Node Attacks Research Articles

Clone Node Detection Attacks and Mitigation Mechanisms in Static Wireless Sensor Networks

The development of the wireless sensor networks technology commonly named WSNs has been gaining a significantly increased amount of attention from researchers over the last few decades. Its large number of sensor nodes is one of the features that makes it beneficial to the technology. The sensors can communicate with each other to form a network. These sensor nodes are generally used for diverse applications, such as pressure monitoring, fire detection, target tracking, and health monitoring, etc. However, the downside is that WSNs are often deployed in hostile, critical environments where they do not restrain physical access. This reality makes them incredibly vulnerable to clone node attacks or node replication attacks. The adversary can capture the legitimate sensor nodes, extract them and then collect some sensitive information, such as node ID, keys and perform a replication attack. This possibility will afterward facilitate the attacker to be able to take control of the whole network and execute the same functions as that of the authorized nodes. Based on this vulnerability, it is of great importance for researchers to invent a detection protocol for the clone attacks as well as a mitigation method. From all of the researches that have been published, a lot of them proposed some techniques to detect the clone node attacks and also to mitigate the attacks. However, almost none of them semantically focused on the security layer establishment. Based on this fact, we proposed an ontology-based approach Ontology for Replication Attacks in Static Wireless Sensor Networks “ORASWSN”, which can semantically be used for the detection and mitigation of the attacks by taking into consideration the importance of using security layers.

k , l -Anonymity in Wheel-Related Social Graphs Measured on the Base of k -Metric Antidimension

For the study and valuation of social graphs, which affect an extensive range of applications such as community decision-making support and recommender systems, it is highly recommended to sustain the resistance of a social graph G to active attacks. In this regard, a novel privacy measure, called the k , l -anonymity, is used since the last few years on the base of k -metric antidimension of G in which l is the maximum number of attacker nodes defining the k -metric antidimension of G for the smallest positive integer k . The k -metric antidimension of G is the smallest number of attacker nodes less than or equal to l such that other k nodes in G cannot be uniquely identified by the attacker nodes. In this paper, we consider four families of wheel-related social graphs, namely, Jahangir graphs, helm graphs, flower graphs, and sunflower graphs. By determining their k -metric antidimension, we prove that each social graph of these families is the maximum degree metric antidimensional, where the degree of a vertex is the number of vertices linked with that vertex.

Robustness evaluation of the air cargo network considering node importance and attack cost

With the rapid development of e-commerce and express industry, the air cargo network has become an important infrastructure. How to ensure the network robustness is of great importance for its operational safety. However, few robustness researches considered the attack cost. Furthermore, the traditional degree indexes are disabled to represent the node importance comprehensively. To solve these problems, considering the topological structure, industry characteristics, and the directionality of the air cargo network simultaneously, we propose a novel node importance evaluation method based on the TOPSIS method to better measure the attack cost. Then, an optimal attack strategy model considering attack cost constraints is proposed to achieve better effects. In order to verify the effectiveness of the proposed method, a real case study of China's air cargo network in 2017 is carried out. The results show that the proposed node importance index can better represent the node importance than the traditional degree indexes. Besides, the optimal attack strategy will change according to different attack budgets and the importance which defenders attach to the critical nodes, and the proposed optimal attack strategy model can achieve a higher attack effect than other strategies.

MIF: A multi-step attack scenario reconstruction and attack chains extraction method based on multi-information fusion

Most attacks on the Internet are progressive attacks and exploit multiple nodes. Traditional Intrusion Detection Systems (IDS) cannot detect the original attack node, making it difficult to block the attack at its source. This paper focuses on using IDS’ alerts corresponding to abnormal traffic to correlate attacks detected by the IDS, reconstruct multi-step attack scenarios and discover attack chains. Due to many false positives in the information provided by IDS, accurate reconstruction of the attack scenario and extraction of the most critical attack chain is challenging. Therefore, we propose a method to reconstruct multi-step attack scenarios in the network based on multiple information fusion of attack time, risk assessment and attack node information. First, we propose a Convolution and Agent Decision Tree Network (CTnet), a convolutional neural network that evaluates the attacks detected by the IDS and gives an alert with an attack risk assessment. Then, we reconstruct the weighted attack scenario by applying Graph-based Fusion Module (GM) on the captured attacks’ risk assessment and time information. Finally, we extract the high-risk attack chain by Depth First Search with Time and Weight (TW-DFS) algorithm. The experimental results show that the proposed method can accurately reconstruct multi-step attack scenarios and trace them back to the original host. It can help administrators to deploy security measures more effectively to ensure the overall security of the network.

ML Based Intrusion Detection Scheme for various types of attacks in a WSN using C4.5 and CART classifiers

A key component for preserving a WSN’s integrity is designing an intrusion detection system (IDS). This article covers several sorts of security threats that may occur in a WSN. It proposes a detection of malicious nodes in a WSN. This system identifies four common assaults (i.e., black hole, wormhole, gray hole, and DDoS attacks) and is based on a Base Station machine learning (ML) algorithm (BS). The suggested ML algorithm continually analyzes data patterns from each node. Based on this technique, BS recognizes the network’s harmful behavior and provides notifications to neighbor nodes to prevent attacker. First, the various assaults are examined and their characteristics are derived in terms of network parameters. Furthermore, the gathered pattern trains an ML algorithm. Then, the attacker node is effectively and properly classified within the BS. The NS2 simulator simulated the needed secure WSN. The experimental findings revealed excellent accuracy of the suggested method for attack detection. This precision can enhance network performance in terms of energy usage and packet delivery (PDR).

I-CIFA: An improved collusive interest flooding attack in named data networking

Named Data Network (NDN) as a new network architecture, in recent years become a hot research, its security has been widespread concern. With the continuous updating of distributed denial of service (DDoS) attack methods in NDN networks, this article designs a new type of attack, called the Improved Collusive Flooding Attack (I-CIFA). I-CIFA attack combines the advantages of mainstream DDoS attack in NDN network, and is an attack method generated by low-rate DDoS attack and the cooperation of collusive producer. On the basis of the existing DDoS attack, the I-CIFA attack further improves the ability to destroy the network and the ability to resist the existing defense scheme. I-CIFA is designed on the basis of CIFA by improving the attack nodes and so on. In addition to redefining and configuring the attack parameters, improvements were also made in two aspects. First, the probing mode to probe the pending interest table (PIT) capacity of the routing nodes was added before attack started. Second, the way in which each attacker requests a packet from the collusive producer in each attack cycle has been further improved. Test results show that I-CIFA can cause 87.5% of the legitimate interest packets in the whole network to be discarded, and it is not only has a strong attack range on the network, but it is also difficult to be detected by existing CIFA-countermeasures.

Exploring the Characteristics of High-Speed Rail and Air Transportation Networks in China: A Weighted Network Approach

This study explores the characteristics of high-speed rail (HSR) and air transportation networks in China based on the weighted complex network approach. Previous related studies have largely implemented unweighted (binary) network analysis, or have constructed a weighted network, limited by unweighted centrality measures. This study applies weighted centrality measures (mean association [MA], triangle betweenness centrality [TBC], and weighted harmonic centrality [WHC]) to represent traffic dynamics in HSR and air transportation weighted networks, where nodes represent cities and links represent passenger traffic. The spatial distribution of centrality results is visualized by using ArcGIS 10.2. Moreover, we analyze the network robustness of HSR, air transportation, and multimodal networks by measuring weighted efficiency (WE) subjected to the highest weighted centrality node attacks. In the HSR network, centrality results show that cities with a higher MA are concentrated in the Yangtze River Delta and the Pearl River Delta; cities with a higher TBC are mostly provincial capitals or regional centers; and cities with a higher WHC are grouped in eastern and central regions. Furthermore, spatial differentiation of centrality results is found between HSR and air transportation networks. There is a little bit of difference in eastern cities; cities in the central region have complementary roles in HSR and air transportation networks, but air transport is still dominant in western cities. The robustness analysis results show that the multimodal network, which includes both airports and high-speed rail stations, has the best connectivity and shows robustness.

Mobile Wireless Sensor Networks: A Framework Based Solution for Physical Security Attacks

Mobile wireless sensor networks are made up of resource-constrained sensor nodes.The nodes in Mobile wireless sensor networks tend to move wirelessly from one location to another. In physically unattended and insecure areas, these networks are installed where they are vulnerable to numerous security threats, including physical security threats.Clone node attack is a physical attack in which the adversary physically compromises legitimate nodes and copies their data onto fake nodes to create clones of captured nodes. In static wireless sensor networks, comprehensive work isalready done to mitigate and detect the underlying attack. Mitigating and detecting this assault on mobile wireless sensor networks, however, remains a critical issue. To our knowledge, there is no framework-based method for bolstering multiple attacks onmobile wireless sensor networks.Consequently, this article proposes a framework-based approach that mitigates multiple attacks on mobile WSNs. To provide proof-of-concept for the framework, along with clone node attacks solution to jamming attacks is alsoincorporated in the framework. The implementation of the framework is done with the COOJA simulator and Contiki OS.

Robustness of Air Transportation as Complex Networks:Systematic Review of 15 Years of Research and Outlook into the Future

Air transportation systems are an important part of the critical infrastructure in our connected world. Accordingly, a better understanding and improvements in the resilience of the overall air transportation system are essential to the well-functioning of our society and overall sustainability of human beings. In the literature, network science is increasingly used to better understand the resilience dynamics of air transportation. Given the wide application of tools for network science and the importance of designing resilient air transportation systems, a rich body of studies has emerged in recent years. This review paper synthesizes the related literature that has been published throughout the last 15 years regarding the robustness of air transportation systems. The contributions of this work consist of two major elements. The first part provides a comprehensive discussion and cross-comparison of the reported results. We cover several major topics, including node importance identification, failure versus attack profiles, recovery and improvement techniques, and networks of networks approaches. The second part of this paper complements the review of aggregated findings by elaborating on a future agenda for robust air transportation research. Our survey-style overview hopefully contributes toward a better understanding of the state of the art in this research area, and, in turn, to the improvement of future air transportation resilience and sustainability.

MOpt Shield: An Intrusion Detection System based on Meld Optimization Algorithm to mitigate Amalgam Attacks

Background/Objectives: To mitigate network from amalgam attacks, this study is focussed on designing an efficient approach that can prevent the networks from intruders and secure the communication. Methods: A crossbreed approach, named ‘MOpt Shield,’ is proposed in this study. This proposed protocol utilizes the efficacy of the existing Cuckoo Search and Firefly Optimization Algorithm on basic AODV protocol along with the promising factors of the Intrusion Detection System. The proposed protocol is simulated using an NS-2 simulator with two different simulation scenarios, and PDR, Throughput, PLR, and Delay parameters are considered performance measures for the same. Findings: The proposed protocol finds the best selected nodes for communication and prepare separate list for the doubted nodes which further analyzed for attacker or non-attacker nodes. This will help to identify the best path with high energy and other capabilities for the efficient transmission of data. The performance of this proposed protocol is analyzed under 5 attacker nodes in which 2 are blackhole and 3 are DoS attacker nodes. For simulation, the scenario includes minimum 5 connections and maximum 25 connections between the 50 nodes with CBR traffic and 20m/s speed. The evaluated results show the astounding performance of the proposed protocol over the other existed protocols in terms of PDR, Throughput and Delay, and hence it reveals its capabilities. Novelty/Applications: The proposed protocol effectively handles the amalgam attacks and its novelty lie in its features of hybrid optimization and intrusion detection approach to find the route of transmission and the trusty nodes. Keywords MOpt Shield, Crossbreed, Cuckoo Search, Firefly Algorithm, Amalgam Attacks, Blackhole, DDoS, NS­2 simulator

A Secure Protocol against Selfish and Pollution Attacker Misbehavior in Clustered WSNs

Wireless sensor networks (WSNs) have been widely used for applications in numerous fields. One of the main challenges is the limited energy resources when designing secure routing in such networks. Hierarchical organization of nodes in the network can make efficient use of their resources. In this case, a subset of nodes, the cluster heads (CHs), is entrusted with transmitting messages from cluster nodes to the base station (BS). However, the existence of selfish or pollution attacker nodes in the network causes data transmission failure and damages the network availability and integrity. Mainly, when critical nodes like CH nodes misbehave by refusing to forward data to the BS, by modifying data in transit or by injecting polluted data, the whole network becomes defective. This paper presents a secure protocol against selfish and pollution attacker misbehavior in clustered WSNs, known as (SSP). It aims to thwart both selfish and pollution attacker misbehaviors, the former being a form of a Denial of Service (DoS) attack. In addition, it maintains a level of confidentiality against eavesdroppers. Based on a random linear network coding (NC) technique, the protocol uses pre-loaded matrices within sensor nodes to conceive a larger number of new packets from a set of initial data packets, thus creating data redundancy. Then, it transmits them through separate paths to the BS. Furthermore, it detects misbehaving nodes among CHs and executes a punishment mechanism using a control counter. The security analysis and simulation results demonstrate that the proposed solution is not only capable of preventing and detecting DoS attacks as well as pollution attacks, but can also maintain scalable and stable routing for large networks. The protocol means 100% of messages are successfully recovered and received at the BS when the percentage of lost packets is around 20%. Moreover, when the number of misbehaving nodes executing pollution attacks reaches a certain threshold, SSP scores a reception rate of correctly reconstructed messages equal to 100%. If the SSP protocol is not applied, the rate of reception of correctly reconstructed messages is reduced by 90% at the same case.

A REVIEW OF DIFFERENT TECHNIQUES WHILE TRUST NODE ESTIMATION IN A HIERARCHICAL WIRELESS SENSOR NETWORKS

When we considered a wireless sensors network, the safety measures have been create depending on non-realistic trusted environment. Some malicious sensor nodes may illegally drop the data packets and disturb network communication. Hence, internal networks attacks of malicious nodes becoming a challenging research topic under on its trust and security solutions for WSN. After analysing the trust mechanism schemes for wireless sensor networks, it has been found that there are different trust mechanism schemes are present. Every scheme has several advantages for finding a better path for source to destination node. In this paper, a review on different trust estimation schemes in WSNs is carried out which are classified.

A mutual information based federated learning framework for edge computing networks

With the application of artificial intelligence in all field of life, people pay more attention to user privacy and data security. Under the condition of protecting user privacy, the federated learning model has become a popular research technology to solve the data islands problems. The edge computing network can be applied to smart city, Internet of vehicles and so on. Federated learning is a framework in which multiple hosts jointly learn a machine learning model. Each work device maintains the local model of its local training dataset, while the master device maintains the global model by aggregating the local models from the work devices. However, it cannot ensure that every local work device is an honest user because of a phenomenon that the hosts has been operated by attacker interferes in the process of local model training. In this paper, we assume that malicious nodes upload unreal learning parameters in the federated learning framework, which the global model will have high error rate. We propose a federated learning parameter aggregating algorithm based on mutual information. We introduced the relevance of model training learning rate to determine the consistency of the training direction of the local and central models at coarse granularity. We aggregated the parameters of the models at fine granularity based on the correlation of the gradients based on the mutual information. The mutual information method is used to calculate the similarity of the gradient trend between the local training model and overall model. We set the trust weight of each work device to reduce the negative impact of malicious nodes. The evaluation results show that the classification accuracy of the MIFL model is improved as compared with the average federated learning without malicious node. Especially, in the case of existing malicious nodes, the proposed algorithm can defend against malicious node attacks and sustain the robustness of Federated learning.

RETRACTED: Vulnerability analysis of road network for dangerous goods transportation considering intentional attack: Based on Cellular Automata

• The vulnerability of RNDGT under cascading failure considering intentional attack is analyzed. • The time characteristics of load distribution and node recovery ability are considered. • AD, BD, CD, DD, TD and SLD are selected to study the load re-distribution. • DA, BA and TA are selected to study the vulnerability. • CA based cascading failure model is established. The vulnerability of road network for dangerous goods transportation (RNDGT) under cascading failure considering intentional attack is analyzed. We introduce the time characteristics of load distribution and node recovery ability into previous cascading failure model, subdivide the state of failed node into normal state, partial failure state and complete failure state. Six traffic load distribution strategies including Average Distribution (AD), Betweenness Distribution (BD), Capacity Distribution (CD), Degree Distribution (DD), Tightness Distribution (TD) and Surplus Load Distribution (SLD) are selected to study the load re-distribution of failed nodes. In addition, three kinds of intentional node attack strategies including Degree Attack (DA), Betweenness Attack (BA) and Tightness Attack (TA) are selected to study the impact on the vulnerability. By referring the application of cellular automata applied in epidemic spreading field, we establish a new cascading failure model of RNDGT. The improved maximum connectivity and node failure rate based on node degree are applied to analyze the vulnerability. A case study is conducted by using the RNDGT of Dalian as the background. The previous Motter-Lai model (M-L) is applied as the comparison approach. TA strategy has the least impact on increasing network vulnerability, SLD strategy is the best to reduce network vulnerability.

Kriging Regressive Pseudo Randomized Lamport Certificateless Signcryption based Replication Attack Detection for Secure Routing in WSN

A Wireless Sensor Network (WSN) includes small, low-cost, and resource-constrained sensor nodes to perform monitoring. Each node is free to move and susceptible to various attacks. Therefore, WSNs have huge attention to communication security. Identifying and monitoring attack node is complex in distributed network and creates node replication attacks in WSN. In order to improve secure routing, a novel technique called Kriging Regressive Attack Detection based Pseudo Randomized Lamport Certificateless Signcryptive Secure Routing (KRAD-PRLCSSR) is proposed. KRAD-PRLCSSR enhances the secure routing by detecting the replication attack in WSN. Initially, the neighbor discovery is performed using the Kriging Regression function. Energy of every sensor node is calculated and validates with threshold value. Based on estimated results, normal node or replica node is identified. Then the normal node is chosen as neighboring node. After that, secure transmission is performed using Pseudo Randomized Lamport one-time Generative Certificateless Signcryption. By applying the signcryption technique, Pseudo Randomized private and public keys are generated for each sensor node. After the key generation, the source node performs the encryption as well as a digital signature. The encrypted data and signature are sent to receiver. Finally, signature is verified at the receiver side to decrypt the data. This helps to increase the security of routing in WSN. The simulation analysis of KRAD-PRLCSSR technique is performed with the different metrics.

Dynamic Forest of Random Subsets‐based supervised hash signature scheme for secure user authentication in smart home environment

SummaryThe advent of information and communication technology has revolutionized the application of smart home through which the residents remotely establish superior control over the smart devices. The users and the smart devices interact over an insecure communication channel that may help an illegitimate user to gain access on the data disseminated by the smart devices, resulting in high exploiting attacks like privileged insider attack, smart device and gateway node impersonation attack, and smart node capture attack in the smart home. Thus, a secure remote authentication scheme that permits only legitimate users to gain access to the smart devices based on supervised learning becomes essential. In this article, Dynamic Forest of Random Subsets‐based supervised hash signature (DFORS‐SHS) scheme is proposed for robust user authentication in smart homes. This proposed DFORS‐SHS scheme concurrently performs the signed generation of random subsets such that each element of a signature is used for the generation of successive random subset elements for authentication. It utilized the strength of revealed secret keys through chaining approach that bundles the random subset generation and signature. This supervised learning approach only permits the signer of the original message to potentially generate a random subset and prevents the malicious intruder from gaining the access of the smart devices. The formal verification and the security investigation of the proposed DFORS‐SHS scheme are conducted using the Burrows‐Abadi‐Needham (BAN) and AVIPSA toolkit for determining communication cost, communication time, computation time, and energy consumptions incurred during the authentication process. It can be stated that, the communication cost and storage costs of the proposed DFORS‐SHS scheme was also identified to be comparatively minimized than the baseline smart home authentication schemes.

Attack Prediction By Using Greedy Algorithm For Diminishing The Drop And Delay In Wireless Sensor Networks

The essential constraint of the internet is that forwarding the data packets of data among the restricted and trustworthy data nodes. If the receiver node is attacker node then it'll drop the data rather than forwarding the data to ensuing neighbor node. Therefore, efficient and secure data transmission is extremely necessary within the network data transmission. Each router node within the network can accept the data packets up to its buffer size only. Once the queue value reached the buffer threshold value then congestion can occur at the node. Once congestion happens then it would lose the data packets. By sending the data packets to the next neighbour node this problem will be resolved. This congestion will be handled by the Fully Distributed Congestion Control FDCC and Cooperative and Memory Efficient Token Bucket (CMTB) algorithms. Because the data is transmitted to the next neighbour node predicting the node behavior is extremely necessary because it is an attacker or the conventional transmitter node because it has to transmit the efficient data securely to the destination node. In this paper, the node behavior will be predicted by analyzing the trace file. The simulation results show that this proposed method would provide a lot of security in data transmission. The WSN comprises a group of sensor nodes that are disseminated on the network. These sensor nodes initially exchange their data packets to the near nodes to send the data packets to the target node. During the transmission of these data packets some data packets drop may also happen inside the network. This packet drop should be kept up as low as feasible for correct data transmission to the target node or destination node. This algorithm highlights the routes with high link quality, low packet delay and with low packet drop. Simulation results show that this proposed algorithm can provide the most effective path for transmitting the data to the destination meanwhile it reduces the packet drop and packet delay.

A Review of the cluster based Mobile Adhoc Network Intrusion Detection System

The Mobile Ad-hoc Network is decentralized and consisting of numerous different communication devices. Its distributed design and lack of infrastructure are the means of numerous network assaults. For personal computer users, companies, and the military, network security has become more important. Safety becomes a significant issue with the rise of the internet, and the past of security enables a better understanding of the evolution of security technology. Via the audit and monitoring phase, the implementation of Intrusion Detection Systems (IDS) in ad-hoc node securities was improved. This framework is made up of clustering protocols that are extremely efficient in finding intrusions with low resource and overhead computing costs. Current protocols have been related to routes that are not popular in intrusion detection. The cluster is barely impacted by the weak road layout and route renewal. The cluster is unpredictable and results in processing maximization together with network traffic. In general, battery-based ad hoc networks are organized and dependent on power constraints. To detect and react rapidly against intrusions, an active monitoring node is required. Only if the clusters are strong and extensive maintaining capabilities can it be accomplished. The routes also shift as the cluster shifts and it would not be feasible to prominently process the achievement of intrusion detection. This raises the need for a better clustering algorithm that addresses these disadvantages and guarantees the protection of the network in any way. A powerful clustering algorithm that is ahead of the current routing protocol is the cluster-based Intrusion Detection Method. Regardless of routes that perfectly track the intrusion, it is permanent. This streamlined technique of clustering achieves strong intrusion detection speeds with low processing as well as memory overhead. It also overcomes the other limitations of traffic, connections, and node mobility on the network, regardless of the routes. In detecting the attack or malicious node, the individual nodes in the network are not active.

NISA: Node Identification and Spoofing Attack Detection Based on Clock Features and Radio Information for Wireless Sensor Networks

Node identification based on unique hardware features like clock skews has been considered an efficient technique in wireless sensor networks (WSNs). Spoofing attacks imitating unique hardware features, however, could significantly impair or break down conventional clock-skew-based node identification due to exposed clock information through broadcasting. To defend against Spoofing attacks, we propose a new node identification scheme called <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">node identification against Spoofing attack</i> (NISA). It utilizes the reverse time synchronization framework, where sensor nodes’ clock skews are estimated at the head of a WSN, and the spatially-correlated radio link information to achieve simultaneous node identification and attack detection. We further provide centralized and distributed NISA for covering both single-hop and multi-hop scenarios, the former of which employs a single-input and multiple-output convolutional neural network. With a real WSN testbed consisting of TelosB sensor nodes running TinyOS, we investigate the identifiability of clock skews under temperature and voltage variations and evaluate the performance of both centralized and distributed NISA. Experimental results demonstrate that both centralized and distributed NISA could provide accurate node identification and Spoofing attack detection.

Robustness evaluation for real traffic network from complex network perspective

Robustness is a critical characteristic of ubiquitous real networked systems which are often very vulnerable to the random failures or targeted attacks. In this work, we aim to evaluate the robustness of a traffic network which is constructed from real trajectory data. First, we divide a city into grids which are considered as nodes and a link is established if there is at least one taxi dispatch order from one grid to another. Second, we propose two categories of attack strategies: node attacks (e.g. random node failure, and degree, in-degree, out-degree, closeness, clustering coefficient, PageRank-based targeted attacks) and link attacks (e.g. random link failure and link weight, link degree, link betweenness-based targeted attacks). Third, we suppose all elements (i.e. node or link) are simultaneously or iteratively removed, and evaluate the network robustness by employing the relative size of the giant components, average clustering coefficient and average shortest path length. The results show that the degree-based targeted attacks are the most destructive among all attacks, and no matter node or link, the betweenness-based attack is the most effective method to be beneficial to the target index. Moreover, most methods with recalculations take priority over the ones without recalculations.