Tweet Segmentation and Its Application to Named Entity Recognition

Tweet Segmentation and Its Application to Named Entity Recognition

ABSTRACT:

Twitter has attracted millions of users to share and disseminate most up-to-date information, resulting in large volumes of data produced everyday. However, many applications in Information Retrieval (IR) and Natural Language Processing (NLP) suffer severely from the noisy and short nature of tweets. In this paper, we propose a novel framework for tweet segmentation in a batch mode, called HybridSeg. By splitting tweets into meaningful segments, the semantic or context information is well preserved and easily extracted by the downstream applications. HybridSeg finds the optimal segmentation of a tweet by maximizing the sum of the stickiness scores of its candidate segments. The stickiness score considers the probability of a segment being a phrase in English (i.e., global context) and the probability of a segment being a phrase within the batch of tweets (i.e., local context). For the latter, we propose and evaluate two models to derive local context by considering the linguistic features and term-dependency in a batch of tweets, respectively. HybridSeg is also designed to iteratively learn from confident segments as pseudo feedback. Experiments on two tweet data sets show that tweet segmentation quality is significantly improved by learning both global and local contexts compared with using global context alone. Through analysis and comparison, we show that local linguistic features are more reliable for learning local context compared with term-dependency. As an application, we show that high accuracy is achieved in named entity recognition by applying segment-based part-of-speech (POS) tagging.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Many existing NLP techniques heavily rely on linguistic features, such as POS tags of the surrounding words, word capitalization, trigger words (e.g., Mr., Dr.), and gazetteers. These linguistic features, together with effective supervised learning algorithms (e.g., hidden markov model (HMM) and conditional random field (CRF)), achieve very good performance on formal text corpus. However, these techniques experience severe performance deterioration on tweets because of the noisy and short nature of the latter.
  • In Existing System, to improve POS tagging on tweets, Ritter et al. train a POS tagger by using CRF model with conventional and tweet-specific features. Brown clustering is applied in their work to deal with the ill-formed words.

DISADVANTAGES OF EXISTING SYSTEM:

  • Given the limited length of a tweet (i.e., 140 characters) and no restrictions on its writing styles, tweets often contain grammatical errors, misspellings, and informal abbreviations.
  • The error-prone and short nature of tweets often make the word-level language models for tweets less reliable.

PROPOSED SYSTEM:

  • In this paper, we focus on the task of tweet segmentation. The goal of this task is to split a tweet into a sequence of consecutive n-grams, each of which is called a segment. A segment can be a named entity (e.g., a movie title “finding nemo”), a semantically meaningful information unit (e.g., “officially released”), or any other types of phrases which appear “more than by chance”
  • To achieve high quality tweet segmentation, we propose a generic tweet segmentation framework, named HybridSeg. HybridSeg learns from both global and local contexts, and has the ability of learning from pseudo feedback.
  • Global context. Tweets are posted for information sharing and communication. The named entities and semantic phrases are well preserved in tweets.
  • Local context. Tweets are highly time-sensitive so that many emerging phrases like “She Dancin” cannot be found in external knowledge bases. However, considering a large number of tweets published within a short time period (e.g., a day) containing the phrase, it is not difficult to recognize “She Dancin” as a valid and meaningful segment. We therefore investigate two local contexts, namely local linguistic features and local collocation.

ADVANTAGES OF PROPOSED SYSTEM:

  • Our work is also related to entity linking (EL). EL is to identify the mention of a named entity and link it to an entry in a knowledge base like Wikipedia.
  • Through our framework, we demonstrate that local linguistic features are more reliable than term-dependency in guiding the segmentation process. This finding opens opportunities for tools developed for formal text to be applied to tweets which are believed to be much more noisy than formal text.
  • Helps in preserving Semantic meaning of tweets.

ALGORITHM EXPLANATION:

  • As an application of tweet segmentation, we propose and evaluate two segment-based NER algorithms. Both algorithms are unsupervised in nature and take tweet segments as input.
  • One algorithm exploits co-occurrence of named entities in targeted Twitter streams by applying random walk (RW) with the assumption that named entities are more likely to co-occur together.
  • The other algorithm utilizes Part-of-Speech (POS) tags of the constituent words in segments.

SYSTEM ARCHITECTURE:

MODULES:

  • Admin
  • Search History
  • Request & Response
  • Tweet segmentation Topic Messages
  • User
  • Search Users
  • Messages
  • Followers

MODULES DESCSRIPTION:

Admin

In this module, the Admin has to login by using valid user name and password. After login successful he can do some operations such as search history, view users, request & response, all topic messages and topics.

Search History

This is controlled by admin; the admin can view the search history details. If he clicks on search history button, it will show the list of searched user details with their tags such as user name, searched user, time and date.

Request & Response

In this module, the admin can view the all the friend request and response. Here all the request and response will be stored with their tags such as Id, requested user photo, requested user name, user name request to, status and time & date. If the user accepts the request then status is accepted or else the status is waiting.

Tweet segmentation Topic Messages

In this module, the admin can view the messages such as emerging topic messages and Anomaly emerging topic messages. Tweet segmentation topic messages means we can send a message to particular user

User

In this module, there are n numbers of users are present. User should register before doing some operations. And register user details are stored in user module.  After registration successful he has to login by using authorized user name and password. Login successful he will do some operations like view or search users, send friend request, view messages, send messages, Tweet segmentation  messages and followers.

Search Users

The user can search the users based on users and the server will give response to the user like User name, user image, E mail id, phone number and date of birth. If you want send friend request to particular receiver then click on follow, then request will send to the user.

Messages

User can view the messages, send messages and send anomaly messages to users. User can send messages based on topic to the particular user, after sending a message that topic rank will be increased. Then again another user will also re- tweet the particular topic then that topic rank will increases. The anomaly message means user wants send a message to all users.

Followers

In this module, we can view the followers’ details with their tags such as user name, user image, date of birth, E mail ID, phone number and ranks.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : – Windows XP/7.
  • Coding Language : NET, C#.NET
  • Data Base :  MS SQL SERVER 2005

REFERENCE:

Chenliang Li, Aixin Sun, Jianshu Weng, and Qi He, “Tweet Segmentation and Its Application to Named Entity Recognition”, IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 27, NO. 2, FEBRUARY 2015.

Secure and Reliable Routing Protocols for Heterogeneous Multihop Wireless Networks

Secure and Reliable Routing Protocols for Heterogeneous Multihop Wireless Networks

ABSTRACT:

In this paper, we propose E-STAR for establishing stable and reliable routes in heterogeneous multihop wireless networks. E-STAR combines payment and trust systems with a trust-based and energy-aware routing protocol. The payment system rewards the nodes that relay others’ packets and charges those that send packets. The trust system evaluates the nodes’ competence and reliability in relaying packets in terms of multi-dimensional trust values. The trust values are attached to the nodes’ public-key certificates to be used in making routing decisions. We develop two routing protocols to direct traffic through those highly-trusted nodes having sufficient energy to minimize the probability of breaking the route. By this way, E-STAR can stimulate the nodes not only to relay packets, but also to maintain route stability and report correct battery energy capability. This is because any loss of trust will result in loss of future earnings. Moreover, for the efficient implementation of the trust system, the trust values are computed by processing the payment receipts. Analytical results demonstrate that E-STAR can secure the payment and trust calculation without false accusations. Simulation results demonstrate that our routing protocols can improve the packet delivery ratio and route stability.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

Reputation-based schemes attempt to identify the malicious nodes that drop packets with a rate more than a pre-defined threshold in order to avoid them in routing. When a node A sends a packet to the next node in the route (B) to relay to C, A has to overhear the channel to check whether B forwards the packet. If A does not overhear the packet transmission, it assumes that B has dropped the packet. Each node measures the frequency by which the other nodes drop packets in terms of reputation values. A increases the reputation value of  B when it observes a packet transmission; otherwise, decreases the reputation value of B. Once the reputation value degrades to a threshold, A identifies B as malicious.

DISADVANTAGES OF EXISTING SYSTEM:

  • It Identifies only the Malicious Nodes
  • Most of the existing trust systems in multihop wireless networks compute a single trust value for each node. However, a single measure may not be expressive enough to adequately depict a node’s trustworthiness and competence.

PROPOSED SYSTEM:

In this paper, we propose E-STAR, a secure protocol for Establishing STAble and reliable Routes in HMWNs. E-STAR integrates trust and payment systems with a trust-based and energy aware routing protocol. The payment system uses credits (or micropayment) to charge the nodes that send packets and reward those relaying packets. Since a trusted party may not be involved in the communication sessions, an offline trusted party (TP) is required to manage the nodes’ credit accounts. The nodes compose proofs of relaying packets, called receipts, and submit them to TP. The payment system can stimulate the selfish nodes to relay others’ packets to earn credits. It can also enforce fairness by rewarding the nodes that relay more packets such as those at the network center. However, the payment system is not sufficient to ensure route stability. It can stimulate the rational nodes to not break routes to earn credits, but the routes can be broken due to other reasons.

ADVANTAGES OF PROPOSED SYSTEM:

  • It includes low resources, node failure, and malicious attacks.
  • Our Proposed trust system that maintains multi-dimensional trust values for each node to evaluate the node’s behavior from different perspectives.
  • ESTAR aims to identify the good nodes and select them in routing.

MODULES:

1) Network Model

2) Data transmission

3) Update Credit Account and Trust Values Phase

4) Route Establishment Phase

MODULES DESCRIPTION:

Network Model :

The considered HMWN has mobile nodes and offline trusted party (TP) whose public key is known to all the nodes. The mobile nodes have different hardware and energy capabilities. The network is used for civilian applications, its lifetime is long, and the nodes have long relation with the network. Thus, with every interaction, there is always an expectation of future reaction. Each node has a unique identity and public/private key pair with a limited-time certificate issued by TP. Without a valid certificate, the node cannot communicate nor act as an intermediate node. TP maintains the nodes’ credit accounts and trust values. Each node contacts TP to submit the payment receipts and TP updates the involved nodes’ payment accounts and trust values. This contact can occur via cellular networks or Internet.

 Data transmission:

Let the source node S send messages to the destination node D through a route with the intermediate nodes X, Y, and Z. The route is established by the routing protocols. For the ith data packet, S computes the signature S(i) = {H(H(mi), ts, R, i)}KS+ and sends the packet <R, ts, i, mi, S(i)> to the first node in the route. R, ts, and mi are the concatenation of the identities of the nodes in the route (R = IDS, IDX, IDY, IDZ, IDD), the route establishment time stamp, and the ith message, respectively. H(d) is the hash value resulted from hashing the data d using the hash function H(). {d}KS+ is the signature of d with the private key of S. The purpose of the source node’s signature is to ensure the message’s authenticity and integrity and secure the payment by enabling TP to ensure that S has sent i messages. Each intermediate node verifies S(i) and stores S(i) and H(mi) for composing the receipt. It also removes the previous ones (S(i-1) and H(mi-1)) because S(i) is enough to prove transmitting i messages. Signing H(mi) instead of mi can reduce the receipt size because the smaller-size H(mi) is attached to the receipt instead of mi.

Update Credit Account and Trust Values Phase:

Once TP receives a receipt, it first checks if the receipt has been processed before using its unique identifier (R, ts). Then, it verifies the credibility of the receipt by computing the nodes’ signatures (S(i) and Auth_Code) and hashing them. The receipt is valid if the resultant hash value is identical to the receipt’s cryptographic token. TP verifies the destination node’s hash chain by making sure that hashing hi i times produces h0. TP clears the receipt by rewarding the intermediate nodes and debiting the source and destination nodes. The number of sent messages (i) is signed by the source node and the number of delivered messages can be computed from the number of hashing operations to obtain h0 from hi.

Route Establishment Phase:

In this section, we present two routing protocols called the Shortest Reliable Route (SRR) and the Best Available Route (BAR). SRR establishes the shortest route that can satisfy the source node’s trust, energy, and route-length requirements, but the destination node selects the best route in the BAR protocol. The routing protocols have three processes: i) Route Request Packet (RREQ) delivery; ii) Route selection; and iii) Route Reply Packet (RREP) delivery.

The SRR Routing Protocol

To establish a route to the destination node D, the source node S broadcasts RREQ packet and waits for RREP packet. The source node embeds its requirements in the RREQ packet, and the nodes that can satisfy these requirements broadcast the packet. The destination node establishes the shortest route that can satisfy the source node’s requirements. The rationale of the SRR protocol is that the node that satisfies the source node’s requirements is trusted enough to act as a relay. The protocol is useful to establish a route that avoids the low-trusted nodes.

The BAR Routing Protocol

BAR allows each node to broadcast the RREQ more than once if the route reliability or lifetime of the recently received packet is greater than the last broadcasted packet. The route lifetime is the minimum number of packets the intermediate nodes commit to relay, e.g., if the commitments of  the intermediate nodes are Er(X) = 10, Er(Y) = 8, and Er(Z) = 17, the route lifetime is 8 packets.

SYSTEM ARCHITECTURE:

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System : Pentium IV 2.4 GHz.
  • Hard Disk     : 40 GB.
  • Floppy Drive : 1.44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse : Logitech.
  • Ram : 512 Mb. 

SOFTWARE REQUIREMENTS: 

  • Operating system : – Windows XP.
  • Coding Language : C#.NET
  • Data Base :  MS SQL SERVER 2005

REFERENCE:

Mohamed M. E. A. Mahmoud, Xiaodong Lin, and Xuemin (Sherman) Shen, Fellow, IEEE, “Secure and Reliable Routing Protocols for Heterogeneous Multihop Wireless Networks”, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS 2015.

Real-Time Detection of Traffic From Twitter Stream Analysis

Real-Time Detection of Traffic From Twitter Stream Analysis

ABSTRACT:

Social networks have been recently employed as a source of information for event detection, with particular reference to road traffic congestion and car accidents. In this paper, we present a real-time monitoring system for traffic event detection from Twitter stream analysis. The system fetches tweets from Twitter according to several search criteria; processes tweets, by applying text mining techniques; and finally performs the classification of tweets. The aim is to assign the appropriate class label to each tweet, as related to a traffic event or not. The traffic detection system was employed for real-time monitoring of several areas of the Italian road network, allowing for detection of traffic events almost in real time, often before online traffic news web sites. We employed the support vector machine as a classification model, and we achieved an accuracy value of 95.75% by solving a binary classification problem (traffic versus non-traffic tweets). We were also able to discriminate if traffic is caused by an external event or not, by solving a multiclass classification problem and obtaining an accuracy value of 88.89%.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Recently, social networks and media platforms have been widely used as a source of information for the detection of events, such as traffic congestion, incidents, natural disasters (earthquakes, storms, fires, etc.), or other events.
  • Sakaki et al. use Twitter streams to detect earthquakes and typhoons, by monitoring special trigger-keywords, and by applying an SVM as a binary classifier of positive events (earthquakes and typhoons) and negative events (non-events or other events).
  • Agarwal et al. focus on the detection of fires in a factory from Twitter stream analysis, by using standard NLP techniques and a Naive Bayes (NB) classifier.
  • Li et al. propose a system, called TEDAS, to retrieve incident-related tweets. The system focuses on Crime and Disaster-related Events (CDE) such as shootings, thunderstorms, and car accidents, and aims to classify tweets as CDE events by exploiting a filtering based on keywords, spatial and temporal information, number of followers of the user, number of retweets, hashtags, links, and mentions.

DISADVANTAGES OF EXISTING SYSTEM:

  • Event detection from social networks analysis is a more challenging problem than event detection from traditional media like blogs, emails, etc., where texts are well formatted.
  • SUMs are unstructured and irregular texts, they contain informal or abbreviated words, misspellings or grammatical errors.
  • SUMs contain a huge amount of not useful or meaningless information

PROPOSED SYSTEM:

  • In this paper, we propose an intelligent system, based on text mining and machine learning algorithms, for real-time detection of traffic events from Twitter stream analysis.
  • The system, after a feasibility study, has been designed and developed from the ground as an event-driven infrastructure, built on a Service Oriented Architecture (SOA).
  • The system exploits available technologies based on state-of-the-art techniques for text analysis and pattern classification. These technologies and techniques have been analyzed, tuned, adapted, and integrated in order to build the intelligent system.
  • In particular, we present an experimental study, which has been performed for determining the most effective among different state-of-the-art approaches for text classification. The chosen approach was integrated into the final system and used for the on-the-field real-time detection of traffic events.
  • In this paper, we focus on a particular small-scale event, i.e., road traffic, and we aim to detect and analyze traffic events by processing users’ SUMs belonging to a certain area and written in the Italian language. To this aim, we propose a system able to fetch, elaborate, and classify SUMs as related to a road traffic event or not.
  • To the best of our knowledge, few papers have been proposed for traffic detection using Twitter stream analysis. However, with respect to our work, all of them focus on languages different from Italian, employ different input features and/or feature selection algorithms, and consider only binary classifications.

ADVANTAGES OF PROPOSED SYSTEM:

  • Tweets are up to 140 characters, enhancing the real-time and news-oriented nature of the platform. In fact, the life-time of tweets is usually very short, thus Twitter is the social network platform that is best suited to study SUMs related to real-time events.
  • Each tweet can be directly associated with meta-information that constitutes additional information.
  • Twitter messages are public, i.e., they are directly available with no privacy limitations. For all of these reasons, Twitter is a good source of information for real-time event detection and analysis.
  • Moreover, the proposed system could work together with other traffic sensors (e.g., loop detectors, cameras, infrared cameras) and ITS monitoring systems for the detection of traffic difficulties, providing a low-cost wide coverage of the road network, especially in those areas (e.g., urban and suburban) where traditional traffic sensors are missing.
  • It performs a multi-class classification, which recognizes non-traffic, traffic due to congestion or crash, and traffic due to external events
  • It detects the traffic events in real-time; and iii) it is developed as an event-driven infrastructure, built on an SOA architecture.

SYSTEM ARCHITECTURE:

MODULES:

  • Fetch of SUMs and Pre-Processing
  • Elaboration of SUMs
  • Classification of SUMs
  • Setup Of the System

MODULES DESCSRIPTION:

Fetch of SUMs and Pre-Processing

The first module, “Fetch of SUMs and Pre-processing”, extracts raw tweets from the Twitter stream, based on one or more search criteria (e.g., geographic coordinates, keywords appearing in the text of the tweet). Each fetched raw tweet contains: the user id, the timestamp, the geographic coordinates, a retweet flag, and the text of the tweet. The text may contain additional information, such as hashtags, links, mentions, and special characters. In this paper, we took only Italian language tweets into account. However, the system can be easily adapted to cope with different languages. After the SUMs have been fetched according to the specific search criteria, SUMs are pre-processed. In order to extract only the text of each raw tweet and remove all meta-information associated with it, a Regular Expression filter is applied. More in detail, the meta-information discarded are: user id, timestamp, geographic coordinates, hashtags, links, mentions, and special characters. Finally, a case-folding operation is applied to the texts, in order to convert all characters to lower case. At the end of this elaboration, each fetched SUM appears as a string, i.e., a sequence of characters.

Elaboration of SUMs

The second processing module, “Elaboration of SUMs”, is devoted to transforming the set of pre-processed SUMs, i.e., a set of strings, in a set of numeric vectors to be elaborated by the “Classification of SUMs” module. To this aim, some text mining techniques are applied in sequence to the pre-processed SUMs. In the following, the text mining steps performed in this module are described in detail:  tokenization is typically the first step of the text mining process, and consists in transforming a stream of characters into a stream of processing units called tokens (e.g., syllables, words, or phrases). stop-word filtering consists in eliminating stop-words, i.e., words which provide little or no information to the text analysis. Common stop-words are articles, conjunctions, prepositions, pronouns, etc. Other stop-words are those having no statistical significance, that is, those that typically appear very often in sentences of the considered language (language-specific stop-words), or in the set of texts being analyzed (domain-specific stop-words), and can therefore be considered as noise. stemming is the process of reducing each word (i.e., token) to its stem or root form, by removing its suffix. The purpose of this step is to group words with the same theme having closely related semantics.

Classification of SUMs

The third module, “Classification of SUMs”, assigns to each elaborated SUM a class label related to traffic events. Thus, the output of this module is a collection of N labeled SUMs. To the aim of labeling each SUM, a classification model is employed. The parameters of the classification model have been identified during the supervised learning stage. Actually, as it will be discussed, different classification models have been considered and compared. The classifier that achieved the most accurate results was finally employed for the realtime monitoring with the proposed traffic detection system. The system continuously monitors a specific region and notifies the presence of a traffic event on the basis of a set of rules that can be defined by the system administrator. For example, when the first tweet is recognized as a traffic-related tweet, the system may send a warning signal. Then, the actual notification of the traffic event may be sent after the identification of a certain number of tweets with the same label.

Setup Of the System

As stated previously, a supervised learning stage is required to perform the setup of the system. In particular, we need to identify the set of relevant stems, the weights associated with each of them, and the parameters that describe the classification models. We employ a collection of Ntr labeled SUMs as training set. During the learning stage, each SUM is elaborated by applying the tokenization, stop-word filtering, and stemming steps.  Finally, the tweets were manually labeled with two possible class labels, i.e., as related to road traffic event (traffic), e.g., accidents, jams, queues, or not (non-traffic). More in detail, first we read, interpreted, and correctly assigned a traffic class label to each candidate traffic class tweet.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows 7.
  • Coding Language : NET,C#.NET
  • Tool :         Visual Studio 2008
  • Database : SQL SERVER 2005

REFERENCE:

Eleonora D’Andrea, Pietro Ducange, Beatrice Lazzerini, Member, IEEE, and Francesco Marcelloni, Member, IEEE, “Real-Time Detection of Traffic From Twitter Stream Analysis”, IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 16, NO. 4, AUGUST 2015.

Effective Key Management in Dynamic Wireless Sensor Networks

Effective Key Management in Dynamic Wireless Sensor Networks

ABSTRACT:

Recently, wireless sensor networks (WSNs) have been deployed for a wide variety of applications, including military sensing and tracking, patient status monitoring, traffic flow monitoring, where sensory devices often move between different locations. Securing data and communications requires suitable encryption key protocols. In this paper, we propose a certificateless-effective key management (CL-EKM) protocol for secure communication in dynamic WSNs characterized by node mobility. The CL-EKM supports efficient key updates when a node leaves or joins a cluster and ensures forward and backward key secrecy. The protocol also supports efficient key revocation for compromised nodes and minimizes the impact of a node compromise on the security of other communication links. A security analysis of our scheme shows that our protocol is effective in defending against various attacks.We implement CL-EKM in Contiki OS and simulate it using Cooja simulator to assess its time, energy, communication, and memory performance.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Existing System Techniques use: symmetric key encryption and asymmetric key based approaches have been proposed for dynamic WSNs.
  • Asymmetric key based approaches found the security weaknesses of existing ECC-based schemes that these approaches are vulnerable to message forgery, key compromise and known-key attacks. Also, we analyzed the critical security flaws of that the static private key is exposed to the other when both nodes establish the session key. Moreover, these ECC-based schemes with certificates when directly applied to dynamic WSNs, suffer from the certificate management overhead of all the sensor nodes and so are not a practical application for large scale WSNs. The pairing operationbased ID-PKC schemes are inefficient due to the computational overhead for pairing operations.

DISADVANTAGES OF EXISTING SYSTEM:

  • Sensor devices are vulnerable to malicious attacks such as impersonation, interception, capture or physical destruction, due to their unattended operative environments and lapses of connectivity in wireless communication
  • Security is one of the most important issues in many critical dynamic WSN applications.
  • Symmetric key encryption suffers from high communication overhead and requires large memory space to store shared pairwise keys. It is also not scalable and not resilient against compromises, and unable to support node mobility. Therefore symmetric key encryption is not suitable for dynamic WSNs.
  • Asymmetric key based approaches suffer from the certificate management overhead of the entire sensor nodes and so are not a practical application for large scale WSNs.

PROPOSED SYSTEM:

  • In this paper, we present a certificateless effective key management (CL-EKM) scheme for dynamic WSNs. In certificateless public key cryptography (CL-PKC), the user’s full private key is a combination of a partial private key generated by a key generation center (KGC) and the user’s own secret value. The special organization of the full private/public key pair removes the need for certificates and also resolves the key escrow problem by removing the responsibility for the user’s full private key. We also take the benefit of ECC keys defined on an additive group with a 160-bit length as secure as the RSA keys with 1024-bit length.
  • In order to dynamically provide both node authentication and establish a pairwise key between nodes, we build CL-EKM by utilizing a pairing-free certificateless hybrid signcryption scheme (CL-HSC)

ADVANTAGES OF PROPOSED SYSTEM:

  • To support node mobility, our CL-EKM also supports lightweight processes for cluster key updates executed when a node moves, and key revocation is executed when a node is detected as malicious or leaves the cluster permanently.
  • CL-EKM is scalable in case of additions of new nodes after network deployment. CL-EKM is secure against node compromise, cloning and impersonation, and ensures forward and backward secrecy. The security analysis of our scheme shows its effectiveness.

MODULES:

  • Network Model
  • Pairwise Key Generation
  • Cluster Formation
  • Key Update

MODULES DESCSRIPTION:

Network Model

In the first module, we develop network deployment module. We consider a heterogeneous dynamic wireless sensor network. The network consists of a number of stationary or mobile sensor nodes and a BS that manages the network and collects data from the sensors. Sensor nodes can be of two types: (i) nodes with high processing capabilities, referred to as H-sensors, and (ii) nodes with low processing capabilities, referred to as L-sensors. Nodes may join and leave the network, and thus the network size may dynamically change. The H-sensors act as cluster heads while L-sensors act as cluster members. They are connected to the BS directly or by a multi-hop path through other H-sensors. H-sensors and L-sensors can be stationary or mobile.

After the network deployment, each H-sensor forms a cluster by discovering the neighboring L-sensors through beacon message exchanges. The L-sensors can join a cluster, move to other clusters and also re-join the previous clusters. To maintain the updated list of neighbors and connectivity, the nodes in a cluster periodically exchange very lightweight beacon messages. The H-sensors report any changes in their clusters to the BS, for example, when a L-sensor leaves or joins the cluster. The BS creates a list of legitimate nodes, M, and updates the status of the nodes when an anomaly node or node failure is detected.

Pairwise Key Generation

After the network deployment, a node may broadcast an advertisement message to its neighborhood to trigger the pairwise key setup with its neighbors. The advertisement message contains its identifier and public key. At first, two nodes set up a long-term pairwise master key between them, which is then used to derive the pairwise encryption key. The pairwise encryption key is short-term and can be used as a session key to encrypt sensed data.

Cluster Formation

Once the nodes are deployed, each H-sensor discovers neighboring L-sensors through beacon message exchanges and then proceeds to authenticate them. If the authentication is successful, the H-sensor forms a cluster with the authenticated L-sensors and they share a common cluster key. The H-sensor also establishes a pairwise key with each member of the cluster. To simplify the discussion, we focus on the operations within one cluster and consider the j th cluster.

Key Update

In order to protect against cryptanalysis and mitigate damage from compromised keys, frequent encryption key updates are commonly required. In this section we provide the pairwise key update and cluster key update operations.

1) Pairwise Key Update: To update a pairwise encryption key, two nodes which shared the pairwise key perform a Pairwise Encryption Key Establishment process. On the other hand, the pairwise master key does not require periodical updates, because it is not directly used to encrypt each session message. As long as the nodes are not compromised, the pairwise master keys cannot be exposed. However, if a pairwise master key is modified or needs to be updated according to the policy of the BS, the Pairwise Master Key Establishment process must be executed.

2) Cluster Key Update: Only cluster head H-sensors can update their cluster key. If a L-sensor attempts to change the cluster key, the node is considered a malicious node.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : C#.NET
  • IDE : VISUAL STUDIO 2010

REFERENCE:

Seung-Hyun Seo, Member, IEEE, Jongho Won, Student Member, IEEE, Salmin Sultana, Member, IEEE, and Elisa Bertino, Fellow, IEEE, “Effective Key Management in Dynamic Wireless Sensor Networks”, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 10, NO. 2, FEBRUARY 2015.

Privacy-Preserving Detection of Sensitive Data Exposure

Privacy-Preserving Detection of Sensitive Data Exposure

ABSTRACT:

Statistics from security firms, research institutions and government organizations show that the number of data-leak instances have grown rapidly in recent years. Among various data-leak cases, human mistakes are one of the main causes of data loss. There exist solutions detecting inadvertent sensitive data leaks caused by human mistakes and to provide alerts for organizations. A common approach is to screen content in storage and transmission for exposed sensitive information. Such an approach usually requires the detection operation to be conducted in secrecy. However, this secrecy requirement is challenging to satisfy in practice, as detection servers may be compromised or outsourced. In this paper, we present a privacy-preserving data-leak detection (DLD) solution to solve the issue where a special set of sensitive data digests is used in detection. The advantage of our method is that it enables the data owner to safely delegate the detection operation to a semihonest provider without revealing the sensitive data to the provider. We describe how Internet service providers can offer their customers DLD as an add-on service with strong privacy guarantees. The evaluation results show that our method can support accurate detection with very small number of false alarms under various data-leak scenarios.

SYSTEM ARCHITECTURE:

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System : Pentium Dual Core.
  • Hard Disk : 120 GB.
  • Monitor : 15’’ LED
  • Input Devices : Keyboard, Mouse
  • Ram : 1 GB

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows 7.
  • Coding Language : NET,C#.NET
  • Tool : Visual Studio 2008
  • Database : SQL SERVER 2005

REFERENCE:

Xiaokui Shu, Danfeng Yao, Member, IEEE, and Elisa Bertino, Fellow, IEEE, “Privacy-Preserving Detection of Sensitive Data Exposure”, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 10, NO. 5, MAY 2015.

Continuous and Transparent User Identity Verification for Secure Internet Services

Continuous and Transparent User Identity Verification for Secure Internet Services

ABSTRACT:

Session management in distributed Internet services is traditionally based on username and password, explicit logouts and mechanisms of user session expiration using classic timeouts. Emerging biometric solutions allow substituting username and password with biometric data during session establishment, but in such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session. Additionally, the length of the session timeout may impact on the usability of the service and consequent client satisfaction. This paper explores promising alternatives offered by applying biometrics in the management of sessions. A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts based on the quality, frequency and type of biometric data transparently acquired from the user. The functional behavior of the protocol is illustrated through Matlab simulations, while model-based quantitative analysis is carried out to assess the ability of the protocol to contrast security attacks exercised by different kinds of attackers. Finally, the current prototype for PCs and Android smartphones is discussed.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • Once the user’s identity has been verified, the system resources are available for a fixed period of time or until explicit logout from the user. This approach assumes that a single verification (at the beginning of the session) is sufficient, and that the identity of the user is constant during the whole session.
  • In existing, a multi-modal biometric verification system is designed and developed to detect the physical presence of the user logged in a computer.
  • The work in another existing paper, proposes a multi-modal biometric continuous authentication solution for local access to high-security systems as ATMs, where the raw data acquired are weighted in the user verification process, based on i) type of the biometric traits and ii) time, since different sensors are able to provide raw data with different timings. Point ii) introduces the need of a temporal integration method which depends on the availability of past observations: based on the assumption that as time passes, the confidence in the acquired (aging) values decreases. The paper applies a degeneracy function that measures the uncertainty of the score computed by the verification function.

DISADVANTAGES OF EXISTING SYSTEM:

  • None of existing approaches supports continuous authentication.
  • Emerging biometric solutions allow substituting username and password with biometric data during session establishment, but in such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session.

PROPOSED SYSTEM:

  • This paper presents a new approach for user verification and session management that is applied in the context aware security by hierarchical multilevel architectures (CASHMA) system for secure biometric authentication on the Internet.
  • CASHMA is able to operate securely with any kind of web service, including services with high security demands as online banking services, and it is intended to be used from different client devices, e.g., smartphones, Desktop PCs or even biometric kiosks placed at the entrance of secure areas. Depending on the preferences and requirements of the owner of the web service, the CASHMA authentication service can complement a traditional authentication service, or can replace it.
  • Our continuous authentication approach is grounded on transparent acquisition of biometric data and on adaptive timeout management on the basis of the trust posed in the user and in the different subsystems used for authentication. The user session is open and secure despite possible idle activity of the user, while potential misuses are detected by continuously confirming the presence of the proper user.

ADVANTAGES OF PROPOSED SYSTEM:

  • Our approach does not require that the reaction to a user verification mismatch is executed by the user device (e.g., the logout procedure), but it is transparently handled by the CASHMA authentication service and the web services, which apply their own reaction procedures.
  • Provides a tradeoff between usability and security.

SYSTEM ARCHITECTURE:

MODULES:

  • System Model
  • Authentication Server
  • CASHMA Certificate
  • Continuous Authentication

MODULES DESCRIPTION:

System Model:

  • In this module, we create the System model to evaluate and implement our proposed system. CASHMA can authenticate to web services, ranging from services with strict security requirements as online banking services to services with reduced security requirements as forums or social networks. Additionally, it can grant access to physical secure areas as a restricted zone in an airport, or a military zone (in such cases the authentication system can be supported by biometric kiosk placed at the entrance of the secure area). We explain the usage of the CASHMA authentication service by discussing the sample application scenario, where a user u wants to log into an online banking service.
  • “User Id” refers to the identity of the user obtained from the Bank for the purpose of logging into the Internet Banking facility provided by the Bank.
  • “Login Password” is a unique and randomly generated password known only to the customer, which can be changed by the user to his/her convenience. This is a means of authenticating the user ID for logging into Internet Banking.
  • “Transaction Password” is a unique and randomly generated password known only to the customer, which can be changed to his/her convenience. This is a means of authentication required to be provided by the customer for putting through the transaction in his/her/their/its accounts with Bank through Internet Banking. While User ID and Password are for valid access into the internet application, giving valid Transaction Password is for authentication of transaction/requests made through internet.

Authentication Server: 

  • In Internet banking as with traditional banking methods, security is a primary concern. Server will take every precaution necessary to be sure your information is transmitted safely and securely. The latest methods in Internet banking system security are used to increase and monitor the integrity and security of the system.
  • The Server maintains the functionality: 
  • Customer Details
  • Activation of Beneficiary
  • Transaction Details
  • Activate Blocked Account 

CASHMA Certificate

  • In this module, we present the information contained in the body of the CASHMA certificate transmitted to the client by the CASHMA authentication server, necessary to understand details of the protocol. Time stamp and sequence number univocally identify each certificate, and protect from replay attacks. ID is the user ID, e.g., a number.
  • Decision represents the outcome of the verification procedure carried out on the server side. It includes the expiration time of the session, dynamically assigned by the CASHMA authentication server. In fact, the global trust level and the session timeout are always computed considering the time instant in which the CASHMA application acquires the biometric data, to avoid potential problems related to unknown delays in communication and computation. 

Continuous Authentication: 

  • A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts based on the quality, frequency and type of biometric data transparently acquired from the user. The use of biometric authentication allows credentials to be acquired transparently, i.e., without explicitly notifying the user or requiring his/her interaction, which is essential to guarantee better service usability.
  • The idea behind the execution of the protocol is that the client continuously and transparently acquires and transmits evidence of the user identity to maintain access to a web service. The main task of the proposed protocol is to create and then maintain the user session adjusting the session timeout on the basis of the confidence that the identity of the user in the system is genuine.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7.
  • Coding Language : NET, C#.NET
  • IDE : VISUAL STUDIO 2010
  • Database : SQL SERVER 2005

REFERENCE:

Andrea Ceccarelli, Leonardo Montecchi, Francesco Brancati, Paolo Lollini, Angelo Marguglio, and Andrea Bondavalli, Member, IEEE, “Continuous and Transparent User Identity Verification for Secure Internet Services”, IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 12, NO. 3, MAY/JUNE 2015.

Channel Time Allocations and Handoff Management for Fair Throughput in Wireless Mesh Networks

Channel Time Allocations and Handoff Management for Fair Throughput in Wireless Mesh Networks

ABSTRACT:

In this paper, we study a wireless mesh network (WMN), where a number of access points (APs) form a wireless infrastructure and provide communications to the mobile stations (MSs). Different APs share the same frequency channel.We study how to provide fair long-term throughput for the MSs while efficiently utilizing the channel resources through effective handoff management and channel timeline allocations, where the channel time is allocated at two levels: first among the APs and then among the MSs. An optimization problem is first formulated and solved. The optimum solution is based on the assumption of having global information about the channel conditions of all the MSs and cannot be easily implemented in a practical WMN. Two distributed schemes are proposed by decoupling the handoff management and channel time allocations. The HO-CA scheme performs heuristic handoff decisions for the MSs based on their link gains to nearby APs and then optimizes the channel time allocations through an iterative process. The CA-HO scheme allocates the channel time to individual APs based on interfering relationship of the APs and then allows the MSs to make handoff decisions based on possible utilities from nearby APs. In both schemes, individual APs solve a local optimization problem to allocate channel time for their associated MSs. Numerical results indicate that both the proposed schemes can achieve very good fairness and that the HO-CA scheme achieves higher throughput.

PROJECT OUTPUT VIDEO: (Click the below link to see the project output video):

EXISTING SYSTEM:

  • In a WMN with a large number of APs and MSs, maintaining the service fairness among the MSs located in different geographical areas and having different mobility patterns can be difficult. In general, MSs associated to heavily loaded APs or having poor channel conditions to the associated APs tend to receive poor QoS. Although balancing the traffic loads among different APs can help achieve fair QoS among the MSs, such an objective cannot be easily achieved without a central controller.
  • The clustering algorithms proposed in existing systems can reduce the handoff overhead by restricting user movement inside a cluster. Although adjusting the MS–AP associations can balance the traffic loads among the APs, providing fair services to individual MSs is not considered in these works.

DISADVANTAGES OF EXISTING SYSTEM:

  • In traditional IEEE 802.11-based WMNs, the handoff and resource management problems are usually studied separately.
  • Performing handoffs in traditional IEEE 802.11-based WMNs requires considerable signaling overhead, which can cause a long delay to data transmissions.
  • Overall, not much work is available in the literature to jointly consider the effects of AP resource allocations and MS handoffs on fair and efficient resource allocations.

PROPOSED SYSTEM:

  • In this paper, we study MS handoff management jointly with AP resource allocations to provide fair average throughput to the MSs. We consider a WMN where APs may share the same frequency channel, and MSs can switch their associations between different APs as they move around. We consider both MS handoffs and channel time allocations, where the channel allocations are further performed at two levels. At the AP level, the problem of channel allocations is to decide the amount of time that each AP can transmit; at the MS level, it is to decide the amount of time that each individual MS can be served. We first formulate an optimization problem based on long-term proportional fairness (PF).
  • The objective is to achieve PF for the long-term throughput among all the MSs in the network while achieving high throughput for the system. This optimum solution requires a central station that has the global information about the channel conditions of all MSs and is difficult to achieve in a practical system. We then propose two distributed schemes, i.e., HO-CA and CA-HO, by decoupling the MS handoffs and the channel time allocations.
  • In the HOCA scheme, heuristic handoff decisions are first made for the MSs based on their link gains to nearby APs, and an iterative and distributed method is then used to find the optimum channel time allocations. In the CA-HO scheme, channel time is first allocated to individual APs based on the interfering relationship between the APs, and then each MS makes handoff decisions by estimating possible utilities from nearby APs. In both schemes, each AP solves a local optimization problem to allocate time for its own associated MSs.

ADVANTAGES OF PROPOSED SYSTEM:

  • This scheme performs handoff first and then allocates channel time.
  • AP to serve the MS with a high transmission rate, which is important toward high utility for the MS.
  • Results indicate that the proposed schemes that decouple the MS handoff and channel time allocations work well in terms of achieving fair average throughput among the MSs.
  • Proposed schemes achieve a very good fairness index, which is close to the optimum and is much better than that of the max-throughput scheme.
  • Our results have demonstrated that the proposed schemes can provide good fairness, even when the location distributions of the MSs are highly uneven in the network service area.

SYSTEM ARCHITECTURE:

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7/LINUX.
  • Implementation : NS2
  • NS2 Version : 2.28
  • Front End : OTCL (Object Oriented Tool Command Language)
  • Tool : Cygwin (To simulate in Windows OS)

REFERENCE:

Lei Qin and Dongmei Zhao, Member, IEEE, “Channel Time Allocations and Handoff Management for Fair Throughput in Wireless Mesh Networks”, IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 64, NO. 1, JANUARY 2015.

Harvest-Then-Cooperate: Wireless-Powered Cooperative Communications

Harvest-Then-Cooperate: Wireless-Powered Cooperative Communications

ABSTRACT:

In this paper, we consider a wireless-powered cooperative communication network consisting of one hybrid access-point (AP), one source, and one relay. In contrast to conventional cooperative networks, the source and relay in the considered network have no embedded energy supply. They need to rely on the energy harvested from the signals broadcasted by the AP for their cooperative information transmission. Based on this three-node reference model, we propose a harvest-then-cooperate (HTC) protocol, in which the source and relay harvest energy from the AP in the downlink and work cooperatively in the uplink for the source’s information transmission. Considering a delay-limited transmission mode, the approximate closed-form expression for the average throughput of the proposed protocol is derived over Rayleigh fading channels. Subsequently, this analysis is extended to the multi-relay scenario, where the approximate throughput of the HTC protocol with two popular relay selection schemes is derived. The asymptotic analyses for the throughput performance of the considered schemes at high signal-to-noise radio are also provided. All theoretical results are validated by numerical simulations. The impacts of the system parameters, such as time allocation, relay number, and relay position, on the throughput performance are extensively investigated.

EXISTING SYSTEM:

In recent years, some significant advances in wireless power technologies have highly increased the feasibility of wireless energy transfer in practical wireless applications. As an example, the successful communication between two terminals solely powered by ambient radio signals, such as the existing TV and cellular signals, has been realized and reported. Besides ambient radio signals, dedicated power transmitters are deployed to implement wireless energy transfer in some applications, e.g., passive radio frequency identification (RFID) networks.

DISADVANTAGES OF EXISTING SYSTEM:

  • Existing work on the design of SWIPT in relay networks focused on the WET and WIT in the same direction.
  • Cannot able to prolong the lifetime of energy constrained wireless networks.

PROPOSED SYSTEM:

  • In this paper, we study a time-switching cooperative communication network with DL wireless energy transfer (WET) and UL wireless information transmission (WIT). The considered network consists of one hybrid AP, one (information) source , and another terminal named as relay that has no traffic and is willing to assist the information transmission of the source. The hybrid AP is connected to a constant power supply, while the source and relay are assumed to have no other energy sources. But they are equipped with a rechargeable battery and thus can harvest and store the wireless energy broadcasted by the hybrid AP.

  • Based on the three-node reference model, we propose a harvest-then-cooperate (HTC) protocol for the WPCCN, where the source and relay harvest energy from the AP during the DL phase and cooperate for the source’s information transmission during the UL phase. The amplify-and-forward (AF) relaying scheme and the selection combining technique are assumed to be implemented at the relay and the AP, respectively. Considering the delay-limited transmission mode, we derive the approximate closed-form expression of the average throughput for the proposed HTC protocol over Rayleigh fading channels.

  • We subsequently extend the analysis to the multi-relay scenario, where the single relay selection technique is implemented. In particular, we consider that only one of the relays will be selected according to a certain criterion in each transmission block, and the selected relay will use the energy harvested in this block to forward the received signal from the source. Two popular relay selection schemes, i.e., opportunistic relaying and partial relay selection, are considered and the corresponding throughput performances are also analyzed.

  • All theoretical results are validated by numerical simulations. The impacts of the system parameters, such as time allocation, relay number, and relay position, on the throughput performance of the considered schemes are extensively investigated. Numerical results show that the proposed scheme outperforms the existing harvest-then-transmit protocol in all simulated cases.

 

ADVANTAGES OF PROPOSED SYSTEM:

  • The proposed HTC protocol outperforms the harvest-then-transmit one in all simulated scenarios. The performance gain of the proposed HTC protocol can be further improved when the number of relays increases.
  • Viable solution to prolong the lifetime of energy constrained wireless networks.

MOTIVATION:

In cooperative networks, there is another (asymmetric) model using relay node(s) to assist information forwarding, which has many applications in practice. However, to the best of our knowledge, there is no paper that considered the design of the aforementioned model for WCPNs in open literature. This gap actually motivates this paper.

SYSTEM ARCHITECTURE:

SYSTEM MODEL:

PERFORMANCE EVALUATION PARAMETERS (GRAPH)

All nodes are randomly scattered with a uniform distribution. Randomly select one of the deployed nodes as the source node.

We evaluate our proposed method with respect to the following metrics: Throughput, E2E latency, Packet loss ratio.

QoS Throughput: is the ratio of the number of report messages the sink receives to the total number of report messages the source node sends. In this paper, we consider the delay-limited transmission mode, where the average throughput can be obtained by evaluating the outage probability of the system with a fixed transmission rate.

Packet loss ratio: measures the ratio of packets have been dropped during transmission time

End to end latency: It refers to the time taken for a packet to be transmitted across a network from source to destination.

These parameter values are recorded in the trace file during the simulation by using record procedure. The recorded details are stored in the trace file. The trace file is executed by using the Xgraph to get graph as the output.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7/LINUX.
  • Implementation : NS2
  • NS2 Version : 2.28
  • Front End : OTCL (Object Oriented Tool Command Language)
  • Tool : Cygwin (To simulate in Windows OS)

REFERENCE:

He Chen, Yonghui Li,João Luiz Rebelatto, Bartolomeu F. Uchôa-Filho, and Branka Vucetic, “Harvest-Then-Cooperate: Wireless-Powered Cooperative Communications”, IEEE TRANSACTIONS ON SIGNAL PROCESSING, VOL. 63, NO. 7, APRIL 1, 2015.

Prevention of Black Hole Attack In Wireless Ad-Hoc Networks

Prevention of Black Hole Attack In Wireless Ad-Hoc Networks

ABSTRACT:

A Wireless ad-hoc network is made up of autonomous wireless nodes moving arbitrary without any network infrastructure. As there is no centralized administration, nodes communicate with each other cooperatively. Protocols used for routing in ad-hoc network are different than wired network. Adhoc On demand Distance Vector is one of the standard routing protocol used for the path formation in wireless ad-hoc network. It is reactive routing protocol which forms path when required. An ad-hoc network is not protected against attack Malicious node performs the black hole attack in network by sending false reply to route requests and source sends data towards malicious node and malicious node absorbs all data packet without forwarding. This hampers the performance of the system. Hence prevention of such type of attack is necessary. This paper describes mechanism to protect AODV routing protocol against black hole attack. The proposed technique is implemented in Exata network simulator. The obtained results are compared with traditional AODV. The simulation results demonstrate that proposed technique prevents black hole attack and thereby improves the performance of the system.

EXISTING SYSTEM:

Ms.Nidhi Sharma and Mr.Alok Sharma proposed solution to prevent black hole. In this solution, the sender node verifies the authenticity of the node that initiates the RREP packet by utilizing the network redundancy.

Kitisak Osathanunkul and Ning Zhang proposed solution against this attack by modifying the AODV protocol. The solution needs nodes to verify whether the route advertised is existed and accurate

Rajesh Yerneni and Anil k. Sarje proposed new protocol by modifying existing AODV protocol named opinion AODV (OAODV). The malicious node ratio of number of RREQs transmitted to the number of RREPs transmitted is very less. In this mechanism, Authors added two fields in routing table these are request weight and reply weight. Request weight in routing table indicates the number of RREQs that are forwarded by the corresponding node. Similarly Reply weight indicates the number of RREPs forwarded. Proposed method has two module-updating request/reply weights and collecting feedback.

DISADVANTAGES OF EXISTING SYSTEM:

The existing system solution is vulnerable to cooperative black hole attacks. If both neighbor node and the next hop node are black hole nodes, the next hop node can response to the source node with falsified routing information. Therefore, this scheme may be vulnerable to a cooperative black hole attack.

The existing system solution given fails when attacker try to finds sequence number by decreasing Destination Sequence number and attacker will get the threshold value. If attacker knows the threshold value then using that attacker can perform attack on network.

PROPOSED SYSTEM:

Mobile ad hoc network is dynamic in nature and vulnerable for several attacks to be arising in it. Mobile nodes frequently disconnect and join the network; they can arbitrarily moves from one place to another. There are several attacks in MANET. One of the attacks is Black hole attack, it is a kind of active attack, it drops the entire incoming packet between one source and destination. Black Hole nodes or Black Holes actually send a fake RREP packet and advertise itself as the shortest route is found. Sender starts transmitting packets to Black Hole, But packet do not reach the destination node on account of this attack and data packets are also lost.

This paper gives a mechanism to prevent black hole attacks on AODV protocol. In this mechanism the source node after getting Route Reply (RREP) Packets from others node it checks for authenticity of reply. and according to that it consider that it forms paths or discard that false reply. At the node which sends reply to Route Request (RREQ), the respondent verifies the value of destination sequence number after sending reply and using threshold it sets the sequence number value for destination.

After receiving many request destination node selects the RREQ message that has the shortest path. After an RREQ message has been selected, the destination node gets the sequence number (Seq) from that RREQ message and compares it with the Seq in its routing table. If the Seq value in the RREQ message is greater than the Seq value in its routing table, the destination node selects the Seq from the RREQ message. Otherwise, it selects the sequence number from its routing table. Additionally, the Seq value that is selected by the destination node must be incremented by one and must be check using the threshold. If the Seq value is greater than or equal to the defined threshold, the Seq value is set to zero (0). else, the destination node uses this Seq value when it generates the RREP message.

ADVANTAGES OF PROPOSED SYSTEM:

To avoid the existing problem, proposed mechanism maintains a list of black node and the list is updated as and when a black node is detected. To detect malicious node threshold value is used.

SYSTEM ARCHITECTURE:

 

BLOCK DIAGRAM:

MODULES

  • Network Topology
  • Dynamic Source Routing (DSR)
  • Cooperative Bait Detection
  • Performance Evaluation

MODULES DESCRIPTION

Network Topology

The Wireless ad-hoc network nodes are randomly distributed in a network are. We are using mobile ad hoc network (MANET). This is the infrastructureless network and a node can move independently. In a MANET, each node not only works as a host and also acts as a router. We can find the communication range for all nodes. Every node communicates only within the range. If suppose any node out of the range, node will not communicate those nodes or drop the packets.

Dynamic Source Routing (DSR)

In this project, we are using dynamic source routing algorithm for routing. The DSR involves two main processes: route discovery and route maintenance. The source node broadcast the RREQ through the network. If an intermediate node has the route information to the destination node in its cache, it will reply with a RREP to the source node. When a RREQ is forwarded, the node adds its address information in the RREQ packet. When destination receives the RREQ, it can know all the information about intermediate node. Then the destination will reply with RREP to the source node along with the routing information.

Handling Request Packet & Handling Reply Packet

We propose a detection scheme called handling request packet algorithm and handling reply packet algorithm which aims to prevent the blackhole attacks in MANET. In this scheme, the source node randomly selects the adjacent node is used as a bait destination address to bait malicious node to send a RREP message. We can prevent the malicious black hole attack node in the routing operation by using the algorithms: Handling Request Packet and Handling reply packet. If there is any malicious node detected in the routing, send the alert message or stop the communication with any node in that list. The proposed system scheme integrates the advantages of proactive detection in the initial stage and the reactive defense architecture to achieve the goal.

Performance Evaluation

In this section, we can evaluate the performance of simulation. We are using the xgraph for evaluate the performance. We choose the three evaluation metrics: Packet delivery ratio – it is the ratio of the number of packet received at destination and number of packet sent by the source, End-to-End delay – the average time taken for a packet to be transmitted from the source to destination, Throughput – number of data received by the destination without any losses.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7/LINUX.
  • Implementation : NS2
  • NS2 Version : 2.28
  • Front End : OTCL (Object Oriented Tool Command Language)
  • Tool : Cygwin (To simulate in Windows OS)

REFERENCE:

Bhagwan Bankar, M. M. Chandane , “Prevention of Black Hole Attack In Wireless Ad-Hoc Networks”.

Mitigation Algorithm against Black Hole Attack Using Real Time Monitoring for AODV Routing

Mitigation Algorithm against Black Hole Attack Using Real Time Monitoring for AODV Routing

ABSTRACT:

Adhoc On Demand Vector (AODV) is a demand driven routing protocol in Mobile Ad hoc Network (MANET).There is always a resource constraint in adhoc network and threat from malicious nodes and hence feasible solution is preferably needed. For this reason, in this paper, we propose a new method RTMAODV (Real Time Monitoring AODV). It does not introduce any overhead. Moreover neighbour node detects and prevents black hole attack using real time monitoring. The new proposed method is effective for multiple sessions. The concept of broadcasting is being used in the method. Node which replies to Route Request (RREQ) by source is being monitored in promiscuous mode. Detection of malicious node is actually done by neighbour node of Route Reply (RREP) sender node. In simulation, new method has shown outstanding result in terms of packet delivery ratio as compare to AODV routing protocol in presence of malicious node under black hole attack.

PROBLEM DEFINITION:

As an enhancement, we propose a new method RTMAODV (Real Time Monitoring AODV). It does not introduce any overhead. Moreover neighbour node detects and prevents black hole attack using real time monitoring. The new proposed method is effective for multiple sessions. The concept of broadcasting is being used in the method. Node which replies to Route Request (RREQ) by source is being monitored in promiscuous mode. Detection of malicious node is actually done by neighbour node of Route Reply (RREP) sender node. In simulation, new method has shown outstanding result in terms of packet delivery ratio as compare to AODV routing protocol in presence of malicious node under black hole attack.

EXISTING SYSTEM:

There is always a threat for mobile ad hoc networks as compare to traditional wired networks because radio waves are the medium of communication, and packets are easily trapped. Hence there is always a high risk for a security threat in wireless adhoc networks. Maintaining security is a crucial task in such networks. There are numerous attacks which adversely affect the network. Some of the attacks are black hole, worm hole and so on. Hence it is important to develop efficient protocol that mitigates these kinds of attacks. There are numerous adaptation of AODV protocol such as EAODV, OAODV and IAODV proposed by researchers to mitigate against black hole attack. These protocols are subjected to environment constraints and suffer from a number of disadvantages

DISADVANTAGES OF EXISTING SYSTEM:

  • Single Session Usage Constraint
  • Wastage of Memory Space.
  • Higher Bandwidth Consumption
  • Higher Control Packet Overhead & Network Overhead

PROPOSED SYSTEM:

This Proposed System deals with a protocol that is capable of performing multiple sessions. As it is being required for a protocol in order to mitigate black hole effect, process is divided into two parts:

  1. Detection of Black hole attack:

Malicious node is being detected by using Real time monitoring and broadcasting mechanism. Moreover promiscuous mode is used for detection of malicious node. The tracking of activities performed by immediate neighbour nodes which are in transmission range of a neighbour node is kept by that particular neighbour node. Two counters as fvalue and rvalue are used for performing a check on malicious node. If fvalue reaches a threshold value and rvalue is found to be zero then node is considered to be malicious and is discarded from the network by broadcasting INTNOT Packet.

  1. Mitigation of Black hole attack

On the identification of blackhole node, Neighbour Node takes an initiative to notify all nodes by broadcasting a packet called INTNOT in the network. This packet contains fields like Packet type, Malicious detector id, Malicious id, Destination id, Lifetime and Time Stamp. Packet type is used to distinguish this packet from data and control packets. Malicious detector id is used for Neighbour Node detecting malicious node. Moreover black list format contains id of malicious node, id of intruder detector and time stamp of packet.

ADVANTAGES OF PROPOSED SYSTEM:

  • Multiple Session Usage
  • Reduce Wastage of Memory Space
  • Reduce Bandwidth Consumption
  • Overhead Reduction

SYSTEM ARCHITECTURE:

DESIGN: BLOCK DIAGRAM:

 MODULES:

  • Detection Algorithm against black hole attack
  • Mitigation Algorithm against black hole attack
  • Notification mechanism

MODULES DESCRIPTION:

Detection Algorithm Against Blackhole attack:

The formal algorithm is as follows:

  1. SN broadcasts RREQ
  2. ITN receives RREQ
  3. if (ITN.RT has Route to DN)
  4. Send RREP to SN;
  5. else
  6. Forward RREQ to Neighbor n
  7. MLN receives RREQ
  8. Send RREP to SN;
  9. SN receives RREP from MLN
  10. Starts transmission;
  11. while (fvalue<threshold)

12 {

13 if (Current node is NM)

14 {

in the blacklist, then RREP

om that malicious node

ll be forwarded.

malicious node

nodes;

  1. incrementfvalue;
  2. if(in PCM received Packet From MLN)
  3. increment rvalue;
  4. }
  5. }
  6. if(rvalue= 0)
  7. Broadcast INTNOT;

Mitigation AlgorithmAgainst Blackhole attack

      RecvReply(Packet P)

  1. Check whether id of malicious node is present in blacklist or

not.

  1. if (mal id is present in blacklist)
  2. {
  3. discard the reply packet from the malicious node
  4. return;
  5. else
  6. if it comes from intermediate node
  7. {forward data packet}
  8. else
  9. {send out data packet in buffer}

Notification mechanism

On the identification of blackhole node, Neighbor Node takes an initiative to notify all nodes by broadcasting a packet called INTNOT in the network. This packet contains fields like Packet type, Malicious detector id, Malicious id, Destination id, Lifetime and Time Stamp. Packet type is used to distinguish this packet from data and control packets. Malicious detector id is used for Neighbor Node detecting malicious node. Moreover black list format contains id of malicious node, id of intruder detector and time stamp of packet.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS: 

  • System :         Pentium IV 2.4 GHz.
  • Hard Disk :         40 GB.
  • Floppy Drive : 44 Mb.
  • Monitor : 15 VGA Colour.
  • Mouse :
  • Ram : 512 Mb.

SOFTWARE REQUIREMENTS: 

  • Operating system : Windows XP/7/LINUX.
  • Implementation : NS2
  • NS2 Version : 2.28
  • Front End : OTCL (Object Oriented Tool Command Language)
  • Tool : Cygwin (To simulate in Windows OS)

REFERENCE:

Anishi Gupta, “Mitigation Algorithm against Black Hole Attack Using Real Time Monitoring for AODV Routing Protocol in MANET,” IEEE 2015.