A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

A Quality of Service-Aware Secured Communication Scheme for Internet of Things-Based Networks

The Internet of Things (IoT) is an emerging technology that aims to enable the interconnection of a large number of smart devices and heterogeneous networks. Ad hoc networks play an important role in the designing of IoT-enabled platforms due to their efficient, flexible, low-cost and dynamic infrastructures. These networks utilize the available resources efficiently to maintain the Quality of Service (QoS) in a multi-hop communication. However, in a multi-hop communication, the relay nodes can be malicious, thus requiring a secured and reliable data transmission. In this paper, we propose a QoS-aware secured communication scheme for IoT-based networks (QoS-IoT). In QoS-IoT, a Sybil attack detection mechanism is used for the identification of Sybil nodes and their forged identities in multi-hop communication. After Sybil nodes detection, an optimal contention window (CW) is selected for QoS provisioning, that is, to achieve per-flow fairness and efficient utilization of the available bandwidth. In a multi-hop communication, the medium access control (MAC) layer protocols do not perform well in terms of fairness and throughput, especially when the nodes generate a large amount of data. It is because the MAC layer has no capability of providing QoS to prioritized or forwarding flows. We evaluate the performance of QoS-IoT in terms of Sybil attack detection, fairness, throughput and buffer utilization. The simulation results show that the proposed scheme outperforms the existing schemes and significantly enhances the performance of the network with a large volume of data. Moreover, the proposed scheme is resilient against Sybil attack

Machine learning and blockchain technologies for cybersecurity in connected vehicles

Future connected and autonomous vehicles (CAVs) must be secured againstcyberattacks for their everyday functions on the road so that safety of passengersand vehicles can be ensured. This article presents a holistic review of cybersecurityattacks on sensors and threats regardingmulti-modal sensor fusion. A compre-hensive review of cyberattacks on intra-vehicle and inter-vehicle communicationsis presented afterward. Besides the analysis of conventional cybersecurity threatsand countermeasures for CAV systems,a detailed review of modern machinelearning, federated learning, and blockchain approach is also conducted to safe-guard CAVs. Machine learning and data mining-aided intrusion detection systemsand other countermeasures dealing with these challenges are elaborated at theend of the related section. In the last section, research challenges and future direc-tions are identified

A Survey: Intrusion Detection System for Vehicular Ad-Hoc Networks (VANETs)

In recent years, the security issues on Vehicular ad hoc networks (VANETs) have become one of the primary concerns. Vehicular Ad Hoc Network has attracted both research and industrial community due to its benefits in facilitating human life and enhancing the security and comfort. However, various issues have been faced in such networks such as information security, routing reliability, dynamic high mobility of vehicles that influence the stability of communication. Furthermore, VANETs are vulnerable against attacks so this can directly lead to the corruption of networks and then possibly provoke big losses of time, money, and even lives. This paper presents a survey of VANETs attacks and solutions in carefully considering other similar works as well as updating new attacks and categorizing them into different classes. Keywords: Intrusion Detection System DOI: 10.7176/ISDE/11-4-02 Publication date:August 31st 202

Supporting Large Scale Communication Systems on Infrastructureless Networks Composed of Commodity Mobile Devices: Practicality, Scalability, and Security.

Infrastructureless Delay Tolerant Networks (DTNs) composed of commodity mobile devices have the potential to support communication applications resistant to blocking and censorship, as well as certain types of surveillance. In this thesis we study the utility, practicality, robustness, and security of these networks. We collected two sets of wireless connectivity traces of commodity mobile devices with different granularity and scales. The first dataset is collected through active installation of measurement software on volunteer users' own smartphones, involving 111 users of a DTN microblogging application that we developed. The second dataset is collected through passive observation of WiFi association events on a university campus, involving 119,055 mobile devices. Simulation results show consistent message delivery performances of the two datasets. Using an epidemic flooding protocol, the large network achieves an average delivery rate of 0.71 in 24 hours and a median delivery delay of 10.9 hours. We show that this performance is appropriate for sharing information that is not time sensitive, e.g., blogs and photos. We also show that using an energy efficient variant of the epidemic flooding protocol, even the large network can support text messages while only consuming 13.7% of a typical smartphone battery in 14 hours. We found that the network delivery rate and delay are robust to denial-of-service and censorship attacks. Attacks that randomly remove 90% of the network participants only reduce delivery rates by less than 10%. Even when subjected to targeted attacks, the network suffered a less than 10% decrease in delivery rate when 40% of its participants were removed. Although structurally robust, the openness of the proposed network introduces numerous security concerns. The Sybil attack, in which a malicious node poses as many identities in order to gain disproportionate influence, is especially dangerous as it breaks the assumption underlying majority voting. Many defenses based on spatial variability of wireless channels exist, and we extend them to be practical for ad hoc networks of commodity 802.11 devices without mutual trust. We present the Mason test, which uses two efficient methods for separating valid channel measurement results of behaving nodes from those falsified by malicious participants.PhDElectrical Engineering: SystemsUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/120779/1/liuyue_1.pd

High Confidence Networked Control for Next Generation Air Transportation Systems

This paper addresses the design of a secure and fault-tolerant air transportation system in the presence of attempts to disrupt the system through the satellite-based navigation system. Adversarial aircraft are assumed to transmit incorrect position and intent information, potentially leading to violations of separation requirements among aircraft. We propose a framework for the identification of adversaries and malicious aircraft, and then for air traffic control in the presence of such deliberately erroneous data. The framework consists of three mechanisms that allow each aircraft to detect attacks and to resolve conflicts: fault detection and defense techniques to improve Global Positioning System (GPS)/inertial navigation, detection and defense techniques using the Doppler/received signal strength, and a fault-tolerant control algorithm. A Kalman filter is used to fuse high frequency inertial sensor information with low frequency GPS data. To verify aircraft position through GPS/inertial navigation, we propose a technique for aircraft localization utilizing the Doppler effect and received signal strength from neighboring aircraft. The control algorithm is designed to minimize flight times while meeting safety constraints. Additional separation is introduced to compensate for the uncertainty of surveillance information in the presence of adversaries. We evaluate the effect of air traffic surveillance attacks on system performance through simulations. The results show that the proposed mechanism robustly detects and corrects faults generated by the injection of malicious data. Moreover, the proposed control algorithm continuously adapts operations in order to mitigate the effects these faults. The ability of the proposed approaches to defend against attacks enables reliable air traffic operations even in highly adversarial surveillance conditions.National Science Foundation (U.S.) (CNS-931843)United States. Office of Naval Research. Multidisciplinary University Research Initiative (Grant N0014-08-0696)United States. Office of Naval Research. Multidisciplinary University Research Initiative (Grant N00014-09-1-1051)United States. Office of Naval Research (Grant N00014-12-1-0609)United States. Air Force Office of Scientific Research. Multidisciplinary University Research Initiative (Grant FA9550-10-1-0567

Rescuing Wireless Sensor Networks Security from Science Fiction

Abstract. We critically analyze the state of the art in research on wireless sensor network security. Assumptions about security requirements are not always consistent with the assumptions about the nature of sensor nodes. There are deficiencies in the specification of attacker models. Work on wireless sensor network security often fails to give proper definitions and justifications of what constitutes node misbehaviour. We analyze the merits and limitations of reputation-based routing protocols as a security mechanism, and observe that in wireless sensor networks there is a strong case for using application specific cross-layer optimizations and hence a diminished demand for generic security solutions

An Asynchronous Node Replication Attack in Wireless Sensor Networks

Abstract Applications of wireless sensor network (WSN) are growing significantly, and many security protocols meant for WSN have been proposed. One of the unique problems of WSN is that the sensor nodes are not tamper resistant as the main attraction of deploying WSN is its low cost. Node replication attack exploits this weakness to launch an attack, in which cryptographic secrets from the compromised sensor nodes are used to create duplicate sensor nodes in large number. Then these sensor nodes are placed in critical locations of the WSN to mount attacks. Several protocols were proposed to defend WSN against the replication attack, and one of the promising among them is distributed detection protocol presented by Parno et al. at IEEE S&P 2005. However, we show in this paper that their distributed detection protocol is vulnerable to an asynchronous node replication attack. Further, we modify the protocol to make it secure for dynamic WSN supporting node mobility