Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

A SURVIVABLE DISTRIBUTED DATABASE AGAINST BYZANTINE FAILURE

Distributed Database Systems have been very useful technologies in making a wide range of information available to users across the World. However, there are now growing security concerns, arising from the use of distributed systems, particularly the ones attached to critical systems. More than ever before, data in distributed databases are more susceptible to attacks, failures or accidents owing to advanced knowledge explosions in network and database technologies. The imperfection of the existing security mechanisms coupled with the heightened and growing concerns for intrusion, attack, compromise or even failure owing to Byzantine failure are also contributing factors. The importance of  survivable distributed databases in the face of byzantine failure, to other emerging technologies is the motivation for this research. Furthermore, It has been observed that most of the existing works on distributed database only dwelled on maintaining data integrity and availability in the face of attack. There exist few on availability or survibability of distributed databases owing to internal factors such as internal sabotage or storage defects. In this paper, an architecture for entrenching survivability of Distributed Databases occasioned by Byzantine failures is proposed. The proposed architecture concept is based on re-creating data on failing database server based on a set  threshold value.The proposed architecture is tested and found to be capable of improving probability of survivability in distributed database where it is implemented to  99.6%  from 99.2%.

Survey on data aggregation based security attacks in wireless sensor network

Wireless sensor network (WSN) has applications in military, health care, environmental monitoring, infrastructure, industrial and commercial applications. The WSN is expected to maintain data integrity in all its network operations. However, due to the nature of wireless connectivity, WSN is prone to various attacks that alter or steal the data exchanged between the nodes. These attacks can disrupt the network processes and also the accuracy of its results. In this survey paper, we have reviewed various attacks available in the literature till date. We have also listed existing methods that focus on data aggregation based security mechanisms in WSN to counter the attacks. We have classified and compared these methods owing to their encryption techniques. This paper intends to support researchers to understand the basic attacks prevalent in WSN and schemes to counter such attacks

Dynamic Trust-Based Device Legitimacy Assessment Towards Secure IoT Interactions

Establishing trust-based interactions in heterogeneously connected devices appears to be the prominent mechanism in addressing the prevailing concerns of confidence, reliability and privacy relevant in establishing secure interactions among connected devices in the network. Trust-based assessment of device legitimacy is evolving given IoT devices’ dynamic and heterogeneous nature and emerging adversaries. However, computation and application of trust level in establishing secure communications, access control and privacy domain are rarely discussed in the literature. To compute trust, based on the quality of service, direct interactions, and the relationship between devices, we introduce a multi-factor trust computation model that considers the multiple attributes of interactions in an IoT network of heterogeneous devices providing a wide range of data and services. Direct trust is estimated for quality of service considering the response time, reliability, consistency, and integrity attributes of devices. The time decay factor influences the credibility of computed trust over time. The policy-driven mechanism is employed to sift the devices and isolate the malicious ones. Extensive simulations validate the proposed model’s effectiveness using Contiki’s Cooja simulator for IoT networks

Survivability modeling for cyber-physical systems subject to data corruption

Cyber-physical critical infrastructures are created when traditional physical infrastructure is supplemented with advanced monitoring, control, computing, and communication capability. More intelligent decision support and improved efficacy, dependability, and security are expected. Quantitative models and evaluation methods are required for determining the extent to which a cyber-physical infrastructure improves on its physical predecessors. It is essential that these models reflect both cyber and physical aspects of operation and failure. In this dissertation, we propose quantitative models for dependability attributes, in particular, survivability, of cyber-physical systems. Any malfunction or security breach, whether cyber or physical, that causes the system operation to depart from specifications will affect these dependability attributes. Our focus is on data corruption, which compromises decision support -- the fundamental role played by cyber infrastructure. The first research contribution of this work is a Petri net model for information exchange in cyber-physical systems, which facilitates i) evaluation of the extent of data corruption at a given time, and ii) illuminates the service degradation caused by propagation of corrupt data through the cyber infrastructure. In the second research contribution, we propose metrics and an evaluation method for survivability, which captures the extent of functionality retained by a system after a disruptive event. We illustrate the application of our methods through case studies on smart grids, intelligent water distribution networks, and intelligent transportation systems. Data, cyber infrastructure, and intelligent control are part and parcel of nearly every critical infrastructure that underpins daily life in developed countries. Our work provides means for quantifying and predicting the service degradation caused when cyber infrastructure fails to serve its intended purpose. It can also serve as the foundation for efforts to fortify critical systems and mitigate inevitable failures --Abstract, page iii

A self-healing key distribution scheme based on vector space secret sharing and one way hash chains

An efficient self-healing key distribution scheme with revocation capability is proposed for secure group communication in wireless networks. The scheme bases on vector space secret sharing and one way hash function techniques. Vector space secret sharing helps to realize general monotone decreasing structures for the family of subsets of users that can be revoked instead of a threshold one. One way hash chains contribute to reduce communication overhead. Furthermore, the most prominent characteristic of our scheme is resisting collusion between the new joined users and the revoked users, which is fatal weakness of hash function based self-healing key distribution schemes