Biblio

Internet of Things (IoT) is an advanced automation technology and analytics systems which connected physical objects that have access through the Internet and have their unique flexibility and an ability to be suitable for any environment. There are some critical applications like smart health care system, in which the data collection, sharing and routing through IoT has to be handled in sensitive way. The IPv6 Routing Protocol for LL(Low-power and Lossy) networks (RPL) is the routing protocols to ensure reliable data transfer in 6LOWPAN networks. However, RPL is vulnerable to number of security attacks which creates a major impact on energy consumption and memory requirements which is not suitable for energy constraint networks like IoT. This requires secured RPL protocol to be used for critical data transfer. This paper introduces a novel approach of combining a lightweight LBS (Location Based Service) authentication and Attribute Based Trust Evaluation (ABTE). The algorithm has been implemented for smart health care system and analyzed how its perform in the RPL protocol for IoT constrained environments.

Interconnecting resource-constrained devices in the Internet of Things (IoT) is generally achieved via IP-based technologies such as 6LoWPAN, which rely on the adaptation of the TCP/IP stack to fit IoT requirements. Very recent researches suggest that the Information-Centric Networking (ICN) paradigm, which switches the way to do networking, by fetching data by names regardless of their location, would provide native support for the functionalities required by IoT applications. Indeed, ICN intrinsic features, such as caching, naming, packet level security and stateful forwarding, favor it as a promising approach in the IoT. This paper gives a qualitative comparative study between the two communication paradigms (TCP/IP and ICN), and discusses their support for IoT environments, with a focus on the required key features such as mobility, scalability, and security.

Smart Grid is a major element of the Smart City concept that enables two-way communication of energy data between electric utilities and their consumers. These communication technologies are going through sharp modernization to meet future demand growth and to achieve reliability, security, and efficiency of the electric grid. In this paper, we implement an IPv6 based two-way communication system between the transformer agent (TA), installed at local electric transformer and various customer agents (CAs), connected to customer's smart meter. Various homes share their energy usage with the TA which in turn sends the utility's recommendations to the CAs. Raspberry Pi is used as hardware for all the CAs and the TA. We implement a self-healing mesh network between all nodes using OpenLab IEEE 802.15.4 chips and Routing Protocol for Low-Power and Lossy Networks (RPL), and the data is secured by RSA/AES keys. Several tests have been conducted in real environments, inside and outside of Carleton University, to test the performance of this communication network in various obstacle settings. In this paper, we highlight the details behind the implementation of this IPv6-based smart grid communication system, the related challenges, and the proposed solutions.

Performance of routing is severely degraded when misbehaving nodes drop packets instead of properly forwarding them. In this paper, we propose a Game-Theoretic Adaptive Multipath Routing (GTAMR) protocol to detect and punish selfish or malicious nodes which try to drop information packets in routing phase and defend against collaborative attacks in which nodes try to disrupt communication or save their power. Our proposed algorithm outranks previous schemes because it is resilient against attacks in which more than one node coordinate their misbehavior and can be used in networks which wireless nodes use directional antennas. We then propose a game theoretic strategy, ERTFT, for nodes to promote cooperation. In comparison with other proposed TFT-like strategies, ours is resilient to systematic errors in detection of selfish nodes and does not lead to unending death spirals.

This paper presents a contemporary review of communication architectures and topographies for MANET-connected Internet-of-Things (IoT) systems. Routing protocols for multi-hop MANETs are analyzed with a focus on the standardized Routing Protocol for Low-power and Lossy Networks. Various security threats and vulnerabilities in current MANET routing are described and security enhanced routing protocols and trust models presented as methodologies for supporting secure routing. Finally, the paper identifies some key research challenges in the emerging domain of MANET-IoT connectivity.

Due to the changing nature of Mobile Ad-Hoc Network (MANET) security is an important concern and hence in this paper, we carryout vector-based trust mechanism, which is established on the behavior of nodes in forwarding and dropping the data packets determines the trust on each node and we are using the Enhanced Certificate Revocation scheme (ECR), which avoid the attacker by blacklisting the blackhole attacker. To enhance more security for node and network, we assign a unique key for every individual node which can avoid most of the attacks in MANET

Mobile Ad-hoc Network (MANET) is an autonomous collection of mobile nodes and communicate among them in their radio range. It is an infrastructure less, bandwidth constraint multi-hop wireless network. A various routing protocol is being evolved for MANET routing and also provide security mechanism to avoid security threads. Dynamic Source Routing (DSR), one of the popular reactive routing protocols for MANET, establishes path between source to destination before data communication take place using route request (RREQ) and route reply (RREP) control messages. Although in [1] authors propose to prevent route diversion due to a malicious node in the network using group Diffie-Hellman (GDH) key management applied over source address, but if any intermediate trusted node start to misbehave then there is no prevention mechanism. Here in this paper, we applied Hash function scheme over destination address to identify the misbehaving intermediate node that can provide wrong destination address. The path information towards the destination sent by the intermediate node through RREP is exactly for the intended required destination or not, here we can identified according to our proposed algorithm and pretend for further data transmission. Our proposed algorithm proves the authenticity of the destination and also prevent from misbehaving intermediate nodes.

Mobile Ad hoc Network (MANET for short) is a new art of wireless technology that connect a group of mobile nodes in a dynamically decentralized fashion without the need of a base station, or a centralized administration, whereas each mobile node can work as a router. MANET topology changes frequently, because of the MANET dynamically formation nature, and freely to move randomly. MANET can function as standalone or can be connected to external networks. Mobile nodes are characterized with minimal human interaction, weight, less memory, and power. Despite all the pros of MANET and the widely spreading in many and critical industries, MANET has some cons and suffers from severe security issues. In this survey we emphasize on the different types of attacks at MANET protocol stack, and show how MANET is vulnerable to those attacks.

Nowadays, The incorporation of different function of the network, as well as routing, administration, and security, is basic to the effective operation of a mobile circumstantial network these days, in MANET thought researchers manages the problems of QoS and security severally. Currently, each the aspects of security and QoS influence negatively on the general performance of the network once thought-about in isolation. In fact, it will influence the exceptionally operating of QoS and security algorithms and should influence the important and essential services needed within the MANET. Our paper outlines 2 accomplishments via; the accomplishment of security and accomplishment of quality. The direction towards achieving these accomplishments is to style and implement a protocol to suite answer for policy-based network administration, and methodologies for key administration and causing of IPsec in a very MANET.

Route randomization is an important research focus for moving target defense which seeks to proactively and dynamically change the forwarding routes in the network. In this paper, the difficulties of implementing route randomization in traditional networks are analyzed. To solve these difficulties and achieve effective route randomization, a novel route randomization approach is proposed, which is implemented by adding a mapping layer between routers' physical interfaces and their corresponding logical addresses. The design ideas and the details of proposed approach are presented. The effectiveness and performance of proposed approach are verified and evaluated by corresponding experiments.

The existing research on the Internet of Things(IoT) security mainly focuses on attack and defense on a single protocol layer. Increasing and ubiquitous use of loT also makes it vulnerable to many attacks. An attacker try to performs the intelligent, brutal and stealthy attack that can reduce the risk of being detected. In these kinds of attacks, the attackers not only restrict themselves to a single layer of protocol stack but they also try to decrease the network performance and throughput by a simultaneous and coordinated attack on different layers. A new class of attacks, termed as cross-layer attack became prominent due to lack of interaction between MAC, routing and upper layers. These attacks achieve the better effect with reduced cost. Research has been done on cross-layer attacks in other domains like Cognitive Radio Network(CRN), Wireless Sensor Networks(WSN) and ad-hoc networks. However, our proposed scheme of cross-layer attack in IoT is the first paper to the best of our knowledge. In this paper, we have proposed Rank Manipulation and Drop Delay(RMDD) cross-layer attack in loT, we have investigated how small intensity attack on Routing protocol for low power lossy networks (RPL) degrades the overall application throughput. We have exploited the Rank system of the RPL protocol to implement the attacks. Rank is given to each node in the graph, and it shows its position in the network. If the rank could be manipulated in some manner, then the network topology can be modified. Simulation results demonstrate that the proposed attacks degrade network performance very much in terms of the throughput, latency, and connectivity.

Cross layer based approaches are increasingly becoming popular in Manet (Mobile Adhoc Network). As Manet are constrained with issues as low battery, limited bandwidth, link breakage and dynamic topology, cross layer based designs are trying to remove such barriers and trying to make Manet more scalable. Cross layer designs are also facing attacking problem and ensuring the security of network to defend the attack is must. In this paper we discuss about technique to optimize the performance by minimizing delay and overhead of secure cross layer routing protocol. We have designed SCLPC (Secure cross layer based Power control) protocol. But when security is imposed using AASR (Authenticated and anonymous secure routing), the network metrics as end to end delay and control overhead is disturbed. To optimize the network performance here we proposed OSCLPC (Optimized secure cross layer based power control protocol). The proposed OSCLPC has been evaluated using SHORT (Self healing and optimizing route technique). The OSCLPC is simulated in ns2 and it is giving the better performance compared with SCLPC.

From the last few years, security in wireless sensor network (WSN) is essential because WSN application uses important information sharing between the nodes. There are large number of issues raised related to security due to open deployment of network. The attackers disturb the security system by attacking the different protocol layers in WSN. The standard AODV routing protocol faces security issues when the route discovery process takes place. The data should be transmitted in a secure path to the destination. Therefore, to support the process we have proposed a trust based intrusion detection system (NL-IDS) for network layer in WSN to detect the Black hole attackers in the network. The sensor node trust is calculated as per the deviation of key factor at the network layer based on the Black hole attack. We use the watchdog technique where a sensor node continuously monitors the neighbor node by calculating a periodic trust value. Finally, the overall trust value of the sensor node is evaluated by the gathered values of trust metrics of the network layer (past and previous trust values). This NL-IDS scheme is efficient to identify the malicious node with respect to Black hole attack at the network layer. To analyze the performance of NL-IDS, we have simulated the model in MATLAB R2015a, and the result shows that NL-IDS is better than Wang et al. [11] as compare of detection accuracy and false alarm rate.

For the security of mobile ad-hoc networks (MANETs), a group of wireless mobile nodes needs to cooperate by forwarding packets, to implement an intrusion detection system (IDS). Some of the current IDS implementations in a clustered MANET have designed mobile nodes to wait until the cluster head is elected before scanning the network and thus nodes may be, unfortunately, exposed to several control packet attacks by which nodes identify falsified routes to reach other nodes. In order to detect control packet attacks such as route falsification, we design a route cache sharing mechanism for a non-clustered network where all one-hop routing data are collected by each node for a cooperative host-based detection. The cooperative host-based detection system uses a Support Vector Machine classifier and achieves a detection rate of around 95%. By successfully detecting the route falsification attacks, nodes are given the capability to avoid other attacks such as black-hole and gray-hole, which are in many cases a result of a successful route falsification attack.

Mobile Ad Hoc Network (MANET) is pretty vulnerable to attacks because of its broad distribution and open nodes. Hence, an effective Intrusion Detection System (IDS) is vital in MANET to deter unwanted malicious attacks. An IDS has been proposed in this paper based on watchdog and pathrater method as well as evaluation of its performance has been presented using Dynamic Source Routing (DSR) and Ad-hoc On-demand Distance Vector (AODV) routing protocols with and without considering the effect of the sinkhole attack. The results obtained justify that the proposed IDS is capable of detecting suspicious activities and identifying the malicious nodes. Moreover, it replaces the fake route with a real one in the routing table in order to mitigate the security risks. The performance appraisal also suggests that the AODV protocol has a capacity of sending more packets than DSR and yields more throughput.

Mobile Ad-Hoc Networks (MANETs) are prone to many security attacks. One such attack is the blackhole attack. This work proposes a simple and effective application layer based intrusion detection scheme in a MANET to detect blackholes. The proposed algorithm utilizes mobile agents (MA) and wtracert (modified version of Traceroute for MANET) to detect multiple black holes in a DSR protocol based MANET. Use of MAs ensure that no modifications need to be carried out in the underlying routing algorithms or other lower layers. Simulation results show successful detection of single and multiple blackhole nodes, using the proposed detection mechanism, across varying mobility speeds of the nodes.

With the progress over technology, it is becoming viable to set up mobile ad hoc networks for non-military services as like well. Examples consist of networks of cars, law about communication facilities into faraway areas, and exploiting the solidity between urban areas about present nodes such as cellular telephones according to offload or otherwise keep away from using base stations. In such networks, there is no strong motive according to assume as the nodes cooperate. Some nodes may also be disruptive and partial may additionally attempt according to save sources (e.g. battery power, memory, CPU cycles) through “selfish” behavior. The proposed method focuses on the robustness of packet forwarding: keeping the usual packet throughput over a mobile ad hoc network in the rear regarding nodes that misbehave at the routing layer. Proposed system listen at the routing layer or function no longer try after address attacks at lower layers (eg. jamming the network channel) and passive attacks kind of eavesdropping. Moreover such functionate now not bear together with issues kind of node authentication, securing routes, or message encryption. Proposed solution addresses an orthogonal problem the encouragement concerning proper routing participation.

A Mobile ad hoc Network (MANET) is a self-configure, dynamic, and non-fixed infrastructure that consists of many nodes. These nodes communicate with each other without an administrative point. However, due to its nature MANET becomes prone to many attacks such as DoS attacks. DoS attack is a severe as it prevents legitimate users from accessing to their authorised services. Monitoring, Detection, and rehabilitation (MrDR) method is proposed to detect DoS attacks. MrDR method is based on calculating different trust values as nodes can be trusted or not. In this paper, we evaluate the MrDR method which detect DoS attacks in MANET and compare it with existing method Trust Enhanced Anonymous on-demand routing Protocol (TEAP) which is also based on trust concept. We consider two factors to compare the performance of the proposed method to TEAP method: packet delivery ratio and network overhead. The results confirm that the MrDR method performs better in network performance compared to TEAP method.

Mobile ad hoc networks (MANETs) are a set of mobile wireless nodes that can communicate without the need for an infrastructure. Features of MANETs have made them vulnerable to many security attacks including wormhole attack. In the past few years, different methods have been introduced for detecting, mitigating, and preventing wormhole attacks in MANETs. In this paper, we introduce a new decentralized scheme based on statistical metrics for detecting wormholes that employs “number of new neighbors” along with “number of neighbors” for each node as its parameters. The proposed scheme has considerably low detection delay and does not create any traffic overhead for routing protocols which include neighbor discovery mechanism. Also, it possesses reasonable processing power and memory usage. Our simulation results using NS3 simulator show that the proposed scheme performs well in terms of detection accuracy, false positive rate and mean detection delay.

Mobile ad-hoc network (MANET) is a system of wireless mobile nodes that are dynamically self-organized in arbitrary and temporary topologies, that have received increasing interest due to their potential applicability to numerous applications. The deployment of such networks however poses several security challenging issues, due to their lack of fixed communication infrastructure, centralized administration, nodes mobility and dynamic topological changes, which make it susceptible to passive and active attacks such as single and cooperative black hole, sinkhole and eavesdropping attacks. The mentioned attacks mainly disrupt data routing processes by giving false routing information or stealing secrete information by malicious nodes in MANET. Thus, finding safe routing path by avoiding malicious nodes is a genuine challenge. This paper aims at combining the existing cooperative bait detection scheme which uses the baiting procedure to bait malicious nodes into sending fake route reply and then using a reverse tracing operation to detect the malicious nodes, with an RSA encryption technique to encode data packet before transmitting it to the destination to prevent eavesdropper and other malicious nodes from unauthorized read and write on the data packet. The proposed work out performs the existing Cooperative Bait Detection Scheme (CBDS) in terms of packet delivery ratio, network throughput, end to end delay, and the routing overhead.

In Mobile Ad-hoc Network (MANET), we cannot predict the clear picture of the topology of a node because of its varying nature. Without notice participation and departure of nodes results in lack of trust relationship between nodes. In such circumstances, there is no guarantee that path between two nodes would be secure or free of malicious nodes. The presence of single malicious node could lead repeatedly compromised node. After providing security to route and data packets still, there is a need for the implementation of defense mechanism that is intrusion detection system(IDS) against compromised nodes. In this paper, we have implemented IDS, which defend against some routing attacks like the black hole and gray hole successfully. After measuring performance we get marginally increased Packet delivery ratio and Throughput.

Link quality, trust management and energy efficiency are considered as main factors that affect the performance and lifetime of Mobile CrowdSensing (MCS). Routing packets toward the sink node can be a daunting task if aforementioned factors are considered. Correspondingly, routing packets by considering only shortest path or residual energy lead to suboptimal data forwarding. To this end, we propose a Fuzzy logic based Routing (FR) solution that incorporates social behaviour of human beings, link quality, and node quality to make the optimal routing decision. FR leverages friendship mechanism for trust management, Signal to Noise Ratio (SNR) to assure good link quality node selection, and residual energy for long lasting sensor lifetime. Extensive simulations show that the FR solution outperforms the existing approaches in terms of network lifetime and packet delivery ratio.

Internet of Things is attracting a lot of interest in the modern world and has become a part of daily life leading to a large scale of distribution of Low power and Lossy Networks (LLN). For such networks constrained by low power and storage, IETF has proposed RPL an open standard routing protocol. However RPL protocol is exposed to a number of attacks which may degrade the performance and resources of the network leading to incorrect output. In this paper, to address Wormhole and Grayhole attack we propose a light weight Trust based mechanism. The proposed method uses direct trust which is computed based on node properties and Indirect Trust which is based on opinion of the neighboring nodes. The proposed method is energy friendly and does not impose excessive overhead on network traffic.

A wireless sensor network consists of many important elements like Sensors, Bass station and User. A Sensor can measure many non electrical quantities like pressure, temperature, sound, etc and transmit this information to the base station by using internal transreceiver. A security of this transmitted data is very important as the data may contain important information. As wireless sensor network have many application in the military and civil domains so security of wireless sensor network become a critical concern. A Sybil attack is one of critical attack which can affect the routing protocols, fair resourse allocation, data aggregation and misbehavior detection parameters of network. A number of detection techniques to detect Sybil nodes have already designed to overcome the Sybil attack. Out of all the techniques few techniques which can improve the true detection rate and reduce false detection rate are discussed in this paper.

Mobile Ad-hoc Networks are dynamic in nature and do not have fixed infrastructure to govern nodes in the networks. The mission lies ahead in coordinating among such dynamically shifting nodes. The root problem of identifying and isolating misbehaving nodes that refuse to forward packets in multi-hop ad hoc networks is solved by the development of a comprehensive system called Audit-based Misbehavior Detection (AMD) that can efficiently isolates selective and continuous packet droppers. AMD evaluates node behavior on a per-packet basis, without using energy-expensive overhearing techniques or intensive acknowledgment schemes. Moreover, AMD can detect selective dropping attacks even in end-to-end encrypted traffic and can be applied to multi-channel networks. Game theoretical approaches are more suitable in deciding upon the reward mechanisms for which the mobile nodes operate upon. Rewards or penalties have to be decided by ensuring a clean and healthy MANET environment. A non-routine yet surprise alterations are well required in place in deciding suitable and safe reward strategies. This work focuses on integrating a Audit-based Misbehaviour Detection (AMD)scheme and an incentive based reputation scheme with game theoretical approach called Supervisory Game to analyze the selfish behavior of nodes in the MANETs environment. The proposed work GAMD significantly reduces the cost of detecting misbehavior nodes in the network.