Practical implementation and performance analysis on security of sensor networks

A wireless sensor network (WSN) is a network made of thousands of sensing elements called as nodes with wireless capabilities. Their application is varied and diverse ranging from military to domestic and household. As the world of self-organizing sensor networks tip to the edge of maximum utilization, their wider deployment is adding pressure on the security front. Powerful laptops and workstations make it more challenging for small sensors. In addition, there are many security challenges in WSN, e.g- confidentiality, authentication, freshness, integrity etc. Contributions of this work are as follows: “Symmetric” security implementation: This thesis work designs a symmetric-key based security in sensor hardware in the Link layer of sensor network protocols. Link Layer security can protect a wireless network by denying access to the network itself before a user is successfully authenticated. This prevents attacks against the network infrastructure and protects the network from devastating attacks. “Public key” implementation in sensor hardware: Asymmetric key techniques are attractive for authentication data or session keys. Traditional schemes like RSA require considerable amounts of resources which in the past has limited their use. This thesis has implemented Elliptic Curve Cryptography (ECC) in Mica2 hardware, which is an approach to public-key cryptography based on the mathematics of elliptic curves. Quantitative overhead analysis: This thesis work analyzes the wireless communication overhead (No. of packets transmitted) vs the (transmit and receive) energy consumed in mJoules and memory storage overhead (bytes) for ECC as compared to the symmetric counterpart for the implemented WSN security protocols

Controlled Mobility in Mobile Sensor Networks: Advantages, Issues and Challenges

International audienceRecently, wireless self-organizing networks are attracting a lot of interest in the research community. Moreover, in the last decade many mobile devices have appeared in the market. Exploiting mobility in a wireless environment, instead of considering it as a kind of disturbance, is a fundamental concept that the research community is beginning to appreciate now. Of course, the advantages obtainable through the use of the mobility imply the knowledge of the different types of mobility and the way to include it in the management architecture of the wireless networks. In this work we claim that mobility and wireless sensor networks can be considered as two synergetic elements of the same reality. For this purpose, we sketch a macro-classification of the different objectives which can be pursued by controlled mobility. Moreover, we identify and highlight the interactions between this specific type of mobility and the layers of the control stack. Lastly, this paper reports a case study in which we show how controlled mobility can be exploited practically

Proceedings of the 5th International Workshop on Reconfigurable Communication-centric Systems on Chip 2010 - ReCoSoC\u2710 - May 17-19, 2010 Karlsruhe, Germany. (KIT Scientific Reports ; 7551)

ReCoSoC is intended to be a periodic annual meeting to expose and discuss gathered expertise as well as state of the art research around SoC related topics through plenary invited papers and posters. The workshop aims to provide a prospective view of tomorrow\u27s challenges in the multibillion transistor era, taking into account the emerging techniques and architectures exploring the synergy between flexible on-chip communication and system reconfigurability

Hardware Assisted Solutions for Automobile Security

In the past couple of decades, many in-vehicle features have been invented and deployed in order to make modern vehicles which not only safer and more reliable but also connected, smarter, and intelligent. Meanwhile, vehicular ad-hoc networks (VANETs) are proposed to provide communications between vehicles and road-side stations as the foundation of the intelligent transportation system to provide efficient and safe transportation. To support these updated functions, a large amount of electronic equipment has been integrated into the car system. Although these add-on functions around vehicles offer great help in driving assistance, they inevitably introduced new security vulnerabilities that threaten the safety of the on-board drivers, passengers and pedestrians. This has been demonstrated by many well-documented attacks either on the in-vehicle bus system or on the wireless vehicular network communications. In this dissertation, we design and implement several hardware-oriented solutions to the arousing security issues on vehicles. More specifically, we focus on three important and representative problems: (1) how to secure the in-vehicle Controller Area Network (CAN), (2) how to secure the communication between vehicle and outside, and (3) how to establish trust on VANETs. Current approaches based on cryptographic algorithms to secure CAN bus violate the strict timing and limited resource constraints for CAN communications. We thus emphasize on the alternate solution of intrusion detection system (IDS) in this dissertation. We explore monitoring the changes of CAN message content or the physical delay of its transmission to detect on the CAN bus. We first propose a new entropy-based IDS following the observation that all the known CAN message injection attacks need to alter the CAN identifier bit. Thus, analyzing the entropy changes of such bits can be an effective way to detect those attacks. Next, we develop a delay-based IDS to protect the CAN network by identifying the location of the compromised Electronic Control Unit (ECU) from the transmission delay difference to two terminals connected to the CAN bus. We demonstrate that both approaches can protect the integrity of the messages on CAN bus leading to a further improve the security and safety of autonomous vehicles. In the second part of this dissertation, we consider Plug-and-Secure, an industrial practice on key management for automotive CAN networks. It has been proven to be information theoretically secure. However, we discover side-channel attacks based on the physical properties of the CAN bus that can leak almost the entire secret key bits. We analyze the fundamental characteristics that lead to such attacks and propose techniques to minimize information leakage at the hardware level. Next, we extend our study from in-vehicle secure CAN communication to the communication between vehicle and outside world. We take the example of the popular GPS spoofing attack and show how we can use the rich information from CAN bus to build a cross-validation system to detect such attacks. Our approach is based on the belief that the local driving data from the in-vehicle network can be authenticated and thus trusted by secure CAN networks mechanisms. Such data can be used to cross-validate the GPS signals from the satellite which are vulnerable to spoofing attacks. We conduct driving tests on real roads to show that our proposed approach can defend both GPS spoofing attacks and location-based attacks on the VANETs. Finally, we propose a blockchain based Anonymous Reputation System (BARS) to establish a privacy-preserving trust model for VANETs. The certificate and revocation transparency is implemented efficiently with the proofs of presence and absence based on the extended blockchain technology. To prevent the broadcast of forged messages, a reputation evaluation algorithm is presented relying on both direct historical interactions of that vehicle and indirect opinions from the other vehicles. This dissertation features solutions to vehicle security problems based on hardware or physical characteristics, instead of cryptographic algorithms. We believe that given the critical timing requirement on vehicular systems and their very limited resource (such as the bandwidth on CAN bus), this will be a very promising direction to secure vehicles and vehicular network

Market Methods for Supply and Demand Management in the Smart Grid

This study addresses the resource management problem in a large scale networked system with high flexibility. We consider the supply and demand management problem specifically in the context of the future Smart Grid. On the supply side, we design a secondary market to provide stochastic energy service via distributed renewable energy resources. The performance of the proposed market is evaluated in two circumstances, i.e. whether or not the extra energy penetration caused by the market changes the operation point of the power grid. On the demand side, we would like to take the advantages of the residential demand flexibility to relieve consumption peaks and stabilize the system. We conduct certain demand response in a market approach and further build a real experiment system to analyze the performance of such regime. The study of supply side market is referred to the subheading: Small-Scale Markets for a Bilateral Energy Sharing Economy followed by an extension of the corresponding market which brings in the concern that the increased energy penetration may change the operation point of the grid. As for the demand side study, design and analysis of such demand response market is under the subheading: Mean Field Games in Nudge Systems for Societal Networks and the real experiment built-up is presented in Incentive-Based Demand Response: Empirical Assessment and Critical Appraisal. We model the agent behaviour in both markets via game theoretic approach and analyze the equilibrium performance. We show that a Mean Field Game regime can be applied to accurately approximate these repeated game frameworks and socially desirable equilibria that benefit both system operator and agents exist

Système de représentation d'interfaces centré sur l'usager

Le système Activity-oriented Interface Representation ( AIR ) est un outil d'aide à la conception et à l'évaluation des interfaces usager. Du côté de la conception, il permet de spécifier le détail des interactions entre un usager et une interface à l'aide d'un langage. Pour ce qui est de l'évaluation, un outil ou modèle permet de prédire le temps d'exécution d'un usager hautement familier avec les interfaces graphiques avec une précision d'au plus 26%, ce qui est acceptable en modélisation analytique. Ce modèle ne tient compte que des opérations explicites de l'usager, soit celles qui on un effet direct sur l'interface. Le modèle fût mis au point et sa précision validée par le biais de tests avec sujets humains dans des conditions contrôlées. Le système AIR comprend des outils logiciels pour faciliter l'utilisation du langage et du modèle