Manali Chakraborty

A State-of-the-Art Survey on IDS for Mobile Ad-Hoc Networks and Wireless Mesh Networks

An Intrusion Detection System (IDS) detects malicious and selfish nodes in a network. Ad hoc networks are often secured by using either intrusion detection or by secure routing. Designing efficient IDS for wireless ad-hoc networks that would not affect the performance of the network significantly is indeed a challenging task. Arguably, the most common thing in a review paper in the domain of wireless networks is to compare the performances of different solutions using simulation results. However, variance in multiple configuration aspects including that due to different underlying routing protocols, makes the task of simulation based comparative evaluation of IDS solutions somewhat unrealistic. In stead, the authors have followed an analytic approach to identify the gaps in the existing IDS solutions for MANETs and wireless mesh networks. The paper aims to ease the job of a new researcher by exposing him to the state of the art research issues on IDS. Nearly 80% of the works cited in this paper are published with in last 3 to 4 years.

An IPv6 based hierarchical address configuration scheme for smart grid

Smart Grid (SG) is an intelligent and adaptive energy delivery network that combines the traditional power grid and IT communication network. It aims to provide more efficient, better fault-resilient and reliable energy support. Robust communication architecture is the key that differentiates Smart Grid from the traditional energy delivery system. IP enabled devices are necessary to build such network spread over a large geographic region and connecting devices starting from common household electrical appliances up to power generation units. With the huge number of devices including the smart electrical appliances, increasingly being used in homes, IPv6 become an obvious choice for Smart Grid for its bandwidth. However, one of the main challenges of connecting IPv6 with Smart Grid will be address configuration. In this paper, a new IPv6 address configuration schema for Smart Grid has been proposed. The proposed schema is consistent with the demands of large, dynamic, hierarchical smart grid network. The schema improves accessibility and scalability in terms of configuring a huge number of devices in the smart grid, thereby, fully extracting the potential of 128-bit IPv6 addressing mode.

CORIDS: a cluster-oriented reward-based intrusion detection system for wireless mesh networks

Wireless mesh networks WMNs are proliferating as one of the key technologies of the next-generation networks. Security is one of the prime concerns towards actual implementation of any network technology for commercial applications. Network security has intrinsically two approaches-prevention based and detection based. Implementing firewalls or intrusion prevention techniques is often not an attractive solution for energy-constrained network nodes such as mobile ad hoc network MANET nodes or mesh clients in WMNs. However, in the era of pervasive and ubiquitous computing, commercial transactions are performed on the move and over portable devices such as cell phones and laptops. These devices have energy constraints, and hence, one cannot afford to adopt security measures with high computational overhead. This influences a shift in paradigm from active intrusion prevention to passive intrusion detection. In this paper, a new cluster-oriented reward-based intrusion detection system CORIDS has been proposed for WMNs. The performance of CORIDS has been evaluated using the Qualnet network simulator. Simulation results also establish superiority of CORIDS over Misbehavior Detection Algorithm, another recent trust-based IDS for WMN, both in terms of higher detection efficiency and lower false positives. Copyright

ETSeM: a energy-aware, trust-based, selective multi-path routing protocol

Multi-path routing protocols are used for different types of wireless networks primarily to enhance reliability of packet delivery. The frequency of route discovery is also less for multi-path routing protocols as these are more fault-tolerant. However, the overhead of route discovery in terms of congestion and energy requirement is much higher for multi-path routing as compared to single-path routing. In this paper, a restricted multi-path routing algorithm has been proposed that dynamically selects the number of neighboring nodes through which packets would be transmitted. The selection and degree of multi-path depends on multiple factors like the remaining energy of the node, trust value of that node, number of already existing paths through that node etc. The protocol is designed in such a way, that the burden of routing is lower on the weaker nodes and the nodes with more resources will have to perform more tasks. Consequently, the lifetime of the network would be higher as compared to multi-path routing protocols. Besides, the data reception rate, defined as the ratio of the total number of packets received by the sink node and the total number of packets sent by the source node, is much higher for the proposed protocol than any single path routing. While the routing load is balanced among the nodes, the multiple routes also increase the reliability.

POMSec: Pseudo-Opportunistic, Multipath Secured Routing Protocol for Communications in Smart Grid

Traffic engineering governs the operational performance of a network and its optimization. Splitting the network traffic using multipath routing is one of the standard techniques of traffic engineering. Multipath routing maximizes network resource utilization and throughput by giving nodes a choice of next hops for the same destination along with minimizing the delay. On the other hand, Opportunistic routing minimizes operational cost and the burden of redundant route maintenance by using a constrained redundancy in route selection. POMSec: Pseudo Opportunistic, Multipath Secure routing is one such algorithm that combines the advantages of both the routing methods and additionally implements an underlying trust model to secure the communication in Smart Grid.

A new intrusion prevention system for protecting Smart Grids from ICMPv6 vulnerabilities

Smart Grid is an integrated power grid with a reliable, communication network running in parallel towards providing two way communications in the grid. Its trivial to mention that a network like this would connect a huge number of IP-enabled devices. IPv6 that offers 18-bit address space becomes an obvious choice in this context. In a smart grid, functionalities like neighborhood discovery, autonomic address configuration of a node or its router identification may often be invoked whenever newer equipments are introduced for capacity enhancement at some level of hierarchy. In IPv6, these basic functionalities like neighborhood discovery, autonomic address configuration of networking require to use Internet Control Message Protocol version 6 (ICMPv6). Such usage may lead to security breaches in the grid as a result of possible abuses of ICMPv6 protocol. In this paper, some potential newer attacks on Smart Grid have been discussed. Subsequently, intrusion prevention mechanisms for these attacks are proposed to plugin the threats.

Advanced Monitoring Based Intrusion Detection System for Distributed and Intelligent Energy Theft: DIET Attack in Advanced Metering Infrastructure

Power grid and energy theft has an eternal relationship. Though we moved towards Smart Grid, with an expectation for a more efficient, reliable and secure service, so does the attackers. Smart Grid and AMI systems incorporate a good number of security measures, still it is open to various threats. Recent attacks on Smart Grids in U.S., Gulf State and Ukraine proved that the attacks on the grid have become more sophisticated. In this paper we have introduced a new, distributed and intelligent energy theft: DIET attack and proposed an advanced Intrusion Detection System to protect AMI system. The proposed IDS can perform a passive monitoring on the system as well as detect attackers. This features make this IDS more robust and reliable.

A New Framework for Configuration Management and Compliance Checking for Component-Based Software Development

Component-based software development (CBSD) decreases the time and cost for developing high quality software. However, with CBSD, the maintenance of the software is more difficult, as the whole system consists of several composite components. In this paper, a three-layer framework is proposed toward designing an efficiently configurable component-based system. We also developed an algorithm to identify the primitive and composite components that are related in terms of dependency. This helps managing multiple versions of a system. A smart meter system is considered as a case study. Our algorithm is executed on this component-based system using the semantic effect annotations of Business Process Modeling Notation (BPMN) to validate the results of our algorithm. The success reflects the effectiveness of the proposed algorithm toward identifying the components affected by a change in a simple way.