This study concerns security issues of the emerging Wireless Body Sensor Network (WBSN) formed by biomedical sensors worn on or implanted in the human body for mobile healthcare appli-cations. A novel authenticated sy...This study concerns security issues of the emerging Wireless Body Sensor Network (WBSN) formed by biomedical sensors worn on or implanted in the human body for mobile healthcare appli-cations. A novel authenticated symmetric-key establishment scheme is proposed for WBSN,which fully exploits the physiological features obtained by network entities via the body channel available in WBSN but not other wireless networks. The self-defined Intrinsic Shared Secret (ISS) is used to replace the pre-deployment of secrets among network entities,which thus eliminates centralized services or au-thorities essential in existing protocols,and resolves the key transport problem in the pure symmet-ric-key cryptosystem for WBSN as well. The security properties of the proposed scheme are demon-strated in terms of its attack complexity and the types of attacks it can resist. Besides,the scheme can be implemented under a light-weight way in WBSN systems. Due to the importance of the ISS concept,the analysis on using false acceptance/false rejection method to evaluate the performance of ISS for its usage in the scheme is also demonstrated.展开更多
Data aggregation technology reduces traffic overhead of wireless sensor network and extends effective working time of the network,yet continued operation of wireless sensor networks increases the probability of aggreg...Data aggregation technology reduces traffic overhead of wireless sensor network and extends effective working time of the network,yet continued operation of wireless sensor networks increases the probability of aggregation nodes being captured and probability of aggregated data being tampered.Thus it will seriously affect the security performance of the network. For network security issues,a stateful public key based SDAM( secure data aggregation model) is proposed for wireless sensor networks( WSNs),which employs a new stateful public key encryption to provide efficient end-to-end security. Moreover,the security aggregation model will not impose any bound on the aggregation function property,so as to realize the low cost and high security level at the same time.展开更多
In order to avoid internal attacks during data aggregation in wireless sensor networks, a grid-based network architecture fit for monitoring is designed and the algorithms for network division, initialization and grid...In order to avoid internal attacks during data aggregation in wireless sensor networks, a grid-based network architecture fit for monitoring is designed and the algorithms for network division, initialization and grid tree construction are presented. The characteristics of on-off attacks are first studied and monitoring mechanisms are then designed for sensor nodes. A Fast Detection and Slow Recovery (FDSR) algorithm is proposed to prevent on-off attacks by observing the behaviors of the nodes and computing reputations. A recovery mechanism is designed to isolate malicious nodes by identifying the new roles of nodes and updating the grid tree. In the experiments, some situations of on-off attacks are simulated and the results are compared with other approaches. The experimental results indicate that our approach can detect malicious nodes effectively and guarantee secure data aggregation with acceptable energy consumption.展开更多
For the application of wireless sensor networks in the military field, one of the main challenges is security. To solve the problem of verifying the location claim for a node, a new location verifica- tion algorithm c...For the application of wireless sensor networks in the military field, one of the main challenges is security. To solve the problem of verifying the location claim for a node, a new location verifica- tion algorithm called node cooperation based location secure verification (NCBLSV) algorithm is proposed. NCBLSV could verify malicious nodes by contrasting neighbor nodes and nodes under beam width angle using an adaptive array antenna at a base point. Simulation experiments are con- ducted to evaluate the performance of this algorithm by varying the communication range and the an- tenna beam width angle. Results show that NCBLSV algorithm has high probability of successful ma- licious nodes detection and low probability of false nodes detection. Thus, it is proved that the NCBLSV algorithm is useful and necessary in the wireless sensor networks security.展开更多
In Heterogeneous Wireless Sensor Networks, the mobility of the sensor nodes becomes essential in various applications. During node mobility, there are possibilities for the malicious node to become the cluster head or...In Heterogeneous Wireless Sensor Networks, the mobility of the sensor nodes becomes essential in various applications. During node mobility, there are possibilities for the malicious node to become the cluster head or cluster member. This causes the cluster or the whole network to be controlled by the malicious nodes. To offer high level of security, the mobile sensor nodes need to be authenticated. Further, clustering of nodes improves scalability, energy efficient routing and data delivery. In this paper, we propose a cluster based secure dynamic keying technique to authenticate the nodes during mobility. The nodes with high configuration are chosen as cluster heads based on the weight value which is estimated using parameters such as the node degree, average distance, node's average speed, and virtual battery power. The keys are dynamically generated and used for providing security. Even the keys are compromised by the attackers, they are not able to use the previous keys to cheat or disuse the authenticated nodes. In addition, a bidirectional malicious node detection technique is employed which eliminates the malicious node from the network. By simulation, it is proved that the proposed technique provides efficient security with reduced energy consumption during node mobility.展开更多
In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the pos...In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.展开更多
Security is a nonfunctional information system attribute that plays a crucial role in wide sensor network application domains. Security risk can be quantified as the combination of the probability that a sensor networ...Security is a nonfunctional information system attribute that plays a crucial role in wide sensor network application domains. Security risk can be quantified as the combination of the probability that a sensor network system may fail and the evaluation of the severity of the damage caused by the failure. In this paper, we devise a methodology of Rough Outlier Detection (ROD) for the detection of security-based risk factor, which originates from violations of attack requirements (namely, attack risks). The methodology elaborates dimension reduction method to analyze the attack risk probability from high dimensional and nonlinear data set, and combines it with rough redundancy reduction and the distance measurement of kernel function which is obtained using the ROD. In this way, it is possible to determine the risky scenarios, and the analysis feedback can be used to improve the sensor network system design. We illustrate the methodology in the DARPA case set study using step-by-step approach and then prove that the method is effective in lowering the rate of false alarm.展开更多
Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme ...Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme for wireless sensor networks due to limitations of the power,com-putation capability and storage resources.In this paper,an efficient key agreement and encryptionscheme for wireless sensor networks is presented.Results of analysis and simulations among the pro-posed scheme and other schemes show that the proposed scheme has some advantages in terms ofenergy consumption,computation requirement,storage requirement and security.展开更多
In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and ...In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and flexible model to predict overheads of these mechanisms. This model is based on overheads of basic operations frequently used in cryptography algorithms, which are essential elements of security mechanisms. Several popular cryptography algorithms and security mechanisms are evaluated using this model. According to simulation results, relative prediction errors are less than 7% for most cryptography algorithms and security mechanisms.展开更多
Underground mining is a hazardous industrial activity. In order to provide a safe working environment for miners, a Wireless Sensor Network (WSN) technology has been used for security monitoring. It can provide a wide...Underground mining is a hazardous industrial activity. In order to provide a safe working environment for miners, a Wireless Sensor Network (WSN) technology has been used for security monitoring. It can provide a wide range of surveillance with a relatively low cost. In this study, an Energy-Based Multipath Routing (EBMR) protocol is proposed, which considers residual energy capacity and link quality in choosing hops and routing paths. Hops and paths with a high residual energy capacity and link quality will have the best chance to be selected to transmit data packages. Since the EBMR stores several routes in the routing table, when the current path fails, another path will be chosen to fulfill the task immediately. In this way, EBMR improves reliability and decrease time latency. Compared to AOMDV and REAR, EBMR decreases time latency by 51% and 12%.展开更多
As the applications of wireless sensor networks(WSNs) diversify,providing secure communication is emerging as a critical requirement. In this paper,we investigate the detection of wormhole attack,a serious security is...As the applications of wireless sensor networks(WSNs) diversify,providing secure communication is emerging as a critical requirement. In this paper,we investigate the detection of wormhole attack,a serious security issue for WSNs. Wormhole attack is difficult to detect and prevent,as it can work without compromising sensor nodes or breaching the encryption key. We present a wormhole attack detection approach based on the probability distribution of the neighboring-node-number,WAPN,which helps the sensor nodes to judge distributively whether a wormhole attack is taking place and whether they are in the in-fluencing area of the attack. WAPN can be easily implemented in resource-constrained WSNs without any additional requirements,such as node localization,tight synchronization,or directional antennas. WAPN uses the neighboring-node-number as the judging criterion,since a wormhole usually results in a significant increase of the neighboring-node-number due to the extra attacking link. Firstly,we model the distribution of the neighboring-node-number in the form of a Bernoulli distribution. Then the model is simplified to meet the sensor nodes' constraints in computing and memory capacity. Finally,we propose a simple method to obtain the threshold number,which is used to detect the existence of a wormhole. Simulation results show that WAPN is effective under the conditions of different network topologies and wormhole parameters.展开更多
基金the High Technology Research and Development Program of Jiangsu Province (No.BG2005001)Hong Kong Innovation and Technology Fund (No.ITS/99/02).
文摘This study concerns security issues of the emerging Wireless Body Sensor Network (WBSN) formed by biomedical sensors worn on or implanted in the human body for mobile healthcare appli-cations. A novel authenticated symmetric-key establishment scheme is proposed for WBSN,which fully exploits the physiological features obtained by network entities via the body channel available in WBSN but not other wireless networks. The self-defined Intrinsic Shared Secret (ISS) is used to replace the pre-deployment of secrets among network entities,which thus eliminates centralized services or au-thorities essential in existing protocols,and resolves the key transport problem in the pure symmet-ric-key cryptosystem for WBSN as well. The security properties of the proposed scheme are demon-strated in terms of its attack complexity and the types of attacks it can resist. Besides,the scheme can be implemented under a light-weight way in WBSN systems. Due to the importance of the ISS concept,the analysis on using false acceptance/false rejection method to evaluate the performance of ISS for its usage in the scheme is also demonstrated.
基金Support by the National High Technology Research and Development Program of China(No.2012AA120802)the National Natural Science Foundation of China(No.61302074)+1 种基金Specialized Research Fund for the Doctoral Program of Higher Education(No.20122301120004)Natural Science Foundation of Heilongjiang Province(No.QC2013C061)
文摘Data aggregation technology reduces traffic overhead of wireless sensor network and extends effective working time of the network,yet continued operation of wireless sensor networks increases the probability of aggregation nodes being captured and probability of aggregated data being tampered.Thus it will seriously affect the security performance of the network. For network security issues,a stateful public key based SDAM( secure data aggregation model) is proposed for wireless sensor networks( WSNs),which employs a new stateful public key encryption to provide efficient end-to-end security. Moreover,the security aggregation model will not impose any bound on the aggregation function property,so as to realize the low cost and high security level at the same time.
基金This work was supported by the National Natural Science Foundation of China under Grant No. 60873199.
文摘In order to avoid internal attacks during data aggregation in wireless sensor networks, a grid-based network architecture fit for monitoring is designed and the algorithms for network division, initialization and grid tree construction are presented. The characteristics of on-off attacks are first studied and monitoring mechanisms are then designed for sensor nodes. A Fast Detection and Slow Recovery (FDSR) algorithm is proposed to prevent on-off attacks by observing the behaviors of the nodes and computing reputations. A recovery mechanism is designed to isolate malicious nodes by identifying the new roles of nodes and updating the grid tree. In the experiments, some situations of on-off attacks are simulated and the results are compared with other approaches. The experimental results indicate that our approach can detect malicious nodes effectively and guarantee secure data aggregation with acceptable energy consumption.
基金Supported by the National High Technology Research and Development Programme of China ( No. 2004AA001210) and the National Natural Science Foundation of China (No. 60532030).
文摘For the application of wireless sensor networks in the military field, one of the main challenges is security. To solve the problem of verifying the location claim for a node, a new location verifica- tion algorithm called node cooperation based location secure verification (NCBLSV) algorithm is proposed. NCBLSV could verify malicious nodes by contrasting neighbor nodes and nodes under beam width angle using an adaptive array antenna at a base point. Simulation experiments are con- ducted to evaluate the performance of this algorithm by varying the communication range and the an- tenna beam width angle. Results show that NCBLSV algorithm has high probability of successful ma- licious nodes detection and low probability of false nodes detection. Thus, it is proved that the NCBLSV algorithm is useful and necessary in the wireless sensor networks security.
文摘In Heterogeneous Wireless Sensor Networks, the mobility of the sensor nodes becomes essential in various applications. During node mobility, there are possibilities for the malicious node to become the cluster head or cluster member. This causes the cluster or the whole network to be controlled by the malicious nodes. To offer high level of security, the mobile sensor nodes need to be authenticated. Further, clustering of nodes improves scalability, energy efficient routing and data delivery. In this paper, we propose a cluster based secure dynamic keying technique to authenticate the nodes during mobility. The nodes with high configuration are chosen as cluster heads based on the weight value which is estimated using parameters such as the node degree, average distance, node's average speed, and virtual battery power. The keys are dynamically generated and used for providing security. Even the keys are compromised by the attackers, they are not able to use the previous keys to cheat or disuse the authenticated nodes. In addition, a bidirectional malicious node detection technique is employed which eliminates the malicious node from the network. By simulation, it is proved that the proposed technique provides efficient security with reduced energy consumption during node mobility.
基金This work was supported by the Program for Changjiang Scholars and Innovative Research Team in University under Grant No. IRT1078 the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002+3 种基金 the Major National S&T Program under Grant No.2011ZX03005-002 the National Natural Science Foundation of China under Grants No. 61072066, No.61173135, No.61100230, No.61100233, No.61202389, No.61202390 the Natural Science Basic Research Plan in Shaanxi Province of China under Grants No.2012JQ8043, No. 2012JM8030, No. 2012JM8025, No2011JQ8003 the Fundamental Research Funds for the Central Universities under Cxants No. JY10000903001, No. K50511030004. The authors would like to thank the anonymous reviewers and the editor for their constructive comments that have helped us to improve this paper.
文摘In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.
基金the Jiangsu 973 Scientific Project,the National Natural Science Foundation of China,the Jiangsu Natural Science Foundation,the Aerospace Innovation Fund,the Lianyungang Science & Technology Project
文摘Security is a nonfunctional information system attribute that plays a crucial role in wide sensor network application domains. Security risk can be quantified as the combination of the probability that a sensor network system may fail and the evaluation of the severity of the damage caused by the failure. In this paper, we devise a methodology of Rough Outlier Detection (ROD) for the detection of security-based risk factor, which originates from violations of attack requirements (namely, attack risks). The methodology elaborates dimension reduction method to analyze the attack risk probability from high dimensional and nonlinear data set, and combines it with rough redundancy reduction and the distance measurement of kernel function which is obtained using the ROD. In this way, it is possible to determine the risky scenarios, and the analysis feedback can be used to improve the sensor network system design. We illustrate the methodology in the DARPA case set study using step-by-step approach and then prove that the method is effective in lowering the rate of false alarm.
基金the Six Great Talent Peak Plan of JiangsuProvince(No 06-E-044)the"Qinlan Project"plan of Jiangsu province 2006 and the Natural Science Founda-tion of Jiangsu Province(No.BK2004218).
文摘Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme for wireless sensor networks due to limitations of the power,com-putation capability and storage resources.In this paper,an efficient key agreement and encryptionscheme for wireless sensor networks is presented.Results of analysis and simulations among the pro-posed scheme and other schemes show that the proposed scheme has some advantages in terms ofenergy consumption,computation requirement,storage requirement and security.
基金Supported by 863 Project of China (No.2006AA01Z224)
文摘In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and flexible model to predict overheads of these mechanisms. This model is based on overheads of basic operations frequently used in cryptography algorithms, which are essential elements of security mechanisms. Several popular cryptography algorithms and security mechanisms are evaluated using this model. According to simulation results, relative prediction errors are less than 7% for most cryptography algorithms and security mechanisms.
基金Financial support for this study, provided by the National Natural Science Foundation of China (No.60674002) the Science and Technology Research of the Ministry of Railways of China (No. 2006x006-E), is gratefully acknowledged
文摘Underground mining is a hazardous industrial activity. In order to provide a safe working environment for miners, a Wireless Sensor Network (WSN) technology has been used for security monitoring. It can provide a wide range of surveillance with a relatively low cost. In this study, an Energy-Based Multipath Routing (EBMR) protocol is proposed, which considers residual energy capacity and link quality in choosing hops and routing paths. Hops and paths with a high residual energy capacity and link quality will have the best chance to be selected to transmit data packages. Since the EBMR stores several routes in the routing table, when the current path fails, another path will be chosen to fulfill the task immediately. In this way, EBMR improves reliability and decrease time latency. Compared to AOMDV and REAR, EBMR decreases time latency by 51% and 12%.
文摘As the applications of wireless sensor networks(WSNs) diversify,providing secure communication is emerging as a critical requirement. In this paper,we investigate the detection of wormhole attack,a serious security issue for WSNs. Wormhole attack is difficult to detect and prevent,as it can work without compromising sensor nodes or breaching the encryption key. We present a wormhole attack detection approach based on the probability distribution of the neighboring-node-number,WAPN,which helps the sensor nodes to judge distributively whether a wormhole attack is taking place and whether they are in the in-fluencing area of the attack. WAPN can be easily implemented in resource-constrained WSNs without any additional requirements,such as node localization,tight synchronization,or directional antennas. WAPN uses the neighboring-node-number as the judging criterion,since a wormhole usually results in a significant increase of the neighboring-node-number due to the extra attacking link. Firstly,we model the distribution of the neighboring-node-number in the form of a Bernoulli distribution. Then the model is simplified to meet the sensor nodes' constraints in computing and memory capacity. Finally,we propose a simple method to obtain the threshold number,which is used to detect the existence of a wormhole. Simulation results show that WAPN is effective under the conditions of different network topologies and wormhole parameters.