Fig 3 - uploaded by Karim Eldefrawy
Content may be subject to copyright.
Source publication
Mobile ad-hoc networks (MANETs) are particularly useful and well-suited for critical scenarios, including military, law enforcement as well as emergency rescue and disaster recovery. When operating in hostile or suspicious settings, MANETs require communication security and privacy, especially, in underlying routing protocols. This paper focuses on...
Citations
... The recipient of a signed communication can verify the authenticity of the signature from the specified group but cannot determine the specific individual within the group who applied the signature [41] [61]. Group signatures are commonly employed by researchers in the context of Mobile hoc networks (MANETs) [42] and Vehicular hoc networks (VANETs) [43][64] to ensure the privacy and anonymity of message senders during broadcasts within these networks. It is worth noting that MANETs and VANETs can serve as subsystems inside the Internet of Things (IoT). ...
... Anonymity direction-finding protocols in MANETs can be mainly classified into two categories. Hop-by-hop encryption: In hop-by-hop encryption steering, [3], [5] a packet is encrypted in the communication of two nodes direction, preventing adversaries from tampering or analyzing the packet contents to interrupt the communication or identify the two communicating nodes. The disadvantages of hopby-hop encryption methods are that they generate high cost due to the use of hop-by-hop public-key cryptography or complex symmetric key cryptography. ...
... In all existing work anonymity can be applied to different network models with various node movement patterns such as random way point model [9] and group mobility model [5]. Consider a MANET deployed in a large field where geographic routing is used for node communication in order to reduce the message latency. ...
... A malicious observer may also try to detect destination nodes through traffic analysis by launching an intersection attack. Therefore, the destination node [5] also needs the protection of secrecy. In this work, the attackers can be battery powered nodes that inactively receive network packets and detect activities in their area. ...
... In [4,5] detecting the Sybil attacks by using time-stamp series approach based on RSU support was presented. Two messages with same time-stamp series mean that they are Sybil messages sent by one vehicle. ...
VANETs are considered as sub-category from MANETs. They provide the vehicles with the ability of communication among each other to guarantee safety and provide services for drivers. VANETs have many network vulnerabilities like: Working on wireless media makes it vulnerable to many kinds of attacks and nodes can join or leave the network dynamically making change in its topology which affects communication links stability. In VANETs, each car works as a node and router, so if a malicious attacker joins the network, the attacker could send false messages to disrupt the network operation and that is why VANETs are vulnerable to many types of attacks. Denial of service, spoofing, ID disclosure, and Sybil attacks can be launched against VANETs. In this paper, we present cryptographic protocol for Sybil Attacks Prevention (Crypto-SAP) which is a new protocol. Crypto-SAP uses symmetric cryptography to defend VANETs against Sybil nodes. Simulations were done to investigate how Crypto-SAP protocol affects the network performance.
... This is mainly caused by VANET playing an increasingly important role in many infrastructure-less environments and applications.;-This is especially true, in critical settings, such as: vehicular and, emergency rescue, as well as military and law enforcement. Location information has recently become increasingly available through small and inexpensive global positioning system (GPS) receivers [3]. This has beenpartially prompted by the emerging trend to incorporate location-sensing into personal handheld and other wireless devices. ...
... A DoS attack against an online service provider can target a mobility resource such as (mobile) or a network resource such as the bandwidth of the victim's links or a combination of both. The effect of a DoS attack can range from a minor increase in the service response time to complete inaccessibility and at times it has financial implications on organizations heavily reliant on the availability of their services [3]. A recent report by amazon suggests that even a 100 delay in response time causes an approximately 1% drop in their overall sales. ...
Vehicular Ad-hoc Networks (VANET) has suffered from many risks in the past, like security privilege and mode of authentication by many attackers/hackers because they were trying to disturb the network and break communication services for their personal interest. The series of attacks that have broken the secured communication are network jammer, source sink attackand these attacks are called as denial of service (DoS) attacks. A novel model for prevention of DoS attacks in VANET is proposed and named as RBS protocol. The proposed model is based on the master chock filter concept for filtration of packets during busy traffic and other attacks. The protocol was also evaluated by the other two methods, which are blocking the source IP originator by the DoS attacks and checking the prevention of TCP/UDP flooding and IP sniffing attacks. The evaluation of the protocol was based on the mobility node's interaction and utilization of bandwidth. The experimental results were performed on the highway transportation condition. The RBS protocol results showed that the packet delivery ratio, throughput, time delayhas improved as compared to IP-trackback protocol.
... The receiver of a signed message can check whether it has a valid signature of that group but cannot discover which member of the group signed it [61]. Many researchers use group signatures for Mobile Ad-hoc NETworks (MANETs) [62] and Vehicular Ad-hoc NETworks (VANETs) [63] in order to assure privacy and anonymity of senders for broadcasts in MANETs and VANETs (which can be subsystems within IoT). Group signature schemes are not suitable for resourceconstrained devices because they use computationally expensive operations, such as exponentiation and bilinear pairing. ...
In this study, a solution called Policy Enforcement Fog Module (PEFM) is proposed for protecting sensitive IoT data. The primary task of the PEFM solution is mandatory enforcement of privacy policies for sensitive IoT data—whenever these data are accessed, throughout their entire lifecycle. The key feature of PEFM is its placement within the fog computing infrastructure, which assures that PEFM operates as closely as possible to data sources within the edge of the IoT network. PEFM enforces privacy policies directly for data accessed by local IoT applications, using components inherited from the eXtensible Access Control Markup Language (XACML) architecture. PEFM also assures enforcement of privacy policies for data accessed by remote IoT applications, using XACML and Active Data Bundles (ADBs) that can run on any visited host and enforce policies automatically for data accessed by these hosts.
... Current VANET geocasting algorithms are designed to ensure either privacy or reliability, but not both. Privacy-driven geocasting algorithms (El Defrawy and Tsudik, 2008;Festag et al., 2010) cannot ensure that the message will arrive to its destination. Conversely, algorithms which ensure message delivery (Basagni et al., 1998;Stojmenovic et al., 2006) have no privacy. ...
... To provide privacy, pseudonyms are used only during a certain period of time, and then promptly discarded, to avoid scenarios where an adversary could place a vehicle in different locations at different times and observe a connection or pattern. However, existing geocasting algorithms that focus on message privacy (El Defrawy and Tsudik, 2008;Festag et al., 2010) cannot ensure that the message will actually arrive to its destination, making them private but not reliable. ...
... A protocol which ensures privacy is PRISM (El Defrawy and Tsudik, 2008) which encrypts data using group keys and sends messages to a geographical area rather than a specific node. To enhance privacy, PRISM limits the number of nodes that take part in the routing process and establishes as few routing paths as possible. ...
... To preserve privacy PRISM [4] protocol suggested the use of Location bases routing along with Group signatures. It is an on-demand routing scheme. ...
Anonymous routing protocols are used in MANET's to hide the nodes from outsiders in order to protect from various attacks. HPAR partitions the network area dynamically into zones and chooses nodes in zones randomly as intermediate relay nodes .This relay nodes help in secure routing. In HPAR anonymity protection is given to source, destination and route. HPAR have low cost and provide high level of protection. It has techniques to counter various attacks.
... GS firstly introduced in 1991 by Chaum [46] have been investigated by many researchers who presented many schemes, for example, the scheme proposed by Boneh, Boyen and Shacham [47] , by Delerablée and Pointcheval [48] , the scheme proposed by Boyen and Waters [49] or Libert, Peters and Yung's scheme [50] . Many papers, for example, [51][52][53][54] , try to apply group signature schemes in Mobile Ad-hoc Networks (MANETs), Vehicular Ad hoc Networks (VANETs) and other broadcast communication systems where privacy and anonymity of senders are needed. These vehicular networks and ad hoc systems can be a subset of the IoT infrastructure. ...
The Internet of Things (IoT) brings together a large variety of devices of different platforms, computational capacities and functionalities. The network heterogeneity and the ubiquity of IoT devices introduce increased demands on both security and privacy protection. Therefore, the cryptographic mechanisms must be strong enough to meet these increased requirements but, at the same time, they must be efficient enough for the implementation on constrained devices. In this paper, we present a detailed assessment of the performance of the most used cryptographic algorithms on constrained devices that often appear in IoT networks. We evaluate the performance of symmetric primitives, such as block ciphers, hash functions, random number generators, asymmetric primitives, such as digital signature schemes, and privacy-enhancing schemes on various microcontrollers, smart-cards and mobile devices. Furthermore, we provide the analysis of the usability of upcoming schemes, such as the homomorphic encryption schemes, group signatures and attribute-based schemes.
... The proper management of Internet is a challenging task due to the mobility of nodes and their velocity as all devices work on open channels. These are very challenging security tasks since all of these characteristics markedly increase the possibility of threats and attacks [10]. There are three challenges for space efficient and detecting the attack traffic. ...
Link or router node failure in a network of Internet is a typical cause of traffic congestion due to the developed forwarding loop at the router. This failure has a significant impact on Internet performance, contributed from the inability of the affected router to find alternative link/route in fast manner and from the high probability of packet dropping during the attempt of rerouting. The existing Internet approach in handling this issue is to use TTL (time-to-live) of TCP/IP, by which a packet will be dropped whenever the TTL timer expires. However, this approach was found inefficient due to long convergence period. Hence, the effort now is to develop a faster rerouting mechanism, by reducing the possibility of forwarding loop incidents for any cases of link/node failures, whilst minimizing packet losses during the convergence period. This work proposes a novel detection method for possible forwarding loop incidents at a router with support of Bloom-filter. Bloom-filter is a probabilistic data structure that helps to ensure the availability of an item in a set, which never lead to false negative results, but may produce false positive results. With this Bloom-filter-based method, link's or node's failure information is attached at the packet header of a packet in a space-efficient manner and to accurately detect for possible incidents of forwarding loop when the packet is traversing through its route from source to destination. If the possibility can be more accurately detected, then packets losses can be minimized to very least during the convergence period and hence, fast and reliable routing shall be achieved. Through simulations, it was found that the proposed method of BF-k/2 has outperformed the other rerouting methods. It has not only efficiently used the limited space of the packet header, but also adaptively reducing the false positive probabilities for reliable routing.
... There are various anonymous routing protocol [5], [10], [11]. Existing protocols are mainly of two types' step-by-step encryption and superfluous traffic [6], [8]. All this generate a huge cost and offer with low protection. ...
... It fails to provide route protection. PRISM [6] uses a location-centric, instead of an identity centric, communication paradigm. Therefore, it does not assume any knowledge of long-term node identifiers or public keys. ...
