Security wireless sensor networks: prospects, challenges, and future

With the advancements of networking technologies and miniaturization of electronic devices, wireless sensor network (WSN) has become an emerging area of research in academic, industrial, and defense sectors. Different types of sensing technologies combined with processing power and wireless communication capability make sensor networks very lucrative for their abundant use in near future. However, many issues are yet to be solved before their full-scale practical implementations. Among all the research issues in WSN, security is one of the most challenging topics to deal with. The major hurdle of securing a WSN is imposed by the limited resources of the sensors participating in the network. Again, the reliance on wireless communication technology opens the door for various types of security threats and attacks. Considering the special features of this type of network, in this chapter we address the critical security issues in wireless sensor networks. We talk about cryptography, steganography, and other basics of network security and their applicability in WSN. We explore various types of threats and attacks against wireless sensor networks, possible countermeasures, mentionable works done so far, other research issues, etc. We also introduce the view of holistic security and future trends towards research in wireless sensor network security

Energy efficient clustering and secure data aggregation in wireless sensor networks

Communication consumes the majority of a wireless sensor network\u27s limited energy. There are several ways to reduce the communication cost. Two approaches used in this work are clustering and in-network aggregation. The choice of a cluster head within each cluster is important because cluster heads use additional energy for their responsibilities and that burden needs to be carefully distributed. We introduce the energy constrained minimum dominating set (ECDS) to model the problem of optimally choosing cluster heads in the presence of energy constraints. We show its applicability to sensor networks and give an approximation algorithm of O(log n) for solving the ECDS problem. We propose a distributed algorithm for the constrained dominating set which runs in O(log n log [triangle]) rounds with high probability. We show experimentally that the distributed algorithm performs well in terms of energy usage, node lifetime, and clustering time and thus is very suitable for wireless sensor networks. Using aggregation in wireless sensor networks is another way to reduce the overall communication cost. However, changes in security are necessary when in- network aggregation is applied. Traditional end-to-end security is not suitable for use with in-network aggregation. A corrupted sensor has access to the intermediate data and can falsify results. Additively homomorphic encryption allows for aggregation of encrypted values, with the result being the same as the result as if unencrypted data were aggregated. Using public key cryptography, digital signatures can be used to achieve integrity. We propose a new algorithm using homomorphic encryption and additive digital signatures to achieve confidentiality, integrity and availability for in- network aggregation in wireless sensor networks. We prove that our digital signature algorithm which is based on Elliptic Curve Digital Signature Algorithm (ECDSA) is at least as secure as ECDSA. Even without in-network aggregation, security is a challenge in wireless sensor networks. In wireless sensor networks, not all messages need to be secured with the same level of encryption. We propose a new algorithm which provides adequate levels of security while providing much higher availablility [sic] than other security protocols. Our approach uses similar amounts of energy as a network without security --Abstract, page iv

Privacy and security protection in cloud integrated sensor networks

Wireless sensor networks have been widely deployed in many social settings to monitor human activities and urban environment. In these contexts, they acquire and collect sensory data, and collaboratively fuse the data. Due to resource constraint, sensor nodes however cannot perform complex data processing. Hence, cloud-integrated sensor networks have been proposed to leverage the cloud computing capabilities for processing vast amount of heterogeneous sensory data. After being processed, the sensory data can then be accessed and shared among authorized users and applications pervasively. Various security and privacy threats can arise when the people-centric sensory data is collected and transmitted within the sensor network or from the network to the cloud; security and privacy remain a big concern when the data is later accessed and shared among different users and applications after being processed. Extensive research has been conducted to address the security and privacy issues without sacrificing resource efficiency. Unfortunately, the goals of security/privacy protection and resource efficiency may not be easy to accomplish simultaneously, and may even be sharply contrary to each other. Our research aims to reconcile the conflicts between these goals in several important contexts. Specifically, we first investigate the security and privacy protection of sensory data being transmitted within the sensor network or from the sensor network to the cloud, which includes: (1) efficient, generic privacy preserving schemes for sensory data aggregation; (2) a privacy-preserving integrity detection scheme for sensory data aggregation; (3) an efficient and source-privacy preserving scheme for catching packet droppers and modifiers. Secondly, we further study how to address people\u27s security and privacy concerns when accessing sensory data from the cloud. To preserve privacy for sensory data aggregation, we propose a set of generic, efficient and collusion-resilient privacy-preserving data aggregation schemes. On top of these privacy preserving schemes, we also develop a scheme to simultaneously achieve privacy preservation and detection of integrity attack for data aggregation. Our approach outperforms existing solutions in terms of generality, node compromise resilience, and resource efficiency. To remove the negative effects caused by packet droppers and modifiers, we propose an efficient scheme to identify and catch compromised nodes which randomly drop packets and/or modify packets. The scheme employs an innovative packet marking techniques, with which selective packet dropping and modification can be significantly alleviated while the privacy of packet sources can be preserved. To preserve the privacy of people accessing the sensory data in the cloud, we propose a new efficient scheme for resource constrained devices to verify people\u27s access privilege without exposing their identities in the presence of outsider attacks or node compromises; to achieve the fine-grained access control for data sharing, we design privacy-preserving schemes based on users\u27 affiliated attributes, such that the access policies can be flexibly specified and enforced without involving complicated key distribution and management overhead. Extensive analysis, simulations, theoretical proofs and implementations have been conducted to evaluate the effectiveness and efficiency of our proposed schemes. The results show that our proposed schemes resolve several limitations of existing work and achieve better performance in terms of resource efficiency, security strength and privacy preservation