A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

End-to-end security in active networks

Active network solutions have been proposed to many of the problems caused by the increasing heterogeneity of the Internet. These ystems allow nodes within the network to process data passing through in several ways. Allowing code from various sources to run on routers introduces numerous security concerns that have been addressed by research into safe languages, restricted execution environments, and other related areas. But little attention has been paid to an even more critical question: the effect on end-to-end security of active flow manipulation. This thesis first examines the threat model implicit in active networks. It develops a framework of security protocols in use at various layers of the networking stack, and their utility to multimedia transport and flow processing, and asks if it is reasonable to give active routers access to the plaintext of these flows. After considering the various security problem introduced, such as vulnerability to attacks on intermediaries or coercion, it concludes not. We then ask if active network systems can be built that maintain end-to-end security without seriously degrading the functionality they provide. We describe the design and analysis of three such protocols: a distributed packet filtering system that can be used to adjust multimedia bandwidth requirements and defend against denial-of-service attacks; an efficient composition of link and transport-layer reliability mechanisms that increases the performance of TCP over lossy wireless links; and a distributed watermarking servicethat can efficiently deliver media flows marked with the identity of their recipients. In all three cases, similar functionality is provided to designs that do not maintain end-to-end security. Finally, we reconsider traditional end-to-end arguments in both networking and security, and show that they have continuing importance for Internet design. Our watermarking work adds the concept of splitting trust throughout a network to that model; we suggest further applications of this idea

Physical Layer Service Integration in 5G: Potentials and Challenges

High transmission rate and secure communication have been identified as the key targets that need to be effectively addressed by fifth generation (5G) wireless systems. In this context, the concept of physical-layer security becomes attractive, as it can establish perfect security using only the characteristics of wireless medium. Nonetheless, to further increase the spectral efficiency, an emerging concept, termed physical-layer service integration (PHY-SI), has been recognized as an effective means. Its basic idea is to combine multiple coexisting services, i.e., multicast/broadcast service and confidential service, into one integral service for one-time transmission at the transmitter side. This article first provides a tutorial on typical PHY-SI models. Furthermore, we propose some state-of-the-art solutions to improve the overall performance of PHY-SI in certain important communication scenarios. In particular, we highlight the extension of several concepts borrowed from conventional single-service communications, such as artificial noise (AN), eigenmode transmission etc., to the scenario of PHY-SI. These techniques are shown to be effective in the design of reliable and robust PHY-SI schemes. Finally, several potential research directions are identified for future work.Comment: 12 pages, 7 figure

Securing SOME/IP for In-Vehicle Service Protection

Although high-speed in-vehicle networks are being increasingly adopted by the industry to support emerging use cases, previous research already demonstrated that car hacking is a real threat. This paper formalizes a novel framework proposed to provide improved security to the emerging SOME/IP middleware, without introducing at the same time limitations in the communication patterns available. Most notably, the entire traffic matrix is designed to be configured using simple high-level rules, clearly stating who can talk to whom according to the service abstraction adopted by SOME/IP. Three incremental security levels are made available, accounting for different services being associated with different requirements. The core security protocol, encompassing a session establishment phase followed by the transmission of secured SOME/IP messages, has been formally verified, to prove its correctness in terms of authentication and secrecy properties. Performance-wise, in-depth experimental evaluations conducted with an extended version of vsomeip confirmed the introduction of quite limited penalties compared to the bare unsecured implementation

Security Issues and Solutions in Multicast Environment through Tree based Scheme

Multicast is the delivery of a message or information to a group of destination computers simultaneously in a single transmission from the source creating copies automatically in other network elements, such as routers, only when the topology of the network requires it. Multicasting security is hard because of Open group membership, everyone gets same pack ets, Senders need not be members. We first present taxonomy of mu lticast scenarios on the Internet and point out relevant security concerns. Next we address two major security problems of multicast communication: source authentication, and key revocation. Maintaining authenticity in multicast protocols is a much more complex problem than for unicast, in particular known solutions are prohibitively inefficient in many cases. We present a solution that is reasonable for a range of scenarios. Our approach can be regarded as a midpoi nt between traditional Message Authentication Codes and digital signatures. We also present an improved solution to the key revocation problem

Design and Implementation of a Network Service Marketplace

The Internet has successfully served the world for more than three decades, while limitations and drawbacks still exist. A lot of researches have been done on innovation of Internet to address those inadequacies. One approach to improve Internet performance is to make choice as a principle in network architecture. We believe that a service-based network architecture with choice, or we call it ChoiceNet, is the most suitable option for future Internet. In this thesis, we design and implement a network service marketplace. Due to the flexibility and functionality of web application, the marketplace is implemented by a web application to fulfill functions such as storing and searching network services, handling actual financial transaction and interacting with client and service planner

A Review of the Energy Efficient and Secure Multicast Routing Protocols for Mobile Ad hoc Networks

This paper presents a thorough survey of recent work addressing energy efficient multicast routing protocols and secure multicast routing protocols in Mobile Ad hoc Networks (MANETs). There are so many issues and solutions which witness the need of energy management and security in ad hoc wireless networks. The objective of a multicast routing protocol for MANETs is to support the propagation of data from a sender to all the receivers of a multicast group while trying to use the available bandwidth efficiently in the presence of frequent topology changes. Multicasting can improve the efficiency of the wireless link when sending multiple copies of messages by exploiting the inherent broadcast property of wireless transmission. Secure multicast routing plays a significant role in MANETs. However, offering energy efficient and secure multicast routing is a difficult and challenging task. In recent years, various multicast routing protocols have been proposed for MANETs. These protocols have distinguishing features and use different mechanismsComment: 15 page