Sybil Attack Detection through Global Topology Pattern Visualization

We present a robust intrusion detection approach for wireless networks based on a new multi-matrix visualization method with a set of pattern generation, evaluation, organization and interaction functions. Our approach concentrates on assisting users to analyze statistical network topology patterns that could expose significant attack features. Specifically, we investigate Sybil attacks that have severe impacts on the fundamental operations of wireless networks. We have analyzed the features of network topologies under various Sybil attacks and, consequently, designed several matrix reordering algorithms to generate statistical patterns. These topology patterns are automatically evaluated and classified through the measured structural similarities to the signature attack patterns. We have also designed a new time-series analysis method to identify attack durations with a time histogram generation and an automatic segmentation method. To handle complex Sybil attacks, we have integrated our pattern generation, evaluation and organization methods to construct a prototype detection system, in which specialized interaction functions are provided to assist the analysis and comparison of network data. Simulation results show that this approach can effectively locate Sybil attacks under different combinations of network parameters. Our multi-matrix visualization method provides a flexible framework to handle the intricacies and implications from building a complex visual analytics system, which can be extended to defend against a wide range of attacks.

Download Full-text

Sinkhole Attack Detection-Based SVM In Wireless Sensor Networks

International Journal of Wireless Networks and Broadband Technologies ◽

10.4018/ijwnbt.2021070102 ◽

2021 ◽

Vol 10 (2) ◽

pp. 16-31

Author(s):

Sihem Aissaoui ◽

Sofiane Boukli Hacene

Keyword(s):

Network Performance ◽

Ad Hoc ◽

Detection System ◽

Special Kind ◽

Attack Detection ◽

Wireless Sensor ◽

Support Vector ◽

Detection Accuracy ◽

Sybil Attack ◽

Wireless Medium

Wireless sensor network is a special kind of ad hoc network characterized by high density, low mobility, and the use of a shared wireless medium. This last feature makes the network deployment easy; however, it is prone to various types of attacks such as sinkhole attack, sybil attack. Many researchers studied the effect of such attacks on the network performance and their detection. Classification techniques are some of the most used end effective methods to detect attacks in WSN. In this paper, the authors focus on sinkhole attack, which is one of the most destructive attacks in WSNs. The authors propose an intrusion detection system for sinkhole attack using support vector machines (SVM) on AODV routing protocol. In the different experiments, a special sinkhole dataset is used, and a comparison with previous techniques is done on the basis of detection accuracy. The results show the efficiency of the proposed approach.

Download Full-text

A Privacy-Preserving Key Management Scheme with Support for Sybil Attack Detection in VANETs

Sensors ◽

10.3390/s21041063 ◽

2021 ◽

Vol 21 (4) ◽

pp. 1063

Author(s):

L. Ellen Funderburg ◽

Im-Yeong Lee

Keyword(s):

Key Management ◽

Privacy Preservation ◽

Vehicular Ad Hoc Networks ◽

Ad Hoc ◽

Attack Detection ◽

Sybil Attack ◽

Malicious Nodes ◽

Group Signatures ◽

Hoc Networks ◽

Sybil Attacks

Vehicular ad hoc networks (VANETs) face two important and conflicting challenges with regards to security: preserve the privacy of vehicles in order to prevent malicious entities from tracking users and detect and remove bad actors that attempt to game the system for their own advantage. In particular, detecting Sybil attacks, in which one node attempts to appear as many, seemingly conflicts with the goal of privacy preservation, and existing schemes fail on either one or both accounts. To fill this gap, we present a hierarchical key management system which uses short group signatures to preserve member privacy at lower levels while allowing mid-level nodes to detect Sybil attacks and highly trusted nodes at the top of the hierarchy to completely reveal the real identities of malicious nodes in order to prevent them from rejoining the system and for use by legal authorities. In addition, we present an argument for relaxing the requirement of backward secrecy in VANET groups in the case when no malicious activity has been detected.

Download Full-text

An RSSI-based Sybil attack detection system with continuous authentication using a novel lightweight multimodal biometrics

International Journal of Intelligent Unmanned Systems ◽

10.1108/ijius-08-2020-0034 ◽

2020 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

N.V. Brindha ◽

V.S. Meenakshi

Keyword(s):

Ad Hoc ◽

Detection System ◽

Attack Detection ◽

Sybil Attack ◽

Mobile Nodes ◽

Multimodal Biometrics ◽

Content Type ◽

Biometric Technology ◽

Detection Approach ◽

A Charge

PurposeAny node in a mobile ad hoc network (MANET) can act as a host or router at any time and so, the nodes in the MANET are vulnerable to many types of attacks. Sybil attack is one of the harmful attacks in the MANET, which produces fake identities similar to legitimate nodes in the network. It is a serious threat to the MANET when a malicious node uses the fake identities to enter the network illegally.Design/methodology/approachA MANET is an independent collection of mobile nodes that form a temporary or arbitrary network without any fixed infrastructure. The nodes in the MANET lack centralized administration to manage the network and change their links to other devices frequently.FindingsSo for securing a MANET, an approach based on biometric authentication can be used. The multimodal biometric technology has been providing some more potential solutions for the user to be able to devise an authentication in MANETs of high security.Research limitations/implicationsThe Sybil detection approach, which is based on the received signal strength indicator (RSSI) variations, permits the node to be able to verify the authenticity of communicating nodes in accordance with their localizations.Practical implicationsAs the MANET node suffers from a low level of memory and power of computation, there is a novel technique of feature extraction that is proposed for the multimodal biometrics that makes use of palm prints that are based on a charge-coupled device and fingerprints, along with the features that are fused.Social implicationsThis paper proposes an RSSI-based multimodal biometric solution to detect Sybil attack in MANETs.Originality/valueThe results of the experiment have indicated that this method has achieved a performance which is better compared to that of the other methods.

Download Full-text

Sybil Attack Detection Based on Authentication Process Using Digital Security Certificate Procedure for Data Transmission in MANET

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i3.27.17891 ◽

2018 ◽

Vol 7 (3.27) ◽

pp. 270

Author(s):

P Muthusamy ◽

T Sheela

Keyword(s):

Data Transmission ◽

Research Work ◽

Critical Factor ◽

Primary Objective ◽

Attack Detection ◽

Sybil Attack ◽

Data Confidentiality ◽

Data Packets ◽

Security Issues ◽

Wide Range

Mobile devices are becoming very popular due to the wide range of networking competence for the mobile device users. The security issues in MANET become the control towards the management of the multiple numbers of nodes in the MANET is distributed. To strategy for overcome the Sybil attack in MANET and improve the efficiency of the Sybil attack detection by enhancing the data confidentiality and reliability. The primary objective of this research work is to develop a scheme to detect and prevent the Sybil attack in the MANET and to provide a highly reliable data transmission approach. The proposed system ensures the availability, confidentiality, authenticity and reliability of the information using digital certificate chains and secret sharing schemes. To detect the sybil node during the route discovery process, the nodes authenticate each other by providing the digital security certificate (DSC). The digital security certificate proves the nodes and allows only authorized node to participate in the route to transmit the data packets from the source to destination. It will not ensure the confidential data transmission when the legitimate node exhibits the malicious behavior in certain circumstances. When any intermediate nodes learn about the data packet that is being transmitted, then the security in data transmission becomes a critical factor. The safety of the network can be enhanced by preventing the sybil attack in MANET by increasing the data confidentiality and reliability. Only certified and authenticated nodes can participate in the route to transfer the data packets between the nodes. To prevent the sybil attack, it is necessary to secure the data that is transmitted over the insecure communication routes.

Download Full-text

On the Robustness of Root Locus based Routing Attack-Detection in Reconfigurable Wireless Networks

Proceedings of the 16th ACM International Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks - PE-WASUN '19 ◽

10.1145/3345860.3361511 ◽

2019 ◽

Author(s):

Jaime Zuniga-Mejia ◽

Rafaela Villalpando-Hernandez ◽

Cesar Vargas-Rosales

Keyword(s):

Wireless Networks ◽

Attack Detection ◽

Root Locus ◽

Routing Attack

Download Full-text

A Distributed Denial of Service Attack Detection System using Long Short Term Memory with Singular Value Decomposition

2020 IEEE 2nd International Conference on Cyberspac (CYBER NIGERIA) ◽

10.1109/cybernigeria51635.2021.9428870 ◽

2021 ◽

Author(s):

Chukwuemeka Christian Ugwu ◽

Olumide Olayinka Obe ◽

Olugbemiga Solomon Popoqla ◽

Adebayo Olusola Adetunmbi

Keyword(s):

Short Term Memory ◽

Detection System ◽

Denial Of Service ◽

Attack Detection ◽

Distributed Denial Of Service ◽

Short Term ◽

Denial Of Service Attack ◽

Service Attack ◽

Long Short Term Memory ◽

Value Decomposition

Download Full-text

Unsupervised Detection of Sybil Attack in Wireless Networks

IOP Conference Series Earth and Environmental Science ◽

10.1088/1755-1315/693/1/012114 ◽

2021 ◽

Vol 693 (1) ◽

pp. 012114

Author(s):

Yinghua Tian ◽

Song Chen ◽

Long Zhang

Keyword(s):

Wireless Networks ◽

Sybil Attack

Download Full-text

Presentation attack detection system for fake Iris: a review

Multimedia Tools and Applications ◽

10.1007/s11042-020-10378-7 ◽

2021 ◽

Author(s):

Rohit Agarwal ◽

Anand Singh Jalal

Keyword(s):

Detection System ◽

Attack Detection ◽

Presentation Attack Detection

Download Full-text

Structural Design of Intrusion Detection System

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.530-531.705 ◽

2014 ◽

Vol 530-531 ◽

pp. 705-708

Author(s):

Yao Meng

Keyword(s):

Intrusion Detection ◽

Structural Design ◽

Intrusion Detection System ◽

Detection System ◽

Algorithm Design ◽

Detection Algorithm ◽

Attack Detection ◽

Detection Algorithms ◽

Defense Systems ◽

Ddos Attack Detection

This paper first engine starting defense from Intrusion Detection, Intrusion detection engine analyzes the hardware platform, the overall structure of the technology and the design of the overall structure of the plug, which on the whole structure from intrusion defense systems were designed; then described in detail improved DDOS attack detection algorithm design thesis, and the design of anomaly detection algorithms.

Download Full-text

HCRNNIDS: Hybrid Convolutional Recurrent Neural Network-Based Network Intrusion Detection System

Processes ◽

10.3390/pr9050834 ◽

2021 ◽

Vol 9 (5) ◽

pp. 834

Author(s):

Muhammad Ashfaq Khan

Keyword(s):

Neural Network ◽

Intrusion Detection ◽

Recurrent Neural Network ◽

Intrusion Detection System ◽

Detection System ◽

Attack Detection ◽

Network Intrusion Detection ◽

Complex Nature ◽

Network Intrusion ◽

Network Intrusion Detection System

Nowadays, network attacks are the most crucial problem of modern society. All networks, from small to large, are vulnerable to network threats. An intrusion detection (ID) system is critical for mitigating and identifying malicious threats in networks. Currently, deep learning (DL) and machine learning (ML) are being applied in different domains, especially information security, for developing effective ID systems. These ID systems are capable of detecting malicious threats automatically and on time. However, malicious threats are occurring and changing continuously, so the network requires a very advanced security solution. Thus, creating an effective and smart ID system is a massive research problem. Various ID datasets are publicly available for ID research. Due to the complex nature of malicious attacks with a constantly changing attack detection mechanism, publicly existing ID datasets must be modified systematically on a regular basis. So, in this paper, a convolutional recurrent neural network (CRNN) is used to create a DL-based hybrid ID framework that predicts and classifies malicious cyberattacks in the network. In the HCRNNIDS, the convolutional neural network (CNN) performs convolution to capture local features, and the recurrent neural network (RNN) captures temporal features to improve the ID system’s performance and prediction. To assess the efficacy of the hybrid convolutional recurrent neural network intrusion detection system (HCRNNIDS), experiments were done on publicly available ID data, specifically the modern and realistic CSE-CIC-DS2018 data. The simulation outcomes prove that the proposed HCRNNIDS substantially outperforms current ID methodologies, attaining a high malicious attack detection rate accuracy of up to 97.75% for CSE-CIC-IDS2018 data with 10-fold cross-validation.

Download Full-text