A Security Architecture for Data Aggregation and Access Control in Smart Grids

We propose an integrated architecture for smart grids, that supports data aggregation and access control. Data can be aggregated by home area network, building area network and neighboring area network in such a way that the privacy of customers is protected. We use homomorphic encryption technique to achieve this. The consumer data that is collected is sent to the substations where it is monitored by remote terminal units (RTU). The proposed access control mechanism gives selective access to consumer data stored in data repositories and used by different smart grid users. Users can be maintenance units, utility centers, pricing estimator units or analyzing and prediction groups. We solve this problem of access control using cryptographic technique of attribute-based encryption. RTUs and users have attributes and cryptographic keys distributed by several key distribution centers (KDC). RTUs send data encrypted under a set of attributes. Users can decrypt information provided they have valid attributes. The access control scheme is distributed in nature and does not rely on a single KDC to distribute keys. Bobba \emph{et al.} \cite{BKAA09} proposed an access control scheme, which relies on a centralized KDC and is thus prone to single-point failure. The other requirement is that the KDC has to be online, during data transfer which is not required in our scheme. Our access control scheme is collusion resistant, meaning that users cannot collude and gain access to data, when they are not authorized to access. We theoretically analyze our schemes and show that the computation overheads are low enough to be carried out in smart grids. To the best of our knowledge, ours is the first work on smart grids, which integrates these two important security components (privacy preserving data aggregation and access control) and presents an overall security architecture in smart grids.Comment: 12 Pages, 3 figure

Data-centric Misbehavior Detection in VANETs

Detecting misbehavior (such as transmissions of false information) in vehicular ad hoc networks (VANETs) is very important problem with wide range of implications including safety related and congestion avoidance applications. We discuss several limitations of existing misbehavior detection schemes (MDS) designed for VANETs. Most MDS are concerned with detection of malicious nodes. In most situations, vehicles would send wrong information because of selfish reasons of their owners, e.g. for gaining access to a particular lane. Because of this (\emph{rational behavior}), it is more important to detect false information than to identify misbehaving nodes. We introduce the concept of data-centric misbehavior detection and propose algorithms which detect false alert messages and misbehaving nodes by observing their actions after sending out the alert messages. With the data-centric MDS, each node can independently decide whether an information received is correct or false. The decision is based on the consistency of recent messages and new alert with reported and estimated vehicle positions. No voting or majority decisions is needed, making our MDS resilient to Sybil attacks. Instead of revoking all the secret credentials of misbehaving nodes, as done in most schemes, we impose fines on misbehaving nodes (administered by the certification authority), discouraging them to act selfishly. This reduces the computation and communication costs involved in revoking all the secret credentials of misbehaving nodes.Comment: 12 page

Smaller Connected Dominating Sets in Ad Hoc and Sensor Networks based on Coverage by Two-Hop Neighbors

In this paper, we focus on the construction of an efficient dominating set in ad hoc and sensor networks. A set of nodes is said to be dominating if each node is either itself dominant or neighbor of a dominant node. This set can for example be used for broadcasting, so the smaller the set is, the more efficient it is. As a basis for our work, we use a heuristics given by Dai and Wu for constructing such a set and propose an enhanced definition to obtain smaller sets. This approach, in conjunction with the elimination of message overhead by Stojmenovic, has been shown (in recent studies) to be an excellent compromise with respect to a wide range of metrics considered. In our new definition, a node u is not dominant if there exists in its 2-hop neighborhood a connected set of nodes with higher priorities that covers u and its 1-hop neighbors. This new rule uses the exact same level of information required by the original heuristics, only neighbors of nodes and neighbors of neighbors must be known to apply it, but it takes advantage of some knowledge originally not taken into account: 1-hop neighbors can be covered by some 2-hop neighbors. We give the proof that the set obtained with this new definition is a subset of the one obtained with Dai and Wu's heuristics. We also give the proof that our set is always dominating for any graph, and connected for any connected graph. Two versions were considered: with topological and positional information, which differ in whether or not nodes are aware of links between their 2-hop neighbors that are not 1-hop neighbors. An algorithm for applying the concept at each node is described. We finally provide experimental data that demonstrates the superiority of our rule in obtaining smaller dominating sets. A centralized algorithm was used as a benchmark in the comparison. The overhead of the size of connected dominating set was reduced by about 15% with the topological variant and by about 30% with the positional variant of our new definition

Broadcasting in Hybrid Ad Hoc Networks.

In this paper, we consider hybrid ad hoc networks, which are composed of two kinds of nodes, regular ones and nodes with additional capabilities. For example, multi-hop cellular and wireless Internet networks consist of static or mobile nodes, and fixed access points which provide an access to an infrastructure. In such a network, each node may use direct or multihop link to connect to an access point, allowing a greater mobility. The goal of this paper is to provide protocols for broadcasting data in such an environment, by taking advantage of the presence of access points to optimize the broadcast, either from an energy consumption or from a latency point of view. We thus consider known protocols for pure ad hoc networks and adapt them to hybrid ad hoc networks. These protocols are the Blind Flooding, the Neighbor Elimination Scheme, the Multipoint Relay protocol and the generalized Self-Pruning Rule (algorithm that elects some dominant nodes to relay messages). We give some experimental data for these modified protocols to compare them to their original version, so that we are able to emphasize the gain obtained thanks to our proposed modifications

Optimal Transmission Radius for Energy Efficient Broadcasting Protocols in Ad Hoc and Sensor Networks

International audienceWe investigate the problem of minimum energy broadcasting in ad hoc networks where nodes have capability to adjust their transmission range. The minimal transmission energy needed for correct reception by neighbor at distance r is proportional to r^alpha + c_e, alpha and c_e being two environment-dependent constants. We demonstrate the existence of an optimal transmission radius, computed with a hexagonal tiling of the network area, that minimizes the total power consumption for a broadcasting task. This theoretically computed value is experimentally confirmed. The existing localized protocols are inferior to existing centralized protocols for dense networks. We present two localized broadcasting protocols, based on derived 'target' radius, that remain competitive for all network densities. The first one, TR-LBOP, computes the minimal radius needed for connectivity and increases it up to the target one after having applied a neighbor elimination scheme on a reduced subset of direct neighbors. In the second one, TR-DS, each node first considers only neighbors whose distance is no greater than the target radius (which depends on the power consumption model used), and neighbors in a localized connected topological structure such as RNG or LMST. Then, a connected dominating set is constructed using this subgraph. Nodes not selected for the set may be sent to sleep mode. Nodes in selected dominating set apply TR-LBOP. This protocol is the first one to consider both activity scheduling and minimum energy consumption as one combined problem. Finally, some experimental results for both protocols are given, as well as comparisons with other existing protocols. Our analysis and protocols remain valid if energy needed for packet receptions is charged

Introduction: Data Communication and Topology Algorithms for Sensor Networks

(First paragraph) We are very proud and honored to have been entrusted to be Guest Editors for this special issue. Papers were sought to comprehensively cover the algorithmic issues in the “hot” area of sensor networking. The concentration was on network layer problems, which can be divided into two groups: data communication problems and topology control problems. We wish to briefly introduce the five papers appearing in this special issue. They cover specific problems such as time division for reduced collision, fault tolerant clustering, self-stabilizing graph optimization algorithms, key pre-distribution for secure communication, and distributed storage based on spanning trees and triangulation

Performance Evaluation of Broadcasting Protocols for Ad Hoc and Sensor Networks.

In ad hoc and sensor networks, the simplest and most widely used approach to broadcast is blind flooding, which lets every node in the network to rebroadcast a receiving packet to all its neighbors. This causes redundancy of broadcast packets and results in unnecessary collision and bandwidth waste. To overcome these problems, a number of research groups have proposed more efficient broadcasting schemes with the goal of minimizing the re-transmissions, while still guaranteeing that a broadcast packet is delivered to all the nodes in the network. Multipoint relay (MPR) and dominating set (DS) based broadcasting schemes can effectively improve the broadcasting efficiency while providing reliable broadcasting. The neighbor elimination scheme (NES) can improve any broadcasting protocol as an added feature. In this paper, we evaluate the performance of MPR (source dependent), MPR-DS (source-independent MPR), and DS based broadcasting protocols. We add NES to these three schemes separately and evaluate the performance of the resulted protocols. In our experiments, we use the random unit graphs to model the ad hoc and sensor networks. Each of the studied protocols has scenarios under which it has the best performance. Our experiments demonstrate that, without applying neighbor elimination scheme, MPR based protocol requires fewest retransmissions (however, each retransmission is with a longer message including list of forwarding neighbors). DS and MP-RDS schemes benefit significantly from the neighbor elimination technique in terms of the ratio of re-broadcasting nodes and the message redundancy on both transmitting and non-transmitting nodes, while MPR benefits marginally. After adding the neighbor elimination scheme, three new protocols behave almost equally well in terms of rebroadcast message counts. MPR-NES method is narrowly the best when the message that is broadcasted is very large one, and the network is dynamic. MPR-DS-NES is narrowly the best when the broadcast message is not very large, and the network is stable (this method requires the third round of preprocessing HELLO messages). Overall, DS-NES appears to be the most robust, taking all measurements and parameters into acount, because it remains competitive under all scenarios, and has significant advantages over MPR-DS-NES in dynamic scenarios, and significant advantages over MPR-NES when the broadcast message is not very large, because MPR has overhead in packet lengths

Ensuring K-Coverage in Wireless Sensor Networks under Realistic Physical Layer Assumptions

International audienceWireless sensor networks are composed of hundreds of small and low power devices deployed over a field to monitor. Energy consumption is balanced by taking advantage of the redundancy induced by the random deployment of nodes. Some nodes are active while others are in sleep mode. Area coverage protocols aim at turning off redundant sensor nodes while preserving satisfactory monitoring by the set of active nodes. The problem addressed here consists in building k distinct subsets of active nodes (layers), in a fully decentralized manner, so that each layer covers the area. In our protocol, each node selects a waiting timeout, listening to messages from neighbors. Activity messages include the layer at which a node has decided to be active. Depending on the physical layer used for sensing modeling, any node can evaluate if the provided coverage is sufficient for each layer. If so, node can sleep, otherwise it selects a layer to be active. Here, we describe a localized area coverage protocol able to maintain an area k-covered under realistic physical layer assumptions for both sensing and communicating modules

Beaconless position based routing with guaranteed delivery for wireless ad-hoc and sensor networks

Existing position-based routing algorithms, where packets are forwarded in the geographic direction of the destination, normally require that the forwarding node knows the positions of all neighbors in its transmission range. This information on direct neighbors is gained by observing beacon messages that each node sends out periodically. Several beaconless greedy routing schemes have been proposed recently. However, none of the existing beaconless schemes guarantee the delivery of packets. Moreover, they incur communication overhead by sending excessive control messages or by broadcasting data packets. In this paper, we describe how existing localized position based routing schemes that guarantee delivery can be made beaconless, while preserving the same routes. In our guaranteed delivery beaconless routing scheme, the next hop is selected through the use of control RTS/CTS messages and biased timeouts. In greedy mode, neighbor closest to destination responds first. In recovery mode, nodes closer to the source will select shorter timeouts, so that other neighbors, overhearing CTS packets, can eliminate their own CTS packets if they realize that their link to the source is not part of Gabriel graph. Nodes also cancel their packets after receiving data message sent by source to the selected neighbor. We analyze the behavior of our scheme on our simulation environment assuming ideal MAC, following GOAFR+ and GFG routing schemes. Our results demonstrate low communication overhead in addition to guaranteed delivery.1st IFIP International Conference on Ad-Hoc NetWorkingRed de Universidades con Carreras en Informática (RedUNCI