Biblio

When cellular networks collapse (e.g. due to disaster scenarios), it is vital to quickly establish new communication channels. The worldwide spread of smartphones, which support multiple communication standards, offers a great potential to solve this problem with commodity hardware. On the software side, Disruption-tolerant Network technologies may be leveraged to transmit messages between devices, even if there is no direct connection between them. However, DTNs are vulnerable to black-hole attacks. Therefore, mechanisms have to be available to address this problem in order to provide reliable networks. In this paper, we present a concept for an ad-hoc smartphone-based DTN which is robust against packet drop attacks as network nodes are able to identify attackers and exclude them from the network. The overall concept has been practically evaluated using an implementation for the Android platform. Our results show that the approach is capable to mitigate black-hole attacks effectively with high detection rate and short convergency time.

Network attacks, especially DoS and DDoS attacks, are a significant threat for all providers of services or infrastructure. The biggest attacks can paralyze even large-scale infrastructures of worldwide companies. Attack mitigation is a complex issue studied by many researchers and security companies. While several approaches were proposed, there is still space for improvement. This paper proposes to augment existing mitigation heuristic with knowledge of reputation score of network entities. The aim is to find a way to mitigate malicious traffic present in DDoS amplification attacks with minimal disruption to communication of legitimate traffic.

In this work we utilize a Reputation Routing Model (RRM), which we developed in an earlier work, to mitigate the impact of three different control message based blackhole attacks in Optimized Link State Routing (OLSR) for Mobile Ad Hoc Networks (MANETs). A malicious node can potentially introduce three types of blackhole attacks on OLSR, namely TC-Blackhole attack, HELLO-Blackhole attack and TC-HELLO-Blackhole attack, by modifying its TC and HELLO messages with false information and disseminating them in the network in order to fake its advertisement. This results in node(s) diverting their messages toward the malicious node, therefore posing great security risks. Our solution reduces the risk posed by such bad nodes in the network and tries to isolate such links by feeding correct link state information to OLSR. We evaluate the performance of our model by emulating network scenarios on Common Open Research Emulator (CORE) for static as well as dynamic topologies. From our findings, it is observed that our model diminishes the effect of all three blackhole attacks on OLSR protocol in terms of packet delivery rates, especially at static and low mobility.

The recent proliferation of the Internet of Things (IoT) technology poses major security and privacy concerns. Specifically, the use of personal IoT devices, such as tablets, smartphones, and even smartwatches, as part of the Bring Your Own Device (BYOD) trend, may result in severe network security breaches in enterprise environments. Such devices increase the attack surface by weakening the digital perimeter of the enterprise network and opening new points of entry for malicious activities. In this paper we demonstrate a novel attack scenario in an enterprise environment by exploiting the smartwatch device of an innocent employee. Using a malicious application running on a suitable smartwatch, the device imitates a real Wi-Fi direct printer service in the network. Using this attack scenario, we illustrate how an advanced attacker located outside of the organization can leak/steal sensitive information from the organization by utilizing the compromised smartwatch as a means of attack. An attack mitigation process and countermeasures are suggested in order to limit the capability of the remote attacker to execute the attack on the network, thus minimizing the data leakage by the smartwatch.

Network attacks, including Distributed Denial-of-Service (DDoS), continuously increase in terms of bandwidth along with damage (recent attacks exceed 1.7 Tbps) and have a devastating impact on the targeted companies/governments. Over the years, mitigation techniques, ranging from blackholing to policy-based filtering at routers, and on to traffic scrubbing, have been added to the network operator's toolbox. Even though these mitigation techniques provide some protection, they either yield severe collateral damage, e.g., dropping legitimate traffic (blackholing), are cost-intensive, or do not scale well for Tbps level attacks (ACL filtering, traffic scrubbing), or require cooperation and sharing of resources (Flowspec). In this paper, we propose Advanced Blackholing and its system realization Stellar. Advanced blackholing builds upon the scalability of blackholing while limiting collateral damage by increasing its granularity. Moreover, Stellar reduces the required level of cooperation to enhance mitigation effectiveness. We show that fine-grained blackholing can be realized, e.g., at a major IXP, by combining available hardware filters with novel signaling mechanisms. We evaluate the scalability and performance of Stellar at a large IXP that interconnects more than 800 networks, exchanges more than 6 Tbps traffic, and witnesses many network attacks every day. Our results show that network attacks, e.g., DDoS amplification attacks, can be successfully mitigated while the networks and services under attack continue to operate untroubled.

With the growth of smartphone sales and app usage, fingerprinting and identification of smartphone apps have become a considerable threat to user security and privacy. Traffic analysis is one of the most common methods for identifying apps. Traditional countermeasures towards traffic analysis includes traffic morphing and multipath routing. The basic idea of multipath routing is to increase the difficulty for adversary to eavesdrop all traffic by splitting traffic into several subflows and transmitting them through different routes. Previous works in multipath routing mainly focus on Wireless Sensor Networks (WSNs) or Mobile Ad Hoc Networks (MANETs). In this paper, we propose a multipath routing scheme for smartphones with edge network assistance to mitigate traffic analysis attack. We consider an adversary with limited capability, that is, he can only intercept the traffic of one node following certain attack probability, and try to minimize the traffic an adversary can intercept. We formulate our design as a flow routing optimization problem. Then a heuristic algorithm is proposed to solve the problem. Finally, we present the simulation results for our scheme and justify that our scheme can effectively protect smartphones from traffic analysis attack.

Software Defined Network (SDN) is getting popularity both from academic and industry. Lot of researches have been made to combine SDN with future Internet paradigms to manage and control networks efficiently. SDN provides better management and control in a network through decoupling of data and control plane. Named Data Networking (NDN) is a future Internet technique with aim to replace IPv4 addressing problems. In NDN, communication between different nodes done on the basis of content names rather than IP addresses. Vehicular Ad-hoc Network (VANET) is a subtype of MANET which is also considered as a hot area for future applications. Different vehicles communicate with each other to form a network known as VANET. Communication between VANET can be done in two ways (i) Vehicle to Vehicle (V2V) (ii) Vehicle to Infrastructure (V2I). Combination of SDN and NDN techniques in future Internet can solve lot of problems which were hard to answer by considering a single technique. Security in VANET is always challenging due to unstable topology of VANET. In this paper, we merge future Internet techniques and propose a new scheme to answer timing attack problem in VANETs named as Timing Attack Prevention (TAP) protocol. Proposed scheme is evaluated through simulations which shows the superiority of proposed protocol regarding detection and mitigation of attacker vehicles as compared to normal timing attack scenario in NDN based VANET.

Mobile Ad Hoc Networks are dynamic in nature and have no rigid or reliable network infrastructure by their very definition. They are expected to be self-governed and have dynamic wireless links which are not entirely reliable in terms of connectivity and security. Several factors could cause their degradation, such as attacks by malicious and selfish nodes which result in data carrying packets being dropped which in turn could cause breaks in communication between nodes in the network. This paper aims to address the issue of remedy and mitigation of the damage caused by packet drops. We proposed an improvement on the EAACK protocol to reduce the network overhead packet delivery ratio by using hybrid cryptography techniques DES due to its higher efficiency in block encryption, and RSA due to its management in key cipher. Comparing to the existing approaches, our simulated results show that hybrid cryptography techniques provide higher malicious behavior detection rates, and improve the performance. This research can also lead to more future efforts in using hybrid encryption based authentication techniques for attack detection/prevention in MANETs.

MANET is vulnerable to so many attacks like Black hole, Wormhole, Jellyfish, Dos etc. Attackers can easily launch Wormhole attack by faking a route from original within network. In this paper, we propose an algorithm on AD (Absolute Deviation) of statistical approach to avoid and prevent Wormhole attack. Absolute deviation covariance and correlation take less time to detect Wormhole attack than classical one. Any extra necessary conditions, like GPS are not needed in proposed algorithms. From origin to destination, a fake tunnel is created by wormhole attackers, which is a link with good amount of frequency level. A false idea is created by this, that the source and destination of the path are very nearby each other and will take less time. But the original path takes more time. So it is necessary to calculate the time taken to avoid and prevent Wormhole attack. Better performance by absolute deviation technique than AODV is proved by simulation, done by MATLAB simulator for wormhole attack. Then the packet drop pattern is also measured for Wormholes using Absolute Deviation Correlation Coefficient.