Collaboration of Trusted Node and QoS Based Energy Multi Path Routing Protocol for Vehicular Ad Hoc Networks

In the recent past information transmission through the vehicular ad hoc network (VANET) playing a vital role due to increase in accident statistics. There are numerous networking and VANET protocols helpful to control the trust while transmitting the data from source to destination nodes in traffic environment. In spite of many existing protocols for analyzing the trust in the network, the challenge of routing overhead, high energy consumption and malicious attacks issues still continue in the communication. This research introduces the trust collaboration nodes and Quality of Service (QoS) with energy multipath routing protocol for transmitting the information through VANET. Initially, the trusted nodes have been collected for analyzing the neighbouring nodes and the information are transmitted using the proposed QoS based energy efficient multipath routing protocol. During this transmission, the multi path protocol eliminates the intermediate attacks effectively when compared with the other existing protocols. The Proposed protocol maintains the QoS while routing the information from source to destination and further the efficiency has been analyzed through simulation experiments and Montgomery multiplier based Elliptic Curve Cryptography (ECC) will be used in future for better security and privacy.     

Enhancing Privacy and Security of RFID System with Serverless Authentication and Search Protocols in Pervasive Environments

One of the recent realms that gathered attention of researchers is the security issues of Radio Frequency Identification (RFID) systems that have tradeoff between controlled costs and improved efficiency. Evolvement and benefits of RFID technology signifies that it can be low-cost, efficient and secured solution to many pervasive applications. But RFID technology will not intermingle into human lives until prevailing and flexible privacy mechanisms are conceived. However, ensuring strong privacy has been an enormous challenge due to extremely inadequate computational storage of typical RFID tags. So in order to relieve tags from responsibility, privacy protection and security assurance was guaranteed by central server. In this paper, we suggest serverless, forward secure and untraceable authentication protocol for RFID tags. This authentication protocol safeguards both tag and reader against almost all major attacks without the intervention of server. Though it is very critical to guarantee untraceability and scalability simultaneously, here we are proposing a scheme to make our protocol more scalable via ownership transfer. To the best of our knowledge this feature is incorporated in the serverless system for the first time in pervasive environments. One extension of RFID authentication is RFID tag searching, which has not been given much attention so far. But we firmly believe that in near future tag searching will be a significant issue RFID based pervasive systems. So in this paper we propose a serverless RFID tag searching protocol in pervasive environments. This protocol can search a particular tag efficiently without server’s intervention. Furthermore they are secured against major security threats.     

移动自组网中基于声誉机制的安全路由协议设计与分析

移动自组网是一种有特殊用途的对等式网络,具有无中心、自组织、可快速展开、可移动等特点,这些特点使得它在战场、救灾等特殊场合的应用日渐受到人们的重视.由于在移动自组网络中每节点既是主机又是路由器,所以容易遭受基于路由信息的攻击,而现今的路由协议基本没有考虑到该问题.本文在分析移动自组网络安全特性的基础上,综述了该方面的研究工作,建立了基于声誉机制评价体系,并给出了具体的评价方法和计算模型.在此基础上,提出了基于声誉机制的安全路由协议S-DSR.仿真结果表明在存在攻击节点的情况下S-DSR协议比DSR协议具有更好的包传输率、包丢失率等属性.     

Design and analysis of intrusion detection systems for wireless mesh networks

Intrusion is any unwanted activity that can disrupt the normal functions of wired or wireless networks. Wireless mesh networking technology has been pivotal in providing an affordable means to deploy a network and allow omnipresent access to users on the Internet. A multitude of emerging public services rely on the widespread, high-speed, and inexpensive connectivity provided by such networks. The absence of a centralized network infrastructure and open shared medium makes WMNs particularly susceptible to malevolent attacks, especially in multihop networks. Hence, it is becoming increasingly important to ensure privacy, security, and resilience when designing such networks. An effective method to detect possible internal and external attack vectors is to use an intrusion detection system. Although many Intrusion Detection Systems (IDSs) were proposed for Wireless Mesh Networks (WMNs), they can only detect intrusions in a particular layer. Because WMNs are vulnerable to multilayer security attacks, a cross-layer IDS are required to detect and respond to such attacks. In this study, we analyzed cross-layer IDS options in WMN environments. The main objective was to understand how such schemes detect security attacks at several OSI layers. The suggested IDS is verified in many scenarios, and the experimental results show its efficiency.     

Secure group communication in wireless mesh networks

Wireless mesh networks (WMNs) have emerged as a promising technology that offers low-cost community wireless services. The community-oriented nature of WMNs facilitates group applications, such as webcast, distance learning, online gaming, video conferencing, and multimedia broadcasting. Security is critical for the deployment of these services. Previous work focused primarily on MAC and routing protocol security, while application-level security has received relatively little attention. In this paper we focus on providing data confidentiality for group communication in WMNs. Compared to other network environments, WMNs present new challenges and opportunities in designing such protocols. We propose a new protocol framework, Secure Group Overlay Multicast (SeGrOM), that employs decentralized group membership, promotes localized communication, and leverages the wireless broadcast nature to achieve efficient and secure group communication. We analyze the performance and discuss the security properties of our protocols. We demonstrate through simulations that our protocols provide good performance and incur a significantly smaller overhead than a baseline centralized protocol optimized for WMNs.     

Cross Layer Secure and Resource-Aware On-Demand Routing Protocol for Hybrid Wireless Mesh Networks

Secure routing is one of the challenges offered by hybrid wireless mesh networks (WMNs). Researcher are implementing different approaches for mesh routing, but still need more efforts in terms of security, efficiency, deployment and capability with different scenarios and applications. Cross layer secure and resource-aware on demand routing (CSROR) protocol for hybrid WMN is designed to ensure routing security and fulfil different applications specific requirements for multimedia delivery and real-time transmissions. CSROR selects an optimum route on the basis of route security taking in consideration the different cross layer parameters. CSROR is not only resource aware approach but also resilient to different packet dropping attacks. It is evaluated in diverse range of hostile hybrid WMN scenarios.     

基于Edwards曲线的移动RFID安全认证协议

针对传统的RFID认证协议通常难以适应移动RFID系统的问题,提出了基于Edwards曲线的适用于移动RFID系统的安全认证协议,协议采用Edwards曲线提高了其防侧信道攻击的能力,并应用椭圆曲线离散对数问题实现安全认证。进一步采用可证明安全方法给出了标签和阅读器不可跟踪隐私的安全性证明,通过安全性分析指出协议能更有效抵抗已有各种攻击。与现有的结构类似RFID认证协议相比,该协议扩展性更好,安全性和性能优于其他方案。     

A secure ownership transfer protocol using EPCglobal Gen-2 RFID

Radio Frequency Identification (RFID) is a relatively new technology. In recent years, it has been shown to be convenient and feasible in many applications. However, there are security issues which need to be addressed. Due to the wireless transmission of the RFID system, malicious people can gain the information in the RFID tags, and the user’s privacy is invaded. Although there have been many protection methods proposed for RFID security, the system has remained vulnerable to various attacks. In this paper, we propose a conforming of the EPCglobal Class 1 Generation 2 standards RFID ownership transfer protocol with provable security. The proposed scheme can resist several attacks and ensure a secure transaction.     

A Privacy Protection Strategy for Source Location in WSN Based on Angle and Dynamical Adjustment of Node Emission Radius

We propose two novel methods to improve the source location privacy security protection and the node energy utilization in Wireless sensor networks (WSN).A privacy preservation protocol for source location in WSN based on angles(APS) and an Enhanced protocol for source location (EAPS),which dynamically adjusts emission radius during routing.The APS protocol produces geographically dispersed phantom source nodes and utilizes the energy from the energy-abundant regions to make the routing path versatile among the entire network.In the EAPS protocol,according to the number of its own adjacent nodes,residual energy and the distance to the base station,a node adjusts its radius adaptively.Experiments show that the two novel protocols can improve the security and take advantage of the residual energy in the network balance the network life and energy consumption in comparison with the existing routing protocols based on the phantom sources.     

CLEAR: A Cross-Layer Enhanced and Adaptive Routing Framework for Wireless Mesh Networks

Wireless Mesh Networks (WMNs) provide a new and promising solution for broadband Internet services. The distinguishing features and the wide range of WMNs’ applications have attracted both academic and industrial communities. Routing protocols play a crucial role in the functionality and the performance of WMNs due to their direct effect on network throughput, connectivity, supported Quality of Service (QoS) levels, etc. In this paper, a cross-layer based routing framework for multi-interface/multi-channel WMNs, called Cross-Layer Enhanced and Adaptive Routing (CLEAR), is proposed. This framework embodies optimal as well as heuristic solutions. The major component of CLEAR is a new bio-inspired routing protocol called Birds’ Migration Routing protocol (BMR). BMR adopts a newly developed routing metric called Multi-Level Routing metric (MLR) to efficiently utilize the advantages of both multi-radio/multi-channel WMNs and cross-layer design. We also provide an exact solution based on dynamic programming to solve the optimal routing problem in WMNs. Simulation results show that our framework outperforms other routing schemes in terms of network throughput, end-to-end delay, and interference reduction, in addition to being the closest one to the optimal solution.     

A secure and trust based on-demand multipath routing scheme for self-organized mobile ad-hoc networks

A mobile ad hoc network (MANET) is a self-configurable network connected by wireless links. This type of network is only suitable for provisional communication links as it is infrastructure-less and there is no centralized control. Providing QoS and security aware routing is a challenging task in this type of network due to dynamic topology and limited resources. The main purpose of secure and trust based on-demand multipath routing is to find trust based secure route from source to destination which will satisfy two or more end to end QoS constraints. In this paper, the standard ad hoc on-demand multi-path distance vector protocol is extended as the base routing protocol to evaluate this model. The proposed mesh based multipath routing scheme to discover all possible secure paths using secure adjacent position trust verification protocol and better link optimal path find by the Dolphin Echolocation Algorithm for efficient communication in MANET. The performance analysis and numerical results show that our proposed routing protocol produces better packet delivery ratio, reduced packet delay, reduced overheads and provide security against vulnerabilities and attacks.     

ITPMAP: An Improved Three-Pass Mutual Authentication Protocol for Secure RFID Systems

Radio frequency identification (RFID) is a wireless technology used in various applications to minimize the complexity of everyday life. However, it opens a large number of security and privacy issues that require to be addressed before its successful deployment. Many RFID authentication protocols are proposed in recent years to address security and privacy issues, and most of them are based on lightweight cryptographic techniques such as pseudo-random number generators (PRNGs), or bitwise logical operations. However, the existing RFID authentication protocols suffer from security weaknesses, and cannot solve most of the security and privacy problems. A new solution is necessary to address security and privacy issues. In this paper, an improved three-pass mutual authentication protocol (ITPMAP) for low-cost RFID tags is proposed to offer an adequate security level for RFID systems. The proposed ITPMAP protocol uses one PRNG on the tag side and heavy-weighted cryptographic techniques (i.e., digital signature and password-based encryption schemes) on the back-end server side instead of lightweight cryptographic techniques to address the security and privacy issues. The ITPMAP protocol is secure against various attacks such as cloning, spoofing, replay, and desynchronization attacks. Furthermore, as a proof of concept, the ITPMAP protocol is adopted to propose the design of three real-life RFID systems; namely: Signing and Verification of Graduation Certificate System, issuing and verification of e-ticketing system, and charging and discharging of prepaid card system. The Unified Modeling Language is used to demonstrate the design of the proposed ITPMAP protocol and systems. Java language is used for the implementation of the proposed systems. In addition, the “Mifare Classic” tags and readers are used as RFID apparatuses for the proposed systems.     

一种新的隐私保护型车载网络切换认证协议

该文针对现有车载网络切换认证协议存在的安全性、隐私等方面的不足,在LIAP协议的基础上提出改进方案。首先将随机数与伪标识串联,再用二次模运算对串联的信息进行加密,以生成动态身份标识保护用户位置隐私;与此同时,在移动终端切换过程中,新路侧单元重新生成新会话秘密序列,并与终端伪标识进行异或加密,对LIAP协议中存在的平行会话攻击进行安全防护。理论分析及实验表明,改进协议不仅满足终端匿名性和抵御各种攻击的安全需求,也实现了较快的切换速度,与同类切换认证协议相比,实用中具明显优越性。     

无线Ad Hoc环境下EIGRP的安全加固

文章指出了Ad Hoc网络存在的安全隐患和安全路由协议的设计需求,提出了一种基于EIGRP的具有认证和加密功能的安全路由加固方案。协议采用公钥密码体制,利用节点对路由信息的签名,能有效地抵制各种恶意攻击。     

路由信息的攻击对AODV协议性能的影响分析

AODV协议是移动自组网络中一种按需反应的表驱动路由协议。在移动自组网中，每个节点既是计算机又是路由器，容易遭受基于路由信息的网络攻击，而现今的路由协议基本没有考虑到该问题。本文在分析移动自组网中针对路由信息主要攻击方法的基础上，建立了主动性和自私性两个攻击模型，并且在AODV协议中扩充实现了这两类攻击行为。通过对模拟结果的分析和比较，讨论了路由信息的攻击对AODV协议性能的影响，并进一步探讨了针对基于路由信息攻击的防御措施。     

Dynamic game and reliable recommendation based transferring reputation mechanism for mobile cloud computing

The booming development of the mobile internet and cloud computing leads to the emerging of many mobile cloud platforms based services.However,since mobile users store lots of data and privacy information in the cloud when they are using the mobile cloud services,they are facing multiple increasingly serious security threats such as data leaks and privacy exposures.The data security and privacy protection was investigated in mobile cloud computing,aiming at the internal bad mouthing attacks and mobile attacks.A dynamic game and reliable recommendation based transferring reputation mechanism was proposed.First,a dynamic game based recommendation incentive mechanism was proposed.Secondly,a reliable recommendation reputation evaluation model was established based on the incentive mechanism.Last,a novel transferring reputation mechanism was proposed that combined the above mentioned incentive mechanism and reputation evaluation model.Simulation results demonstrate the proposed transferring reputation mechanism can defend against the internal bad mouthing attacks and mobile attacks effectively,enhance the credibility of mobile terminals and improve the data security and privacy protection of mobile cloud services.     

A2-MAKE: An efficient anonymous and accountable mutual authentication and key agreement protocol for WMNs

Multi-hop hybrid wireless mesh networks (WMNs) have recently attracted increasing attention and deployment. For easy acceptance and wide deployment of WMNs, security, privacy, and accountability issues have to be addressed by providing efficient, reliable, and scalable protocols. The fact that regular users, which may be resource-constrained wireless devices, are involved in routing activities highlights the need for efficiency and compactness. However, the said objectives, i.e., security, privacy, accountability, efficiency etc., are, most of the time, not compatible. So far no previous work has adequately reconciled these conflicting objectives in a practical framework. In this paper, we design and implement such a framework named as A²-MAKE, which is a collection of protocols. The framework provides an anonymous mutual authentication protocol whereby legitimate users can connect to network from anywhere without being identified or tracked unwillingly. No single party (or authority, network operator, etc.) can violate the privacy of a user, which is provided in our framework in the strongest sense. Our framework utilizes group signatures, where the private keys and corresponding credentials of the users are generated in a secure three-party protocol. User accountability is implemented via user identification and revocation protocols that can be executed by two semi-trusted authorities, one of which is the network operator. The assumptions about the trust level of the network operator are relaxed with respect to similar protocols. Our framework makes use of more efficient signature generation and verification algorithms in terms of computational complexity than their counterparts in literature, where signature size is almost the same as the shortest signatures proposed for similar purposes so far.     

A Novel Trust-Aware Geographical Routing Scheme for Wireless Sensor Networks

Wireless sensor networks are vulnerable to a wide set of security attacks, including those targeting the routing protocol functionality. The applicability of legacy security solutions is disputable (if not infeasible), due to severe restrictions in node and network resources. Although confidentiality, integrity and authentication measures assist in preventing specific types of attacks, they come at high cost and, in most cases, cannot shield against routing attacks. To face this problem, we propose a secure routing protocol which adopts the geographical routing principle to cope with the network dimensions, and relies on a distributed trust model for the detection and avoidance of malicious neighbours. A novel function which adaptively weights location, trust and energy information drives the routing decisions, allowing for shifting emphasis from security to path optimality. The proposed trust model relies on both direct and indirect observations to derive the trustworthiness of each neighboring node, while it is capable of defending against an increased set of routing attacks including attacks targeting the indirect trust management scheme. Extensive simulation results reveal the advantages of the proposed model.     

End-to-end privacy preserving scheme for IoT-based healthcare systems

Preserving patients’ privacy is one of the most important challenges in IoT-based healthcare systems. Although patient privacy has been widely addressed in previous work, there is a lack of a comprehensive end-to-end approach that simultaneously preserves the location and data privacy of patients assuming that system entities are untrusted. Most of the past researches assume that parts of this end-to-end system are trustworthy while privacy may be threatened by insider attacks. In this paper, we propose an end-to-end privacy preserving scheme for the patients assuming that all main entities of the healthcare system (including sensors, gateways, and application providers) are untrusted. The proposed scheme preserves end-to-end privacy against insider threats as well as external attacks concerning the resource restrictions of the sensors. This scheme provides mutual authentication between main entities while preserves patients’ anonymity. Only the allowed users can access the real identity of patients alongside their locations and their healthcare information. Informal security analysis and formal security verification of the proposed protocol in AVISPA show that it is secure against impersonation, replay, modification, and man-in-the-middle attacks. Moreover, performance assessments show that the proposed protocol provides more security services without considerable growth in the computation overhead of the sensors. Also, it is shown that the proposed protocol diminishes the signaling overhead of the sensors and so their energy consumption compared to the literature at the expense of adding a little more signaling overhead to the gateways.

     

Unified routing protocol based on passive bandwidth measurement in heterogeneous WMNs

The past few years have witnessed a surge of wireless mesh networks (WMNs)‐based applications and heterogeneous WMNs are taking advantage of multiple radio interfaces to improve network performance. Although many routing protocols have been proposed for heterogeneous WMNs, most of them mainly relied on hierarchical or cluster techniques, which result in high routing overhead and performance degradation due to low utilization of wireless links. This is because only gateway nodes are aware of all the network resources. In contrast, a unified routing protocol (e.g., optimal link state routing (OLSR)), which treats the nodes and links equally, can avoid the performance bottleneck incurred by gateway nodes. However, OLSR has to pay the price for unification, that is, OLSR introduces a great amount of routing overhead for broadcasting routing message on every interface. In this paper, we propose unified routing protocol (URP), which is based on passive bandwidth measurement for heterogeneous WMNs. Firstly, we use the available bandwidth as a metric of the unification and propose a low‐cost passive available bandwidth estimation method to calculate expected transmission time that can capture the dynamics of wireless link more accurately. Secondly, based on the estimated available bandwidth, we propose a multipoint relays selection algorithm to achieve higher transmission ability and to help accelerate the routing message diffusion. Finally, instead of broadcasting routing message on all channels, nodes running URP transmit routing message on a set of selected high bandwidth channels. Results from extensive simulations show that URP helps improve the network throughput and to reduce the routing overhead compared with OLSR and hierarchical routing. Copyright © 2016 John Wiley & Sons, Ltd.