Active security mechanisms for wireless sensor networks and energy optimization for passive security routing

Wireless sensor networks consisting of numerous tiny low power autonomous sensor nodes provide us with the remarkable ability to remotely view and interact with the previously unobservable physical world. However, incorporating computation intensive security measures in sensor networks with limited resources is a challenging research issue. The objective of our thesis is to explore different security aspects of sensor networks and provide novel solutions for significant problems. We classify security mechanisms into two categories - active category and passive category. The problem of providing a secure communication infrastructure among randomly deployed sensor nodes requires active security measurements. Key pre-distribution is a well-known technique in this class. We propose a novel 2-Phase technique for key pre-distribution based on a combination of inherited and random key assignments from the given key pool to individual sensor nodes. We develop an analytical framework for measuring security-performance tradeoffs of different key distribution schemes. Using rigorous mathematical analysis and detailed simulation, we show that the proposed scheme outperforms the existing solution in every performance aspect. Secure data aggregation in wireless sensor networks is another challenging problem requiring active measures. We address the problem of stealthy attack where a compromised node sends wrong/fictitious data as a reply to a query. We propose a novel probabilistic accuracy model which enables an aggregator to compute accuracy of each sensor reading by exploiting spatial correlation among data values. We also propose some novel, energy efficient statistical methods to enable a user accept the correct value with a high probability. Increasing network lifetime is a passive security mechanism which enables many security mechanisms to work more efficiently. We define length-energy-constrained optimality criteria for energy-optimized routes that impose uniform energy distribution across the network, thus preventing expedited network partition. We propose three different distributed, nearly-stateless and energy efficient routing protocols that dynamically find optimal routes and balance energy consumption across the network. We show that global energy information acquired through this process utilized in conjunction with energy depletion control in the sensornet ensures a significant improvement in terms of network lifetime

Using combined keying materials for key distribution in wireless sensor networks

In this paper, we propose a probabilistic key predistribution scheme for wireless sensor networks that increases connectivity of the basic scheme while keeping sizes of keyring and key pool fixed. We introduce the concept of XORed key, which is the bitwise XOR of two regular (a.k.a. single) keys. Sensor nodes are preloaded with a mixture of single and XORed keys. Nodes establish secure links by using shared XORed keys whenever possible. If node pairs do not have any shared XORed or single keys, they transfer keys from their secure neighbors in a couple of ways, and use them to match with their XORed keys. In this way, the probability of securing links, i.e. local connectivity, increases. The decision of which key is to be transferred from which node is given based on local information at the hand of the nodes. We aim to control the resilience of the network against node capture attacks by using XORed keys since an attacker has to know either both single key operands or the XORed key itself. Simulations show that our scheme is up to 50% more connected as compared to basic scheme. Also it has better resilience performance at the beginning of a node capture attack. When it starts to deteriorate, the difference between the resilience of our proposed scheme and basic scheme is not greater than 5%

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio