TY - JOUR
T1 - Packet integrity defense mechanism in OppNets
AU - Ahmad, Asma'a
AU - Doss, Robin
AU - Alajeely, Majeed
AU - Al Rubeaai, Sarab F.
AU - Ahmad, Dua'a
N1 - Funding Information:
A packet integrity defense mechanism in Oppnets was presented in this paper. As malicious nodes modify some or all the packets in the network, they were detected through direct experiences, or when meeting with the source and authenticating the packets with it. Reputation about legitimate and malicious nodes was spread in the network which helped nodes make the correct decisions when forwarding the message to nodes they came into contact with opportunistically. Results showed the success of the mechanism in achieving a high malicious node and path detection rates, and lowering the packet modification rate over time. Embedding the complete proposed mechanism into an OppNet routing protocol is ultimate and is our future goal to create a secure OppNet routing protocol. Asma'a Ahmad received the BSc in Internet Science and Technology from the University of Wollongong, UAE, in 2003, MSc in Information Technology from Swinburne University of Technology, Australia, in 2005, and MSc in Information Technology (Professional) from Deakin University, Australia, in 2013. She is currently a PhD candidate at Deakin University, Australia. Her research focuses on security in opportunistic networks routing protocols. Robin Doss received the BEng from the University of Madras, India, 1999, and the MEng and PhD degrees from the Royal Melbourne Institute of Technology (RMIT), Australia, in 2000 and 2004, respectively. He joined Deakin University, Melbourne, Australia, in 2003, and currently is the A/Head of School (Development and International). Since 2003, he has published more than 60 papers in refereed international journals, international conference proceedings and technical reports for industry and government. His current research interests are in the broad areas of communication systems, protocol design, wireless networks, security and privacy. He is a senior member of the IEEE. Majeed Alajeely received the BSc in Electrical Engineering from the University of Technology, Iraq, in 1996, MSc in Mobile Computing from the University of Bradford, UK, in 2006, and PhD in Security of Wireless Networks from Deakin University, Australia, in 2016. His research interest is in protocol design, wireless networks, security and privacy. Sarab F. Al Rubeaai received the BSc and MSc in Mathematics from the University of Baghdad in 1992 and 1997, respectively, MSc in Mathematics from the University of Western Ontario, Canada, in 2009, and PhD in Wireless Sensor Networks from the University of Windsor, Canada, in 2015. Her research interests are in wireless sensor networks, cryptography, number theory, image processing, resource allocation, and game theory applications. Dua'a Ahmad received the BEng with honors in Electronic and Communication Systems at the Australia National University, Canberra, Australia, in 2015. She is currently a PhD candidate at Deakin University, Australia.
Publisher Copyright:
© 2018 Elsevier Ltd
PY - 2018/5
Y1 - 2018/5
N2 - In an Opportunistic network, as data gets transferred from node to node, with the existence of malicious nodes in the network, it is possible that the data gets modified. To make sure that data remains in its original format, we propose a technique that allows nodes to authenticate packets as they receive them by constructing hash trees, also referred to as Merkle trees. Merkle trees are used to check and authenticate all the packets. As a result of this, direct trust is formed. Direct trust is updated based on the authenticity of the packets and the encounter rate with the node. As nodes come into contact with each other during the packet transmission period, they share feedback on how much they trust other nodes. This feedback, in addition to the formed direct trust with a node is used to derive a reputation value. The reputation value allows nodes to make the correct packet transmission decisions when meeting with nodes. Using an OppNet simulator that embeds OppNet protocols, we have tested the proposed reputation-based system. The results show the effectiveness of the reputation system as malicious nodes and modified packets are detected. As a result, the performance of the network improves, and with time, the packet modification rates decrease as malicious nodes are caught.
AB - In an Opportunistic network, as data gets transferred from node to node, with the existence of malicious nodes in the network, it is possible that the data gets modified. To make sure that data remains in its original format, we propose a technique that allows nodes to authenticate packets as they receive them by constructing hash trees, also referred to as Merkle trees. Merkle trees are used to check and authenticate all the packets. As a result of this, direct trust is formed. Direct trust is updated based on the authenticity of the packets and the encounter rate with the node. As nodes come into contact with each other during the packet transmission period, they share feedback on how much they trust other nodes. This feedback, in addition to the formed direct trust with a node is used to derive a reputation value. The reputation value allows nodes to make the correct packet transmission decisions when meeting with nodes. Using an OppNet simulator that embeds OppNet protocols, we have tested the proposed reputation-based system. The results show the effectiveness of the reputation system as malicious nodes and modified packets are detected. As a result, the performance of the network improves, and with time, the packet modification rates decrease as malicious nodes are caught.
KW - Opportunistic networks
KW - OppNets security
KW - Trust
KW - Reputation
KW - Packet integrity attack
KW - Modification
KW - Merkle tree
UR - http://www.scopus.com/inward/record.url?scp=85041419949&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2018.01.007
DO - 10.1016/j.cose.2018.01.007
M3 - Article
SN - 0167-4048
VL - 74
SP - 71
EP - 93
JO - Computers and Security
JF - Computers and Security
ER -