Attack-resistant location estimation in wireless sensor networks

Many sensor network applications require sensors’ locations to function correctly. Despite the recent advances, location discovery for sensor networks in hostile environments has been mostly overlooked. Most of the existing localization protocols for sensor networks are vulnerable in hostile environments. The security of location discovery can certainly be enhanced by authentication. However, the possible node compromises and the fact that location determination uses certain physical features (e.g., received signal strength) of radio signals make authentication not as effective as in traditional security applications. This paper presents two methods to tolerate malicious attacks against range-based location discovery in sensor networks. The first method filters out malicious beacon signals on the basis of the “consistency” among multiple beacon signals, while the second method tolerates malicious beacon signals by adopting an iteratively refined voting scheme. Both methods can survive malicious attacks even if the attacks bypass authentication, provided that the benign beacon signals constitute the majority of the beacon signals. This paper also presents the implementation and experimental evaluation (through both field experiments and simulation) of all the secure and resilient location estimation schemes that can be used on the current generation of sensor platforms (e.g., MICA series of motes), including the techniques proposed in this paper, in a network of MICAz motes. The experimental results demonstrate the effectiveness of the proposed methods, and also give the secure and resilient location estimation scheme most suitable for the current generation of sensor networks

Emerging research directions in computer science : contributions from the young informatics faculty in Karlsruhe

In order to build better human-friendly human-computer interfaces, such interfaces need to be enabled with capabilities to perceive the user, his location, identity, activities and in particular his interaction with others and the machine. Only with these perception capabilities can smart systems ( for example human-friendly robots or smart environments) become posssible. In my research I\u27m thus focusing on the development of novel techniques for the visual perception of humans and their activities, in order to facilitate perceptive multimodal interfaces, humanoid robots and smart environments. My work includes research on person tracking, person identication, recognition of pointing gestures, estimation of head orientation and focus of attention, as well as audio-visual scene and activity analysis. Application areas are humanfriendly humanoid robots, smart environments, content-based image and video analysis, as well as safety- and security-related applications. This article gives a brief overview of my ongoing research activities in these areas

Tampering in RFID: A Survey on Risks and Defenses

RFID is a well-known pervasive technology, which provides promising opportunities for the implementation of new services and for the improvement of traditional ones. However, pervasive environments require strong efforts on all the aspects of information security. Notably, RFID passive tags are exposed to attacks, since strict limitations affect the security techniques for this technology. A critical threat for RFIDbased information systems is represented by data tampering, which corresponds to the malicious alteration of data recorded in the tag memory. The aim of this paper is to describe the characteristics and the effects of data tampering in RFID-based information systems, and to survey the approaches proposed by the research community to protect against it. The most important recent studies on privacy and security for RFID-based systems are examined, and the protection given against tampering is evaluated. This paper provides readers with an exhaustive overview on risks and defenses against data tampering, highlighting RFID weak spots and open issues

PILOT : Practical Privacy-Preserving Indoor Localization Using OuTsourcing

In the last decade, we observed a constantly growing number of Location-Based Services (LBSs) used in indoor environments, such as for targeted advertising in shopping malls or finding nearby friends. Although privacy-preserving LBSs were addressed in the literature, there was a lack of attention to the problem of enhancing privacy of indoor localization, i.e., the process of obtaining the users' locations indoors and, thus, a prerequisite for any indoor LBS. In this work we present PILOT, the first practically efficient solution for Privacy-Preserving Indoor Localization (PPIL) that was obtained by a synergy of the research areas indoor localization and applied cryptography. We design, implement, and evaluate protocols for Wi-Fi fingerprint-based PPIL that rely on 4 different distance metrics. To save energy and network bandwidth for the mobile end devices in PPIL, we securely outsource the computations to two non-colluding semi-honest parties. Our solution mixes different secure two-party computation protocols and we design size-and depth-optimized circuits for PPIL. We construct efficient circuit building blocks that are of independent interest: Single Instruction Multiple Data (SIMD) capable oblivious access to an array with low circuit depth and selection of the k-Nearest Neighbors with small circuit size. Additionally, we reduce Received Signal Strength (RSS) values from 8 bits to 4 bits without any significant accuracy reduction. Our most efficient PPIL protocol is 553x faster than that of Li et al. (INFOCOM'14) and 500× faster than that of Ziegeldorf et al. (WiSec'14). Our implementation on commodity hardware has practical run-times of less than 1 second even for the most accurate distance metrics that we consider, and it can process more than half a million PPIL queries per day.Peer reviewe

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Software based deployment of encryption keys in wireless sensor networks.

Sensor networks are just in their infancy. Their use will continue to grow as the technology becomes cheaper and more efficient. A current shortcoming with sensor networks is the inability to efficiently provide secure communications. As sensor networks are deployed to monitor and control systems, the security of communications will become a more important. This thesis proposes a new approach to key establishment and renewal through the use of point-to-point keys and software verification and validation to ensure the integrity of two nodes. Sensor networks exist on limited resources, so power efficiency is a concern. The proposed protocol allows for the use of small keys instead of large pre-distributed keys. This thesis explores the design and implementation of a new point-to-point key generation and renewal algorithm. The main contribution is the development of an algorithm that utilizes a software integrity check to ensure the validity of a node. The thesis also utilizes a simulated sensor network to test and validate the new software algorithm

Internet of Things (IoT): Societal Challenges & Scientific Research Fields for IoT

International audienceJust as the Internet radically reshaped society, the Internet of Things (IoT) willhave an impact on all areas of human life: from our homes, vehicles, workplacesand factories, to our cities and towns, agriculture and healthcare systems. It willalso affect all levels of society (individuals, companies and state-level), from urbanto rural and the natural world beyond. This makes it essential to have a properunderstanding of IoT and the challenges which relate to it. The primary aims ofthis document are to (i) determine the scope of IoT, its origins, current developments and perspectives, and (ii) identify the main societal, technical and scientific challenges linked to IoT.It seems inevitable that IoT will become increasingly omnipresent. Indeed, itis set to penetrate every aspect of all of our lives, connecting everything (billionsof new heterogeneous machines communicating with each other) and measuringeverything: from the collective action we take at a global level, right down to oursmallest individual physiological signals, in real-time. This is a double-edged sword,in that it simultaneously gives people cause for hope (automation, ­optimisation,innovative new functionalities etc.) and cause for fear (surveillance, dependency,cyberattacks, etc.). Given the ever-evolving nature of the IoT, new challenges linked to privacy, transparency, security appear, while new civil and industrialresponsibilities are starting to emerge.IoT is centred around an increasingly complex set of interlinked concepts andembedded technologies. At an industrial level, this growing complexity is makingthe idea of having full control over all components of IoT increasingly difficult, oreven infeasible. However, as a society, we must get to grips with the technologicalfoundations of IoT. One challenge for education will therefore be to graduallyincrease awareness of IoT, both in order to protect individuals’ sovereignty andfree will, and to initiate the training of our future scientists and technicians. Apublic research institute such as Inria can contribute towards understandingand explaining the technological foundations of IoT, in addition to preservingsovereignty in Europe.IoT will inevitably increase dependency on certain types of embeddedt ­ echno­logy. It is hence necessary to identify the new risks that entail, and todevise new strategies in order to take full advantage of IoT, while minimising theserisks. Similarly to the situation in other domains where one must continually seekto preserve ethics without hindering innovation, creating a legal framework forIoT is both necessary and challenging. It nevertheless seems clear already thatthe best way of facing up to industrial giants or superpowers is to take action atthe EU level, as shown by recent examples such as GDPR. Furthermore, given thegrowing influence of technological standards on society, playing an active rolein the process of standardising IoT technology is essential. Open standards andopen source – conceived as a common public good – will be pivotal for IoT, justas they have been for the Internet. Last but not least, massive use of IoT can helpbetter capture and understand the environmental challenges we are ­currentlyfacing – it is also expected IoT will help to mitigate these challenges. The goals inthis context are not only to reduce the quantities of natural resources consumedby IoT (for production, deployment, maintenance and recycling). We must alsoaim to more accurately evaluate the overall net benefit of IoT on the environment,at a global level. This requires determining and subtracting IoT’s environmentalcosts from its (measured) benefits, which is currently a challenge. The growingimpact of IoT underscores the importance of remaining at the cutting edge whenit comes to scientific research and technological development. This documenttherefore aims to (i) highlight the wide range of research fields which are fundamental to IoT, and(ii) take stock of current and future research problems in each of these fields. A number of links are made throughout the document to contributionsmade by Inria. These contributions are, by their nature, diverse (basic and appliedresearch, open source software, startup incubation) and concern the majority ofresearch fields on which IoT is based

Security techniques for sensor systems and the Internet of Things

Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We develop nesCheck, a novel approach that combines static analysis and dynamic checking to efficiently enforce memory safety on TinyOS applications. As security guarantees come at a cost, determining which resources to protect becomes important. Our solution, OptAll, leverages game-theoretic techniques to determine the optimal allocation of security resources in IoT networks, taking into account fixed and variable costs, criticality of different portions of the network, and risk metrics related to a specified security goal. Monitoring IoT devices and sensors during operation is necessary to detect incidents. We design Kalis, a knowledge-driven intrusion detection technique for IoT that does not target a single protocol or application, and adapts the detection strategy to the network features. As the scale of IoT makes the devices good targets for botnets, we design Heimdall, a whitelist-based anomaly detection technique for detecting and protecting against IoT-based denial of service attacks. Once our monitoring tools detect an attack, determining its actual cause is crucial to an effective reaction. We design a fine-grained analysis tool for sensor networks that leverages resident packet parameters to determine whether a packet loss attack is node- or link-related and, in the second case, locate the attack source. Moreover, we design a statistical model for determining optimal system thresholds by exploiting packet parameters variances. With our techniques\u27 diagnosis information, we develop Kinesis, a security incident response system for sensor networks designed to recover from attacks without significant interruption, dynamically selecting response actions while being lightweight in communication and energy overhead