Ashfaq Hussain Farooqi

Intrusion Detection Systems for Wireless Sensor Networks: A Survey

Wireless sensor networks (WSNs) are vulnerable to different types of security threats that can degrade the performance of the whole network; that might result in fatal problems like denial of service (DoS) attacks, routing attacks, Sybil attack etc. Key management protocols, authentication protocols and secure routing cannot provide security to WSNs for these types of attacks. Intrusion detection system (IDS) is a solution to this problem. It analyzes the network by collecting sufficient amount of data and detects abnormal behavior of sensor node(s). IDS based security mechanisms proposed for other network paradigms such as ad hoc networks, cannot directly be used in WSNs. Researchers have proposed various intrusion detection systems for wireless sensor networks during the last few years. We classify these approaches into three categories i.e. purely distributed, purely centralized and distributed-centralized. In this paper, we present a survey of these mechanisms. These schemes are further differentiated in the way they perform intrusion detection.

A novel intrusion detection framework for wireless sensor networks

Vehicle cloud is a new idea that uses the benefits of wireless sensor networks (WSNs) and the concept of cloud computing to provide better services to the community. It is important to secure a sensor network to achieve better performance of the vehicle cloud. Wireless sensor networks are a soft target for intruders or adversaries to launch lethal attacks in its present configuration. In this paper, a novel intrusion detection framework is proposed for securing wireless sensor networks from routing attacks. The proposed system works in a distributed environment to detect intrusions by collaborating with the neighboring nodes. It works in two modes: online prevention allows safeguarding from those abnormal nodes that are already declared as malicious while offline detection finds those nodes that are being compromised by an adversary during the next epoch of time. Simulation results show that the proposed specification-based detection scheme performs extremely well and achieves high intrusion detection rate and low false positive rate.

A survey of Intrusion Detection Systems for Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are vulnerable to various kinds of security threats that can degrade the performance of the network and may cause the sensors to send wrong information to the sink. Key management, authentication and secure routing protocols cannot guarantee the required security for WSNs. Intrusion Detection System (IDS) provides a solution to this problem by analysing the network in order to detect abnormal behaviour of the sensor node(s). Researchers have proposed various approaches for detecting intrusions in WSNs during the past few years. In this survey, we classify these approaches into three categories and discuss them in detail.

Intrusion Detection System for IP Multimedia Subsystem using K-Nearest Neighbor classifier

IP multimedia subsystem (IMS) is a new next generation networking architecture that will provide better quality of service, charging infrastructure and security. The basic idea behind IMS is convergence; providing a single interface to different traditional or modern networking architectures allowing better working environment for the end users. IMS is still not commercially adopted and used but research is in progress to explore it. IMS is an IP based overlay next generation network architecture. It inherent number of security threats of session initiation protocol (SIP), TCP, UDP etc as it uses SIP and IP protocols. Some of them can degrade the performance of IMS seriously and may cause DoS or DDoS attacks. The paper presents a new approach keeping a vision of secure IMS based on intrusion detection system (IDS) using k-nearest neighbor (KNN) as classifier. The KNN classifier can effectively detect intrusive attacks and achieve a low false positive rate. It can distinguish between the normal behavior of the system or abnormal. In this paper, we have focused on the key element of IMS core known as proxy call session control function (PCSCF). Network based anomaly detection mechanism is proposed using KNN as anomaly detector. Experiments are performed on OpenIMS core and the result shows that IMS is vulnerable to different types of attacks such as UDP flooding, IP spoofing that can cause DoS. KNN classifier effectively distinguishes the behavior of the system as normal or intrusive and achieve low false positive rate.

Security requirements for a cyber physical community system: a case study

Cyber physical system is an emerging networking paradigm. It is applied to telecommunication, transportation, and healthcare for automation and bringing new technologies. This system is based on physical devices that communicate with each other and outside world through wired or wireless medium. Hence, it is vulnerable to various types of new and acquired threats. In this paper, we discuss about the security requirements for a cyber physical community system using a case study of Vehicle cloud. Vehicle cloud is a novel idea that uses the benefits of newly emerging cyber physical systems and the concept of cloud computing to provide better services to the community.

Securing wireless sensor networks for improved performance in cloud-based environments

Cloud computing has a great potential to assist in storing and processing data collected from sensors placed in any environment such as smart homes, vehicles, hospitals, enemy surveillance areas, volcanoes, oceans, etc. The sensors may be implanted in the form of a body sensor network or placed in the surroundings. The data recorded by these sensors may further be used for several applications implemented in the cloud as well as other services. Here, the data is acquired from sensors through the wireless medium. Recent studies show that wireless sensor networks (WSNs) are vulnerable to various kinds of security threats and there is a requirement of a security solution that safeguards them from lethal attacks. In this paper, we modify the low-energy adaptive clustering hierarchy (LEACH) protocol for WSNs and add the functionality of intrusion detection to secure WSNs from sinkhole, black hole, and selective forwarding attacks. The modified protocol is called LEACH++. We perform two types of analyses: numerical analysis to check the effect on throughput and energy, and simulations in Network Simulator-2 (NS-2) to prove the results found from the numerical analysis. The results are quite promising and favor LEACH++ over LEACH under attack with respect to throughput and energy consumption.

Analysis of rule based look-ahead strategy using Pacman testbed

Games may be used as a test-bed for the analysis of the working of any innovative idea that lies in the field of computational or artificial intelligence. There are three general categories of such games; board games (e.g. tic-tac toe, checkers, Othello), video games (e.g. Dead-end, Cellz, Flatland, Pacman, Nero) and robotics. We have implemented a test-bed of Pacman game in C# and applied various strategies to Pacman agent. The fitness of a strategy depends upon two factors; maximum survival of the Pacman player and swallowed pallets. Experimental results favors rule based look-ahead mechanism over random, greedy and rule based with greed approaches.

Performance analysis of peer-to-peer overlay architectures for Mobile Ad hoc Networks

Mobile adhoc networks (MANETs) are good candidate for peer-to-peer (P2P) overlay architectures. In both, nodes work independently and are distributed in nature. P2P overlays are mostly built over traditional underlying IP network like Internet. There are two flavors of it; unstructured P2P such as Gnutella and structured P2P such as Chord. In this paper, we explain and evaluate Gnutella and Chord for different scenarios in NS-2 while keeping Adhoc On-demand Distance Vector (AODV) as underlying routing protocol. Simulation results show that unstructured P2P architecture achieves high hit rate and produces less updates. We further investigate Gnutella by changing the underlying routing protocol.