MANET Attack Detection - Recently, the mobile ad hoc network (MANET) has enjoyed a great reputation thanks to its advantages such as: high performance, no expensive infrastructure to install, use of unlicensed frequency spectrum, and fast distribution of information around the transmitter. But the topology of MANETs attracts the attention of several attacks. Although authentication and encryption techniques can provide some protection, especially by minimizing the number of intrusions, such cryptographic techniques do not work effectively in the case of unseen or unknown attacks. In this case, the machine learning approach is successful to detect unfamiliar intrusive behavior. Security methodologies in MANETs mainly focus on eliminating malicious attacks, misbehaving nodes, and providing secure routing. In this paper we present to most recent works that propose or apply the concept of Machine Learning (ML) to secure the MANET environment.

MANET Attack Detection - The current stady is confined in proposing a reputation based approach for detecting malicious activity where past activities of each node is recorded for future reference. It has been regarded that the Mobile ad-hoc network commonly called as (MANET) is stated as the critical wireless network on the mobile devices using self related assets. Security considered as the main challenge in MANET. Many existing work has done on the basis of detecting attacks by using various approaches like Intrusion Detection, Bait detection, Cooperative malicious detection and so on. In this paper some approaches for identifying malicious nodes has been discussed. But this Reputation based approach mainly focuses on sleuthing the critcal nodes on the trusted path than the shortest path. Each node will record the activity of its own like data received from and Transferred to information. As soon as a node update its activity it is verified and a trust factor is assigned. By comparing the assigned trust factor a list of suspicious or malicious node is created.

MANET Attack Detection - The MANET architecture's future growth will make extensive use of encryption and encryption to keep network participants safe. Using a digital signature node id, we illustrate how we may stimulate the safe growth of subjective clusters while simultaneously addressing security and energy efficiency concerns. The dynamic topology of MANET allows nodes to join and exit at any time. A form of attack known as a black hole assault was used to accomplish this. To demonstrate that he had the shortest path with the least amount of energy consumption, an attacker in MATLAB R2012a used a digital signature ID to authenticate the node from which he wished to intercept messages (DSEP). “Digital Signature”, “MANET,” and “AODV” are all terms used to describe various types of digital signatures. Black Hole Attack, Single Black Hole Attack, Digital Signature, and DSEP are just a few of the many terms associated with MANET.

MANET Attack Prevention - Mobile ad hoc networks (MANETS) have gained much attention due to their dynamic nature and efficiency. These networks are operated in highly dynamic and unpredictable environment. Rapid advances in the field of correspondence have vastly enhanced today's transmission networks. As a result, the measurement of data transmission in business and military applications has grown dramatically. Since these applications include the transmission of information, the need for security concerns has grown as well. Due to their dynamic nature, they are susceptible to various attacks. The lack of a centralized authority to supervise the individual nodes operating in the network makes security in the mobile adhoc network a major challenge. Attacks can originate both within and outside the network. In this paper, a survey of various attacks in MANETs and their prevention and mitigation techniques given by researchers have been presented.

MANET Attack Prevention - Wireless ad hoc networks are characterized by dynamic topology and high node mobility. Network attacks on wireless ad hoc networks can significantly reduce performance metrics, such as the packet delivery ratio from the source to the destination node, overhead, throughput, etc. The article presents an experimental study of an intrusion detection system prototype in mobile ad hoc networks based on machine learning. The experiment is carried out in a MANET segment of 50 nodes, the detection and prevention of DDoS and cooperative blackhole attacks are investigated. The dependencies of features on the type of network traffic and the dependence of performance metrics on the speed of mobile nodes in the network are investigated. The conducted experimental studies show the effectiveness of an intrusion detection system prototype on simulated data.

MANET Attack Prevention - All across the world, majority of humans rely upon wireless ADHOC network. So, it turns into the maximum priority to lessen the vulnerability of wireless network. Wireless networks are exposed to many distinct varieties of attacks out of which wormhole attack is most dangerous. Unlike many different attacks on ad hoc routing, wormhole attack could be very effective and cannot be avoided with cryptographic approach due to the fact intruders do now no longer modify the packet data, it replays the packets. An intentionally positioned wormhole can cause a significant breakdown in communication. An analysis was performed in this study that removed wormhole attacks from MANET using changes to the AODV routing protocol. We have used Smart Packet Detection and Prevention Technique (SPDPT) to remove Wormhole. We have examined simulation parameters such as packet delivery ratio, end-to-end delay, energy consumption, and throughput.

MANET Attack Prevention - Recently, the rising use of portable devices with advanced wireless communication gives Mobile ad-hoc networks more significance with the expanding number of widespread applications. This infrastructure uses a link-to-link wireless connection to transfer the data called route, which uses a routing protocol. AODV is a reactive protocol that uses control packets to discover a route toward the destination node in the network. Since MANET is an open infrastructure without a centralized controller, it is at risk of security assaults that are generated through the malicious node at the time of route discovery and data transmission. For example, the Blackhole attack in which the offender node retains and drops few or all data/control packets by using vulnerabilities of the on-demand routing protocols. This paper proposed a trust-based method to prevent the network against blackhole attack. This paper modeled the behavior of blackhole node and proposes a trust-based security technique. Further suggested technique is analyzed and evaluated against various evaluation metrics like PDR, throughput, end-to-end delay, attack percentage, etc. The proposed security technique is also compared with three different scenarios, namely attack, watchdog, and IDS scenarios, using the above evaluation metrics. The comparison shows that the proposed trust-based security ensures the detection and prevention against blackhole nodes not only at the time of route discovery but also at the time of real-time data transmission.

MANET Attack Prevention - Since the mid-1990s, the growth of laptops and Wi-Fi networks has led to a great increase in the use of MANET (Mobile ad hoc network) in wireless communication. MANET is a group of mobile devices for example mobile phones, computers, laptops, radios, sensors, etc., that communicate with each other wirelessly without any support from existing internet infrastructure or any other kind of fixed stations. As MANET is an infrastructure-less network it is prone to various attacks, which can lead to loss of information during communication, security breaches or other unauthentic malpractices. Various types of attacks to which MANET can be vulnerable are denial of service (DOS) and packet dropping attacks such as Gray hole, Blackhole, Wormhole, etc. In this research, we are particularly focusing on the detection and prevention of Gray hole attack. Gray hole node drops selective data packets, while participating in the routing process like other nodes, and advertises itself as a genuine node. The Intrusion Detection System (IDS) technique is used for identification and aversion of the Gray hole attack. Use of AODV routing protocol is made in the network. The network is incorporated and simulation parameters such as PDR (Packet Delivery Ratio), Energy Consumption, End-to-end delay, and Throughput are analyzed using simulation software.

MANET Attack Prevention - The MANET architecture's future growth will make extensive use of encryption and encryption to keep network participants safe. Using a digital signature node id, we illustrate how we may stimulate the safe growth of subjective clusters while simultaneously addressing security and energy efficiency concerns. The dynamic topology of MANET allows nodes to join and exit at any time. A form of attack known as a black hole assault was used to accomplish this. To demonstrate that he had the shortest path with the least amount of energy consumption, an attacker in MATLAB R2012a used a digital signature ID to authenticate the node from which he wished to intercept messages (DSEP). “Digital Signature”, “MANET,” and “AODV” are all terms used to describe various types of digital signatures. Black Hole Attack, Single Black Hole Attack, Digital Signature, and DSEP are just a few of the many terms associated with MANET.

MANET Privacy - Ad hoc network is sensitive to attacks because it has temporary nature and frequently recognized insecure environment. Both Ad hoc On-demand Distance Vector (AODV) and Ad hoc On-demand Multipath Distance vector (AOMDV) routing protocols have the strategy to take help from Wireless and mobile ad hoc networks. A mobile ad hoc network (MANET) is recognized as an useful internet protocol and where the mobile nodes are self-configuring and self-organizing in character. This research paper has focused on the detection and influence of black hole attack on the execution of AODV and AOMDV routing protocols and has also evaluated the performance of those two on-demand routing protocols in MANETs. AODV has the characteristics for discovering a single path in single route discovery and AOMDV has the characteristics for discovering multiple paths in single route discovery. Here a proposed method for both AODV and AOMDV routing protocol, has been applied for the detection of the black hole attack, which is the merge of both SHA-3 and Diffie-Hellman algorithm. This merge technique has been applied to detect black hole attack in MANET. This technique has been applied to measure the performance matrices for both AODV and AOMDV and those performance matrices are Average Throughput, Average End to End delay and Normalized Routing Load. Both AODV and AOMDV routing protocol have been compared with each other to show that under black hole attack, AOMDV protocol always has better execution than AODV protocol. Here, NS-2.35 has been used as the Network Simulator tool for the simulation of these particular three types of performance metrics stated above.

MANET Privacy - A sub group of mobile ad hoc network(MANET) that is vehicular Ad Hoc Network (VANET) that assists in, vehicle to infrastructure (V2I) and vehicle to vehicle (V2V) intercommunications. An important characteristics of VANET consists of, highly dynamic, distributed networking and self-organizing topologies. In safeguarding billions of human live features of VANET and its uses regarding safety on roads drew attention towards huge amount of interest in academic fields and industries, moreover with study and development on enhancing the facilities of transport transit infrastructure. Major challenging and crucial security problems takes place during information transmission with open-access surrounding such as VANET. Non-repudiation, data confidentiality, Authentication, data availability and data integrity behave as a critical part of VANET’s security. Privacy preservation over VANET is major concern, in this research we will elaborate different attacks over VANET and will conclude how block chain based VANET will perform better and less error prone.

MANET Privacy - Massive amounts of data are being stored in cyberspace as a result of the expansion of the Internet, IoT, and various networking technologies. The privacy and security are the most essential aspects of a network. This survey analyzed the functions of blockchain in network security. The blockchain-based network security mechanism may be used to increase network security because of its decentralization, tamper-resistance, traceability, high availability, and credibility. This survey offers a review of network security studies and their contributions and limits with a critical comparison analysis based on a complete and comprehensive research of the evolution of Blockchain, architectures, working principle, security, and privacy features. This analysis examines network security applications based on blockchain technology with various networking technologies, such as IoT, Industrial IoT, WSN, MANET, VANET, Vehicular Social Network, In-vehicle networking, mobile networks (5G), and so on. For communication, the majority of these networking technologies were combined with IoT. As a result, in this study, the Internet of Things is considered as the primary network employed in important research as examined in the literature review. As a result, the application of network security utilizing blockchain was examined in this study using IoT. This research presents a comparison based on several network solutions that employ blockchain for network security. Finally, the blockchain application in various networks, as well as its difficulties, are examined.

MANET Privacy - Various routing methods and approaches are being integrated into wireless networks, making it a topic for future investigation. The two primary wireless routing issues under research are security and congestion reduction. The bulk of security research relies on key-based approaches or third-party trust control systems. The routing protocol would be secured by validating a nonblocking identity, which is relayed to each site via protocol, according to the study's enhanced route security. Adhoc upon Request Vertical (AODV) connectivity is a dynamically routing technique that chooses the best route based on the databases of its neighbors. The research in this article emphasizes privacy for routing security, and simulators are given to show the improved delivery ratio, speed, end-to-end lag, and reduced packet loss rate of the Ad hoc On Requirement Done Accordingly (AODV) networking protocol. Attacks are deliberately avoided by modifying the basic implementation of the AODV networking protocol. Further suggestions made in this research include the deployment of an access control strategy and distinctive key-based verification for AODV. There is always a need for research in this area since security measures might have a detrimental influence on the functioning of the system in place. There is an urgent need for continued study in this area but since audiovisual and audio industries are growing quickly.

MANET Privacy - The Vehicular Ad hoc Network (VANET) is a new type of Mobile ad hoc networks. The VANET can be seen on the street, with automobiles acting as network nodes. VANET implementations such as engaged confidentiality and navigation systems require appropriate vehicle-to-vehicle technological tools, particularly routing innovation. A Vehicular Ad hoc NETwork (VANET) is a self-organized system made up of linked vehicles that enables for the timely transmission of relevant traffic data. A grouping approach is designed due to VANET properties such as dynamic nature and high response. Then a secure algorithm is designed for secure transmissions. The results analysis was performed in terms of packet delivery ratio (PDR), end-to-end delay, and throughput. The throughput was compared with existing works and it shows approx. 35% of improvement.

MANET Privacy - In Mobile Adhoc Networks (MANETs), resilient optimization is based on the least energy utilization as well as privacy. The crucial concerns for the productive design to provide multi-hop routing are security and energy consumption. Concerning these problems, we present in this paper an author proposed routing protocol called Protected Quality of Service (QoS) aware Energy Efficient Routing protocol. It is developed on trust along with energy efficiency and points to improve MANET security. The proposed work utilizes an identification methodology in the company of a key based safety feature for assigning trust ratings. This study also determines three categories of trust ratings, including direct, indirect, and overall trust scores, beneficial to increase communication security. The head of a cluster is selected among the nodes based on QoS metrics and scores of the trust which is referred to as a cluster based secured routing approach. Finally, to carry out the safe routing procedure as efficiently as possible, the required final path that is picked depends on path trust, energy consumption, and hop number. The suggested work was evaluated via simulations using the Ns2 simulator. The proposed strategy beats others in the matter of enhanced delivery rate of the packets, lifetime of a network, and security according to the simulation findings. Further, the proposed safe routing technique saves time and energy as compared to current relevant secure routing methods.

Malware Analysis - The rapid development of network information technology, individual’s information networks security has become a very critical issue in our daily life. Therefore, it is necessary to study the malware propagation model system. In this paper, the traditional integer order malware propagation model system is extended to the field of fractional-order. Then we analyze the asymptotic stability of the fractional-order malware propagation model system when the equilibrium point is the origin and the time delay is 0. Next, the asymptotic stability and bifurcation analysis of the fractional-order malware propagation model system when the equilibrium point is the origin and the time delay is not 0 are carried out. Moreover, we study the asymptotic stability of the fractional-order malware propagation model system with an interior equilibrium point. In the end, so as to verify our theoretical results, many numerical simulations are provided.

Malware Analysis - Detection of malware and security attacks is a complex process that can vary in its details and analysis activities. As part of the detection process, malware scanners try to categorize a malware once it is detected under one of the known malware categories (e.g. worms, spywares, viruses, etc.). However, many studies and researches indicate problems with scanners categorizing or identifying a particular malware under more than one malware category. This paper, and several others, show that machine learning can be used for malware detection especially with ensemble base prediction methods. In this paper, we evaluated several custom-built ensemble models. We focused on multi-label malware classification as individual or classical classifiers showed low accuracy in such territory.This paper showed that recent machine models such as ensemble and deep learning can be used for malware detection with better performance in comparison with classical models. This is very critical in such a dynamic and yet important detection systems where challenges such as the detection of unknown or zero-day malware will continue to exist and evolve.

Malware Analysis - Android malware is continuously evolving at an alarming rate due to the growing vulnerabilities. This demands more effective malware detection methods. This paper presents DynaMalDroid, a dynamic analysis-based framework to detect malicious applications in the Android platform. The proposed framework contains three modules: dynamic analysis, feature engineering, and detection. We utilized the well-known CICMalDroid2020 dataset, and the system calls of apps are extracted through dynamic analysis. We trained our proposed model to recognize malware by selecting features obtained through the feature engineering module. Further, with these selected features, the detection module applies different Machine Learning classifiers like Random Forest, Decision Tree, Logistic Regression, Support Vector Machine, Naïve-Bayes, K-Nearest Neighbour, and AdaBoost, to recognize whether an application is malicious or not. The experiments have shown that several classifiers have demonstrated excellent performance and have an accuracy of up to 99\%. The models with Support Vector Machine and AdaBoost classifiers have provided better detection accuracy of 99.3\% and 99.5\%, respectively.

Malware Analysis - Malware attacks in the cyber world continue to increase despite the efforts of Malware analysts to combat this problem. Recently, Malware samples have been presented as binary sequences and assembly codes. However, most researchers focus only on the raw Malware sequence in their proposed solutions, ignoring that the assembly codes may contain important details that enable rapid Malware detection. In this work, we leveraged the capabilities of deep autoencoders to investigate the presence of feature disparities in the assembly and raw binary Malware samples. First, we treated the task as outliers to investigate whether the autoencoder would identify and justify features as samples from the same family. Second, we added noise to all samples and used Deep Autoencoder to reconstruct the original samples by denoising. Experiments with the Microsoft Malware dataset showed that the byte samples features differed from the assembly code samples.

Malware Analysis - The rising use of smartphones each year is matched by the development of the smartphone s operating system, Android. Due to the immense popularity of the Android operating system, many unauthorized users (in this case, the attackers) wish to exploit this vulnerability to get sensitive data from every Android user. The flubot malware assault, which happened in 2021 and targeted Android devices practically globally, is one of the attacks on Android smartphones. It was known at the time that the flubot virus stole information, particularly from banking applications installed on the victim s device. To prevent this from happening again, we research the signature and behavior of flubot malware. In this study, a hybrid analysis will be conducted on three samples of flubot malware that are available on the open-source Hatching Triage platform. Using the Android Virtual Device (AVD) as the primary environment for malware installation, the analysis was conducted with the Android Debug Bridge (ADB) and Burpsuite as supporting tools for dynamic analysis. During the static analysis, the Mobile Security Framework (MobSF) and the Bytecode Viewer were used to examine the source code of the three malware samples. Analysis of the flubot virus revealed that it extracts or drops dex files on the victim s device, where the file is the primary malware. The Flubot virus will clone the messaging application or Short Message Service (SMS) on the default device. Additionally, we discovered a form of flubot malware that operates as a Domain Generation Algorithm (DGA) and communicates with its Command and Control (C\&C) server.

Malware Analysis - The effective security system improvement from malware attacks on the Android operating system should be updated and improved. Effective malware detection increases the level of data security and high protection for the users. Malicious software or malware typically finds a means to circumvent the security procedure, even when the user is unaware whether the application can act as malware. The effectiveness of obfuscated android malware detection is evaluated by collecting static analysis data from a data set. The experiment assesses the risk level of which malware dataset using the hash value of the malware and records malware behavior. A set of hash SHA256 malware samples has been obtained from an internet dataset and will be analyzed using static analysis to record malware behavior and evaluate which risk level of the malware. According to the results, most of the algorithms provide the same total score because of the multiple crime inside the malware application.

Malware Analysis - Malwares are designed to cause harm to the machine without the user s knowledge. Malwares belonging to different families infect the system in its own unique way causing damage which could be irreversible and hence there is a need to detect and analyse the malwares. Manual analysis of all types of malwares is not a practical approach due to the huge effort involved and hence Automated Malware Analysis is resorted to so that the burden on humans can be decreased and the process is made robust. A lot of Automated Malware Analysis tools are present right now both offline and online but the problem arises as to which tool to select while analysing a suspicious binary. A comparative analysis of three most widely used automated tools has been done with different malware class samples. These tools are Cuckoo Sandbox, Any. Run and Intezer Analyze. In order to check the efficacy of the tool in both online and offline analysis, Cuckoo Sandbox was configured for offline use, and Any. Run and Intezer Analyze were configured for online analysis. Individual tools analyse each malware sample and after analysis is completed, a comparative chart is prepared to determine which tool is good at finding registry changes, processes created, files created, network connections, etc by the malicious binary. The findings conclude that Intezer Analyze tool recognizes file changes better than others but otherwise Cuckoo Sandbox and Any. Run tools are better in determining other functionalities.

Malware Analysis - The static and dynamic malware analysis are used by industrialists and academics to understand malware capabilities and threat level. The antimalware industries calculate malware threat levels using different techniques which involve human involvement and a large number of resources and analysts. As malware complexity, velocity and volume increase, it becomes impossible to allocate so many resources. Due to this reason, it is projected that the number of malware apps will continue to rise, and that more devices will be targeted in order to commit various sorts of cybercrime. It is therefore necessary to develop techniques that can calculate the damage or threat posed by malware automatically as soon as it is identified. In this way, early warnings about zero-day (unknown) malware can assist in allocating resources for carrying out a close analysis of it as soon as it is identified. In this paper, a fuzzy modelling approach is described for calculating the potential risk of malicious programs through static malware analysis.

Malware Analysis - Any software that runs malicious payloads on victims’ computers is referred to as malware. It is an increasing threat that costs people, businesses, and organizations a lot of money. Attacks on security have developed significantly in recent years. Malware may infiltrate both offline and online media, like: chat, SMS, and spam (email, or social media), because it has a built-in defensive mechanism and may conceal itself from antivirus software or even corrupt it. As a result, there is an urgent need to detect and prevent malware before it damages critical assets around the world. In fact, there are lots of different techniques and tools used to combat versus malware. In this paper, the malware samples were analyzing in the Virtual Box environment using in-depth analysis based on reverse engineering using advanced static malware analysis techniques. The results Obtained from malware analysis which represent a set of valuable information, all anti-malware and anti-virus program companies need for in order to update their products.

Malware Analysis - This document addresses the issue of the actual security level of PDF documents. Two types of detection approaches are utilized to detect dangerous elements within malware: static analysis and dynamic analysis. Analyzing malware binaries to identify dangerous strings, as well as reverse-engineering is included in static analysis for t1he malware to disassemble it. On the other hand, dynamic analysis monitors malware activities by running them in a safe environment, such as a virtual machine. Each method has its own set of strengths and weaknesses, and it is usually best to employ both methods while analyzing malware. Malware detection could be simplified without sacrificing accuracy by reducing the number of malicious traits. This may allow the researcher to devote more time to analysis. Our worry is that there is no obvious need to identify malware with numerous functionalities when it isn t necessary. We will solve this problem by developing a system that will identify if the given file is infected with malware or not.