Node Attacks Research Articles

Research on Collaborative Positioning Algorithm of Wireless Sensor Network Security Under Strong Topology Relation

In the monitoring area, nodes collaboratively collect various types of critical information about the target object, including temperature, humidity, and stress, and relay this data to users. This study evaluates a scenario with 100 summary points and a communication radius of 20 meters, progressively increasing the number of attack nodes from 0 to 4. Despite the effectiveness of existing security positioning algorithms in mitigating attacks, their substantial network resource consumption remains a challenge. This paper introduces a novel security positioning method designed to tolerate three distinct types of attacks. This approach identifies attack nodes by examining the physical attributes of each node. Analysis indicates that the average positioning error for the witch attack algorithm increases sharply as the number of virtual nodes rises, reaching approximately 80% when four attack nodes are present. Over 1,000 rounds of network observation, node survival rates were documented, starting with an initial pool of 100 nodes. Comparative results reveal that the key-out algorithm begins to experience node failures around the 600th round, with complete node depletion by the 700th round. The MPRP-RSSI algorithm, on the other hand, starts showing failures around the 900th round. By contrast, the proposed algorithm exhibits enhanced robustness, maintaining node stability throughout the entire monitoring period. The enhanced RSSI-based positioning algorithm, which is resilient against replication attacks, applies constraints on communication ranges and enforces unique messaging protocols to regulate node interactions, effectively reducing replication threats.

The triangular structure beyond pairwise interactions affects the robustness of the world trade networks.

Unlike hollow triangles formed through pairwise interactions, a filled triangle or two-simplex comprises three nodes that form a group and represent the most fundamental higher-order interaction. To analyze the effects of higher-order triangles on the robustness of world trade networks, we integrate multilateral regional trade agreements and import-export world trade data to construct two-simplex higher-order trade networks. The topological characteristics indicate a significant growth in the scale and complexity of trade networks over time, with a notable decline in 2020. Then, we introduce node attack strategies designed to simulate scenarios where the key countries or regions withdraw from the trade network. It is revealed that network robustness has improved along with size and complexity, although it diminished in 2020. To further explore the factors influencing the changes in network robustness, we generate higher-order synthetic trade networks based on the random simplicial complex (RSC) model and the scale-free simplicial complex (SFSC) model. The synthetic trade networks demonstrate that increasing the average degree enhances robustness, while merely increasing the number of nodes or filled triangles can weaken it. Additionally, scale-free higher-order networks exhibit lower robustness due to vulnerability of the hub nodes, in contrast to the higher resilience of random simplicial complexes. These insights emphasize the importance of fostering multilateral interactions and strengthening ties for network robustness.

Hybrid Reliable Clustering Algorithm with Heterogeneous Traffic Routing for Wireless Sensor Networks.

Wireless sensor networks (WSNs) are vulnerable to several challenges. Congestion control, the utilization of trust to ensure security, and the incorporation of clustering schemes demand much attention. Algorithms designed to deal with congestion control fail to ensure security and address challenges faced due to congestion in the network. To resolve this issue, a Hybrid Trust-based Congestion-aware Cluster Routing (HTCCR) protocol is proposed to effectively detect attacker nodes and reduce congestion via optimal routing through clustering. In the proposed HTCCR protocol, node probability is determined based on the trust factor, queue congestion status, residual energy (RE), and distance from the mobile base station (BS) by using hybrid K-Harmonic Means (KHM) and the Enhanced Gravitational Search Algorithm (EGSA). Sensor nodes select cluster heads (CHs) with better fitness values and transmit data through them. The CH forwards data to a mobile sink once the sink comes into the range of CH. Priority-based data delivery is incorporated to effectively control packet forwarding based on priority level, thus decreasing congestion. It is evident that the propounded HTCCR protocol offers better performance in contrast to the benchmarked TBSEER, CTRF, and TAGA based on the average delay, packet delivery ratio (PDR), throughput, detection ratio, packet loss ratio (PLR), overheads, and energy through simulations. The proposed HTCCR protocol involves 2.5, 2.3, and 1.7 times less delay; an 18.1%, 12.5%, and 5.5% better detection ratio; 2.9, 2.6, and 1.8 times less energy; a 2.2, 1.9, and 1.5 times lower PLR; a 14.5%, 10.5%, and 5.2% better PDR; a 30.7%, 28.5%, and 18.4% better throughput; and 2.27, 1.91, and 1.66 times lower routing overheads in contrast to the TBSEER, CTRF, and TAGA protocols, respectively. The HTCCR protocol involves 4.1% less delay for the 'C1' and 'C2' RT packets, and the average throughput of RT is 10.4% better when compared with NRT.

CANGuard: An Enhanced Approach to the Detection of Anomalies in CAN-Enabled Vehicles

As modern vehicles continue to evolve, advanced technologies are integrated to enhance the driving experience. A key enabler of this advancement is the Controller Area Network (CAN) bus, which facilitates seamless communication between vehicle components. Despite its widespread adoption, the CAN bus was not designed with security as a priority, making it vulnerable to various attacks. In this paper, we propose CANGuard, an Intrusion Detection System (IDS) designed to detect attacks on the CAN network and identify the originating node in real time. Using a simulated CAN-enabled system with four nodes representing diverse vehicle components, we generated a dataset featuring Denial-of-Service (DoS) attacks by exploiting the arbitration feature of the CAN bus, which prioritizes high-criticality messages (e.g., engine control) over lower-criticality ones (e.g., infotainment). We trained and evaluated several machine learning models for their ability to detect attacks and pinpoint the responsible node. Results indicate that Gradient Boosting outperformed other models, achieving high accuracy in both attack detection and node identification. While the Multi-Layer Perceptron (MLP) model demonstrated strong attack detection performance, it struggled with node identification, achieving less than 50% accuracy. These findings underscore the potential of tree-based models for real-time IDS applications in CAN-enabled vehicles.

Attack-Oblivious Node Protection Strategy for survivable routing in airborne tactical networks under uncertainty

Abstract Airborne tactical networks are complex networks that connect various aircraft platforms via datalink systems. In the fierce battlefield, airborne tactical networks are under the risk of hostile node attack, causing route failures and packet losses. Reliable communication in airborne tactical networks is thus calling for an efficient node protection scheme design for routing strategies. Due to the inherent uncertainty of war, the enemy’s node attack is unpredictable, making it intractable to select the optimal node set to deploy defense countermeasures under limited resource. To hedge against such uncertainty, we propose an Attack-Oblivious Node Protection Strategy (AONPS) for survivable routing in airborne tactical networks. Through a crafty-designed randomized algorithm, AONPS can select an appropriate node set to protect. Both theoretical derivation and simulation experiments demonstrate that the proposed AONPS can significantly enhance routing survival rate without accurate knowledge of the targeted attack nodes of the enemy, and achieve performance comparable to that of the ideal node protection strategy.

Evaluating the robustness of attributed dynamic bus-metro networks based on community reconstruction

Despite significant advances in applying complex network theory to analyze the robustness of public transport systems, one still cannot seamlessly incorporate complex topological structures into existing algorithms, network modelling remains inaccurate, and high-level features of public transport systems cannot be captured effectively. Moreover, the identification of community structures with dynamic transfer relationships between bus and metro systems requires well-designed formulas and sophisticated computer codes. This study aims to evaluate the robustness of bus-metro networks based on community reconstruction. Firstly, we constructed an attributed dynamic bus-metro network, considering the socio-economic environment of the public transport system and the dynamic transfer relationship between bus stops and metro stations. Secondly, we introduced the community reconstruction approach, proposed a robustness estimation model, and designed community-based strategies for node and edge attacks, which are ComNA and ComEA, respectively. Finally, taking a real-world bus-metro system in Xi'an as a case study, this research evaluates the system's robustness under various attack strategies and analyzes the impact of dynamic transfer relationships on robustness. The results reveal that: (1) The performance of public transport networks exhibits varying trends under different attack strategies. Notably, the bus-metro network demonstrates enhanced robustness to random attacks compared to targeted attacks. (2) Community-based attack strategies are more effective than traditional methods in dismantling public transport networks. (3) Enhancing the transfer capacity at metro stations significantly improves the overall robustness of public transport systems. These results are of critical importance for improving the robustness of public transport systems.

Cyber attack detection in IOT-WSN devices with threat intelligence using hidden and connected layer based architectures

In this paper, cyber-attacks in IOT-WSN are detected through proposed optimized-Neural Network algorithms such as (i) Equilibrium Optimizer Neural Network (EO-NN), (ii) Particle Swarm Optimization (PSO-NN), (iii) Single Candidate Optimizer Neural Network (SCO-NN) and (iv) Single Candidate Optimizer Long Short-Term Memory (SCO-LSTM) with different connecting, hidden neural network layers and threat intelligence data. The proposed algorithms detect the attacker node, which frequently changes the behaviour such as attacker node/ normal node. Existing IDS system detects the attacks in WSN and unable to detect the changing behavior attacker nodes in IOT-WSN. The behaviour of attacker node changes from normal behaviour to attacker behaviour due to nodes connected to internet continuously. The classification accuracy rates of proposed SCO-LSTM algorithm without and with threat intelligence are about 99.7% and 99.89%, respectively.

Machine learning-based ERA model for detecting Sybil attacks on mobile ad hoc networks

Mobile ad hoc networks provide a substantial security threat because they lack central management and sufficient resources. These networks function autonomously without any central authority regulating the inclusion or removal of nodes. Nodes have the autonomy to choose when to join or quit. Dynamic multi-hop networks, either stationary or mobile, provide quick and simple access to data. Predicting the evolution of MANET can be challenging due to the network’s dispersion and self-organization, as well as its unpredictable and constantly changing topology. The independent organization of nodes in MANETs, coupled with their dispersion, may complicate the prediction of the network’s future growth due to its unstable and constantly changing structure. A Sybil attack, a deceptive tactic, involves a small number of individuals creating multiple counterfeit identities to gain dominance over a substantial portion of the system. To deceive legitimate users into believing that their system is utilizing their identities, the malicious attacker node adopts numerous identities. An attacker aims to gather a substantial number of node IDs, potentially generated at random, to appear and function as distinct nodes. Within the peer-to-peer overlay, the enemy can approach a single object or a group of objects by adopting different identities. Mobile ad hoc networks are intrinsically less secure than wired networks due to inherent security vulnerabilities and limited energy resources. To enhance detection accuracy, it is recommended to employ an ensemble regression arboretum model, which is a type of machine learning prediction model. This study proposes a machine learning-based method for detecting Sybil attacks in MANETs by collecting network metrics such as traffic characteristics, communication patterns, and node behaviors.

Enhanced lion swarm optimization and elliptic curve cryptography scheme for secure cluster head selection and malware detection in IoT-WSN

Wireless Sensor Networks present a significant issue for data routing because of the potential use of obtaining data from far locations with greater energy efficiency. Networks have become essential to modern concepts of the Internet of Things. The primary foundation for supporting diverse service-centric applications has continued to be the sensor node activity of both sensing phenomena in their local environs and relaying their results to centralized Base Stations. Malware detection and inadequate Cluster Heads node selection are issues with the current technology, resulting in a drastic decrease in the total Internet of Things-based performance of sensor networks. The paper proposes an Enhanced Lion Swarm Optimization (ELSO) and Elliptic Curve Cryptography (ECC) scheme for secure cluster head selection and malware detection in IoT-based Wireless Sensor Networks (WSNs). The paper includes network models, choice of Cluster Head (CH) and attack detection procedures. The proposed method chooses the Cluster Head with the best fitness function values, increasing data transmission speeds and energy efficiencies. Minimum Hop Detection has been implemented to provide the best routing paths against attack nodes. Security level for quick data transmissions via the Internet of Things using Wireless Sensor Networks strengthen sinkhole attacks and black hole nodes, which are successfully removed using this method. The proposed method integrates the use of Lion Swarm Optimization and Elliptic Curve Cryptography (ECC) enhances network security by ensuring secure data transmission and preventing unauthorized access, which is particularly important in IoT-WSN environments. The proposed method achieves less End delay, increased throughput of 93%, lower energy utilization of 4%, increased network lifetime of up to 96%, Packet Delivery Ratio of up to 98% and 97% of malicious node detection efficiently compared to existing methods.

Resilient Cruise Control of Heterogeneous Platoons Against Byzantine Attacks: Theory and Experiment.

This article studies the problem of the resilient cruise control in heterogeneous vehicle platoons against f -local Byzantine attacks (BAs). Agents under BAs become traitors of the swarm, who try to mislead its neighbors while adopting wrong inputs. Thus, BAs are extremely challenging to be suppressed. This study introduces a novel hierarchical protocol characterized by a virtual twin layer (TL), motivated by the rationale of digital twin. This protocol separates the defense scheme against f -local BAs into two parts: one defense scheme against Byzantine edge attacks (BEAs) via the TL and another scheme against Byzantine node attacks (BNAs) via the cyber-physical layer (CPL). The TL employs a trusted-edge strategy, enhancing the network resilience by incorporating a minimal fraction of the key edges. It is rigorously proven that a TL topology meeting strong (2f+1) -robustness is sufficient for achieving distributed resilient estimation against BEAs. On the CPL, a series of decentralized chattering-free controllers is proposed, guaranteeing the resilient cruise tracking of heterogeneous platoons against exponentially unbounded BNAs. Besides, these controllers can achieve uniformly ultimately bounded convergence. The theoretical results' effectiveness and practicality are validated through a numerical simulation example and an unmanned ground vehicle experiment involving heterogeneous platoons against f -local BAs.

FuzzAGG: A Fuzzing-Driven Attack Graph Generation Framework for Industrial Robot Systems

FuzzAGG: A Fuzzing-Driven Attack Graph Generation Framework for Industrial Robot Systems

Missing Data Imputation Based on Causal Inference to Enhance Advanced Persistent Threat Attack Prediction

With the continuous development of network security situations, the types of attacks increase sharply, but can be divided into symmetric attacks and asymmetric attacks. Symmetric attacks such as phishing and DDoS attacks exploit fixed patterns, resulting in system crashes and data breaches that cause losses to businesses. Asymmetric attacks such as Advanced Persistent Threat (APT), a highly sophisticated and organized form of cyber attack, because of its concealment and complexity, realize data theft through long-term latency and pose a greater threat to organization security. In addition, there are challenges in the processing of missing data, especially in the application of symmetric and asymmetric data filling, the former is simple but not flexible, and the latter is complex and more suitable for highly complex attack scenarios. Since asymmetric attack research is particularly important, this paper proposes a method that combines causal discovery with graph autoencoder to solve missing data, classify potentially malicious nodes, and reveal causal relationships. The core is to use graphic autoencoders to learn the underlying causal structure of APT attacks, with a special focus on the complex causal relationships in asymmetric attacks. This causal knowledge is then applied to enhance the robustness of the model by compensating for data gaps. In the final phase, it also reveals causality, predicts and classifies potential APT attack nodes, and provides a comprehensive framework that not only predicts potential threats, but also provides insight into the logical sequence of the attacker’s actions.

Red Sea crisis impacts on maritime shipping networks

Red Sea crisis impacts on maritime shipping networks

Overload cascading failure detection algorithm for multi-layer supply chain network considering delay probability factor

At present, the supply chain is multi-layered and complicated, and its failure detection is based solely on the characteristic threshold, which does not lack the ability to describe the complex supply chain. An overload cascading failure detection algorithm for multi-layer supply chain network considering delay probability is proposed. Based on the multi-layer supply chain network including raw material suppliers, manufacturers, distributors and retailers, the overload cascading failure model of the multi-layer supply chain network is constructed through networking, and the overload cascading failure process of the multi-layer supply chain network is described through three aspects: initial load, node capacity and overload node load distribution. By monitoring and analyzing the status update messages of each node in the supply chain network, and considering the delay probability factor, the node and path that may lead to cascading failure are identified by predicting the delay probability of the next message through the historical message delay probability, and the overload cascading failure detection of the multi-layer supply chain network is realized. The experimental results show that the algorithm can effectively detect the failure of each overloaded enterprise node in the multi-layer supply chain network, which is helpful to enhance the early warning and response ability of the cascade failure of the supply chain network. The algorithm can realize the failure detection of supply chain network under different attack conditions and initial failure ratio of nodes, and measure the anti-risk ability of supply chain network. Under deliberate attack and when the initial attack node is a supplier network layer node, it has a greater impact on the multi-layer supply chain network.

A robust federated learning algorithm for partially trusted environments

A robust federated learning algorithm for partially trusted environments

Trust and security in wireless sensor networks: A literature review of approaches for malicious node detection

Wireless sensor networks (WSNs) are widely used in various fields such as environmental monitoring, healthcare, military applications, and smart cities. However, due to their decentralized nature, limited resources, and deployment in often hostile environments, WSNs are vulnerable to several security threats, especially malicious node attacks. Malicious nodes can disrupt network operations by dropping packets, injecting false data, or launching attacks such as sinkholes, wormholes, and Sybil attacks. To counter these threats, numerous malicious node detection methods have been proposed, ranging from trust-based models to anomaly detection techniques and clustering-based approaches. In parallel, the design of efficient routing protocols plays a critical role in ensuring energy-efficient and secure data transmission within the network. This review paper presents a comprehensive analysis of existing techniques for malicious node detection and efficient routing in WSNs

Denial-of-service attack (BH and PDA) effect analysis on AODV Routing Protocol with Random Mobility

Mobile ad hoc networks (MANETs) has received significant attention in the research domain of routing protocol as they provide security to transmit the data at the destination node. Mobile ad hoc networks do not have a fixed infrastructure, and nodes have random mobility due to this network topology changing dynamically and it vulnerable to external threats. Block hole and packet dropping are well-known network layer Denial of service attacks. during the route, discovery phase malicious nodes work normally and it became the shortest path to route the data and after that, it will drop all the data instead of transferring the data to the destination and in case of the packet dropping attack node drop the packet due to the elfishness of a node, Lack of energy resources, Bandwidth consumed by the attacker node, Overflow of the transmission queue, Misbehavior of a malicious node, it will drop the packet in the network. In this paper, we analyze the impact of both attacks on the AODV routing protocol in the random mobility environments with the different simulation parameters. DOI: https://doi.org/10.52783/pst.922

Modeling and Analysis of Public Transport Network in Hohhot Based on Complex Network

In the urban public transport network, the transfer of buses and subways provides convenience for residents to travel efficiently. But in actual operation, it is found that accidents, natural disasters, and other damage are inevitable. These sudden events may lead to route suspensions and service delays, ultimately resulting in network paralysis. In this paper, complex network theory is used to construct a weighted double-layer network model. Carrying capacity is considered the edge weight. The model analyzes the impact of these sudden events on network performance. It also conducts in-depth research on network structure and node importance. A collective influence (CI) algorithm is proposed as a centrality index to evaluate node importance. Based on the dynamic nature of the attacks, the network state is divided into initial network and current network. Taking Hohhot as an example, the results show that the network based on a CI algorithm node attack has the worst invulnerability. The network invulnerability based on an edge weight attack is better than that of edge betweenness. Compared with the current network, the invulnerability of the initial network is stronger. This indicates that ongoing changes and adaptations in the network may accelerate the decline in overall performance. At the same time, targeted interventions on key nodes and edges can enhance the network’s invulnerability. Planners can continuously monitor network performance to provide a basis for dynamic management and real-time adjustments. Additionally, effective information about critical routes to the public helps ensure the sustainable operation of the public transportation network.

Resilient Time-Varying Formation Tracking Control for General Linear Multiagent Systems With a Nonautonomous Leader and Adversarial Followers.

This article is concerned with resilient formation tracking problems for general linear multiagent systems, where the leader's control input is unavailable to all the followers and partial followers' behaviors are malicious due to the node attacks. Despite the presence of the nonautonomous leader and the adversarial followers, the remaining benign followers are still expected to track the leader's trajectory with the prescribed time-varying formation. To this end, a resilient scheme comprising an attack detection and isolation strategy and a formation tracking protocol is proposed. The detection strategy enables every benign follower to identify its adversarial neighbors with two-hop communication information, as long as the underlying topology meets given conditions. Then, the detected adversarial agents are directly removed to avoid the spread of their influence, which induces a new problem called node loss. To accommodate possible node loss events, the designed tracking protocol is independent of certain global knowledge, and its convergence is demonstrated by means of the impulsive Lyapunov functions. Finally, the proposed resilient scheme is verified by two simulation examples.

Detection model for network access data tampering attacks with blockchain technology

This paper studies the detection model of network access data tampering attack based on blockchain technology to solve the problem of over-dependence on central server and easy data tampering in traditional network environment. The model uses decentralization and encryption technology to monitor user behavior in real time through smart contracts, enhances data protection with SHA-256 hash algorithm, and combines consensus algorithm to ensure data consistency and security. The experimental results show that the model performs well in detecting multiple attack types with an accuracy of 99.51% and an F1 score of 0.98, far exceeding traditional methods and other deep learning techniques. The model shows good robustness under multi-node attacks, even with 200 attack nodes, the recognition accuracy is still close to 90%, and the response time is less than 3 seconds. Cross-platform testing showed that the model quickly and consistently detected tampering on both Ethereum and Hyperledger, with an average detection time between 0.33 and 0.47 seconds.The hardware acceleration test further shows that the processing speed and hardware utilization of TPU and GPU have been improved, with TPU processing speed reaching 135 MB/s and GPU 122 MB/s. This study will provide a theoretical basis for improving the security, effectiveness and reliability of current network systems, and also lay a solid theoretical and technical foundation for network applications in future network environments.