A Survey in Wireless Ad hoc Network Security and Secure Energy Optimization Approaches for Routing

Wireless ad hoc network nodes together establish a network infrastructure without using any access points or base stations for communicates using multi hop schemes. It has significant characteristics like dynamic topologies, constrained in bandwidth and limited resource a high challenge in implementing security with optimized energy resource utilization which is the key aspects while designing modern ad hoc networks architecture. Ad hoc Networks nodes are limited in broadcast range, and also their capabilities of computation and storage are well limited to their energy resources. This limitation of resources in wireless ad hoc creates high challenges in incorporating security mechanism for routing security and privacy maintenance. This paper investigates the various issues and challenges in secure routing and energy optimization during communication in wireless ad hoc network towards security and secure energy utilization improvisation

Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

A false injection-resilient scheme to monitor time-variant phenomenon in wireless sensor networks

Being a promising technology which is envisioned to pervade numerous aspects of human life, wireless sensor networks are attracting remarkable attention in research community. The typical wireless sensors are small low-power, resource-constrained devices subject to functional failures which could be due to power loss or even malicious attacks on the devices. As the projected applications for wireless sensor networks range from smart applications such as traffic monitoring to critical military applications such as measuring levels of gas concentration in battle fields, security in sensor networks becomes a prime concern. In sensitive applications, it becomes imperative to continuously monitor the transient state of the system rather than steady state observations and take requisite preventive and corrective actions, if necessary. Also, the network is prone to attack by adversaries who intend to disrupt the functioning of the system by compromising the sensor nodes and injecting false data into the network. So it is important to shield the sensor network from false data injection attacks. Through this work, we prove that in the presence of adversaries, it would be difficult to correctly observe the transient phenomenon if sensors report just their readings. We develop a novel robust statistical framework to monitor correctly the transient phenomenon while limiting the impact of false data injection. In this framework, each sensor does a lightweight computation and reports a statistical digest in addition to the current sensed reading. Through a series of carefully-designed inter-sensor statistical tests on both the readings and digests, we are able to achieve our goal of preserving the transient phenomenon. We show a concrete realization of our statistical framework by developing a secure statistical scheme, called SSTF, to effectively monitor the transient phenomenon while being immune to false data injection attacks. SSTF is a two-tier system and the kernel of SSTF is our statistical framework, which is employed atop an enhanced version of the IHHAS security scheme. We present detailed theoretical analysis and in-depth simulation results to demonstrate the effectiveness of SSTF

Practical security scheme design for resource-constrained wireless networks

The implementation of ubiquitous computing (or pervasive computing) can leverage various types of resource-constrained wireless networks such as wireless sensor networks and wireless personal area networks. These resource-constrained wireless networks are vulnerable to many malicious attacks that often cause leakage, alteration and destruction of critical information due to the insecurity of wireless communication and the tampers of devices. Meanwhile, the constraints of resources, the lack of centralized management, and the demands of mobility of these networks often make traditional security mechanisms inefficient or infeasible. So, the resource-constrained wireless networks pose new challenges for information assurance and call for practical, efficient and effective solutions. In this research, we focus on wireless sensor networks and aim at enhancing confidentiality, authenticity, availability and integrity, for wireless sensor networks. Particularly, we identify three important problems as our research targets: (1) key management for wireless sensor networks (for confidentiality), (2) filtering false data injection and DoS attacks in wireless sensor networks (for authenticity and availability), and (3) secure network coding (for integrity). We investigate a diversity of malicious attacks against wireless sensor networks and design a number of practical schemes for establishing pairwise keys between sensor nodes, filtering false data injection and DoS attacks, and securing network coding against pollution attacks for wireless sensor networks. Our contributions from this research are fourfold: (1) We give a taxonomy of malicious attacks for wireless sensor networks. (2) We design a group-based key management scheme using deployment knowledge for wireless sensor networks to establish pair-wise keys between sensor nodes. (3) We propose an en-route scheme for filtering false data injection and DoS attacks in wireless sensor networks. (4) We present two efficient schemes for securing normal and XOR network coding against pollution attacks. Simulation and experimental results show that our solutions outperform existing ones and are suitable for resource-constrained wireless sensor networks in terms of computation overhead, communication cost, memory requirement, and so on

Privacy and security protection in cloud integrated sensor networks

Wireless sensor networks have been widely deployed in many social settings to monitor human activities and urban environment. In these contexts, they acquire and collect sensory data, and collaboratively fuse the data. Due to resource constraint, sensor nodes however cannot perform complex data processing. Hence, cloud-integrated sensor networks have been proposed to leverage the cloud computing capabilities for processing vast amount of heterogeneous sensory data. After being processed, the sensory data can then be accessed and shared among authorized users and applications pervasively. Various security and privacy threats can arise when the people-centric sensory data is collected and transmitted within the sensor network or from the network to the cloud; security and privacy remain a big concern when the data is later accessed and shared among different users and applications after being processed. Extensive research has been conducted to address the security and privacy issues without sacrificing resource efficiency. Unfortunately, the goals of security/privacy protection and resource efficiency may not be easy to accomplish simultaneously, and may even be sharply contrary to each other. Our research aims to reconcile the conflicts between these goals in several important contexts. Specifically, we first investigate the security and privacy protection of sensory data being transmitted within the sensor network or from the sensor network to the cloud, which includes: (1) efficient, generic privacy preserving schemes for sensory data aggregation; (2) a privacy-preserving integrity detection scheme for sensory data aggregation; (3) an efficient and source-privacy preserving scheme for catching packet droppers and modifiers. Secondly, we further study how to address people\u27s security and privacy concerns when accessing sensory data from the cloud. To preserve privacy for sensory data aggregation, we propose a set of generic, efficient and collusion-resilient privacy-preserving data aggregation schemes. On top of these privacy preserving schemes, we also develop a scheme to simultaneously achieve privacy preservation and detection of integrity attack for data aggregation. Our approach outperforms existing solutions in terms of generality, node compromise resilience, and resource efficiency. To remove the negative effects caused by packet droppers and modifiers, we propose an efficient scheme to identify and catch compromised nodes which randomly drop packets and/or modify packets. The scheme employs an innovative packet marking techniques, with which selective packet dropping and modification can be significantly alleviated while the privacy of packet sources can be preserved. To preserve the privacy of people accessing the sensory data in the cloud, we propose a new efficient scheme for resource constrained devices to verify people\u27s access privilege without exposing their identities in the presence of outsider attacks or node compromises; to achieve the fine-grained access control for data sharing, we design privacy-preserving schemes based on users\u27 affiliated attributes, such that the access policies can be flexibly specified and enforced without involving complicated key distribution and management overhead. Extensive analysis, simulations, theoretical proofs and implementations have been conducted to evaluate the effectiveness and efficiency of our proposed schemes. The results show that our proposed schemes resolve several limitations of existing work and achieve better performance in terms of resource efficiency, security strength and privacy preservation