An active detection of compromised nodes based on en-route trap in wireless sensor network

With the development and wide use of wireless sensor network, security arises as an essential issue since sensors with restrict resources are deployed in wild areas in an unattended manner. Most of current en-route filtering schemes could filter false data effectively; however, the compromised nodes could take use of the filtering scheme to launch Fictitious False data Dropping attack, the detection of this attack is extremely difficult since the previous hop node is unable to distinguish whether the forwarding node dropt a false data report with incorrect Message Authentication Codes or a legitimate report. This is the first attempt to address the Fictitious False data Dropping attack; in this article, we propose an Active Detection of compromised nodes based on En-route Trap to trap compromised nodes in the scenario of a false data dropping. A trust model is used to evaluate trust level of neighbor nodes with respect to their authentication behaviors. A detecting algorithm of compromised node is used to detect compromised nodes. Simulation results showed that our scheme can address the Fictitious False data Dropping attack and detect 60% of compromised nodes with a low false positive rate; consequently, the packet accuracy of an Active Detection of compromised nodes based on En-route Trap increases rapidly and reaches to 86%.

A Method of Improving Energy Efficiency Through Geofencing and False Data Blocking In Context-Aware Architecture for Probabilistic Voting-Based Filtering Scheme of WSNs

In wireless sensor networks, sensor nodes have the disadvantage of being vulnerable to several attacks due to the use of wireless communication and constrained energy. Adversaries exploit vulnerable characteristics of these nodes to capture them and generate false positive and false negative attacks. These attacks result in false alarms in a base station and information loss in intermediate nodes. A context-aware architecture for a probabilistic voting-based filtering scheme (CAA-PVFS) identifies compromised nodes that cause the damage. Although this method immediately detects the compromised nodes using its CAA, its additional network use consumes unnecessary energy. In this paper, our proposed method configures geofencing for the compromised nodes and blocks the nodes using false data injection. The proposed method reduces the unnecessary energy of the additional network while maintaining security strength. Experimental results indicate that the proposed method offers energy savings of up to 17% while maintaining the security strength against the two attacks as compared to the existing method.

AgriTrust—A Trust Management Approach for Smart Agriculture in Cloud-based Internet of Agriculture Things

Internet of Things (IoT) provides a diverse platform to automate things where smart agriculture is one of the most promising concepts in the field of Internet of Agriculture Things (IoAT). Due to the requirements of more processing power for computations and predictions, the concept of Cloud-based smart agriculture is proposed for autonomic systems. This is where digital innovation and technology helps to improve the quality of life in the area of urbanization expansion. For the integration of cloud in smart agriculture, the system is shown to have security and privacy challenges, and most significantly, the identification of malicious and compromised nodes along with a secure transmission of information between sensors, cloud, and base station (BS). The identification of malicious and compromised node among soil sensors communicating with the BS is a notable challenge in the BS to cloud communications. The trust management mechanism is proposed as one of the solutions providing a lightweight approach to identify these nodes. In this article, we have proposed a novel trust management mechanism to identify malicious and compromised nodes by utilizing trust parameters. The trust mechanism is an event-driven process that computes trust based on the pre-defined time interval and utilizes the previous trust degree to develop an absolute trust degree. The system also maintains the trust degree of a BS and cloud service providers using distinct approaches. We have also performed extensive simulations to evaluate the performance of the proposed mechanism against several potential attacks. In addition, this research helps to create friendlier environments and efficient agricultural productions for the migration of people to the cities.

Rank-Based Report Filtering Scheme (RRFS) for Verifying Phoney Reports in Wireless Sensor Networks

Wireless sensor networks (WSNs) are open to false data injection attack when they are deployed in hostile scenarios. Attackers can easily deceive the sink by compromising sensing nodes or by injecting phoney data into the network. Such attacks can deplete the energy resources of the network by providing wrong information which in turn can affect the proper network functioning or sometimes can shut the network from further functioning. The existing schemes that deal with this problem focus on only a few aspects of the false data injection attack. To resolve this problem, we propose a Rank-based Report Filtering Scheme (RRFS), a holistic and group verification scheme for the identification of compromised nodes and the filtering of false data injected into the network. The proposed scheme verifies report among clusters, en-routers, and sink. Hence, the RRFS, a holistic scheme that is composed of three-tier verifications, successfully rejects the false data before the attackers falsify the whole environment, and this makes the system unique. Reliability Index (RI) is calculated by the nodes for fellow cluster members, and the cluster head (CH) provides the score for a node based on its RI. This, in turn, strengthens the scheme by assisting the en-routers to detect the compromised nodes. The RRFS scheme has been verified and validated by extensive simulation and meticulous performance evaluation of filtering efficiency and energy consumption against various schemes. The scheme gives high filtering efficiency against the multiple compromised nodes and also improves the network’s lifespan. The sustainability of RRFS against numerous attacks that are launched in the sensor environment is thoroughly investigated.

Discrete event simulation–based energy efficient path determination scheme for probabilistic voting–based filtering scheme in sensor networks

In wireless sensor networks, sensors are extremely vulnerable to false positive and false negative attacks due to their stringent energy and computational constraints. Several en-route filtering schemes mainly focus on saving energy through early detection of false data within a short distance against these attacks; however, they cannot immediately block the false data injected by compromised nodes. A security scheme uses context-aware architecture for a probabilistic voting–based filtering scheme to detect the compromised nodes and block the injection of false data, unlike security protocols. Although these schemes effectively obstruct the false data forwarding, they cannot make any detour around the compromised node to avoid it during data forwarding. In this article, we propose a discrete event simulation–based energy efficient path determination scheme that takes a detour around the compromised node against the attacks. Our proposed scheme extracts candidate paths considering the network status and selects a path with the highest energy efficiency from among the candidates using discrete event simulation. Simulation results indicate that the proposed scheme provides energy savings of up to 12% while maintaining the security strength against the two attacks compared to the existing schemes.

Modeling and Simulation of Replay Attack Detection using V2X Message in Autonomous Vehicles in WSN based IoT Environment

An autonomous vehicle is a car that drives itself to its destination without driver intervention. Autonomous driving provides driver convenience and prevents accidents caused by driver carelessness. Autonomous vehicles recognize external environments using sensors such as cameras and riders. In addition, autonomous vehicles collect information by using vehicle-to-everything communication in places they do not recognize. During vehicle-to-everything communication, vehicle-to-infrastructure communication communicates with the infrastructure installed on the road and receives information. In other words, the autonomous vehicle receives information from the infrastructure located in an unrecognized place and grasps the road conditions. However, because infrastructure is expensive to install and maintain, technology that uses wireless sensor networks instead of infrastructure has been proposed. Since the sensor node used in the wireless sensor network is placed outside and communicates wirelessly, it is easily compromised from an attacker. Attackers can use a compromised node to attempt various attacks that affect the system, such as replay attacks. These attacks can also have a fatal effect on autonomous vehicles that use information from sensor nodes. The attacker constantly transmits false information to autonomous vehicles, causing a disruption in the driver's schedule. In addition, autonomous vehicles may cause traffic accidents due to path planning using incorrect information. The proposed scheme in this paper uses an autonomous vehicle to defend against replay attacks and detects compromised nodes. The sensor node sends a message to the base station and the autonomous vehicle to notify them when an event occurs. Thereafter, the message is transmitted to the traffic management center and the base station to be mutually verified. This paper shows that by modeling and simulating EF-ITS, it is possible to defend against replay attacks with a probability of 90% and detect compromised nodes.

Towards 5G Intrusion Detection Scenarios with OMNeT++

We implement an intrusion detection application to investigate the security capabilities of Software Defined Networking (SDN) in a 5G-like environment under Distributed Denial- of-Service (DDoS) attacks. The simulation environment is created in OMNeT++ with a novel integration of two OMNeT++ extension libraries, SimuLTE and OpenFlow OM- NeT++ Suite. The 5G-like environment enables vast and diverse testing of 5G topologies, as well as performance analysis of SDN security applications with various detection and mitigation methods. We analyze distributed synchronize (SYN) flood attack performed by compromised nodes. We report our findings about the sensitivity and the specificity of detection and mitigation of SYN flood for different number of attack and benign nodes.