected to a router, update the keys and further distribute them for the trusted clients using the Freescale embedded system, Infrared and Bluetooth modules.