Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits s...Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.展开更多
Flying Ad hoc Network(FANET)has drawn significant consideration due to its rapid advancements and extensive use in civil applications.However,the characteristics of FANET including high mobility,limited resources,and ...Flying Ad hoc Network(FANET)has drawn significant consideration due to its rapid advancements and extensive use in civil applications.However,the characteristics of FANET including high mobility,limited resources,and distributed nature,have posed a new challenge to develop a secure and ef-ficient routing scheme for FANET.To overcome these challenges,this paper proposes a novel cluster based secure routing scheme,which aims to solve the routing and data security problem of FANET.In this scheme,the optimal cluster head selection is based on residual energy,online time,reputation,blockchain transactions,mobility,and connectivity by using Improved Artificial Bee Colony Optimization(IABC).The proposed IABC utilizes two different search equations for employee bee and onlooker bee to enhance convergence rate and exploitation abilities.Further,a lightweight blockchain consensus algorithm,AI-Proof of Witness Consensus Algorithm(AI-PoWCA)is proposed,which utilizes the optimal cluster head for mining.In AI-PoWCA,the concept of the witness for block verification is also involved to make the proposed scheme resource efficient and highly resilient against 51%attack.Simulation results demonstrate that the proposed scheme outperforms its counterparts and achieves up to 90%packet delivery ratio,lowest end-to-end delay,highest throughput,resilience against security attacks,and superior in block processing time.展开更多
In the current era,anyone can freely access the Internet thanks to the development of information and communication technology.The cloud is attracting attention due to its ability to meet continuous user demands for r...In the current era,anyone can freely access the Internet thanks to the development of information and communication technology.The cloud is attracting attention due to its ability to meet continuous user demands for resources.Additionally,Cloud is effective for systems with large data flow such as the Internet of Things(IoT)systems and Smart Cities.Nonetheless,the use of traditional networking technology in the cloud causes network traffic overload and network security problems.Therefore,the cloud requires efficient networking technology to solve the existing challenges.In this paper,we propose one-time password-based software-defined cloud architecture for secure dynamic routing to mitigating the above-mention issues.The proposed cloud architecture provides a secure data path through dynamic routing using One-Time Internet Protocol(OTIP)algorithm between each layer.On the network side,we use software-defined technology to provide efficient network management and data security.We introduce a software-defined cloud architecture that applies OTIP algorithms for secure dynamic routing.We conduct a comparative analysis between general IP communication and proposed OTIP communication architecture.It evaluates the performance of OTIP algorithms.Finally,we examine the proposed software-defined cloud architecture,including how to apply OTIP in secure dynamic routing according to the results of the comparative analysis.展开更多
Mobile Ad-hoc Network(MANET)routing problems are thoroughly studied several approaches are identified in support of MANET.Improve the Quality of Service(QoS)performance of MANET is achieving higher performance.To redu...Mobile Ad-hoc Network(MANET)routing problems are thoroughly studied several approaches are identified in support of MANET.Improve the Quality of Service(QoS)performance of MANET is achieving higher performance.To reduce this drawback,this paper proposes a new secure routing algorithm based on real-time partial ME(Mobility,energy)approximation.The routing method RRME(Real-time Regional Mobility Energy)divides the whole network into several parts,and each node’s various characteristics like mobility and energy are randomly selected neighbors accordingly.It is done in the path discovery phase,estimated to identify and remove malicious nodes.In addition,Trusted Forwarding Factor(TFF)calculates the various nodes based on historical records and other characteristics of multiple nodes.Similarly,the calculated QoS Support Factor(QoSSF)calculating by the Data Forwarding Support(DFS),Throughput Support(TS),and Lifetime Maximization Support(LMS)to any given path.One route was found to implement the path of maximizing MANET QoS based on QoSSF value.Hence the proposed technique produces the QoS based on real-time regional ME feature approximation.The proposed simulation implementation is done by the Network Simulator version 2(NS2)tool to produce better performance than other methods.It achieved a throughput performance had 98.5%and a routing performance had 98.2%.展开更多
In this paper, we present a Micro-payment based Isolation of Misbehavior(MIM) secure routing protocol. The protocol contains three parts: micro-payment scheme, routingdiscovery and malicious nodes detection The micro-...In this paper, we present a Micro-payment based Isolation of Misbehavior(MIM) secure routing protocol. The protocol contains three parts: micro-payment scheme, routingdiscovery and malicious nodes detection The micro-payment scheme proposed in MIM is the firstvirtual currency system that can be suit lor sensor network environment, Based on the micro-paymentscheme, we device an energy aware routing protocol, which forwards packets by auction. Furthermore,the base station can detect and isolate misbehave or non-cooptrare nodes according to the routinginformation.展开更多
Secure routing in Mobile Adhoc Network(Manet)is the key issue now a day in providing secure access to different network services.As mobile devices are used in accessing different services,performing secure routing bec...Secure routing in Mobile Adhoc Network(Manet)is the key issue now a day in providing secure access to different network services.As mobile devices are used in accessing different services,performing secure routing becomes a challenging task.Towards this,different approaches exist whichfind the trusted route based on their previous transmission details and behavior of different nodes.Also,the methods focused on trust measurement based on tiny information obtained from local nodes or with global information which are incomplete.How-ever,the adversary nodes are more capable and participate in each transmission not just to steal the data also to generate numerous threats in degrading QoS(Quality of Service)parameters like throughput,packet delivery ratio,and latency of the network.This encourages us in designing efficient routing scheme to max-imize QoS performance.To solve this issue,a two stage trust verification scheme and secure routing algorithm named GL-Trust(Global-Local-Trust)is presented.The method involves in route discovery as like popular AODV(Adaptive On-demand Distance Vector)which upgrades the protocol to collect other information like transmission supported,successful transmissions,energy,mobility,the num-ber of neighbors,and the number of alternate route to the same destination and so on.Further,the method would perform global trust approximation to measure the value of global trust and perform local trust approximation to measure local trust.Using both the measures,the method would select a optimal route to perform routing.The protocol is designed to perform localized route selection when there is a link failure which supports the achievement of higher QoS performance.By incorporating different features in measuring trust value towards secure routing,the proposed GL-Trust scheme improves the performance of secure routing as well as other QoS factors.展开更多
Mobile computing is the most powerful application for network com-munication and connectivity,given recent breakthroughs in thefield of wireless networks or Mobile Ad-hoc networks(MANETs).There are several obstacles th...Mobile computing is the most powerful application for network com-munication and connectivity,given recent breakthroughs in thefield of wireless networks or Mobile Ad-hoc networks(MANETs).There are several obstacles that effective networks confront and the networks must be able to transport data from one system to another with adequate precision.For most applications,a frame-work must ensure that the retrieved data reflects the transmitted data.Before driv-ing to other nodes,if the frame between the two nodes is deformed in the data-link layer,it must be repaired.Most link-layer protocols immediately disregard the frame and enable the high-layer protocols to transmit it down.In other words,because of asset information must be secured from threats,information is a valu-able resource.In MANETs,some applications necessitate the use of a network method for detecting and blocking these assaults.Building a secure intrusion detection system in the network,which provides security to the nodes and route paths in the network,is a major difficulty in MANET.Attacks on the network can jeopardize security issues discovered by the intrusion detection system engine,which are then blocked by the network’s intrusion prevention engine.By bringing the Secure Intrusion Detection System(S-IDS)into the network,a new technique for implementing security goals and preventing attacks will be developed.The Secure Energy Routing(SER)protocol for MANETs is introduced in this study.The protocol addresses the issue of network security by detecting and preventing attacks in the network.The data transmission in the MANET is forwarded using Elliptical Curve Cryptography(ECC)with an objective to improve the level of security.Network Simulator–2 is used to simulate the network and experiments are compared with existing methods.展开更多
Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changi...Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changing topology, cooperative routing algorithms.The article surveys the state of the art in security for wireless mesh networks.Firstly,we analyze various possible threats to security in wireless mesh networks.Secondly,we introduce some representative solutions to these threats,including solutions to the problems of key management,secure network routing,and intrusion detection.We also provide a comparison and discussion of their respective merits and drawbacks,and propose some improvements for these drawbacks.Finally,we also discuss the remaining challenges in the area.展开更多
The single planar routing protocol has a slow convergence rate in the large-scale Wireless Sensor Network(WSN).Although the hierarchical routing protocol can effectively cope with large-scale application scenarios,how...The single planar routing protocol has a slow convergence rate in the large-scale Wireless Sensor Network(WSN).Although the hierarchical routing protocol can effectively cope with large-scale application scenarios,how to elect a secure cluster head and balance the network load becomes an enormous challenge.In this paper,a Trust Management-based and Low Energy Adaptive Clustering Hierarchy protocol(LEACH-TM)is proposed.In LEACH-TM,by using the number of dynamic decision cluster head nodes,residual energy and density of neighbor nodes,the size of the cluster can be better constrained to improve energy efficiency,and avoid excessive energy consumption of a node.Simultaneously,the trust management scheme is introduced into LEACH-TM to defend against internal attacks.The simulation results show that,compared with LEACH-SWDN protocol and LEACH protocol,LEACH-TM outperforms in prolonging the network lifetime and balancing the energy consumption,and can effectively mitigate the influence of malicious nodes on cluster head selection,which can greatiy guarantee the security of the overall network.展开更多
Ad-hoc networking has mainly been associated with military battlefield networks. Security has received considerably less attention and the issue needs to be addressed before any successful applications will appear. Du...Ad-hoc networking has mainly been associated with military battlefield networks. Security has received considerably less attention and the issue needs to be addressed before any successful applications will appear. Due to the insecure nature of the wireless link and their dynamically changing topology, wireless ad-hoc networks require a careful and security-oriented approach for designing routing protocols. In this paper, an AODV-based secure routing protocol- ENAODV is presented. A speed-optimized digital signature algorithm is integrated into the routing protocol. The protocol algorithm is implemented with NS-2. The security of the protocol is analyzed. The simulating results show that the performances of ENAODV protocol, such as average node energy consumption, packet delay and packet delivery is nearly the same as standard AODV protocol.展开更多
A self-contained connection of wireless links that functions without any infrastructure is known as Mobile Ad Hoc Network(MANET).A MANET’s nodes could engage actively and dynamically with one another.However,MAN-ETs,...A self-contained connection of wireless links that functions without any infrastructure is known as Mobile Ad Hoc Network(MANET).A MANET’s nodes could engage actively and dynamically with one another.However,MAN-ETs,from the other side,are exposed to severe potential threats that are difficult to counter with present security methods.As a result,several safe communication protocols designed to enhance the secure interaction among MANET nodes.In this research,we offer a reputed optimal routing value among network nodes,secure computations,and misbehavior detection predicated on node’s trust levels with a Hybrid Trust based Reputation Mechanism(HTRM).In addition,the study designs a robust Public Key Infrastructure(PKI)system using the suggested trust evaluation method in terms of“key”generation,which is a crucial component of a PKI cryptosystem.We also concentrate on the solid node authenticating process that relies on pre-authentication.To ensure edge-to-edge security,we assess safe,trustworthy routes to secure computations and authenticate mobile nodes,incorporating uncertainty into the trust management solution.When compared to other protocols,our recommended approach performs better.Finally,we use simulations data and performance evaluation metrics to verify our suggested approach’s validity Our approach outperformed the competing systems in terms of overall end-to-end delay,packet delivery ratio,performance,power consumption,and key-computing time by 3.47%,3.152%,2.169%,and 3.527%,3.762%,significantly.展开更多
Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,t...Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not take the capacity of nodes into account, which may lead to network congestion. Moreover, security resource utilization in SDN is inefficient and is not addressed by existing routing algorithms. In this paper, we propose Route Guardian, a reliable securityoriented SDN routing mechanism, which considers the capabilities of SDN switch nodes combined with a Network Security Virtualization framework. Our scheme employs the distributed network security devices effectively to ensure analysis of abnormal traffic and malicious node isolation. Furthermore, Route Guardian supports dynamic routing reconfiguration according to the latest network status. We prototyped Route Guardian and conducted theoretical analysis and performance evaluation. Our results demonstrate that this approach can effectively use the existing security devices and mechanisms in SDN.展开更多
OLSR (optimal link state routing) is one of the four basic routing protocols used in mobile ad hoe Networks by the MANET working group of IETF(Internet engineering task force). OLSR, a proactive routing protocol, ...OLSR (optimal link state routing) is one of the four basic routing protocols used in mobile ad hoe Networks by the MANET working group of IETF(Internet engineering task force). OLSR, a proactive routing protocol, is based on a multipoint relaying flooding technique to reduce the number of topology broadcast. OLSR uses periodic HELLO packets to neighbor detection. As introduced in Reference [1], the wormhole attack can form a serious threat in wireless Networks, especially against many ad hoc Network routing protocols and location-based wireless security systems. Here, a trust model to handle this attack in OLSR is provided and simulated in NS2.展开更多
An efficient trust-aware secure routing and network strategy-based data collection scheme is presented in this paper to enhance the performance and security of wireless sensor networks during data collection.The metho...An efficient trust-aware secure routing and network strategy-based data collection scheme is presented in this paper to enhance the performance and security of wireless sensor networks during data collection.The method first discovers the routes between the data sensors and the sink node.Several factors are considered for each sensor node along the route,including energy,number of neighbours,previous transmissions,and energy depletion ratio.Considering all these variables,the Sink Reachable Support Measure and the Secure Communication Support Measure,the method evaluates two distinct measures.The method calculates the data carrier support value using these two metrics.A single route is chosen to collect data based on the value of data carrier support.It has contributed to the design of Secure Communication Support(SCS)Estimation.This has been measured according to the strategy of each hop of the route.The suggested method improves the security and efficacy of data collection in wireless sensor networks.The second stage uses the two-fish approach to build a trust model for secure data transfer.A sim-ulation exercise was conducted to evaluate the effectiveness of the suggested framework.Metrics,including PDR,end-to-end latency,and average residual energy,were assessed for the proposed model.The efficiency of the suggested route design serves as evidence for the average residual energy for the proposed framework.展开更多
Packet dropping in a mobile ad hoc network can manifest itself as the data plane attacks as well as control plane attacks.The former deal with malicious nodes performing packet drop on the data packets following the r...Packet dropping in a mobile ad hoc network can manifest itself as the data plane attacks as well as control plane attacks.The former deal with malicious nodes performing packet drop on the data packets following the route formation and the latter deal with those malicious nodes which either drop or manipulate the control packets to degrade the network performance.The idea of the proposed approach is that during the route establishment,each of the on-path nodes is provided with pre-computed hash values which have to be used to provide a unique acknowledgement value to the upstream neighbor which acts as a proof of the forwarding activity.The analysis phase results in the detection of nodes which exhibited malicious behavior in the current communication session so as to avoid them in the future communication sessions resulting in an improved packet delivery fraction even in the presence of one or more malicious nodes in the network.The communication overhead incurred is minimum since the acknowledgement reports are sent to the destination for a transmission of N packets rather than an individual acknowledgement for each transmitted packet.In contrast to some of the existing techniques,the proposed mechanism is not dependent on the deployment of additional infrastructure like special Intrusion Detection System(IDS)nodes.The only overhead incurred is in the form of control packets exchanged for the reports request and the reports submission.展开更多
Nowadays,with the advancement of new technologies such as the Internet of Things,new applications and intelligent networks,the use of wireless sensor network increased considerably.They are prone to a variety of attac...Nowadays,with the advancement of new technologies such as the Internet of Things,new applications and intelligent networks,the use of wireless sensor network increased considerably.They are prone to a variety of attacks.Thus,network security is of utmost importance to researchers.In the past,methods such as cryptography,authentication and hash function were used to create security in this type of network.However,due to the limitations of this type of network,trust-based methods are used today.Finding a secure route for transferring data among available routes greatly increases security in this network.In this paper,we present aTrust-based Routing Optimization using Multi-Ant Colonies(MACRAT)scheme which is based on the improvement of the ant meta-heuristic algorithm and an improved method for trust assessment which is presented.The simulation results illustrate that MACRAT is more efficient than existing routing protocols.The results show that MACRAT improved by 10% in black hole detection compared to ESRT protocol and by 4% compared to M-CSO protocol,the packet loss rate in MACRAT improved by 30.14%compared to ESRT protocol and 6%compared to M-CSO protocol.展开更多
In this paper, we propose a partially non-cryptographic security routing protocol (PNCSR) that protects both routing and data forwarding operations through the same reactive approach. PNCSR only apply public-key cry...In this paper, we propose a partially non-cryptographic security routing protocol (PNCSR) that protects both routing and data forwarding operations through the same reactive approach. PNCSR only apply public-key cryptographic system in managing token, but it doesn't utilize any cryptographic primitives on the routing messages. In PNCSR, each node is fair. Local neighboring nodes collaboratively monitor each other and sustain each other. It also uses a novel credit strategy which additively increases the token lifetime each time a node renews its token. We also analyze the storage, computation, and communication overhead of PNCSR, and provide a simple yet meaningful overhead comparison. Finally, the simulation results show the effectiveness of PNCSR in various situations.展开更多
The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding...The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding a reliable method is an important factor in improving communication security.For further enhancement of protected communication,we suggest a trust cluster based secure routing(TCSR)framework for wireless sensor network(WSN)using optimization algorithms.First,we introduce an efficient cluster formation using a modified tug of war optimization(MTWO)algorithm,which provides loadbalanced clusters for energy-efficient data transmission.Second,we illustrate the optimal head selection using multiple design constraints received signal strength,congestion rate,data loss rate,and throughput of the node.Those parameters are optimized by a butterfly optimal deep neural network(BO-DNN),which provides first-level security towards the selection of the best head node.Third,we utilize the lightweight signcryption to encrypt the data between two nodes during data transmission,which provides second-level security.The model provides an estimation of the trust level of each route to help a source node to select the most secure one.The nodes of the network improve reliability and security by maintaining the reliability component.Simulation results showed that the proposed scheme achieved 45.6%of delivery ratio.展开更多
Numerous methods are analysed in detail to improve task schedulingand data security performance in the cloud environment. The methodsinvolve scheduling according to the factors like makespan, waiting time,cost, deadli...Numerous methods are analysed in detail to improve task schedulingand data security performance in the cloud environment. The methodsinvolve scheduling according to the factors like makespan, waiting time,cost, deadline, and popularity. However, the methods are inappropriate forachieving higher scheduling performance. Regarding data security, existingmethods use various encryption schemes but introduce significant serviceinterruption. This article sketches a practical Real-time Application CentricTRS (Throughput-Resource utilization–Success) Scheduling with Data Security(RATRSDS) model by considering all these issues in task scheduling anddata security. The method identifies the required resource and their claim timeby receiving the service requests. Further, for the list of resources as services,the method computes throughput support (Thrs) according to the number ofstatements executed and the complete statements of the service. Similarly, themethod computes Resource utilization support (Ruts) according to the idletime on any duty cycle and total servicing time. Also, the method computesthe value of Success support (Sus) according to the number of completions forthe number of allocations. The method estimates the TRS score (ThroughputResource utilization Success) for different resources using all these supportmeasures. According to the value of the TRS score, the services are rankedand scheduled. On the other side, based on the requirement of service requests,the method computes Requirement Support (RS). The selection of service isperformed and allocated. Similarly, choosing the route according to the RouteSupport Measure (RSM) enforced route security. Finally, data security hasgets implemented with a service-based encryption technique. The RATRSDSscheme has claimed higher performance in data security and scheduling.展开更多
Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (M...Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (MANETs) very much. Jumin Song, et al. presented an ID-based aggregate signature, applied it to MANETs and proposed a secure routing scheme. In this work, we analyze Jumin Song, et al.’s aggregate signature scheme and find some limitations on its batch verification. In addition, in this work, we apply Craig Gentry, et al.’s ID-based aggregate signature to on-demand routing pro-tocol to present a secure routing scheme. Our scheme not only provides sound authentication and a secure routing protocol in ad hoc networks, but also meets the nature of MANETs.展开更多
基金the National Natural Science Foundation of China,GrantNumbers(62272007,62001007)the Natural Science Foundation of Beijing,GrantNumbers(4234083,4212018)The authors also acknowledge the support from King Khalid University for funding this research through the Large Group Project under Grant Number RGP.2/373/45.
文摘Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.
基金This paper is supported in part by the National Natural Science Foundation of China(61701322)the Young and Middle-aged Science and Technology Innovation Talent Support Plan of Shenyang(RC190026)+1 种基金the Natural Science Foundation of Liaoning Province(2020-MS-237)the Liaoning Provincial Department of Education Science Foundation(JYT19052).
文摘Flying Ad hoc Network(FANET)has drawn significant consideration due to its rapid advancements and extensive use in civil applications.However,the characteristics of FANET including high mobility,limited resources,and distributed nature,have posed a new challenge to develop a secure and ef-ficient routing scheme for FANET.To overcome these challenges,this paper proposes a novel cluster based secure routing scheme,which aims to solve the routing and data security problem of FANET.In this scheme,the optimal cluster head selection is based on residual energy,online time,reputation,blockchain transactions,mobility,and connectivity by using Improved Artificial Bee Colony Optimization(IABC).The proposed IABC utilizes two different search equations for employee bee and onlooker bee to enhance convergence rate and exploitation abilities.Further,a lightweight blockchain consensus algorithm,AI-Proof of Witness Consensus Algorithm(AI-PoWCA)is proposed,which utilizes the optimal cluster head for mining.In AI-PoWCA,the concept of the witness for block verification is also involved to make the proposed scheme resource efficient and highly resilient against 51%attack.Simulation results demonstrate that the proposed scheme outperforms its counterparts and achieves up to 90%packet delivery ratio,lowest end-to-end delay,highest throughput,resilience against security attacks,and superior in block processing time.
基金This work was supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(NRF-2019R1A2B5B01070416)also supported by the Advanced Research Project funded by the SeoulTech(Seoul National University of Science and Technology).
文摘In the current era,anyone can freely access the Internet thanks to the development of information and communication technology.The cloud is attracting attention due to its ability to meet continuous user demands for resources.Additionally,Cloud is effective for systems with large data flow such as the Internet of Things(IoT)systems and Smart Cities.Nonetheless,the use of traditional networking technology in the cloud causes network traffic overload and network security problems.Therefore,the cloud requires efficient networking technology to solve the existing challenges.In this paper,we propose one-time password-based software-defined cloud architecture for secure dynamic routing to mitigating the above-mention issues.The proposed cloud architecture provides a secure data path through dynamic routing using One-Time Internet Protocol(OTIP)algorithm between each layer.On the network side,we use software-defined technology to provide efficient network management and data security.We introduce a software-defined cloud architecture that applies OTIP algorithms for secure dynamic routing.We conduct a comparative analysis between general IP communication and proposed OTIP communication architecture.It evaluates the performance of OTIP algorithms.Finally,we examine the proposed software-defined cloud architecture,including how to apply OTIP in secure dynamic routing according to the results of the comparative analysis.
文摘Mobile Ad-hoc Network(MANET)routing problems are thoroughly studied several approaches are identified in support of MANET.Improve the Quality of Service(QoS)performance of MANET is achieving higher performance.To reduce this drawback,this paper proposes a new secure routing algorithm based on real-time partial ME(Mobility,energy)approximation.The routing method RRME(Real-time Regional Mobility Energy)divides the whole network into several parts,and each node’s various characteristics like mobility and energy are randomly selected neighbors accordingly.It is done in the path discovery phase,estimated to identify and remove malicious nodes.In addition,Trusted Forwarding Factor(TFF)calculates the various nodes based on historical records and other characteristics of multiple nodes.Similarly,the calculated QoS Support Factor(QoSSF)calculating by the Data Forwarding Support(DFS),Throughput Support(TS),and Lifetime Maximization Support(LMS)to any given path.One route was found to implement the path of maximizing MANET QoS based on QoSSF value.Hence the proposed technique produces the QoS based on real-time regional ME feature approximation.The proposed simulation implementation is done by the Network Simulator version 2(NS2)tool to produce better performance than other methods.It achieved a throughput performance had 98.5%and a routing performance had 98.2%.
文摘In this paper, we present a Micro-payment based Isolation of Misbehavior(MIM) secure routing protocol. The protocol contains three parts: micro-payment scheme, routingdiscovery and malicious nodes detection The micro-payment scheme proposed in MIM is the firstvirtual currency system that can be suit lor sensor network environment, Based on the micro-paymentscheme, we device an energy aware routing protocol, which forwards packets by auction. Furthermore,the base station can detect and isolate misbehave or non-cooptrare nodes according to the routinginformation.
文摘Secure routing in Mobile Adhoc Network(Manet)is the key issue now a day in providing secure access to different network services.As mobile devices are used in accessing different services,performing secure routing becomes a challenging task.Towards this,different approaches exist whichfind the trusted route based on their previous transmission details and behavior of different nodes.Also,the methods focused on trust measurement based on tiny information obtained from local nodes or with global information which are incomplete.How-ever,the adversary nodes are more capable and participate in each transmission not just to steal the data also to generate numerous threats in degrading QoS(Quality of Service)parameters like throughput,packet delivery ratio,and latency of the network.This encourages us in designing efficient routing scheme to max-imize QoS performance.To solve this issue,a two stage trust verification scheme and secure routing algorithm named GL-Trust(Global-Local-Trust)is presented.The method involves in route discovery as like popular AODV(Adaptive On-demand Distance Vector)which upgrades the protocol to collect other information like transmission supported,successful transmissions,energy,mobility,the num-ber of neighbors,and the number of alternate route to the same destination and so on.Further,the method would perform global trust approximation to measure the value of global trust and perform local trust approximation to measure local trust.Using both the measures,the method would select a optimal route to perform routing.The protocol is designed to perform localized route selection when there is a link failure which supports the achievement of higher QoS performance.By incorporating different features in measuring trust value towards secure routing,the proposed GL-Trust scheme improves the performance of secure routing as well as other QoS factors.
文摘Mobile computing is the most powerful application for network com-munication and connectivity,given recent breakthroughs in thefield of wireless networks or Mobile Ad-hoc networks(MANETs).There are several obstacles that effective networks confront and the networks must be able to transport data from one system to another with adequate precision.For most applications,a frame-work must ensure that the retrieved data reflects the transmitted data.Before driv-ing to other nodes,if the frame between the two nodes is deformed in the data-link layer,it must be repaired.Most link-layer protocols immediately disregard the frame and enable the high-layer protocols to transmit it down.In other words,because of asset information must be secured from threats,information is a valu-able resource.In MANETs,some applications necessitate the use of a network method for detecting and blocking these assaults.Building a secure intrusion detection system in the network,which provides security to the nodes and route paths in the network,is a major difficulty in MANET.Attacks on the network can jeopardize security issues discovered by the intrusion detection system engine,which are then blocked by the network’s intrusion prevention engine.By bringing the Secure Intrusion Detection System(S-IDS)into the network,a new technique for implementing security goals and preventing attacks will be developed.The Secure Energy Routing(SER)protocol for MANETs is introduced in this study.The protocol addresses the issue of network security by detecting and preventing attacks in the network.The data transmission in the MANET is forwarded using Elliptical Curve Cryptography(ECC)with an objective to improve the level of security.Network Simulator–2 is used to simulate the network and experiments are compared with existing methods.
基金Project supported by the Shanghai Minicipal Natural Science Foundation(Grant No09ZR1414900)the National High Technology Development 863 Program of China(Grant No2006AA01Z436,No2007AA01Z452,No2009AA01Z118)
文摘Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changing topology, cooperative routing algorithms.The article surveys the state of the art in security for wireless mesh networks.Firstly,we analyze various possible threats to security in wireless mesh networks.Secondly,we introduce some representative solutions to these threats,including solutions to the problems of key management,secure network routing,and intrusion detection.We also provide a comparison and discussion of their respective merits and drawbacks,and propose some improvements for these drawbacks.Finally,we also discuss the remaining challenges in the area.
基金supported by the National Natural Science Foundation of China(Grant No.61571303,No.61571004)the Shanghai Natural Science Foundation(Grant No.21ZR1461700)+3 种基金the Shanghai Sailing Program(Grant No.19YF1455800)the National Science and Technology Major Project of China(No.2018ZX03001031)the Fundamental Research Funds for State Key Laboratory of Synthetical Automation for Process Industries(Grant No.PAL-N201703)the National Key Research and Development Program of China-Internet of Things and Smart City Key Program(No.2019YFB2101600,NO.2019YFB2101602,No.2019YFB2101602-03).
文摘The single planar routing protocol has a slow convergence rate in the large-scale Wireless Sensor Network(WSN).Although the hierarchical routing protocol can effectively cope with large-scale application scenarios,how to elect a secure cluster head and balance the network load becomes an enormous challenge.In this paper,a Trust Management-based and Low Energy Adaptive Clustering Hierarchy protocol(LEACH-TM)is proposed.In LEACH-TM,by using the number of dynamic decision cluster head nodes,residual energy and density of neighbor nodes,the size of the cluster can be better constrained to improve energy efficiency,and avoid excessive energy consumption of a node.Simultaneously,the trust management scheme is introduced into LEACH-TM to defend against internal attacks.The simulation results show that,compared with LEACH-SWDN protocol and LEACH protocol,LEACH-TM outperforms in prolonging the network lifetime and balancing the energy consumption,and can effectively mitigate the influence of malicious nodes on cluster head selection,which can greatiy guarantee the security of the overall network.
基金This work was supported by China Nature Science Fund .Serial No.60073059and60273078
文摘Ad-hoc networking has mainly been associated with military battlefield networks. Security has received considerably less attention and the issue needs to be addressed before any successful applications will appear. Due to the insecure nature of the wireless link and their dynamically changing topology, wireless ad-hoc networks require a careful and security-oriented approach for designing routing protocols. In this paper, an AODV-based secure routing protocol- ENAODV is presented. A speed-optimized digital signature algorithm is integrated into the routing protocol. The protocol algorithm is implemented with NS-2. The security of the protocol is analyzed. The simulating results show that the performances of ENAODV protocol, such as average node energy consumption, packet delay and packet delivery is nearly the same as standard AODV protocol.
文摘A self-contained connection of wireless links that functions without any infrastructure is known as Mobile Ad Hoc Network(MANET).A MANET’s nodes could engage actively and dynamically with one another.However,MAN-ETs,from the other side,are exposed to severe potential threats that are difficult to counter with present security methods.As a result,several safe communication protocols designed to enhance the secure interaction among MANET nodes.In this research,we offer a reputed optimal routing value among network nodes,secure computations,and misbehavior detection predicated on node’s trust levels with a Hybrid Trust based Reputation Mechanism(HTRM).In addition,the study designs a robust Public Key Infrastructure(PKI)system using the suggested trust evaluation method in terms of“key”generation,which is a crucial component of a PKI cryptosystem.We also concentrate on the solid node authenticating process that relies on pre-authentication.To ensure edge-to-edge security,we assess safe,trustworthy routes to secure computations and authenticate mobile nodes,incorporating uncertainty into the trust management solution.When compared to other protocols,our recommended approach performs better.Finally,we use simulations data and performance evaluation metrics to verify our suggested approach’s validity Our approach outperformed the competing systems in terms of overall end-to-end delay,packet delivery ratio,performance,power consumption,and key-computing time by 3.47%,3.152%,2.169%,and 3.527%,3.762%,significantly.
基金supported in part by the National Natural Science Foundation of China (Nos. 61402029, 61370190, and 61379002)the National Key Basic Research Program (973) of China (No. 2012CB315905)
文摘Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not take the capacity of nodes into account, which may lead to network congestion. Moreover, security resource utilization in SDN is inefficient and is not addressed by existing routing algorithms. In this paper, we propose Route Guardian, a reliable securityoriented SDN routing mechanism, which considers the capabilities of SDN switch nodes combined with a Network Security Virtualization framework. Our scheme employs the distributed network security devices effectively to ensure analysis of abnormal traffic and malicious node isolation. Furthermore, Route Guardian supports dynamic routing reconfiguration according to the latest network status. We prototyped Route Guardian and conducted theoretical analysis and performance evaluation. Our results demonstrate that this approach can effectively use the existing security devices and mechanisms in SDN.
基金Supported by the Natural Science Foundation of Hubei Province(No.2005ABA243) .
文摘OLSR (optimal link state routing) is one of the four basic routing protocols used in mobile ad hoe Networks by the MANET working group of IETF(Internet engineering task force). OLSR, a proactive routing protocol, is based on a multipoint relaying flooding technique to reduce the number of topology broadcast. OLSR uses periodic HELLO packets to neighbor detection. As introduced in Reference [1], the wormhole attack can form a serious threat in wireless Networks, especially against many ad hoc Network routing protocols and location-based wireless security systems. Here, a trust model to handle this attack in OLSR is provided and simulated in NS2.
文摘An efficient trust-aware secure routing and network strategy-based data collection scheme is presented in this paper to enhance the performance and security of wireless sensor networks during data collection.The method first discovers the routes between the data sensors and the sink node.Several factors are considered for each sensor node along the route,including energy,number of neighbours,previous transmissions,and energy depletion ratio.Considering all these variables,the Sink Reachable Support Measure and the Secure Communication Support Measure,the method evaluates two distinct measures.The method calculates the data carrier support value using these two metrics.A single route is chosen to collect data based on the value of data carrier support.It has contributed to the design of Secure Communication Support(SCS)Estimation.This has been measured according to the strategy of each hop of the route.The suggested method improves the security and efficacy of data collection in wireless sensor networks.The second stage uses the two-fish approach to build a trust model for secure data transfer.A sim-ulation exercise was conducted to evaluate the effectiveness of the suggested framework.Metrics,including PDR,end-to-end latency,and average residual energy,were assessed for the proposed model.The efficiency of the suggested route design serves as evidence for the average residual energy for the proposed framework.
基金The author would like to thank Deanship of Scientific Research at Majmaah University for supporting this work under Project Number 1439-59.
文摘Packet dropping in a mobile ad hoc network can manifest itself as the data plane attacks as well as control plane attacks.The former deal with malicious nodes performing packet drop on the data packets following the route formation and the latter deal with those malicious nodes which either drop or manipulate the control packets to degrade the network performance.The idea of the proposed approach is that during the route establishment,each of the on-path nodes is provided with pre-computed hash values which have to be used to provide a unique acknowledgement value to the upstream neighbor which acts as a proof of the forwarding activity.The analysis phase results in the detection of nodes which exhibited malicious behavior in the current communication session so as to avoid them in the future communication sessions resulting in an improved packet delivery fraction even in the presence of one or more malicious nodes in the network.The communication overhead incurred is minimum since the acknowledgement reports are sent to the destination for a transmission of N packets rather than an individual acknowledgement for each transmitted packet.In contrast to some of the existing techniques,the proposed mechanism is not dependent on the deployment of additional infrastructure like special Intrusion Detection System(IDS)nodes.The only overhead incurred is in the form of control packets exchanged for the reports request and the reports submission.
文摘Nowadays,with the advancement of new technologies such as the Internet of Things,new applications and intelligent networks,the use of wireless sensor network increased considerably.They are prone to a variety of attacks.Thus,network security is of utmost importance to researchers.In the past,methods such as cryptography,authentication and hash function were used to create security in this type of network.However,due to the limitations of this type of network,trust-based methods are used today.Finding a secure route for transferring data among available routes greatly increases security in this network.In this paper,we present aTrust-based Routing Optimization using Multi-Ant Colonies(MACRAT)scheme which is based on the improvement of the ant meta-heuristic algorithm and an improved method for trust assessment which is presented.The simulation results illustrate that MACRAT is more efficient than existing routing protocols.The results show that MACRAT improved by 10% in black hole detection compared to ESRT protocol and by 4% compared to M-CSO protocol,the packet loss rate in MACRAT improved by 30.14%compared to ESRT protocol and 6%compared to M-CSO protocol.
基金Supported bythe National Natural Science Foundationof China (60403027)
文摘In this paper, we propose a partially non-cryptographic security routing protocol (PNCSR) that protects both routing and data forwarding operations through the same reactive approach. PNCSR only apply public-key cryptographic system in managing token, but it doesn't utilize any cryptographic primitives on the routing messages. In PNCSR, each node is fair. Local neighboring nodes collaboratively monitor each other and sustain each other. It also uses a novel credit strategy which additively increases the token lifetime each time a node renews its token. We also analyze the storage, computation, and communication overhead of PNCSR, and provide a simple yet meaningful overhead comparison. Finally, the simulation results show the effectiveness of PNCSR in various situations.
文摘The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding a reliable method is an important factor in improving communication security.For further enhancement of protected communication,we suggest a trust cluster based secure routing(TCSR)framework for wireless sensor network(WSN)using optimization algorithms.First,we introduce an efficient cluster formation using a modified tug of war optimization(MTWO)algorithm,which provides loadbalanced clusters for energy-efficient data transmission.Second,we illustrate the optimal head selection using multiple design constraints received signal strength,congestion rate,data loss rate,and throughput of the node.Those parameters are optimized by a butterfly optimal deep neural network(BO-DNN),which provides first-level security towards the selection of the best head node.Third,we utilize the lightweight signcryption to encrypt the data between two nodes during data transmission,which provides second-level security.The model provides an estimation of the trust level of each route to help a source node to select the most secure one.The nodes of the network improve reliability and security by maintaining the reliability component.Simulation results showed that the proposed scheme achieved 45.6%of delivery ratio.
文摘Numerous methods are analysed in detail to improve task schedulingand data security performance in the cloud environment. The methodsinvolve scheduling according to the factors like makespan, waiting time,cost, deadline, and popularity. However, the methods are inappropriate forachieving higher scheduling performance. Regarding data security, existingmethods use various encryption schemes but introduce significant serviceinterruption. This article sketches a practical Real-time Application CentricTRS (Throughput-Resource utilization–Success) Scheduling with Data Security(RATRSDS) model by considering all these issues in task scheduling anddata security. The method identifies the required resource and their claim timeby receiving the service requests. Further, for the list of resources as services,the method computes throughput support (Thrs) according to the number ofstatements executed and the complete statements of the service. Similarly, themethod computes Resource utilization support (Ruts) according to the idletime on any duty cycle and total servicing time. Also, the method computesthe value of Success support (Sus) according to the number of completions forthe number of allocations. The method estimates the TRS score (ThroughputResource utilization Success) for different resources using all these supportmeasures. According to the value of the TRS score, the services are rankedand scheduled. On the other side, based on the requirement of service requests,the method computes Requirement Support (RS). The selection of service isperformed and allocated. Similarly, choosing the route according to the RouteSupport Measure (RSM) enforced route security. Finally, data security hasgets implemented with a service-based encryption technique. The RATRSDSscheme has claimed higher performance in data security and scheduling.
文摘Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (MANETs) very much. Jumin Song, et al. presented an ID-based aggregate signature, applied it to MANETs and proposed a secure routing scheme. In this work, we analyze Jumin Song, et al.’s aggregate signature scheme and find some limitations on its batch verification. In addition, in this work, we apply Craig Gentry, et al.’s ID-based aggregate signature to on-demand routing pro-tocol to present a secure routing scheme. Our scheme not only provides sound authentication and a secure routing protocol in ad hoc networks, but also meets the nature of MANETs.