• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.44 no.1
• /
• pp.113-121
• /
• 2007

Commonly, in the Sensor Network that composed with multiple nodes uses Ad-hoc protocol to communicate each other. Each sensed data packets are collected by base node and processed by Host PC. But the Ad-hoc protocol is too vulnerable to Sinkhole attack, where the intruder attracts surrounding nodes with unfaithful routing information, and then performs selective forwarding or changes the data passing through it. The Sinkhole attack increases overhead over the network and boosts energy consumption speed to decrease network's life time. Since the other attacks can be easily adopted through sinkhole attack, the countermeasure must be considered carefully. In this paper, we proposed the Hop-depth algorithm that detects intruder in Sinkhole attack and colluded nodes. First, the proposed algorithm makes list of suspected nodes and identifies the real intruder in the suspected node list through the Hop-depth count value. And recalculates colluder's path information to find the real intruder. We evaluated the performance of the proposed algorithm using NS2. We compared and analyzed the success ratio of finding real intruder, false positive ratio, false negative ratio, and energy consumption.

• Convergence Security Journal
• /
• v.19 no.5
• /
• pp.19-24
• /
• 2019

It is impossible to apply the routing protocol in the wired environment because MANET consists of only mobile nodes. Therefore, routing protocols considered these characteristics are required. In particular, if malicious nodes are not excluded in the routing phase, network performance will be greatly reduced. In this paper, we propose intrusion detection technique based on region to improve routing performance. In the proposed technique, the whole network is divided into certain areas, and then attack detection within the area using area management node is performed. It is a proposed method that can detect attack nodes in the path through cooperation with each other by using completion message received from member nodes. It also applied a method that all nodes participating in the network can share the attack node information by storing the detected attack node and sharing. The performance evaluation of the proposed technique was compared with the existing security routing techniques through the experiments and the superior performance of the proposed technique was confirmed.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.5
• /
• pp.999-1008
• /
• 2017

In this paper, we propose a pipeline network coding (PNC) scheme for efficient data transmission in wireless networks, a data authentication scheme for verifying the integrity of data, and a node authentication scheme for a virtual source. PNC is a technique that improves the overall network performance by relaying data such that the relay node performing network coding transmits to the sender instead. However, network coding is vulnerable to a pollution attack, which is an attack by a malicious attacker to inject modified data into the network. To prevent this, hash-based message authentication code (HMAC) is used. For this purpose, in order to generate a tag used for data authentication, a key must be distributed to the nodes performing authentication. We applied a hash chain to minimize the overhead of key distribution. A null vector is used as the authentication scheme for the virtual source. Finally, we analyze the safety and complexity of the proposed scheme and show he performance through simulation.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.4
• /
• pp.19-25
• /
• 2010

In this paper, the performance of the DoS information security algorithm is evaluated to provide the multimedia traffic between the nodes using the multicasting services. The essence technology for information security to distribute the multimedia contents is presented. Under the multicasting services, a node participating new group needs a new address and the node compares the collision with the existing nodes, then DoS attack can be occurred between the nodes by a malicious node. Using the NS2 simulator, the number of DoS attacks, the average number of trials to generate new address, and the average time to create address are analyzed. From simulation results, the efficient algorithm with relevant random number design according to the DRM network is needed to provide secure multimedia contents distribution.

• The KIPS Transactions:PartC
• /
• v.10C no.4
• /
• pp.413-422
• /
• 2003

An active network is a new generation network based on a software-intensive network architecture in which applications are able to inject new strategies or code into the infrastructure for their immediate needs. Therefore, the secure active node architecture is needed to give the capability defending an active node against threats that may be more dynamic and powerful than those in traditional networks. In this paper, a security enforcement engine is proposed to secure active networks. We implemented an operating engine with security, authentication and a authorization modules. Using this engine, it is possible that active networks are protected from threats of the malicious active node.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.115-119
• /
• 2007

The IPv6 protocol provides the method to automatically generate an address of a node without additional operations of administrators, Before the generated address is used, the duplicate address detection (DAD) mechanism is required in order to verify the address. However, during the process of verification of the address, it is possible for a malicious node to send a message with the address which is identical with the generated address, so the address can be considered as previously used one; although the node properly generates an address, the address cannot be used. In this paper, we present a strong scheme to perform the DAD mechanism based on hash functions in IPv6 networks. Using this scheme, many nodes, which frequently join or separate from wireless networks in public domains like airports, terminals, and conference rooms, can effectively generate and verify an address more than the secure neighbor discovery (SEND) mechanism.

• Proceedings of the KAIS Fall Conference
• /
• 2006.05a
• /
• pp.368-372
• /
• 2006

최근 MANET에서 보안적인 요소를 추가한 라우팅 연구가 활발하지만 기존에 제시된 방안들은 거짓 신고를 하는 악의적인 노드를 식별하지 못하는 문제점과 라우팅 측면에서 비효율적인 문제점이 있었다. 본 논문에서는 신고, 반박, 증명의 메시지를 이용하여 악의적인 노드의 여러 가지 공격을 차단하고 라우팅 측면에서 보다 효율적인 프로토콜을 제안한다. 제안하는 프로토콜은 여러 가지 MANET 라우팅 프로토콜에서 적용이 가능하며 라우팅 경로 선정 및 관리의 보안적인 부분을 추가하였다.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.1
• /
• pp.33-40
• /
• 2008

This paper presents a new scheduling scheme in wireless distributed network. To overcome the limited information about unfamiliar mobile nodes and to reduce the required system performance, we propose a scheduling algorithm of job allocation based on the trust model. The suggested scheduler evaluate an unfamiliar mobile node's trust and make reference to the trust value of neighboring scheduler. This scheduling algorithm can avoid malicious or selfish mobile nodes by assigning low trust values. We also present a trust evaluation metric and show the efficiency of suggested scheduling algorithm by performance evaluation.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.4
• /
• pp.31-37
• /
• 2011

Recently, MANET(Mobile Ad-hoc Network) is developing increasingly in the wireless network. MANET has weakness because phases change frequently and MANET doesn't have middle management system. Every node which consists of MANET has to perform data forwarding, but traceback is not reliable if these nodes do malicious action owing to attack. It also is not easy to find location of attacker when it is attacked as moving of nodes. In this paper, we propose a hierarchical-based traceback method that reduce waste of memory and can manage path information efficiently. In order to manage trace path information and reduce using resource in the cluster head after network is formed to cluster, method which recomposes the path efficiently is proposed. Proposed method in this paper can reduce path trace failure rate remarkably due to moving of nodes. It can also reduce the cost for traceback and time it takes to collect information.

• Journal of Information Processing Systems
• /
• v.15 no.1
• /
• pp.203-216
• /
• 2019

The nature of wireless transmission has made wireless sensor networks defenseless against various attacks. This paper presents warning message counter method (WMC) to detect blackhole attack, grayhole attack and sinkhole attack in wireless sensor networks. The objective of these attackers are, to draw the nearby network traffic by false routing information and disrupt the network operation through dropping all the received packets (blackhole attack), selectively dropping the received packets (grayhole and sinkhole attack) and modifying the content of the packet (sinkhole attack). We have also attempted light weighted symmetric key cryptography to find data modification by the sinkhole node. Simulation results shows that, WMC detects sinkhole attack, blackhole attack and grayhole attack with less false positive 8% and less false negative 6%.