The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(...The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(IPv6)in the IoT.However,RPL is vulnerable to various attacks,including the sinkhole attack,which disrupts the network by manipulating routing information.This paper proposes the Unweighted Voting Method(UVM)for sinkhole node identification,utilizing three key behavioral indicators:DODAG Information Object(DIO)Transaction Frequency,Rank Harmony,and Power Consumption.These indicators have been carefully selected based on their contribution to sinkhole attack detection and other relevant features used in previous research.The UVM method employs an unweighted voting mechanism,where each voter or rule holds equal weight in detecting the presence of a sinkhole attack based on the proposed indicators.The effectiveness of the UVM method is evaluated using the COOJA simulator and compared with existing approaches.Notably,the proposed approach fulfills power consumption requirements for constrained nodes without increasing consumption due to the deployment design.In terms of detection accuracy,simulation results demonstrate a high detection rate ranging from 90%to 100%,with a low false-positive rate of 0%to 0.2%.Consequently,the proposed approach surpasses Ensemble Learning Intrusion Detection Systems by leveraging three indicators and three supporting rules.展开更多
This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in d...This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.展开更多
Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a c...Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a clustering protocol,the selection of a cluster head(CH)plays a key role in prolonging the lifetime of a network.However,most cluster-based protocols,including routing protocols for low-power and lossy networks(RPLs),have used fuzzy logic and probabilistic approaches to select the CH node.Consequently,early battery depletion is produced near the sink.To overcome this issue,a lion optimization algorithm(LOA)for selecting CH in RPL is proposed in this study.LOA-RPL comprises three processes:cluster formation,CH selection,and route establishment.A cluster is formed using the Euclidean distance.CH selection is performed using LOA.Route establishment is implemented using residual energy information.An extensive simulation is conducted in the network simulator ns-3 on various parameters,such as network lifetime,power consumption,packet delivery ratio(PDR),and throughput.The performance of LOA-RPL is also compared with those of RPL,fuzzy rule-based energyefficient clustering and immune-inspired routing(FEEC-IIR),and the routing scheme for IoT that uses shuffled frog-leaping optimization algorithm(RISARPL).The performance evaluation metrics used in this study are network lifetime,power consumption,PDR,and throughput.The proposed LOARPL increases network lifetime by 20%and PDR by 5%–10%compared with RPL,FEEC-IIR,and RISA-RPL.LOA-RPL is also highly energy-efficient compared with other similar routing protocols.展开更多
The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not eas...The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.展开更多
Two significant issues in Internet-based networked control systems ( INCSs), transport performance of different protocols and security breach from Internet side, are investigated. First, for improving the performanc...Two significant issues in Internet-based networked control systems ( INCSs), transport performance of different protocols and security breach from Internet side, are investigated. First, for improving the performance of data transmission, user datagram protocol (UDP) is adopted as the main stand for controllers and plants using INCSs. Second, a dual-channel secure transmission scheme (DCSTS)based on data transmission characteristics of INCSs is proposed, in which a raw UDP channel and a secure TCP (transmission control protocol) connection making use of SSL/TLS (secure sockets layer/transport layer security) are included. Further, a networked control protocol (NCP) at application layer for supporting DCSTS between the controllers and plants in INCSs is designed, and it also aims at providing a universal communication mechanism for interoperability of devices among the networked control laboratories in Beijing Institute of Technology of China, Central South University of China and Tokyo University of Technology of Japan. By means of a networked single-degree-of-free- dom robot arm, an INCS under the new protocol and security environment is created. Compared with systems such as IPSec or SSL/TLS, which may cause more than 91% network throughput deduction, the new DCSTS protocol may yield results ten times better, being just 5.67%.展开更多
基金funded by the Deanship of Scientific Research at Najran University for this research through a Grant(NU/RG/SERC/12/50)under the Research Groups at Najran University,Saudi Arabia.
文摘The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(IPv6)in the IoT.However,RPL is vulnerable to various attacks,including the sinkhole attack,which disrupts the network by manipulating routing information.This paper proposes the Unweighted Voting Method(UVM)for sinkhole node identification,utilizing three key behavioral indicators:DODAG Information Object(DIO)Transaction Frequency,Rank Harmony,and Power Consumption.These indicators have been carefully selected based on their contribution to sinkhole attack detection and other relevant features used in previous research.The UVM method employs an unweighted voting mechanism,where each voter or rule holds equal weight in detecting the presence of a sinkhole attack based on the proposed indicators.The effectiveness of the UVM method is evaluated using the COOJA simulator and compared with existing approaches.Notably,the proposed approach fulfills power consumption requirements for constrained nodes without increasing consumption due to the deployment design.In terms of detection accuracy,simulation results demonstrate a high detection rate ranging from 90%to 100%,with a low false-positive rate of 0%to 0.2%.Consequently,the proposed approach surpasses Ensemble Learning Intrusion Detection Systems by leveraging three indicators and three supporting rules.
文摘This paper evaluates the performance of Internet Protocol Security (IPSec) based Multiprotocol Label Switching (MPLS) virtual private network (VPN) in a small to medium sized organization. The demand for security in data networks has been increasing owing to the high cyber attacks and potential risks associated with networks spread over distant geographical locations. The MPLS networks ride on the public network backbone that is porous and highly susceptible to attacks and so the need for reliable security mechanisms to be part of the deployment plan. The evaluation criteria concentrated on Voice over Internet Protocol (VoIP) and Video conferencing with keen interest in jitter, end to end delivery and general data flow. This study used both structured questionnaire and observation methods. The structured questionnaire was administered to a group of 70 VPN users in a company. This provided the study with precise responses. The observation method was used in data simulations using OPNET Version 14.5 Simulation software. The results show that the IPSec features increase the size of data packets by approximately 9.98% translating into approximately 90.02% effectiveness. The tests showed that the performance metrics are all well within the recommended standards. The IPSec Based MPLS Virtual private network is more stable and secure than one without IPSec.
基金This research was supported by X-mind Corps program of National Research Foundation of Korea(NRF)funded by the Ministry of Science,ICT(No.2019H1D8A1105622)the Soonchunhyang University Research Fund.
文摘Energy conservation is a significant task in the Internet of Things(IoT)because IoT involves highly resource-constrained devices.Clustering is an effective technique for saving energy by reducing duplicate data.In a clustering protocol,the selection of a cluster head(CH)plays a key role in prolonging the lifetime of a network.However,most cluster-based protocols,including routing protocols for low-power and lossy networks(RPLs),have used fuzzy logic and probabilistic approaches to select the CH node.Consequently,early battery depletion is produced near the sink.To overcome this issue,a lion optimization algorithm(LOA)for selecting CH in RPL is proposed in this study.LOA-RPL comprises three processes:cluster formation,CH selection,and route establishment.A cluster is formed using the Euclidean distance.CH selection is performed using LOA.Route establishment is implemented using residual energy information.An extensive simulation is conducted in the network simulator ns-3 on various parameters,such as network lifetime,power consumption,packet delivery ratio(PDR),and throughput.The performance of LOA-RPL is also compared with those of RPL,fuzzy rule-based energyefficient clustering and immune-inspired routing(FEEC-IIR),and the routing scheme for IoT that uses shuffled frog-leaping optimization algorithm(RISARPL).The performance evaluation metrics used in this study are network lifetime,power consumption,PDR,and throughput.The proposed LOARPL increases network lifetime by 20%and PDR by 5%–10%compared with RPL,FEEC-IIR,and RISA-RPL.LOA-RPL is also highly energy-efficient compared with other similar routing protocols.
基金This research was supported by National Natural Science Foundation of China(Grant Nos.61972048,62072051).
文摘The Internet Control Message Protocol(ICMP)covert tunnel refers to a network attack that encapsulates malicious data in the data part of the ICMP protocol for transmission.Its concealment is stronger and it is not easy to be discovered.Most detection methods are detecting the existence of channels instead of clarifying specific attack intentions.In this paper,we propose an ICMP covert tunnel attack intent detection framework ICMPTend,which includes five steps:data collection,feature dictionary construction,data preprocessing,model construction,and attack intent prediction.ICMPTend can detect a variety of attack intentions,such as shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attacks.We extract features from five types of attack intent found in ICMP channels.We build a multi-dimensional dictionary of malicious features,including shell attacks,sensitive directory access,communication protocol traffic theft,filling tunnel reserved words,and other common network attack keywords.For the high-dimensional and independent characteristics of ICMP traffic,we use a support vector machine(SVM)as a multi-class classifier.The experimental results show that the average accuracy of ICMPTend is 92%,training ICMPTend only takes 55 s,and the prediction time is only 2 s,which can effectively identify the attack intention of ICMP.
文摘Two significant issues in Internet-based networked control systems ( INCSs), transport performance of different protocols and security breach from Internet side, are investigated. First, for improving the performance of data transmission, user datagram protocol (UDP) is adopted as the main stand for controllers and plants using INCSs. Second, a dual-channel secure transmission scheme (DCSTS)based on data transmission characteristics of INCSs is proposed, in which a raw UDP channel and a secure TCP (transmission control protocol) connection making use of SSL/TLS (secure sockets layer/transport layer security) are included. Further, a networked control protocol (NCP) at application layer for supporting DCSTS between the controllers and plants in INCSs is designed, and it also aims at providing a universal communication mechanism for interoperability of devices among the networked control laboratories in Beijing Institute of Technology of China, Central South University of China and Tokyo University of Technology of Japan. By means of a networked single-degree-of-free- dom robot arm, an INCS under the new protocol and security environment is created. Compared with systems such as IPSec or SSL/TLS, which may cause more than 91% network throughput deduction, the new DCSTS protocol may yield results ten times better, being just 5.67%.
