21,891 research outputs found
A resilient key predistribution scheme for multiphase wireless sensor networks
In wireless sensor networks, sensor nodes eventually die due to battery depletion. Wireless sensor networks (WSNs) in which new nodes are periodically redeployed with certain intervals, called generations, to replace the dead nodes are called multi-phase wireless sensor networks. In the literature, there are several key predistribution schemes proposed for secure operation of WSNs. However, these schemes are designed for single phase networks which are not resilient against continuous node capture attacks; even under temporary attacks on the network, the harm caused by the attacker does not heal in time. However, the periodic deployments in multi-phase sensor networks could be utilized to improve the resiliency of the WSNs by deploying nodes with fresh keys. In the literature, there is limited work done in this area. In this paper, we propose a key predistribution scheme for multi-phase wireless sensor networks which is highly resilient under node capture attacks. In our scheme, called RGM (random generation material) key predistribution scheme, each generation of deployment has its own random keying material and pairwise keys are established between node pairs of particular generations. These keys are specific to these generations. Therefore, a captured node cannot be abused to obtain keys of other generations. We compare the performance of our RGM scheme with a well-known multi-phase key predistribution scheme and showed that RGM achieves up to three-fold more resiliency. Even under heavy attacks, our scheme's resiliency performance is 50% better in steady state
A highly resilient and zone-based key predistribution protocol for multiphase wireless sensor networks
Pairwise key distribution among the sensor nodes is an essential problem for providing security in Wireless Sensor Networks (WSNs). The common approach for this problem is random key predistribution, which suffers from resiliency issues in case of node captures by adversaries. In the literature, the resiliency problem is addressed by zone-based deployment models that use prior deployment knowledge. Another remedy in the literature, which is for multiphase WSNs, aims to provide self-healing property via periodic deployments of sensor nodes with fresh keys over the sensor field. However, to the best of our knowledge, these two approaches have never been combined before in the literature. In this paper, we propose a zone-based key predistribution approach for multiphase WSNs. Our approach combines the best parts of these approaches and provides self-healing property with up to 9-fold more resiliency as compared to an existing scheme. Moreover, our scheme ensures almost 100% secure connectivity, which means a sensor node shares at least one key with almost all of its neighbors
An Authentication Protocol for Future Sensor Networks
Authentication is one of the essential security services in Wireless Sensor
Networks (WSNs) for ensuring secure data sessions. Sensor node authentication
ensures the confidentiality and validity of data collected by the sensor node,
whereas user authentication guarantees that only legitimate users can access
the sensor data. In a mobile WSN, sensor and user nodes move across the network
and exchange data with multiple nodes, thus experiencing the authentication
process multiple times. The integration of WSNs with Internet of Things (IoT)
brings forth a new kind of WSN architecture along with stricter security
requirements; for instance, a sensor node or a user node may need to establish
multiple concurrent secure data sessions. With concurrent data sessions, the
frequency of the re-authentication process increases in proportion to the
number of concurrent connections, which makes the security issue even more
challenging. The currently available authentication protocols were designed for
the autonomous WSN and do not account for the above requirements. In this
paper, we present a novel, lightweight and efficient key exchange and
authentication protocol suite called the Secure Mobile Sensor Network (SMSN)
Authentication Protocol. In the SMSN a mobile node goes through an initial
authentication procedure and receives a re-authentication ticket from the base
station. Later a mobile node can use this re-authentication ticket when
establishing multiple data exchange sessions and/or when moving across the
network. This scheme reduces the communication and computational complexity of
the authentication process. We proved the strength of our protocol with
rigorous security analysis and simulated the SMSN and previously proposed
schemes in an automated protocol verifier tool. Finally, we compared the
computational complexity and communication cost against well-known
authentication protocols.Comment: This article is accepted for the publication in "Sensors" journal. 29
pages, 15 figure
Intrusion-aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks
Existing anomaly and intrusion detection schemes of wireless sensor networks
have mainly focused on the detection of intrusions. Once the intrusion is
detected, an alerts or claims will be generated. However, any unidentified
malicious nodes in the network could send faulty anomaly and intrusion claims
about the legitimate nodes to the other nodes. Verifying the validity of such
claims is a critical and challenging issue that is not considered in the
existing cooperative-based distributed anomaly and intrusion detection schemes
of wireless sensor networks. In this paper, we propose a validation algorithm
that addresses this problem. This algorithm utilizes the concept of
intrusion-aware reliability that helps to provide adequate reliability at a
modest communication cost. In this paper, we also provide a security resiliency
analysis of the proposed intrusion-aware alert validation algorithm.Comment: 19 pages, 7 figure
KALwEN: a new practical and interoperable key management scheme for body sensor networks
Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike
Cross-Layer Adaptive Feedback Scheduling of Wireless Control Systems
There is a trend towards using wireless technologies in networked control
systems. However, the adverse properties of the radio channels make it
difficult to design and implement control systems in wireless environments. To
attack the uncertainty in available communication resources in wireless control
systems closed over WLAN, a cross-layer adaptive feedback scheduling (CLAFS)
scheme is developed, which takes advantage of the co-design of control and
wireless communications. By exploiting cross-layer design, CLAFS adjusts the
sampling periods of control systems at the application layer based on
information about deadline miss ratio and transmission rate from the physical
layer. Within the framework of feedback scheduling, the control performance is
maximized through controlling the deadline miss ratio. Key design parameters of
the feedback scheduler are adapted to dynamic changes in the channel condition.
An event-driven invocation mechanism for the feedback scheduler is also
developed. Simulation results show that the proposed approach is efficient in
dealing with channel capacity variations and noise interference, thus providing
an enabling technology for control over WLAN.Comment: 17 pages, 12 figures; Open Access at
http://www.mdpi.org/sensors/papers/s8074265.pd
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
KALwEN: A New Practical and Interoperable Key Management Scheme for Body Sensor Networks
Key management is the pillar of a security architecture. Body sensor networks(BSNs) pose several challenges -- some inherited from wireless sensor networks(WSNs), some unique to themselves -- that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new lightweight scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports global broadcast, local broadcast and neighbor-to-neighbor unicast, while preserving past key secrecry and future key secrecy. The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case
- …