Hichem Sedjelmaci

An accurate and efficient collaborative intrusion detection framework to secure vehicular networks

Display Omitted We design and implement an accurate and lightweight intrusion detection framework, called AECFV.AECFV aims to protect the vehicular ad hoc networks (VANETs) against the most dangerous attacks that could occurred on this network.AECFV take into account the VANETs characteristics such as high nodes mobility and rapid topology change.AECFV exhibits a high detection rate, low false positive rate, faster attack detection, and lower communication overhead. The advancement of wireless communication leads researchers to develop and conceive the idea of vehicular networks, also known as vehicular ad hoc networks (VANETs). Security in such network is mandatory due to a vital information that are managed by the vehicle. Therefore, in this paper we design and implement an accurate and lightweight intrusion detection framework, called AECFV, that aims to protect the network against the most dangerous attacks that could occur on such network. AECFV is suitable for VANETs characteristics such as high nodes mobility and rapid topology change. This is achieved with a help of the proposed secured clustering algorithm that considers both nodes mobility and network vulnerability during cluster formation. Clusters are constructed with a high stability and good connectivity. Cluster-Heads (CHs) are elected based on both nodes mobility and the vehicles trust-level. The simulation performed using NS-3 simulator shows, AECFV exhibits a high detection rate, low false positive rate, faster attack detection, and lower communication overhead compared to current detection frameworks.

An Efficient and Lightweight Intrusion Detection Mechanism for Service-Oriented Vehicular Networks

Vehicular ad hoc networks (VANETs) are wireless networks that provide high-rate data communication among moving vehicles and between the vehicles and the road-side units. VANETs are considered as the main wireless communication platforms for the intelligent transportation systems (ITS). Service-oriented vehicular networks are special categories for VANETs that support diverse infrastructure-based commercial infotainment services including, for instance, Internet access, real-time traffic monitoring and management, video streaming. Security is a fundamental issue for these service networks due to the relevant business information handled in these networks. In this paper, we design and implement an efficient and light-weight intrusion detection mechanism, called efficient and light-weight intrusion detection mechanism for vehicular network (ELIDV) that aims to protect the network against three kinds of attacks: denial of service (DoS), integrity target, and false alerts generation. ELIDV is based on a set of rules that detects malicious vehicles promptly and with high accuracy. We present the performance analysis of our detection mechanism using NS-3 simulator. Our simulation results show that ELIDV exhibits a high-level security in terms of highly accurate detection rate (detection rate more than 97%), low false positive rate (close to 1%), and exhibits a lower overhead compared to contemporary frameworks.

An efficient intrusion detection framework in cluster-based wireless sensor networks

In the last few years, the technological evolution in the field of wireless sensor networks was impressive, which made them extremely useful in various applications (military, commercial, etc.). In such applications, it is essential to protect the network from malicious attacks. This presents a demand for providing security mechanisms in these vulnerable networks. In this paper, we design a new framework for intrusion detection in cluster-based wireless sensor networks. Our detection framework is composed of different protocols that run at different levels. The first protocol is a specification-based detection protocol that runs at intrusion detection system (IDS) agents (low level). The second one is a binary classification detection protocol that runs at cluster head (CH) node (medium level). In addition, a reputation protocol is used at each CH to evaluate the trustworthiness level of its IDSs agents. Each CH monitors its CH neighbors on the basis of a specification detection protocol with the help of a vote mechanism applied at the base station (high level). We evaluated the performances of our framework in the presence of four well-known attacks: hello flood, selective forwarding, black hole, and wormhole attacks. We evaluated specifically the detection rate, false positive rate, energy consumption, and efficiency. Simulation results show that our detection framework exhibits high detection rate (almost 100%), low number of false positives, less time to detect the attack, and less energy consumption. Our intrusion detection framework outperforms other schemes proposed in the literature in terms of detection, false positive rate, and energy consumption. Copyright

Detection and prevention from misbehaving intruders in vehicular networks

In this paper, we design and implement a new intrusion detection and prevention schema for vehicular networks. It has the ability to detect and predict with a high accuracy a future malicious behavior of an attacker. This is unlike the current detection schémas, where there is no prevention technique since they aim to detect only current attackers that occur in the network. We used game theory concept to predict the future behavior of the monitored vehicle and categorize it into the appropriate list (White, White & Gray, Gray, and Revocation_Black) according to its predicted attack severity. In this paper, our aim is to prevent from the most dangerous attack that targets a vehicular network, which is false alerts generation attack. Simulation results show that our intrusion detection and prevention schema exhibits a high detection rate and generates a low false positive rate. In addition, it requires a low overhead to achieve a high-level security.

Network connectivity and area coverage for UAV fleet mobility model with energy constraint

Our main focus through the present paper is on developing an original distributed mobility model for autonomous fleet of interconnected UAVs (Unmanned Aerial Vehicles) performing an area exploration mission. The UAVs, equipped with wireless ad-hoc capabilities, are required to optimally explore an area while maintaining connectivity with their neighboring UAVs and the base station. Because energy is a scarce resource, especially for UAVs, its wise management is quite beneficial for the network lifetime and mission success. Hence, the proposed mobility model, compared to other models in the literature, is the first to ever include the remaining energy level as decision criterion combined with area coverage and network connectivity. Based on these criterions and the information received from its neighbors, each UAV determines, using the information received from its neighbors, its next movement to be undertaken. The performances of the proposed approach are compared with those achieved through a randomized approach and a forces-based approach. Simulation results, using NS3, show that it outperforms the two other models in terms of coverage and connectivity.

Intrusion Detection and Ejection Framework Against Lethal Attacks in UAV-Aided Networks: A Bayesian Game-Theoretic Methodology

Advances in wireless communications and microelectronics have spearheaded the development of unmanned aerial vehicles (UAVs), which can be used to augment a ground network composed of sensors and/or vehicles in order to increase coverage, enhance the end-to-end delay, and improve data processing. While UAV-aided networks can potentially find applications in many areas, a number of issues, particularly security, have not been readily addressed. The intrusion detection system is the most commonly used technique to detect attackers. In this paper, we focus on addressing two main issues within the context of intrusion detection and attacker ejection in UAV-aided networks, namely, activation of the intrusion monitoring process and attacker ejection. In fact, when a large number of nodes activate their monitoring processes, the incurred overhead can be substantial and, as a consequence, degrades the network performance. Therefore, a tradeoff between the intrusion detection rate and overhead is considered in this work. It is not always the best strategy to eject a node immediately when it exhibits a bad sign of malicious activities since this sign could be provisional (the node may switch to a normal behavior in the future) or be simply due to noise or unreliable communications. Thus, a dilemma between detection and false positive rates is taken into account in this paper. We propose to address these two security issues by a Bayesian game model in order to accurately detect attacks (i.e., high detection and low false positive rates) with a low overhead. Simulation results have demonstrated that our proposed security game framework does achieve reliable detection.

Intrusion detection framework of cluster-based wireless sensor network

Wireless sensor networks (WSNs) have a huge potential to be used in critical situations like military and commercial applications. However, these applications are required often to be deployed in hostile environments, where nodes and communication are attractive targets to attackers. This makes WSNs vulnerable to a variety of potential attacks. Due to their characteristics, conventional security mechanisms are not applicable. In this context, we propose an intrusion detection framework for a cluster-based WSN (CWSN) that aims to combine the advantage of anomaly and signature detection which are high detection rate and low false positive, respectively.

A Hierarchical Detection and Response System to Enhance Security Against Lethal Cyber-Attacks in UAV Networks

Unmanned aerial vehicles (UAVs) networks have not yet received considerable research attention. Specifically, security issues are a major concern because such networks, which carry vital information, are prone to various attacks. In this paper, we design and implement a novel intrusion detection and response scheme, which operates at the UAV and ground station levels, to detect malicious anomalies that threaten the network. In this scheme, a set of detection and response techniques are proposed to monitor the UAV behaviors and categorize them into the appropriate list (normal, abnormal, suspect, and malicious) according to the detected cyber-attack. We focus on the most lethal cyber-attacks that can target an UAV network, namely, false information dissemination, GPS spoofing, jamming, and black hole and gray hole attacks. Extensive simulations confirm that the proposed scheme performs well in terms of attack detection even with a large number of UAVs and attackers since it exhibits a high detection rate, a low number of false positives, and prompt detection with a low communication overhead.

How to Detect Cyber-Attacks in Unmanned Aerial Vehicles Network?

Security issues in unmanned aerial vehicle (UAV) networks attract the attention of both industry and research community. This is due to the large number of attacks that can target such networks with a goal for instance to jam the communication, disturb the network operation, inject wrong data, etc. In this paper, we propose and implement a cyber security system to protect the UAVs against the most dangerous threats: cyber-attacks that target the data integrity and network availability. Our system is based on a cyber detection mechanism to promptly detect these attacks as soon as they unfold. Minimizing false positives and false negatives rates is a major issue since classifying a legitimate node as an intruder and vice versa may compromises the efficiency of the security system . Thereby, to address this issue, a threat estimation model based on Belief approach is proposed. Simulation results show that our security system exhibits a high accuracy detection compared to cyber detection system proposed in current literature.

Efficient and lightweight intrusion detection based on nodes' behaviors in wireless sensor networks

In this paper, we design and implement an Efficient and Lightweight Intrusion Detection (ELID) framework based on a new detection technique. This later relies on the fact that nodes that are located within the same cluster have almost a similar behavior. This fact is demonstrated by both simulation and experimental studies. According to the obtained results, ELID exhibits a high detection rate, low false positive rate, low energy consumption and requires less time to detect the following attacks: Selective forwarding, Black hole, Sinkhole, Wormhole and Denial of Service (DoS).