Farrukh Aslam Khan

Energy-efficient clustering in mobile ad-hoc networks using multi-objective particle swarm optimization

A mobile ad hoc network (MANET) is dynamic in nature and is composed of wirelessly connected nodes that perform hop-by-hop routing without the help of any fixed infrastructure. One of the important requirements of a MANET is the efficiency of energy, which increases the lifetime of the network. Several techniques have been proposed by researchers to achieve this goal and one of them is clustering in MANETs that can help in providing an energy-efficient solution. Clustering involves the selection of cluster-heads (CHs) for each cluster and fewer CHs result in greater energy efficiency as these nodes drain more power than noncluster-heads. In the literature, several techniques are available for clustering by using optimization and evolutionary techniques that provide a single solution at a time. In this paper, we propose a multi-objective solution by using multi-objective particle swarm optimization (MOPSO) algorithm to optimize the number of clusters in an ad hoc network as well as energy dissipation in nodes in order to provide an energy-efficient solution and reduce the network traffic. In the proposed solution, inter-cluster and intra-cluster traffic is managed by the cluster-heads. The proposed algorithm takes into consideration the degree of nodes, transmission power, and battery power consumption of the mobile nodes. The main advantage of this method is that it provides a set of solutions at a time. These solutions are achieved through optimal Pareto front. We compare the results of the proposed approach with two other well-known clustering techniques; WCA and CLPSO-based clustering by using different performance metrics. We perform extensive simulations to show that the proposed approach is an effective approach for clustering in mobile ad hoc networks environment and performs better than the other two approaches.

Intrusion Detection Systems for Wireless Sensor Networks: A Survey

Wireless sensor networks (WSNs) are vulnerable to different types of security threats that can degrade the performance of the whole network; that might result in fatal problems like denial of service (DoS) attacks, routing attacks, Sybil attack etc. Key management protocols, authentication protocols and secure routing cannot provide security to WSNs for these types of attacks. Intrusion detection system (IDS) is a solution to this problem. It analyzes the network by collecting sufficient amount of data and detects abnormal behavior of sensor node(s). IDS based security mechanisms proposed for other network paradigms such as ad hoc networks, cannot directly be used in WSNs. Researchers have proposed various intrusion detection systems for wireless sensor networks during the last few years. We classify these approaches into three categories i.e. purely distributed, purely centralized and distributed-centralized. In this paper, we present a survey of these mechanisms. These schemes are further differentiated in the way they perform intrusion detection.

Malicious AODV: Implementation and Analysis of Routing Attacks in MANETs

From the security perspective Mobile Ad hoc Networks (MANETs) are amongst the most challenging research areas and one of the key reasons for this is the ambiguous nature of insider attacks in these networks. In recent years, many attempts have been made to study the intrinsic attributes of these insider attacks but the focus has generally been on the analysis of one or very few particular attacks, or only the survey of various attacks without any performance analysis. Therefore, a major feature that research has lately lacked is a detailed and comprehensive study of the effects of various insider attacks on the overall performance of MANETs. In this paper we investigate, in detail, some of the most severe attacks against MANETs namely the blackhole attack, sinkhole attack, selfish node behavior, RREQ flood, hello flood, and selective forwarding attack. A detailed NS-2 implementation of launching these attacks successfully using Ad hoc On-Demand Distance Vector (AODV) routing protocol has been presented and a comprehensive and comparative analysis of these attacks is performed. We use packet efficiency, routing overhead, and throughput as our performance metrics. Our simulation-based study shows that flooding attacks like RREQ flood and hello flood drastically increase the routing overhead of the protocol. Route modification attacks such as sinkhole and blackhole are deadly and severely affect the packet efficiency and bring down the throughput to unacceptable ranges.

A cloud-based healthcare framework for security and patients' data privacy using wireless body area networks

Abstract The recent developments in remote healthcare systems have witnessed significant interests from IT industry (Microsoft, Google, VMware etc) that provide ubiquitous and easily deployable healthcare systems. These systems provide a platform to share medical information, applications, and infrastructure in a ubiquitous and fully automated manner. Communication security and patients’ data privacy are the aspects that would increase the confidence of users in such remote healthcare systems. This paper presents a secure cloud-based mobile healthcare framework using wireless body area networks (WBANs). The research work presented here is twofold: first, it attempts to secure the inter-sensor communication by multi-biometric based key generation scheme in WBANs; and secondly, the electronic medical records (EMRs) are securely stored in the hospital community cloud and privacy of the patients’ data is preserved. The evaluation and analysis shows that the proposed multi-biometric based mechanism provides significant security measures due to its highly efficient key generation mechanism.

A novel intrusion detection framework for wireless sensor networks

Vehicle cloud is a new idea that uses the benefits of wireless sensor networks (WSNs) and the concept of cloud computing to provide better services to the community. It is important to secure a sensor network to achieve better performance of the vehicle cloud. Wireless sensor networks are a soft target for intruders or adversaries to launch lethal attacks in its present configuration. In this paper, a novel intrusion detection framework is proposed for securing wireless sensor networks from routing attacks. The proposed system works in a distributed environment to detect intrusions by collaborating with the neighboring nodes. It works in two modes: online prevention allows safeguarding from those abnormal nodes that are already declared as malicious while offline detection finds those nodes that are being compromised by an adversary during the next epoch of time. Simulation results show that the proposed specification-based detection scheme performs extremely well and achieves high intrusion detection rate and low false positive rate.

Energy-efficient cluster-based security mechanism for intra-WBAN and inter-WBAN communications for healthcare applications

Wireless body area networks (WBANs) are formed by using tiny health monitoring sensors on the human body in order to collect and communicate the human personal data. WBANs serve as a solution to facilitate the tasks performed in the medical sector, and minimize the chances of errors during the process of medical diagnosis. Due to the unreliable wireless media, the communication in a WBAN is exposed to a variety of attacks. These attacks pose major threats to WBAN security. In order to overcome these threats, several cryptographic techniques have been proposed in the recent past. Effectiveness of these cryptographic techniques largely depends on a good key management scheme. However, using an expensive key management scheme is not feasible in highly resource-constrained WBANs. Therefore, we propose and evaluate an energy-efficient key management scheme for WBANs that takes into account available resources of a node during the whole life cycle of key management. Our proposed scheme is a cluster-based hybrid security framework that supports both intra-WBAN and inter-WBAN communications. By using multiple clusters, energy-efficiency can be ensured. The cluster formation process itself is secured by using electrocardiogram (EKG)-based key agreement scheme. The proposed technique is hybrid because we use both preloading of keys and physiological value-based generated keys. We use highly dynamic and random EKG values of the human body for pairwise key generation and refreshment. The performance comparison of our proposed cluster-based key management scheme and low-energy adaptive clustering hierarchy (LEACH)-based key agreement scheme shows that the proposed scheme is secure, more energy-efficient, and provides better network lifetime.

A cluster-based key agreement scheme using keyed hashing for Body Area Networks

In recent years, Body Area Networks (BANs) have gained immense popularity in the domain of healthcare as well as monitoring of soldiers in the battlefield. Security of a BAN is inevitable as we secure the lives of soldiers and patients. In this paper, we propose a security framework using Keyed-Hashing Message Authentication Code (HMAC-MD5) to protect the personal information in a BAN. We assume a network in which nodes sense physiological variables such as electrocardiography (EKG), electroencephalography (EEG), pulse oximeter data, blood pressure and cardiac output. Heterogeneous wireless sensor network is considered which consists of a powerful High-end sensor (H-sensor) and several Low-end sensors (L-sensors). EKG is used for secure communication between nodes as it introduces plug and play capability in BANs. The process is made secure by applying HMAC-MD5 on EKG blocks. Key agreement is done by comparing HMAC of feature blocks between sensors resulting in a more secure network. The analysis is done by calculating the entropy of keys and checking the randomness of EKG data using NIST-randomness testing suite.

A survey of Intrusion Detection Systems for Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are vulnerable to various kinds of security threats that can degrade the performance of the network and may cause the sensors to send wrong information to the sink. Key management, authentication and secure routing protocols cannot guarantee the required security for WSNs. Intrusion Detection System (IDS) provides a solution to this problem by analysing the network in order to detect abnormal behaviour of the sensor node(s). Researchers have proposed various approaches for detecting intrusions in WSNs during the past few years. In this survey, we classify these approaches into three categories and discuss them in detail.

An Improved EKG-Based Key Agreement Scheme for Body Area Networks

Body area networks (BANs) play an important role in mobile health monitoring such as, monitoring the health of patients in a hospital or physical status of soldiers in a battlefield. By securing the BAN, we actually secure the lives of soldiers or patients. This work presents an electrocardiogram (EKG) based key agreement scheme using discrete wavelet transform (DWT) for the sake of generating a common key in a body area network. The use of EKG brings plug-and-play capability in BANs; i.e., the sensors are just placed on the human body and a secure communication is started among these sensors. The process is made secure by using the iris or fingerprints to lock and then unlock the blocks during exchange between the communicating sensors. The locking and unlocking is done through watermarking. When a watermark is added at the sender side, the block is locked and when it is removed at the receiver side, the block is unlocked. By using iris or fingerprints, the security of the technique improves and its plug-and-play capability is not affected. The analysis is done by using real 2-lead EKG data sampled at a rate of 125 Hz taken from MIT PhysioBank database.

A Hybrid Security Mechanism for Intra-WBAN and Inter-WBAN Communications:

The emerging wireless body area networks (WBANs) have a great potential for the growth and development of future ubiquitous healthcare systems. However, due to the use of unreliable wireless media, WBANs are exposed to a variety of attacks. The prevention of these attacks depends upon the cryptographic techniques. The strength of cryptography is based on the keys used for encryption and decryption in the communication process. Security is still an alarming challenge for WBANs and needs attention of the research community. The proposed work introduces a hybrid key management scheme for both intra-WBAN and inter-WBAN communications. The proposed technique is based on preloaded keys as well as keys automatically generated from biometrics of the human body. The biometric-based calculations are of linear time complexity to cater the strict resource constraints and security requirements of WBANs. The proposed security mechanism provides an efficient solution for the security of both intra-WBAN and inter-WBAN communications. The results of the proposed technique are compared with an existing key management technique known as BARI+. The results show significant improvement over the results produced by BARI+ in terms of storage, communication, energy overhead, and security.