Security in routing protocols Research Papers (original) (raw)

- by
- •
- Security in routing protocols, Composition

When studying the Transport Layer Security (TLS) Protocol, it is noticed that the most timeconsuming phase is the handshaking process between the client and the server, since many messages should be sent until successful negotiation is done and a secure session is created. The goal of this work is to design a security management system (SMS) to improve the handshaking process by making use of TLS client-side session caching, and allowing trusted users to share sessions with others, as well as giving the client an option to create his own private session with the server even when there is no trusted digital certificate from a certificate authority (CA) to link them. According to our experimental setup, the use of the proposed design has improved the performance by 3.5 times relative to the handshaking of traditional TLS.

In the Internet of Things vision, every physical object has a virtual component that can produce and consume services. Such extreme interconnection will bring unprecedented convenience and economy, but it will also require novel approaches to ensure its safe and ethical use. In the Internet of Things (IoT), everything real becomes virtual, which means that each person and thing has a locatable, addressable, and readable counterpart on the Internet. These virtual entities can produce and consume services and collaborate toward a common goal. The user's phone knows about his physical and mental state through a network of devices that surround his body, so it can act on his behalf. The embedded system in a swimming pool can share its state with other virtual entities. With these characteristics, the IoT promises to extend "anywhere, anyhow, anytime" computing to "anything, anyone, any service." Several significant obstacles remain to fulfill the IoT vision, among them security. The Internet and its users are already under continual attack, and a growing economy-replete with business models that undermine the Internet's ethical use-is fully focused on exploiting the current version's foundational weaknesses. This does not bode well for the IoT, which incorporates many constrained devices. Indeed, realizing the IoT vision is likely to spark novel and ingenious malicious models. The challenge is to prevent the growth of such models or at least to mitigate and limit their impact. Meeting this challenge requires understanding the characteristics of things and the technologies that empower the IoT. Mobile applications are already intensifying users' interaction with the environment, and researchers have made considerable progress in developing sensory devices to provide myriad dimensions of information to enrich the user experience. However, without strong security foundations, attacks and malfunctions in the IoT will outweigh any of its benefits. Traditional protection mechanisms-lightweight cryptography, secure protocols, and privacy assurance-are not enough. Rather, researchers must discover the full extent of specific obstacles. They must analyze current security protocols and mechanisms and decide if such approaches are worth integrating into the IoT as is or if adaptations or entirely new designs will better accomplish security goals. The proper legal and technical framework is essential. To establish it, analysts must thoroughly understand the risks associated with various IoT scenarios, such as air travel, which has many interrelated elements, including safety, privacy, and economy [1]. Only then is it possible to justify the cost of developing security and privacy mechanisms. All these requirements underline some critical first steps in implementing IoT security measures successfully: understand the IoT conceptually, evaluate Internet security's current state, and explore how to move from solutions that meet current requirements and constraints to those that can reasonably assure a secure IoT.

- by Pablo Najera
- •
- Information Security, Network Security, Security, The Internet of Things

Bluetooth technology has become an integral part of this modern society. The availability of mobile phones, game controllers, Personal Digital Assistant (PDA) and personal computers has made Bluetooth a popular technology for short range wireless communication. However, as the Bluetooth technology becomes widespread, vulnerabilities in its security protocols are increasing which can be potentially dangerous to the privacy of a user’s personal information. The security issues of Bluetooth have been an active area of research for the last few years. This paper presents the vulnerabilities in the security
protocols of this technology along with some past security threats and possible countermeasures as reported in the literatures which have been surveyed and summarized in this paper. It also presents some tips that end-users can implement immediately to become more cautious about their private information. Finally, the paper concludes with some recommendations for future security enhancements that can be implemented in the Bluetooth standard.

The validation of credit card numbers allows us to check the authenticity of the credit card number in question or whether that credit card is valid or not for electronic transactions purposes. The most popular algorithm used for credit card number validation is called the Luhn algorithm or MOD (Modulus) 10 algorithms named after its inventor, IBM scientist Hans Peter Luhn. The Luhn algorithm popularly known as MOD 10 algorithm is a simple checksum formula designed to protect against accidental errors that normally occur number generation systems and for malicious attacks. Most credit card companies and governmental identification numbers use the algorithm as a simple method of distinguishing valid numbers from collections of random digits. It is not also intended to be a cryptographically secure hash function. It is also used to validate a variety of identification numbers such as credit card numbers, IMEI numbers, National Provider Identifier numbers in US and Canadian Social Insurance numbers. This takes a look at the Luhn algorithm or MOD 10 algorithm and its implementation in a suitable programming language called the C# programming language. The C# credit card validation programming also offers a graphical interface to give the user 'A user-friendly' experience. It is intended to be a simple, modern, general-purpose, object-oriented,programinglanguage.

In mobile ad hoc networks (MANETs), links are created and destroyed in an unpredictable way, which makes quite challenging the determination of routes between each pair of nodes. In this paper, we propose a formulation of the routing problem in multi-services MANETs, as well as the implementation of an adaptation of the dynamic source routing (DSR) protocol.

Completely GPS-free positioning systems for wireless, mobile, ad-hoc networks typically stress on building a network-wide coordinate system. Such systems suffer from lack of mobility and high computational overhead. On the other hand, specialized hardware in GPS-enabled nodes tends to increase the solution cost. A number of GPS free position based routing algorithms have been studied by the authors before proposing a new positioning framework in this paper. The proposed positioning framework is characterized by using only a handful of GPS enabled nodes. Lower dependence on specialized GPS hardware reduces the total cost of implementing the framework. A new location aided routing protocol called Location Aided Cluster Based Energy-efficient Routing (LACBER) has been proposed in the paper. Simulation results show that using the proposed positioning framework, LACBER turns out to be efficient in lowering mean hop and hence in utilizing the limited energy of mobile nodes.

Development in micro electro mechanical systems (MEMS) and wireless networks has opened a new domain in networking history called wireless sensor networks. Wireless sensor networks sense the information, process them locally and communicate it to the outside world via satellite or Internet. In the near future, Sensor Networks will play a major role in collecting and disseminating information from the fields where ordinary networks are unreachable for various environmental and strategically reasons. Sensor networks use radio frequencies as a communication medium, which is vulnerable of all active and passive attacks from adversaries. Most of the research is going on to make these sensor networks feasible, economical but at the same time security problems associated with these networks have received very little attention from the researcher.

... Fasee Ullah, Masood Ahmad, Masood Habib, Jawad Muhammad Department of Computer Sciences City ... One of the early encouraging steps towards sensor network architecture is Polastre et al. ... Aim of this protocol to solve different key... more

- by Masood Habib
- •
- Sensor, Wireless Sensor Networks, Power Management, Security in routing protocols

Timed Automata is an extension to the automatatheoretic approach for the modeling of real time systems that introduces time into the classical automata. It has become an important research area in both the context of formal languages and modeling and verification of real time systems since it was proposed by Alur and Dill in the early nineties. Timed automata proposes an efficient model checking method for verification real time systems having mature and efficient automatic verification tools. One of the application areas of timed automata is the verification of security protocols which are known to be time sensitive. This study aims to make use of timed automata as a verification tool for security protocols and gives a case study on the initial part of the Neuman-Stubblebine Repeated Authentication Protocol.

- by Bryan Carter
- •
- Model Checking, Automata, Computer Security, Security in routing protocols
- by sandra smith
- •
- Algebra, Security in routing protocols, Authentication, Automation

Sensor networks are currently an active research area mainly due to the potential of their applications. In this paper we investigate the use of Wireless Sensor Networks (WSN) for air pollution monitoring in Mauritius. With the fast growing industrial activities on the island, the problem of air pollution is becoming a major concern for the health of the population. We proposed an innovative system named Wireless Sensor Network Air Pollution Monitoring System (WAPMS) to monitor air pollution in
Mauritius through the use of wireless sensors deployed in huge numbers around the island. The proposed system makes use of an Air Quality Index (AQI) which is presently not available in Mauritius. In order to improve the efficiency of WAPMS, we have designed and implemented a new data aggregation algorithm named Recursive Converging Quartiles (RCQ). The algorithm is used to merge data to eliminate
duplicates, filter out invalid readings and summarise them into a simpler form which significantly reduce the amount of data to be transmitted to the sink and thus saving energy. For better power management we used a hierarchical routing protocol in WAPMS and caused the motes to sleep during idle time.

This paper examines trust in distributed systems. The particular example that we choose is that of key certi cation, although the techniques have more general application. Existing system do not provide su cient evidence to help to... more

This research work propounds a simple graph theory semblance Divide and Conquer Quad tree based Multi-hop Static Leach (DCQMS-Leach) energy efficient routing protocol for wireless sensor networks. The pivotal theme of this research work is to demonstrate how divide and conquer plays a pivotal role in a multi-hop static leach energy efficient routing protocol. This research work motivates, enforces, reckons the DCQMS-Leach energy efficient routing protocol in wireless sensor networks using Mat lab simulator. This research work also computes the performance concepts of DCQMS-Leach routing protocol using various performance metrics such as Packet Drop Rate (PDR), Throughput, and End to End Delay (EED) by comparing and contrasting alive nodes with number of nodes, number of each packets sent to the cluster heads with rounds, number of cluster heads with rounds, number of packets forwarded to the base station with rounds and finally dead nodes with number of rounds. In order to curtail energy consumption this research work proffers a routing methodology such as DCQMS-Leach in energy efficient wireless sensor routing protocol. The recommended DCQMS-Leach overcomes the in adequacies of all other different leach protocols suggested by the previous researchers. KEYWORDS Divide and Conquer (D&C), Divide and Conquer Quad tree based Multi hop Static Leach (DCQMS-Leach), Energy Efficient Routing Protocol (EERP), Wireless Sensor Networks (WSNs), Energy Efficient WSNs (EEWSNs).

Ad hoc On-demand Distance Vector (AODV) routing protocols is one of the most popular reactive protocol used for Mobile Ad hoc Network and is a target of many Denial-of-Service attack types. In this article, we propose a solution for Initialization and Providing the OTP based on Mobile Agent (IPOM). We also propose a Security Routing Protocol using One-Time Password Authentication Mechanism based on Mobile Agent (AODVMO) by extending the original AODV protocol and integrating IPOM solution. Analysis results confirm that AODVMO can prevent almost current routing protocol attack types, such as Blackhole / Sinkhole, Grayhole, Whirlwind, and Wormhole types. Using NS2, we evaluate the packet overhead for providing OTP, the security performance on random waypoint network topology under Blackhole attacks and the effect of security mechanism to the original protocol. Simulation results show that the proposed solution works well, the performance of AODVMO is good under Blackhole attacks, and slightly reduced when integrating the security mechanism in scenarios without attacks.

Modern cryptography targeted towards providing data confidentiality still pose some limitations. The security of public-key cryptography is based on unproven assumptions associated with the hardness /complicatedness of certain mathematical problems. However, public-key cryptography is not unconditionally secure: there is no proof that the problems on which it is based are intractable or even that their complexity is not polynomial. Therefore, public-key cryptography is not immune to unexpectedly strong computational power or better cryptanalysis techniques. The strength of modern cryptography is being weakened and with advances of big data, could gradually be suppressed. Moreover, most of the currently used public-key cryptographic schemes could be cracked in polynomial time with a quantum computer. This paper presents a renewed focus in fortifying the confidentiality of big data by proposing a quantum-cryptographic protocol. A framework was constructed for realizing the protocol, considering some characteristics of big data and conceptualized using defined propositions and theorems.

This paper continues the program initiated in , towards a derivation system for security protocols. The general idea is that complex protocols can be formally derived, starting from basic security components, using a sequence of refinements and transformations, just like logical proofs are derived starting from axioms, using proof rules and transformations. The claim is that in practice, many protocols are already derived in such a way, but informally. Capturing this practice in a suitable formalism turns out to be a considerable task.

- by Anupam Datta
- •
- Cognitive Science, Logic, Security in routing protocols, Computer Software

Reduction of CO2 emissions is a major global environmental issue. Over the past few years, wireless and mobile communications are becoming increasingly popular with consumers. The Most popular kind of wireless access is known as Wireless Mesh Networks (WMNs) that provide wireless connectivity through lot cheaper and more supple backhaul infrastructure relative to wired solutions. Wireless Mesh Network (WMN) is a new emerging technology which has been adopted as the wireless internetworking solution for the near future. Due to higher energy consumption in the information and communication technology (ICT) industries, and which would have an impact on the environment, energy efficiency has become a key factor to evaluate the performance of a communication network. This paper primarily focuses on the classification layer the greatest existing approaches devoted to the conservation of energy. It is also discussing the most interesting works on energy saving in WMNs networks.

- by Javier Lopez
- •
- Information Security, Network Security, Security, The Internet of Things

In this paper we describe Turtle, a peer-to-peer architecture for safe sharing of sensitive data. The truly revolutionary aspect of Turtle rests in its novel way of dealing with trust issues: while existing peer-to-peer architectures with similar aims attempt to build trust relationships on top of the basic, trust-agnostic, peer-topeer overlay, Turtle takes the opposite approach, and builds its overlay on top of pre-existent trust relationships among its users. This allows both data sender and receiver anonymity, while also protecting each and every intermediate relay in the data query path. Furthermore, its unique trust model allows Turtle to withstand most of the denial of service attacks that plague other peer-to-peer data sharing networks.

We present new attacks against the EMV financial transaction security system (known in Europe as "Chip and PIN"), specifically on the back-end API support for sending secure mes- sages to EMV smartcards. We examine how secure messaging is implemented in two major Hardware Security Modules (HSMs). We show how to inject chosen plaintext into encrypted trac between HSM and smartcard. In the case of IBM's implementation, we further show how to retrieve confidential data from within messages by combining the injection ability with a partial dictionary attack. Such attacks could compromise secret key update of a banking smartcard, permitting construction of a perfect counterfeit, or could change the card's PIN to a value chosen by the adversary. We discuss the issues underlying such security holes: the unwieldy primitive of cipher block chaining (CBC) has much to answer for, as does an ever-present tension between defining API functionality too specifically or too generi...

- by Amerson Lin
- •
- Security in routing protocols, Smartcard

A Mobile Ad hoc Network (MANET) is a collection of mobile stations with wireless interfaces which form a temporary network without using any central administration. MANETs are more vulnerable to attacks because they have some specific characteristics as complexity of wireless communication and lack of infrastructure. Hence security is an important requirement in mobile ad hoc networks. One of the attacks against network integrity in MANETs is the Black Hole Attack. In this type of attack all data packets are absorbed by malicious node, hence data loss occurs. In this paper we investigated the impacts of Black Hole attacks on the network performance. We have simulated black hole attacks using Network Simulator 2 (NS-2) and have measured the packet loss in the network without and with a black hole attacks. Also, we measured the packet loss when the number of black hole attacks increases.

The pervasive application of wireless sensor networks (WNSs) is challenged by the scarce energy constraints of sensor nodes. En-route filtering schemes, especially commutative cipher based en-route filtering (CCEF) can saves energy with better filtering capacity. However, this approach suffer from fixed paths and inefficient underlying routing designed for ad-hoc networks. Moreover, with decrease in remaining sensor nodes, the probability of network partition increases. In this paper, we propose energy-efficient routing and re-clustering algorithm (ERCA) to address these limitations. In proposed scheme with reduction in the number of sensor nodes to certain thresh-hold the cluster size and transmission range dynamically maintain cluster node-density. Performance results show that our approach demonstrate filtering-power, better energy-efficiency, and an average gain over 285% in network lifetime.

We model security protocols as games using concepts of game semantics. Using this model we ascribe semantics to protocols written in the standard simple arrow notation. According to the semantics, a protocol is interpreted as a set of strategies over a game tree that represents the type of the protocol. The model uses abstract computation functions and message frames in order to model internal computations and knowledge of agents and the intruder. Moreover, in order to specify properties of the model, a logic that deals with games and strategies is developed. A tableau-based proof system is given for the logic, which can serve as a basis for a model checking algorithm. This approach allows us to model a wide range of security protocol types and verify different properties instead of using a variety of methods as is currently the practice. Furthermore, the analyzed protocols are specified using only the simple arrow notation heavily used by protocol designers and by practitioners.

- by mohamed saleh
- •
- Model Checking, Semantics, Security in routing protocols, Algorithm

The Secure Electronic Transaction (SET) protocol has been proposed by a consortium of credit card companies and software corporations to secure e-commerce transactions. When the customer makes a purchase, the SET dual signature guarantees authenticity while keeping the customer's account details secret from the merchant and his choice of goods secret from the bank.

Fairness may be a desirable property of a nonrepudiation service. Protocols can achieve fairness through the involvement of a trusted third party but the extent of the trusted third party's involvement can vary between protocols. Hence, one of the goals of designing an efJicient non-repudiation protocol is to reduce the work load of the trusted third party. In this paper we present a variant of our fair non-repudiation protocol [15], where the trusted third party will be involved only in case that one party cannot obtain the expected non-repudiation evidence from the other party. This variant is efJicient in an environment where the two parties are likely to resolve communications problems between themselves.

- by Dieter Gollmann
- •
- Information Systems, Computer Science, Government, Network Security
- by Honey Rose
- •
- Information Security, Computer Security, Cryptography, Security in routing protocols

This paper contributes to further closing the gap between formal analysis and concrete implementations of security protocols by introducing a quantitative extension of the usual Dolev-Yao intruder model. This extended model provides a basis for considering protocol attacks that are possible when the intruder has a reasonable amount of computational power, in particular when he is able, with a certain probability, to guess encryption keys or other particular kind of data such as the body of a hashed message. We also show that these extensions do not augment the computational complexity of the protocol insecurity problem in the case of a finite number of interleaved protocol sessions.

- by Pedro Adão
- •
- Cognitive Science, Protocol Analysis, Security in routing protocols, Formal Analysis

The importance of IPv6 Routing Protocol for Low power and Lossy Networks (LLNs), also called RPL, has motivated in the development of a robust and quality of service (QoS) oriented Multi-Constraints Adaptive Link Quality Index (MALQI) based routing protocol. Unlike classical RPL protocols, MALQI enables mobile-RPL while ensuring fault-resilient, reliable and QoS communication over LLNs. MALQI protocol exploits key novelties such as signal strength based mobile node positioning, average received signal strength indicator (ARSSI) and ETX based objective function for fault tolerant best forwarding path selection. The functional architecture of MALQI enables it to be used as the parallel to the link layer RPL that even in the case of link failure can assist efficient data delivery over LLNs. Once detecting link outage, MALQI can execute node discover and best forwarding path selection to assist QoS delivery. Contiki-Cooja based simulation reveals that MALQI based mobile-RPL outperforms other state-of-art routing protocols.

We describe a general architecture for intrusion-tolerant enterprise systems and the implementation of an intrusion-tolerant Web server as a specific instance. The architecture comprises functionally redundant COTS servers running on diverse operating systems and platforms, hardened intrusion-tolerance proxies that mediate client requests and verify the behavior of servers and other proxies, and monitoring and alert management components based on the EMER-ALD intrusion-detection framework. Integrity and availability are maintained by dynamically adapting the system configuration in response to intrusions or other faults. The dynamic configuration specifies the servers assigned to each client request, the agreement protocol used to validate server replies, and the resources spent on monitoring and detection. Alerts trigger increasingly strict regimes to ensure continued service, with graceful degradation of performance, even if some servers or proxies are compromised or faulty. The system returns to less stringent regimes as threats diminish. Servers and proxies can be isolated, repaired, and reinserted without interrupting service.

- by Partha Pal
- •
- DoS Attack, Security in routing protocols, OPERATING SYSTEM, Intrusion Detection

The present work relates to WINTeR, an open access, multi-user experimental facility, currently under development, to support implementation and evaluation of wireless sensor networks for industrial applications in radio-harsh environments. A brief review of existing testbeds is provided and the unique requirements of WINTeR are defined. The resulting WINTeR architecture provides remote accessibility to a full-scale industrial setting including a network of programmable motes each with a programmable attenuator and power monitor, a complex multipath environment, an EMI generator, and a data generator. Experimental analysis tools provide for data logging and graphing as experiments proceed. The resulting testbed will support development and evaluation of emerging physical layer technologies, propagation models, routing protocols, security protocols, power consumption models, the validation of wireless solutions for industrial processes, and most importantly cross-layer optimization. Some examples of how the testbed can be used are briefly presented.

- by P. Najera
- •
- Information Security, Network Security, Security, The Internet of Things

In this paper we present an automatic implementation system of security protocols based in Formal Description Techniques. A sufficiently complete and concise formal specification that has allowed us to define the state machine that corresponds to a security protocol has been designed to achieve our goals. This formal specification makes it possible to incorporate in a flexible way the security mechanisms and functions (random numbers generation, timestamps, symmetric-key encryption, public_key cryptography, etc). Our solution implies the incorporation of an additional security layer L.E.I. (Logical Element of Implementation) in the TCP/IP architecture. This additional layer be able both to interpret and to implement any security protocol from its formal specification. Our system provides an Applications Programming Interfaz (API) for the development of distributed applications in Internet like the e-commerce, bank transfers, network management or distribution information services that makes transparent to them the problem of security in the comunications.

Composing secure interaction protocols dynamically for e-commerce continue to pose a number of challenges, such as lack of standard notations for expressing requirements and the difficulty involved in enforcing them. Furthermore,... more

- by Charles Thevathayan
- •
- Security in routing protocols, Composition, security protocols

Formal verification through model checking proved to be a very useful validation technique for security protocols: authentication, key agreement, non-repudiation, confidentiality, etc. But it has not been yet fully applied for the security properties of secure routing protocols for ad hoc networks. Few researchers had tried this approach. But they had mainly used Promela and SPIN, a tool that is relatively difficult to use. On the other hand, other researchers used formal analysis, a mathematical approach with good results but that is hard to automate. In this paper we present the use of AVISPA in this purpose. We show that the model under which the verification is made is identical to the models used by the researchers that implemented verification in SPIN or by the ones that used formal analysis. Then we present an actual verification taking as a case study ARAN secure routing protocol.

- by Victor Patriciu
- •
- Model Checking, Computer Security, Security in routing protocols, Ad Hoc Networks

In this paper, we propose the encryption plan named (ECC Cryptography (ECC) and Homomorphic Encryption (HE) algorithm to make sure the transmitte Homogeneous Wireless sensor networks (HWSNs) are protected and confident. The proposed plan encryption is constructed under Artificial Bee Colony Routing Method (ABCRM). The ABCRM used to balancing node energy consumption due to get the higher pe additionally to low-end sensors as large number. To investigate the ability for providing the high data security with small size for key by using the ECC, because the ECC method for excha the sensor node identification number, and distance between this sensor nodes with to them cluster head (CH) using to produce the encryption plan key which represented to proposed the data security. To reduce the C energy consumption, using second part from this encryption method (HE encryption) to let the CH to aggregate the encrypted data. The Simulation proposed method results prove the greatly improve lifespan network performance established of energy consumpt Keywords-Wireless sensor networks Wireless Sensor Networks have emerged as an important new area in wireless technology. In the near future, the wireless sensor networks are expected to consist of thousands of inexpensive nodes, each having sensing capability with limited computational and communication power deployed in a vast variety of environments for commercial, civil, and military applications such as surveillance, vehicle tracking, climate and habitat monitoring, intelligence, medical, and acoustic data gatherin limitations of wireless sensor networks are the storage, power and processing. These limitations and the specific architecture of sensor nodes call for energy efficient and secure communication protocols. The systematic gathering and transmissi operation in such a network. Sensors have the ability to carry out in reroute to the base station when data gathering. In such sensor syst information can be gathered from all the sensors to the base station. In data gathering, from agreed energy constraints of the sensors expanding the system lifetime is a major threat. The data aggregator node or th head combine the data to the base station and the malicious attacker may attack this cluster node. This is an open access article distributed under the terms of the Creative Commons Attribution License, Which Permits unrestricted use, distribution, and reproduction in any m and source are credited In this paper, we propose the encryption plan named (ECC Cryptography (ECC) and Homomorphic Encryption (HE) algorithm to make sure the transmitte Homogeneous Wireless sensor networks (HWSNs) are protected and confident. The proposed plan encryption is constructed under Artificial Bee Colony Routing Method (ABCRM). The ABCRM used to balancing node energy consumption due to get the higher performance by deploying the powerful high end sensors as large number. To investigate the ability for providing the high data security with small size for key by using the ECC, because the ECC method for excha the sensor node identification number, and distance between this sensor nodes with to them cluster head (CH) using to produce the encryption plan key which represented to proposed the data security. To reduce the C energy consumption, using second part from this encryption method (HE encryption) to let the CH to aggregate the encrypted data. The Simulation proposed method results prove the greatly improve lifespan network performance established of energy consumption terms and highest paths Wireless sensor networks; Data Encryption; I. INTRODUCTION Wireless Sensor Networks have emerged as an important new area in wireless technology. In the near future, the ss sensor networks are expected to consist of thousands of inexpensive nodes, each having sensing capability with limited computational and communication power deployed in a vast variety of environments for commercial, civil, and military applications such as surveillance, vehicle tracking, climate and habitat monitoring, intelligence, medical, and acoustic data gatherin limitations of wireless sensor networks are the storage, power and processing. These limitations and the specific architecture of sensor nodes call for energy efficient and secure communication protocols.

We model security protocols as a game tree using concepts of game semantics. The model interprets protocol specifications as strategies over a game tree that represents the type of the protocol. The specifications are written in the simple arrow notation commonly used. The model allows us to give formal semantics to this notation. Furthermore, the model can be used for verification of various security properties.

- by Youssef Hanna
- •
- Model Checking, Security in routing protocols, Theorem Proving, Modeling Language

Security protocols use cryptography to set up private communication channels on an insecure network. Many protocols contain flaws, and because security goals are seldom specified in detail, we cannot be certain what constitutes a flaw.... more

- by Lawrence Paulson
- •
- Model Checking, Computer Networks, Independent Component Analysis, Cryptography

The correct implementation of security protocols is a challenging task. To achieve a high degree of confidence in an implementation, as with any software, ideally one requires both: (i) a formal specification that has been subjected to verification, and (ii) tool support to generate an implementation from the verified specification. The formal specification and verification of security protocols has attracted considerable attention, with corresponding advances. However, the state of the art in the generation of implementations has not progressed beyond relatively simple protocols. This paper presents a case study on the implementation of a deterministically fair non-repudiation protocol. Such protocols are among the most complex of security protocols. Sub-protocols are typically required to guarantee timely termination. A trusted third party must be involved to guarantee fairness. Finally, to satisfy requirements such as non-repudiable audit, significant infrastructure support is needed. The case study demonstrates an improved approach to protocol implementation. Starting with a formal specification, a rigorous process with considerable tool support leads to the deployment of a protocol implementation in a flexible Web services-based execution framework. The paper concludes with an evaluation of the approach.

- by Paul Robinson
- •
- XML, Web Services, Security in routing protocols, Authentication

Data transmission between two nodes requires multiple hops as nodes transmission range is limited in Mobile Ad hoc networks (MANET's). Mobility of the networks nodes to makes the situation even more complicated in wireless networks. Multiple routing protocols find optimized routes from a source to some destination. Reactive or On-demand routing protocols take a lazy approach to routing. In contrast to Proactive Routing protocols all up-to-date routes are not maintained at every node, instead the routes are created as and when needed. When a source wants to send to a destination, it invokes the route discovery mechanism to find the path to the destination. The route remains valid till the destination is reachable or until the route is no longer needed. This paper is going to discuss on merits and demerits of Reactive Protocols or on-demand routing Protocols. and an attempt has been made to study the four Reactive (on-demand) routing protocols for MANETs:-Ad hoc On Demand Distance Vector (AODV), Dynamic Source Routing (DSR) protocols, Temporally Ordered Routing Algorithm (TORA) and Associativity Based Routing (ABR) protocol. The primary objective of this paper is to evaluate the effects of reactive protocols that may influence network performance.

While IPSec standard is largely used to protect real time network applications, it unfortunately consumes more processing time, cause packet delay and impede QoS enforcement. The QoS level that a flow receives depends on the value of the Type of Service (ToS) field; the later is set by the 'Multi-Field' (MF) packet classifiers according to the IP source and destination addresses and ports as well as the transport layer protocol. The last three fields are encrypted by the IPSec ESP, and thus ESP prevents network control devices from providing preferred treatment for time critical applications. To solve this problem, we propose a QoS-friendly Encapsulated Security Payload (Q-ESP) as a new IPSec security protocol that provides QoS supports while enforcing the same security services assured by IPSec ESP and AH used jointly. Basically, Q-ESP allows network elements to inspect all the needed fields to perform classification adequately. In this paper, we present details about Q-ESP design, processing and kernel implementation. Moreover, we give analytical as well as experimental evaluation of our protocol to measure its impact on real time VoIP; we also compare it to IPSec ESP and AH according to QoS and security metrics. Finally, we present and discuss some application scenarios in which the use of the Q-ESP protocol has many advantages.

- by Anas Abou El Kalam
- •
- Security, ESP, Security in routing protocols, QoS

Many users routinely log in to their system with system administrator privileges. This is especially true of home users. The advantage of this setup is that these users can do everything necessary to fulfil their tasks with the computer. The disadvantage is that every program running in the users context can make arbitrary modifications to the system. Malicious programs and scripts often take advantage of this and silently change important parameters. We propose to verify that these changes were initiated by a human by a ceremony making use of a CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart). We compare this approach with other methods of achieving the same goal, i.e. passwords, secure path and access control based on zone of origin of the code.

- by Alf Zugenmaier
- •
- Access Control, Security in routing protocols, Turing Test, System Security

As a business grows, it might expand to multiple branches across the country and around the world. To maintain things running ably, the people functioning in those locations require fast, secure and consistent way to share information across computer networks. In addition, mobile employees like sales
people require evenly secure and reliable approach to connect to their business's computer network from remote locations. One popular technology to accomplish these goals is a virtual private network. A VPN is a private network that uses a public network usually the Internet to connect remote sites or users
together. It enables us to transmit the data between two computers across a shared or public network in a manner that follows the properties of a private link. The basic requirements for VPN are User Authentication, Address Management, Data Compression, Data Encryption and Key Management. The
private links are launched in VPN using Point-to-Point Tunneling Protocol (PPTP) and Layer-Two-Tunneling Protocol (L2TP). These protocols satisfy VPN requirements in five layers. In user authentication layer, several trusted authorities using Extensible Authentication Protocol (EAP) do the authentication process. In fourth layer the data encryption part using RC4 called Microsoft-Point-to-Point Encryption (MPPE) scheme. The aim of this paper, instead of multiple trusted authorities we focus single trusted authority using public key cryptography RSA in EAP and also we include AES stream cipher algorithm instead of RC4 for MPPE. We propose new type of fusion encryption technique using AES for encryption and decryption and RSA used for key management.

... This is called a Gray Hole. ... The implementation is such to provide support to the dynamism of the Trust Management System. ... It is again important to remember at this point, that at a particular time we are simulating a single... more

- by Sneha Aman Singh
- •
- Black Holes, Technology Management, Environmental Management, Routing

In the mobile ad hoc network (MANET) update of link connectivity is necessary to refresh the neighbor tables in data transfer. A existing hello process periodically exchanges the link connectivity information, which is not adequate for dynamic topology. Here, slow update of neighbour table entries causes link failures which affect performance parameter as packet drop, maximum delay, energy consumption, and reduced throughput. In the dynamic hello technique, new neighbour nodes and lost neighbour nodes are used to compute link change rate (LCR) and hello-interval/refresh rate (r). Exchange of link connectivity information at a fast rate consumes unnecessary bandwidth and energy. In MANET resource wastage can be controlled by avoiding the re-route discovery, frequent error notification, and local repair in the entire network. We are enhancing the existing hello process, which shows significant improvement in performance.

- by Ahmet Koltuksuz
- •
- Model Checking, Automata, Computer Security, Security in routing protocols

Definitive broadcasting in vehicular ad hoc networks is the key to success for various services and applications on an intelligent transportation system. Many trusted broadcasting protocols have been proposed but none of them has been evaluated in realistic scenario. In this paper, we discuss these reliable broadcasting protocols on VANET. Basic mechanism in broadcasting, and also we are providing collective research of Broadcasting protocols in vanet in that some real time protocols with their pros cons we have studied.

Low power and limited processing are characteristics of nodes in Wireless sensor networks. Therefore, optimal
consumption of energy for WSN protocols seems essential. In a number of WSN applications, sensor nodes sense data
periodically from environment and transfer it to the sink. Because of limitation in energy and selection of best route,
for the purpose of increasing network remaining energy a node with most energy level will be used for transmission
of data. The most part of energy in nodes is wasted on radio transmission; thus decreasing number of transferred
packets in the network will result in increase in node and network lifetimes. In algorithms introduced for data
transmission in such networks up to now, a single route is used for data transmissions that results in decrease in
energy of nodes located on this route which in turn results in increasing of remaining energy. In this paper a new
method is proposed for selection of data transmission route that is able to solve this problem. This method is based
on learning automata that selects the route with regard to energy parameters and the distance to sink. In this method
energy of network nodes finishes rather simultaneously preventing break down of network into two separate parts.
This will result in increased lifetime. Simulation results show that this method has been very effective in increasing of
remaining energy and it increases network lifetime.