• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.197-200
• /
• 2008

In most sensor networks, nodes can be easily compromised by adversaries due to hostile environments. Adversaries may use compromised nodes to inject false reports into the sensor networks. Such false report attacks will cause false alarms that can waste real-world response effort, and draining the finite amount of energy resource in the battery-powered network. A dynamic enroute scheme proposed by Yu and Guan can detect and drop such false reports during the forwarding phase. In this scheme, choosing a threshold value is very important, as it trades off between security power and energy consumption. In this paper, we propose a threshold determining method which uses the fuzzy rule-based system. The base station periodically determines a threshold value though the fuzzy rule-based system. The number of cluster nodes, the value of the key dissemination limit, and the remaining energy of nodes are used to determine the threshold value.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.4
• /
• pp.41-49
• /
• 2008

Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects forged reports into the network through compromised nodes. Such attacks by compromised sensors can cause not only false alarms but also the depletion of the finite amount of energy in a battery powered network. In order to reduce damage from these attacks, several security solutions have been proposed. Researchers have also proposed some techniques to increase the energy-efficiency of such security solutions. In this paper, we propose a CH(Cluster Header) selection algorithm to choose low power delivery method in sensor networks. The CNP(Contract Net Protocol), which is an approach to solve distribution problems, is applied to choose CHs for event sensing. As a result of employing CNP, the proposed method can prevent dropping of sensing reports with an insufficient number of message authentication codes during the forwarding process, and is efficient in terms of energy saving.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4271-4294
• /
• 2018

Communication cost is the most important factor in Wireless Sensor Networks (WSNs), as exchanging control keying messages consumes a large amount of energy from the constituent sensor nodes. Time-based Dynamic Keying and En-Route Filtering (TICK) can reduce the communication costs by utilizing local time values of the en-route nodes to generate one-time dynamic keys that are used to encrypt reports in a manner that further avoids the regular keying or re-keying of messages. Although TICK is more energy efficient, it employs no re-encryption operation strategy that cannot determine whether a healthy report might be considered as malicious if the clock drift between the source node and the forwarding node is too large. Secure SOurce-BAsed Loose Synchronization (SOBAS) employs a selective encryption en-route in which fixed nodes are selected to re-encrypt the data. Therefore, the selection of encryption nodes is non-adaptive, and the dynamic network conditions (i.e., The residual energy of en-route nodes, hop count, and false positive rate) are also not focused in SOBAS. We propose an energy efficient selection of re-encryption nodes based on fuzzy logic. Simulation results indicate that the proposed method achieves better energy conservation at the en-route nodes along the path when compared to TICK and SOBAS.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.7
• /
• pp.3671-3689
• /
• 2019

Software defined networking brings unique security risks such as control plane saturation attack while enhancing the performance of wireless sensor networks. The attack is a new type of distributed denial of service (DDoS) attack, which is easy to launch. However, it is difficult to detect and hard to defend. In response to this, the attack threat model is discussed firstly, and then a DDoS attack prevention extension, called FuzzyGuard, is proposed. In FuzzyGuard, a control network with both the protection of data flow and the convergence of attack flow is constructed in the data plane by using the idea of independent routing control flow. Then, the attack detection is implemented by fuzzy inference method to output the current security state of the network. Different probabilistic suppression modes are adopted subsequently to deal with the attack flow to cost-effectively reduce the impact of the attack on the network. The prototype is implemented on SDN-WISE and the simulation experiment is carried out. The evaluation results show that FuzzyGuard could effectively protect the normal forwarding of data flow in the attacked state and has a good defensive effect on the control plane saturation attack with lower resource requirements.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.6
• /
• pp.336-342
• /
• 2017

Traffic can be localized by reducing the traffic load on the physical network by causing traffic to be generated at the end of the packet network. By localizing traffic, the IoT-based sensitive data-related security issues can be supported effectively. In addition, it can be applied effectively to the next-generation smart network environment without changing the existing network infrastructure. In this paper, a content priority scheme was applied to smart network-based IoT data. The IoT contents were localized to efficiently pinpoint the flow of traffic on the network to enable smart forwarding. In addition, research was conducted to determine the effective network traffic routes through content localization. Through this study, the network load was reduced. In addition, it is a network structure that can guarantee user quality. In addition, it proved that the IoT service can be accommodated effectively in a smart network-based environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1330-1347
• /
• 2018

Mobile Ad hoc Network (MANET) is a collection of nodes or communication devices that wish to communicate without any fixed infrastructure and predetermined organization of available links. The effort has been made by proposing a scheme to overcome the critical security issue in MANET. The insufficiency of security considerations in the design of Ad hoc On-Demand Distance Vector protocol makes it vulnerable to the threats of collaborative black hole attacks, where hacker nodes attack the data packets and drop them instead of forwarding. To secure mobile ad hoc networks from collaborative black hole attacks, we implement our scheme and considered sensor's energy as a key feature with a better packet delivery ratio, less delay time and high throughput. The proposed scheme has offered an improved solution to diminish collaborative black hole attacks with high performance and benchmark results as compared to the existing schemes EDRIAODV and DRIAODV respectively. This paper has shown that throughput and packet delivery ratio increase while the end to end delay decreases as compared to existing schemes. It also reduces the overall energy consumption and network traffic by maintaining accuracy and high detection rate which is more safe and reliable for future work.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.1289-1292
• /
• 2002

The number of connected computers in the Internet, which has reached a state in which its address space is becoming insufficient is exponentially increased. Also nowadays modern Laptops and Mobile terminal are being used more and more. As hewn, the number of available IPv4 address is limited and many organizations have limited budget to use the global address. So the way to overcome such problems is using private addresses in their networks. In addition, the use of private address makes the system more secure. Moreover, we have considered about supporting of the scalability of data forwarding processes of nodes in their network especially Mobile IP data communication. Thus, we propose the integration of MPLS and Mobile IP network. Also we propose the security services of a constrained LSP for the MPLS payloads.

• International Journal of Contents
• /
• v.10 no.2
• /
• pp.9-17
• /
• 2014

Since vehicles' trajectories are so complex and dense traffic changes in nature frequently, the VANET (Vehicles Ad-hoc Network), using Omni-directional Antenna, has many channel collisions (or overlapping) on Data Link phrases (MAC layers). It is not easy to keep a good seamless communication status for VANET because of its unpredictable network environment. Among VANET research, Directional Antenna have been proposed as one of the most common systematical solutions to reduce (or to mitigate) this miss-communication problems by narrowing communicational ranges and making use of its customized error-detection process. However, even though Directional Antennas help VANET keep good seamless communication, many VANET researchers have reported that Directional VANET still has miss-communicational problems - this has lead to problems like 'Directional Hidden Terminal Problem', 'Deafness', 'Un-accuracy Lobe Scopes' and 'High Deployment Cost' being reported in various papers. To establish well-organized design assessments for a good Directional VANET MAC protocol to overcome these problems, we rearranged and grouped current Directional VANET' qualitative criteria from several current survey papers using these categories- 'Directional Discovery', 'Directional Forwarding' and 'Directional Handover'. In addition, based on the results of the following analysis, we show the essential design concerns that need to be looked at in order to develop a well-designed Directional-VANET MAC protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.4
• /
• pp.1571-1589
• /
• 2016

Nodes in MANETs are battery powered which makes energy an invaluable resource. In OLSR, MPRs are special nodes that are selected by other nodes to relay their data/control traffic which may lead to high energy consumption of MPR nodes. Therefore, employing energy efficient MPR selection mechanism is imperative to ensure prolonged network lifetime. However, misbehaving MPR nodes tend to preserve their energy by dropping packets of other nodes instead of forwarding them. This leads to huge energy loss and performance degradation of existing energy efficient MPR selection schemes. This paper proposes an energy efficient secure MPR selection (ES-MPR) technique that takes into account both energy and security metrics for MPR selection. It introduces the concept of 'Composite Eligibility Index' (CEI) to examine the eligibility of a node for being selected as an MPR. CEI is used in conjunction with willingness to provide distinct selection parameters for Flooding and Routing MPRs. Simulation studies reveal the efficiency of ES-MPR in selection of energy efficient secure and stable MPRs, in turn, prolonging the network operational lifetime.

• Journal of Communications and Networks
• /
• v.15 no.2
• /
• pp.122-131
• /
• 2013

We address the problem of effective vehicular routing in hostile scenarios where malicious nodes intend to jeopardize the delivery of messages. Compromised vehicles can severely affect the performance of the network by a number of attacks, such as selectively dropping messages, manipulating them on the fly, and the likes. One of the best performing solutions that has been used in static wireless sensor networks to deal with these attacks is based on the concept of watchdog nodes (also known as guard nodes) that collaborate to continue the forwarding of data packets in case a malicious behavior in a neighbor node is detected. In this work, we consider the beacon-less routing algorithm for vehicular environments routing protocol, which has been previously shown to perform very well in vehicular networks, and analyze whether a similar solution would be feasible for vehicular environments. Our simulation results in an urban scenario show that watchdog nodes are able to avoid up to a 50% of packet drops across different network densities and for different number of attackers, without introducing a significant increase in terms of control overhead. However, the overall performance of the routing protocol is still far from optimal. Thus, in the case of vehicular networks, watchdog nodes alone are not able to completely alleviate these security threats.