12,835 research outputs found
Adaptive secure network model for dynamic wireless mesh network
University of Technology Sydney. Faculty of Engineering and Information Technology.We as an advanced civilization rely on communication networks for a lot of important tasks. They are used to share information between vital systems, provide us with our pin-point location, access various digital resources and to stay connected with each other. Due to its necessity and enormity, maintaining and securing such a communication medium is an important task. As most communication networks rely on centralized systems, they are bound by the control of a central entity and are unable to keep up with the current growth of the network and advancements in electronic devices. The next step in an inter-connected world requires a decentralized distributed system that can also provide high levels of security. One possible solution is a dynamic distributed wireless mesh network as it provides all the features of a traditional network along with the flexibility of wireless communication and an infrastructure less distributed setup. The network can be created by connecting mobile or stationary devices together using wireless communication devices (such as smartphones, laptops, hot-spots, etc). As the network is created by multiple devices, it would not break-down if some of the devices were disabled. On the contrary, as the network uses hopping for message transmission using dynamic routes, it can self-heal by creating alternate routes if a device was to fail. As the workings and features of a dynamic mesh network differ from the traditional network, it also requires a modified security framework that can provide high levels of security whilst taking benefit of the dynamic mesh network’s unique features.
This thesis investigates the problems and limitations linked to secure dynamic wireless mesh networks and how they can be improved upon. In addition to the routing protocols used and how they can be improved upon, the thesis also elaborates on the various security concerns with such networks. As distributed networks aren’t dependent on a central entity, enabling various security features such as authentication are a major challenge. In addition to the decentralized nature of the networks, a single security scheme would not be able to cover the various types of requirements a given scenario in the network might have. Along with authentication, providing end-to-end encryption is also an important component towards ensuring the data travelling through the network is secure and not tampered with. Encryption is also essential in a dynamic wireless mesh network as the data transmitted travels through multiple devices on the network before reaching the destination node and can be easily compromised if not secured. With such an importance of encryption, the network also requires a key management and distribution framework. As traditional network uses a centralized system for maintaining and distributing cryptographic keys in the network, it is a big challenge to implement the same in a distributed network with minimal dependence on a central entity. The key exchange must consider the nature of the network and accordingly incorporate improvements to be able to function in a distributed network. This thesis explores the above areas to propose a new network model for a secure dynamic wireless mesh network including a new routing scheme and a security framework comprising a hybrid encryption scheme, a hybrid authentication scheme and an improved key exchange and management scheme. This thesis demonstrates that our solutions not only strengthen and secure the dynamic wireless mesh networks but also significantly improve the performance and efficiency as compared to existing approaches
An Authentication Protocol for Future Sensor Networks
Authentication is one of the essential security services in Wireless Sensor
Networks (WSNs) for ensuring secure data sessions. Sensor node authentication
ensures the confidentiality and validity of data collected by the sensor node,
whereas user authentication guarantees that only legitimate users can access
the sensor data. In a mobile WSN, sensor and user nodes move across the network
and exchange data with multiple nodes, thus experiencing the authentication
process multiple times. The integration of WSNs with Internet of Things (IoT)
brings forth a new kind of WSN architecture along with stricter security
requirements; for instance, a sensor node or a user node may need to establish
multiple concurrent secure data sessions. With concurrent data sessions, the
frequency of the re-authentication process increases in proportion to the
number of concurrent connections, which makes the security issue even more
challenging. The currently available authentication protocols were designed for
the autonomous WSN and do not account for the above requirements. In this
paper, we present a novel, lightweight and efficient key exchange and
authentication protocol suite called the Secure Mobile Sensor Network (SMSN)
Authentication Protocol. In the SMSN a mobile node goes through an initial
authentication procedure and receives a re-authentication ticket from the base
station. Later a mobile node can use this re-authentication ticket when
establishing multiple data exchange sessions and/or when moving across the
network. This scheme reduces the communication and computational complexity of
the authentication process. We proved the strength of our protocol with
rigorous security analysis and simulated the SMSN and previously proposed
schemes in an automated protocol verifier tool. Finally, we compared the
computational complexity and communication cost against well-known
authentication protocols.Comment: This article is accepted for the publication in "Sensors" journal. 29
pages, 15 figure
The Meeting of Acquaintances: A Cost-efficient Authentication Scheme for Light-weight Objects with Transient Trust Level and Plurality Approach
Wireless sensor networks consist of a large number of distributed sensor
nodes so that potential risks are becoming more and more unpredictable. The new
entrants pose the potential risks when they move into the secure zone. To build
a door wall that provides safe and secured for the system, many recent research
works applied the initial authentication process. However, the majority of the
previous articles only focused on the Central Authority (CA) since this leads
to an increase in the computation cost and energy consumption for the specific
cases on the Internet of Things (IoT). Hence, in this article, we will lessen
the importance of these third parties through proposing an enhanced
authentication mechanism that includes key management and evaluation based on
the past interactions to assist the objects joining a secured area without any
nearby CA. We refer to a mobility dataset from CRAWDAD collected at the
University Politehnica of Bucharest and rebuild into a new random dataset
larger than the old one. The new one is an input for a simulated authenticating
algorithm to observe the communication cost and resource usage of devices. Our
proposal helps the authenticating flexible, being strict with unknown devices
into the secured zone. The threshold of maximum friends can modify based on the
optimization of the symmetric-key algorithm to diminish communication costs
(our experimental results compare to previous schemes less than 2000 bits) and
raise flexibility in resource-constrained environments.Comment: 27 page
Spectrum sharing security and attacks in CRNs: a review
Cognitive Radio plays a major part in communication technology by resolving the shortage of the spectrum through usage of dynamic spectrum access and artificial intelligence characteristics. The element of spectrum sharing in cognitive radio is a fundament al approach in utilising free channels. Cooperatively communicating cognitive radio devices use the common control channel of the cognitive radio medium access control to achieve spectrum sharing. Thus, the common control channel and consequently spectrum sharing security are vital to ensuring security in the subsequent data communication among cognitive radio nodes. In addition to well known security problems in wireless networks, cognitive radio networks introduce new classes of security threats and challenges, such as licensed user emulation attacks in spectrum sensing and misbehaviours in the common control channel transactions, which degrade the overall network operation and performance. This review paper briefly presents the known threats and attacks in wireless networks before it looks into the concept of cognitive radio and its main functionality. The paper then mainly focuses on spectrum sharing security and its related challenges. Since spectrum sharing is enabled through usage of
the common control channel, more attention is paid to the
security of the common control channel by looking into its
security threats as well as protection and detection mechanisms. Finally, the pros and cons as well as the comparisons of different CR - specific security mechanisms are presented with some open research issues and challenges
BAN-GZKP: Optimal Zero Knowledge Proof based Scheme for Wireless Body Area Networks
BANZKP is the best to date Zero Knowledge Proof (ZKP) based secure
lightweight and energy efficient authentication scheme designed for Wireless
Area Network (WBAN). It is vulnerable to several security attacks such as the
replay attack, Distributed Denial-of-Service (DDoS) attacks at sink and
redundancy information crack. However, BANZKP needs an end-to-end
authentication which is not compliant with the human body postural mobility. We
propose a new scheme BAN-GZKP. Our scheme improves both the security and
postural mobility resilience of BANZKP. Moreover, BAN-GZKP uses only a
three-phase authentication which is optimal in the class of ZKP protocols. To
fix the security vulnerabilities of BANZKP, BAN-GZKP uses a novel random key
allocation and a Hop-by-Hop authentication definition. We further prove the
reliability of our scheme to various attacks including those to which BANZKP is
vulnerable. Furthermore, via extensive simulations we prove that our scheme,
BAN-GZKP, outperforms BANZKP in terms of reliability to human body postural
mobility for various network parameters (end-to-end delay, number of packets
exchanged in the network, number of transmissions). We compared both schemes
using representative convergecast strategies with various transmission rates
and human postural mobility. Finally, it is important to mention that BAN-GZKP
has no additional cost compared to BANZKP in terms memory, computational
complexity or energy consumption
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
- …