Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

Machine Learning in Wireless Sensor Networks: Algorithms, Strategies, and Applications

Wireless sensor networks monitor dynamic environments that change rapidly over time. This dynamic behavior is either caused by external factors or initiated by the system designers themselves. To adapt to such conditions, sensor networks often adopt machine learning techniques to eliminate the need for unnecessary redesign. Machine learning also inspires many practical solutions that maximize resource utilization and prolong the lifespan of the network. In this paper, we present an extensive literature review over the period 2002-2013 of machine learning methods that were used to address common issues in wireless sensor networks (WSNs). The advantages and disadvantages of each proposed algorithm are evaluated against the corresponding problem. We also provide a comparative guide to aid WSN designers in developing suitable machine learning solutions for their specific application challenges.Comment: Accepted for publication in IEEE Communications Surveys and Tutorial

TRUST-BASED DEFENSE AGAINST INSIDER PACKET DROP ATTACKS IN WIRELESS SENSOR NETWORKS

In most wireless sensor networks (WSNs), sensor nodes generate data packets and send them to the base station (BS) by multi-hop routing paths because of their limited energy and transmission range. The insider packet drop attacks refer to a set of attacks where compromised nodes intentionally drop packets. It is challenging to accurately detect such attacks because packets may also be dropped due to collision, congestion, or other network problems. Trust mechanism is a promising approach to identify inside packet drop attackers. In such an approach, each node will monitor its neighbor's packet forwarding behavior and use this observation to measure the trustworthiness of its neighbors. Once a neighbor's trust value falls below a threshold, it will be considered as an attacker by the monitoring node and excluded from the routing paths so further damage to the network will not be made. In this dissertation, we analyze the limitation of the state-of-the-art trust mechanisms and propose several enhancement techniques to better defend against insider packet drop attacks in WSNs. First, we observe that inside attackers can easily defeat the current trust mechanisms and even if they are caught, normally a lot of damage has already been made to the network. We believe this is caused by current trust models' inefficiency in distinguishing attacking behaviors and normal network transmission failures. We demonstrate that the phenomenon of consecutive packet drops is one fundamental difference between attackers and good sensor nodes and build a hybrid trust model based on it to improve the detection speed and accuracy of current trust models. Second, trust mechanisms give false alarms when they mis-categorize good nodes as attackers. Aggressive mechanisms like our hybrid approach designed to catch attackers as early as possible normally have high false alarm rate. Removing these nodes from routing paths may significantly reduce the performance of the network. We propose a novel false alarm detection and recovery mechanism that can recover the falsely detected good nodes. Next, we show that more intelligent packet drop attackers can launch advanced attacks without being detected by introducing a selective forwarding-based denial-of-service attack that drops only packets from specific victim nodes. We develop effective detection and prevention methods against such attack. We have implemented all the methods we have proposed and conducted extensive simulations with the OPNET network simulator to validate their effectiveness

A survey on wireless body area networks: architecture, security challenges and research opportunities.

In the era of communication technologies, wireless healthcare networks enable innovative applications to enhance the quality of patients’ lives, provide useful monitoring tools for caregivers, and allows timely intervention. However, due to the sensitive information within the Wireless Body Area Networks (WBANs), insecure data violates the patients’ privacy and may consequently lead to improper medical diagnosis and/or treatment. Achieving a high level of security and privacy in WBAN involves various challenges due to its resource limitations and critical applications. In this paper, a comprehensive survey of the WBAN technology is provided, with a particular focus on the security and privacy concerns along with their countermeasures, followed by proposed research directions and open issues

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Security of Software-defined Wireless Sensor Networks

Wireless Sensor Network (WSN) using Software Defined Networking (SDN) can achieve several advantages such as flexible and centralized network management and efficient routing. This is because SDN is a logically centralized architecture that separates the control plane from the data plane. SDN can provide security solutions, such as routing isolation, while handling the heterogeneity, scalability, and the limited resources of WSNs. However, such centralized architecture brings new challenges due to the single attack point and having non-dedicated channels for the control plane in WSNs. In this thesis, we investigate and propose security solutions for software-defined WSNs considering energy-efficiency and resource-preservation. The details are as follows. First, the functionality of software-defined WSNs can be affected by malicious sensor nodes that perform arbitrary actions such as message dropping or flooding. The malicious nodes can degrade the availability of the network due to in-band communications and the inherent lack of secure channels in software-defined WSNs. Therefore, we design a hierarchical trust management scheme for software-defined WSNs (namely TSW) to detect potential threats inside software-defined WSNs while promoting node cooperation and supporting decision-making in the forwarding process. The TSW scheme evaluates the trustworthiness of involved nodes and enables the detection of malicious behavior at various levels of the software-defined WSN architecture. We develop sensitive trust computational models to detect several malicious attacks. Furthermore, we propose separate trust scores and parameters for control and data traffic, respectively, to enhance the detection performance against attacks directed at the crucial traffic of the control plane. Additionally, we develop an acknowledgment-based trust recording mechanism by exploiting some built-in SDN control messages. To ensure the resilience and honesty of the trust scores, a weighted averaging approach is adopted, and a reliability trust metric is also defined. Through extensive analyses and numerical simulations, we demonstrate that TSW is efficient in detecting malicious nodes that launch several communication and trust management threats such as black-hole, selective forwarding, denial of service, bad and good mouthing, and ON-OFF attacks. Second, network topology obfuscation is generally considered a proactive mechanism for mitigating traffic analysis attacks. The main challenge is to strike a balance among energy consumption, reliable routing, and security levels due to resource constraints in sensor nodes. Furthermore, software-defined WSNs are more vulnerable to traffic analysis attacks due to the uncovered pattern of control traffic between the controller and the nodes. As a result, we propose a new energy-aware network topology obfuscation mechanism, which maximizes the attack costs and is efficient and practical to be deployed. Specifically, first, a route obfuscation method is proposed by utilizing ranking-based route mutation, based on four different critical criteria: route overlapping, energy consumption, link costs, and node reliability. Then, a sink node obfuscation method is introduced by selecting several fake sink nodes that are indistinguishable from actual sink nodes, according to the k-anonymity model. As a result, the most suitable routes and sink nodes can be selected, and a highest obfuscation level can be reached without sacrificing energy efficiency. Finally, extensive simulation results demonstrate that the proposed methods strongly mitigate traffic analysis attacks and achieve effective network topology obfuscation for software-defined WSNs. In addition, the proposed methods reduce the success rate of the attacks while achieving lower energy consumption and longer network lifetime. Last, security networking functions, such as trust management and Intrusion Detection System (IDS), are deployed in WSNs to protect the network from multiple attacks. However, there are many resource and security challenges in deploying these functions. First, they consume tremendous nodes’ energy and computational resources, which are limited in WSNs. Another challenge is preserving the security at a sufficient level in terms of reliability and coverage. Watchdog nodes, as one of the main components in trust management, overhear and monitor other nodes in the network. Accordingly, a secure and energy-aware watchdog placement optimization solution is studied for software-defined WSNs. The solution balances the required energy consumption, computational resource, and security in terms of the honesty of the watchdog nodes. To this end, a multi-population genetic algorithm is proposed for the optimal placement of the watchdog function in the network given the comprehensive aspects of resources and security. Finally, simulation results demonstrate that the proposed solution robustly preserves security levels and achieves energy-efficient deployment. In summary, reactive and proactive security solutions are investigated, designed, and evaluated for software-defined WSNs. The novelty of these proposed solutions is not only efficient and robust security but also their energy awareness, which allows them to be practical on resource-constrained networks. Thus, this thesis is considered a significant advancement toward more trustworthy and dependable software-defined WSNs

Copyright protection of scalar and multimedia sensor network data using digital watermarking

This thesis records the research on watermarking techniques to address the issue of copyright protection of the scalar data in WSNs and image data in WMSNs, in order to ensure that the proprietary information remains safe between the sensor nodes in both. The first objective is to develop LKR watermarking technique for the copyright protection of scalar data in WSNs. The second objective is to develop GPKR watermarking technique for copyright protection of image data in WMSN

Emerging Communications for Wireless Sensor Networks

Wireless sensor networks are deployed in a rapidly increasing number of arenas, with uses ranging from healthcare monitoring to industrial and environmental safety, as well as new ubiquitous computing devices that are becoming ever more pervasive in our interconnected society. This book presents a range of exciting developments in software communication technologies including some novel applications, such as in high altitude systems, ground heat exchangers and body sensor networks. Authors from leading institutions on four continents present their latest findings in the spirit of exchanging information and stimulating discussion in the WSN community worldwide