Comprehensive Analysis On Pervasive Security
Attacks: A Survey
R.Jothi, P.Anitha
Abstract :- Pervasive Computing is one of the fast and furious blooming area in the field of embedding and communication technology. It aims to integrate the smart objects into the human day-day activities. The device can be access by anywhere, anyplace and anytime. So, variety of major concern occurring in the form of privacy and security challenges.This paper addresses the predominant security attacks ,which takes place of using this smart environment. Further the paper focusing about the work done on related to security attacks. Finally, the paper confers about the existing counter measures and solutions available to overcome from the major issues of the security attacks.
Index Terms:- Pervasive Computing,security attack,Threats,
—————————— ——————————
1
Introduction
This wide development of pervasive system is promoted into the various application and technology such as smart health & home appliances, intelligent transport system, military application, automatic environment monitoring etc. for the above applications integrated to smart devices are connected autonomously with artificial intelligence, sensors & communication networks. The Pervasive computing system can exist everywhere with the connection of heterogeneous network[1]. The main feature of this networking is to enable the devices and user at everywhere i.e. user and device mobility. In this smart environment the user and device can easily connect or disconnect into this network in a flexible way because here there is no central authority to control the device and user from unauthorized access. The pervasive environment all the devices are connected autonomously the connected devices is act as a router. Each device can find their own path and share the data within the connected device and there may be a third party or unauthorized device can easily enter on this network freely. For this we must protect the device and network from the security attacks. In the pervasive environment different smart objects can embedded with the high abilities of computing technologies[2]. These technologies can carry a highly sensitive data of the smart user here the sensitive information can be protected from the unauthorized access. Therefore, security is needed to protect the data. So, security is one of the essential domains of research to protect the device/data/network from the vulnerable attacks. If the attacks occur it uplift many problems such as entire system can get damaged it affecting the user’s sensitive data and lead the destroy of property, security attacks will cause unavailable of the services to the specific user.In this computing number of devices are connected rapidly so the highly risk assessment evolving around the issue of security attacks.
This type of system is expected the access of the third-party devices which turn to many security attacks[3].The design of the security architecture or protocol is the important need of the current system to protect and detect security attacks including such as process of secure routing, detection of third party access, ability to find the attacking device in the network, abuse of technology can affect the day-day activities of the modern human life. so the prior detection of security attacks is one of the essential requirement in the emerging field of pervasive smart environment[4]. In the integrated networks the detection and protection of security attacks is an active research area. In addition to the security issues of traditional network can differ from this smart connected environment[5]. This paper is organized as follows section II discuss above the issues and challenges of pervasive security section III addressing about the major attacks facing on the smart environment and also compare the similarities of the attack types and issues causing and affecting the network section IV propose a Literature Survey and Related Work in the field of security attacks. Section V the comprehensive analysis of the existing counter measures and defences available to protect and detect the current problem on the security attacks. Section VI we conclude the open reseach problem in the field of smart security attacks.
1.1 Pervasive Computing Security Challenges:
Pervasive Computing technology having many essential applications to take the control and access of the smart devices to protect the smart devices from the authorized access security is one of the major need of this computing environment at present majority of the people are using this smart environment for the favourable communication one of the difficult aspect is securing this environment from the malicious attack some of the security policies is needed for the use of independent usage of this smart network against from the violation of the security attacks[6]. The main requirement of the security challenges must ensure i) Confidentiality ii) Integrity iii) Authentication and iv) Availability the above requirements specifically taking as a special consideration to provide the fundamental security of the pervasive devices. The smart applications of the pervasive device are to collect, store and send the sensitive information [6] many of the Threats, Vulnerabilities, Risks and Attacks can breach the security requirements. We surveyed many current research papers to pin point the major challenges affecting this environment and reviewed the proposed work to safe guard against the security some ————————————————
• R.Jothi MCA.,M.PHIL,Asst.Prof , Dept of Computer Applications, in Dhanalakshmi Srinivasan College of Arts and Science for women(Autonomous),Perambalur.
3363 of the major challenges are identified under our surveyed
changing the user data. client and server information hacked by others network eavesdropping, loss of privacy, theft of smart device, stolen the sensitive data, isolating device memory, data forgery, user interaction issues, alteration of original data, privacy leakage. Social and economic issues, usage of prohibited connection, utilizing others sensitive data. In our survey mainly we focused on security attacks and analysed how it can affect the smart environment. Further we investigate more on security attacks for the next section the major attacks affecting this environment can elaborately determine by our survey[7].
2
Attackson Pervasive Computing:
The Essential property of this computing may be affected by the various attacks. This section can review the major attacks affecting by this environment. Most of the attacks are classified by the following such as i) Modification attacks, ii) Impersonation attacks iii) Packet's leak attacks iv) Flooding attacks. The Following Table shows the summery of attacks by the way at Attacks, categories of attacks. Stimulation of attacks. Security issues related with each attack.
Figure 1.
2.1 Modification Attacks:
This form of attacks is also known as Man- in the middle attack. This attack can dispatch by performing the message in the formation of false Routing. So, the harmful device can able to receive the message. Problem raises on this attack can cause the Packet header modification and snfifers can obtain the copies of the packet through this issue the message integrity gets affected[16]. This type of attack is difficult to detect modification attacks can be classified as Rushing attacks, Route Tunnelling attacks and Interception attacks. The above attacks can origin before passing the packets to the receiver the harmful device can change/alter the content of the packet. The modification attacks can cause problem such as loss of integrity and availability.
2.1.1. Route tunnelling attacks:
The harmful device can made confuse to the attacking device in the network. That the malicious device can misroute the information so the sensitive information can able to redireacted by the harmful device. The prevention of this attack is more difficult[8].
2.1.2. Rushing attacks:
The main goal of this attack is to add the harmful device with the path of the routing. This type of network attacker can fastly discover the route packet to the device forwarding group. Rushing attack can work successfully by the attacker. The attacker can send the modified packets to other connected device the strategies following on this attack which may be secure the discovery of route, authentication of route request and replay.
2.1.3. Route and Message fabrication attack
This attack can insert the duplicate message on Routing. A route fabrication attack can cause a result such that wastage of bandwidth and late transmission of packets[9]. A message fabrication attack. Before transfer the packets to the next device it can alter the packet header message. The Policy needed to detect and prevent the Route and message fabrication attack such as packet filtering technique it can have a potential to blocking and filtering the packets before reach to the harmful devices. The source device can easily identify the untrusted device
2.1.4.Interception attack: (traffic attack)
The attackers using wireless sniffers can obtain the copies of the packets. The unauthorized individual attacks can access the confidential data. It can breach the network confidentiality. The main motivation of this attack to snoop the flow of traffic[10].
2.1.5.Mislead Routing Attack:
This attack can cause the routing state corruption. here the connected device cannot send the data to its destination within a time.
2.2. Impersonation attacks:
Impersonation means the original identify of the attackerrs can hidden. This attacker can retain the message by eves dropping the device communication. This type of security attacks can provide issues the integrity problem. This attack can be classified by ARP spoofing attacks, sybil and eves dropping etc.
2.2.1.ARP Spoofing:
It is also called as ARP poisoning. It can masquerade the address of the connected device. For all the connected device the IP address is assigning by the ARP Protocol based on the device physical address that is called MAC address. In this attack the attacker injecting the duplicate MAC address to access the sensitive data being transmitted from the host to prevent from this type of attack. we can use spoofing detection technique that technique can prevent the packet from the duplicate address.
2.2.2.Sybil Attack:
This attack can affect the performance of the pervasive network overhead the communication and slow down the process of the reputation system. To improve the performance of this environment it can include packet filters spoofing detection technique etc.
3.3.Packet's Leak Attack:
of the network can be destroying the routing messages. This attack includes the following black hole and Grey hole attacks and worm hole, sink hole attacks.
3.3.1.Sink hole attack:
This form of attack can make its nearest device to believe the shortest path to the receiver is through it. This type will cause the relay of traffic to the connected device between the connected device the routing information must be collected and analyzed from the packet transferred between source/destination. end-end feedback mechanism is needed to protect from the attacker.
3.3.2. Warm hole attack:
It is a relay-based attack that can distrub the routing protocol it can break down the network. The network traffic will attack from one side of the network[11].
3.4. Flooding Attack:
The intruder node prevent in the network frequently sends the unwanted message to its neighbours due to this overhead can occur. Flooding can be classified by sleep deprivation attacks, DoS, Routing Table overflow attack, Hit & Run Attacks.
3.4.1. Sleep deprivation attacks:
Here the targeted node or device is too busy by the flooding of the networking the destination device cannot process the request. This attack forced the targeted device is undergoing in sleeping mode for battery life time optimization.
3.4.2.DoS:
This attack can make the resources unavailable to the specified system two types of attacks can occur one is simple DoS & distributes DoS. It can cause sending the packets continuously.
3.4.3.Routing table overflow attacks:
This attack can affect the target device. Maintaining the fake information in the routing table routing has consumes based on this fake table. This attack can particularly affect the pervasive environment.
3.4.4.Hit & Run attacks:
Malicious packets are injected by the attacking device into the targeted device. Unusal activities are occur that depend upon the code injected by the attacker. It can cause the major damage on the network.
3.4.5.Jelly Fish:
TCP based protocol can be affected by this attack. The behaviour of the TCP protocol can reorder the packets. Table 1 summary of security attacks in Pervasive Computing
3. Related work:
In this proposed work the author provided two types of counter measures on worm hole attacks of pervasive computing. This solution can prevent the networks from the worm hole attacks. i.e proactive and reactive countermeasures. The proactive solution can be achieved by timing, location or the usage of guard nodes. The next
3365 rate and false alarm rate. The author proposed the security
algorithm for wormhole attack. It can solve the problem against the attack such as distance vector hop localization algorithm. The algorithm first establishes the list of relationship among the neighbour node and identified the attacked node. The different area of wormhole attack has marked with 1 and 2 the algorithm can do the process to mark the beacon nodes and to mark the unknown nodes.
The unknown nodes can identify the wormhole and marked themselves with 1 or 2. The error source can be analyzed by this simultaneous process. The proposed algorithm can reduce 80% of the localization error. This paper proposed the problem in ARP Spoofing it can cause the man in the
middle attack, blocking the host and host impersonation. The detection and protection scheme proposed by the author. The detection of ARP attacks has done by monitoring by the ARP cache table and protect the host from the attackers through ARP link type control. Which changes from the dynamic to static? The proposed scheme does not need a complex encryption algorithm[17].
Attack Attack Types Reason of Attacks Security Problems
Modification Attacks
Route Tunneling Attack Communication accessed and
gained by others. Loss of Availability & Integrity. Rushing Attack Packet get modified Loss of Authentication Route and Message
fabrication Attack
Alter the packets and generate
duplicate message. Loss of Integrity Interception Attack Attract Traffics,DoS Loss of Confidentiality
Impersonation Attacks
ARP Spoofing Blocking the Host, Attackers can read and modify the data packets.
Loss of Confidentiality, Integrity and Authentication.
Sybil Attack Slow down the process Loss of relaibility.
Packets Leak Attacks
Sink hole Attack Hacking the routing message. Loss of Availability. Warm Hole Attack Distrub the network traffic Loss of Availability.
Covert Channel Attack Leakage of Packets Loss of Confidentiality.
Flooding Attacks
Sleep Deprivation Attacks Host cannot process the request. Loss of Availability & Reliability. Dos Make the resource unavailable. Loss of Availability.
Routing Table Overflow
attack. Generate the fake Information. Loss of Integrity.
Hit and Run Attack Injecting malicious Packets. Loss of Authentication & Integrity.
Jelly Fish Affecting TCP Protocol Loss of Availability.
Table 1
The proposed work of this paper had to heterogeneous protocol for deniable authentication to the pervasive computing environment. The first protocol permits a source to forward a message in a public key infrastructure environment to the destination in a identity based cryptography environment in the second protocol the source can use the IBC environment to send a message to the destination by PKI environment the above protocol proof verified by Diffie Hellman assumption. The protocol can have a extra features that is verification has done by batch[18].It can improve the authentication and verification process. In this paper the author determined the problem on sinkhole and distance spoofing attacks occurring on smart grid networks[19]. The network secured by a protocol such that routing protocol for low power and loss networks[20]. This protocol can provide the optimal routing performance in wireless sensor networks. It proposes node node encrypted authentication with served encryption key and key compromising detection techniques.
3.Conclusion:
In this paper we determined the pervasive security issues and challenges. Addressing about the major attacks affecting on this environment. The similarities the smart attacks compared and evaluated with the following (i) Modification,(ii) Impersonation,(iii) Packet leak attack, and
(iv) Flooding. The survey presents the various aspects of the security attacks of this environment. The security attacks and mitigation strategies are discussed on this paper. The existing security mechanisms are survey by their counter measures.
REFERNECES:
[1] Aminu Bello Usman, Jairo Gutierrez, ―Toward Trust Based Protocols in a Pervasive and Mobile
Computing:A Survey‖, doi:
10.1016/j.adhoc.2018.07.009.
[2] Eslam G. AbdAllah, Hossam S. Hassanein, Mohammad Zulkernine ―A Survey of Security Attacks in Information-Centric Networking‖ DOI
10.1109/COMST.2015.2392629, IEEE
Communications Surveys & Tutorials.
[3] Bosheng Zhou, Alan Marshall, Tsung-Han Lee ―Wireless Security Issues in pervasive computing‖ 978-0-7695-4281-2/10 $26.00 © 2010 IEEE DOI 10.1109/ICGEC.2010.133
[4] Tarik Guelzim and Mohammad S. Obaidat‖ Formal methods of attack modeling and detection‖ © 2015 Elsevier Inc.
Computing networks‖ 978-1-4799-1597-2/13/$31.00 ©2013 IEEE.
[6] Madhurima Hooda, Shashwat Pathak, Dr. Madhulika, Babita Yadav‖ Pervasive Security of Internet Enabled Host Services‖ICCTCEEC-2017.( 978-1-5386-3243-7/17/$31.00 ©2017 IEEE)
[7] Anil S Naik1 and Dr. R. Murugan2,‖ Security Attacks and Energy Efficiency in Wireless Sensor Networks: A Survey‖ ISSN 0973-4562 Volume 13, Number 1 (2018) pp. 107-112 © Research India Publications. http://www.ripublication.com
[8] Isra’a Ahmed Zriqat, Ahmad Mousa Altamimi‖ Security and Privacy Issues in Ehealthcare Systems: Towards Trusted Services‖ (IJACSA) Vol. 7, No. 9, 2016. www.ijacsa.thesai.org.
[9] Abdul Wahab Ahmed, Mian Muhammad Ahmed, Omair Ahmad Khan, Munam Ali Shah‖ A Comprehensive Analysis on the Security Threats and their Countermeasures of IoT‖ (IJACSA) Vol. 8, No. 7, 2017. www.ijacsa.thesai.org.
[10]Nilufer Tuptuk, Stephen Hailes‖ Covert Channel Attacks in Pervasive Computing‖ 2015 IEEE International Conference on Pervasive Computing and Communications (PerCom), 978-1-4799-8033-8/15/$31.00 ©2015 IEEE.
[11]Isaac Woungang,1 Sanjay Kumar Dhurandher,2 and Abhishek Gupta2‖ understanding Wormhole Attacks in Pervasive Networks1‖ Pervasive Computing and Networking, First Edition. Edited by Mohammad S. Obaidat, Mieso Denko, and Isaac Woungang.© 2011 John Wiley & Sons, Ltd. Published 2011 by John Wiley & Sons, Ltd. ISBN: 978-0-470-74772-8.
[12]12. Pavan Pongle, Gurunath Chavan‖ A Survey : Attacks on RPL and 6LoWPAN in IoT‖ (ICPC), 978-1-4799-6272-3/15/$31.00(c)2015 IEEE.
[13]13. Ivan Farris, Tarik Taleb, Yacine Khettab, and JaeSeung Song‖ A survey on emerging SDN and NFV security mechanisms for IoT systems‖ DOI 0.1109/COMST.2018.2862350, IEEE.
[14]Shefiu Olusegun Ganiyu, Rasheed Gbenga Jimoh‖ Characterising Risk Factors and Countermeasures for Risk Evaluation of Bring Your Own Device Strategy‖ INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE S.O. Ganiyu et al., Vol.7, No.1. [15]Yunchuan Sun1, · LeiW · ShizhongW · Shoupeng ·
Tao Zhang1 · Li Zhang · Junfeng Xu1 · Yongping Xiong · Xuegang Cui‖ Attacks and countermeasures in the internet of vehicles‖ DOI 10.1007/s12243-016-0551-6, © Institut Mines-T´el´ecom and Springer-Verlag France 2016.
[16] Alexandros Ladas, Deepak G. C., Nikolaos Pavlatos, Christos Politis‖ A Selective Multipath Routing Protocol for Ubiquitous Networks‖ PII: S1570-8705(18)30164-1,doi:10.1016/j.adhoc.2018.04.013.19.
[17]Rawia Bdiwi, Cyril de Runz, Sami Faiz, Arab Ali Cherif‖ Towards a new Ubiquitous Learning Environment Based on Blockchain Technology‖ 2161-377X/17 $31.00 © 2017 IEEE,DOI 10.1109/ICALT.2017.37. [18]Jie Zhang, Nian Xue and Xin Huang‖ A Secure System
For Pervasive Social Network-based Healthcare‖ DOI 10.1109/ACCESS.2016.2645904, IEEE Access.
[19]Yong Wu, Gengzhong Feng , Nengmin Wang , Huigang Liang,‖ Expert Systems with Applications‖ (2015), http://dx.doi.org/10.1016/j.eswa.2015.03.033. [20]20. Ali Modirkhazeni , Norafida Ithnin , Mohammed M.
Kadhum , and Teddy Mantoro ―Mitigation of Wormhole Attack in Wireless Sensor Networks‖ DOI: 10.2991/978-94-91216-71- 8_7,_ Atlantis Press 2012.
[21]JingxuanWang, Lucas C.K. Hui, S.M. Yiu, Eric KeWang, Junbin Fang‖ A survey on cyber attacks against nonlinear state estimation in power systems of ubiquitous cities‖ PII: S1574-1192(17)30187-6,DOI:
http://dx.doi.org/10.1016/j.pmcj.2017.04.005,Reference
: PMCJ 829.
[22]Ju Ren, Yaoxue Zhang, Kuan Zhang, and Xuemin (Sherman) Shen‖ Exploiting Mobile Crowd sourcing for Pervasive Cloud Services:Challenges and Solutions‖ 0163-6804/15/$25.00 © 2015 IEEE.
[23]Florina Almenarez , M. Francisca Hinarejos , Andrés Marín , Josep-Lluís Ferrer-Gomila , Daniel Díaz Sánchez ―PECEVA: An adaptable and energy-saving credential validation solution for pervasive networks ‖ http://dx.doi.org/10.1016/j.ins.2016.03.010 0020-0255/© 2016 Elsevier Inc.
[24]24. Francesco Colace, Massimo De Santo, Vincenzo Moscato, Antonio Picariello,Fabio A. Schreiber, and Letizia Tanca‖ Pervasive Systems Architecture and the Main Related Technologies‖ © Springer International Publishing Switzerland 2015, DOI 10.1007/978-3-319-20062-0_2.
[25]Jaeseung Lee 1, Yunsick Sung 2,* and Jong Hyuk Park ―Lightweight Sensor Authentication Scheme for Energy Efficiency in Ubiquitous Computing Environments‖ Sensors 2016, 16, 2044; doi:10.3390/s16122044. [26]Ramakrishna Kappagantu∗, S. Arul Daniel‖ Challenges
and issues of smart grid implementation:A case of
Indian scenario‖
https://doi.org/10.1016/j.jesit.2018.01.002.
[27]Alma Oracevic, Selma Dilek, Suat Ozdemir‖ Security in Internet of Things: A Survey‖ 978-1-5090-4260-9/17/$31.00 ©2017 IEEE.
[28]Kai Bu, Member, IEEE, Minyu Weng, Yi Zheng, Bin Xiao,‖ You Can Clone but You Can’t Hide: A Survey of [29]Clone Prevention and Detection for RFID‖ DOI
10.1109/COMST.2017.2688411, IEEE
Communications Surveys & Tutorials.
[30]Arsalan Mohsen Nia, Niraj K. Jha‖ A Comprehensive Study of Security of Internet-of-Things‖ DOI 10.1109/TETC.2016.2606384, IEEE Transactions on Emerging Topics in Computing.
