Wireless Sensor Network Security: Approaches to Detecting and Avoiding Wormhole Attacks

This paper explores Wireless Sensor Networks (WSNs) and the related security issues and complications arising from a specific type of security breach, the wormhole attack. Wormhole attacks against WSNs are classified as passive, external laptop-class threats. Because malicious wormhole attacks are increasing, these attacks pose a serious security threat and increase the costs to maintain a Wireless Sensor Network. Research into preventing wormhole attacks yields two distinct model approach types: Administrator-Viewpoint models and User-Viewpoint models. While the modalities vary, the four Administrator-Viewpoint models reviewed were designed in the early 2000s and suggest defending against wormhole attacks through the use of expensive hardware, packet leashes, or topology visualization systems. On the other hand, the four proposed User-Viewpoint models have become the current theoretical models of choice.  While existing as simulation approaches to defend against wormhole attacks, the User-Viewpoint models use internally calculated routing algorithms to suggest routes to avoid or evade, not defend against, established wormhole routes. This paper confirms the efficacies of the User-Viewpoint models in the lab simulations are viewed as the most promising cost-effective, future security solutions to wormhole attacks

Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs

Key management for wireless sensor network security

Wireless Sensor Networks (WSNs) have attracted great attention not only in industry but also in academia due to their enormous application potential and unique security challenges. A typical sensor network can be seen as a combination of a number of low-cost sensor nodes which have very limited computation and communication capability, memory space, and energy supply. The nodes are self-organized into a network to sense or monitor surrounding information in an unattended environment, while the self-organization property makes the networks vulnerable to various attacks.Many cryptographic mechanisms that solve network security problems rely directly on secure and efficient key management making key management a fundamental research topic in the field of WSNs security. Although key management for WSNs has been studied over the last years, the majority of the literature has focused on some assumed vulnerabilities along with corresponding countermeasures. Specific application, which is an important factor in determining the feasibility of the scheme, has been overlooked to a large extent in the existing literature.This thesis is an effort to develop a key management framework and specific schemes for WSNs by which different types of keys can be established and also can be distributed in a self-healing manner; explicit/ implicit authentication can be integrated according to the security requirements of expected applications. The proposed solutions would provide reliable and robust security infrastructure for facilitating secure communications in WSNs.There are five main parts in the thesis. In Part I, we begin with an introduction to the research background, problems definition and overview of existing solutions. From Part II to Part IV, we propose specific solutions, including purely Symmetric Key Cryptography based solutions, purely Public Key Cryptography based solutions, and a hybrid solution. While there is always a trade-off between security and performance, analysis and experimental results prove that each proposed solution can achieve the expected security aims with acceptable overheads for some specific applications. Finally, we recapitulate the main contribution of our work and identify future research directions in Part V

Secure Authentication and Privacy-Preserving Techniques in Vehicular Ad-hoc NETworks (VANETs)

In the last decade, there has been growing interest in Vehicular Ad Hoc NETworks (VANETs). Today car manufacturers have already started to equip vehicles with sophisticated sensors that can provide many assistive features such as front collision avoidance, automatic lane tracking, partial autonomous driving, suggestive lane changing, and so on. Such technological advancements are enabling the adoption of VANETs not only to provide safer and more comfortable driving experience but also provide many other useful services to the driver as well as passengers of a vehicle. However, privacy, authentication and secure message dissemination are some of the main issues that need to be thoroughly addressed and solved for the widespread adoption/deployment of VANETs. Given the importance of these issues, researchers have spent a lot of effort in these areas over the last decade. We present an overview of the following issues that arise in VANETs: privacy, authentication, and secure message dissemination. Then we present a comprehensive review of various solutions proposed in the last 10 years which address these issues. Our survey sheds light on some open issues that need to be addressed in the future

Surveying Position Based Routing Protocols for Wireless Sensor and Ad-hoc Networks

A focus of the scientific community is to design network oriented position-based routing protocols and this has resulted in a very high number of algorithms, different in approach and performance and each suited only to particular applications. However, though numerous, very few position-based algorithms have actually been adopted for commercial purposes. This article is a survey of almost 50 position-based routing protocols and it comes as an aid in the implementation of this type of routing in various applications which may need to consider the advantages and pitfalls of position-based routing. An emphasis is made on geographic routing, whose notion is clarified as a more restrictive and more efficient type of position-based routing. The protocols are therefore divided into geographic and non-geographic routing protocols and each is characterized according to a number of network design issues and presented in a comparative manner from multiple points of view. The main requirements of current general applications are also studied and, depending on these, the survey proposes a number of protocols for use in particular application areas. This aims to help both researchers and potential users assess and choose the protocol best suited to their interest

Smart Wireless Sensor Networks

The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks

Cryptanalysis and improvement of a dynamic and secure key management model for hierarchical heterogeneous sensor networks

In 2012, Alagheband and Aref presented a dynamic and secure key manage ment model for hierarchical heterogeneous sensor networks. They proposed a signcryption algorithm which is the main building block in their key management model. They proved the algorithm is as strong as the elliptical curve discrete logarithm problem. In this work, we study the security of their signcryption algorithm. It is regretful that we found their algorithm is insecure. The adversary can impersonate the base station by sending forged messages to the cluster leaders after capturing the signcrypted messages. Hence, the key management model proposed by them is insecure. Then, we propose an improved signcryption algorithm to fix this weakness

Internet of Underwater Things and Big Marine Data Analytics -- A Comprehensive Survey

The Internet of Underwater Things (IoUT) is an emerging communication ecosystem developed for connecting underwater objects in maritime and underwater environments. The IoUT technology is intricately linked with intelligent boats and ships, smart shores and oceans, automatic marine transportations, positioning and navigation, underwater exploration, disaster prediction and prevention, as well as with intelligent monitoring and security. The IoUT has an influence at various scales ranging from a small scientific observatory, to a midsized harbor, and to covering global oceanic trade. The network architecture of IoUT is intrinsically heterogeneous and should be sufficiently resilient to operate in harsh environments. This creates major challenges in terms of underwater communications, whilst relying on limited energy resources. Additionally, the volume, velocity, and variety of data produced by sensors, hydrophones, and cameras in IoUT is enormous, giving rise to the concept of Big Marine Data (BMD), which has its own processing challenges. Hence, conventional data processing techniques will falter, and bespoke Machine Learning (ML) solutions have to be employed for automatically learning the specific BMD behavior and features facilitating knowledge extraction and decision support. The motivation of this paper is to comprehensively survey the IoUT, BMD, and their synthesis. It also aims for exploring the nexus of BMD with ML. We set out from underwater data collection and then discuss the family of IoUT data communication techniques with an emphasis on the state-of-the-art research challenges. We then review the suite of ML solutions suitable for BMD handling and analytics. We treat the subject deductively from an educational perspective, critically appraising the material surveyed.Comment: 54 pages, 11 figures, 19 tables, IEEE Communications Surveys & Tutorials, peer-reviewed academic journa

INTELLIGENTE TRANSPORT SYSTEMEN ITS EN VERKEERSVEILIGHEID

This report discusses Intelligent Transport Systems (ITS). This generic term is used for a broad range of information-, control- and electronic technology that can be integrated in the road infrastructure and the vehicles themselves, saving lives, time and money bymonitoring and managing traffic flows, reducing conges-tion, avoiding accidents, etc. Because this report was written in the scope of the Policy Research Centre Mobility & Public Works, track Traffic Safety, it focuses on ITS systems from the traffic safety point of view. Within the whole range of ITS systems, two categories can be distinguished: autonomous and cooperative systems. Autonomous systems are all forms of ITS which operate by itself, and do not depend on the cooperation with other vehicles or supporting infrastructure. Example applications are blind spot detection using radar, electronic stability control, dynamic traffic management using variable road signs, emergency call, etc. Cooperative systems are ITS systems based on communication and cooperation, both between vehicles as between vehicles and infrastructure. Example applications are alerting vehicles approaching a traffic jam, exchanging data regarding hazardous road conditions, extended electronic brake light, etc. In some cases, autonomous systems can evolve to autonomous cooperative systems. ISA (Intelligent Speed Adaptation) is an example of this: the dynamic aspect as well as communication with infrastructure (eg Traffic lights, Variable Message Sign (VMS)...) can provide additional road safety. This is the clear link between the two parts of this report. The many ITS applications are an indicator of the high expectations from the government, the academic world and the industry regarding the possibilities made possible by both categories of ITS systems. Therefore, the comprehensive discussion of both of them is the core of this report. The first part of the report covering the autonomous systems treats two aspects: 1. Overview of European projects related to mobility and in particular to road safety 2. Overview for guidelines for the evaluation of ITS projects. Out of the wide range of diverse (autonomous) ITS applications a selection is made; this selection is focused on E Safety Forum and PreVENT. Especially the PreVent research project is interesting because ITS-applications have led to a number of concrete demonstration vehicles that showed - in protected and unprotected surroundings- that these ITS-applications are already technically useful or could be developed into useful products. The component “guidelines for the evaluation of ITS projects” outlines that the government has to have specific evaluation tools if the government has the ambition of using ITS-applications for road safety. Two projects -guidelines for the evaluation of ITS projects- are examined; a third evaluation method is only mentioned because this description shows that a specific targeting of the government can be desirable : 1. TRACE describes the guidelines for the evaluation of ITS projects which are useful for the evaluation of specific ITS-applications. 2. FITS contains Finnish guidelines for the evaluation of ITS project; FIS is an adaptation of methods used for evaluation of transport projects. 3. The third evaluation method for the evaluation of ITS projects is developed in an ongoing European research project, eImpact. eImpact is important because, a specific consultation of stake holders shows that the social importance of some techniques is underestimated. These preliminary results show that an appropriate guiding role for the government could be important. In the second part of this document the cooperative systems are discussed in depth. These systems enable a large number of applications with an important social relevance, both on the level of the environment, mobility and traffic safety. Cooperative systems make it possible to warn drivers in time to avoid collisions (e.g. when approaching the tail of a traffic jam, or when a ghost driver is detected). Hazardous road conditions can be automatically communicated to other drivers (e.g. after the detection of black ice or an oil trail by the ESP). Navigation systems can receive detailed real-time up-dates about the current traffic situation and can take this into account when calculating their routes. When a traffic distortion occurs, traffic centers can immediately take action and can actively influence the way that the traffic will be diverted. Drivers can be notified well in advance about approaching emergency vehicles, and can be directed to yield way in a uniform manner. This is just a small selection from the large number of applications that are made possible because of cooperative ITS systems, but it is very obvious that these systems can make a significant positive contribution to traffic safety. In literature it is estimated that the decrease of accidents with injuries of fatalities will be between 20% and 50% . It is not suprising that ITS systems receive a lot of attention for the moment. On an international level, a number of standards are being established regarding this topic. The International Telecommunications Uniont (ITU), Institute for Electrical and Electronics Engineers (IEEE), International Organization for Standardization (ISO), Association of Radio Industries and Business (ARIB) and European committee for standardization (CEN) are currently defining standards that describe different aspects of ITS systems. One of the names that is mostly mentioned in literature is the ISO TC204/WG16 Communications Architecture for Land Mobile environment (CALM) standard. It describes a framework that enables transparent (both for the application and the user) continuous communication through different communication media. Besides the innumerable standardization activities, there is a great number of active research projects. On European level, the most important are the i2010 Intelligent Car Initiative, the eSafety Forum, and the COMeSafety, the CVIS, the SAFESPOT, the COOPERS and the SEVECOM project. The i2010 Intelligent Car Initiative is an European initiative with the goal to halve the number of traffic casualties by 2010. The eSafety Forum is an initiative of the European Commission, industry and other stakeholders and targets the acceleration of development and deployment of safety-related ITS systems. The COMeSafety project supports the eSafety Forum on the field of vehicle-to-vehicle and vehicle-to-infrastructure communication. In the CVIS project, attention is given to both technical and non-technical issues, with the main goal to develop the first free and open reference implementation of the CALM architecture. The SAFEST project investigates which data is important for safety applications, and with which algorithmsthis data can be extracted from vehicles and infrastructure. The COOPERS project mainly targets communication between vehicles and dedicated roadside infrastructure. Finally, the SEVECOM project researches security and privacy issues. Besides the European projects, research is also conducted in the United States of America (CICAS and VII projects) and in Japan (AHSRA, VICS, Smartway, internetITS). Besides standardization bodies and governmental organizations, also the industry has a considerable interest in ITS systems. In the scope of their ITS activities, a number of companies are united in national and international organizations. On an international level, the best known names are the Car 2 Car Communication Consortium, and Ertico. The C2C CC unites the large European car manufacturers, and focuses on the development of an open standard for vehicle-to-vehicle and vehicle-to-infrastructure communications based on the already well established IEEE 802.11 WLAN standard. Ertico is an European multi-sector, public/private partnership with the intended purpose of the development and introduction of ITS systems. On a national level, FlandersDrive and The Telematics Cluster / ITS Belgium are the best known organizations. Despite the worldwide activities regarding (cooperative) ITS systems, there still is no consensus about the wireless technology to be used in such systems. This can be put down to the fact that a large number of suitable technologies exist or are under development. Each technology has its specific advantages and disadvantages, but no single technology is the ideal solution for every ITS application. However, the different candidates can be classified in three distinct categories. The first group contains solutions for Dedicated Short Range Communication (DSRC), such as the WAVE technology. The second group is made up of several cellular communication networks providing coverage over wide areas. Examples are GPRS (data communication using the GSM network), UMTS (faster then GPRS), WiMAX (even faster then UMTS) and MBWA (similar to WiMAX). The third group consists of digital data broadcast technologies such as RDS (via the current FM radio transmissions, slow), DAB and DMB (via current digital radio transmissions, quicker) and DVB-H (via future digital television transmissions for mobiledevices, quickest). The previous makes it clear that ITS systems are a hot topic right now, and they receive a lot of attention from the academic world, the standardization bodies and the industry. Therefore, it seems like that it is just a matter of time before ITS systems will find their way into the daily live. Due to the large number of suitable technologies for the implementation of cooperative ITS systems, it is very hard to define which role the government has to play in these developments, and which are the next steps to take. These issues were addressed in reports produced by the i2010 Intelligent Car Initiative and the CVIS project. Their state of the art overview revealed that until now, no country has successfully deployed a fully operational ITS system yet. Seven EU countries are the furthest and are already in the deployment phase: Sweden, Germany, the Netherlands, the United Kingdom, Finland, Spain and France. These countries are trailed by eight countries which are in the promotion phase: Denmark, Greece, Italy, Austria, Belgium,Norway, the Czech Republic and Poland. Finally, the last ten countries find themselves in the start-up phase: Estonia, Lithuania, Latvia, Slovenia, Slovakia, Hungary, Portugal, Switzerland, Ireland and Luxembourg. These European reports produced by the i2010 Intelligent Car Initiative and the CVIS project have defined a few policy recommendations which are very relevant for the Belgian and Flemish government. The most important recommendations for the Flemish government are: • Support awareness: research revealed that civilians consider ITS applications useful, but they are not really willing to pay for this technology. Therefore, it is important to convince the general public of the usefulness and the importance of ITS systems. • Fill the gaps: Belgium is situated in the promotion phase. This means that it should focus at identifying the missing stakeholders, and coordinating national and regional ITS activities. Here it is important that the research activities are coordinated in a national and international context to allow transfer of knowledge from one study to the next, as well as the results to be comparable. • Develop a vision: in the scope of ITS systems policies have to be defined regarding a large number of issues. For instance there is the question if ITS users should be educated, meaning that the use of ITS systems should be the subject of the drivers license exam. How will the regulations be for the technical inspection of vehicles equipped with ITS technology? Will ITS systems be deployed on a voluntary base, or will they e.g. be obliged in every new car? Will the services be offered by private companies, by the public authorities, or by a combination of them? Which technology will be used to implement ITS systems? These are just a few of the many questions where the government will have to develop a point of view for. • Policy coordination: ITS systems are a policy subject on an international, national and regional level. It is very important that these policy organizations can collaborate in a coordinated manner. • Iterative approach to policy development: developing policies for this complex matter is not a simple task. This asks for an iterative approach, where policy decisions are continuously refined and adjusted