3,175 research outputs found
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Heterogeneous Tree Based Authenticated Group Key Transfer Protocol
Message passing from one source to another has become a key for many upcoming technologies. This is already achieved by introduction of topics of KEYS, AUTHENTICATIONS etc. Secret key transfer is being done presently by using mutually trusted key generation centre (KGS). By this selection of session key by which encryption is done for information passing is selected. This paper discusses about the advancement of this technology by extending this service to group instead of a single key. The whole group with authenticated users can access the information. The proposed protocol considers the heterogeneity of the peer resources as QOS factor in key generation phase and shared key mechanism as primary process to achieve security in group key sharing
KALwEN: a new practical and interoperable key management scheme for body sensor networks
Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike
PAWN: a payload-based mutual authentication scheme for wireless sensor networks
Copyright © 2016 John Wiley & Sons, Ltd. Wireless sensor networks (WSNs) consist of resource-starving miniature sensor nodes deployed in a remote and hostile environment. These networks operate on small batteries for days, months, and even years depending on the requirements of monitored applications. The battery-powered operation and inaccessible human terrains make it practically infeasible to recharge the nodes unless some energy-scavenging techniques are used. These networks experience threats at various layers and, as such, are vulnerable to a wide range of attacks. The resource-constrained nature of sensor nodes, inaccessible human terrains, and error-prone communication links make it obligatory to design lightweight but robust and secured schemes for these networks. In view of these limitations, we aim to design an extremely lightweight payload-based mutual authentication scheme for a cluster-based hierarchical WSN. The proposed scheme, also known as payload-based mutual authentication for WSNs, operates in 2 steps. First, an optimal percentage of cluster heads is elected, authenticated, and allowed to communicate with neighboring nodes. Second, each cluster head, in a role of server, authenticates the nearby nodes for cluster formation. We validate our proposed scheme using various simulation metrics that outperform the existing schemes
Collaborative Authentication for 6G Networks: An Edge Intelligence based Autonomous Approach
The conventional device authentication of wireless networks usually relies on
a security server and centralized process, leading to long latency and risk of
single-point of failure. While these challenges might be mitigated by
collaborative authentication schemes, their performance remains limited by the
rigidity of data collection and aggregated result. They also tend to ignore
attacker localization in the collaborative authentication process. To overcome
these challenges, a novel collaborative authentication scheme is proposed,
where multiple edge devices act as cooperative peers to assist the service
provider in distributively authenticating its users by estimating their
received signal strength indicator (RSSI) and mobility trajectory (TRA). More
explicitly, a distributed learning-based collaborative authentication algorithm
is conceived, where the cooperative peers update their authentication models
locally, thus the network congestion and response time remain low. Moreover, a
situation-aware secure group update algorithm is proposed for autonomously
refreshing the set of cooperative peers in the dynamic environment. We also
develop an algorithm for localizing a malicious user by the cooperative peers
once it is identified. The simulation results demonstrate that the proposed
scheme is eminently suitable for both indoor and outdoor communication
scenarios, and outperforms some existing benchmark schemes
OSCAR: A Collaborative Bandwidth Aggregation System
The exponential increase in mobile data demand, coupled with growing user
expectation to be connected in all places at all times, have introduced novel
challenges for researchers to address. Fortunately, the wide spread deployment
of various network technologies and the increased adoption of multi-interface
enabled devices have enabled researchers to develop solutions for those
challenges. Such solutions aim to exploit available interfaces on such devices
in both solitary and collaborative forms. These solutions, however, have faced
a steep deployment barrier.
In this paper, we present OSCAR, a multi-objective, incentive-based,
collaborative, and deployable bandwidth aggregation system. We present the
OSCAR architecture that does not introduce any intermediate hardware nor
require changes to current applications or legacy servers. The OSCAR
architecture is designed to automatically estimate the system's context,
dynamically schedule various connections and/or packets to different
interfaces, be backwards compatible with the current Internet architecture, and
provide the user with incentives for collaboration. We also formulate the OSCAR
scheduler as a multi-objective, multi-modal scheduler that maximizes system
throughput while minimizing energy consumption or financial cost. We evaluate
OSCAR via implementation on Linux, as well as via simulation, and compare our
results to the current optimal achievable throughput, cost, and energy
consumption. Our evaluation shows that, in the throughput maximization mode, we
provide up to 150% enhancement in throughput compared to current operating
systems, without any changes to legacy servers. Moreover, this performance gain
further increases with the availability of connection resume-supporting, or
OSCAR-enabled servers, reaching the maximum achievable upper-bound throughput
- …