329 research outputs found
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
Recommended from our members
ETARP: An Energy Efficient Trust-Aware Routing Protocol for Wireless Sensor Networks
his paper presents a new routing protocol called Secure and Energy Aware Routing Protocol (ETARP) designed for energy efficiency and security for wireless sensor networks (WSNs). ETARP attempts to deal with WSN applications operating in extreme environments such as the battleield. The key part of the routing protocol is route selection based on utility theory. The concept of utility is a novel approach to simultaneously factor energy eiciency and trustworthiness of routes in the routing protocol. ETARP discovers and selects routes on the basis of maximum utility with incurring additional cost in overhead compared to the commonAODV (Ad Hoc On Demand Distance Vector) routing protocol. Simulation results show that, in comparison to previously proposed routing protocols, namely, AODV-EHA and LTB-AODV (Light-Weight Trust-Based Routing Protocol), the proposed ETARP can keep the same security level while achieving more energy eiciency for data packet delivery
Evaluated reputation-based trust for WSN security
During the last years, Wireless Sensor Networks (WSNs) and its applications have obtained considerable
momentum. However, security and power limits of WSNs are still important matters. Many existing
approaches at most concentrate on cryptography to improve data authentication and integrity but this
addresses only a part of the security problem without consideration for high energy consumption.
Monitoring behavior of node neighbors using reputation and trust models improves the security of WSNs
and maximizes the lifetime for it. However, a few of previous studies take into consideration security
threats and energy consumption at the same time. Under these issues Modified Reputation-Based Trust
model proposed and optimized for security strength. During evaluation of the model with well-known
models two security threats (oscillating and collusion) were applied in order to measure the accuracy,
scalability, trustworthiness and energy consumption. As a result, the effects of collusion and oscillating on
proposed model are minimized and energy consumption for dynamic networks reduced. Also, simulation
results show that MRT has better average accuracy and less average path length than other mechanisms,
due to the security and energy aware.
Keywords: Wireless Sensor Networks (WSNs), Collusion, Oscillating, Power Consumption, Trust and
Reputation Model
TRUST-BASED DEFENSE AGAINST INSIDER PACKET DROP ATTACKS IN WIRELESS SENSOR NETWORKS
In most wireless sensor networks (WSNs), sensor nodes generate data packets and send them to the base station (BS) by multi-hop routing paths because of their limited energy and transmission range. The insider packet drop attacks refer to a set of attacks where compromised nodes intentionally drop packets. It is challenging to accurately detect such attacks because packets may also be dropped due to collision, congestion, or other network problems.
Trust mechanism is a promising approach to identify inside packet drop attackers. In such an approach, each node will monitor its neighbor's packet forwarding behavior and use this observation to measure the trustworthiness of its neighbors. Once a neighbor's trust value falls below a threshold, it will be considered as an attacker by the monitoring node and excluded from the routing paths so further damage to the network will not be made.
In this dissertation, we analyze the limitation of the state-of-the-art trust mechanisms and propose several enhancement techniques to better defend against insider packet drop attacks in WSNs.
First, we observe that inside attackers can easily defeat the current trust mechanisms and even if they are caught, normally a lot of damage has already been made to the network. We believe this is caused by current trust models' inefficiency in distinguishing attacking behaviors and normal network transmission failures. We demonstrate that the phenomenon of consecutive packet drops is one fundamental difference between attackers and good sensor nodes and build a hybrid trust model based on it to improve the detection speed and accuracy of current trust models.
Second, trust mechanisms give false alarms when they mis-categorize good nodes as attackers. Aggressive mechanisms like our hybrid approach designed to catch attackers as early as possible normally have high false alarm rate. Removing these nodes from routing paths may significantly reduce the performance of the network. We propose a novel false alarm detection and recovery mechanism that can recover the falsely detected good nodes.
Next, we show that more intelligent packet drop attackers can launch advanced attacks without being detected by introducing a selective forwarding-based denial-of-service attack that drops only packets from specific victim nodes. We develop effective detection and prevention methods against such attack.
We have implemented all the methods we have proposed and conducted extensive simulations with the OPNET network simulator to validate their effectiveness
Machine Learning in Wireless Sensor Networks: Algorithms, Strategies, and Applications
Wireless sensor networks monitor dynamic environments that change rapidly
over time. This dynamic behavior is either caused by external factors or
initiated by the system designers themselves. To adapt to such conditions,
sensor networks often adopt machine learning techniques to eliminate the need
for unnecessary redesign. Machine learning also inspires many practical
solutions that maximize resource utilization and prolong the lifespan of the
network. In this paper, we present an extensive literature review over the
period 2002-2013 of machine learning methods that were used to address common
issues in wireless sensor networks (WSNs). The advantages and disadvantages of
each proposed algorithm are evaluated against the corresponding problem. We
also provide a comparative guide to aid WSN designers in developing suitable
machine learning solutions for their specific application challenges.Comment: Accepted for publication in IEEE Communications Surveys and Tutorial
A Trust Evaluation Algorithm for Wireless Sensor Networks Based on Node Behaviors and D-S Evidence Theory
For wireless sensor networks (WSNs), many factors, such as mutual interference of wireless links, battlefield applications and nodes exposed to the environment without good physical protection, result in the sensor nodes being more vulnerable to be attacked and compromised. In order to address this network security problem, a novel trust evaluation algorithm defined as NBBTE (Node Behavioral Strategies Banding Belief Theory of the Trust Evaluation Algorithm) is proposed, which integrates the approach of nodes behavioral strategies and modified evidence theory. According to the behaviors of sensor nodes, a variety of trust factors and coefficients related to the network application are established to obtain direct and indirect trust values through calculating weighted average of trust factors. Meanwhile, the fuzzy set method is applied to form the basic input vector of evidence. On this basis, the evidence difference is calculated between the indirect and direct trust values, which link the revised D-S evidence combination rule to finally synthesize integrated trust value of nodes. The simulation results show that NBBTE can effectively identify malicious nodes and reflects the characteristic of trust value that ‘hard to acquire and easy to lose’. Furthermore, it is obvious that the proposed scheme has an outstanding advantage in terms of illustrating the real contribution of different nodes to trust evaluation
Trustworthiness Mechanisms for Long-Distance Networks in Internet of Things
Aquesta tesi té com a objectiu aconseguir un intercanvi de dades fiable en un entorn hostil millorant-ne la confiabilitat mitjançant el disseny d'un model complet que tingui en compte les diferents capes de confiabilitat i mitjançant la implementació de les contramesures associades al model. La tesi se centra en el cas d'ús del projecte SHETLAND-NET, amb l'objectiu de desplegar una arquitectura d'Internet de les coses (IoT) híbrida amb comunicacions LoRa i d'ona ionosfèrica d'incidència gairebé vertical (NVIS) per oferir un servei de telemetria per al monitoratge del “permafrost” a l'Antàrtida.
Per complir els objectius de la tesi, en primer lloc, es fa una revisió de l'estat de l'art en confiabilitat per proposar una definició i l'abast del terme de confiança. Partint d'aquí, es dissenya un model de confiabilitat de quatre capes, on cada capa es caracteritza pel seu abast, mètrica per a la quantificació de la confiabilitat, contramesures per a la millora de la confiabilitat i les interdependències amb les altres capes. Aquest model permet el mesurament i l'avaluació de la confiabilitat del cas d'ús a l'Antàrtida.
Donades les condicions hostils i les limitacions de la tecnologia utilitzada en aquest cas d’ús, es valida el model i s’avalua el servei de telemetria a través de simulacions en Riverbed Modeler. Per obtenir valors anticipats de la confiabilitat esperada, l'arquitectura proposada es modela per avaluar els resultats amb diferents configuracions previ al seu desplegament en proves de camp. L'arquitectura proposada passa per tres principals iteracions de millora de la confiabilitat. A la primera iteració, s'explora l'ús de mecanismes de consens i gestió de la confiança social per aprofitar la redundància de sensors. En la segona iteració, s’avalua l’ús de protocols de transport moderns per al cas d’ús antàrtic. L’última iteració d’aquesta tesi avalua l’ús d’una arquitectura de xarxa tolerant al retard (DTN) utilitzant el Bundle Protocol (BP) per millorar la confiabilitat del sistema.
Finalment, es presenta una prova de concepte (PoC) amb maquinari real que es va desplegar a la campanya antàrtica 2021-2022, descrivint les proves de camp funcionals realitzades a l'Antàrtida i Catalunya.Esta tesis tiene como objetivo lograr un intercambio de datos confiable en un entorno hostil mejorando su confiabilidad mediante el diseño de un modelo completo que tenga en cuenta las diferentes capas de confiabilidad y mediante la implementación de las contramedidas asociadas al modelo. La tesis se centra en el caso de uso del proyecto SHETLAND-NET, con el objetivo de desplegar una arquitectura de Internet de las cosas (IoT) híbrida con comunicaciones LoRa y de onda ionosférica de incidencia casi vertical (NVIS) para ofrecer un servicio de telemetría para el monitoreo del “permafrost” en la Antártida.
Para cumplir con los objetivos de la tesis, en primer lugar, se realiza una revisión del estado del arte en confiabilidad para proponer una definición y alcance del término confiabilidad. Partiendo de aquí, se diseña un modelo de confiabilidad de cuatro capas, donde cada capa se caracteriza por su alcance, métrica para la cuantificación de la confiabilidad, contramedidas para la mejora de la confiabilidad y las interdependencias con las otras capas. Este modelo permite la medición y evaluación de la confiabilidad del caso de uso en la Antártida.
Dadas las condiciones hostiles y las limitaciones de la tecnología utilizada en este caso de uso, se valida el modelo y se evalúa el servicio de telemetría a través de simulaciones en Riverbed Modeler. Para obtener valores anticipados de la confiabilidad esperada, la arquitectura propuesta es modelada para evaluar los resultados con diferentes configuraciones previo a su despliegue en pruebas de campo. La arquitectura propuesta pasa por tres iteraciones principales de mejora de la confiabilidad. En la primera iteración, se explora el uso de mecanismos de consenso y gestión de la confianza social para aprovechar la redundancia de sensores. En la segunda iteración, se evalúa el uso de protocolos de transporte modernos para el caso de uso antártico. La última iteración de esta tesis evalúa el uso de una arquitectura de red tolerante al retardo (DTN) utilizando el Bundle Protocol (BP) para mejorar la confiabilidad del sistema.
Finalmente, se presenta una prueba de concepto (PoC) con hardware real que se desplegó en la campaña antártica 2021-2022, describiendo las pruebas de campo funcionales realizadas en la Antártida y Cataluña.This thesis aims at achieving reliable data exchange over a harsh environment by improving its trustworthiness through the design of a complete model that takes into account the different layers of trustworthiness and through the implementation of the model’s associated countermeasures. The thesis focuses on the use case of the SHETLAND-NET project, aiming to deploy a hybrid Internet of Things (IoT) architecture with LoRa and Near Vertical Incidence Skywave (NVIS) communications to offer a telemetry service for permafrost monitoring in Antarctica.
To accomplish the thesis objectives, first, a review of the state of the art in trustworthiness is carried out to propose a definition and scope of the trustworthiness term. From these, a four-layer trustworthiness model is designed, with each layer characterized by its scope, metric for trustworthiness accountability, countermeasures for trustworthiness improvement, and the interdependencies with the other layers. This model enables trustworthiness accountability and assessment of the Antarctic use case.
Given the harsh conditions and the limitations of the use technology in this use case, the model is validated and the telemetry service is evaluated through simulations in Riverbed Modeler. To obtain anticipated values of the expected trustworthiness, the proposal has been modeled to evaluate the performance with different configurations prior to its deployment in the field. The proposed architecture goes through three major iterations of trustworthiness improvement. In the first iteration, using social trust management and consensus mechanisms is explored to take advantage of sensor redundancy. In the second iteration, the use of modern transport protocols is evaluated for the Antarctic use case. The final iteration of this thesis assesses using a Delay Tolerant Network (DTN) architecture using the Bundle Protocol (BP) to improve the system’s trustworthiness.
Finally, a Proof of Concept (PoC) with real hardware that was deployed in the 2021-2022 Antarctic campaign is presented, describing the functional tests performed in Antarctica and Catalonia
- …