962 research outputs found
KALwEN: a new practical and interoperable key management scheme for body sensor networks
Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike
KALwEN: A New Practical and Interoperable Key Management Scheme for Body Sensor Networks
Key management is the pillar of a security architecture. Body sensor networks(BSNs) pose several challenges -- some inherited from wireless sensor networks(WSNs), some unique to themselves -- that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new lightweight scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports global broadcast, local broadcast and neighbor-to-neighbor unicast, while preserving past key secrecry and future key secrecy. The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case
EASND: Energy Adaptive Secure Neighbour Discovery Scheme for Wireless Sensor Networks
Wireless Sensor Network (WSN) is defined as a distributed system of networking, which is enabled with set of resource constrained sensors, thus attempt to providing a large set of capabilities and connectivity interferences. After deployment nodes in the network must automatically affected heterogeneity of framework and design framework steps, including obtaining knowledge of neighbor nodes for relaying information. The primary goal of the neighbor discovery process is reducing power consumption and enhancing the lifespan of sensor devices. The sensor devices incorporate with advanced multi-purpose protocols, and specifically communication models with the pre-eminent objective of WSN applications. This paper introduces the power and security aware neighbor discovery for WSNs in symmetric and asymmetric scenarios. We have used different of neighbor discovery protocols and security models to make the network as a realistic application dependent model. Finally, we conduct simulation to analyze the performance of the proposed EASND in terms of energy efficiency, collisions, and security. The node channel utilization is exceptionally elevated, and the energy consumption to the discovery of neighbor nodes will also be significantly minimized. Experimental results show that the proposed model has valid accomplishment
Secure and Reliable Routing Protocol for Transmission Data in Wireless Sensor Mesh Networks
Abstract
Sensor nodes collect data from the physical world then exchange it until it reaches the intended destination. This information can be sensitive, such as battlefield surveillance. Therefore, providing secure and continuous data transmissions among sensor nodes in wireless network environments is crucial. Wireless sensor networks (WSN) have limited resources, limited computation capabilities, and the exchange of data through the air and deployment in accessible areas makes the energy, security, and routing major concerns in WSN. In this research we are looking at security issues for the above reasons. WSN is susceptible to malicious activities such as hacking and physical attacks. In general, security threats are classified depending on the layers. Physical, Transport, Network, Data link, and the Application layer. Sensor nodes can be placed in an unfriendly environments and it has lower power energy, computation and bandwidth, are exposed to a failure, and the WSN topology dynamically unstable. The recent wireless sensor protocols are intended for data communication transmission energy consumption. Therefore, many do not consider the security in WSN as much as they should and it might be vulnerable to attacks. Standard crypto systems methods aim to protect the authentication and integrity of data packets during the transmission stage between senders and receivers. In this dissertation we present Adel which is a novel routing protocol for exchanging data through wireless sensor mesh networks using Ant Colony Optimization (ACO) algorithm. Adel enhances security level during data transmission between sender party and receiver party in wireless network environment. Once the sensor nodes are deployed in a network, they need to inform their location and their data related to the security for the further communication in the network. For that purpose,
ii
an efficient mechanism is implemented in order to perform better communication among sensor nodes. Adel generates dynamic routing table using ACO algorithm with all the necessary information from network nodes after being deployed. Adel works with minimum routing restrictions and exploits the advantages of the three multicast routing styles, unicast, path, and mesh based. Since it takes a routing decision with a minimum number of nodes using the shortest path between the sender and the receiver nodes, Adel is applicable in static networks. Four essential performance metrics in mesh networks, network security analysis, network latency time, network packets drop, network delivery ratio, and network throughput are evaluated. Adel routing protocol has met the most important security requirements such as authorization, authentication, confidentiality, and integrity. It also grantees the absence of the cycle path problem in the network.This research reports the implementation and the performance of the proposed protocol using network simulator NS-2. The seven main parameters are considered for evaluation all experiments are security trust, packets drop, energy consumption, throughput, end to end delay and packet delivery ratio. The results show that the proposed system can significantly enhance the network security and connectivity level compared to other routing protocols. Yet, as expected, it did not do so well in energy consumption since our main goal was to provide higher level of security and connectivit
E2BNAR: Energy Efficient Backup Node Assisted Routing for Wireless Sensor Networks
In Wireless Sensor Networks (WSNs), each sensor node can only use so much power before recharging. If energy is depleted too quickly, nodes will fail one by one, bringing down the network as a whole. To this end, a design is needed to reduce the burden on the sensor nodes' power supplies while extending the network's useful life. This paper proposes a new approach, called Energy Efficient Backup Node Assisted Routing, to accomplish this (E2BNAR). Each primary node in the network has a group of backup nodes to ensure the network continues functioning. Assuming that the sensor nodes are capable of energy harvesting, E2BNAR finds the best backup node by analyzing the statistical relationship between energy harvesting and consumption rates. Periodically, residual energy is used to analyze the current energy consumption rate. When evaluating performance, several different indicators are taken into account. These include the Packet Delivery Ratio, Throughput, Average Energy Consumption, and Number of Awakened Sensor Nodes. Through analysis and experimentation in several settings, the proposed method's efficacy has been established
A Crosslayer Routing Protocol (XLRP) for Wireless Sensor Networks
The advent of wireless sensor networks with emphasis on the information being routed, rather than routing information has redefined networking from that of conventional wireless networked systems. Demanding that need for contnt based routing techniques and development of low cost network modules, built to operate in large numbers in a networked fashion with limited resources and capabilities. The unique characteristics of wireless sensor networks have the applicability and effectiveness of conventional algorithms defined for wireless ad-hoc networks, leading to the design and development of protocols specific to wireless sensor network. Many network layer protocols have been proposed for wireless sensor networks, identifying and addressing factors influencing network layer design, this thesis defines a cross layer routing protocol (XLRP) for sensor networks. The submitted work is suggestive of a network layer design with knowledge of application layer information and efficient utilization of physical layer capabilities onboard the sensor modules. Network layer decisions are made based on the quantity of information (size of the data) that needs to be routed and accordingly transmitter power leels are switched as an energy efficient routing strategy. The proposed routing protocol switches radio states based on the received signal strength (RSSI) acquiring only relevant information and piggybacks information in data packets for reduced controlled information exchange. The proposed algorithm has been implemented in Network Simulator (NS2) and the effectiveness of the protocol has been proved in comparison with diffusion paradigm
Routing and Mobility on IPv6 over LoWPAN
The IoT means a world-wide network of interconnected objects based on standard communication
protocols. An object in this context is a quotidian physical device augmented with
sensing/actuating, processing, storing and communication capabilities. These objects must be
able to interact with the surrounding environment where they are placed and to cooperate with
neighbouring objects in order to accomplish a common objective. The IoT objects have also the
capabilities of converting the sensed data into automated instructions and communicating them
to other objects through the communication networks, avoiding the human intervention in several
tasks. Most of IoT deployments are based on small devices with restricted computational
resources and energy constraints. For this reason, initially the scientific community did not
consider the use of IP protocol suite in this scenarios because there was the perception that it
was too heavy to the available resources on such devices. Meanwhile, the scientific community
and the industry started to rethink about the use of IP protocol suite in all IoT devices and now
it is considered as the solution to provide connectivity between the IoT devices, independently
of the Layer 2 protocol in use, and to connect them to the Internet. Despite the use of IP suite
protocol in all devices and the amount of solutions proposed, many open issues remain unsolved
in order to reach a seamless integration between the IoT and the Internet and to provide the
conditions to IoT service widespread. This thesis addressed the challenges associated with the
interconnectivity between the Internet and the IoT devices and with the security aspects of
the IoT. In the interconnectivity between the IoT devices and the Internet the problem is how
to provide valuable information to the Internet connected devices, independently of the supported
IP protocol version, without being necessary accessed directly to the IoT nodes. In order
to solve this problem, solutions based on Representational state transfer (REST) web services
and IPv4 to IPv6 dual stack transition mechanism were proposed and evaluated. The REST web
service and the transition mechanism runs only at the border router without penalizing the IoT
constrained devices. The mitigation of the effects of internal and external security attacks
minimizing the overhead imposed on the IoT devices is the security challenge addressed in this
thesis. Three different solutions were proposed. The first is a mechanism to prevent remotely
initiated transport level Denial of Service attacks that avoids the use of inefficient and hard to
manage traditional firewalls. It is based on filtering at the border router the traffic received
from the Internet and destined to the IoT network according to the conditions announced by
each IoT device. The second is a network access security framework that can be used to control
the nodes that have access to the network, based on administrative approval, and to enforce
security compliance to the authorized nodes. The third is a network admission control framework
that prevents IoT unauthorized nodes to communicate with IoT authorized nodes or with
the Internet, which drastically reduces the number of possible security attacks. The network
admission control was also exploited as a management mechanism as it can be used to manage
the network size in terms of number of nodes, making the network more manageable, increasing
its reliability and extending its lifetime.A IoT (Internet of Things) tem suscitado o interesse tanto da comunidade académica como
da indústria, uma vez que os campos de aplicação são inúmeros assim como os potenciais ganhos
que podem ser obtidos através do uso deste tipo de tecnologia. A IoT significa uma rede
global de objetos ligados entre si através de uma rede de comunicações baseada em protocolos
standard. Neste contexto, um objeto é um objeto físico do dia a dia ao qual foi adicionada a
capacidade de medir e de atuar sobre variáveis físicas, de processar e armazenar dados e de
comunicar. Estes objetos têm a capacidade de interagir com o meio ambiente envolvente e de
cooperar com outros objetos vizinhos de forma a atingirem um objetivo comum. Estes objetos
também têm a capacidade de converter os dados lidos em instruções e de as comunicar a outros
objetos através da rede de comunicações, evitando desta forma a intervenção humana em
diversas tarefas. A maior parte das concretizações de sistemas IoT são baseados em pequenos
dispositivos autónomos com restrições ao nível dos recursos computacionais e de retenção de
energia. Por esta razão, inicialmente a comunidade científica não considerou adequado o uso
da pilha protocolar IP neste tipo de dispositivos, uma vez que havia a perceção de que era muito
pesada para os recursos computacionais disponíveis. Entretanto, a comunidade científica e a
indústria retomaram a discussão acerca dos benefícios do uso da pilha protocolar em todos os
dispositivos da IoT e atualmente é considerada a solução para estabelecer a conetividade entre
os dispositivos IoT independentemente do protocolo da camada dois em uso e para os ligar à
Internet. Apesar do uso da pilha protocolar IP em todos os dispositivos e da quantidade de
soluções propostas, são vários os problemas por resolver no que concerne à integração contínua
e sem interrupções da IoT na Internet e de criar as condições para a adoção generalizada deste
tipo de tecnologias.
Esta tese versa sobre os desafios associados à integração da IoT na Internet e dos aspetos de
segurança da IoT. Relativamente à integração da IoT na Internet o problema é como fornecer
informação válida aos dispositivos ligados à Internet, independentemente da versão do protocolo
IP em uso, evitando o acesso direto aos dispositivos IoT. Para a resolução deste problema foram
propostas e avaliadas soluções baseadas em web services REST e em mecanismos de transição
IPv4 para IPv6 do tipo pilha dupla (dual stack). O web service e o mecanismo de transição são
suportados apenas no router de fronteira, sem penalizar os dispositivos IoT. No que concerne
à segurança, o problema é mitigar os efeitos dos ataques de segurança internos e externos
iniciados local e remotamente. Foram propostas três soluções diferentes, a primeira é um
mecanismo que minimiza os efeitos dos ataques de negação de serviço com origem na Internet e
que evita o uso de mecanismos de firewalls ineficientes e de gestão complexa. Este mecanismo
filtra no router de fronteira o tráfego com origem na Internet é destinado à IoT de acordo
com as condições anunciadas por cada um dos dispositivos IoT da rede. A segunda solução,
é uma framework de network admission control que controla quais os dispositivos que podem
aceder à rede com base na autorização administrativa e que aplica políticas de conformidade
relativas à segurança aos dispositivos autorizados. A terceira é um mecanismo de network
admission control para redes 6LoWPAN que evita que dispositivos não autorizados comuniquem
com outros dispositivos legítimos e com a Internet o que reduz drasticamente o número de
ataques à segurança. Este mecanismo também foi explorado como um mecanismo de gestão uma
vez que pode ser utilizado a dimensão da rede quanto ao número de dispositivos, tornando-a
mais fácil de gerir e aumentando a sua fiabilidade e o seu tempo de vida
- …