A novel approach for mitigating gray hole attack in MANET

Mobile ad hoc network (MANET) is defined as the category of wireless network that is capable of operating without any fixed infrastructure. The main assumption considered in this network is that all nodes are trusted nodes but in real scenario, some nodes can be malicious node and therefore can perform selective dropping of data packets instead of forwarding the data packets to the destination node. These malicious nodes behave normally during route discovery phase and afterwards drop fractions of the data packets routed through them. Such type of attack is known as smart gray hole attack which is variation of sequence number based gray hole attack. In this paper, we have launched smart gray hole attack and proposed a new mechanism for mitigating the impact of smart gray hole attack. Mitigating Gray hole Attack Mechanism (MGAM) uses several special nodes called as G-IDS (gray hole-intrusion detection system) nodes which are deployed in MANETs for detecting and preventing smart gray hole attack. G-IDS nodes overhear the transmission of its neighbouring nodes and when it detects that the node is dropping the data packets which are greater than threshold value then it broadcast the ALERT message in the network notifying about the identity of malicious node. The identified malicious is then blocked from further its participation by dropping the request and reply packet. In order to validate the effectiveness of our proposed mechanism, NS-2.35 simulator is used. The simulation results show that the proposed mechanism performs slightly well as compared with the existing scheme under smart gray hole attack.     

DEBH: detecting and eliminating black holes in mobile ad hoc network

Security in mobile ad hoc network (MANET) is one of the key challenges due to its special features e.g. hop-by-hop communications, dynamic topology, and open network boundary that received tremendous attention by scholars. Traditional security methods are not applicable in MANET due to its special properties. In this paper, a novel approach called detecting and eliminating black holes (DEBH) is proposed that uses a data control packet and an additional black hole check table for detecting and eliminating malicious nodes. Benefiting from trustable nodes, the processing overhead of the security method decreases by passing time. Ad hoc on-demand distance vector (AODV) routing protocol is used as the routing protocol in our design. After finding the freshest path using AODV, our design checks the safety of selected path. In case of detecting any malicious node, it is isolated from the entire network by broadcasting a packet that contains the ID of malicious nodes. Simulation results show that DEBH increases network throughput and decreases packet overhead and delay in comparison with other studied approaches. Moreover, DEBH is able to detect all active malicious nodes which generates fault routing information.     

A combined approach for detecting hidden nodes in 802.11 wireless LANs

Hidden node is a fundamental problem that severely degrades the performance of wireless networks. The problem occurs when nodes that do not hear each other transmit at the same time, which leads to data packet collision. IEEE 802.11 Wireless Local Area Networks (WLANs) tries to solve this problem through the Request to Send/Clear to Send (RTS/CTS) mechanism. However, the mechanism is not wholly successful. The RTS/CTS idea is based on the assumption that all nodes in the vicinity of Access Points will hear CTS packets and consequently defer their transmissions. The shortcoming of RTS/CTS stems from the fact that such packets introduce high overhead if extensively used. In this article, we propose a hybrid approach for detecting hidden nodes in 802.11 WLANs. The approach is mainly based on adaptive learning about collisions in the network. We think that the approach will be useful for controlling the tuning of RTS/CTS threshold and therefore reduce the overhead those packets introduce. Detailed simulation experiments have shown the strength of the proposed approach compared with other approaches.     

A fuzzy logic cooperative MAC for MANET

In both wireless local area networks（WLAN） and mobile ad hoc networks（MANET）, the 1EEE 802.11e medium access control （MAC） protocol is proposed for an effective quality of service （QoS） solution. A number of studies have been done to enhance the performance of 802.11e in MANET by independently adjusting contention window （CW） size of each access category （AC） in every node. However, without the cooperation between the high priority flows and lower priority flows, the QoS goal of high priority flows cannot achieve effectively. In this article, a fuzzy logic based cooperative MAC protocol （FLCMAC） is proposed to cooperate amongst network flows and dynamically adjust access probability of each low priority flow affecting the high priority flows to satisfy their QoS requirement. The simulation results indicate that compared to the enhanced distributed channel access （EDCA） scheme of 802.11e, the FLCMAC consistently excels, in terms of throughput and delay under moderate and heavy background traffic both in single-hop and multi-hop scenarios.     

On eliminating packet droppers in MANET: A modular solution

In this paper we deal with misbehaving nodes in mobile ad hoc networks (MANETs) that drop packets supposed to be relayed, whose purpose may be either saving their resources or launching a DoS attack. We propose a new solution to monitor, detect, and safely isolate such misbehaving nodes, structured around five modules: (i) The monitor, responsible for controlling the forwarding of packets, (ii) the detector, which is in charge of detecting the misbehaving of monitored nodes, (iii) the isolator, basically responsible for isolating misbehaving nodes detected by the detector, (iv) the investigator, which investigates accusations before testifying when the node has not enough experience with the accused, and (v) finally the witness module that responds to witness requests of the isolator. These modules are based on new approaches, aiming at improving the efficiency in detecting and isolating misbehaving nodes with a minimum overhead. We describe these modules in details, and their interactions as well. We also mathematically analyze our solution and assess its performance by simulation, and compare it with the watchdog, which is a monitoring technique employed by almost all the current solutions.     

An adaptive KPCA approach for detecting LDoS attack

Low‐rate denial‐of‐service (LDoS) attack sends out attack packets at low‐average rate of traffic flow in short time. It is stealthier than traditional DoS attack, which makes detection of LDoS extremely difficult. In this paper, an adaptive kernel principal component analysis method is proposed for LDoS attack detection. The network traffic flow is extracted through wavelet multi‐scale analysis. An adaptive kernel principal component analysis method is adopted to detect LDoS attack through the squared prediction error statistics. Key parameters such as the parameter of the radial basis function, the number of principal components, and the squared prediction error confidence limit are adaptively trained with training data and updated with the network environment. Simulation is accomplished in NS‐2 environment, and results prove the favorable LDoS attack detection efficiency by the proposed approach. Copyright © 2015 John Wiley & Sons, Ltd.     

An efficient and fair cooperative approach for resource management in wireless networks

In cellular networks, the implementation of various resource management processes, such as bandwidth reservation and location updates, has been based on the one‐to‐one resource management information exchange paradigm, between the mobile nodes and the base stations. In this paper, we design and demonstrate the use of a distributed cooperative scheme that can be applied in the future wireless networks to improve the energy consumption for the routine management processes of mobile terminals, by adopting the peer‐to‐peer communication concept of wireless ad hoc networks. In our approach, the network is subdivided into one‐hop ad hoc clusters where the members of each cluster cooperate to perform the required management functions, and conventional individual direct report transmissions of the mobile terminals to the base stations are replaced by two‐hop transmissions. The performance evaluation and the corresponding numerical results presented in this paper confirm that our proposed scheme reduces significantly the overall system energy consumption when compared with the conventional one‐to‐one direct information management exchange approach. Furthermore the issue of fairness in dynamically selecting the various cluster heads in successive operational cycles of the proposed scheme is analyzed, and an enhanced algorithm is proposed and evaluated, which improves significantly the cluster head selection fairness, in order to balance the energy consumption among the various mobile terminals. Copyright © 2005 John Wiley & Sons, Ltd.     

An energy‐efficient clustering approach for collaborative data forwarding in heterogeneous MANET

Mobile ad hoc network consists of a group of mobile nodes that can communicate with each other without any infrastructure. Clustering of the mobile nodes ensures efficient use of available bandwidth and high network throughput. Various clustering schemes are developed to improve the energy efficiency and lifetime of the network. However, there is an increase in the energy consumption with the increase in the number of clusters for forwarding data. This paper presents an energy‐efficient clustering approach for collaborative data forwarding in mobile ad hoc network. The cluster head (CH) is selected based on the processing capability of the nodes and link connection metrics. The CH receives the data from the server and forwards the data to the member nodes at a corresponding data rate of the nodes. Data offloading technique manages the data traffic in the network. The CH rejoining approach enables load balancing in the network. The proposed clustering approach achieves a significant reduction in the energy consumption and data traffic and improvement in the throughput rate through stable routing.     

Biologically inspired artificial intrusion detection system for detecting wormhole attack in MANET

A mobile ad hoc network (MANET) does not have traffic concentration points such as gateway or access points which perform behaviour monitoring of individual nodes. Therefore, maintaining the network function for the normal nodes when other nodes do not forward and route properly is a big challenge. One of the significant attacks in ad hoc network is wormhole attack. In this wormhole attack, the adversary disrupts ad hoc routing protocols using higher bandwidth and lower-latency links. Wormhole attack is more hidden in character and tougher to detect. So, it is necessary to use mechanisms to avoid attacking nodes which can disclose communication among unauthorized nodes in ad hoc networks. Mechanisms to detect and punish such attacking nodes are the only solution to solve this problem. Those mechanisms are known as intrusion detection systems (IDS). In this paper, the suggested biological based artificial intrusion detection system (BAIDS) include hybrid negative selection algorithm (HNSA) detectors in the local and broad detection subsection to detect anomalies in ad hoc network. In addition to that, response will be issued to take action over the misbehaving nodes. These detectors employed in BAIDS are capable of discriminating well behaving nodes from attacking nodes with a good level of accuracy in a MANET environment. The performance of BAIDS in detecting wormhole attacks in the background of DSR, AODV and DSDV routing protocols is also evaluated using Qualnet v 5.2 network simulator. Detection rate, false alarm rate, packet delivery ratio, routing overhead are used as metrics to compare the performance of HNSA and the BAIDS technique.     

一种面向MANET网络应用的身份认证协议

MANET网络的无中心、高度移动性和有限的节点资源等特点给安全目标带来了巨大的挑战。本文根据MANET网络的需求特点设计了一种分布式身份认证协议。该协议无需中心节点或基础设施的支持,每个节点不需要保存其他节点认证口令及秘密,并具有非交互式、抗重放攻击、验证容易的优点。该工作对于建立安全、实用的MANET网络有基础性意义。     

一种解决蓝牙码间串扰的新方法

针对现有蓝牙技术规程中实际存在的一些问题进行了研究,并依照蓝牙规程,对其在高斯白噪声以及多径信道下的传输进行了仿真和分析,发现蓝牙技术中所采用的慢跳频技术并不能很好地抵抗多径干扰;在此基础上提出,若在蓝牙技术中加入一种网格维特比译码算法能有效地降低误码率,从而可以提高蓝牙的传输距离。     

运动检测与定位的热释电红外传感新方法

针对人体目标运动检测与定位,提出了一种新型的热释电红外感知方法,采用递阶的体系结构对菲涅尔透镜的视场(FoV)进行空间调制。首先,对单个传感器节点上的多个热释电红外(PIR)传感器及其菲涅尔透镜的FoV进行环形调制编码,实现单自由度的FoV细分;然后,利用相邻的3个传感器节点相互协作定位。实验表明,该方法具有计算简单、鲁棒性好等优点。     

An approach to the cooperative management of multitechnologynetworks

This article presents a TMN-compliant X interface, the so-called Xcoop interface, as a fundamental component of an operations system developed to cope with the challenges of multidomain, multitechnology networks. Defined at the network level, between operations systems of different TMN domains, it is intended as a support for the management of broadband connectivity services with end-to-end QoS and scheduling constraints in backbones operated by many network operators. The key feature of the present approach, distinguishing it from other existing Xcoop solutions, is in handling the integrated ATM and SDH technologies, covering both the configuration management and fault management functional areas     

A fuzzy logic and game theory based adaptive approach for securing opportunistic networks against black hole attacks

Opportunistic networks (OppNets) are networks that can be used in situations of sparse network connectivity. Strategies for implementing secure transmission of messages in OppNets offer complex and distinctive problems that are wholly different from traditional networks using TCP/IP protocols for data transmission. In this paper, a security protocol named FuzzyPT is proposed which combats black hole attacks in OppNets. The defense mechanism is based on the information extracted from messages in the buffer, potential threat (PT) messages, and fuzzy logic. Fuzziness aids the system in being adaptive by modeling the character of nodes as either benign or malicious. It provides the network with the ability to judge the character of nodes based on relationships between different parameters instead of basing this decision on fixed conditions. FuzzyPT is observed to reduce erroneous decision‐making and decrease the number of false positives and false negatives in the system. An evolutionary game theoretic model is applied, which analyzes the decision‐making ability of relays in choosing varied strategies while forwarding messages. The evolutionary stable state is computed for the protocol, which verifies the proposition that a majority of the relays will cooperate by forwarding messages. The efficiency of the protocol is judged on various grounds such as delivery probability, network overhead ratio, packets dropped, and transmission latency. It is observed that the proposed game theoretic protocol outperforms an existing acknowledge and evolutionary game theory–based security protocol in terms of all the aforementioned performance characteristics.     

A dynamic threshold based approach for mitigating black-hole attack in MANET

Mobile ad-hoc network is an infrastructure less type of network which does not require any kind of fixed infrastructure. It provides multi-hop communication between the source and destination nodes which are not within the direct range of each other through the intermediate nodes. These intermediate nodes cooperate with other nodes in finding an optimum and shortest route toward the destination. However, in holistic environments, some nodes do not cooperate with other nodes in finding the optimal route towards the destination and intentionally give the false route information of having the shortest path toward the destination with a high destination sequence number in order to attract the traffic toward itself and start dropping of the data packets instead of forwarding it. This type of routing misbehaviour is generally called as black hole attack or full packet dropping attack which is one of the most severe destructive attacks that lead to the network degradation. In this paper, we have proposed a protocol called as Mitigating Black Hole effects through Detection and Prevention (MBDP-AODV) based on a dynamic threshold value of the destination sequence number. In order to validate the efficiency of proposed protocol, the NS-2.35 simulator is used. The simulation results show that proposed protocol performs better as compared with existing one under black hole attack.     

A novel approach for mitigating route request flooding attack in MANET

Mobile ad-hoc network (MANET) is a temporary network in which the main requirement for establishing the communication path among nodes is that the nodes should be cooperative. However, in the presence of malicious node, the MANET’s routing protocol such as AODV is vulnerable to different types of flooding attacks. The flooding attack can be continuous or selective. In the available literature, although many researchers have analyzed the network under continuous flooding attack but they have not focussed on selective flooding attack in which an attacker can sometimes behave as a normal and sometimes behave as a malicious. Most of the existing schemes use constant threshold value which lead to a false positive problem in the network. In order to address this issue, a new mechanism called as Mitigating Flooding Attack Mechanism is proposed which is based on a dynamic threshold value and consists of three phases. It makes use of several special nodes called as Flooding-Intrusion Detection System (F-IDS) that are deployed in MANETs in order to detect and prevent flooding attack. The F-IDS nodes are set in promiscuous in order to monitor the behaviour of the node. The simulation results show that the proposed mechanism improves network performance metrics in terms of PDR, throughput and reduces the routing overhead as well as normalized routing load.     

Suppression of drain conductance in InP-based HEMTs by eliminating hole accumulation

We have developed planar-type InP-based high-electron mobility transistors (HEMTs) that significantly suppress the frequency dispersion of drain conductance (g/sub d/) and the kink phenomena, and have examined the physical mechanisms of these phenomena. These phenomena appear to be caused by hole accumulation at the extrinsic source due to impact ionization. Our planar structure includes alloyed ohmic contacts that eliminate the hole barrier at the interface between the carrier-supply layer and the channel in the source and drain region to suppress hole accumulation. Therefore, the planar structure effectively eliminated hole accumulation at the extrinsic source, and suppressed g/sub d/ frequency dispersion to 25% and the kink phenomena to 50% compared with conventional structure HEMTs.     

Ad Hoc 网络中一种基于端节点的启发式TCP改进方法

针对无线移动自组织网络(Mobile Ad Hoc Network,MANET)中网络拥塞和较高误码所引起的TCP性能下降的问题,本文提出了一种端到端的、启发式TCP改进机制.通过该机制,接收端可以推断出网络丢包的真正原因,以及可能的网络拥塞.根据推断结果,发送端采用ECN和(或)ELN机制向发送端尽早反馈,使得发送端可以针对不同的情况采取合适的措施,从而可以改进TCP在MANET中的性能.NS-2试验结果表明在MANET中该方法的性能优于传统TCP.     

无间隙的车联网协助下载方法

车辆通过AP(access points)接入Internet具有低费用、高带宽以及低时延等优点,然而AP间的通信盲区(DA, dark area)使车辆只能间歇式接入Internet,造成网络的QoS难以得到保障。为了解决这一问题,提出一种面向高速公路场景的无间隙协助下载方法(NICDM, non-intermittent cooperative downloading method)。在NICDM中,目标车辆未完成的下载任务依据车速、任务大小以及DA距离等信息进行分解,并分别委托行驶方向上的最近2个AP协助下载;一组经过优化选择的协助车辆从AP获得数据,并在DA区转交给相遇的目标车辆;同时针对传输冲突提出了N-副本的冲突解决策略,进一步提高协助下载的稳定性。仿真结果表明,NICDM实现了目标车辆在整个DA区无间隙地获得数据,与相类似的方法相比,进一步提高了系统的QoS与吞吐量。     

Laser Radar range optimization for detecting and tracking Airborne cooperative targets

A high resolution Nd-YAG pulsed Laser Radar “LIDAR” system is proposed for detecting and tracking Airborne cooperative retro-reflector carrying targets against noise, clutter and back-scatter sources. A previous range computation method is improved and new possibilities of coherent heterodyne detection and phase conjugate elements are discussed. The presented analysis and computation method has proved to be valuable in the feasibility and design stages of operation LIDAR detection and tracking systems.