Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Design, analysis and implementation of a spatial-temporal, adaptive and multi-replication data centric storage framework for wireless sensor and actor networks

This PhD Thesis presents a novel framework for Data-Centric Storage(DCS) in a Wireless Sensor and Actor Network(WSAN) that enables the use of a multiple set of data replication nodes, which also change over the time. This allows reducing the average network traffic and energy consumption by adapting the number of replicas to applications’ traffic, while balancing energy burdens by varying their location. To that end we propose and validate a simple model to determine the optimal number of replicas, in terms of minimizing average traffic/energy consumption, from the measured applications’ production and consumption traffic. Simple mechanisms are proposed to decide when the current set of replication nodes should be changed, to enable new applications and sensor nodes to efficiently bootstrap into a working sensor network, to recover from failing nodes, and to adapt to changing conditions. Extensive simulations demonstrate that our approach can extend a sensor network’s lifetime by at least a 60%, and up to a factor of 10x depending on the lifetime criterion being considered. Furthermore, we have implemented our framework in a real testbed with 20 motes that validates in a small scenario those results obtained via simulation for large WSANs. Finally, we present a heuristic that adapts our framework to scenarios with spatially heterogeneous consumption and/or production traffic distributions providing an effective reduction in the overall traffic, as well as reducing the number of nodes that die over the time. --------------------------------------------------------------------------------------------------------------------------------------------Esta Tesis se enmarca en el campo de la redes de sensores y actuadores inalámbricas. Para este tipo de redes existe un sistema de almacenamiento y entrega de información totalmente distribuido denominado Data-Centric Storage (DCS). En dicho sistema se selecciona un nodo en la red para almacenar toda la información relativa a una aplicación o tipo de evento. Dicha elección se realiza mediante el uso de una función de hash que, usando como argumento el propio nombre de la aplicación (o tipo de evento), devuelve el identificador (e.g. coordenadas geográficas, identificador de nodo, etc) del nodo responsable de almacenar toda la información que deesa aplicación (o tipo de evento). El uso de un único nodo para almacenar todos los datos de un mismo tipo generados en la red tiende a generar un punto de saturación en la red (especialmente en términos energéticos) ya que una gran cantidad de tráfico es encaminada hacia un único punto. De hecho, no sólo el nodo seleccionado como nodo de almacenamiento, sino también todos aquellos que le rodean, experimentan un mayor gasto de recursos ya que son los encargados de rutar los mensajes hacia el nodo de almacenamiento. Este problema ha dado lugar a sistemas que utilizan multiples réplicas para aliviar la generacióon de un punto de congestión y elevado consumo energético en la red. Situando varios puntos de almacenamiento para un tipo de evento dado, es posible aliviar la congestión de un único punto. Sin embargo la generación de nuevas réplicas tiene un coste asociado, y por tanto existe un número de réplicas óptimo que minimiza el tráfico total en la red, que a su vez tiene un impacto directo en la reducción del consumo energético y la extensión del tiempo de vida de la red. En esta Tesis se proponen dos esquemas de replicación para redes de sensores que usan DCS como sistema de almacenamiento distribuido. Para ambos casos se han desarrollado modelos matemáticos que permiten conocer el número óptimo de réplicas que deben ser utilizadas (para minimizar el tráfico total en la red) en función de la intensidad de producción y consumo de un tipo de evento. El primer mecanismo, denominado Quadratic Adaptive Replication (QAR), propone el uso de una estructura mallada para la colocación de las réplicas. QAR mejora trabajos previos que ya proponían un esquema de replicación en grid, ya que es más adaptativo a las condiciones de tráfico en la red. El segundo mecanismo simplemente genera localizaciones aleatorias donde situar las replicas. Sorprendentemente, esta Tesis demuestra que es el mejor sistema de replicación, incluso por delante de QAR, ya que es el más adaptativo a las condiciones de tráfico. Además, tiene la gran ventaja de que es extremadamente simple y puede aplicarse en redes irregulares o que utlizan diferentes protocolos de enrutamiento. Los sistemas de replicación alivian el problema del punto único de congestión, pero no lo solucionan completamente, ya que siguen apareciendo puntos de congestión menores, tantos como réplicas sean usadas. Por tanto, la red sigue presentando una gran desigualdad en el consumo energético, ya que aquellos puntos seleccionados como réplicas (y sus vecinos) usan una mayor energía para desarrollar su actividad. Frente a este problema, se propone como solución el cambio de las réplicas a lo largo del tiempo. Esecialmente, se limita el tiempo que un nodo puede permanecer desempeñando el papel de réplica, de tal forma que, una vez pasado ese tiempo, otro nodo tomará esa responsabilidad. Aplicando esta propuesta se consigue un equilibrio en el consumo energético de los nodos de la red, lo que tiene un gran impacto en la extensión del tiempo de vida de la red. En los experimentos realizados, dicha extensión tiene un valor m´ınimo de un 60%, llegándose a extender el tiempo de la vida hasta 10 veces bajo ciertas definiciones de tiempo de vida de la red. La principal contribución de esta Tesis es la presentación de un marco de trabajo adaptativo tanto espacial como temporalmente que, basado en un modelo teórico, indica cuál es el número óptimo de replicas que deben ser usadas en un determinado periodo. En esta Tesis se propone un protocolo completo que cubre todas las funcionalidades para que dicho sistema pueda ser implementado y desplegado en el mundo real. Para demostrar que el sistema propuesto puede ser implementado en ndoos de sensores comerciales, esta Tesis presenta la implementación realizada en 20 motas del fabricante Jennic. Asimismo, se ha empleado un pequeño test de pruebas para confirmar la validez de los modelos matemáticos para la obtención del número óptimo de réplicas, así como para demostrar que el cambio de las réplicas a lo largo del tiempo genera una mejor distribución del consumo energético en la red

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

STARR-DCS: Spatio-temporal adaptation of random replication for data-centric storage

This article presents a novel framework for data-centric storage (DCS) in a wireless sensor and actor network (WSAN) that employs a randomly selected set of data replication nodes, which also change over time. This enables reductions in the average network traffic and energy consumption by adapting the number of replicas to applications' traffic, while balancing energy burdens by varying their locations. To that end, we propose and validate a simple model to determine the optimal number of replicas, in terms of minimizing average traffic/energy consumption, based on measurements of applications' production and consumption traffic. Simple mechanisms are proposed to decide when the current set of replication nodes should be changed, to enable new applications and nodes to efficiently bootstrap into a working WSAN, to recover from failing nodes, and to adapt to changing conditions. Extensive simulations demonstrate that our approach can extend a WSAN's lifetime by at least 60%, and up to a factor of 10× depending on the lifetime criterion being considered. The feasibility of the proposed framework has been validated in a prototype with 20 resource-constrained motes, and the results obtained via simulation for large WSANs have been also corroborated in that prototype.The research leading to these results has been partially funded by the Spanish MEC under the CRAMNET project (TEC2012-38362-C03-01) and the FIERRO project (TEC 2010- 12250-E), and by the General Directorate of Universities and Research of the Regional Government of Madrid under the MEDIANET Project (S2009/TIC-1468). G. de Veciana was supported by the National Science Foundation under Award CNS-0915928Publicad

Sécurité collaborative pour l internet des objets

Cette thèse aborde des nouveaux défis de sécurité dans l'Internet des Objets (IdO). La transition actuelle de l'Internet classique vers l'Internet des Objets conduit à de nombreux changements dans les modèles de communications sous-jacents. La nature hétérogène des communications de l IdO et le déséquilibre entre les capacités des entités communicantes qui le constituent rendent difficile l'établissement de connexions sécurisées de bout en bout. Contrairement aux nœuds de l Internet traditionnel, la plupart des composants de l'Internet des Objets sont en effet caractérisés par de faibles capacités en termes d'énergie et de puissance calcul. Par conséquent, ils ne sont pas en mesure de supporter des systèmes de sécurité complexes. En particulier, la mise en place d'un canal de communication sécurisé de bout en bout nécessite l établissement d'une clé secrète commune entre les deux nœuds souhaitant communiquer, qui sera négociée en s'appuyant sur un protocole d'échange de clés tels que le Transport Layer Security (TLS) Handshake ou l Internet Key Exchange (IKE). Or, une utilisation directe de ces protocoles pour établir des connexions sécurisées entre deux entités de l IdO peut être difficile en raison de l'écart technologique entre celles-ci et des incohérences qui en résultent sur le plan des primitives cryptographiques supportées. Le sujet de l'adaptation des protocoles de sécurité existants pour répondre à ces nouveaux défis a récemment été soulevé dans la communauté scientifique. Cependant, les premières solutions proposées n'ont pas réussi à répondre aux besoins des nœuds à ressources limitées. Dans cette thèse, nous proposons de nouvelles approches collaboratives pour l'établissement de clés, dans le but de réduire les exigences des protocoles de sécurité existants, afin que ceux-ci puissent être mis en œuvre par des nœuds à ressources limitées. Nous avons particulièrement retenu les protocoles TLS Handshake, IKE et HIP BEX comme les meilleurs candidats correspondant aux exigences de sécurité de bout en bout pour l'IdO. Puis nous les avons modifiés de sorte que le nœud contraint en énergie puisse déléguer les opérations cryptographiques couteuses à un ensemble de nœuds au voisinage, tirant ainsi avantage de l'hétérogénéité spatiale qui caractérise l IdO. Nous avons entrepris des vérifications formelles de sécurité et des analyses de performance qui prouvent la sureté et l'efficacité énergétique des protocoles collaboratifs proposés. Dans une deuxième partie, nous avons porté notre attention sur une classe d attaques internes que la collaboration entre les nœuds peut induire et que les mécanismes cryptographiques classiques, tels que la signature et le chiffrement, s'avèrent impuissants à contrer. Cela nous a amené à introduire la notion de confiance au sein d'un groupe collaboratif. Le niveau de fiabilité d'un nœud est évalué par un mécanisme de sécurité dédié, connu sous le nom de système de gestion de confiance. Ce système est lui aussi instancié sur une base collaborative, dans laquelle plusieurs nœuds partagent leurs témoignages respectifs au sujet de la fiabilité des autres nœuds. En nous appuyant sur une analyse approfondie des systèmes de gestion de confiance existants et des contraintes de l IoD, nous avons conçu un système de gestion de confiance efficace pour nos protocoles collaboratifs. Cette efficacité a été évaluée en tenant compte de la façon dont le système de gestion de la confiance répond aux exigences spécifiques à nos approches proposées pour l'établissement de clés dans le contexte de l'IdO. Les résultats des analyses de performance que nous avons menées démontrent le bon fonctionnement du système proposé et une efficacité accrue par rapport à la littératureThis thesis addresses new security challenges in the Internet of Things (IoT). The current transition from legacy Internet to Internet of Things leads to multiple changes in its communication paradigms. Wireless sensor networks (WSNs) initiated this transition by introducing unattended wireless topologies, mostly made of resource constrained nodes, in which radio spectrum therefore ceased to be the only resource worthy of optimization. Today's Machine to Machine (M2M) and Internet of Things architectures further accentuated this trend, not only by involving wider architectures but also by adding heterogeneity, resource capabilities inconstancy and autonomy to once uniform and deterministic systems. The heterogeneous nature of IoT communications and imbalance in resources capabilities between IoT entities make it challenging to provide the required end-to-end secured connections. Unlike Internet servers, most of IoT components are characterized by low capabilities in terms of both energy and computing resources, and thus, are unable to support complex security schemes. The setup of a secure end-to-end communication channel requires the establishment of a common secret key between both peers, which would be negotiated relying on standard security key exchange protocols such as Transport Layer Security (TLS) Handshake or Internet Key Exchange (IKE). Nevertheless, a direct use of existing key establishment protocols to initiate connections between two IoT entities may be impractical because of the technological gap between them and the resulting inconsistencies in their cryptographic primitives. The issue of adapting existing security protocols to fulfil these new challenges has recently been raised in the international research community but the first proposed solutions failed to satisfy the needs of resource-constrained nodes. In this thesis, we propose novel collaborative approaches for key establishment designed to reduce the requirements of existing security protocols, in order to be supported by resource-constrained devices. We particularly retained TLS handshake, Internet key Exchange and HIP BEX protocols as the best keying candidates fitting the end-to-end security requirements of the IoT. Then we redesigned them so that the constrained peer may delegate its heavy cryptographic load to less constrained nodes in neighbourhood exploiting the spatial heterogeneity of IoT nodes. Formal security verifications and performance analyses were also conducted to ensure the security effectiveness and energy efficiency of our collaborative protocols. However, allowing collaboration between nodes may open the way to a new class of threats, known as internal attacks that conventional cryptographic mechanisms fail to deal with. This introduces the concept of trustworthiness within a collaborative group. The trustworthiness level of a node has to be assessed by a dedicated security mechanism known as a trust management system. This system aims to track nodes behaviours to detect untrustworthy elements and select reliable ones for collaborative services assistance. In turn, a trust management system is instantiated on a collaborative basis, wherein multiple nodes share their evidences about one another's trustworthiness. Based on an extensive analysis of prior trust management systems, we have identified a set of best practices that provided us guidance to design an effective trust management system for our collaborative keying protocols. This effectiveness was assessed by considering how the trust management system could fulfil specific requirements of our proposed approaches for key establishment in the context of the IoT. Performance analysis results show the proper functioning and effectiveness of the proposed system as compared with its counterparts that exist in the literatureEVRY-INT (912282302) / SudocSudocFranceF

A framework for evaluating countermeasures against sybil attacks in wireless sensor networks

Although Wireless Sensor Networks (WSNs) have found a niche in numerous applications, they are constrained by numerous factors. One of these important factors is security in WSNs. There are various types of security attacks that WSNs are susceptible to. The focus of this study is centred on Sybil attacks, a denial of service attack. In this type of attack, rogue nodes impersonate valid nodes by falsely claiming to possess authentic identities, thereby rendering numerous core WSN operations ineffective. The diverse nature of existing solutions poses a difficult problem for system engineers wanting to employ a best fit countermeasure. This problem is the largely unanswered question posed to all system engineers and developers alike whose goal is to design/develop a secure WSN. Resolving this dilemma proves to be quite a fascinating task, since there are numerous factors to consider and more especially one cannot assume that every application is affected by all identified factors. A framework methodology presented in this study addresses the abovementioned challenges by evaluating countermeasure effectiveness based on theoretical and practical security factors. Furthermore, a process is outlined to determine the application’s engineering requirements and the framework also suggests what security components the system engineer ought to incorporate into the application, depending on the application’s risk profile. The framework then numerically aligns these considerations, ensuring an accurate and fairly unbiased best fit countermeasure selection. Although the framework concentrates on Sybil countermeasures, the methodology can be applied to other classes of countermeasures since it answers the question of how to objectively study and compare security mechanisms that are both diverse and intended for different application environments. The report documents the design and development of a comparative framework that can be used to evaluate countermeasures against Sybil attacks in wireless sensor networks based on various criteria that will be discussed in detail. This report looks briefly at the aims and description of the research. Following this, a literature survey on the body of knowledge concerning WSN security and a discussion on the proposed methodology of a specific design approach are given. Assumptions and a short list of factors that were considered are then described. Metrics, the taxonomy for WSN countermeasures, the framework and a formal model are developed. Risk analysis and the best fit methodology are also discussed. Finally, the results and recommendations are shown for the research, after which the document is concluded.Dissertation (MEng)--University of Pretoria, 2011.Electrical, Electronic and Computer Engineeringunrestricte

Group Key Management in Wireless Ad-Hoc and Sensor Networks

A growing number of secure group applications in both civilian and military domains is being deployed in WAHNs. A Wireless Ad-hoc Network (WARN) is a collection of autonomous nodes or terminals that communicate with each other by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. A Mobile Ad-hoc Network (MANET) is a special type of WARN with mobile users. MANET nodes have limited communication, computational capabilities, and power. Wireless Sensor Networks (WSNs) are sensor networks with massive numbers of small, inexpensive devices pervasive throughout electrical and mechanical systems and ubiquitous throughout the environment that monitor and control most aspects of our physical world. In a WAHNs and WSNs with un-trusted nodes, nodes may falsify information, collude to disclose system keys, or even passively refuse to collaborate. Moreover, mobile adversaries might invade more than one node and try to reveal all system secret keys. Due to these special characteristics, key management is essential in securing such networks. Current protocols for secure group communications used in fixed networks tend to be inappropriate. The main objective of this research is to propose, design and evaluate a suitable key management approach for secure group communications to support WAHNs and WSNs applications. Key management is usually divided into key analysis, key assignment, key generation and key distribution. In this thesis, we tried to introduce key management schemes to provide secure group communications in both WAHNs and WSNs. Starting with WAHNs, we developed a key management scheme. A novel architecture for secure group communications was proposed. Our proposed scheme handles key distribution through Combinatorial Key Distribution Scheme (CKDS). We followed with key generation using Threshold-based Key Generation in WAHNs (TKGS). For key assignment, we proposed Combinatorial Key Assignment Scheme (CKAS), which assigns closer key strings to co-located nodes. We claim that our architecture can readily be populated with components to support objectives such as fault tolerance, full-distribution and scalability to mitigate WAHNs constraints. In our architecture, group management is integrated with multicast at the application layer. For key management in WSNs, we started with DCK, a modified scheme suitable for WSNs. In summary, the DCK achieves the following: (1) cluster leader nodes carry the major part of the key management overhead; (2) DCK consumes less than 50% of the energy consumed by SHELL in key management; (3) localizing key refreshment and handling node capture enhances the security by minimizing the amount of information known by each node about other portions of the network; and (4) since DCK does not involve the use of other clusters to maintain local cluster data, it scales better from a storage point of view with the network size represented by the number of clusters. We went further and proposed the use of key polynomials with DCK to enhance the resilience of multiple node capturing. Comparing our schemes to static and dynamic key management, our scheme was found to enhance network resilience at a smaller polynomial degree t and accordingly with less storage per node