Validating sensor nodes in Wireless sensor networks using scoring algorithm

Sensor networks are frequently used to collect data in the environment such as agriculture, forest monitoring, healthcare, and military battlefield. In Wireless Sensor Networks (WSN), nodes are used to monitor the environment and gather data where sinks can be used to collect the data from the sensor nodes and transfer them to the back-end server for processing. These sensible data are moved from one node to another node in the network. Such data should not be considered for public accessibility by the nodes in the network where the visibility and ease of access can only be achieved through either authenticated nodes or right authenticated persons. As sensor node can collect an important data (such as medical or military data), security is a critical issue. Hence, the sensor network needs a secure authentication mechanism to solve this problem and protects the unauthorized access. Therefore, the authentication mechanism used by the node and the sink node must be very efficient in terms of both computational time and energy consumptions. This is especially important for nodes with computing capabilities and battery lifetime is very low. Moreover, for extremely lightweight devices, efficient security solutions with simple mathematics operation and low energy consumptions are still required. To make an authentication decision in real-time, a scoring algorithm examines the user model and the user’s recent behavior, and outputs a score indicating the likelihood that the correct user is using the device. The score is used to make an authentication decision

Patrol Detection for Replica Attacks on Wireless Sensor Networks

Replica attack is a critical concern in the security of wireless sensor networks. We employ mobile nodes as patrollers to detect replicas distributed in different zones in a network, in which a basic patrol detection protocol and two detection algorithms for stationary and mobile modes are presented. Then we perform security analysis to discuss the defense strategies against the possible attacks on the proposed detection protocol. Moreover, we show the advantages of the proposed protocol by discussing and comparing the communication cost and detection probability with some existing methods

Self-healing in unattended wireless sensor networks

Wireless sensor networks (WSNs) appeal to a wide range of applications that involve the monitoring of various physical phenomena. However, WSNs are subject to many threats. In particular, lack of pervasive tamper-resistant hardware results in sensors being easy targets for compromise. Having compromised a sensor, the adversary learns all the sensor secrets, allowing it to later encrypt/decrypt or authenticate messages on behalf of that sensor. This threat is particularly relevant in the novel unattended wireless sensor networks (UWSNs) scenario. UWSNs operate without constant supervision by a trusted sink. UWSN?s unattended nature and increased exposure to attacks prompts the need for special techniques geared towards regaining security after being compromised. In this article, we investigate cooperative self-healing in UWSNs and propose various techniques to allow unattended sensors to recover security after compromise. Our techniques provide seamless healing rates even against a very agile and powerful adversary. The effectiveness and viability of our proposed techniques are assessed by thorough analysis and supported by simulation results. Finally, we introduce some real-world issues affecting UWSN deployment and provide some solutions for them as well as a few open problems calling for further investigation

A System Perspective to Privacy, Security and Resilience in Mobile Applications

Mobile applications have changed our life so much, but they also create problems related to privacy which is one of basic human rights. Protection (or security) of privacy is an important issue in mobile applications owing to the high likelihood of privacy violation nowadays. This thesis is devoted to a fundamental study on the privacy issue in mobile applications. The overall objective of the thesis is to advance our understanding of privacy and its relevant concepts in the context of mobile applications. There are three specific objectives with this thesis. Objective 1 is to have a more comprehensive understanding of the concepts of privacy, security and resilience (PSR for short) along with their relationship in the context of mobile applications. Objective 2 is to develop the principles of design of a mobile application system with a satisfactory PSR. Objective 3 is to develop a demonstration system (PSR demo for short) to illustrate how the principles of design can be applied. A salient approach was taken in this thesis, that is based on a general knowledge architecture called FCBPSS (F: function, C: context, B: behavior, P: principle. SS: state and structure). An analysis of literature was conducted first, resulting in a classification of various privacies against the FCPBSS architecture, followed by developing a theory of privacy, protection of privacy (security), and resilience of the system that performs protection of privacy, PSR theory for short. The principles of design of a mobile application system based on the PSR theory were then developed, which are expected to guide the practice of developing a mobile application for satisfactory privacy protection. Finally, a demonstration system, regarding the doctor booking for minimum waiting time and energy consumption, was developed to issue how the PSR theory and design principles work. The main contribution of this thesis is the development of the concept of PSR, especially the relationship among privacy (P), security (S), and resilience (R), and a set of design rules to develop a mobile application based on the PSR theory

On the cyber security issues of the internet infrastructure

The Internet network has received huge attentions by the research community. At a first glance, the network optimization and scalability issues dominate the efforts of researchers and vendors. Many results have been obtained in the last decades: the Internet’s architecture is optimized to be cheap, robust and ubiquitous. In contrast, such a network has never been perfectly secure. During all its evolution, the security threats of the Internet persist as a transversal and endless topic. Nowadays, the Internet network hosts a multitude of mission critical activities. The electronic voting systems and financial services are carried out through it. Governmental institutions, financial and business organizations depend on the performance and the security of the Internet. This role confers to the Internet network a critical characterization. At the same time, the Internet network is a vector of malicious activities, like Denial of Service attacks; many reports of attacks can be found in both academic outcomes and daily news. In order to mitigate this wide range of issues, many research efforts have been carried out in the past decades; unfortunately, the complex architecture and the scale of the Internet make hard the evaluation and the adoption of such proposals. In order to improve the security of the Internet, the research community can benefit from sharing real network data. Unfortunately, privacy and security concerns inhibit the release of these data: its suffices to imagine the big amount of private information (e.g., political preferences or religious belief) it is possible to get while reading the Internet packets exchanged between users and web services. This scenario motivates my research, and represents the context of this dissertation which contributes to the analysis of the security issues of the Internet infrastructures and describes relevant security proposals. In particular, the main outcomes described in this dissertation are: • the definition of a secure routing protocol for the Internet network able to provide cryptographic guarantees against false route announcement and invalid path attack; • the definition of a new obfuscation technique that allow the research community to publicly release their real network flows with formal guarantees of security and privacy; • the evidence of a new kind of leakage of sensitive informations obtained hacking the models used by sundry Machine Learning Algorithms

Intrusion-Resilience in Mobile Unattended WSNs

Abstract — Wireless Sensor Networks (WSNs) are susceptible to a wide range of attacks due to their distributed nature, limited sensor resources and lack of tamper-resistance. Once a sensor is corrupted, the adversary learns all secrets and (even if the sensor is later released) it is very difficult for the sensor to regain security, i.e., to obtain intrusion-resilience. Existing solutions rely on the presence of an on-line trusted third party, such as a sink, or on the availability of secure hardware on sensors. Neither assumption is realistic in large-scale Unattended WSNs (UWSNs), characterized by long periods of disconnected operation and periodic visits by the sink. In such settings, a mobile adversary can gradually corrupt the entire network during the intervals between sink visits. As shown in some recent work, intrusionresilience in UWSNs can be attained (to a degree) via cooperative self-healing techniques. In this paper, we focus on intrusion-resilience in Mobile Unattended Wireless Sensor Networks (µUW SNs) where sensors move according to some mobility model. We argue that sensor mobility motivates a specific type of adversary and defending against it requires new security techniques. Concretely, we propose a cooperative protocol that – by leveraging sensor mobility – allows compromised sensors to recover secure state after compromise. This is obtained with very low overhead and in a fully distributed fashion. We provide a thorough analysis of the proposed protocol and support it by extensive simulation results. I