An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

Authentication schemes have been widely deployed access control and mobility management in various communication networks. Especially, the schemes that are based on multifactor authentication such as on password and smart card come to be more practical. One of the standard authentication schemes that have been widely used for secure communication over the Internet is session initiation protocol (SIP). The original authentication scheme proposed for SIP was vulnerable to some crucial security weaknesses. To overcome the security problems, various improved authentication schemes have been developed, especially based on elliptic curve cryptography (ECC). Very recently, Zhang et al . proposed an improved authentication scheme for SIP based on ECC using smart cards to overcome the security flaws of the related protocols. Zhang et al . claimed that their protocol is secure against all known security attacks. However, this paper indicates that Zhang et al . protocol is still insecure against impersonation attack. We show that an active attacker can easily masquerade as a legal server to fool users. As a remedy, we also improve Zhang et al . protocol by imposing a little extra computation cost. Copyright © 2014 John Wiley & Sons, Ltd.     

An incremental intrusion detection system using a new semi‐supervised stream classification method

In recent years, the utilization of machine learning and data mining techniques for intrusion detection has received great attention by both security research communities and intrusion detection system (IDS) developers. In intrusion detection, the most important constraints are the imbalanced class distribution, the scarcity of the labeled data, and the massive amounts of network flows. Moreover, because of the dynamic nature of the network flows, applying static learned models degrades the detection performance significantly over time. In this article, we propose a new semi‐supervised stream classification method for intrusion detection, which is capable of incremental updating using limited labeled data. The proposed method, called the incremental semi‐supervised flow network‐based IDS (ISF‐NIDS), relies on an incremental mixed‐data clustering, a new supervised cluster adjustment method, and an instance‐based learning. The ISF‐NIDS operates in real time and learns new intrusions quickly using limited storage and processing power. The experimental results on the KDD99, Moore, and Sperotto benchmark datasets indicate the superiority of the proposed method compared with the existing state‐of‐the‐art incremental IDSs.     

A secure mutual authentication scheme with non‐repudiation for vehicular ad hoc networks

Vehicular ad hoc networks (VANETs) have been a research focus in recent years. VANETs are not only used to enhance the road safety and reduce the traffic accidents earlier but also conducted more researches in network value‐added service. As a result, the security requirements of vehicle communication are given more attention. In order to prevent the security threat of VANETs, the security requirements, such as the message integrity, availability, and confidentiality are needed to be guaranteed further. Therefore, a secured and efficient verification scheme for VANETs is proposed to satisfy these requirements and reduce the computational cost by combining the asymmetric and symmetric cryptology, certificate, digital signature, and session key update mechanism. In addition, our proposed scheme can resist malicious attacks or prevent illegal users' access via security and performance analysis. In summary, the proposed scheme is proved to achieve the requirements of resist known attacks, non‐repudiation, authentication, availability, integrity, and confidentiality. Copyright © 2015 John Wiley & Sons, Ltd.     

A topology and application‐aware relay path allocation scheme in multipath transport system based on application‐level relay

The ever‐increasing transmission requirements of quality of service (QoS)‐sensitive applications, especially real‐time multimedia applications, can hardly be met by the single path routing protocols. Multipath transmission mechanism is a feasible approach to provide QoS for various applications. On the basis of the general framework of multipath transport system based on application‐level relay, we present a relay path allocation scheme, whose goal is to select suitable relay paths, while balancing the overlay traffic among the different domains and relayers. With the application‐layer traffic optimization service under the standardization within the Internet Engineering Task Force (IETF), the controller has the topology‐aware ability to allocate relay paths with excellent routing performance. To further develop the universality of our method, the controller perceives transmission performance of relay overlay network through relayers' performance detection processes and, thus, has the application‐aware ability to allocate relay paths with excellent transmission performance for different applications by consulting application‐specific transmission metrics. Simulation results demonstrate that the proposed relay path allocation algorithm performs well in allocating superior relay paths and can balance the distribution of overlay traffic across domains in different network situations.     

Efficient allocation of LTE downlink spectral resource to improve fairness and throughput

For the current generation of cellular communication systems, long‐term evolution (LTE) has been the major protocol to support high‐speed data transmission. It is critical to allocate downlink spectral resource in LTE, namely, resource blocks (RBs), but the issue is not well addressed in the standard. Therefore, the paper develops an efficient RB allocation algorithm with 4 mechanisms to improve both fairness and throughput in LTE. For fairness concern, our RB allocation algorithm uses a resource‐reservation mechanism to prevent cell‐edge user equipments from starvation, and a credit‐driven mechanism to keep track of the amount of resource given to each user equipment. For throughput concern, it adopts both weight‐assignment and RB‐matching mechanisms to allocate each RB to a packet according to its flow type and length. Through simulations, we demonstrate that the proposed RB allocation algorithm can significantly increase both throughput and fairness while reducing packet dropping and delays of real‐time flows, as compared with previous methods.     

On the security of an RFID‐based parking lot management system

Radio Frequency Identification (RFID)‐based parking management systems provide facilities to control parking lot systems within easy access and secure inspection. Chen and Chong have presented a scheme to prevent car thefts for parking lot management systems, which is based on EPC C1‐G2 RFID standard. They claimed that their protocol is resistant against well‐known RFID attacks. In this paper, we prove that Chen and Chong's scheme is not resistant against secret disclosure and impersonation attacks. Therefore, in Chen and Chong parking lot system, a car may be stolen without having a valid tag. In this paper, we also show that the proposed impersonation attack works for any length of cyclic redundancy check and the secret disclosure attack costs at most 2¹⁶ evaluations of the used pseudo random number generator. The success probability of both attacks is 1 while their complexity is only 2 runs of the protocol. Finally, we present an improved protocol and formally and informally prove that the improved protocol provides the desired level of security and privacy.     

An algorithm for the selection of effective error correction coding in wireless networks based on a lookup table structure

In this paper, we propose an adaptive Forward Error Correction (FEC) coding algorithm at the Medium Access Control (MAC) layer used in wireless networks. Our algorithm is based on the lookup table architecture, including a distance lookup table and a bit error rate lookup table. These tables will store the best value of the FEC codes based on different distances and bit error rates. Because radio channels change over time, the bit error rate is always changing, or in the case of mobile nodes, when the transmission distance changes, the bit error rate also changes, so previously proposed algorithms take longer to find the optimal value of the FEC code for data transmission. Our proposed algorithm, however, is based on 2 lookup tables, and thus, it can always quickly select an optimal FEC code during early data transmissions and achieve high performance. We compare our algorithm with other methods based on performance metrics such as the recovery overhead of FEC codes, energy efficiency, and peak‐signal‐to‐noise ratio values in the case of image transmission. Our simulation indicates that the proposed algorithm achieves better performances and proves the correctness of the proposed lookup table architecture.     

E‐TDGO: An encrypted trust‐based dolphin glowworm optimization for secure routing in mobile ad hoc network

Mobile ad hoc networks (MANETs) are independent networks, where mobile nodes communicate with other nodes through wireless links by multihop transmission. Security is still an issue to be fixed in MANETs. Hence, a routing protocol named encrypted trust‐based dolphin glowworm optimization (DGO) (E‐TDGO) is designed using Advanced Encryption Standard‐128 (AES‐128) and trust‐based optimization model for secure routing in MANET. The proposed E‐TDGO protocol includes three phases, namely, k‐path discovery, optimal path selection, and communication. At first, k paths are discovered based on the distance and the trust level of the nodes. From the k paths discovered, the optimal path is selected using a novel algorithm, DGO, which is developed by combining glowworm swarm optimization (GSO) algorithm and dolphin echolocation algorithm (DEA). Once the optimal path is selected, communication begins in the network such that E‐TDGO protocol ensures security. The routing messages are encrypted using AES‐128 with shared code and key to offer security. The experimental results show that the proposed E‐TDGO could attain throughput of 0.11, delay of 0.01 second, packet drop of 0.44, and detection rate of 0.99, at the maximum number of rounds considered in the network of 75 nodes with attack consideration.     

Design and investigations on a compact,UWB, monopole antenna with reconfigurable band notches for 5.2/5.8 GHz WLAN and 5.5 GHz Wi‐MAX bands

This article represents a microstrip line–fed novel circular monopole antenna with ultra‐wideband (UWB) characteristics. The compact antenna provides reconfigurable notches at WLAN (5.2/5.8 GHz) and Wi‐MAX (5.5 GHz) frequency bands. The band rejection is achieved by etching an open‐ended L‐shaped slot in the ground plane, which effectively mitigates the interference between WLAN, Wi‐MAX, and UWB systems with an effective patch area of 36.26%. The proposed antenna operates from 3.05 to 12.11 GHz with VSWR 2 except at stopband (3.89‐5.93 GHz) to filter the WLAN and Wi‐MAX signals. The simulated return loss, gain, and radiation pattern of the proposed antenna has been experimentally verified with the fabricated one which holds a good agreement.     

An efficient algorithm for backbone construction in cognitive radio networks

Numerous research articles exist for backbone formation in wireless networks; however, they cannot be applied straightforward in cognitive radio network (CRN) due to its peculiar characteristics. Since virtual backbone has many advantages such as reduced routing overhead, dynamic maintenance, and fast convergence speed, we intend to propose a backbone formation protocol in CRN. In this paper, we propose a tree‐based backbone formation protocol along with its maintenance. Our protocol is based on non‐iterative approach, thus leading towards limited message overhead and faster convergence speed. The proposed algorithm first forms the tree by maintaining the parent‐child relationship, and second, the parent nodes are connected together to form the virtual backbone. In the end, we evaluate the performance our protocol through extensive simulations.