A Sybil attack detection scheme for a forest wildfire monitoring application

© 2016 Elsevier B.V. Wireless Sensor Networks (WSNs) have experienced phenomenal growth over the past decade. They are typically deployed in human-inaccessible terrains to monitor and collect time-critical and delay-sensitive events. There have been several studies on the use of WSN in different applications. All such studies have mainly focused on Quality of Service (QoS) parameters such as delay, loss, jitter, etc. of the sensed data. Security provisioning is also an important and challenging task lacking in all previous studies. In this paper, we propose a Sybil attack detection scheme for a cluster-based hierarchical network mainly deployed to monitor forest wildfire. We propose a two-tier detection scheme. Initially, Sybil nodes and their forged identities are detected by high-energy nodes. However, if one or more identities of a Sybil node sneak through the detection process, they are ultimately detected by the two base stations. After Sybil attack detection, an optimal percentage of cluster heads are elected and each one is informed using nomination packets. Each nomination packet contains the identity of an elected cluster head and an end user's specific query for data collection within a cluster. These queries are user-centric, on-demand and adaptive to an end user requirement. The undetected identities of Sybil nodes reside in one or more clusters. Their goal is to transmit high false-negative alerts to an end user for diverting attention to those geographical regions which are less vulnerable to a wildfire. Our proposed approach has better network lifetime due to efficient sleep–awake scheduling, higher detection rate and low false-negative rate

Energy-efficient routing and secure communication in wireless sensor networks

University of Technology Sydney. Faculty of Engineering and Information Technology.Wireless Sensor Networks (WSNs) consist of miniature sensor nodes deployed to gather vital information about an area of interest. The ability of these networks to monitor remote and hostile locations has attracted a significant amount of research over the past decade. As a result of this research, WSNs have found their presence in a variety of applications such as industrial automation, habitat monitoring, healthcare, military surveillance and transportation. These networks have the ability to operate in human-inaccessible terrains and collect data on an unprecedented scale. However, they experience various technical challenges at the time of deployment as well as operation. Most of these challenges emerge from the resource limitations such as battery power, storage, computation, and transmission range, imposed on the sensor nodes. Energy conservation is one of the key issues requiring proper consideration. The need for energy-efficient routing protocols to prolong the lifetime of these networks is very much required. Moreover, the operation of sensor nodes in an intimidating environment and the presence of error-prone communication links expose these networks to various security breaches. As a result, any designed routing protocol need to be robust and secure against one or more malicious attacks. This thesis aims to provide an effective solution for minimizing the energy consumption of the nodes. The energy utilization is reduced by using efficient techniques for cluster head selection. To achieve this objective, two different cluster-based hierarchical routing protocols are proposed. The selection of an optimal percentage of cluster heads reduces the energy consumption, enhances the quality of delivered data and prolongs the lifetime of a network. Apart from an optimal cluster head selection, energy consumption can also be reduced using efficient congestion detection and mitigation schemes. We propose an application-specific priority-based congestion control protocol for this purpose. The proposed protocol integrates mobility and heterogeneity of the nodes to detect congestion. Our proposed protocol uses a novel queue scheduling mechanism to achieve coverage fidelity, which ensures that the extra resources consumed by distant nodes are utilized effectively. Apart from energy conservation issue, this thesis also aims to provide a robust solution for Sybil attack detection in WSN. In Sybil attack, one or more malicious nodes forge multiple identities at a given time to exhaust network resources. These nodes are detected prior to cluster formation to prevent their forged identities from participating in cluster head selection. Only legitimate nodes are elected as cluster heads to enhance utilization of the resources. The proposed scheme requires collaboration of any two high energy nodes to analyse received signal strengths of neighbouring nodes. Moreover, the proposed scheme is applied to a forest wildfire monitoring application. It is crucial to detect Sybil attack in a wildfire monitoring application because these forged identities have the ability to transmit high false-negative alerts to an end user. The objective of these alerts is to divert the attention of an end user from those geographical regions which are highly vulnerable to a wildfire. Finally, we provide a lightweight and robust mutual authentication scheme for the real-world objects of an Internet of Thing. The presence of miniature sensor nodes at the core of each object literally means that lightweight, energy-efficient and highly secured schemes need to be designed for such objects. It is a payload-based encryption approach which uses a simple four way handshaking to verify the identities of the participating objects. Our scheme is computationally efficient, incurs less connection overhead and safeguard against various types of replay attacks

IoT-inspired Framework for Real-time Prediction of Forest Fire

Wildfires are one of the most devastating catastrophes and can inflict tremendous losses to life and nature. Moreover, the loss of civilization is incomprehensible, potentially extending suddenly over vast land sectors. Global warming has contributed to increased forest fires, but it needs immediate attention from the organizations involved. This analysis aims to forecast forest fires to reduce losses and take decisive measures in the direction of protection. Specifically, this study suggests an energy-efficient IoT architecture for the early detection of wildfires backed by fog-cloud computing technologies. To evaluate the repeatable information obtained from IoT sensors in a time-sensitive manner, Jaccard similarity analysis is used. This data is assessed in the fog processing layer and reduces the single value of multidimensional data called the Forest Fire Index. Finally, based on Wildfire Triggering Criteria, the Artificial Neural Network (ANN) is used to simulate the susceptibility of the forest area. ANN are intelligent techniques for inferring future outputs as these can be made hybrid with fuzzy methods for decision-modeling. For productive visualization of the geographical location of wildfire vulnerability, the Self-Organized Mapping Technique is used. Simulation of the implementation is done over multiple datasets. For total efficiency assessment, outcomes are contrasted in comparison to other techniqueS

Security, privacy and trust of user-centric solutions

International audienc

IoT Crawler with Behavior Analyzer at Fog layer for Detecting Malicious Nodes

The limitations in terms of power and processing in IoT (Internet of Things) nodes make nodes an easy prey for malicious attacks, thus threatening business and industry. Detecting malicious nodes before they trigger an attack is highly recommended. The paper introduces a special purpose IoT crawler that works as an inspector to catch malicious nodes. This crawler is deployed in the Fog layer to inherit its capabilities, and to be an intermediate connection between the things and the cloud computing nodes. The crawler collects data streams from IoT nodes, upon a priority criterion. A behavior analyzer, with a machine learning core, detects malicious nodes according to the extracted node behavior from the crawler collected data streams. The performance of the behavior analyzer was investigated using three machine learning algorithms: Adaboost, Random forest and Extra tree. The behavior analyzer produces better testing accuracy, for the tested data, when using Extra tree compared to Adaboost and Random forest; it achieved 98.3% testing accuracy with Extra tree

PAWN: a payload-based mutual authentication scheme for wireless sensor networks

Copyright © 2016 John Wiley & Sons, Ltd. Wireless sensor networks (WSNs) consist of resource-starving miniature sensor nodes deployed in a remote and hostile environment. These networks operate on small batteries for days, months, and even years depending on the requirements of monitored applications. The battery-powered operation and inaccessible human terrains make it practically infeasible to recharge the nodes unless some energy-scavenging techniques are used. These networks experience threats at various layers and, as such, are vulnerable to a wide range of attacks. The resource-constrained nature of sensor nodes, inaccessible human terrains, and error-prone communication links make it obligatory to design lightweight but robust and secured schemes for these networks. In view of these limitations, we aim to design an extremely lightweight payload-based mutual authentication scheme for a cluster-based hierarchical WSN. The proposed scheme, also known as payload-based mutual authentication for WSNs, operates in 2 steps. First, an optimal percentage of cluster heads is elected, authenticated, and allowed to communicate with neighboring nodes. Second, each cluster head, in a role of server, authenticates the nearby nodes for cluster formation. We validate our proposed scheme using various simulation metrics that outperform the existing schemes

A Quality of Service-Aware Secured Communication Scheme for Internet of Things-Based Networks

The Internet of Things (IoT) is an emerging technology that aims to enable the interconnection of a large number of smart devices and heterogeneous networks. Ad hoc networks play an important role in the designing of IoT-enabled platforms due to their efficient, flexible, low-cost and dynamic infrastructures. These networks utilize the available resources efficiently to maintain the Quality of Service (QoS) in a multi-hop communication. However, in a multi-hop communication, the relay nodes can be malicious, thus requiring a secured and reliable data transmission. In this paper, we propose a QoS-aware secured communication scheme for IoT-based networks (QoS-IoT). In QoS-IoT, a Sybil attack detection mechanism is used for the identification of Sybil nodes and their forged identities in multi-hop communication. After Sybil nodes detection, an optimal contention window (CW) is selected for QoS provisioning, that is, to achieve per-flow fairness and efficient utilization of the available bandwidth. In a multi-hop communication, the medium access control (MAC) layer protocols do not perform well in terms of fairness and throughput, especially when the nodes generate a large amount of data. It is because the MAC layer has no capability of providing QoS to prioritized or forwarding flows. We evaluate the performance of QoS-IoT in terms of Sybil attack detection, fairness, throughput and buffer utilization. The simulation results show that the proposed scheme outperforms the existing schemes and significantly enhances the performance of the network with a large volume of data. Moreover, the proposed scheme is resilient against Sybil attack

A Mobile Multimedia Data Collection Scheme for Secured Wireless Multimedia Sensor Networks

© 2013 IEEE. Wireless Multimedia Sensor Networks (WMSNs) produce enormous amounts of big multimedia data. Due to large size, Multimedia Sensor Nodes (MSNs) cannot store generated multimedia data for a long time. In this scenario, mobile sinks can be utilized for data collection. However, due to vulnerable nature of wireless networks, there is a need for an efficient security scheme to authenticate both MSNs and mobile sinks. In this paper, we propose a scheme to protect an underlying WMSN during mobile multimedia data collection. The proposed scheme is a two-layer scheme. At the first layer, all MSNs are distributed into small clusters, where each cluster is represented by a single Cluster Head (CH). At the second layer, all CHs verify identities of mobile sinks before sharing multimedia data. Authentication at both layers ensures a secure data exchange. We evaluate the performance of proposed scheme through extensive simulation results. The simulation results prove that the proposed scheme performs better as compared to existing state-of-the-art approaches in terms of resilience and handshake duration. The proposed scheme is also analyzed in terms of authentication rate, data freshness, and packet delivery ratio, and has shown a better performance

A Comparison between RISC and CISC Microprocessor Architectures

- In this paper, we have made a comparison between RISC (Reduced Instruction Set Computer) and CISC (Complex Instruction Set Computer.) RISC and CISC are two different types of microprocessor architectures. RISC is a computer microprocessor that uses simple instructions which can be divided into multiple instructions that performs low level operations within a single clock cycle while CISC is a PC processor which utilizes single direction to execute a few low level operations, for example, stacking from memory, a number juggling operation, and a memory store or are fit for multi-step operations or tending to modes inside single guideline. The principle distinction amongst RISC and CISC is in the quantity of figuring cycles each of their directions take. The distinction in the quantity of cycles depends on the intricacy and the objective of their directions