Distributed detection and estimation in wireless sensor networks: resource allocation, fusion rules, and network security

This thesis addresses the problem of detection of an unknown binary event. In particular, we consider centralized detection, distributed detection, and network security in wireless sensor networks (WSNs). The communication links among SNs are subject to limited SN transmit power, limited bandwidth (BW), and are modeled as orthogonal channels with path loss, flat fading and additive white Gaussian noise (AWGN). We propose algorithms for resource allocations, fusion rules, and network security. In the first part of this thesis, we consider the centralized detection and calculate the optimal transmit power allocation and the optimal number of quantization bits for each SN. The resource allocation is performed at the fusion center (FC) and it is referred as a centralized approach. We also propose a novel fully $distributed$ algorithm to address this resource allocation problem. What makes this scheme attractive is that the SNs share with their neighbors just their individual transmit power at the current states. Finally, the optimal soft fusion rule at the FC is derived. But as this rule requires a-priori knowledge that is difficult to attain in practice, suboptimal fusion rules are proposed that are realizable in practice. The second part considers a fully distributed detection framework and we propose a two-step distributed quantized fusion rule algorithm where in the first step the SNs collaborate with their neighbors through error-free, orthogonal channels. In the second step, local 1-bit decisions generated in the first step are shared among neighbors to yield a consensus. A binary hypothesis testing is performed at any arbitrary SN to optimally declare the global decision. Simulations show that our proposed quantized two-step distributed detection algorithm approaches the performance of the unquantized centralized (with a FC) detector and its power consumption is shown to be 50% less than the existing (unquantized) conventional algorithm. Finally, we analyze the detection performance of under-attack WSNs and derive attacking and defense strategies from both the Attacker and the FC perspective. We re-cast the problem as a minimax game between the FC and Attacker and show that the Nash Equilibrium (NE) exists. We also propose a new non-complex and efficient reputation-based scheme to identify these compromised SNs. Based on this reputation metric, we propose a novel FC weight computation strategy ensuring that the weights for the identified compromised SNs are likely to be decreased. In this way, the FC decides how much a SN should contribute to its final decision. We show that this strategy outperforms the existing schemes

Security of Software-defined Wireless Sensor Networks

Wireless Sensor Network (WSN) using Software Defined Networking (SDN) can achieve several advantages such as flexible and centralized network management and efficient routing. This is because SDN is a logically centralized architecture that separates the control plane from the data plane. SDN can provide security solutions, such as routing isolation, while handling the heterogeneity, scalability, and the limited resources of WSNs. However, such centralized architecture brings new challenges due to the single attack point and having non-dedicated channels for the control plane in WSNs. In this thesis, we investigate and propose security solutions for software-defined WSNs considering energy-efficiency and resource-preservation. The details are as follows. First, the functionality of software-defined WSNs can be affected by malicious sensor nodes that perform arbitrary actions such as message dropping or flooding. The malicious nodes can degrade the availability of the network due to in-band communications and the inherent lack of secure channels in software-defined WSNs. Therefore, we design a hierarchical trust management scheme for software-defined WSNs (namely TSW) to detect potential threats inside software-defined WSNs while promoting node cooperation and supporting decision-making in the forwarding process. The TSW scheme evaluates the trustworthiness of involved nodes and enables the detection of malicious behavior at various levels of the software-defined WSN architecture. We develop sensitive trust computational models to detect several malicious attacks. Furthermore, we propose separate trust scores and parameters for control and data traffic, respectively, to enhance the detection performance against attacks directed at the crucial traffic of the control plane. Additionally, we develop an acknowledgment-based trust recording mechanism by exploiting some built-in SDN control messages. To ensure the resilience and honesty of the trust scores, a weighted averaging approach is adopted, and a reliability trust metric is also defined. Through extensive analyses and numerical simulations, we demonstrate that TSW is efficient in detecting malicious nodes that launch several communication and trust management threats such as black-hole, selective forwarding, denial of service, bad and good mouthing, and ON-OFF attacks. Second, network topology obfuscation is generally considered a proactive mechanism for mitigating traffic analysis attacks. The main challenge is to strike a balance among energy consumption, reliable routing, and security levels due to resource constraints in sensor nodes. Furthermore, software-defined WSNs are more vulnerable to traffic analysis attacks due to the uncovered pattern of control traffic between the controller and the nodes. As a result, we propose a new energy-aware network topology obfuscation mechanism, which maximizes the attack costs and is efficient and practical to be deployed. Specifically, first, a route obfuscation method is proposed by utilizing ranking-based route mutation, based on four different critical criteria: route overlapping, energy consumption, link costs, and node reliability. Then, a sink node obfuscation method is introduced by selecting several fake sink nodes that are indistinguishable from actual sink nodes, according to the k-anonymity model. As a result, the most suitable routes and sink nodes can be selected, and a highest obfuscation level can be reached without sacrificing energy efficiency. Finally, extensive simulation results demonstrate that the proposed methods strongly mitigate traffic analysis attacks and achieve effective network topology obfuscation for software-defined WSNs. In addition, the proposed methods reduce the success rate of the attacks while achieving lower energy consumption and longer network lifetime. Last, security networking functions, such as trust management and Intrusion Detection System (IDS), are deployed in WSNs to protect the network from multiple attacks. However, there are many resource and security challenges in deploying these functions. First, they consume tremendous nodes’ energy and computational resources, which are limited in WSNs. Another challenge is preserving the security at a sufficient level in terms of reliability and coverage. Watchdog nodes, as one of the main components in trust management, overhear and monitor other nodes in the network. Accordingly, a secure and energy-aware watchdog placement optimization solution is studied for software-defined WSNs. The solution balances the required energy consumption, computational resource, and security in terms of the honesty of the watchdog nodes. To this end, a multi-population genetic algorithm is proposed for the optimal placement of the watchdog function in the network given the comprehensive aspects of resources and security. Finally, simulation results demonstrate that the proposed solution robustly preserves security levels and achieves energy-efficient deployment. In summary, reactive and proactive security solutions are investigated, designed, and evaluated for software-defined WSNs. The novelty of these proposed solutions is not only efficient and robust security but also their energy awareness, which allows them to be practical on resource-constrained networks. Thus, this thesis is considered a significant advancement toward more trustworthy and dependable software-defined WSNs

Energy Efficient and Secure Wireless Sensor Networks Design

Wireless Sensor Networks (WSNs) are emerging technologies that have the ability to sense, process, communicate, and transmit information to a destination, and they are expected to have significant impact on the efficiency of many applications in various fields. The resource constraint such as limited battery power, is the greatest challenge in WSNs design as it affects the lifetime and performance of the network. An energy efficient, secure, and trustworthy system is vital when a WSN involves highly sensitive information. Thus, it is critical to design mechanisms that are energy efficient and secure while at the same time maintaining the desired level of quality of service. Inspired by these challenges, this dissertation is dedicated to exploiting optimization and game theoretic approaches/solutions to handle several important issues in WSN communication, including energy efficiency, latency, congestion, dynamic traffic load, and security. We present several novel mechanisms to improve the security and energy efficiency of WSNs. Two new schemes are proposed for the network layer stack to achieve the following: (a) to enhance energy efficiency through optimized sleep intervals, that also considers the underlying dynamic traffic load and (b) to develop the routing protocol in order to handle wasted energy, congestion, and clustering. We also propose efficient routing and energy-efficient clustering algorithms based on optimization and game theory. Furthermore, we propose a dynamic game theoretic framework (i.e., hyper defense) to analyze the interactions between attacker and defender as a non-cooperative security game that considers the resource limitation. All the proposed schemes are validated by extensive experimental analyses, obtained by running simulations depicting various situations in WSNs in order to represent real-world scenarios as realistically as possible. The results show that the proposed schemes achieve high performance in different terms, such as network lifetime, compared with the state-of-the-art schemes

A multiplayer game model to detect insiders in wireless sensor networks

Insiders might have incentives and objectives opposed to those of the belonging organization. It is hard to detect them because of their privileges that partially protect them. In Wireless Sensor Networks (WSNs), significant security issues arise, including compromised nodes by insiders that disrupt the normal network operation. Immediate defensive actions to isolate malicious nodes would mitigate any related impacts. A multiplayer game model is proposed as a solution to the problem of insider attacks in WSNs, the Game of Wireless Sensor Networks (GoWiSeN). It is an imperfect information game, formulated with the use of non-cooperative game theory, holding the assumption that all players are rational. The model consists of several Local Intrusion Detection Systems (LIDSs), which are located to different nodes and communicate with a Global Intrusion Detection System (GIDS). Each LIDS gives suggestions whether the monitoring node is trusted or not. The game is being played between a potential attacker, the nodes and the GIDS. The GIDS is responsible for making a final decision and for isolating a compromised node in case of an internal attack. The theoretical model represents these interactions in an extensive form game. The formal elements of the game are specified, the outcomes of the game are quantified by first specifying players’ preferences, and then, by using the von Neumann-Morgenstern utility function, and payoffs are obtained. The game is constructed and solved, by locating NE in pure and mixed strategies. Experimental evaluations conducted on real network datasets, using IDSs of different capabilities, simulate special cases and compromised nodes in a WSN, verify the model efficiency, and show how the game should be played

Distributed Detection and Estimation in Wireless Sensor Networks: Resource Allocation, Fusion Rules, and Network Security

This thesis addresses the problem of detection of an unknown binary event. In particular, we consider centralized detection, distributed detection, and network security in wireless sensor networks (WSNs). The communication links among SNs are subject to limited SN transmit power, limited bandwidth (BW), and are modeled as orthogonal channels with path loss, flat fading and additive white Gaussian noise (AWGN). We propose algorithms for resource allocations, fusion rules, and network security. In the first part of this thesis, we consider the centralized detection and calculate the optimal transmit power allocation and the optimal number of quantization bits for each SN. The resource allocation is performed at the fusion center (FC) and it is referred as a $centralized$ approach. We also propose a novel fully $distributed$ algorithm to address this resource allocation problem. What makes this scheme attractive is that the SNs share with their neighbors just their individual transmit power at the current states. Finally, the optimal soft fusion rule at the FC is derived. But as this rule requires a-priori knowledge that is difficult to attain in practice, suboptimal fusion rules are proposed that are realizable in practice. The second part considers a fully distributed detection framework and we propose a two-step distributed quantized fusion rule algorithm where in the first step the SNs collaborate with their neighbors through error-free, orthogonal channels. In the second step, local 1-bit decisions generated in the first step are shared among neighbors to yield a consensus. A binary hypothesis testing is performed at any arbitrary SN to optimally declare the global decision. Simulations show that our proposed quantized two-step distributed detection algorithm approaches the performance of the unquantized centralized (with a FC) detector and its power consumption is shown to be 50% less than the existing (unquantized) conventional algorithm. Finally, we analyze the detection performance of under-attack WSNs and derive attacking and defense strategies from both the Attacker and the FC perspective. We re-cast the problem as a minimax game between the FC and Attacker and show that the Nash Equilibrium (NE) exists. We also propose a new non-complex and efficient reputation-based scheme to identify these compromised SNs. Based on this reputation metric, we propose a novel FC weight computation strategy ensuring that the weights for the identified compromised SNs are likely to be decreased. In this way, the FC decides how much a SN should contribute to its final decision. We show that this strategy outperforms the existing schemes

Distributed Detection and Estimation in Wireless Sensor Networks: Resource Allocation, Fusion Rules, and Network Security

This thesis addresses the problem of detection of an unknown binary event. In particular, we consider centralized detection, distributed detection, and network security in wireless sensor networks (WSNs). The communication links among SNs are subject to limited SN transmit power, limited bandwidth (BW), and are modeled as orthogonal channels with path loss, flat fading and additive white Gaussian noise (AWGN). We propose algorithms for resource allocations, fusion rules, and network security. In the first part of this thesis, we consider the centralized detection and calculate the optimal transmit power allocation and the optimal number of quantization bits for each SN. The resource allocation is performed at the fusion center (FC) and it is referred as a $centralized$ approach. We also propose a novel fully $distributed$ algorithm to address this resource allocation problem. What makes this scheme attractive is that the SNs share with their neighbors just their individual transmit power at the current states. Finally, the optimal soft fusion rule at the FC is derived. But as this rule requires a-priori knowledge that is difficult to attain in practice, suboptimal fusion rules are proposed that are realizable in practice. The second part considers a fully distributed detection framework and we propose a two-step distributed quantized fusion rule algorithm where in the first step the SNs collaborate with their neighbors through error-free, orthogonal channels. In the second step, local 1-bit decisions generated in the first step are shared among neighbors to yield a consensus. A binary hypothesis testing is performed at any arbitrary SN to optimally declare the global decision. Simulations show that our proposed quantized two-step distributed detection algorithm approaches the performance of the unquantized centralized (with a FC) detector and its power consumption is shown to be 50% less than the existing (unquantized) conventional algorithm. Finally, we analyze the detection performance of under-attack WSNs and derive attacking and defense strategies from both the Attacker and the FC perspective. We re-cast the problem as a minimax game between the FC and Attacker and show that the Nash Equilibrium (NE) exists. We also propose a new non-complex and efficient reputation-based scheme to identify these compromised SNs. Based on this reputation metric, we propose a novel FC weight computation strategy ensuring that the weights for the identified compromised SNs are likely to be decreased. In this way, the FC decides how much a SN should contribute to its final decision. We show that this strategy outperforms the existing schemes

Game Theory-Based Cooperation for Underwater Acoustic Sensor Networks: Taxonomy, Review, Research Challenges and Directions.

Exploring and monitoring the underwater world using underwater sensors is drawing a lot of attention these days. In this field cooperation between acoustic sensor nodes has been a critical problem due to the challenging features such as acoustic channel failure (sound signal), long propagation delay of acoustic signal, limited bandwidth and loss of connectivity. There are several proposed methods to improve cooperation between the nodes by incorporating information/game theory in the node's cooperation. However, there is a need to classify the existing works and demonstrate their performance in addressing the cooperation issue. In this paper, we have conducted a review to investigate various factors affecting cooperation in underwater acoustic sensor networks. We study various cooperation techniques used for underwater acoustic sensor networks from different perspectives, with a concentration on communication reliability, energy consumption, and security and present a taxonomy for underwater cooperation. Moreover, we further review how the game theory can be applied to make the nodes cooperate with each other. We further analyze different cooperative game methods, where their performance on different metrics is compared. Finally, open issues and future research direction in underwater acoustic sensor networks are highlighted

Location based services in wireless ad hoc networks

In this dissertation, we investigate location based services in wireless ad hoc networks from four different aspects - i) location privacy in wireless sensor networks (privacy), ii) end-to-end secure communication in randomly deployed wireless sensor networks (security), iii) quality versus latency trade-off in content retrieval under ad hoc node mobility (performance) and iv) location clustering based Sybil attack detection in vehicular ad hoc networks (trust). The first contribution of this dissertation is in addressing location privacy in wireless sensor networks. We propose a non-cooperative sensor localization algorithm showing how an external entity can stealthily invade into the location privacy of sensors in a network. We then design a location privacy preserving tracking algorithm for defending against such adversarial localization attacks. Next we investigate secure end-to-end communication in randomly deployed wireless sensor networks. Here, due to lack of control on sensors\u27 locations post deployment, pre-fixing pairwise keys between sensors is not feasible especially under larger scale random deployments. Towards this premise, we propose differentiated key pre-distribution for secure end-to-end secure communication, and show how it improves existing routing algorithms. Our next contribution is in addressing quality versus latency trade-off in content retrieval under ad hoc node mobility. We propose a two-tiered architecture for efficient content retrieval in such environment. Finally we investigate Sybil attack detection in vehicular ad hoc networks. A Sybil attacker can create and use multiple counterfeit identities risking trust of a vehicular ad hoc network, and then easily escape the location of the attack avoiding detection. We propose a location based clustering of nodes leveraging vehicle platoon dispersion for detection of Sybil attacks in vehicular ad hoc networks --Abstract, page iii