Intelligent Detection System Enabled Attack Probability Using Markov Chain in Aerial Networks

Khan, Inam Ullah; Abdollahi, Asrin; Alturki, Ryan; Alshehri, Mohammad Dahman; Ikram, Mohammed Abdulaziz; Alyamani, Hasan J.; Khan, Shahzad

doi:https://doi.org/10.1155/2021/1542657

Wireless Communications and Mobile Computing

On this page

Abstract Introduction Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Special Issue

Data Collection in Resource-Limited Networks (WSNs, IoT, Sensor Cloud)

View this Special Issue

Research Article | Open Access

Volume 2021 | Article ID 1542657 | https://doi.org/10.1155/2021/1542657

Intelligent Detection System Enabled Attack Probability Using Markov Chain in Aerial Networks

Inam Ullah Khan,¹Asrin Abdollahi,²Ryan Alturki,³Mohammad Dahman Alshehri,⁴Mohammed Abdulaziz Ikram,⁵Hasan J. Alyamani,⁶and Shahzad Khan⁷

Academic Editor: Ihsan Ali

Received13 Apr 2021

Accepted18 Aug 2021

Published09 Sept 2021

Abstract

The Internet of Things (IoT) plays an important role to connect people, data, processes, and things. From linked supply chains to big data produced by a large number of IoT devices to industrial control systems where cybersecurity has become a critical problem in IoT-powered systems. Denial of Service (DoS), distributed denial of service (DDoS), and ping of death attacks are significant threats to flying networks. This paper presents an intrusion detection system (IDS) based on attack probability using the Markov chain to detect flooding attacks. While the paper includes buffer queue length by using queuing theory concept to evaluate the network safety. Also, the network scenario will change due to the dynamic nature of flying vehicles. Simulation describes the queue length when the ground station is under attack. The proposed IDS utilizes the optimal threshold to make a tradeoff between false positive and false negative states with Markov binomial and Markov chain distribution stochastic models. However, at each time slot, the results demonstrate maintaining queue length in normal mode with less packet loss and high attack detection.

1. Introduction

Flying ad hoc networks have changed human life where wireless communication is utilized as a backbone technology. Flying networks have remote nodes that can switch along with all three directions [1]. The term “flying ad hoc network” represents a complex pattern of mobility with constantly changing physical structures [2].

Secure communication channels must be designed to improve connectivity within the network. Dealing with false data injection attacks, an intruder can take data during remote surgery, which can lead to the death of a patient. Also, in defense operations, aerial vehicles are used to trigger false data attacks in the surrounding environment, which causes very serious destruction [3]. However, the probability of Poisson distribution is used for the detection of ping of death attacks that secure data packets [4]. Several security attacks are recorded from 1982 till now in different industries. In 2014, a special type of attack occurred, which was later on called Trojan, where the main target was petroleum pipeline networks [5].

Detecting cybercrimes over the internet can be identified using an intrusion detection system by using different techniques and tools [6]. However, a swarm of drones can protect an entire IoT network [7]. Detection of security attacks is a major problem; this research study formulates the scenario on quadcopter using open-source software [8]. Therefore, a tree-based strategy can easily portray the moves of intruders/attackers; also, for risk evaluation, a game-theory scheme is used [9]. Every technology is just made to facilitate mankind; for this purpose, aerial vehicles can be used to safeguard women [10].

The proposed scheme is focused on reducing queue data packets in flying networks which is a tough task to tackle. The aim of this paper is to explore the IDS model and how it can be improved using a Markov chain approach. Using flying networks, the IDS architecture has been developed to reduce data packets in the queue at different stages. Figure 1 explains the concept of an intruder within an IoT network to demonstrate a practical scenario. The main contributions of this study include some important points, which are given below. (1)For the identification of security threats, an intrusion detection system is modeled(2)Denial-off-service, distributed denial of service, and ping of death attacks are simulated in flying vehicles(3)Markov chain distribution is used to enhance security countermeasures

The rest of the article is organized as follows. In Section 1, brief literature relevant to the problem is studied. The proposed scheme is elaborated in Section 3, followed by simulation results and theoretical analysis in Section 4. The future research directions and paper’s conclusion are given in Section 5.

2. Literature Survey

Every new technology is first used by military, later on, it becomes commercialized. However, in US, due to flying vehicles, some accidents take place, like if a drone comes in the way of airplane while landing. Apart from that, many other issues occur due to the technical fault in quadcopters or small UAV’s. As communication plays an important role but major issue in day-to-day life is to secure transmission links [11]. The demand of aerial vehicles is increasing on daily basis. In normal flying systems, there is the concept of pilot but drone is basically unmanned which makes them unsafe or unprotected [12]. The two popular areas like machine learning and software-define-networks can provide a pathway to address the challenges related to security in terms of internet of everything [13, 14].

Wireless vision (Wi-Vi) sensors are put in service for self-controlled flying vehicles [15]. The indoor scenario is very much mature using the wireless network; therefore, channel state information can give accurate data about location coordinates [16]. A novel framework is introduced, which has flying vehicle-enabled IoT using a 5G communication network. Human safety is the prime focus of every technology. In this context, if the flying drone having sensitive information is hijacked or attacked, it may result a big threat to the environment. Flying thing-based architecture is initiated which gives a solution mechanism for security and privacy to secure U2U communication [17]. Heuristic computational drone-based projects must be having pragmatic results in civil and military fields [18]. While working on false alarm threat, intrusion detection system can be utilized [4]. Furthermore, the classifications of DoS/D-DoS security threats are shown in Figure 2.

3. Intelligent Detection System (Proposed Scheme)

The proposed study is having physical topology with thirty drones () and one ground station. Two major scenarios are mentioned either “no attack” or “with attack.” Assuming that our internetwork is secure and there is no intruder inside the system. For this purpose, aerial vehicles send data packets having an average length which is cited as . Apart from that, aerial network modeling can be concluded for generating information of arrival data net which lined up in the entry to pinpoint land station. Figure 3 shows the physical structure of IDS in land station where malicious data packets can be removed easily.

The evolution of queue length is calculated using the following equation:

where , , , or departed data rate.

The above metric values can be either constant or random. Furthermore, the randomness can be generated using Poisson distribution. The four probabilistic options are practically demonstrated in Figure 4 as mentioned.

For sec, the Poisson random variable with queued length is followed in Figure 5.

Inside the flying networks, once in a while, there might be no unwanted nodes to attack on the dynamic networks. But in the proposed network simulation, the input rate and flying nodes () are shown in Figure 6, which shows a high rise while flipping . By achieving the optimal results in between input and output queue rates which is presented in Figure 7. In the simulated work, by utilizing throughput, metric value can be effective in terms of outcome.

3.1. Markov Chain Distribution

Markov chain is a fundamental part of stochastic processes that use memory distribution in discrete-time steps that recall discrete-time Markov chain (DTMC). Suppose be the state of Markov chain stochastic process at time with finite state spaces , where “1” represents “no attack level” which means normal, and “2” stands for the attack level.

Equation (3) shows the formulation of Markov chain where for distribution just having dependency on . Finding the probability of being in state “1” or “2” at time . In DoS, the attacker injects illegal packets to the network security systems by spoofing one node and attempts to increase the numbers of packets by utilizing the ratio ( is a positive constant). Apart from that modeling probability is being changed in the first scenario where Markov chain with following transition matrix where and , respectively, is , and 1 is proposed in the matrix.

Attack probability of being in state “2” at time “t” is proofed mathematically as

Whereas,

However, the attack probability at each time slot will change in sequence using random variables according to DTMC in blocks, and attack probability is shown in below Figure 8.

3.2. Markov Binomial Distribution

Binomial distribution is memory less scheme with having probability , where attack at each time slot is stationary which can be symbolized as . By simulating Markov binomial distribution, are shown in below matrix from

Figure 8 elaborates attack probability changes with the passage of time, and the results are discussed using Figure 9 in which two states are discussed. Where state “1” is used for no attack, and state “2” represents attack.

4. Simulation Results

4.1. Without IDS

In simulation results, the attacker is attempting to use various flooding attacks such as DoS, DDoS, and PoD. Due to the aforementioned attacks, the ground BS is heavily buffered in a queue. The length of the queue for various attacks in order to impact the effect of attack probability on queue length for Markov chain and Markov binomial distribution, respectively, is shown in Figures 10 and 11. Markov chain distribution attack is changing with the stream of time; due to that, queue length will escalate. Where using binomial distribution attack probability must be constant; because of this reason, queue length will become very less in comparison with Markov chain distribution.

4.2. With IDS

Optimization of connection links will reshape the entire planet; therefore, safety of this society needs countermeasures to make the information-age secure. For the security of modeled smart IoT network having drones to stabilize path-flying things, detection system is launched to detect some cyber threats. Due to high network performance, the detection system attempts to trade-off between false positive and false negative probability. This concept assists researchers to have interconnectivity having maximum missed detection probability along with minimum false alarm prospects. The proposed IDS based on certain level try to prevent gateway queue lengths from rapidly increasing and maintaining them at the predictable level. Figure 12 shows the optimized certain level value per time for Markov chain and Markov binomial distributions.

The PoD with Markov chain using queue length is shown in Figure 13; while for Markov binomial distribution using security, attacks are discussed using Figure 14. Respectively, in Figures 15 and 16, the same techniques are utilized for DoS attack. However, similar schemes are incorporated for D-DoS threat in Figures 17 and 18. Throughput study of security attacks using Markov distribution and Markov binomial are having great impact on the data analysis which is shown in Figures 19 and 20.

5. Conclusion

Aerial ad hoc networks use to perform variety of tasks which include monitoring and collection of data from IoT networks. In flying networks, our main focus is to protect ground station from security attacks. While communication comprises drone-2-drone and land-station-2-aerial-vehicles which use IEEE 802.11 wireless technology to improve transmission routes. Intrusion detection system is the optimal way to deal with cyber threats. The proposed intrusion detection monitors incoming packets and filters them using Markov distribution. Markov chain stochastic process assists to find the gateway approach for flying vehicles. Intelligent intrusion detection controls flying networks to filter queue length data packets. The possibility of missed detection and false alarm is easily minimized. While buffer queue length will be maintained to normal level as demonstrated in the simulations. However, in future, machine learning techniques can be used to improve the aerial network security.

Data Availability

All the data is available in the paper.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Acknowledgments

This study was supported by Taif University Researchers Supporting Project number (TURSP-2020/126), Taif University, Taif, Saudi Arabia.

References

A. Qayyum, L. Viennot, and A. Laouiti, “Multipoint relaying for flooding broadcast messages in mobile wireless networks,” in Proceedings of the 35th annual Hawaii international conference on system sciences, pp. 3866–3875, Big Island, HI, USA, 2002.
View at: Google Scholar
I. U. Khan, I. M. Qureshi, M. A. Aziz, T. A. Cheema, and S. B. H. Shah, “Smart IoT control-based nature inspired energy efficient routing protocol for flying ad hoc network (FANET),” IEEE Access, vol. 8, pp. 56371–56378, 2020.
View at: Publisher Site | Google Scholar
M. Ahmed and A. K. Pathan, “False data injection attack (FDIA): an overview and new metrics for fair evaluation of its countermeasure,” Complex Adaptive Systems Modeling, vol. 8, no. 1, p. 4, 2020.
View at: Publisher Site | Google Scholar
A. Abdollahi and M. Fathi, “An intrusion detection system on ping of death attacks in IoT networks,” Wireless Personal Communications, vol. 112, no. 4, pp. 2057–2070, 2020.
View at: Publisher Site | Google Scholar
D. Pliatsios, P. Sarigiannidis, T. Lagkas, and A. G. Sarigiannidis, “A survey on SCADA systems: secure protocols, incidents, threats and tactics,” IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1942–1976, 2020.
View at: Publisher Site | Google Scholar
W. A. Al-Khater, S. Al-Maadeed, A. A. Ahmed, A. S. Sadiq, and M. K. Khan, “Comprehensive review of cybercrime detection techniques,” IEEE Access, vol. 8, pp. 137293–137311, 2020.
View at: Publisher Site | Google Scholar
M. Albalawi and H. Song, “Data security and privacy issues in swarms of drones,” in 2019 Integrated communications, navigation and surveillance conference (ICNS), pp. 1–11, Herndon, VA, USA, 2019.
View at: Publisher Site | Google Scholar
J. Chen, Z. Feng, J. Wen, B. Liu, and L. Sha, “A container-based DoS attack-resilient control framework for real-time UAV systems,” in 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1222–1227, Florence, Italy, 2019.
View at: Publisher Site | Google Scholar
S. Garg, G. S. Aujla, N. Kumar, and S. Batra, “Tree-based attack–defense model for risk assessment in multi-UAV networks,” IEEE Consumer Electronics Magazine, vol. 8, no. 6, pp. 35–41, 2019.
View at: Publisher Site | Google Scholar
R. Mohan, C. V. Raj, P. Aswathi, and R. R. Bhavani, “UAV based security system for prevention of harassment against woman,” in 2017 International Conference on Intelligent Computing, Instrumentation and Control Technologies (ICICICT), pp. 874–879, Kannur, 2017.
View at: Publisher Site | Google Scholar
M. Podhradsky, C. Coopmans, and N. Hoffer, “Improving communication security of open source UAVs: encrypting radio control link,” in 2017 International Conference on Unmanned Aircraft Systems (ICUAS), pp. 1153–1159, Miami, FL, USA, 2017.
View at: Publisher Site | Google Scholar
C. Rani, H. Modares, R. Sriram, D. Mikulski, and F. L. Lewis, “Security of unmanned aerial vehicle systems against cyber-physical attacks,” Journal of Defense Modeling and Simulation, vol. 13, no. 3, pp. 331–342, 2016.
View at: Publisher Site | Google Scholar
F. Restuccia, S. D’Oro, and T. Melodia, “Securing the internet of things in the age of machine learning and software-defined networking,” IEEE Internet of Things Journal, vol. 5, no. 6, pp. 4829–4842, 2018.
View at: Publisher Site | Google Scholar
F. E. Salamh, U. Karabiyik, M. Rogers, and F. Al-Hazemi, “Drone disrupted denial of service attack (3DOS): towards an incident response and forensic analysis of remotely piloted aerial systems (RPASs),” in 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC), pp. 704–710, Tangier, Morocco, 2019.
View at: Publisher Site | Google Scholar
A. Sehrawat, T. A. Choudhury, and G. Raj, “Surveillance drone for disaster management and military security,” in 2017 International Conference on Computing, Communication and Automation (ICCCA), pp. 470–475, Greater Noida, 2017.
View at: Publisher Site | Google Scholar
C. Wang, L. Zhu, L. Gong et al., “Accurate sybil attack detection based on fine-grained physical channel information,” Sensors, vol. 18, no. 3, p. 878, 2018.
View at: Publisher Site | Google Scholar
T. Lagkas, V. Argyriou, S. Bibi, and P. Sarigiannidis, “UAV IoT framework views and challenges: towards protecting drones as “things”,” Sensors, vol. 18, p. 4015, 2018.
View at: Publisher Site | Google Scholar
Z. Zaheer, A. Usmani, E. Khan, and M. A. Qadeer, “Aerial surveillance system using UAV,” in 2016 Thirteenth International Conference on Wireless and Optical Communications Networks (WOCN), pp. 1–7, Hyderabad, 2016.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2021 Inam Ullah Khan et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

1293

Downloads

704

Citations