Designing authenication scheme for wireless sensor networks

Wang, Ke, 黃岢

January 2009

published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy

Data encryption (Computer science)

Sensor networks - Security measures.

Resilient system design and efficient link management for the wireless communication of an ocean current turbine test bed

Unknown Date

To ensure that a system is robust and will continue operation even when facing disruptive or traumatic events, we have created a methodology for system architects and designers which may be used to locate risks and hazards in a design and enable the development of more robust and resilient system architectures. It uncovers design vulnerabilities by conducting a complete exploration of a systems’ component operational state space by observing the system from multi-dimensional perspectives and conducts a quantitative design space analysis by means of probabilistic risk assessment using Bayesian Networks. Furthermore, we developed a tool which automated this methodology and demonstrated its use in an assessment of the OCTT PHM communication system architecture. To boost the robustness of a wireless communication system and efficiently allocate bandwidth, manage throughput, and ensure quality of service on a wireless link, we created a wireless link management architecture which applies sensor fusion to gather and store platform networked sensor metrics, uses time series forecasting to predict the platform position, and manages data transmission for the links (class based, packet scheduling and capacity allocation). To validate our architecture, we developed a link management tool capable of forecasting the link quality and uses cross-layer scheduling and allocation to modify capacity allocation at the IP layer for various packet flows (HTTP, SSH, RTP) and prevent congestion and priority inversion. Wireless sensor networks (WSN) are vulnerable to a plethora of different fault types and external attacks after their deployment. To maintain trust in these systems and increase WSN reliability in various scenarios, we developed a framework for node fault detection and prediction in WSNs. Individual wireless sensor nodes sense characteristics of an object or environment. After a smart device successfully connects to a WSN’s base station, these sensed metrics are gathered, sent to and stored on the device from each node in the network, in real time. The framework issues alerts identifying nodes which are classified as faulty and when specific sensors exceed a percentage of a threshold (normal range), it is capable of discerning between faulty sensor hardware and anomalous sensed conditions. Furthermore we developed two proof of concept, prototype applications based on this framework. / Includes bibliography. / Dissertation (Ph.D.)--Florida Atlantic University, 2013.

Fault tolerance (Engineering)

Reliability (Engineering)

Sensor networks -- Security measures

Systems engineering

Reputation and trust-based security in wireless sensor networks

Unknown Date

This dissertation presents the results of research that led to the development of a novel reputation and trust-based monitoring paradigm for secure and reliable computing in Wireless Sensor Networks (WSNs). WSNs have undergone tremendous technological advances over the last few years. They have caused a giant leap toward "proactive computing," a paradigm where computers anticipate human needs and, when necessary, act on their behalf. Therefore, we cannot deploy such a critical technology without first addressing the security and privacy challenges to ensure that it does not turn against those whom it is meant to benefit. The core application of WSNs is to detect and report events, be it military or civilian applications. The building blocks of a WSN are small, battery-powered, lowcost, self-contained devices called "sensors" that measure factors like light, temperature, pressure, vibration, motion, etc. A WSN usually consists of hundreds of thousands of sensors that operate in unattended, hostile territories to monitor a given geographical area. Once deployed, the wireless sensors self-organize into ad-hoc wireless networks in order to cope with the dynamics of the surveillance field. During the post deployment phase, the wireless sensors aggregate data, then process and generate a report, which is subsequently relayed from one sensor to the next using secure multi-hop routing until the data reaches its desired destination, which is usually the sink. Since sensors operate in unattended and hostile territories, the adversary can capture a sensor node physically and extract all the information stored onboard, including cryptographic keying material. With this unique situation, WSNs are subject to a unique attack referred to as an "Insider Attack," in which the adversary becomes a legitimate member of the network being represented by the captured node. / To overcome this unique situation, a distributed Reputation and Trust-based Monitoring System (RTMS) is required. The most critical contribution of this dissertation work has been the proposal and design of a novel, clique-based, distributed group-key establishment protocol with specific application to RTMSs. We have also proposed and evaluated the application of RTMS models for securing beacon-based localization in WSNs addressing information asymmetry attacks, and proposed a novel k-parent tree model for securing broadcast communication in WSNs with an underlying RTMS model. Other issues addressed in this dissertation work include the proposal of a Connected Dominating Set (CDS) based reputation dissemination and bootstrapping model. This model also enables secure, certificateless node mobility and enables the model to be robust to ID Spoofing and node replication attacks. / by Avinash Srinivasan. / Thesis (Ph.D.)--Florida Atlantic University, 2008. / Includes bibliography. / Electronic reproduction. Boca Raton, FL : 2008 Mode of access: World Wide Web.

Sensor networks--Security measures

Secure routing in wireless sensor networks

Unknown Date

This research addresses communication security in the highly constrained wireless sensor environment. The goal of the research is twofold: (1) to develop a key management scheme that provides these constrained systems with the basic security requirements and evaluate its effectiveness in terms of scalability, efficiency, resiliency, connectivity, and flexibility, and (2) to implement this scheme on an appropriate routing platform and measure its efficiency. / The proposed key management scheme is called Hierarchical Key Establishment Scheme (HIKES). In HIKES, the base station, acting as the central trust authority, empowers randomly selected sensors to act as local trust authorities, authenticating on its behalf the cluster members and issuing to them all secret keys necessary to secure their communications. HIKES uses a novel key escrow scheme that enables any sensor node selected as a cluster head to generate all the cryptographic keys needed to authenticate other sensors within its cluster. This scheme localizes secret key issuance and reduces the communication cost with the base station. The key escrow scheme also provides the HIKES with as large an addressing mechanism as needed. HIKES also provides a one-step broadcast authentication mechanism. HIKES provides entity authentication to every sensor in the network and is robust against most known attacks. We propose a hierarchical routing mechanism called Secure Hierarchical Energy-Efficient Routing protocol (SHEER). SHEER implements HIKES, which provides the communication security from the inception of the network. SHEER uses a probabilistic broadcast mechanism and a three-level hierarchical clustering architecture to improve the network energy performance and increase its lifetime. / Simulation results have shown that HIKES provides an energy-efficient and scalable solution to the key management problem. Cost analysis shows that HIKES is computationally efficient and has low storage requirement. Furthermore, high degree of address flexibility can be achieved in HIKES. Therefore, this scheme meets the desired criteria set forth in this work. Simulation studies also show that SHEER is more energy-efficient and has better scalability than the secure version of LEACH using HIKES. / by Jamil Ibriq. / Thesis (Ph. D.)--Florida Atlantic University, 2007. / Includes bibliography. / Also available in print. / Electronic reproduction. Boca Raton, FL : 2007. Mode of access: World Wide Web.

Sensor networks--Security measures

Mobile computing

Topics On Security In Sensor Networks And Energy Consumption In IEEE 802.11 WLANs

Agrawal, Pranav

12 1900

Our work focuses on wireless networks in general, but deals specifically with security in wireless sensor networks and energy consumption in IEEE 802.11 infrastructure WLANs. In the first part of our work, we focus on secure communication among sensor nodes in a wireless sensor network. These networks consists of large numbers of devices having limited energy and memory. Public key cryptography is too demanding for these resource-constrained devices because it requires high computation. So, we focus on symmetric key cryptography to achieve secure communication among nodes. For this cryptographic technique to work, two nodes have to agree upon a common key. To achieve this, many key distribution schemes have been proposed in the literature. Recently, several researchers have proposed schemes in which they have used group-based deployment models and assumed predeployment knowledge of the expected locations of nodes. They have shown that these schemes achieve better performance than the earlier schemes, in terms of connectivity, resilience against node capture and storage requirements. But in many situations expected locations of nodes are not available. We propose a solution which does not use the group-based deployment model and predeployment knowledge of the locations of nodes, and yet performs better than schemes which make the aforementioned assumptions. In our scheme, groups are formed after the deployment of sensor nodes on the basis of their physical locations. Nodes in different groups sample keys from disjoint key pools, so that compromise of a node affects secure links of its group only. Because of this reason, our scheme performs better than earlier schemes as well as the schemes using predeployment knowledge, in terms of connectivity, storage requirement, and security. Moreover, the post-deployment key generation process completes sooner than in schemes like LEAP+. In the second part of our work, we develop analytical models for estimating the energy spent by stations (STAs) in infrastructure WLANs when performing TCP-controlled file downloads. We focus on the energy spent in radio communication when the STAs are in the Continuously Active Mode (CAM), or in the static Power Save Mode (PSM). Our approach is to develop accurate models for obtaining the fractions of times the STA radios spend in idling, receiving and transmitting. We discuss two traffic models for each mode of operation: (i) each STA performs one large file download, and (ii) the STAs perform short file transfers with think times (short duration of inactivity)between two transfers. We evaluate the rate of STA energy expenditure with long file downloads, and show that static PSM is worse than using just CAM. For short file downloads, we compute the number of file downloads that can be completed with a given battery capacity, and show that PSM performs better than CAM for this case. We provide a validation of our analytical models using the NS-2 simulator. Although the PSM performs better than the CAM when the STAs download short files over TCP with think times, its performance degrades as the number of STAs associated to the access point (AP) increases. To address this problem, we propose an algorithm, which we call opportunistic PSM (OPSM). We show through simulations that OPSM performs better than PSM. The performance gain achieved by OPSM increases as the file size requested by the STAs or the number of STAs associated with the AP increases. We implemented OPSM in NS-2.33, and to compare the performance of OPSM and PSM, we evaluate the number of file downloads that can be completed with a given battery capacity and the average time taken to download a file.

Sensor Network

Wireless Sensor Networks

Wireless Local Area Networks

IEEE 802.11

OPSM Opportunistic Power Save Mode

WLANs

Communication Engineering