Trust-based energy efficient routing protocol for wireless sensor networks

Wireless Sensor Networks (WSNs) consist of a number of distributed sensor nodes that are connected within a specified area. Generally, WSN is used for monitoring purposes and can be applied in many fields including health, environmental and habitat monitoring, weather forecasting, home automation, and in the military. Similar, to traditional wired networks, WSNs require security measures to ensure a trustworthy environment for communication. However, due to deployment scenarios nodes are exposed to physical capture and inclusion of malicious node led to internal network attacks hence providing the reliable delivery of data and trustworthy communication environment is a real challenge. Also, malicious nodes intentionally dropping data packets, spreading false reporting, and degrading the network performance. Trust based security solutions are regarded as a significant measure to improve the sensor network security, integrity, and identification of malicious nodes. Another extremely important issue for WSNs is energy conversation and efficiency, as energy sources and battery capacity are often limited, meaning that the implementation of efficient, reliable data delivery is an equally important consideration that is made more challenging due to the unpredictable behaviour of sensor nodes. Thus, this research aims to develop a trust and energy efficient routing protocol that ensures a trustworthy environment for communication and reliable delivery of data. Firstly, a Belief based Trust Evaluation Scheme (BTES) is proposed that identifies malicious nodes and maintains a trustworthy environment among sensor nodes while reducing the impact of false reporting. Secondly, a State based Energy Calculation Scheme (SECS) is proposed which periodically evaluates node energy levels, leading to increased network lifetime. Finally, as an integrated outcome of these two schemes, a Trust and Energy Efficient Path Selection (TEEPS) protocol has been proposed. The proposed protocol is benchmarked with A Trust-based Neighbour selection system using activation function (AF-TNS), and with A Novel Trust of dynamic optimization (Trust-Doe). The experimental results show that the proposed protocol performs better as compared to existing schemes in terms of throughput (by 40.14%), packet delivery ratio (by 28.91%), and end-to-end delay (by 41.86%). In conclusion, the proposed routing protocol able to identify malicious nodes provides a trustworthy environment and improves network energy efficiency and lifetime

A Framework for the Performance Analysis and Simulation of RF-Mesh Advanced Metering Infrastructures for Smart Grid Applications

RÉSUMÉ L’Infrastructure de Mesurage Avancée (IMA), conçue à l’origine pour lire à distance des compteurs intelligents, est actuellement considérée comme une composante essentielle dans le domaine des Smart Grid. Le but principal des IMAs est de connecter le grand nombre de compteurs intelligents installés chez les clients au le centre de contrôle de données de l’entreprise d’électricité et viceversa. Cette communication bidirectionnelle est une caractéristique recherchée par un grand nombre d’applications, qui visent à utiliser ces infrastructures comme support à la transmission de leurs données dans le réseau électrique, comme par exemple la gestion de la charge et la demande-réponse. Un grand nombre de technologies et de protocoles de communication sont actuellement utilisés dans les IMAs : parmi les solutions disponibles, le RF-Mesh est une des plus populaires, surtout grâce au bas coût pour l’installation et les équipements. Toutefois, le débit nominal des communications RF-Mesh est très bas, de l’ordre des dizaines de kbps, et la littérature qui traite leur performance est très limitée. Ceci pourrait en limiter l’utilisation pour des applications autres que la lecture à distance des compteurs intelligents. Ce travail de thèse vise à développer un système de modèles et outils pour évaluer la performance des réseaux RF-Mesh et encourager leur utilisation pour un grand nombre d’applications dans le domaine des Smart Grid. Le système d’évaluation de performance proposé est constitué (i) de modèles analytiques, pour calculer la probabilité de collision entre les paquets transmis, (ii) d’un simulateur de réseau, pour recréer le fonctionnement des réseaux RF-Mesh dans un environnement virtuel, (iii) d’un générateur de topologie, pour créer des cas réalistes en se basant sur des données géographiques et (iv) des méthodes pour l’analyse de la performance. Trois différents modèles analytiques ont été implémentés. Dans les deux premiers, une nouvelle formule analytique a été utilisée pour calculer la probabilité de collision entre paquets. La probabilité de collision est ensuite utilisée pour estimer le délai moyen de/vers chaque compteur intelligent dans l’IMA analysée. Par la suite, des indices de performance, basés sur le délai moyen, sont utilisés pour faire des analyses de performance : études de faisabilité pour les applications de Smart Grid, l’identification de noeuds critiques et d’éventuels goulots d’étranglement. Dans le troisième modèle analytique, la théorie de Markov-Modulated System est utilisée pour prendre en considération d’importants détails d’implémentation, comme la probabilité de retransmission et la taille des mémoires tampons des noeuds, qui n’avaient pas été inclus dans la modélisations précédente.----------ABSTRACT Advanced Metering Infrastructure (AMI), originally conceived to replace the old Automated Meter Reading (AMR) infrastructures, have now become a key element in the Smart Grid context and might be used for applications other than remote meter reading. The main driver to their widespread installation is that they provide power utilities with a bidirectional connectivity with the smart meters. A wide variety of communication networks are currently proposed to support the implementation of AMIs, and, among them, the RF-Mesh technology seems to be very popular. The main reasons for its adoption are the proprietary infrastructure and the modest cost for the installation and the equipment. However, RF-Mesh systems are characterized by poor achievable data-rates in the order of 10 kbps, and their performance is not well studied in the literature. The lack of tools and methods for the performance evaluation might be a roadblock to their widespread adoption. This thesis aims at filling this gap and increase the knowledge of large-scale RF-Mesh systems to foster their use for a wide variety of applications. We propose a comprehensive framework for the performance evaluation of large-scale AMIs adopting the RF-Mesh technology. The framework includes (i) a geo-based topology generator that uses geographic data to produce realistic AMI cases, (ii) analytic models for the computation of packet collision probability and delay, (iii) a network simulator to recreate the behavior of large-scale RF-Mesh systems, and (iv) methods to evaluate the performance. Three different analytic models are included in the framework. The first two provide a novel analytic formulation of the packet collision probability in a mesh network with timeslotted ALOHA and the Frequency Hopping Spread Spectrum (FHSS) protocol : the collision probability is then used to estimate the average delay in the network, and to define and evaluate performance indexes (e.g., critical nodes and survival function). In the third model, a complex Markov-Modulated System (MMS) is used to take into consideration important implementation details, such as the retransmission probability and the buffer size, that were not considered in the two previous models. This model also provides a more accurate computation of the packet collision probability. A Poisson distribution is used to represent the traffic coming from potential Smart Grid applications. The framework also includes an RFMesh network simulator, written in Java and Python. The tool provides additional enhanced features with respect to the analytic models, such as a dynamic routing protocol or different traffic distributions

RPL-Based Routing Protocols in IoT Applications: A Review

In the last few years, the Internet of Things (IoT) has proved to be an interesting and promising paradigm that aims to contribute to countless applications by connecting more physical 'things' to the Internet. Although it emerged as a major enabler for many next-generation applications, it also introduced new challenges to already saturated networks. The IoT is already coming to life especially in healthcare and smart environment applications adding a large number of low-powered sensors and actuators to improve lifestyle and introduce new services to the community. The Internet Engineering Task Force (IETF) developed RPL as the routing protocol for low-power and lossy networks (LLNs) and standardized it in RFC6550 in 2012. RPL quickly gained interest, and many research papers were introduced to evaluate and improve its performance in different applications. In this paper, we present a discussion of the main aspects of RPL and the advantages and disadvantages of using it in different IoT applications. We also review the available research related to RPL in a systematic manner based on the enhancement area and the service type. In addition to that, we compare related RPL-based protocols in terms of energy efficiency, reliability, flexibility, robustness, and security. Finally, we present our conclusions and discuss the possible future directions of RPL and its applicability in the Internet of the future

A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process

Efficiency and Accuracy Enhancement of Intrusion Detection System Using Feature Selection and Cross-layer Mechanism

The dramatic increase in the number of connected devices and the significant growth of the network traffic data have led to many security vulnerabilities and cyber-attacks. Hence, developing new methods to secure the network infrastructure and protect data from malicious and unauthorized access becomes a vital aspect of communication network design. Intrusion Detection Systems (IDSs), as common widely used security techniques, are critical to detect network attacks and unauthorized network access and thus minimize further cyber-attack damages. However, there are a number of weaknesses that need to be addressed to make reliable IDS for real-world applications. One of the fundamental challenges is the large number of redundant and non-relevant data. Feature selection emerges as a necessary step in efficient IDS design to overcome high dimensionality problem and enhance the performance of IDS through the reduction of its complexity and the acceleration of the detection process. Moreover, detection algorithm has significant impact on the performance of IDS. Machine learning techniques are widely used in such systems which is studied in details in this dissertation. One of the most destructive activities in wireless networks such as MANET is packet dropping. The existence of the intrusive attackers in the network is not the only cause of packet loss. In fact, packet drop can occur because of faulty network. Hence, in order detect the packet dropping caused by a malicious activity of an attacker, information from various layers of the protocol is needed to detect malicious packet loss effectively. To this end, a novel cross-layer design for malicious packet loss detection in MANET is proposed using features from physical layer, network layer and MAC layer to make a better detection decision. Trust-based mechanism is adopted in this design and a packet loss free routing algorithm is presented accordingly

On reliable and secure RPL (routing protocol low-power and lossy networks) based monitoring and surveillance in oil and gas fields

Different efforts have been made to specify protocols and algorithms for the successful operation of the Internet of things Networks including, for instance, the Low Power and Lossy Networks (LLNs) and Linear Sensor Networks (LSNs). Into such efforts, IETF, the Internet Engineering Task Force, created a working group named, ROLL, to investigate the requirement of such networks and devising more efficient solutions. The effort of this group has resulted in the specification of the IPv6 Routing Protocol for LLNs (RPL), which was standardized in 2012. However, since the introduction of RPL, several studies have reported that it suffers from various limitations and weaknesses including scalability, slow convergence, unfairness of load distribution, inefficiency of bidirectional communication and security, among many others. For instance, a serious problem is RPL’s under-specification of DAO messages which may result in conflict and inefficient implementations leading to a poor performance and scalability issues. Furthermore, RPL has been found to suffer from several security issues including, for instance, the DAO flooding attack, in which the attacker floods the network with control messages aiming to exhaust network resources. Another fundamental issue is related to the scarcity of the studies that investigate RPL suitability for Linear Sensor Networks (LSN) and devising solution in the lieu of that.Motivated by these observations, the publications within this thesis aim to tackle some of the key gaps of the RPL by introducing more efficient and secure routing solutions in consideration of the specific requirements of LLNs in general and LSNs as a special case. To this end, the first publication proposes an enhanced version of RPL called Enhanced-RPL aimed at mitigating the memory overflow and the under-specification of the of DAOs messages. Enhanced-RPL has shown significant reduction in control messages overhead by up to 64% while maintaining comparable reliability to RPL. The second publication introduces a new technique to address the DAO attack of RPL which has been shown to be effective in mitigating the attack reducing the DAO overhead and latency by up to 205% and 181% respectively as well as increasing the PDR by up to 6% latency. The third and fourth publications focus on analysing the optimal placement of nodes and sink movement pattern (fixed or mobile) that RPL should adopt in LSNs. It was concluded based on the results obtained that RPL should opt for fixed sinks with 10 m distance between deployed nodes

Code offloading in opportunistic computing

With the advent of cloud computing, applications are no longer tied to a single device, but they can be migrated to a high-performance machine located in a distant data center. The key advantage is the enhancement of performance and consequently, the users experience. This activity is commonly referred computational offloading and it has been strenuously investigated in the past years. The natural candidate for computational offloading is the cloud, but recent results point out the hidden costs of cloud reliance in terms of latency and energy; Cuervo et. al. illustrates the limitations on cloud-based computational offloading based on WANs latency times. The dissertation confirms the results of Cuervo et. al. and illustrates more use cases where the cloud may not be the right choice. This dissertation addresses the following question: is it possible to build a novel approach for offloading the computation that overcomes the limitations of the state-of-the-art? In other words, is it possible to create a computational offloading solution that is able to use local resources when the Cloud is not usable, and remove the strong bond with the local infrastructure? To this extent, I propose a novel paradigm for computation offloading named anyrun computing, whose goal is to use any piece of higher-end hardware (locally or remotely accessible) to offloading a portion of the application. With anyrun computing I removed the boundaries that tie the solution to an infrastructure by adding locally available devices to augment the chances to succeed in offloading. To achieve the goals of the dissertation it is fundamental to have a clear view of all the steps that take part in the offloading process. To this extent, I firstly provided a categorization of such activities combined with their interactions and assessed the impact on the system. The outcome of the analysis is the mapping to the problem to a combinatorial optimization problem that is notoriously known to be NP-Hard. There are a set of well-known approaches to solving such kind of problems, but in this scenario, they cannot be used because they require a global view that can be only maintained by a centralized infrastructure. Thus, local solutions are needed. Moving further, to empirically tackle the anyrun computing paradigm, I propose the anyrun computing framework (ARC), a novel software framework whose objective is to decide whether to offload or not to any resource-rich device willing to lend assistance is advantageous compared to local execution with respect to a rich array of performance dimensions. The core of ARC is the nference nodel which receives a rich set of information about the available remote devices from the SCAMPI opportunistic computing framework developed within the European project SCAMPI, and employs the information to profile a given device, in other words, it decides whether offloading is advantageous compared to local execution, i.e. whether it can reduce the local footprint compared to local execution in the dimensions of interest (CPU and RAM usage, execution time, and energy consumption). To empirically evaluate ARC I presented a set of experimental results on the cloud, cloudlet, and opportunistic domain. In the cloud domain, I used the state of the art in cloud solutions over a set of significant benchmark problems and with three WANs access technologies (i.e. 3G, 4G, and high-speed WAN). The main outcome is that the cloud is an appealing solution for a wide variety of problems, but there is a set of circumstances where the cloud performs poorly. Moreover, I have empirically shown the limitations of cloud-based approaches, specifically, In some circumstances, problems with high transmission costs tend to perform poorly, unless they have high computational needs. The second part of the evaluation is done in opportunistic/cloudlet scenarios where I used my custom-made testbed to compare ARC and MAUI, the state of the art in computation offloading. To this extent, I have performed two distinct experiments: the first with a cloudlet environment and the second with an opportunistic environment. The key outcome is that ARC virtually matches the performances of MAUI (in terms of energy savings) in cloudlet environment, but it improves them by a 50% to 60% in the opportunistic domain

Solutions and Tools for Secure Communication in Wireless Sensor Networks

Secure communication is considered a vital requirement in Wireless Sensor Network (WSN) applications. Such a requirement embraces different aspects, including confidentiality, integrity and authenticity of exchanged information, proper management of security material, and effective prevention and reaction against security threats and attacks. However, WSNs are mainly composed of resource-constrained devices. That is, network nodes feature reduced capabilities, especially in terms of memory storage, computing power, transmission rate, and energy availability. As a consequence, assuring secure communication in WSNs results to be more difficult than in other kinds of network. In fact, trading effectiveness of adopted solutions with their efficiency becomes far more important. In addition, specific device classes or technologies may require to design ad hoc security solutions. Also, it is necessary to efficiently manage security material, and dynamically cope with changes of security requirements. Finally, security threats and countermeasures have to be carefully considered since from the network design phase. This Ph.D. dissertion considers secure communication in WSNs, and provides the following contributions. First, we provide a performance evaluation of IEEE 802.15.4 security services. Then, we focus on the ZigBee technology and its security services, and propose possible solutions to some deficiencies and inefficiencies. Second, we present HISS, a highly scalable and efficient key management scheme, able to contrast collusion attacks while displaying a graceful degradation of performance. Third, we present STaR, a software component for WSNs that secures multiple traffic flows at the same time. It is transparent to the application, and provides runtime reconfigurability, thus coping with dynamic changes of security requirements. Finally, we describe ASF, our attack simulation framework for WSNs. Such a tool helps network designers to quantitatively evaluate effects of security attacks, produce an attack ranking based on their severity, and thus select the most appropriate countermeasures