Efficient key management in wireless sensor network security

Wireless sensor network is a multi-hop ad hoc network formed by a large number of low-cost micro-sensor nodes which communicate through radio channels. It is widely used in many areas in modern society and attracts a lot of attention from researchers. This research is on wireless sensor network security and it focuses on key management in hierarchical wireless sensor networks. Through literature review, the drawback and weakness of existing key management schemes are analyzed from various aspects including key establishment, key distribution, key update, authentication and node operation mechanism. Assessment criteria for key management scheme are proposed under different requirements and constraints of wireless sensor networks. The security criteria cover keying model, key distribution, key update, node operation and resilience. For cluster based hierarchical wireless sensor networks, an assistant node is introduced in a cluster to deal with the situation of cluster head compromise and to keep the member nodes securely staying in the network. With introduction of assistant nodes, a complete secure efficient hierarchical key management scheme (SEHKM) for wireless sensor network is proposed. The scheme supports three types of keys and the big improvement over existing key management schemes is on group key update, which is based on pseudo-random numbers and group Diffie-Hellman. The analysis and evaluation have shown that that SEHKM offers strong security with efficient operation from energy consumption point of view

Efficient Anonymous Authenticated Key Agreement Scheme for Wireless Body Area Networks

Wireless body area networks (WBANs) are widely used in telemedicine, which can be utilized for real-time patients monitoring and home health-care. The sensor nodes in WBANs collect the client’s physiological data and transmit it to the medical center. However, the clients’ personal information is sensitive and there are many security threats in the extra-body communication. Therefore, the security and privacy of client’s physiological data need to be ensured. Many authentication protocols for WBANs have been proposed in recent years. However, the existing protocols fail to consider the key update phase. In this paper, we propose an efficient authenticated key agreement scheme for WBANs and add the key update phase to enhance the security of the proposed scheme. In addition, session keys are generated during the registration phase and kept secretly, thus reducing computation cost in the authentication phase. The performance analysis demonstrates that our scheme is more efficient than the currently popular related schemes

A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

Secure Routing in Wireless Mesh Networks

Wireless mesh networks (WMNs) have emerged as a promising concept to meet the challenges in next-generation networks such as providing flexible, adaptive, and reconfigurable architecture while offering cost-effective solutions to the service providers. Unlike traditional Wi-Fi networks, with each access point (AP) connected to the wired network, in WMNs only a subset of the APs are required to be connected to the wired network. The APs that are connected to the wired network are called the Internet gateways (IGWs), while the APs that do not have wired connections are called the mesh routers (MRs). The MRs are connected to the IGWs using multi-hop communication. The IGWs provide access to conventional clients and interconnect ad hoc, sensor, cellular, and other networks to the Internet. However, most of the existing routing protocols for WMNs are extensions of protocols originally designed for mobile ad hoc networks (MANETs) and thus they perform sub-optimally. Moreover, most routing protocols for WMNs are designed without security issues in mind, where the nodes are all assumed to be honest. In practical deployment scenarios, this assumption does not hold. This chapter provides a comprehensive overview of security issues in WMNs and then particularly focuses on secure routing in these networks. First, it identifies security vulnerabilities in the medium access control (MAC) and the network layers. Various possibilities of compromising data confidentiality, data integrity, replay attacks and offline cryptanalysis are also discussed. Then various types of attacks in the MAC and the network layers are discussed. After enumerating the various types of attacks on the MAC and the network layer, the chapter briefly discusses on some of the preventive mechanisms for these attacks.Comment: 44 pages, 17 figures, 5 table

A secure over-the-air programming scheme in wireless sensor networks

Over-The-Air dissemination of code updates in Wireless Sensor Networks (WSNs) have been researchers’ point of interest in past a few years and more importantly security challenges toward remote propagation of code update have taken the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strengthen with having their concentration on constraint nature of WSN nodes. For authentication purposes most of them have used Merkle-Hash-Tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be in a standard level and therefore they have not investigated the tree structure for mission-critical situations in which security has to be in maximum possible extent (e.g. military zones). Two major problems have been identified in Merkle Tree structure which is used in Seluge scheme, including: 1) an exponential growth in number of overhead packets when block size of hash algorithm used in design is increased. 2) Limitation of using hash algorithms with larger block size of 11 bytes when payload size is set to 72 bytes. Then several existing security models are investigated for possible vulnerabilities and a set of countermeasures correspondingly named Security Model Requirements (SMR) is provided. After concentrating on Seluge’s design, a new secure Over-The-Air Programming (OTAP) scheme named Seluge++ is proposed that complies with SMR and replaces the use of inefficient Merkle Tree with a novel method

Pheromone-based In-Network Processing for wireless sensor network monitoring systems

Monitoring spatio-temporal continuous fields using wireless sensor networks (WSNs) has emerged as a novel solution. An efficient data-driven routing mechanism for sensor querying and information gathering in large-scale WSNs is a challenging problem. In particular, we consider the case of how to query the sensor network information with the minimum energy cost in scenarios where a small subset of sensor nodes has relevant readings. In order to deal with this problem, we propose a Pheromone-based In-Network Processing (PhINP) mechanism. The proposal takes advantages of both a pheromone-based iterative strategy to direct queries towards nodes with relevant information and query- and response-based in-network filtering to reduce the number of active nodes. Additionally, we apply reinforcement learning to improve the performance. The main contribution of this work is the proposal of a simple and efficient mechanism for information discovery and gathering. It can reduce the messages exchanged in the network, by allowing some error, in order to maximize the network lifetime. We demonstrate by extensive simulations that using PhINP mechanism the query dissemination cost can be reduced by approximately 60% over flooding, with an error below 1%, applying the same in-network filtering strategy.Fil: Riva, Guillermo Gaston. Universidad Nacional de Córdoba. Facultad de Ciencias Exactas, Físicas y Naturales; Argentina. Universidad Tecnológica Nacional; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; ArgentinaFil: Finochietto, Jorge Manuel. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba. Instituto de Estudios Avanzados en Ingeniería y Tecnología. Universidad Nacional de Córdoba. Facultad de Ciencias Exactas Físicas y Naturales. Instituto de Estudios Avanzados en Ingeniería y Tecnología; Argentin

Dynamic key ring update mechanism for mobile wireless sensor networks

Key distribution is an important issue to provide security in Wireless Sensor Networks (WSNs). Many of the key pre-distribution schemes proposed for static WSNs perform poorly when they are applied to Mobile Wireless Sensor Networks (MWSNs). In this paper, we propose Dynamic Key Ring Update (DKRU) mechanism for MWSNs. The aim of DKRU mechanism is to enable sensor nodes to update their key rings periodically during movement, by observing the frequent keys in their neighbors. Our mechanism can be used together with different key pre-distribution schemes and it helps to increase the performance of them. For the performance evaluation basis, we used our mechanism together with a location based key pre-distribution scheme. Our results show that DKRU mechanism increases the local and global connectivity when it is applied to MWSNs. Moreover, our mechanism does not cause a significant degradation in network resiliency

Flexible Sensor Network Reprogramming for Logistics

Besides the currently realized applications, Wireless Sensor Networks can be put to use in logistics processes. However, doing so requires a level of flexibility and safety not provided by the current WSN software platforms. This paper discusses a logistics scenario, and presents SensorScheme, a runtime environment used to realize this scenario, based on semantics of the Scheme programming language. SensorScheme is a general purpose WSN platform, providing dynamic reprogramming, memory safety (sandboxing), blocking I/O, marshalled communication, compact code transport. It improves on the state of the art by making better use of the little available memory, thereby providing greater capability in terms of program size and complexity. We illustrate the use of our platform with some application examples, and provide experimental results to show its compactness, speed of operation and energy efficiency