An improved model for securing ambient home network against spoofing attack

Published Online February 2018 in MECS

The volume of wireless communication between mobile users is becoming more popular than ever. The proliferation of mobile computing and communication devices such as cell phones, laptops, handheld digital devices, personal digital assistants and wearable computers is driving a revolutionary change in our information society [1]. The advent of wireless communication between two nodes and the ability of a node to communicate beyond its radio transmission range using intermediate nodes have also led to the growth of Mobile Ad hoc Networks (MANET) [2]. MANET is a connection of two or more devices with wireless communications and networking capability that communicate with each other without the aid of any centralized administrator [3][4]. Ambient Intelligence (AmI) is the integration of digital devices and networks into the everyday environment, rendering accessible, through easy and natural interactions, a multitude of services and applications. It places the user at the centre of the information society [6]. The objective of AmI is to broaden the interaction between human beings and digital information technology through the use of ubiquitous computing devices. The ubiquitous communication enables digital devices to communicate with each other by means of ad hoc or wireless networking.

MANET nodes are interconnected through wireless interface and the dynamic nature of this type of network makes it highly susceptible to various link attacks. Transmission takes place in an open medium and this makes MANETs highly vulnerable to security attacks [6][7]. The security attacks in MANET can be roughly classified into either active or passive attacks [8]. Actions such as impersonation (masquerading or spoofing), modification, fabrication and replication are active attacks. The security of wireless mobile ad hoc networks is low because MANET has no clear line of defence, it is accessible to both legitimate network users and malicious attackers. This research presents the development of a model capable of preventing spoofing attacks by providing an improved security mechanism that will limit unauthorized user from gaining access to home networks

• II.    Related Work

In [9] a protocol called Authenticated routing for Ad hoc network (ARAN) which detects and protects against malicious actions by third parties and peers by introducing authentication, message integrity and nonrepudiation as a part of a minimal security policy. The result showed that the protocol is simple compared to most non-secured ad hoc routing protocols. One of the limitations of ARAN is that in networks with heavier data traffic loads, congestion could prevent the discovery of the shortest path. [10] developed a reputation based scheme called a Trustful ARAN which is an integration of ARAN and reputation based scheme. The scheme proves to be more efficient and more secure than Normal ARAN in defending against both malicious and authenticated selfish nodes. The limitation of the approach is that the improvement that was achieved was at a higher cost. [11] developed a solution using network steganography to prevent spoofing attack by the use of a covert channel to transmit messages without any malicious node finding out. The limitation of this approach is that network sniffer can detect the covert channel. [12] presents a mechanism known as Trust Scheme which was developed and this improves the performance of routing protocol against malicious attack by observing nodes behavior. The result shows that the trust scheme improves network efficiency in MANET. The disadvantage of the mechanism is that the observer nodes detected the misbehaving nodes based on the number of received and inaccurate packets. Further research should include observing more factors such as accuracy of the received packets.

In more recent works, [13][14][15] developed a generalized spoofing attack detection which make use of a non-cryptographic mechanism to detect spoofing. The performance was evaluated using detection rate, false positive rate, delay metric, energy level and hit rate. The results showed that the mechanism is more efficient in identifying the attackers than isolating attackers. Also, [16] proposed a novel system called mobile spoofing attack detection and localization in wireless networks (MODELWIN) which uses mobile spoofing attack and localization (MODEL) algorithm. Simulation results revealed that that the model can detect spoofing attacks with a very high detection rate and localize adversaries accurately. One of the limitations of the model is that the original and the attacker node should have different moving patterns. None of the related works, has addressed the problem of spoofing attack in AmI home network, thus the need for this research. We proposed a model with high precision and low convergence time to prevent spoofing attacks in home network using LSB, adaptive neuro-fuzzy and Transposition cipher so that communication will be between legitimate nodes.

• III.    Methodology

The proposed model was designed using MANET concept, image steganography, adaptive neuro-fuzzy and transposition cipher. In this approach, the cover images used have their colors represented in decimal as described by binary color combination. The packet sent is then hidden in the least significant bit of the cover image. A transposition cipher was used to rearrange the stegno image before transmission, transposition cipher key was used to decrypt the steganography image while the adaptive neuro-fuzzy was used to train the packets.

• A.    Copy Conceptual Architecture for the Developed Spoofing Detection in MANET

The developed conceptual model for the Mobile Ad hoc spoofing attack prevention shown in Fig. 1 is a hybrid of two networks MANETs and social networks. The AmI home comprises home server, local devices, remote home devices and MANET. The home control server contains the applications that coordinate the activities of the home. The MANET is the network used to connect all the mobile devices in the AmI home and remote users within the MANET coverage area. The AmI home is connected to the remote users through the internet using the social network platform such as Facebook, Twitter, Myspace or LinkedIn. Through the Social Network Site, the AmI was integrated into the social network.

With the communication route established, the home user’s devices are protected from spoof attacks using the enhanced Steganography Adaptive Neuro-fuzzy Steganography Algorithm (SANFA) consisting of least significant bit steganography, transposition cipher and adaptive neuro-fuzzy.

• B.    Description of the Least Significant bit Algorithm

The least significant bit (LSB) insertion method is a simple steganography algorithm that takes the least significant bit in some bytes of the cover medium and swaps them with a sequence of bytes containing the secret data in order to hide the information in the cover medium. It is a simple approach for embedding message into an image. The LSB technique varies according to the number of bits in an image. Applying LSB technique to each byte of an 8-bit image, only one bit can be encoded into each pixel, as each pixel is represented by one byte. The 8th bit of the cover image is changed to the bit of the secret message. Messages are encoded in different colour components by taking advantage of the fact that the changes in the value of the LSB are imperceptible to human eyes.

• C.    Description of Transposition Cipher Algorithm

  The transposition cipher (or permutation cipher) simply rearranges the values within a block to create the cipher text. This can be done at the bit level or at the byte (character) level. For example, with transposition key pattern : 1 -> 4, 2 -> 8, 3 -> 1, 4 -> 5, 5 -> 7, 6 -> 2, 7 -> 6, 8 -> 3, the cipher key will be 36275184. In this key, the bit or byte (character) in position 1 (with position 1 being at the far right) moves to position 4 (counting from the right), and the bit or byte in position 2 moves to position 8, and so on. The key to the cipher is the pattern of rearrangement.

• D.    Transposition Cipher Algorithm

• i.    Create an empty string variable say P (P is the variable for holding the message) and another variable say H as the holder of the output;

• ii.    String P = “”; String H = “”;

• iii.    Create an empty string variable say K (K is the

variable for holding the key)

• iv.    String K = “”;

• v.    Enter the message in bits; P = “message”;

• vi.    Enter the randomly generated key K = “key”;

vii. Create an array that’s equal to the message length

• viii.    String [] transposition_cipher = new String [P.length];

  

  Fig.1. Conceptual Architecture for the Developed Spoofing Detection in MANET

  
  

• ix.    For (int i = 0; i< P.length; i++) transposition_cipher[i] = P(i)-1;

• x.    For Int i = 0; i< K.length; i++;

H += transposition_cipher [K(i)-1];

• xi.    Print H;

• E.    Description of the Adaptive Neuro-Fuzzy System

The adaptive neuro-fuzzy is a system that trains the movement of packets from one node to another in order to avoid the packets being altered by intermediary nodes. The system design is such that the bits of the encrypted message been sent from the key pattern cryptography algorithm will be taken as the input for the adaptive neuro-fuzzy system. The connecting peers, number of peers, membership function and the input from the key pattern cryptography algorithm are all used to get the output image. The membership function is mapped with the input which is the bits of the message to form or get the normalized weights, which is then used to calculate the output of the image.

The output image is compared with the threshold value to make sure the threshold value has been reached so that we can guarantee that the packet has been delivered.

• F.    Developed Enhanced Steganography Adaptive Neuro-Fuzzy Algorithm (SANFA)

The proposed scheme is a hybrid algorithm which consists of neuro-fuzzy, least significant bit and transposition cipher. The following steps are involved.

• i.    Input the bits of the encrypted message been

sent from the transposition algorithm

• ii.    process the encrypted bit to find the

normalized weight wi = µAi( b1) * µBi( b2) * µCi( b3) * µDi( b4) *

µ Ei ( b 5 ) * µ Fi ( b 6 ) * µ Gi ( b 7 ) * µ Hi ( b 8 )

For i = 1 to 8

Wi w = —---- ZUWi

For i = 1 to 8

• iii.    Calculate the output for the image

_n _ ^i=iPiW u —

Z f=i w

Where

P= connecting peers

S = number of connecting peers

µ = membership function b1 – b8 = stegno bits or transposed bits (binary packets) w= weight of stegno bits or transposed bits

The threshold value must be exceeded before the image can said to be delivered.

• G.    Performance Evaluation Method for Spoofing Attack Model

In this research work, the proposed enhanced steganography adaptive neuro-fuzzy algorithm is benchmarked against the least significant bit steganography. The parameters used for benchmarking are precision and convergence time.

• H.    Precision

Precision (P) is computed as the ratio of the number of correctly detected samples to the total number of samples. The P was considered for both the stegno image and the transposed stegno image in Table 1.

The precision for the enhanced steganography adaptive neuro-fuzzy model is computed as follows:

р =

Тр

Tp + TN

* 100

Where:

T P = the number of packets with correct delivery value. T N = the number of packets with incorrect delivery value

• I.    Convergence Time

Convergence time is measured in terms of iterations needed to compute the correct delivery value for the transmitted packets. Convergence time is the number of iteration with respect to the network size. The set threshold value is used as the reference for its computation.

the packets that are transmitted between two and three peers have low percentage precision of 0% and 25% for both SANFA and transpose SANFA respectively, as a result of no intermediary nodes. Also the network with more connecting peers has high percentage precision between 87.5% to 100% for SANFA and 75% to 100% for transpose SANFA. This is an indication that transpose SANFA is a good system for securing ambient home network against spoofing. Result for precision is shown in Table 3. The simulation for the convergence time was performed using twenty scenarios. It takes the average number of iterations for the twenty (20) packets sent and the network size of each packet. The result for the convergence time was shown in Fig. 2, transpose SANFA had 8.875 to 10 secs average for convergence time while SANFA. had 8.75 to 10 secs average for convergence time with small network size. This is so because there is nothing to detect hence the system will not converge faster. For the larger network size, transpose SANFA had 1.875 to 4.75 secs average for convergence time while SANFA had 1.375 to 5.125 secs average for convergence time. The convergence time for transmitting the packets is slightly close for both SANFA and transpose SANFA but when the network size is very high transpose SANFA converges faster than SANFA.

• IV.    Simulation Results and Discussion

Simulations were performed for the two variants of the proposed enhanced steganography adative neuro-fuzzy for eight (8) encrypted bits in twenty (20) packets to get image output value. The packets was gotten from observing a university wireless campus area network for five days, while the connecting peers were generated using pseudo random numbers generator.. We assumed the threshold value for the simulation to be 0.5. Simulation was done with MATLAB 7.0. The image output were derived by performing at most ten (10) iterations. Table 1 shows the image output value for transmitting one of the twenty (20) packets and Table 2 shows the simulation parameters

Simulation for precision is shown in Table 3 in which

• V.    Conclusion

In order to secure the home network against spoofing attack, a model called enhanced steganography adaptive neuro-fuzzy (SANFA) was developed in this research, in which it comprises of least significant bit steganography, transposition cipher and adaptive neuro-fuzzy. Two variants of the model: SANFA and transpose SANFA were compared using precision and convergence time as performance metrics.

The simulation results showed that SANFA is a good system for securing the home network against spoofing attack. Future work will to secure the home by transmitting message through trusted path depending on how trustworthy are the neighboring nodes.

Table 1. Parameter and Simulation Result of Image Output for Transmitting Fourteenth Packet

Color combination	Message(Packet) 40kbp/s (replacing the LSB Of the colors)	Transmitted Packet (transposedPacket)	Number of iterations	Output value For stegno image	Number of iterations	Output value For transposed packet
Yellow (11111111, 11111111,0)	1111111 0 1111111 0	10111111 10111111	5 8	0.8015 0.5817	3 5	0.7782 0.7404
Green (0,11111111,0)	1111111 1	11111111	3	0.8818	2	0.6052
Cyan (0,11111111, 11111111)	1111111 0 1111111 1	10111111 11111111	7 3	0.6196 0.8170	10 1	0.7297 0.6597
Red (11111111,0,0)	1111111 0	10111111	6	0.5055	6	0.5003
Blue (0,0, 11111111)	1111111 0	10111111	8	0.5239	10	2.1471
Red (11111111,0,0)	1111111 0	10111111	1	0.7926	2	0.9372

Table 2. Simulation Parameters

Transmitted packet(kbp/s)	Binary	Network size
65	01000001	3
132	10000100	16
82	01010010	18
35	00100011	9
146	10010010	5
104	10101100	15
66	01000010	2
93	01011101	14
97	01100001	7
78	01001110	15
64	01000001	11
13	00001101	21
90	01011010	18
40	00101000	24
18	00010010	11
61	00111101	6
42	00101010	3
2	00000010	23
88	01011000	6
44	00101100	12

Table 3. Precision Results for the Transmitted Packets

Packet Size (kbp/s)	Network size	т T p (stegno)	т T p (transposed)	T N (stegno)	T N (transposed)	P(%) ( SANFA )	P(%) ( transpose SANFA. )
65	3	2	0	6	8	25	0
132	16	8	8	0	0	100	100
82	8	8	8	0	0	100	100
35	9	8	8	0	0	100	100
146	5	7	8	1	0	87.5	100
104	15	8	8	0	0	100	100
66	2	0	0	8	8	0	0
93	14	8	8	0	0	100	100
97	7	8	8	0	0	100	100
78	15	8	8	0	0	100	100
64	11	8	8	8	0	100	100
13	21	7	8	8	0	87.5	100
90	18	8	8	8	0	100	100
40	24	8	7	6	1	100	75
18	11	8	8	8	0	100	100
61	6	8	8	7	0	100	100
42	3	0	2	2	6	0	25
2	23	8	7	7	1	100	87.5
88	6	8	8	8	0	100	100
44	12	8	8	8	0	100	100

Network size

Fig.2. Convergence Time for Transmitting Packets