Nikos Komninos

Survey in Smart Grid and Smart Home Security: Issues, Challenges and Countermeasures

The electricity industry is now at the verge of a new era-an era that promises, through the evolution of the existing electrical grids to smart grids, more efficient and effective power management, better reliability, reduced production costs, and more environmentally friendly energy generation. Numerous initiatives across the globe, led by both industry and academia, reflect the mounting interest around not only the enormous benefits but also the great risks introduced by this evolution. This paper focuses on issues related to the security of the smart grid and the smart home, which we present as an integral part of the smart grid. Based on several scenarios, we aim to present some of the most representative threats to the smart home/smart grid environment. The threats detected are categorized according to specific security goals set for the smart home/smart grid environment, and their impact on the overall system security is evaluated. A review of contemporary literature is then conducted with the aim of presenting promising security countermeasures with respect to the identified specific security goals for each presented scenario. An effort to shed light on open issues and future research directions concludes this paper.

Detecting unauthorized and compromised nodes in mobile ad hoc networks

Security of mobile ad hoc networks (MANET) has become a more sophisticated problem than security in other networks, due to the open nature and the lack of infrastructure of such networks. In this paper, the security challenges in intrusion detection and authentication are identified and the different types of attacks are discussed. We propose a two-phase detection procedure of nodes that are not authorized for specific services and nodes that have been compromised during their operation in MANET. The detection framework is enabled with the main operations of ad hoc networking, which are found at the link and network layers. The proposed framework is based on zero knowledge techniques, which are presented through proofs.

Layered security design for mobile ad hoc networks

When security of a given network architecture is not properly designed from the beginning, it is difficult to preserve confidentiality, authenticity, integrity and non-repudiation in practical networks. Unlike traditional mobile wireless networks, ad hoc networks rely on individual nodes to keep all the necessary interconnections alive. In this article we investigate the principal security issues for protecting mobile ad hoc networks at the data link and network layers. The security requirements for these two layers are identified and the design criteria for creating secure ad hoc networks using multiple lines of defence against malicious attacks are discussed.

Intrusion Detection with Neural Networks and Watermarking Techniques for MANET

In mobile ad hoc networks (MANET) specific Intrusion Detection Systems (IDSs) are needed to safeguard them since traditional intrusion prevention techniques are not sufficient in the protection of MANET. In this paper we present an intrusion detection engine based on neural networks combined with a protection method, which is based on watermarking techniques. We exploit the advantages of information visualization and machine learning techniques in order to achieve intrusion detection. Then, we authenticate the maps produced by the application of the intelligent techniques using a novel combined watermarking embedded method. The performance of the proposed model is evaluated under different traffic conditions, mobility patterns and visualization metrics, showing its high efficiency.

Protecting biometric templates with image watermarking techniques

Biometric templates are subject to modifications for identity fraud especially when they are stored in databases. In this paper, a new approach to protecting biometric templates with image watermarking techniques is proposed. The novelty of this approach is that we have combined lattice and block-wise image watermarking techniques to maintain image quality along with cryptographic techniques to embed fingerprint templates into facial images and vice-versa. Thus, protecting them from being modified.

LIDF: Layered intrusion detection framework for ad-hoc networks

As ad-hoc networks have different characteristics from a wired network, the intrusion detection techniques used for wired networks are no longer sufficient and effective when adapted directly to a wireless ad-hoc network. In this article, first the security challenges in intrusion detection for ad-hoc networks are identified and the related work for anomaly detection is discussed. We then propose a layered intrusion detection framework, which consists of collection, detection and alert modules that are handled by local agents. The collection, detection and alert modules are uniquely enabled with the main operations of ad-hoc networking, which are found at the OSI link and network layers. The proposed modules are based on interpolating polynomials and linear threshold schemes. An experimental evaluation of these modules shows their efficiency for several attack scenarios, such as route logic compromise, traffic patterns distortion and denial of service attacks.

A New Framework Architecture for Next Generation e-Health Services

The challenge for fast and low-cost deployment of ubiquitous personalized e-Health services has prompted us to propose a new framework architecture for such services. We have studied the operational features and the environment of e-Health services and we led to a framework structure that extends the European Telecommunications Standards Institute (ETSI)/Parlay architecture, which is used for the deployment of standardized services over the next generation IP networks. We expanded the ETSI/Parlay architecture with new service capability features as well as sensor, profiling, and security mechanisms. The proposed framework assists the seamless integration, within the e-Health service structure, of diverse facilities provided by both the underlying communication and computing infrastructure as well as the patients bio and context sensor networks. Finally, we demonstrate the deployment of a telemonitoring service in smart home environment based on the proposed framework architecture.

Degree-Based Clustering Algorithms for Wireless Ad Hoc Networks Under Attack

In this paper we investigate the behavior of degree-based clustering algorithms with respect to their stability and attack-resistance. Our attack scenario tries to bias the clustering head selection procedure by sending faulty degree claims. We propose a randomized variant of the highest degree algorithm which is proved, through experimental results, attack-resistant without imposing significant overhead to the clustering performance. In addition, we extend our proposal with a cooperative consistent clustering algorithm which integrates security into the clustering decision achieving attacker identification and classification.

New client puzzle approach for DoS resistance in ad hoc Networks

In this paper we propose a new client puzzle approach to prevent Denial of Service (DoS) attacks in ad hoc networks. Each node in the network first solves a computational problem and with the solution has to create and solve a client puzzle. By combining computational problems with puzzles, we improve the efficiency and latency of the communicating nodes and resistance in DoS attacks. Experimental results show the effectiveness of our approach.

Authentication in a layered security approach for mobile ad hoc networks

An ad hoc network is a collection of nodes that do not need to rely on a predefined infrastructure to keep the network connected. Nodes communicate amongst each other using wireless radios and operate by following a peer-to-peer network model. In this article we investigate authentication in a layered approach, which results to multiple lines of defense for mobile ad hoc networks. The layered security approach is described and design criteria for creating secure ad hoc network using multiple authentication protocols are analyzed. The performance of several such known protocols, which are based on challenge-response techniques, is presented through simulation results.