• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권10호
• /
• pp.3793-3814
• /
• 2021

Most secure solutions like cryptography are software based and they are designed to mainly deal with the outside attacks for traditional networks, but such soft security is hard to be implemented in wireless sensor networks to counter the inside attacks from internal malicious nodes. To address this issue, reputation has been introduced to tackle the inside malicious nodes. Reputation is essentially a stimulating mechanism for nodes' cooperation and is employed to detect node misbehaviors and improve the trust-worthiness between individual nodes. Among the reputation models, binomial distribution based reputation has many advantages such as light weight and ease of implementation in resource-constraint sensor nodes, and accordingly researchers have proposed many insightful related methods. However, some of them either directly use the modelling results, apply the models through simple modifications, or only use the required components while ignoring the others as an integral part of the whole model, this topic still lacks a comprehensive and systematical review. Thus the motivation of this study is to provide a thorough survey concerning each detailed functional components of binomial distribution based reputation for wireless sensor networks. In addition, based on the survey results, we also argue some open research problems and suggest the directions that are worth future efforts. We believe that this study is helpful to better understanding the reputation modeling mechanism and its components for wireless sensor networks, and can further attract more related future studies.

• Journal of Computing Science and Engineering
• /
• 제6권3호
• /
• pp.179-192
• /
• 2012

This paper presents novel statistical algorithms for protecting the iTrust information retrieval network against malicious attacks. In iTrust, metadata describing documents, and requests containing keywords, are randomly distributed to multiple participating nodes. The nodes that receive the requests try to match the keywords in the requests with the metadata they hold. If a node finds a match, the matching node returns the URL of the associated information to the requesting node. The requesting node then uses the URL to retrieve the information from the source node. The novel detection algorithm determines empirically the probabilities of the specific number of matches based on the number of responses that the requesting node receives. It also calculates the analytical probabilities of the specific numbers of matches. It compares the observed and the analytical probabilities to estimate the proportion of subverted or non-operational nodes in the iTrust network using a window-based method and the chi-squared statistic. If the detection algorithm determines that some of the nodes in the iTrust network are subverted or non-operational, then the novel defensive adaptation algorithm increases the number of nodes to which the requests are distributed to maintain the same probability of a match when some of the nodes are subverted or non-operational as compared to when all of the nodes are operational. Experimental results substantiate the effectiveness of the detection and defensive adaptation algorithms for protecting the iTrust information retrieval network against malicious attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권12호
• /
• pp.5819-5840
• /
• 2018

Considering the topology of hierarchical tree structure, each cluster in WSNs is faced with various attacks launched by malicious nodes, which include network eavesdropping, channel interference and data tampering. The existing intrusion detection algorithm does not take into consideration the resource constraints of cluster heads and sensor nodes. Due to application requirements, sensor nodes in WSNs are deployed with approximately uncorrelated security weights. In our study, a novel and versatile intrusion detection system (IDS) for the optimal defense strategy is primarily introduced. Given the flexibility that wireless communication provides, it is unreasonable to expect malicious nodes will demonstrate a fixed behavior over time. Instead, malicious nodes can dynamically update the attack strategy in response to the IDS in each game stage. Thus, a multi-stage intrusion detection game (MIDG) based on Bayesian rules is proposed. In order to formulate the solution of MIDG, an in-depth analysis on the Bayesian equilibrium is performed iteratively. Depending on the MIDG theoretical analysis, the optimal behaviors of rational attackers and defenders are derived and calculated accurately. The numerical experimental results validate the effectiveness and robustness of the proposed scheme.

• 정보처리학회논문지C
• /
• 제19C권2호
• /
• pp.83-90
• /
• 2012

MANET은 유선 기반망이 구축되어 있지 않은 곳에서 운용되기 때문에 노출된 매체와 동적인 토폴로지, 중앙의 감시와 관리 결여 등으로 보안 측면에서 취약하다. 특히, 중앙에서 네트워크를 제어해 주는 중재자가 없기 때문에 악의적인 노드가 발생해도 그에 대한 탐지나 조치가 어렵다. 이와 같은 악의적인 노드는 Ad-hoc 관련 보안 연구 분야중 라우팅에 밀접하게 연관되어 있다. 따라서, 본 논문에서는 안전하고 효율적인 라우팅을 위해 악의적으로 행동하는 노드를 효과적으로 탐지하여 보안성을 더욱 높일 수 있는 기법을 제안한다. 이를 위해 일정기간 악의적인 행위를 수행하는 노드를 개개의 노드 및 이웃간의 협업을 통해 이중화하여 탐지하고, 각 노드에 대한 신뢰지수를 부여하여 관리함으로써 악의적인 노드 행위에 효과적으로 대응 할 수 있는 기법인 MBC(Identification technition of Malicious Behavior node based on Collaboration in MANET)을 제안한다. 제안한 방법의 효율성을 검증하기 위해 우리는 네트워크 시뮬레이션을 수행하였다. 이 시뮬레이션 수행결과는 제안한 방법이 기존 방법보다 악의적인 노드를 더 정확하고 신속하게 식별 가능함으로써 보다 효율적인 라우팅이 이루어짐을 보였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권12호
• /
• pp.6214-6242
• /
• 2019

Routing in mobile ad hoc networks is performed in a distributed fashion where each node acts as host and router, such that it forwards incoming packets for others without relying on a dedicated router. Nodes are mostly resource constraint and the users are usually inclined to conserve their resources and exhibit selfish behaviour by not contributing in the routing process. The trust and reputation models have been proposed to motivate selfish nodes for cooperation in the packet forwarding process. Nodes having bad trust or reputation are detected and secluded from the network, eventually. However, due to the lack of proper identity management and use of non-persistent identities in ad hoc networks, malicious nodes can pose various threats to these methods. For example, a malicious node can discard the bad reputed identity and enter into the system with another identity afresh, called whitewashing. Similarly, a malicious node may create more than one identity, called Sybil attack, for self-promotion, defame other nodes, and broadcast fake recommendations in the network. These identity-based attacks disrupt the overall detection of the reputation systems. In this paper, we propose a reputation-based scheme that detects selfish nodes and deters identity attacks. We address the issue in such a way that, for normal selfish nodes, it will become no longer advantageous to carry out a whitewash. Sybil attackers are also discouraged (i.e., on a single battery, they may create fewer identities). We design and analyse our rationale via game theory and evaluate our proposed reputation system using NS-2 simulator. The results obtained from the simulation demonstrate that our proposed technique considerably diminishes the throughput and utility of selfish nodes with a single identity and selfish nodes with multiple identities when compared to the benchmark scheme.

• 한국정보통신학회:학술대회논문집
• /
• 한국해양정보통신학회 2010년도 추계학술대회
• /
• pp.605-608
• /
• 2010

Ad-hoc 네트워크가 정상적으로 동작하기 위해서는 각 노드가 동등한 권한을 갖고 상호 협조할 때 원활한 통신이 가능하다. 신뢰성을 확보하기 위해 인증된 노드로만 네트워크가 구성이 가능하지만 인증만으로 악의적 행위를 하는 노드를 완전히 배제할 수 없으므로 이들의 행위가 네트워크 전체를 위험에 빠뜨릴 수 있다. 이를 탐지 및 배제해야만 더욱 안전하고 신뢰할 수 있는 네트워크를 유지할 수 있으나 이에 대한 연구는 상대적으로 미흡한 수준이다. 따라서 신뢰 관계에 있는 노드로 구성된 네트워크에서 이기적이거나 악의적인 노드를 탐지하고 배제시켜 결과적으로 네트워크의 안전성과 신뢰성를 유지하고 처리율을 향상시킬 수 있는 방법을 제안한다.

• 융합보안논문지
• /
• 제18권5_1호
• /
• pp.53-58
• /
• 2018

MANET은 어떠한 인프라스트럭처의 도움 없이 이동 노드들로 구성되어 hop-by-hop 방식으로 데이터가 전달되는 구조가 블록체인과 매우 유사하다. 하지만 MANET은 이러한 특징 때문에 악의적인 노드에 의한 데이터 변조 또는 폐기 등 다양한 위협에 노출되어 있다. 이러한 이유로 전송 데이터에 대한 무결성 보장은 MANET의 중요한 보요 요소이다. 본 논문에서는 네트워크를 구성하는 노드들에 대한 신뢰도 값을 악의적인 노드들로부터 보호하기 위하여 블록체인기술을 적용하는 방법을 제안하였다. 이를 위하여 클러스터 형태의 계층 구조를 이용하였으며, 클러스터 헤드만이 노드들의 신뢰도 정보를 블록에 저장하고 이를 전파할 수 있도록 하였다. 또한 잘못된 블록의 전파를 차단하기 위하여 클러스터 헤드 선출에 참여하는 노드들의 수와 클러스터 헤드의 신뢰도를 이용한 블록생성 난이도 자동 설정 기법을 적용하였다. 이렇게 되면 악의적인 노드에 의한 블록 생성 및 전파를 차단할 수 있게 된다. 제안한 기법의 우수한 성능은 SAODV 기법과 비교 실험을 통해 확인할 수 있었다.

• 디지털산업정보학회논문지
• /
• 제6권4호
• /
• pp.153-160
• /
• 2010

MANET composed mobile nodes without central concentration control like base station communicate through multi-hop route among nodes. Accordingly, it is hard to maintain stability of network because topology of network change at any time owing to movement of mobile nodes. MANET has security problems because of node mobility and needs intrusion detection system that can detect attack of malicious nodes. Therefore, system is protected from malicious attack of intruder in this environment and it has to correspond to attack immediately. In this paper, we propose intrusion detection system based on rules in order to more accurate intrusion detection. Cluster head perform role of monitor node to raise monitor efficiency of packet. In order to evaluate performance of proposed method, we used jamming attack, selective forwarding attack, repetition attack.

• 디지털산업정보학회논문지
• /
• 제10권3호
• /
• pp.161-169
• /
• 2014

Wireless Ad Hoc Network is suitable for emergency situations such as and emergency, disaster recovery and war. That is, it has a characteristic that can build a network and use without help of any infrastructure. However, this characteristic is providing a cause of many security threats. In particular, routing attack is not applied the existing routing methods as it is and it is difficult to determine accurately whether nodes that participate in routing is malicious or not. The appropriate measure for this is necessary. In this paper, we propose a secure routing technique through a zone architecture-based node authentication in order to provide efficient routing between nodes. ZH node is elected for trust evaluation of the member nodes within each zone. The elected ZH node issues a certification of the member nodes and stores the information in ZMTT. The routing involvement of malicious nodes is blocked by limiting the transfer of data in the nodes which are not issued the certification. The superior performance of the proposed technique is confirmed through experiments.

• 디지털산업정보학회논문지
• /
• 제14권1호
• /
• pp.35-43
• /
• 2018

MANET composed of only wireless nodes is increasingly utilized in various fields. However, it is exposed to many security vulnerabilities because it doesn't have any infrastructure and transmits data by using multi-hop method. Therefore, MANET should be applied the intrusion detection technique that can detect efficiently malicious nodes and decrease impacts of various attacks. In this paper, we propose a distributed intrusion detection technique that can detect the various attacks while improving the efficiency of attack detection and reducing the false positive rate. The proposed technique uses the cluster structure to manage the information in the center and monitor the traffic of their neighbor nodes directly in all nodes. We use three parameters for attack detection. We also applied an efficient authentication technique using only key exchange without the help of CA in order to provide integrity when exchanging information between cluster heads. This makes it possible to free the forgery of information about trust information of the nodes and attack nodes. The superiority of the proposed technique can be confirmed through comparative experiments with existing intrusion detection techniques.