On-Line and off-line security measurement framework for mobile ad hoc networks

Journal of Networks

Volumn 4, Issue 7, 2009, Pages 565-579

  Savola, Reijo M ^a   Abie, Habtamu ^b  

^a VTT TECHNICAL RESEARCH CENTRE OF FINLAND   (Finland)

^b NORWEGIAN COMPUTING CENTER   (Norway)

Author keywords

Mobile ad hoc networks; Monitoring; Security evaluation; Security metrics

Indexed keywords

BEHAVIOUR MODELLING; COMMUNICATION MECHANISMS; DECISION MAKING PROCESS; EVIDENCE COLLECTION; INFORMATION SECURITY; MONITORING SYSTEM; NETWORK LEVEL; NETWORK SEGMENT; ON-THE-FLY; SECURITY CHALLENGES; SECURITY EVALUATION; SECURITY LEVEL; SECURITY MEASUREMENT; SECURITY METRICS; SECURITY REQUIREMENTS; SELF ORGANIZING;

DECISION MAKING; MOBILE AD HOC NETWORKS; MOBILE TELECOMMUNICATION SYSTEMS; MONITORING; SECURITY OF DATA; WIRELESS TELECOMMUNICATION SYSTEMS;

AD HOC NETWORKS;

EID: 77950991593     PISSN: 17962056     EISSN: None     Source Type: Journal    
DOI: 10.4304/jnw.4.7.565-579     Document Type: Article

References (49)

1. J.-P. Hubaux, L. Buttyán, and S. Čapkun, "The Quest for Security in Mobile Ad Hoc Networks," 2nd ACM Int. Symp. Mobile Ad Hoc Networking and Computing (MobiHoc), 2001, 146-155.
2. H. Yang, H. Luo, F. Ye, S. Lu, and L. Zhang, "Security in Mobile Ad Hoc Networks: Challenges and Solutions," IEEE Wireless Comm., Vol. 11, No. 1., Feb. 2004, 38-47.
3. L. Zhou and Z. J. Haas, "Securing Ad Hoc Networks," IEEE Network, Vol. 13, No. 6, Nov/Dec 1999, 24-30.
4. P. T. Devanbu and S. Stubblebine, "Security and Software Engineering: A Roadmap," 22nd Int. Conf. Software Engineering (ICSE), Limerick, Ireland, 2000.
5. A. Avižienis, J.-C. Laprie, B. Randell and C. Landwehr, "Basic Concepts and Taxonomy of Dependable and Secure Computing," IEEE Tr. on Dependable and Secure Computing, Vol. 1, No. 1, Jan/Mar 2004, 11-33.
6. ISO/IEC 15408, "Common Criteria for Information Technology Security Evaluation," Version 2.2., 2004.
7. G. Jelen, "SSE-CMM Security Metrics," NIST and CSSPAB Workshop, Washington, D.C., 2000.
8. J. I. Alger, "On Assurance, Measures, and Metrics: Definitions and Approaches," Information Security System Scoring and Ranking (WISSSR), Williamsburg, Virginia, May, 2001, publ. 2002.
9. S. C. Payne, "A Guide to Security Metrics," SANS Institute Information Security Reading Room, 2006.
10. FIPS Publication 199, "Standards for Security Categorization of Federal Information and Information Systems," Federal Information Processing Standards Publication 2004.
11. B. S. Yee, "Security Metrology and the Monty Hall Problem," Information Security System Scoring and Ranking (WISSSR), ACSA and MITRE, Williamsburg, Virginia, May, 2001, publ. 2002.
12. ISO/IEC 9126-1:2001, "Software Engineering - Product Quality - Part 1: Quality Model," International Organization of Standardization 2001.
13. R. Henning (Ed.), Workshop on Information Security Scoring and Ranking - Information System Security Attribute Quantification or Ordering. Applied Computer Security Associates, 2001.
14. J. McHugh, "Quantitative Measures of Assurance: Prophecy, Process or Pipedream?" Information Security System Scoring and Ranking (WISSSR), ACSA and MITRE, Williamsburg, Virginia, May, 2001, publ. 2002.
15. D. McCallam, "The Case against Numerical Measures of Information Assurance," Proc. of Workshop on Information Security System Scoring and Ranking (WISSSR), ACSA and MITRE, Williamsburg, Virginia, May, 2001, publ. 2002.
16. S. M. Bellovin, "On the Brittleness of Software and the Infeasibility of Security Metrics," IEEE Security & Privacy, Jul/Aug, p. 96, 2006.
17. M. D. Aime, A. Atzeni and P. C. Pomi, "The Risks with Security Metrics," Conference on Computer and Communications Security archive, Proceedings of the 4th ACM workshop on Quality of Protection, 2008, Alexandria, Virginia, USA, October 27-27, 2008, 65-70.
18. P. Burris, C. King, "A Few Good Security Metrics," METAGroup, 2000.
19. J. Voas, "Why is it so Hard to Predict Software System Trustworthiness from Sofware Component Trustworthiness?," 20th IEEE Symposium on Reliable Distributed Systems, 2001, p. 179.
20. S. Čapkun, L. Buttyán and J.-P. Hubaux, "Self-Organized Public-Key Management for Mobile Ad Hoc Networks," IEEE Tr. Mobile Computing, Vol. 2, No. 1, 2003, 52-64.
21. H. Luo, P. Zerfos, J. Kong and L. Zhang, "Self-Securing Ad Hoc Wireless Networks," 7th Int. Symp. on Computers and Communications (ISCC), 2002, 567-574.
22. K. Paul and D. Westhoff, "Context Aware Detection of Selfish Nodes in DSR Based Ad Hoc Networks," IEEE Vehicular Technology Conference, Vol. 56, No. 4., 2002, 2424-2429.
23. S. Bhargava and D. P. Agrawal, "Security Enhancements in AODV Protocol for Wireless Ad Hoc Networks," IEEE Vehicular Technology Conference (VTC 2001) Fall, Vol. 4, 2001, 2143-2147.
24. P. Papadimitratos and Z. J. Haas, "Secure Link State Routing for Mobile Ad Hoc Networks," Symp. on Applications and the Internet Workshops, 2003, 379-383.
25. P. Michiardi and R. Molva, "Ad Hoc Networks Security," In Basagni, S., Conti, M., Giordano, S., and Stojmenovic (Eds.), Ad Hoc Networking, IEEE Press Wiley, New York, 2003.
26. W. Leister, T. Fretland and I. Balasingham, "Use of MPEG-21 for Security and Authentication in Biomedical Sensor Networks," 3rd International Conference on Systems and Networks Communications (ICSNC) 2008, Sliema, Malta, October 26, 2008.
27. W. Leister, H. Abie, A.-K. Groven, T. Fretland and I. Balasingham, "Threat Assessment of Wireless Patient Monitoring Systems," International Conference on Information and Communication Technologies (ICTTA) 2008, Damascus, Syria, 7-11 April 08, 2008.
28. P. Nikander, J. Ylitalo and J. Wall, "Integrating Security, Mobility, and Multi-Homing in a HIP Way," 10th Annual Network and Distributed System Security Symposium, 2003.
29. S. Čapkun, J.-P. Hubaux and L. Buttyán, "Mobility Helps Security in Ad Hoc Networks," 4th ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2003, 46-56.
30. N. Jorstad and T. S. Landgrave, "Cryptographic Algorithm Metrics," 20th National Information Systems Security Conference, Baltimore, MD, 1997.
31. E. E. Schultz, R. W. Proctor, M.-C. Lien and G. Salvendy, "Usability and Security - An Appraisal of Usability Issues in Information Security Methods," Computer Security, Vol. 20, No. 7, Oct. 2001, 620-634.
32. S. S. Al-Ghatani and M. King, "Attitudes, Satisfaction and Usage: Factors Contributing to Each in the Acceptance of Information Technology," Behaviour and Information Technology, 19, 277-297.
33. ISO/IEC 9126-4, "Software Engineering - Product Quality - Part 4: Quality in Use Metrics," 2000.
34. IEEE Std. 1061-1998, "Standard for a Software Quality Metrics Methodology," Revision, IEEE Standards Dept., Piscataway, N.J., 1998.
35. R. Savola, "Holistic Estimation of Security, Privacy and Trust in Mobile Ad Hoc Networks," Int. Conf. on Information and Communication Technologies (ICTTA) 2008, Damascus, Syria, 6 p.
36. M. Sharmin, S. Ahmed and S.I. Ahamed, "An Adaptive Lightweight Trust Reliant Secure Resource Discovery for Pervasive Computing Environments," 4th Annual IEEE International Conference on Pervasive Computing and Communications (PerCom) 2006, 258-263.
37. C. Wang and W.A Wulf, "Towards a Framework for Security Measurement," 20th National Information Systems Security Conference, Baltimore, MD, 1997, 522-533.
38. S. Rekhis and N. Boudriga, "Attack Scenarios Reconstruction and Paths of Packets Transfer Identification in Multihop Wireless Systems," New Technologies, Mobility and Security (NTMS) 2008, Workshop on Security of Wireless Communication Systems (SWCS'08, in conjunction NTMS 2008), Tangier, Morrocco, 2008.
39. R. Savola and H. Abie, "Identification of Basic Measurable Security Components for a Distributed Messaging System," 3rd International Conference on Emerging Security Information, Systems and Technologies (SECURWARE) 2009, 8 p.
40. H. Abie, I. Dattani, M. Novkovic, J. Bigham, S. Topham, R. Savola, "GEMOM - Significant and Measurable Progress Beyond the State of the Art," 3rd Int. Conf. on Systems and Networks Communications (ICSNC) 2008, Sliema, Malta, 2008, 191-196.
41. R. Savola and J. Röning, "Towards Security Evaluation based on Evidence Information Collection and Impact Analysis," Supplemental Proceedings of the Int. Conf. on Dependable Systems and Networks (DSN), Workshop on Empirical Evaluation of Dependability and Security (WEEDS) 2006, Philadelphia, PA, 113-118.
42. T. Priebe, E. B. Fernandez, J. I. Mehlau and G. Pernul, "A Pattern System for Access Control," 18th Annual IFIP WG 11.3 Conf. on Data and Applications Security, Sitges, Spain, 2004, 235-249.
43. R. Savola, "Requirement Centric Security Evaluation of Software Intensive Systems," 2nd Int. Conf. on Dependability of Computer Systems (DepCOS- RELCOMEX) Szklarska Poreba, Poland, 2007, 132-142.
44. A. Mishra, K. Nadkarni and A. Patcha, "Intrusion Detection in Wireless Ad Hoc Networks," IEEE Wireless Comm., Feb. 2004, 48-60.
45. O. Kachirski and R. Guha, "Intrusion Detection Using Mobile Agents in Wireless Ad Hoc Networks," IEEE Workshop on Knowledge Media Networks, 2002, 153-158.
46. Y. Zhang and W. Lee, "Intrusion Detection in Wireless Ad Hoc Networks," 6th Int. Conf. Mobile Computing and Networking (MobiCom). Aug. 2000, 275-283.
47. T. Heyman, R. Scandariato, C. Huygens, W. Joosen, "Using Security Patterns to Combine Security Metrics," 3rd Int. Conf. on Availability, Reliability and Security (ARES) 2008, 1156-1163.
48. M. Sharmin, S. Ahmed and S.I. Ahamed, "An Adaptive Lightweight Trust Reliant Secure Resource Discovery for Pervasive Computing Environments," 4th Annual IEEE International Conference on Pervasive Computing and Communications (PerCom) 2006, 258-263.
49. D. Umuhoza, J.I. Agbinya and C.W. Omlin, "Estimation of Trust Metrics for MANET Using QoS Parameter and Source Routing Algorithms," 2nd International Conference on Wireless Broadband and Ultra Wideband Communications (AusWireless) 2007.