Amar Taggu

TraceGray: An application-layer scheme for intrusion detection in MANET using mobile agents

Many intrusion detection algorithms have been proposed to detect network attacks on Mobile Ad-Hoc Networks (MANET). Most of such proposals require extensive modifications to routing algorithms or lower layers which might not be always feasible in practice. This paper proposes a simple but non-trivial scheme TraceGray, that uses mobile agents (MA) to carry out intrusion detection in a MANET without modifying either the underlying routing algorithms or other layers like the datalink layer. TraceGray works only in the application layer and detects multiple gray holes in a DSR protocol based MANET, while traversing the network from a given source to a destination. Since mobile agents work in the application layer, our approach requires no changes to any existing routing protocols or lower layers and is essentially protocol independent. The ns-2 based implementation show successful detection of multiple gray holes in networks with moderate mobility.

A comprehensive analysis of DoS attacks in Mobile Adhoc Networks

Mobile Adhoc NETworks (MANETs) have gained popularity in both research and industrial domains due to their on-demand ad-hoc nature, easy deployment and absence of any central authority for routing. However, MANETs are susceptible to an array of attacks, primarily because of their adhoc and decentralized nature. Most of these attacks are targeted at disrupting the routing of control and data packets, thereby rendering MANETs insecure and unusable. Denial of Service (DoS) attack is a suite of attacks consisting of attacks like Blackhole, Grayhole attack etc. in which the network traffic is captured and forwarded to a malicious node or a group of collaborating malicious nodes in the network so as to hamper legitimate communications in the network. The scope of this paper is to study the effects of Blackhole, Grayhole, Rushing and Sleep Deprivation attacks in Adhoc On-Demand Distance Vector (AODV) based MANETs. Various performance metrics have been used to study the effects of different DoS attacks in MANETs and a comprehensive analysis is presented. NS-2.35 has been used extensively to simulate these attacks.

Can Clustering be Used to Detect Intrusion During Spectrum Sensing in Cognitive Radio Networks

Collaborative sensing helps in achieving a more accurate sensing decision than individual sensing in cognitive radio network (CRN). In an infrastructure-based CRN, each node sends its local sensing report to the fusion center (FC), which uses a fusion rule to aggregate the local sensing reports. However, collaborative sensing is vulnerable to the spectrum sensing data falsification attack, in which a node falsifies its local sensing report before sending it to the FC with the intention of disrupting the final sensing decision of the FC. In practice, the strategy of an attacker is not known. However, the collection of sensing reports at the FC can be useful for data mining with the objective of identifying the attackers. In this paper, we present a method that uses clustering techniques for detection and isolation of such attackers. We employ two clustering techniques, viz., K-medoids clustering and agglomerative hierarchical clustering. Unlike threshold detection that requires some predefined threshold value as input, the proposed approach detects the attackers using only the collection of sensing reports at the FC. We also present how we can use the proposed approach on streaming data (sensing reports), and thus, detect and isolate attackers on the fly. Comparative numerical simulation results support the validity of the approach.

Wtracert: An optimal timer based traceroute implementation for wireless networks

Traceroute program is extensively used in wired networks to track the route packets take on their way to a destination. However, traceroute is often less effective in wireless networks where broken routes are too common. In this paper, the design of wtracert is presented that employs optimal timeouts to provide a faster implementation of the traditional traceroute. Optimal timeout period of timers is based on exponential weighted moving average (EWMA) of round-trip-times of UDP packets. Our linux based implementation of wtracert shows marked improvement over standard traceroute especially when the target is not reachable.

A study on spectral occupancy in the north eastern India for rural broadband access

High proliferation of wireless devices have ushered in an unprecedented rise in the demand for wireless connectivity across the world. However, most of these devices are restricted to the ISM band for accessing network services. These ISM bands already suffer from high congestion and limited communication range. Moreover, the current policy of static spectrum usage is proving detrimental to the proper utilisation of available spectrum in the country. Use of the TeleVision White Space(TVWS) has been proposed to mitigate the current scenario of over-crowded, limited bandwidth and low radio range wireless networks. Cognitive Radio Networks (CRNs) were proposed just for this purpose. CRNs are communication networks built using cognitive radios (CR) and rely heavily on opportunistic usage of licensed bands which are otherwise severely under-utilised, without affecting the transmission of the licensed users. The current work highlights the spectral occupancy in VHF and UHF including GSM range in the North East region of India. Such a study can prove to be very useful for real deployment of CRNs for broadband access in the near future.

An effective emitter-source localisation-based PUEA detection mechanism in cognitive radio networks

Cognitive Radios (CRs) aim at improving the efficiency of spectrum utilisation by making use of the spectrum holes in the licensed radio spectrum which otherwise would remain unused leading to underutilisation of spectrum resources. The idea is to utilise the unused licensed radio frequencies in the absence of the licensed users called Primary Users (PUs) and leave the same when the licensed users return. However, there are several security threats holding back the successful realisation of CR networks. Primary User Emulation Attack (PUEA) is one such major threat in CR networks, in which the attackers disguise themselves as PUs by mimicking the signal characteristics of the PUs, in order to make the legitimate Secondary Users (SUs) erroneously identify the attackers as PUs and hence, vacate the spectrum. It is obvious that such attacks will cause many SUs to lose access to the network services leading to overall performance degradation in the entire network. In this paper, we propose a Hyperbolic-based Transmitter Localisation technique using TDOA to defend against PUEA. The results show successful detection of the PUEA attackers along with accurate positions of the attackers.

Mitigating SSDF attack using k-medoids clustering in Cognitive Radio Networks

Collaborative sensing is preferred to individual sensing in Cognitive Radio Network (CRN) since it helps in achieving a more accurate sensing decision. In infrastructure-based cognitive radio network, each node sends its local sensing report to the fusion center which uses a fusion rule to make the final decision. The decision of the Fusion Center plays a vital role. Attackers may try to manipulate the decision-making of the Fusion Center (FC) for selfish reasons or to interfere with the primary user transmission. In SSDF attack, malicious users try to manipulate the FC by sending false sensing report. In this paper we present a method for detection and isolation of such malicious users. Our method is based on the k-medoids clustering algorithm. The proposed approach does not require the use of any predefined threshold for detection. It mines the collection of sensing reports at the FC for determining the presence of attackers. Additionally, we also present how we can use the proposed approach on streaming data (sensing reports) and thereby detect and isolate attackers on the fly. Simulation results support the validity of the approach.

CODES: A COllaborative DEtection Strategy for SSDF Attacks in Cognitive Radio Networks

Cognitive Radio Network (CRN) nodes called the Cognitive Radio (CR) nodes, sense the presence of a Primary User (PU) activity. The sensing reports from all the CR nodes are sent to a Fusion Centre (FC) which aggregates these reports and takes decision about the presence of the PU, based on some decision rules. Such a collaborative sensing mechanism forms the foundation of any centralised CRN. However, this approach can be misused by malicious Secondary Users (SUs) by carrying out Spectrum Sensing Data Falsification (SSDF) attacks. SSDF attacks which invade the CRN during spectrum sensing phase can affect the global decision of spectrum occupancy and thus, degrade the overall performance of a CRN. In this paper, a threshold-based detection strategy, CODES, is proposed for detection of SSDF attacks. Simulation results show successful detection of malicious SUs across a range of SSDF attacks.