An Adaptive Security Protocol for a Wireless Sensor‐based Monitoring Network in Smart Grid Transmission Lines

In this paper, we propose a new security protocol for a wireless sensor network, which is designed for monitoring long range power transmission lines in smart grid. Part of the monitoring network is composed of optical fiber composite over head ground wire (OPGW), thus it can be secured with conventional security protocol. However, the wireless sensor network between two neighboring OPGW gateways remains vulnerable. Our proposed security protocol focuses on the wireless sensor network part, it provides mutual authentication, data integrity, and data confidentiality for both uplink and downlink transmissions between the sensor nodes and the OPGW gateway. Besides, our proposed protocol is adaptive to the dynamic node changes of the monitoring sensor network; for example, new sensors are added to the network, or some of the sensors are malfunctioning. We further propose a self‐healing process using an “i‐neighboring nodes” public key structure and an asymmetric algorithm. We also conduct energy consumption analysis for both general and extreme conditions to show that our security protocol improves the availability of the monitoring sensor network

Social-context based routing and security in delay tolerant networks

Delay Tolerant Networks (DTNs) were originally intended for interplanetary communications and have been applied to a series of difficult environments: wireless sensor networks, unmanned aerial vehicles, and short-range personal communications. There is a class of such environments in which nodes follow semi-predictable social patterns, such as wildlife tracking or personal devices. This work introduces a series of algorithms designed to identify the social patterns present in these environments and apply this data to difficult problems, such as efficient message routing and content distribution. Security is also difficult in a mobile environment. This is especially the case in the event that a large portion of the network is unreliable, or simply unknown. As the network size increases nodes have difficulty in securely distributing keys, especially using low powered nodes with limited keyspace. A series of multi-party security algorithms were designed to securely transmit a message in the event that the sender does not have access to the destinations public key. Messages are routed through a series of nodes, each of which partially decrypts the message. By encrypting for several proxies, the message can only be intercepted if all those nodes have been compromised. Even a highly compromised network has increased security using this algorithm, with a trade-off of reduced delivery ratio and increased delivery time -- Abstract, page iv

Cooperative strategies for pairwise secure communication channels in sensor networks

Establishing secure communication channels in sensor networks is made especially difficult because of low power resources, hostile environments, and wireless communication. The power requirements of traditional cryptographic methods create the need for alternative strategies for secure communication in sensor networks. This thesis explores key distribution techniques in sensor networks. Specifically, we study in depth one method that enables sensors to establish pairwise secure communication channels. This strategy relies on a cooperative set of peer sensors to construct a unique key between two sensors. We built a unique network simulator to test secure communication parameters in a typical deployment scenario. This research tests the strategy by which the cooperative set of sensors is chosen. The results demonstrate that a strategy favoring neighbor nodes consumes significantly less energy than other alternatives at the expense of vulnerability to geographically localized attacks

Efficient data uncertainty management for health industrial internet of things using machine learning

[EN] In modern technologies, the industrial internet of things (IIoT) has gained rapid growth in the fields of medical, transportation, and engineering. It consists of a self-governing configuration and cooperated with sensors to collect, process, and analyze the processes of a real-time system. In the medical system, healthcare IIoT (HIIoT) provides analytics of a huge amount of data and offers low-cost storage systems with the collaboration of cloud systems for the monitoring of patient information. However, it faces certain connectivity, nodes failure, and rapid data delivery challenges in the development of e-health systems. Therefore, to address such concerns, this paper presents an efficient data uncertainty management model for HIIoT using machine learning (EDM-ML) with declining nodes prone and data irregularity. Its aim is to increase the efficacy for the collection and processing of real-time data along with smart functionality against anonymous nodes. It developed an algorithm for improving the health services against disruption of network status and overheads. Also, the multi-objective function decreases the uncertainty in the management of medical data. Furthermore, it expects the routing decisions using a machine learning-based algorithm and increases the uniformity in health operations by balancing the network resources and trust distribution. Finally, it deals with a security algorithm and established control methods to protect the distributed data in the exposed health industry. Extensive simulations are performed, and their results reveal the significant performance of the proposed model in the context of uncertainty and intelligence than benchmark algorithms.This research is supported by Artificial Intelligence & Data Analytics Lab (AIDA) CCIS Prince Sultan University, Riyadh Saudi Arabia. Authors are thankful for the support.Haseeb, K.; Saba, T.; Rehman, A.; Ahmed, I.; Lloret, J. (2021). Efficient data uncertainty management for health industrial internet of things using machine learning. International Journal of Communication Systems. 34(16):1-14. https://doi.org/10.1002/dac.4948114341

Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

Reputation-Based Internet Protocol Security: A Multilayer Security Framework for Mobil Ad Hoc Networks

This research effort examines the theory, application, and results for a Reputation-based Internet Protocol Security (RIPSec) framework that provides security for an ad-hoc network operating in a hostile environment. In RIPSec, protection from external threats is provided in the form of encrypted communication links and encryption-wrapped nodes while internal threats are mitigated by behavior grading that assigns reputations to nodes based on their demonstrated participation in the routing process. Network availability is provided by behavior grading and round-robin multipath routing. If a node behaves faithfully, it earns a positive reputation over time. If a node misbehaves (for any number of reasons, not necessarily intentional), it earns a negative reputation. Each member of the MANET has its own unique and subjective set of Reputation Indexes (RI) that enumerates the perceived reputation of the other MANET nodes. Nodes that desire to send data will eliminate relay nodes they perceive to have a negative reputation during the formulation of a route. A 50-node MANET is simulated with streaming multimedia and varying levels of misbehavior to determine the impact of the framework on network performance. Results of this research were very favorable. Analysis of the simulation data shows the number of routing errors sent in a MANET is reduced by an average of 52% when using RIPSec. The network load is also reduced, decreasing the overall traffic introduced into the MANET and permitting individual nodes to perform more work without overtaxing their limited resources. Finally, throughput is decreased due to larger packet sizes and longer round trips for packets to traverse the MANET, but is still sufficient to pass traffic with high bandwidth requirements (i.e., video and imagery) that is of interest in military networks