Data aggregation technology reduces traffic overhead of wireless sensor network and extends effective working time of the network,yet continued operation of wireless sensor networks increases the probability of aggreg...Data aggregation technology reduces traffic overhead of wireless sensor network and extends effective working time of the network,yet continued operation of wireless sensor networks increases the probability of aggregation nodes being captured and probability of aggregated data being tampered.Thus it will seriously affect the security performance of the network. For network security issues,a stateful public key based SDAM( secure data aggregation model) is proposed for wireless sensor networks( WSNs),which employs a new stateful public key encryption to provide efficient end-to-end security. Moreover,the security aggregation model will not impose any bound on the aggregation function property,so as to realize the low cost and high security level at the same time.展开更多
In order to avoid internal attacks during data aggregation in wireless sensor networks, a grid-based network architecture fit for monitoring is designed and the algorithms for network division, initialization and grid...In order to avoid internal attacks during data aggregation in wireless sensor networks, a grid-based network architecture fit for monitoring is designed and the algorithms for network division, initialization and grid tree construction are presented. The characteristics of on-off attacks are first studied and monitoring mechanisms are then designed for sensor nodes. A Fast Detection and Slow Recovery (FDSR) algorithm is proposed to prevent on-off attacks by observing the behaviors of the nodes and computing reputations. A recovery mechanism is designed to isolate malicious nodes by identifying the new roles of nodes and updating the grid tree. In the experiments, some situations of on-off attacks are simulated and the results are compared with other approaches. The experimental results indicate that our approach can detect malicious nodes effectively and guarantee secure data aggregation with acceptable energy consumption.展开更多
In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the pos...In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.展开更多
For the application of wireless sensor networks in the military field, one of the main challenges is security. To solve the problem of verifying the location claim for a node, a new location verifica- tion algorithm c...For the application of wireless sensor networks in the military field, one of the main challenges is security. To solve the problem of verifying the location claim for a node, a new location verifica- tion algorithm called node cooperation based location secure verification (NCBLSV) algorithm is proposed. NCBLSV could verify malicious nodes by contrasting neighbor nodes and nodes under beam width angle using an adaptive array antenna at a base point. Simulation experiments are con- ducted to evaluate the performance of this algorithm by varying the communication range and the an- tenna beam width angle. Results show that NCBLSV algorithm has high probability of successful ma- licious nodes detection and low probability of false nodes detection. Thus, it is proved that the NCBLSV algorithm is useful and necessary in the wireless sensor networks security.展开更多
In Heterogeneous Wireless Sensor Networks, the mobility of the sensor nodes becomes essential in various applications. During node mobility, there are possibilities for the malicious node to become the cluster head or...In Heterogeneous Wireless Sensor Networks, the mobility of the sensor nodes becomes essential in various applications. During node mobility, there are possibilities for the malicious node to become the cluster head or cluster member. This causes the cluster or the whole network to be controlled by the malicious nodes. To offer high level of security, the mobile sensor nodes need to be authenticated. Further, clustering of nodes improves scalability, energy efficient routing and data delivery. In this paper, we propose a cluster based secure dynamic keying technique to authenticate the nodes during mobility. The nodes with high configuration are chosen as cluster heads based on the weight value which is estimated using parameters such as the node degree, average distance, node's average speed, and virtual battery power. The keys are dynamically generated and used for providing security. Even the keys are compromised by the attackers, they are not able to use the previous keys to cheat or disuse the authenticated nodes. In addition, a bidirectional malicious node detection technique is employed which eliminates the malicious node from the network. By simulation, it is proved that the proposed technique provides efficient security with reduced energy consumption during node mobility.展开更多
The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key managemen...The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.展开更多
In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and ...In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and flexible model to predict overheads of these mechanisms. This model is based on overheads of basic operations frequently used in cryptography algorithms, which are essential elements of security mechanisms. Several popular cryptography algorithms and security mechanisms are evaluated using this model. According to simulation results, relative prediction errors are less than 7% for most cryptography algorithms and security mechanisms.展开更多
Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme ...Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme for wireless sensor networks due to limitations of the power,com-putation capability and storage resources.In this paper,an efficient key agreement and encryptionscheme for wireless sensor networks is presented.Results of analysis and simulations among the pro-posed scheme and other schemes show that the proposed scheme has some advantages in terms ofenergy consumption,computation requirement,storage requirement and security.展开更多
As the applications of wireless sensor networks(WSNs) diversify,providing secure communication is emerging as a critical requirement. In this paper,we investigate the detection of wormhole attack,a serious security is...As the applications of wireless sensor networks(WSNs) diversify,providing secure communication is emerging as a critical requirement. In this paper,we investigate the detection of wormhole attack,a serious security issue for WSNs. Wormhole attack is difficult to detect and prevent,as it can work without compromising sensor nodes or breaching the encryption key. We present a wormhole attack detection approach based on the probability distribution of the neighboring-node-number,WAPN,which helps the sensor nodes to judge distributively whether a wormhole attack is taking place and whether they are in the in-fluencing area of the attack. WAPN can be easily implemented in resource-constrained WSNs without any additional requirements,such as node localization,tight synchronization,or directional antennas. WAPN uses the neighboring-node-number as the judging criterion,since a wormhole usually results in a significant increase of the neighboring-node-number due to the extra attacking link. Firstly,we model the distribution of the neighboring-node-number in the form of a Bernoulli distribution. Then the model is simplified to meet the sensor nodes' constraints in computing and memory capacity. Finally,we propose a simple method to obtain the threshold number,which is used to detect the existence of a wormhole. Simulation results show that WAPN is effective under the conditions of different network topologies and wormhole parameters.展开更多
基金Support by the National High Technology Research and Development Program of China(No.2012AA120802)the National Natural Science Foundation of China(No.61302074)+1 种基金Specialized Research Fund for the Doctoral Program of Higher Education(No.20122301120004)Natural Science Foundation of Heilongjiang Province(No.QC2013C061)
文摘Data aggregation technology reduces traffic overhead of wireless sensor network and extends effective working time of the network,yet continued operation of wireless sensor networks increases the probability of aggregation nodes being captured and probability of aggregated data being tampered.Thus it will seriously affect the security performance of the network. For network security issues,a stateful public key based SDAM( secure data aggregation model) is proposed for wireless sensor networks( WSNs),which employs a new stateful public key encryption to provide efficient end-to-end security. Moreover,the security aggregation model will not impose any bound on the aggregation function property,so as to realize the low cost and high security level at the same time.
基金This work was supported by the National Natural Science Foundation of China under Grant No. 60873199.
文摘In order to avoid internal attacks during data aggregation in wireless sensor networks, a grid-based network architecture fit for monitoring is designed and the algorithms for network division, initialization and grid tree construction are presented. The characteristics of on-off attacks are first studied and monitoring mechanisms are then designed for sensor nodes. A Fast Detection and Slow Recovery (FDSR) algorithm is proposed to prevent on-off attacks by observing the behaviors of the nodes and computing reputations. A recovery mechanism is designed to isolate malicious nodes by identifying the new roles of nodes and updating the grid tree. In the experiments, some situations of on-off attacks are simulated and the results are compared with other approaches. The experimental results indicate that our approach can detect malicious nodes effectively and guarantee secure data aggregation with acceptable energy consumption.
基金This work was supported by the Program for Changjiang Scholars and Innovative Research Team in University under Grant No. IRT1078 the Key Program of NSFC-Guangdong Union Foundation under Grant No.U1135002+3 种基金 the Major National S&T Program under Grant No.2011ZX03005-002 the National Natural Science Foundation of China under Grants No. 61072066, No.61173135, No.61100230, No.61100233, No.61202389, No.61202390 the Natural Science Basic Research Plan in Shaanxi Province of China under Grants No.2012JQ8043, No. 2012JM8030, No. 2012JM8025, No2011JQ8003 the Fundamental Research Funds for the Central Universities under Cxants No. JY10000903001, No. K50511030004. The authors would like to thank the anonymous reviewers and the editor for their constructive comments that have helped us to improve this paper.
文摘In order to relvedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a snort card, and provides more security guarantees in two aspects: 1) it addresses the untmceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offiine attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks.
基金Supported by the National High Technology Research and Development Programme of China ( No. 2004AA001210) and the National Natural Science Foundation of China (No. 60532030).
文摘For the application of wireless sensor networks in the military field, one of the main challenges is security. To solve the problem of verifying the location claim for a node, a new location verifica- tion algorithm called node cooperation based location secure verification (NCBLSV) algorithm is proposed. NCBLSV could verify malicious nodes by contrasting neighbor nodes and nodes under beam width angle using an adaptive array antenna at a base point. Simulation experiments are con- ducted to evaluate the performance of this algorithm by varying the communication range and the an- tenna beam width angle. Results show that NCBLSV algorithm has high probability of successful ma- licious nodes detection and low probability of false nodes detection. Thus, it is proved that the NCBLSV algorithm is useful and necessary in the wireless sensor networks security.
文摘In Heterogeneous Wireless Sensor Networks, the mobility of the sensor nodes becomes essential in various applications. During node mobility, there are possibilities for the malicious node to become the cluster head or cluster member. This causes the cluster or the whole network to be controlled by the malicious nodes. To offer high level of security, the mobile sensor nodes need to be authenticated. Further, clustering of nodes improves scalability, energy efficient routing and data delivery. In this paper, we propose a cluster based secure dynamic keying technique to authenticate the nodes during mobility. The nodes with high configuration are chosen as cluster heads based on the weight value which is estimated using parameters such as the node degree, average distance, node's average speed, and virtual battery power. The keys are dynamically generated and used for providing security. Even the keys are compromised by the attackers, they are not able to use the previous keys to cheat or disuse the authenticated nodes. In addition, a bidirectional malicious node detection technique is employed which eliminates the malicious node from the network. By simulation, it is proved that the proposed technique provides efficient security with reduced energy consumption during node mobility.
基金Project(61100201) supported by National Natural Science Foundation of ChinaProject(12ZZ019) supported by Technology Innovation Research Program,Shang Municipal Education Commission,China+1 种基金Project(LYM11053) supported by the Foundation for Distinguished Young Talents in Higher Education of Guangdong Province,ChinaProject(NCET-12-0358) supported by New Century Excellent Talentsin University,Ministry of Education,China
文摘The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.
基金Supported by 863 Project of China (No.2006AA01Z224)
文摘In Wireless Sensor Networks (WSNs), it is necessary to predict computational overheads of security mechanisms without final implementations to provide guidelines for system design. This paper presents an accurate and flexible model to predict overheads of these mechanisms. This model is based on overheads of basic operations frequently used in cryptography algorithms, which are essential elements of security mechanisms. Several popular cryptography algorithms and security mechanisms are evaluated using this model. According to simulation results, relative prediction errors are less than 7% for most cryptography algorithms and security mechanisms.
基金the Six Great Talent Peak Plan of JiangsuProvince(No 06-E-044)the"Qinlan Project"plan of Jiangsu province 2006 and the Natural Science Founda-tion of Jiangsu Province(No.BK2004218).
文摘Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme for wireless sensor networks due to limitations of the power,com-putation capability and storage resources.In this paper,an efficient key agreement and encryptionscheme for wireless sensor networks is presented.Results of analysis and simulations among the pro-posed scheme and other schemes show that the proposed scheme has some advantages in terms ofenergy consumption,computation requirement,storage requirement and security.
文摘As the applications of wireless sensor networks(WSNs) diversify,providing secure communication is emerging as a critical requirement. In this paper,we investigate the detection of wormhole attack,a serious security issue for WSNs. Wormhole attack is difficult to detect and prevent,as it can work without compromising sensor nodes or breaching the encryption key. We present a wormhole attack detection approach based on the probability distribution of the neighboring-node-number,WAPN,which helps the sensor nodes to judge distributively whether a wormhole attack is taking place and whether they are in the in-fluencing area of the attack. WAPN can be easily implemented in resource-constrained WSNs without any additional requirements,such as node localization,tight synchronization,or directional antennas. WAPN uses the neighboring-node-number as the judging criterion,since a wormhole usually results in a significant increase of the neighboring-node-number due to the extra attacking link. Firstly,we model the distribution of the neighboring-node-number in the form of a Bernoulli distribution. Then the model is simplified to meet the sensor nodes' constraints in computing and memory capacity. Finally,we propose a simple method to obtain the threshold number,which is used to detect the existence of a wormhole. Simulation results show that WAPN is effective under the conditions of different network topologies and wormhole parameters.
