Search Results (55)

In this paper, we propose a Proof-of-Location (PoL)-based location verification scheme for mitigating Sybil attacks in vehicular ad hoc networks (VANETs). For this purpose, we employ smart contracts for storing the location information of the vehicles. This smart contract is maintained by Road Side Units (RSUs) and acts as a ground truth for verifying the position information of the neighboring vehicles. To avoid the storage of fake location information inside the smart contract, vehicles need to solve unique computational puzzles generated by the neighboring RSUs in a limited time frame whenever they need to report their location information. Assuming a vehicle has a single Central Processing Unit (CPU) and parallel processing is not allowed, it can solve a single computational puzzle in a given time period. With this approach, the vehicles with multiple fake identities are prevented from solving multiple puzzles at a time. In this way, we can mitigate a Sybil attack and avoid the storage of fake location information in a smart contract table. Furthermore, the RSUs maintain a dedicated blockchain for storing the location information of neighboring vehicles. They take part in mining for the purpose of storing the smart contract table in the blockchain. This scheme guarantees the privacy of the vehicles, which is achieved with the help of a PoL privacy preservation mechanism. The verifier can verify the locations of the vehicles without revealing their privacy. Experimental results show that the proposed mechanism is effective in mitigating Sybil attacks in VANET. According to the experiment results, our proposed scheme provides a lower fake location registration probability, i.e., lower than 10%, compared to other existing approaches. Full article

This study contributes to the Sybil node-detecting algorithm in online social networks (OSNs). As major communication platforms, online social networks are significantly guarded from malicious activity. A thorough literature review identified various detection and prevention Sybil attack algorithms. An additional exploration of distinct reputation systems and their practical applications led to this study’s discovery of machine learning algorithms, i.e., the KNN, support vector machine, and random forest algorithms, as part of our SybilSocNet. This study details the data-cleansing process for the employed dataset for optimizing the computational demands required to train machine learning algorithms, achieved through dataset partitioning. Such a process led to an explanation and analysis of our conducted experiments and comparing their results. The experiments demonstrated the algorithm’s ability to detect Sybil nodes in OSNs (99.9% accuracy in SVM, 99.6% in random forest, and 97% in KNN algorithms), and we propose future research opportunities. Full article

The advent of the Fourth Industrial Revolution has positioned the Internet of Things as a pivotal force in intelligent vehicles. With the source of vehicle-to-everything (V2X), Internet of Things (IoT) networks, and inter-vehicle communication, intelligent connected vehicles are at the forefront of this transformation, leading to complex vehicular networks that are crucial yet susceptible to cyber threats. The complexity and openness of these networks expose them to a plethora of cyber-attacks, from passive eavesdropping to active disruptions like Denial of Service and Sybil attacks. These not only compromise the safety and efficiency of vehicular networks but also pose a significant risk to the stability and resilience of the Internet of Vehicles. Addressing these vulnerabilities, this paper proposes a Dynamic Forest-Structured Ensemble Network (DFSENet) specifically tailored for the Internet of Vehicles (IoV). By leveraging data-balancing techniques and dimensionality reduction, the DFSENet model is designed to detect a wide range of cyber threats effectively. The proposed model demonstrates high efficacy, with an accuracy of 99.2% on the CICIDS dataset and 98% on the car-hacking dataset. The precision, recall, and f-measure metrics stand at 95.6%, 98.8%, and 96.9%, respectively, establishing the DFSENet model as a robust solution for securing the IoV against cyber-attacks. Full article

Blockchain technology has impacted various sectors and is transforming them through its decentralized, immutable, transparent, smart contracts (automatically executing digital agreements) and traceable attributes. Due to the adoption of blockchain technology in versatile applications, millions of transactions take place globally. These transactions are no exception to adversarial attacks which include data tampering, double spending, data corruption, Sybil attacks, eclipse attacks, DDoS attacks, P2P network partitioning, delay attacks, selfish mining, bribery, fake transactions, fake wallets or phishing, false advertising, malicious smart contracts, and initial coin offering scams. These adversarial attacks result in operational, financial, and reputational losses. Although numerous studies have proposed different blockchain anomaly detection mechanisms, challenges persist. These include detecting anomalies in just a single layer instead of multiple layers, targeting a single anomaly instead of multiple, not encountering adversarial machine learning attacks (for example, poisoning, evasion, and model extraction attacks), and inadequate handling of complex transactional data. The proposed AHEAD model solves the above problems by providing the following: (i) data aggregation transformation to detect transactional and user anomalies at the data and network layers of the blockchain, respectively, (ii) a Three-Layer Hierarchical Ensemble Learning Model (HELM) incorporating stratified random sampling to add resilience against adversarial attacks, and (iii) an advanced preprocessing technique with hybrid feature selection to handle complex transactional data. The performance analysis of the proposed AHEAD model shows that it achieves higher anti-adversarial resistance and detects multiple anomalies at the data and network layers. A comparison of the proposed AHEAD model with other state-of-the-art models shows that it achieves 98.85% accuracy against anomaly detection on data and network layers targeting transaction and user anomalies, along with 95.97% accuracy against adversarial machine learning attacks, which surpassed other models. Full article

In the evolving landscape of the Internet of Things (IoT), ensuring the security and integrity of data transmission remains a paramount challenge. Routing Protocol for Low-Power and Lossy Networks (RPL) is commonly utilized in IoT networks to facilitate efficient data routing. However, RPL networks are susceptible to various security threats, with Sybil and flood attacks being particularly detrimental. Sybil attacks involve malicious nodes generating multiple fake identities to disrupt network operations, while flood attacks overwhelm network resources by inundating them with excessive traffic. This paper proposes a novel mitigation strategy leveraging Bloom filters and hash chains to enhance the security of RPL-based IoT networks against sybil and flood attacks. Extensive simulation and performance analysis demonstrate that this solution significantly reduces the impact of sybil and flood attacks while maintaining a low power consumption profile and low computational overhead. Full article

Decentralized Identifiers have recently expanded into Internet of Things devices and are crucial in securing users’ digital identities and data. However, Decentralized Identifiers face challenges in scenarios necessitating authority delegation and anonymity, such as when dealing with legal guardianship for minors, device loss or damage, and specific medical contexts involving patient information. This paper aims to strengthen data sovereignty within the Decentralized Identifier system by implementing a secure authority delegation and anonymity scheme. It suggests optimizing verifiable presentations by utilizing a sequential aggregate signature, a Non-Interactive Zero-Knowledge Proof, and a Merkle tree to prevent against linkage and Sybil attacks while facilitating delegation. This strategy mitigates security risks related to delegation and anonymity, efficiently reduces the computational and verification efforts for signatures, and reduces the size of verifiable presentations by about 1.2 to 2 times. Full article

Connected Automobile Vehicles (CAVs) enable cooperative driving and traffic management by sharing traffic information between them and other vehicles and infrastructures. However, malicious vehicles create Sybil vehicles by forging multiple identities and sharing false location information with CAVs, misleading their decisions and behaviors. The existing work on defending against Sybil attacks has almost exclusively focused on detecting Sybil vehicles, ignoring the traceability of malicious vehicles. As a result, they cannot fundamentally alleviate Sybil attacks. In this work, we focus on tracking the attack source of malicious vehicles by using a novel detection mechanism that relies on vehicle broadcast beacon packets. Firstly, the roadside units (RSUs) randomly instruct vehicles to perform customized key broadcasting and listening within communication range. This allows the vehicle to prove its physical presence by broadcasting. Then, RSU analyzes the beacon packets listened to by the vehicle and constructs a neighbor graph between the vehicles based on the customized particular fields in the beacon packets. Finally, the vehicle’s credibility is determined by calculating the edge success probability of vehicles in the neighbor graph, ultimately achieving the detection of Sybil vehicles and tracing malicious vehicles. The experimental results demonstrate that our scheme achieves the real-time detection and tracking of Sybil vehicles, with precision and recall rates of 98.53% and 95.93%, respectively, solving the challenge of existing detection schemes failing to combat Sybil attacks from the root. Full article

Existing secure data aggregation protocols are weaker to eliminate data redundancy and protect wireless sensor networks (WSNs). Only some existing approaches have solved this singular issue when aggregating data. However, there is a need for a multi-featured protocol to handle the multiple problems of data aggregation, such as energy efficiency, authentication, authorization, and maintaining the security of the network. Looking at the significant demand for multi-featured data aggregation protocol, we propose secure data aggregation using authentication and authorization (SDAAA) protocol to detect malicious attacks, particularly cyberattacks such as sybil and sinkhole, to extend network performance. These attacks are more complex to address through existing cryptographic protocols. The proposed SDAAA protocol comprises a node authorization algorithm that permits legitimate nodes to communicate within the network. This SDAAA protocol’s methods help improve the quality of service (QoS) parameters. Furthermore, we introduce a mathematical model to improve accuracy, energy efficiency, data freshness, authorization, and authentication. Finally, our protocol is tested in an intelligent healthcare WSN patient-monitoring application scenario and verified using an OMNET++ simulator. Based upon the results, we confirm that our proposed SDAAA protocol attains a throughput of 444 kbs, representing a 98% of data/network channel capacity rate; an energy consumption of 2.6 joules, representing 99% network energy efficiency; an effected network of 2.45, representing 99.5% achieved overall performance of the network; and time complexity of 0.08 s, representing 98.5% efficiency of the proposed SDAAA approach. By contrast, contending protocols such as SD, EEHA, HAS, IIF, and RHC have throughput ranges between 415–443, representing 85–90% of the data rate/channel capacity of the network; energy consumption in the range of 3.0–3.6 joules, representing 88–95% energy efficiency of the network; effected network range of 2.98, representing 72–89% improved overall performance of the network; and time complexity in the range of 0.20 s, representing 72–89% efficiency of the proposed SDAAA approach. Therefore, our proposed SDAAA protocol outperforms other known approaches, such as SD, EEHA, HAS, IIF, and RHC, designed for secure data aggregation in a similar environment. Full article

Internet of Things (IoT) devices within smart cities, require innovative detection methods. This paper addresses this critical challenge by introducing a deep learning-based approach for the detection of network traffic attacks in IoT ecosystems. Leveraging the Kaggle dataset, our model integrates Convolutional Neural Networks (CNNs) and Gated Recurrent Units (GRUs) to capture both spatial and sequential features in network traffic data. We trained and evaluated our model over ten epochs, achieving an impressive overall accuracy rate of 99%. The classification report reveals the model’s proficiency in distinguishing various attack categories, including ‘Normal’, ‘DoS’ (Denial of Service), ‘Probe’, ‘U2R’ (User to Root), and ‘Sybil’. Additionally, the confusion matrix offers valuable insights into the model’s performance across these attack types. In terms of overall accuracy, our model achieves an impressive accuracy rate of 99% across all attack categories. The weighted- average F1-score is also 99%, showcasing the model’s robust performance in classifying network traffic attacks in IoT devices for smart cities. This advanced architecture exhibits the potential to fortify IoT device security in the complex landscape of smart cities, effectively contributing to the safeguarding of critical infrastructure Full article

With the advent of smart cities, the significance of the Internet of Things (IoT) is gaining greater prominence. At the same time, the safety early warning system in the IoT has a significant impact on real-time monitoring and the response to potential risks. Despite the advancements made in edge-assisted IoT deployments, several challenges and constraints persist. Given the potential threat to life posed by safety-related messages, ensuring the authenticity of messages in the edge-assisted IoT safety warning system is crucial. However, considering the identity privacy of devices participating in the edge-assisted Internet of Things system, directly verifying the identity of the sending device is undesirable. To address this issue, in this work, we design a linkable group signature scheme that allows devices to anonymously send safety-related messages to edge nodes, defending against Sybil attacks while ensuring the traceability of malicious device identities. Then, we present a high-efficiency conditional privacy-preserving authentication (CPPA) scheme based on the designed group signatures for the safety warning system in edge-assisted IoT. This scheme effectively protects device identity privacy while providing a reliable authentication mechanism to ensure the credibility and traceability of alert messages. The proposed scheme contributes to the field of safety warning systems in the context of edge-assisted IoT, providing a robust solution for privacy preservation and authentication. Full article

Security is an important factor that cannot be neglected in the design of time synchronization algorithms since industrial wireless sensor networks are prone to attacks against physical nodes and communication links. The Sybil attack is an intelligent attack with a high destructive capacity in pretending multiple identities and broadcasting illegitimate messages to destroy the network operation. Existing secure time synchronization algorithms mostly focus on distributed protocols; however, they pay less attention to Sybil attacks and centralized network time synchronization. In this paper, we propose a novel reference broadcast-based secure time synchronization (RSTS) for industrial wireless sensor networks with a time source against Sybil attacks. Different from previous protocols, in converging the network structure and the clock status, RSTS employs a public neighbor forwarding mechanism based on reference broadcast to filter the illegal time information automatically. Instead of establishing a table with timestamps of packet transmission and receipt, the least square linear regression is utilized to estimate the compensation relative to the source node with the recorded time and calculated time difference in receiving packets. The simulation results demonstrate that RSTS is resilient to Sybil attacks as well as message manipulation attacks in comparison with existing algorithms. Full article

Blockchain establishes security and trust in mobile ad hoc networks (MANETs). Due to the decentralized and opportunistic communication characteristics of MANETs, hashgraph consensus is more applicable to the MANET-based blockchain. Sharding scales the consensus further through disjoint nodes in multiple shards simultaneously updating ledgers. However, the dynamic addition and deletion of nodes in a shard pose challenges regarding robustness and efficiency. Particularly, the shard is vulnerable to Sybil attacks and targeted attacks, and dishonest gossip reduces the efficiency of hashgraph consensus. Therefore, we proposed a behavior-based sharding hashgraph scheme. First, dishonest behaviors of nodes are recorded in a decentralized blacklist. Gossip information is sent to a reliable neighbor, and gossip information from another reliable neighbor is received. Second, a tree-assisted inter-sharding consensus is proposed to prevent Sybil attacks. The combination of shard recovery and reconfiguration based on node state is devised to prevent targeted attacks. Finally, we conducted the performance evaluation including security analysis and experimental evaluation to reveal the security and efficiency of the proposed scheme. Full article

Location information of sensor nodes in a wireless sensor network is important. The sensor nodes are usually required to ascertain their positions so that the data collected by these nodes can be labeled with this information. On the other hand, certain attacks on wireless sensor networks lead to the incorrect estimation of sensor node positions. In such situations, when the location information is not correct, the data may be labeled with wrong location information that may subvert the desired operation of the wireless sensor network. In this work, we formulate and propose a distance vector hop-based algorithm to provide secure and robust localization in the presence of malicious sensor nodes that result in incorrect position estimation and jeopardize the wireless sensor network operation. The algorithm uses cryptography to ensure secure and robust operation in the presence of adversaries in the sensor network. As a result of the countermeasures, the attacks are neutralized and the sensor nodes are able to estimate their positions as desired. Our secure localization algorithm provides a defense against various types of security attacks, such as selective forwarding, wormhole, Sybil, tampering, and traffic replay, compared with other algorithms which provide security against only one or two types. Simulation experiments are performed to evaluate the performance of the proposed method, and the results indicate that our secure localization algorithm achieves the design objectives successfully. Performance of the proposed method is also compared with the performance of basic distance vector hop algorithm and two secure algorithms based on distance vector hop localization. The results reveal that our proposed secure localization algorithm outperforms the compared algorithms in the presence of multiple attacks by malicious nodes. Full article

The increasing attacks on traffic signals worldwide indicate the importance of intrusion detection. The existing traffic signal Intrusion Detection Systems (IDSs) that rely on inputs from connected vehicles and image analysis techniques can only detect intrusions created by spoofed vehicles. However, these approaches fail to detect intrusion from attacks on in-road sensors, traffic controllers, and signals. In this paper, we proposed an IDS based on detecting anomalies associated with flow rate, phase time, and vehicle speed, which is a significant extension of our previous work using additional traffic parameters and statistical tools. We theoretically modelled our system using the Dempster–Shafer decision theory, considering the instantaneous observations of traffic parameters and their relevant historical normal traffic data. We also used Shannon’s entropy to determine the uncertainty associated with the observations. To validate our work, we developed a simulation model based on the traffic simulator called SUMO using many real scenarios and the data recorded by the Victorian Transportation Authority, Australia. The scenarios for abnormal traffic conditions were generated considering attacks such as jamming, Sybil, and false data injection attacks. The results show that the overall detection accuracy of our proposed system is 79.3% with fewer false alarms. Full article

Numerous sensitive applications, such as healthcare and medical services, need reliable transmission as a prerequisite for the success of the new age of communications technology. Unfortunately, these systems are highly vulnerable to attacks like Sybil, where many false nodes are created and spread with deceitful intentions. Therefore, these false nodes must be instantly identified and isolated from the network due to security concerns and the sensitivity of data utilized in healthcare applications. Especially for life-threatening diseases like COVID-19, it is crucial to have devices connected to the Internet of Medical Things (IoMT) that can be believed to respond with high reliability and accuracy. Thus, trust-based security offers a safe environment for IoMT applications. This study proposes a blockchain-based fuzzy trust management framework (BFT-IoMT) to detect and isolate Sybil nodes in IoMT networks. The results demonstrate that the proposed BFT-IoMT framework is 25.43% and 12.64%, 12.54% and 6.65%, 37.85% and 19.08%, 17.40% and 8.72%, and 13.04% and 5.05% more efficient and effective in terms of energy consumption, attack detection, trust computation reliability, packet delivery ratio, and throughput, respectively, as compared to the other state-of-the-art frameworks available in the literature. Full article