Arijit Ukil

A Mechanism for Detection of Cooperative Black Hole Attack in Mobile Ad Hoc Networks

A mobile ad hoc network (MANET) is a collection of autonomous nodes that communicate with each other by forming a multi-hop radio network and maintaining connections in a decentralized manner. Security remains a major challenge for these networks due to their features of open medium, dynamically changing topologies, reliance on cooperative algorithms, absence of centralized monitoring points, and lack of clear lines of defense. Most of the routing protocols for MANETs are thus vulnerable to various types of attacks. Ad hoc on-demand distance vector routing (AODV) is a very popular routing algorithm. However, it is vulnerable to the well-known black hole attack, where a malicious node falsely advertises good paths to a destination node during the route discovery process. This attack becomes more sever when a group of malicious nodes cooperate each other. In this paper, a defense mechanism is presented against a coordinated attack by multiple black hole nodes in a MANET. The simulation carried out on the proposed scheme has produced results that demonstrate the effectiveness of the mechanism in detection of the attack while maintaining a reasonable level of throughput in the network.

Embedded security for Internet of Things

Internet of Things (IoT) consists of several tiny devices connected together to form a collaborative computing environment. IoT imposes peculiar constraints in terms of connectivity, computational power and energy budget, which make it significantly different from those contemplated by the canonical doctrine of security in distributed systems. In order to circumvent the problem of security in IoT domain, networks and devices need to be secured. In this paper, we consider the embedded device security only, assuming that network security is properly in place. It can be noticed that the existence of tiny computing devices that form ubiquity in IoT domain are very much vulnerable to different security attacks. In this work, we provide the requirements of embedded security, the solutions to resists different attacks and the technology for resisting temper proofing of the embedded devices by the concept of trusted computing. Our paper attempts to address the issue of security for data at rest. Addressing this issue is equivalent to addressing the security issue of the hardware platform. Our work also partially helps in addressing securing data in transit.

IoT-Privacy: To be private or not to be private.

Privacy breaching attacks pose considerable challenges in the development and deployment of Internet of Things (IoT) applications. Though privacy preserving data mining (PPDM) minimizes sensitive data disclosure probability, sensitive content analysis, privacy measurement and users privacy awareness issues are yet to be addressed. In this paper, we propose a privacy management scheme that enables the user to estimate the risk of sharing private data like smart meter data. Our focus is to develop robust sensitivity detection, analysis and privacy content quantification scheme from statistical disclosure control aspect and information theoretic model. We depict performance results using real sensor data.

An adaptable and QoS-aware routing protocol for Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are highly distributed networks consisting of a large number of tiny, low-cost, light-weight wireless nodes deployed to monitor an environment or a system. Each node in a WSN consists of three subsystems: the sensor subsystem which senses the environment, the processing subsystem which performs local computations on the sensed data, and the communication subsystem which is responsible for message exchange with neighboring sensor nodes. Routing in WSNs is a very important issue. This paper presents a query-based routing protocol for a WSN that provides different levels of Quality of Service (QoS): energy-efficiency, reliability, low latency and fault-tolerance-under different application scenarios. The algorithm has low computational complexity but can dynamically guarantee different QoS support depending on the requirement of the applications. The novelty of the proposed algorithm is its ability to provide multiple QoS support without reconfiguration and redeployment of the sensor nodes. The algorithm is implemented in network simulator ns-2 on 802.15.4 MAC and its performance has been evaluated. The results show that the algorithm is more efficient than some of the currently existing routing algorithms for WSNs.

Lightweight security scheme for vehicle tracking system using CoAP

In this paper we present a lightweight security scheme for authentication and key management to establish a secure channel for Intelligent Transportation System (ITS) for an IoT (Internet of Things) application. We choose Constrained Application Protocol (CoAP) as lightweight application layer protocol. Low overhead security is still an open challenge for CoAP. We propose a payload embedded low cost symmetric-key based robust authentication and key management mechanism on CoAP. This minimizes the security overhead by eliminating expensive handshaking and ciphersuite agreement of standard TLS and DTLS. We propose some unique modification in the CoAP header to invoke its secure mode in an optimized manner. Further, we propose a secure channel with adaptive reliability which reduces the overall communication cost. Such a low overhead security scheme for CoAP is hitherto unexplored. The efficacy of our proposed scheme is demonstrated through laboratory experiments in an emulated environment.

Negotiation-based privacy preservation scheme in internet of things platform

Internet of things (IoT) brings forth a coupling among diverse sensors and diverse domains of applications and services. Sensors primarily provide the sensed observations, which are utilized by various applications and services. Applications are meant to serve personalized needs of the user, based on their various requirements. Therefore, in IoT, the challenge is to provide a platform to facilitate the interoperation among the diverse domains of applications, various heterogeneous devices such as sensors, actuators, gateways, and to preserve privacy while receiving and sharing the sensed observation from and with the multiple data sources and sinks. This paper discusses the characteristics and vision of the IoT system and presents a privacy preservation framework as a part of the IoT platform including a data masking tool for both privacy and utility preservation. The proposed framework provides negotiation--based architecture to find a solution for utility-privacy tradeoff in IoT data management. A case study on data privacy problem in e-health is presented along with a discussion for future research scope and conclusion.

Privacy Preserving Data Aggregation in Wireless Sensor Networks

Privacy preservation is an important issue in today’s context of extreme penetration of Internet and mobile technologies. It is more important in the case of Wireless Sensor Networks (WSNs) where collected data often requires in-network processing and collaborative computing. Researches in this area are mostly concentrated in applying data mining techniques to preserve the privacy content of the data. These techniques are mostly computationally expensive and not suitable for resource limited WSN nodes. In this paper, a scheme is developed to provide privacy preservation in a much simpler way with the help of a secure key management scheme and randomized data perturbation technique. We consider a scenario in which two or more parties owning confidential data need to share only for aggregation purpose to a third party, without revealing the content of the data. Through simulation results the efficacy of our scheme is shown by comparing the results with one of the established schemes.

A QoS-aware end-to-end connectivity management algorithm for mobile applications

In a dynamic heterogeneous environment, such as pervasive and ubiquitous computing, context-aware adaptation is a key concept to meet the varying requirements of different users. Context-awareness is the most promising way to manage the user information and to provide the means of communication at the right time in the right way. Connectivity and quality of service (QoS) of applications are two most important considerations that should be taken into account for designing a context-aware system. This paper presents connectivity from the view point of context awareness, identifies various relevant raw connectivity contexts, and discusses how high-level context information can be abstracted from the raw context information. It also presents a QoS-and context-aware algorithm for supporting mobile applications in a heterogeneous network environment. The unified approach towards connectivity information and QoS-awareness makes the algorithm more practical than most of the currently existing algorithms which consider connectivity and QoS separately. Simulation results show that the use of context information helps to improve the delivered application QoS.

Secure Trust Management in Distributed Computing Systems

Modeling and computing trust in distributed computing systems like ad-hoc networks is very much challenging. Particularly in Wireless Sensor Networks (WSNs), where the network is formed and self-organized by relying on the almost strangers for reliable and normal operation, it is important to compute the trustworthiness of individual nodes in distributed manner. In order to find the trustworthiness of individual nodes, we propose a model that takes into consideration of various malicious behaviors of the nodes. The proposed trust and reputation model attempts to find answers to the inadequacy of the traditional authorization mechanisms to secure distributed systems. Our scheme explores the behavioral pattern of the malicious nodes or the attackers and quantifies those patterns to realize the secure trust management modeling. The proposed scheme presents secure trust and reputation modeling against selfish nodes, against malicious accuser nodes and attempts for conflict resolution. Efficacy of this model is shown through simulation results.

A distributed intrusion detection system for wireless ad hoc networks

In a multi-hop mobile ad hoc network (MANET), mobile nodes communicate with each other forming a cooperative radio network. Security remains a major challenge for these networks due to their features of open medium, dynamically changing topologies, reliance on cooperative algorithms, absence of centralized monitoring points, and lack of any clear lines of defense. Most of the currently existing intrusion detection algorithms designed for these networks are insecure, inefficient, and have high rates of false positives. In this paper, a new approach has been proposed to bring out the complementary relationship between key distribution and intrusion detection for developing an intrusion detection protocol for ad hoc networks. The redundancy of routing information in ad-hoc networks is utilized to develop a highly reliable protocol that works even in presence of transient network partitioning and Byzantine failure of nodes. The proposed mechanism is fully cooperative, and thus it is more robust as the vulnerabilities of the election algorithms used for choosing the subset of nodes for cooperation are absent. Simulation results show the effectiveness of the protocol.