IMPROVING SMART GRID SECURITY USING MERKLE TREES

Abstract—Presently nations worldwide are starting to convert their aging electrical power infrastructures into modern, dynamic power grids. Smart Grid offers much in the way of efficiencies and robustness to the electrical power grid, however its heavy reliance on communication networks will leave it more vulnerable to attack than present day grids. This paper looks at the threat to public key cryptography systems from a fully realized quantum computer and how this could impact the Smart Grid. We argue for the use of Merkle Trees in place of public key cryptography for authentication of devices in wireless mesh networks that are used in Smart Grid applications

QUALITY-DRIVEN CROSS LAYER DESIGN FOR MULTIMEDIA SECURITY OVER RESOURCE CONSTRAINED WIRELESS SENSOR NETWORKS

The strong need for security guarantee, e.g., integrity and authenticity, as well as privacy and confidentiality in wireless multimedia services has driven the development of an emerging research area in low cost Wireless Multimedia Sensor Networks (WMSNs). Unfortunately, those conventional encryption and authentication techniques cannot be applied directly to WMSNs due to inborn challenges such as extremely limited energy, computing and bandwidth resources. This dissertation provides a quality-driven security design and resource allocation framework for WMSNs. The contribution of this dissertation bridges the inter-disciplinary research gap between high layer multimedia signal processing and low layer computer networking. It formulates the generic problem of quality-driven multimedia resource allocation in WMSNs and proposes a cross layer solution. The fundamental methodologies of multimedia selective encryption and stream authentication, and their application to digital image or video compression standards are presented. New multimedia selective encryption and stream authentication schemes are proposed at application layer, which significantly reduces encryption/authentication complexity. In addition, network resource allocation methodologies at low layers are extensively studied. An unequal error protection-based network resource allocation scheme is proposed to achieve the best effort media quality with integrity and energy efficiency guarantee. Performance evaluation results show that this cross layer framework achieves considerable energy-quality-security gain by jointly designing multimedia selective encryption/multimedia stream authentication and communication resource allocation

Security for the Industrial IoT: The Case for Information-Centric Networking

Industrial production plants traditionally include sensors for monitoring or documenting processes, and actuators for enabling corrective actions in cases of misconfigurations, failures, or dangerous events. With the advent of the IoT, embedded controllers link these `things' to local networks that often are of low power wireless kind, and are interconnected via gateways to some cloud from the global Internet. Inter-networked sensors and actuators in the industrial IoT form a critical subsystem while frequently operating under harsh conditions. It is currently under debate how to approach inter-networking of critical industrial components in a safe and secure manner. In this paper, we analyze the potentials of ICN for providing a secure and robust networking solution for constrained controllers in industrial safety systems. We showcase hazardous gas sensing in widespread industrial environments, such as refineries, and compare with IP-based approaches such as CoAP and MQTT. Our findings indicate that the content-centric security model, as well as enhanced DoS resistance are important arguments for deploying Information Centric Networking in a safety-critical industrial IoT. Evaluation of the crypto efforts on the RIOT operating system for content security reveal its feasibility for common deployment scenarios.Comment: To be published at IEEE WF-IoT 201

e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices

To facilitate monitoring and management, modern Implantable Medical Devices (IMDs) are often equipped with wireless capabilities, which raise the risk of malicious access to IMDs. Although schemes are proposed to secure the IMD access, some issues are still open. First, pre-sharing a long-term key between a patient's IMD and a doctor's programmer is vulnerable since once the doctor's programmer is compromised, all of her patients suffer; establishing a temporary key by leveraging proximity gets rid of pre-shared keys, but as the approach lacks real authentication, it can be exploited by nearby adversaries or through man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one of the most important design goals, few schemes explore to lower the communication and computation overhead all at once. Finally, how to safely record the commands issued by doctors for the purpose of forensics, which can be the last measure to protect the patients' rights, is commonly omitted in the existing literature. Motivated by these important yet open problems, we propose an innovative scheme e-SAFE, which significantly improves security and safety, reduces the communication overhead and enables IMD-access forensics. We present a novel lightweight compressive sensing based encryption algorithm to encrypt and compress the IMD data simultaneously, reducing the data transmission overhead by over 50% while ensuring high data confidentiality and usability. Furthermore, we provide a suite of protocols regarding device pairing, dual-factor authentication, and accountability-enabled access. The security analysis and performance evaluation show the validity and efficiency of the proposed scheme

Data sharing in secure multimedia wireless sensor networks

© 2016 IEEE. The use of Multimedia Wireless Sensor Networks (MWSNs) is becoming common nowadays with a rapid growth in communication facilities. Similar to any other WSNs, these networks face various challenges while providing security, trust and privacy for user data. Provisioning of the aforementioned services become an uphill task especially while dealing with real-time streaming data. These networks operates with resource-constrained sensor nodes for days, months and even years depending on the nature of an application. The resource-constrained nature of these networks makes it difficult for the nodes to tackle real-time data in mission-critical applications such as military surveillance, forest fire monitoring, health-care and industrial automation. For a secured MWSN, the transmission and processing of streaming data needs to be explored deeply. The conventional data authentication schemes are not suitable for MWSNs due to the limitations imposed on sensor nodes in terms of battery power, computation, available bandwidth and storage. In this paper, we propose a novel quality-driven clustering-based technique for authenticating streaming data in MWSNs. Nodes with maximum energy are selected as Cluster Heads (CHs). The CHs collect data from member nodes and forward it to the Base Station (BS), thus preventing member nodes with low energy from dying soon and increasing life span of the underlying network. The proposed approach not only authenticates the streaming data but also maintains the quality of transmitted data. The proposed data authentication scheme coupled with an Error Concealment technique provides an energy-efficient and distortion-free real-time data streaming. The proposed scheme is compared with an unsupervised resources scenario. The simulation results demonstrate better network lifetime along with 21.34 dB gain in Peak Signal-to-Noise Ratio (PSNR) of received video data streams

A distributed key establishment scheme for wireless mesh networks using identity-based cryptography

In this paper, we propose a secure and efficient key establishment scheme designed with respect to the unique requirements of Wireless Mesh Networks. Our security model is based on Identity-based key establishment scheme without the utilization of a trusted authority for private key operations. Rather, this task is performed by a collaboration of users; a threshold number of users come together in a coalition so that they generate the private key. We performed simulative performance evaluation in order to show the effect of both the network size and the threshold value. Results show a tradeoff between resiliency and efficiency: increasing the threshold value or the number of mesh nodes also increases the resiliency but negatively effects the efficiency. For threshold values smaller than 8 and for number of mesh nodes in between 40 and 100, at least 90% of the mesh nodes can compute their private keys within at most 70 seconds. On the other hand, at threshold value 8, an increase in the number of mesh nodes from 40 to 100 results in 25% increase in the rate of successful private key generations

An Outline of Security in Wireless Sensor Networks: Threats, Countermeasures and Implementations

With the expansion of wireless sensor networks (WSNs), the need for securing the data flow through these networks is increasing. These sensor networks allow for easy-to-apply and flexible installations which have enabled them to be used for numerous applications. Due to these properties, they face distinct information security threats. Security of the data flowing through across networks provides the researchers with an interesting and intriguing potential for research. Design of these networks to ensure the protection of data faces the constraints of limited power and processing resources. We provide the basics of wireless sensor network security to help the researchers and engineers in better understanding of this applications field. In this chapter, we will provide the basics of information security with special emphasis on WSNs. The chapter will also give an overview of the information security requirements in these networks. Threats to the security of data in WSNs and some of their counter measures are also presented