Preserving Context Privacy in Distributed Hash Table Wireless Sensor Networks.

Wireless Sensor Networks (WSN) are often deployed in hostile or difficult scenarios, such as military battlefields and disaster recovery, where it is crucial for the network to be highly fault tolerant, scalable and decentralized. For this reason, peer-to-peer primitives such as Distributed Hash Table (DHT), which can greatly enhance the scalability and resilience of a network, are increasingly being introduced in the design of WSN's. Securing the communication within the WSN is also imperative in hostile settings. In particular, context information, such as the network topology and the location and identity of base stations (which collect data gathered by the sensors and are a central point of failure) can be protected using traffic encryption and anonymous routing. In this paper, we propose a protocol achieving a modified version of onion routing over wireless sensor networks based on the DHT paradigm. The protocol prevents adversaries from learning the network topology using traffic analysis, and therefore preserves the context privacy of the network. Furthermore, the proposed scheme is designed to minimize the computational burden and power usage of the nodes, through a novel partitioning scheme and route selection algorithm

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Privacy-Aware and Secure Decentralized Air Quality Monitoring

Indoor Air Quality monitoring is a major asset to improving quality of life and building management. Today, the evolution of embedded technologies allows the implementation of such monitoring on the edge of the network. However, several concerns need to be addressed related to data security and privacy, routing and sink placement optimization, protection from external monitoring, and distributed data mining. In this paper, we describe an integrated framework that features distributed storage, blockchain-based Role-based Access Control, onion routing, routing and sink placement optimization, and distributed data mining to answer these concerns. We describe the organization of our contribution and show its relevance with simulations and experiments over a set of use cases

An Enhanced Source Location Privacy based on Data Dissemination in Wireless Sensor Networks (DeLP)

open access articleWireless Sensor Network is a network of large number of nodes with limited power and computational capabilities. It has the potential of event monitoring in unattended locations where there is a chance of unauthorized access. The work that is presented here identifies and addresses the problem of eavesdropping in the exposed environment of the sensor network, which makes it easy for the adversary to trace the packets to find the originator source node, hence compromising the contextual privacy. Our scheme provides an enhanced three-level security system for source location privacy. The base station is at the center of square grid of four quadrants and it is surrounded by a ring of flooding nodes, which act as a first step in confusing the adversary. The fake node is deployed in the opposite quadrant of actual source and start reporting base station. The selection of phantom node using our algorithm in another quadrant provides the third level of confusion. The results show that Dissemination in Wireless Sensor Networks (DeLP) has reduced the energy utilization by 50% percent, increased the safety period by 26%, while providing a six times more packet delivery ratio along with a further 15% decrease in the packet delivery delay as compared to the tree-based scheme. It also provides 334% more safety period than the phantom routing, while it lags behind in other parameters due to the simplicity of phantom scheme. This work illustrates the privacy protection of the source node and the designed procedure may be useful in designing more robust algorithms for location privac

Anonymity networks and access to information during conflicts: towards a distributed network organisation

Access to information is crucial during conflicts and other critical events such as population uprisings. An increasing number of social interactions happen in the cyberspace, while information exchanges at the infrastructural level (monitoring systems, sensor networks, etc.) are now also based on Internet and wireless links rather than ad hoc, isolated wired networks. However, the nature of the Internet allows powerful hostile actors to block, censor, or redirect communication to and from specific Internet services, through a number of available techniques. Anonymity networks such as Tor provide a way to circumvent traditional strategies for restricting access to online resources, and make communication harder to trace and identify. Tor, in particular, has been successfully used in past crises to evade censorship and Internet blockades (Egypt in 2011, and Iran in 2012). Anonymity networks can provide essential communication tools during conflicts, allowing information exchanges to be concealed from external observers, anonymised, and made resilient to imposed traffic controls and geographical restrictions. However, the design of networks such as Tor makes them vulnerable to large-scale denial of service attacks, as shown by the DDoS targeted at Tor hidden services in March 2015. In this paper, we analyse the structural weaknesses of Tor with regard to denial of service attacks, and propose a number of modifications to the structure of the Tor network aimed at improving its resilience to a large coordinated offensive run by a hostile actor in a conflict scenario. In particular, we introduce novel mechanisms that allow relay information to be propagated in a distributed and peer-to-peer manner. This eliminates the need for directory services, and allows the deployment of Tor-like networks in hostile environments, where centralised control is impossible. The proposed improvements concern the network organisation, but preserve the underlying onion routing mechanism that is at the base of Tor's anonymity

NB-JNCD Coding and Iterative Joint Decoding Scheme for a Reliable communication in Wireless sensor Networks with results

Privacy threat is a very serious issue in multi-hop wireless networks (MWNs) since open wireless channels are vulnerable to malicious attacks. A distributed random linear network coding approach for transmission and compression of information in general multisource multicast networks. Network nodes independently and randomly select linear mappings from inputs onto output links over some field. Network coding has the potential to thwart traffic analysis attacks since the coding/mixing operation is encouraged at intermediate nodes. However, the simple deployment of network coding cannot achieve the goal once enough packets are collected by the adversaries. This paper proposes non-binary joint network-channel coding for reliable communication in wireless networks. NB-JNCC seamlessly combines non-binary channel coding and random linear network coding, and uses an iterative two-tier coding scheme that weproposed to jointly exploit redundancy inside packets and across packets for error recovery

Private inter-network routing for wireless sensor networks and the Internet of Things

As computing becomes increasingly pervasive, different heterogeneous networks are connected and integrated. This is especially true in the Internet of Things (IoT) and Wireless Sensor Networks (WSN) settings. However, as different networks managed by different parties and with different security requirements are integrated, security becomes a primary concern. WSN nodes, in particular, are often deployed "in the open", where a potential attacker can gain physical access to the device. As nodes can be deployed in hostile or difficult scenarios, such as military battlefields or disaster recovery settings, it is crucial to avoid escalation from successful attacks on a single node to the whole network, and from there to other connected networks. It is therefore crucial to secure the communication within the WSN, and in particular, maintain context information, such as the network topology and the location and identity of base stations (which collect data gathered by the sensors) private. In this paper, we propose a protocol achieving anonymous routing between different interconnected IoT or WSN networks, based on the Spatial Bloom Filter (SBF) data structure. The protocol enables communications between the nodes through the use of anonymous identifiers, thus hiding the location and identity of the nodes within the network. The proposed routing strategy preserves context privacy, and prevents adversaries from learning the network structure and topology, as routing information is encrypted using a homomorphic encryption scheme, and computed only in the encrypted domain. Preserving context privacy is crucial in preventing adversaries from gaining valuable network information from a successful attacks on a single node of the network, and reduces the potential for attack escalation