Trust-based Selfish Node Detection Mechanism using Beta Distribution in Wireless Sensor Network

Wireless sensor networks (WSNs) are placed in open environments for the collection of data and are vulnerable to external and internal attacks. The cryptographic mechanisms implemented so far, such as authorization and authentication, are used to restrict external sensor node attacks but cannot prevent internal node attacks. In order to evade internal attacks trust mechanisms are used. In trust mechanisms, firstly, the sensor nodes are monitored using the popular Watchdog mechanism. However, traditional trust models do not pay much attention to selective forwarding and consecutive packet dropping. Sometimes, sensitive data are dropped by internal attackers. This problem is addressed in our proposed model by detecting selective forwarding and consecutive failure of sending packets using the Beta probability density function model

A Trust Model for Fault Detection in Hierarchical WSN

Wireless sensor networks are prone to failures and malicious attacks. A compromised node itself could report inaccurate or even forged data. So trust management is becoming a new driving force to solve challenges to WSN. In this paper, we propose a comprehensive trust model for hierarchical WSN. In this model, each node maintains a trust value according to its experience trust and social trust. Unlike previous efforts, our current design focuses on not only the node itself but also its relation with its neighbors. Results indicate the great advantage of our model to handle fault and abnormality

Toward A Mobile Agent Relay Network

Although wireless communication provides connectivity where hardwired links are difficult or impractical, it is still hindered by the environmental conditions where the communicators reside. Signal loss over large distances or because of intervening obstacles can be mitigated by increasing the user\u27s transmission power or adding repeater nodes between the users. Unfortunately, increasing the signal strength strains limited power resources and increases the likelihood of eavesdropping. Stationary repeaters are impractical for highly mobile users in dangerous environments. While mobile relay nodes might be a preferred solution, a centralized control scheme saps bandwidth from important traffic and introduces a single point of failure at the control station. An alternative solution is to create a Mobile Agent Relay Network (MARN). Each autonomous node in the MARN decides where to move to maintain the network connectivity using only locally-available information from onboard sensors and communication with in-range neighbor nodes. This is achieved by borrowing concepts from flocking behaviors that motivates our agents to maintain equal distance between its neighboring nodes. In addition, each agent maintains a filtered list of previously visited locations that provided best connection. This thesis takes the first steps toward realizing a MARN by providing mobile relay agents. Each model-based reflex agent is guided by a modified flocking behavior which considers only trustworthy neighbors and uses a Bayesian model to aggregate observations and shared reputation. The relay agents are able to build a network and maintain connectivity for their users. In this work, MARN agent algorithms are evaluated in a simulated unobstructed environment with stationary users. The system behavior is explored under both benign conditions and with varying numbers of misbehaving nodes

How the Role-Based Trust Management Can Be Applied to Wireless Sensor Networks, Journal of Telecommunications and Information Technology, 2012, nr 4

Trust plays an important role in human life environments. That is why the researchers has been focusing on it for a long time. It allows us to delegate tasks and decisions to an appropriate person. In social sciences trust between humans was studied, but it also was analyzed in economic transactions. A lot of computer scientists from different areas, like security, semantic web, electronic commerce, social networks tried to transfer this concept to their domains. Trust is an essential factor in any kind of network, whether social or computer. Wireless sensor networks (WSN) are characterized by severely constrained resources, they have limited power supplies, low transmission bandwidth, small memory sizes and limited energy, therefore security techniques used in traditional wired networks cannot be adopted directly. Some effort has been expended in this fields, but the concept of trust is defined in slightly different ways by different researchers. In this paper we will show how the family of Role-based Trust management languages (RT) can be used in WSN. RT is used for representing security policies and credentials in decentralized, distributed access control systems. A credential provides information about the privileges of users and the security policies issued by one or more trusted authorities

Trust Modeling in Wireless Sensor Networks: State of the Art

Wireless sensor networks (WSNs) is the backbone of the new generation of internet of things (IoT). WSNs are growing rapidly and security threats are increasingly growing as well. Trust computing plays a crucial role in WSN security modeling. In WSN node trust is important to keep the network safe and operational. This paper presents the state-of-theart techniques in WSN Trust modeling. Comparison and analysis of most recent solutions were conducted. Direction and trends of current and future research approaches are also presented

A Lightweight Attribute-Based Access Control System for IoT.

The evolution of the Internet of things (IoT) has made a significant impact on our daily and professional life. Home and office automation are now even easier with the implementation of IoT. Multiple sensors are connected to monitor the production line, or to control an unmanned environment is now a reality. Sensors are now smart enough to sense an environment and also communicate over the Internet. That is why, implementing an IoT system within the production line, hospitals, office space, or at home could be beneficial as a human can interact over the Internet at any time to know the environment. 61% of International Data Corporation (IDC) surveyed organizations are actively pursuing IoT initiatives, and 6.8% of the average IT budgets is also being allocated to IoT initiatives. However, the security risks are still unknown, and 34% of respondents pointed out that data safety is their primary concern [1]. IoT sensors are being open to the users with portable/mobile devices. These mobile devices have enough computational power and make it di cult to track down who is using the data or resources. That is why this research focuses on proposing a dynamic access control system for portable devices in IoT environment. The proposed architecture evaluates user context information from mobile devices and calculates trust value by matching with de ned policies to mitigate IoT risks. The cloud application acts as a trust module or gatekeeper that provides the authorization access to READ, WRITE, and control the IoT sensor. The goal of this thesis is to offer an access control system that is dynamic, flexible, and lightweight. This proposed access control architecture can secure IoT sensors as well as protect sensor data. A prototype of the working model of the cloud, mobile application, and sensors is developed to prove the concept and evaluated against automated generated web requests to measure the response time and performance overhead. The results show that the proposed system requires less interaction time than the state-of-the-art methods

Trusted community : a novel multiagent organisation for open distributed systems

[no abstract

Sécurité collaborative pour l internet des objets

Cette thèse aborde des nouveaux défis de sécurité dans l'Internet des Objets (IdO). La transition actuelle de l'Internet classique vers l'Internet des Objets conduit à de nombreux changements dans les modèles de communications sous-jacents. La nature hétérogène des communications de l IdO et le déséquilibre entre les capacités des entités communicantes qui le constituent rendent difficile l'établissement de connexions sécurisées de bout en bout. Contrairement aux nœuds de l Internet traditionnel, la plupart des composants de l'Internet des Objets sont en effet caractérisés par de faibles capacités en termes d'énergie et de puissance calcul. Par conséquent, ils ne sont pas en mesure de supporter des systèmes de sécurité complexes. En particulier, la mise en place d'un canal de communication sécurisé de bout en bout nécessite l établissement d'une clé secrète commune entre les deux nœuds souhaitant communiquer, qui sera négociée en s'appuyant sur un protocole d'échange de clés tels que le Transport Layer Security (TLS) Handshake ou l Internet Key Exchange (IKE). Or, une utilisation directe de ces protocoles pour établir des connexions sécurisées entre deux entités de l IdO peut être difficile en raison de l'écart technologique entre celles-ci et des incohérences qui en résultent sur le plan des primitives cryptographiques supportées. Le sujet de l'adaptation des protocoles de sécurité existants pour répondre à ces nouveaux défis a récemment été soulevé dans la communauté scientifique. Cependant, les premières solutions proposées n'ont pas réussi à répondre aux besoins des nœuds à ressources limitées. Dans cette thèse, nous proposons de nouvelles approches collaboratives pour l'établissement de clés, dans le but de réduire les exigences des protocoles de sécurité existants, afin que ceux-ci puissent être mis en œuvre par des nœuds à ressources limitées. Nous avons particulièrement retenu les protocoles TLS Handshake, IKE et HIP BEX comme les meilleurs candidats correspondant aux exigences de sécurité de bout en bout pour l'IdO. Puis nous les avons modifiés de sorte que le nœud contraint en énergie puisse déléguer les opérations cryptographiques couteuses à un ensemble de nœuds au voisinage, tirant ainsi avantage de l'hétérogénéité spatiale qui caractérise l IdO. Nous avons entrepris des vérifications formelles de sécurité et des analyses de performance qui prouvent la sureté et l'efficacité énergétique des protocoles collaboratifs proposés. Dans une deuxième partie, nous avons porté notre attention sur une classe d attaques internes que la collaboration entre les nœuds peut induire et que les mécanismes cryptographiques classiques, tels que la signature et le chiffrement, s'avèrent impuissants à contrer. Cela nous a amené à introduire la notion de confiance au sein d'un groupe collaboratif. Le niveau de fiabilité d'un nœud est évalué par un mécanisme de sécurité dédié, connu sous le nom de système de gestion de confiance. Ce système est lui aussi instancié sur une base collaborative, dans laquelle plusieurs nœuds partagent leurs témoignages respectifs au sujet de la fiabilité des autres nœuds. En nous appuyant sur une analyse approfondie des systèmes de gestion de confiance existants et des contraintes de l IoD, nous avons conçu un système de gestion de confiance efficace pour nos protocoles collaboratifs. Cette efficacité a été évaluée en tenant compte de la façon dont le système de gestion de la confiance répond aux exigences spécifiques à nos approches proposées pour l'établissement de clés dans le contexte de l'IdO. Les résultats des analyses de performance que nous avons menées démontrent le bon fonctionnement du système proposé et une efficacité accrue par rapport à la littératureThis thesis addresses new security challenges in the Internet of Things (IoT). The current transition from legacy Internet to Internet of Things leads to multiple changes in its communication paradigms. Wireless sensor networks (WSNs) initiated this transition by introducing unattended wireless topologies, mostly made of resource constrained nodes, in which radio spectrum therefore ceased to be the only resource worthy of optimization. Today's Machine to Machine (M2M) and Internet of Things architectures further accentuated this trend, not only by involving wider architectures but also by adding heterogeneity, resource capabilities inconstancy and autonomy to once uniform and deterministic systems. The heterogeneous nature of IoT communications and imbalance in resources capabilities between IoT entities make it challenging to provide the required end-to-end secured connections. Unlike Internet servers, most of IoT components are characterized by low capabilities in terms of both energy and computing resources, and thus, are unable to support complex security schemes. The setup of a secure end-to-end communication channel requires the establishment of a common secret key between both peers, which would be negotiated relying on standard security key exchange protocols such as Transport Layer Security (TLS) Handshake or Internet Key Exchange (IKE). Nevertheless, a direct use of existing key establishment protocols to initiate connections between two IoT entities may be impractical because of the technological gap between them and the resulting inconsistencies in their cryptographic primitives. The issue of adapting existing security protocols to fulfil these new challenges has recently been raised in the international research community but the first proposed solutions failed to satisfy the needs of resource-constrained nodes. In this thesis, we propose novel collaborative approaches for key establishment designed to reduce the requirements of existing security protocols, in order to be supported by resource-constrained devices. We particularly retained TLS handshake, Internet key Exchange and HIP BEX protocols as the best keying candidates fitting the end-to-end security requirements of the IoT. Then we redesigned them so that the constrained peer may delegate its heavy cryptographic load to less constrained nodes in neighbourhood exploiting the spatial heterogeneity of IoT nodes. Formal security verifications and performance analyses were also conducted to ensure the security effectiveness and energy efficiency of our collaborative protocols. However, allowing collaboration between nodes may open the way to a new class of threats, known as internal attacks that conventional cryptographic mechanisms fail to deal with. This introduces the concept of trustworthiness within a collaborative group. The trustworthiness level of a node has to be assessed by a dedicated security mechanism known as a trust management system. This system aims to track nodes behaviours to detect untrustworthy elements and select reliable ones for collaborative services assistance. In turn, a trust management system is instantiated on a collaborative basis, wherein multiple nodes share their evidences about one another's trustworthiness. Based on an extensive analysis of prior trust management systems, we have identified a set of best practices that provided us guidance to design an effective trust management system for our collaborative keying protocols. This effectiveness was assessed by considering how the trust management system could fulfil specific requirements of our proposed approaches for key establishment in the context of the IoT. Performance analysis results show the proper functioning and effectiveness of the proposed system as compared with its counterparts that exist in the literatureEVRY-INT (912282302) / SudocSudocFranceF

Journal of Telecommunications and Information Technology, 2012, nr 4

kwartalni