Academic & Scientific Articles

Permanent URI for this communityhttp://dl.cerist.dz/handle/CERIST/3

Browse

End date: 2016Subject: search.filters.subject.security

Search Results

Now showing 1 - 10 of 10
  • Thumbnail Image
    Item
    Metadata’s Protection in CKMS-As-A-Security Services
    (CERIST, 2014-02-20) Fehis, Saad; Nouali, Omar; Bentayeb, Sarah
    To ensure the confidentiality and integrity of data, it is necessary to use encryption techniques; the safety of these techniques is based on the pro- tection of keys and algorithms used by those techniques. Indeed, the estab- lishment of an encryption key management system (creation, storage, distribu- tion, etc...) is paramount. However, the safety of this type of system in the context of Cloud Computing is based on the protection of the data dictionary (metadata). The protection of this dictionary is a real challenge in a no-trust context. This paper describes the implementation of a protection technique for the Cryptographic Key Management System’s metadata, which provides handling (Consulting / Editing) data without offending the confidentiality and integrity of the dictionary.
  • Thumbnail Image
    Item
    Random Feedbacks for Selfish Nodes Detection in Mobile Ad Hoc Networks
    (Springer, 2005-10) Djenouri, Djamel; Ouali, Nabil; Mahmoudi, Ahmed; Badache, Nadjib
    A mobile ad hoc network (MANET) is a temporary infrastructureless network, formed by a set of mobile hosts that dynamically establish their own network on the fly without relying on any central administration. Mobile hosts used in MANET have to ensure the services ensured by the powerful fixed infrastructure in traditional networks, the packet forwarding is one of these services. Resource limitation of MANET’s nodes, particulary in energy supply, along with the multi-hop nature of these networks may cause a new problem that does not exist in traditional networks. To save its energy a node may behave selfishly(no-cooperatively), thus it misbehaves by not forwarding packets originated from other nodes, while using their resources to forward its own packets to remote recipients. Such a behavior hugely threatens the QoS (Quality of Service), and particulary the packet forwarding service availability. Some solutions for selfish nodes detection have been recently proposed, but almost all these solutions rely on the monitoring in the promiscuous mode technique of the watchdog [1], which suffers from many problems especially when using the power control technique. In this paper we propose a new approach to detect selfish nodes unwilling to participate in packet forwarding, that mitigates some watchdog’s problems. We also assess the performance of our solution by simulation.
  • Thumbnail Image
    Item
    SEIF: Secure and Efficient Intrusion-Fault Tolerant Routing Protocol for Wireless Sensor Networks
    (IEEE, 2008-03) Ouadjaout, Abdelraouf; Challal, Yacine; Lasla, Noureddine; Bagaa, Miloud
    In wireless sensor networks, reliability represents a design goal of a primary concern. To build a comprehensive reliable system, it is essential to consider node failures and intruder attacks as unavoidable phenomena. In this paper, we present a new intrusion-fault tolerant routing scheme offering a high level of reliability through a secure multi-path communication topology. Unlike existing intrusion-fault tolerant solutions, our protocol is based on a distributed and in-network verification scheme, which does not require any referring to the base station. Furthermore, it employs a new multi-path selection scheme seeking to enhance the tolerance of the network and conserve the energy of sensors. Extensive simulations with Tiny OS showed that our approach improves the overall Mean Time To Failure (MTTF) while conserving the energy resources of sensors.
  • Thumbnail Image
    Item
    Secure and efficient disjoint multipath construction for fault tolerant routing in wireless sensor networks
    (Elsevier, 2011-07) Challal, Yacine; Ouadjaout, Abdelraouf; Lasla, Noureddine; Bagaa, Miloud; Abdelkarim, Hadjidj
    In wireless sensor networks, reliability is a design goal of a primary concern. To build a comprehensive reliable system, it is essential to consider node failures and intruder attacks as unavoidable phenomena. In this paper, we present a new intrusion-fault tolerant routing scheme offering a high level of reliability through a secure multipath routing construction. Unlike existing intrusion-fault tolerant solutions, our protocol is based on a distributed and in-network verification scheme, which does not require any referring to the base station. Furthermore, it employs a new multipath selection scheme seeking to enhance the tolerance of the network and conserve the energy of sensors. Extensive analysis and simulations using TinyOS showed that our approach improves many important performance metrics such as: the mean time to failure of the network, detection overhead of some security attacks, energy consumption, and resilience.
  • Thumbnail Image
    Item
    Cross-Layer Approach to Detect Data Packet Droppers in Mobile Ad-Hoc Networks
    (Springer, 2006-09) Djenouri, Djamel; Badache, Nadjib
    Mobile ad hoc networks (MANETs) are dynamic infrastructureless networks whose routing protocols are fully based on node cooperation, and where each mobile node relies on other intermediate mobile nodes to send packets towards remote ones. Being anxious about its battery shortage, a node participating in the network and using the forwarding service provided by other nodes might behave selfishly and drop packets originated from others. Such a behavior hugely threatens the QoS (Quality of Service), and particulary the packet forwarding service availability. Another motivation to drop data packets is to launch a DoS (Denial of Service) attack. To do so, a node participates in the routing protocol and includes itself in routes then simply drops data packet it receives to forward. We propose in this paper a novel cross-layer based approach to detect data packet droppers, that we optimize and decrease its overhead. Contrary to all the current detective solutions, ours is applicable regardless of the power control technique employment.
  • Thumbnail Image
    Item
    Testimony-Based Isolation: New Approach to Overcome packet Dropping Attacks in MANET
    (John Moors University, 2006-06) Djenouri, Djamel; Badache, Nadjib
    Attackers could take advantage of the cooperative nature of MANET’s routing protocols, by participating in the route discovery procedure to include themselves in routes, then simply drop data packets during the forwarding phase, aiming at a DoS (Denial of Service) attack. In this paper we deal with the detection and isolation of such malicious nodes. We first propose a monitoring technique different from the promiscuous overhearing (watchdog) used by almost all the current solutions, that overcomes many watchdog’s shortcomes. After that we propose a testimony-based isolation protocols basing on our monitoring technique.
  • Thumbnail Image
    Item
    On Securing MANET Routing Protocol Against Control Packet Dropping
    (IEEE Computer Society, 2007-07) Djenouri, Djamel; Mahmoudi, Othmane; Bouamama, Mohamed; Liewellyn-Jones, David; Merabti, Madjid
    In this manuscript we deal with securing routing protocols of mobile ad hoc networks (MANETs) against packet dropping misbehavior. More specifically, we propose a solution to protect control packets of reactive source routing protocols against. Most current proposals focus on data packets. Nonetheless, dropping control packets may be beneficial for selfish nodes and malicious ones as well. For example, simply by dropping RREQ (Route Request) packets a selfish node could exclude itself from routes and thereby avoid receiving data packets to forward. Similarly, a malicious could drop RERR (Route Error) packets to keep the use of failed routes, potentially resulting in a denial of service. Our solution could be intergraded with any source routing protocol. For the implementation in this work, we have chosen one of the most secure protocols, namely ENDAIRA. We assess our solution by an extensive simulation study.
  • Thumbnail Image
    Item
    On Detecting Packets Droppers in MANET: A Novel Low Cost Approach
    (IEEE Computer Society, 2007-08) Djenouri, Djamel; Fahad, Tarek; Askwith, Robert
    One of the commonest threats that mobile ad hoc networks are vulnerable to is data packet dropping, which is caused either by malicious or selfish nodes. Most of the existing solutions to solve such misbehaviour rely on the watchdog technique, which suffers from many drawbacks, particularly when using the power control technique. To overcome this problem with a moderate communication overhead, this paper introduces a new approach for detecting misbehaving nodes that drop data packets in MANET. It consists of two stages the monitoring stage in which each node monitors its direct neighbours with respect to forwarding data packets of a traffic session in the network, and the decision stage, in which direct neighbouring nodes decide whether the monitored node misbehave or not. Our new approach is able to detect the misbehaviour in case of power control employment, with a low communication overhead compared to the existing approaches.
  • Thumbnail Image
    Item
    Security Issues of Mobile Ad hoc and Sensor Networks
    (IEEE Communications Society, 2005-12) Djenouri, Djamel; Khelladi, Lyes; Badache, Nadjib
    Security in mobile ad hoc networks is difficult to achieve, notably because of the vulnerability of wireless links, the limited physical protection of nodes, the dynamically changing topology, the absence of a certification authority, and the lack of a centralized monitoring or management point. Earlier studies on mobile ad hoc networks (MANETs) aimed at proposing protocols for some fundamental problems, such as routing, and tried to cope with the challenges imposed by the new environment. These protocols, however, fully trust all nodes and do not consider the security aspect. They are consequently vulnerable to attacks and misbehavior. More recent studies focused on security problems in MANETs, and proposed mechanisms to secure protocols and applications. This article surveys these studies. It presents and discusses several security problems along with the currently proposed solutions (as of July 2005) at different network layers of MANETs. Security issues involved in this article include routing and data forwarding, medium access, key management and intrusion detection systems (IDSs). This survey also includes an overview of security in a particular type of MANET, namely, wireless sensor networks (WSNs).
  • Thumbnail Image
    Item
    Struggling against selfishness and black hole attacks in MANETs
    (John Wiley & Sons, 2008-08) Djenouri, Djamel; Badache, Nadjib
    Since mobile ad hoc networks (MANETs) are infrastructureless and multi-hop by nature, transmitting packets from any node to another usually relies on services provided by intermediate nodes. This reliance introduces a new vulnerability; one node could launch a Black Hole DoS attack by participating in the routing protocol and including itself in routes, then simply dropping packets it receives to forward. Another motivation for dropping packets in self-organized MANETs is resource preservation. Some solutions for detecting and isolating packet droppers have been recently proposed, but almost all of them employ the promiscuous mode monitoring approach (watchdog (WD)) which suffers from many problems, especially when employing the power control technique. In this paper we propose a novel monitoring approach that overcomes some WD's shortcomings, and improves the efficiency in detection. To overcome false detections due to nodes mobility and channel conditions we propose a Bayesian technique for the judgment, allowing node redemption before judgment. Finally, we suggest a social-based approach for the detection approval and isolation of guilty nodes. We analyze our solution and asses its performance by simulation. The results illustrate a large improvement of our monitoring solution in detection versus the WD, and an efficiency through our judgment and isolation techniques as well