Keecheon Kim

Intrusion detection scheme using traffic prediction for wireless industrial networks

Detecting intrusion attacks accurately and rapidly in wireless networks is one of the most challenging security problems. Intrusion attacks of various types can be detected by the change in traffic flow that they induce. Wireless industrial networks based on the wireless networks for industrial automation-process automation (WIA-PA) standard use a superframe to schedule network communications. We propose an intrusion detection system for WIA-PA networks. After modeling and analyzing traffic flow data by time-sequence techniques, we propose a data traffic prediction model based on autoregressive moving average (ARMA) using the time series data. The model can quickly and precisely predict network traffic. We initialized the model with data traffic measurements taken by a 16-channel analyzer. Test results show that our scheme can effectively detect intrusion attacks, improve the overall network performance, and prolong the network lifetime.

Distance-based PRoPHET routing protocol in Disruption Tolerant Network

PRoPHET routing protocol in DTN uses its delivery predictability of node encounters and transitivity to select and forward bundles to its neighbor node regardless of their distance. This concept faces delivery dilemmas in a source node and drawbacks of low delivery ratio and high delay in case two or more neighbor nodes carry equal delivery predictability and the distance between those nodes to the source node varies due to high node mobility. To deal with such consequences, we propose a Distance-based Probabilistic Routing Protocol using History of Encounters and Transitivity (DiPRoPHET), a modified version of traditional PRoPHET, with the use of cross layer implementation for distance value retrieval. Additionally, in this paper, we also simulate and evaluate between the proposed protocol and the traditional one. Simulation results of both protocols show that, by adding distance metric to existing delivery predictability vector of PRoPHET, bundle delivery ratio is increased; in contrast, the bundle delay is decreased during delivery dilemmas over which node to be selected as a forwarder of messages.

Secure Route Discovery for Preventing Black Hole Attacks on AODV-Based MANETs

Mobile Ad-hoc Networks (MANETs) allow mobile hosts to initiate communications with each other over a network without an established infrastructure or a central network authority. Because of this, MANETs have dynamic topologies because nodes can easily join or leave the network at any time. From a security design perspective, MANETs are vulnerable to various types of malicious attacks. As are result, Ad-hoc On-demand Distance Vector (AODV), which is one of the standard MANET protocols, can be attacked by malicious nodes. A black hole attack is one type of malicious attack that can be easily employed against data routing in MANETs. A black hole node replies to route requests rapidly with the shortest path and the highest destination sequence number. The black hole node does not have an active route to a specified destination associated with it and it drops all of the data packets that it receives. This paper proposes a mechanism that provides Secure Route Discovery for the AODV protocol (SRD-AODV) in order to prevent black hole attacks. This mechanism requires the source node and the destination node to verify the sequence numbers in the Route Request (RREQ) and Route Reply (RREP) messages, respectively, based on defined thresholds before establishing a connection with a destination node for sending the data. The simulation results using the Network Simulator 2 (NS2) demonstrate an improvement in the ratio of packet delivery for three different environments using our mechanism as compared to the standard AODV protocol.

An effective path recovery mechanism for AODV using candidate node

We propose an effective path recovery scheme for AODV in mobile ad-hoc network environment. Even though the existing path recovery scheme for AODV routing protocol can recover the disconnected path in some ways, however, they can not utilize the pre-connected routing nodes when we handle the nodes in Ad-hoc environment. In order to utilize the pre-connected routing nodes in recovering the path more effectively, we use a designated candidate nodes. The candidate nodes are used to recover the disconnected path using the pre-connected routing information. This scheme produces better results with less control packets with faster path recovery time.

EADD: Energy Aware Directed Diffusion for Wireless Sensor Networks

The most important element of Wireless Sensor Networks technologies is energy efficiency. When we design network protocols for Wireless Sensor Networks, we should consider duplicate messages. We can achieve the goal of energy efficiency as reducing duplicate packets. Directed Diffusion is one of the energy efficient routing protocols. It selects one reinforced path from source to destination and then forward data packets through that route instead of forwarding broadcast packets. But it doesn¿t worry about available energy of each sensor nodes. Sensor nodes have not enough energy. It allows nodes stop more quickly as using only the fastest path. It cause unbalanced life cycle of the nodes. Consequently, we need to consider available energy of sensor nodes. In this paper we propose EADD: Energy Aware Directed Diffusion for Wireless Sensor Networks. This scheme changes the node¿s forwarding moment that depends on each node¿s available energy. EADD allows the nodes to response more quickly than the nodes which have lower available energy. This scheme is very simple so that it can be adapted to any forwarding strategies for routing protocols of wireless sensor networks. EADD is helpful to achieve balanced nodes¿ energy distribution and extension of network life cycle.

Secure Route Discovery for preventing black hole attacks on AODV-based MANETs

Mobile Ad-hoc Networks (MANETs) allow mobile hosts to initiate communications with each other over a network without an established infrastructure or a central network authority. Because of this, MANETs have dynamic topologies because nodes can easily join or leave the network at any time. From a security design perspective, MANETs are vulnerable to various types of malicious attacks. As are result, Ad-hoc On-demand Distance Vector (AODV), which is one of the standard MANET protocols, can be attacked by malicious nodes. A black hole attack is one type of malicious attack that can be easily employed against data routing in MANETs. A black hole node replies to route requests rapidly with the shortest path and the highest destination sequence number. The black hole node does not have an active route to a specified destination associated with it and it drops all of the data packets that it receives. This paper proposes a mechanism that provides Secure Route Discovery for the AODV protocol (SRD-AODV) in order to prevent black hole attacks. This mechanism requires the source node and the destination node to verify the sequence numbers in the Route Request (RREQ) and Route Reply (RREP) messages, respectively, based on defined thresholds before establishing a connection with a destination node for sending the data. The simulation results using the Network Simulator 2 (NS2) demonstrate an improvement in the ratio of packet delivery for three different environments using our mechanism as compared to the standard AODV protocol.

PRoPHET Routing Protocol Based on Neighbor Node Distance Using a Community Mobility Model in Delay Tolerant Networks

In a Delay Tolerant Network (DTN), the Probabilistic Routing Protocol using the History of Encounters and Transitivity (PRoPHET) routing protocol mainly uses the delivery predictability of node encounters and transitivity to select and forward bundles to the desired neighbor nodes regardless of their distance. This concept introduces a delivery dilemma and the drawbacks of a low delivery ratio, high delay, and overhead when two or more neighbor nodes carry equal delivery predictability when the distance from these nodes to the source node varies from high node mobility. To solve these problems, we propose the use of the Distance-based PRoPHET (DiPRoPHET), a modified version of the traditional PRoPHET, along with the use of a DTN cross-layer implementation for distance value retrieval. We also conducted a simulation between the proposed protocol and a traditional protocol using both random and community models. The simulation results show that, by adding a distance metric to the existing PRoPHET delivery predictability vector, the bundle delivery ratio is increased, in contrast, the bundle delay and overhead are decreased during delivery dilemmas regarding the node to be selected as a message forwarder.

Diamond-Shaped Routing Method for Reliable Data Transmission in Wireless Sensor Networks

Recently, the usage of WSN increases to collect necessary information. At that time, users must consider energy safety because many small sensors are limited by battery capacity. In wireless sensor network (WSN) among existing protocols, the modified power-efficient gathering in sensor information systems (PEGASIS) is known to be effective routing when applied to cases with directional transmissions of data. However, this protocol doesnpsilat guarantee stability in data transmission because it isnpsilat the consideration for the error rates. This paper aims to solve the problems of the modified PEGASIS. We propose the diamond-shaped PEGASIS (DS-PEGASIS) routing protocol for wireless sensor networks where data packet is transmitted reliably. It has advantage in the sense which secures the reliable transmission of data based on a directional data transfer. The efficiency of this mechanism is based on the mathematical analysis of the modified PEGASIS and the proposed method of DS-PEGASIS.

IPv6 stateless address auto-configuration in mobile ad-hoc network (T-DAD) and performance evaluation

IPv6 Duplicate address Detection (DAD) process cannot be applicable for MANET without modification either because of the multi-hop problem or DAD time bound. In this paper, we propose a stateless auto-configuration that overcomes multi-hop problem. We solve the multi-hop problem by having some ad-hoc routable nodes doing DAD for the new node that is willing to accept DAD. Once a host configures its interfaces, it becomes possible to communicate in multi-hop environment. We call this new scheme as Tunneled DAD (T-DAD).

Intrusion tolerance mechanisms using redundant nodes for wireless sensor networks

Wireless sensor networks extend peoples ability to explore, monitor, and control the physical world. Wireless sensor networks are susceptible to certain types of attacks because they are deployed in open and unprotected environments. Novel intrusion tolerance architecture is proposed in this paper. An expert intrusion detection analysis system and an all-channel analyzer are introduced. A proposed intrusion tolerance scheme is implemented. Results show that this scheme can detect data traffic and re-route it to a redundant node in the wireless network, prolong the lifetime of the network, and isolate malicious traffic introduced through compromised nodes or illegal intrusions.