Key Pre-distribution and Key Revocation in Wireless Sensor Networks

Sensor networks are composed of resource constrained tiny sensor devices. They have less computational power and memory. Communication in sensor network is done in multi-hop, and for secure communication, neighboring sensor nodes must possess a secret common key among them. Symmetric and public key cryptography require more processing and memory space. Hence, they are not suitable for sensor network. Key pre-distribution is a widely accepted mechanism for key distribution in sensor network. In this thesis we proposed a deterministic key pre-distribution scheme using BCH codes. We mapped the BCH code to key identifier and the keys corresponding to each key identifier are installed into the sensor nodes before deployment. We compared our proposed scheme with existing one and found that it has a better resiliency. Our proposed scheme is scalable and requires the same or less number of keys for a given number of nodes than the existing well known schemes. We have also proposed an efficient key revocation technique using a novel distributed voting mechanism in which neighboring nodes of a sensor can vote against it if they suspect the node to be a compromised one. In the proposed key revocation scheme compromised nodes as well as the compromised keys are completely removed from the network

Active security mechanisms for wireless sensor networks and energy optimization for passive security routing

Wireless sensor networks consisting of numerous tiny low power autonomous sensor nodes provide us with the remarkable ability to remotely view and interact with the previously unobservable physical world. However, incorporating computation intensive security measures in sensor networks with limited resources is a challenging research issue. The objective of our thesis is to explore different security aspects of sensor networks and provide novel solutions for significant problems. We classify security mechanisms into two categories - active category and passive category. The problem of providing a secure communication infrastructure among randomly deployed sensor nodes requires active security measurements. Key pre-distribution is a well-known technique in this class. We propose a novel 2-Phase technique for key pre-distribution based on a combination of inherited and random key assignments from the given key pool to individual sensor nodes. We develop an analytical framework for measuring security-performance tradeoffs of different key distribution schemes. Using rigorous mathematical analysis and detailed simulation, we show that the proposed scheme outperforms the existing solution in every performance aspect. Secure data aggregation in wireless sensor networks is another challenging problem requiring active measures. We address the problem of stealthy attack where a compromised node sends wrong/fictitious data as a reply to a query. We propose a novel probabilistic accuracy model which enables an aggregator to compute accuracy of each sensor reading by exploiting spatial correlation among data values. We also propose some novel, energy efficient statistical methods to enable a user accept the correct value with a high probability. Increasing network lifetime is a passive security mechanism which enables many security mechanisms to work more efficiently. We define length-energy-constrained optimality criteria for energy-optimized routes that impose uniform energy distribution across the network, thus preventing expedited network partition. We propose three different distributed, nearly-stateless and energy efficient routing protocols that dynamically find optimal routes and balance energy consumption across the network. We show that global energy information acquired through this process utilized in conjunction with energy depletion control in the sensornet ensures a significant improvement in terms of network lifetime

A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

Secure and Privacy-Preserving Data Aggregation Protocols for Wireless Sensor Networks

This chapter discusses the need of security and privacy protection mechanisms in aggregation protocols used in wireless sensor networks (WSN). It presents a comprehensive state of the art discussion on the various privacy protection mechanisms used in WSNs and particularly focuses on the CPDA protocols proposed by He et al. (INFOCOM 2007). It identifies a security vulnerability in the CPDA protocol and proposes a mechanism to plug that vulnerability. To demonstrate the need of security in aggregation process, the chapter further presents various threats in WSN aggregation mechanisms. A large number of existing protocols for secure aggregation in WSN are discussed briefly and a protocol is proposed for secure aggregation which can detect false data injected by malicious nodes in a WSN. The performance of the protocol is also presented. The chapter concludes while highlighting some future directions of research in secure data aggregation in WSNs.Comment: 32 pages, 7 figures, 3 table

Secure Clustering in DSN with Key Predistribution and WCDS

This paper proposes an efficient approach of secure clustering in distributed sensor networks. The clusters or groups in the network are formed based on offline rank assignment and predistribution of secret keys. Our approach uses the concept of weakly connected dominating set (WCDS) to reduce the number of cluster-heads in the network. The formation of clusters in the network is secured as the secret keys are distributed and used in an efficient way to resist the inclusion of any hostile entity in the clusters. Along with the description of our approach, we present an analysis and comparison of our approach with other schemes. We also mention the limitations of our approach considering the practical implementation of the sensor networks.Comment: 6 page