Multi-Layer Approach for the Detection of Selective Forwarding Attacks

PubMed Central

Alajmi, Naser; Elleithy, Khaled

2015-01-01

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable. PMID:26610499

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

PubMed

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

2015-01-01

A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks).

Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

PubMed Central

Nam, Junghyun; Choo, Kim-Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

2015-01-01

A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks). PMID:25849359

Phase-Space Detection of Cyber Events

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hernandez Jimenez, Jarilyn M; Ferber, Aaron E; Prowell, Stacy J

Energy Delivery Systems (EDS) are a network of processes that produce, transfer and distribute energy. EDS are increasingly dependent on networked computing assets, as are many Industrial Control Systems. Consequently, cyber-attacks pose a real and pertinent threat, as evidenced by Stuxnet, Shamoon and Dragonfly. Hence, there is a critical need for novel methods to detect, prevent, and mitigate effects of such attacks. To detect cyber-attacks in EDS, we developed a framework for gathering and analyzing timing data that involves establishing a baseline execution profile and then capturing the effect of perturbations in the state from injecting various malware. The datamore » analysis was based on nonlinear dynamics and graph theory to improve detection of anomalous events in cyber applications. The goal was the extraction of changing dynamics or anomalous activity in the underlying computer system. Takens' theorem in nonlinear dynamics allows reconstruction of topologically invariant, time-delay-embedding states from the computer data in a sufficiently high-dimensional space. The resultant dynamical states were nodes, and the state-to-state transitions were links in a mathematical graph. Alternatively, sequential tabulation of executing instructions provides the nodes with corresponding instruction-to-instruction links. Graph theorems guarantee graph-invariant measures to quantify the dynamical changes in the running applications. Results showed a successful detection of cyber events.« less

A robust trust establishment scheme for wireless sensor networks.

PubMed

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2015-03-23

Security techniques like cryptography and authentication can fail to protect a network once a node is compromised. Hence, trust establishment continuously monitors and evaluates node behavior to detect malicious and compromised nodes. However, just like other security schemes, trust establishment is also vulnerable to attack. Moreover, malicious nodes might misbehave intelligently to trick trust establishment schemes. Unfortunately, attack-resistance and robustness issues with trust establishment schemes have not received much attention from the research community. Considering the vulnerability of trust establishment to different attacks and the unique features of sensor nodes in wireless sensor networks, we propose a lightweight and robust trust establishment scheme. The proposed trust scheme is lightweight thanks to a simple trust estimation method. The comprehensiveness and flexibility of the proposed trust estimation scheme make it robust against different types of attack and misbehavior. Performance evaluation under different types of misbehavior and on-off attacks shows that the detection rate of the proposed trust mechanism is higher and more stable compared to other trust mechanisms.

Simulation of Attacks for Security in Wireless Sensor Network.

PubMed

Diaz, Alvaro; Sanchez, Pablo

2016-11-18

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

Novel Duplicate Address Detection with Hash Function

PubMed Central

Song, GuangJia; Ji, ZhenZhou

2016-01-01

Duplicate address detection (DAD) is an important component of the address resolution protocol (ARP) and the neighbor discovery protocol (NDP). DAD determines whether an IP address is in conflict with other nodes. In traditional DAD, the target address to be detected is broadcast through the network, which provides convenience for malicious nodes to attack. A malicious node can send a spoofing reply to prevent the address configuration of a normal node, and thus, a denial-of-service attack is launched. This study proposes a hash method to hide the target address in DAD, which prevents an attack node from launching destination attacks. If the address of a normal node is identical to the detection address, then its hash value should be the same as the “Hash_64” field in the neighboring solicitation message. Consequently, DAD can be successfully completed. This process is called DAD-h. Simulation results indicate that address configuration using DAD-h has a considerably higher success rate when under attack compared with traditional DAD. Comparative analysis shows that DAD-h does not require third-party devices and considerable computing resources; it also provides a lightweight security resolution. PMID:26991901

Detecting unknown attacks in wireless sensor networks that contain mobile nodes.

PubMed

Banković, Zorana; Fraga, David; Moya, José M; Vallejo, Juan Carlos

2012-01-01

As wireless sensor networks are usually deployed in unattended areas, security policies cannot be updated in a timely fashion upon identification of new attacks. This gives enough time for attackers to cause significant damage. Thus, it is of great importance to provide protection from unknown attacks. However, existing solutions are mostly concentrated on known attacks. On the other hand, mobility can make the sensor network more resilient to failures, reactive to events, and able to support disparate missions with a common set of sensors, yet the problem of security becomes more complicated. In order to address the issue of security in networks with mobile nodes, we propose a machine learning solution for anomaly detection along with the feature extraction process that tries to detect temporal and spatial inconsistencies in the sequences of sensed values and the routing paths used to forward these values to the base station. We also propose a special way to treat mobile nodes, which is the main novelty of this work. The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques. These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion. The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.

Minimizing Expected Maximum Risk from Cyber-Attacks with Probabilistic Attack Success

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bhuiyan, Tanveer H.; Nandi, Apurba; Medal, Hugh

The goal of our work is to enhance network security by generating partial cut-sets, which are a subset of edges that remove paths from initially vulnerable nodes (initial security conditions) to goal nodes (critical assets), on an attack graph given costs for cutting an edge and a limited overall budget.

DMP: Detouring Using Multiple Paths against Jamming Attack for Ubiquitous Networking System

PubMed Central

Kim, Mihui; Chae, Kijoon

2010-01-01

To successfully realize the ubiquitous network environment including home automation or industrial control systems, it is important to be able to resist a jamming attack. This has recently been considered as an extremely threatening attack because it can collapse the entire network, despite the existence of basic security protocols such as encryption and authentication. In this paper, we present a method of jamming attack tolerant routing using multiple paths based on zones. The proposed scheme divides the network into zones, and manages the candidate forward nodes of neighbor zones. After detecting an attack, detour nodes decide zones for rerouting, and detour packets destined for victim nodes through forward nodes in the decided zones. Simulation results show that our scheme increases the PDR (Packet Delivery Ratio) and decreases the delay significantly in comparison with rerouting by a general routing protocol on sensor networks, AODV (Ad hoc On Demand Distance Vector), and a conventional JAM (Jammed Area Mapping) service with one reroute. PMID:22319316

DMP: detouring using multiple paths against jamming attack for ubiquitous networking system.

PubMed

Kim, Mihui; Chae, Kijoon

2010-01-01

To successfully realize the ubiquitous network environment including home automation or industrial control systems, it is important to be able to resist a jamming attack. This has recently been considered as an extremely threatening attack because it can collapse the entire network, despite the existence of basic security protocols such as encryption and authentication. In this paper, we present a method of jamming attack tolerant routing using multiple paths based on zones. The proposed scheme divides the network into zones, and manages the candidate forward nodes of neighbor zones. After detecting an attack, detour nodes decide zones for rerouting, and detour packets destined for victim nodes through forward nodes in the decided zones. Simulation results show that our scheme increases the PDR (Packet Delivery Ratio) and decreases the delay significantly in comparison with rerouting by a general routing protocol on sensor networks, AODV (Ad hoc On Demand Distance Vector), and a conventional JAM (Jammed Area Mapping) service with one reroute.

Sleep Deprivation Attack Detection in Wireless Sensor Network

NASA Astrophysics Data System (ADS)

Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata

2012-02-01

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.

Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

NASA Astrophysics Data System (ADS)

Hortos, William S.

2007-09-01

A wireless ad hoc sensor network is a configuration for area surveillance that affords rapid, flexible deployment in arbitrary threat environments. There is no infrastructure support and sensor nodes communicate with each other only when they are in transmission range. The nodes are severely resource-constrained, with limited processing, memory and power capacities and must operate cooperatively to fulfill a common mission in typically unattended modes. In a wireless sensor network (WSN), each sensor at a node can observe locally some underlying physical phenomenon and sends a quantized version of the observation to sink (destination) nodes via wireless links. Since the wireless medium can be easily eavesdropped, links can be compromised by intrusion attacks from nodes that may mount denial-of-service attacks or insert spurious information into routing packets, leading to routing loops, long timeouts, impersonation, and node exhaustion. A cross-layer design based on protocol-layer interactions is proposed for detection and identification of various intrusion attacks on WSN operation. A feature set is formed from selected cross-layer parameters of the WSN protocol to detect and identify security threats due to intrusion attacks. A separate protocol is not constructed from the cross-layer design; instead, security attributes and quantified trust levels at and among nodes established during data exchanges complement customary WSN metrics of energy usage, reliability, route availability, and end-to-end quality-of-service (QoS) provisioning. Statistical pattern recognition algorithms are applied that use observed feature-set patterns observed during network operations, viewed as security audit logs. These algorithms provide the "best" network global performance in the presence of various intrusion attacks. A set of mobile (software) agents distributed at the nodes implement the algorithms, by moving among the layers involved in the network response at each active node and trust neighborhood, collecting parametric information and executing assigned decision tasks. The communications overhead due to security mechanisms and the latency in network response are thus minimized by reducing the need to move large amounts of audit data through resource-limited nodes and by locating detection/identification programs closer to audit data. If network partitioning occurs due to uncoordinated node exhaustion, data compromise or other effects of the attacks, the mobile agents can continue to operate, thereby increasing fault tolerance in the network response to intrusions. Since the mobile agents behave like an ant colony in securing the WSN, published ant colony optimization (ACO) routines and other evolutionary algorithms are adapted to protect network security, using data at and through nodes to create audit records to detect and respond to denial-of-service attacks. Performance evaluations of algorithms are performed by simulation of a few intrusion attacks, such as black hole, flooding, Sybil and others, to validate the ability of the cross-layer algorithms to enable WSNs to survive the attacks. Results are compared for the different algorithms.

Analyzing the Effectiveness of the Self-organized Public-Key Management System on MANETs under the Lack of Cooperation and the Impersonation Attacks

NASA Astrophysics Data System (ADS)

da Silva, Eduardo; Dos Santos, Aldri Luiz; Lima, Michele N.; Albini, Luiz Carlos Pessoa

Among the key management schemes for MANETs, the Self-Organized Public-Key Management System (PGP-Like) is the main chaining-based key management scheme. It is fully self-organized and does not require any certificate authority. Two kinds of misbehavior attacks are considered to be great threats to PGP-Like: lack of cooperation and impersonation attacks. This work quantifies the impact of such attacks on the PGP-Like. Simulation results show that PGP-Like was able to maintain its effectiveness when submitted to the lack of cooperation attack, contradicting previously theoretical results. It correctly works even in the presence of more than 60% of misbehaving nodes, although the convergence time is affected with only 20% of misbehaving nodes. On the other hand, PGP-Like is completely vulnerable to the impersonation attack. Its functionality is affected with just 5% of misbehaving nodes, confirming previously theoretical results.

SQTrust: Social and QoS Trust Management and Its Application to Mission-Oriented Mobile Groups

DTIC Science & Technology

2012-08-15

ground truth status over a wide range of operational and environment conditions with high resiliency to malicious attacks and misbehaving nodes...attacks and misbehaving nodes. Furthermore, using mission-oriented mobile groups as an application, we identify the best trust formation model under...describe dy- namic behaviors of nodes in MANETs in the presence of misbehaving nodes with the objective to validate subjective trust evaluation with

Stability and Topology of Scale-Free Networks under Attack and Defense Strategies

NASA Astrophysics Data System (ADS)

Gallos, Lazaros K.; Cohen, Reuven; Argyrakis, Panos; Bunde, Armin; Havlin, Shlomo

2005-05-01

We study tolerance and topology of random scale-free networks under attack and defense strategies that depend on the degree k of the nodes. This situation occurs, for example, when the robustness of a node depends on its degree or in an intentional attack with insufficient knowledge of the network. We determine, for all strategies, the critical fraction pc of nodes that must be removed for disintegrating the network. We find that, for an intentional attack, little knowledge of the well-connected sites is sufficient to strongly reduce pc. At criticality, the topology of the network depends on the removal strategy, implying that different strategies may lead to different kinds of percolation transitions.

Robustness of network of networks under targeted attack.

PubMed

Dong, Gaogao; Gao, Jianxi; Du, Ruijin; Tian, Lixin; Stanley, H Eugene; Havlin, Shlomo

2013-05-01

The robustness of a network of networks (NON) under random attack has been studied recently [Gao et al., Phys. Rev. Lett. 107, 195701 (2011)]. Understanding how robust a NON is to targeted attacks is a major challenge when designing resilient infrastructures. We address here the question how the robustness of a NON is affected by targeted attack on high- or low-degree nodes. We introduce a targeted attack probability function that is dependent upon node degree and study the robustness of two types of NON under targeted attack: (i) a tree of n fully interdependent Erdős-Rényi or scale-free networks and (ii) a starlike network of n partially interdependent Erdős-Rényi networks. For any tree of n fully interdependent Erdős-Rényi networks and scale-free networks under targeted attack, we find that the network becomes significantly more vulnerable when nodes of higher degree have higher probability to fail. When the probability that a node will fail is proportional to its degree, for a NON composed of Erdős-Rényi networks we find analytical solutions for the mutual giant component P(∞) as a function of p, where 1-p is the initial fraction of failed nodes in each network. We also find analytical solutions for the critical fraction p(c), which causes the fragmentation of the n interdependent networks, and for the minimum average degree k[over ¯](min) below which the NON will collapse even if only a single node fails. For a starlike NON of n partially interdependent Erdős-Rényi networks under targeted attack, we find the critical coupling strength q(c) for different n. When q>q(c), the attacked system undergoes an abrupt first order type transition. When q≤q(c), the system displays a smooth second order percolation transition. We also evaluate how the central network becomes more vulnerable as the number of networks with the same coupling strength q increases. The limit of q=0 represents no dependency, and the results are consistent with the classical percolation theory of a single network under targeted attack.

IDMA: improving the defense against malicious attack for mobile ad hoc networks based on ARIP protocol

NASA Astrophysics Data System (ADS)

Peng, Chaorong; Chen, Chang Wen

2008-04-01

Malicious nodes are mounting increasingly sophisticated attacking operations on the Mobile Ad Hoc Networks (MANETs). This is mainly because the IP-based MANETs are vulnerable to attacks by various malicious nodes. However, the defense against malicious attack can be improved when a new layer of network architecture can be developed to separate true IP address from disclosing to the malicious nodes. In this paper, we propose a new algorithm to improve the defense against malicious attack (IDMA) that is based on a recently developed Assignment Router Identify Protocol (ARIP) for the clustering-based MANET management. In the ARIP protocol, we design the ARIP architecture based on the new Identity instead of the vulnerable IP addresses to provide the required security that is embedded seamlessly into the overall network architecture. We make full use of ARIP's special property to monitor gateway forward packets by Reply Request Route Packets (RREP) without additional intrusion detection layer. We name this new algorithm IDMA because of its inherent capability to improve the defense against malicious attacks. Through IDMA, a watching algorithm can be established so as to counterattack the malicious node in the routing path when it unusually drops up packets. We provide analysis examples for IDMA for the defense against a malicious node that disrupts the route discovery by impersonating the destination, or by responding with state of corrupted routing information, or by disseminating forged control traffic. The IDMA algorithm is able to counterattack the malicious node in the cases when the node lunch DoS attack by broadcast a large number of route requests, or make Target traffic congestion by delivering huge mount of data; or spoof the IP addresses and send forge packets with a fake ID to the same Target causing traffic congestion at that destination. We have implemented IDMA algorism using the GloMoSim simulator and have demonstrated its performance under a variety of operational conditions.

PHACK: An Efficient Scheme for Selective Forwarding Attack Detection in WSNs.

PubMed

Liu, Anfeng; Dong, Mianxiong; Ota, Kaoru; Long, Jun

2015-12-09

In this paper, a Per-Hop Acknowledgement (PHACK)-based scheme is proposed for each packet transmission to detect selective forwarding attacks. In our scheme, the sink and each node along the forwarding path generate an acknowledgement (ACK) message for each received packet to confirm the normal packet transmission. The scheme, in which each ACK is returned to the source node along a different routing path, can significantly increase the resilience against attacks because it prevents an attacker from compromising nodes in the return routing path, which can otherwise interrupt the return of nodes' ACK packets. For this case, the PHACK scheme also has better potential to detect abnormal packet loss and identify suspect nodes as well as better resilience against attacks. Another pivotal issue is the network lifetime of the PHACK scheme, as it generates more acknowledgements than previous ACK-based schemes. We demonstrate that the network lifetime of the PHACK scheme is not lower than that of other ACK-based schemes because the scheme just increases the energy consumption in non-hotspot areas and does not increase the energy consumption in hotspot areas. Moreover, the PHACK scheme greatly simplifies the protocol and is easy to implement. Both theoretical and simulation results are given to demonstrate the effectiveness of the proposed scheme in terms of high detection probability and the ability to identify suspect nodes.

Sequential defense against random and intentional attacks in complex networks.

PubMed

Chen, Pin-Yu; Cheng, Shin-Ming

2015-02-01

Network robustness against attacks is one of the most fundamental researches in network science as it is closely associated with the reliability and functionality of various networking paradigms. However, despite the study on intrinsic topological vulnerabilities to node removals, little is known on the network robustness when network defense mechanisms are implemented, especially for networked engineering systems equipped with detection capabilities. In this paper, a sequential defense mechanism is first proposed in complex networks for attack inference and vulnerability assessment, where the data fusion center sequentially infers the presence of an attack based on the binary attack status reported from the nodes in the network. The network robustness is evaluated in terms of the ability to identify the attack prior to network disruption under two major attack schemes, i.e., random and intentional attacks. We provide a parametric plug-in model for performance evaluation on the proposed mechanism and validate its effectiveness and reliability via canonical complex network models and real-world large-scale network topology. The results show that the sequential defense mechanism greatly improves the network robustness and mitigates the possibility of network disruption by acquiring limited attack status information from a small subset of nodes in the network.

Some scale-free networks could be robust under selective node attacks

NASA Astrophysics Data System (ADS)

Zheng, Bojin; Huang, Dan; Li, Deyi; Chen, Guisheng; Lan, Wenfei

2011-04-01

It is a mainstream idea that scale-free network would be fragile under the selective attacks. Internet is a typical scale-free network in the real world, but it never collapses under the selective attacks of computer viruses and hackers. This phenomenon is different from the deduction of the idea above because this idea assumes the same cost to delete an arbitrary node. Hence this paper discusses the behaviors of the scale-free network under the selective node attack with different cost. Through the experiments on five complex networks, we show that the scale-free network is possibly robust under the selective node attacks; furthermore, the more compact the network is, and the larger the average degree is, then the more robust the network is; with the same average degrees, the more compact the network is, the more robust the network is. This result would enrich the theory of the invulnerability of the network, and can be used to build robust social, technological and biological networks, and also has the potential to find the target of drugs.

A Game-Theoretic Response Strategy for Coordinator Attack in Wireless Sensor Networks

PubMed Central

Liu, Jianhua; Yue, Guangxue; Shang, Huiliang; Li, Hongjie

2014-01-01

The coordinator is a specific node that controls the whole network and has a significant impact on the performance in cooperative multihop ZigBee wireless sensor networks (ZWSNs). However, the malicious node attacks coordinator nodes in an effort to waste the resources and disrupt the operation of the network. Attacking leads to a failure of one round of communication between the source nodes and destination nodes. Coordinator selection is a technique that can considerably defend against attack and reduce the data delivery delay, and increase network performance of cooperative communications. In this paper, we propose an adaptive coordinator selection algorithm using game and fuzzy logic aiming at both minimizing the average number of hops and maximizing network lifetime. The proposed game model consists of two interrelated formulations: a stochastic game for dynamic defense and a best response policy using evolutionary game formulation for coordinator selection. The stable equilibrium best policy to response defense is obtained from this game model. It is shown that the proposed scheme can improve reliability and save energy during the network lifetime with respect to security. PMID:25105171

A game-theoretic response strategy for coordinator attack in wireless sensor networks.

PubMed

Liu, Jianhua; Yue, Guangxue; Shen, Shigen; Shang, Huiliang; Li, Hongjie

2014-01-01

The coordinator is a specific node that controls the whole network and has a significant impact on the performance in cooperative multihop ZigBee wireless sensor networks (ZWSNs). However, the malicious node attacks coordinator nodes in an effort to waste the resources and disrupt the operation of the network. Attacking leads to a failure of one round of communication between the source nodes and destination nodes. Coordinator selection is a technique that can considerably defend against attack and reduce the data delivery delay, and increase network performance of cooperative communications. In this paper, we propose an adaptive coordinator selection algorithm using game and fuzzy logic aiming at both minimizing the average number of hops and maximizing network lifetime. The proposed game model consists of two interrelated formulations: a stochastic game for dynamic defense and a best response policy using evolutionary game formulation for coordinator selection. The stable equilibrium best policy to response defense is obtained from this game model. It is shown that the proposed scheme can improve reliability and save energy during the network lifetime with respect to security.

VoIP attacks detection engine based on neural network

NASA Astrophysics Data System (ADS)

Safarik, Jakub; Slachta, Jiri

2015-05-01

The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.

SDN-based path hopping communication against eavesdropping attack

NASA Astrophysics Data System (ADS)

Zhang, Chuanhao; Bu, Youjun; Zhao, Zheng

2016-10-01

Network eavesdropping is one of the most popular means used by cyber attackers, which has been a severe threat to network communication security. Adversaries could capture and analyze network communication data from network nodes or links, monitor network status and steal sensitive data such as username and password etc. Traditional network usually uses static network configuration, and existing defense methods, including firewall, IDS, IPS etc., cannot prevent eavesdropping, which has no distinguishing characteristic. Network eavesdropping become silent during most of the time of the attacking process, which is why it is difficult to discover and to defend. But A successful eavesdropping attack also has its' precondition, which is the target path should be relatively stable and has enough time of duration. So, In order to resolve this problem, it has to work on the network architecture. In this paper, a path hopping communication(PHC) mechanism based on Software Define Network (SDN) was proposed to solve this problem. In PHC, Ends in communication packets as well as the routing paths were changed dynamically. Therefore, the traffic would be distributed to multiple flows and transmitted along different paths. so that Network eavesdropping attack could be prevented effectively. It was concluded that PHC was able to increase the overhead of Network eavesdropping, as well as the difficulty of communication data recovery.

Percolation of localized attack on complex networks

NASA Astrophysics Data System (ADS)

Shao, Shuai; Huang, Xuqing; Stanley, H. Eugene; Havlin, Shlomo

2015-02-01

The robustness of complex networks against node failure and malicious attack has been of interest for decades, while most of the research has focused on random attack or hub-targeted attack. In many real-world scenarios, however, attacks are neither random nor hub-targeted, but localized, where a group of neighboring nodes in a network are attacked and fail. In this paper we develop a percolation framework to analytically and numerically study the robustness of complex networks against such localized attack. In particular, we investigate this robustness in Erdős-Rényi networks, random-regular networks, and scale-free networks. Our results provide insight into how to better protect networks, enhance cybersecurity, and facilitate the design of more robust infrastructures.

Network Robustness: the whole story

NASA Astrophysics Data System (ADS)

Longjas, A.; Tejedor, A.; Zaliapin, I. V.; Ambroj, S.; Foufoula-Georgiou, E.

2014-12-01

A multitude of actual processes operating on hydrological networks may exhibit binary outcomes such as clean streams in a river network that may become contaminated. These binary outcomes can be modeled by node removal processes (attacks) acting in a network. Network robustness against attacks has been widely studied in fields as diverse as the Internet, power grids and human societies. However, the current definition of robustness is only accounting for the connectivity of the nodes unaffected by the attack. Here, we put forward the idea that the connectivity of the affected nodes can play a crucial role in proper evaluation of the overall network robustness and its future recovery from the attack. Specifically, we propose a dual perspective approach wherein at any instant in the network evolution under attack, two distinct networks are defined: (i) the Active Network (AN) composed of the unaffected nodes and (ii) the Idle Network (IN) composed of the affected nodes. The proposed robustness metric considers both the efficiency of destroying the AN and the efficiency of building-up the IN. This approach is motivated by concrete applied problems, since, for example, if we study the dynamics of contamination in river systems, it is necessary to know both the connectivity of the healthy and contaminated parts of the river to assess its ecological functionality. We show that trade-offs between the efficiency of the Active and Idle network dynamics give rise to surprising crossovers and re-ranking of different attack strategies, pointing to significant implications for decision making.

An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge

PubMed Central

Hung, Le Xuan; Canh, Ngo Trong; Lee, Sungyoung; Lee, Young-Koo; Lee, Heejo

2008-01-01

For many sensor network applications such as military or homeland security, it is essential for users (sinks) to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODEplus. It is a significant extension of our previous study in five aspects: (1) Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2) The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3) The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4) Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5) No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODEplus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully. PMID:27873956

An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge.

PubMed

Hung, Le Xuan; Canh, Ngo Trong; Lee, Sungyoung; Lee, Young-Koo; Lee, Heejo

2008-12-03

For many sensor network applications such as military or homeland security, it is essential for users (sinks) to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODE plus . It is a significant extension of our previous study in five aspects: (1) Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2) The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3) The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4) Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5) No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODE plus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully.

Robustness of networks formed from interdependent correlated networks under intentional attacks

NASA Astrophysics Data System (ADS)

Liu, Long; Meng, Ke; Dong, Zhaoyang

2018-02-01

We study the problem of intentional attacks targeting to interdependent networks generated with known degree distribution (in-degree oriented model) or distribution of interlinks (out-degree oriented model). In both models, each node's degree is correlated with the number of its links that connect to the other network. For both models, varying the correlation coefficient has a significant effect on the robustness of a system undergoing random attacks or attacks targeting nodes with low degree. For a system with an assortative relationship between in-degree and out-degree, reducing the broadness of networks' degree distributions can increase the resistance of systems against intentional attacks.

Simulation of Attacks for Security in Wireless Sensor Network

PubMed Central

Diaz, Alvaro; Sanchez, Pablo

2016-01-01

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node’s software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work. PMID:27869710

Network overload due to massive attacks

NASA Astrophysics Data System (ADS)

Kornbluth, Yosef; Barach, Gilad; Tuchman, Yaakov; Kadish, Benjamin; Cwilich, Gabriel; Buldyrev, Sergey V.

2018-05-01

We study the cascading failure of networks due to overload, using the betweenness centrality of a node as the measure of its load following the Motter and Lai model. We study the fraction of survived nodes at the end of the cascade pf as a function of the strength of the initial attack, measured by the fraction of nodes p that survive the initial attack for different values of tolerance α in random regular and Erdös-Renyi graphs. We find the existence of a first-order phase-transition line pt(α ) on a p -α plane, such that if p pt , pf is large and the giant component of the network is still present. Exactly at pt, the function pf(p ) undergoes a first-order discontinuity. We find that the line pt(α ) ends at a critical point (pc,αc) , in which the cascading failures are replaced by a second-order percolation transition. We find analytically the average betweenness of nodes with different degrees before and after the initial attack, we investigate their roles in the cascading failures, and we find a lower bound for pt(α ) . We also study the difference between localized and random attacks.

PHACK: An Efficient Scheme for Selective Forwarding Attack Detection in WSNs

PubMed Central

Liu, Anfeng; Dong, Mianxiong; Ota, Kaoru; Long, Jun

2015-01-01

In this paper, a Per-Hop Acknowledgement (PHACK)-based scheme is proposed for each packet transmission to detect selective forwarding attacks. In our scheme, the sink and each node along the forwarding path generate an acknowledgement (ACK) message for each received packet to confirm the normal packet transmission. The scheme, in which each ACK is returned to the source node along a different routing path, can significantly increase the resilience against attacks because it prevents an attacker from compromising nodes in the return routing path, which can otherwise interrupt the return of nodes’ ACK packets. For this case, the PHACK scheme also has better potential to detect abnormal packet loss and identify suspect nodes as well as better resilience against attacks. Another pivotal issue is the network lifetime of the PHACK scheme, as it generates more acknowledgements than previous ACK-based schemes. We demonstrate that the network lifetime of the PHACK scheme is not lower than that of other ACK-based schemes because the scheme just increases the energy consumption in non-hotspot areas and does not increase the energy consumption in hotspot areas. Moreover, the PHACK scheme greatly simplifies the protocol and is easy to implement. Both theoretical and simulation results are given to demonstrate the effectiveness of the proposed scheme in terms of high detection probability and the ability to identify suspect nodes. PMID:26690178

Topological robustness analysis of protein interaction networks reveals key targets for overcoming chemotherapy resistance in glioma

NASA Astrophysics Data System (ADS)

Azevedo, Hátylas; Moreira-Filho, Carlos Alberto

2015-11-01

Biological networks display high robustness against random failures but are vulnerable to targeted attacks on central nodes. Thus, network topology analysis represents a powerful tool for investigating network susceptibility against targeted node removal. Here, we built protein interaction networks associated with chemoresistance to temozolomide, an alkylating agent used in glioma therapy, and analyzed their modular structure and robustness against intentional attack. These networks showed functional modules related to DNA repair, immunity, apoptosis, cell stress, proliferation and migration. Subsequently, network vulnerability was assessed by means of centrality-based attacks based on the removal of node fractions in descending orders of degree, betweenness, or the product of degree and betweenness. This analysis revealed that removing nodes with high degree and high betweenness was more effective in altering networks’ robustness parameters, suggesting that their corresponding proteins may be particularly relevant to target temozolomide resistance. In silico data was used for validation and confirmed that central nodes are more relevant for altering proliferation rates in temozolomide-resistant glioma cell lines and for predicting survival in glioma patients. Altogether, these results demonstrate how the analysis of network vulnerability to topological attack facilitates target prioritization for overcoming cancer chemoresistance.

Game Theory Meets Wireless Sensor Networks Security Requirements and Threats Mitigation: A Survey.

PubMed

Abdalzaher, Mohamed S; Seddik, Karim; Elsabrouty, Maha; Muta, Osamu; Furukawa, Hiroshi; Abdel-Rahman, Adel

2016-06-29

We present a study of using game theory for protecting wireless sensor networks (WSNs) from selfish behavior or malicious nodes. Due to scalability, low complexity and disseminated nature of WSNs, malicious attacks can be modeled effectively using game theory. In this study, we survey the different game-theoretic defense strategies for WSNs. We present a taxonomy of the game theory approaches based on the nature of the attack, whether it is caused by an external attacker or it is the result of an internal node acting selfishly or maliciously. We also present a general trust model using game theory for decision making. We, finally, identify the significant role of evolutionary games for WSNs security against intelligent attacks; then, we list several prospect applications of game theory to enhance the data trustworthiness and node cooperation in different WSNs.

An Embedded Sensor Node Microcontroller with Crypto-Processors.

PubMed

Panić, Goran; Stecklina, Oliver; Stamenković, Zoran

2016-04-27

Wireless sensor network applications range from industrial automation and control, agricultural and environmental protection, to surveillance and medicine. In most applications, data are highly sensitive and must be protected from any type of attack and abuse. Security challenges in wireless sensor networks are mainly defined by the power and computing resources of sensor devices, memory size, quality of radio channels and susceptibility to physical capture. In this article, an embedded sensor node microcontroller designed to support sensor network applications with severe security demands is presented. It features a low power 16-bitprocessor core supported by a number of hardware accelerators designed to perform complex operations required by advanced crypto algorithms. The microcontroller integrates an embedded Flash and an 8-channel 12-bit analog-to-digital converter making it a good solution for low-power sensor nodes. The article discusses the most important security topics in wireless sensor networks and presents the architecture of the proposed hardware solution. Furthermore, it gives details on the chip implementation, verification and hardware evaluation. Finally, the chip power dissipation and performance figures are estimated and analyzed.

An Embedded Sensor Node Microcontroller with Crypto-Processors

PubMed Central

Panić, Goran; Stecklina, Oliver; Stamenković, Zoran

2016-01-01

Wireless sensor network applications range from industrial automation and control, agricultural and environmental protection, to surveillance and medicine. In most applications, data are highly sensitive and must be protected from any type of attack and abuse. Security challenges in wireless sensor networks are mainly defined by the power and computing resources of sensor devices, memory size, quality of radio channels and susceptibility to physical capture. In this article, an embedded sensor node microcontroller designed to support sensor network applications with severe security demands is presented. It features a low power 16-bitprocessor core supported by a number of hardware accelerators designed to perform complex operations required by advanced crypto algorithms. The microcontroller integrates an embedded Flash and an 8-channel 12-bit analog-to-digital converter making it a good solution for low-power sensor nodes. The article discusses the most important security topics in wireless sensor networks and presents the architecture of the proposed hardware solution. Furthermore, it gives details on the chip implementation, verification and hardware evaluation. Finally, the chip power dissipation and performance figures are estimated and analyzed. PMID:27128925

Hiding Critical Targets in Smart Grid Networks

DOE Office of Scientific and Technical Information (OSTI.GOV)

Bao, Wei; Li, Qinghua

With the integration of advanced communication technologies, the power grid is expected to greatly enhance efficiency and reliability of future power systems. However, since most electrical devices in power grid substations are connected via communication networks, cyber security of these communication networks becomes a critical issue. Real-World incidents such as Stuxnet have shown the feasibility of compromising a device in the power grid network to further launch more sophisticated attacks. To deal with security attacks of this spirit, this paper aims to hide critical targets from compromised internal nodes and hence protect them from further attacks launched by those compromisedmore » nodes. In particular, we consider substation networks and propose to add carefully-controlled dummy traffic to a substation network to make critical target nodes indistinguishable from other nodes in network traffic patterns. This paper describes the design and evaluation of such a scheme. Evaluations show that the scheme can effectively protect critical nodes with acceptable communication cost.« less

Location-Aware Dynamic Session-Key Management for Grid-Based Wireless Sensor Networks

PubMed Central

Chen, Chin-Ling; Lin, I-Hsien

2010-01-01

Security is a critical issue for sensor networks used in hostile environments. When wireless sensor nodes in a wireless sensor network are distributed in an insecure hostile environment, the sensor nodes must be protected: a secret key must be used to protect the nodes transmitting messages. If the nodes are not protected and become compromised, many types of attacks against the network may result. Such is the case with existing schemes, which are vulnerable to attacks because they mostly provide a hop-by-hop paradigm, which is insufficient to defend against known attacks. We propose a location-aware dynamic session-key management protocol for grid-based wireless sensor networks. The proposed protocol improves the security of a secret key. The proposed scheme also includes a key that is dynamically updated. This dynamic update can lower the probability of the key being guessed correctly. Thus currently known attacks can be defended. By utilizing the local information, the proposed scheme can also limit the flooding region in order to reduce the energy that is consumed in discovering routing paths. PMID:22163606

Location-aware dynamic session-key management for grid-based Wireless Sensor Networks.

PubMed

Chen, Chin-Ling; Lin, I-Hsien

2010-01-01

Security is a critical issue for sensor networks used in hostile environments. When wireless sensor nodes in a wireless sensor network are distributed in an insecure hostile environment, the sensor nodes must be protected: a secret key must be used to protect the nodes transmitting messages. If the nodes are not protected and become compromised, many types of attacks against the network may result. Such is the case with existing schemes, which are vulnerable to attacks because they mostly provide a hop-by-hop paradigm, which is insufficient to defend against known attacks. We propose a location-aware dynamic session-key management protocol for grid-based wireless sensor networks. The proposed protocol improves the security of a secret key. The proposed scheme also includes a key that is dynamically updated. This dynamic update can lower the probability of the key being guessed correctly. Thus currently known attacks can be defended. By utilizing the local information, the proposed scheme can also limit the flooding region in order to reduce the energy that is consumed in discovering routing paths.

Game Theory Meets Wireless Sensor Networks Security Requirements and Threats Mitigation: A Survey

PubMed Central

Abdalzaher, Mohamed S.; Seddik, Karim; Elsabrouty, Maha; Muta, Osamu; Furukawa, Hiroshi; Abdel-Rahman, Adel

2016-01-01

We present a study of using game theory for protecting wireless sensor networks (WSNs) from selfish behavior or malicious nodes. Due to scalability, low complexity and disseminated nature of WSNs, malicious attacks can be modeled effectively using game theory. In this study, we survey the different game-theoretic defense strategies for WSNs. We present a taxonomy of the game theory approaches based on the nature of the attack, whether it is caused by an external attacker or it is the result of an internal node acting selfishly or maliciously. We also present a general trust model using game theory for decision making. We, finally, identify the significant role of evolutionary games for WSNs security against intelligent attacks; then, we list several prospect applications of game theory to enhance the data trustworthiness and node cooperation in different WSNs. PMID:27367700

Framework and methodology for supply chain lifecycle analytics

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hamlet, Jason; Eames, Brandon K.; Kao, Gio K.

The various technologies presented herein relate to pertaining to identifying and mitigating risks and attacks on a supply chain. A computer-implemented representation of a supply chain is generated comprising nodes (locations) and edges (objects, information). Risk to attack and different attack vectors can be defined for the various nodes and edges, and further, based upon the risks and attacks, (difficulty, consequence) pairs can be determined. One or more mitigations can be generated to increase a difficulty of attack and/or reduce consequence of an attack. The one or more mitigations can be constrained, e.g., by cost, time, etc., to facilitate determinationmore » of how feasible a respective mitigation is to implement with regard to finances available, duration to implement, etc. A context-free grammar can be utilized to identify one or more attacks in the supply chain. Further, the risks can undergo a ranking to enable mitigation priority to be determined.« less

Direct trust-based security scheme for RREQ flooding attack in mobile ad hoc networks

NASA Astrophysics Data System (ADS)

Kumar, Sunil; Dutta, Kamlesh

2017-06-01

The routing algorithms in MANETs exhibit distributed and cooperative behaviour which makes them easy target for denial of service (DoS) attacks. RREQ flooding attack is a flooding-type DoS attack in context to Ad hoc On Demand Distance Vector (AODV) routing protocol, where the attacker broadcasts massive amount of bogus Route Request (RREQ) packets to set up the route with the non-existent or existent destination in the network. This paper presents direct trust-based security scheme to detect and mitigate the impact of RREQ flooding attack on the network, in which, every node evaluates the trust degree value of its neighbours through analysing the frequency of RREQ packets originated by them over a short period of time. Taking the node's trust degree value as the input, the proposed scheme is smoothly extended for suppressing the surplus RREQ and bogus RREQ flooding packets at one-hop neighbours during the route discovery process. This scheme distinguishes itself from existing techniques by not directly blocking the service of a normal node due to increased amount of RREQ packets in some unusual conditions. The results obtained throughout the simulation experiments clearly show the feasibility and effectiveness of the proposed defensive scheme.

Attack Vulnerability of Network Controllability

PubMed Central

2016-01-01

Controllability of complex networks has attracted much attention, and understanding the robustness of network controllability against potential attacks and failures is of practical significance. In this paper, we systematically investigate the attack vulnerability of network controllability for the canonical model networks as well as the real-world networks subject to attacks on nodes and edges. The attack strategies are selected based on degree and betweenness centralities calculated for either the initial network or the current network during the removal, among which random failure is as a comparison. It is found that the node-based strategies are often more harmful to the network controllability than the edge-based ones, and so are the recalculated strategies than their counterparts. The Barabási-Albert scale-free model, which has a highly biased structure, proves to be the most vulnerable of the tested model networks. In contrast, the Erdős-Rényi random model, which lacks structural bias, exhibits much better robustness to both node-based and edge-based attacks. We also survey the control robustness of 25 real-world networks, and the numerical results show that most real networks are control robust to random node failures, which has not been observed in the model networks. And the recalculated betweenness-based strategy is the most efficient way to harm the controllability of real-world networks. Besides, we find that the edge degree is not a good quantity to measure the importance of an edge in terms of network controllability. PMID:27588941

Attack Vulnerability of Network Controllability.

PubMed

Lu, Zhe-Ming; Li, Xin-Feng

2016-01-01

Controllability of complex networks has attracted much attention, and understanding the robustness of network controllability against potential attacks and failures is of practical significance. In this paper, we systematically investigate the attack vulnerability of network controllability for the canonical model networks as well as the real-world networks subject to attacks on nodes and edges. The attack strategies are selected based on degree and betweenness centralities calculated for either the initial network or the current network during the removal, among which random failure is as a comparison. It is found that the node-based strategies are often more harmful to the network controllability than the edge-based ones, and so are the recalculated strategies than their counterparts. The Barabási-Albert scale-free model, which has a highly biased structure, proves to be the most vulnerable of the tested model networks. In contrast, the Erdős-Rényi random model, which lacks structural bias, exhibits much better robustness to both node-based and edge-based attacks. We also survey the control robustness of 25 real-world networks, and the numerical results show that most real networks are control robust to random node failures, which has not been observed in the model networks. And the recalculated betweenness-based strategy is the most efficient way to harm the controllability of real-world networks. Besides, we find that the edge degree is not a good quantity to measure the importance of an edge in terms of network controllability.

Robustness of coevolution in resolving prisoner's dilemma games on interdependent networks subject to attack

NASA Astrophysics Data System (ADS)

Liu, Penghui; Liu, Jing

2017-08-01

Recently, coevolution between strategy and network structure has been established as a rule to resolve social dilemmas and reach optimal situations for cooperation. Many follow-up researches have focused on studying how coevolution helps networks reorganize to deter the defectors and many coevolution methods have been proposed. However, the robustness of the coevolution rules against attacks have not been studied much. Since attacks may directly influence the original evolutionary process of cooperation, the robustness should be an important index while evaluating the quality of a coevolution method. In this paper, we focus on investigating the robustness of an elementary coevolution method in resolving the prisoner's dilemma game upon the interdependent networks. Three different types of time-independent attacks, named as edge attacks, instigation attacks and node attacks have been employed to test its robustness. Through analyzing the simulation results obtained, we find this coevolution method is relatively robust against the edge attack and the node attack as it successfully maintains cooperation in the population over the entire attack range. However, when the instigation probability of the attacked individuals is large or the attack range of instigation attack is wide enough, coevolutionary rule finally fails in maintaining cooperation in the population.

Using Trust to Establish a Secure Routing Model in Cognitive Radio Network.

PubMed

Zhang, Guanghua; Chen, Zhenguo; Tian, Liqin; Zhang, Dongwen

2015-01-01

Specific to the selective forwarding attack on routing in cognitive radio network, this paper proposes a trust-based secure routing model. Through monitoring nodes' forwarding behaviors, trusts of nodes are constructed to identify malicious nodes. In consideration of that routing selection-based model must be closely collaborative with spectrum allocation, a route request piggybacking available spectrum opportunities is sent to non-malicious nodes. In the routing decision phase, nodes' trusts are used to construct available path trusts and delay measurement is combined for making routing decisions. At the same time, according to the trust classification, different responses are made specific to their service requests. By adopting stricter punishment on malicious behaviors from non-trusted nodes, the cooperation of nodes in routing can be stimulated. Simulation results and analysis indicate that this model has good performance in network throughput and end-to-end delay under the selective forwarding attack.

Cascading failures in complex networks with community structure

NASA Astrophysics Data System (ADS)

Lin, Guoqiang; di, Zengru; Fan, Ying

2014-12-01

Much empirical evidence shows that when attacked with cascading failures, scale-free or even random networks tend to collapse more extensively when the initially deleted node has higher betweenness. Meanwhile, in networks with strong community structure, high-betweenness nodes tend to be bridge nodes that link different communities, and the removal of such nodes will reduce only the connections among communities, leaving the networks fairly stable. Understanding what will affect cascading failures and how to protect or attack networks with strong community structure is therefore of interest. In this paper, we have constructed scale-free Community Networks (SFCN) and Random Community Networks (RCN). We applied these networks, along with the Lancichinett-Fortunato-Radicchi (LFR) benchmark, to the cascading-failure scenario to explore their vulnerability to attack and the relationship between cascading failures and the degree distribution and community structure of a network. The numerical results show that when the networks are of a power-law distribution, a stronger community structure will result in the failure of fewer nodes. In addition, the initial removal of the node with the highest betweenness will not lead to the worst cascading, i.e. the largest avalanche size. The Betweenness Overflow (BOF), an index that we developed, is an effective indicator of this tendency. The RCN, however, display a different result. In addition, the avalanche size of each node can be adopted as an index to evaluate the importance of the node.

Network robustness assessed within a dual connectivity framework: joint dynamics of the Active and Idle Networks.

PubMed

Tejedor, Alejandro; Longjas, Anthony; Zaliapin, Ilya; Ambroj, Samuel; Foufoula-Georgiou, Efi

2017-08-17

Network robustness against attacks has been widely studied in fields as diverse as the Internet, power grids and human societies. But current definition of robustness is only accounting for half of the story: the connectivity of the nodes unaffected by the attack. Here we propose a new framework to assess network robustness, wherein the connectivity of the affected nodes is also taken into consideration, acknowledging that it plays a crucial role in properly evaluating the overall network robustness in terms of its future recovery from the attack. Specifically, we propose a dual perspective approach wherein at any instant in the network evolution under attack, two distinct networks are defined: (i) the Active Network (AN) composed of the unaffected nodes and (ii) the Idle Network (IN) composed of the affected nodes. The proposed robustness metric considers both the efficiency of destroying the AN and that of building-up the IN. We show, via analysis of well-known prototype networks and real world data, that trade-offs between the efficiency of Active and Idle Network dynamics give rise to surprising robustness crossovers and re-rankings, which can have significant implications for decision making.

Methods for reliability evaluation of trust and reputation systems

NASA Astrophysics Data System (ADS)

Janiszewski, Marek B.

2016-09-01

Trust and reputation systems are a systematic approach to build security on the basis of observations of node's behaviour. Exchange of node's opinions about other nodes is very useful to indicate nodes which act selfishly or maliciously. The idea behind trust and reputation systems gets significance because of the fact that conventional security measures (based on cryptography) are often not sufficient. Trust and reputation systems can be used in various types of networks such as WSN, MANET, P2P and also in e-commerce applications. Trust and reputation systems give not only benefits but also could be a thread itself. Many attacks aim at trust and reputation systems exist, but such attacks still have not gain enough attention of research teams. Moreover, joint effects of many of known attacks have been determined as a very interesting field of research. Lack of an acknowledged methodology of evaluation of trust and reputation systems is a serious problem. This paper aims at presenting various approaches of evaluation such systems. This work also contains a description of generalization of many trust and reputation systems which can be used to evaluate reliability of such systems in the context of preventing various attacks.

Analysis of metro network performance from a complex network perspective

NASA Astrophysics Data System (ADS)

Wu, Xingtang; Dong, Hairong; Tse, Chi Kong; Ho, Ivan W. H.; Lau, Francis C. M.

2018-02-01

In this paper, the performance of metro networks is studied from a network science perspective. We review the structural efficiency of metro networks on the basis of a passenger's intuitive routing strategy that optimizes the number of transfers and the distance traveled.A new node centrality measure, called node occupying probability, is introduced for evaluating the level of utilization of stations. The robustness of a metro network is analyzed under several attack scenarios. Six metro networks (Beijing, London, Paris, Hong Kong, Tokyo and New York) are compared in terms of the node occupying probability and a few other performance parameters. Simulation results show that the New York metro system has better topological efficiency, the Tokyo and Hong Kong systems are the most robust under random attack and target attack, respectively.

Robustness of Controllability for Networks Based on Edge-Attack

PubMed Central

Nie, Sen; Wang, Xuwen; Zhang, Haifeng; Li, Qilang; Wang, Binghong

2014-01-01

We study the controllability of networks in the process of cascading failures under two different attacking strategies, random and intentional attack, respectively. For the highest-load edge attack, it is found that the controllability of Erdős-Rényi network, that with moderate average degree, is less robust, whereas the Scale-free network with moderate power-law exponent shows strong robustness of controllability under the same attack strategy. The vulnerability of controllability under random and intentional attacks behave differently with the increasing of removal fraction, especially, we find that the robustness of control has important role in cascades for large removal fraction. The simulation results show that for Scale-free networks with various power-law exponents, the network has larger scale of cascades do not mean that there will be more increments of driver nodes. Meanwhile, the number of driver nodes in cascading failures is also related to the edges amount in strongly connected components. PMID:24586507

Robustness of controllability for networks based on edge-attack.

PubMed

Nie, Sen; Wang, Xuwen; Zhang, Haifeng; Li, Qilang; Wang, Binghong

2014-01-01

We study the controllability of networks in the process of cascading failures under two different attacking strategies, random and intentional attack, respectively. For the highest-load edge attack, it is found that the controllability of Erdős-Rényi network, that with moderate average degree, is less robust, whereas the Scale-free network with moderate power-law exponent shows strong robustness of controllability under the same attack strategy. The vulnerability of controllability under random and intentional attacks behave differently with the increasing of removal fraction, especially, we find that the robustness of control has important role in cascades for large removal fraction. The simulation results show that for Scale-free networks with various power-law exponents, the network has larger scale of cascades do not mean that there will be more increments of driver nodes. Meanwhile, the number of driver nodes in cascading failures is also related to the edges amount in strongly connected components.

Prevention of Malicious Nodes Communication in MANETs by Using Authorized Tokens

NASA Astrophysics Data System (ADS)

Chandrakant, N.; Shenoy, P. Deepa; Venugopal, K. R.; Patnaik, L. M.

A rapid increase of wireless networks and mobile computing applications has changed the landscape of network security. A MANET is more susceptible to the attacks than wired network. As a result, attacks with malicious intent have been and will be devised to take advantage of these vulnerabilities and to cripple the MANET operation. Hence we need to search for new architecture and mechanisms to protect the wireless networks and mobile computing applications. In this paper, we examine the nodes that come under the vicinity of base node and members of the network and communication is provided to genuine nodes only. It is found that the proposed algorithm is a effective algorithm for security in MANETs.

A Novel Topology Link-Controlling Approach for Active Defense of a Node in a Network.

PubMed

Li, Jun; Hu, HanPing; Ke, Qiao; Xiong, Naixue

2017-03-09

With the rapid development of virtual machine technology and cloud computing, distributed denial of service (DDoS) attacks, or some peak traffic, poses a great threat to the security of the network. In this paper, a novel topology link control technique and mitigation attacks in real-time environments is proposed. Firstly, a non-invasive method of deploying virtual sensors in the nodes is built, which uses the resource manager of each monitored node as a sensor. Secondly, a general topology-controlling approach of resisting the tolerant invasion is proposed. In the proposed approach, a prediction model is constructed by using copula functions for predicting the peak of a resource through another resource. The result of prediction determines whether or not to initiate the active defense. Finally, a minority game with incomplete strategy is employed to suppress attack flows and improve the permeability of the normal flows. The simulation results show that the proposed approach is very effective in protecting nodes.

A Novel Topology Link-Controlling Approach for Active Defense of Nodes in Networks

PubMed Central

Li, Jun; Hu, HanPing; Ke, Qiao; Xiong, Naixue

2017-01-01

With the rapid development of virtual machine technology and cloud computing, distributed denial of service (DDoS) attacks, or some peak traffic, poses a great threat to the security of the network. In this paper, a novel topology link control technique and mitigation attacks in real-time environments is proposed. Firstly, a non-invasive method of deploying virtual sensors in the nodes is built, which uses the resource manager of each monitored node as a sensor. Secondly, a general topology-controlling approach of resisting the tolerant invasion is proposed. In the proposed approach, a prediction model is constructed by using copula functions for predicting the peak of a resource through another resource. The result of prediction determines whether or not to initiate the active defense. Finally, a minority game with incomplete strategy is employed to suppress attack flows and improve the permeability of the normal flows. The simulation results show that the proposed approach is very effective in protecting nodes. PMID:28282962

Robustness of weighted networks

NASA Astrophysics Data System (ADS)

Bellingeri, Michele; Cassi, Davide

2018-01-01

Complex network response to node loss is a central question in different fields of network science because node failure can cause the fragmentation of the network, thus compromising the system functioning. Previous studies considered binary networks where the intensity (weight) of the links is not accounted for, i.e. a link is either present or absent. However, in real-world networks the weights of connections, and thus their importance for network functioning, can be widely different. Here, we analyzed the response of real-world and model networks to node loss accounting for link intensity and the weighted structure of the network. We used both classic binary node properties and network functioning measure, introduced a weighted rank for node importance (node strength), and used a measure for network functioning that accounts for the weight of the links (weighted efficiency). We find that: (i) the efficiency of the attack strategies changed using binary or weighted network functioning measures, both for real-world or model networks; (ii) in some cases, removing nodes according to weighted rank produced the highest damage when functioning was measured by the weighted efficiency; (iii) adopting weighted measure for the network damage changed the efficacy of the attack strategy with respect the binary analyses. Our results show that if the weighted structure of complex networks is not taken into account, this may produce misleading models to forecast the system response to node failure, i.e. consider binary links may not unveil the real damage induced in the system. Last, once weighted measures are introduced, in order to discover the best attack strategy, it is important to analyze the network response to node loss using nodes rank accounting the intensity of the links to the node.

A Distributed Energy-Aware Trust Management System for Secure Routing in Wireless Sensor Networks

NASA Astrophysics Data System (ADS)

Stelios, Yannis; Papayanoulas, Nikos; Trakadas, Panagiotis; Maniatis, Sotiris; Leligou, Helen C.; Zahariadis, Theodore

Wireless sensor networks are inherently vulnerable to security attacks, due to their wireless operation. The situation is further aggravated because they operate in an infrastructure-less environment, which mandates the cooperation among nodes for all networking tasks, including routing, i.e. all nodes act as “routers”, forwarding the packets generated by their neighbours in their way to the sink node. This implies that malicious nodes (denying their cooperation) can significantly affect the network operation. Trust management schemes provide a powerful tool for the detection of unexpected node behaviours (either faulty or malicious). Once misbehaving nodes are detected, their neighbours can use this information to avoid cooperating with them either for data forwarding, data aggregation or any other cooperative function. We propose a secure routing solution based on a novel distributed trust management system, which allows for fast detection of a wide set of attacks and also incorporates energy awareness.

Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO) Authentication Scheme against Sybil Attack.

PubMed

Nirmal Raja, K; Maraline Beno, M

2017-07-01

In the wireless sensor network(WSN) security is a major issue. There are several network security schemes proposed in research. In the network, malicious nodes obstruct the performance of the network. The network can be vulnerable by Sybil attack. When a node illicitly assertions multiple identities or claims fake IDs, the WSN grieves from an attack named Sybil attack. This attack threatens wireless sensor network in data aggregation, synchronizing system, routing, fair resource allocation and misbehavior detection. Henceforth, the research is carried out to prevent the Sybil attack and increase the performance of the network. This paper presents the novel security mechanism and Fujisaki Okamoto algorithm and also application of the work. The Fujisaki-Okamoto (FO) algorithm is ID based cryptographic scheme and gives strong authentication against Sybil attack. By using Network simulator2 (NS2) the scheme is simulated. In this proposed scheme broadcasting key, time taken for different key sizes, energy consumption, Packet delivery ratio, Throughput were analyzed.

A Real-Time Cardiac Arrhythmia Classification System with Wearable Sensor Networks

PubMed Central

Hu, Sheng; Wei, Hongxing; Chen, Youdong; Tan, Jindong

2012-01-01

Long term continuous monitoring of electrocardiogram (ECG) in a free living environment provides valuable information for prevention on the heart attack and other high risk diseases. This paper presents the design of a real-time wearable ECG monitoring system with associated cardiac arrhythmia classification algorithms. One of the striking advantages is that ECG analog front-end and on-node digital processing are designed to remove most of the noise and bias. In addition, the wearable sensor node is able to monitor the patient's ECG and motion signal in an unobstructive way. To realize the real-time medical analysis, the ECG is digitalized and transmitted to a smart phone via Bluetooth. On the smart phone, the ECG waveform is visualized and a novel layered hidden Markov model is seamlessly integrated to classify multiple cardiac arrhythmias in real time. Experimental results demonstrate that the clean and reliable ECG waveform can be captured in multiple stressed conditions and the real-time classification on cardiac arrhythmia is competent to other workbenches. PMID:23112746

Secure chaotic map based block cryptosystem with application to camera sensor networks.

PubMed

Guo, Xianfeng; Zhang, Jiashu; Khan, Muhammad Khurram; Alghathbar, Khaled

2011-01-01

Recently, Wang et al. presented an efficient logistic map based block encryption system. The encryption system employs feedback ciphertext to achieve plaintext dependence of sub-keys. Unfortunately, we discovered that their scheme is unable to withstand key stream attack. To improve its security, this paper proposes a novel chaotic map based block cryptosystem. At the same time, a secure architecture for camera sensor network is constructed. The network comprises a set of inexpensive camera sensors to capture the images, a sink node equipped with sufficient computation and storage capabilities and a data processing server. The transmission security between the sink node and the server is gained by utilizing the improved cipher. Both theoretical analysis and simulation results indicate that the improved algorithm can overcome the flaws and maintain all the merits of the original cryptosystem. In addition, computational costs and efficiency of the proposed scheme are encouraging for the practical implementation in the real environment as well as camera sensor network.

Secure Chaotic Map Based Block Cryptosystem with Application to Camera Sensor Networks

PubMed Central

Guo, Xianfeng; Zhang, Jiashu; Khan, Muhammad Khurram; Alghathbar, Khaled

2011-01-01

Recently, Wang et al. presented an efficient logistic map based block encryption system. The encryption system employs feedback ciphertext to achieve plaintext dependence of sub-keys. Unfortunately, we discovered that their scheme is unable to withstand key stream attack. To improve its security, this paper proposes a novel chaotic map based block cryptosystem. At the same time, a secure architecture for camera sensor network is constructed. The network comprises a set of inexpensive camera sensors to capture the images, a sink node equipped with sufficient computation and storage capabilities and a data processing server. The transmission security between the sink node and the server is gained by utilizing the improved cipher. Both theoretical analysis and simulation results indicate that the improved algorithm can overcome the flaws and maintain all the merits of the original cryptosystem. In addition, computational costs and efficiency of the proposed scheme are encouraging for the practical implementation in the real environment as well as camera sensor network. PMID:22319371

The influence of the depth of k-core layers on the robustness of interdependent networks against cascading failures

NASA Astrophysics Data System (ADS)

Dong, Zhengcheng; Fang, Yanjun; Tian, Meng; Kong, Zhengmin

The hierarchical structure, k-core, is common in various complex networks, and the actual network always has successive layers from 1-core layer (the peripheral layer) to km-core layer (the core layer). The nodes within the core layer have been proved to be the most influential spreaders, but there is few work about how the depth of k-core layers (the value of km) can affect the robustness against cascading failures, rather than the interdependent networks. First, following the preferential attachment, a novel method is proposed to generate the scale-free network with successive k-core layers (KCBA network), and the KCBA network is validated more realistic than the traditional BA network. Then, with KCBA interdependent networks, the effect of the depth of k-core layers is investigated. Considering the load-based model, the loss of capacity on nodes is adopted to quantify the robustness instead of the number of functional nodes in the end. We conduct two attacking strategies, i.e. the RO-attack (Randomly remove only one node) and the RF-attack (Randomly remove a fraction of nodes). Results show that the robustness of KCBA networks not only depends on the depth of k-core layers, but also is slightly influenced by the initial load. With RO-attack, the networks with less k-core layers are more robust when the initial load is small. With RF-attack, the robustness improves with small km, but the improvement is getting weaker with the increment of the initial load. In a word, the lower the depth is, the more robust the networks will be.

Cascade-based attacks on complex networks

NASA Astrophysics Data System (ADS)

Motter, Adilson E.; Lai, Ying-Cheng

2002-12-01

We live in a modern world supported by large, complex networks. Examples range from financial markets to communication and transportation systems. In many realistic situations the flow of physical quantities in the network, as characterized by the loads on nodes, is important. We show that for such networks where loads can redistribute among the nodes, intentional attacks can lead to a cascade of overload failures, which can in turn cause the entire or a substantial part of the network to collapse. This is relevant for real-world networks that possess a highly heterogeneous distribution of loads, such as the Internet and power grids. We demonstrate that the heterogeneity of these networks makes them particularly vulnerable to attacks in that a large-scale cascade may be triggered by disabling a single key node. This brings obvious concerns on the security of such systems.

SCODE: A Secure Coordination-Based Data Dissemination to Mobile Sinks in Sensor Networks

NASA Astrophysics Data System (ADS)

Hung, Lexuan; Lee, Sungyoung; Lee, Young-Koo; Lee, Heejo

For many sensor network applications such as military, homeland security, it is necessary for users (sinks) to access sensor networks while they are moving. However, sink mobility brings new challenges to secure routing in large-scale sensor networks. Mobile sinks have to constantly propagate their current location to all nodes, and these nodes need to exchange messages with each other so that the sensor network can establish and maintain a secure multi-hop path between a source node and a mobile sink. This causes significant computation and communication overhead for sensor nodes. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. In this paper, we propose a secure and energy-efficient data dissemination protocol — Secure COodination-based Data dissEmination (SCODE) — for mobile sinks in sensor networks. We take advantages of coordination networks (grid structure) based on Geographical Adaptive Fidelity (GAF) protocol to construct a secure and efficient routing path between sources and sinks. Our security analysis demonstrates that the proposed protocol can defend against common attacks in sensor network routing such as replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Our performance evaluation both in mathematical analysis and simulation shows that the SCODE significantly reduces communication overhead and energy consumption while the latency is similar compared with the existing routing protocols, and it always delivers more than 90 percentage of packets successfully.

A Secure Region-Based Geographic Routing Protocol (SRBGR) for Wireless Sensor Networks

PubMed Central

Adnan, Ali Idarous; Hanapi, Zurina Mohd; Othman, Mohamed; Zukarnain, Zuriati Ahmad

2017-01-01

Due to the lack of dependency for routing initiation and an inadequate allocated sextant on responding messages, the secure geographic routing protocols for Wireless Sensor Networks (WSNs) have attracted considerable attention. However, the existing protocols are more likely to drop packets when legitimate nodes fail to respond to the routing initiation messages while attackers in the allocated sextant manage to respond. Furthermore, these protocols are designed with inefficient collection window and inadequate verification criteria which may lead to a high number of attacker selections. To prevent the failure to find an appropriate relay node and undesirable packet retransmission, this paper presents Secure Region-Based Geographic Routing Protocol (SRBGR) to increase the probability of selecting the appropriate relay node. By extending the allocated sextant and applying different message contention priorities more legitimate nodes can be admitted in the routing process. Moreover, the paper also proposed the bound collection window for a sufficient collection time and verification cost for both attacker identification and isolation. Extensive simulation experiments have been performed to evaluate the performance of the proposed protocol in comparison with other existing protocols. The results demonstrate that SRBGR increases network performance in terms of the packet delivery ratio and isolates attacks such as Sybil and Black hole. PMID:28121992

A Secure Region-Based Geographic Routing Protocol (SRBGR) for Wireless Sensor Networks.

PubMed

Adnan, Ali Idarous; Hanapi, Zurina Mohd; Othman, Mohamed; Zukarnain, Zuriati Ahmad

2017-01-01

Due to the lack of dependency for routing initiation and an inadequate allocated sextant on responding messages, the secure geographic routing protocols for Wireless Sensor Networks (WSNs) have attracted considerable attention. However, the existing protocols are more likely to drop packets when legitimate nodes fail to respond to the routing initiation messages while attackers in the allocated sextant manage to respond. Furthermore, these protocols are designed with inefficient collection window and inadequate verification criteria which may lead to a high number of attacker selections. To prevent the failure to find an appropriate relay node and undesirable packet retransmission, this paper presents Secure Region-Based Geographic Routing Protocol (SRBGR) to increase the probability of selecting the appropriate relay node. By extending the allocated sextant and applying different message contention priorities more legitimate nodes can be admitted in the routing process. Moreover, the paper also proposed the bound collection window for a sufficient collection time and verification cost for both attacker identification and isolation. Extensive simulation experiments have been performed to evaluate the performance of the proposed protocol in comparison with other existing protocols. The results demonstrate that SRBGR increases network performance in terms of the packet delivery ratio and isolates attacks such as Sybil and Black hole.

An Optimal Method for Detecting Internal and External Intrusion in MANET

NASA Astrophysics Data System (ADS)

Rafsanjani, Marjan Kuchaki; Aliahmadipour, Laya; Javidi, Mohammad M.

Mobile Ad hoc Network (MANET) is formed by a set of mobile hosts which communicate among themselves through radio waves. The hosts establish infrastructure and cooperate to forward data in a multi-hop fashion without a central administration. Due to their communication type and resources constraint, MANETs are vulnerable to diverse types of attacks and intrusions. In this paper, we proposed a method for prevention internal intruder and detection external intruder by using game theory in mobile ad hoc network. One optimal solution for reducing the resource consumption of detection external intruder is to elect a leader for each cluster to provide intrusion service to other nodes in the its cluster, we call this mode moderate mode. Moderate mode is only suitable when the probability of attack is low. Once the probability of attack is high, victim nodes should launch their own IDS to detect and thwart intrusions and we call robust mode. In this paper leader should not be malicious or selfish node and must detect external intrusion in its cluster with minimum cost. Our proposed method has three steps: the first step building trust relationship between nodes and estimation trust value for each node to prevent internal intrusion. In the second step we propose an optimal method for leader election by using trust value; and in the third step, finding the threshold value for notifying the victim node to launch its IDS once the probability of attack exceeds that value. In first and third step we apply Bayesian game theory. Our method due to using game theory, trust value and honest leader can effectively improve the network security, performance and reduce resource consumption.

On the Simulation-Based Reliability of Complex Emergency Logistics Networks in Post-Accident Rescues.

PubMed

Wang, Wei; Huang, Li; Liang, Xuedong

2018-01-06

This paper investigates the reliability of complex emergency logistics networks, as reliability is crucial to reducing environmental and public health losses in post-accident emergency rescues. Such networks' statistical characteristics are analyzed first. After the connected reliability and evaluation indices for complex emergency logistics networks are effectively defined, simulation analyses of network reliability are conducted under two different attack modes using a particular emergency logistics network as an example. The simulation analyses obtain the varying trends in emergency supply times and the ratio of effective nodes and validates the effects of network characteristics and different types of attacks on network reliability. The results demonstrate that this emergency logistics network is both a small-world and a scale-free network. When facing random attacks, the emergency logistics network steadily changes, whereas it is very fragile when facing selective attacks. Therefore, special attention should be paid to the protection of supply nodes and nodes with high connectivity. The simulation method provides a new tool for studying emergency logistics networks and a reference for similar studies.

On the Simulation-Based Reliability of Complex Emergency Logistics Networks in Post-Accident Rescues

PubMed Central

Wang, Wei; Huang, Li; Liang, Xuedong

2018-01-01

This paper investigates the reliability of complex emergency logistics networks, as reliability is crucial to reducing environmental and public health losses in post-accident emergency rescues. Such networks’ statistical characteristics are analyzed first. After the connected reliability and evaluation indices for complex emergency logistics networks are effectively defined, simulation analyses of network reliability are conducted under two different attack modes using a particular emergency logistics network as an example. The simulation analyses obtain the varying trends in emergency supply times and the ratio of effective nodes and validates the effects of network characteristics and different types of attacks on network reliability. The results demonstrate that this emergency logistics network is both a small-world and a scale-free network. When facing random attacks, the emergency logistics network steadily changes, whereas it is very fragile when facing selective attacks. Therefore, special attention should be paid to the protection of supply nodes and nodes with high connectivity. The simulation method provides a new tool for studying emergency logistics networks and a reference for similar studies. PMID:29316614

MPH-M, AODV-M and DSR-M Performance Evaluation under Jamming Attacks.

PubMed

Del-Valle-Soto, Carolina; Mex-Perera, Carlos; Monroy, Raul; Nolazco-Flores, Juan A

2017-07-05

In this work, we present the design of a mitigation scheme for jamming attacks integrated to the routing protocols MPH, AODV, and DSR. The resulting protocols are named MPH-M (Multi-Parent Hierarchical - Modified), AODV-M (Ad hoc On Demand Distance Vector - Modified), and DSR-M (Dynamic Source Routing - Modified). For the mitigation algorithm, if the detection algorithm running locally in each node produces a positive result then the node is isolated; second, the routing protocol adapts their paths avoiding the isolated nodes. We evaluated how jamming attacks affect different metrics for all these modified protocols. The metrics we employ to detect jamming attack are number of packet retransmissions, number of CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) retries while waiting for an idle channel and the energy wasted by the node. The metrics to evaluate the performance of the modified routing protocols are the throughput and resilience of the system and the energy used by the nodes. We evaluated all the modified protocols when the attacker position was set near, middle and far of the collector node. The results of our evaluation show that performance for MPH-M is much better than AODV-M and DSR-M. For example, the node energy for MPH-M is 138.13% better than AODV-M and 126.07% better than DSR-M. Moreover, we also find that MPH-M benefits much more of the mitigation scheme than AODV-M and DSR-M. For example, the node energy consumption is 34.61% lower for MPH-M and only 3.92% and 3.42% for AODV-M and DSR-M, respectively. On throughput, the MPH protocol presents a packet reception efficiency at the collector node of 16.4% on to AODV and DSR when there is no mitigation mechanism. Moreover, MPH-M has an efficiency greater than 7.7% with respect to AODV-M and DSR-M when there is a mitigation scheme. In addition, we have that with the mitigation mechanism AODV-M and DSR-M do not present noticeable modification. However, MPH-M improves its efficiency by 8.4%. We also measure the resilience of these algorithms from the average packet re-transmissions perspective, and we find that MPH-M has around a 15% lower change rate than AODV-M and DSR-M. The MPH-M recovery time is 5 s faster than AODV-M and 2 s faster than DSR-M.

MPH-M, AODV-M and DSR-M Performance Evaluation under Jamming Attacks

PubMed Central

Del-Valle-Soto, Carolina

2017-01-01

In this work, we present the design of a mitigation scheme for jamming attacks integrated to the routing protocols MPH, AODV, and DSR. The resulting protocols are named MPH-M (Multi-Parent Hierarchical - Modified), AODV-M (Ad hoc On Demand Distance Vector - Modified), and DSR-M (Dynamic Source Routing - Modified). For the mitigation algorithm, if the detection algorithm running locally in each node produces a positive result then the node is isolated; second, the routing protocol adapts their paths avoiding the isolated nodes. We evaluated how jamming attacks affect different metrics for all these modified protocols. The metrics we employ to detect jamming attack are number of packet retransmissions, number of CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) retries while waiting for an idle channel and the energy wasted by the node. The metrics to evaluate the performance of the modified routing protocols are the throughput and resilience of the system and the energy used by the nodes. We evaluated all the modified protocols when the attacker position was set near, middle and far of the collector node. The results of our evaluation show that performance for MPH-M is much better than AODV-M and DSR-M. For example, the node energy for MPH-M is 138.13% better than AODV-M and 126.07% better than DSR-M. Moreover, we also find that MPH-M benefits much more of the mitigation scheme than AODV-M and DSR-M. For example, the node energy consumption is 34.61% lower for MPH-M and only 3.92% and 3.42% for AODV-M and DSR-M, respectively. On throughput, the MPH protocol presents a packet reception efficiency at the collector node of 16.4% on to AODV and DSR when there is no mitigation mechanism. Moreover, MPH-M has an efficiency greater than 7.7% with respect to AODV-M and DSR-M when there is a mitigation scheme. In addition, we have that with the mitigation mechanism AODV-M and DSR-M do not present noticeable modification. However, MPH-M improves its efficiency by 8.4%. We also measure the resilience of these algorithms from the average packet re-transmissions perspective, and we find that MPH-M has around a 15% lower change rate than AODV-M and DSR-M. The MPH-M recovery time is 5 s faster than AODV-M and 2 s faster than DSR-M. PMID:28678180

Information Warfare-Worthy Jamming Attack Detection Mechanism for Wireless Sensor Networks Using a Fuzzy Inference System

PubMed Central

Misra, Sudip; Singh, Ranjit; Rohith Mohan, S. V.

2010-01-01

The proposed mechanism for jamming attack detection for wireless sensor networks is novel in three respects: firstly, it upgrades the jammer to include versatile military jammers; secondly, it graduates from the existing node-centric detection system to the network-centric system making it robust and economical at the nodes, and thirdly, it tackles the problem through fuzzy inference system, as the decision regarding intensity of jamming is seldom crisp. The system with its high robustness, ability to grade nodes with jamming indices, and its true-detection rate as high as 99.8%, is worthy of consideration for information warfare defense purposes. PMID:22319307

Distributed Denial of Service Attack Source Detection Using Efficient Traceback Technique (ETT) in Cloud-Assisted Healthcare Environment.

PubMed

Latif, Rabia; Abbas, Haider; Latif, Seemab; Masood, Ashraf

2016-07-01

Security and privacy are the first and foremost concerns that should be given special attention when dealing with Wireless Body Area Networks (WBANs). As WBAN sensors operate in an unattended environment and carry critical patient health information, Distributed Denial of Service (DDoS) attack is one of the major attacks in WBAN environment that not only exhausts the available resources but also influence the reliability of information being transmitted. This research work is an extension of our previous work in which a machine learning based attack detection algorithm is proposed to detect DDoS attack in WBAN environment. However, in order to avoid complexity, no consideration was given to the traceback mechanism. During traceback, the challenge lies in reconstructing the attack path leading to identify the attack source. Among existing traceback techniques, Probabilistic Packet Marking (PPM) approach is the most commonly used technique in conventional IP- based networks. However, since marking probability assignment has significant effect on both the convergence time and performance of a scheme, it is not directly applicable in WBAN environment due to high convergence time and overhead on intermediate nodes. Therefore, in this paper we have proposed a new scheme called Efficient Traceback Technique (ETT) based on Dynamic Probability Packet Marking (DPPM) approach and uses MAC header in place of IP header. Instead of using fixed marking probability, the proposed scheme uses variable marking probability based on the number of hops travelled by a packet to reach the target node. Finally, path reconstruction algorithms are proposed to traceback an attacker. Evaluation and simulation results indicate that the proposed solution outperforms fixed PPM in terms of convergence time and computational overhead on nodes.

A Black Hole Attack Model for Reactive Ad-Hoc Protocols

DTIC Science & Technology

2012-03-01

Technology Conference. IEEE, 2003. pp. 2286-2290. [BhS09] N. Bhalaji, and A. Shanmugam. "Association Between Nodes to Combat Blackhole Attack in DSR...2012. 102 [PSA09] A. Prathapani, L. Santhanam, and P. Agrawal. "Intelligent Honeypot Agent for Blackhole Attack Detection in Wireless Mesh

Trust Threshold Based Public Key Management in Mobile Ad Hoc Networks

DTIC Science & Technology

2016-03-05

should operate in a self-organized way. Capkun t al. [15] proposed a certificate-based self-organized pub- c key management for MANETs by removing...period allo node started with ignorance interact with other nodes, th not reach T th Table 2 Attack behavior for operations . Operation Attack...section, we discuss the core operations o CTPKM as illustrated by Fig. 1 . Each mobile entity is able t communicate with other entities using public

Neural methods based on modified reputation rules for detection and identification of intrusion attacks in wireless ad hoc sensor networks

NASA Astrophysics Data System (ADS)

Hortos, William S.

2010-04-01

Determining methods to secure the process of data fusion against attacks by compromised nodes in wireless sensor networks (WSNs) and to quantify the uncertainty that may exist in the aggregation results is a critical issue in mitigating the effects of intrusion attacks. Published research has introduced the concept of the trustworthiness (reputation) of a single sensor node. Reputation is evaluated using an information-theoretic concept, the Kullback- Leibler (KL) distance. Reputation is added to the set of security features. In data aggregation, an opinion, a metric of the degree of belief, is generated to represent the uncertainty in the aggregation result. As aggregate information is disseminated along routes to the sink node(s), its corresponding opinion is propagated and regulated by Josang's belief model. By applying subjective logic on the opinion to manage trust propagation, the uncertainty inherent in aggregation results can be quantified for use in decision making. The concepts of reputation and opinion are modified to allow their application to a class of dynamic WSNs. Using reputation as a factor in determining interim aggregate information is equivalent to implementation of a reputation-based security filter at each processing stage of data fusion, thereby improving the intrusion detection and identification results based on unsupervised techniques. In particular, the reputation-based version of the probabilistic neural network (PNN) learns the signature of normal network traffic with the random probability weights normally used in the PNN replaced by the trust-based quantified reputations of sensor data or subsequent aggregation results generated by the sequential implementation of a version of Josang's belief model. A two-stage, intrusion detection and identification algorithm is implemented to overcome the problems of large sensor data loads and resource restrictions in WSNs. Performance of the twostage algorithm is assessed in simulations of WSN scenarios with multiple sensors at edge nodes for known intrusion attacks. Simulation results show improved robustness of the two-stage design based on reputation-based NNs to intrusion anomalies from compromised nodes and external intrusion attacks.

The effects of malicious nodes on performance of mobile ad hoc networks

NASA Astrophysics Data System (ADS)

Li, Fanzhi; Shi, Xiyu; Jassim, Sabah; Adams, Christopher

2006-05-01

Wireless ad hoc networking offers convenient infrastructureless communication over the shared wireless channel. However, the nature of ad hoc networks makes them vulnerable to security attacks. Unlike their wired counterpart, infrastructureless ad hoc networks do not have a clear line of defense, their topology is dynamically changing, and every mobile node can receive messages from its neighbors and can be contacted by all other nodes in its neighborhood. This poses a great danger to network security if some nodes behave in a malicious manner. The immediate concern about the security in this type of networks is how to protect the network and the individual mobile nodes against malicious act of rogue nodes from within the network. This paper is concerned with security aspects of wireless ad hoc networks. We shall present results of simulation experiments on ad hoc network's performance in the presence of malicious nodes. We shall investigate two types of attacks and the consequences will be simulated and quantified in terms of loss of packets and other factors. The results show that network performance, in terms of successful packet delivery ratios, significantly deteriorates when malicious nodes act according to the defined misbehaving characteristics.

On the routing protocol influence on the resilience of wireless sensor networks to jamming attacks.

PubMed

Del-Valle-Soto, Carolina; Mex-Perera, Carlos; Monroy, Raul; Nolazco-Flores, Juan Arturo

2015-03-27

In this work, we compare a recently proposed routing protocol, the multi-parent hierarchical (MPH) protocol, with two well-known protocols, the ad hoc on-demand distance vector (AODV) and dynamic source routing (DSR). For this purpose, we have developed a simulator, which faithfully reifies the workings of a given protocol, considering a fixed, reconfigurable ad hoc network given by the number and location of participants, and general network conditions. We consider a scenario that can be found in a large number of wireless sensor network applications, a single sink node that collects all of the information generated by the sensors. The metrics used to compare the protocols were the number of packet retransmissions, carrier sense multiple access (CSMA) inner loop retries, the number of nodes answering the queries from the coordinator (sink) node and the energy consumption. We tested the network under ordinary (without attacks) conditions (and combinations thereof) and when it is subject to different types of jamming attacks (in particular, random and reactive jamming attacks), considering several positions for the jammer. Our results report that MPH has a greater ability to tolerate such attacks than DSR and AODV, since it minimizes and encapsulates the network segment under attack. The self-configuring capabilities of MPH derived from a combination of a proactive routes update, on a periodic-time basis, and a reactive behavior provide higher resilience while offering a better performance (overhead and energy consumption) than AODV and DSR, as shown in our simulation results.

Analyses of the response of a complex weighted network to nodes removal strategies considering links weight: The case of the Beijing urban road system

NASA Astrophysics Data System (ADS)

Bellingeri, Michele; Lu, Zhe-Ming; Cassi, Davide; Scotognella, Francesco

2018-02-01

Complex network response to node loss is a central question in different fields of science ranging from physics, sociology, biology to ecology. Previous studies considered binary networks where the weight of the links is not accounted for. However, in real-world networks the weights of connections can be widely different. Here, we analyzed the response of real-world road traffic complex network of Beijing, the most prosperous city in China. We produced nodes removal attack simulations using classic binary node features and we introduced weighted ranks for node importance. We measured the network functioning during nodes removal with three different parameters: the size of the largest connected cluster (LCC), the binary network efficiency (Bin EFF) and the weighted network efficiency (Weg EFF). We find that removing nodes according to weighted rank, i.e. considering the weight of the links as a number of taxi flows along the roads, produced in general the highest damage in the system. Our results show that: (i) in order to model Beijing road complex networks response to nodes (intersections) failure, it is necessary to consider the weight of the links; (ii) to discover the best attack strategy, it is important to use nodes rank accounting links weight.

Cryptanalysis and security improvements of 'two-factor user authentication in wireless sensor networks'.

PubMed

Khan, Muhammad Khurram; Alghathbar, Khaled

2010-01-01

User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.

Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks.

PubMed

Kim, Jiye; Lee, Donghoon; Jeon, Woongryul; Lee, Youngsook; Won, Dongho

2014-04-09

User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker's own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

Fast Fragmentation of Networks Using Module-Based Attacks

PubMed Central

Requião da Cunha, Bruno; González-Avella, Juan Carlos; Gonçalves, Sebastián

2015-01-01

In the multidisciplinary field of Network Science, optimization of procedures for efficiently breaking complex networks is attracting much attention from a practical point of view. In this contribution, we present a module-based method to efficiently fragment complex networks. The procedure firstly identifies topological communities through which the network can be represented using a well established heuristic algorithm of community finding. Then only the nodes that participate of inter-community links are removed in descending order of their betweenness centrality. We illustrate the method by applying it to a variety of examples in the social, infrastructure, and biological fields. It is shown that the module-based approach always outperforms targeted attacks to vertices based on node degree or betweenness centrality rankings, with gains in efficiency strongly related to the modularity of the network. Remarkably, in the US power grid case, by deleting 3% of the nodes, the proposed method breaks the original network in fragments which are twenty times smaller in size than the fragments left by betweenness-based attack. PMID:26569610

Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks

PubMed Central

Kim, Jiye; Lee, Donghoon; Jeon, Woongryul; Lee, Youngsook; Won, Dongho

2014-01-01

User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker's own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes. PMID:24721764

Node Survival in Networks under Correlated Attacks

PubMed Central

Hao, Yan; Armbruster, Dieter; Hütt, Marc-Thorsten

2015-01-01

We study the interplay between correlations, dynamics, and networks for repeated attacks on a socio-economic network. As a model system we consider an insurance scheme against disasters that randomly hit nodes, where a node in need receives support from its network neighbors. The model is motivated by gift giving among the Maasai called Osotua. Survival of nodes under different disaster scenarios (uncorrelated, spatially, temporally and spatio-temporally correlated) and for different network architectures are studied with agent-based numerical simulations. We find that the survival rate of a node depends dramatically on the type of correlation of the disasters: Spatially and spatio-temporally correlated disasters increase the survival rate; purely temporally correlated disasters decrease it. The type of correlation also leads to strong inequality among the surviving nodes. We introduce the concept of disaster masking to explain some of the results of our simulations. We also analyze the subsets of the networks that were activated to provide support after fifty years of random disasters. They show qualitative differences for the different disaster scenarios measured by path length, degree, clustering coefficient, and number of cycles. PMID:25932635

Energy-Efficient Implementation of ECDH Key Exchange for Wireless Sensor Networks

NASA Astrophysics Data System (ADS)

Lederer, Christian; Mader, Roland; Koschuch, Manuel; Großschädl, Johann; Szekely, Alexander; Tillich, Stefan

Wireless Sensor Networks (WSNs) are playing a vital role in an ever-growing number of applications ranging from environmental surveillance over medical monitoring to home automation. Since WSNs are often deployed in unattended or even hostile environments, they can be subject to various malicious attacks, including the manipulation and capture of nodes. The establishment of a shared secret key between two or more individual nodes is one of the most important security services needed to guarantee the proper functioning of a sensor network. Despite some recent advances in this field, the efficient implementation of cryptographic key establishment for WSNs remains a challenge due to the resource constraints of small sensor nodes such as the MICAz mote. In this paper we present a lightweight implementation of the elliptic curve Diffie-Hellman (ECDH) key exchange for ZigBee-compliant sensor nodes equipped with an ATmega128 processor running the TinyOS operating system. Our implementation uses a 192-bit prime field specified by the NIST as underlying algebraic structure and requires only 5.20 ·106 clock cycles to compute a scalar multiplication if the base point is fixed and known a priori. A scalar multiplication using a random base point takes about 12.33 ·106 cycles. Our results show that a full ECDH key exchange between two MICAz motes consumes an energy of 57.33 mJ (including radio communication), which is significantly better than most previously reported ECDH implementations on comparable platforms.

GlobalTrust: An Attack Resilient Reputation System for Tactical Networks

DTIC Science & Technology

2014-07-03

MSA): Some malicious nodes misbehave while other malicious nodes, called malicious spies, behave normally by providing proper services. These...disseminate conflicting (or inconsistent) LTOs. For example, they may misbehave only to a subset of honest nodes (referred to as target nodes) to... misbehaving with prob. α honestly reporting LTOs NRA misbehaving with prob. α reporting opposite LTOs, 1− α CRA misbehaving with prob. α reporting

Limits of Predictability of Cascading Overload Failures in Spatially-Embedded Networks with Distributed Flows.

PubMed

Moussawi, A; Derzsy, N; Lin, X; Szymanski, B K; Korniss, G

2017-09-15

Cascading failures are a critical vulnerability of complex information or infrastructure networks. Here we investigate the properties of load-based cascading failures in real and synthetic spatially-embedded network structures, and propose mitigation strategies to reduce the severity of damages caused by such failures. We introduce a stochastic method for optimal heterogeneous distribution of resources (node capacities) subject to a fixed total cost. Additionally, we design and compare the performance of networks with N-stable and (N-1)-stable network-capacity allocations by triggering cascades using various real-world node-attack and node-failure scenarios. We show that failure mitigation through increased node protection can be effectively achieved against single-node failures. However, mitigating against multiple node failures is much more difficult due to the combinatorial increase in possible sets of initially failing nodes. We analyze the robustness of the system with increasing protection, and find that a critical tolerance exists at which the system undergoes a phase transition, and above which the network almost completely survives an attack. Moreover, we show that cascade-size distributions measured in this region exhibit a power-law decay. Finally, we find a strong correlation between cascade sizes induced by individual nodes and sets of nodes. We also show that network topology alone is a weak predictor in determining the progression of cascading failures.

Geographic Wormhole Detection in Wireless Sensor Networks

PubMed Central

Sookhak, Mehdi; Akhundzada, Adnan; Sookhak, Alireza; Eslaminejad, Mohammadreza; Gani, Abdullah; Khurram Khan, Muhammad; Li, Xiong; Wang, Xiaomin

2015-01-01

Wireless sensor networks (WSNs) are ubiquitous and pervasive, and therefore; highly susceptible to a number of security attacks. Denial of Service (DoS) attack is considered the most dominant and a major threat to WSNs. Moreover, the wormhole attack represents one of the potential forms of the Denial of Service (DoS) attack. Besides, crafting the wormhole attack is comparatively simple; though, its detection is nontrivial. On the contrary, the extant wormhole defense methods need both specialized hardware and strong assumptions to defend against static and dynamic wormhole attack. The ensuing paper introduces a novel scheme to detect wormhole attacks in a geographic routing protocol (DWGRP). The main contribution of this paper is to detect malicious nodes and select the best and the most reliable neighbors based on pairwise key pre-distribution technique and the beacon packet. Moreover, this novel technique is not subject to any specific assumption, requirement, or specialized hardware, such as a precise synchronized clock. The proposed detection method is validated by comparisons with several related techniques in the literature, such as Received Signal Strength (RSS), Authentication of Nodes Scheme (ANS), Wormhole Detection uses Hound Packet (WHOP), and Wormhole Detection with Neighborhood Information (WDI) using the NS-2 simulator. The analysis of the simulations shows promising results with low False Detection Rate (FDR) in the geographic routing protocols. PMID:25602616

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version

PubMed Central

Babu, M. Rajesh; Dian, S. Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things. PMID:26495430

An Efficient and Adaptive Mutual Authentication Framework for Heterogeneous Wireless Sensor Network-Based Applications

PubMed Central

Kumar, Pardeep; Ylianttila, Mika; Gurtov, Andrei; Lee, Sang-Gon; Lee, Hoon-Jae

2014-01-01

Robust security is highly coveted in real wireless sensor network (WSN) applications since wireless sensors' sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring). The proposed framework offers: (i) key initialization; (ii) secure network (cluster) formation (i.e., mutual authentication and dynamic key establishment); (iii) key revocation; and (iv) new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications. PMID:24521942

Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version.

PubMed

Babu, M Rajesh; Dian, S Moses; Chelladurai, Siva; Palaniappan, Mathiyalagan

2015-01-01

The world is moving towards a new realm of computing such as Internet of Things. The Internet of Things, however, envisions connecting almost all objects within the world to the Internet by recognizing them as smart objects. In doing so, the existing networks which include wired, wireless, and ad hoc networks should be utilized. Moreover, apart from other networks, the ad hoc network is full of security challenges. For instance, the MANET (mobile ad hoc network) is susceptible to various attacks in which the black hole attacks and its versions do serious damage to the entire MANET infrastructure. The severity of this attack increases, when the compromised MANET nodes work in cooperation with each other to make a cooperative black hole attack. Therefore this paper proposes an alleviation procedure which consists of timely mandate procedure, hole detection algorithm, and sensitive guard procedure to detect the maliciously behaving nodes. It has been observed that the proposed procedure is cost-effective and ensures QoS guarantee by assuring resource availability thus making the MANET appropriate for Internet of Things.

An efficient and adaptive mutual authentication framework for heterogeneous wireless sensor network-based applications.

PubMed

Kumar, Pardeep; Ylianttila, Mika; Gurtov, Andrei; Lee, Sang-Gon; Lee, Hoon-Jae

2014-02-11

Robust security is highly coveted in real wireless sensor network (WSN) applications since wireless sensors' sense critical data from the application environment. This article presents an efficient and adaptive mutual authentication framework that suits real heterogeneous WSN-based applications (such as smart homes, industrial environments, smart grids, and healthcare monitoring). The proposed framework offers: (i) key initialization; (ii) secure network (cluster) formation (i.e., mutual authentication and dynamic key establishment); (iii) key revocation; and (iv) new node addition into the network. The correctness of the proposed scheme is formally verified. An extensive analysis shows the proposed scheme coupled with message confidentiality, mutual authentication and dynamic session key establishment, node privacy, and message freshness. Moreover, the preliminary study also reveals the proposed framework is secure against popular types of attacks, such as impersonation attacks, man-in-the-middle attacks, replay attacks, and information-leakage attacks. As a result, we believe the proposed framework achieves efficiency at reasonable computation and communication costs and it can be a safeguard to real heterogeneous WSN applications.

Prediction of Sybil attack on WSN using Bayesian network and swarm intelligence

NASA Astrophysics Data System (ADS)

Muraleedharan, Rajani; Ye, Xiang; Osadciw, Lisa Ann

2008-04-01

Security in wireless sensor networks is typically sacrificed or kept minimal due to limited resources such as memory and battery power. Hence, the sensor nodes are prone to Denial-of-service attacks and detecting the threats is crucial in any application. In this paper, the Sybil attack is analyzed and a novel prediction method, combining Bayesian algorithm and Swarm Intelligence (SI) is proposed. Bayesian Networks (BN) is used in representing and reasoning problems, by modeling the elements of uncertainty. The decision from the BN is applied to SI forming an Hybrid Intelligence Scheme (HIS) to re-route the information and disconnecting the malicious nodes in future routes. A performance comparison based on the prediction using HIS vs. Ant System (AS) helps in prioritizing applications where decisions are time-critical.

A New Random Walk for Replica Detection in WSNs.

PubMed

Aalsalem, Mohammed Y; Khan, Wazir Zada; Saad, N M; Hossain, Md Shohrab; Atiquzzaman, Mohammed; Khan, Muhammad Khurram

2016-01-01

Wireless Sensor Networks (WSNs) are vulnerable to Node Replication attacks or Clone attacks. Among all the existing clone detection protocols in WSNs, RAWL shows the most promising results by employing Simple Random Walk (SRW). More recently, RAND outperforms RAWL by incorporating Network Division with SRW. Both RAND and RAWL have used SRW for random selection of witness nodes which is problematic because of frequently revisiting the previously passed nodes that leads to longer delays, high expenditures of energy with lower probability that witness nodes intersect. To circumvent this problem, we propose to employ a new kind of constrained random walk, namely Single Stage Memory Random Walk and present a distributed technique called SSRWND (Single Stage Memory Random Walk with Network Division). In SSRWND, single stage memory random walk is combined with network division aiming to decrease the communication and memory costs while keeping the detection probability higher. Through intensive simulations it is verified that SSRWND guarantees higher witness node security with moderate communication and memory overheads. SSRWND is expedient for security oriented application fields of WSNs like military and medical.

A New Random Walk for Replica Detection in WSNs

PubMed Central

Aalsalem, Mohammed Y.; Saad, N. M.; Hossain, Md. Shohrab; Atiquzzaman, Mohammed; Khan, Muhammad Khurram

2016-01-01

Wireless Sensor Networks (WSNs) are vulnerable to Node Replication attacks or Clone attacks. Among all the existing clone detection protocols in WSNs, RAWL shows the most promising results by employing Simple Random Walk (SRW). More recently, RAND outperforms RAWL by incorporating Network Division with SRW. Both RAND and RAWL have used SRW for random selection of witness nodes which is problematic because of frequently revisiting the previously passed nodes that leads to longer delays, high expenditures of energy with lower probability that witness nodes intersect. To circumvent this problem, we propose to employ a new kind of constrained random walk, namely Single Stage Memory Random Walk and present a distributed technique called SSRWND (Single Stage Memory Random Walk with Network Division). In SSRWND, single stage memory random walk is combined with network division aiming to decrease the communication and memory costs while keeping the detection probability higher. Through intensive simulations it is verified that SSRWND guarantees higher witness node security with moderate communication and memory overheads. SSRWND is expedient for security oriented application fields of WSNs like military and medical. PMID:27409082

Combining Concepts: Operational Shock in Insurgencies

DTIC Science & Technology

2013-05-23

individual insurgent put down his arms and walk away; rather its focus is on attacking the insurgency at the operational level. The past decade of... attacking insurgent networks. This section highlights the characteristics of an insurgent system in a state of shock and discusses methods the...command nodes, and rail networks, denying the enemy the ability to operationally maneuver his forces.4 This rapid maneuver, coupled with attacks

A New Privacy-Preserving Handover Authentication Scheme for Wireless Networks

PubMed Central

Wang, Changji; Yuan, Yuan; Wu, Jiayuan

2017-01-01

Handover authentication is a critical issue in wireless networks, which is being used to ensure mobile nodes wander over multiple access points securely and seamlessly. A variety of handover authentication schemes for wireless networks have been proposed in the literature. Unfortunately, existing handover authentication schemes are vulnerable to a few security attacks, or incur high communication and computation costs. Recently, He et al. proposed a handover authentication scheme PairHand and claimed it can resist various attacks without rigorous security proofs. In this paper, we show that PairHand does not meet forward secrecy and strong anonymity. More seriously, it is vulnerable to key compromise attack, where an adversary can recover the private key of any mobile node. Then, we propose a new efficient and provably secure handover authentication scheme for wireless networks based on elliptic curve cryptography. Compared with existing schemes, our proposed scheme can resist key compromise attack, and achieves forward secrecy and strong anonymity. Moreover, it is more efficient in terms of computation and communication. PMID:28632171

A New Privacy-Preserving Handover Authentication Scheme for Wireless Networks.

PubMed

Wang, Changji; Yuan, Yuan; Wu, Jiayuan

2017-06-20

Handover authentication is a critical issue in wireless networks, which is being used to ensure mobile nodes wander over multiple access points securely and seamlessly. A variety of handover authentication schemes for wireless networks have been proposed in the literature. Unfortunately, existing handover authentication schemes are vulnerable to a few security attacks, or incur high communication and computation costs. Recently, He et al. proposed a handover authentication scheme PairHand and claimed it can resist various attacks without rigorous security proofs. In this paper, we show that PairHand does not meet forward secrecy and strong anonymity. More seriously, it is vulnerable to key compromise attack, where an adversary can recover the private key of any mobile node. Then, we propose a new efficient and provably secure handover authentication scheme for wireless networks based on elliptic curve cryptography. Compared with existing schemes, our proposed scheme can resist key compromise attack, and achieves forward secrecy and strong anonymity. Moreover, it is more efficient in terms of computation and communication.

Bad data packet capture device

DOEpatents

Chen, Dong; Gara, Alan; Heidelberger, Philip; Vranas, Pavlos

2010-04-20

An apparatus and method for capturing data packets for analysis on a network computing system includes a sending node and a receiving node connected by a bi-directional communication link. The sending node sends a data transmission to the receiving node on the bi-directional communication link, and the receiving node receives the data transmission and verifies the data transmission to determine valid data and invalid data and verify retransmissions of invalid data as corresponding valid data. A memory device communicates with the receiving node for storing the invalid data and the corresponding valid data. A computing node communicates with the memory device and receives and performs an analysis of the invalid data and the corresponding valid data received from the memory device.

Critical tipping point distinguishing two types of transitions in modular network structures

NASA Astrophysics Data System (ADS)

Shai, Saray; Kenett, Dror Y.; Kenett, Yoed N.; Faust, Miriam; Dobson, Simon; Havlin, Shlomo

2015-12-01

Modularity is a key organizing principle in real-world large-scale complex networks. The relatively sparse interactions between modules are critical to the functionality of the system and are often the first to fail. We model such failures as site percolation targeting interconnected nodes, those connecting between modules. We find, using percolation theory and simulations, that they lead to a "tipping point" between two distinct regimes. In one regime, removal of interconnected nodes fragments the modules internally and causes the system to collapse. In contrast, in the other regime, while only attacking a small fraction of nodes, the modules remain but become disconnected, breaking the entire system. We show that networks with broader degree distribution might be highly vulnerable to such attacks since only few nodes are needed to interconnect the modules, consequently putting the entire system at high risk. Our model has the potential to shed light on many real-world phenomena, and we briefly consider its implications on recent advances in the understanding of several neurocognitive processes and diseases.

Layered Location-Based Security Mechanism for Mobile Sensor Networks: Moving Security Areas.

PubMed

Wang, Ze; Zhang, Haijuan; Wu, Luqiang; Zhou, Chang

2015-09-25

Network security is one of the most important issues in mobile sensor networks (MSNs). Networks are particularly vulnerable in hostile environments because of many factors, such as uncertain mobility, limitations on computation, and the need for storage in mobile nodes. Though some location-based security mechanisms can resist some malicious attacks, they are only suitable for static networks and may sometimes require large amounts of storage. To solve these problems, using location information, which is one of the most important properties in outdoor wireless networks, a security mechanism called a moving security area (MSA) is proposed to resist malicious attacks by using mobile nodes' dynamic location-based keys. The security mechanism is layered by performing different detection schemes inside or outside the MSA. The location-based private keys will be updated only at the appropriate moments, considering the balance of cost and security performance. By transferring parts of the detection tasks from ordinary nodes to the sink node, the memory requirements are distributed to different entities to save limited energy.

Method and tool for network vulnerability analysis

DOEpatents

Swiler, Laura Painton [Albuquerque, NM; Phillips, Cynthia A [Albuquerque, NM

2006-03-14

A computer system analysis tool and method that will allow for qualitative and quantitative assessment of security attributes and vulnerabilities in systems including computer networks. The invention is based on generation of attack graphs wherein each node represents a possible attack state and each edge represents a change in state caused by a single action taken by an attacker or unwitting assistant. Edges are weighted using metrics such as attacker effort, likelihood of attack success, or time to succeed. Generation of an attack graph is accomplished by matching information about attack requirements (specified in "attack templates") to information about computer system configuration (contained in a configuration file that can be updated to reflect system changes occurring during the course of an attack) and assumed attacker capabilities (reflected in "attacker profiles"). High risk attack paths, which correspond to those considered suited to application of attack countermeasures given limited resources for applying countermeasures, are identified by finding "epsilon optimal paths."

Lifting Scheme DWT Implementation in a Wireless Vision Sensor Network

NASA Astrophysics Data System (ADS)

Ong, Jia Jan; Ang, L.-M.; Seng, K. P.

This paper presents the practical implementation of a Wireless Visual Sensor Network (WVSN) with DWT processing on the visual nodes. WVSN consists of visual nodes that capture video and transmit to the base-station without processing. Limitation of network bandwidth restrains the implementation of real time video streaming from remote visual nodes through wireless communication. Three layers of DWT filters are implemented to process the captured image from the camera. With having all the wavelet coefficients produced, it is possible just to transmit the low frequency band coefficients and obtain an approximate image at the base-station. This will reduce the amount of power required in transmission. When necessary, transmitting all the wavelet coefficients will produce the full detail of image, which is similar to the image captured at the visual nodes. The visual node combines the CMOS camera, Xilinx Spartan-3L FPGA and wireless ZigBee® network that uses the Ember EM250 chip.

Event-triggered distributed filtering over sensor networks with deception attacks and partial measurements

NASA Astrophysics Data System (ADS)

Bu, Xianye; Dong, Hongli; Han, Fei; Li, Gongfa

2018-07-01

This paper is concerned with the distributed filtering problem for a class of time-varying systems subject to deception attacks and event-triggering protocols. Due to the bandwidth limitation, an event-triggered communication strategy is adopted to alleviate the data transmission pressure in the algorithm implementation process. The partial nodes-based filtering problem is considered, where only a partial of nodes can measure the information of the plant. Meanwhile, the measurement information possibly suffers the deception attacks in the transmission process. Sufficient conditions can be established such that the error dynamics satisfies the prescribed average ? performance constraints. The parameters of designed filters can be calculated by solving a series of recursive linear matrix inequalities. A simulation example is presented to demonstrate the effectiveness of the proposed filtering method in this paper.

A study of IEEE 802.15.4 security framework for wireless body area networks.

PubMed

Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

2011-01-01

A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.

A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Networks

PubMed Central

Saleem, Shahnaz; Ullah, Sana; Kwak, Kyung Sup

2011-01-01

A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN. PMID:22319358

PeerShield: determining control and resilience criticality of collaborative cyber assets in networks

NASA Astrophysics Data System (ADS)

Cam, Hasan

2012-06-01

As attackers get more coordinated and advanced in cyber attacks, cyber assets are required to have much more resilience, control effectiveness, and collaboration in networks. Such a requirement makes it essential to take a comprehensive and objective approach for measuring the individual and relative performances of cyber security assets in network nodes. To this end, this paper presents four techniques as to how the relative importance of cyber assets can be measured more comprehensively and objectively by considering together the main variables of risk assessment (e.g., threats, vulnerabilities), multiple attributes (e.g., resilience, control, and influence), network connectivity and controllability among collaborative cyber assets in networks. In the first technique, a Bayesian network is used to include the random variables for control, recovery, and resilience attributes of nodes, in addition to the random variables of threats, vulnerabilities, and risk. The second technique shows how graph matching and coloring can be utilized to form collaborative pairs of nodes to shield together against threats and vulnerabilities. The third technique ranks the security assets of nodes by incorporating multiple weights and thresholds of attributes into a decision-making algorithm. In the fourth technique, the hierarchically well-separated tree is enhanced to first identify critical nodes of a network with respect to their attributes and network connectivity, and then selecting some nodes as driver nodes for network controllability.

Nodes and Codes: The Reality of Cyber Warfare

DTIC Science & Technology

2012-05-17

Nodes and Codes explores the reality of cyber warfare through the story of Stuxnet, a string of weaponized code that reached through a domain...nodes. Stuxnet served as a proof-of-concept for cyber weapons and provided a comparative laboratory to study the reality of cyber warfare from the...military powers most often associated with advanced, offensive cyber attack capabilities. The reality of cyber warfare holds significant operational

Robustness and percolation of holes in complex networks

NASA Astrophysics Data System (ADS)

Zhou, Andu; Maletić, Slobodan; Zhao, Yi

2018-07-01

Efficient robustness and fault tolerance of complex network is significantly influenced by its connectivity, commonly modeled by the structure of pairwise relations between network elements, i.e., nodes. Nevertheless, aggregations of nodes build higher-order structures embedded in complex network, which may be more vulnerable when the fraction of nodes is removed. The structure of higher-order aggregations of nodes can be naturally modeled by simplicial complexes, whereas the removal of nodes affects the values of topological invariants, like the number of higher-dimensional holes quantified with Betti numbers. Following the methodology of percolation theory, as the fraction of nodes is removed, new holes appear, which have the role of merger between already present holes. In the present article, relationship between the robustness and homological properties of complex network is studied, through relating the graph-theoretical signatures of robustness and the quantities derived from topological invariants. The simulation results of random failures and intentional attacks on networks suggest that the changes of graph-theoretical signatures of robustness are followed by differences in the distribution of number of holes per cluster under different attack strategies. In the broader sense, the results indicate the importance of topological invariants research for obtaining further insights in understanding dynamics taking place over complex networks.

Integrated Social and Quality of Service Trust Management of Mobile Groups in Ad Hoc Networks

DTIC Science & Technology

2013-01-01

high resiliency to malicious attacks and misbehaving nodes. Keywords—trust management; mobile ad hoc networks; QoS trust; social trust; trust...paper we address an importance issue of trust management protocol design for MANETs: trust bias minimization despite misbehaving nodes performing

Guaranteeing Spoof-Resilient Multi-Robot Networks

DTIC Science & Technology

2015-05-12

particularly challenging attack on this assumption is the so-called “Sybil attack.” In a Sybil attack a malicious agent can generate (or spoof) a large...cybersecurity in general multi-node networks (e.g. a wired LAN), the same is not true for multi- robot networks [14, 28], leaving them largely vulnerable...key passing or cryptographic authen- tication is difficult to maintain due to the highly dynamic and distributed nature of multi-robot teams where

Modal and Temporal Argumentation Networks

NASA Astrophysics Data System (ADS)

Barringer, Howard; Gabbay, Dov M.

The traditional Dung networks depict arguments as atomic and studies the relationships of attack between them. This can be generalised in two ways. One is to consider, for example, various forms of attack, support and feedback. Another is to add content to nodes and put there not just atomic arguments but more structure, for example, proofs in some logic or simply just formulas from a richer language. This paper offers to use temporal and modal language formulas to represent arguments in the nodes of a network. The suitable semantics for such networks is Kripke semantics. We also introduce a new key concept of usability of an argument.

A graph-based network-vulnerability analysis system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Swiler, L.P.; Phillips, C.; Gaylor, T.

1998-05-03

This paper presents a graph based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example themore » class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level of effort for the attacker, various graph algorithms such as shortest path algorithms can identify the attack paths with the highest probability of success.« less

A graph-based network-vulnerability analysis system

DOE Office of Scientific and Technical Information (OSTI.GOV)

Swiler, L.P.; Phillips, C.; Gaylor, T.

1998-01-01

This report presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the classmore » of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level-of-effort for the attacker, various graph algorithms such as shortest-path algorithms can identify the attack paths with the highest probability of success.« less

Robustness and fragility in coupled oscillator networks under targeted attacks.

PubMed

Yuan, Tianyu; Aihara, Kazuyuki; Tanaka, Gouhei

2017-01-01

The dynamical tolerance of coupled oscillator networks against local failures is studied. As the fraction of failed oscillator nodes gradually increases, the mean oscillation amplitude in the entire network decreases and then suddenly vanishes at a critical fraction as a phase transition. This critical fraction, widely used as a measure of the network robustness, was analytically derived for random failures but not for targeted attacks so far. Here we derive the general formula for the critical fraction, which can be applied to both random failures and targeted attacks. We consider the effects of targeting oscillator nodes based on their degrees. First we deal with coupled identical oscillators with homogeneous edge weights. Then our theory is applied to networks with heterogeneous edge weights and to those with nonidentical oscillators. The analytical results are validated by numerical experiments. Our results reveal the key factors governing the robustness and fragility of oscillator networks.

Information security threats and an easy-to-implement attack detection framework for wireless sensor network-based smart grid applications

NASA Astrophysics Data System (ADS)

Tuna, G.; Örenbaş, H.; Daş, R.; Kogias, D.; Baykara, M.; K, K.

2016-03-01

Wireless Sensor Networks (WSNs) when combined with various energy harvesting solutions managing to prolong the overall lifetime of the system and enhanced capabilities of the communication protocols used by modern sensor nodes are efficiently used in are efficiently used in Smart Grid (SG), an evolutionary system for the modernization of existing power grids. However, wireless communication technology brings various types of security threats. In this study, firstly the use of WSNs for SG applications is presented. Second, the security related issues and challenges as well as the security threats are presented. In addition, proposed security mechanisms for WSN-based SG applications are discussed. Finally, an easy- to-implement and simple attack detection framework to prevent attacks directed to sink and gateway nodes with web interfaces is proposed and its efficiency is proved using a case study.

Defence against Black Hole and Selective Forwarding Attacks for Medical WSNs in the IoT †

PubMed Central

Mathur, Avijit; Newe, Thomas; Rao, Muzaffar

2016-01-01

Wireless sensor networks (WSNs) are being used to facilitate monitoring of patients in hospital and home environments. These systems consist of a variety of different components/sensors and many processes like clustering, routing, security, and self-organization. Routing is necessary for medical-based WSNs because it allows remote data delivery and it facilitates network scalability in large hospitals. However, routing entails several problems, mainly due to the open nature of wireless networks, and these need to be addressed. This paper looks at two of the problems that arise due to wireless routing between the nodes and access points of a medical WSN (for IoT use): black hole and selective forwarding (SF) attacks. A solution to the former can readily be provided through the use of cryptographic hashes, while the latter makes use of a neighbourhood watch and threshold-based analysis to detect and correct SF attacks. The scheme proposed here is capable of detecting a selective forwarding attack with over 96% accuracy and successfully identifying the malicious node with 83% accuracy. PMID:26797620

Defence against Black Hole and Selective Forwarding Attacks for Medical WSNs in the IoT.

PubMed

Mathur, Avijit; Newe, Thomas; Rao, Muzaffar

2016-01-19

Wireless sensor networks (WSNs) are being used to facilitate monitoring of patients in hospital and home environments. These systems consist of a variety of different components/sensors and many processes like clustering, routing, security, and self-organization. Routing is necessary for medical-based WSNs because it allows remote data delivery and it facilitates network scalability in large hospitals. However, routing entails several problems, mainly due to the open nature of wireless networks, and these need to be addressed. This paper looks at two of the problems that arise due to wireless routing between the nodes and access points of a medical WSN (for IoT use): black hole and selective forwarding (SF) attacks. A solution to the former can readily be provided through the use of cryptographic hashes, while the latter makes use of a neighbourhood watch and threshold-based analysis to detect and correct SF attacks. The scheme proposed here is capable of detecting a selective forwarding attack with over 96% accuracy and successfully identifying the malicious node with 83% accuracy.

Cyber situational awareness and differential hardening

NASA Astrophysics Data System (ADS)

Dwivedi, Anurag; Tebben, Dan

2012-06-01

The advent of cyber threats has created a need for a new network planning, design, architecture, operations, control, situational awareness, management, and maintenance paradigms. Primary considerations include the ability to assess cyber attack resiliency of the network, and rapidly detect, isolate, and operate during deliberate simultaneous attacks against the network nodes and links. Legacy network planning relied on automatic protection of a network in the event of a single fault or a very few simultaneous faults in mesh networks, but in the future it must be augmented to include improved network resiliency and vulnerability awareness to cyber attacks. Ability to design a resilient network requires the development of methods to define, and quantify the network resiliency to attacks, and to be able to develop new optimization strategies for maintaining operations in the midst of these newly emerging cyber threats. Ways to quantify resiliency, and its use in visualizing cyber vulnerability awareness and in identifying node or link criticality, are presented in the current work, as well as a methodology of differential network hardening based on the criticality profile of cyber network components.

A Distributed Compressive Sensing Scheme for Event Capture in Wireless Visual Sensor Networks

NASA Astrophysics Data System (ADS)

Hou, Meng; Xu, Sen; Wu, Weiling; Lin, Fei

2018-01-01

Image signals which acquired by wireless visual sensor network can be used for specific event capture. This event capture is realized by image processing at the sink node. A distributed compressive sensing scheme is used for the transmission of these image signals from the camera nodes to the sink node. A measurement and joint reconstruction algorithm for these image signals are proposed in this paper. Make advantage of spatial correlation between images within a sensing area, the cluster head node which as the image decoder can accurately co-reconstruct these image signals. The subjective visual quality and the reconstruction error rate are used for the evaluation of reconstructed image quality. Simulation results show that the joint reconstruction algorithm achieves higher image quality at the same image compressive rate than the independent reconstruction algorithm.

Approach to Privacy-Preserve Data in Two-Tiered Wireless Sensor Network Based on Linear System and Histogram

NASA Astrophysics Data System (ADS)

Dang, Van H.; Wohlgemuth, Sven; Yoshiura, Hiroshi; Nguyen, Thuc D.; Echizen, Isao

Wireless sensor network (WSN) has been one of key technologies for the future with broad applications from the military to everyday life [1,2,3,4,5]. There are two kinds of WSN model models with sensors for sensing data and a sink for receiving and processing queries from users; and models with special additional nodes capable of storing large amounts of data from sensors and processing queries from the sink. Among the latter type, a two-tiered model [6,7] has been widely adopted because of its storage and energy saving benefits for weak sensors, as proved by the advent of commercial storage node products such as Stargate [8] and RISE. However, by concentrating storage in certain nodes, this model becomes more vulnerable to attack. Our novel technique, called zip-histogram, contributes to solving the problems of previous studies [6,7] by protecting the stored data's confidentiality and integrity (including data from the sensor and queries from the sink) against attackers who might target storage nodes in two-tiered WSNs.

Brief Announcement: Induced Churn to Face Adversarial Behavior in Peer-to-Peer Systems

NASA Astrophysics Data System (ADS)

Anceaume, Emmanuelle; Brasileiro, Francisco; Ludinard, Romaric; Sericola, Bruno; Tronel, Frederic

Awerbuch and Scheideler [2] have shown that peer-to-peer overlays networks can only survive Byzantine attacks if malicious nodes are not able to predict what will be the topology of the network for a given sequence of join and leave operations. A prerequisite for this condition to hold is to guarantee that nodes identifiers randomness is continuously preserved. However targeted join/leave attacks may quickly endanger the relevance of such an assumption. Inducing churn has been shown to be the other fundamental ingredient to preserve randomness. Several strategies based on these principles have been proposed. Most of them are based on locally induced churn. However either they have been proven incorrect or they involve a too high level of complexity to be practically acceptable [2]. The other ones, based on globally induced churn, enforce limited lifetime for each node in the system. However, these solutions keep the system in an unnecessary hyper-activity, and thus need to impose strict restrictions on nodes joining rate which clearly limit their applicability to open systems.

Network Security Risk Assessment System Based on Attack Graph and Markov Chain

NASA Astrophysics Data System (ADS)

Sun, Fuxiong; Pi, Juntao; Lv, Jin; Cao, Tian

2017-10-01

Network security risk assessment technology can be found in advance of the network problems and related vulnerabilities, it has become an important means to solve the problem of network security. Based on attack graph and Markov chain, this paper provides a Network Security Risk Assessment Model (NSRAM). Based on the network infiltration tests, NSRAM generates the attack graph by the breadth traversal algorithm. Combines with the international standard CVSS, the attack probability of atomic nodes are counted, and then the attack transition probabilities of ones are calculated by Markov chain. NSRAM selects the optimal attack path after comprehensive measurement to assessment network security risk. The simulation results show that NSRAM can reflect the actual situation of network security objectively.

A Wild Weasel Penetration Model.

DTIC Science & Technology

1982-03-01

event 13, and node WM. Global variable XX(48) counts the WWs as they reach the home point. The network logic for WWI and WW2 is identical. Each WW...the same no matter if the aircraft is WWI or WW2 . Radar-Attack Profile In the radar-attack po. tion of the network threat radars engage both attack...Systems Dispersion on LOC XX(52) *State Variable--see text. * 94 variable. (The entry positions of WW1 and WW2 are changed with state variables SS(25) and

In-network Coding for Resilient Sensor Data Storage and Efficient Data Mule Collection

NASA Astrophysics Data System (ADS)

Albano, Michele; Gao, Jie

In a sensor network of n nodes in which k of them have sensed interesting data, we perform in-network erasure coding such that each node stores a linear combination of all the network data with random coefficients. This scheme greatly improves data resilience to node failures: as long as there are k nodes that survive an attack, all the data produced in the sensor network can be recovered with high probability. The in-network coding storage scheme also improves data collection rate by mobile mules and allows for easy scheduling of data mules.

Towards a Multiscale Approach to Cybersecurity Modeling

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hogan, Emilie A.; Hui, Peter SY; Choudhury, Sutanay

2013-11-12

We propose a multiscale approach to modeling cyber networks, with the goal of capturing a view of the network and overall situational awareness with respect to a few key properties--- connectivity, distance, and centrality--- for a system under an active attack. We focus on theoretical and algorithmic foundations of multiscale graphs, coming from an algorithmic perspective, with the goal of modeling cyber system defense as a specific use case scenario. We first define a notion of \\emph{multiscale} graphs, in contrast with their well-studied single-scale counterparts. We develop multiscale analogs of paths and distance metrics. As a simple, motivating example ofmore » a common metric, we present a multiscale analog of the all-pairs shortest-path problem, along with a multiscale analog of a well-known algorithm which solves it. From a cyber defense perspective, this metric might be used to model the distance from an attacker's position in the network to a sensitive machine. In addition, we investigate probabilistic models of connectivity. These models exploit the hierarchy to quantify the likelihood that sensitive targets might be reachable from compromised nodes. We believe that our novel multiscale approach to modeling cyber-physical systems will advance several aspects of cyber defense, specifically allowing for a more efficient and agile approach to defending these systems.« less

Distributed denial of service (DDoS) attack in cloud- assisted wireless body area networks: a systematic literature review.

PubMed

Latif, Rabia; Abbas, Haider; Assar, Saïd

2014-11-01

Wireless Body Area Networks (WBANs) have emerged as a promising technology that has shown enormous potential in improving the quality of healthcare, and has thus found a broad range of medical applications from ubiquitous health monitoring to emergency medical response systems. The huge amount of highly sensitive data collected and generated by WBAN nodes requires an ascendable and secure storage and processing infrastructure. Given the limited resources of WBAN nodes for storage and processing, the integration of WBANs and cloud computing may provide a powerful solution. However, despite the benefits of cloud-assisted WBAN, several security issues and challenges remain. Among these, data availability is the most nagging security issue. The most serious threat to data availability is a distributed denial of service (DDoS) attack that directly affects the all-time availability of a patient's data. The existing solutions for standalone WBANs and sensor networks are not applicable in the cloud. The purpose of this review paper is to identify the most threatening types of DDoS attacks affecting the availability of a cloud-assisted WBAN and review the state-of-the-art detection mechanisms for the identified DDoS attacks.

T2AR: trust-aware ad-hoc routing protocol for MANET.

PubMed

Dhananjayan, Gayathri; Subbiah, Janakiraman

2016-01-01

Secure data transfer against the malicious attacks is an important issue in an infrastructure-less independent network called mobile ad-hoc network (MANET). Trust assurance between MANET nodes is the key parameter in the high-security provision under dynamic topology variations and open wireless constraints. But, the malicious behavior of nodes reduces the trust level of the nodes that leads to an insecure data delivery. The increase in malicious attacks causes the excessive energy consumption that leads to a reduction of network lifetime. The lack of positional information update of the nodes in ad-hoc on-demand vector (AODV) protocol during the connection establishment offers less trust level between the nodes. Hence, the trust rate computation using energy and mobility models and its update are the essential tasks for secure data delivery. This paper proposes a trust-aware ad-hoc routing (T2AR) protocol to improve the trust level between the nodes in MANET. The proposed method modifies the traditional AODV routing protocol with the constraints of trust rate, energy, mobility based malicious behavior prediction. The packet sequence ID matching from the log reports of neighbor nodes determine the trust rate that avoids the malicious report generation. Besides, the direct and indirect trust observation schemes utilization increases the trust level. Besides, the received signal strength indicator utilization determines the trusted node is within the communication range or not. The comparative analysis between the proposed T2AR with the existing methods such as TRUNCMAN, RBT, GR, FBR and DICOTIDS regarding the average end-to-end delay, throughput, false positives, packet delivery ratio shows the effectiveness of T2AR in the secure MANET environment design.

Optimization of robustness of interdependent network controllability by redundant design

PubMed Central

2018-01-01

Controllability of complex networks has been a hot topic in recent years. Real networks regarded as interdependent networks are always coupled together by multiple networks. The cascading process of interdependent networks including interdependent failure and overload failure will destroy the robustness of controllability for the whole network. Therefore, the optimization of the robustness of interdependent network controllability is of great importance in the research area of complex networks. In this paper, based on the model of interdependent networks constructed first, we determine the cascading process under different proportions of node attacks. Then, the structural controllability of interdependent networks is measured by the minimum driver nodes. Furthermore, we propose a parameter which can be obtained by the structure and minimum driver set of interdependent networks under different proportions of node attacks and analyze the robustness for interdependent network controllability. Finally, we optimize the robustness of interdependent network controllability by redundant design including node backup and redundancy edge backup and improve the redundant design by proposing different strategies according to their cost. Comparative strategies of redundant design are conducted to find the best strategy. Results shows that node backup and redundancy edge backup can indeed decrease those nodes suffering from failure and improve the robustness of controllability. Considering the cost of redundant design, we should choose BBS (betweenness-based strategy) or DBS (degree based strategy) for node backup and HDF(high degree first) for redundancy edge backup. Above all, our proposed strategies are feasible and effective at improving the robustness of interdependent network controllability. PMID:29438426

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

PubMed

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-11

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment

NASA Technical Reports Server (NTRS)

Kebert, Alan; Barnejee, Bikramjit; Solano, Juan; Solano, Wanda

2013-01-01

The cloud computing environment offers malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

Kashmir -- Key to Stability

DTIC Science & Technology

1966-04-08

Infantry Brigade attacked in the south from Banner and captured the border town of Gadra . This move was diversionary, aimed at neutralizing Pakistani...indicates that Pakistan was intent on limiting conflict to Kashmir. Subsequent actions in the vicinity oi Lahore, Sialkot and Gadra , though large-scale...offensives into Pakistan--capture of the city of Gadra and the attack at Sialkot.) 49. Lukas, J. Anthony. "Air Battle Rages Again In Kashmir: U.S

A Secure Scheme for Distributed Consensus Estimation against Data Falsification in Heterogeneous Wireless Sensor Networks.

PubMed

Mi, Shichao; Han, Hui; Chen, Cailian; Yan, Jian; Guan, Xinping

2016-02-19

Heterogeneous wireless sensor networks (HWSNs) can achieve more tasks and prolong the network lifetime. However, they are vulnerable to attacks from the environment or malicious nodes. This paper is concerned with the issues of a consensus secure scheme in HWSNs consisting of two types of sensor nodes. Sensor nodes (SNs) have more computation power, while relay nodes (RNs) with low power can only transmit information for sensor nodes. To address the security issues of distributed estimation in HWSNs, we apply the heterogeneity of responsibilities between the two types of sensors and then propose a parameter adjusted-based consensus scheme (PACS) to mitigate the effect of the malicious node. Finally, the convergence property is proven to be guaranteed, and the simulation results validate the effectiveness and efficiency of PACS.

Influence of Different Coupling Modes on the Robustness of Smart Grid under Targeted Attack.

PubMed

Kang, WenJie; Hu, Gang; Zhu, PeiDong; Liu, Qiang; Hang, Zhi; Liu, Xin

2018-05-24

Many previous works only focused on the cascading failure of global coupling of one-to-one structures in interdependent networks, but the local coupling of dual coupling structures has rarely been studied due to its complex structure. This will result in a serious consequence that many conclusions of the one-to-one structure may be incorrect in the dual coupling network and do not apply to the smart grid. Therefore, it is very necessary to subdivide the dual coupling link into a top-down coupling link and a bottom-up coupling link in order to study their influence on network robustness by combining with different coupling modes. Additionally, the power flow of the power grid can cause the load of a failed node to be allocated to its neighboring nodes and trigger a new round of load distribution when the load of these nodes exceeds their capacity. This means that the robustness of smart grids may be affected by four factors, i.e., load redistribution, local coupling, dual coupling link and coupling mode; however, the research on the influence of those factors on the network robustness is missing. In this paper, firstly, we construct the smart grid as a two-layer network with a dual coupling link and divide the power grid and communication network into many subnets based on the geographical location of their nodes. Secondly, we define node importance ( N I ) as an evaluation index to access the impact of nodes on the cyber or physical network and propose three types of coupling modes based on N I of nodes in the cyber and physical subnets, i.e., Assortative Coupling in Subnets (ACIS), Disassortative Coupling in Subnets (DCIS), and Random Coupling in Subnets (RCIS). Thirdly, a cascading failure model is proposed for studying the effect of local coupling of dual coupling link in combination with ACIS, DCIS, and RCIS on the robustness of the smart grid against a targeted attack, and the survival rate of functional nodes is used to assess the robustness of the smart grid. Finally, we use the IEEE 118-Bus System and the Italian High-Voltage Electrical Transmission Network to verify our model and obtain the same conclusions: (I) DCIS applied to the top-down coupling link is better able to enhance the robustness of the smart grid against a targeted attack than RCIS or ACIS, (II) ACIS applied to a bottom-up coupling link is better able to enhance the robustness of the smart grid against a targeted attack than RCIS or DCIS, and (III) the robustness of the smart grid can be improved by increasing the tolerance α . This paper provides some guidelines for slowing down the speed of the cascading failures in the design of architecture and optimization of interdependent networks, such as a top-down link with DCIS, a bottom-up link with ACIS, and an increased tolerance α .

What's Next in Complex Networks? Capturing the Concept of Attacking Play in Invasive Team Sports.

PubMed

Ramos, João; Lopes, Rui J; Araújo, Duarte

2018-01-01

The evolution of performance analysis within sports sciences is tied to technology development and practitioner demands. However, how individual and collective patterns self-organize and interact in invasive team sports remains elusive. Social network analysis has been recently proposed to resolve some aspects of this problem, and has proven successful in capturing collective features resulting from the interactions between team members as well as a powerful communication tool. Despite these advances, some fundamental team sports concepts such as an attacking play have not been properly captured by the more common applications of social network analysis to team sports performance. In this article, we propose a novel approach to team sports performance centered on sport concepts, namely that of an attacking play. Network theory and tools including temporal and bipartite or multilayered networks were used to capture this concept. We put forward eight questions directly related to team performance to discuss how common pitfalls in the use of network tools for capturing sports concepts can be avoided. Some answers are advanced in an attempt to be more precise in the description of team dynamics and to uncover other metrics directly applied to sport concepts, such as the structure and dynamics of attacking plays. Finally, we propose that, at this stage of knowledge, it may be advantageous to build up from fundamental sport concepts toward complex network theory and tools, and not the other way around.

Defending networks against denial-of-service attacks

NASA Astrophysics Data System (ADS)

Gelenbe, Erol; Gellman, Michael; Loukas, George

2004-11-01

Denial of service attacks, viruses and worms are common tools for malicious adversarial behavior in networks. Experience shows that over the last few years several of these techniques have probably been used by governments to impair the Internet communications of various entities, and we can expect that these and other information warfare tools will be used increasingly as part of hostile behavior either independently, or in conjunction with other forms of attack in conventional or asymmetric warfare, as well as in other forms of malicious behavior. In this paper we concentrate on Distributed Denial of Service Attacks (DDoS) where one or more attackers generate flooding traffic and direct it from multiple sources towards a set of selected nodes or IP addresses in the Internet. We first briefly survey the literature on the subject, and discuss some examples of DDoS incidents. We then present a technique that can be used for DDoS protection based on creating islands of protection around a critical information infrastructure. This technique, that we call the CPN-DoS-DT (Cognitive Packet Networks DoS Defence Technique), creates a self-monitoring sub-network surrounding each critical infrastructure node. CPN-DoS-DT is triggered by a DDoS detection scheme, and generates control traffic from the objects of the DDoS attack to the islands of protection where DDOS packet flows are destroyed before they reach the critical infrastructure. We use mathematical modelling, simulation and experiments on our test-bed to show the positive and negative outcomes that may result from both the attack, and the CPN-DoS-DT protection mechanism, due to imperfect detection and false alarms.

Prey capture by the crab spider Misumena calycina (Araneae: Thomisidae).

PubMed

Morse, Douglass H

1979-01-01

Crab spiders Misumena calycina (L.) in pasture rose Rosa carolina flowers regularly attacked bumble bees, smaller bees, and syrphid flies that visited these flowers. Attacks reached a maximum rate of over 20/h during mid morning, but only 1.6% of the most important prey item, bumble bees, were captured. The next most important food source, the most frequently taken item, syrphid flies Toxomerus marginatus (Say), were captured in 39% of the attempts. Since these flies have a biomass only 1/60th that of bumble bees, they comprised a much less important food source than did bumble bees. Spiders would obtain over 7% more food by specializing on bumble bees than by attacking all insect visitors, and as much as 20% more food at certain times of the day. However, they did not show a tendency to specialize at any time.

Unsupervised algorithms for intrusion detection and identification in wireless ad hoc sensor networks

NASA Astrophysics Data System (ADS)

Hortos, William S.

2009-05-01

In previous work by the author, parameters across network protocol layers were selected as features in supervised algorithms that detect and identify certain intrusion attacks on wireless ad hoc sensor networks (WSNs) carrying multisensor data. The algorithms improved the residual performance of the intrusion prevention measures provided by any dynamic key-management schemes and trust models implemented among network nodes. The approach of this paper does not train algorithms on the signature of known attack traffic, but, instead, the approach is based on unsupervised anomaly detection techniques that learn the signature of normal network traffic. Unsupervised learning does not require the data to be labeled or to be purely of one type, i.e., normal or attack traffic. The approach can be augmented to add any security attributes and quantified trust levels, established during data exchanges among nodes, to the set of cross-layer features from the WSN protocols. A two-stage framework is introduced for the security algorithms to overcome the problems of input size and resource constraints. The first stage is an unsupervised clustering algorithm which reduces the payload of network data packets to a tractable size. The second stage is a traditional anomaly detection algorithm based on a variation of support vector machines (SVMs), whose efficiency is improved by the availability of data in the packet payload. In the first stage, selected algorithms are adapted to WSN platforms to meet system requirements for simple parallel distributed computation, distributed storage and data robustness. A set of mobile software agents, acting like an ant colony in securing the WSN, are distributed at the nodes to implement the algorithms. The agents move among the layers involved in the network response to the intrusions at each active node and trustworthy neighborhood, collecting parametric values and executing assigned decision tasks. This minimizes the need to move large amounts of audit-log data through resource-limited nodes and locates routines closer to that data. Performance of the unsupervised algorithms is evaluated against the network intrusions of black hole, flooding, Sybil and other denial-of-service attacks in simulations of published scenarios. Results for scenarios with intentionally malfunctioning sensors show the robustness of the two-stage approach to intrusion anomalies.

A graph-based system for network-vulnerability analysis

DOE Office of Scientific and Technical Information (OSTI.GOV)

Swiler, L.P.; Phillips, C.

1998-06-01

This paper presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The graph-based tool can identify the set of attack paths that have a high probability of success (or a low effort cost) for the attacker. The system could be used to test the effectiveness of making configuration changes, implementing an intrusion detection system, etc. The analysis system requires as input a database of common attacks,more » broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level-of-effort for the attacker, various graph algorithms such as shortest-path algorithms can identify the attack paths with the highest probability of success.« less

Tabu Search enhances network robustness under targeted attacks

NASA Astrophysics Data System (ADS)

Sun, Shi-wen; Ma, Yi-lin; Li, Rui-qi; Wang, Li; Xia, Cheng-yi

2016-03-01

We focus on the optimization of network robustness with respect to intentional attacks on high-degree nodes. Given an existing network, this problem can be considered as a typical single-objective combinatorial optimization problem. Based on the heuristic Tabu Search optimization algorithm, a link-rewiring method is applied to reconstruct the network while keeping the degree of every node unchanged. Through numerical simulations, BA scale-free network and two real-world networks are investigated to verify the effectiveness of the proposed optimization method. Meanwhile, we analyze how the optimization affects other topological properties of the networks, including natural connectivity, clustering coefficient and degree-degree correlation. The current results can help to improve the robustness of existing complex real-world systems, as well as to provide some insights into the design of robust networks.

Assembly Mechanism of the Contractile Ring for Cytokinesis by Fission Yeast

NASA Astrophysics Data System (ADS)

Vavylonis, Dimitrios; Wu, Jian-Qiu; Huang, Xiaolei; O'Shaughnessy, Ben; Pollard, Thomas

2008-03-01

Animals and fungi assemble a contractile ring of actin filaments and the motor protein myosin to separate into individual daughter cells during cytokinesis. We studied the mechanism of contractile ring assembly in fission yeast with high time resolution confocal microscopy, computational image analysis methods, and numerical simulations. Approximately 63 nodes containing myosin, broadly distributed around the cell equator, assembled into a ring through stochastic motions, making many starts, stops, and changes of direction as they condense into a ring. Estimates of node friction coefficients from the mean square displacement of stationary nodes imply forces for node movement are greater than ˜ 4 pN, similarly to forces by a few molecular motors. Skeletonization and topology analysis of images of cells expressing fluorescent actin filament markers showed transient linear elements extending in all directions from myosin nodes and establishing connections among them. We propose a model with traction between nodes depending on transient connections established by stochastic search and capture (``search, capture, pull and release''). Numerical simulations of the model using parameter values obtained from experiment succesfully condense nodes into a continuous ring.

Multiple-predators-based capture process on complex networks

NASA Astrophysics Data System (ADS)

Ramiz Sharafat, Rajput; Pu, Cunlai; Li, Jie; Chen, Rongbin; Xu, Zhongqi

2017-03-01

The predator/prey (capture) problem is a prototype of many network-related applications. We study the capture process on complex networks by considering multiple predators from multiple sources. In our model, some lions start from multiple sources simultaneously to capture the lamb by biased random walks, which are controlled with a free parameter $\\alpha$. We derive the distribution of the lamb's lifetime and the expected lifetime $\\left\\langle T\\right\\rangle $. Through simulation, we find that the expected lifetime drops substantially with the increasing number of lions. We also study how the underlying topological structure affects the capture process, and obtain that locating on small-degree nodes is better than large-degree nodes to prolong the lifetime of the lamb. Moreover, dense or homogeneous network structures are against the survival of the lamb.

A Hop-Count Analysis Scheme for Avoiding Wormhole Attacks in MANET

PubMed Central

Jen, Shang-Ming; Laih, Chi-Sung; Kuo, Wen-Chung

2009-01-01

MANET, due to the nature of wireless transmission, has more security issues compared to wired environments. A specific type of attack, the Wormhole attack does not require exploiting any nodes in the network and can interfere with the route establishment process. Instead of detecting wormholes from the role of administrators as in previous methods, we implement a new protocol, MHA, using a hop-count analysis from the viewpoint of users without any special environment assumptions. We also discuss previous works which require the role of administrator and their reliance on impractical assumptions, thus showing the advantages of MHA. PMID:22408566

Enabling Secure High-Performance Wireless Ad Hoc Networking

DTIC Science & Technology

2003-05-29

destinations, consuming energy and available bandwidth. An attacker may similarly create a routing black hole, in which all packets are dropped: by sending...of the vertex cut, for example by forwarding only routing packets and not data packets, such that the nodes waste energy forwarding packets to the...with limited resources, including network bandwidth and the CPU processing capacity, memory, and battery power ( energy ) of each individual node in the

A Smart Collaborative Routing Protocol for Reliable Data Diffusion in IoT Scenarios.

PubMed

Ai, Zheng-Yang; Zhou, Yu-Tong; Song, Fei

2018-06-13

It is knotty for current routing protocols to meet the needs of reliable data diffusion during the Internet of Things (IoT) deployments. Due to the random placement, limited resources and unattended features of existing sensor nodes, the wireless transmissions are easily exposed to unauthorized users, which becomes a vulnerable area for various malicious attacks, such as wormhole and Sybil attacks. However, the scheme based on geographic location is a suitable candidate to defend against them. This paper is inspired to propose a smart collaborative routing protocol, Geographic energy aware routing and Inspecting Node (GIN), for guaranteeing the reliability of data exchanging. The proposed protocol integrates the directed diffusion routing, Greedy Perimeter Stateless Routing (GPSR), and the inspecting node mechanism. We first discuss current wireless routing protocols from three diverse perspectives (improving transmission rate, shortening transmission range and reducing transmission consumption). Then, the details of GIN, including the model establishment and implementation processes, are presented by means of the theoretical analysis. Through leveraging the game theory, the inspecting node is elected to monitor the network behaviors. Thirdly, we evaluate the network performances, in terms of transmission delay, packet loss ratio, and throughput, between GIN and three traditional schemes (i.e., Flooding, GPSR, and GEAR). The simulation results illustrate that the proposed protocol is able to outperform the others.

A Protocol Layer Trust-Based Intrusion Detection Scheme for Wireless Sensor Networks

PubMed Central

Wang, Jian; Jiang, Shuai; Fapojuwo, Abraham O.

2017-01-01

This article proposes a protocol layer trust-based intrusion detection scheme for wireless sensor networks. Unlike existing work, the trust value of a sensor node is evaluated according to the deviations of key parameters at each protocol layer considering the attacks initiated at different protocol layers will inevitably have impacts on the parameters of the corresponding protocol layers. For simplicity, the paper mainly considers three aspects of trustworthiness, namely physical layer trust, media access control layer trust and network layer trust. The per-layer trust metrics are then combined to determine the overall trust metric of a sensor node. The performance of the proposed intrusion detection mechanism is then analyzed using the t-distribution to derive analytical results of false positive and false negative probabilities. Numerical analytical results, validated by simulation results, are presented in different attack scenarios. It is shown that the proposed protocol layer trust-based intrusion detection scheme outperforms a state-of-the-art scheme in terms of detection probability and false probability, demonstrating its usefulness for detecting cross-layer attacks. PMID:28555023

A Protocol Layer Trust-Based Intrusion Detection Scheme for Wireless Sensor Networks.

PubMed

Wang, Jian; Jiang, Shuai; Fapojuwo, Abraham O

2017-05-27

This article proposes a protocol layer trust-based intrusion detection scheme for wireless sensor networks. Unlike existing work, the trust value of a sensor node is evaluated according to the deviations of key parameters at each protocol layer considering the attacks initiated at different protocol layers will inevitably have impacts on the parameters of the corresponding protocol layers. For simplicity, the paper mainly considers three aspects of trustworthiness, namely physical layer trust, media access control layer trust and network layer trust. The per-layer trust metrics are then combined to determine the overall trust metric of a sensor node. The performance of the proposed intrusion detection mechanism is then analyzed using the t-distribution to derive analytical results of false positive and false negative probabilities. Numerical analytical results, validated by simulation results, are presented in different attack scenarios. It is shown that the proposed protocol layer trust-based intrusion detection scheme outperforms a state-of-the-art scheme in terms of detection probability and false probability, demonstrating its usefulness for detecting cross-layer attacks.

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks

PubMed Central

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-01-01

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al’s method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration. PMID:28335572

Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

PubMed

Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

2017-03-21

At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

Micro air vehicle motion tracking and aerodynamic modeling

NASA Astrophysics Data System (ADS)

Uhlig, Daniel V.

Aerodynamic performance of small-scale fixed-wing flight is not well understood, and flight data are needed to gain a better understanding of the aerodynamics of micro air vehicles (MAVs) flying at Reynolds numbers between 10,000 and 30,000. Experimental studies have shown the aerodynamic effects of low Reynolds number flow on wings and airfoils, but the amount of work that has been conducted is not extensive and mostly limited to tests in wind and water tunnels. In addition to wind and water tunnel testing, flight characteristics of aircraft can be gathered through flight testing. The small size and low weight of MAVs prevent the use of conventional on-board instrumentation systems, but motion tracking systems that use off-board triangulation can capture flight trajectories (position and attitude) of MAVs with minimal onboard instrumentation. Because captured motion trajectories include minute noise that depends on the aircraft size, the trajectory results were verified in this work using repeatability tests. From the captured glide trajectories, the aerodynamic characteristics of five unpowered aircraft were determined. Test results for the five MAVs showed the forces and moments acting on the aircraft throughout the test flights. In addition, the airspeed, angle of attack, and sideslip angle were also determined from the trajectories. Results for low angles of attack (less than approximately 20 deg) showed the lift, drag, and moment coefficients during nominal gliding flight. For the lift curve, the results showed a linear curve until stall that was generally less than finite wing predictions. The drag curve was well described by a polar. The moment coefficients during the gliding flights were used to determine longitudinal and lateral stability derivatives. The neutral point, weather-vane stability and the dihedral effect showed some variation with different trim speeds (different angles of attack). In the gliding flights, the aerodynamic characteristics exhibited quasi-steady effects caused by small variations in the angle of attack. The quasi-steady effects, or small unsteady effects, caused variations in the aerodynamic characteristics (particularly incrementing the lift curve), and the magnitude of the influence depended on the angle-of-attack rate. In addition to nominal gliding flight, MAVs in general are capable of flying over a wide flight envelope including agile maneuvers such as perching, hovering, deep stall and maneuvering in confined spaces. From the captured motion trajectories, the aerodynamic characteristics during the numerous unsteady flights were gathered without the complexity required for unsteady wind tunnel tests. Experimental results for the MAVs show large flight envelopes that included high angles of attack (on the order of 90 deg) and high angular rates, and the aerodynamic coefficients had dynamic stall hysteresis loops and large values. From the large number of unsteady high angle-of-attack flights, an aerodynamic modeling method was developed and refined for unsteady MAV flight at high angles of attack. The method was based on a separation parameter that depended on the time history of the angle of attack and angle-of-attack rate. The separation parameter accounted for the time lag inherit in the longitudinal characteristics during dynamic maneuvers. The method was applied to three MAVs and showed general agreement with unsteady experimental results and with nominal gliding flight results. The flight tests with the MAVs indicate that modern motion tracking systems are capable of capturing the flight trajectories, and the captured trajectories can be used to determine the aerodynamic characteristics. From the captured trajectories, low Reynolds number MAV flight is explored in both nominal gliding flight and unsteady high angle-of-attack flight. Building on the experimental results, a modeling method for the longitudinal characteristics is developed that is applicable to the full flight envelope.

Heterogeneous information sharing of sensor information in contested environments

NASA Astrophysics Data System (ADS)

Wampler, Jason A.; Hsieh, Chien; Toth, Andrew; Sheatsley, Ryan

2017-05-01

The inherent nature of unattended sensors makes these devices most vulnerable to detection, exploitation, and denial in contested environments. Physical access is often cited as the easiest way to compromise any device or network. A new mechanism for mitigating these types of attacks developed under the Assistant Secretary of Defense for Research and Engineering, ASD(R and E) project, "Smoke Screen in Cyberspace", was demonstrated in a live, over-the-air experiment. Smoke Screen encrypts, slices up, and disburses redundant fragments of files throughout the network. Recovery is only possible after recovering all fragments and attacking/denying one or more nodes does not limit the availability of other fragment copies in the network. This experiment proved the feasibility of redundant file fragmentation, and is the foundation for developing sophisticated methods to blacklist compromised nodes, move data fragments from risks of compromise, and forward stored data fragments closer to the anticipated retrieval point. This paper outlines initial results in scalability of node members, fragment size, file size, and performance in a heterogeneous network consisting of the Wireless Network after Next (WNaN) radio and Common Sensor Radio (CSR).

An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

PubMed Central

Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

2018-01-01

Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

Assessing transfer property and reliability of urban bus network based on complex network theory

NASA Astrophysics Data System (ADS)

Zhang, Hui; Zhuge, Cheng-Xiang; Zhao, Xiang; Song, Wen-Bo

Transfer reliability has an important impact on the urban bus network. The proportion of zero and one transfer time is a key indicator to measure the connectivity of bus networks. However, it is hard to calculate the transfer time between nodes because of the complicated network structure. In this paper, the topological structures of urban bus network in Jinan are constructed by space L and space P. A method to calculate transfer times between stations has been proposed by reachable matrix under space P. The result shows that it is efficient to calculate the transfer time between nodes in large networks. In order to test the transfer reliability, a node failure process has been built according to degree, clustering coefficient and betweenness centrality under space L and space P. The results show that the deliberate attack by betweenness centrality under space P is more effective compared with other five attack modes. This research could provide a power tool to find hub stations in bus networks and give a help for traffic manager to guarantee the normal operation of urban bus systems.

A Network Access Control Framework for 6LoWPAN Networks

PubMed Central

Oliveira, Luís M. L.; Rodrigues, Joel J. P. C.; de Sousa, Amaro F.; Lloret, Jaime

2013-01-01

Low power over wireless personal area networks (LoWPAN), in particular wireless sensor networks, represent an emerging technology with high potential to be employed in critical situations like security surveillance, battlefields, smart-grids, and in e-health applications. The support of security services in LoWPAN is considered a challenge. First, this type of networks is usually deployed in unattended environments, making them vulnerable to security attacks. Second, the constraints inherent to LoWPAN, such as scarce resources and limited battery capacity, impose a careful planning on how and where the security services should be deployed. Besides protecting the network from some well-known threats, it is important that security mechanisms be able to withstand attacks that have not been identified before. One way of reaching this goal is to control, at the network access level, which nodes can be attached to the network and to enforce their security compliance. This paper presents a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes. PMID:23334610

A Graph Analytic Metric for Mitigating Advanced Persistent Threat

DOE Office of Scientific and Technical Information (OSTI.GOV)

Johnson, John R.; Hogan, Emilie A.

2013-06-04

This paper introduces a novel graph analytic metric that can be used to measure the potential vulnerability of a cyber network to specific types of attacks that use lateral movement and privilege escalation such as the well known Pass The Hash, (PTH). The metric is computed from an oriented subgraph of the underlying cyber network induced by selecting only those edges for which a given property holds between the two vertices of the edge. The metric with respect to a select node on the subgraph is defined as the likelihood that the select node is reachable from another arbitrary nodemore » in the graph. This metric can be calculated dynamically from the authorization and auditing layers during the network security authorization phase and will potentially enable predictive deterrence against attacks such as PTH.« less

Secure Wake-Up Scheme for WBANs

NASA Astrophysics Data System (ADS)

Liu, Jing-Wei; Ameen, Moshaddique Al; Kwak, Kyung-Sup

Network life time and hence device life time is one of the fundamental metrics in wireless body area networks (WBAN). To prolong it, especially those of implanted sensors, each node must conserve its energy as much as possible. While a variety of wake-up/sleep mechanisms have been proposed, the wake-up radio potentially serves as a vehicle to introduce vulnerabilities and attacks to WBAN, eventually resulting in its malfunctions. In this paper, we propose a novel secure wake-up scheme, in which a wake-up authentication code (WAC) is employed to ensure that a BAN Node (BN) is woken up by the correct BAN Network Controller (BNC) rather than unintended users or malicious attackers. The scheme is thus particularly implemented by a two-radio architecture. We show that our scheme provides higher security while consuming less energy than the existing schemes.

An adaptive neural swarm approach for intrusion defense in ad hoc networks

NASA Astrophysics Data System (ADS)

Cannady, James

2011-06-01

Wireless sensor networks (WSN) and mobile ad hoc networks (MANET) are being increasingly deployed in critical applications due to the flexibility and extensibility of the technology. While these networks possess numerous advantages over traditional wireless systems in dynamic environments they are still vulnerable to many of the same types of host-based and distributed attacks common to those systems. Unfortunately, the limited power and bandwidth available in WSNs and MANETs, combined with the dynamic connectivity that is a defining characteristic of the technology, makes it extremely difficult to utilize traditional intrusion detection techniques. This paper describes an approach to accurately and efficiently detect potentially damaging activity in WSNs and MANETs. It enables the network as a whole to recognize attacks, anomalies, and potential vulnerabilities in a distributive manner that reflects the autonomic processes of biological systems. Each component of the network recognizes activity in its local environment and then contributes to the overall situational awareness of the entire system. The approach utilizes agent-based swarm intelligence to adaptively identify potential data sources on each node and on adjacent nodes throughout the network. The swarm agents then self-organize into modular neural networks that utilize a reinforcement learning algorithm to identify relevant behavior patterns in the data without supervision. Once the modular neural networks have established interconnectivity both locally and with neighboring nodes the analysis of events within the network can be conducted collectively in real-time. The approach has been shown to be extremely effective in identifying distributed network attacks.

Application of the PageRank Algorithm to Alarm Graphs

NASA Astrophysics Data System (ADS)

Treinen, James J.; Thurimella, Ramakrishna

The task of separating genuine attacks from false alarms in large intrusion detection infrastructures is extremely difficult. The number of alarms received in such environments can easily enter into the millions of alerts per day. The overwhelming noise created by these alarms can cause genuine attacks to go unnoticed. As means of highlighting these attacks, we introduce a host ranking technique utilizing Alarm Graphs. Rather than enumerate all potential attack paths as in Attack Graphs, we build and analyze graphs based on the alarms generated by the intrusion detection sensors installed on a network. Given that the alarms are predominantly false positives, the challenge is to identify, separate, and ideally predict future attacks. In this paper, we propose a novel approach to tackle this problem based on the PageRank algorithm. By elevating the rank of known attackers and victims we are able to observe the effect that these hosts have on the other nodes in the Alarm Graph. Using this information we are able to discover previously overlooked attacks, as well as defend against future intrusions.

Robustness of the p53 network and biological hackers.

PubMed

Dartnell, Lewis; Simeonidis, Evangelos; Hubank, Michael; Tsoka, Sophia; Bogle, I David L; Papageorgiou, Lazaros G

2005-06-06

The p53 protein interaction network is crucial in regulating the metazoan cell cycle and apoptosis. Here, the robustness of the p53 network is studied by analyzing its degeneration under two modes of attack. Linear Programming is used to calculate average path lengths among proteins and the network diameter as measures of functionality. The p53 network is found to be robust to random loss of nodes, but vulnerable to a targeted attack against its hubs, as a result of its architecture. The significance of the results is considered with respect to mutational knockouts of proteins and the directed attacks mounted by tumour inducing viruses.

Using Reputation Systems and Non-Deterministic Routing to Secure Wireless Sensor Networks

PubMed Central

Moya, José M.; Vallejo, Juan Carlos; Fraga, David; Araujo, Álvaro; Villanueva, Daniel; de Goyeneche, Juan-Mariano

2009-01-01

Security in wireless sensor networks is difficult to achieve because of the resource limitations of the sensor nodes. We propose a trust-based decision framework for wireless sensor networks coupled with a non-deterministic routing protocol. Both provide a mechanism to effectively detect and confine common attacks, and, unlike previous approaches, allow bad reputation feedback to the network. This approach has been extensively simulated, obtaining good results, even for unrealistically complex attack scenarios. PMID:22412345

An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks.

PubMed

Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

2016-08-16

In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.'s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.'s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes.

Attack Detection in Sensor Network Target Localization Systems With Quantized Data

NASA Astrophysics Data System (ADS)

Zhang, Jiangfan; Wang, Xiaodong; Blum, Rick S.; Kaplan, Lance M.

2018-04-01

We consider a sensor network focused on target localization, where sensors measure the signal strength emitted from the target. Each measurement is quantized to one bit and sent to the fusion center. A general attack is considered at some sensors that attempts to cause the fusion center to produce an inaccurate estimation of the target location with a large mean-square-error. The attack is a combination of man-in-the-middle, hacking, and spoofing attacks that can effectively change both signals going into and coming out of the sensor nodes in a realistic manner. We show that the essential effect of attacks is to alter the estimated distance between the target and each attacked sensor to a different extent, giving rise to a geometric inconsistency among the attacked and unattacked sensors. Hence, with the help of two secure sensors, a class of detectors are proposed to detect the attacked sensors by scrutinizing the existence of the geometric inconsistency. We show that the false alarm and miss probabilities of the proposed detectors decrease exponentially as the number of measurement samples increases, which implies that for sufficiently large number of samples, the proposed detectors can identify the attacked and unattacked sensors with any required accuracy.

SCA security verification on wireless sensor network node

NASA Astrophysics Data System (ADS)

He, Wei; Pizarro, Carlos; de la Torre, Eduardo; Portilla, Jorge; Riesgo, Teresa

2011-05-01

Side Channel Attack (SCA) differs from traditional mathematic attacks. It gets around of the exhaustive mathematic calculation and precisely pin to certain points in the cryptographic algorithm to reveal confidential information from the running crypto-devices. Since the introduction of SCA by Paul Kocher et al [1], it has been considered to be one of the most critical threats to the resource restricted but security demanding applications, such as wireless sensor networks. In this paper, we focus our work on the SCA-concerned security verification on WSN (wireless sensor network). A detailed setup of the platform and an analysis of the results of DPA (power attack) and EMA (electromagnetic attack) is presented. The setup follows the way of low-cost setup to make effective SCAs. Meanwhile, surveying the weaknesses of WSNs in resisting SCA attacks, especially for the EM attack. Finally, SCA-Prevention suggestions based on Differential Security Strategy for the FPGA hardware implementation in WSN will be given, helping to get an improved compromise between security and cost.

Optimal Resource Allocation in Electrical Network Defense

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yao, Y; Edmunds, T; Papageorgiou, D

2004-01-15

Infrastructure networks supplying electricity, natural gas, water, and other commodities are at risk of disruption due to well-engineered and coordinated terrorist attacks. Countermeasures such as hardening targets, acquisition of spare critical components, and surveillance can be undertaken to detect and deter these attacks. Allocation of available countermeasures resources to sites or activities in a manner that maximizes their effectiveness is a challenging problem. This allocation must take into account the adversary's response after the countermeasure assets are in place and consequence mitigation measures the infrastructure operation can undertake after the attack. The adversary may simply switch strategies to avoid countermeasuresmore » when executing the attack. Stockpiling spares of critical energy infrastructure components has been identified as a key element of a grid infrastructure defense strategy in a recent National Academy of Sciences report [1]. Consider a scenario where an attacker attempts to interrupt the service of an electrical network by disabling some of its facilities while a defender wants to prevent or minimize the effectiveness of any attack. The interaction between the attacker and the defender can be described in three stages: (1) The defender deploys countermeasures, (2) The attacker disrupts the network, and (3) The defender responds to the attack by rerouting power to maintain service while trying to repair damage. In the first stage, the defender considers all possible attack scenarios and deploys countermeasures to defend against the worst scenarios. Countermeasures can include hardening targets, acquiring spare critical components, and installing surveillance devices. In the second stage, the attacker, with full knowledge of the deployed countermeasures, attempts to disable some nodes or links in the network to inflict the greatest loss on the defender. In the third stage, the defender re-dispatches power and restores disabled nodes or links to minimize the loss. The loss can be measured in costs, including the costs of using more expensive generators and the economic losses that can be attributed to loss of load. The defender's goal is to minimize the loss while the attacker wants to maximize it. Assuming some level of budget constraint, each side can only defend or attack a limited number of network elements. When an element is attacked, it is assumed that it will be totally disabled. It is assumed that when an element is defended it cannot be disabled, which may mean that it will be restored in a very short time after being attacked. The rest of the paper is organized as follows. Section 2 will briefly review literature related to multilevel programming and network defense. Section 3 presents a mathematical formulation of the electrical network defense problem. Section 4 describes the solution algorithms. Section 5 discusses computational results. Finally, Sec. 6 explores future research directions.« less

An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

PubMed

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2013-07-24

Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

PubMed Central

Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

2013-01-01

Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged. PMID:23887085

Cyber Friendly Fire: Research Challenges for Security Informatics

DOE Office of Scientific and Technical Information (OSTI.GOV)

Greitzer, Frank L.; Carroll, Thomas E.; Roberts, Adam D.

This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly fire (FF). We define cyber FF as intentional offensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintention-ally harms the mission effectiveness of friendly or neutral forces. Just as with combat friendly fire, maintaining situation awareness (SA) is paramount to avoiding cyber FF incidents. Cyber SA concerns knowledge of a system’s topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components thatmore » comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and offensive countermeasures that may be applied to thwart network attacks. Mitigation strategies to combat cyber FF— including both training concepts and suggestions for decision aids and visualization approaches—are discussed.« less

Node 1 taken during Expedition 26

NASA Image and Video Library

2010-11-26

ISS026-E-005318 (26 Nov. 2010) --- A fish-eye lens attached to an electronic still camera was used by an Expedition 26 crew member to capture this image of the Unity node of the International Space Station.

Node 1 taken during Expedition 26

NASA Image and Video Library

2010-11-26

ISS026-E-005316 (26 Nov. 2010) --- A fish-eye lens attached to an electronic still camera was used by an Expedition 26 crew member to capture this image of the Unity node of the International Space Station.

Adaptive triangular mesh generation

NASA Technical Reports Server (NTRS)

Erlebacher, G.; Eiseman, P. R.

1984-01-01

A general adaptive grid algorithm is developed on triangular grids. The adaptivity is provided by a combination of node addition, dynamic node connectivity and a simple node movement strategy. While the local restructuring process and the node addition mechanism take place in the physical plane, the nodes are displaced on a monitor surface, constructed from the salient features of the physical problem. An approximation to mean curvature detects changes in the direction of the monitor surface, and provides the pulling force on the nodes. Solutions to the axisymmetric Grad-Shafranov equation demonstrate the capturing, by triangles, of the plasma-vacuum interface in a free-boundary equilibrium configuration.

Error and attack tolerance of complex networks

NASA Astrophysics Data System (ADS)

Albert, Réka; Jeong, Hawoong; Barabási, Albert-László

2000-07-01

Many complex systems display a surprising degree of tolerance against errors. For example, relatively simple organisms grow, persist and reproduce despite drastic pharmaceutical or environmental interventions, an error tolerance attributed to the robustness of the underlying metabolic network. Complex communication networks display a surprising degree of robustness: although key components regularly malfunction, local failures rarely lead to the loss of the global information-carrying ability of the network. The stability of these and other complex systems is often attributed to the redundant wiring of the functional web defined by the systems' components. Here we demonstrate that error tolerance is not shared by all redundant systems: it is displayed only by a class of inhomogeneously wired networks, called scale-free networks, which include the World-Wide Web, the Internet, social networks and cells. We find that such networks display an unexpected degree of robustness, the ability of their nodes to communicate being unaffected even by unrealistically high failure rates. However, error tolerance comes at a high price in that these networks are extremely vulnerable to attacks (that is, to the selection and removal of a few nodes that play a vital role in maintaining the network's connectivity). Such error tolerance and attack vulnerability are generic properties of communication networks.

Securing mobile ad hoc networks using danger theory-based artificial immune algorithm.

PubMed

Abdelhaq, Maha; Alsaqour, Raed; Abdelhaq, Shawkat

2015-01-01

A mobile ad hoc network (MANET) is a set of mobile, decentralized, and self-organizing nodes that are used in special cases, such as in the military. MANET properties render the environment of this network vulnerable to different types of attacks, including black hole, wormhole and flooding-based attacks. Flooding-based attacks are one of the most dangerous attacks that aim to consume all network resources and thus paralyze the functionality of the whole network. Therefore, the objective of this paper is to investigate the capability of a danger theory-based artificial immune algorithm called the mobile dendritic cell algorithm (MDCA) to detect flooding-based attacks in MANETs. The MDCA applies the dendritic cell algorithm (DCA) to secure the MANET with additional improvements. The MDCA is tested and validated using Qualnet v7.1 simulation tool. This work also introduces a new simulation module for a flooding attack called the resource consumption attack (RCA) using Qualnet v7.1. The results highlight the high efficiency of the MDCA in detecting RCAs in MANETs.

Securing Mobile Ad Hoc Networks Using Danger Theory-Based Artificial Immune Algorithm

PubMed Central

2015-01-01

A mobile ad hoc network (MANET) is a set of mobile, decentralized, and self-organizing nodes that are used in special cases, such as in the military. MANET properties render the environment of this network vulnerable to different types of attacks, including black hole, wormhole and flooding-based attacks. Flooding-based attacks are one of the most dangerous attacks that aim to consume all network resources and thus paralyze the functionality of the whole network. Therefore, the objective of this paper is to investigate the capability of a danger theory-based artificial immune algorithm called the mobile dendritic cell algorithm (MDCA) to detect flooding-based attacks in MANETs. The MDCA applies the dendritic cell algorithm (DCA) to secure the MANET with additional improvements. The MDCA is tested and validated using Qualnet v7.1 simulation tool. This work also introduces a new simulation module for a flooding attack called the resource consumption attack (RCA) using Qualnet v7.1. The results highlight the high efficiency of the MDCA in detecting RCAs in MANETs. PMID:25946001

Predator-prey interactions in the plankton: larval fish feeding on evasive copepods

PubMed Central

Jackson, James M.; Lenz, Petra H.

2016-01-01

Capture success and prey selectivity were investigated in clownfish Amphiprion ocellaris larvae using videography. Three prey types were tested using developmental stages (nauplii, copepodites and adults) of the copepod Parvocalanus crassirostris. Predatory abilities improved rapidly between days 1 and 14 post-hatch. Initially, capture success was limited to nauplii with few attacks on larger stages. Captures of copepodites were first observed at 3 dph, and of adults at 8 dph. Consistent strikes at the larger prey were observed on the day prior to successful captures (2 dph for copepodites, 7 dph for adults). Difference in capture success between nauplii and adults at 8 dph was an order of magnitude. Differences in capture success among prey types persisted but decreased to three-fold by 14 dph. Younger A. ocellaris attacked nauplii preferentially and avoided adult prey. Strike selectivity declined with age, and no selectivity was observed after 10 dph. However, numerically 50% of the ingested prey were still nauplii at 14 dph under the experimental conditions. PMID:27658849

Predator-prey interactions in the plankton: larval fish feeding on evasive copepods.

PubMed

Jackson, James M; Lenz, Petra H

2016-09-23

Capture success and prey selectivity were investigated in clownfish Amphiprion ocellaris larvae using videography. Three prey types were tested using developmental stages (nauplii, copepodites and adults) of the copepod Parvocalanus crassirostris. Predatory abilities improved rapidly between days 1 and 14 post-hatch. Initially, capture success was limited to nauplii with few attacks on larger stages. Captures of copepodites were first observed at 3 dph, and of adults at 8 dph. Consistent strikes at the larger prey were observed on the day prior to successful captures (2 dph for copepodites, 7 dph for adults). Difference in capture success between nauplii and adults at 8 dph was an order of magnitude. Differences in capture success among prey types persisted but decreased to three-fold by 14 dph. Younger A. ocellaris attacked nauplii preferentially and avoided adult prey. Strike selectivity declined with age, and no selectivity was observed after 10 dph. However, numerically 50% of the ingested prey were still nauplii at 14 dph under the experimental conditions.

Predator-prey interactions in the plankton: larval fish feeding on evasive copepods

NASA Astrophysics Data System (ADS)

Jackson, James M.; Lenz, Petra H.

2016-09-01

Capture success and prey selectivity were investigated in clownfish Amphiprion ocellaris larvae using videography. Three prey types were tested using developmental stages (nauplii, copepodites and adults) of the copepod Parvocalanus crassirostris. Predatory abilities improved rapidly between days 1 and 14 post-hatch. Initially, capture success was limited to nauplii with few attacks on larger stages. Captures of copepodites were first observed at 3 dph, and of adults at 8 dph. Consistent strikes at the larger prey were observed on the day prior to successful captures (2 dph for copepodites, 7 dph for adults). Difference in capture success between nauplii and adults at 8 dph was an order of magnitude. Differences in capture success among prey types persisted but decreased to three-fold by 14 dph. Younger A. ocellaris attacked nauplii preferentially and avoided adult prey. Strike selectivity declined with age, and no selectivity was observed after 10 dph. However, numerically 50% of the ingested prey were still nauplii at 14 dph under the experimental conditions.

Research on invulnerability of equipment support information network

NASA Astrophysics Data System (ADS)

Sun, Xiao; Liu, Bin; Zhong, Qigen; Cao, Zhiyi

2013-03-01

In this paper, the entity composition of equipment support information network is studied, and the network abstract model is built. The influence factors of the invulnerability of equipment support information network are analyzed, and the invulnerability capabilities under random attack are analyzed. According to the centrality theory, the materiality evaluation centralities of the nodes are given, and the invulnerability capabilities under selective attack are analyzed. Finally, the reasons that restrict the invulnerability of equipment support information network are summarized, and the modified principles and methods are given.

DOE Office of Scientific and Technical Information (OSTI.GOV)

John Homer; Ashok Varikuti; Xinming Ou

Various tools exist to analyze enterprise network systems and to produce attack graphs detailing how attackers might penetrate into the system. These attack graphs, however, are often complex and difficult to comprehend fully, and a human user may find it problematic to reach appropriate configuration decisions. This paper presents methodologies that can 1) automatically identify portions of an attack graph that do not help a user to understand the core security problems and so can be trimmed, and 2) automatically group similar attack steps as virtual nodes in a model of the network topology, to immediately increase the understandability ofmore » the data. We believe both methods are important steps toward improving visualization of attack graphs to make them more useful in configuration management for large enterprise networks. We implemented our methods using one of the existing attack-graph toolkits. Initial experimentation shows that the proposed approaches can 1) significantly reduce the complexity of attack graphs by trimming a large portion of the graph that is not needed for a user to understand the security problem, and 2) significantly increase the accessibility and understandability of the data presented in the attack graph by clearly showing, within a generated visualization of the network topology, the number and type of potential attacks to which each host is exposed.« less

False Positive and False Negative Effects on Network Attacks

NASA Astrophysics Data System (ADS)

Shang, Yilun

2018-01-01

Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

Roles of Formin Nodes and Myosin Motor Activity in Mid1p-dependent Contractile-Ring Assembly during Fission Yeast Cytokinesis

PubMed Central

Coffman, Valerie C.; Nile, Aaron H.; Lee, I-Ju; Liu, Huayang

2009-01-01

Two prevailing models have emerged to explain the mechanism of contractile-ring assembly during cytokinesis in the fission yeast Schizosaccharomyces pombe: the spot/leading cable model and the search, capture, pull, and release (SCPR) model. We tested some of the basic assumptions of the two models. Monte Carlo simulations of the SCPR model require that the formin Cdc12p is present in >30 nodes from which actin filaments are nucleated and captured by myosin-II in neighboring nodes. The force produced by myosin motors pulls the nodes together to form a compact contractile ring. Live microscopy of cells expressing Cdc12p fluorescent fusion proteins shows for the first time that Cdc12p localizes to a broad band of 30–50 dynamic nodes, where actin filaments are nucleated in random directions. The proposed progenitor spot, essential for the spot/leading cable model, usually disappears without nucleating actin filaments. α-Actinin ain1 deletion cells form a normal contractile ring through nodes in the absence of the spot. Myosin motor activity is required to condense the nodes into a contractile ring, based on slower or absent node condensation in myo2-E1 and UCS rng3-65 mutants. Taken together, these data provide strong support for the SCPR model of contractile-ring formation in cytokinesis. PMID:19864459

Using LTI Dynamics to Identify the Influential Nodes in a Network

PubMed Central

Jorswieck, Eduard; Scheunert, Christian

2016-01-01

Networks are used for modeling numerous technical, social or biological systems. In order to better understand the system dynamics, it is a matter of great interest to identify the most important nodes within the network. For a large set of problems, whether it is the optimal use of available resources, spreading information efficiently or even protection from malicious attacks, the most important node is the most influential spreader, the one that is capable of propagating information in the shortest time to a large portion of the network. Here we propose the Node Imposed Response (NiR), a measure which accurately evaluates node spreading power. It outperforms betweenness, degree, k-shell and h-index centrality in many cases and shows the similar accuracy to dynamics-sensitive centrality. We utilize the system-theoretic approach considering the network as a Linear Time-Invariant system. By observing the system response we can quantify the importance of each node. In addition, our study provides a robust tool set for various protective strategies. PMID:28030548

Accurate Sybil Attack Detection Based on Fine-Grained Physical Channel Information.

PubMed

Wang, Chundong; Zhu, Likun; Gong, Liangyi; Zhao, Zhentang; Yang, Lei; Liu, Zheli; Cheng, Xiaochun

2018-03-15

With the development of the Internet-of-Things (IoT), wireless network security has more and more attention paid to it. The Sybil attack is one of the famous wireless attacks that can forge wireless devices to steal information from clients. These forged devices may constantly attack target access points to crush the wireless network. In this paper, we propose a novel Sybil attack detection based on Channel State Information (CSI). This detection algorithm can tell whether the static devices are Sybil attackers by combining a self-adaptive multiple signal classification algorithm with the Received Signal Strength Indicator (RSSI). Moreover, we develop a novel tracing scheme to cluster the channel characteristics of mobile devices and detect dynamic attackers that change their channel characteristics in an error area. Finally, we experiment on mobile and commercial WiFi devices. Our algorithm can effectively distinguish the Sybil devices. The experimental results show that our Sybil attack detection system achieves high accuracy for both static and dynamic scenarios. Therefore, combining the phase and similarity of channel features, the multi-dimensional analysis of CSI can effectively detect Sybil nodes and improve the security of wireless networks.

Accurate Sybil Attack Detection Based on Fine-Grained Physical Channel Information

PubMed Central

Wang, Chundong; Zhao, Zhentang; Yang, Lei; Liu, Zheli; Cheng, Xiaochun

2018-01-01

With the development of the Internet-of-Things (IoT), wireless network security has more and more attention paid to it. The Sybil attack is one of the famous wireless attacks that can forge wireless devices to steal information from clients. These forged devices may constantly attack target access points to crush the wireless network. In this paper, we propose a novel Sybil attack detection based on Channel State Information (CSI). This detection algorithm can tell whether the static devices are Sybil attackers by combining a self-adaptive multiple signal classification algorithm with the Received Signal Strength Indicator (RSSI). Moreover, we develop a novel tracing scheme to cluster the channel characteristics of mobile devices and detect dynamic attackers that change their channel characteristics in an error area. Finally, we experiment on mobile and commercial WiFi devices. Our algorithm can effectively distinguish the Sybil devices. The experimental results show that our Sybil attack detection system achieves high accuracy for both static and dynamic scenarios. Therefore, combining the phase and similarity of channel features, the multi-dimensional analysis of CSI can effectively detect Sybil nodes and improve the security of wireless networks. PMID:29543773

Animal-Borne Imaging Reveals Novel Insights into the Foraging Behaviors and Diel Activity of a Large-Bodied Apex Predator, the American Alligator (Alligator mississippiensis)

PubMed Central

Nifong, James C.; Nifong, Rachel L.; Silliman, Brian R.; Lowers, Russell H.; Guillette, Louis J.; Ferguson, Jake M.; Welsh, Matthew; Abernathy, Kyler; Marshall, Greg

2014-01-01

Large-bodied, top- and apex predators (e.g., crocodilians, sharks, wolves, killer whales) can exert strong top-down effects within ecological communities through their interactions with prey. Due to inherent difficulties while studying the behavior of these often dangerous predatory species, relatively little is known regarding their feeding behaviors and activity patterns, information that is essential to understanding their role in regulating food web dynamics and ecological processes. Here we use animal-borne imaging systems (Crittercam) to study the foraging behavior and activity patterns of a cryptic, large-bodied predator, the American alligator (Alligator mississippiensis) in two estuaries of coastal Florida, USA. Using retrieved video data we examine the variation in foraging behaviors and activity patterns due to abiotic factors. We found the frequency of prey-attacks (mean = 0.49 prey attacks/hour) as well as the probability of prey-capture success (mean = 0.52 per attack) were significantly affected by time of day. Alligators attempted to capture prey most frequently during the night. Probability of prey-capture success per attack was highest during morning hours and sequentially lower during day, night, and sunset, respectively. Position in the water column also significantly affected prey-capture success, as individuals’ experienced two-fold greater success when attacking prey while submerged. These estimates are the first for wild adult American alligators and one of the few examples for any crocodilian species worldwide. More broadly, these results reveal that our understandings of crocodilian foraging behaviors are biased due to previous studies containing limited observations of cryptic and nocturnal foraging interactions. Our results can be used to inform greater understanding regarding the top-down effects of American alligators in estuarine food webs. Additionally, our results highlight the importance and power of using animal-borne imaging when studying the behavior of elusive large-bodied, apex predators, as it provides critical insights into their trophic and behavioral interactions. PMID:24454711

Animal-borne imaging reveals novel insights into the foraging behaviors and Diel activity of a large-bodied apex predator, the American alligator (Alligator mississippiensis).

PubMed

Nifong, James C; Nifong, Rachel L; Silliman, Brian R; Lowers, Russell H; Guillette, Louis J; Ferguson, Jake M; Welsh, Matthew; Abernathy, Kyler; Marshall, Greg

2014-01-01

Large-bodied, top- and apex predators (e.g., crocodilians, sharks, wolves, killer whales) can exert strong top-down effects within ecological communities through their interactions with prey. Due to inherent difficulties while studying the behavior of these often dangerous predatory species, relatively little is known regarding their feeding behaviors and activity patterns, information that is essential to understanding their role in regulating food web dynamics and ecological processes. Here we use animal-borne imaging systems (Crittercam) to study the foraging behavior and activity patterns of a cryptic, large-bodied predator, the American alligator (Alligator mississippiensis) in two estuaries of coastal Florida, USA. Using retrieved video data we examine the variation in foraging behaviors and activity patterns due to abiotic factors. We found the frequency of prey-attacks (mean = 0.49 prey attacks/hour) as well as the probability of prey-capture success (mean = 0.52 per attack) were significantly affected by time of day. Alligators attempted to capture prey most frequently during the night. Probability of prey-capture success per attack was highest during morning hours and sequentially lower during day, night, and sunset, respectively. Position in the water column also significantly affected prey-capture success, as individuals' experienced two-fold greater success when attacking prey while submerged. These estimates are the first for wild adult American alligators and one of the few examples for any crocodilian species worldwide. More broadly, these results reveal that our understandings of crocodilian foraging behaviors are biased due to previous studies containing limited observations of cryptic and nocturnal foraging interactions. Our results can be used to inform greater understanding regarding the top-down effects of American alligators in estuarine food webs. Additionally, our results highlight the importance and power of using animal-borne imaging when studying the behavior of elusive large-bodied, apex predators, as it provides critical insights into their trophic and behavioral interactions.

FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET.

PubMed

N Ahmed, Malik; Abdullah, Abdul Hanan; Kaiwartya, Omprakash

2016-01-01

Due to the continuous advancements in wireless communication in terms of quality of communication and affordability of the technology, the application area of Mobile Adhoc Networks (MANETs) significantly growing particularly in military and disaster management. Considering the sensitivity of the application areas, security in terms of detection of Denial of Service (DoS) and intrusion has become prime concern in research and development in the area. The security systems suggested in the past has state recognition problem where the system is not able to accurately identify the actual state of the network nodes due to the absence of clear definition of states of the nodes. In this context, this paper proposes a framework based on Finite State Machine (FSM) for denial of service and intrusion detection in MANETs. In particular, an Interruption Detection system for Adhoc On-demand Distance Vector (ID-AODV) protocol is presented based on finite state machine. The packet dropping and sequence number attacks are closely investigated and detection systems for both types of attacks are designed. The major functional modules of ID-AODV includes network monitoring system, finite state machine and attack detection model. Simulations are carried out in network simulator NS-2 to evaluate the performance of the proposed framework. A comparative evaluation of the performance is also performed with the state-of-the-art techniques: RIDAN and AODV. The performance evaluations attest the benefits of proposed framework in terms of providing better security for denial of service and intrusion detection attacks.

An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks

PubMed Central

Jung, Jaewook; Kim, Jiye; Choi, Younsung; Won, Dongho

2016-01-01

In wireless sensor networks (WSNs), a registered user can login to the network and use a user authentication protocol to access data collected from the sensor nodes. Since WSNs are typically deployed in unattended environments and sensor nodes have limited resources, many researchers have made considerable efforts to design a secure and efficient user authentication process. Recently, Chen et al. proposed a secure user authentication scheme using symmetric key techniques for WSNs. They claim that their scheme assures high efficiency and security against different types of attacks. After careful analysis, however, we find that Chen et al.’s scheme is still vulnerable to smart card loss attack and is susceptible to denial of service attack, since it is invalid for verification to simply compare an entered ID and a stored ID in smart card. In addition, we also observe that their scheme cannot preserve user anonymity. Furthermore, their scheme cannot quickly detect an incorrect password during login phase, and this flaw wastes both communication and computational overheads. In this paper, we describe how these attacks work, and propose an enhanced anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in WSNs to address all of the aforementioned vulnerabilities in Chen et al.’s scheme. Our analysis shows that the proposed scheme improves the level of security, and is also more efficient relative to other related schemes. PMID:27537890

Cost-Effective Encryption-Based Autonomous Routing Protocol for Efficient and Secure Wireless Sensor Networks.

PubMed

Saleem, Kashif; Derhab, Abdelouahid; Orgun, Mehmet A; Al-Muhtadi, Jalal; Rodrigues, Joel J P C; Khalil, Mohammed Sayim; Ali Ahmed, Adel

2016-03-31

The deployment of intelligent remote surveillance systems depends on wireless sensor networks (WSNs) composed of various miniature resource-constrained wireless sensor nodes. The development of routing protocols for WSNs is a major challenge because of their severe resource constraints, ad hoc topology and dynamic nature. Among those proposed routing protocols, the biology-inspired self-organized secure autonomous routing protocol (BIOSARP) involves an artificial immune system (AIS) that requires a certain amount of time to build up knowledge of neighboring nodes. The AIS algorithm uses this knowledge to distinguish between self and non-self neighboring nodes. The knowledge-building phase is a critical period in the WSN lifespan and requires active security measures. This paper proposes an enhanced BIOSARP (E-BIOSARP) that incorporates a random key encryption mechanism in a cost-effective manner to provide active security measures in WSNs. A detailed description of E-BIOSARP is presented, followed by an extensive security and performance analysis to demonstrate its efficiency. A scenario with E-BIOSARP is implemented in network simulator 2 (ns-2) and is populated with malicious nodes for analysis. Furthermore, E-BIOSARP is compared with state-of-the-art secure routing protocols in terms of processing time, delivery ratio, energy consumption, and packet overhead. The findings show that the proposed mechanism can efficiently protect WSNs from selective forwarding, brute-force or exhaustive key search, spoofing, eavesdropping, replaying or altering of routing information, cloning, acknowledgment spoofing, HELLO flood attacks, and Sybil attacks.

Cost-Effective Encryption-Based Autonomous Routing Protocol for Efficient and Secure Wireless Sensor Networks

PubMed Central

Saleem, Kashif; Derhab, Abdelouahid; Orgun, Mehmet A.; Al-Muhtadi, Jalal; Rodrigues, Joel J. P. C.; Khalil, Mohammed Sayim; Ali Ahmed, Adel

2016-01-01

The deployment of intelligent remote surveillance systems depends on wireless sensor networks (WSNs) composed of various miniature resource-constrained wireless sensor nodes. The development of routing protocols for WSNs is a major challenge because of their severe resource constraints, ad hoc topology and dynamic nature. Among those proposed routing protocols, the biology-inspired self-organized secure autonomous routing protocol (BIOSARP) involves an artificial immune system (AIS) that requires a certain amount of time to build up knowledge of neighboring nodes. The AIS algorithm uses this knowledge to distinguish between self and non-self neighboring nodes. The knowledge-building phase is a critical period in the WSN lifespan and requires active security measures. This paper proposes an enhanced BIOSARP (E-BIOSARP) that incorporates a random key encryption mechanism in a cost-effective manner to provide active security measures in WSNs. A detailed description of E-BIOSARP is presented, followed by an extensive security and performance analysis to demonstrate its efficiency. A scenario with E-BIOSARP is implemented in network simulator 2 (ns-2) and is populated with malicious nodes for analysis. Furthermore, E-BIOSARP is compared with state-of-the-art secure routing protocols in terms of processing time, delivery ratio, energy consumption, and packet overhead. The findings show that the proposed mechanism can efficiently protect WSNs from selective forwarding, brute-force or exhaustive key search, spoofing, eavesdropping, replaying or altering of routing information, cloning, acknowledgment spoofing, HELLO flood attacks, and Sybil attacks. PMID:27043572

Power iteration ranking via hybrid diffusion for vital nodes identification

NASA Astrophysics Data System (ADS)

Wu, Tao; Xian, Xingping; Zhong, Linfeng; Xiong, Xi; Stanley, H. Eugene

2018-09-01

One of the most interesting challenges in network science is to understand the relation between network structure and dynamics on it, and many topological properties, including degree distribution, community strength and clustering coefficient, have been proposed in the last decade. Prominent in this context is the centrality measures, which aim at quantifying the relative importance of individual nodes in the overall topology with regard to network organization and function. However, most of the previous centrality measures have been proposed based on different concepts and each of them focuses on a specific structural feature of networks. Thus, the straightforward and standard methods may lead to some bias against node importance measure. In this paper, we introduce two physical processes with potential complementarity between them. Then we propose to combine them as an elegant integration with the classic eigenvector centrality framework to improve the accuracy of node ranking. To test the produced power iteration ranking (PIRank) algorithm, we apply it to the selection of attack targets in network optimal attack problem. Extensive experimental results on synthetic networks and real-world networks suggest that the proposed centrality performs better than other well-known measures. Moreover, comparing with the eigenvector centrality, the PIRank algorithm can achieve about thirty percent performance improvement while keeping similar running time. Our experiment on random networks also shows that PIRank algorithm can avoid the localization phenomenon of eigenvector centrality, in particular for the networks with high-degree hubs.

Jamming Attack in Wireless Sensor Network: From Time to Space

NASA Astrophysics Data System (ADS)

Sun, Yanqiang; Wang, Xiaodong; Zhou, Xingming

Classical jamming attack models in the time domain have been proposed, such as constant jammer, random jammer, and reactive jammer. In this letter, we consider a new problem: given k jammers, how does the attacker minimize the pair-wise connectivity among the nodes in a Wireless Sensor Network (WSN)? We call this problem k-Jammer Deployment Problem (k-JDP). To the best of our knowledge, this is the first attempt at considering the position-critical jamming attack against wireless sensor network. We mainly make three contributions. First, we prove that the decision version of k-JDP is NP-complete even in the ideal situation where the attacker has full knowledge of the topology information of sensor network. Second, we propose a mathematical formulation based on Integer Programming (IP) model which yields an optimal solution. Third, we present a heuristic algorithm HAJDP, and compare it with the IP model. Numerical results show that our heuristic algorithm is computationally efficient.

Attacker-defender game from a network science perspective

NASA Astrophysics Data System (ADS)

Li, Ya-Peng; Tan, Suo-Yi; Deng, Ye; Wu, Jun

2018-05-01

Dealing with the protection of critical infrastructures, many game-theoretic methods have been developed to study the strategic interactions between defenders and attackers. However, most game models ignore the interrelationship between different components within a certain system. In this paper, we propose a simultaneous-move attacker-defender game model, which is a two-player zero-sum static game with complete information. The strategies and payoffs of this game are defined on the basis of the topology structure of the infrastructure system, which is represented by a complex network. Due to the complexity of strategies, the attack and defense strategies are confined by two typical strategies, namely, targeted strategy and random strategy. The simulation results indicate that in a scale-free network, the attacker virtually always attacks randomly in the Nash equilibrium. With a small cost-sensitive parameter, representing the degree to which costs increase with the importance of a target, the defender protects the hub targets with large degrees preferentially. When the cost-sensitive parameter exceeds a threshold, the defender switches to protecting nodes randomly. Our work provides a new theoretical framework to analyze the confrontations between the attacker and the defender on critical infrastructures and deserves further study.

Does topological information matter for power grid vulnerability?

PubMed

Ouyang, Min; Yang, Kun

2014-12-01

Power grids, which are playing an important role in supporting the economy of a region as well as the life of its citizens, could be attacked by terrorists or enemies to damage the region. Depending on different levels of power grid information collected by the terrorists, their attack strategies might be different. This paper groups power grid information into four levels: no information, purely topological information (PTI), topological information with generator and load nodes (GLNI), and full information (including component physical properties and flow parameters information), and then identifies possible attack strategies for each information level. Analyzing and comparing power grid vulnerability under these attack strategies from both terrorists' and utility companies' point of view give rise to an approach to quantify the relative values of these three types of information, including PTI, GLNI, and component parameter information (CPI). This approach can provide information regarding the extent to which topological information matters for power system vulnerability decisions. Taking several test systems as examples, results show that for small attacks with p ≤ 0.1, CPI matters the most; when taking attack cost into consideration and assuming that the terrorists take the optimum cost-efficient attack intensity, then CPI has the largest cost-based information value.

Does topological information matter for power grid vulnerability?

NASA Astrophysics Data System (ADS)

Ouyang, Min; Yang, Kun

2014-12-01

Power grids, which are playing an important role in supporting the economy of a region as well as the life of its citizens, could be attacked by terrorists or enemies to damage the region. Depending on different levels of power grid information collected by the terrorists, their attack strategies might be different. This paper groups power grid information into four levels: no information, purely topological information (PTI), topological information with generator and load nodes (GLNI), and full information (including component physical properties and flow parameters information), and then identifies possible attack strategies for each information level. Analyzing and comparing power grid vulnerability under these attack strategies from both terrorists' and utility companies' point of view give rise to an approach to quantify the relative values of these three types of information, including PTI, GLNI, and component parameter information (CPI). This approach can provide information regarding the extent to which topological information matters for power system vulnerability decisions. Taking several test systems as examples, results show that for small attacks with p ≤ 0.1, CPI matters the most; when taking attack cost into consideration and assuming that the terrorists take the optimum cost-efficient attack intensity, then CPI has the largest cost-based information value.

Reduction redux.

PubMed

Shapiro, Lawrence

2018-04-01

Putnam's criticisms of the identity theory attack a straw man. Fodor's criticisms of reduction attack a straw man. Properly interpreted, Nagel offered a conception of reduction that captures everything a physicalist could want. I update Nagel, introducing the idea of overlap, and show why multiple realization poses no challenge to reduction so construed. Copyright © 2017 Elsevier Ltd. All rights reserved.

Ambrosia Beetle (Coleoptera: Scolytidae) Species, Flight, and Attack on Living Eastern Cottonwood Trees.

DOE Office of Scientific and Technical Information (OSTI.GOV)

Coyle, D R; D.C. Booth: M.S. Wallace

2005-12-01

ABSTRACT In spring 2002, ambrosia beetles (Coleoptera: Scolytidae) infested an intensively managed 22-ha tree plantation on the upper coastal plain of South Carolina. Nearly 3,500 scolytids representing 28 species were captured in ethanol-baited traps from 18 June 2002 to 18 April 2004. More than 88% of total captures were exotic species. Five species [Dryoxylon onoharaensum (Murayama), Euwallacea validus (Eichhoff), Pseudopityophthorus minutissimus (Zimmermann), Xyleborus atratus Eichhoff, and Xyleborus impressus Eichhoff]) were collected in South Carolina for the first time. Of four tree species in the plantation, eastern cottonwood, Populus deltoides Bartram, was the only one attacked, with nearly 40% of themore » trees sustaining ambrosia beetle damage. Clone ST66 sustained more damage than clone S7C15. ST66 trees receiving fertilization were attacked more frequently than trees receiving irrigation, irrigation_fertilization, or controls, although the number of S7C15 trees attacked did not differ among treatments. The study location is near major shipping ports; our results demonstrate the necessity for intensive monitoring programs to determine the arrival, spread, ecology, and impact of exotic scolytids.« less

Method for detecting core malware sites related to biomedical information systems.

PubMed

Kim, Dohoon; Choi, Donghee; Jin, Jonghyun

2015-01-01

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%.

Method for Detecting Core Malware Sites Related to Biomedical Information Systems

PubMed Central

Kim, Dohoon; Choi, Donghee; Jin, Jonghyun

2015-01-01

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%. PMID:25821511

Identifying Vulnerabilities and Hardening Attack Graphs for Networked Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Saha, Sudip; Vullinati, Anil K.; Halappanavar, Mahantesh

We investigate efficient security control methods for protecting against vulnerabilities in networked systems. A large number of interdependent vulnerabilities typically exist in the computing nodes of a cyber-system; as vulnerabilities get exploited, starting from low level ones, they open up the doors to more critical vulnerabilities. These cannot be understood just by a topological analysis of the network, and we use the attack graph abstraction of Dewri et al. to study these problems. In contrast to earlier approaches based on heuristics and evolutionary algorithms, we study rigorous methods for quantifying the inherent vulnerability and hardening cost for the system. Wemore » develop algorithms with provable approximation guarantees, and evaluate them for real and synthetic attack graphs.« less

CENTERA: A Centralized Trust-Based Efficient Routing Protocol with Authentication for Wireless Sensor Networks †

PubMed Central

Tajeddine, Ayman; Kayssi, Ayman; Chehab, Ali; Elhajj, Imad; Itani, Wassim

2015-01-01

In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN). CENTERA utilizes the more powerful base station (BS) to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of “bad” nodes. By periodically accumulating these simple local observations and approximating the nodes' battery lives, the BS draws a global view of the network, calculates three quality metrics—maliciousness, cooperation, and compatibility—and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates “bad”, “misbehaving” or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node's bad/probation level with repeated “bad” behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to “good” nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC) for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations. PMID:25648712

CENTERA: a centralized trust-based efficient routing protocol with authentication for wireless sensor networks.

PubMed

Tajeddine, Ayman; Kayssi, Ayman; Chehab, Ali; Elhajj, Imad; Itani, Wassim

2015-02-02

In this paper, we present CENTERA, a CENtralized Trust-based Efficient Routing protocol with an appropriate authentication scheme for wireless sensor networks (WSN). CENTERA utilizes the more powerful base station (BS) to gather minimal neighbor trust information from nodes and calculate the best routes after isolating different types of "bad" nodes. By periodically accumulating these simple local observations and approximating the nodes' battery lives, the BS draws a global view of the network, calculates three quality metrics-maliciousness, cooperation, and compatibility-and evaluates the Data Trust and Forwarding Trust values of each node. Based on these metrics, the BS isolates "bad", "misbehaving" or malicious nodes for a certain period, and put some nodes on probation. CENTERA increases the node's bad/probation level with repeated "bad" behavior, and decreases it otherwise. Then it uses a very efficient method to distribute the routing information to "good" nodes. Based on its target environment, and if required, CENTERA uses an authentication scheme suitable for severely constrained nodes, ranging from the symmetric RC5 for safe environments under close administration, to pairing-based cryptography (PBC) for hostile environments with a strong attacker model. We simulate CENTERA using TOSSIM and verify its correctness and show some energy calculations.

A trust evaluation algorithm for wireless sensor networks based on node behaviors and D-S evidence theory.

PubMed

Feng, Renjian; Xu, Xiaofeng; Zhou, Xiang; Wan, Jiangwen

2011-01-01

For wireless sensor networks (WSNs), many factors, such as mutual interference of wireless links, battlefield applications and nodes exposed to the environment without good physical protection, result in the sensor nodes being more vulnerable to be attacked and compromised. In order to address this network security problem, a novel trust evaluation algorithm defined as NBBTE (Node Behavioral Strategies Banding Belief Theory of the Trust Evaluation Algorithm) is proposed, which integrates the approach of nodes behavioral strategies and modified evidence theory. According to the behaviors of sensor nodes, a variety of trust factors and coefficients related to the network application are established to obtain direct and indirect trust values through calculating weighted average of trust factors. Meanwhile, the fuzzy set method is applied to form the basic input vector of evidence. On this basis, the evidence difference is calculated between the indirect and direct trust values, which link the revised D-S evidence combination rule to finally synthesize integrated trust value of nodes. The simulation results show that NBBTE can effectively identify malicious nodes and reflects the characteristic of trust value that 'hard to acquire and easy to lose'. Furthermore, it is obvious that the proposed scheme has an outstanding advantage in terms of illustrating the real contribution of different nodes to trust evaluation.

A new way to improve the robustness of complex communication networks by allocating redundancy links

NASA Astrophysics Data System (ADS)

Shi, Chunhui; Peng, Yunfeng; Zhuo, Yue; Tang, Jieying; Long, Keping

2012-03-01

We investigate the robustness of complex communication networks on allocating redundancy links. The protecting key nodes (PKN) strategy is proposed to improve the robustness of complex communication networks against intentional attack. Our numerical simulations show that allocating a few redundant links among key nodes using the PKN strategy will significantly increase the robustness of scale-free complex networks. We have also theoretically proved and demonstrated the effectiveness of the PKN strategy. We expect that our work will help achieve a better understanding of communication networks.

Robustness analysis of interdependent networks under multiple-attacking strategies

NASA Astrophysics Data System (ADS)

Gao, Yan-Li; Chen, Shi-Ming; Nie, Sen; Ma, Fei; Guan, Jun-Jie

2018-04-01

The robustness of complex networks under attacks largely depends on the structure of a network and the nature of the attacks. Previous research on interdependent networks has focused on two types of initial attack: random attack and degree-based targeted attack. In this paper, a deliberate attack function is proposed, where six kinds of deliberate attacking strategies can be derived by adjusting the tunable parameters. Moreover, the robustness of four types of interdependent networks (BA-BA, ER-ER, BA-ER and ER-BA) with different coupling modes (random, positive and negative correlation) is evaluated under different attacking strategies. Interesting conclusions could be obtained. It can be found that the positive coupling mode can make the vulnerability of the interdependent network to be absolutely dependent on the most vulnerable sub-network under deliberate attacks, whereas random and negative coupling modes make the vulnerability of interdependent network to be mainly dependent on the being attacked sub-network. The robustness of interdependent network will be enhanced with the degree-degree correlation coefficient varying from positive to negative. Therefore, The negative coupling mode is relatively more optimal than others, which can substantially improve the robustness of the ER-ER network and ER-BA network. In terms of the attacking strategies on interdependent networks, the degree information of node is more valuable than the betweenness. In addition, we found a more efficient attacking strategy for each coupled interdependent network and proposed the corresponding protection strategy for suppressing cascading failure. Our results can be very useful for safety design and protection of interdependent networks.

Modeling and analyzing cascading dynamics of the Internet based on local congestion information

NASA Astrophysics Data System (ADS)

Zhu, Qian; Nie, Jianlong; Zhu, Zhiliang; Yu, Hai; Xue, Yang

2018-06-01

Cascading failure has already become one of the vital issues in network science. By considering realistic network operational settings, we propose the congestion function to represent the congested extent of node and construct a local congestion-aware routing strategy with a tunable parameter. We investigate the cascading failures on the Internet triggered by deliberate attacks. Simulation results show that the tunable parameter has an optimal value that makes the network achieve a maximum level of robustness. The robustness of the network has a positive correlation with tolerance parameter, but it has a negative correlation with the packets generation rate. In addition, there exists a threshold of the attacking proportion of nodes that makes the network achieve the lowest robustness. Moreover, by introducing the concept of time delay for information transmission on the Internet, we found that an increase of the time delay will decrease the robustness of the network rapidly. The findings of the paper will be useful for enhancing the robustness of the Internet in the future.

Dependency Network Analysis (DEPNA) Reveals Context Related Influence of Brain Network Nodes

PubMed Central

Jacob, Yael; Winetraub, Yonatan; Raz, Gal; Ben-Simon, Eti; Okon-Singer, Hadas; Rosenberg-Katz, Keren; Hendler, Talma; Ben-Jacob, Eshel

2016-01-01

Communication between and within brain regions is essential for information processing within functional networks. The current methods to determine the influence of one region on another are either based on temporal resolution, or require a predefined model for the connectivity direction. However these requirements are not always achieved, especially in fMRI studies, which have poor temporal resolution. We thus propose a new graph theory approach that focuses on the correlation influence between selected brain regions, entitled Dependency Network Analysis (DEPNA). Partial correlations are used to quantify the level of influence of each node during task performance. As a proof of concept, we conducted the DEPNA on simulated datasets and on two empirical motor and working memory fMRI tasks. The simulations revealed that the DEPNA correctly captures the network’s hierarchy of influence. Applying DEPNA to the functional tasks reveals the dynamics between specific nodes as would be expected from prior knowledge. To conclude, we demonstrate that DEPNA can capture the most influencing nodes in the network, as they emerge during specific cognitive processes. This ability opens a new horizon for example in delineating critical nodes for specific clinical interventions. PMID:27271458

Three-dimensional separation and reattachment

NASA Technical Reports Server (NTRS)

Peake, D. J.; Tobak, M.

1982-01-01

The separation of three dimensional turbulent boundary layers from the lee of flight vehicles at high angles of attack is investigated. The separation results in dominant, large scale, coiled vortex motions that pass along the body in the general direction of the free stream. In all cases of three dimensional flow separation and reattachment, the assumption of continuous vector fields of skin friction lines and external flow streamlines, coupled with simple laws of topology, provides a flow grammar whose elemental constituents are the singular points: the nodes, spiral nodes (foci), and saddles. The phenomenon of three dimensional separation may be construed as either a local or a global event, depending on whether the skin friction line that becomes a line of separation originates at a node or a saddle point.

How moths escape bats: predicting outcomes of predator-prey interactions.

PubMed

Corcoran, Aaron J; Conner, William E

2016-09-01

What determines whether fleeing prey escape from attacking predators? To answer this question, biologists have developed mathematical models that incorporate attack geometries, pursuit and escape trajectories, and kinematics of predator and prey. These models have rarely been tested using data from actual predator-prey encounters. To address this problem, we recorded multi-camera infrared videography of bat-insect interactions in a large outdoor enclosure. We documented 235 attacks by four Myotis volans bats on a variety of moths. Bat and moth flight trajectories from 50 high-quality attacks were reconstructed in 3-D. Despite having higher maximum velocity, deceleration and overall turning ability, bats only captured evasive prey in 69 of 184 attacks (37.5%); bats captured nearly all moths not evading attack (50 of 51; 98%). Logistic regression indicated that prey radial acceleration and escape angle were the most important predictors of escape success (44 of 50 attacks correctly classified; 88%). We found partial support for the turning gambit mathematical model; however, it underestimated the escape threshold by 25% of prey velocity and did not account for prey escape angle. Whereas most prey escaping strikes flee away from predators, moths typically escaped chasing bats by turning with high radial acceleration toward 'safety zones' that flank the predator. This strategy may be widespread in prey engaged in chases. Based on these findings, we developed a novel geometrical model of predation. We discuss implications of this model for the co-evolution of predator and prey kinematics and pursuit and escape strategies. © 2016. Published by The Company of Biologists Ltd.

Wireless Sensor Node for Autonomous Monitoring and Alerts in Remote Environments

NASA Technical Reports Server (NTRS)

Panangadan, Anand V. (Inventor); Monacos, Steve P. (Inventor)

2015-01-01

A method, apparatus, system, and computer program products provides personal alert and tracking capabilities using one or more nodes. Each node includes radio transceiver chips operating at different frequency ranges, a power amplifier, sensors, a display, and embedded software. The chips enable the node to operate as either a mobile sensor node or a relay base station node while providing a long distance relay link between nodes. The power amplifier enables a line-of-sight communication between the one or more nodes. The sensors provide a GPS signal, temperature, and accelerometer information (used to trigger an alert condition). The embedded software captures and processes the sensor information, provides a multi-hop packet routing protocol to relay the sensor information to and receive alert information from a command center, and to display the alert information on the display.

Multi-attribute integrated measurement of node importance in complex networks.

PubMed

Wang, Shibo; Zhao, Jinlou

2015-11-01

The measure of node importance in complex networks is very important to the research of networks stability and robustness; it also can ensure the security of the whole network. Most researchers have used a single indicator to measure the networks node importance, so that the obtained measurement results only reflect certain aspects of the networks with a loss of information. Meanwhile, because of the difference of networks topology, the nodes' importance should be described by combining the character of the networks topology. Most of the existing evaluation algorithms cannot completely reflect the circumstances of complex networks, so this paper takes into account the degree of centrality, the relative closeness centrality, clustering coefficient, and topology potential and raises an integrated measuring method to measure the nodes' importance. This method can reflect nodes' internal and outside attributes and eliminate the influence of network structure on the node importance. The experiments of karate network and dolphin network show that networks topology structure integrated measure has smaller range of metrical result than a single indicator and more universal. Experiments show that attacking the North American power grid and the Internet network with the method has a faster convergence speed than other methods.

CSRQ: Communication-Efficient Secure Range Queries in Two-Tiered Sensor Networks

PubMed Central

Dai, Hua; Ye, Qingqun; Yang, Geng; Xu, Jia; He, Ruiliang

2016-01-01

In recent years, we have seen many applications of secure query in two-tiered wireless sensor networks. Storage nodes are responsible for storing data from nearby sensor nodes and answering queries from Sink. It is critical to protect data security from a compromised storage node. In this paper, the Communication-efficient Secure Range Query (CSRQ)—a privacy and integrity preserving range query protocol—is proposed to prevent attackers from gaining information of both data collected by sensor nodes and queries issued by Sink. To preserve privacy and integrity, in addition to employing the encoding mechanisms, a novel data structure called encrypted constraint chain is proposed, which embeds the information of integrity verification. Sink can use this encrypted constraint chain to verify the query result. The performance evaluation shows that CSRQ has lower communication cost than the current range query protocols. PMID:26907293

FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET

PubMed Central

N. Ahmed, Malik; Abdullah, Abdul Hanan; Kaiwartya, Omprakash

2016-01-01

Due to the continuous advancements in wireless communication in terms of quality of communication and affordability of the technology, the application area of Mobile Adhoc Networks (MANETs) significantly growing particularly in military and disaster management. Considering the sensitivity of the application areas, security in terms of detection of Denial of Service (DoS) and intrusion has become prime concern in research and development in the area. The security systems suggested in the past has state recognition problem where the system is not able to accurately identify the actual state of the network nodes due to the absence of clear definition of states of the nodes. In this context, this paper proposes a framework based on Finite State Machine (FSM) for denial of service and intrusion detection in MANETs. In particular, an Interruption Detection system for Adhoc On-demand Distance Vector (ID-AODV) protocol is presented based on finite state machine. The packet dropping and sequence number attacks are closely investigated and detection systems for both types of attacks are designed. The major functional modules of ID-AODV includes network monitoring system, finite state machine and attack detection model. Simulations are carried out in network simulator NS-2 to evaluate the performance of the proposed framework. A comparative evaluation of the performance is also performed with the state-of-the-art techniques: RIDAN and AODV. The performance evaluations attest the benefits of proposed framework in terms of providing better security for denial of service and intrusion detection attacks. PMID:27285146

Towards an integrated defense system for cyber security situation awareness experiment

NASA Astrophysics Data System (ADS)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

fMRI amygdala activation during a spontaneous panic attack in a patient with panic disorder.

PubMed

Pfleiderer, Bettina; Zinkirciran, Sariye; Arolt, Volker; Heindel, Walter; Deckert, Juergen; Domschke, Katharina

2007-01-01

Previous studies on neuronal activation correlates of panic attacks were mostly based on challenge tests, sensory-related stimulation or fear conditioning in healthy subjects. In the present study, we report on a female patient with panic disorder experiencing a spontaneous panic attack under an auditory habituation paradigm in the last stimulation block with sine tones captured with fMRI at 3T. The panic attack was associated with a significantly increased activity in the right amygdala. This is the first report on neuronal activation correlates of a spontaneous panic attack in a patient with panic disorder as measured by fMRI, which lends further support to a pivotal role of the amygdala in the pathogenesis of the disease.

AN EXACT PEAK CAPTURING AND OSCILLATION-FREE SCHEME TO SOLVE ADVECTION-DISPERSION TRANSPORT EQUATIONS

EPA Science Inventory

An exact peak capturing and essentially oscillation-free (EPCOF) algorithm, consisting of advection-dispersion decoupling, backward method of characteristics, forward node tracking, and adaptive local grid refinement, is developed to solve transport equations. This algorithm repr...

A Family of Algorithms for Computing Consensus about Node State from Network Data

PubMed Central

Brush, Eleanor R.; Krakauer, David C.; Flack, Jessica C.

2013-01-01

Biological and social networks are composed of heterogeneous nodes that contribute differentially to network structure and function. A number of algorithms have been developed to measure this variation. These algorithms have proven useful for applications that require assigning scores to individual nodes–from ranking websites to determining critical species in ecosystems–yet the mechanistic basis for why they produce good rankings remains poorly understood. We show that a unifying property of these algorithms is that they quantify consensus in the network about a node's state or capacity to perform a function. The algorithms capture consensus by either taking into account the number of a target node's direct connections, and, when the edges are weighted, the uniformity of its weighted in-degree distribution (breadth), or by measuring net flow into a target node (depth). Using data from communication, social, and biological networks we find that that how an algorithm measures consensus–through breadth or depth– impacts its ability to correctly score nodes. We also observe variation in sensitivity to source biases in interaction/adjacency matrices: errors arising from systematic error at the node level or direct manipulation of network connectivity by nodes. Our results indicate that the breadth algorithms, which are derived from information theory, correctly score nodes (assessed using independent data) and are robust to errors. However, in cases where nodes “form opinions” about other nodes using indirect information, like reputation, depth algorithms, like Eigenvector Centrality, are required. One caveat is that Eigenvector Centrality is not robust to error unless the network is transitive or assortative. In these cases the network structure allows the depth algorithms to effectively capture breadth as well as depth. Finally, we discuss the algorithms' cognitive and computational demands. This is an important consideration in systems in which individuals use the collective opinions of others to make decisions. PMID:23874167

Secure Fusion Estimation for Bandwidth Constrained Cyber-Physical Systems Under Replay Attacks.

PubMed

Chen, Bo; Ho, Daniel W C; Hu, Guoqiang; Yu, Li; Bo Chen; Ho, Daniel W C; Guoqiang Hu; Li Yu; Chen, Bo; Ho, Daniel W C; Hu, Guoqiang; Yu, Li

2018-06-01

State estimation plays an essential role in the monitoring and supervision of cyber-physical systems (CPSs), and its importance has made the security and estimation performance a major concern. In this case, multisensor information fusion estimation (MIFE) provides an attractive alternative to study secure estimation problems because MIFE can potentially improve estimation accuracy and enhance reliability and robustness against attacks. From the perspective of the defender, the secure distributed Kalman fusion estimation problem is investigated in this paper for a class of CPSs under replay attacks, where each local estimate obtained by the sink node is transmitted to a remote fusion center through bandwidth constrained communication channels. A new mathematical model with compensation strategy is proposed to characterize the replay attacks and bandwidth constrains, and then a recursive distributed Kalman fusion estimator (DKFE) is designed in the linear minimum variance sense. According to different communication frameworks, two classes of data compression and compensation algorithms are developed such that the DKFEs can achieve the desired performance. Several attack-dependent and bandwidth-dependent conditions are derived such that the DKFEs are secure under replay attacks. An illustrative example is given to demonstrate the effectiveness of the proposed methods.

Bio-Inspired Distributed Decision Algorithms for Anomaly Detection

DTIC Science & Technology

2017-03-01

TERMS DIAMoND, Local Anomaly Detector, Total Impact Estimation, Threat Level Estimator 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT UU...21 4.2 Performance of the DIAMoND Algorithm as a DNS-Server Level Attack Detection and Mitigation...with 6 Nodes ........................................................................................ 13 8 Hierarchical 2- Level Topology

Development of esMOCA Biomechanic, Motion Capture Instrumentation for Biomechanics Analysis

NASA Astrophysics Data System (ADS)

Arendra, A.; Akhmad, S.

2018-01-01

This study aims to build motion capture instruments using inertial measurement unit sensors to assist in the analysis of biomechanics. Sensors used are accelerometer and gyroscope. Estimation of orientation sensors is done by digital motion processing in each sensor nodes. There are nine sensor nodes attached to the upper limbs. This sensor is connected to the pc via a wireless sensor network. The development of kinematics and inverse dynamamic models of the upper limb is done in simulink simmechanic. The kinematic model receives streaming data of sensor nodes mounted on the limbs. The output of the kinematic model is the pose of each limbs and visualized on display. The dynamic inverse model outputs the reaction force and reaction moment of each joint based on the limb motion input. Model validation in simulink with mathematical model of mechanical analysis showed results that did not differ significantly

Game Theory for Proactive Dynamic Defense and Attack Mitigation in Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Letchford, Joshua

While there has been a great deal of security research focused on preventing attacks, there has been less work on how one should balance security and resilience investments. In this work we developed and evaluated models that captured both explicit defenses and other mitigations that reduce the impact of attacks. We examined these issues both in more broadly applicable general Stackelberg models and in more specific network and power grid settings. Finally, we compared these solutions to existing work in terms of both solution quality and computational overhead.

Simultaneous Event-Triggered Fault Detection and Estimation for Stochastic Systems Subject to Deception Attacks.

PubMed

Li, Yunji; Wu, QingE; Peng, Li

2018-01-23

In this paper, a synthesized design of fault-detection filter and fault estimator is considered for a class of discrete-time stochastic systems in the framework of event-triggered transmission scheme subject to unknown disturbances and deception attacks. A random variable obeying the Bernoulli distribution is employed to characterize the phenomena of the randomly occurring deception attacks. To achieve a fault-detection residual is only sensitive to faults while robust to disturbances, a coordinate transformation approach is exploited. This approach can transform the considered system into two subsystems and the unknown disturbances are removed from one of the subsystems. The gain of fault-detection filter is derived by minimizing an upper bound of filter error covariance. Meanwhile, system faults can be reconstructed by the remote fault estimator. An recursive approach is developed to obtain fault estimator gains as well as guarantee the fault estimator performance. Furthermore, the corresponding event-triggered sensor data transmission scheme is also presented for improving working-life of the wireless sensor node when measurement information are aperiodically transmitted. Finally, a scaled version of an industrial system consisting of local PC, remote estimator and wireless sensor node is used to experimentally evaluate the proposed theoretical results. In particular, a novel fault-alarming strategy is proposed so that the real-time capacity of fault-detection is guaranteed when the event condition is triggered.

ClueNet: Clustering a temporal network based on topological similarity rather than denseness.

PubMed

Crawford, Joseph; Milenković, Tijana

2018-01-01

Network clustering is a very popular topic in the network science field. Its goal is to divide (partition) the network into groups (clusters or communities) of "topologically related" nodes, where the resulting topology-based clusters are expected to "correlate" well with node label information, i.e., metadata, such as cellular functions of genes/proteins in biological networks, or age or gender of people in social networks. Even for static data, the problem of network clustering is complex. For dynamic data, the problem is even more complex, due to an additional dimension of the data-their temporal (evolving) nature. Since the problem is computationally intractable, heuristic approaches need to be sought. Existing approaches for dynamic network clustering (DNC) have drawbacks. First, they assume that nodes should be in the same cluster if they are densely interconnected within the network. We hypothesize that in some applications, it might be of interest to cluster nodes that are topologically similar to each other instead of or in addition to requiring the nodes to be densely interconnected. Second, they ignore temporal information in their early steps, and when they do consider this information later on, they do so implicitly. We hypothesize that capturing temporal information earlier in the clustering process and doing so explicitly will improve results. We test these two hypotheses via our new approach called ClueNet. We evaluate ClueNet against six existing DNC methods on both social networks capturing evolving interactions between individuals (such as interactions between students in a high school) and biological networks capturing interactions between biomolecules in the cell at different ages. We find that ClueNet is superior in over 83% of all evaluation tests. As more real-world dynamic data are becoming available, DNC and thus ClueNet will only continue to gain importance.

An Efficient Identity-Based Key Management Scheme for Wireless Sensor Networks Using the Bloom Filter

PubMed Central

Qin, Zhongyuan; Zhang, Xinshuai; Feng, Kerong; Zhang, Qunfang; Huang, Jie

2014-01-01

With the rapid development and widespread adoption of wireless sensor networks (WSNs), security has become an increasingly prominent problem. How to establish a session key in node communication is a challenging task for WSNs. Considering the limitations in WSNs, such as low computing capacity, small memory, power supply limitations and price, we propose an efficient identity-based key management (IBKM) scheme, which exploits the Bloom filter to authenticate the communication sensor node with storage efficiency. The security analysis shows that IBKM can prevent several attacks effectively with acceptable computation and communication overhead. PMID:25264955

Investigating changes in brain network properties in HIV-associated neurocognitive disease (HAND) using mutual connectivity analysis (MCA)

NASA Astrophysics Data System (ADS)

Abidin, Anas Zainul; D'Souza, Adora M.; Nagarajan, Mahesh B.; Wismüller, Axel

2016-03-01

About 50% of subjects infected with HIV present deficits in cognitive domains, which are known collectively as HIV associated neurocognitive disorder (HAND). The underlying synaptodendritic damage can be captured using resting state functional MRI, as has been demonstrated by a few earlier studies. Such damage may induce topological changes of brain connectivity networks. We test this hypothesis by capturing the functional interdependence of 90 brain network nodes using a Mutual Connectivity Analysis (MCA) framework with non-linear time series modeling based on Generalized Radial Basis function (GRBF) neural networks. The network nodes are selected based on the regions defined in the Automated Anatomic Labeling (AAL) atlas. Each node is represented by the average time series of the voxels of that region. The resulting networks are then characterized using graph-theoretic measures that quantify various network topology properties at a global as well as at a local level. We tested for differences in these properties in network graphs obtained for 10 subjects (6 male and 4 female, 5 HIV+ and 5 HIV-). Global network properties captured some differences between these subject cohorts, though significant differences were seen only with the clustering coefficient measure. Local network properties, such as local efficiency and the degree of connections, captured significant differences in regions of the frontal lobe, precentral and cingulate cortex amongst a few others. These results suggest that our method can be used to effectively capture differences occurring in brain network connectivity properties revealed by resting-state functional MRI in neurological disease states, such as HAND.

Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network

PubMed Central

Yang, Bin; Zhang, Jianfeng

2017-01-01

Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme. PMID:28657588

Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.

PubMed

Yang, Bin; Zhang, Jianfeng

2017-06-28

Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.

Classifier fusion for VoIP attacks classification

NASA Astrophysics Data System (ADS)

Safarik, Jakub; Rezac, Filip

2017-05-01

SIP is one of the most successful protocols in the field of IP telephony communication. It establishes and manages VoIP calls. As the number of SIP implementation rises, we can expect a higher number of attacks on the communication system in the near future. This work aims at malicious SIP traffic classification. A number of various machine learning algorithms have been developed for attack classification. The paper presents a comparison of current research and the use of classifier fusion method leading to a potential decrease in classification error rate. Use of classifier combination makes a more robust solution without difficulties that may affect single algorithms. Different voting schemes, combination rules, and classifiers are discussed to improve the overall performance. All classifiers have been trained on real malicious traffic. The concept of traffic monitoring depends on the network of honeypot nodes. These honeypots run in several networks spread in different locations. Separation of honeypots allows us to gain an independent and trustworthy attack information.

Cascade phenomenon against subsequent failures in complex networks

NASA Astrophysics Data System (ADS)

Jiang, Zhong-Yuan; Liu, Zhi-Quan; He, Xuan; Ma, Jian-Feng

2018-06-01

Cascade phenomenon may lead to catastrophic disasters which extremely imperil the network safety or security in various complex systems such as communication networks, power grids, social networks and so on. In some flow-based networks, the load of failed nodes can be redistributed locally to their neighboring nodes to maximally preserve the traffic oscillations or large-scale cascading failures. However, in such local flow redistribution model, a small set of key nodes attacked subsequently can result in network collapse. Then it is a critical problem to effectively find the set of key nodes in the network. To our best knowledge, this work is the first to study this problem comprehensively. We first introduce the extra capacity for every node to put up with flow fluctuations from neighbors, and two extra capacity distributions including degree based distribution and average distribution are employed. Four heuristic key nodes discovering methods including High-Degree-First (HDF), Low-Degree-First (LDF), Random and Greedy Algorithms (GA) are presented. Extensive simulations are realized in both scale-free networks and random networks. The results show that the greedy algorithm can efficiently find the set of key nodes in both scale-free and random networks. Our work studies network robustness against cascading failures from a very novel perspective, and methods and results are very useful for network robustness evaluations and protections.

Identification of hybrid node and link communities in complex networks

PubMed Central

He, Dongxiao; Jin, Di; Chen, Zheng; Zhang, Weixiong

2015-01-01

Identifying communities in complex networks is an effective means for analyzing complex systems, with applications in diverse areas such as social science, engineering, biology and medicine. Finding communities of nodes and finding communities of links are two popular schemes for network analysis. These schemes, however, have inherent drawbacks and are inadequate to capture complex organizational structures in real networks. We introduce a new scheme and an effective approach for identifying complex mixture structures of node and link communities, called hybrid node-link communities. A central piece of our approach is a probabilistic model that accommodates node, link and hybrid node-link communities. Our extensive experiments on various real-world networks, including a large protein-protein interaction network and a large network of semantically associated words, illustrated that the scheme for hybrid communities is superior in revealing network characteristics. Moreover, the new approach outperformed the existing methods for finding node or link communities separately. PMID:25728010

Identification of hybrid node and link communities in complex networks.

PubMed

He, Dongxiao; Jin, Di; Chen, Zheng; Zhang, Weixiong

2015-03-02

Identifying communities in complex networks is an effective means for analyzing complex systems, with applications in diverse areas such as social science, engineering, biology and medicine. Finding communities of nodes and finding communities of links are two popular schemes for network analysis. These schemes, however, have inherent drawbacks and are inadequate to capture complex organizational structures in real networks. We introduce a new scheme and an effective approach for identifying complex mixture structures of node and link communities, called hybrid node-link communities. A central piece of our approach is a probabilistic model that accommodates node, link and hybrid node-link communities. Our extensive experiments on various real-world networks, including a large protein-protein interaction network and a large network of semantically associated words, illustrated that the scheme for hybrid communities is superior in revealing network characteristics. Moreover, the new approach outperformed the existing methods for finding node or link communities separately.

Identification of hybrid node and link communities in complex networks

NASA Astrophysics Data System (ADS)

He, Dongxiao; Jin, Di; Chen, Zheng; Zhang, Weixiong

2015-03-01

Identifying communities in complex networks is an effective means for analyzing complex systems, with applications in diverse areas such as social science, engineering, biology and medicine. Finding communities of nodes and finding communities of links are two popular schemes for network analysis. These schemes, however, have inherent drawbacks and are inadequate to capture complex organizational structures in real networks. We introduce a new scheme and an effective approach for identifying complex mixture structures of node and link communities, called hybrid node-link communities. A central piece of our approach is a probabilistic model that accommodates node, link and hybrid node-link communities. Our extensive experiments on various real-world networks, including a large protein-protein interaction network and a large network of semantically associated words, illustrated that the scheme for hybrid communities is superior in revealing network characteristics. Moreover, the new approach outperformed the existing methods for finding node or link communities separately.

A new centrality measure for identifying influential nodes in social networks

NASA Astrophysics Data System (ADS)

Rhouma, Delel; Ben Romdhane, Lotfi

2018-04-01

The identification of central nodes has been a key problem in the field of social network analysis. In fact, it is a measure that accounts the popularity or the visibility of an actor within a network. In order to capture this concept, various measures, either sample or more elaborate, has been developed. Nevertheless, many of "traditional" measures are not designed to be applicable to huge data. This paper sets out a new node centrality index suitable for large social network. It uses the amount of the neighbors of a node and connections between them to characterize a "pivot" node in the graph. We presented experimental results on real data sets which show the efficiency of our proposal.

Learning and robustness to catch-and-release fishing in a shark social network

PubMed Central

Brown, Culum; Planes, Serge

2017-01-01

Individuals can play different roles in maintaining connectivity and social cohesion in animal populations and thereby influence population robustness to perturbations. We performed a social network analysis in a reef shark population to assess the vulnerability of the global network to node removal under different scenarios. We found that the network was generally robust to the removal of nodes with high centrality. The network appeared also highly robust to experimental fishing. Individual shark catchability decreased as a function of experience, as revealed by comparing capture frequency and site presence. Altogether, these features suggest that individuals learnt to avoid capture, which ultimately increased network robustness to experimental catch-and-release. Our results also suggest that some caution must be taken when using capture–recapture models often used to assess population size as assumptions (such as equal probabilities of capture and recapture) may be violated by individual learning to escape recapture. PMID:28298593

Optimal Attack Strategies Subject to Detection Constraints Against Cyber-Physical Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chen, Yuan; Kar, Soummya; Moura, Jose M. F.

This paper studies an attacker against a cyberphysical system (CPS) whose goal is to move the state of a CPS to a target state while ensuring that his or her probability of being detected does not exceed a given bound. The attacker’s probability of being detected is related to the nonnegative bias induced by his or her attack on the CPS’s detection statistic. We formulate a linear quadratic cost function that captures the attacker’s control goal and establish constraints on the induced bias that reflect the attacker’s detection-avoidance objectives. When the attacker is constrained to be detected at the false-alarmmore » rate of the detector, we show that the optimal attack strategy reduces to a linear feedback of the attacker’s state estimate. In the case that the attacker’s bias is upper bounded by a positive constant, we provide two algorithms – an optimal algorithm and a sub-optimal, less computationally intensive algorithm – to find suitable attack sequences. Lastly, we illustrate our attack strategies in numerical examples based on a remotely-controlled helicopter under attack.« less

Optimal Attack Strategies Subject to Detection Constraints Against Cyber-Physical Systems

DOE PAGES

Chen, Yuan; Kar, Soummya; Moura, Jose M. F.

2017-03-31

This paper studies an attacker against a cyberphysical system (CPS) whose goal is to move the state of a CPS to a target state while ensuring that his or her probability of being detected does not exceed a given bound. The attacker’s probability of being detected is related to the nonnegative bias induced by his or her attack on the CPS’s detection statistic. We formulate a linear quadratic cost function that captures the attacker’s control goal and establish constraints on the induced bias that reflect the attacker’s detection-avoidance objectives. When the attacker is constrained to be detected at the false-alarmmore » rate of the detector, we show that the optimal attack strategy reduces to a linear feedback of the attacker’s state estimate. In the case that the attacker’s bias is upper bounded by a positive constant, we provide two algorithms – an optimal algorithm and a sub-optimal, less computationally intensive algorithm – to find suitable attack sequences. Lastly, we illustrate our attack strategies in numerical examples based on a remotely-controlled helicopter under attack.« less

Resilience of networks formed of interdependent modular networks

NASA Astrophysics Data System (ADS)

Shekhtman, Louis M.; Shai, Saray; Havlin, Shlomo

2015-12-01

Many infrastructure networks have a modular structure and are also interdependent with other infrastructures. While significant research has explored the resilience of interdependent networks, there has been no analysis of the effects of modularity. Here we develop a theoretical framework for attacks on interdependent modular networks and support our results through simulations. We focus, for simplicity, on the case where each network has the same number of communities and the dependency links are restricted to be between pairs of communities of different networks. This is particularly realistic for modeling infrastructure across cities. Each city has its own infrastructures and different infrastructures are dependent only within the city. However, each infrastructure is connected within and between cities. For example, a power grid will connect many cities as will a communication network, yet a power station and communication tower that are interdependent will likely be in the same city. It has previously been shown that single networks are very susceptible to the failure of the interconnected nodes (between communities) (Shai et al 2014 arXiv:1404.4748) and that attacks on these nodes are even more crippling than attacks based on betweenness (da Cunha et al 2015 arXiv:1502.00353). In our example of cities these nodes have long range links which are more likely to fail. For both treelike and looplike interdependent modular networks we find distinct regimes depending on the number of modules, m. (i) In the case where there are fewer modules with strong intraconnections, the system first separates into modules in an abrupt first-order transition and then each module undergoes a second percolation transition. (ii) When there are more modules with many interconnections between them, the system undergoes a single transition. Overall, we find that modular structure can significantly influence the type of transitions observed in interdependent networks and should be considered in attempts to make interdependent networks more resilient.

A broadcast-based key agreement scheme using set reconciliation for wireless body area networks.

PubMed

Ali, Aftab; Khan, Farrukh Aslam

2014-05-01

Information and communication technologies have thrived over the last few years. Healthcare systems have also benefited from this progression. A wireless body area network (WBAN) consists of small, low-power sensors used to monitor human physiological values remotely, which enables physicians to remotely monitor the health of patients. Communication security in WBANs is essential because it involves human physiological data. Key agreement and authentication are the primary issues in the security of WBANs. To agree upon a common key, the nodes exchange information with each other using wireless communication. This information exchange process must be secure enough or the information exchange should be minimized to a certain level so that if information leak occurs, it does not affect the overall system. Most of the existing solutions for this problem exchange too much information for the sake of key agreement; getting this information is sufficient for an attacker to reproduce the key. Set reconciliation is a technique used to reconcile two similar sets held by two different hosts with minimal communication complexity. This paper presents a broadcast-based key agreement scheme using set reconciliation for secure communication in WBANs. The proposed scheme allows the neighboring nodes to agree upon a common key with the personal server (PS), generated from the electrocardiogram (EKG) feature set of the host body. Minimal information is exchanged in a broadcast manner, and even if every node is missing a different subset, by reconciling these feature sets, the whole network will still agree upon a single common key. Because of the limited information exchange, if an attacker gets the information in any way, he/she will not be able to reproduce the key. The proposed scheme mitigates replay, selective forwarding, and denial of service attacks using a challenge-response authentication mechanism. The simulation results show that the proposed scheme has a great deal of adoptability in terms of security, communication overhead, and running time complexity, as compared to the existing EKG-based key agreement scheme.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks.

PubMed

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-12-17

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism.

A Security Assessment Mechanism for Software-Defined Networking-Based Mobile Networks

PubMed Central

Luo, Shibo; Dong, Mianxiong; Ota, Kaoru; Wu, Jun; Li, Jianhua

2015-01-01

Software-Defined Networking-based Mobile Networks (SDN-MNs) are considered the future of 5G mobile network architecture. With the evolving cyber-attack threat, security assessments need to be performed in the network management. Due to the distinctive features of SDN-MNs, such as their dynamic nature and complexity, traditional network security assessment methodologies cannot be applied directly to SDN-MNs, and a novel security assessment methodology is needed. In this paper, an effective security assessment mechanism based on attack graphs and an Analytic Hierarchy Process (AHP) is proposed for SDN-MNs. Firstly, this paper discusses the security assessment problem of SDN-MNs and proposes a methodology using attack graphs and AHP. Secondly, to address the diversity and complexity of SDN-MNs, a novel attack graph definition and attack graph generation algorithm are proposed. In order to quantify security levels, the Node Minimal Effort (NME) is defined to quantify attack cost and derive system security levels based on NME. Thirdly, to calculate the NME of an attack graph that takes the dynamic factors of SDN-MN into consideration, we use AHP integrated with the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) as the methodology. Finally, we offer a case study to validate the proposed methodology. The case study and evaluation show the advantages of the proposed security assessment mechanism. PMID:26694409

Home and Clinical Cardiovascular Care Center (H4C): a Framework for Integrating Body Sensor Networks and QTRU Cryptography System.

PubMed

Zakerolhosseini, Ali; Sokouti, Massoud; Pezeshkian, Massoud

2013-01-01

Quick responds to heart attack patients before arriving to hospital is a very important factor. In this paper, a combined model of Body Sensor Network and Personal Digital Access using QTRU cipher algorithm in Wifi networks is presented to efficiently overcome these life threatening attacks. The algorithm for optimizing the routing paths between sensor nodes and an algorithm for reducing the power consumption are also applied for achieving the best performance by this model. This system is consumes low power and has encrypting and decrypting processes. It also has an efficient routing path in a fast manner.

Home and Clinical Cardiovascular Care Center (H4C): a Framework for Integrating Body Sensor Networks and QTRU Cryptography System

PubMed Central

Zakerolhosseini, Ali; Sokouti, Massoud; Pezeshkian, Massoud

2013-01-01

Quick responds to heart attack patients before arriving to hospital is a very important factor. In this paper, a combined model of Body Sensor Network and Personal Digital Access using QTRU cipher algorithm in Wifi networks is presented to efficiently overcome these life threatening attacks. The algorithm for optimizing the routing paths between sensor nodes and an algorithm for reducing the power consumption are also applied for achieving the best performance by this model. This system is consumes low power and has encrypting and decrypting processes. It also has an efficient routing path in a fast manner. PMID:24252988

Parametric Analysis of Airland Combat Model in High Resolution

DTIC Science & Technology

1988-09-01

continue Fprint MOE, UTILITY matrix figure 10. Flow chart of the advanced model 22 WAVE2 = numeric value (1. 2. or 12) which is supposed to be given by the...model user" if WAVE2 = 1. it will bc a BATTLE I case. and all Red forccs on Av’enue-2 attack to nodc-2S ; if \\VAVE2= 2. it will also be a BATTLE I case...but all Red forces on Aenue-2 attack to node-27 ; if WAVE2 = 12. it will be a BATTLE2 case. These outputs will be analyzed in more detail in the next

Fuzzy neural network technique for system state forecasting.

PubMed

Li, Dezhi; Wang, Wilson; Ismail, Fathy

2013-10-01

In many system state forecasting applications, the prediction is performed based on multiple datasets, each corresponding to a distinct system condition. The traditional methods dealing with multiple datasets (e.g., vector autoregressive moving average models and neural networks) have some shortcomings, such as limited modeling capability and opaque reasoning operations. To tackle these problems, a novel fuzzy neural network (FNN) is proposed in this paper to effectively extract information from multiple datasets, so as to improve forecasting accuracy. The proposed predictor consists of both autoregressive (AR) nodes modeling and nonlinear nodes modeling; AR models/nodes are used to capture the linear correlation of the datasets, and the nonlinear correlation of the datasets are modeled with nonlinear neuron nodes. A novel particle swarm technique [i.e., Laplace particle swarm (LPS) method] is proposed to facilitate parameters estimation of the predictor and improve modeling accuracy. The effectiveness of the developed FNN predictor and the associated LPS method is verified by a series of tests related to Mackey-Glass data forecast, exchange rate data prediction, and gear system prognosis. Test results show that the developed FNN predictor and the LPS method can capture the dynamics of multiple datasets effectively and track system characteristics accurately.

Both Palatable and Unpalatable Butterflies Use Bright Colors to Signal Difficulty of Capture to Predators.

PubMed

Pinheiro, C E G; Freitas, A V L; Campos, V C; DeVries, P J; Penz, C M

2016-04-01

Birds are able to recognize and learn to avoid attacking unpalatable, chemically defended butterflies after unpleasant experiences with them. It has also been suggested that birds learn to avoid prey that are efficient at escaping. This, however, remains poorly documented. Here, we argue that butterflies may utilize a variety of escape tactics against insectivorous birds and review evidence that birds avoid attacking butterflies that are hard to catch. We suggest that signaling difficulty of capture to predators is a widespread phenomenon in butterflies, and this ability may not be limited to palatable butterflies. The possibility that both palatable and unpalatable species signal difficulty of capture has not been fully explored, but helps explain the existence of aposematic coloration and escape mimicry in butterflies lacking defensive chemicals. This possibility may also change the role that putative Müllerian and Batesian mimics play in a variety of classical mimicry rings, thus opening new perspectives in the evolution of mimicry in butterflies.

Control Centrality and Hierarchical Structure in Complex Networks

PubMed Central

Liu, Yang-Yu; Slotine, Jean-Jacques; Barabási, Albert-László

2012-01-01

We introduce the concept of control centrality to quantify the ability of a single node to control a directed weighted network. We calculate the distribution of control centrality for several real networks and find that it is mainly determined by the network’s degree distribution. We show that in a directed network without loops the control centrality of a node is uniquely determined by its layer index or topological position in the underlying hierarchical structure of the network. Inspired by the deep relation between control centrality and hierarchical structure in a general directed network, we design an efficient attack strategy against the controllability of malicious networks. PMID:23028542

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.

PubMed

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-11-30

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost.

Statistical mechanics of scale-free gene expression networks

NASA Astrophysics Data System (ADS)

Gross, Eitan

2012-12-01

The gene co-expression networks of many organisms including bacteria, mice and man exhibit scale-free distribution. This heterogeneous distribution of connections decreases the vulnerability of the network to random attacks and thus may confer the genetic replication machinery an intrinsic resilience to such attacks, triggered by changing environmental conditions that the organism may be subject to during evolution. This resilience to random attacks comes at an energetic cost, however, reflected by the lower entropy of the scale-free distribution compared to the more homogenous, random network. In this study we found that the cell cycle-regulated gene expression pattern of the yeast Saccharomyces cerevisiae obeys a power-law distribution with an exponent α = 2.1 and an entropy of 1.58. The latter is very close to the maximal value of 1.65 obtained from linear optimization of the entropy function under the constraint of a constant cost function, determined by the average degree connectivity . We further show that the yeast's gene expression network can achieve scale-free distribution in a process that does not involve growth but rather via re-wiring of the connections between nodes of an ordered network. Our results support the idea of an evolutionary selection, which acts at the level of the protein sequence, and is compatible with the notion of greater biological importance of highly connected nodes in the protein interaction network. Our constrained re-wiring model provides a theoretical framework for a putative thermodynamically driven evolutionary selection process.

Experimental Evaluation of the Effect of Angle-of-attack on the External Aerodynamics and Mass Capture of a Symmetric Three-engine Air-breathing Launch Vehicle Configuration at Supersonic Speeds

NASA Technical Reports Server (NTRS)

Kim, Hyun D.; Frate, Franco C.

2001-01-01

A subscale aerodynamic model of the GTX air-breathing launch vehicle was tested at NASA Glenn Research Center's 10- by 10-Foot Supersonic Wind Tunnel from Mach 2.0 to 3.5 at various angles-of-attack. The objective of the test was to investigate the effect of angle-of-attack on inlet mass capture, inlet diverter effectiveness, and the flowfield at the cowl lip plane. The flow-through inlets were tested with and without boundary-layer diverters. Quantitative measurements such as inlet mass flow rates and pitot-pressure distributions in the cowl lip plane are presented. At a 3deg angle-of-attack, the flow rates for the top and side inlets were within 8 percent of the zero angle-of-attack value, and little distortion was evident at the cowl lip plane. Surface oil flow patterns showing the shock/boundary-layer interaction caused by the inlet spikes are shown. In addition to inlet data, vehicle forebody static pressure distributions, boundary-layer profiles, and temperature-sensitive paint images to evaluate the boundary-layer transition are presented. Three-dimensional parabolized Navier-Stokes computational fluid dynamics calculations of the forebody flowfield are presented and show good agreement with the experimental static pressure distributions and boundary-layer profiles. With the boundary-layer diverters installed, no adverse aerodynamic phenomena were found that would prevent the inlets from operating at the required angles-of-attack. We recommend that phase 2 of the test program be initiated, where inlet contraction ratio and diverter geometry variations will be tested.

Towards the development of tamper-resistant, ground-based mobile sensor nodes

NASA Astrophysics Data System (ADS)

Mascarenas, David; Stull, Christopher; Farrar, Charles

2011-11-01

Mobile sensor nodes hold great potential for collecting field data using fewer resources than human operators would require and potentially requiring fewer sensors than a fixed-position sensor array. It would be very beneficial to allow these mobile sensor nodes to operate unattended with a minimum of human intervention. In order to allow mobile sensor nodes to operate unattended in a field environment, it is imperative that they be capable of identifying and responding to external agents that may attempt to tamper with, damage or steal the mobile sensor nodes, while still performing their data collection mission. Potentially hostile external agents could include animals, other mobile sensor nodes, or humans. This work will focus on developing control policies to help enable a mobile sensor node to identify and avoid capture by a hostile un-mounted human. The work is developed in a simulation environment, and demonstrated using a non-holonomic, ground-based mobile sensor node. This work will be a preliminary step toward ensuring the cyber-physical security of ground-based mobile sensor nodes that operate unattended in potentially unfriendly environments.

Ambrosia Beetle (Coleoptera: Scolytidae) species, flight, and attack on living eastern cottonwood trees

Treesearch

David R. Coyle; Derek C. Booth; M. S. Wallace

2005-01-01

In spring 2002, ambrosia beetles (Coleoptera: Scolytidae) infested an intensively managed 22-ha tree plantation on the upper coastal plain of South Carolina. Nearly 3,500 scolytids representing 28 species were captured in ethanol-baited traps from 18 June 2002 to 18 April 2004. More than 88% of total captures were exotic species. Five species [Dryoxylon...

Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle.

PubMed

Park, Namje; Kang, Namhi

2015-12-24

The Internet of Things (IoT), which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, "things" are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks.

Network Analysis of Reconnaissance and Intrusion of an Industrial Control System

DTIC Science & Technology

2016-09-01

simulated a plant engineer using the engineering workstation web browser to authenticate to the vegetable cooker HMI. While the engineer established the...observed the vegetable cooker HMI web display, the attacker stopped capturing network traffic. Acting as the attacker, we searched the attacker’s pcap...manually controlled by human activity. In this testbed network, only web browser traffic (HTTP) is created by an operator to view an HMI status

CTC Sentinel. Volume 5, Issue 8, August 2012

DTIC Science & Technology

2012-08-01

Cyberterrorism: Capturing a Broad Range of Activities in Cyberspace By Jonalan Brickey 6 Pakistani Taliban Renew Attacks on Punjabi Heartland By Arif Rafiq...Agency, U.S. Northern Command, and U.S. Army Central Command. Pakistani Taliban Renew Attacks on Punjabi Heartland By Arif Rafiq after an extended...Lashkar-i-Tayyiba as well as the various Punjabi Taliban groups. 25 The Punjab police have made some important arrests in the past year. In

Flight test of the X-29A at high angle of attack: Flight dynamics and controls

NASA Technical Reports Server (NTRS)

Bauer, Jeffrey E.; Clarke, Robert; Burken, John J.

1995-01-01

The NASA Dryden Flight Research Center has flight tested two X-29A aircraft at low and high angles of attack. The high-angle-of-attack tests evaluate the feasibility of integrated X-29A technologies. More specific objectives focus on evaluating the high-angle-of-attack flying qualities, defining multiaxis controllability limits, and determining the maximum pitch-pointing capability. A pilot-selectable gain system allows examination of tradeoffs in airplane stability and maneuverability. Basic fighter maneuvers provide qualitative evaluation. Bank angle captures permit qualitative data analysis. This paper discusses the design goals and approach for high-angle-of-attack control laws and provides results from the envelope expansion and handling qualities testing at intermediate angles of attack. Comparisons of the flight test results to the predictions are made where appropriate. The pitch rate command structure of the longitudinal control system is shown to be a valid design for high-angle-of-attack control laws. Flight test results show that wing rock amplitude was overpredicted and aileron and rudder effectiveness were underpredicted. Flight tests show the X-29A airplane to be a good aircraft up to 40 deg angle of attack.

Epileptic negative drop attacks in atypical benign partial epilepsy: a neurophysiological study.

PubMed

Hirano, Yoshiko; Oguni, Hirokazu; Osawa, Makiko

2009-03-01

We conducted a computer-assisted polygraphic analysis of drop attacks in a child with atypical benign partial epilepsy (ABPE) to investigate neurophysiological characteristics. The patient was a six-year two-month-old girl, who had started to have focal motor seizures, later combined with daily epileptic negative myoclonus (ENM) and drop attacks, causing multiple injuries. We studied episodes of ENM and drop attacks using video-polygraphic and computer-assisted back-averaging analysis. A total of 12 ENM episodes, seven involving the left arm (ENMlt) and five involving both arms (ENMbil), and five drop attacks were captured for analysis. All episodes were time-locked to spike-and-wave complexes (SWC) arising from both centro-temporo-parietal (CTP) areas. The latency between the onset of SWC and ENMlt, ENMbil, and drop attacks reached 68 ms, 42 ms, and 8 ms, respectively. The height of the spike as well as the slow-wave component of SWC for drop attacks were significantly larger than that for both ENMlt and ENMbil (p < 0.05). Drop attacks were considered to be epileptic negative myoclonus involving not only upper proximal but also axial muscles, causing the body to fall. Thus, drop attacks in ABPE are considered to be epileptic negative drop attacks arising from bilateral CTP foci and differ from drop attacks of a generalized origin seen in Lennox-Gastaut syndrome and myoclonic-astatic epilepsy.

ClueNet: Clustering a temporal network based on topological similarity rather than denseness

PubMed Central

Milenković, Tijana

2018-01-01

Network clustering is a very popular topic in the network science field. Its goal is to divide (partition) the network into groups (clusters or communities) of “topologically related” nodes, where the resulting topology-based clusters are expected to “correlate” well with node label information, i.e., metadata, such as cellular functions of genes/proteins in biological networks, or age or gender of people in social networks. Even for static data, the problem of network clustering is complex. For dynamic data, the problem is even more complex, due to an additional dimension of the data—their temporal (evolving) nature. Since the problem is computationally intractable, heuristic approaches need to be sought. Existing approaches for dynamic network clustering (DNC) have drawbacks. First, they assume that nodes should be in the same cluster if they are densely interconnected within the network. We hypothesize that in some applications, it might be of interest to cluster nodes that are topologically similar to each other instead of or in addition to requiring the nodes to be densely interconnected. Second, they ignore temporal information in their early steps, and when they do consider this information later on, they do so implicitly. We hypothesize that capturing temporal information earlier in the clustering process and doing so explicitly will improve results. We test these two hypotheses via our new approach called ClueNet. We evaluate ClueNet against six existing DNC methods on both social networks capturing evolving interactions between individuals (such as interactions between students in a high school) and biological networks capturing interactions between biomolecules in the cell at different ages. We find that ClueNet is superior in over 83% of all evaluation tests. As more real-world dynamic data are becoming available, DNC and thus ClueNet will only continue to gain importance. PMID:29738568

LDFT-based watermarking resilient to local desynchronization attacks.

PubMed

Tian, Huawei; Zhao, Yao; Ni, Rongrong; Qin, Lunming; Li, Xuelong

2013-12-01

Up to now, a watermarking scheme that is robust against desynchronization attacks (DAs) is still a grand challenge. Most image watermarking resynchronization schemes in literature can survive individual global DAs (e.g., rotation, scaling, translation, and other affine transforms), but few are resilient to challenging cropping and local DAs. The main reason is that robust features for watermark synchronization are only globally invariable rather than locally invariable. In this paper, we present a blind image watermarking resynchronization scheme against local transform attacks. First, we propose a new feature transform named local daisy feature transform (LDFT), which is not only globally but also locally invariable. Then, the binary space partitioning (BSP) tree is used to partition the geometrically invariant LDFT space. In the BSP tree, the location of each pixel is fixed under global transform, local transform, and cropping. Lastly, the watermarking sequence is embedded bit by bit into each leaf node of the BSP tree by using the logarithmic quantization index modulation watermarking embedding method. Simulation results show that the proposed watermarking scheme can survive numerous kinds of distortions, including common image-processing attacks, local and global DAs, and noninvertible cropping.

A Secure Trust Establishment Scheme for Wireless Sensor Networks

PubMed Central

Ishmanov, Farruh; Kim, Sung Won; Nam, Seung Yeob

2014-01-01

Trust establishment is an important tool to improve cooperation and enhance security in wireless sensor networks. The core of trust establishment is trust estimation. If a trust estimation method is not robust against attack and misbehavior, the trust values produced will be meaningless, and system performance will be degraded. We present a novel trust estimation method that is robust against on-off attacks and persistent malicious behavior. Moreover, in order to aggregate recommendations securely, we propose using a modified one-step M-estimator scheme. The novelty of the proposed scheme arises from combining past misbehavior with current status in a comprehensive way. Specifically, we introduce an aggregated misbehavior component in trust estimation, which assists in detecting an on-off attack and persistent malicious behavior. In order to determine the current status of the node, we employ previous trust values and current measured misbehavior components. These components are combined to obtain a robust trust value. Theoretical analyses and evaluation results show that our scheme performs better than other trust schemes in terms of detecting an on-off attack and persistent misbehavior. PMID:24451471

A Novel Centrality Measure for Network-wide Cyber Vulnerability Assessment

DOE Office of Scientific and Technical Information (OSTI.GOV)

Sathanur, Arun V.; Haglin, David J.

In this work we propose a novel formulation that models the attack and compromise on a cyber network as a combination of two parts - direct compromise of a host and the compromise occurring through the spread of the attack on the network from a compromised host. The model parameters for the nodes are a concise representation of the host profiles that can include the risky behaviors of the associated human users while the model parameters for the edges are based on the existence of vulnerabilities between each pair of connected hosts. The edge models relate to the summary representationsmore » of the corresponding attack-graphs. This results in a formulation based on Random Walk with Restart (RWR) and the resulting centrality metric can be solved for in an efficient manner through the use of sparse linear solvers. Thus the formulation goes beyond mere topological considerations in centrality computations by summarizing the host profiles and the attack graphs into the model parameters. The computational efficiency of the method also allows us to also quantify the uncertainty in the centrality measure through Monte Carlo analysis.« less

Opportunistic quantum network coding based on quantum teleportation

NASA Astrophysics Data System (ADS)

Shang, Tao; Du, Gang; Liu, Jian-wei

2016-04-01

It seems impossible to endow opportunistic characteristic to quantum network on the basis that quantum channel cannot be overheard without disturbance. In this paper, we propose an opportunistic quantum network coding scheme by taking full advantage of channel characteristic of quantum teleportation. Concretely, it utilizes quantum channel for secure transmission of quantum states and can detect eavesdroppers by means of quantum channel verification. What is more, it utilizes classical channel for both opportunistic listening to neighbor states and opportunistic coding by broadcasting measurement outcome. Analysis results show that our scheme can reduce the times of transmissions over classical channels for relay nodes and can effectively defend against classical passive attack and quantum active attack.

Information Assurance in Wireless Networks

NASA Astrophysics Data System (ADS)

Kabara, Joseph; Krishnamurthy, Prashant; Tipper, David

2001-09-01

Emerging wireless networks will contain a hybrid infrastructure based on fixed, mobile and ad hoc topologies and technologies. In such a dynamic architecture, we define information assurance as the provisions for both information security and information availability. The implications of this definition are that the wireless network architecture must (a) provide sufficient security measures, (b) be survivable under node or link attack or failure and (c) be designed such that sufficient capacity remains for all critical services (and preferably most other services) in the event of attack or component failure. We have begun a research project to investigate the provision of information assurance for wireless networks viz. survivability, security and availability and here discuss the issues and challenges therein.

Art concept of STS-88 RMS capture of the FGB

NASA Image and Video Library

1998-06-23

S98-09020 (21 July 1997) --- The Space Shuttle Endeavour prepares to capture the Functional Cargo Block (FGB) using the shuttle's mechanical arm in this artist's depiction of the first Space Shuttle assembly flight for the International Space Station (ISS), mission STS-88 scheduled to launch in July 1998. The shuttle will carry the first United States-built component for the station, a connecting module called Node 1, and attach it to the already orbiting FGB, which supplies early electrical power and propulsion. The FGB will have been launched about two weeks earlier on a Russian Proton rocket from the Baikonur Cosmodrome, Kazahkstan. Once the FGB is captured using the mechanical arm, astronaut Nancy J. Currie will maneuver the arm to dock the FGB to the conical mating adapter at the top of Node 1 in the Shuttle's cargo bay. In ensuing days, three Extravehicular Activity?s (EVA) by astronauts Jerry L. Ross and James H. Newman will be performed to make power, data and utility connections between the two modules.

How to Prevent Type-Flaw Guessing Attacks on Password Protocols

DTIC Science & Technology

2003-01-01

How to prevent type-flaw guessing attacks on password protocols∗ Sreekanth Malladi , Jim Alves-Foss Center for Secure and Dependable Systems...respectively. R Retagging 〈−(t, f),+(t′, f)〉. The retagging strand captures the concept of receiving a message of one type and sending it, with a claim of a...referrees for insightful comments. Thanks are also due to Ricardo Corin for many helpful technical discus- sions. References [AN94] M. Abadi and R

Leadership Handbook for the Armor Officer. Volume 1. Thoughts on Leadership

DTIC Science & Technology

1986-01-01

alert, the CCR tankers, redlegs (artillerymen) and doughs (infantrymen) received same badly needed replacements. 7hey repaired their vehicles and...reorganized their troops and crews for the next morning’s attack. On the 24th, Team B’s tanks and doughs attacked again, fighting their way into the very...briefly captured by the Germans while he was attempting to find the accompanying medic jeep, but abandoned as the B Company doughs advanced. As the

Hardware and software status of QCDOC

NASA Astrophysics Data System (ADS)

Boyle, P. A.; Chen, D.; Christ, N. H.; Clark, M.; Cohen, S. D.; Cristian, C.; Dong, Z.; Gara, A.; Joó, B.; Jung, C.; Kim, C.; Levkova, L.; Liao, X.; Liu, G.; Mawhinney, R. D.; Ohta, S.; Petrov, K.; Wettig, T.; Yamaguchi, A.

2004-03-01

QCDOC is a massively parallel supercomputer whose processing nodes are based on an application-specific integrated circuit (ASIC). This ASIC was custom-designed so that crucial lattice QCD kernels achieve an overall sustained performance of 50% on machines with several 10,000 nodes. This strong scalability, together with low power consumption and a price/performance ratio of $1 per sustained MFlops, enable QCDOC to attack the most demanding lattice QCD problems. The first ASICs became available in June of 2003, and the testing performed so far has shown all systems functioning according to specification. We review the hardware and software status of QCDOC and present performance figures obtained in real hardware as well as in simulation.

Group percolation in interdependent networks

NASA Astrophysics Data System (ADS)

Wang, Zexun; Zhou, Dong; Hu, Yanqing

2018-03-01

In many real network systems, nodes usually cooperate with each other and form groups to enhance their robustness to risks. This motivates us to study an alternative type of percolation, group percolation, in interdependent networks under attack. In this model, nodes belonging to the same group survive or fail together. We develop a theoretical framework for this group percolation and find that the formation of groups can improve the resilience of interdependent networks significantly. However, the percolation transition is always of first order, regardless of the distribution of group sizes. As an application, we map the interdependent networks with intersimilarity structures, which have attracted much attention recently, onto the group percolation and confirm the nonexistence of continuous phase transitions.

Advanced process and defect characterization methodology to support process development of advanced patterning structures

NASA Astrophysics Data System (ADS)

Ketkar, Supriya; Lee, Junhan; Asokamani, Sen; Cho, Winston; Mishra, Shailendra

2018-03-01

This paper discusses the approach and solution adopted by GLOBALFOUNDRIES, a high volume manufacturing (HVM) foundry, for dry-etch related edge-signature surface particle defects issue facing the sub-nm node in the gate-etch sector. It is one of the highest die killers for the company in the 14-nm node. We have used different approaches to attack and rectify the edge signature surface particle defect. Several process-related & hardware changes have been successively implemented to achieve defect reduction improvement by 63%. Each systematic process and/or hardware approach has its own unique downstream issues and they have been dealt in a route-cause-effect technique to address the issue.

A Distributed Signature Detection Method for Detecting Intrusions in Sensor Systems

PubMed Central

Kim, Ilkyu; Oh, Doohwan; Yoon, Myung Kuk; Yi, Kyueun; Ro, Won Woo

2013-01-01

Sensor nodes in wireless sensor networks are easily exposed to open and unprotected regions. A security solution is strongly recommended to prevent networks against malicious attacks. Although many intrusion detection systems have been developed, most systems are difficult to implement for the sensor nodes owing to limited computation resources. To address this problem, we develop a novel distributed network intrusion detection system based on the Wu–Manber algorithm. In the proposed system, the algorithm is divided into two steps; the first step is dedicated to a sensor node, and the second step is assigned to a base station. In addition, the first step is modified to achieve efficient performance under limited computation resources. We conduct evaluations with random string sets and actual intrusion signatures to show the performance improvement of the proposed method. The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method. The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors. PMID:23529146

A distributed signature detection method for detecting intrusions in sensor systems.

PubMed

Kim, Ilkyu; Oh, Doohwan; Yoon, Myung Kuk; Yi, Kyueun; Ro, Won Woo

2013-03-25

Sensor nodes in wireless sensor networks are easily exposed to open and unprotected regions. A security solution is strongly recommended to prevent networks against malicious attacks. Although many intrusion detection systems have been developed, most systems are difficult to implement for the sensor nodes owing to limited computation resources. To address this problem, we develop a novel distributed network intrusion detection system based on the Wu-Manber algorithm. In the proposed system, the algorithm is divided into two steps; the first step is dedicated to a sensor node, and the second step is assigned to a base station. In addition, the first step is modified to achieve efficient performance under limited computation resources. We conduct evaluations with random string sets and actual intrusion signatures to show the performance improvement of the proposed method. The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method. The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors.

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks

PubMed Central

Chang, I-Pin; Lee, Tian-Fu; Lin, Tsung-Hung; Liu, Chuan-Ming

2015-01-01

Key agreements that use only password authentication are convenient in communication networks, but these key agreement schemes often fail to resist possible attacks, and therefore provide poor security compared with some other authentication schemes. To increase security, many authentication and key agreement schemes use smartcard authentication in addition to passwords. Thus, two-factor authentication and key agreement schemes using smartcards and passwords are widely adopted in many applications. Vaidya et al. recently presented a two-factor authentication and key agreement scheme for wireless sensor networks (WSNs). Kim et al. observed that the Vaidya et al. scheme fails to resist gateway node bypassing and user impersonation attacks, and then proposed an improved scheme for WSNs. This study analyzes the weaknesses of the two-factor authentication and key agreement scheme of Kim et al., which include vulnerability to impersonation attacks, lost smartcard attacks and man-in-the-middle attacks, violation of session key security, and failure to protect user privacy. An efficient and secure authentication and key agreement scheme for WSNs based on the scheme of Kim et al. is then proposed. The proposed scheme not only solves the weaknesses of previous approaches, but also increases security requirements while maintaining low computational cost. PMID:26633396

A novel imaging technique for measuring kinematics of light-weight flexible structures.

PubMed

Zakaria, Mohamed Y; Eliethy, Ahmed S; Canfield, Robert A; Hajj, Muhammad R

2016-07-01

A new imaging algorithm is proposed to capture the kinematics of flexible, thin, light structures including frequencies and motion amplitudes for real time analysis. The studied case is a thin flexible beam that is preset at different angles of attack in a wind tunnel. As the angle of attack is increased beyond a critical value, the beam was observed to undergo a static deflection that is ensued by limit cycle oscillations. Imaging analysis of the beam vibrations shows that the motion consists of a superposition of the bending and torsion modes. The proposed algorithm was able to capture the oscillation amplitudes as well as the frequencies of both bending and torsion modes. The analysis results are validated through comparison with measurements from a piezoelectric sensor that is attached to the beam at its root.

A novel imaging technique for measuring kinematics of light-weight flexible structures

DOE Office of Scientific and Technical Information (OSTI.GOV)

Zakaria, Mohamed Y., E-mail: zakaria@vt.edu; Eliethy, Ahmed S.; Canfield, Robert A.

2016-07-15

A new imaging algorithm is proposed to capture the kinematics of flexible, thin, light structures including frequencies and motion amplitudes for real time analysis. The studied case is a thin flexible beam that is preset at different angles of attack in a wind tunnel. As the angle of attack is increased beyond a critical value, the beam was observed to undergo a static deflection that is ensued by limit cycle oscillations. Imaging analysis of the beam vibrations shows that the motion consists of a superposition of the bending and torsion modes. The proposed algorithm was able to capture the oscillationmore » amplitudes as well as the frequencies of both bending and torsion modes. The analysis results are validated through comparison with measurements from a piezoelectric sensor that is attached to the beam at its root.« less

Flight Simulation of a 3 gram Autonomous Glider

DTIC Science & Technology

2006-05-24

are referred to as S(t) and Sdot(t), respectively. The rotational direction is in a 4 element vector q(t), a quaternion that captures the 3 degrees... angles of attack from 30º to -30º, and the lift and drag forces were measured at each angle . Figure 3 shows the results of these measurements. As...expected, within a certain range the lift forces vary roughly linearly versus angle of attack. The drag forces increase more dramatically as one

Crew Meal in Node 1 Unity

NASA Image and Video Library

2010-04-14

S131-E-010228 (14 April 2010) --- A fish-eye lens attached to an electronic still camera was used to capture this image of STS-131 and Expedition 23 crew members as they share a meal in the Unity node of the International Space Station while space shuttle Discovery remains docked with the station. Pictured are NASA astronauts Alan Poindexter, James P. Dutton Jr.; and Russian cosmonauts Oleg Kotov, Mikhail Kornienko and Alexander Skvortsov.

Crew Meal in Node 1 Unity

NASA Image and Video Library

2010-04-14

S131-E-010227 (14 April 2010) --- A fish-eye lens attached to an electronic still camera was used to capture this image of STS-131 and Expedition 23 crew members as they share a meal in the Unity node of the International Space Station while space shuttle Discovery remains docked with the station. Pictured are NASA astronauts Alan Poindexter, James P. Dutton Jr.; and Russian cosmonauts Oleg Kotov, Mikhail Kornienko and Alexander Skvortsov.

Measures of node centrality in mobile social networks

NASA Astrophysics Data System (ADS)

Gao, Zhenxiang; Shi, Yan; Chen, Shanzhi

2015-02-01

Mobile social networks exploit human mobility and consequent device-to-device contact to opportunistically create data paths over time. While links in mobile social networks are time-varied and strongly impacted by human mobility, discovering influential nodes is one of the important issues for efficient information propagation in mobile social networks. Although traditional centrality definitions give metrics to identify the nodes with central positions in static binary networks, they cannot effectively identify the influential nodes for information propagation in mobile social networks. In this paper, we address the problems of discovering the influential nodes in mobile social networks. We first use the temporal evolution graph model which can more accurately capture the topology dynamics of the mobile social network over time. Based on the model, we explore human social relations and mobility patterns to redefine three common centrality metrics: degree centrality, closeness centrality and betweenness centrality. We then employ empirical traces to evaluate the benefits of the proposed centrality metrics, and discuss the predictability of nodes' global centrality ranking by nodes' local centrality ranking. Results demonstrate the efficiency of the proposed centrality metrics.

A Laboratory for Characterizing the Efficacy of Moving Target Defense

DTIC Science & Technology

2016-10-25

of William and Mary are developing a scalable, dynamic, adaptive security system that combines virtualization , emulation, and mutable network...goal with the resource constraints of a small number of servers, and making virtual nodes “real enough” from the view of attackers. Unfortunately, with...we at College of William and Mary are developing a scalable, dynamic, adaptive security system that combines virtualization , emulation, and mutable

Secure Sensor Semantic Web and Information Fusion

DTIC Science & Technology

2014-06-25

data acquired and transmitted by wireless sensor networks (WSNs). In a WSN, due to a need for robustness of monitoring and low cost of the nodes...3 S. Ozdemir and Y. Xiao, “Secure data aggregation in wireless sensor networks : A comprehensive overview...Elisa Bertino, and Somesh Jha: Secure data aggregation technique for wireless sensor networks in the presence of collusion attacks. To appear in

Recent Trends in Thinking about Warfare

DTIC Science & Technology

2006-09-01

military affairs .................. 13 Effects-based operations ........................ 16 Throw it all out? ...... ....................... 18 A...of 4GW. After all , an insurgent focuses his attacks on those vital nodes that are most likely to short circuit the enemy’s will to continue. Throw it...cheeked helmet, chain mail, flexible breast plate, short sword, rectan- gular shield, and heavy javelin . All of these were borrowed from Rome’s enemies

Interdependent Multi-Layer Networks: Modeling and Survivability Analysis with Applications to Space-Based Networks

PubMed Central

Castet, Jean-Francois; Saleh, Joseph H.

2013-01-01

This article develops a novel approach and algorithmic tools for the modeling and survivability analysis of networks with heterogeneous nodes, and examines their application to space-based networks. Space-based networks (SBNs) allow the sharing of spacecraft on-orbit resources, such as data storage, processing, and downlink. Each spacecraft in the network can have different subsystem composition and functionality, thus resulting in node heterogeneity. Most traditional survivability analyses of networks assume node homogeneity and as a result, are not suited for the analysis of SBNs. This work proposes that heterogeneous networks can be modeled as interdependent multi-layer networks, which enables their survivability analysis. The multi-layer aspect captures the breakdown of the network according to common functionalities across the different nodes, and it allows the emergence of homogeneous sub-networks, while the interdependency aspect constrains the network to capture the physical characteristics of each node. Definitions of primitives of failure propagation are devised. Formal characterization of interdependent multi-layer networks, as well as algorithmic tools for the analysis of failure propagation across the network are developed and illustrated with space applications. The SBN applications considered consist of several networked spacecraft that can tap into each other's Command and Data Handling subsystem, in case of failure of its own, including the Telemetry, Tracking and Command, the Control Processor, and the Data Handling sub-subsystems. Various design insights are derived and discussed, and the capability to perform trade-space analysis with the proposed approach for various network characteristics is indicated. The select results here shown quantify the incremental survivability gains (with respect to a particular class of threats) of the SBN over the traditional monolith spacecraft. Failure of the connectivity between nodes is also examined, and the results highlight the importance of the reliability of the wireless links between spacecraft (nodes) to enable any survivability improvements for space-based networks. PMID:23599835

Interdependent multi-layer networks: modeling and survivability analysis with applications to space-based networks.

PubMed

Castet, Jean-Francois; Saleh, Joseph H

2013-01-01

This article develops a novel approach and algorithmic tools for the modeling and survivability analysis of networks with heterogeneous nodes, and examines their application to space-based networks. Space-based networks (SBNs) allow the sharing of spacecraft on-orbit resources, such as data storage, processing, and downlink. Each spacecraft in the network can have different subsystem composition and functionality, thus resulting in node heterogeneity. Most traditional survivability analyses of networks assume node homogeneity and as a result, are not suited for the analysis of SBNs. This work proposes that heterogeneous networks can be modeled as interdependent multi-layer networks, which enables their survivability analysis. The multi-layer aspect captures the breakdown of the network according to common functionalities across the different nodes, and it allows the emergence of homogeneous sub-networks, while the interdependency aspect constrains the network to capture the physical characteristics of each node. Definitions of primitives of failure propagation are devised. Formal characterization of interdependent multi-layer networks, as well as algorithmic tools for the analysis of failure propagation across the network are developed and illustrated with space applications. The SBN applications considered consist of several networked spacecraft that can tap into each other's Command and Data Handling subsystem, in case of failure of its own, including the Telemetry, Tracking and Command, the Control Processor, and the Data Handling sub-subsystems. Various design insights are derived and discussed, and the capability to perform trade-space analysis with the proposed approach for various network characteristics is indicated. The select results here shown quantify the incremental survivability gains (with respect to a particular class of threats) of the SBN over the traditional monolith spacecraft. Failure of the connectivity between nodes is also examined, and the results highlight the importance of the reliability of the wireless links between spacecraft (nodes) to enable any survivability improvements for space-based networks.

Failure tolerance of spike phase synchronization in coupled neural networks

NASA Astrophysics Data System (ADS)

Jalili, Mahdi

2011-09-01

Neuronal synchronization plays an important role in the various functionality of nervous system such as binding, cognition, information processing, and computation. In this paper, we investigated how random and intentional failures in the nodes of a network influence its phase synchronization properties. We considered both artificially constructed networks using models such as preferential attachment, Watts-Strogatz, and Erdős-Rényi as well as a number of real neuronal networks. The failure strategy was either random or intentional based on properties of the nodes such as degree, clustering coefficient, betweenness centrality, and vulnerability. Hindmarsh-Rose model was considered as the mathematical model for the individual neurons, and the phase synchronization of the spike trains was monitored as a function of the percentage/number of removed nodes. The numerical simulations were supplemented by considering coupled non-identical Kuramoto oscillators. Failures based on the clustering coefficient, i.e., removing the nodes with high values of the clustering coefficient, had the least effect on the spike synchrony in all of the networks. This was followed by errors where the nodes were removed randomly. However, the behavior of the other three attack strategies was not uniform across the networks, and different strategies were the most influential in different network structure.

The Use of Signal Dimensionality for Automatic QC of Seismic Array Data

NASA Astrophysics Data System (ADS)

Rowe, C. A.; Stead, R. J.; Begnaud, M. L.; Draganov, D.; Maceira, M.; Gomez, M.

2014-12-01

A significant problem in seismic array analysis is the inclusion of bad sensor channels in the beam-forming process. We are testing an approach to automated, on-the-fly quality control (QC) to aid in the identification of poorly performing sensor channels prior to beam-forming in routine event detection or location processing. The idea stems from methods used for large computer servers, when monitoring traffic at enormous numbers of nodes is impractical on a node-by-node basis, so the dimensionality of the node traffic is instead monitored for anomalies that could represent malware, cyber-attacks or other problems. The technique relies upon the use of subspace dimensionality or principal components of the overall system traffic. The subspace technique is not new to seismology, but its most common application has been limited to comparing waveforms to an a priori collection of templates for detecting highly similar events in a swarm or seismic cluster. We examine the signal dimension in similar way to the method addressing node traffic anomalies in large computer systems. We explore the effects of malfunctioning channels on the dimension of the data and its derivatives, and how to leverage this effect for identifying bad array elements. We show preliminary results applied to arrays in Kazakhstan (Makanchi) and Argentina (Malargue).

A Comparative Study on Two Typical Schemes for Securing Spatial-Temporal Top-k Queries in Two-Tiered Mobile Wireless Sensor Networks.

PubMed

Ma, Xingpo; Liu, Xingjian; Liang, Junbin; Li, Yin; Li, Ran; Ma, Wenpeng; Qi, Chuanda

2018-03-15

A novel network paradigm of mobile edge computing, namely TMWSNs (two-tiered mobile wireless sensor networks), has just been proposed by researchers in recent years for its high scalability and robustness. However, only a few works have considered the security of TMWSNs. In fact, the storage nodes, which are located at the upper layer of TMWSNs, are prone to being attacked by the adversaries because they play a key role in bridging both the sensor nodes and the sink, which may lead to the disclosure of all data stored on them as well as some other potentially devastating results. In this paper, we make a comparative study on two typical schemes, EVTopk and VTMSN, which have been proposed recently for securing Top- k queries in TMWSNs, through both theoretical analysis and extensive simulations, aiming at finding out their disadvantages and advancements. We find that both schemes unsatisfactorily raise communication costs. Specifically, the extra communication cost brought about by transmitting the proof information uses up more than 40% of the total communication cost between the sensor nodes and the storage nodes, and 80% of that between the storage nodes and the sink. We discuss the corresponding reasons and present our suggestions, hoping that it will inspire the researchers researching this subject.

Achieving network level privacy in Wireless Sensor Networks.

PubMed

Shaikh, Riaz Ahmed; Jameel, Hassan; d'Auriol, Brian J; Lee, Heejo; Lee, Sungyoung; Song, Young-Jae

2010-01-01

Full network level privacy has often been categorized into four sub-categories: Identity, Route, Location and Data privacy. Achieving full network level privacy is a critical and challenging problem due to the constraints imposed by the sensor nodes (e.g., energy, memory and computation power), sensor networks (e.g., mobility and topology) and QoS issues (e.g., packet reach-ability and timeliness). In this paper, we proposed two new identity, route and location privacy algorithms and data privacy mechanism that addresses this problem. The proposed solutions provide additional trustworthiness and reliability at modest cost of memory and energy. Also, we proved that our proposed solutions provide protection against various privacy disclosure attacks, such as eavesdropping and hop-by-hop trace back attacks.

Achieving Network Level Privacy in Wireless Sensor Networks†

PubMed Central

Shaikh, Riaz Ahmed; Jameel, Hassan; d’Auriol, Brian J.; Lee, Heejo; Lee, Sungyoung; Song, Young-Jae

2010-01-01

Full network level privacy has often been categorized into four sub-categories: Identity, Route, Location and Data privacy. Achieving full network level privacy is a critical and challenging problem due to the constraints imposed by the sensor nodes (e.g., energy, memory and computation power), sensor networks (e.g., mobility and topology) and QoS issues (e.g., packet reach-ability and timeliness). In this paper, we proposed two new identity, route and location privacy algorithms and data privacy mechanism that addresses this problem. The proposed solutions provide additional trustworthiness and reliability at modest cost of memory and energy. Also, we proved that our proposed solutions provide protection against various privacy disclosure attacks, such as eavesdropping and hop-by-hop trace back attacks. PMID:22294881

DOE Office of Scientific and Technical Information (OSTI.GOV)

Yang, Qingcheng, E-mail: qiy9@pitt.edu; To, Albert C., E-mail: albertto@pitt.edu

Surface effects have been observed to contribute significantly to the mechanical response of nanoscale structures. The newly proposed energy-based coarse-grained atomistic method Multiresolution Molecular Mechanics (MMM) (Yang, To (2015), ) is applied to capture surface effect for nanosized structures by designing a surface summation rule SR{sup S} within the framework of MMM. Combined with previously proposed bulk summation rule SR{sup B}, the MMM summation rule SR{sup MMM} is completed. SR{sup S} and SR{sup B} are consistently formed within SR{sup MMM} for general finite element shape functions. Analogous to quadrature rules in finite element method (FEM), the key idea to themore » good performance of SR{sup MMM} lies in that the order or distribution of energy for coarse-grained atomistic model is mathematically derived such that the number, position and weight of quadrature-type (sampling) atoms can be determined. Mathematically, the derived energy distribution of surface area is different from that of bulk region. Physically, the difference is due to the fact that surface atoms lack neighboring bonding. As such, SR{sup S} and SR{sup B} are employed for surface and bulk domains, respectively. Two- and three-dimensional numerical examples using the respective 4-node bilinear quadrilateral, 8-node quadratic quadrilateral and 8-node hexahedral meshes are employed to verify and validate the proposed approach. It is shown that MMM with SR{sup MMM} accurately captures corner, edge and surface effects with less 0.3% degrees of freedom of the original atomistic system, compared against full atomistic simulation. The effectiveness of SR{sup MMM} with respect to high order element is also demonstrated by employing the 8-node quadratic quadrilateral to solve a beam bending problem considering surface effect. In addition, the introduced sampling error with SR{sup MMM} that is analogous to numerical integration error with quadrature rule in FEM is very small. - Highlights: • Surface effect captured by Multiresolution Molecular Mechanics (MMM) is presented. • A novel surface summation rule within the framework of MMM is proposed. • Surface, corner and edges effects are accuterly captured in two and three dimension. • MMM with less 0.3% degrees of freedom of atomistics reproduces atomistic results.« less

Advanced MicroObserver UGS integration with and cueing of the BattleHawk squad level loitering munition and UAV

NASA Astrophysics Data System (ADS)

Steadman, Bob; Finklea, John; Kershaw, James; Loughman, Cathy; Shaffner, Patti; Frost, Dean; Deller, Sean

2014-06-01

Textron's Advanced MicroObserver(R) is a next generation remote unattended ground sensor system (UGS) for border security, infrastructure protection, and small combat unit security. The original MicroObserver(R) is a sophisticated seismic sensor system with multi-node fusion that supports target tracking. This system has been deployed in combat theaters. The system's seismic sensor nodes are uniquely able to be completely buried (including antennas) for optimal covertness. The advanced version adds a wireless day/night Electro-Optic Infrared (EOIR) system, cued by seismic tracking, with sophisticated target discrimination and automatic frame capture features. Also new is a field deployable Gateway configurable with a variety of radio systems and flexible networking, an important upgrade that enabled the research described herein. BattleHawkTM is a small tube launched Unmanned Air Vehicle (UAV) with a warhead. Using transmitted video from its EOIR subsystem an operator can search for and acquire a target day or night, select a target for attack, and execute terminal dive to destroy the target. It is designed as a lightweight squad level asset carried by an individual infantryman. Although BattleHawk has the best loiter time in its class, it's still relatively short compared to large UAVs. Also it's a one-shot asset in its munition configuration. Therefore Textron Defense Systems conducted research, funded internally, to determine if there was military utility in having the highly persistent MicroObserver(R) system cue BattleHawk's launch and vector it to beyond visual range targets for engagement. This paper describes that research; the system configuration implemented, and the results of field testing that was performed on a government range early in 2013. On the integrated system that was implemented, MicroObserver(R) seismic detections activated that system's camera which then automatically captured images of the target. The geo-referenced and time-tagged MicroObserver(R) target reports and images were then automatically forwarded to the BattleHawk Android-based controller. This allowed the operator to see the intruder (classified and geo-located) on the map based display, assess the intruder as likely hostile (via the image), and launch BattleHawk with the pre-loaded target coordinates. The operator was thus able to quickly acquire the intended target (without a search) and initiate target engagement immediately. System latencies were a major concern encountered during the research.

Consistency mapping of 16 lymph node stations in gastric cancer by CT-based vessel-guided delineation of 255 patients.

PubMed

Xu, Shuhang; Feng, Lingling; Chen, Yongming; Sun, Ying; Lu, Yao; Huang, Shaomin; Fu, Yang; Zheng, Rongqin; Zhang, Yujing; Zhang, Rong

2017-06-20

In order to refine the location and metastasis-risk density of 16 lymph node stations of gastric cancer for neoadjuvant radiotherapy, we retrospectively reviewed the initial images and pathological reports of 255 gastric cancer patients with lymphatic metastasis. Metastatic lymph nodes identified in the initial computed tomography images were investigated by two radiologists with gastrointestinal specialty. A circle with a diameter of 5 mm was used to identify the central position of each metastatic lymph node, defined as the LNc (the central position of the lymph node). The LNc was drawn at the equivalent location on the reference images of a standard patient based on the relative distances to the same reference vessels and the gastric wall using a Monaco® version 5.0 workstation. The image manipulation software Medi-capture was programmed for image analysis to produce a contour and density atlas of 16 lymph node stations. Based on a total of 2846 LNcs contoured (31-599 per lymph node station), we created a density distribution map of 16 lymph node drainage stations of the stomach on computed tomography images, showing the detailed radiographic delineation of each lymph node station as well as high-risk areas for lymph node metastasis. Our mapping can serve as a template for the delineation of gastric lymph node stations when defining clinical target volume in pre-operative radiotherapy for gastric cancer.

An Adaptive Reputation-Based Algorithm for Grid Virtual Organization Formation

NASA Astrophysics Data System (ADS)

Cui, Yongrui; Li, Mingchu; Ren, Yizhi; Sakurai, Kouichi

A novel adaptive reputation-based virtual organization formation is proposed. It restrains the bad performers effectively based on the consideration of the global experience of the evaluator and evaluates the direct trust relation between two grid nodes accurately by consulting the previous trust value rationally. It also consults and improves the reputation evaluation process in PathTrust model by taking account of the inter-organizational trust relationship and combines it with direct and recommended trust in a weighted way, which makes the algorithm more robust against collusion attacks. Additionally, the proposed algorithm considers the perspective of the VO creator and takes required VO services as one of the most important fine-grained evaluation criterion, which makes the algorithm more suitable for constructing VOs in grid environments that include autonomous organizations. Simulation results show that our algorithm restrains the bad performers and resists against fake transaction attacks and badmouth attacks effectively. It provides a clear advantage in the design of a VO infrastructure.

Network Randomization and Dynamic Defense for Critical Infrastructure Systems

DOE Office of Scientific and Technical Information (OSTI.GOV)

Chavez, Adrian R.; Martin, Mitchell Tyler; Hamlet, Jason

2015-04-01

Critical Infrastructure control systems continue to foster predictable communication paths, static configurations, and unpatched systems that allow easy access to our nation's most critical assets. This makes them attractive targets for cyber intrusion. We seek to address these attack vectors by automatically randomizing network settings, randomizing applications on the end devices themselves, and dynamically defending these systems against active attacks. Applying these protective measures will convert control systems into moving targets that proactively defend themselves against attack. Sandia National Laboratories has led this effort by gathering operational and technical requirements from Tennessee Valley Authority (TVA) and performing research and developmentmore » to create a proof-of-concept solution. Our proof-of-concept has been tested in a laboratory environment with over 300 nodes. The vision of this project is to enhance control system security by converting existing control systems into moving targets and building these security measures into future systems while meeting the unique constraints that control systems face.« less

Mutual Authentication Scheme in Secure Internet of Things Technology for Comfortable Lifestyle

PubMed Central

Park, Namje; Kang, Namhi

2015-01-01

The Internet of Things (IoT), which can be regarded as an enhanced version of machine-to-machine communication technology, was proposed to realize intelligent thing-to-thing communications by utilizing the Internet connectivity. In the IoT, “things” are generally heterogeneous and resource constrained. In addition, such things are connected to each other over low-power and lossy networks. In this paper, we propose an inter-device authentication and session-key distribution system for devices with only encryption modules. In the proposed system, unlike existing sensor-network environments where the key distribution center distributes the key, each sensor node is involved with the generation of session keys. In addition, in the proposed scheme, the performance is improved so that the authenticated device can calculate the session key in advance. The proposed mutual authentication and session-key distribution system can withstand replay attacks, man-in-the-middle attacks, and wiretapped secret-key attacks. PMID:26712759

Brain network alterations and vulnerability to simulated neurodegeneration in breast cancer.

PubMed

Kesler, Shelli R; Watson, Christa L; Blayney, Douglas W

2015-08-01

Breast cancer and its treatments are associated with mild cognitive impairment and brain changes that could indicate an altered or accelerated brain aging process. We applied diffusion tensor imaging and graph theory to measure white matter organization and connectivity in 34 breast cancer survivors compared with 36 matched healthy female controls. We also investigated how brain networks (connectomes) in each group responded to simulated neurodegeneration based on network attack analysis. Compared with controls, the breast cancer group demonstrated significantly lower fractional anisotropy, altered small-world connectome properties, lower brain network tolerance to systematic region (node), and connection (edge) attacks and significant cognitive impairment. Lower tolerance to network attack was associated with cognitive impairment in the breast cancer group. These findings provide further evidence of diffuse white matter pathology after breast cancer and extend the literature in this area with unique data demonstrating increased vulnerability of the post-breast cancer brain network to future neurodegenerative processes. Copyright © 2015 Elsevier Inc. All rights reserved.

Designing a holistic end-to-end intelligent network analysis and security platform

NASA Astrophysics Data System (ADS)

Alzahrani, M.

2018-03-01

Firewall protects a network from outside attacks, however, once an attack entering a network, it is difficult to detect. Recent significance accidents happened. i.e.: millions of Yahoo email account were stolen and crucial data from institutions are held for ransom. Within two year Yahoo’s system administrators were not aware that there are intruder inside the network. This happened due to the lack of intelligent tools to monitor user behaviour in internal network. This paper discusses a design of an intelligent anomaly/malware detection system with proper proactive actions. The aim is to equip the system administrator with a proper tool to battle the insider attackers. The proposed system adopts machine learning to analyse user’s behaviour through the runtime behaviour of each node in the network. The machine learning techniques include: deep learning, evolving machine learning perceptron, hybrid of Neural Network and Fuzzy, as well as predictive memory techniques. The proposed system is expanded to deal with larger network using agent techniques.

Automatic analysis of attack data from distributed honeypot network

NASA Astrophysics Data System (ADS)

Safarik, Jakub; Voznak, MIroslav; Rezac, Filip; Partila, Pavol; Tomala, Karel

2013-05-01

There are many ways of getting real data about malicious activity in a network. One of them relies on masquerading monitoring servers as a production one. These servers are called honeypots and data about attacks on them brings us valuable information about actual attacks and techniques used by hackers. The article describes distributed topology of honeypots, which was developed with a strong orientation on monitoring of IP telephony traffic. IP telephony servers can be easily exposed to various types of attacks, and without protection, this situation can lead to loss of money and other unpleasant consequences. Using a distributed topology with honeypots placed in different geological locations and networks provides more valuable and independent results. With automatic system of gathering information from all honeypots, it is possible to work with all information on one centralized point. Communication between honeypots and centralized data store use secure SSH tunnels and server communicates only with authorized honeypots. The centralized server also automatically analyses data from each honeypot. Results of this analysis and also other statistical data about malicious activity are simply accessible through a built-in web server. All statistical and analysis reports serve as information basis for an algorithm which classifies different types of used VoIP attacks. The web interface then brings a tool for quick comparison and evaluation of actual attacks in all monitored networks. The article describes both, the honeypots nodes in distributed architecture, which monitor suspicious activity, and also methods and algorithms used on the server side for analysis of gathered data.

Secure and Fair Cluster Head Selection Protocol for Enhancing Security in Mobile Ad Hoc Networks

PubMed Central

Paramasivan, B.; Kaliappan, M.

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP. PMID:25143986

Secure and fair cluster head selection protocol for enhancing security in mobile ad hoc networks.

PubMed

Paramasivan, B; Kaliappan, M

2014-01-01

Mobile ad hoc networks (MANETs) are wireless networks consisting of number of autonomous mobile devices temporarily interconnected into a network by wireless media. MANETs become one of the most prevalent areas of research in the recent years. Resource limitations, energy efficiency, scalability, and security are the great challenging issues in MANETs. Due to its deployment nature, MANETs are more vulnerable to malicious attack. The secure routing protocols perform very basic security related functions which are not sufficient to protect the network. In this paper, a secure and fair cluster head selection protocol (SFCP) is proposed which integrates security factors into the clustering approach for achieving attacker identification and classification. Byzantine agreement based cooperative technique is used for attacker identification and classification to make the network more attack resistant. SFCP used to solve this issue by making the nodes that are totally surrounded by malicious neighbors adjust dynamically their belief and disbelief thresholds. The proposed protocol selects the secure and energy efficient cluster head which acts as a local detector without imposing overhead to the clustering performance. SFCP is simulated in network simulator 2 and compared with two protocols including AODV and CBRP.

[Tularemia in a jogger woman after the attack by a common buzzard (Buteo buteo): A "One Health" case report].

PubMed

Ehrensperger, F; Riederer, L; Friedl, A

2018-03-01

A female jogger was attacked by a common buzzard (Buteo buteo) and was scratched lightly at the back of the head. One week later she was taken ill with high fever and headache which was later diagnosed as ulcero-glandular tularemia in regional lymph nodes, caused by Francisella tularensis. Recovery was only achieved after several weeks of systemic antibiotic treatment (Gentamicin/ Ciprofloxacine). Tularemia is a well known zoonotic disease, called "rabbit fever", mainly affecting rabbits and hares, but also small rodents. Human infection occurs often following tick bites or bloodsucking insects, or in hunters or slaughterers handling infected animals. Bites by mice have also been reported as a cause of tularemia. For the first time we report this case of tularemia as a result of an attack by a bird of prey. We assume that the bird acted as a vector just carrying the F. tularensis on its claws or beak, but we cannot exclude an infection of the bird itself. Several other joggers had also been attacked by a common buzzard in the same area shortly after the above described event and one of these also became infected with F. tularensis.

Protecting Dynamic Mobile Agent against Denial of Service Attacks

NASA Astrophysics Data System (ADS)

Aggarwal, Mayank; Nipur, Pallavi

2010-11-01

Mobile Agents are softwares migrating from one node to another to fulfill the task of its owner. The introduction of mobile agents has reduced network latency, network traffic a lot but at the same time it has increased the vulnerability for attacks by malicious hosts. One such attack is `Denial of Service', once the agent is launched it is free to roam without any control of its owner, this on one hand decreases the cost of agent—owner interaction and on the other hand increases the chances of `Denial Of Service'. In Denial Of Service attack the malicious host may deny resources required by the agent and kill the agent, thus the result computed so far is lost and this may happen every time the agent visits any malicious host. In this paper we continued the work done in [10] in which the authors proposed techniques by which owner can detect the malicious host for `Denial Of Service' but they did not covered technique for dynamic routes i.e. where the host or agent initiate migrations to hosts which were not contained in the route composed by the owner. We introduced an algorithm and a model which can be useful for the above purpose.

Effects of traffic generation patterns on the robustness of complex networks

NASA Astrophysics Data System (ADS)

Wu, Jiajing; Zeng, Junwen; Chen, Zhenhao; Tse, Chi K.; Chen, Bokui

2018-02-01

Cascading failures in communication networks with heterogeneous node functions are studied in this paper. In such networks, the traffic dynamics are highly dependent on the traffic generation patterns which are in turn determined by the locations of the hosts. The data-packet traffic model is applied to Barabási-Albert scale-free networks to study the cascading failures in such networks and to explore the effects of traffic generation patterns on network robustness. It is found that placing the hosts at high-degree nodes in a network can make the network more robust against both intentional attacks and random failures. It is also shown that the traffic generation pattern plays an important role in network design.

Crew Meal in Node 1 Unity

NASA Image and Video Library

2010-04-14

S131-E-010222 (14 April 2010) --- A fish-eye lens attached to an electronic still camera was used to capture this image of STS-131 and Expedition 23 crew members in the Unity node of the International Space Station while space shuttle Discovery remains docked with the station. Pictured are NASA astronauts Rick Mastracchio, Tracy Caldwell Dyson, Clayton Anderson and T.J. Creamer; along with Russian cosmonaut Oleg Kotov and Japan Aerospace Exploration Agency (JAXA) astronaut Soichi Noguchi.

Saliency Detection via Absorbing Markov Chain With Learnt Transition Probability.

PubMed

Lihe Zhang; Jianwu Ai; Bowen Jiang; Huchuan Lu; Xiukui Li

2018-02-01

In this paper, we propose a bottom-up saliency model based on absorbing Markov chain (AMC). First, a sparsely connected graph is constructed to capture the local context information of each node. All image boundary nodes and other nodes are, respectively, treated as the absorbing nodes and transient nodes in the absorbing Markov chain. Then, the expected number of times from each transient node to all other transient nodes can be used to represent the saliency value of this node. The absorbed time depends on the weights on the path and their spatial coordinates, which are completely encoded in the transition probability matrix. Considering the importance of this matrix, we adopt different hierarchies of deep features extracted from fully convolutional networks and learn a transition probability matrix, which is called learnt transition probability matrix. Although the performance is significantly promoted, salient objects are not uniformly highlighted very well. To solve this problem, an angular embedding technique is investigated to refine the saliency results. Based on pairwise local orderings, which are produced by the saliency maps of AMC and boundary maps, we rearrange the global orderings (saliency value) of all nodes. Extensive experiments demonstrate that the proposed algorithm outperforms the state-of-the-art methods on six publicly available benchmark data sets.

The HIV-1 envelope protein gp120 is captured and displayed for B cell recognition by SIGN-R1+ lymph node macrophages

PubMed Central

Park, Chung; Arthos, James; Cicala, Claudia; Kehrl, John H

2015-01-01

The HIV-1 envelope protein gp120 is both the target of neutralizing antibodies and a major focus of vaccine efforts; however how it is delivered to B cells to elicit an antibody response is unknown. Here, we show that following local gp120 injection lymph node (LN) SIGN-R1+ sinus macrophages located in interfollicular pockets and underlying SIGN-R1+ macrophages form a cellular network that rapidly captures gp120 from the afferent lymph. In contrast, two other antigens, phycoerythrin and hen egg lysozyme, were not captured by these cells. Intravital imaging of mouse LNs revealed persistent, but transient interactions between gp120 bearing interfollicular network cells and both trafficking and LN follicle resident gp120 specific B cells. The gp120 specific, but not the control B cells repetitively extracted gp120 from the network cells. Our findings reveal a specialized LN antigen delivery system poised to deliver gp120 and likely other pathogen derived glycoproteins to B cells. DOI: http://dx.doi.org/10.7554/eLife.06467.001 PMID:26258881

Environmental issues and process risks for operation of carbon capture plant

NASA Astrophysics Data System (ADS)

Lajnert, Radosław; Nowak, Martyna; Telenga-Kopyczyńska, Jolanta

2018-01-01

The scope of this publication is a presentation of environmental issues and process risks connected with operation an installation for carbon capture from waste gas. General technological assumptions, typical for demonstration plant for carbon capture from waste gas (DCCP) with application of two different solutions - 30% water solution of monoethanoloamine (MEA) and water solution with 30% AMP (2-amino-2-methyl-1-propanol) and 10% piperazine have been described. The concept of DCCP installation was made for Łaziska Power Plant in Łaziska Górne owned by TAURON Wytwarzanie S.A. Main hazardous substances, typical for such installation, which can be dangerous for human life and health or for the environment have been presented. Pollution emission to the air, noise emission, waste water and solid waste management have been described. The environmental impact of the released substances has been stated. Reference to emission standards specified in regulations for considered substances has been done. Principles of risk analysis have been presented and main hazards in carbon dioxide absorption node and regeneration node have been evaluated.

Ground wave emergency network final operational capability: Environmental assessment for northwestern Nebraska relay node, site number RN 8C930NE

NASA Astrophysics Data System (ADS)

1993-02-01

The Ground Wave Emergency Network (GWEN) is a radio communication system designed to relay emergency messages between strategic military areas in the continental United States. The system is immune to the effects of high-altitude electromagnetic pulse (HEMP) energy surges caused by nuclear bursts in the ionosphere that would disrupt conventional communications equipment such as telephones and shortwave radios. A failure of such equipment would prevent timely communications among top military and civilian leaders and strategic Air Force locations and prevent U.S. assessment and retaliation during an attack. GWEN is an essential part of a defense modernization program to upgrade and improve our nation's communications system, thereby strengthening deterrence. The GWEN system consists of a network of relay nodes, receive-only stations, and input/output stations. Each relay node, such as the one proposed in northwestern Nebraska, consists of a guyed radio tower facility similar to those used by commercial AM broadcast transmitters.

Ground wave emergency network environmental assessment for northwestern Colorado relay node site number RN 8C924CO

NASA Astrophysics Data System (ADS)

1993-02-01

The Ground Wave Emergency Network (GWEN) is a radio communication system designed to relay emergency messages between strategic military areas in the continental United States. The system is immune to the effects of high-altitude electromagnetic pulse (HEMP) energy surges caused by nuclear bursts in the ionosphere that would disrupt conventional communications equipment such as telephones and shortwave radios. A failure of such equipment would prevent timely communications among top military and civilian leaders and strategic Air Force locations and prevent U.S. assessment and retaliation during an attack. GWEN is an essential part of a defense modernization program to upgrade and improve our nation's communications system, thereby strengthening deterrence. The GWEN system consists of a network of relay nodes, receive-only stations, and input/output stations. Each relay node, such as the one proposed in southern Nevada consists of a guyed radio tower facility similar to those used by commercial AM broadcast transmitters.

Ground wave emergency network final operational capability: Environmental assessment for southern Nevada relay node site number RN 8W918NV

NASA Astrophysics Data System (ADS)

1993-03-01

The Ground Wave Emergency Network (GWEN) is a radio communication system designed to relay emergency messages between strategic military areas in the continental United States. The system is immune to the effects of high-altitude electromagnetic pulse (HEMP) energy surges caused by nuclear bursts in the ionosphere that would disrupt conventional communications equipment such as telephones and shortwave radios. A failure of such equipment would prevent timely communications among top military and civilian leaders and strategic Air Force locations and prevent U.S. assessment and retaliation during an attack. GWEN is an essential part of a defense modernization program to upgrade and improve our nation's communications system, thereby strengthening deterrence. The GWEN system consists of a network of relay nodes, receive-only stations, and input/output stations. Each relay node, such as the one proposed in southern Nevada consists of a guyed radio tower facility similar to those used by commercial AM broadcast transmitters.

Cyber War Game in Temporal Networks

DTIC Science & Technology

2016-02-09

a node’s mobility, failure or its resource depletion over time or action(s), this optimization problem becomes NP-com- plete. We propose two heuristic ... representing the interactions between nodes [1, 2]. One of the most important property of a network is robustness against random failures and target attacks...authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Laboratory or the U.S

Security Considerations For Network-Centric Weapon Systems

DTIC Science & Technology

2009-09-01

who exploits some weakness in these protective measures and impersonates a trusted network member can gain the ability to reprogram the victim node to...permitting the attacker to conduct a small-scale reprogramming and insert malicious code such as viruses or worms (McClure, Scambray, and Kurtz 2005, 218...people requesting this information because of the subconscious assumption that everything will end well because it has in the past. Defense

Attacking al Qaeda’s Operational Centers of Gravity

DTIC Science & Technology

2008-01-01

have allied themselves with al Qaeda.7 The Taliban in Afghanistan have a close relationship with al Qaeda. In Iraq, there are two major insurgent... consanguinity , the ideological affinity between al Qaeda and local insurgents and populations. By designating consanguinity as a decisive point at the...people, materiel, or facilities. Links connect nodes and are behavioral or functional; they could be a command relationship or an ideology. A deci

A Game Theory Based Solution for Security Challenges in CRNs

NASA Astrophysics Data System (ADS)

Poonam; Nagpal, Chander Kumar

2018-03-01

Cognitive radio networks (CRNs) are being envisioned to drive the next generation Ad hoc wireless networks due to their ability to provide communications resilience in continuously changing environments through the use of dynamic spectrum access. Conventionally CRNs are dependent upon the information gathered by other secondary users to ensure the accuracy of spectrum sensing making them vulnerable to security attacks leading to the need of security mechanisms like cryptography and trust. However, a typical cryptography based solution is not a viable security solution for CRNs owing to their limited resources. Effectiveness of trust based approaches has always been, in question, due to credibility of secondary trust resources. Game theory with its ability to optimize in an environment of conflicting interests can be quite a suitable tool to manage an ad hoc network in the presence of autonomous selfish/malevolent/malicious and attacker nodes. The literature contains several theoretical proposals for augmenting game theory in the ad hoc networks without explicit/detailed implementation. This paper implements a game theory based solution in MATLAB-2015 to secure the CRN environment and compares the obtained results with the traditional approaches of trust and cryptography. The simulation result indicates that as the time progresses the game theory performs much better with higher throughput, lower jitter and better identification of selfish/malicious nodes.

E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks

PubMed Central

Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

2012-01-01

A wireless medical sensor network (WMSN) can sense humans’ physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals’ hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients’ medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs. PMID:22438729

E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks.

PubMed

Kumar, Pardeep; Lee, Sang-Gon; Lee, Hoon-Jae

2012-01-01

A wireless medical sensor network (WMSN) can sense humans' physiological signs without sacrificing patient comfort and transmit patient vital signs to health professionals' hand-held devices. The patient physiological data are highly sensitive and WMSNs are extremely vulnerable to many attacks. Therefore, it must be ensured that patients' medical signs are not exposed to unauthorized users. Consequently, strong user authentication is the main concern for the success and large scale deployment of WMSNs. In this regard, this paper presents an efficient, strong authentication protocol, named E-SAP, for healthcare application using WMSNs. The proposed E-SAP includes: (1) a two-factor (i.e., password and smartcard) professional authentication; (2) mutual authentication between the professional and the medical sensor; (3) symmetric encryption/decryption for providing message confidentiality; (4) establishment of a secure session key at the end of authentication; and (5) professionals can change their password. Further, the proposed protocol requires three message exchanges between the professional, medical sensor node and gateway node, and achieves efficiency (i.e., low computation and communication cost). Through the formal analysis, security analysis and performance analysis, we demonstrate that E-SAP is more secure against many practical attacks, and allows a tradeoff between the security and the performance cost for healthcare application using WMSNs.

Predation by the Dwarf Seahorse on Copepods: Quantifying Motion and Flows Using 3D High Speed Digital Holographic Cinematography - When Seahorses Attack!

NASA Astrophysics Data System (ADS)

Gemmell, Brad; Sheng, Jian; Buskey, Ed

2008-11-01

Copepods are an important planktonic food source for most of the world's fish species. This high predation pressure has led copepods to evolve an extremely effective escape response, with reaction times to hydrodynamic disturbances of less than 4 ms and escape speeds of over 500 body lengths per second. Using 3D high speed digital holographic cinematography (up to 2000 frames per second) we elucidate the role of entrainment flow fields generated by a natural visual predator, the dwarf seahorse (Hippocampus zosterae) during attacks on its prey, Acartia tonsa. Using phytoplankton as a tracer, we recorded and reconstructed 3D flow fields around the head of the seahorse and its prey during both successful and unsuccessful attacks to better understand how some attacks lead to capture with little or no detection from the copepod while others result in failed attacks. Attacks start with a slow approach to minimize the hydro-mechanical disturbance which is used by copepods to detect the approach of a potential predator. Successful attacks result in the seahorse using its pipette-like mouth to create suction faster than the copepod's response latency. As these characteristic scales of entrainment increase, a successful escape becomes more likely.

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks

PubMed Central

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A.; Zulkarnain, Zuriati A.

2016-01-01

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol’s semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery. PMID:27338411

Securing While Sampling in Wireless Body Area Networks With Application to Electrocardiography.

PubMed

Dautov, Ruslan; Tsouri, Gill R

2016-01-01

Stringent resource constraints and broadcast transmission in wireless body area network raise serious security concerns when employed in biomedical applications. Protecting data transmission where any minor alteration is potentially harmful is of significant importance in healthcare. Traditional security methods based on public or private key infrastructure require considerable memory and computational resources, and present an implementation obstacle in compact sensor nodes. This paper proposes a lightweight encryption framework augmenting compressed sensing with wireless physical layer security. Augmenting compressed sensing to secure information is based on the use of the measurement matrix as an encryption key, and allows for incorporating security in addition to compression at the time of sampling an analog signal. The proposed approach eliminates the need for a separate encryption algorithm, as well as the predeployment of a key thereby conserving sensor node's limited resources. The proposed framework is evaluated using analysis, simulation, and experimentation applied to a wireless electrocardiogram setup consisting of a sensor node, an access point, and an eavesdropper performing a proximity attack. Results show that legitimate communication is reliable and secure given that the eavesdropper is located at a reasonable distance from the sensor node and the access point.

Angle and Context Free Grammar Based Precarious Node Detection and Secure Data Transmission in MANETs.

PubMed

Veerasamy, Anitha; Madane, Srinivasa Rao; Sivakumar, K; Sivaraman, Audithan

2016-01-01

Growing attractiveness of Mobile Ad Hoc Networks (MANETs), its features, and usage has led to the launching of threats and attacks to bring negative consequences in the society. The typical features of MANETs, especially with dynamic topology and open wireless medium, may leave MANETs vulnerable. Trust management using uncertain reasoning scheme has previously attempted to solve this problem. However, it produces additional overhead while securing the network. Hence, a Location and Trust-based secure communication scheme (L&TS) is proposed to overcome this limitation. Since the design securing requires more than two data algorithms, the cost of the system goes up. Another mechanism proposed in this paper, Angle and Context Free Grammar (ACFG) based precarious node elimination and secure communication in MANETs, intends to secure data transmission and detect precarious nodes in a MANET at a comparatively lower cost. The Elliptic Curve function is used to isolate a malicious node, thereby incorporating secure data transfer. Simulation results show that the dynamic estimation of the metrics improves throughput by 26% in L&TS when compared to the TMUR. ACFG achieves 33% and 51% throughput increase when compared to L&TS and TMUR mechanisms, respectively.

Random Time Identity Based Firewall In Mobile Ad hoc Networks

NASA Astrophysics Data System (ADS)

Suman, Patel, R. B.; Singh, Parvinder

2010-11-01

A mobile ad hoc network (MANET) is a self-organizing network of mobile routers and associated hosts connected by wireless links. MANETs are highly flexible and adaptable but at the same time are highly prone to security risks due to the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized control. Firewall is an effective means of protecting a local network from network-based security threats and forms a key component in MANET security architecture. This paper presents a review of firewall implementation techniques in MANETs and their relative merits and demerits. A new approach is proposed to select MANET nodes at random for firewall implementation. This approach randomly select a new node as firewall after fixed time and based on critical value of certain parameters like power backup. This approach effectively balances power and resource utilization of entire MANET because responsibility of implementing firewall is equally shared among all the nodes. At the same time it ensures improved security for MANETs from outside attacks as intruder will not be able to find out the entry point in MANET due to the random selection of nodes for firewall implementation.

FuGeF: A Resource Bound Secure Forwarding Protocol for Wireless Sensor Networks.

PubMed

Umar, Idris Abubakar; Mohd Hanapi, Zurina; Sali, A; Zulkarnain, Zuriati A

2016-06-22

Resource bound security solutions have facilitated the mitigation of spatio-temporal attacks by altering protocol semantics to provide minimal security while maintaining an acceptable level of performance. The Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing protocol for Wireless Sensor Network (WSN) has been proposed to achieve a minimal selection of malicious nodes by introducing a dynamic collection window period to the protocol's semantics. However, its selection scheme suffers substantial packet losses due to the utilization of a single distance based parameter for node selection. In this paper, we propose a Fuzzy-based Geographic Forwarding protocol (FuGeF) to minimize packet loss, while maintaining performance. The FuGeF utilizes a new form of dynamism and introduces three selection parameters: remaining energy, connectivity cost, and progressive distance, as well as a Fuzzy Logic System (FLS) for node selection. These introduced mechanisms ensure the appropriate selection of a non-malicious node. Extensive simulation experiments have been conducted to evaluate the performance of the proposed FuGeF protocol as compared to DWSIGF variants. The simulation results show that the proposed FuGeF outperforms the two DWSIGF variants (DWSIGF-P and DWSIGF-R) in terms of packet delivery.

A Strategy Based on Protein-Protein Interface Motifs May Help in Identifying Drug Off-Targets

PubMed Central

Engin, H. Billur; Keskin, Ozlem; Nussinov, Ruth; Gursoy, Attila

2014-01-01

Networks are increasingly used to study the impact of drugs at the systems level. From the algorithmic standpoint, a drug can ‘attack’ nodes or edges of a protein-protein interaction network. In this work, we propose a new network strategy, “The Interface Attack”, based on protein-protein interfaces. Similar interface architectures can occur between unrelated proteins. Consequently, in principle, a drug that binds to one has a certain probability of binding others. The interface attack strategy simultaneously removes from the network all interactions that consist of similar interface motifs. This strategy is inspired by network pharmacology and allows inferring potential off-targets. We introduce a network model which we call “Protein Interface and Interaction Network (P2IN)”, which is the integration of protein-protein interface structures and protein interaction networks. This interface-based network organization clarifies which protein pairs have structurally similar interfaces, and which proteins may compete to bind the same surface region. We built the P2IN of p53 signaling network and performed network robustness analysis. We show that (1) ‘hitting’ frequent interfaces (a set of edges distributed around the network) might be as destructive as eleminating high degree proteins (hub nodes); (2) frequent interfaces are not always topologically critical elements in the network; and (3) interface attack may reveal functional changes in the system better than attack of single proteins. In the off-target detection case study, we found that drugs blocking the interface between CDK6 and CDKN2D may also affect the interaction between CDK4 and CDKN2D. PMID:22817115

Gait biometrics under spoofing attacks: an experimental investigation

NASA Astrophysics Data System (ADS)

Hadid, Abdenour; Ghahramani, Mohammad; Kellokumpu, Vili; Feng, Xiaoyi; Bustard, John; Nixon, Mark

2015-11-01

Gait is a relatively biometric modality which has a precious advantage over other modalities, such as iris and voice, in that it can be easily captured from a distance. Although it has recently become a topic of great interest in biometric research, there has been little investigation into gait spoofing attacks where a person tries to imitate the clothing or walking style of someone else. We recently analyzed for the first time the effects of spoofing attacks on silhouette-based gait biometric systems and showed that it was indeed possible to spoof gait biometric systems by clothing impersonation and the deliberate selection of a target that has a similar build to the attacker. To gain deeper insight into the performance of current gait biometric systems under spoofing attacks, we provide a thorough investigation on how clothing can be used to spoof a target and evaluate the performance of two state-of-the-art recognition methods on a gait spoofing database recorded at the University of Southampton. Furthermore, we describe and evaluate an initial solution coping with gait spoofing attacks. The obtained results are very promising and point out interesting findings which can be used for future investigations.

Death feigning by ducks in response to predation by red foxes (Vulpes fulva)

USGS Publications Warehouse

Sargeant, A.B.; Eberhardt, L.E.

1975-01-01

Predation by captive red foxes (Vulpes fulva) on approximately 50 ducks comprised of five species was observed in tests conducted at the Northern Prairie Wildlife Research Center, Jamestown, North Dakota. Most ducks were attacked from a rear or lateral position and seized in the cervical or thoracic region. All birds became immobile (death-feigned) immediately when seized and with few exceptions remained motionless during prey-handling and for varying lengths of time thereafter. Initial death feints lasted from 20 sec to 14 min. Recovery was delayed by tactile, visual and, possibly, auditory cues from the foxes. Death-feigning birds appeared alert and often took advantage of escape opportunities. Twenty-nine birds survived initial capture and handling by the foxes. Naive foxes were wary of ducks during initial confrontations, but experienced foxes showed little hesitation in attacking them. After capture, most ducks were taken alive to lay-down sites where they were mouthed and often killed. Then the ducks were usually cached or taken to dens or pups. Several birds were cached alive. Red foxes appear to have adapted to the escape of death-feigning ducks by learning to kill some birds soon after capture and by the evolution of an appendage-severing behavior. Death feigning appears to be a highly developed antipredator behavior of ducks that facilitates the escape of some birds after capture by red foxes.

Prepping Orbital Sciences? Cygnus commercial cargo spacecraft for undock

NASA Image and Video Library

2013-10-21

ISS037-E-016758 (21 Oct. 2013) --- European Space Agency astronaut Luca Parmitano, Expedition 37 flight engineer, gives a thumbs up signal after closing the hatch between the International Space Station’s Harmony node and the Orbital Sciences’ Cygnus commercial cargo spacecraft in preparation for its release after completing a successful demonstration mission to the space station. Cygnus delivered 1,300 pounds of gear on Sept. 29 when it arrived and was captured by Canadarm2 and berthed to the Harmony node.

Predicting Node Degree Centrality with the Node Prominence Profile

PubMed Central

Yang, Yang; Dong, Yuxiao; Chawla, Nitesh V.

2014-01-01

Centrality of a node measures its relative importance within a network. There are a number of applications of centrality, including inferring the influence or success of an individual in a social network, and the resulting social network dynamics. While we can compute the centrality of any node in a given network snapshot, a number of applications are also interested in knowing the potential importance of an individual in the future. However, current centrality is not necessarily an effective predictor of future centrality. While there are different measures of centrality, we focus on degree centrality in this paper. We develop a method that reconciles preferential attachment and triadic closure to capture a node's prominence profile. We show that the proposed node prominence profile method is an effective predictor of degree centrality. Notably, our analysis reveals that individuals in the early stage of evolution display a distinctive and robust signature in degree centrality trend, adequately predicted by their prominence profile. We evaluate our work across four real-world social networks. Our findings have important implications for the applications that require prediction of a node's future degree centrality, as well as the study of social network dynamics. PMID:25429797

3D Model of Cytokinetic Contractile Ring Assembly: Node-Mediated and Backup Pathways

NASA Astrophysics Data System (ADS)

Bidone, Tamara; Vavylonis, Dimitrios

Cytokinetic ring assembly in model organism fission yeast is a dynamic process, involving condensation of a network of actin filaments and myosin motors bound to the cell membrane through cortical nodes. A 3D computational model of ring assembly illustrates how the combined activities of myosin motors, filament crosslinkers and actin turnover lead to robust ring formation [Bidone et al. Biophys. J, 2014]. We modeled the importance of the physical properties of node movement along the cell membrane and of myosin recruitment to nodes. Experiments by D. Zhang (Temasek Life Sciences) show that tethering of the cortical endoplasmic reticulum (ER) to the plasma membrane modulates the speed of node condensation and the degree of node clumping. We captured the trend observed in these experiments by changes in the node drag coefficient and initial node distribution in simulations PM. The model predicted that reducing crosslinking activities in ER tethering mutants with faster node speed enhances actomyosin clumping. We developed a model of how tilted and/or misplaced rings assemble in cells that lack the node structural component anillin-like Mid1 and thus fail to recruit myosin II to nodes independently of actin. If actin-dependent binding of diffusive myosin to the cortex is incorporated into the model, it generates progressively elongating cortical actomyosin strands with fluctuating actin bundles at the tails. These stands often close into a ring, similar to observations by the group of J.Q. Wu (The Ohio State University). NIH R01GM098430.

Estimation of Anonymous Email Network Characteristics through Statistical Disclosure Attacks

PubMed Central

Portela, Javier; García Villalba, Luis Javier; Silva Trujillo, Alejandra Guadalupe; Sandoval Orozco, Ana Lucila; Kim, Tai-Hoon

2016-01-01

Social network analysis aims to obtain relational data from social systems to identify leaders, roles, and communities in order to model profiles or predict a specific behavior in users’ network. Preserving anonymity in social networks is a subject of major concern. Anonymity can be compromised by disclosing senders’ or receivers’ identity, message content, or sender-receiver relationships. Under strongly incomplete information, a statistical disclosure attack is used to estimate the network and node characteristics such as centrality and clustering measures, degree distribution, and small-world-ness. A database of email networks in 29 university faculties is used to study the method. A research on the small-world-ness and Power law characteristics of these email networks is also developed, helping to understand the behavior of small email networks. PMID:27809275

Estimation of Anonymous Email Network Characteristics through Statistical Disclosure Attacks.

PubMed

Portela, Javier; García Villalba, Luis Javier; Silva Trujillo, Alejandra Guadalupe; Sandoval Orozco, Ana Lucila; Kim, Tai-Hoon

2016-11-01

Social network analysis aims to obtain relational data from social systems to identify leaders, roles, and communities in order to model profiles or predict a specific behavior in users' network. Preserving anonymity in social networks is a subject of major concern. Anonymity can be compromised by disclosing senders' or receivers' identity, message content, or sender-receiver relationships. Under strongly incomplete information, a statistical disclosure attack is used to estimate the network and node characteristics such as centrality and clustering measures, degree distribution, and small-world-ness. A database of email networks in 29 university faculties is used to study the method. A research on the small-world-ness and Power law characteristics of these email networks is also developed, helping to understand the behavior of small email networks.

On Modeling Eavesdropping Attacks in Underwater Acoustic Sensor Networks †

PubMed Central

Wang, Qiu; Dai, Hong-Ning; Li, Xuran; Wang, Hao; Xiao, Hong

2016-01-01

The security and privacy of underwater acoustic sensor networks has received extensive attention recently due to the proliferation of underwater activities. This paper proposes an analytical model to investigate the eavesdropping attacks in underwater acoustic sensor networks. Our analytical framework considers the impacts of various underwater acoustic channel conditions (such as the acoustic signal frequency, spreading factor and wind speed) and different hydrophones (isotropic hydrophones and array hydrophones) in terms of network nodes and eavesdroppers. We also conduct extensive simulations to evaluate the effectiveness and the accuracy of our proposed model. Empirical results show that our proposed model is quite accurate. In addition, our results also imply that the eavesdropping probability heavily depends on both the underwater acoustic channel conditions and the features of hydrophones. PMID:27213379

node2vec: Scalable Feature Learning for Networks

PubMed Central

Grover, Aditya; Leskovec, Jure

2016-01-01

Prediction tasks over nodes and edges in networks require careful effort in engineering features used by learning algorithms. Recent research in the broader field of representation learning has led to significant progress in automating prediction by learning the features themselves. However, present feature learning approaches are not expressive enough to capture the diversity of connectivity patterns observed in networks. Here we propose node2vec, an algorithmic framework for learning continuous feature representations for nodes in networks. In node2vec, we learn a mapping of nodes to a low-dimensional space of features that maximizes the likelihood of preserving network neighborhoods of nodes. We define a flexible notion of a node’s network neighborhood and design a biased random walk procedure, which efficiently explores diverse neighborhoods. Our algorithm generalizes prior work which is based on rigid notions of network neighborhoods, and we argue that the added flexibility in exploring neighborhoods is the key to learning richer representations. We demonstrate the efficacy of node2vec over existing state-of-the-art techniques on multi-label classification and link prediction in several real-world networks from diverse domains. Taken together, our work represents a new way for efficiently learning state-of-the-art task-independent representations in complex networks. PMID:27853626

A proposed ethogram of large-carnivore predatory behavior, exemplified by the wolf

USGS Publications Warehouse

MacNulty, D.R.; Mech, L.D.; Smith, D.W.

2007-01-01

Although predatory behavior is traditionally described by a basic ethogram composed of 3 phases (search, pursue, and capture), behavioral studies of large terrestrial carnivores generally use the concept of a "hunt" to classify and measure foraging. This approach is problematic because there is no consensus on what behaviors constitute a hunt. We therefore examined how the basic ethogram could be used as a common framework for classifying large-carnivore behavior. We used >2,150 h of observed wolf (Canis lupus) behavior in Yellowstone National Park, including 517 and 134 encounters with elk (Cervus elaphus) and American bison (Bison bison), respectively, to demonstrate the functional importance of several frequently described, but rarely quantified, patterns of large-carnivore behavior not explicitly described by the basic ethogram (approaching, watching, and attacking groups). To account for these additionally important behaviors we propose a modified form of the basic ethogram (search, approach, watch, attack-group, attack-individual, and capture). We tested the applicability of this ethogram by comparing it to 31 previous classifications and descriptions involving 7 other species and 5 other wolf populations. Close correspondence among studies suggests that this ethogram may provide a generally useful scheme for classifying large-carnivore predatory behavior that is behaviorally less ambiguous than the concept of a hunt. ?? 2007 American Society of Mammalogists.

Monitoring Street-Level Spatial-Temporal Variations of Carbon Monoxide in Urban Settings Using a Wireless Sensor Network (WSN) Framework

PubMed Central

Wen, Tzai-Hung; Jiang, Joe-Air; Sun, Chih-Hong; Juang, Jehn-Yih; Lin, Tzu-Shiang

2013-01-01

Air pollution has become a severe environmental problem due to urbanization and heavy traffic. Monitoring street-level air quality is an important issue, but most official monitoring stations are installed to monitor large-scale air quality conditions, and their limited spatial resolution cannot reflect the detailed variations in air quality that may be induced by traffic jams. By deploying wireless sensors on crossroads and main roads, this study established a pilot framework for a wireless sensor network (WSN)-based real-time monitoring system to understand street-level spatial-temporal changes of carbon monoxide (CO) in urban settings. The system consists of two major components. The first component is the deployment of wireless sensors. We deployed 44 sensor nodes, 40 transmitter nodes and four gateway nodes in this study. Each sensor node includes a signal processing module, a CO sensor and a wireless communication module. In order to capture realistic human exposure to traffic pollutants, all sensors were deployed at a height of 1.5 m on lampposts and traffic signs. The study area covers a total length of 1.5 km of Keelung Road in Taipei City. The other component is a map-based monitoring platform for sensor data visualization and manipulation in time and space. Using intensive real-time street-level monitoring framework, we compared the spatial-temporal patterns of air pollution in different time periods. Our results capture four CO concentration peaks throughout the day at the location, which was located along an arterial and nearby traffic sign. The hourly average could reach 5.3 ppm from 5:00 pm to 7:00 pm due to the traffic congestion. The proposed WSN-based framework captures detailed ground information and potential risk of human exposure to traffic-related air pollution. It also provides street-level insights into real-time monitoring for further early warning of air pollution and urban environmental management. PMID:24287859

Monitoring street-level spatial-temporal variations of carbon monoxide in urban settings using a wireless sensor network (WSN) framework.

PubMed

Wen, Tzai-Hung; Jiang, Joe-Air; Sun, Chih-Hong; Juang, Jehn-Yih; Lin, Tzu-Shiang

2013-11-27

Air pollution has become a severe environmental problem due to urbanization and heavy traffic. Monitoring street-level air quality is an important issue, but most official monitoring stations are installed to monitor large-scale air quality conditions, and their limited spatial resolution cannot reflect the detailed variations in air quality that may be induced by traffic jams. By deploying wireless sensors on crossroads and main roads, this study established a pilot framework for a wireless sensor network (WSN)-based real-time monitoring system to understand street-level spatial-temporal changes of carbon monoxide (CO) in urban settings. The system consists of two major components. The first component is the deployment of wireless sensors. We deployed 44 sensor nodes, 40 transmitter nodes and four gateway nodes in this study. Each sensor node includes a signal processing module, a CO sensor and a wireless communication module. In order to capture realistic human exposure to traffic pollutants, all sensors were deployed at a height of 1.5 m on lampposts and traffic signs. The study area covers a total length of 1.5 km of Keelung Road in Taipei City. The other component is a map-based monitoring platform for sensor data visualization and manipulation in time and space. Using intensive real-time street-level monitoring framework, we compared the spatial-temporal patterns of air pollution in different time periods. Our results capture four CO concentration peaks throughout the day at the location, which was located along an arterial and nearby traffic sign. The hourly average could reach 5.3 ppm from 5:00 pm to 7:00 pm due to the traffic congestion. The proposed WSN-based framework captures detailed ground information and potential risk of human exposure to traffic-related air pollution. It also provides street-level insights into real-time monitoring for further early warning of air pollution and urban environmental management.

Escape and evade control policies for ensuring the physical security of nonholonomic, ground-based, unattended mobile sensor nodes

NASA Astrophysics Data System (ADS)

Mascarenas, David; Stull, Christopher; Farrar, Charles

2011-06-01

In order to realize the wide-scale deployment of high-endurance, unattended mobile sensing technologies, it is vital to ensure the self-preservation of the sensing assets. Deployed mobile sensor nodes face a variety of physical security threats including theft, vandalism and physical damage. Unattended mobile sensor nodes must be able to respond to these threats with control policies that facilitate escape and evasion to a low-risk state. In this work the Precision Immobilization Technique (PIT) problem has been considered. The PIT maneuver is a technique that a pursuing, car-like vehicle can use to force a fleeing vehicle to abruptly turn ninety degrees to the direction of travel. The abrupt change in direction generally causes the fleeing driver to lose control and stop. The PIT maneuver was originally developed by law enforcement to end vehicular pursuits in a manner that minimizes damage to the persons and property involved. It is easy to imagine that unattended autonomous convoys could be targets of this type of action by adversarial agents. This effort focused on developing control policies unattended mobile sensor nodes could employ to escape, evade and recover from PIT-maneuver-like attacks. The development of these control policies involved both simulation as well as small-scale experimental testing. The goal of this work is to be a step toward ensuring the physical security of unattended sensor node assets.

A Comparative Study on Two Typical Schemes for Securing Spatial-Temporal Top-k Queries in Two-Tiered Mobile Wireless Sensor Networks

PubMed Central

Liu, Xingjian; Liang, Junbin; Li, Ran; Ma, Wenpeng; Qi, Chuanda

2018-01-01

A novel network paradigm of mobile edge computing, namely TMWSNs (two-tiered mobile wireless sensor networks), has just been proposed by researchers in recent years for its high scalability and robustness. However, only a few works have considered the security of TMWSNs. In fact, the storage nodes, which are located at the upper layer of TMWSNs, are prone to being attacked by the adversaries because they play a key role in bridging both the sensor nodes and the sink, which may lead to the disclosure of all data stored on them as well as some other potentially devastating results. In this paper, we make a comparative study on two typical schemes, EVTopk and VTMSN, which have been proposed recently for securing Top-k queries in TMWSNs, through both theoretical analysis and extensive simulations, aiming at finding out their disadvantages and advancements. We find that both schemes unsatisfactorily raise communication costs. Specifically, the extra communication cost brought about by transmitting the proof information uses up more than 40% of the total communication cost between the sensor nodes and the storage nodes, and 80% of that between the storage nodes and the sink. We discuss the corresponding reasons and present our suggestions, hoping that it will inspire the researchers researching this subject. PMID:29543745

Salient object detection: manifold-based similarity adaptation approach

NASA Astrophysics Data System (ADS)

Zhou, Jingbo; Ren, Yongfeng; Yan, Yunyang; Gao, Shangbing

2014-11-01

A saliency detection algorithm based on manifold-based similarity adaptation is proposed. The proposed algorithm is divided into three steps. First, we segment an input image into superpixels, which are represented as the nodes in a graph. Second, a new similarity measurement is used in the proposed algorithm. The weight matrix of the graph, which indicates the similarities between the nodes, uses a similarity-based method. It also captures the manifold structure of the image patches, in which the graph edges are determined in a data adaptive manner in terms of both similarity and manifold structure. Then, we use local reconstruction method as a diffusion method to obtain the saliency maps. The objective function in the proposed method is based on local reconstruction, with which estimated weights capture the manifold structure. Experiments on four bench-mark databases demonstrate the accuracy and robustness of the proposed method.

Attacks and Countermeasures in Communications and Power Networks

DTIC Science & Technology

2014-01-01

the victim. This strategy is often used to confuse the intrusion detection system about the adversary’s location. If the adversary compromises a pair...1.2 Detection of Information Flows Detection of information flows between a pair of nodes has been studied in the context of network intrusion ...Theo- rem 3.3.4 were derived purely based on the condition for undetectability. Hence, the same optimality statements hold for the noisy measurement

A Survey of Visualization Tools Assessed for Anomaly-Based Intrusion Detection Analysis

DTIC Science & Technology

2014-04-01

objective? • What vulnerabilities exist in the target system? • What damage or other consequences are likely? • What exploit scripts or other attack...languages C, R, and Python; no response capabilities. JUNG https://blogs.reucon.com/asterisk- java /tag/visualization/ Create custom layouts and can...annotate graphs, links, nodes with any Java data type. Must be familiar with coding in Java to call the routines; no monitoring or response

Aboveground predation by an American badger (Taxidea taxus) on black-tailed prairie dogs (Cynomys ludovicianus)

USGS Publications Warehouse

Eads, D.A.; Biggins, D.E.

2008-01-01

During research on black-tailed prairie dogs (Cynomys ludovicianus), we repeatedly observed a female American badger (Taxidea taxus) hunting prairie dogs on a colony in southern Phillips County, Montana. During 1-14 June 2006, we observed 7 aboveground attacks (2 successful) and 3 successful excavations of prairie dogs. The locations and circumstances of aboveground attacks suggested that the badger improved her probability of capturing prairie dogs by planning the aboveground attacks based on perceptions of speeds, angles, distances, and predicted escape responses of prey. Our observations add to previous reports on the complex and varied predatory methods and cognitive capacities of badgers. These observations also underscore the individuality of predators and support the concept that predators are active participants in predator-prey interactions.

Impacts of silvicultural thinning treatments on beetle trap captures and tree attacks during low bark beetle populations in ponderosa pine forests of northern Arizona.

PubMed

Gaylord, M L; Hofstetter, R W; Wagner, M R

2010-10-01

Our research used a combination of passive traps, funnel traps with lures, baited trees, and surveys of long-term thinning plots to assess the impacts of different levels of stand basal area (BA) on bark beetle tree attack and on trap captures of Ips spp., Dendroctonus spp., and their predators. The study occurred at two sites in ponderosa pine, Pinus ponderosa Dougl. ex Laws., forests, from 2004 to 2007 during low bark beetle populations. Residual stand BA ranged from 9.0 to 37.0 m2/ha. More predators and bark beetles were collected in passive traps in stands of lower BA than in stands of higher BA; however, significance varied by species and site, and total number of beetles collected was low. Height of the clear panel passive traps affected trap catches for some species at some sites and years. When pheromone lures were used with funnel traps [Ips pini (Say) lure: lanierone, +03/-97 ipsdienol], we found no significant difference in trap catches among basal area treatments for bark beetles and their predators. Similarly, when trees were baited (Dendroctonus brevicomis LeConte lure: myrcene, exo-brevicomin and frontalin), we found no significant difference for days to first bark beetle attack. Surveys of long-term thinning treatments found evidence of bark beetle attacks only in unthinned plots (approximately 37 m2/ha basal area). We discuss our results in terms of management implications for bark beetle trapping and control.

Expression of key ion channels in the rat cardiac conduction system by laser capture microdissection and quantitative real-time PCR.

PubMed

Ou, Yan; Niu, Xiao-lin; Ren, Fu-xian

2010-09-01

The objective of this study was to investigate the molecular basis of the inferior nodal extension (INE) in the atrioventricular junctional area that accounts for arrhythmias. The INE was separated from the adult rat heart by laser capture microdissection. The mRNA expression of ion channels was detected by quantitative real-time PCR. Hierarchical clustering was used to demonstrate clustering of expression of genes in sections. The mRNA expression of HCN4, Ca(v)3.1 and Ca(v)3.2 was high in the INE, atrioventricular node and sino-atrial node, and that of Ca(v)3.2 high in Purkinje fibres. Although the expression of HCN1 and Ca(v)1.3 was low in the rat heart, it was relatively higher in the INE, atrioventricular node and sino-atrial node than in right atrial and right ventricular (working) myocytes. Both HCN2 and Ca(v)1.2 were expressed at higher levels in working myocytes than in nodal tissues and in the INE. Hierarchical clustering analysis demonstrated that the expression of the HCN and calcium channels in INE was similar to that in the slow-response automatic cells and different from that in working myocytes and Purkinje fibres. The expression of HCN and calcium channels in the INE of the adult rat heart is similar to that of slow-response automatic cells and provides a substrate for automatic phase 4 depolarization in cells.

Electrochemical capture and release of carbon dioxide

DOE PAGES

Rheinhardt, Joseph H.; Singh, Poonam; Tarakeshwar, Pilarisetty; ...

2017-01-18

Understanding the chemistry of carbon dioxide is key to affecting changes in atmospheric concentrations. One area of intense interest is CO 2 capture in chemically reversible cycles relevant to carbon capture technologies. Most CO 2 capture methods involve thermal cycles in which a nucleophilic agent captures CO 2 from impure gas streams (e.g., flue gas), followed by a thermal process in which pure CO 2 is released. Several reviews have detailed progress in these approaches. A less explored strategy uses electrochemical cycles to capture CO 2 and release it in pure form. These cycles typically rely on electrochemical generation ofmore » nucleophiles that attack CO 2 at the electrophilic carbon atom, forming a CO 2 adduct. Then, CO 2 is released in pure form via a subsequent electrochemical step. In this Perspective, we describe electrochemical cycles for CO 2 capture and release, emphasizing electrogenerated nucleophiles. As a result, we also discuss some advantages and disadvantages inherent in this general approach.« less

Insights into mountain precipitation and snowpack from a basin-scale wireless-sensor network

NASA Astrophysics Data System (ADS)

Zhang, Z.; Glaser, S.; Bales, R.; Conklin, M.; Rice, R.; Marks, D.

2017-08-01

A spatially distributed wireless-sensor network, installed across the 2154 km2 portion of the 5311 km2 American River basin above 1500 m elevation, provided spatial measurements of temperature, relative humidity, and snow depth in the Sierra Nevada, California. The network consisted of 10 sensor clusters, each with 10 measurement nodes, distributed to capture the variability in topography and vegetation cover. The sensor network captured significant spatial heterogeneity in rain versus snow precipitation for water-year 2014, variability that was not apparent in the more limited operational data. Using daily dew-point temperature to track temporal elevational changes in the rain-snow transition, the amount of snow accumulation at each node was used to estimate the fraction of rain versus snow. This resulted in an underestimate of total precipitation below the 0°C dew-point elevation, which averaged 1730 m across 10 precipitation events, indicating that measuring snow does not capture total precipitation. We suggest blending lower elevation rain gauge data with higher-elevation sensor-node data for each event to estimate total precipitation. Blended estimates were on average 15-30% higher than using either set of measurements alone. Using data from the current operational snow-pillow sites gives even lower estimates of basin-wide precipitation. Given the increasing importance of liquid precipitation in a warming climate, a strategy that blends distributed measurements of both liquid and solid precipitation will provide more accurate basin-wide precipitation estimates, plus spatial and temporal patters of snow accumulation and melt in a basin.

A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks.

PubMed

Xiong, Ling; Peng, Daiyuan; Peng, Tu; Liang, Hongbin; Liu, Zhicai

2017-11-21

Due to their frequent use in unattended and hostile deployment environments, the security in wireless sensor networks (WSNs) has attracted much interest in the past two decades. However, it remains a challenge to design a lightweight authentication protocol for WSNs because the designers are confronted with a series of desirable security requirements, e.g., user anonymity, perfect forward secrecy, resistance to de-synchronization attack. Recently, the authors presented two authentication schemes that attempt to provide user anonymity and to resist various known attacks. Unfortunately, in this work we shall show that user anonymity of the two schemes is achieved at the price of an impractical search operation-the gateway node may search for every possible value. Besides this defect, they are also prone to smart card loss attacks and have no provision for perfect forward secrecy. As our main contribution, a lightweight anonymous authentication scheme with perfect forward secrecy is designed, and what we believe the most interesting feature is that user anonymity, perfect forward secrecy, and resistance to de-synchronization attack can be achieved at the same time. As far as we know, it is extremely difficult to meet these security features simultaneously only using the lightweight operations, such as symmetric encryption/decryption and hash functions.

Shall we trust WDDL?

NASA Astrophysics Data System (ADS)

Guilley, Sylvain; Chaudhuri, Sumanta; Sauvage, Laurent; Graba, Tarik; Danger, Jean-Luc; Hoogvorst, Philippe; Vong, Vinh-Nga; Nassar, Maxime; Flament, Florent

Security is not only a matter of cryptographic algorithms robustness but becomes also a question of securing their implementation. P. Kocher’s differential power analysis (DPA) is one of the many side-channel attacks that are more and more studied by the security community. Indeed, side-channel attacks (SCA) have proved to be very powerful on cryptographic algorithms such as DES and AES, customarily implemented in a wide variety of devices, ranging from smart-cards or ASICs to FPGAs. Among the proposed countermeasures, the “dual-rail with precharge logic” (DPL) aims at hiding information leaked by the circuit by making the power consumption independent of the calculation. However DPL logic could be subject to second order attacks exploiting timing difference between dual nets. In this article, we characterize by simulation, the vulnerability due to timing unbalance in the eight DES substitution boxes implemented in DPL WDDL style. The characterization results in a classification of the nodes according to their timing unbalance. Our results show that the timing unbalance is a major weakness of the WDDL logic, and that it could be used to retrieve the key using a DPA attack. This vulnerability has been experimentally observed on a full DES implementation using WDDL style for Altera Stratix EP1S25 FPGA.

A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks

PubMed Central

Peng, Daiyuan; Peng, Tu; Liang, Hongbin; Liu, Zhicai

2017-01-01

Due to their frequent use in unattended and hostile deployment environments, the security in wireless sensor networks (WSNs) has attracted much interest in the past two decades. However, it remains a challenge to design a lightweight authentication protocol for WSNs because the designers are confronted with a series of desirable security requirements, e.g., user anonymity, perfect forward secrecy, resistance to de-synchronization attack. Recently, the authors presented two authentication schemes that attempt to provide user anonymity and to resist various known attacks. Unfortunately, in this work we shall show that user anonymity of the two schemes is achieved at the price of an impractical search operation—the gateway node may search for every possible value. Besides this defect, they are also prone to smart card loss attacks and have no provision for perfect forward secrecy. As our main contribution, a lightweight anonymous authentication scheme with perfect forward secrecy is designed, and what we believe the most interesting feature is that user anonymity, perfect forward secrecy, and resistance to de-synchronization attack can be achieved at the same time. As far as we know, it is extremely difficult to meet these security features simultaneously only using the lightweight operations, such as symmetric encryption/decryption and hash functions. PMID:29160861

Information spread in networks: Games, optimal control, and stabilization

NASA Astrophysics Data System (ADS)

Khanafer, Ali

This thesis focuses on designing efficient mechanisms for controlling information spread in networks. We consider two models for information spread. The first one is the well-known distributed averaging dynamics. The second model is a nonlinear one that describes virus spread in computer and biological networks. We seek to design optimal, robust, and stabilizing controllers under practical constraints. For distributed averaging networks, we study the interaction between a network designer and an adversary. We consider two types of attacks on the network. In Attack-I, the adversary strategically disconnects a set of links to prevent the nodes from reaching consensus. Meanwhile, the network designer assists the nodes in reaching consensus by changing the weights of a limited number of links in the network. We formulate two problems to describe this competition where the order in which the players act is reversed in the two problems. Although the canonical equations provided by the Pontryagin's Maximum Principle (MP) seem to be intractable, we provide an alternative characterization for the optimal strategies that makes connection to potential theory. Further, we provide a sufficient condition for the existence of a saddle-point equilibrium (SPE) for the underlying zero-sum game. In Attack-II, the designer and the adversary are both capable of altering the measurements of all nodes in the network by injecting global signals. We impose two constraints on both players: a power constraint and an energy constraint. We assume that the available energy to each player is not sufficient to operate at maximum power throughout the horizon of the game. We show the existence of an SPE and derive the optimal strategies in closed form for this attack scenario. As an alternative to the "network designer vs. adversary" framework, we investigate the possibility of stabilizing unknown network diffusion processes using a distributed mechanism, where the uncertainty is due to an attack on the network. To this end, we propose a distributed version of the classical logic-based supervisory control scheme. Given a network of agents whose dynamics contain unknown parameters, the distributed supervisory control scheme is used to assist the agents to converge to a certain set-point without requiring them to have explicit knowledge of that set-point. Unlike the classical supervisory control scheme where a centralized supervisor makes switching decisions among the candidate controllers, in our scheme, each agent is equipped with a local supervisor that switches among the available controllers. The switching decisions made at a certain agent depend only on the information from its neighboring agents. We provide sufficient conditions for stabilization and apply our framework to the distributed averaging problem in the presence of large modeling uncertainty. For infected networks, we study the stability properties of a susceptible-infected-susceptible (SIS) diffusion model, so-called the n-intertwined Markov model, over arbitrary network topologies. Similar to the majority of infection spread dynamics, this model exhibits a threshold phenomenon. When the curing rates in the network are high, the all-healthy state is the unique equilibrium over the network. Otherwise, an endemic equilibrium state emerges, where some infection remains within the network. Using notions from positive systems theory, we provide conditions for the global asymptotic stability of the equilibrium points in both cases over strongly and weakly connected directed networks based on the value of the basic reproduction number, a fundamental quantity in the study of epidemics. Furthermore, we demonstrate that the n-intertwined Markov model can be viewed as a best-response dynamical system of a concave game among the nodes. This characterization allows us to cast new infection spread dynamics; additionally, we provide a sufficient condition, for the global convergence to the all-healthy state, that can be checked in a distributed fashion. Moreover, we investigate the problem of stabilizing the network when the curing rates of a limited number of nodes can be controlled. In particular, we characterize the number of controllers required for a class of undirected graphs. We also design optimal controllers capable of minimizing the total infection in the network at minimum cost. Finally, we outline a set of open problems in the area of information spread control.

Novel Indocyanine Green-Phytate Colloid Technique for Sentinel Node Detection in Head and Neck: Mouse Study.

PubMed

Araki, Koji; Mizokami, Daisuke; Tomifuji, Masayuki; Yamashita, Taku; Ohnuki, Kazunobu; Umeda, Izumi O; Fujii, Hirofumi; Kosuda, Shigeru; Shiotani, Akihiro

2014-08-01

Sentinel node navigation surgery using real-time, near-infrared imaging with indocyanine green is becoming popular by allowing head and neck surgeons to avoid unnecessary neck dissection. The major drawback of this method is its quick migration through the lymphatics, limiting the diagnostic time window and undesirable detection of downstream nodes. We resolved this problem by mixing indocyanine green (ICG) with phytate colloid to retard its migration and demonstrated its feasibility in a nude mouse study. Experimental prospective animal study. Animal laboratory. Indocyanine green at 3 concentrations was tested to determine the optimal concentration for sentinel lymph node detection in a mouse model. Effect of indocyanine green with phytate colloid mixture solutions was also analyzed. Indocyanine green or mixture solution at different mixing ratios were injected into the tongue of nude mice and near-infrared fluorescence images were captured sequentially for up to 48 hours. The brightness of fluorescence in the sentinel lymph node and lymph nodes further downstream were assessed. Indocyanine green concentration >50 μg/mL did not improve sentinel lymph node detection. The addition of phytate colloid to indocyanine green extended the period when sentinel lymph node was detectable. Second echelon lymph nodes were not imaged in mice injected with the mixture, while these were visualized in mice injected with indocyanine green alone. This novel technique of ICG-phytate colloid mixture allows prolonged diagnostic time window, prevention of downstream subsequent nodes detection, and improved accuracy for the detection of true sentinel lymph nodes. © American Academy of Otolaryngology—Head and Neck Surgery Foundation 2014.

Distributed processing method for arbitrary view generation in camera sensor network

NASA Astrophysics Data System (ADS)

Tehrani, Mehrdad P.; Fujii, Toshiaki; Tanimoto, Masayuki

2003-05-01

Camera sensor network as a new advent of technology is a network that each sensor node can capture video signals, process and communicate them with other nodes. The processing task in this network is to generate arbitrary view, which can be requested from central node or user. To avoid unnecessary communication between nodes in camera sensor network and speed up the processing time, we have distributed the processing tasks between nodes. In this method, each sensor node processes part of interpolation algorithm to generate the interpolated image with local communication between nodes. The processing task in camera sensor network is ray-space interpolation, which is an object independent method and based on MSE minimization by using adaptive filtering. Two methods were proposed for distributing processing tasks, which are Fully Image Shared Decentralized Processing (FIS-DP), and Partially Image Shared Decentralized Processing (PIS-DP), to share image data locally. Comparison of the proposed methods with Centralized Processing (CP) method shows that PIS-DP has the highest processing speed after FIS-DP, and CP has the lowest processing speed. Communication rate of CP and PIS-DP is almost same and better than FIS-DP. So, PIS-DP is recommended because of its better performance than CP and FIS-DP.

Spatial network surrogates for disentangling complex system structure from spatial embedding of nodes

NASA Astrophysics Data System (ADS)

Wiedermann, Marc; Donges, Jonathan F.; Kurths, Jürgen; Donner, Reik V.

2016-04-01

Networks with nodes embedded in a metric space have gained increasing interest in recent years. The effects of spatial embedding on the networks' structural characteristics, however, are rarely taken into account when studying their macroscopic properties. Here, we propose a hierarchy of null models to generate random surrogates from a given spatially embedded network that can preserve certain global and local statistics associated with the nodes' embedding in a metric space. Comparing the original network's and the resulting surrogates' global characteristics allows one to quantify to what extent these characteristics are already predetermined by the spatial embedding of the nodes and links. We apply our framework to various real-world spatial networks and show that the proposed models capture macroscopic properties of the networks under study much better than standard random network models that do not account for the nodes' spatial embedding. Depending on the actual performance of the proposed null models, the networks are categorized into different classes. Since many real-world complex networks are in fact spatial networks, the proposed approach is relevant for disentangling the underlying complex system structure from spatial embedding of nodes in many fields, ranging from social systems over infrastructure and neurophysiology to climatology.

Office immunotherapy in chronic inflammatory demyelinating polyneuropathy and multifocal motor neuropathy.

PubMed

Dyck, Peter J; Taylor, Bruce V; Davies, Jenny L; Mauermann, Michelle L; Litchy, William J; Klein, Christopher J; Dyck, P James B

2015-10-01

Intravenous immunoglobulin [IVIg], plasma exchange [PE], and corticosteroids are efficacious treatment in chronic inflammatory demyelinating polyneuropathy [CIDP]. IVIg is effective in multifocal motor neuropathy [MMN]. NIS, NIS-weakness, sum scores of raw amplitudes of motor fiber (CMAPs) amplitudes, and Dyck/Rankin score provided reliable measures to detect and scale abnormality and reflect change; they are therefore ideal for office management of response-based immunotherapy (R-IRx) of CIDP. Using efficacious R-IRx, a large early and late therapeutic response (≥ one-fourth were in remission or had recovered) was demonstrated in CIDP. In MMN only an early improvement with late non-significant worsening was observed. The difference in immunotherapy response supports a fundamental difference between CIDP (immune attack on Schwann cells and myelin) and MMN (attack on nodes of Ranvier and axons). © 2015 Wiley Periodicals, Inc.

Office Immunotherapy in Chronic Inflammatoryh Demyelinating Polyneuropathy and Multifocal Motor Neuropathy

PubMed Central

Dyck, Peter J.; Taylor, Bruce V.; Davies, Jenny L.; Mauermann, Michelle L.; Litchy, William J.; Klein, Christopher J.; Dyck, P. James B.

2015-01-01

Background Intravenous immunoglobulin [IVIg], plasma exchange [PE], and corticosteroids are efficacious treatment in chronic inflammatory demyelinating polyneuropathy [CIDP]. IVIg is effective in multifocal motor neuropathy [MMN]. Objective and Methods Results and Conclusions NIS, NIS-weakness, sum scores of raw amplitudes of motor fiber (CMAPs) amplitudes, and Dyck/Rankin score provided reliable measures to detect and scale abnormality and reflect change; they are therefore ideal for office management of response-basedimmunotherapy (R-IRx) of CIDP. Using efficacious R-IRx, a large early and late therapeutic response (≥ one-fourth were in remission or had recovered) was demonstrated in CIDP. In MMN only an early improvement with late non-significant worsening was observed. The difference in immunotherapy response supports a fundamental difference between CIDP (immune attack on Schwann cells and myelin) and MMN (attack on nodes of Ranvier and axons). PMID:25976871

MELOC - Memory and Location Optimized Caching for Mobile Ad Hoc Networks

DTIC Science & Technology

2011-01-01

required for such environments. Moreover, nodes located at centre have to be chosen as cache location, since it reduces the chance of being attacked...Figure 1.1. MANET Formed by Armed Forces 47 Example 3: Sharing of music and videos are famous among mobile users. Instead of downloading...The two tier caching scheme discussed in this paper is acoustic . The characteristics of two-tier caching are as follows, the content of data to be

Sequential Pattern Detection and Time Series Models for Predicting IED Attacks

DTIC Science & Technology

2009-03-01

customer purchases spaghetti sauce at the grocery store, do they also purchase some kind of meat and pasta noodles ? Knowing what items a shopper tends...such as the mileage, the number of passengers that can fit in the car, and the year the car was manufactured . The number of hidden nodes are...technology weapons that are inexpensive to manufacture and do not require extensive training to deploy. An improvised explosive device (IED) 28 is a

Military and Security Developments Involving the Democratic People’s Republic of Korea: Annual Report to Congress

DTIC Science & Technology

2013-01-01

underground, cross-border tunnels to attack high-value targets like command and control nodes or air bases. Theater Ballistic Missiles. North Korea has...fomenting unrest and revolution. Command and Control. The DPRK National Defense Commission ( NDC ) is the symbolic nominal authority over the North’s...and control is exercised by its subordinate General Staff Department. The 1992 constitution gives control of the North’s military to the NDC , and

Research on trust calculation of wireless sensor networks based on time segmentation

NASA Astrophysics Data System (ADS)

Su, Yaoxin; Gao, Xiufeng; Qiao, Wenxin

2017-05-01

Because the wireless sensor network is different from the traditional network characteristics, it is easy to accept the intrusion from the compromise node. The trust mechanism is the most effective way to defend against internal attacks. Aiming at the shortcomings of the existing trust mechanism, a method of calculating the trust of wireless sensor networks based on time segmentation is proposed. It improves the security of the network and extends the life of the network

Optimal cost for strengthening or destroying a given network

NASA Astrophysics Data System (ADS)

Patron, Amikam; Cohen, Reuven; Li, Daqing; Havlin, Shlomo

2017-05-01

Strengthening or destroying a network is a very important issue in designing resilient networks or in planning attacks against networks, including planning strategies to immunize a network against diseases, viruses, etc. Here we develop a method for strengthening or destroying a random network with a minimum cost. We assume a correlation between the cost required to strengthen or destroy a node and the degree of the node. Accordingly, we define a cost function c (k ) , which is the cost of strengthening or destroying a node with degree k . Using the degrees k in a network and the cost function c (k ) , we develop a method for defining a list of priorities of degrees and for choosing the right group of degrees to be strengthened or destroyed that minimizes the total price of strengthening or destroying the entire network. We find that the list of priorities of degrees is universal and independent of the network's degree distribution, for all kinds of random networks. The list of priorities is the same for both strengthening a network and for destroying a network with minimum cost. However, in spite of this similarity, there is a difference between their pc, the critical fraction of nodes that has to be functional to guarantee the existence of a giant component in the network.

Optimal cost for strengthening or destroying a given network.

PubMed

Patron, Amikam; Cohen, Reuven; Li, Daqing; Havlin, Shlomo

2017-05-01

Strengthening or destroying a network is a very important issue in designing resilient networks or in planning attacks against networks, including planning strategies to immunize a network against diseases, viruses, etc. Here we develop a method for strengthening or destroying a random network with a minimum cost. We assume a correlation between the cost required to strengthen or destroy a node and the degree of the node. Accordingly, we define a cost function c(k), which is the cost of strengthening or destroying a node with degree k. Using the degrees k in a network and the cost function c(k), we develop a method for defining a list of priorities of degrees and for choosing the right group of degrees to be strengthened or destroyed that minimizes the total price of strengthening or destroying the entire network. We find that the list of priorities of degrees is universal and independent of the network's degree distribution, for all kinds of random networks. The list of priorities is the same for both strengthening a network and for destroying a network with minimum cost. However, in spite of this similarity, there is a difference between their p_{c}, the critical fraction of nodes that has to be functional to guarantee the existence of a giant component in the network.

Age structure and cooperation in coevolutionary games on dynamic network

NASA Astrophysics Data System (ADS)

Qin, Zilong; Hu, Zhenhua; Zhou, Xiaoping; Yi, Jingzhang

2015-04-01

Our proposed model imitates the growth of a population and describes the age structure and the level of cooperation in games on dynamic network with continuous changes of structure and topology. The removal of nodes and links caused by age-dependent attack, together with the nodes addition standing for the newborns of population, badly ruins Matthew effect in this coevolutionary process. Though the network is generated by growth and preferential attachment, it degenerates into random network and it is no longer heterogeneous. When the removal of nodes and links is equal to the addition of nodes and links, the size of dynamic network is maintained in steady-state, so is the low level of cooperation. Severe structure variation, homogeneous topology and continuous invasion of new defection jointly make dynamic network unsuitable for the survival of cooperator even when the probability with which the newborn players initially adopt the strategy cooperation is high, while things change slightly when the connections of newborn players are restricted. Fortunately, moderate interactions in a generation trigger an optimal recovering process to encourage cooperation. The model developed in this paper outlines an explanation of the cohesion changes in the development process of an organization. Some suggestions for cooperative behavior improvement are given in the end.

Security Informatics Research Challenges for Mitigating Cyber Friendly Fire

DOE Office of Scientific and Technical Information (OSTI.GOV)

Carroll, Thomas E.; Greitzer, Frank L.; Roberts, Adam D.

This paper addresses cognitive implications and research needs surrounding the problem of cyber friendly re (FF). We dene cyber FF as intentional o*ensive or defensive cyber/electronic actions intended to protect cyber systems against enemy forces or to attack enemy cyber systems, which unintentionally harms the mission e*ectiveness of friendly or neutral forces. We describe examples of cyber FF and discuss how it ts within a general conceptual framework for cyber security failures. Because it involves human failure, cyber FF may be considered to belong to a sub-class of cyber security failures characterized as unintentional insider threats. Cyber FF is closelymore » related to combat friendly re in that maintaining situation awareness (SA) is paramount to avoiding unintended consequences. Cyber SA concerns knowledge of a system's topology (connectedness and relationships of the nodes in a system), and critical knowledge elements such as the characteristics and vulnerabilities of the components that comprise the system and its nodes, the nature of the activities or work performed, and the available defensive and o*ensive countermeasures that may be applied to thwart network attacks. We describe a test bed designed to support empirical research on factors a*ecting cyber FF. Finally, we discuss mitigation strategies to combat cyber FF, including both training concepts and suggestions for decision aids and visualization approaches.« less

A Secure-Enhanced Data Aggregation Based on ECC in Wireless Sensor Networks

PubMed Central

Zhou, Qiang; Yang, Geng; He, Liwen

2014-01-01

Data aggregation is an important technique for reducing the energy consumption of sensor nodes in wireless sensor networks (WSNs). However, compromised aggregators may forge false values as the aggregated results of their child nodes in order to conduct stealthy attacks or steal other nodes' privacy. This paper proposes a Secure-Enhanced Data Aggregation based on Elliptic Curve Cryptography (SEDA-ECC). The design of SEDA-ECC is based on the principles of privacy homomorphic encryption (PH) and divide-and-conquer. An aggregation tree disjoint method is first adopted to divide the tree into three subtrees of similar sizes, and a PH-based aggregation is performed in each subtree to generate an aggregated subtree result. Then the forged result can be identified by the base station (BS) by comparing the aggregated count value. Finally, the aggregated result can be calculated by the BS according to the remaining results that have not been forged. Extensive analysis and simulations show that SEDA-ECC can achieve the highest security level on the aggregated result with appropriate energy consumption compared with other asymmetric schemes. PMID:24732099

Resilient Wireless Sensor Networks Using Topology Control: A Review

PubMed Central

Huang, Yuanjiang; Martínez, José-Fernán; Sendra, Juana; López, Lourdes

2015-01-01

Wireless sensor networks (WSNs) may be deployed in failure-prone environments, and WSNs nodes easily fail due to unreliable wireless connections, malicious attacks and resource-constrained features. Nevertheless, if WSNs can tolerate at most losing k − 1 nodes while the rest of nodes remain connected, the network is called k − connected. k is one of the most important indicators for WSNs’ self-healing capability. Following a WSN design flow, this paper surveys resilience issues from the topology control and multi-path routing point of view. This paper provides a discussion on transmission and failure models, which have an important impact on research results. Afterwards, this paper reviews theoretical results and representative topology control approaches to guarantee WSNs to be k − connected at three different network deployment stages: pre-deployment, post-deployment and re-deployment. Multi-path routing protocols are discussed, and many NP-complete or NP-hard problems regarding topology control are identified. The challenging open issues are discussed at the end. This paper can serve as a guideline to design resilient WSNs. PMID:26404272

Cyber-Argus: Modeling C2 Impacts of Cyber Attacks

DTIC Science & Technology

2014-06-01

19th ICCRTS - # 096 Page 10 of 24 ( BPMN ). However, any process modeling language with the ability to capture the information described above could...AND TECHNOLOGY ORGANIZATION. RTO-TR-MSG-048 - Coalition Battle Management Language (C-BML). February 2012. [41] ALLWEYER, T. BPMN 2.0: Introduction

High-fidelity numerical simulation of the flow field around a NACA-0012 aerofoil from the laminar separation bubble to a full stall

NASA Astrophysics Data System (ADS)

ElJack, Eltayeb

2017-05-01

In the present work, large eddy simulations of the flow field around a NACA-0012 aerofoil near stall conditions are performed at a Reynolds number of 5 × 104, Mach number of 0.4, and at various angles of attack. The results show the following: at relatively low angles of attack, the bubble is present and intact; at moderate angles of attack, the laminar separation bubble bursts and generates a global low-frequency flow oscillation; and at relatively high angles of attack, the laminar separation bubble becomes an open bubble that leads the aerofoil into a full stall. Time histories of the aerodynamic coefficients showed that the low-frequency oscillation phenomenon and its associated physics are indeed captured in the simulations. The aerodynamic coefficients compared to previous and recent experimental data with acceptable accuracy. Spectral analysis identified a dominant low-frequency mode featuring the periodic separation and reattachment of the flow field. At angles of attack α ≤ 9.3°, the low-frequency mode featured bubble shedding rather than bubble bursting and reformation. The underlying mechanism behind the quasi-periodic self-sustained low-frequency flow oscillation is discussed in detail.

Defending Against Advanced Persistent Threats Using Game-Theory.

PubMed

Rass, Stefan; König, Sandra; Schauer, Stefan

2017-01-01

Advanced persistent threats (APT) combine a variety of different attack forms ranging from social engineering to technical exploits. The diversity and usual stealthiness of APT turns them into a central problem of contemporary practical system security, since information on attacks, the current system status or the attacker's incentives is often vague, uncertain and in many cases even unavailable. Game theory is a natural approach to model the conflict between the attacker and the defender, and this work investigates a generalized class of matrix games as a risk mitigation tool for an advanced persistent threat (APT) defense. Unlike standard game and decision theory, our model is tailored to capture and handle the full uncertainty that is immanent to APTs, such as disagreement among qualitative expert risk assessments, unknown adversarial incentives and uncertainty about the current system state (in terms of how deeply the attacker may have penetrated into the system's protective shells already). Practically, game-theoretic APT models can be derived straightforwardly from topological vulnerability analysis, together with risk assessments as they are done in common risk management standards like the ISO 31000 family. Theoretically, these models come with different properties than classical game theoretic models, whose technical solution presented in this work may be of independent interest.

Uncovering Randomness and Success in Society

PubMed Central

Jalan, Sarika; Sarkar, Camellia; Madhusudanan, Anagha; Dwivedi, Sanjiv Kumar

2014-01-01

An understanding of how individuals shape and impact the evolution of society is vastly limited due to the unavailability of large-scale reliable datasets that can simultaneously capture information regarding individual movements and social interactions. We believe that the popular Indian film industry, “Bollywood”, can provide a social network apt for such a study. Bollywood provides massive amounts of real, unbiased data that spans more than 100 years, and hence this network has been used as a model for the present paper. The nodes which maintain a moderate degree or widely cooperate with the other nodes of the network tend to be more fit (measured as the success of the node in the industry) in comparison to the other nodes. The analysis carried forth in the current work, using a conjoined framework of complex network theory and random matrix theory, aims to quantify the elements that determine the fitness of an individual node and the factors that contribute to the robustness of a network. The authors of this paper believe that the method of study used in the current paper can be extended to study various other industries and organizations. PMID:24533073

Uncovering randomness and success in society.

PubMed

Jalan, Sarika; Sarkar, Camellia; Madhusudanan, Anagha; Dwivedi, Sanjiv Kumar

2014-01-01

An understanding of how individuals shape and impact the evolution of society is vastly limited due to the unavailability of large-scale reliable datasets that can simultaneously capture information regarding individual movements and social interactions. We believe that the popular Indian film industry, "Bollywood", can provide a social network apt for such a study. Bollywood provides massive amounts of real, unbiased data that spans more than 100 years, and hence this network has been used as a model for the present paper. The nodes which maintain a moderate degree or widely cooperate with the other nodes of the network tend to be more fit (measured as the success of the node in the industry) in comparison to the other nodes. The analysis carried forth in the current work, using a conjoined framework of complex network theory and random matrix theory, aims to quantify the elements that determine the fitness of an individual node and the factors that contribute to the robustness of a network. The authors of this paper believe that the method of study used in the current paper can be extended to study various other industries and organizations.

Threshold cascades with response heterogeneity in multiplex networks

NASA Astrophysics Data System (ADS)

Lee, Kyu-Min; Brummitt, Charles D.; Goh, K.-I.

2014-12-01

Threshold cascade models have been used to describe the spread of behavior in social networks and cascades of default in financial networks. In some cases, these networks may have multiple kinds of interactions, such as distinct types of social ties or distinct types of financial liabilities; furthermore, nodes may respond in different ways to influence from their neighbors of multiple types. To start to capture such settings in a stylized way, we generalize a threshold cascade model to a multiplex network in which nodes follow one of two response rules: some nodes activate when, in at least one layer, a large enough fraction of neighbors is active, while the other nodes activate when, in all layers, a large enough fraction of neighbors is active. Varying the fractions of nodes following either rule facilitates or inhibits cascades. Near the inhibition regime, global cascades appear discontinuously as the network density increases; however, the cascade grows more slowly over time. This behavior suggests a way in which various collective phenomena in the real world could appear abruptly yet slowly.

Entanglement swapping with independent sources over an optical-fiber network

NASA Astrophysics Data System (ADS)

Sun, Qi-Chao; Mao, Ya-Li; Jiang, Yang-Fan; Zhao, Qi; Chen, Si-Jing; Zhang, Wei; Zhang, Wei-Jun; Jiang, Xiao; Chen, Teng-Yun; You, Li-Xing; Li, Li; Huang, Yi-Dong; Chen, Xian-Feng; Wang, Zhen; Ma, Xiongfeng; Zhang, Qiang; Pan, Jian-Wei

2017-03-01

Establishing entanglement between two remote systems by the method of entanglement swapping is an essential step for a long-distance quantum network. Here we report a field-test entanglement swapping experiment with two independent telecommunication band entangled photon-pair sources over an optical fiber network in Hefei. The two sources are located at two nodes that are 12.5 km apart and the Bell-state measurement is performed at a third location which is connected to the two source nodes with 14.7-km and 10.6-km optical fibers, respectively. The observed average visibility is 79.9 ±4.8 % , which is sufficient for the violation of Bell inequalities. Furthermore, with the swapped entanglement, we demonstrate a source-independent quantum key distribution, which is also immune to any detection attacks at the measurement site.

Dynamic model of time-dependent complex networks.

PubMed

Hill, Scott A; Braha, Dan

2010-10-01

The characterization of the "most connected" nodes in static or slowly evolving complex networks has helped in understanding and predicting the behavior of social, biological, and technological networked systems, including their robustness against failures, vulnerability to deliberate attacks, and diffusion properties. However, recent empirical research of large dynamic networks (characterized by irregular connections that evolve rapidly) has demonstrated that there is little continuity in degree centrality of nodes over time, even when their degree distributions follow a power law. This unexpected dynamic centrality suggests that the connections in these systems are not driven by preferential attachment or other known mechanisms. We present an approach to explain real-world dynamic networks and qualitatively reproduce these dynamic centrality phenomena. This approach is based on a dynamic preferential attachment mechanism, which exhibits a sharp transition from a base pure random walk scheme.

A New Measure of Centrality for Brain Networks

PubMed Central

Joyce, Karen E.; Laurienti, Paul J.; Burdette, Jonathan H.; Hayasaka, Satoru

2010-01-01

Recent developments in network theory have allowed for the study of the structure and function of the human brain in terms of a network of interconnected components. Among the many nodes that form a network, some play a crucial role and are said to be central within the network structure. Central nodes may be identified via centrality metrics, with degree, betweenness, and eigenvector centrality being three of the most popular measures. Degree identifies the most connected nodes, whereas betweenness centrality identifies those located on the most traveled paths. Eigenvector centrality considers nodes connected to other high degree nodes as highly central. In the work presented here, we propose a new centrality metric called leverage centrality that considers the extent of connectivity of a node relative to the connectivity of its neighbors. The leverage centrality of a node in a network is determined by the extent to which its immediate neighbors rely on that node for information. Although similar in concept, there are essential differences between eigenvector and leverage centrality that are discussed in this manuscript. Degree, betweenness, eigenvector, and leverage centrality were compared using functional brain networks generated from healthy volunteers. Functional cartography was also used to identify neighborhood hubs (nodes with high degree within a network neighborhood). Provincial hubs provide structure within the local community, and connector hubs mediate connections between multiple communities. Leverage proved to yield information that was not captured by degree, betweenness, or eigenvector centrality and was more accurate at identifying neighborhood hubs. We propose that this metric may be able to identify critical nodes that are highly influential within the network. PMID:20808943

Autocorrelation of the susceptible-infected-susceptible process on networks

NASA Astrophysics Data System (ADS)

Liu, Qiang; Van Mieghem, Piet

2018-06-01

In this paper, we focus on the autocorrelation of the susceptible-infected-susceptible (SIS) process on networks. The N -intertwined mean-field approximation (NIMFA) is applied to calculate the autocorrelation properties of the exact SIS process. We derive the autocorrelation of the infection state of each node and the fraction of infected nodes both in the steady and transient states as functions of the infection probabilities of nodes. Moreover, we show that the autocorrelation can be used to estimate the infection and curing rates of the SIS process. The theoretical results are compared with the simulation of the exact SIS process. Our work fully utilizes the potential of the mean-field method and shows that NIMFA can indeed capture the autocorrelation properties of the exact SIS process.

A Graph Oriented Approach for Network Forensic Analysis

ERIC Educational Resources Information Center

Wang, Wei

2010-01-01

Network forensic analysis is a process that analyzes intrusion evidence captured from networked environment to identify suspicious entities and stepwise actions in an attack scenario. Unfortunately, the overwhelming amount and low quality of output from security sensors make it difficult for analysts to obtain a succinct high-level view of complex…

Assessing the Effect of Honeypots on Cyber-Attackers

DTIC Science & Technology

2006-12-01

provide a process for modeling threats and decision cycles. The third to fifth sections provide the history and overview of honeypots and anti-honeypot...XP Professional with SP2 Data Capture (SUSE Linux 10) Primary Goal Store Snort Data Storage PostgreSQL 8.1.1 Fake Self-contained Honeynet (SUSE

Cognitive Models for Learning to Control Dynamic Systems

DTIC Science & Technology

2008-05-30

2 3N NM NM NMK NK M− + + + + constraints, including KN M+ equality constraints, 7 2NM M+ inequality non- timing constraints and the rest are... inequality timing constraints. The size of the MILP model grows rapidly with the increase of problem size. So it is a big challenge to deal with more...task requirement, are studied in the section. An assumption is made in advance that the time of attack delay and flight time to the sink node are

Network Management and FDIR for SpaceWire Networks (N-MaSS)

NASA Astrophysics Data System (ADS)

Montano, Giuseppe; Jameux, David; Cook, Barry; Peel, Rodger; McCormick, Ecaterina; Walker, Paul; Kollias, Vangelis; Pogkas, Nikos

2014-08-01

The SpaceWire network management layer, which manages network topology and routing, is not yet standardised. This paper presents the European Space Agency (ESA) N-MaSS study, which focuses on implementation and standardisation of Fault Detection, Isolation and Recovery (FDIR) functions within the SpaceWire network management layer. N-MaSS provides an autonomous FDIR solution. It is defined at the SpaceWire network layer in order to achieve efficient re-use for heterogeneous missions, allowing for the incorporation of legacy equipment. The N-MaSS FDIR functions identify SpaceWire link and node failures and provide recovery using redundant nodes.This paper provides an overview of the overall N- MaSS study. In particular, the following topics are discussed: (a) how user requirements have been captured from the industry, SpaceWire Working Group and ESA; (b) how the N-MaSS architecture was organically shaped on the basis of the requirements captured; (c) how the N-MaSS concept is currently being implemented in a demonstrator and verified.

[Hyperimmunoglobulin D syndrome].

PubMed

Drenth, J P; Denecker, N E; Prieur, A M; Van der Meer, J W

1995-09-16

The hyper-IgD syndrome is a rare entity characterized by early onset of attacks of periodic fever. All patients have an elevated serum IgD (> 100 U/ml). Symptoms during attacks include joint involvements (arthralgias/arthritis), abdominal complaints (vomiting, pain, diarrhoea), skin lesions, swollen lymph nodes, and headache. In 1992 an International hyper-IgD study group was established, and to date the diagnosis has been made in 60, mainly European patients; 14 come from France. The disorder occurs in families and is transmitted by autosomal recessive inheritance. Linkage studies indicate that the gene encoding for familial Mediterranean fever is different from the gene for the hyper-IgD syndrome. In children the hyper-IgD syndrome should be distinguished from two other periodic febrile disorders. CINCA (chronic inflammatory, neurological, cutaneous and articular syndrome) and FAPA (periodic fever, adenopathies, pharyngitis, and aphtous stomatitis) share some symptoms with the hyper-IgD syndrome but in these syndromes serum IgD is normal. The pathogenesis remains to be elucidated but during attacks all patients have an acute-phase response with elevated C-reactive protein concentrations. During the febrile episodes, the inflammatory cytokines such as IL-6 TNF alpha, IFN gamma are increased together with natural occurring inhibitors such as IL-1ra and sTNFr. There is no therapy for the syndrome and patients will experience attacks during their entire life although frequency and severity tend to diminish with age.

A cooperative game framework for detecting overlapping communities in social networks

NASA Astrophysics Data System (ADS)

Jonnalagadda, Annapurna; Kuppusamy, Lakshmanan

2018-02-01

Community detection in social networks is a challenging and complex task, which received much attention from researchers of multiple domains in recent years. The evolution of communities in social networks happens merely due to the self-interest of the nodes. The interesting feature of community structure in social networks is the multi membership of the nodes resulting in overlapping communities. Assuming the nodes of the social network as self-interested players, the dynamics of community formation can be captured in the form of a game. In this paper, we propose a greedy algorithm, namely, Weighted Graph Community Game (WGCG), in order to model the interactions among the self-interested nodes of the social network. The proposed algorithm employs the Shapley value mechanism to discover the inherent communities of the underlying social network. The experimental evaluation on the real-world and synthetic benchmark networks demonstrates that the performance of the proposed algorithm is superior to the state-of-the-art overlapping community detection algorithms.

Trade-offs between driving nodes and time-to-control in complex networks

PubMed Central

Pequito, Sérgio; Preciado, Victor M.; Barabási, Albert-László; Pappas, George J.

2017-01-01

Recent advances in control theory provide us with efficient tools to determine the minimum number of driving (or driven) nodes to steer a complex network towards a desired state. Furthermore, we often need to do it within a given time window, so it is of practical importance to understand the trade-offs between the minimum number of driving/driven nodes and the minimum time required to reach a desired state. Therefore, we introduce the notion of actuation spectrum to capture such trade-offs, which we used to find that in many complex networks only a small fraction of driving (or driven) nodes is required to steer the network to a desired state within a relatively small time window. Furthermore, our empirical studies reveal that, even though synthetic network models are designed to present structural properties similar to those observed in real networks, their actuation spectra can be dramatically different. Thus, it supports the need to develop new synthetic network models able to replicate controllability properties of real-world networks. PMID:28054597

Trade-offs between driving nodes and time-to-control in complex networks

NASA Astrophysics Data System (ADS)

Pequito, Sérgio; Preciado, Victor M.; Barabási, Albert-László; Pappas, George J.

2017-01-01

Recent advances in control theory provide us with efficient tools to determine the minimum number of driving (or driven) nodes to steer a complex network towards a desired state. Furthermore, we often need to do it within a given time window, so it is of practical importance to understand the trade-offs between the minimum number of driving/driven nodes and the minimum time required to reach a desired state. Therefore, we introduce the notion of actuation spectrum to capture such trade-offs, which we used to find that in many complex networks only a small fraction of driving (or driven) nodes is required to steer the network to a desired state within a relatively small time window. Furthermore, our empirical studies reveal that, even though synthetic network models are designed to present structural properties similar to those observed in real networks, their actuation spectra can be dramatically different. Thus, it supports the need to develop new synthetic network models able to replicate controllability properties of real-world networks.

Thermal acclimation of interactions: differential responses to temperature change alter predator-prey relationship.

PubMed

Grigaltchik, Veronica S; Ward, Ashley J W; Seebacher, Frank

2012-10-07

Different species respond differently to environmental change so that species interactions cannot be predicted from single-species performance curves. We tested the hypothesis that interspecific difference in the capacity for thermal acclimation modulates predator-prey interactions. Acclimation of locomotor performance in a predator (Australian bass, Macquaria novemaculeata) was qualitatively different to that of its prey (eastern mosquitofish, Gambusia holbrooki). Warm (25°C) acclimated bass made more attacks than cold (15°C) acclimated fish regardless of acute test temperatures (10-30°C), and greater frequency of attacks was associated with increased prey capture success. However, the number of attacks declined at the highest test temperature (30°C). Interestingly, escape speeds of mosquitofish during predation trials were greater than burst speeds measured in a swimming arena, whereas attack speeds of bass were lower than burst speeds. As a result, escape speeds of mosquitofish were greater at warm temperatures (25°C and 30°C) than attack speeds of bass. The decline in the number of attacks and the increase in escape speed of prey means that predation pressure decreases at high temperatures. We show that differential thermal responses affect species interactions even at temperatures that are within thermal tolerance ranges. This thermal sensitivity of predator-prey interactions can be a mechanism by which global warming affects ecological communities.

Thermal acclimation of interactions: differential responses to temperature change alter predator–prey relationship

PubMed Central

Grigaltchik, Veronica S.; Ward, Ashley J. W.; Seebacher, Frank

2012-01-01

Different species respond differently to environmental change so that species interactions cannot be predicted from single-species performance curves. We tested the hypothesis that interspecific difference in the capacity for thermal acclimation modulates predator–prey interactions. Acclimation of locomotor performance in a predator (Australian bass, Macquaria novemaculeata) was qualitatively different to that of its prey (eastern mosquitofish, Gambusia holbrooki). Warm (25°C) acclimated bass made more attacks than cold (15°C) acclimated fish regardless of acute test temperatures (10–30°C), and greater frequency of attacks was associated with increased prey capture success. However, the number of attacks declined at the highest test temperature (30°C). Interestingly, escape speeds of mosquitofish during predation trials were greater than burst speeds measured in a swimming arena, whereas attack speeds of bass were lower than burst speeds. As a result, escape speeds of mosquitofish were greater at warm temperatures (25°C and 30°C) than attack speeds of bass. The decline in the number of attacks and the increase in escape speed of prey means that predation pressure decreases at high temperatures. We show that differential thermal responses affect species interactions even at temperatures that are within thermal tolerance ranges. This thermal sensitivity of predator–prey interactions can be a mechanism by which global warming affects ecological communities. PMID:22859598

Model of myosin node aggregation into a contractile ring: the effect of local alignment

NASA Astrophysics Data System (ADS)

Ojkic, Nikola; Wu, Jian-Qiu; Vavylonis, Dimitrios

2011-09-01

Actomyosin bundles frequently form through aggregation of membrane-bound myosin clusters. One such example is the formation of the contractile ring in fission yeast from a broad band of cortical nodes. Nodes are macromolecular complexes containing several dozens of myosin-II molecules and a few formin dimers. The condensation of a broad band of nodes into the contractile ring has been previously described by a search, capture, pull and release (SCPR) model. In SCPR, a random search process mediated by actin filaments nucleated by formins leads to transient actomyosin connections among nodes that pull one another into a ring. The SCPR model reproduces the transport of nodes over long distances and predicts observed clump-formation instabilities in mutants. However, the model does not generate transient linear elements and meshwork structures as observed in some wild-type and mutant cells during ring assembly. As a minimal model of node alignment, we added short-range aligning forces to the SCPR model representing currently unresolved mechanisms that may involve structural components, cross-linking and bundling proteins. We studied the effect of the local node alignment mechanism on ring formation numerically. We varied the new parameters and found viable rings for a realistic range of values. Morphologically, transient structures that form during ring assembly resemble those observed in experiments with wild-type and cdc25-22 cells. Our work supports a hierarchical process of ring self-organization involving components drawn together from distant parts of the cell followed by progressive stabilization.

Flight Tests of a 0.13-Scale Model of the Convair XFY-1 Vertically Rising Airplane with the Lower Vertical Tail Removed, TED No.DE 368

NASA Technical Reports Server (NTRS)

Lovell, Powell M., Jr.

1954-01-01

An experimental investigation has been conducted to determine the dynamic stability and control characteristics in hovering and transition flight of a 0.13-scale flying model of the Convair XFY-1 vertically rising airplane with the lower vertical tail removed. The purpose of the tests was to obtain a general indication of the behavior of a vertically rising airplane of the same general type as the XFY-1 but without a lower vertical tail in order to simplify power-off belly landings in an emergency. The model was flown satisfactorily in hovering flight and in the transition from hovering to normal unstalled forward flight (angle of attack approximately 30deg). From an angle of attack of about 30 down to the lowest angle of attack covered in the flight tests (approximately 15deg) the model became progressively more difficult to control. These control difficulties were attributed partly to a lightly damped Dutch roll oscillation and partly to the fact that the control deflections required for hovering and transition flight were too great for smooth flight at high speeds. In the low-angle-of-attack range not covered in the flight tests, force tests have indicated very low static directional stability which would probably result in poor flight characteristics. It appears, therefore, that the attainment of satisfactory directional stability, at angles of attack less than 10deg, rather than in the hovering and transition ranges of flight is the critical factor in the design of the vertical tail for such a configuration.

Relation extraction for biological pathway construction using node2vec.

PubMed

Kim, Munui; Baek, Seung Han; Song, Min

2018-06-13

Systems biology is an important field for understanding whole biological mechanisms composed of interactions between biological components. One approach for understanding complex and diverse mechanisms is to analyze biological pathways. However, because these pathways consist of important interactions and information on these interactions is disseminated in a large number of biomedical reports, text-mining techniques are essential for extracting these relationships automatically. In this study, we applied node2vec, an algorithmic framework for feature learning in networks, for relationship extraction. To this end, we extracted genes from paper abstracts using pkde4j, a text-mining tool for detecting entities and relationships. Using the extracted genes, a co-occurrence network was constructed and node2vec was used with the network to generate a latent representation. To demonstrate the efficacy of node2vec in extracting relationships between genes, performance was evaluated for gene-gene interactions involved in a type 2 diabetes pathway. Moreover, we compared the results of node2vec to those of baseline methods such as co-occurrence and DeepWalk. Node2vec outperformed existing methods in detecting relationships in the type 2 diabetes pathway, demonstrating that this method is appropriate for capturing the relatedness between pairs of biological entities involved in biological pathways. The results demonstrated that node2vec is useful for automatic pathway construction.

Hybrid Radio Frequency/Free-Space Optics (RF/FSO) Wireless Sensor Network: Security Concerns and Protective Measures

NASA Astrophysics Data System (ADS)

Banerjee, Koushik; Sharma, Hemant; Sengupta, Anasuya

Wireless sensor networks (WSNs) are ad hoc wireless networks that are written off as spread out structure and ad hoc deployment. Sensor networks have all the rudimentary features of ad hoc networks but to altered points—for instance, considerably lesser movement and far more energy necessities. Commonly used technology for communication is radio frequency (RF) communications. Free-space optics (FSO) is relatively new technology which has the prospective to deliver remarkable increases in network lifetime of WSN. Hybrid RF/FSO communications has been suggested to decrease power consumption by a single sensor node. It is observed that security plays a very important role for either RF WSN or hybrid RF/FSO WSN as those are vulnerable to numerous threats. In this paper, various possible attacks in RF/FSO WSN are discussed and aimed to propose some way out from those attacks.

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

PubMed

Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Abdul Manaf, Azizah; Sakurai, Kouichi; Anada, Hiroaki; Anada, Hiroki; Keshavarz, Hassan; Ashraf Chaudhry, Shehzad; Khurram Khan, Muhammad

2015-01-01

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

The research and application of the NDP protocol vulnerability attack and the defense technology based on SEND

NASA Astrophysics Data System (ADS)

Xi, Huixing

2017-05-01

Neighbor discovery protocol (NDP) is the underlying protocol in the IPv6 protocol, which is mainly used to solve the problem of interconnection between nodes on the same link. But with wide use of IPV6, NDP becomes the main objects of a variety of attacks due to a lack of security mechanism. The paper introduces the working principle of the NDP and methods of how the SEND protocol to enhance NDP security defense. It also analyzes and summarizes the security threats caused by the defects of the protocol itself. On the basis of the SEND protocol, the NDP data packet structure is modified to enhance the security of the SEND. An improved NDP cheating defense technology is put forward to make up the defects of the SEND protocol which can't verify the correctness of the public key and cannot bind the MAC address.

Robust general N user authentication scheme in a centralized quantum communication network via generalized GHZ states

NASA Astrophysics Data System (ADS)

Farouk, Ahmed; Batle, J.; Elhoseny, M.; Naseri, Mosayeb; Lone, Muzaffar; Fedorov, Alex; Alkhambashi, Majid; Ahmed, Syed Hassan; Abdel-Aty, M.

2018-04-01

Quantum communication provides an enormous advantage over its classical counterpart: security of communications based on the very principles of quantum mechanics. Researchers have proposed several approaches for user identity authentication via entanglement. Unfortunately, these protocols fail because an attacker can capture some of the particles in a transmitted sequence and send what is left to the receiver through a quantum channel. Subsequently, the attacker can restore some of the confidential messages, giving rise to the possibility of information leakage. Here we present a new robust General N user authentication protocol based on N-particle Greenberger-Horne-Zeilinger (GHZ) states, which makes eavesdropping detection more effective and secure, as compared to some current authentication protocols. The security analysis of our protocol for various kinds of attacks verifies that it is unconditionally secure, and that an attacker will not obtain any information about the transmitted key. Moreover, as the number of transferred key bits N becomes larger, while the number of users for transmitting the information is increased, the probability of effectively obtaining the transmitted authentication keys is reduced to zero.

Password-only authenticated three-party key exchange with provable security in the standard model.

PubMed

Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

Applying network theory to animal movements to identify properties of landscape space use.

PubMed

Bastille-Rousseau, Guillaume; Douglas-Hamilton, Iain; Blake, Stephen; Northrup, Joseph M; Wittemyer, George

2018-04-01

Network (graph) theory is a popular analytical framework to characterize the structure and dynamics among discrete objects and is particularly effective at identifying critical hubs and patterns of connectivity. The identification of such attributes is a fundamental objective of animal movement research, yet network theory has rarely been applied directly to animal relocation data. We develop an approach that allows the analysis of movement data using network theory by defining occupied pixels as nodes and connection among these pixels as edges. We first quantify node-level (local) metrics and graph-level (system) metrics on simulated movement trajectories to assess the ability of these metrics to pull out known properties in movement paths. We then apply our framework to empirical data from African elephants (Loxodonta africana), giant Galapagos tortoises (Chelonoidis spp.), and mule deer (Odocoileous hemionus). Our results indicate that certain node-level metrics, namely degree, weight, and betweenness, perform well in capturing local patterns of space use, such as the definition of core areas and paths used for inter-patch movement. These metrics were generally applicable across data sets, indicating their robustness to assumptions structuring analysis or strategies of movement. Other metrics capture local patterns effectively, but were sensitive to specified graph properties, indicating case specific applications. Our analysis indicates that graph-level metrics are unlikely to outperform other approaches for the categorization of general movement strategies (central place foraging, migration, nomadism). By identifying critical nodes, our approach provides a robust quantitative framework to identify local properties of space use that can be used to evaluate the effect of the loss of specific nodes on range wide connectivity. Our network approach is intuitive, and can be implemented across imperfectly sampled or large-scale data sets efficiently, providing a framework for conservationists to analyze movement data. Functions created for the analyses are available within the R package moveNT. © 2018 by the Ecological Society of America.

Using Computer-extracted Image Phenotypes from Tumors on Breast MRI to Predict Breast Cancer Pathologic Stage

PubMed Central

Burnside, Elizabeth S.; Drukker, Karen; Li, Hui; Bonaccio, Ermelinda; Zuley, Margarita; Ganott, Marie; Net, Jose M.; Sutton, Elizabeth; Brandt, Kathleen R.; Whitman, Gary; Conzen, Suzanne; Lan, Li; Ji, Yuan; Zhu, Yitan; Jaffe, Carl; Huang, Erich; Freymann, John; Kirby, Justin; Morris, Elizabeth; Giger, Maryellen

2015-01-01

Background To demonstrate that computer-extracted image phenotypes (CEIPs) of biopsy-proven breast cancer on MRI can accurately predict pathologic stage. Methods We used a dataset of de-identified breast MRIs organized by the National Cancer Institute in The Cancer Imaging Archive. We analyzed 91 biopsy-proven breast cancer cases with pathologic stage (stage I = 22; stage II = 58; stage III = 11) and surgically proven nodal status (negative nodes = 46, ≥ 1 positive node = 44, no nodes examined = 1). We characterized tumors by (a) radiologist measured size, and (b) CEIP. We built models combining two CEIPs to predict tumor pathologic stage and lymph node involvement, evaluated them in leave-one-out cross-validation with area under the ROC curve (AUC) as figure of merit. Results Tumor size was the most powerful predictor of pathologic stage but CEIPs capturing biologic behavior also emerged as predictive (e.g. stage I+II vs. III demonstrated AUC = 0.83). No size measure was successful in the prediction of positive lymph nodes but adding a CEIP describing tumor “homogeneity,” significantly improved this discrimination (AUC = 0.62, p=.003) over chance. Conclusions Our results indicate that MRI phenotypes show promise for predicting breast cancer pathologic stage and lymph node status. PMID:26619259

Ensuring Data Storage Security in Tree cast Routing Architecture for Sensor Networks

NASA Astrophysics Data System (ADS)

Kumar, K. E. Naresh; Sagar, U. Vidya; Waheed, Mohd. Abdul

2010-10-01

In this paper presents recent advances in technology have made low-cost, low-power wireless sensors with efficient energy consumption. A network of such nodes can coordinate among themselves for distributed sensing and processing of certain data. For which, we propose an architecture to provide a stateless solution in sensor networks for efficient routing in wireless sensor networks. This type of architecture is known as Tree Cast. We propose a unique method of address allocation, building up multiple disjoint trees which are geographically inter-twined and rooted at the data sink. Using these trees, routing messages to and from the sink node without maintaining any routing state in the sensor nodes is possible. In contrast to traditional solutions, where the IT services are under proper physical, logical and personnel controls, this routing architecture moves the application software and databases to the large data centers, where the management of the data and services may not be fully trustworthy. This unique attribute, however, poses many new security challenges which have not been well understood. In this paper, we focus on data storage security, which has always been an important aspect of quality of service. To ensure the correctness of users' data in this architecture, we propose an effective and flexible distributed scheme with two salient features, opposing to its predecessors. By utilizing the homomorphic token with distributed verification of erasure-coded data, our scheme achieves the integration of storage correctness insurance and data error localization, i.e., the identification of misbehaving server(s). Unlike most prior works, the new scheme further supports secure and efficient dynamic operations on data blocks, including: data update, delete and append. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks.

Host range and community structure of avian nest parasites in the genus Philornis (Diptera: Muscidae) on the island of Trinidad.

PubMed

Bulgarella, Mariana; Heimpel, George E

2015-09-01

Parasite host range can be influenced by physiological, behavioral, and ecological factors. Combining data sets on host-parasite associations with phylogenetic information of the hosts and the parasites involved can generate evolutionary hypotheses about the selective forces shaping host range. Here, we analyzed associations between the nest-parasitic flies in the genus Philornis and their host birds on Trinidad. Four of ten Philornis species were only reared from one species of bird. Of the parasite species with more than one host bird species, P. falsificus was the least specific and P. deceptivus the most specific attacking only Passeriformes. Philornis flies in Trinidad thus include both specialists and generalists, with varying degrees of specificity within the generalists. We used three quantities to more formally compare the host range of Philornis flies: the number of bird species attacked by each species of Philornis, a phylogenetically informed host specificity index (Poulin and Mouillot's S TD), and a branch length-based S TD. We then assessed the phylogenetic signal of these measures of host range for 29 bird species. None of these measures showed significant phylogenetic signal, suggesting that clades of Philornis did not differ significantly in their ability to exploit hosts. We also calculated two quantities of parasite species load for the birds - the parasite species richness, and a variant of the S TD index based on nodes rather than on taxonomic levels - and assessed the signal of these measures on the bird phylogeny. We did not find significant phylogenetic signal for the parasite species load or the node-based S TD index. Finally, we calculated the parasite associations for all bird pairs using the Jaccard index and regressed these similarity values against the number of nodes in the phylogeny separating bird pairs. This analysis showed that Philornis on Trinidad tend to feed on closely related bird species more often than expected by chance.

A performance study of unmanned aerial vehicle-based sensor networks under cyber attack

NASA Astrophysics Data System (ADS)

Puchaty, Ethan M.

In UAV-based sensor networks, an emerging area of interest is the performance of these networks under cyber attack. This study seeks to evaluate the performance trade-offs from a System-of-Systems (SoS) perspective between various UAV communications architecture options in the context two missions: tracking ballistic missiles and tracking insurgents. An agent-based discrete event simulation is used to model a sensor communication network consisting of UAVs, military communications satellites, ground relay stations, and a mission control center. Network susceptibility to cyber attack is modeled with probabilistic failures and induced data variability, with performance metrics focusing on information availability, latency, and trustworthiness. Results demonstrated that using UAVs as routers increased network availability with a minimal latency penalty and communications satellite networks were best for long distance operations. Redundancy in the number of links between communication nodes helped mitigate cyber-caused link failures and add robustness in cases of induced data variability by an adversary. However, when failures were not independent, redundancy and UAV routing were detrimental in some cases to network performance. Sensitivity studies indicated that long cyber-caused downtimes and increasing failure dependencies resulted in build-ups of failures and caused significant degradations in network performance.

Privacy Preserved and Secured Reliable Routing Protocol for Wireless Mesh Networks.

PubMed

Meganathan, Navamani Thandava; Palanichamy, Yogesh

2015-01-01

Privacy preservation and security provision against internal attacks in wireless mesh networks (WMNs) are more demanding than in wired networks due to the open nature and mobility of certain nodes in the network. Several schemes have been proposed to preserve privacy and provide security in WMNs. To provide complete privacy protection in WMNs, the properties of unobservability, unlinkability, and anonymity are to be ensured during route discovery. These properties can be achieved by implementing group signature and ID-based encryption schemes during route discovery. Due to the characteristics of WMNs, it is more vulnerable to many network layer attacks. Hence, a strong protection is needed to avoid these attacks and this can be achieved by introducing a new Cross-Layer and Subject Logic based Dynamic Reputation (CLSL-DR) mechanism during route discovery. In this paper, we propose a new Privacy preserved and Secured Reliable Routing (PSRR) protocol for WMNs. This protocol incorporates group signature, ID-based encryption schemes, and CLSL-DR mechanism to ensure strong privacy, security, and reliability in WMNs. Simulation results prove this by showing better performance in terms of most of the chosen parameters than the existing protocols.

SEAODV: A Security Enhanced AODV Routing Protocol for Wireless Mesh Networks

NASA Astrophysics Data System (ADS)

Li, Celia; Wang, Zhuang; Yang, Cungang

In this paper, we propose a Security Enhanced AODV routing protocol (SEAODV) for wireless mesh networks (WMN). SEAODV employs Blom's key pre-distribution scheme to compute the pairwise transient key (PTK) through the flooding of enhanced HELLO message and subsequently uses the established PTK to distribute the group transient key (GTK). PTK and GTK authenticate unicast and broadcast routing messages respectively. In WMN, a unique PTK is shared by each pair of nodes, while GTK is shared secretly between the node and all its one-hop neighbours. A message authentication code (MAC) is attached as the extension to the original AODV routing message to guarantee the message's authenticity and integrity in a hop-by-hop fashion. Security analysis and performance evaluation show that SEAODV is more effective in preventing identified routing attacks and outperforms ARAN and SAODV in terms of computation cost and route acquisition latency.

AEGIS: A Lightweight Firewall for Wireless Sensor Networks

NASA Astrophysics Data System (ADS)

Hossain, Mohammad Sajjad; Raghunathan, Vijay

Firewalls are an essential component in today's networked computing systems (desktops, laptops, and servers) and provide effective protection against a variety of over-the-network security attacks. With the development of technologies such as IPv6 and 6LoWPAN that pave the way for Internet-connected embedded systems and sensor networks, these devices will soon be subject to (and need to be defended against) similar security threats. As a first step, this paper presents Aegis, a lightweight, rule-based firewall for networked embedded systems such as wireless sensor networks. Aegis is based on a semantically rich, yet simple, rule definition language. In addition, Aegis is highly efficient during operation, runs in a transparent manner from running applications, and is easy to maintain. Experimental results obtained using real sensor nodes and cycle-accurate simulations demonstrate that Aegis successfully performs gatekeeping of a sensor node's communication traffic in a flexible manner with minimal overheads.

Multiple-Flat-Panel System Displays Multidimensional Data

NASA Technical Reports Server (NTRS)

Gundo, Daniel; Levit, Creon; Henze, Christopher; Sandstrom, Timothy; Ellsworth, David; Green, Bryan; Joly, Arthur

2006-01-01

The NASA Ames hyperwall is a display system designed to facilitate the visualization of sets of multivariate and multidimensional data like those generated in complex engineering and scientific computations. The hyperwall includes a 77 matrix of computer-driven flat-panel video display units, each presenting an image of 1,280 1,024 pixels. The term hyperwall reflects the fact that this system is a more capable successor to prior computer-driven multiple-flat-panel display systems known by names that include the generic term powerwall and the trade names PowerWall and Powerwall. Each of the 49 flat-panel displays is driven by a rack-mounted, dual-central-processing- unit, workstation-class personal computer equipped with a hig-hperformance graphical-display circuit card and with a hard-disk drive having a storage capacity of 100 GB. Each such computer is a slave node in a master/ slave computing/data-communication system (see Figure 1). The computer that acts as the master node is similar to the slave-node computers, except that it runs the master portion of the system software and is equipped with a keyboard and mouse for control by a human operator. The system utilizes commercially available master/slave software along with custom software that enables the human controller to interact simultaneously with any number of selected slave nodes. In a powerwall, a single rendering task is spread across multiple processors and then the multiple outputs are tiled into one seamless super-display. It must be noted that the hyperwall concept subsumes the powerwall concept in that a single scene could be rendered as a mosaic image on the hyperwall. However, the hyperwall offers a wider set of capabilities to serve a different purpose: The hyperwall concept is one of (1) simultaneously displaying multiple different but related images, and (2) providing means for composing and controlling such sets of images. In place of elaborate software or hardware crossbar switches, the hyperwall concept substitutes reliance on the human visual system for integration, synthesis, and discrimination of patterns in complex and high-dimensional data spaces represented by the multiple displayed images. The variety of multidimensional data sets that can be displayed on the hyperwall is practically unlimited. For example, Figure 2 shows a hyperwall display of surface pressures and streamlines from a computational simulation of airflow about an aerospacecraft at various Mach numbers and angles of attack. In this display, Mach numbers increase from left to right and angles of attack increase from bottom to top. That is, all images in the same column represent simulations at the same Mach number, while all images in the same row represent simulations at the same angle of attack. The same viewing transformations and the same mapping from surface pressure to colors were used in generating all the images.

Chess Evolution Visualization.

PubMed

Lu, Wei-Li; Wang, Yu-Shuen; Lin, Wen-Chieh

2014-05-01

We present a chess visualization to convey the changes in a game over successive generations. It contains a score chart, an evolution graph and a chess board, such that users can understand a game from global to local viewpoints. Unlike current graphical chess tools, which focus only on highlighting pieces that are under attack and require sequential investigation, our visualization shows potential outcomes after a piece is moved and indicates how much tactical advantage the player can have over the opponent. Users can first glance at the score chart to roughly obtain the growth and decline of advantages from both sides, and then examine the position relations and the piece placements, to know how the pieces are controlled and how the strategy works. To achieve this visualization, we compute the decision tree using artificial intelligence to analyze a game, in which each node represents a chess position and each edge connects two positions that are one-move different. We then merge nodes representing the same chess position, and shorten branches where nodes on them contain only two neighbors, in order to achieve readability. During the graph rendering, the nodes containing events such as draws, effective checks and checkmates, are highlighted because they show how a game is ended. As a result, our visualization helps players understand a chess game so that they can efficiently learn strategies and tactics. The presented results, evaluations, and the conducted user studies demonstrate the feasibility of our visualization design.

Flee or fight: ontogenetic changes in the behavior of cobweb spiders in encounters with spider-hunting wasps.

PubMed

Uma, Divya B; Weiss, Martha R

2012-12-01

An animal's body size plays a predominant role in shaping its interspecific interactions, and, in encounters between two predators, often determines which shall be predator and which shall be prey. Spiders are top predators of insects, yet can fall prey to mud-dauber wasps that provision their larval nests with paralyzed spiders. Here we examined predator-prey interactions between Chalybion californicum (Saussure) (Sphecidae), a mud-dauber wasp, and Parasteatoda tepidariorum C. L. Koch (Theridiidae), a cobweb spider. We examined whether a spider's size influences its response to an attacking wasp, and report a size-dependent change in spider behavior: small-sized spiders fled, whereas medium- and large-sized spiders fought in response to wasp attacks. From the wasps' perspective, we examined whether spider size influences a wasp's hunting behavior and capture success. We found that wasps commonly approached small spiders, but were much less likely to approach medium and large spiders. However, wasp capture success did not vary with spider size. We also report a strategy used by Chalybion wasps toward cobweb spiders that is consistent with an interpretation of aggressive mimicry.

A Markov game theoretic data fusion approach for cyber situational awareness

NASA Astrophysics Data System (ADS)

Shen, Dan; Chen, Genshe; Cruz, Jose B., Jr.; Haynes, Leonard; Kruger, Martin; Blasch, Erik

2007-04-01

This paper proposes an innovative data-fusion/ data-mining game theoretic situation awareness and impact assessment approach for cyber network defense. Alerts generated by Intrusion Detection Sensors (IDSs) or Intrusion Prevention Sensors (IPSs) are fed into the data refinement (Level 0) and object assessment (L1) data fusion components. High-level situation/threat assessment (L2/L3) data fusion based on Markov game model and Hierarchical Entity Aggregation (HEA) are proposed to refine the primitive prediction generated by adaptive feature/pattern recognition and capture new unknown features. A Markov (Stochastic) game method is used to estimate the belief of each possible cyber attack pattern. Game theory captures the nature of cyber conflicts: determination of the attacking-force strategies is tightly coupled to determination of the defense-force strategies and vice versa. Also, Markov game theory deals with uncertainty and incompleteness of available information. A software tool is developed to demonstrate the performance of the high level information fusion for cyber network defense situation and a simulation example shows the enhanced understating of cyber-network defense.

A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks

PubMed Central

Zhang, Ruisheng; Liu, Qidong

2017-01-01

Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research. PMID:28135288

A Temporal Credential-Based Mutual Authentication with Multiple-Password Scheme for Wireless Sensor Networks.

PubMed

Liu, Xin; Zhang, Ruisheng; Liu, Qidong

2017-01-01

Wireless sensor networks (WSNs), which consist of a large number of sensor nodes, have become among the most important technologies in numerous fields, such as environmental monitoring, military surveillance, control systems in nuclear reactors, vehicle safety systems, and medical monitoring. The most serious drawback for the widespread application of WSNs is the lack of security. Given the resource limitation of WSNs, traditional security schemes are unsuitable. Approaches toward withstanding related attacks with small overhead have thus recently been studied by many researchers. Numerous studies have focused on the authentication scheme for WSNs, but most of these works cannot achieve the security performance and overhead perfectly. Nam et al. proposed a two-factor authentication scheme with lightweight sensor computation for WSNs. In this paper, we review this scheme, emphasize its drawbacks, and propose a temporal credential-based mutual authentication with a multiple-password scheme for WSNs. Our scheme uses multiple passwords to achieve three-factor security performance and generate a session key between user and sensor nodes. The security analysis phase shows that our scheme can withstand related attacks, including a lost password threat, and the comparison phase shows that our scheme involves a relatively small overhead. In the comparison of the overhead phase, the result indicates that more than 95% of the overhead is composed of communication and not computation overhead. Therefore, the result motivates us to pay further attention to communication overhead than computation overhead in future research.

High resolution distributed time-to-digital converter (TDC) in a White Rabbit network

NASA Astrophysics Data System (ADS)

Pan, Weibin; Gong, Guanghua; Du, Qiang; Li, Hongming; Li, Jianmin

2014-02-01

The Large High Altitude Air Shower Observatory (LHAASO) project consists of a complex detector array with over 6000 detector nodes spreading over 1.2 km2 areas. The arrival times of shower particles are captured by time-to-digital converters (TDCs) in the detectors' frontend electronics, the arrival direction of the high energy cosmic ray are then to be reconstructed from the space-time information of all detector nodes. To guarantee the angular resolution of 0.5°, a time synchronization of 500 ps (RMS) accuracy and 100 ps precision must be achieved among all TDC nodes. A technology enhancing Gigabit Ethernet, called the White Rabbit (WR), has shown the capability of delivering sub-nanosecond accuracy and picoseconds precision of synchronization over the standard data packet transfer. In this paper we demonstrate a distributed TDC prototype system combining the FPGA based TDC and the WR technology. With the time synchronization and data transfer services from a compact WR node, separate FPGA-TDC nodes can be combined to provide uniform time measurement information for correlated events. The design detail and test performance will be described in the paper.

Efficient weighting strategy for enhancing synchronizability of complex networks

NASA Astrophysics Data System (ADS)

Wang, Youquan; Yu, Feng; Huang, Shucheng; Tu, Juanjuan; Chen, Yan

2018-04-01

Networks with high propensity to synchronization are desired in many applications ranging from biology to engineering. In general, there are two ways to enhance the synchronizability of a network: link rewiring and/or link weighting. In this paper, we propose a new link weighting strategy based on the concept of the neighborhood subgroup. The neighborhood subgroup of a node i through node j in a network, i.e. Gi→j, means that node u belongs to Gi→j if node u belongs to the first-order neighbors of j (not include i). Our proposed weighting schema used the local and global structural properties of the networks such as the node degree, betweenness centrality and closeness centrality measures. We applied the method on scale-free and Watts-Strogatz networks of different structural properties and show the good performance of the proposed weighting scheme. Furthermore, as model networks cannot capture all essential features of real-world complex networks, we considered a number of undirected and unweighted real-world networks. To the best of our knowledge, the proposed weighting strategy outperformed the previously published weighting methods by enhancing the synchronizability of these real-world networks.

When attempts at robbing prey turn fatal

NASA Astrophysics Data System (ADS)

Dejean, Alain; Corbara, Bruno; Azémar, Frédéric; Carpenter, James M.

2012-07-01

Because group-hunting arboreal ants spread-eagle insect prey for a long time before retrieving them, these prey can be coveted by predatory flying insects. Yet, attempting to rob these prey is risky if the ant species is also an effective predator. Here, we show that trying to rob prey from Azteca andreae workers is a fatal error as 268 out of 276 potential cleptobionts (97.1 %) were captured in turn. The ant workers hunt in a group and use the "Velcro®" principle to cling firmly to the leaves of their host tree, permitting them to capture very large prey. Exceptions were one social wasp, plus some Trigona spp. workers and flies that landed directly on the prey and were able to take off immediately when attacked. We conclude that in this situation, previously captured prey attract potential cleptobionts that are captured in turn in most of the cases.

Measure of robustness for complex networks

NASA Astrophysics Data System (ADS)

Youssef, Mina Nabil

Critical infrastructures are repeatedly attacked by external triggers causing tremendous amount of damages. Any infrastructure can be studied using the powerful theory of complex networks. A complex network is composed of extremely large number of different elements that exchange commodities providing significant services. The main functions of complex networks can be damaged by different types of attacks and failures that degrade the network performance. These attacks and failures are considered as disturbing dynamics, such as the spread of viruses in computer networks, the spread of epidemics in social networks, and the cascading failures in power grids. Depending on the network structure and the attack strength, every network differently suffers damages and performance degradation. Hence, quantifying the robustness of complex networks becomes an essential task. In this dissertation, new metrics are introduced to measure the robustness of technological and social networks with respect to the spread of epidemics, and the robustness of power grids with respect to cascading failures. First, we introduce a new metric called the Viral Conductance (VCSIS ) to assess the robustness of networks with respect to the spread of epidemics that are modeled through the susceptible/infected/susceptible (SIS) epidemic approach. In contrast to assessing the robustness of networks based on a classical metric, the epidemic threshold, the new metric integrates the fraction of infected nodes at steady state for all possible effective infection strengths. Through examples, VCSIS provides more insights about the robustness of networks than the epidemic threshold. In addition, both the paradoxical robustness of Barabasi-Albert preferential attachment networks and the effect of the topology on the steady state infection are studied, to show the importance of quantifying the robustness of networks. Second, a new metric VCSIR is introduced to assess the robustness of networks with respect to the spread of susceptible/infected/recovered (SIR) epidemics. To compute VCSIR, we propose a novel individual-based approach to model the spread of SIR epidemics in networks, which captures the infection size for a given effective infection rate. Thus, VCSIR quantitatively integrates the infection strength with the corresponding infection size. To optimize the VCSIR metric, a new mitigation strategy is proposed, based on a temporary reduction of contacts in social networks. The social contact network is modeled as a weighted graph that describes the frequency of contacts among the individuals. Thus, we consider the spread of an epidemic as a dynamical system, and the total number of infection cases as the state of the system, while the weight reduction in the social network is the controller variable leading to slow/reduce the spread of epidemics. Using optimal control theory, the obtained solution represents an optimal adaptive weighted network defined over a finite time interval. Moreover, given the high complexity of the optimization problem, we propose two heuristics to find the near optimal solutions by reducing the contacts among the individuals in a decentralized way. Finally, the cascading failures that can take place in power grids and have recently caused several blackouts are studied. We propose a new metric to assess the robustness of the power grid with respect to the cascading failures. The power grid topology is modeled as a network, which consists of nodes and links representing power substations and transmission lines, respectively. We also propose an optimal islanding strategy to protect the power grid when a cascading failure event takes place in the grid. The robustness metrics are numerically evaluated using real and synthetic networks to quantify their robustness with respect to disturbing dynamics. We show that the proposed metrics outperform the classical metrics in quantifying the robustness of networks and the efficiency of the mitigation strategies. In summary, our work advances the network science field in assessing the robustness of complex networks with respect to various disturbing dynamics.

Multiresolution molecular mechanics: Surface effects in nanoscale materials

NASA Astrophysics Data System (ADS)

Yang, Qingcheng; To, Albert C.

2017-05-01

Surface effects have been observed to contribute significantly to the mechanical response of nanoscale structures. The newly proposed energy-based coarse-grained atomistic method Multiresolution Molecular Mechanics (MMM) (Yang, To (2015), [57]) is applied to capture surface effect for nanosized structures by designing a surface summation rule SRS within the framework of MMM. Combined with previously proposed bulk summation rule SRB, the MMM summation rule SRMMM is completed. SRS and SRB are consistently formed within SRMMM for general finite element shape functions. Analogous to quadrature rules in finite element method (FEM), the key idea to the good performance of SRMMM lies in that the order or distribution of energy for coarse-grained atomistic model is mathematically derived such that the number, position and weight of quadrature-type (sampling) atoms can be determined. Mathematically, the derived energy distribution of surface area is different from that of bulk region. Physically, the difference is due to the fact that surface atoms lack neighboring bonding. As such, SRS and SRB are employed for surface and bulk domains, respectively. Two- and three-dimensional numerical examples using the respective 4-node bilinear quadrilateral, 8-node quadratic quadrilateral and 8-node hexahedral meshes are employed to verify and validate the proposed approach. It is shown that MMM with SRMMM accurately captures corner, edge and surface effects with less 0.3% degrees of freedom of the original atomistic system, compared against full atomistic simulation. The effectiveness of SRMMM with respect to high order element is also demonstrated by employing the 8-node quadratic quadrilateral to solve a beam bending problem considering surface effect. In addition, the introduced sampling error with SRMMM that is analogous to numerical integration error with quadrature rule in FEM is very small.

Spectrum-Based and Collaborative Network Topology Analysis and Visualization

ERIC Educational Resources Information Center

Hu, Xianlin

2013-01-01

Networks are of significant importance in many application domains, such as World Wide Web and social networks, which often embed rich topological information. Since network topology captures the organization of network nodes and links, studying network topology is very important to network analysis. In this dissertation, we study networks by…

A knowledge-based system design/information tool

NASA Technical Reports Server (NTRS)

Allen, James G.; Sikora, Scott E.

1990-01-01

The objective of this effort was to develop a Knowledge Capture System (KCS) for the Integrated Test Facility (ITF) at the Dryden Flight Research Facility (DFRF). The DFRF is a NASA Ames Research Center (ARC) facility. This system was used to capture the design and implementation information for NASA's high angle-of-attack research vehicle (HARV), a modified F/A-18A. In particular, the KCS was used to capture specific characteristics of the design of the HARV fly-by-wire (FBW) flight control system (FCS). The KCS utilizes artificial intelligence (AI) knowledge-based system (KBS) technology. The KCS enables the user to capture the following characteristics of automated systems: the system design; the hardware (H/W) design and implementation; the software (S/W) design and implementation; and the utilities (electrical and hydraulic) design and implementation. A generic version of the KCS was developed which can be used to capture the design information for any automated system. The deliverable items for this project consist of the prototype generic KCS and an application, which captures selected design characteristics of the HARV FCS.

Undermining and Strengthening Social Networks through Network Modification

PubMed Central

Mellon, Jonathan; Yoder, Jordan; Evans, Daniel

2016-01-01

Social networks have well documented effects at the individual and aggregate level. Consequently it is often useful to understand how an attempt to influence a network will change its structure and consequently achieve other goals. We develop a framework for network modification that allows for arbitrary objective functions, types of modification (e.g. edge weight addition, edge weight removal, node removal, and covariate value change), and recovery mechanisms (i.e. how a network responds to interventions). The framework outlined in this paper helps both to situate the existing work on network interventions but also opens up many new possibilities for intervening in networks. In particular use two case studies to highlight the potential impact of empirically calibrating the objective function and network recovery mechanisms as well as showing how interventions beyond node removal can be optimised. First, we simulate an optimal removal of nodes from the Noordin terrorist network in order to reduce the expected number of attacks (based on empirically predicting the terrorist collaboration network from multiple types of network ties). Second, we simulate optimally strengthening ties within entrepreneurial ecosystems in six developing countries. In both cases we estimate ERGM models to simulate how a network will endogenously evolve after intervention. PMID:27703198

Undermining and Strengthening Social Networks through Network Modification.

PubMed

Mellon, Jonathan; Yoder, Jordan; Evans, Daniel

2016-10-05

Social networks have well documented effects at the individual and aggregate level. Consequently it is often useful to understand how an attempt to influence a network will change its structure and consequently achieve other goals. We develop a framework for network modification that allows for arbitrary objective functions, types of modification (e.g. edge weight addition, edge weight removal, node removal, and covariate value change), and recovery mechanisms (i.e. how a network responds to interventions). The framework outlined in this paper helps both to situate the existing work on network interventions but also opens up many new possibilities for intervening in networks. In particular use two case studies to highlight the potential impact of empirically calibrating the objective function and network recovery mechanisms as well as showing how interventions beyond node removal can be optimised. First, we simulate an optimal removal of nodes from the Noordin terrorist network in order to reduce the expected number of attacks (based on empirically predicting the terrorist collaboration network from multiple types of network ties). Second, we simulate optimally strengthening ties within entrepreneurial ecosystems in six developing countries. In both cases we estimate ERGM models to simulate how a network will endogenously evolve after intervention.

Undermining and Strengthening Social Networks through Network Modification

NASA Astrophysics Data System (ADS)

Mellon, Jonathan; Yoder, Jordan; Evans, Daniel

2016-10-01

Social networks have well documented effects at the individual and aggregate level. Consequently it is often useful to understand how an attempt to influence a network will change its structure and consequently achieve other goals. We develop a framework for network modification that allows for arbitrary objective functions, types of modification (e.g. edge weight addition, edge weight removal, node removal, and covariate value change), and recovery mechanisms (i.e. how a network responds to interventions). The framework outlined in this paper helps both to situate the existing work on network interventions but also opens up many new possibilities for intervening in networks. In particular use two case studies to highlight the potential impact of empirically calibrating the objective function and network recovery mechanisms as well as showing how interventions beyond node removal can be optimised. First, we simulate an optimal removal of nodes from the Noordin terrorist network in order to reduce the expected number of attacks (based on empirically predicting the terrorist collaboration network from multiple types of network ties). Second, we simulate optimally strengthening ties within entrepreneurial ecosystems in six developing countries. In both cases we estimate ERGM models to simulate how a network will endogenously evolve after intervention.

A Dependable Localization Algorithm for Survivable Belt-Type Sensor Networks.

PubMed

Zhu, Mingqiang; Song, Fei; Xu, Lei; Seo, Jung Taek; You, Ilsun

2017-11-29

As the key element, sensor networks are widely investigated by the Internet of Things (IoT) community. When massive numbers of devices are well connected, malicious attackers may deliberately propagate fake position information to confuse the ordinary users and lower the network survivability in belt-type situation. However, most existing positioning solutions only focus on the algorithm accuracy and do not consider any security aspects. In this paper, we propose a comprehensive scheme for node localization protection, which aims to improve the energy-efficient, reliability and accuracy. To handle the unbalanced resource consumption, a node deployment mechanism is presented to satisfy the energy balancing strategy in resource-constrained scenarios. According to cooperation localization theory and network connection property, the parameter estimation model is established. To achieve reliable estimations and eliminate large errors, an improved localization algorithm is created based on modified average hop distances. In order to further improve the algorithms, the node positioning accuracy is enhanced by using the steepest descent method. The experimental simulations illustrate the performance of new scheme can meet the previous targets. The results also demonstrate that it improves the belt-type sensor networks' survivability, in terms of anti-interference, network energy saving, etc.

A Dependable Localization Algorithm for Survivable Belt-Type Sensor Networks

PubMed Central

Zhu, Mingqiang; Song, Fei; Xu, Lei; Seo, Jung Taek

2017-01-01

As the key element, sensor networks are widely investigated by the Internet of Things (IoT) community. When massive numbers of devices are well connected, malicious attackers may deliberately propagate fake position information to confuse the ordinary users and lower the network survivability in belt-type situation. However, most existing positioning solutions only focus on the algorithm accuracy and do not consider any security aspects. In this paper, we propose a comprehensive scheme for node localization protection, which aims to improve the energy-efficient, reliability and accuracy. To handle the unbalanced resource consumption, a node deployment mechanism is presented to satisfy the energy balancing strategy in resource-constrained scenarios. According to cooperation localization theory and network connection property, the parameter estimation model is established. To achieve reliable estimations and eliminate large errors, an improved localization algorithm is created based on modified average hop distances. In order to further improve the algorithms, the node positioning accuracy is enhanced by using the steepest descent method. The experimental simulations illustrate the performance of new scheme can meet the previous targets. The results also demonstrate that it improves the belt-type sensor networks’ survivability, in terms of anti-interference, network energy saving, etc. PMID:29186072

Towards a Low-Cost Remote Memory Attestation for the Smart Grid

PubMed Central

Yang, Xinyu; He, Xiaofei; Yu, Wei; Lin, Jie; Li, Rui; Yang, Qingyu; Song, Houbing

2015-01-01

In the smart grid, measurement devices may be compromised by adversaries, and their operations could be disrupted by attacks. A number of schemes to efficiently and accurately detect these compromised devices remotely have been proposed. Nonetheless, most of the existing schemes detecting compromised devices depend on the incremental response time in the attestation process, which are sensitive to data transmission delay and lead to high computation and network overhead. To address the issue, in this paper, we propose a low-cost remote memory attestation scheme (LRMA), which can efficiently and accurately detect compromised smart meters considering real-time network delay and achieve low computation and network overhead. In LRMA, the impact of real-time network delay on detecting compromised nodes can be eliminated via investigating the time differences reported from relay nodes. Furthermore, the attestation frequency in LRMA is dynamically adjusted with the compromised probability of each node, and then, the total number of attestations could be reduced while low computation and network overhead can be achieved. Through a combination of extensive theoretical analysis and evaluations, our data demonstrate that our proposed scheme can achieve better detection capacity and lower computation and network overhead in comparison to existing schemes. PMID:26307998

Towards a Low-Cost Remote Memory Attestation for the Smart Grid.

PubMed

Yang, Xinyu; He, Xiaofei; Yu, Wei; Lin, Jie; Li, Rui; Yang, Qingyu; Song, Houbing

2015-08-21

In the smart grid, measurement devices may be compromised by adversaries, and their operations could be disrupted by attacks. A number of schemes to efficiently and accurately detect these compromised devices remotely have been proposed. Nonetheless, most of the existing schemes detecting compromised devices depend on the incremental response time in the attestation process, which are sensitive to data transmission delay and lead to high computation and network overhead. To address the issue, in this paper, we propose a low-cost remote memory attestation scheme (LRMA), which can efficiently and accurately detect compromised smart meters considering real-time network delay and achieve low computation and network overhead. In LRMA, the impact of real-time network delay on detecting compromised nodes can be eliminated via investigating the time differences reported from relay nodes. Furthermore, the attestation frequency in LRMA is dynamically adjusted with the compromised probability of each node, and then, the total number of attestations could be reduced while low computation and network overhead can be achieved. Through a combination of extensive theoretical analysis and evaluations, our data demonstrate that our proposed scheme can achieve better detection capacity and lower computation and network overhead in comparison to existing schemes.

Effects in the network topology due to node aggregation: Empirical evidence from the domestic maritime transportation in Greece

NASA Astrophysics Data System (ADS)

Tsiotas, Dimitrios; Polyzos, Serafeim

2018-02-01

This article studies the topological consistency of spatial networks due to node aggregation, examining the changes captured between different network representations that result from nodes' grouping and they refer to the same socioeconomic system. The main purpose of this study is to evaluate what kind of topological information remains unalterable due to node aggregation and, further, to develop a framework for linking the data of an empirical network with data of its socioeconomic environment, when the latter are available for hierarchically higher levels of aggregation, in an effort to promote the interdisciplinary research in the field of complex network analysis. The research question is empirically tested on topological and socioeconomic data extracted from the Greek Maritime Network (GMN) that is modeled as a non-directed multilayer (bilayer) graph consisting of a port-layer, where nodes represent ports, and a prefecture-layer, where nodes represent coastal and insular prefectural groups of ports. The analysis highlights that the connectivity (degree) of the GMN is the most consistent aspect of this multilayer network, which preserves both the topological and the socioeconomic information through node aggregation. In terms of spatial analysis and regional science, such effects illustrate the effectiveness of the prefectural administrative division for the functionality of the Greek maritime transportation system. Overall, this approach proposes a methodological framework that can enjoy further applications about the grouping effects induced on the network topology, providing physical, technical, socioeconomic, strategic or political insights.

Synomones of two sympatric species deter attack by the pine engraver, Ips pini (Coleoptera: Scolytidae)

Treesearch

John H. Borde; D.R. Delvin; Dan R. Miller

1991-01-01

The capture of pine engravers, Ips pini (Say), in ipdienol-baited, multiple-funnel traps in British Columbia was significantly reduced when devices releasing ipsenol or verbenone were placed in the traps. These results suggest that ipsenol and verbenone are synomones release by Ips latidens (LeC.) and the mountain pine beetle,

Field capture of Thyanta perditor with pheromone-baited traps and cross-attraction to other pentatomids

USDA-ARS?s Scientific Manuscript database

In Brazil, Thyanta perditor is one of the stink bugs attacking soybean and also could be found on others crops such as wheat, sunflower and sorghum. The objective of this work was to test the field attractiveness of traps baited with synthetic T. perditor pheromone. Two-liter transparent plastic sof...

An Anti-Electromagnetic Attack PUF Based on a Configurable Ring Oscillator for Wireless Sensor Networks

PubMed Central

Lu, Zhaojun; Li, Dongfang; Liu, Hailong; Gong, Mingyang; Liu, Zhenglin

2017-01-01

Wireless sensor networks (WSNs) are an emerging technology employed in some crucial applications. However, limited resources and physical exposure to attackers make security a challenging issue for a WSN. Ring oscillator-based physical unclonable function (RO PUF) is a potential option to protect the security of sensor nodes because it is able to generate random responses efficiently for a key extraction mechanism, which prevents the non-volatile memory from storing secret keys. In order to deploy RO PUF in a WSN, hardware efficiency, randomness, uniqueness, and reliability should be taken into account. Besides, the resistance to electromagnetic (EM) analysis attack is important to guarantee the security of RO PUF itself. In this paper, we propose a novel architecture of configurable RO PUF based on exclusive-or (XOR) gates. First, it dramatically increases the hardware efficiency compared with other types of RO PUFs. Second, it mitigates the vulnerability to EM analysis attack by placing the adjacent RO arrays in accordance with the cosine wave and sine wave so that the frequency of each RO cannot be detected. We implement our proposal in XINLINX A-7 field programmable gate arrays (FPGAs) and conduct a set of experiments to evaluate the quality of the responses. The results show that responses pass the National Institute of Standards and Technology (NIST) statistical test and have good uniqueness and reliability under different environments. Therefore, the proposed configurable RO PUF is suitable to establish a key extraction mechanism in a WSN. PMID:28914756

An Anti-Electromagnetic Attack PUF Based on a Configurable Ring Oscillator for Wireless Sensor Networks.

PubMed

Lu, Zhaojun; Li, Dongfang; Liu, Hailong; Gong, Mingyang; Liu, Zhenglin

2017-09-15

Wireless sensor networks (WSNs) are an emerging technology employed in some crucial applications. However, limited resources and physical exposure to attackers make security a challenging issue for a WSN. Ring oscillator-based physical unclonable function (RO PUF) is a potential option to protect the security of sensor nodes because it is able to generate random responses efficiently for a key extraction mechanism, which prevents the non-volatile memory from storing secret keys. In order to deploy RO PUF in a WSN, hardware efficiency, randomness, uniqueness, and reliability should be taken into account. Besides, the resistance to electromagnetic (EM) analysis attack is important to guarantee the security of RO PUF itself. In this paper, we propose a novel architecture of configurable RO PUF based on exclusive-or (XOR) gates. First, it dramatically increases the hardware efficiency compared with other types of RO PUFs. Second, it mitigates the vulnerability to EM analysis attack by placing the adjacent RO arrays in accordance with the cosine wave and sine wave so that the frequency of each RO cannot be detected. We implement our proposal in XINLINX A-7 field programmable gate arrays (FPGAs) and conduct a set of experiments to evaluate the quality of the responses. The results show that responses pass the National Institute of Standards and Technology (NIST) statistical test and have good uniqueness and reliability under different environments. Therefore, the proposed configurable RO PUF is suitable to establish a key extraction mechanism in a WSN.

Suppressed epidemics in multirelational networks

NASA Astrophysics Data System (ADS)

Xu, Elvis H. W.; Wang, Wei; Xu, C.; Tang, Ming; Do, Younghae; Hui, P. M.

2015-08-01

A two-state epidemic model in networks with links mimicking two kinds of relationships between connected nodes is introduced. Links of weights w1 and w0 occur with probabilities p and 1 -p , respectively. The fraction of infected nodes ρ (p ) shows a nonmonotonic behavior, with ρ drops with p for small p and increases for large p . For small to moderate w1/w0 ratios, ρ (p ) exhibits a minimum that signifies an optimal suppression. For large w1/w0 ratios, the suppression leads to an absorbing phase consisting only of healthy nodes within a range pL≤p ≤pR , and an active phase with mixed infected and healthy nodes for p pR . A mean field theory that ignores spatial correlation is shown to give qualitative agreement and capture all the key features. A physical picture that emphasizes the intricate interplay between infections via w0 links and within clusters formed by nodes carrying the w1 links is presented. The absorbing state at large w1/w0 ratios results when the clusters are big enough to disrupt the spread via w0 links and yet small enough to avoid an epidemic within the clusters. A theory that uses the possible local environments of a node as variables is formulated. The theory gives results in good agreement with simulation results, thereby showing the necessity of including longer spatial correlations.

A Game Theoretic Approach for Balancing Energy Consumption in Clustered Wireless Sensor Networks.

PubMed

Yang, Liu; Lu, Yinzhi; Xiong, Lian; Tao, Yang; Zhong, Yuanchang

2017-11-17

Clustering is an effective topology control method in wireless sensor networks (WSNs), since it can enhance the network lifetime and scalability. To prolong the network lifetime in clustered WSNs, an efficient cluster head (CH) optimization policy is essential to distribute the energy among sensor nodes. Recently, game theory has been introduced to model clustering. Each sensor node is considered as a rational and selfish player which will play a clustering game with an equilibrium strategy. Then it decides whether to act as the CH according to this strategy for a tradeoff between providing required services and energy conservation. However, how to get the equilibrium strategy while maximizing the payoff of sensor nodes has rarely been addressed to date. In this paper, we present a game theoretic approach for balancing energy consumption in clustered WSNs. With our novel payoff function, realistic sensor behaviors can be captured well. The energy heterogeneity of nodes is considered by incorporating a penalty mechanism in the payoff function, so the nodes with more energy will compete for CHs more actively. We have obtained the Nash equilibrium (NE) strategy of the clustering game through convex optimization. Specifically, each sensor node can achieve its own maximal payoff when it makes the decision according to this strategy. Through plenty of simulations, our proposed game theoretic clustering is proved to have a good energy balancing performance and consequently the network lifetime is greatly enhanced.

Kinetics of Social Contagion

NASA Astrophysics Data System (ADS)

Ruan, Zhongyuan; Iñiguez, Gerardo; Karsai, Márton; Kertész, János

2015-11-01

Diffusion of information, behavioral patterns or innovations follows diverse pathways depending on a number of conditions, including the structure of the underlying social network, the sensitivity to peer pressure and the influence of media. Here we study analytically and by simulations a general model that incorporates threshold mechanism capturing sensitivity to peer pressure, the effect of "immune" nodes who never adopt, and a perpetual flow of external information. While any constant, nonzero rate of dynamically introduced spontaneous adopters leads to global spreading, the kinetics by which the asymptotic state is approached shows rich behavior. In particular, we find that, as a function of the immune node density, there is a transition from fast to slow spreading governed by entirely different mechanisms. This transition happens below the percolation threshold of network fragmentation, and has its origin in the competition between cascading behavior induced by adopters and blocking due to immune nodes. This change is accompanied by a percolation transition of the induced clusters.

Avatar - a multi-sensory system for real time body position monitoring.

PubMed

Jovanov, E; Hanish, N; Courson, V; Stidham, J; Stinson, H; Webb, C; Denny, K

2009-01-01

Virtual reality and computer assisted physical rehabilitation applications require an unobtrusive and inexpensive real time monitoring systems. Existing systems are usually complex and expensive and based on infrared monitoring. In this paper we propose Avatar, a hybrid system consisting of off-the-shelf components and sensors. Absolute positioning of a few reference points is determined using infrared diode on subject's body and a set of Wii Remotes as optical sensors. Individual body segments are monitored by intelligent inertial sensor nodes iSense. A network of inertial nodes is controlled by a master node that serves as a gateway for communication with a capture device. Each sensor features a 3D accelerometer and a 2 axis gyroscope. Avatar system is used for control of avatars in Virtual Reality applications, but could be used in a variety of augmented reality, gaming, and computer assisted physical rehabilitation applications.

A Collection of Features for Semantic Graphs

DOE Office of Scientific and Technical Information (OSTI.GOV)

Eliassi-Rad, T; Fodor, I K; Gallagher, B

2007-05-02

Semantic graphs are commonly used to represent data from one or more data sources. Such graphs extend traditional graphs by imposing types on both nodes and links. This type information defines permissible links among specified nodes and can be represented as a graph commonly referred to as an ontology or schema graph. Figure 1 depicts an ontology graph for data from National Association of Securities Dealers. Each node type and link type may also have a list of attributes. To capture the increased complexity of semantic graphs, concepts derived for standard graphs have to be extended. This document explains brieflymore » features commonly used to characterize graphs, and their extensions to semantic graphs. This document is divided into two sections. Section 2 contains the feature descriptions for static graphs. Section 3 extends the features for semantic graphs that vary over time.« less

Semantic Analysis of Email Using Domain Ontologies and WordNet

NASA Technical Reports Server (NTRS)

Berrios, Daniel C.; Keller, Richard M.

2005-01-01

The problem of capturing and accessing knowledge in paper form has been supplanted by a problem of providing structure to vast amounts of electronic information. Systems that can construct semantic links for natural language documents like email messages automatically will be a crucial element of semantic email tools. We have designed an information extraction process that can leverage the knowledge already contained in an existing semantic web, recognizing references in email to existing nodes in a network of ontology instances by using linguistic knowledge and knowledge of the structure of the semantic web. We developed a heuristic score that uses several forms of evidence to detect references in email to existing nodes in the Semanticorganizer repository's network. While these scores cannot directly support automated probabilistic inference, they can be used to rank nodes by relevance and link those deemed most relevant to email messages.

Hi-alpha forebody design. Part 1: Methodology base and initial parametrics

NASA Technical Reports Server (NTRS)

Mason, William H.; Ravi, R.

1992-01-01

The use of Computational Fluid Dynamics (CFD) has been investigated for the analysis and design of aircraft forebodies at high angle of attack combined with sideslip. The results of the investigation show that CFD has reached a level of development where computational methods can be used for high angle of attack aerodynamic design. The classic wind tunnel experiment for the F-5A forebody directional stability has been reproduced computationally over an angle of attack range from 10 degrees to 45 degrees, and good agreement with experimental data was obtained. Computations have also been made at combined angle of attack and sideslip over a chine forebody, demonstrating the qualitative features of the flow, although not producing good agreement with measured experimental pressure distributions. The computations were performed using the code known as cfl3D for both the Euler equations and the Reynolds equations using a form of the Baldwin-Lomax turbulence model. To study the relation between forebody shape and directional stability characteristics, a generic parametric forebody model has been defined which provides a simple analytic math model with flexibility to capture the key shape characteristics of the entire range of forebodies of interest, including chines.

Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

PubMed Central

Nam, Junghyun; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon

2014-01-01

Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks. PMID:24977229

Art concept, line drawing and Service Module of the ISS

NASA Image and Video Library

1998-04-13

S98-04904 (21 July 1997) --- The Space Shuttle Endeavour prepares to capture the Functional Cargo Block (FGB) using the shuttle's mechanical arm in this artist's depiction of the first Space Shuttle assembly flight for the International Space Station (ISS), mission STS-88 scheduled to launch in December 1998. The shuttle will carry the first United States-built component for the station, a connecting module called Node 1 or Unity, and attach it to the already orbiting FGB, which supplies early electrical power and propulsion. The FGB, Zarya, will have been launched about two weeks earlier on a Russian Proton rocket from the Baikonur Cosmodrome, Kazahkstan. Once the FGB is captured using the mechanical arm, astronaut Nancy J. Currie will maneuver the arm to dock the FGB to the conical mating adapter at the top of Node 1 in the Shuttle's cargo bay. In ensuing days, three Extravehicular Activity?s (EVA) by astronauts Jerry L. Ross and James H. Newman will be performed to make power, data and utility connections between the two modules.

Defense Strategies for Asymmetric Networked Systems with Discrete Components.

PubMed

Rao, Nageswara S V; Ma, Chris Y T; Hausken, Kjell; He, Fei; Yau, David K Y; Zhuang, Jun

2018-05-03

We consider infrastructures consisting of a network of systems, each composed of discrete components. The network provides the vital connectivity between the systems and hence plays a critical, asymmetric role in the infrastructure operations. The individual components of the systems can be attacked by cyber and physical means and can be appropriately reinforced to withstand these attacks. We formulate the problem of ensuring the infrastructure performance as a game between an attacker and a provider, who choose the numbers of the components of the systems and network to attack and reinforce, respectively. The costs and benefits of attacks and reinforcements are characterized using the sum-form, product-form and composite utility functions, each composed of a survival probability term and a component cost term. We present a two-level characterization of the correlations within the infrastructure: (i) the aggregate failure correlation function specifies the infrastructure failure probability given the failure of an individual system or network, and (ii) the survival probabilities of the systems and network satisfy first-order differential conditions that capture the component-level correlations using multiplier functions. We derive Nash equilibrium conditions that provide expressions for individual system survival probabilities and also the expected infrastructure capacity specified by the total number of operational components. We apply these results to derive and analyze defense strategies for distributed cloud computing infrastructures using cyber-physical models.

Defense Strategies for Asymmetric Networked Systems with Discrete Components

PubMed Central

Rao, Nageswara S. V.; Ma, Chris Y. T.; Hausken, Kjell; He, Fei; Yau, David K. Y.

2018-01-01

We consider infrastructures consisting of a network of systems, each composed of discrete components. The network provides the vital connectivity between the systems and hence plays a critical, asymmetric role in the infrastructure operations. The individual components of the systems can be attacked by cyber and physical means and can be appropriately reinforced to withstand these attacks. We formulate the problem of ensuring the infrastructure performance as a game between an attacker and a provider, who choose the numbers of the components of the systems and network to attack and reinforce, respectively. The costs and benefits of attacks and reinforcements are characterized using the sum-form, product-form and composite utility functions, each composed of a survival probability term and a component cost term. We present a two-level characterization of the correlations within the infrastructure: (i) the aggregate failure correlation function specifies the infrastructure failure probability given the failure of an individual system or network, and (ii) the survival probabilities of the systems and network satisfy first-order differential conditions that capture the component-level correlations using multiplier functions. We derive Nash equilibrium conditions that provide expressions for individual system survival probabilities and also the expected infrastructure capacity specified by the total number of operational components. We apply these results to derive and analyze defense strategies for distributed cloud computing infrastructures using cyber-physical models. PMID:29751588

A comprehensive Network Security Risk Model for process control networks.

PubMed

Henry, Matthew H; Haimes, Yacov Y

2009-02-01

The risk of cyber attacks on process control networks (PCN) is receiving significant attention due to the potentially catastrophic extent to which PCN failures can damage the infrastructures and commodity flows that they support. Risk management addresses the coupled problems of (1) reducing the likelihood that cyber attacks would succeed in disrupting PCN operation and (2) reducing the severity of consequences in the event of PCN failure or manipulation. The Network Security Risk Model (NSRM) developed in this article provides a means of evaluating the efficacy of candidate risk management policies by modeling the baseline risk and assessing expectations of risk after the implementation of candidate measures. Where existing risk models fall short of providing adequate insight into the efficacy of candidate risk management policies due to shortcomings in their structure or formulation, the NSRM provides model structure and an associated modeling methodology that captures the relevant dynamics of cyber attacks on PCN for risk analysis. This article develops the NSRM in detail in the context of an illustrative example.

Launching large computing applications on a disk-less cluster

NASA Astrophysics Data System (ADS)

Schwemmer, Rainer; Caicedo Carvajal, Juan Manuel; Neufeld, Niko

2011-12-01

The LHCb Event Filter Farm system is based on a cluster of the order of 1.500 disk-less Linux nodes. Each node runs one instance of the filtering application per core. The amount of cores in our current production environment is 8 per machine for the old cluster and 12 per machine on extension of the cluster. Each instance has to load about 1.000 shared libraries, weighting 200 MB from several directory locations from a central repository. The repository is currently hosted on a SAN and exported via NFS. The libraries are all available in the local file system cache on every node. Loading a library still causes a huge number of requests to the server though, because the loader will try to probe every available path. Measurements show there are between 100.000-200.000 calls per application instance start up. Multiplied by the numbers of cores in the farm, this translates into a veritable DDoS attack on the servers, which lasts several minutes. Since the application is being restarted frequently, a better solution had to be found.scp Rolling out the software to the nodes is out of the question, because they have no disks and the software in it's entirety is too large to put into a ram disk. To solve this problem we developed a FUSE based file systems which acts as a permanent, controllable cache that keeps the essential files that are necessary in stock.

Bat predation by spiders.

PubMed

Nyffeler, Martin; Knörnschild, Mirjam

2013-01-01

In this paper more than 50 incidences of bats being captured by spiders are reviewed. Bat-catching spiders have been reported from virtually every continent with the exception of Antarctica (≈ 90% of the incidences occurring in the warmer areas of the globe between latitude 30° N and 30° S). Most reports refer to the Neotropics (42% of observed incidences), Asia (28.8%), and Australia-Papua New Guinea (13.5%). Bat-catching spiders belong to the mygalomorph family Theraphosidae and the araneomorph families Nephilidae, Araneidae, and Sparassidae. In addition to this, an attack attempt by a large araneomorph hunting spider of the family Pisauridae on an immature bat was witnessed. Eighty-eight percent of the reported incidences of bat catches were attributable to web-building spiders and 12% to hunting spiders. Large tropical orb-weavers of the genera Nephila and Eriophora in particular have been observed catching bats in their huge, strong orb-webs (of up to 1.5 m diameter). The majority of identifiable captured bats were small aerial insectivorous bats, belonging to the families Vespertilionidae (64%) and Emballonuridae (22%) and usually being among the most common bat species in their respective geographic area. While in some instances bats entangled in spider webs may have died of exhaustion, starvation, dehydration, and/or hyperthermia (i.e., non-predation death), there were numerous other instances where spiders were seen actively attacking, killing, and eating the captured bats (i.e., predation). This evidence suggests that spider predation on flying vertebrates is more widespread than previously assumed.

Bat Predation by Spiders

PubMed Central

Nyffeler, Martin; Knörnschild, Mirjam

2013-01-01

In this paper more than 50 incidences of bats being captured by spiders are reviewed. Bat-catching spiders have been reported from virtually every continent with the exception of Antarctica (∼90% of the incidences occurring in the warmer areas of the globe between latitude 30° N and 30° S). Most reports refer to the Neotropics (42% of observed incidences), Asia (28.8%), and Australia-Papua New Guinea (13.5%). Bat-catching spiders belong to the mygalomorph family Theraphosidae and the araneomorph families Nephilidae, Araneidae, and Sparassidae. In addition to this, an attack attempt by a large araneomorph hunting spider of the family Pisauridae on an immature bat was witnessed. Eighty-eight percent of the reported incidences of bat catches were attributable to web-building spiders and 12% to hunting spiders. Large tropical orb-weavers of the genera Nephila and Eriophora in particular have been observed catching bats in their huge, strong orb-webs (of up to 1.5 m diameter). The majority of identifiable captured bats were small aerial insectivorous bats, belonging to the families Vespertilionidae (64%) and Emballonuridae (22%) and usually being among the most common bat species in their respective geographic area. While in some instances bats entangled in spider webs may have died of exhaustion, starvation, dehydration, and/or hyperthermia (i.e., non-predation death), there were numerous other instances where spiders were seen actively attacking, killing, and eating the captured bats (i.e., predation). This evidence suggests that spider predation on flying vertebrates is more widespread than previously assumed. PMID:23516436

Coffee berry borer in conilon coffee in the Brazilian Cerrado: an ancient pest in a new environment.

PubMed

Oliveira, C M; Santos, M J; Amabile, R F; Frizzas, M R; Bartholo, G F

2018-02-01

The aim of this study was to verify the occurrence of the coffee berry borer, Hypothenemus hampei (Ferrari), and to evaluate the population fluctuation of the pest in the Brazilian Cerrado (Federal District). The study was conducted, between November 2014 and October 2015, at Embrapa Cerrados (Planaltina/DF, Brazil) in an irrigated conilon coffee production area. In November 2014, 120 samples (ten berries/sample) were collected from berries that had fallen on the ground from the previous harvest. Between November 2014 and October 2015, insects were collected weekly, using traps (polyethylene terephthalate bottles) baited with ethyl alcohol (98 GL), ethyl alcohol (98 GL) with coffee powder, or molasses. Between January and July 2015, samples were collected fortnightly from 92 plants (12 berries per plant). All samples were evaluated for the presence of adult coffee berry borers. Samples from the previous harvest had an attack incidence of 72.4%. The baited traps captured 4062 H. hampei adults, and showed no statistical difference in capture efficiency among the baits. Pest population peaked in the dry season, with the largest percentage of captured adults occurring in July (31.0%). An average of 18.6% of the collected berries was attacked by the borer and the highest percentage incidence was recorded in July (33.2%). Our results suggest that the coffee berry borer, if not properly managed, could constitute a limiting factor for conilon coffee production in the Brazilian Cerrado.

A nonparametric significance test for sampled networks.

PubMed

Elliott, Andrew; Leicht, Elizabeth; Whitmore, Alan; Reinert, Gesine; Reed-Tsochas, Felix

2018-01-01

Our work is motivated by an interest in constructing a protein-protein interaction network that captures key features associated with Parkinson's disease. While there is an abundance of subnetwork construction methods available, it is often far from obvious which subnetwork is the most suitable starting point for further investigation. We provide a method to assess whether a subnetwork constructed from a seed list (a list of nodes known to be important in the area of interest) differs significantly from a randomly generated subnetwork. The proposed method uses a Monte Carlo approach. As different seed lists can give rise to the same subnetwork, we control for redundancy by constructing a minimal seed list as the starting point for the significance test. The null model is based on random seed lists of the same length as a minimum seed list that generates the subnetwork; in this random seed list the nodes have (approximately) the same degree distribution as the nodes in the minimum seed list. We use this null model to select subnetworks which deviate significantly from random on an appropriate set of statistics and might capture useful information for a real world protein-protein interaction network. The software used in this paper are available for download at https://sites.google.com/site/elliottande/. The software is written in Python and uses the NetworkX library. ande.elliott@gmail.com or felix.reed-tsochas@sbs.ox.ac.uk. Supplementary data are available at Bioinformatics online. © The Author 2017. Published by Oxford University Press.

A nonparametric significance test for sampled networks

PubMed Central

Leicht, Elizabeth; Whitmore, Alan; Reinert, Gesine; Reed-Tsochas, Felix

2018-01-01

Abstract Motivation Our work is motivated by an interest in constructing a protein–protein interaction network that captures key features associated with Parkinson’s disease. While there is an abundance of subnetwork construction methods available, it is often far from obvious which subnetwork is the most suitable starting point for further investigation. Results We provide a method to assess whether a subnetwork constructed from a seed list (a list of nodes known to be important in the area of interest) differs significantly from a randomly generated subnetwork. The proposed method uses a Monte Carlo approach. As different seed lists can give rise to the same subnetwork, we control for redundancy by constructing a minimal seed list as the starting point for the significance test. The null model is based on random seed lists of the same length as a minimum seed list that generates the subnetwork; in this random seed list the nodes have (approximately) the same degree distribution as the nodes in the minimum seed list. We use this null model to select subnetworks which deviate significantly from random on an appropriate set of statistics and might capture useful information for a real world protein–protein interaction network. Availability and implementation The software used in this paper are available for download at https://sites.google.com/site/elliottande/. The software is written in Python and uses the NetworkX library. Contact ande.elliott@gmail.com or felix.reed-tsochas@sbs.ox.ac.uk Supplementary information Supplementary data are available at Bioinformatics online. PMID:29036452

Modeling Temporal Behavior in Large Networks: A Dynamic Mixed-Membership Model

DOE Office of Scientific and Technical Information (OSTI.GOV)

Rossi, R; Gallagher, B; Neville, J

Given a large time-evolving network, how can we model and characterize the temporal behaviors of individual nodes (and network states)? How can we model the behavioral transition patterns of nodes? We propose a temporal behavior model that captures the 'roles' of nodes in the graph and how they evolve over time. The proposed dynamic behavioral mixed-membership model (DBMM) is scalable, fully automatic (no user-defined parameters), non-parametric/data-driven (no specific functional form or parameterization), interpretable (identifies explainable patterns), and flexible (applicable to dynamic and streaming networks). Moreover, the interpretable behavioral roles are generalizable, computationally efficient, and natively supports attributes. We applied ourmore » model for (a) identifying patterns and trends of nodes and network states based on the temporal behavior, (b) predicting future structural changes, and (c) detecting unusual temporal behavior transitions. We use eight large real-world datasets from different time-evolving settings (dynamic and streaming). In particular, we model the evolving mixed-memberships and the corresponding behavioral transitions of Twitter, Facebook, IP-Traces, Email (University), Internet AS, Enron, Reality, and IMDB. The experiments demonstrate the scalability, flexibility, and effectiveness of our model for identifying interesting patterns, detecting unusual structural transitions, and predicting the future structural changes of the network and individual nodes.« less

DOE Office of Scientific and Technical Information (OSTI.GOV)

Silva, Consuelo Juanita

Recent amendments to the Safe Drinking Water Act emphasize efforts toward safeguarding our nation's water supplies against attack and contamination. Specifically, the Public Health Security and Bioterrorism Preparedness and Response Act of 2002 established requirements for each community water system serving more than 3300 people to conduct an assessment of the vulnerability of its system to a terrorist attack or other intentional acts. Integral to evaluating system vulnerability is the threat assessment, which is the process by which the credibility of a threat is quantified. Unfortunately, full probabilistic assessment is generally not feasible, as there is insufficient experience and/or datamore » to quantify the associated probabilities. For this reason, an alternative approach is proposed based on Markov Latent Effects (MLE) modeling, which provides a framework for quantifying imprecise subjective metrics through possibilistic or fuzzy mathematics. Here, an MLE model for water systems is developed and demonstrated to determine threat assessments for different scenarios identified by the assailant, asset, and means. Scenario assailants include terrorists, insiders, and vandals. Assets include a water treatment plant, water storage tank, node, pipeline, well, and a pump station. Means used in attacks include contamination (onsite chemicals, biological and chemical), explosives and vandalism. Results demonstrated highest threats are vandalism events and least likely events are those performed by a terrorist.« less

Influence of trap distance from a source population and multiple traps on captures and attack densities of the redbay ambrosia beetle (Coleoptera: Curculionidae: Scolytinae)

Treesearch

James L. Hanula; Albert (Bud) Mayfield; Laurie S. Reid; Scott Horn

2016-01-01

The redbay ambrosia beetle, Xyleborus glabratus Eichhoff, is the principal vector of laurel wilt disease in North America. Lures incorporating essential oils of manuka plants (Leptospermum scoparium J. R. Forster & G. Forster) or cubeb seeds (Piper cubeba L.f.) are the most effective in-flight...

On the barn owl's visual pre-attack behavior: I. Structure of head movements and motion patterns.

PubMed

Ohayon, Shay; van der Willigen, Robert F; Wagner, Hermann; Katsman, Igor; Rivlin, Ehud

2006-09-01

Barn owls exhibit a rich repertoire of head movements before taking off for prey capture. These movements occur mainly at light levels that allow for the visual detection of prey. To investigate these movements and their functional relevance, we filmed the pre-attack behavior of barn owls. Off-line image analysis enabled reconstruction of all six degrees of freedom of head movements. Three categories of head movements were observed: fixations, head translations and head rotations. The observed rotations contained a translational component. Head rotations did not follow Listing's law, but could be well described by a second-order surface, which indicated that they are in close agreement with Donder's law. Head translations did not contain any significant rotational components. Translations were further segmented into straight-line and curved paths. Translations along an axis perpendicular to the line of sight were similar to peering movements observed in other animals. We suggest that these basic motion elements (fixations, head rotations, translations along a straight line, and translation along a curved trajectory) may be combined to form longer and more complex behavior. We speculate that these head movements mainly underlie estimation of distance during prey capture.

Metal-organic frameworks for the removal of toxic industrial chemicals and chemical warfare agents.

PubMed

Bobbitt, N Scott; Mendonca, Matthew L; Howarth, Ashlee J; Islamoglu, Timur; Hupp, Joseph T; Farha, Omar K; Snurr, Randall Q

2017-06-06

Owing to the vast diversity of linkers, nodes, and topologies, metal-organic frameworks can be tailored for specific tasks, such as chemical separations or catalysis. Accordingly, these materials have attracted significant interest for capture and/or detoxification of toxic industrial chemicals and chemical warfare agents. In this paper, we review recent experimental and computational work pertaining to the capture of several industrially-relevant toxic chemicals, including NH 3 , SO 2 , NO 2 , H 2 S, and some volatile organic compounds, with particular emphasis on the challenging issue of designing materials that selectively adsorb these chemicals in the presence of water. We also examine recent research on the capture and catalytic degradation of chemical warfare agents such as sarin and sulfur mustard using metal-organic frameworks.

Fast Inbound Top-K Query for Random Walk with Restart.

PubMed

Zhang, Chao; Jiang, Shan; Chen, Yucheng; Sun, Yidan; Han, Jiawei

2015-09-01

Random walk with restart (RWR) is widely recognized as one of the most important node proximity measures for graphs, as it captures the holistic graph structure and is robust to noise in the graph. In this paper, we study a novel query based on the RWR measure, called the inbound top-k (Ink) query. Given a query node q and a number k , the Ink query aims at retrieving k nodes in the graph that have the largest weighted RWR scores to q . Ink queries can be highly useful for various applications such as traffic scheduling, disease treatment, and targeted advertising. Nevertheless, none of the existing RWR computation techniques can accurately and efficiently process the Ink query in large graphs. We propose two algorithms, namely Squeeze and Ripple, both of which can accurately answer the Ink query in a fast and incremental manner. To identify the top- k nodes, Squeeze iteratively performs matrix-vector multiplication and estimates the lower and upper bounds for all the nodes in the graph. Ripple employs a more aggressive strategy by only estimating the RWR scores for the nodes falling in the vicinity of q , the nodes outside the vicinity do not need to be evaluated because their RWR scores are propagated from the boundary of the vicinity and thus upper bounded. Ripple incrementally expands the vicinity until the top- k result set can be obtained. Our extensive experiments on real-life graph data sets show that Ink queries can retrieve interesting results, and the proposed algorithms are orders of magnitude faster than state-of-the-art method.

Distribution of shortest path lengths in a class of node duplication network models

NASA Astrophysics Data System (ADS)

Steinbock, Chanania; Biham, Ofer; Katzav, Eytan

2017-09-01

We present analytical results for the distribution of shortest path lengths (DSPL) in a network growth model which evolves by node duplication (ND). The model captures essential properties of the structure and growth dynamics of social networks, acquaintance networks, and scientific citation networks, where duplication mechanisms play a major role. Starting from an initial seed network, at each time step a random node, referred to as a mother node, is selected for duplication. Its daughter node is added to the network, forming a link to the mother node, and with probability p to each one of its neighbors. The degree distribution of the resulting network turns out to follow a power-law distribution, thus the ND network is a scale-free network. To calculate the DSPL we derive a master equation for the time evolution of the probability Pt(L =ℓ ) , ℓ =1 ,2 ,⋯ , where L is the distance between a pair of nodes and t is the time. Finding an exact analytical solution of the master equation, we obtain a closed form expression for Pt(L =ℓ ) . The mean distance 〈L〉 t and the diameter Δt are found to scale like lnt , namely, the ND network is a small-world network. The variance of the DSPL is also found to scale like lnt . Interestingly, the mean distance and the diameter exhibit properties of a small-world network, rather than the ultrasmall-world network behavior observed in other scale-free networks, in which 〈L〉 t˜lnlnt .

Filtering methods for broadcast authentication against PKC-based denial of service in WSN: a survey

NASA Astrophysics Data System (ADS)

Afianti, Farah; Wirawan, Iwan; Suryani, Titiek

2017-11-01

Broadcast authentication is used to determine legitimate packet from authorized user. The received packet can be forwarded or used for the further purpose. The use of digital signature is one of the compromising methods but it is followed by high complexity especially in the verification process. That phenomenon is used by the adversary to force the user to verify a lot of false packet data. Kind of Denial of Service (DoS) which attacks the main signature can be mitigated by using pre-authentication methods as the first layer to filter false packet data. The objective of the filter is not replacing the main signature but as an addition to actual verification in the sensor node. This paper contributes in comparing the cost of computation, storage, and communication among several filters. The result shows Pre- Authenticator and Dos Attack-Resistant scheme have the lower overhead than the others. Thus followed by needing powerful sender. Moreover, the key chain is promising methods because of efficiency and effectiveness.

Analytical and experimental evaluation of a 3-D hypersonic fixed-geometry, swept, mixed compression inlet

NASA Technical Reports Server (NTRS)

Agnone, Anthony M.

1987-01-01

The performance of a fixed-geometry, swept, mixed compression hypersonic inlet is presented. The experimental evaluation was conducted for a Mach number of 6.0 and for several angles of attack. The measured surface pressures and pitot pressure surveys at the inlet throat are compared to computations using a three-dimensional Euler code and an integral boundary layer theory. Unique features of the intake design, including the boundary layer control, insure a high inlet performance. The experimental data show the inlet has a high mass averaged total pressure recovery, a high mass capture and nearly uniform flow diffusion. The swept inlet exhibits excellent starting characteristics, and high flow stability at angle of attack.

On securing wireless sensor network--novel authentication scheme against DOS attacks.

PubMed

Raja, K Nirmal; Beno, M Marsaline

2014-10-01

Wireless sensor networks are generally deployed for collecting data from various environments. Several applications specific sensor network cryptography algorithms have been proposed in research. However WSN's has many constrictions, including low computation capability, less memory, limited energy resources, vulnerability to physical capture, which enforce unique security challenges needs to make a lot of improvements. This paper presents a novel security mechanism and algorithm for wireless sensor network security and also an application of this algorithm. The proposed scheme is given to strong authentication against Denial of Service Attacks (DOS). The scheme is simulated using network simulator2 (NS2). Then this scheme is analyzed based on the network packet delivery ratio and found that throughput has improved.

Merced

DOE Office of Scientific and Technical Information (OSTI.GOV)

Hedstrom, Gerald; Beck, Bret; Mattoon, Caleb

2016-10-01

Merced performs a multi-dimensional integral tl generate so-called 'transfer matrices' for use in deterministic radiation transport applications. It produces transfer matrices on the user-defind energy grid. The angular dependence of outgoing products is captured in a Legendre expansion, up to a user-specified maximun Legendre order. Merced calculations can use multi-threading for enhanced performance on a single compute node.

Granulomatous inflammation of pulmonary squamous cell carcinoma: a rare phenomenon.

PubMed

Tajima, Shogo; Koda, Kenji

2015-01-01

Some neoplasms are associated with granulomatous inflammation. Granuloma formation in tumor tissue is caused by the cytokines derived from either the main tumor or other cells surrounding the tumor. In other instances, granulomatous inflammation is observed in the lymph nodes draining a tumor. This has been recognized as a sarcoid-like reaction. Herein, we report of a 75-year-old man with pulmonary squamous cell carcinoma (SCC), where granulomatous inflammation was observed extensively at the primary site. The carcinoma seemed to partly regress. In the regressing area, tumor cell debris was surrounded by granuloma. In contrast, no granuloma was identified in the dissected regional lymph nodes. To the best of our knowledge, such a case of SCC had not been described thus far. More case studies are required to determine whether tumor-related granuloma is the main cause of regression or whether it is just a secondary phenomenon caused by the attack and destruction of the tumor by lymphocytes.

A study of the temporal robustness of the growing global container-shipping network

PubMed Central

Wang, Nuo; Wu, Nuan; Dong, Ling-ling; Yan, Hua-kun; Wu, Di

2016-01-01

Whether they thrive as they grow must be determined for all constantly expanding networks. However, few studies have focused on this important network feature or the development of quantitative analytical methods. Given the formation and growth of the global container-shipping network, we proposed the concept of network temporal robustness and quantitative method. As an example, we collected container liner companies’ data at two time points (2004 and 2014) and built a shipping network with ports as nodes and routes as links. We thus obtained a quantitative value of the temporal robustness. The temporal robustness is a significant network property because, for the first time, we can clearly recognize that the shipping network has become more vulnerable to damage over the last decade: When the node failure scale reached 50% of the entire network, the temporal robustness was approximately −0.51% for random errors and −12.63% for intentional attacks. The proposed concept and analytical method described in this paper are significant for other network studies. PMID:27713549

A secured authentication protocol for wireless sensor networks using elliptic curves cryptography.

PubMed

Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

2011-01-01

User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das' protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs.

A novel lost packets recovery scheme based on visual secret sharing

NASA Astrophysics Data System (ADS)

Lu, Kun; Shan, Hong; Li, Zhi; Niu, Zhao

2017-08-01

In this paper, a novel lost packets recovery scheme which encrypts the effective parts of an original packet into two shadow packets based on (2, 2)-threshold XOR-based visual Secret Sharing (VSS) is proposed. The two shadow packets used as watermarks would be embedded into two normal data packets with digital watermarking embedding technology and then sent from one sensor node to another. Each shadow packet would reveal no information of the original packet, which can improve the security of original packet delivery greatly. The two shadow packets which can be extracted from the received two normal data packets delivered from a sensor node can recover the original packet lossless based on XOR-based VSS. The Performance analysis present that the proposed scheme provides essential services as long as possible in the presence of selective forwarding attack. The proposed scheme would not increase the amount of additional traffic, namely, lower energy consumption, which is suitable for Wireless Sensor Network (WSN).

Universal resilience patterns in cascading load model: More capacity is not always better

NASA Astrophysics Data System (ADS)

Wang, Jianwei; Wang, Xue; Cai, Lin; Ni, Chengzhang; Xie, Wei; Xu, Bo

We study the problem of universal resilience patterns in complex networks against cascading failures. We revise the classical betweenness method and overcome its limitation of quantifying the load in cascading model. Considering that the generated load by all nodes should be equal to the transported one by all edges in the whole network, we propose a new method to quantify the load on an edge and construct a simple cascading model. By attacking the edge with the highest load, we show that, if the flow between two nodes is transported along the shortest paths between them, then the resilience of some networks against cascading failures inversely decreases with the enhancement of the capacity of every edge, i.e. the more capacity is not always better. We also observe the abnormal fluctuation of the additional load that exceeds the capacity of each edge. By a simple graph, we analyze the propagation of cascading failures step by step, and give a reasonable explanation of the abnormal fluctuation of cascading dynamics.

A feedback-based secure path approach for wireless sensor network data collection.

PubMed

Mao, Yuxin; Wei, Guiyi

2010-01-01

The unattended nature of wireless sensor networks makes them very vulnerable to malicious attacks. Therefore, how to preserve secure data collection is an important issue to wireless sensor networks. In this paper, we propose a novel approach of secure data collection for wireless sensor networks. We explore secret sharing and multipath routing to achieve secure data collection in wireless sensor network with compromised nodes. We present a novel tracing-feedback mechanism, which makes full use of the routing functionality of wireless sensor networks, to improve the quality of data collection. The major advantage of the approach is that the secure paths are constructed as a by-product of data collection. The process of secure routing causes little overhead to the sensor nodes in the network. Compared with existing works, the algorithms of the proposed approach are easy to implement and execute in resource-constrained wireless sensor networks. According to the result of a simulation experiment, the performance of the approach is better than the recent approaches with a similar purpose.

A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography

PubMed Central

Yeh, Hsiu-Lien; Chen, Tien-Ho; Liu, Pin-Chuan; Kim, Tai-Hoo; Wei, Hsin-Wen

2011-01-01

User authentication is a crucial service in wireless sensor networks (WSNs) that is becoming increasingly common in WSNs because wireless sensor nodes are typically deployed in an unattended environment, leaving them open to possible hostile network attack. Because wireless sensor nodes are limited in computing power, data storage and communication capabilities, any user authentication protocol must be designed to operate efficiently in a resource constrained environment. In this paper, we review several proposed WSN user authentication protocols, with a detailed review of the M.L Das protocol and a cryptanalysis of Das’ protocol that shows several security weaknesses. Furthermore, this paper proposes an ECC-based user authentication protocol that resolves these weaknesses. According to our analysis of security of the ECC-based protocol, it is suitable for applications with higher security requirements. Finally, we present a comparison of security, computation, and communication costs and performances for the proposed protocols. The ECC-based protocol is shown to be suitable for higher security WSNs. PMID:22163874

Wideband, mobile networking technologies

NASA Astrophysics Data System (ADS)

Hyer, Kevin L.; Bowen, Douglas G.; Pulsipher, Dennis C.

2005-05-01

Ubiquitous communications will be the next era in the evolving communications revolution. From the human perspective, access to information will be instantaneous and provide a revolution in services available to both the consumer and the warfighter. Services will be from the mundane - anytime, anywhere access to any movie ever made - to the vital - reliable and immediate access to the analyzed real-time video from the multi-spectral sensors scanning for snipers in the next block. In the former example, the services rely on a fixed infrastructure of networking devices housed in controlled environments and coupled to fixed terrestrial fiber backbones - in the latter, the services are derived from an agile and highly mobile ad-hoc backbone established in a matter of minutes by size, weight, and power-constrained platforms. This network must mitigate significant changes in the transmission media caused by millisecond-scale atmospheric temperature variations, the deployment of smoke, or the drifting of a cloud. It must mitigate against structural obscurations, jet wash, or incapacitation of a node. To maintain vital connectivity, the mobile backbone must be predictive and self-healing on both near-real-time and real-time time scales. The nodes of this network must be reconfigurable to mitigate intentional and environmental jammers, block attackers, and alleviate interoperability concerns caused by changing standards. The nodes must support multi-access of disparate waveform and protocols.

a Low-Power Wireless Sensor Network for Monitoring the Microcrack Initiations in Aerospace Composites

NASA Astrophysics Data System (ADS)

Li, Jian; Plotnikov, Yuri; Lin, Wendy W.

2008-02-01

A low power wireless sensor network was developed to monitor the microcrack events in aerospace composites. The microcracks in the composites mostly result from a stress loading or temperature and/or humidity cycles. Generally, a single microcrack is too small to be detected by conventional techniques such as X-ray or ultrasonic C-scan. The whole developed sensor network is aimed to capture the released acoustic signals by the microcracking events in real time. It comprises of a receiving station as well as a series of sensor nodes. Each sensor node includes two acoustic emission transducers as well as two signal amplification and data acquisition channels. Much of our development effort has been focused on reducing the power consumption of each node and improving the detection reliability for each event. Each sensor node is battery-powered and works in a sleep mode most of time. Once a microcrack is initiated in the composite, the acoustic signal triggers the node and wakes it up. The node will then react in several microseconds and digitize the signal. The digitized data is sent to the station wirelessly. The developed wireless sensor network system has been validated with microscopy of microcracked samples after temperature and humidity cycling and has proved to be an effective tool for microcracking detection. Furthermore, our low power consumption design and sophisticated wireless transmission mechanism enables a system with great potential for field structural health monitoring applications.

A Game Theoretic Approach for Balancing Energy Consumption in Clustered Wireless Sensor Networks

PubMed Central

Lu, Yinzhi; Xiong, Lian; Tao, Yang; Zhong, Yuanchang

2017-01-01

Clustering is an effective topology control method in wireless sensor networks (WSNs), since it can enhance the network lifetime and scalability. To prolong the network lifetime in clustered WSNs, an efficient cluster head (CH) optimization policy is essential to distribute the energy among sensor nodes. Recently, game theory has been introduced to model clustering. Each sensor node is considered as a rational and selfish player which will play a clustering game with an equilibrium strategy. Then it decides whether to act as the CH according to this strategy for a tradeoff between providing required services and energy conservation. However, how to get the equilibrium strategy while maximizing the payoff of sensor nodes has rarely been addressed to date. In this paper, we present a game theoretic approach for balancing energy consumption in clustered WSNs. With our novel payoff function, realistic sensor behaviors can be captured well. The energy heterogeneity of nodes is considered by incorporating a penalty mechanism in the payoff function, so the nodes with more energy will compete for CHs more actively. We have obtained the Nash equilibrium (NE) strategy of the clustering game through convex optimization. Specifically, each sensor node can achieve its own maximal payoff when it makes the decision according to this strategy. Through plenty of simulations, our proposed game theoretic clustering is proved to have a good energy balancing performance and consequently the network lifetime is greatly enhanced. PMID:29149075

Efficient sensor network vehicle classification using peak harmonics of acoustic emissions

NASA Astrophysics Data System (ADS)

William, Peter E.; Hoffman, Michael W.

2008-04-01

An application is proposed for detection and classification of battlefield ground vehicles using the emitted acoustic signal captured at individual sensor nodes of an ad hoc Wireless Sensor Network (WSN). We make use of the harmonic characteristics of the acoustic emissions of battlefield vehicles, in reducing both the computations carried on the sensor node and the transmitted data to the fusion center for reliable and effcient classification of targets. Previous approaches focus on the lower frequency band of the acoustic emissions up to 500Hz; however, we show in the proposed application how effcient discrimination between battlefield vehicles is performed using features extracted from higher frequency bands (50 - 1500Hz). The application shows that selective time domain acoustic features surpass equivalent spectral features. Collaborative signal processing is utilized, such that estimation of certain signal model parameters is carried by the sensor node, in order to reduce the communication between the sensor node and the fusion center, while the remaining model parameters are estimated at the fusion center. The transmitted data from the sensor node to the fusion center ranges from 1 ~ 5% of the sampled acoustic signal at the node. A variety of classification schemes were examined, such as maximum likelihood, vector quantization and artificial neural networks. Evaluation of the proposed application, through processing of an acoustic data set with comparison to previous results, shows that the improvement is not only in the number of computations but also in the detection and false alarm rate as well.

A data fusion approach to indications and warnings of terrorist attacks

NASA Astrophysics Data System (ADS)

McDaniel, David; Schaefer, Gregory

2014-05-01

Indications and Warning (I&W) of terrorist attacks, particularly IED attacks, require detection of networks of agents and patterns of behavior. Social Network Analysis tries to detect a network; activity analysis tries to detect anomalous activities. This work builds on both to detect elements of an activity model of terrorist attack activity - the agents, resources, networks, and behaviors. The activity model is expressed as RDF triples statements where the tuple positions are elements or subsets of a formal ontology for activity models. The advantage of a model is that elements are interdependent and evidence for or against one will influence others so that there is a multiplier effect. The advantage of the formality is that detection could occur hierarchically, that is, at different levels of abstraction. The model matching is expressed as a likelihood ratio between input text and the model triples. The likelihood ratio is designed to be analogous to track correlation likelihood ratios common in JDL fusion level 1. This required development of a semantic distance metric for positive and null hypotheses as well as for complex objects. The metric uses the Web 1Terabype database of one to five gram frequencies for priors. This size requires the use of big data technologies so a Hadoop cluster is used in conjunction with OpenNLP natural language and Mahout clustering software. Distributed data fusion Map Reduce jobs distribute parts of the data fusion problem to the Hadoop nodes. For the purposes of this initial testing, open source models and text inputs of similar complexity to terrorist events were used as surrogates for the intended counter-terrorist application.

LMIP/AAA: Local Authentication, Authorization and Accounting (AAA) Protocol for Mobile IP

NASA Astrophysics Data System (ADS)

Chenait, Manel

Mobile IP represents a simple and scalable global mobility solution. However, it inhibits various vulnerabilities to malicious attacks and, therefore, requires the integration of appropriate security services. In this paper, we discuss two authentication schemes suggested for Mobile IP: standard authentication and Mobile IP/AAA authentication. In order to provide Mobile IP roaming services including identity verication, we propose an improvement to Mobile/AAA authentication scheme by applying a local politic key management in each domain, hence we reduce hando latency by avoiding the involvement of AAA infrastructure during mobile node roaming.

Research on a Denial of Service (DoS) Detection System Based on Global Interdependent Behaviors in a Sensor Network Environment

PubMed Central

Song, Jae-gu; Jung, Sungmo; Kim, Jong Hyun; Seo, Dong Il; Kim, Seoksoo

2010-01-01

This research suggests a Denial of Service (DoS) detection method based on the collection of interdependent behavior data in a sensor network environment. In order to collect the interdependent behavior data, we use a base station to analyze traffic and behaviors among nodes and introduce methods of detecting changes in the environment with precursor symptoms. The study presents a DoS Detection System based on Global Interdependent Behaviors and shows the result of detecting a sensor carrying out DoS attacks through the test-bed. PMID:22163475

Phase synchronization based minimum spanning trees for analysis of financial time series with nonlinear correlations

NASA Astrophysics Data System (ADS)

Radhakrishnan, Srinivasan; Duvvuru, Arjun; Sultornsanee, Sivarit; Kamarthi, Sagar

2016-02-01

The cross correlation coefficient has been widely applied in financial time series analysis, in specific, for understanding chaotic behaviour in terms of stock price and index movements during crisis periods. To better understand time series correlation dynamics, the cross correlation matrices are represented as networks, in which a node stands for an individual time series and a link indicates cross correlation between a pair of nodes. These networks are converted into simpler trees using different schemes. In this context, Minimum Spanning Trees (MST) are the most favoured tree structures because of their ability to preserve all the nodes and thereby retain essential information imbued in the network. Although cross correlations underlying MSTs capture essential information, they do not faithfully capture dynamic behaviour embedded in the time series data of financial systems because cross correlation is a reliable measure only if the relationship between the time series is linear. To address the issue, this work investigates a new measure called phase synchronization (PS) for establishing correlations among different time series which relate to one another, linearly or nonlinearly. In this approach the strength of a link between a pair of time series (nodes) is determined by the level of phase synchronization between them. We compare the performance of phase synchronization based MST with cross correlation based MST along selected network measures across temporal frame that includes economically good and crisis periods. We observe agreement in the directionality of the results across these two methods. They show similar trends, upward or downward, when comparing selected network measures. Though both the methods give similar trends, the phase synchronization based MST is a more reliable representation of the dynamic behaviour of financial systems than the cross correlation based MST because of the former's ability to quantify nonlinear relationships among time series or relations among phase shifted time series.

Performance of 3-Component Nodes in the IRIS Community Wavefield Demonstration Experiment

NASA Astrophysics Data System (ADS)

Sweet, J. R.; Anderson, K. R.; Woodward, R.

2017-12-01

In June 2016, a field crew of 50 students, faculty, industry personnel, and IRIS staff deployed a total of 390 stations as part of a community seismic experiment above an active seismic lineament in north-central Oklahoma. The goals of the experiment were to test new instrumentation and deployment strategies that record the full seismic wavefield, and to advance understanding of earthquake source processes and regional lithospheric structure. The crew deployed 363 3-component, 5Hz Generation 2 Fairfield Z-Land nodes along three seismic lines and in a seven-layer nested gradiometer array. The seismic lines spanned a region 13 km long by 5 km wide. A broadband, 18 station "Golay 3x6" array with an aperture of approximately 5 km was deployed around the gradiometer and seismic lines to collect waveform data from local and regional events. In addition, 9 infrasound stations were deployed in order to capture and identify acoustic events that might be recorded by the seismic array. The variety and geometry of instrumentation deployed was intended to capture the full seismic wavefield generated by the local and regional seismicity beneath the array and the surrounding region. Additional details on the instrumentation and how it was deployed can be found by visiting our website www.iris.edu/wavefields. We present a detailed analysis of noise across the array—including station performance, as well as noise from nearby sources (wind turbines, automobiles, etc.). We report a clear reduction in noise for buried 3-component nodes compared to co-located surface nodes (see Figure). Using the IRIS DMC's ISPAQ client, we present a variety of metrics to evaluate the network's performance. We also present highlights from student projects at the recently-held IRIS advanced data processing short course, which focused on analyzing the wavefield dataset using array processing techniques.

Hunter-Killer Teams: Attacking Enemy Safe Havens

DTIC Science & Technology

2010-01-01

previous practitioners through the venue of lessons learned passed on generationally. U.S. Army operations against the Southwest Indians, the Texas...much had been learned by the Office of Strategic Services (OSS) conducting guerrilla warfare activities. Prior to the Vietnam War, it was the...type formations throughout U.S. history to derive the advantages and disadvantages of their use, to capture key lessons learned about their

Capture of Aerosols by Iodinated Fiber Media

DTIC Science & Technology

2004-09-15

fibrous media if provided with 70-80% relative humidity and atmospheric dust (Maus et al., 2000). Spore -forming bacteria such as Bacillus anthracis are...States. The anthrax spores sent out during these attacks were classified as being highly concentrated and processed to be disseminated and inhaled...media, and produce more undesirable bioaerosols. This phenomenon has been reported in many studies in heating, ventilation, and air conditioning ( HVAC

The Submarine, 1776-1918

DTIC Science & Technology

2004-01-01

destruction of many civilian lives in sunken passenger ships—notably the Cunard liner Lusitania , attacked in May 1915 with a loss of 1,200 lives, 128...former Ger- man passenger liners interned by their owners in American harbors in order to avoid capture by blockading British cruisers. Eventually there...submarines torpedoed merchant ships, including passenger liners , without warning. Then, because they had no way of rescuing those who had survived the

Nanosatellite optical downlink experiment: design, simulation, and prototyping

NASA Astrophysics Data System (ADS)

Clements, Emily; Aniceto, Raichelle; Barnes, Derek; Caplan, David; Clark, James; Portillo, Iñigo del; Haughwout, Christian; Khatsenko, Maxim; Kingsbury, Ryan; Lee, Myron; Morgan, Rachel; Twichell, Jonathan; Riesing, Kathleen; Yoon, Hyosang; Ziegler, Caleb; Cahoy, Kerri

2016-11-01

The nanosatellite optical downlink experiment (NODE) implements a free-space optical communications (lasercom) capability on a CubeSat platform that can support low earth orbit (LEO) to ground downlink rates>10 Mbps. A primary goal of NODE is to leverage commercially available technologies to provide a scalable and cost-effective alternative to radio-frequency-based communications. The NODE transmitter uses a 200-mW 1550-nm master-oscillator power-amplifier design using power-efficient M-ary pulse position modulation. To facilitate pointing the 0.12-deg downlink beam, NODE augments spacecraft body pointing with a microelectromechanical fast steering mirror (FSM) and uses an 850-nm uplink beacon to an onboard CCD camera. The 30-cm aperture ground telescope uses an infrared camera and FSM for tracking to an avalanche photodiode detector-based receiver. Here, we describe our approach to transition prototype transmitter and receiver designs to a full end-to-end CubeSat-scale system. This includes link budget refinement, drive electronics miniaturization, packaging reduction, improvements to pointing and attitude estimation, implementation of modulation, coding, and interleaving, and ground station receiver design. We capture trades and technology development needs and outline plans for integrated system ground testing.

Overlapping Community Detection based on Network Decomposition

NASA Astrophysics Data System (ADS)

Ding, Zhuanlian; Zhang, Xingyi; Sun, Dengdi; Luo, Bin

2016-04-01

Community detection in complex network has become a vital step to understand the structure and dynamics of networks in various fields. However, traditional node clustering and relatively new proposed link clustering methods have inherent drawbacks to discover overlapping communities. Node clustering is inadequate to capture the pervasive overlaps, while link clustering is often criticized due to the high computational cost and ambiguous definition of communities. So, overlapping community detection is still a formidable challenge. In this work, we propose a new overlapping community detection algorithm based on network decomposition, called NDOCD. Specifically, NDOCD iteratively splits the network by removing all links in derived link communities, which are identified by utilizing node clustering technique. The network decomposition contributes to reducing the computation time and noise link elimination conduces to improving the quality of obtained communities. Besides, we employ node clustering technique rather than link similarity measure to discover link communities, thus NDOCD avoids an ambiguous definition of community and becomes less time-consuming. We test our approach on both synthetic and real-world networks. Results demonstrate the superior performance of our approach both in computation time and accuracy compared to state-of-the-art algorithms.

On the feasibility of measuring urban air pollution by wireless distributed sensor networks.

PubMed

Moltchanov, Sharon; Levy, Ilan; Etzion, Yael; Lerner, Uri; Broday, David M; Fishbain, Barak

2015-01-01

Accurate evaluation of air pollution on human-wellbeing requires high-resolution measurements. Standard air quality monitoring stations provide accurate pollution levels but due to their sparse distribution they cannot capture the highly resolved spatial variations within cities. Similarly, dedicated field campaigns can use tens of measurement devices and obtain highly dense spatial coverage but normally deployment has been limited to short periods of no more than few weeks. Nowadays, advances in communication and sensory technologies enable the deployment of dense grids of wireless distributed air monitoring nodes, yet their sensor ability to capture the spatiotemporal pollutant variability at the sub-neighborhood scale has never been thoroughly tested. This study reports ambient measurements of gaseous air pollutants by a network of six wireless multi-sensor miniature nodes that have been deployed in three urban sites, about 150 m apart. We demonstrate the network's capability to capture spatiotemporal concentration variations at an exceptional fine resolution but highlight the need for a frequent in-situ calibration to maintain the consistency of some sensors. Accordingly, a procedure for a field calibration is proposed and shown to improve the system's performance. Overall, our results support the compatibility of wireless distributed sensor networks for measuring urban air pollution at a sub-neighborhood spatial resolution, which suits the requirement for highly spatiotemporal resolved measurements at the breathing-height when assessing exposure to urban air pollution. Copyright © 2014 Elsevier B.V. All rights reserved.

The use of artificial crabs for testing predatory behavior and health in the octopus.

PubMed

Amodio, Piero; Andrews, Paul; Salemme, Marinella; Ponte, Giovanna; Fiorito, Graziano

2014-01-01

The willingness of the cephalopod mollusc Octopus vulgaris to attack a live crab is traditionally used as a method to assess the overall health and welfare of octopuses in the laboratory. This method requires placing a crab in the home tank of an animal, measuring the time (latency) taken for the octopus to initiate an attack and withdrawing the crab immediately prior to capture. The same crab is commonly used to assess multiple octopuses as part of daily welfare assessment. Growing concern for the welfare of crustaceans and a review of all laboratory practices for the care and welfare of cephalopods following the inclusion of this taxon in 2010/63/EU prompted a study of the utility of an artificial crab to replace a live crab in the assessment of octopus health. On consecutive days O. vulgaris (N=21) were presented with a live, a dead or an artificial crab, and the latency to attack measured. Despite differences in the predatory performance towards the three different crab alternatives, octopuses readily attacked the artificial (and the dead) crab, showing that they can generalize and respond appropriately towards artificial prey. Researchers should consider using an artificial crab to replace the use of a live crab as part of the routine health assessment of O. vulgaris.

Walter Reed Army Medical Center's mental health response to the Pentagon attack.

PubMed

Cozza, Stephen J; Huleatt, William J; James, Larry C

2002-09-01

The September 11 terrorist attack on the Pentagon captured the attention and concern of America as well as the world. Given the extent of devastation, and the number of deaths at the Pentagon, it was believed that the uniformed mental health services would serve a pivotal role in the recovery and relief efforts. This article provides a synopsis of the complex and multidisciplinary mental health services provided by Walter Reed Army Medical Center in the wake of the September 11 attack on the Pentagon. This article offers an overview of the functions and roles of mental health team members, describes a constellation of services rendered, and describes how missions differed inside and outside of the Pentagon. Additionally, the authors provide the reader with how services were provided at the Family Assistance Center to family members of those killed during the attack. Liaison with civilian medical, mental health, and relief agencies and facilities will be discussed as well. The mental health response was an intensive and complicated experience and has yielded many lesson learned. To this end, the authors will provide the reader with an understanding of how the lessons learned during this mission may assist mental health commanders and leaders in planning and responding to similar deployments in the future.

Defending Against Advanced Persistent Threats Using Game-Theory

PubMed Central

König, Sandra; Schauer, Stefan

2017-01-01

Advanced persistent threats (APT) combine a variety of different attack forms ranging from social engineering to technical exploits. The diversity and usual stealthiness of APT turns them into a central problem of contemporary practical system security, since information on attacks, the current system status or the attacker’s incentives is often vague, uncertain and in many cases even unavailable. Game theory is a natural approach to model the conflict between the attacker and the defender, and this work investigates a generalized class of matrix games as a risk mitigation tool for an advanced persistent threat (APT) defense. Unlike standard game and decision theory, our model is tailored to capture and handle the full uncertainty that is immanent to APTs, such as disagreement among qualitative expert risk assessments, unknown adversarial incentives and uncertainty about the current system state (in terms of how deeply the attacker may have penetrated into the system’s protective shells already). Practically, game-theoretic APT models can be derived straightforwardly from topological vulnerability analysis, together with risk assessments as they are done in common risk management standards like the ISO 31000 family. Theoretically, these models come with different properties than classical game theoretic models, whose technical solution presented in this work may be of independent interest. PMID:28045922

Fatal attack on black-tufted-ear marmosets (Callithrix penicillata) by a Boa constrictor: a simultaneous assault on two juvenile monkeys.

PubMed

Teixeira, Danilo Simonini; dos Santos, Edmilson; Leal, Silvana Gomes; de Jesus, Andrea Karla; Vargas, Waldemir Paixão; Dutra, Irapuan; Barros, Marilia

2016-01-01

Here we report the first witnessed attack on a marmoset by a constrictor snake. The incident occurred mid-morning in a gallery forest within an altered landscape of the Cerrado region of central Brazil and refers to a fatal attack by a Boa constrictor on two juvenile black-tufted-ear marmosets (Callithrix penicillata) simultaneously. The snake captured both individuals at a height of ~ 4 m while a group of eight marmosets traveled through the subcanopy. The actual strike was not seen. After 2 min, the boa fell to the ground with both marmosets in its coils and proceeded to kill one animal at a time through constriction. Two adult marmosets immediately descended to where the snake held its victims on the ground and attacked it. The snake showed no apparent reaction, and after ~ 1-2 min, the adults rejoined the remaining group members that were mobbing and vocalizing from 5 to 6 m above. The group left the scene ~ 7 min after the onset of the attack and was not seen again. The snake loosened its coils 10 min after its initial strike, left the two carcasses on the ground and stayed behind a nearby tree. Thus, we are not sure if the victims were in fact ingested. This report confirms that marmosets are vulnerable to boid snakes and capable of highly organized and cooperative antipredation behavior. It also suggests that snakes pose a greater threat to callitrichids than previously thought.

Mining IP to Domain Name Interactions to Detect DNS Flood Attacks on Recursive DNS Servers.

PubMed

Alonso, Roberto; Monroy, Raúl; Trejo, Luis A

2016-08-17

The Domain Name System (DNS) is a critical infrastructure of any network, and, not surprisingly a common target of cybercrime. There are numerous works that analyse higher level DNS traffic to detect anomalies in the DNS or any other network service. By contrast, few efforts have been made to study and protect the recursive DNS level. In this paper, we introduce a novel abstraction of the recursive DNS traffic to detect a flooding attack, a kind of Distributed Denial of Service (DDoS). The crux of our abstraction lies on a simple observation: Recursive DNS queries, from IP addresses to domain names, form social groups; hence, a DDoS attack should result in drastic changes on DNS social structure. We have built an anomaly-based detection mechanism, which, given a time window of DNS usage, makes use of features that attempt to capture the DNS social structure, including a heuristic that estimates group composition. Our detection mechanism has been successfully validated (in a simulated and controlled setting) and with it the suitability of our abstraction to detect flooding attacks. To the best of our knowledge, this is the first time that work is successful in using this abstraction to detect these kinds of attacks at the recursive level. Before concluding the paper, we motivate further research directions considering this new abstraction, so we have designed and tested two additional experiments which exhibit promising results to detect other types of anomalies in recursive DNS servers.