车联网环境下基于重复博弈的恶意车辆节点检测机制

针对车联网内部存在的虚假信息攻击,以及节点动态变化快及密集程度不同造成的恶意车辆节点检测机制效率低下,提出了一种基于重复博弈的恶意车辆节点检测机制。首先,根据车辆在信息交互中的行为建立重复博弈模型,并利用生成的节点收益计算出信任值与动态阈值,经二者比较,筛选出可疑的恶意车辆节点;其次,通过权值投票算法从可疑的恶意车辆节点中判定出恶意车辆节点;最后,从邻居列表中选取信任值最高的下一跳车辆节点进行合作。仿真和分析表明,与现有的相关机制相比,该机制提高了对虚假信息攻击的检测率,降低了误检率。     

基于节点协作式网格投票的VANETs位置验证方法

针对车载网VANETs (vehicle Ad Hoc networks)中恶意节点的位置欺骗问题,提出了基于节点协作式的网格投票的位置验证方案.该方案将连续时间划分静态帧,在每个静态帧内,验证者和邻居节点协作共同检测位置欺骗的节点.验证者先获取目标区域,并将目标区域分割成等区域面积的网格.通过了资格审核的邻居节点才能在相应的网格内投票.通过多轮网格投票,获取最高票数的网格所在的区域,就是被验证者被估计的位置.将该位置与被验证者声称的位置进行比较,若不相符,则认为被验证者实施了位置欺骗.安全性能分析和仿真数值表明,基于节点协作式的网格投票的位置验证方案能有效地检测位置欺骗节点,具有低的漏警率和虚警率,能够正确地检测恶意节点.     

Speed regulation in steering-based source seeking

The simplest strategy for extremum seeking-based source localization, for sources with unknown spatial distributions and nonholonomic unicycle vehicles without position measurement, employs a constant positive forward speed. Steering of the vehicle in the plane is performed using only the variation of the angular velocity. While keeping the forward speed constant is a reasonable strategy motivated by implementation with aerial vehicles, it leads to complexities in the asymptotic behavior of the vehicle, since the vehicle cannot settle—at best it can converge to a small-size attractor around the source. In this paper we regulate the forward velocity, with the intent of bringing the vehicle to a stop, or as close to a stop as possible. The vehicle speed is controlled using simple derivative-like feedback of the sensor measurement (the derivative is approximated with a washout filter) to which a speed bias parameter V_c is added. The angular velocity is tuned using standard extremum seeking. We prove two results. For V_c in a certain range around zero, we show that the vehicle converges to a ring around the source and on average the limit of the vehicle’s heading is either directly away or towards the source. For other values of V_c>0, the vehicle converges to a ring around the source and it revolves around the source. Interestingly, the average heading of this revolution around the source is more outward than inward—this is possible because the vehicle’s speed is not constant, it is lower during the outward steering intervals and higher during the inward steering intervals. The theoretical results are illustrated with simulations.     

A novel trust management scheme based on Dempster–Shafer evidence theory for malicious nodes detection in wireless sensor networks

With the development of Internet technology, social network has become an important application in the network life. However, due to the rapid increase in the number of users, the influx of a variety of bad information is brought up as well as the existence of malicious users. Therefore, it is emergent to design a valid management scheme for user’s authentication to ensure the normal operation of social networks. Node trust evaluation is an effective method to deal with typical network attacks in wireless sensor networks. In order to solve the problem of quantification and uncertainty of trust, a novel trust management scheme based on Dempster–Shafer evidence theory for malicious nodes detection is proposed in this paper. Firstly, by taking into account spatiotemporal correlation of the data collected by sensor nodes in adjacent area, the trust degree can be estimated. Secondly, according to the D–S theory, the trust model is established to count the number of interactive behavior of trust, distrust or uncertainty, further to evaluate the direct trust value and indirect trust value. Then, a flexible synthesis method is adopted to calculate the overall trust to identify the malicious nodes. The simulation results show that the proposed scheme has obvious advantages over the traditional methods in the identification of malicious node and data fusion accuracy, and can obtain good scalability.

     

Signaling game based strategy of intrusion detection in wireless sensor networks

As Wireless Sensor Networks (WSNs) become increasingly popular, it is necessary to require Intrusion Detection System (IDS) available to detect internal malicious sensor nodes. Because sensor nodes have limited capabilities in terms of their computation, communication, and energy, selecting the profitable detection strategy for lowering resources consumption determines whether the IDS can be used practically. In this paper, we adopt the distributed-centralized network in which each sensor node has equipped an IDS agent, but only the IDS agent resided in the Cluster Head (CH) with sufficient energy will launch. Then, we apply the signaling game to construct an Intrusion Detection Game modeling the interactions between a malicious sensor node and a CH-IDS agent, and seek its equilibriums for the optimal detection strategy. We illustrate the stage Intrusion Detection Game at an individual time slot in aspects of its player’s utilities, pure-strategy Bayesian–Nash equilibrium (BNE) and mixed-strategy BNE. Under these BNEs the CH-IDS agent is not always on the Defend strategy, as a result, the power of CH can be saved. As the game evolves, we develop the stage Intrusion Detection Game into a multi-stage dynamic Intrusion Detection Game in which, based on Bayesian rules, the beliefs on the malicious sensor node can be updated. Upon the current belief and the Perfect Bayesian equilibrium (PBE), the best response strategy for the CH-IDS agent can be gained. Afterward, we propose an intrusion detection mechanism and corresponding algorithm. We also study the properties of the multi-stage dynamic Intrusion Detection Game by simulations. The simulation results have shown the effectiveness of the proposed game, thus, the CH-IDS agents are able to select their optimal strategies to defend the malicious sensor nodes’ Attack action.     

面向无线传感器网络的分层路由信任模型

针对无线传感器网络内部不能有效地检测出恶意节点攻击所引发的安全问题,提出一种面向无线传感器网络分层路由的信任模型。该模型能发现来自网络内部攻击的恶意节点并将其排除,提高了无线传感器网络的安全性能。实验结果表明,与TLEACH协议相比,在恶意节点攻击时,该模型的敏感性提高了5%,信任值幅度增加了10%。     

WMNs中基于节点可信度的机会路由改进算法

机会路由提高了WMNs的可靠性和吞吐量,但同时由于节点候选集中存在恶意节点,导致网络性能下降。对于如何及时识别、隔离网络中的恶意节点的问题,建立了一种节点可信度评估模型。基于贝叶斯网络算法,考虑到非恶意因素带来的网络异常行为,引入不确定交互因子,改进了直接信任的评估方法,利用熵为信任值的计算和更新分配权重。引入反映节点真实参与度的行为积极因子并结合信任值得出节点的可信度,对可信度处于待定状态的节点进行未来可信度的预测,以甄别潜在的恶意节点。最后将该模型应用于机会路由ExOR中,提出了一种基于节点可信度的机会路由算法BTOR。实验结果表明,该算法可以有效检测恶意节点,在各项性能指标上比原路由算法更具优势。     

Prevention of selective black hole attacks on mobile ad hoc networks through intrusion detection systems

A black hole attack on a MANET refers to an attack by a malicious node, which forcibly acquires the route from a source to a destination by the falsification of sequence number and hop count of the routing message. A selective black hole is a node that can optionally and alternately perform a black hole attack or perform as a normal node. In this paper, several IDS (intrusion detection system) nodes are deployed in MANETs in order to detect and prevent selective black hole attacks. The IDS nodes must be set in sniff mode in order to perform the so-called ABM (Anti-Blackhole Mechanism) function, which is mainly used to estimate a suspicious value of a node according to the abnormal difference between the routing messages transmitted from the node. When a suspicious value exceeds a threshold, an IDS nearby will broadcast a block message, informing all nodes on the network, asking them to cooperatively isolate the malicious node. This study employs ns2 to validate the effect of the proposed IDS deployment, as IDS nodes can rapidly block a malicious node, without false positives, if a proper threshold is set.     

一种基于声誉的评分累积信任模型

安全多方计算为保护各方的私有信息,采用安全协议来保证合作计算的顺利进行。但恶意攻击的存在,使得安全协议的复杂性较高,协议的可操作性较低。鉴于此,提出一种基于声誉的评分累积信任模型,根据参与节点的历史行为评估其声誉,辨别恶意节点,采用惩罚机制鼓励可信的参与节点、隔离不可信节点,从而降低恶意攻击带来的风险。实验表明,该模型可以在一定程度上抵制自私的恶意攻击。     

基于改进混合高斯模型和图形句柄的异常车辆检测

由于交通安全隐患在当下的生活中造成的不良影响越发严重,所以在步行街、校园等禁止车辆行驶的场景中,对异常车辆的检测具有一定的现实意义。针对利用混合高斯建立背景模型时易出现重影和空洞问题,提出了一种基于SSIM结构相似性的混合高斯建模的异常车辆检测,采用SSIM计算2幅图像像素点间的相似度,在高斯建模后进行二次背景建模,同时引入了指数函数来优化高斯建模过程中的权值更新过程,提高了更新速度。采用图形句柄函数优化连通域方法对前景区域进行异常车辆检测,能够检测出异常车辆且标注框更加贴近车辆形状。对580幅由视频分割得到的图像的实验结果表明,检测率可以达到90.3%。     

一种基于多跳确认和信任评估的选择性转发攻击检测方法

针对无线传感器网络中的选择性转发攻击行为,提出一种基于多跳确认和信任评估(MHA-TE)的选择性转发攻击检测方法.MHA-TE方法利用基于源节点的请求响应形式的多跳确认方案,通过源节点发送请求包、中间节点回复响应包的方式确定路径中产生恶意丢包行为的节点,进而将被检举出的恶意节点作为信任评估的参数更新标准,运用Bate分布建立信任评估模型分析各个节点的交互情况,确定路径中各节点的信任值,并将更新后的信任值与对应的信任值阈值比较,进行恶意节点的判定.该方法结合多跳确认和信任评估的优势,能够解决路径上多恶意节点误警率高和静态信任阈值适应性差以及检测率低的问题.仿真实验结果表明,相比于Two-hops方法、MLCM方法和ITEM方法,MHA-TE方法不仅能够有效检测恶意节点,具有较高的检测率和较低的误警率,而且可以在很大程度上降低网络开销.     

A novel intrusion detection framework for wireless sensor networks

Vehicle cloud is a new idea that uses the benefits of wireless sensor networks (WSNs) and the concept of cloud computing to provide better services to the community. It is important to secure a sensor network to achieve better performance of the vehicle cloud. Wireless sensor networks are a soft target for intruders or adversaries to launch lethal attacks in its present configuration. In this paper, a novel intrusion detection framework is proposed for securing wireless sensor networks from routing attacks. The proposed system works in a distributed environment to detect intrusions by collaborating with the neighboring nodes. It works in two modes: online prevention allows safeguarding from those abnormal nodes that are already declared as malicious while offline detection finds those nodes that are being compromised by an adversary during the next epoch of time. Simulation results show that the proposed specification-based detection scheme performs extremely well and achieves high intrusion detection rate and low false positive rate.     

Timing Analysis and Code Generation of Vehicle Control Software using Taxys

PATH's automated vehicle control application software is responsible for the longitudinal and lateral control of each vehicle in a platoon [5]. The software consists of a set of processes running concurrently on a PC, reading data from various sensors (e.g., radar, speedometer, accelerometer, magnetometer), writing to actuators (throttle, brake and steering), and using radio to communicate data to other vehicles. The processes exchange data with each other using a publish/subscribe scheme. In this paper, we describe the current software, and propose a model written in the synchronous language Esterel [1]. We use Taxys [2,7], a tool for timing analysis of Esterel based on the Kronos model-checker [3], and the Esterel compiler Saxo-RT [6], to verify that the application meets its deadlines. Timing analysis is done on-the-fly during the execution of the appropriately instrumented C code generated by the compiler. Instrumentation allows the verifier to observe the execution time of the application code. The C code generated by Saxo-RT, appropriately linked to the publish/subscribe library, can be run on the vehicles.     

CHEMAS: Identify suspect nodes in selective forwarding attacks

Selective forwarding attacks may corrupt some mission-critical applications such as military surveillance and forest fire monitoring in wireless sensor networks. In such attacks, most of the time malicious nodes behave like normal nodes but will from time to time selectively drop sensitive packets, such as a packet reporting the movement of the opposing forces, and thereby make it harder to detect their malicious nature. In this paper, we propose CHEMAS (CHEckpoint-based Multi-hop Acknowledgement Scheme), a lightweight security scheme for detecting selective forwarding attacks. Our scheme can randomly select part of intermediate nodes along a forwarding path as checkpoint nodes which are responsible for generating acknowledgements for each packet received. The strategy of random-checkpoint-selection significantly increases the resilience against attacks because it prevents a proportion of the sensor nodes from becoming the targets of attempts to compromise them. In our scheme, each intermediate node in a forwarding path, if it does not receive enough acknowledgements from the downstream checkpoint nodes, has the potential to detect abnormal packet loss and identify suspect nodes. We explore the feasibility of our detection scheme using both theoretical analysis and simulations. The simulation results show that our scheme can achieve a high detection rate, even in harsh radio conditions. The communication overhead incurred by our scheme is also within reasonable bounds.     

TCR: a trustworthy and churn-resilient academic distribution and retrieval system in P2P networks

As the number of people using the internet has surged over the past few years, more and more people are choosing to share and retrieve information online. There are several decentralized retrieval applications that provide file-sharing platforms for exactly this purpose. However, these applications cannot guarantee churn resilience, trustworthiness, or low cost of retrieval. Therefore, in this paper, we present a system called trustworthy and churn-resilient academic distribution and retrieval system in P2P networks, or TCR, which: (1) ensures that information will not be centralized by central network administrators; (2) utilizes LSH to classify nodes with similar research topics into a local subnetwork, and applies routing algorithms with trust score equations to determine the next trustworthy node to forward the message, thus ensuring each node can accurately and efficiently find its trustworthy nodes within only a few hops; (3) provides a trustworthy management system that itself deals in trustworthiness, ensuring that even when there is a large proportion of malicious nodes, the system can still detect and punish misbehaving nodes; (4) guarantees that nodes can still retrieve the desired files even when in high-churn networks. We finally demonstrate that our TCR entails low message costs, provides high match rates, detects malicious nodes, and ensures churn resilience and search efficiency when compared to other P2P retrieval systems.

     

An ant colony algorithm for the multi-compartment vehicle routing problem

We demonstrate the use of Ant Colony System (ACS) to solve the capacitated vehicle routing problem associated with collection of recycling waste from households, treated as nodes in a spatial network. For networks where the nodes are concentrated in separate clusters, the use of k-means clustering can greatly improve the efficiency of the solution. The ACS algorithm is extended to model the use of multi-compartment vehicles with kerbside sorting of waste into separate compartments for glass, paper, etc. The algorithm produces high-quality solutions for two-compartment test problems.     

无线自组网中多种节点状态的行为特征及关联分析

从节点行为对网络安全的影响角度看,恶意节点将直接导致路由破坏或者毁坏数据.因此,在节点行为检测和信任度评估时,必须首先重点关注其安全性行为特征,以便降低恶意行为节点的信任值.归纳了网络中九种常见的节点行为类型,分析了各行为状态的行为特征,建立了特征模型,提出了检测特征参数和关联检测模型.仿真结果表明,提出的节点行为检测特征参数和关联检测模型,在静态及网络变化时,对不合作节点、恶意节点的行为信任值评估定级均有较高的准确性,可以有效排除这些节点的网络活动.     

Detecting plagiarized mobile apps using API birthmarks

This paper addresses the problem of detecting plagiarized mobile apps. Plagiarism is the practice of building mobile apps by reusing code from other apps without the consent of the corresponding app developers. Recent studies on third-party app markets have suggested that plagiarized apps are an important vehicle for malware delivery on mobile phones. Malware authors repackage official versions of apps with malicious functionality, and distribute them for free via these third-party app markets. An effective technique to detect app plagiarism can therefore help identify malicious apps. Code plagiarism has long been a problem and a number of code similarity detectors have been developed over the years to detect plagiarism. In this paper we show that obfuscation techniques can be used to easily defeat similarity detectors that rely solely on statically scanning the code of an app. We propose a dynamic technique to detect plagiarized apps that works by observing the interaction of an app with the underlying mobile platform via its API invocations. We propose API birthmarks to characterize unique app behaviors, and develop a robust plagiarism detection tool using API birthmarks.     

An Open Road Evaluation of a Self-Driving Vehicle Human–Machine Interface Designed for Visually Impaired Users

ABSTRACT

Fully autonomous or “self-driving” vehicles are an emerging technology that may hold tremendous mobility potential for individuals who are visually impaired who have been previously disadvantaged by an inability to operate conventional motor vehicles. Prior studies however, have suggested that these consumers have significant concerns regarding the accessibility of this technology and their ability to effectively interact with it. We present the results of a quasi-naturalistic study, conducted on public roads with 20 visually impaired users, designed to test a self-driving vehicle human–machine interface. This prototype system, ATLAS, was designed in participatory workshops in collaboration with visually impaired persons with the intent of satisfying the experiential needs of blind and low vision users. Our results show that following interaction with the prototype, participants expressed an increased trust in self-driving vehicle technology, an increased belief in its likely usability, an increased desire to purchase it and a reduced fear of operational failures. These findings suggest that interaction with even a simulated self-driving vehicle may be sufficient to ameliorate feelings of distrust regarding the technology and that existing technologies, properly combined, are promising solutions in addressing the experiential needs of visually impaired persons in similar contexts.     

Modified DSR protocol for detection and removal of selective black hole attack in MANET

A black hole attack in ad hoc network refers to an attack by malicious nodes, which forcibly acquires the route from a source to destination by falsely advertising shortest hop count to reach the destination node. In this paper, we present a Modified Dynamic Source Routing Protocol (MDSR) to detect and prevent selective black hole attack. Selective black hole attack is a special kind of black hole attack where malicious nodes drop the data packets selectively. We proposed an Intrusion Detection System (IDS) where the IDS nodes are set in promiscuous mode only when required, to detect the abnormal difference in the number of data packets being forwarded by a node. When any anomaly is detected, the nearby IDS node broadcast the block message, informing all nodes on the network to cooperatively isolate the malicious node from the network. The proposed technique employs Glomosim to validate the effectiveness of proposed intrusion detection system.