259 research outputs found
An Energy Aware and Secure MAC Protocol for Tackling Denial of Sleep Attacks in Wireless Sensor Networks
Wireless sensor networks which form part of the core for the Internet of Things consist of resource constrained sensors that are usually powered by batteries. Therefore, careful
energy awareness is essential when working with these devices.
Indeed,the introduction of security techniques such as authentication and encryption, to ensure confidentiality and integrity of data, can place higher energy load on the sensors. However, the absence of security protection c ould give room for energy drain attacks such as denial of sleep attacks which have a higher negative impact on the life span ( of the sensors than the presence of security features.
This thesis, therefore, focuses on tackling denial of sleep attacks from two perspectives A security perspective and an energy efficiency perspective. The security perspective involves evaluating and ranking a number of security based techniques to curbing denial of sleep attacks. The energy efficiency perspective, on the other hand, involves exploring duty cycling and simulating three Media Access Control ( protocols Sensor MAC, Timeout MAC andTunableMAC under different network sizes and measuring different parameters such as the Received Signal Strength RSSI) and Link Quality Indicator ( Transmit power, throughput and energy efficiency Duty cycling happens to be one of the major techniques for conserving energy in wireless sensor networks and this research aims to answer questions with regards to the effect of duty cycles on the energy efficiency as well as the throughput of three duty cycle protocols Sensor MAC ( Timeout MAC ( and TunableMAC in addition to creating a novel MAC protocol that is also more resilient to denial of sleep a ttacks than existing protocols.
The main contributions to knowledge from this thesis are the developed framework used for evaluation of existing denial of sleep attack solutions and the algorithms which fuel the other contribution to knowledge a newly developed protocol tested on the Castalia Simulator on the OMNET++ platform. The new protocol has been compared with existing protocols and
has been found to have significant improvement in energy efficiency and also better resilience to denial of sleep at tacks Part of this research has been published Two conference
publications in IEEE Explore and one workshop paper
Layered-MAC: An Energy-Protected and Efficient Protocol for Wireless Sensor Networks
In wireless sensor networks, the radio of the wireless sensor node happens to be the highest source of energy consumption. Hence, there is a need to focus on the MAC layer, as it controls access to the radio. While there are several existing techniques to make sensors more energy-efficient, not many of them consider the security aspects of energy efficiency. By this we mean, protecting energy from external attacks. The existing protocols focus mainly on either duty-cycling (Sensor-MAC, Time-out MAC) or clustering (Gateway MAC), as a way of conserving energy. One of such attacks to energy is the denial-of-sleep (DoSL) attack which is a specific kind of denial-of-service attacks designed to drain the energy of battery-powered sensors in a Wireless Sensor Network. This paper explains the development of a new MAC-layer protocol called Layered-MAC aimed at not just energy efficiency but energy protection against DoSL attacks. The protocol is implemented on the OMNET++ and Castalia simulator. The results from the simulation are then compared with two representative existing duty-cycled protocols (Time-out MAC and Sensor-MAC) and significant improvements are present. One of the benefits of the developed protocol is that, not only does it attempt to save energy, but it protects energy from DoSL attacks. There are two main contributions from this research – the first is the additional layer of network metrics (RSSI and LQI) consideration, based on the premise that protection/security is not possible without some form of measurement of assets, and the cluster head rotation which adds an extra layer of energy protection while considering energy efficiency
이기종 IoT 기기간 협력을 통한 네트워크 성능 향상
학위논문(박사) -- 서울대학교대학원 : 공과대학 전기·정보공학부, 2022. 8. 박세웅.The Internet of Things (IoT) has become a daily life by pioneering applications in various fields. In this dissertation, we consider increasing transmission data rate with energy efficiency, extending transmission coverage with low power, and improving reliability in congested frequency bands as three challenges to expanding IoT applications. We address two issues to overcome these challenges.
First, we design a layered network system with a new structure that combines Bluetooth Low Energy (BLE) and Wi-Fi networks in a multi-hop network. Based on the system, we propose methods to increase data rate with energy efficiency and extend transmission coverage in a low-power situation. We implement the proposed system in the Linux kernel and evaluate the performance through an indoor testbed. As a result, we confirmed that the proposed system supports high data traffic and reduces average power consumption in the testbed compared to the existing single BLE/Wi-Fi ad-hoc network in a multi-hop situation.
Second, we tackle the adaptive frequency hopping (AFH) problem of BLE through cross-technology communication (CTC) and channel weighting. We design the AFH scheme that weights the channels used by BLE devices with improving reliability in the congested bands of both Wi-Fi and BLE devices. We evaluate the proposed scheme through prototype experiments and simulations, confirming that the proposed scheme increases the packet reception rate of BLE in the congested ISM band compared to the existing AFH algorithm.사물인터넷은 현재 다양한 영역에서 application을 개척하여 생활화되어 왔다. 이 학위 논문에서는 사물인터넷의 응용 사례 확장을 위해 에너지 효율적인 전송 속도 향상, 저전력 상황에서의 전송 범위 확장, 혼잡한 대역에서의 신뢰성 향상을 새로운 도전 과제로 삼고, 이러한 도전 과제를 극복할 두 가지 주제를 다룬다.
첫째, 다중 홉 네트워크 상황에서의 블루투스 저전력과 Wi-Fi 네트워크를 결합 한 새로운 구조의 계층적 네트워크 시스템을 설계하고 이에 기반한 에너지 효율적인 전송 속도 향상 및 저전력 상황에서의 전송 범위확장을 제안한다. 제안된 시스템은 Linux 커널에 구현하여 실내 테스트베드를 통해 성능을 평가한다. 결과적으로 제안 한 기법이 다중 홉 상황에서 기존 블루투스 저전력/Wi-Fi 단일 ad-hoc 네트워크와 비교하여 높은 데이터 트래픽을 지원하며, 테스트베드에서의 평균 전력 소비를 줄 이는 것을 확인한다.
둘째, Cross-technology Communication (CTC)과 채널 가중치를 통한 블루투스 저전력의 Adaptive Frequency Hopping (AFH) 문제를 해결한다. 최종적으로 블루투스 저전력 기기가 사용하는 채널에 가중치를 두는 AFH 기법을 설계하여 Wi-Fi 와 블루투스 저전력 기기가 모두 혼잡한 대역에서의 신뢰성을 향상한다. 프로토타입 실험과 시뮬레이션을 통해 제안한 기법이 기존의 AFH 기법과 비교하여 혼잡한 ISM 대역에서 블루투스 저전력의 패킷 수신율을 증가시키는 것을 확인한다.1 Introduction 1
1.1 Motivation 1
1.2 Contributions and Outline 2
2 Wi-BLE: On Cooperative Operation of Wi-Fi and Bluetooth Low Energy under IPv6 4
2.1 Introduction 4
2.2 Related Work 7
2.2.1 Multihop Connectivity for Wi-Fi or BLE 7
2.2.2 Multi-radio Operation 11
2.3 System Overview 13
2.3.1 Control Plane 13
2.3.2 Data Plane 16
2.3.3 Overall Procedure 16
2.4 MABLE: AODV Routing over BLE 17
2.4.1 BLE Channel Utilization 17
2.4.2 Joint Establishment of Route and Connection 20
2.4.3 Link Quality Metric for BLE Data Channels 22
2.4.4 Bi-directional Route Error Propagation 25
2.5 Wi-BLE: Wi-Fi Ad-hoc over BLE 27
2.5.1 Radio Selection 27
2.5.2 Routing and Radio Wake-up for Wi-Fi 30
2.6 Evaluation 32
2.6.1 BLE Routing 33
2.6.2 Wi-Fi Routing over BLE 35
2.6.3 Radio Selection 38
2.7 Summary 40
3 WBC-AFH: Direct Wi-Fi to BLE Communication based AFH 41
3.1 Introduction 41
3.2 Background 45
3.2.1 Frequency hopping in BLE 45
3.2.2 Cross Technology Communication 47
3.3 Proposed AFH 49
3.3.1 CTC based informing 50
3.3.2 Weighted channel select 51
3.3.3 Hopping set size optimization 52
3.3.4 WBC-AFH 54
3.4 Evaluation 57
3.4.1 Setup 57
3.4.2 Robustness 60
3.4.3 Reliability 61
3.5 Future Work 65
3.6 Summary 66
4 Conclusion 67박
Channel Access in Wireless Networks: Protocol Design of Energy-Aware Schemes for the IoT and Analysis of Existing Technologies
The design of channel access policies has been an object of study since the deployment of the first wireless networks, as the Medium Access Control (MAC) layer is responsible for coordinating transmissions to a shared channel and plays a key role in the network performance. While the original target was the system throughput, over the years the focus switched to communication latency, Quality of Service (QoS) guarantees, energy consumption, spectrum efficiency, and any combination of such goals.
The basic mechanisms to use a shared channel, such as ALOHA, TDMA- and FDMA-based policies, have been introduced decades ago. Nonetheless, the continuous evolution of wireless networks and the emergence of new communication paradigms demand the development of new strategies to adapt and optimize the standard approaches so as to satisfy the requirements of applications and devices.
This thesis proposes several channel access schemes for novel wireless technologies, in particular Internet of Things (IoT) networks, the Long-Term Evolution (LTE) cellular standard, and mmWave communication with the IEEE802.11ad standard.
The first part of the thesis concerns energy-aware channel access policies for IoT networks, which typically include several battery-powered sensors.
In scenarios with energy restrictions, traditional protocols that do not consider the energy consumption may lead to the premature death of the network and unreliable performance expectations. The proposed schemes show the importance of accurately characterizing all the sources of energy consumption (and inflow, in the case of energy harvesting), which need to be included in the protocol design. In particular, the schemes presented in this thesis exploit data processing and compression techniques to trade off QoS for lifetime. We investigate contention-free and contention-based chanel access policies for different scenarios and application requirements.
While the energy-aware schemes proposed for IoT networks are based on a clean-slate approach that is agnostic of the communication technology used, the second part of the thesis is focused on the LTE and IEEE802.11ad standards.
As regards LTE, the study proposed in this thesis shows how to use machine-learning techniques to infer the collision multiplicity in the channel access phase, information that can be used to understand when the network is congested and improve the contention resolution mechanism. This is especially useful for massive access scenarios; in the last years, in fact, the research community has been investigating on the use of LTE for Machine-Type Communication (MTC).
As regards the standard IEEE802.11ad, instead, it provides a hybrid MAC layer with contention-based and contention-free scheduled allocations, and a dynamic channel time allocation mechanism built on top of such schedule. Although this hybrid scheme is expected to meet heterogeneous requirements, it is still not clear how to develop a schedule based on the various traffic flows and their demands. A mathematical model is necessary to understand the performance and limits of the possible types of allocations and guide the scheduling process. In this thesis, we propose a model for the contention-based access periods which is aware of the interleaving of the available channel time with contention-free allocations
Cybersecurity in implantable medical devices
Mención Internacional en el título de doctorImplantable Medical Devices (IMDs) are electronic devices implanted within
the body to treat a medical condition, monitor the state or improve the
functioning of some body part, or just to provide the patient with a capability
that he did not possess before [86]. Current examples of IMDs
include pacemakers and defibrillators to monitor and treat cardiac conditions;
neurostimulators for deep brain stimulation in cases such as epilepsy
or Parkinson; drug delivery systems in the form of infusion pumps; and a
variety of biosensors to acquire and process different biosignals.
Some of the newest IMDs have started to incorporate numerous communication
and networking functions—usually known as “telemetry”—,
as well as increasingly more sophisticated computing capabilities. This
has provided implants with more intelligence and patients with more autonomy,
as medical personnel can access data and reconfigure the implant
remotely (i.e., without the patient being physically present in medical facilities).
Apart from a significant cost reduction, telemetry and computing
capabilities also allow healthcare providers to constantly monitor the patient’s
condition and to develop new diagnostic techniques based on an
Intra Body Network (IBN) of medical devices [25, 26, 201].
Evolving from a mere electromechanical IMD to one with more advanced
computing and communication capabilities has many benefits but
also entails numerous security and privacy risks for the patient. The majority
of such risks are relatively well known in classical computing scenarios,
though in many respects their repercussions are far more critical in the case
of implants. Attacks against an IMD can put at risk the safety of the patient
who carries it, with fatal consequences in certain cases. Causing an intentional
malfunction of an implant can lead to death and, as recognized by the
U.S. Food and Drug Administration (FDA), such deliberate attacks could
be far more difficult to detect than accidental ones [61]. Furthermore, these
devices store and transmit very sensitive medical information that requires
protection, as dictated by European (e.g., Directive 95/46/ECC) and U.S.
(e.g., CFR 164.312) Directives [94, 204].
The wireless communication capabilities present in many modern IMDs
are a major source of security risks, particularly while the patient is in open
(i.e., non-medical) environments. To begin with, the implant becomes no
longer “invisible”, as its presence could be remotely detected [48]. Furthermore,
it facilitates the access to transmitted data by eavesdroppers who
simply listen to the (insecure) channel [83]. This could result in a major privacy breach, as IMDs store sensitive information such as vital signals,
diagnosed conditions, therapies, and a variety of personal data (e.g., birth
date, name, and other medically relevant identifiers). A vulnerable communication
channel also makes it easier to attack the implant in ways similar
to those used against more common computing devices [118, 129, 156],
i.e., by forging, altering, or replying previously captured messages [82].
This could potentially allow an adversary to monitor and modify the implant
without necessarily being close to the victim [164]. In this regard,
the concerns of former U.S. vice-president Dick Cheney constitute an excellent
example: he had his Implantable Cardioverter Defibrillator (ICD)
replaced by another without WiFi capability [219].
While there are still no known real-world incidents, several attacks on
IMDs have been successfully demonstrated in the lab [83, 133, 143]. These
attacks have shown how an adversary can disable or reprogram therapies
on an ICD with wireless connectivity, and even inducing a shock state to
the patient [65]. Other attacks deplete the battery and render the device
inoperative [91], which often implies that the patient must undergo a surgical
procedure to have the IMD replaced. Moreover, in the case of cardiac
implants, they have a switch that can be turned off merely by applying a
magnetic field [149]. The existence of this mechanism is motivated by the
need to shield ICDs to electromagnetic fields, for instance when the patient
undergoes cardiac surgery using electrocautery devices [47]. However, this
could be easily exploited by an attacker, since activating such a primitive
mechanism does not require any kind of authentication.
In order to prevent attacks, it is imperative that the new generation of
IMDs will be equipped with strong mechanisms guaranteeing basic security
properties such as confidentiality, integrity, and availability. For example,
mutual authentication between the IMD and medical personnel is
essential, as both parties must be confident that the other end is who claims
to be. In the case of the IMD, only commands coming from authenticated
parties should be considered, while medical personnel should not trust any
message claiming to come from the IMD unless sufficient guarantees are
given.
Preserving the confidentiality of the information stored in and transmitted
by the IMD is another mandatory aspect. The device must implement
appropriate security policies that restrict what entities can reconfigure the
IMD or get access to the information stored in it, ensuring that only authorized
operations are executed. Similarly, security mechanisms have to
be implemented to protect the content of messages exchanged through an insecure wireless channel.
Integrity protection is equally important to ensure that information has
not been modified in transit. For example, if the information sent by the
implant to the Programmer is altered, the doctor might make a wrong decision.
Conversely, if a command sent to the implant is forged, modified,
or simply contains errors, its execution could result in a compromise of the
patient’s physical integrity.
Technical security mechanisms should be incorporated in the design
phase and complemented with appropriate legal and administrative measures.
Current legislation is rather permissive in this regard, allowing the
use of implants like ICDs that do not incorporate any security mechanisms.
Regulatory authorities like the FDA in the U.S or the EMA (European
Medicines Agency) in Europe should promote metrics and frameworks for
assessing the security of IMDs. These assessments should be mandatory
by law, requiring an adequate security level for an implant before approving
its use. Moreover, both the security measures supported on each IMD
and the security assessment results should be made public.
Prudent engineering practices well known in the safety and security domains
should be followed in the design of IMDs. If hardware errors are
detected, it often entails a replacement of the implant, with the associated
risks linked to a surgery. One of the main sources of failure when treating
or monitoring a patient is precisely malfunctions of the device itself.
These failures are known as “recalls” or “advisories”, and it is estimated
that they affect around 2.6% of patients carrying an implant. Furthermore,
the software running on the device should strictly support the functionalities
required to perform the medical and operational tasks for what it was
designed, and no more [66, 134, 213].
In Chapter 1, we present a survey of security and privacy issues in
IMDs, discuss the most relevant mechanisms proposed to address these
challenges, and analyze their suitability, advantages, and main drawbacks.
In Chapter 2, we show how the use of highly compressed electrocardiogram
(ECG) signals (only 24 coefficients of Hadamard Transform) is enough
to unequivocally identify individuals with a high performance (classification
accuracy of 97% and with identification system errors in the order of
10−2). In Chapter 3 we introduce a new Continuous Authentication scheme
that, contrarily to previous works in this area, considers ECG signals as
continuous data streams. The proposed ECG-based CA system is intended
for real-time applications and is able to offer an accuracy up to 96%, with
an almost perfect system performance (kappa statistic > 80%). In Chapter 4, we propose a distance bounding protocol to manage access control of
IMDs: ACIMD. ACIMD combines two features namely identity verification
(authentication) and proximity verification (distance checking). The
authentication mechanism we developed conforms to the ISO/IEC 9798-2
standard and is performed using the whole ECG signal of a device holder,
which is hardly replicable by a distant attacker. We evaluate the performance
of ACIMD using ECG signals of 199 individuals over 24 hours,
considering three adversary strategies. Results show that an accuracy of
87.07% in authentication can be achieved. Finally, in Chapter 5 we extract
some conclusions and summarize the published works (i.e., scientific
journals with high impact factor and prestigious international conferences).Los Dispositivos Médicos Implantables (DMIs) son dispositivos electrónicos
implantados dentro del cuerpo para tratar una enfermedad, controlar
el estado o mejorar el funcionamiento de alguna parte del cuerpo, o simplemente
para proporcionar al paciente una capacidad que no poseía antes
[86]. Ejemplos actuales de DMI incluyen marcapasos y desfibriladores
para monitorear y tratar afecciones cardíacas; neuroestimuladores para la
estimulación cerebral profunda en casos como la epilepsia o el Parkinson;
sistemas de administración de fármacos en forma de bombas de infusión; y
una variedad de biosensores para adquirir y procesar diferentes bioseñales.
Los DMIs más modernos han comenzado a incorporar numerosas funciones
de comunicación y redes (generalmente conocidas como telemetría)
así como capacidades de computación cada vez más sofisticadas. Esto
ha propiciado implantes con mayor inteligencia y pacientes con más autonomía,
ya que el personal médico puede acceder a los datos y reconfigurar
el implante de forma remota (es decir, sin que el paciente esté
físicamente presente en las instalaciones médicas). Aparte de una importante
reducción de costos, las capacidades de telemetría y cómputo también
permiten a los profesionales de la atención médica monitorear constantemente
la condición del paciente y desarrollar nuevas técnicas de diagnóstico
basadas en una Intra Body Network (IBN) de dispositivos médicos
[25, 26, 201].
Evolucionar desde un DMI electromecánico a uno con capacidades de
cómputo y de comunicación más avanzadas tiene muchos beneficios pero
también conlleva numerosos riesgos de seguridad y privacidad para el paciente.
La mayoría de estos riesgos son relativamente bien conocidos en los
escenarios clásicos de comunicaciones entre dispositivos, aunque en muchos
aspectos sus repercusiones son mucho más críticas en el caso de los
implantes. Los ataques contra un DMI pueden poner en riesgo la seguridad
del paciente que lo porta, con consecuencias fatales en ciertos casos.
Causar un mal funcionamiento intencionado en un implante puede causar
la muerte y, tal como lo reconoce la Food and Drug Administration (FDA)
de EE.UU, tales ataques deliberados podrían ser mucho más difíciles de
detectar que los ataques accidentales [61]. Además, estos dispositivos almacenan
y transmiten información médica muy delicada que requiere se
protegida, según lo dictado por las directivas europeas (por ejemplo, la Directiva 95/46/ECC) y estadunidenses (por ejemplo, la Directiva CFR
164.312) [94, 204].
Si bien todavía no se conocen incidentes reales, se han demostrado con
éxito varios ataques contra DMIs en el laboratorio [83, 133, 143]. Estos
ataques han demostrado cómo un adversario puede desactivar o reprogramar
terapias en un marcapasos con conectividad inalámbrica e incluso
inducir un estado de shock al paciente [65]. Otros ataques agotan
la batería y dejan al dispositivo inoperativo [91], lo que a menudo implica
que el paciente deba someterse a un procedimiento quirúrgico para reemplazar
la batería del DMI. Además, en el caso de los implantes cardíacos,
tienen un interruptor cuya posición de desconexión se consigue simplemente
aplicando un campo magnético intenso [149]. La existencia de este
mecanismo está motivada por la necesidad de proteger a los DMIs frete
a posibles campos electromagnéticos, por ejemplo, cuando el paciente se
somete a una cirugía cardíaca usando dispositivos de electrocauterización
[47]. Sin embargo, esto podría ser explotado fácilmente por un atacante,
ya que la activación de dicho mecanismo primitivo no requiere ningún tipo
de autenticación.
Garantizar la confidencialidad de la información almacenada y transmitida
por el DMI es otro aspecto obligatorio. El dispositivo debe implementar
políticas de seguridad apropiadas que restrinjan qué entidades
pueden reconfigurar el DMI o acceder a la información almacenada en él,
asegurando que sólo se ejecuten las operaciones autorizadas. De la misma
manera, mecanismos de seguridad deben ser implementados para proteger
el contenido de los mensajes intercambiados a través de un canal inalámbrico
no seguro.
La protección de la integridad es igualmente importante para garantizar
que la información no se haya modificado durante el tránsito. Por ejemplo,
si la información enviada por el implante al programador se altera, el
médico podría tomar una decisión equivocada. Por el contrario, si un comando
enviado al implante se falsifica, modifica o simplemente contiene
errores, su ejecución podría comprometer la integridad física del paciente.
Los mecanismos de seguridad deberían incorporarse en la fase de diseño
y complementarse con medidas legales y administrativas apropiadas.
La legislación actual es bastante permisiva a este respecto, lo que permite
el uso de implantes como marcapasos que no incorporen ningún mecanismo
de seguridad. Las autoridades reguladoras como la FDA en los Estados
Unidos o la EMA (Agencia Europea de Medicamentos) en Europa deberían
promover métricas y marcos para evaluar la seguridad de los DMIs.
Estas evaluaciones deberían ser obligatorias por ley, requiriendo un nivel
de seguridad adecuado para un implante antes de aprobar su uso. Además,
tanto las medidas de seguridad implementadas en cada DMI como los resultados
de la evaluación de su seguridad deberían hacerse públicos.
Buenas prácticas de ingeniería en los dominios de la protección y la
seguridad deberían seguirse en el diseño de los DMIs. Si se detectan errores
de hardware, a menudo esto implica un reemplazo del implante, con
los riesgos asociados y vinculados a una cirugía. Una de las principales
fuentes de fallo al tratar o monitorear a un paciente es precisamente el
mal funcionamiento del dispositivo. Estos fallos se conocen como “retiradas”,
y se estima que afectan a aproximadamente el 2,6 % de los pacientes
que llevan un implante. Además, el software que se ejecuta en el
dispositivo debe soportar estrictamente las funcionalidades requeridas para
realizar las tareas médicas y operativas para las que fue diseñado, y no más
[66, 134, 213].
En el Capítulo 1, presentamos un estado de la cuestión sobre cuestiones
de seguridad y privacidad en DMIs, discutimos los mecanismos más relevantes
propuestos para abordar estos desafíos y analizamos su idoneidad,
ventajas y principales inconvenientes. En el Capítulo 2, mostramos
cómo el uso de señales electrocardiográficas (ECGs) altamente comprimidas
(sólo 24 coeficientes de la Transformada Hadamard) es suficiente para
identificar inequívocamente individuos con un alto rendimiento (precisión
de clasificación del 97% y errores del sistema de identificación del orden
de 10−2). En el Capítulo 3 presentamos un nuevo esquema de Autenticación
Continua (AC) que, contrariamente a los trabajos previos en esta
área, considera las señales ECG como flujos de datos continuos. El sistema
propuesto de AC basado en señales cardíacas está diseñado para aplicaciones
en tiempo real y puede ofrecer una precisión de hasta el 96%,
con un rendimiento del sistema casi perfecto (estadístico kappa > 80 %).
En el Capítulo 4, proponemos un protocolo de verificación de la distancia
para gestionar el control de acceso al DMI: ACIMD. ACIMD combina
dos características, verificación de identidad (autenticación) y verificación
de la proximidad (comprobación de la distancia). El mecanismo de autenticación
es compatible con el estándar ISO/IEC 9798-2 y se realiza utilizando
la señal ECG con todas sus ondas, lo cual es difícilmente replicable
por un atacante que se encuentre distante. Hemos evaluado el rendimiento
de ACIMD usando señales ECG de 199 individuos durante 24 horas, y
hemos considerando tres estrategias posibles para el adversario. Los resultados
muestran que se puede lograr una precisión del 87.07% en la au tenticación. Finalmente, en el Capítulo 5 extraemos algunas conclusiones
y resumimos los trabajos publicados (es decir, revistas científicas con alto
factor de impacto y conferencias internacionales prestigiosas).Programa Oficial de Doctorado en Ciencia y Tecnología InformáticaPresidente: Arturo Ribagorda Garnacho.- Secretario: Jorge Blasco Alís.- Vocal: Jesús García López de Lacall
Honeypot for Wireless Sensor Networks
People have understood that computer systems need safeguarding and require
knowledge of security principles for their protection. While this has led to solutions
for system components such as malware-protection, firewalls and intrusion detection
systems, the ubiquitous usage of tiny microcomputers appeared at the same time. A
new interconnectivity is on the rise in our lives. Things become “smart” and increasingly
build new networks of devices.
In this context the wireless sensor networks here interact with users and also, vice
versa as well; unprivileged users able to interact with the wireless sensor network may
harm the privileged user as a result. The problem that needs to be solved consists of
possible harm that may be caused by an unprivileged user interacting with the wireless
sensor network of a privileged user and may come via an attack vector targeting a vul-
nerability that may take as long as it is needed and the detection of such mal-behaviour
can only be done if a sensing component is implemented as a kind of tool detecting the
status of the attacked wireless sensor network component and monitors this problem
happening as an event that needs to be researched further on. Innovation in attack
detection comprehension is the key aspect of this work, because it was found to be
a set of hitherto not combined aspects, mechanisms, drafts and sketches, lacking a
central combined outcome. Therefore the contribution of this thesis consists in a span
of topics starting with a summary of attacks, possible countermeasures and a sketch
of the outcome to the design and implementation of a viable product, concluding in an
outlook at possible further work.
The chosen path for the work in this research was experimental prototype construction
following an established research method that first highlights the analysis of attack
vectors to the system component and then evaluates the possibilities in order to im-
prove said method. This led to a concept well known in common large-scale computer
science systems, called a honeypot. Its common definitions and setups were analy-
sed and the concept translation to the wireless sensor network domain was evaluated.
Then the prototype was designed and implemented. This was done by following the ap-
proach set by the science of cybersecurity, which states that the results of experiments
and prototypes lead to improving knowledge intentionally for re-use
Recent Trends in Communication Networks
In recent years there has been many developments in communication technology. This has greatly enhanced the computing power of small handheld resource-constrained mobile devices. Different generations of communication technology have evolved. This had led to new research for communication of large volumes of data in different transmission media and the design of different communication protocols. Another direction of research concerns the secure and error-free communication between the sender and receiver despite the risk of the presence of an eavesdropper. For the communication requirement of a huge amount of multimedia streaming data, a lot of research has been carried out in the design of proper overlay networks. The book addresses new research techniques that have evolved to handle these challenges
- …