Key management for wireless sensor network security

Wireless Sensor Networks (WSNs) have attracted great attention not only in industry but also in academia due to their enormous application potential and unique security challenges. A typical sensor network can be seen as a combination of a number of low-cost sensor nodes which have very limited computation and communication capability, memory space, and energy supply. The nodes are self-organized into a network to sense or monitor surrounding information in an unattended environment, while the self-organization property makes the networks vulnerable to various attacks.Many cryptographic mechanisms that solve network security problems rely directly on secure and efficient key management making key management a fundamental research topic in the field of WSNs security. Although key management for WSNs has been studied over the last years, the majority of the literature has focused on some assumed vulnerabilities along with corresponding countermeasures. Specific application, which is an important factor in determining the feasibility of the scheme, has been overlooked to a large extent in the existing literature.This thesis is an effort to develop a key management framework and specific schemes for WSNs by which different types of keys can be established and also can be distributed in a self-healing manner; explicit/ implicit authentication can be integrated according to the security requirements of expected applications. The proposed solutions would provide reliable and robust security infrastructure for facilitating secure communications in WSNs.There are five main parts in the thesis. In Part I, we begin with an introduction to the research background, problems definition and overview of existing solutions. From Part II to Part IV, we propose specific solutions, including purely Symmetric Key Cryptography based solutions, purely Public Key Cryptography based solutions, and a hybrid solution. While there is always a trade-off between security and performance, analysis and experimental results prove that each proposed solution can achieve the expected security aims with acceptable overheads for some specific applications. Finally, we recapitulate the main contribution of our work and identify future research directions in Part V

Cloned Access Point Detection and Point Detection and Prevention Mechanism in IEEE 802.11 Wireless Mesh Networks

IEEE 802.11 Wireless Mesh Network (WMN) is an emerging low cost, decentralized community-based broadband technology, which is based on self-healing and multi-hop deployment of Access Points (APs), so that to increase the coverage area with maximum freedom to end-users to join or leave the network from anywhere anytime having low deployment and maintenance cost. Such kind of decentralized structure and multihop architecture increases its security vulnerabilities especially against the APs. One of such possible security attack is the placement of cloned AP to create serious performance degradation in IEEE 802.11 WMN. In this paper, we discuss the different security vulnerabilities of AP in IEEE 802.11 WMN along with possible research directions. We also propose a mutual cooperation mechanism between the multi-hop APs and serving gateway so that to detect and prevent the possibility of cloned AP. In this way the large scale exploitation of IEEE 802.11 WMN can be eliminated

An efficient self-healing key distribution scheme

Self-healing key distribution schemes enable a group user to recover session keys from two broadcast messages he received before and after those sessions, even if the broadcast messages for the middle sessions are lost due to network failure. These schemes are quite suitable in supporting secure communication over unreliable networks such as sensor networks and ad hoc networks. An efficient self-healing key distribution scheme is proposed in this paper. The scheme bases on the concept of access polynomial and self-healing key distribution model constructed by Hong et al. The new scheme reduces communication and computation overheads greatly yet still keeps the constant storageoverhead

PAWN: a payload-based mutual authentication scheme for wireless sensor networks

Copyright © 2016 John Wiley & Sons, Ltd. Wireless sensor networks (WSNs) consist of resource-starving miniature sensor nodes deployed in a remote and hostile environment. These networks operate on small batteries for days, months, and even years depending on the requirements of monitored applications. The battery-powered operation and inaccessible human terrains make it practically infeasible to recharge the nodes unless some energy-scavenging techniques are used. These networks experience threats at various layers and, as such, are vulnerable to a wide range of attacks. The resource-constrained nature of sensor nodes, inaccessible human terrains, and error-prone communication links make it obligatory to design lightweight but robust and secured schemes for these networks. In view of these limitations, we aim to design an extremely lightweight payload-based mutual authentication scheme for a cluster-based hierarchical WSN. The proposed scheme, also known as payload-based mutual authentication for WSNs, operates in 2 steps. First, an optimal percentage of cluster heads is elected, authenticated, and allowed to communicate with neighboring nodes. Second, each cluster head, in a role of server, authenticates the nearby nodes for cluster formation. We validate our proposed scheme using various simulation metrics that outperform the existing schemes

Efficient threshold self-healing key distribution with sponsorization for infrastructureless wireless networks

Self-healing key distribution schemes are particularly useful when there is no network infrastructure or such infrastructure has been destroyed. A self-healing mechanism can allow group users to recover lost session keys and is therefore quite suitable for establishing group keys over an unreliable network, especially for infrastructureless wireless networks, where broadcast messages loss may occur frequently. An efficient threshold self-healing key distribution scheme with favorable properties is proposed in this paper. The distance between two broadcasts used to recover the lost one is alterable according to network conditions. This alterable property can be used to shorten the length of the broadcast messages. The second property is that any more than threshold-value users can sponsor a new user to join the group for the subsequent sessions without any interaction with the group manager. Furthermore, the storage overhead of the self-healing key distribution at each group user is a polynomial over a finite field, which will not increase with the number of sessions. In addition, if a smaller group of users up to a threshold-value were revoked, the personal keys for non-revoked users can be reused

An Adaptive Security Protocol for a Wireless Sensor‐based Monitoring Network in Smart Grid Transmission Lines

In this paper, we propose a new security protocol for a wireless sensor network, which is designed for monitoring long range power transmission lines in smart grid. Part of the monitoring network is composed of optical fiber composite over head ground wire (OPGW), thus it can be secured with conventional security protocol. However, the wireless sensor network between two neighboring OPGW gateways remains vulnerable. Our proposed security protocol focuses on the wireless sensor network part, it provides mutual authentication, data integrity, and data confidentiality for both uplink and downlink transmissions between the sensor nodes and the OPGW gateway. Besides, our proposed protocol is adaptive to the dynamic node changes of the monitoring sensor network; for example, new sensors are added to the network, or some of the sensors are malfunctioning. We further propose a self‐healing process using an “i‐neighboring nodes” public key structure and an asymmetric algorithm. We also conduct energy consumption analysis for both general and extreme conditions to show that our security protocol improves the availability of the monitoring sensor network