TRUST-BASED DEFENSE AGAINST INSIDER PACKET DROP ATTACKS IN WIRELESS SENSOR NETWORKS

In most wireless sensor networks (WSNs), sensor nodes generate data packets and send them to the base station (BS) by multi-hop routing paths because of their limited energy and transmission range. The insider packet drop attacks refer to a set of attacks where compromised nodes intentionally drop packets. It is challenging to accurately detect such attacks because packets may also be dropped due to collision, congestion, or other network problems. Trust mechanism is a promising approach to identify inside packet drop attackers. In such an approach, each node will monitor its neighbor's packet forwarding behavior and use this observation to measure the trustworthiness of its neighbors. Once a neighbor's trust value falls below a threshold, it will be considered as an attacker by the monitoring node and excluded from the routing paths so further damage to the network will not be made. In this dissertation, we analyze the limitation of the state-of-the-art trust mechanisms and propose several enhancement techniques to better defend against insider packet drop attacks in WSNs. First, we observe that inside attackers can easily defeat the current trust mechanisms and even if they are caught, normally a lot of damage has already been made to the network. We believe this is caused by current trust models' inefficiency in distinguishing attacking behaviors and normal network transmission failures. We demonstrate that the phenomenon of consecutive packet drops is one fundamental difference between attackers and good sensor nodes and build a hybrid trust model based on it to improve the detection speed and accuracy of current trust models. Second, trust mechanisms give false alarms when they mis-categorize good nodes as attackers. Aggressive mechanisms like our hybrid approach designed to catch attackers as early as possible normally have high false alarm rate. Removing these nodes from routing paths may significantly reduce the performance of the network. We propose a novel false alarm detection and recovery mechanism that can recover the falsely detected good nodes. Next, we show that more intelligent packet drop attackers can launch advanced attacks without being detected by introducing a selective forwarding-based denial-of-service attack that drops only packets from specific victim nodes. We develop effective detection and prevention methods against such attack. We have implemented all the methods we have proposed and conducted extensive simulations with the OPNET network simulator to validate their effectiveness

Routing and Security in Mobile Ad Hoc Networks

A Mobile Ad hoc Network (MANET) consists of a set of nodes which can form a network among themselves. MANETs have applications in areas such as military, disaster rescue operations, monitoring animal habitats, etc. where establishing fixed communication infrastructure is not feasible. Routing protocols designed for MANETs can be broadly classified as position-based (geographic), topology-based and hybrid. Geographic routing uses location information of nodes to route messages. Topology-based routing uses network state information for route discovery and maintenance. Hybrid routing protocols use features in both position-based and topology-based approaches. Position-based routing protocols route packets towards the destination using greedy forwarding (i.e., an intermediate node forwards packets to a neighbor that is closer to the destination than itself). If a node has no neighbor that is closer to the destination than itself, greedy forwarding fails. In this case, we say there is void. Different position-based routing protocols use different methods for dealing with voids. Topology-based routing protocols can be classified into on-demand (reactive) routing protocols and proactive routing protocols. Generally, on-demand routing protocols establish routes when needed by flooding route requests throughout the entire network, which is not a scalable approach. Reactive routing protocols try to maintain routes between every pair of nodes by periodically exchanging messages with each other which is not a scalable approach also. This thesis addresses some of these issues and makes the following contribution. First, we present a position-based routing protocol called Greedy Routing Protocol with Backtracking (GRB) which uses a simple backtracking technique to route around voids, unlike existing position-based routing protocols which construct planarized graph of the local network to route around voids. We compare the performance of our protocol with the well known Greedy Perimeter Stateless Routing (GPSR) protocol and the Ad-Hoc On-demand Distance Vector (AODV) routing protocol as well as the Dynamic Source Routing (DSR) protocol. Performance evaluation shows that our protocol has less control overhead than those of DSR, AODV, and GPSR. Performance evaluation also shows that our protocol has a higher packet-delivery ratio, lower end-to-end delay, and less hop count, on average, compared to AODV, DSR and GPSR. We then present an on-demand routing protocol called ``Hybrid On-demand Greedy Routing Protocol with Backtracking for Mobile Ad-Hoc Networks which uses greedy approach for route discovery. This prevents flooding route requests, unlike the existing on-demand routing protocols. This approach also helps in finding routes that have lower hop counts than AODV and DSR. Our performance evaluation confirms that our protocol performs better than AODV and DSR, on average, with respect to hop count, packet-delivery ratio and control overhead. In MANETs, all nodes need to cooperate to establish routes. Establishing secure and valid routes in the presence of adversaries is a challenge in MANETs. Some of the well-known source routing protocols presented in the literature (e.g., Ariadne and endairA) which claim to establish secure routes are susceptible to hidden channel attacks. We address this issue and present a secure routing protocol called SAriadne, based on sanitizable signatures. We show that our protocol detects and prevents hidden channel attacks

Estudi bibliomètric any 2014. Campus del Baix Llobregat: EETAC i ESAB

En el present informe s’analitza la producció científica de les dues escoles del Campus del Baix Llobregat, l’Escola d’Enginyeria de Telecomunicació i Aerospacial de Castelldefels (EETAC) i l’Escola Superior d’Agricultura de Barcelona (ESAB) durant el 2014.Postprint (author’s final draft

Energy-Efficient Hybrid Key Management Protocol for Wireless Sensor Networks

In this paper, we propose a subnetwork key management strategy in which the heterogeneous security requirements of a wireless sensor network are considered to provide differing levels of security with minimum communication overhead. Additionally, it allows the dynamic creation of high security subnetworks within the wireless sensor network and provides subnetworks with a mechanism for dynamically creating a secure key using a novel and dynamic group key management protocol. The proposed energy-efficient protocol utilizes a combination of pre-deployed group keys and initial trustworthiness of nodes to create a level of trust between neighbors in the network. This trust is later used to allow secure communication between neighbors when creating a dynamic, high security subnetwork within the sensor network. Results of simulations of the protocol in Ns2 are presented and the complexity of the protocol is analyzed. The proposed protocol reduces delay by 50% and energy consumption by 70% over the existing dynamic group key management (DGKM) scheme

Distributed Intermittent Fault Diagnosis in Wireless Sensor Network Using Likelihood Ratio Test

In current days, sensor nodes are deployed in hostile environments for various military and commercial applications. Sensor nodes are becoming faulty and having adverse effects in the network if they are not diagnosed and inform the fault status to other nodes. Fault diagnosis is difficult when the nodes behave faulty some times and provide good data at other times. The intermittent disturbances may be random or kind of spikes either in regular or irregular intervals. In literature, the fault diagnosis algorithms are based on statistical methods using repeated testing or machine learning. To avoid more complex and time consuming repeated test processes and computationally complex machine learning methods, we proposed a one shot likelihood ratio test (LRT) here to determine the fault status of the sensor node. The proposed method measures the statistics of the received data over a certain period of time and then compares the likelihood ratio with the threshold value associated with a certain tolerance limit. The simulation results using a real time data set shows that the new method provides better detection accuracy (DA) with minimum false positive rate (FPR) and false alarm rate (FAR) over the modified three sigma test. LRT based hybrid fault diagnosis method detecting the fault status of a sensor node in wireless sensor network (WSN) for real time measured data with 100% DA, 0% FAR and 0% FPR if the probability of the data from faulty node exceeds 25%

Magneto-inductive wireless underground sensor networks: novel longevity model, communication concepts and workarounds to key theoretical issues using analogical thinking

This research has attempted to devise novel workarounds to key theoretical issues in magneto-inductive wireless underground sensor networks (WUSNs), founded on analogical thinking (Gassmann & Zeschky 2008). The problem statement for this research can be summarized as follows. There has been a substantial output of research publications in the past 5 years, devoted to theoretically analysing and resolving the issues pertaining to deployment of MI based WUSNs. However, no alternate solution approaches to such theoretical analyses have been considered. The goal of this research was to explore such alternate solution approaches. This research has used the principle of analogical thinking in devising such alternate solution approaches. This research has made several key contributions to the existing body of work. First, this research is the first of its kind to demonstrate by means of review of state-of-the-art research on MI based WUSNs, the largely theoretical genus of the research to the exclusion of alternate solution approaches to circumvent key theoretical issues. Second, this research is the first of its kind to introduce the notion of analogical thinking as a solution approach in finding viable workarounds to theoretical impediments in MI based WUSNs, and validate such solution approach by means of simulations. Third, this research is the first of its kind to explore novel communication concepts in the realm of MI based WUSNs, based on analogical thinking. Fourth, this research is the first of its kind to explore a novel longevity model in the realm of MI based WUSNs, based on analogical thinking. Fifth, this research is also the first to extend the notion of analogical thinking to futuristic directions in MI based WUSNs research, by means of providing possible indicators drawn from various other areas of contemporary research. In essence, the author believes that the findings of this research mark a paradigm shift in the research on MI based WUSNs