• Convergence Security Journal
• /
• v.12 no.6
• /
• pp.69-75
• /
• 2012

MANET(Mobile Ad-hoc Network) is target of many attacks because of dynamic topology and hop-by-hop data transmission method. In MANET, location setting of intrusion detection system is difficult and attack detection using information collected locally is more difficult. The amount of traffic grow, intrusion detection performance will be decreased. In this paper, MANET is composed of zone form and we used random projection technique which reduces dimension without loss of information in order to perform stable intrusion detection in even massive traffic. Global detection node is used to detect attacks which are difficult to detect using only local information. In the global detection node, attack detection is performed using received information from IDS agent and pattern of nodes. k-NN and ZBIDS were experimented to evaluate performance of the proposed technique in this paper. The superiority of performance was confirmed through the experience.

• The KIPS Transactions:PartC
• /
• v.16C no.2
• /
• pp.183-188
• /
• 2009

Wireless sensor networks will be broadly deployed in the real world and widely utilized for various applications. A prerequisite for secure communication among the sensor nodes is that the nodes should share a session key to bootstrap their trust relationship. The open problems are how to verify the identity of communicating nodes and how to minimize any information about the keys disclosed to the other side during key agreement. At any rate, any one of the existing schemes cannot perfectly solve these problems due to some drawbacks. Accordingly, we propose a new pre-distribution scheme with the following merits. First, it supports authentication services. Second, each node can only find some indices of key spaces that are shared with the other side, without revealing unshared key information. Lastly, it substantially improves resilience of network against node capture. Performance and security analyses have proven that our scheme is suitable for sensor networks in terms of performance and security aspects.

• The KIPS Transactions:PartC
• /
• v.18C no.4
• /
• pp.207-212
• /
• 2011

Vehicular Ad Hoc Network(VANET) is a communication technology between vehicles and vehicles(V2V) or vehicles and infrastructures(V2I) for offering a number of practical applications. Considering the importance of communicated information through VANET, data authentication, confidentiality and integrity are fundamental security elements. Recently, to enhance a security of VANET in various circumstances, message authentication is widely researched by many laboratories. Among of them, Zhang. et. al. is an efficient method to authenticate the message with condition of anonymity in dense space. In the scheme, to obtain the vehicular ID with condition of anonymity, the k-anonymity is used. However it has a disadvantage, which conducts hash operations in case of determining the vehicular ID. In the paper, we present a location based algorithm using received signal strength for the location based authentication and encryption technique as well, and to enhance the accuracy of algorithm we apply a location determination technique over the 3-dimensional space.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.87-92
• /
• 2017

MANET is a network composed itself because mobile nodes are connected wirelessly. It has been applied to various fields for group communication. However, the dynamic topology by the movement of the nodes causes routing failure frequently because it is difficult to maintain the position information of the nodes participating in the group communication. Also, it has a problem that network performance is decreased due to high overhead for managing information of member nodes. In this paper, we propose a multicast technique using location-based 2-tier virtual group that is flexible and reliable in management of member nodes. The network is composed of cellular zones and the virtual group is constructed using the location information of the nodes in the proposed technique. The virtual group management node is selected to minimize the overhead of location information management for member nodes in the virtual group. In order to improve the reliability for management of member nodes and multicast data transmission, it excludes the gateway node with low transfer rate when setting the route after the packet transmission rate of the member nodes is measured. The excellent performance of the proposed technique can be confirmed through comparative experiments with AMroute method and PAST-DM method.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.53-58
• /
• 2018

MANET transmits data by hop-by-hop method because it is composed of mobile nodes without support of any infrastructure. Its structure is very similar to a block chain. However, it is exposed to various threats such as data tampering or destruction by malicious nodes because of transmission method. So, ensuring the integrity of transmitted data is an important complement to MANET. In this paper, we propose a method to apply the block chain technique in order to protect the reliability value of the nodes consisting the network from malicious nodes. For this, hierarchical structure of a cluster type is used. Only cluster head stores the reliability information of the nodes in a block and then, this can be spread. In addition, we applied block generation difficulty automatic setting technique using the number of nodes selecting cluster head and the reliability of cluster head to prevent the spread of wrong blocks. This can prevent block generation and spread by malicious nodes. The superior performance of the proposed technique can be verified by comparing experiments with the SAODV technique.

• Journal of the Korea Society for Simulation
• /
• v.18 no.4
• /
• pp.149-155
• /
• 2009

Attacks in wireless sensor networks (WSN), are similar to the attacks in ad-hoc networks because there are deployed on a wireless environment. However existing security mechanism cannot apply to WSN, because it has limited resource and hostile environment. One of the typical attack in WSN is setting up wrong route that using wormhole. To overcome this threat, Ji-Hoon Yun et al. proposed WODEM (WOrmhole attack DEfense Mechanism) which can detect and counter with wormhole. In this scheme, it can detect and counter with wormhole attacks by comparing hop count and initial TTL (Time To Live) which is pre-defined. The selection of a initial TTL is important since it can provide a tradeoff between detection ability ratio and energy consumption. In this paper, we proposed a fuzzy rule-based system for TTL determination that can conserve energy, while it provides sufficient detection ratio in wormhole attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.795-807
• /
• 2014

Vehicular Ad hoc Network (VANET) has gone through a rich amount of research and currently is making its way towards the deployment. However, surprisingly it evolved to rather more applications and services-rich breed referred to as VANET-based clouds due to the advancements in the automobile and communication technologies. Security and privacy have always been the challenges for the think tanks to deploy this technology on mass scale. It is even worse that some security issues are orthogonally related to each other such as privacy, revocation and route tracing. In this paper, we aim at a specific VANET-based clouds framework proposed by Hussain et al. namely VANET using Clouds (VuC) where VANET and cloud infrastructure cooperate with each other in order to provide VANET users (more precisely subscribers) with services. We specifically target the aforementioned conflicted privacy, route tracing, and revocation problem in VANET-based clouds environment. We propose a multiple pseudonymous approach for privacy reasons and leverage the beacons stored in the cloud infrastructure for both route tracing and revocation. In the proposed scheme, revocation authorities after colluding, can trace the path taken by the target node for a specified timespan and can also revoke the identity if needed. Our proposed scheme is secure, conditional privacy preserved, and is computationally less expensive than the previously proposed schemes.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1147-1157
• /
• 2014

Intelligent transportation system (ITS) is realized through a highly ephemeral network, i.e. vehicular ad hoc network (VANET) which is on its way towards the deployment stage, thanks to the advancements in the automobile and communication technologies. However, it has not been successful, at least to date, to install the technology in the mass of vehicles due to security and privacy challenges. Besides, the users of such technology do not want to put their privacy at stake as a result of communication with peer vehicles or with the infrastructure. Therefore serious privacy measures should be taken before bringing this technology to the roads. To date, privacy issues in ephemeral networks in general and in VANET in particular, have been dealt with through various approaches. So far, multiple pseudonymous approach is the most prominent approach. However, recently it has been found out that even multiple pseudonyms cannot protect the privacy of the user and profilation is still possible even if different pseudonym is used with every message. Therefore, another privacy-aware mechanism is essential in vehicular networks. In this paper, we propose a novel identity exchange mechanism to preserve conditional privacy of the users in VANET. Users exchange their pseudonyms with neighbors and then use neighbors' pseudonyms in their own messages. To this end, our proposed scheme conditionally preserves the privacy where the senders of the message can be revoked by the authorities in case of any dispute.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.32-40
• /
• 2006

It is very important to establish a pairwise key securely in wireless sensor networks. Because sensor networks consist of devices with weak physical security, they are likely to be compromised by an attacker. However, some approaches using key pre-distribution and other approaches using one hop local keys are known to be very vulnerable to threats caused by compromised nodes, even a small number. This paper proposes a scheme where each node establishes three hop local keys and employs them for a later pairwise key establishment. When any two nodes agree a pairwise key, all nodes on the route between two nodes contribute to the agreement of the pairwise key. Here, the initial three hop local keys are employed for encrypting a secret key delivered from a node to other nodes. Therefore, the proposed scheme bothers attackers to compromise much more nodes than the scheme using one hop local keys only. The simulation results have proven that the proposed scheme provides better performance and higher security than the scheme using one hop local keys in terms of message exchange, the number of encryption and decryption, and pairwise key exposure rate.

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.617-622
• /
• 2005

Lately, the MANET research has focused on providing routing services with security and previous schemes have been proposed for detecting malicious nodes in a MANET. However, they still include some problems which malicious nodes cannot be found when they falsely report other nodes as malicious. Accordingly, we propose a novel and efficient scheme for detecting malicious nodes using report messages and a report table which is consisted of node ID both for suspecting and reporting when the malicious nodes behave normally during the route discovery, but the other hand they drop and modify packets, or falsely report other nodes as malicious during the data transmission. Our proposed scheme is applicable to not only DSR but aiso AODV. And we provide some simulation results of our proposed scheme by comparing general AODV with our proposed scheme. Simulation results show that our Proposed scheme outperforms general AODV in terms of average packet loss ratio and packet delivery ratio.