Towards Intrusion Detection in Wireless Sensor Networks
|
|
- Jennifer Sparks
- 8 years ago
- Views:
Transcription
1 Towards Inrusion Deecion in Wireless Sensor Neworks Kroniris Ioannis, Tassos Dimiriou and Felix C. Freiling Ahens Informaion Technology, Peania, Ahens, Greece Deparmen of Compuer Science, Universiy of Mannheim, Germany Absrac In his work we sudy he problem of Inrusion Deecion is sensor neworks and we propose a lighweigh scheme ha can be applied o such neworks. Is basic characerisic is ha nodes monior heir neighborhood and collaborae wih heir neares neighbors o bring he nework back o is normal operaional condiion. We emphasize in a disribued approach in which, even hough nodes don have a global view, hey can sill deec an inrusion and produce an aler. We apply our design principles for he blackhole and selecive forwarding aacks by defining appropriae rules ha characerize malicious behavior. We also experimenally evaluae our scheme o demonsrae is effeciveness in deecing he afore-menioned aacks. I. INTRODUCTION A wireless sensor nework (WSN) is a nework of cheap and simple processing devices (sensor nodes) ha are equipped wih environmenal sensors for emperaure, humidiy, ec. and can communicae wih each oher using a wireless radio device. Mos of he applicaions in WSNs require he unaended operaion of a large number of sensor nodes. This raises immediae problems for adminisraion and uilizaion. Even worse, some imes i is no possible o approach he deploymen area a all, like for example in hosile, dangerous environmens or miliary applicaions. So, sensor neworks need o become auonomous and exhibi responsiveness and adapabiliy o evoluion changes in real ime, wihou explici user or adminisraor acion. This need is even more imperaive when i comes o securiy hreas. The unaended naure of WSNs and he limied resources of heir nodes make hem suscepible o aacks. Any defensive mechanism ha could proec and guaranee heir normal operaion should be based on auonomous mechanisms wihin he nework iself. Currenly, research on providing securiy soluions for WSNs has focused mainly in hree caegories: 1) Key managemen: A lo of work has been done [1] in esablishing crypographic keys beween nodes o enable encrypion and auhenicaion. 2) Auhenicaion and Secure Rouing: Several proocols [2] have been proposed o proec informaion from being revealed o an unauhorized pary and guaranee is inegral delivery o he base saion. 3) Secure services: Cerain progress has been made in providing specialized secure services, like secure localizaion [3], secure aggregaion [4] and secure ime synchronizaion [5]. All menioned securiy proocols are based on paricular assumpions abou he naure of aacks. If he aacker is weak, he proocol will achieve is securiy goal. This means ha an inruder is prevened from breaking ino a sensor nework and hinder is proper operaion. If he aacker is srong (i.e., behaves more maliciously), here is a nonnegligible probabiliy ha he adversary will break in. Because of heir resource consrains, sensor nodes usually canno deal wih very srong adversaries. So wha is needed is a second line of defense: An Inrusion Deecion Sysem (IDS) ha can deec a hird pary s aemps of exploiing possible insecuriies and warn for malicious aacks, even if hese aacks have no been experienced before. Relaed work Inrusion deecion is an imporan aspec wihin he broader area of compuer securiy, in paricular nework securiy, so an aemp o apply he idea in WSNs makes a lo of sense. However, here are currenly only a few sudies in his area. Da Silva e al. [6] and Ona and Miri [7] propose similar IDS sysems, where cerain monior nodes in he nework are responsible for monioring heir neighbors, looking for inruders. They lisen o messages in heir radio range and sore in a buffer specific message fields ha migh be useful o an IDS sysem running wihin a sensor node, bu no deails are given how his sysem works. In hese archiecures, here is no collaboraion among he monior nodes. I is concluded from boh papers ha he buffer size is an imporan facor ha grealy affecs he rae of false alarms. Loo e al. [8] and Bhuse and Gupa [9] describe wo more IDSs for rouing aacks in sensor neworks. Boh papers assume ha rouing proocols for ad hoc neworks can also be applied o WSNs: Loo e al. [8] assume he AODV (Ad hoc On-Demand Disance Vecor) proocol while Bhuse and Gupa [9] use he DSDV and DSR proocols. Then, specific characerisics of hese proocols are used like number of roue requess received o deec inruders. However, o our knowledge, hese rouing proocols are no aracive for sensor neworks and hey have no been applied o any implemenaion ha we are aware of.
2 More exensive work has been done in inrusion deecion for ad hoc neworks [10]. In such neworks, disribued and cooperaive IDS archiecures are also preferable. Deailed disribued designs, acual deecion echniques and heir performance have been sudied in more deph. While also being ad hoc neworks, WSNs are much more resource consrained. We are unaware of any work ha has invesigaed he issue of inrusion deecion in a general way for WSNs. In his paper we herefore aemp o move owards ha direcion, defining he requiremens, sudying he possible design choices and proposing a specific modular archiecure appropriae for IDSs in WSNs. Conribuions While an adversary can compleely ake over nodes and exrac heir crypographic keys [11], we assume ha such an adversary canno ounumber legiimae nodes by replicaing capured nodes or inroducing new ones in sufficienly many pars of he nework. This assumpion is needed because an IDS for WSNs should exploi he massive parallelism in such a nework o deec inrusion aemps. Paricularly nasy aacks o deec are he blackhole and selecive forwarding aacks [12], in which a capured sensor node refuses o forward all or a subse of he messages i receives. The consribuion of his paper is hreefold: 1) Firs, we review he basic archiecures of IDS sysems and we elaborae on which is he mos appropriae for sensor neworks. We believe his is imporan as i will enable furher work in he area ha will also ake ino consideraion he special properies of such neworks. 2) Second, we design an IDS o deec blackhole and selecive forwarding aacks [12], based on specificaionbased deecion, requiring only small amouns of communicaion and compuaional resources. 3) Finally, we demonsrae he effeciveness of our scheme by measuring he deecion accuracy in a realisic simulaed environmen. The remainder of his paper is organized as follows. In Secion II we elaborae on he requiremens ha an IDS in sensor neworks should have and in Secion III we build sepby-sep our proposed archiecure. Then we presen he overall design in a more modular and generalized form in Secion IV. The performance of he proposed IDS is evaluaed in Secion V hrough simulaions. Finally, Secion VI concludes he paper. II. REQUIREMENTS FOR IDSS IN SENSOR NETWORKS In his secion we elaborae on he requiremens ha an IDS sysem for sensor neworks should saisfy. To do so, one has o look a he specific characerisics of hese neworks. Each sensor node has limied communicaion and compuaional resources and a shor radio range. Furhermore, each node is a weak uni ha can be easily compromised by an adversary [11], who can hen load malicious sofware o launch an insider aack. In his conex, a disribued archiecure, based on node cooperaion is a desirable soluion. In paricular, we require ha an IDS sysem for sensor neworks mus saisfy he following properies: 1) Localize audiing. An IDS for sensor neworks mus work wih localized and parial audi daa. In sensor neworks here are no cenralized poins (apar from he base saion) ha can collec global audi daa, so his approach fis he sensor nework paradigm. 2) Minimize resources. An IDS for sensor neworks should uilize a small amoun of resources. The wireless nework does no have sable connecions, and physical resources of nework and devices, such as bandwidh and power, are limied. Disconnecion can happen a any ime. In addiion, he communicaion beween nodes for inrusion deecion purposes should no ake oo much of he available bandwidh. 3) Trus no node. An IDS canno assume any single node is secure. Unlike wired neworks, sensor nodes can be very easily compromised. Therefore, in cooperaive algorihms, he IDS mus assume ha no node can be fully rused. 4) Be ruly disribued. Tha means daa collecion and analysis is performed on a number of locaions. The disribued approach also applies o execuion of he deecion algorihm and aler correlaion. 5) Be secure. An IDS should be able o wihsand a hosile aack agains iself. Compromising a monioring node and conrolling he behavior of he embedded IDS agen should no enable an adversary o revoke a legiimae node from he nework, or keep anoher inruder node undeeced. III. INTRUSION DETECTION IN WSN In his secion we develop an IDS archiecure based on he above design goals. We break his ino hree pars. Firs, we alk abou audiing mechanisms, hen abou deecion algorihms and finally abou decision making echniques. For each par we presen he available soluions and we elaborae on which is more appropriae for sensor neworks. Then we apply our findings o deec blackhole and selecive forwarding [12] aacks. A. Inrusion Deecion Archiecure In sensor neworks, mos adversaries would arge he rouing layer, since ha allows hem o ake conrol of he informaion flowing in he nework. Besides, sensor neworks are mainly abou reporing daa back o he base saion, and disruping his process would make an aack a successful one. So, for such neworks, he mos appropriae archiecure for an IDS would be nework-based, as opposed o hos-based. A nework-based IDS uses raw nework packes as he daa source. I lisens on he nework and capures and examines individual packes in real ime. Since all communicaion in he WSN is conduced over he air and a node can overhear raffic passing from a neighboring node, nodes can muually check nework raffic. For example, in [13] an archiecure for ad-hoc neworks is proposed, where
3 E D S A B C D A B C Fig. 1. Node B is selecively forwarding packes o node C. Node A promiscuously lisens o node B s ransmissions. nodes are pariioned in clusers, and only he cluser-heads are responsible for monioring he raffic wihin heir clusers. However, a single monior node fails o mee he rus no node requiremen, since i could be capured by he adversary and force he nework o isolae anoher legiimae node. Insead, a cerain fracion of nodes in an area should agree on an observaion. If he number of nodes ha can form such a deecion quorum is larger han he number of nodes ha can be capured by an adversary in he specific area, a simple majoriy voe can be used o form a decision. The requiremen of a majoriy voe is also necessary for oher reasons as well. To see why, le us use neighbor monioring for deecing selecive forwarding aacks in sensor neworks. Neighboring nodes can easily monior he behavior of a node o see wheher i forwards correcly he packes i receives. This can be done by using he wachdog approach [14]. Suppose ha a packe should follow he pah A B C D for he example shown in Figure 1. Node A can ell if node B forwards he packe o node C, by lisening promiscuously o node B s ransmissions. By promiscuously we mean ha since node A is wihin range of node B, i can overhear communicaions o and from B. We can see now why here are more reasons ha only one monioring node canno be enough for inrusion deecion of misbehaving nodes. Le s consider again he example of Figure 1 and suppose ha B is malicious. There are hree cases, arising from he wireless naure of communicaions, where having a node A monioring node B canno resul in a successful deecion of node B: 1) A he same ime ha node B forwards is packe, anoher node S sends a packe o A, causing a collision a A (he hidden erminal problem). Node A canno be cerain which packes caused his collision, so i canno conclude on B s behavior. 2) A he same ime ha node B forwards is packe o node C, node D also makes a ransmission, causing a collision a C. Node A hinks ha B has successfully forwarded is packe, since i doesn know abou he collision. Therefore, node B could skip reransmiing he packe, wihou being deeced. 3) Node B wais unil C makes a ransmission, and hen ransmi is packe causing a collision a C. Again, node C never receives he packe, bu node A canno accuse Fig. 2. Nodes A, C, D and E can be wachdogs of he link A B. B of anyhing. From he above cases we can conclude ha he wachdog approach should involve informaion from more han one node. So, for our inrusion deecion sysem we require ha any oher neighbor of B ha can lisen o he packes his node is sending or receiving will paricipae in he inrusion deecion procedure. In paricular, for a link A B, he wachdog nodes will be all he nodes ha reside wihin he inersecion of A s and B s radio range, including node A. For example, in Figure 2, he nodes A, C, D and E can be wachdogs for he communicaion beween A and B. We have simulaed random opologies of 1000 uniformly disribued nodes and calculaed he average number of wachdogs for differen nework densiies. Wha we have found is ha for any communicaion link beween wo nodes and for any nework densiy, he number of wachdogs on he average is approximaely half he neighborhood size. So, for example, in a nework where nodes have 8 neighbors he average number of wachdogs for any link is close o 4. B. Inrusion Deecion Techniques Inrusion deecion sysems mus be able o disinguish beween normal and abnormal aciviies in order o discover malicious aemps in ime. There are hree main echniques ha an inrusion deecion sysem can use o classify acions [15]; misuse deecion, anomaly deecion and specificaionbased deecion. In misuse deecion or signaure-based deecion sysems, he observed behavior is compared wih known aack paerns (signaures). Acion paerns ha may pose a securiy hrea mus be defined and sored o he sysem. Then, he misuse deecion sysem ries o recognize any bad behavior according o hese paerns. I is already concluded from research in ad hoc neworks ha severe memory consrains make ID sysems ha need o sore aack signaures relaively difficul o build and less likely o be effecive [10]. Anomaly deecion sysems focus on normal behaviors, raher han aack behaviors. Firs hese sysems describe wha consiues a normal behavior (usually esablished by auomaed raining) and hen flag as inrusion aemps any aciviies ha differ from his behavior by a saisically significan amoun.
4 Finally, specificaion-based deecion sysems are also based on deviaions from normal behavior in order o deec aacks, bu hey are based on manually defined specificaions ha describe wha a correc operaion is and monior any behavior wih respec o hese consrains. This is he echnique we use in our approach. I is easier o apply in sensor neworks, since normal behavior canno easily be defined by machine learning echniques and raining. Since we follow he specificaion-based approach, we need o define which norms are going o be used o describe normal operaion. These specificaions for deecing blackhole and selecive forwarding aacks can simply be a rule on he number of messages being dropped by a node. Each of he wachdog nodes will apply ha rule for iself o produce an inrusion aler. The naive approach would be o incremen a couner every ime a packe is dropped and produce an aler when his value reaches a hreshold. However, we should ake under consideraion loss of messages due o oher reasons, as hose described in Secion III-A. So, his approach will cause he couner of he wachdog nodes o incremen and evenually reach he hreshold value. Then he node would be charged wihou being malicious. If we consider a rae a which packes are being los no by a selecive forwarding aack, bu because of oher legiimae facors in he nework, hen in case of an aack, he packes will be dropped a a higher rae han hey normally do. So, we need o se a hreshold of he rae a which packes are dropped, and when his is reached an alarm can be generaed. For ha, we subsiue he couner crierion wih a rae crierion. To measure a rae we need o keep rack of ime duraion. Therefore we require each wachdog node o keep rack of he packes no being forwarded wihin a fixed amoun of ime, le s say w unis, and we modify he inrusion deecion rule as follows: Rule 1: For each packe ha a node A sends o node B, emporally buffer his packe and wai o see if node B forwards i. If no, incremen a couner corresponding o ha node B. Else remove he packe from he buffer. If afer w unis he node has dropped more han percen of he packes, produce an aler. So, each wachdog node has a window of w unis, during which i creaes saisics on he overheard packes. A he end of each window an aler may be produced according o he hreshold crierion, which is broadcased by ha node. Then he nex window is sared, and he same process is repeaed periodically, for all wachdog nodes. We do no require ha he nodes are synchronized, so he windows in each node are also no synchronized. They may have any ime difference beween 0 and w unis. C. Decision Making Techniques The nex design issue we need o solve is who is going o make he final decision ha a node is indeed an inruder and acions should be aken. There are wo approaches for his. Eiher we could use a cooperaive mechanism or le nodes decide independenly. In an independen decision-making sysem, here are cerain nodes ha have he ask o perform he decision-making funcionaliy. They collec inrusion and anomalous aciviy evidences from oher nodes and hey make decisions abou nework-level inrusions. The res of he nodes do no paricipae in his decision. For example, reviewing he archiecure proposed in [13] for ad-hoc neworks, he cluser-heads gaher informaion from heir cluser members and mainain a sae machine for each one of hem. Then he cluser-head can decide wih a cerain confidence ha a node has been compromised by looking a repors regarding ha node. In such archiecures, he decision-making nodes can arac he ineres of an aacker, since compromising hem would leave he nework undefended. Anoher drawback of such an approach is ha hey resric compuaion-inensive analysis of he overall nework securiy sae o jus a few key nodes. This special mission of processing he informaion from oher nodes and deciding on inrusion aemps resuls in an exra processing overhead, which may quickly lead o energy exhausion. In a cooperaive IDS sysem, if an anomaly is deeced by a node, or if he evidence is inconclusive, hen a cooperaive mechanism is iniiaed wih he neighboring nodes in order o produce a global inrusion deecion acion. Even if a node is cerain abou he guiliness of a suspicious node, sill he decision should be cooperaive, because, he node aking a decision could be malicious iself. In our approach, we use a cooperaive decision making approach, where he wachdog nodes of a link A B cooperae in order o decide wheher node B is launching a selecive forwarding aack and ake appropriae acions. In Secion III-A we explained why a node canno make such a decision on is own. So, we require ha each node makes is final decision based on he alers produced by all oher wachdogs of he same link. In order o build a cooperaive decision mechanism, we ake advanage of he fac ha all wachdog nodes of a link are wihin communicaion range of each oher. Tha means any wachdog node can lisen o he messages broadcased by he res. So, i is easy for hese nodes o announce heir alers o each oher, by making a single message broadcas. Wih his knowledge, each node can make a safer conclusion by applying a majoriy rule: Rule 2: If more han half (i.e., he majoriy) of he wachdog nodes have raised an aler, hen he arge node (i.e. node B) is considered compromised and should be revoked, or he base saion should be noified. In paricular, for he link A B, we will define node A as he responsible node o gaher he alers from he res of he wachdogs and apply he majoriy rule. We call ha node he collecor. The res of he wachdogs do no need o acivae
5 W IDS agen Collecor wachdog 1 wachdog 2 local response local packe monioring cooperaive deecion engine local deecion engine communicaion wachdogs IDS agens wachdog 3 wachdog 4 w Fig. 3. Cooperaive deecion mechanism applied by he collecor. Each window W sars a he recepion of he firs aler from any wachdog, including he collecor iself. In his example, W = 2w. heir cooperaive deecion engines for ha link. So, he above majoriy rule saes ha for n wachdogs of a link A B, if a leas n alers are received by he collecor A, including is own local aler, hen a decision is made ha node B is compromised. The problem ha arises nex is how long he collecor should wai for he alers. As we described in Secion III-B, each wachdog node needs w unis o decide wheher a node is dropping packes a a higher rae han he normal. So, in order for he collecor o receive he alers from he res of hem, i has o wai for a longer inerval of W unis. Since we do no require he wachdog nodes o be synchronized (see Figure 3), W mus be long enough in order o ensure ha any possible alers from oher wachdogs are received. In he wors case i has o be a lile longer ha w, bu in he experimenal secion we show how oher values of W affec he success of deecion. Also noe ha if during ha period, a second aler from he same wachdog arrives, hen ha aler is ignored in he applicaion of he majoriy rule. Wih his majoriy rule, if a wachdog is compromised and issues a false alarm rying o revoke a legiimae node, or issues no alarms for anoher malicious node ha launches an aack, i would have no effec because he majoriy would sill prevail. However, if he collecor iself is compromised, hen he adversary can gain he conrol of he inrusion resul. To avoid his scenario, we could have he res of he wachdog nodes apply he majoriy rule over he alers hey receive and check heir conclusions wih he collecor s repor. Alernaively we could use a probabilisic version of verifiable agreemen [16] in which he majoriy voe conains a crypographic proof ha i was formed based on real alarms of he wachdogs. IV. BUILDING BLOCKS OF THE IDS CLIENT In our discussion so far we have described all he operaions a sensor nework IDS sysem should perform o deec blackhole and selecive forwarding aacks. In his secion, we formalize our approach by presening a more modular archiecure of he IDS sysem. We require ha each node in he nework has an IDS clien wih he following funcionaliy: Fig. 4. communicaion aciviies The building blocks of he IDS clien exising in each sensor node. Nework Monioring: Every node performs packe monioring in heir immediae neighborhood collecing audi daa. Decision Making: Using his audi daa, every node decides on he inrusion hrea level on a hos-based basis. Then hey publish heir findings o heir neighbors and make he final collecive decision. Acion: Every node has a response mechanism ha allow i o respond o an inrusion siuaion. Based on hese funcions we build he archiecure of he IDS clien based on five concepual modules, as shown in Figure 4. Each module is responsible for a specific funcion, which we describe in he secions below. The IDS cliens are idenical in each node and hey can broadcas messages for cliens in neighboring nodes o lisen. The communicaion amongs he cliens allows us o use a disribued algorihm for he final decision on he inrusion hrea. A. Local Packe Monioring This module gahers audi daa o be provided o he local deecion module. Audi daa in a sensor nework IDS sysem can be he communicaion aciviies wihin is radio range. This daa can be colleced by lisening promiscuously o neighboring nodes ransmissions. B. Local Deecion Engine This module collecs he audi daa and analyzes i according o given rules. As we said in Secion III-B, specificaion-based deecion is mos appropriae for sensor neworks, so he local deecion engine sores and applies he defined specificaions ha describe wha is a correc operaion and moniors audi daa wih respec o hese consrains. C. Cooperaive Deecion Engine If here is an evidence of inrusion, his module broadcass he sae informaion of he local deecion process o he neighboring nodes. The same module in each node collecs his informaion from all he neighboring nodes and applies a majoriy rule o conclude wheher here is an inrusion or no. The inpu from he local deecion engine is also couned in for his conclusion.
6 D. Local Response Once he nework is aware ha an inrusion has aken place and have deeced he compromised area, appropriae acions are aken by he local response module. The firs acion is o cu off he inruder as much as possible and isolae he compromised nodes. Afer ha, proper operaion of he nework mus be resored. This may include changes in he rouing pahs, updaes of he crypographic maerial (keys, ec.) or resoring par of he sysem using redundan informaion disribued in oher pars of he nework. Auonomic behavior of sensor neworks means ha hese funcions mus be performed wihou human inervenion and wihin finie ime. Depending on he confidence and he ype of he aack, we caegorize he response o wo ypes: Direc response: Excluding he suspec node from any pahs and forcing regeneraion of new crypographic keys wih he res of he neighbors. Indirec response: Noifying he base saion abou he inruder or reducing he qualiy esimaion for he link o ha node, so ha i will gradually loose is pah reliabiliy. V. EXPERIMENTAL EVALUATION We have simulaed a sensor nework of 1000 nodes placed uniformly a random in order o es our proposed inrusion deecion sysem. The nework densiy was chosen so ha each node had 8 neighbors on he average. Each ime, we chose a random one link A B and programmed node B o launch a selecive forwarding aack, while node A was sending packes o i, a a given rae. This way we could have he wachdogs of ha link A B apply he inrusion deecion and monior he behavior of node B. Wih probabiliy, node B was dropping he packes ha were forwarded o i. Finally, we se he hreshold value for he percenage of packes dropped over a period w o = 20%. Above his hreshold, each wachdog was generaing an alarm. Packes dropped a a lower rae were aribued o oher facors, such as collisions or node failures, and did no produce an inrusion aler. Firs we esed how he raio of W and w effecs he accuracy on inruder idenificaion. The resuls are depiced in Figure 5, for 1000 repeiions of he experimen. As we said in Secion III-C, W mus be bigger han w, so we did no simulae he case of W/w < 1. False negaive rae represens he rae a which evens are no flagged inrusive by he collecor alhough he drop rae is higher han he hreshold and he aack exiss. If packes are dropped a a rae higher han he hreshold, hen ideally, all windows W a he collecor should give an alarm. However, since packes are dropped probabilisically, here migh be he case ha during a window w of some wachdogs, he dropped packes are less han = 20%, and no aler is produced by hose nodes. Then, he majoriy rule over a window W will no be saisfied, which will give no final alarm, producing a false negaive. This is less probable o happen as increases compared o. In his case, he probabiliy ha during a window w he False negaive rae (%) = 0.3 = 0.4 = W/w Fig. 5. False-negaive rae for differen raios of window lengh W o w. dropped packes are less han resuling in a false negaive is lower, and hence he beer accuracy in deecing he aack. We see from Figure 5 ha as he window lengh W increases, he false negaive probabiliy decreases. This is because he collecor can have a more accurae esimaion as i gives more ime o he wachdogs o produce heir alarms. However, we canno ake W o be a very large quaniy, since ha would delay he deecion of a compromised node. Therefore, for he res of he experimens we fixed W = 2w. Nex we esed how he window lengh w effecs he accuracy on inruder idenificaion. All wachdogs are required o have he same window lengh. Given a seady packe rae, we measure his lengh in number of packes. Figure 6 shows he false negaive rae for differen number of packes moniored by he wachdogs. For longer windows, more packes are moniored before he hreshold rule is applied by a wachdog o produce a local aler. Then, for a fixed simulaion ime, we measured he number of final inrusion alers produced by he cooperaive engine a he collecor. For he given window W (= 2w), each wachdog gahers he alers broadcased by he res of hem and applies he majoriy rule o produce a final decision, as we described. Figure 6 shows ha he false negaive rae is reduced as he window lengh w is increased. For bigger w, more packes are moniored, and herefore, each wachdog has a beer esimaion of he drop rae and alers are more successfully produced resuling in a cooperaive deecion a he collecor. In he res of he cases, he drop rae over he ime period w for a wachdog may be saisically below he hreshold, and no aler is produced. If his is rue for more han half of he wachdogs, he majoriy rule fails and no deecion is made. Figure 7 depics he number of alers from he collecor as a funcion of he drop probabiliy. Two hresholds of 20% and 10% have been assumed for he local deecion a he wachdogs. In all experimens we ook W = 2w. The simulaion ime is fixed for 1000 repeiions and we se w o be long enough for 30 messages o be moniored a each wachdog. Noe ha he maximum number of final alers
7 False negaive rae (%) Number of alarms = 0.3 = 0.4 = Number of messages in window w Fig. 6. False-negaive rae for differen window lenghs w = 20% = 10% Drop probabiliy Fig. 7. Number of alers for differen drop probabiliies. ha could be produced by he collecor is 16, since his is he maximum number of windows W ha fi in he fixed simulaion ime. For drop probabiliies below he hreshold a small number of alers is produced. This is he number of false posiives and ideally i should be zero. Since he packes are dropped probabilisically, here are cases where more han 20% (or 10% respecively) of he packes are dropped, even if he drop probabiliy is lower. However, on he average, he cooperaive mechanism produces a small number of false posiives and his effec is shown clearly on smaller drop probabiliies. For example, if we se he hreshold = 20% and assume ha packes are dropped a a lower rae = 0.1, hen he graph indicaes ha he false posiives will be 0.52, which is a rae of /16 = 3.25%. VI. CONCLUSIONS In his paper we have inroduced a model for disribued inrusion deecion in sensor neworks which is designed o work wih only parial and localized informaion available a each node of he nework. Nodes collaborae and exchange his informaion wih heir neighbors in order o make a correc decision on wheher an aack has been launched. We focused our research on rouing because i is he foundaion of sensor neworks. In paricular, we demonsraed how our IDS sysem can be used o deec blackhole and selecive forwarding aacks, producing very low false-negaive and false-posiive raes. We also provided a se of general principles ha an IDS sysem for sensor neworks should follow. We believe his se of principles can be used as a valuable ool for developing more robus and secure sensor neworks in he fuure and enable furher research in he area. VII. ACKNOWLEDGMENTS We hank he reviewers for heir houghful and helpful commens ha helped enhance he readabiliy of he paper. REFERENCES [1] S. Camepe and B. Yener, Key disribuion mechanisms for wireless sensor neworks: a survey, Rensselaer Polyechnic Insiue, Troy, New York, Technical Repor 05-07, March [2] E. Shi and A. Perrig, Designing secure sensor neworks, IEEE Wireless Communicaions, vol. 11, no. 6, pp , December [3] L. Lazos and R. Poovendran, Serloc: Robus localizaion for wireless sensor neworks, ACM Transacions on Sensor Neworks, vol. 1, no. 1, pp , [4] T. Dimiriou and I. Kroniris, Securiy in Sensor Neworks. CRC Press, 2006, ch. Secure In-nework Processing in Sensor Neworks, pp [5] S. Ganeriwal, S. Capkun, C.-C. Han, and M. Srivasava, Secure ime synchronizaion service for sensor neworks, in Proceedings of he 4h ACM workshop on Wireless securiy (WiSe 05), 2005, pp [6] A. P. da Silva, M. Marins, B. Rocha, A. Loureiro, L. Ruiz, and H. C. Wong, Decenralized inrusion deecion in wireless sensor neworks, in Proceedings of he 1s ACM inernaional workshop on Qualiy of service & securiy in wireless and mobile neworks (Q2SWine 05). ACM Press, Ocober 2005, pp [7] I. Ona and A. Miri, An inrusion deecion sysem for wireless sensor neworks, in Proceeding of he IEEE Inernaional Conference on Wireless and Mobile Compuing, Neworking and Communicaions, vol. 3, Monreal, Canada, Augus 2005, pp [8] C. E. Loo, M. Y. Ng, C. Leckie, and M. Palaniswami, Inrusion deecion for rouing aacks in sensor neworks, Inernaional Journal of Disribued Sensor Neworks, [9] V. Bhuse and A. Gupa, Anomaly inrusion deecion in wireless sensor neworks, Journal of High Speed Neworks, vol. 15, no. 1, pp , [10] A. Mishra, K. Nadkarni, and A. Pacha, Inrusion deecion in wireless ad hoc neworks, IEEE Wireless Communicaions, vol. 11, no. 1, pp , February [11] A. Becher, Z. Benenson, and M. Dornseif, Tampering wih moes: Realworld physical aacks on wireless sensor neworks, Proceeding of he 3rd Inernaional Conference on Securiy in Pervasive Compuing (SPC), pp , April [12] C. Karlof and D. Wagner, Secure rouing in wireless sensor neworks: Aacks and counermeasures, AdHoc Neworks Journal, vol. 1, no. 2 3, pp , Sepember [13] O. Kachirski, R. Guha, D. Schwarz, S. Soecklin, and E. Yilmaz, Casebased agens for packe-level inrusion deecion in ad hoc neworks, in Proceedings of he 17h Inernaional Symposium on Compuer and Informaion Sciences. CRC Press, Ocober 2002, pp [14] S. Mari, T. J. Giuli, K. Lai, and M. Baker, Miigaing rouing misbehavior in mobile ad hoc neworks, in Proceedings of he 6h annual inernaional conference on Mobile Compuing and Neworking (MobiCom 00), 2000, pp [15] S. Axelsson, Inrusion deecion sysems: A survey and axonomy, Deparmen of Compuer Engineering, Chalmers Universiy of Technology, Tech. Rep , March [16] Z. Benenson, F. C. Freiling, B. Pfizmann, C. Rohner, and M. Waidner, Verifiable agreemen: Limis of non-repudiaion in mobile peer-o-peer ad hoc neworks, in Third European Workshop on Securiy and Privacy in Ad hoc and Sensor Neworks (ESAS), Hamburg, Germany, Sep
DDoS Attacks Detection Model and its Application
DDoS Aacks Deecion Model and is Applicaion 1, MUHAI LI, 1 MING LI, XIUYING JIANG 1 School of Informaion Science & Technology Eas China Normal Universiy No. 500, Dong-Chuan Road, Shanghai 0041, PR. China
More informationTSG-RAN Working Group 1 (Radio Layer 1) meeting #3 Nynashamn, Sweden 22 nd 26 th March 1999
TSG-RAN Working Group 1 (Radio Layer 1) meeing #3 Nynashamn, Sweden 22 nd 26 h March 1999 RAN TSGW1#3(99)196 Agenda Iem: 9.1 Source: Tile: Documen for: Moorola Macro-diversiy for he PRACH Discussion/Decision
More informationAutomatic measurement and detection of GSM interferences
Auomaic measuremen and deecion of GSM inerferences Poor speech qualiy and dropped calls in GSM neworks may be caused by inerferences as a resul of high raffic load. The radio nework analyzers from Rohde
More informationTask is a schedulable entity, i.e., a thread
Real-Time Scheduling Sysem Model Task is a schedulable eniy, i.e., a hread Time consrains of periodic ask T: - s: saring poin - e: processing ime of T - d: deadline of T - p: period of T Periodic ask T
More informationUSE OF EDUCATION TECHNOLOGY IN ENGLISH CLASSES
USE OF EDUCATION TECHNOLOGY IN ENGLISH CLASSES Mehme Nuri GÖMLEKSİZ Absrac Using educaion echnology in classes helps eachers realize a beer and more effecive learning. In his sudy 150 English eachers were
More informationMultiprocessor Systems-on-Chips
Par of: Muliprocessor Sysems-on-Chips Edied by: Ahmed Amine Jerraya and Wayne Wolf Morgan Kaufmann Publishers, 2005 2 Modeling Shared Resources Conex swiching implies overhead. On a processing elemen,
More informationPerformance Center Overview. Performance Center Overview 1
Performance Cener Overview Performance Cener Overview 1 ODJFS Performance Cener ce Cener New Performance Cener Model Performance Cener Projec Meeings Performance Cener Execuive Meeings Performance Cener
More informationDistributing Human Resources among Software Development Projects 1
Disribuing Human Resources among Sofware Developmen Proecs Macario Polo, María Dolores Maeos, Mario Piaini and rancisco Ruiz Summary This paper presens a mehod for esimaing he disribuion of human resources
More informationTEMPORAL PATTERN IDENTIFICATION OF TIME SERIES DATA USING PATTERN WAVELETS AND GENETIC ALGORITHMS
TEMPORAL PATTERN IDENTIFICATION OF TIME SERIES DATA USING PATTERN WAVELETS AND GENETIC ALGORITHMS RICHARD J. POVINELLI AND XIN FENG Deparmen of Elecrical and Compuer Engineering Marquee Universiy, P.O.
More informationSELF-EVALUATION FOR VIDEO TRACKING SYSTEMS
SELF-EVALUATION FOR VIDEO TRACKING SYSTEMS Hao Wu and Qinfen Zheng Cenre for Auomaion Research Dep. of Elecrical and Compuer Engineering Universiy of Maryland, College Park, MD-20742 {wh2003, qinfen}@cfar.umd.edu
More informationJournal Of Business & Economics Research September 2005 Volume 3, Number 9
Opion Pricing And Mone Carlo Simulaions George M. Jabbour, (Email: jabbour@gwu.edu), George Washingon Universiy Yi-Kang Liu, (yikang@gwu.edu), George Washingon Universiy ABSTRACT The advanage of Mone Carlo
More informationTrends in TCP/IP Retransmissions and Resets
Trends in TCP/IP Reransmissions and Reses Absrac Concordia Chen, Mrunal Mangrulkar, Naomi Ramos, and Mahaswea Sarkar {cychen, mkulkarn, msarkar,naramos}@cs.ucsd.edu As he Inerne grows larger, measuring
More informationDuration and Convexity ( ) 20 = Bond B has a maturity of 5 years and also has a required rate of return of 10%. Its price is $613.
Graduae School of Business Adminisraion Universiy of Virginia UVA-F-38 Duraion and Convexiy he price of a bond is a funcion of he promised paymens and he marke required rae of reurn. Since he promised
More informationMaking a Faster Cryptanalytic Time-Memory Trade-Off
Making a Faser Crypanalyic Time-Memory Trade-Off Philippe Oechslin Laboraoire de Securié e de Crypographie (LASEC) Ecole Polyechnique Fédérale de Lausanne Faculé I&C, 1015 Lausanne, Swizerland philippe.oechslin@epfl.ch
More informationAnalysis and Design of a MAC Protocol for Wireless Sensor etworks with Periodic Monitoring Applications
Analysis and Design of a MAC roocol for Wireless Sensor eworks wih eriodic Monioring Applicaions Miguel A. razo, Yi Qian, Keie u, and Domingo Rodríguez Deparmen of lecrical and Compuer ngineering Universiy
More informationSpectrum-Aware Data Replication in Intermittently Connected Cognitive Radio Networks
Specrum-Aware Daa Replicaion in Inermienly Conneced Cogniive Radio Neworks Absrac The opening of under-uilized specrum creaes an opporuniy for unlicensed users o achieve subsanial performance improvemen
More informationConstant Data Length Retrieval for Video Servers with Variable Bit Rate Streams
IEEE Inernaional Conference on Mulimedia Compuing & Sysems, June 17-3, 1996, in Hiroshima, Japan, p. 151-155 Consan Lengh Rerieval for Video Servers wih Variable Bi Rae Sreams Erns Biersack, Frédéric Thiesse,
More informationChapter 8: Regression with Lagged Explanatory Variables
Chaper 8: Regression wih Lagged Explanaory Variables Time series daa: Y for =1,..,T End goal: Regression model relaing a dependen variable o explanaory variables. Wih ime series new issues arise: 1. One
More informationSecure Election Infrastructures Based on IPv6 Clouds
Secure Elecion Infrasrucures Based on IPv6 Clouds Firs IPv6-only OpenSack Cloud used o deliver producion services is de-ployed by Nephos6, Cikomm and SnT-Universiy of Luxembourg. Laif Ladid, Presiden,
More informationModel-Based Monitoring in Large-Scale Distributed Systems
Model-Based Monioring in Large-Scale Disribued Sysems Diploma Thesis Carsen Reimann Chemniz Universiy of Technology Faculy of Compuer Science Operaing Sysem Group Advisors: Prof. Dr. Winfried Kalfa Dr.
More informationThe Application of Multi Shifts and Break Windows in Employees Scheduling
The Applicaion of Muli Shifs and Brea Windows in Employees Scheduling Evy Herowai Indusrial Engineering Deparmen, Universiy of Surabaya, Indonesia Absrac. One mehod for increasing company s performance
More informationDetection of DDoS Attack in SIP Environment with Non-parametric CUSUM Sensor
Deecion of DDoS Aac in SIP Environmen wih Non-parameric CUSUM Sensor Luigi Alcuri Universiy of Palermo Deparmen of Elecrical, Elecronic and Telecommunicaion Engineering luigi.alcuri@i.unipa.i Piero Cassarà
More informationAn Agent-based Bayesian Forecasting Model for Enhanced Network Security
An Agen-based Forecasing Model for Enhanced Nework Securiy J. PIKOULAS, W.J. BUCHANAN, Napier Universiy, Edinburgh, UK. M. MANNION, Glasgow Caledonian Universiy, Glasgow, UK. K. TRIANTAFYLLOPOULOS, Universiy
More informationDistributed Online Localization in Sensor Networks Using a Moving Target
Disribued Online Localizaion in Sensor Neworks Using a Moving Targe Aram Galsyan 1, Bhaskar Krishnamachari 2, Krisina Lerman 1, and Sundeep Paem 2 1 Informaion Sciences Insiue 2 Deparmen of Elecrical Engineering-Sysems
More informationMeasuring macroeconomic volatility Applications to export revenue data, 1970-2005
FONDATION POUR LES ETUDES ET RERS LE DEVELOPPEMENT INTERNATIONAL Measuring macroeconomic volailiy Applicaions o expor revenue daa, 1970-005 by Joël Cariolle Policy brief no. 47 March 01 The FERDI is a
More informationImpact of scripless trading on business practices of Sub-brokers.
Impac of scripless rading on business pracices of Sub-brokers. For furher deails, please conac: Mr. T. Koshy Vice Presiden Naional Securiies Deposiory Ld. Tradeworld, 5 h Floor, Kamala Mills Compound,
More informationTowards Incentive-Compatible Reputation Management
Towards Incenive-Compaible Repuaion Managemen Radu Jurca, Boi Falings Arificial Inelligence Laboraory Swiss Federal Insiue of Technology (EPFL) IN-Ecublens, 115 Lausanne, Swizerland radu.jurca@epfl.ch,
More informationMining Web User Behaviors to Detect Application Layer DDoS Attacks
JOURNAL OF SOFWARE, VOL. 9, NO. 4, APRIL 24 985 Mining Web User Behaviors o Deec Applicaion Layer DDoS Aacks Chuibi Huang Deparmen of Auomaion, USC Key laboraory of nework communicaion sysem and conrol
More informationPredicting Stock Market Index Trading Signals Using Neural Networks
Predicing Sock Marke Index Trading Using Neural Neworks C. D. Tilakarane, S. A. Morris, M. A. Mammadov, C. P. Hurs Cenre for Informaics and Applied Opimizaion School of Informaion Technology and Mahemaical
More informationImprovement of a TCP Incast Avoidance Method for Data Center Networks
Improvemen of a Incas Avoidance Mehod for Daa Cener Neworks Kazuoshi Kajia, Shigeyuki Osada, Yukinobu Fukushima and Tokumi Yokohira The Graduae School of Naural Science and Technology, Okayama Universiy
More informationPROFIT TEST MODELLING IN LIFE ASSURANCE USING SPREADSHEETS PART ONE
Profi Tes Modelling in Life Assurance Using Spreadshees PROFIT TEST MODELLING IN LIFE ASSURANCE USING SPREADSHEETS PART ONE Erik Alm Peer Millingon 2004 Profi Tes Modelling in Life Assurance Using Spreadshees
More informationChannel Holding Time Distribution in Public Cellular Telephony *
ITC6 / P. Kelly and D. Smih (Ediors) 999 Elsevier Science B.V. Channel Holding Time Disribuion in Public Cellular Telephony * Francisco Barceló a and Javier Jordán b a Deparameno de Maemáica Aplicada y
More informationReal-time Particle Filters
Real-ime Paricle Filers Cody Kwok Dieer Fox Marina Meilă Dep. of Compuer Science & Engineering, Dep. of Saisics Universiy of Washingon Seale, WA 9895 ckwok,fox @cs.washingon.edu, mmp@sa.washingon.edu Absrac
More informationMACROECONOMIC FORECASTS AT THE MOF A LOOK INTO THE REAR VIEW MIRROR
MACROECONOMIC FORECASTS AT THE MOF A LOOK INTO THE REAR VIEW MIRROR The firs experimenal publicaion, which summarised pas and expeced fuure developmen of basic economic indicaors, was published by he Minisry
More informationTowards a Generic Trust Model Comparison of Various Trust Update Algorithms
Towards a Generic Trus Model Comparison of Various Trus Updae Algorihms Michael Kinaeder, Erneso Baschny, and Kur Rohermel Insiue of Parallel and Disribued Sysems (IPVS) Universiä Sugar Universiässr. 38
More informationMarket Liquidity and the Impacts of the Computerized Trading System: Evidence from the Stock Exchange of Thailand
36 Invesmen Managemen and Financial Innovaions, 4/4 Marke Liquidiy and he Impacs of he Compuerized Trading Sysem: Evidence from he Sock Exchange of Thailand Sorasar Sukcharoensin 1, Pariyada Srisopisawa,
More informationWorking Paper No. 482. Net Intergenerational Transfers from an Increase in Social Security Benefits
Working Paper No. 482 Ne Inergeneraional Transfers from an Increase in Social Securiy Benefis By Li Gan Texas A&M and NBER Guan Gong Shanghai Universiy of Finance and Economics Michael Hurd RAND Corporaion
More informationNetwork Discovery: An Estimation Based Approach
Nework Discovery: An Esimaion Based Approach Girish Chowdhary, Magnus Egersed, and Eric N. Johnson Absrac We consider he unaddressed problem of nework discovery, in which, an agen aemps o formulae an esimae
More informationEfficient One-time Signature Schemes for Stream Authentication *
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 611-64 (006) Efficien One-ime Signaure Schemes for Sream Auhenicaion * YONGSU PARK AND YOOKUN CHO + College of Informaion and Communicaions Hanyang Universiy
More informationGoRA. For more information on genetics and on Rheumatoid Arthritis: Genetics of Rheumatoid Arthritis. Published work referred to in the results:
For more informaion on geneics and on Rheumaoid Arhriis: Published work referred o in he resuls: The geneics revoluion and he assaul on rheumaoid arhriis. A review by Michael Seldin, Crisopher Amos, Ryk
More informationThe Grantor Retained Annuity Trust (GRAT)
WEALTH ADVISORY Esae Planning Sraegies for closely-held, family businesses The Granor Reained Annuiy Trus (GRAT) An efficien wealh ransfer sraegy, paricularly in a low ineres rae environmen Family business
More informationInformation Theoretic Evaluation of Change Prediction Models for Large-Scale Software
Informaion Theoreic Evaluaion of Change Predicion Models for Large-Scale Sofware Mina Askari School of Compuer Science Universiy of Waerloo Waerloo, Canada maskari@uwaerloo.ca Ric Hol School of Compuer
More informationHow To Calculate Price Elasiciy Per Capia Per Capi
Price elasiciy of demand for crude oil: esimaes for 23 counries John C.B. Cooper Absrac This paper uses a muliple regression model derived from an adapaion of Nerlove s parial adjusmen model o esimae boh
More informationAnalysis of Pricing and Efficiency Control Strategy between Internet Retailer and Conventional Retailer
Recen Advances in Business Managemen and Markeing Analysis of Pricing and Efficiency Conrol Sraegy beween Inerne Reailer and Convenional Reailer HYUG RAE CHO 1, SUG MOO BAE and JOG HU PARK 3 Deparmen of
More informationCPU Provisioning Algorithms for Service Differentiation in Cloud-based Environments
CPU Provisioning Algorihms for Service Differeniaion in Cloud-based Environmens Kosas Kasalis, Georgios S. Paschos, Yannis Viniois, Leandros Tassiulas Absrac This work focuses on he design, analysis and
More informationDistributed Echo Cancellation in Multimedia Conferencing System
Disribued Echo Cancellaion in Mulimedia Conferencing Sysem Balan Sinniah 1, Sureswaran Ramadass 2 1 KDU College Sdn.Bhd, A Paramoun Corporaion Company, 32, Jalan Anson, 10400 Penang, Malaysia. sbalan@kdupg.edu.my
More informationChapter 2 Problems. 3600s = 25m / s d = s t = 25m / s 0.5s = 12.5m. Δx = x(4) x(0) =12m 0m =12m
Chaper 2 Problems 2.1 During a hard sneeze, your eyes migh shu for 0.5s. If you are driving a car a 90km/h during such a sneeze, how far does he car move during ha ime s = 90km 1000m h 1km 1h 3600s = 25m
More informationA Resource Management Strategy to Support VoIP across Ad hoc IEEE 802.11 Networks
A Resource Managemen Sraegy o Suppor VoIP across Ad hoc IEEE 8.11 Neworks Janusz Romanik Radiocommunicaions Deparmen Miliary Communicaions Insiue Zegrze, Poland j.romanik@wil.waw.pl Pior Gajewski, Jacek
More informationMorningstar Investor Return
Morningsar Invesor Reurn Morningsar Mehodology Paper Augus 31, 2010 2010 Morningsar, Inc. All righs reserved. The informaion in his documen is he propery of Morningsar, Inc. Reproducion or ranscripion
More informationCaring for trees and your service
Caring for rees and your service Line clearing helps preven ouages FPL is commied o delivering safe, reliable elecric service o our cusomers. Trees, especially palm rees, can inerfere wih power lines and
More informationRandom Walk in 1-D. 3 possible paths x vs n. -5 For our random walk, we assume the probabilities p,q do not depend on time (n) - stationary
Random Walk in -D Random walks appear in many cones: diffusion is a random walk process undersanding buffering, waiing imes, queuing more generally he heory of sochasic processes gambling choosing he bes
More informationII.1. Debt reduction and fiscal multipliers. dbt da dpbal da dg. bal
Quarerly Repor on he Euro Area 3/202 II.. Deb reducion and fiscal mulipliers The deerioraion of public finances in he firs years of he crisis has led mos Member Saes o adop sizeable consolidaion packages.
More informationStatistical Analysis with Little s Law. Supplementary Material: More on the Call Center Data. by Song-Hee Kim and Ward Whitt
Saisical Analysis wih Lile s Law Supplemenary Maerial: More on he Call Cener Daa by Song-Hee Kim and Ward Whi Deparmen of Indusrial Engineering and Operaions Research Columbia Universiy, New York, NY 17-99
More informationWhy Did the Demand for Cash Decrease Recently in Korea?
Why Did he Demand for Cash Decrease Recenly in Korea? Byoung Hark Yoo Bank of Korea 26. 5 Absrac We explores why cash demand have decreased recenly in Korea. The raio of cash o consumpion fell o 4.7% in
More informationDiane K. Michelson, SAS Institute Inc, Cary, NC Annie Dudley Zangi, SAS Institute Inc, Cary, NC
ABSTRACT Paper DK-02 SPC Daa Visualizaion of Seasonal and Financial Daa Using JMP Diane K. Michelson, SAS Insiue Inc, Cary, NC Annie Dudley Zangi, SAS Insiue Inc, Cary, NC JMP Sofware offers many ypes
More informationA Scalable and Lightweight QoS Monitoring Technique Combining Passive and Active Approaches
A Scalable and Lighweigh QoS Monioring Technique Combining Passive and Acive Approaches On he Mahemaical Formulaion of CoMPACT Monior Masai Aida, Naoo Miyoshi and Keisue Ishibashi NTT Informaion Sharing
More informationANALYSIS AND COMPARISONS OF SOME SOLUTION CONCEPTS FOR STOCHASTIC PROGRAMMING PROBLEMS
ANALYSIS AND COMPARISONS OF SOME SOLUTION CONCEPTS FOR STOCHASTIC PROGRAMMING PROBLEMS R. Caballero, E. Cerdá, M. M. Muñoz and L. Rey () Deparmen of Applied Economics (Mahemaics), Universiy of Málaga,
More informationPRACTICES AND ISSUES IN OPERATIONAL RISK MODELING UNDER BASEL II
Lihuanian Mahemaical Journal, Vol. 51, No. 2, April, 2011, pp. 180 193 PRACTICES AND ISSUES IN OPERATIONAL RISK MODELING UNDER BASEL II Paul Embrechs and Marius Hofer 1 RiskLab, Deparmen of Mahemaics,
More informationOption Put-Call Parity Relations When the Underlying Security Pays Dividends
Inernaional Journal of Business and conomics, 26, Vol. 5, No. 3, 225-23 Opion Pu-all Pariy Relaions When he Underlying Securiy Pays Dividends Weiyu Guo Deparmen of Finance, Universiy of Nebraska Omaha,
More informationImproving Unreliable Mobile GIS with Swarm-based Particle Filters
Improving Unreliable Mobile GIS wih Swarm-based Paricle Filers Fama Hrizi, Jérôme Härri, Chrisian Bonne EURECOM, Mobile Communicaions Deparmen Campus SophiaTech, 450 Roue des Chappes Bio, France {hrizi,
More informationCALCULATION OF OMX TALLINN
CALCULATION OF OMX TALLINN CALCULATION OF OMX TALLINN 1. OMX Tallinn index...3 2. Terms in use...3 3. Comuaion rules of OMX Tallinn...3 3.1. Oening, real-ime and closing value of he Index...3 3.2. Index
More informationIndividual Health Insurance April 30, 2008 Pages 167-170
Individual Healh Insurance April 30, 2008 Pages 167-170 We have received feedback ha his secion of he e is confusing because some of he defined noaion is inconsisen wih comparable life insurance reserve
More informationThe Impact of Surplus Distribution on the Risk Exposure of With Profit Life Insurance Policies Including Interest Rate Guarantees.
The Impac of Surplus Disribuion on he Risk Exposure of Wih Profi Life Insurance Policies Including Ineres Rae Guaranees Alexander Kling 1 Insiu für Finanz- und Akuarwissenschafen, Helmholzsraße 22, 89081
More informationCHARGE AND DISCHARGE OF A CAPACITOR
REFERENCES RC Circuis: Elecrical Insrumens: Mos Inroducory Physics exs (e.g. A. Halliday and Resnick, Physics ; M. Sernheim and J. Kane, General Physics.) This Laboraory Manual: Commonly Used Insrumens:
More informationAutomated Allocation of ESA Ground Station Network Services
Auomaed Allocaion of ESA Ground Saion Nework Services Sylvain Damiani (), Holger Dreihahn (), Jörg Noll (), Marc Niézee (), and Gian Paolo Calzolari () () VEGA, Aerospace Division Rober Bosch Sraße 7,
More informationSingle-machine Scheduling with Periodic Maintenance and both Preemptive and. Non-preemptive jobs in Remanufacturing System 1
Absrac number: 05-0407 Single-machine Scheduling wih Periodic Mainenance and boh Preempive and Non-preempive jobs in Remanufacuring Sysem Liu Biyu hen Weida (School of Economics and Managemen Souheas Universiy
More informationThis is the author s version of a work that was submitted/accepted for publication in the following source:
This is he auhor s version of a work ha was submied/acceped for publicaion in he following source: Debnah, Ashim Kumar & Chin, Hoong Chor (2006) Analysis of marine conflics. In Proceedings of he 19h KKCNN
More informationThe Impact of Surplus Distribution on the Risk Exposure of With Profit Life Insurance Policies Including Interest Rate Guarantees
1 The Impac of Surplus Disribuion on he Risk Exposure of Wih Profi Life Insurance Policies Including Ineres Rae Guaranees Alexander Kling Insiu für Finanz- und Akuarwissenschafen, Helmholzsraße 22, 89081
More informationDouble Entry System of Accounting
CHAPTER 2 Double Enry Sysem of Accouning Sysem of Accouning \ The following are he main sysem of accouning for recording he business ransacions: (a) Cash Sysem of Accouning. (b) Mercanile or Accrual Sysem
More informationA Probability Density Function for Google s stocks
A Probabiliy Densiy Funcion for Google s socks V.Dorobanu Physics Deparmen, Poliehnica Universiy of Timisoara, Romania Absrac. I is an approach o inroduce he Fokker Planck equaion as an ineresing naural
More informationIdealistic characteristics of Islamic Azad University masters - Islamshahr Branch from Students Perspective
Available online a www.pelagiaresearchlibrary.com European Journal Experimenal Biology, 202, 2 (5):88789 ISSN: 2248 925 CODEN (USA): EJEBAU Idealisic characerisics Islamic Azad Universiy masers Islamshahr
More informationµ r of the ferrite amounts to 1000...4000. It should be noted that the magnetic length of the + δ
Page 9 Design of Inducors and High Frequency Transformers Inducors sore energy, ransformers ransfer energy. This is he prime difference. The magneic cores are significanly differen for inducors and high
More informationAnswer, Key Homework 2 David McIntyre 45123 Mar 25, 2004 1
Answer, Key Homework 2 Daid McInyre 4123 Mar 2, 2004 1 This prin-ou should hae 1 quesions. Muliple-choice quesions may coninue on he ne column or page find all choices before making your selecion. The
More informationDOES TRADING VOLUME INFLUENCE GARCH EFFECTS? SOME EVIDENCE FROM THE GREEK MARKET WITH SPECIAL REFERENCE TO BANKING SECTOR
Invesmen Managemen and Financial Innovaions, Volume 4, Issue 3, 7 33 DOES TRADING VOLUME INFLUENCE GARCH EFFECTS? SOME EVIDENCE FROM THE GREEK MARKET WITH SPECIAL REFERENCE TO BANKING SECTOR Ahanasios
More informationARCH 2013.1 Proceedings
Aricle from: ARCH 213.1 Proceedings Augus 1-4, 212 Ghislain Leveille, Emmanuel Hamel A renewal model for medical malpracice Ghislain Léveillé École d acuaria Universié Laval, Québec, Canada 47h ARC Conference
More informationTerm Structure of Prices of Asian Options
Term Srucure of Prices of Asian Opions Jirô Akahori, Tsuomu Mikami, Kenji Yasuomi and Teruo Yokoa Dep. of Mahemaical Sciences, Risumeikan Universiy 1-1-1 Nojihigashi, Kusasu, Shiga 525-8577, Japan E-mail:
More informationExpecaion Heerogeneiy in Japanese Sock Index
JCER DISCUSSION PAPER No.136 Belief changes and expecaion heerogeneiy in buy- and sell-side professionals in he Japanese sock marke Ryuichi Yamamoo and Hideaki Hiraa February 2012 公 益 社 団 法 人 日 本 経 済 研
More informationChild Protective Services. A Guide To Investigative Procedures
Child Proecive Services A Guide To Invesigaive Procedures The purpose of his brochure is o help you undersand he Child Proecive Services (CPS) reporing and response process. Please conac your CPS worker
More informationStochastic Recruitment: A Limited-Feedback Control Policy for Large Ensemble Systems
Sochasic Recruimen: A Limied-Feedback Conrol Policy for Large Ensemble Sysems Lael Odhner and Harry Asada Absrac This paper is abou sochasic recruimen, a conrol archiecure for cenrally conrolling he ensemble
More informationSupplementary Appendix for Depression Babies: Do Macroeconomic Experiences Affect Risk-Taking?
Supplemenary Appendix for Depression Babies: Do Macroeconomic Experiences Affec Risk-Taking? Ulrike Malmendier UC Berkeley and NBER Sefan Nagel Sanford Universiy and NBER Sepember 2009 A. Deails on SCF
More informationSituated vs. Global Aggregation Schemes for Autonomous Management Systems
4h IFIP/IEEE Workshop on Disribued Auonomous Nework Managemen Sysems Siuaed vs. Global Aggregaion Schemes for Auonomous Managemen Sysems Rafik Makhloufi*, Guillaume Doyen*, Gregory Bonne and Dominique
More informationEcotopia: An Ecological Framework for Change Management in Distributed Systems
Ecoopia: An Ecological Framework for Change Managemen in Disribued Sysems Tudor Dumiraş 1, Daniela Roşu 2, Asi Dan 2, and Priya Narasimhan 1 1 ECE Deparmen, Carnegie Mellon Universiy, Pisburgh, PA 15213,
More informationStock Trading with Recurrent Reinforcement Learning (RRL) CS229 Application Project Gabriel Molina, SUID 5055783
Sock raing wih Recurren Reinforcemen Learning (RRL) CS9 Applicaion Projec Gabriel Molina, SUID 555783 I. INRODUCION One relaively new approach o financial raing is o use machine learning algorihms o preic
More informationHotel Room Demand Forecasting via Observed Reservation Information
Proceedings of he Asia Pacific Indusrial Engineering & Managemen Sysems Conference 0 V. Kachivichyanuul, H.T. Luong, and R. Piaaso Eds. Hoel Room Demand Forecasing via Observed Reservaion Informaion aragain
More informationStrategic Optimization of a Transportation Distribution Network
Sraegic Opimizaion of a Transporaion Disribuion Nework K. John Sophabmixay, Sco J. Mason, Manuel D. Rossei Deparmen of Indusrial Engineering Universiy of Arkansas 4207 Bell Engineering Cener Fayeeville,
More informationTask-Execution Scheduling Schemes for Network Measurement and Monitoring
Task-Execuion Scheduling Schemes for Nework Measuremen and Monioring Zhen Qin, Robero Rojas-Cessa, and Nirwan Ansari Deparmen of Elecrical and Compuer Engineering New Jersey Insiue of Technology Universiy
More informationLEASING VERSUSBUYING
LEASNG VERSUSBUYNG Conribued by James D. Blum and LeRoy D. Brooks Assisan Professors of Business Adminisraion Deparmen of Business Adminisraion Universiy of Delaware Newark, Delaware The auhors discuss
More informationSPEC model selection algorithm for ARCH models: an options pricing evaluation framework
Applied Financial Economics Leers, 2008, 4, 419 423 SEC model selecion algorihm for ARCH models: an opions pricing evaluaion framework Savros Degiannakis a, * and Evdokia Xekalaki a,b a Deparmen of Saisics,
More informationA Distributed Multiple-Target Identity Management Algorithm in Sensor Networks
A Disribued Muliple-Targe Ideniy Managemen Algorihm in Sensor Neworks Inseok Hwang, Kaushik Roy, Hamsa Balakrishnan, and Claire Tomlin Dep. of Aeronauics and Asronauics, Sanford Universiy, CA 94305 Elecrical
More informationChapter 1.6 Financial Management
Chaper 1.6 Financial Managemen Par I: Objecive ype quesions and answers 1. Simple pay back period is equal o: a) Raio of Firs cos/ne yearly savings b) Raio of Annual gross cash flow/capial cos n c) = (1
More informationDETERMINISTIC INVENTORY MODEL FOR ITEMS WITH TIME VARYING DEMAND, WEIBULL DISTRIBUTION DETERIORATION AND SHORTAGES KUN-SHAN WU
Yugoslav Journal of Operaions Research 2 (22), Number, 6-7 DEERMINISIC INVENORY MODEL FOR IEMS WIH IME VARYING DEMAND, WEIBULL DISRIBUION DEERIORAION AND SHORAGES KUN-SHAN WU Deparmen of Bussines Adminisraion
More informationRisk Modelling of Collateralised Lending
Risk Modelling of Collaeralised Lending Dae: 4-11-2008 Number: 8/18 Inroducion This noe explains how i is possible o handle collaeralised lending wihin Risk Conroller. The approach draws on he faciliies
More informationThe Architecture of a Churn Prediction System Based on Stream Mining
The Archiecure of a Churn Predicion Sysem Based on Sream Mining Borja Balle a, Bernardino Casas a, Alex Caarineu a, Ricard Gavaldà a, David Manzano-Macho b a Universia Poliècnica de Caalunya - BarcelonaTech.
More informationINTEREST RATE FUTURES AND THEIR OPTIONS: SOME PRICING APPROACHES
INTEREST RATE FUTURES AND THEIR OPTIONS: SOME PRICING APPROACHES OPENGAMMA QUANTITATIVE RESEARCH Absrac. Exchange-raded ineres rae fuures and heir opions are described. The fuure opions include hose paying
More informationINTRODUCTION TO FORECASTING
INTRODUCTION TO FORECASTING INTRODUCTION: Wha is a forecas? Why do managers need o forecas? A forecas is an esimae of uncerain fuure evens (lierally, o "cas forward" by exrapolaing from pas and curren
More informationPervasive Internet Access by Vehicles through Satellite Receive-only Terminals
Pervasive Inerne Access by Vehicles hrough Saellie Receive-only Terminals Baber Aslam, Ping Wang and Cliff C. Zou School of Elecrical Engineering and Compuer Science Universiy of Cenral Florida Orlando,
More informationUser Identity Verification via Mouse Dynamics
User Ideniy Verificaion via Mouse Dynamics Clin Feher, Yuval Elovici,, Rober Moskovich, Lior Rokach,, Alon Schclar Deusche Telekom Laboraories a Ben-Gurion Universiy, Ben-Gurion Universiy of he Negev,
More informationExploring Imputation Techniques for Missing Data in Transportation Management Systems
Exploring Impuaion Techniques for Missing Daa in Transporaion Managemen Sysems Brian L. Smih Assisan Professor Universiy of Virginia Deparmen of Civil Engineering P. O. Box 400742 Charloesville, VA 22904-4742
More informationSTABILITY OF LOAD BALANCING ALGORITHMS IN DYNAMIC ADVERSARIAL SYSTEMS
STABILITY OF LOAD BALANCING ALGORITHMS IN DYNAMIC ADVERSARIAL SYSTEMS ELLIOT ANSHELEVICH, DAVID KEMPE, AND JON KLEINBERG Absrac. In he dynamic load balancing problem, we seek o keep he job load roughly
More informationAnalogue and Digital Signal Processing. First Term Third Year CS Engineering By Dr Mukhtiar Ali Unar
Analogue and Digial Signal Processing Firs Term Third Year CS Engineering By Dr Mukhiar Ali Unar Recommended Books Haykin S. and Van Veen B.; Signals and Sysems, John Wiley& Sons Inc. ISBN: 0-7-380-7 Ifeachor
More information