In this paper, an optimized rmlicious nodes detection algorithm, based on Weighted Confidence Filter (WCF), is proposed to protect sensor networks from attacks. In this algorithm, each cluster head in a cluster-base...In this paper, an optimized rmlicious nodes detection algorithm, based on Weighted Confidence Filter (WCF), is proposed to protect sensor networks from attacks. In this algorithm, each cluster head in a cluster-based hierarchical network figures out an average confidence degree by means of messages from its child nodes. The cluster head only accepts a message from the child node whose confidence degree is higher than the average. Meanwhile, it updates the confidence degrees for each of its child nodes by comparing the aggregation value and the received messages, and regards them as the weight of exactness of messages from nodes. A sensor node is judged to be rmlicious if its weight value is lower than the predefined threshold. Comparative simulation results verify that the proposed WCF algorithm is better than the Weighted Trust Evaluation (WTE) in terms of the detection ratio and the false alarm ratio. More specifically, with the WCF, the detection ratio is significantly improved and the false alarm ratio is observably reduced, especially when the malicious node ratio is 0.25 or greater. When 40% of 100 sensors are malicious, the detection accuracy is above 90% and the false alarm ratio is nearly only 1.8%.展开更多
ARP-based Distributed Denial of Service (DDoS) attacks due to ARP-storms can happen in local area networks where many computer systems are infected by worms such as Code Red or by DDoS agents. In ARP attack, the DDoS ...ARP-based Distributed Denial of Service (DDoS) attacks due to ARP-storms can happen in local area networks where many computer systems are infected by worms such as Code Red or by DDoS agents. In ARP attack, the DDoS agents constantly send a barrage of ARP requests to the gateway, or to a victim computer within the same sub-network, and tie up the resource of attacked gateway or host. In this paper, we set to measure the impact of ARP-attack on resource exhaustion of computers in a local area network. Based on attack experiments, we measure the exhaustion of processing and memory resources of a victim computer and also other computers, which are located on the same network as the victim computer. Interestingly enough, it is observed that an ARP-attack not only exhausts resource of the victim computer but also significantly exhausts processing resource of other non-victim computers, which happen to be located on the same local area network as the victim computer.展开更多
Clustering is the most significant task characterized in Wireless Sensor Networks (WSN) by data aggregation through each Cluster Head (CH). This leads to the reduction in the traffic cost. Due to the deployment of the...Clustering is the most significant task characterized in Wireless Sensor Networks (WSN) by data aggregation through each Cluster Head (CH). This leads to the reduction in the traffic cost. Due to the deployment of the WSN in the remote and hostile environments for the transmission of the sensitive information, the sensor nodes are more prone to the false data injection attacks. To overcome these existing issues and enhance the network security, this paper proposes a Secure Area based Clustering approach for data aggregation using Traffic Analysis (SAC-TA) in WSN. Here, the sensor network is clustered into small clusters, such that each cluster has a CH to manage and gather the information from the normal sensor nodes. The CH is selected based on the predefined time slot, cluster center, and highest residual energy. The gathered data are validated based on the traffic analysis and One-time Key Generation procedures to identify the malicious nodes on the route. It helps to provide a secure data gathering process with improved energy efficiency. The performance of the proposed approach is compared with the existing Secure Data Aggregation Technique (SDAT). The proposed SAC-TA yields lower average energy consumption rate, lower end-to-end delay, higher average residual energy, higher data aggregation accuracy and false data detection rate than the existing technique.展开更多
Dynamic graph neural networks(DGNNs)have demonstrated their extraordinary value in many practical applications.Nevertheless,the vulnerability of DNNs is a serious hidden danger as a small disturbance added to the mode...Dynamic graph neural networks(DGNNs)have demonstrated their extraordinary value in many practical applications.Nevertheless,the vulnerability of DNNs is a serious hidden danger as a small disturbance added to the model can markedly reduce its performance.At the same time,current adversarial attack schemes are implemented on static graphs,and the variability of attack models prevents these schemes from transferring to dynamic graphs.In this paper,we use the diffused attack of node injection to attack the DGNNs,and first propose the node injection attack based on structural fragility against DGNNs,named Structural Fragility-based Dynamic Graph Node Injection Attack(SFIA).SFIA firstly determines the target time based on the period weight.Then,it introduces a structural fragile edge selection strategy to establish the target nodes set and link them with the malicious node using serial inject.Finally,an optimization function is designed to generate adversarial features for malicious nodes.Experiments on datasets from four different fields show that SFIA is significantly superior to many comparative approaches.When the graph is injected with 1%of the original total number of nodes through SFIA,the link prediction Recall and MRR of the target DGNN link decrease by 17.4%and 14.3%respectively,and the accuracy of node classification decreases by 8.7%.展开更多
This paper aims at analyzing the security issues that lie in the application layer (AL) protocols when users connect to the Internet via a wireless local area network (WLAN) through an access point. When adversaries l...This paper aims at analyzing the security issues that lie in the application layer (AL) protocols when users connect to the Internet via a wireless local area network (WLAN) through an access point. When adversaries launch deauthentication flood attacks cutting users' connection, the connection managers will automatically research the last access point's extended service set identifier (ESSID) and then re-establish connection. However, such re-connection can lead the users to a fake access point with the same ESSID set by attackers. As the attackers hide behind users' access points, they can pass AL's authentication and security schemes, e.g. secure socket layer (SSL). We have proved that they can even spy on users' account details, passwords, data and privacy.展开更多
For wired local area networks(LANs),their effectiveness and invulnerability are very critical.It is extraordinarily significant to evaluate the network performance effectively in the design of a reasonable network top...For wired local area networks(LANs),their effectiveness and invulnerability are very critical.It is extraordinarily significant to evaluate the network performance effectively in the design of a reasonable network topology and the performance improvement of the networks.However,there are many factors affecting the performance of the networks,and the relation among them is also complicated.How to evaluate the performance of the wired LANs more accurately has been a heavy challenge in the network research.In order to solve the problem,this paper presents a performance evaluation method that evaluates the effectiveness and invulnerability of the wired LANs.Compared to traditional statistical methods,it has the distinct advantage of being able to handle several dependent variables simultaneously and tolerates the measurement errors among these independent variables and dependent variables.Finally,the rationality and validity of this method are verified by the extensive experimental simulation.展开更多
A scheme of rogue access point(Rogue AP)detection based on AP's localization is proposed.Global position system(GPS)information and received signal strength(RSS)information are used to get the location of AP in a ...A scheme of rogue access point(Rogue AP)detection based on AP's localization is proposed.Global position system(GPS)information and received signal strength(RSS)information are used to get the location of AP in a smartphone,which is compared with the database located in a remote server.The proposed scheme can detect not only fake access point(Fake AP)but also Evil Twin AP.It can be a user-oriented solution to detecting Rogue AP threats,and users can use it flexibly.展开更多
设计了评价方法及指标体系,通过对真实城市场景中带有智能蓝牙设备行人移动行为的仿真,从传输能力、传输效率和节点能耗三个方面定量分析了志愿节点的作用以及在有或没有志愿节点参与情况下泛洪攻击的效果,以此来评价Direct Deliv-ery、...设计了评价方法及指标体系,通过对真实城市场景中带有智能蓝牙设备行人移动行为的仿真,从传输能力、传输效率和节点能耗三个方面定量分析了志愿节点的作用以及在有或没有志愿节点参与情况下泛洪攻击的效果,以此来评价Direct Deliv-ery、Epidemic、Spray and Wait、Prophet和MaxProp共五种机会网络典型路由算法在泛洪攻击下的健壮性。结果表明Direct De-livery算法健壮性最好,能完全抵御泛洪攻击,Spray and Wait算法的健壮性最差,在某些场景下性能会下降80%以上,其他三种算法在泛洪攻击下性能会显著下降。展开更多
基金Acknowledgements This paper was supported by the National Natural Science Foundation of China under Cant No. 61170219 the Natural Science Foundation Project of CQ CSTC under Grants No. 2009BB2278, No201 1jjA40028 the 2011 Talent Plan of Chongqing Higher Education.
文摘In this paper, an optimized rmlicious nodes detection algorithm, based on Weighted Confidence Filter (WCF), is proposed to protect sensor networks from attacks. In this algorithm, each cluster head in a cluster-based hierarchical network figures out an average confidence degree by means of messages from its child nodes. The cluster head only accepts a message from the child node whose confidence degree is higher than the average. Meanwhile, it updates the confidence degrees for each of its child nodes by comparing the aggregation value and the received messages, and regards them as the weight of exactness of messages from nodes. A sensor node is judged to be rmlicious if its weight value is lower than the predefined threshold. Comparative simulation results verify that the proposed WCF algorithm is better than the Weighted Trust Evaluation (WTE) in terms of the detection ratio and the false alarm ratio. More specifically, with the WCF, the detection ratio is significantly improved and the false alarm ratio is observably reduced, especially when the malicious node ratio is 0.25 or greater. When 40% of 100 sensors are malicious, the detection accuracy is above 90% and the false alarm ratio is nearly only 1.8%.
文摘ARP-based Distributed Denial of Service (DDoS) attacks due to ARP-storms can happen in local area networks where many computer systems are infected by worms such as Code Red or by DDoS agents. In ARP attack, the DDoS agents constantly send a barrage of ARP requests to the gateway, or to a victim computer within the same sub-network, and tie up the resource of attacked gateway or host. In this paper, we set to measure the impact of ARP-attack on resource exhaustion of computers in a local area network. Based on attack experiments, we measure the exhaustion of processing and memory resources of a victim computer and also other computers, which are located on the same network as the victim computer. Interestingly enough, it is observed that an ARP-attack not only exhausts resource of the victim computer but also significantly exhausts processing resource of other non-victim computers, which happen to be located on the same local area network as the victim computer.
文摘Clustering is the most significant task characterized in Wireless Sensor Networks (WSN) by data aggregation through each Cluster Head (CH). This leads to the reduction in the traffic cost. Due to the deployment of the WSN in the remote and hostile environments for the transmission of the sensitive information, the sensor nodes are more prone to the false data injection attacks. To overcome these existing issues and enhance the network security, this paper proposes a Secure Area based Clustering approach for data aggregation using Traffic Analysis (SAC-TA) in WSN. Here, the sensor network is clustered into small clusters, such that each cluster has a CH to manage and gather the information from the normal sensor nodes. The CH is selected based on the predefined time slot, cluster center, and highest residual energy. The gathered data are validated based on the traffic analysis and One-time Key Generation procedures to identify the malicious nodes on the route. It helps to provide a secure data gathering process with improved energy efficiency. The performance of the proposed approach is compared with the existing Secure Data Aggregation Technique (SDAT). The proposed SAC-TA yields lower average energy consumption rate, lower end-to-end delay, higher average residual energy, higher data aggregation accuracy and false data detection rate than the existing technique.
基金supported by the National Natural Science Foundation of China(NSFC)(62172377,61872205)the Shandong Provincial Natural Science Foundation,China(ZR2019MF018)the Startup Research Foundation for Distinguished Scholars(202112016).
文摘Dynamic graph neural networks(DGNNs)have demonstrated their extraordinary value in many practical applications.Nevertheless,the vulnerability of DNNs is a serious hidden danger as a small disturbance added to the model can markedly reduce its performance.At the same time,current adversarial attack schemes are implemented on static graphs,and the variability of attack models prevents these schemes from transferring to dynamic graphs.In this paper,we use the diffused attack of node injection to attack the DGNNs,and first propose the node injection attack based on structural fragility against DGNNs,named Structural Fragility-based Dynamic Graph Node Injection Attack(SFIA).SFIA firstly determines the target time based on the period weight.Then,it introduces a structural fragile edge selection strategy to establish the target nodes set and link them with the malicious node using serial inject.Finally,an optimization function is designed to generate adversarial features for malicious nodes.Experiments on datasets from four different fields show that SFIA is significantly superior to many comparative approaches.When the graph is injected with 1%of the original total number of nodes through SFIA,the link prediction Recall and MRR of the target DGNN link decrease by 17.4%and 14.3%respectively,and the accuracy of node classification decreases by 8.7%.
基金the National Science Council (No. NSC-99-2219-E-033-001)the Foundation of the Chung Yuan Christian University (1004) (No. CYCU-EECS.9801)
文摘This paper aims at analyzing the security issues that lie in the application layer (AL) protocols when users connect to the Internet via a wireless local area network (WLAN) through an access point. When adversaries launch deauthentication flood attacks cutting users' connection, the connection managers will automatically research the last access point's extended service set identifier (ESSID) and then re-establish connection. However, such re-connection can lead the users to a fake access point with the same ESSID set by attackers. As the attackers hide behind users' access points, they can pass AL's authentication and security schemes, e.g. secure socket layer (SSL). We have proved that they can even spy on users' account details, passwords, data and privacy.
基金supported by the National Natural Science Foundations of China (Nos.61572435,61472305, 61473222)the Ningbo Natural Science Foundations(Nos. 2016A610035,2017A610119)+1 种基金the Complex Electronic System Simulation Laboratory (No.DXZT-JC-ZZ-2015015)the Joint Fund of China State Shipbuilding Corporation(No.6141B03010103)
文摘For wired local area networks(LANs),their effectiveness and invulnerability are very critical.It is extraordinarily significant to evaluate the network performance effectively in the design of a reasonable network topology and the performance improvement of the networks.However,there are many factors affecting the performance of the networks,and the relation among them is also complicated.How to evaluate the performance of the wired LANs more accurately has been a heavy challenge in the network research.In order to solve the problem,this paper presents a performance evaluation method that evaluates the effectiveness and invulnerability of the wired LANs.Compared to traditional statistical methods,it has the distinct advantage of being able to handle several dependent variables simultaneously and tolerates the measurement errors among these independent variables and dependent variables.Finally,the rationality and validity of this method are verified by the extensive experimental simulation.
基金The KCC(Korea Communications Commission),Korea,under the R&D program supervised by the KCA(Korea Communications Agency)(KCA-2012-08-911-05-001)
文摘A scheme of rogue access point(Rogue AP)detection based on AP's localization is proposed.Global position system(GPS)information and received signal strength(RSS)information are used to get the location of AP in a smartphone,which is compared with the database located in a remote server.The proposed scheme can detect not only fake access point(Fake AP)but also Evil Twin AP.It can be a user-oriented solution to detecting Rogue AP threats,and users can use it flexibly.
文摘设计了评价方法及指标体系,通过对真实城市场景中带有智能蓝牙设备行人移动行为的仿真,从传输能力、传输效率和节点能耗三个方面定量分析了志愿节点的作用以及在有或没有志愿节点参与情况下泛洪攻击的效果,以此来评价Direct Deliv-ery、Epidemic、Spray and Wait、Prophet和MaxProp共五种机会网络典型路由算法在泛洪攻击下的健壮性。结果表明Direct De-livery算法健壮性最好,能完全抵御泛洪攻击,Spray and Wait算法的健壮性最差,在某些场景下性能会下降80%以上,其他三种算法在泛洪攻击下性能会显著下降。
