This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relat...This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).展开更多
The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key managemen...The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.展开更多
Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper...Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy(LEACH) for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.展开更多
Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it b...Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it becomes complex due to the mutual characteristics of sensor nodes in HWSN. In order to enhance the network security,an asymmetric key pre-distributed management scheme for HWSN is proposed combining with authentication process to further ensure the network security; meanwhile,an effective authentication method for newly added nodes is presented. Simulation result indicates that the proposed scheme can improve the network security while reducing the storage space requirement efficiently.展开更多
According to the weakness of session key construction based on node’s own location, we propose a hybrid key management scheme which based on clustered wireless sensor networks. The use of hierarchical thinking, reduc...According to the weakness of session key construction based on node’s own location, we propose a hybrid key management scheme which based on clustered wireless sensor networks. The use of hierarchical thinking, reducing the amount of key storage and computing, while supporting network topology, dynamic key management for which aims to prevent leakage. Through analyzing, it shows that the scheme have certain advantages in key connectivity, security, communication and energy consumption.展开更多
Wireless sensor networks (WSNs) and wireless mesh networks (WMNs) are popular research subjects. The interconnection of both network types enables next-generation applications and creates new optimization opportunitie...Wireless sensor networks (WSNs) and wireless mesh networks (WMNs) are popular research subjects. The interconnection of both network types enables next-generation applications and creates new optimization opportunities. Currently, plenty of protocols are available on the security of either wireless sensor networks or wireless mesh networks, an investigation in peer work underpins the fact that neither of these protocols is adapt to the interconnection of these network types. The internal cause relies on the fact that they differ in terms of complexity, scalability and network abstraction level. Therefore, in this article, we propose a unified security framework with three key management protocols, MPKM, MGKM, and TKM which are able to provide basic functionalities on the simplest devices and advanced functionalities on high performance nodes. We perform a detailed performance evaluation on our protocols against some important metrics such as scalability, key connectivity and compromise resilience, and we also compare our solution to the current keying protocols for WSNs and WMNs.展开更多
As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the hand...As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the handover frequency of fast-moving mobile users,like vehicles.Thus,seamless handover with security provision is highly desirable in 5G networks.The third generation partnership project(3GPP)has been working on standardization of the handover procedure in 5G networks to meet the stringent efficiency and security requirement.However,the existing handover authentication process in 5G networks has securityflaws,i.e.vulnerable to replay and de-synchronization attacks,and cannot provide perfect forward secrecy.In this paper,we propose a secure and efficient handover authentication and key management protocol utilizing the Chinese remainder theory.The proposed scheme preserves the majority part of the original 5G system architecture defined by 3GPP,thus can be easily implemented in practice.Formal security analysis based on BAN-logic shows that the proposed scheme achieves secure mutual authentication and can remedy some security flaws in original 5G handover process.Performance analysis shows that the proposed protocol has lower communication overhead and computation overhead compared with other handover authentication schemes.展开更多
For security services in wireless sensor networks,key management is a fundamental building block.In this article,we propose a triangle-based key predistribution approach and show that it can improve the effectiveness ...For security services in wireless sensor networks,key management is a fundamental building block.In this article,we propose a triangle-based key predistribution approach and show that it can improve the effectiveness of key management in wireless sensor networks.This is achieved by using the bivariate polynomial in a triangle deployment system based on deployment information about expected locations of the sensor nodes.The analysis indicates that this scheme can achieve higher probability of both direct key establishment and indirect key establishment.On the other hand,the security analysis shows that its security against node capture would increase with a decrease of the sensor node deployment density and size of the deployment model and an increase of the polynomial degree.展开更多
The single planar routing protocol has a slow convergence rate in the large-scale Wireless Sensor Network(WSN).Although the hierarchical routing protocol can effectively cope with large-scale application scenarios,how...The single planar routing protocol has a slow convergence rate in the large-scale Wireless Sensor Network(WSN).Although the hierarchical routing protocol can effectively cope with large-scale application scenarios,how to elect a secure cluster head and balance the network load becomes an enormous challenge.In this paper,a Trust Management-based and Low Energy Adaptive Clustering Hierarchy protocol(LEACH-TM)is proposed.In LEACH-TM,by using the number of dynamic decision cluster head nodes,residual energy and density of neighbor nodes,the size of the cluster can be better constrained to improve energy efficiency,and avoid excessive energy consumption of a node.Simultaneously,the trust management scheme is introduced into LEACH-TM to defend against internal attacks.The simulation results show that,compared with LEACH-SWDN protocol and LEACH protocol,LEACH-TM outperforms in prolonging the network lifetime and balancing the energy consumption,and can effectively mitigate the influence of malicious nodes on cluster head selection,which can greatiy guarantee the security of the overall network.展开更多
The World Wide Web has been an environment with many security threats and lots of reported cases of security breaches. Various tools and techniques have been applied in trying to curb this problem, however new attacks...The World Wide Web has been an environment with many security threats and lots of reported cases of security breaches. Various tools and techniques have been applied in trying to curb this problem, however new attacks continue to plague the Internet. We discuss risks that affect web applications and explain how network-centric and host-centric techniques, as much as they are crucial in an enterprise, lack necessary depth to comprehensively analyze overall application security. The nature of web applications to span a number of servers introduces a new dimension of security requirement that calls for a holistic approach to protect the information asset regardless of its physical or logical separation of modules and tiers. We therefore classify security mechanisms as either infrastructure-centric or application-centric based on what asset is being secured. We then describe requirements for such application-centric security mechanisms.展开更多
Radio frequency identification (RFID) has emerged as a pivotal technology in supply chain management (SCM), significantly enhancing its efficiency and effectiveness. When integrated with the internet of things (IoT) t...Radio frequency identification (RFID) has emerged as a pivotal technology in supply chain management (SCM), significantly enhancing its efficiency and effectiveness. When integrated with the internet of things (IoT) to form RFID-IoT, this technology brings transformative advancements to SCM, enabling automated sensing, pervasive computing, and ubiquitous data access across the entire supply chain, from manufacturers and distributors to retailers and consumers. This integration facilitates real-time identification and monitoring of products, enhances various processes, improves logistic tracking, and ensures better product quality management. Despite its promising benefits, the adoption of RFID-IoT in SCM faces several challenges, including technical complexities, data security concerns, and high implementation costs. However, the future potential of RFID-IoT technology remains substantial. It is anticipated that further integration with other emerging technologies, such as block chain and artificial intelligence, will lead to more comprehensive and robust SCM solutions, offering unprecedented levels of transparency, efficiency, and automation in supply chain operations.展开更多
Key establishment and its management in Wireless Sensor Networks(WSN) is a challenging problem due to its limited resources and disordered structure. Many key management schemes have been developed recently for WSN to...Key establishment and its management in Wireless Sensor Networks(WSN) is a challenging problem due to its limited resources and disordered structure. Many key management schemes have been developed recently for WSN to provide secure communication between source and destination sensor nodes.A serious threat highlighted in all of these schemes is that of node capture attacks,where an adversary gains full control over a sensor node through direct physical access.Node capture attacks can also be helpful to an adversary in new attacks like Blackhole and Denial of Service.All of these proposed key management solutions still suffer from node capture attacks with resilience.The current sensor networks are assumed to be designed for specific applications,having key management protocols strongly coupled to applications.The future sensor networks are envisioned as comprising heterogeneous devices assisting to a large range of applications.To achieve this goal,a new application independent approach is needed. In this paper we therefore present a novel,extended version of our previously published Dynamic Group-based Key Establishment(DGKE) protocol. We compare the proposed scheme with existing key management schemes,which shows a significant improvement in resilience against node capture attacks,memory overhead and connectivity.展开更多
As the scale of the power system continues to expand,the environment for power operations becomes more and more complex.Existing risk management and control methods for power operations can only set the same risk dete...As the scale of the power system continues to expand,the environment for power operations becomes more and more complex.Existing risk management and control methods for power operations can only set the same risk detection standard and conduct the risk detection for any scenario indiscriminately.Therefore,more reliable and accurate security control methods are urgently needed.In order to improve the accuracy and reliability of the operation risk management and control method,this paper proposes a method for identifying the key links in the whole process of electric power operation based on the spatiotemporal hybrid convolutional neural network.To provide early warning and control of targeted risks,first,the video stream is framed adaptively according to the pixel changes in the video stream.Then,the optimized MobileNet is used to extract the feature map of the video stream,which contains both time-series and static spatial scene information.The feature maps are combined and non-linearly mapped to realize the identification of dynamic operating scenes.Finally,training samples and test samples are produced by using the whole process image of a power company in Xinjiang as a case study,and the proposed algorithm is compared with the unimproved MobileNet.The experimental results demonstrated that the method proposed in this paper can accurately identify the type and start and end time of each operation link in the whole process of electric power operation,and has good real-time performance.The average accuracy of the algorithm can reach 87.8%,and the frame rate is 61 frames/s,which is of great significance for improving the reliability and accuracy of security control methods.展开更多
Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changi...Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changing topology, cooperative routing algorithms.The article surveys the state of the art in security for wireless mesh networks.Firstly,we analyze various possible threats to security in wireless mesh networks.Secondly,we introduce some representative solutions to these threats,including solutions to the problems of key management,secure network routing,and intrusion detection.We also provide a comparison and discussion of their respective merits and drawbacks,and propose some improvements for these drawbacks.Finally,we also discuss the remaining challenges in the area.展开更多
文摘This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).
基金Project(61100201) supported by National Natural Science Foundation of ChinaProject(12ZZ019) supported by Technology Innovation Research Program,Shang Municipal Education Commission,China+1 种基金Project(LYM11053) supported by the Foundation for Distinguished Young Talents in Higher Education of Guangdong Province,ChinaProject(NCET-12-0358) supported by New Century Excellent Talentsin University,Ministry of Education,China
文摘The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.
基金Supported by the Natural Science Foundation ofHunan Province (jj587402)
文摘Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy(LEACH) for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.
基金Support by the National High Technology Research and Development Program of China(No.2012AA120802)National Natural Science Foundation of China(No.61771186)+2 种基金Postdoctoral Research Project of Heilongjiang Province(No.LBH-Q15121)University Nursing Program for Young Scholars with Creative Talents in Heilongjiang Province(No.UNPYSCT-2017125)Postgraduate Innovation Research Project of Heilongjiang University(No.YJSCX2018-051HLJU)
文摘Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it becomes complex due to the mutual characteristics of sensor nodes in HWSN. In order to enhance the network security,an asymmetric key pre-distributed management scheme for HWSN is proposed combining with authentication process to further ensure the network security; meanwhile,an effective authentication method for newly added nodes is presented. Simulation result indicates that the proposed scheme can improve the network security while reducing the storage space requirement efficiently.
文摘According to the weakness of session key construction based on node’s own location, we propose a hybrid key management scheme which based on clustered wireless sensor networks. The use of hierarchical thinking, reducing the amount of key storage and computing, while supporting network topology, dynamic key management for which aims to prevent leakage. Through analyzing, it shows that the scheme have certain advantages in key connectivity, security, communication and energy consumption.
文摘Wireless sensor networks (WSNs) and wireless mesh networks (WMNs) are popular research subjects. The interconnection of both network types enables next-generation applications and creates new optimization opportunities. Currently, plenty of protocols are available on the security of either wireless sensor networks or wireless mesh networks, an investigation in peer work underpins the fact that neither of these protocols is adapt to the interconnection of these network types. The internal cause relies on the fact that they differ in terms of complexity, scalability and network abstraction level. Therefore, in this article, we propose a unified security framework with three key management protocols, MPKM, MGKM, and TKM which are able to provide basic functionalities on the simplest devices and advanced functionalities on high performance nodes. We perform a detailed performance evaluation on our protocols against some important metrics such as scalability, key connectivity and compromise resilience, and we also compare our solution to the current keying protocols for WSNs and WMNs.
文摘As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the handover frequency of fast-moving mobile users,like vehicles.Thus,seamless handover with security provision is highly desirable in 5G networks.The third generation partnership project(3GPP)has been working on standardization of the handover procedure in 5G networks to meet the stringent efficiency and security requirement.However,the existing handover authentication process in 5G networks has securityflaws,i.e.vulnerable to replay and de-synchronization attacks,and cannot provide perfect forward secrecy.In this paper,we propose a secure and efficient handover authentication and key management protocol utilizing the Chinese remainder theory.The proposed scheme preserves the majority part of the original 5G system architecture defined by 3GPP,thus can be easily implemented in practice.Formal security analysis based on BAN-logic shows that the proposed scheme achieves secure mutual authentication and can remedy some security flaws in original 5G handover process.Performance analysis shows that the proposed protocol has lower communication overhead and computation overhead compared with other handover authentication schemes.
文摘For security services in wireless sensor networks,key management is a fundamental building block.In this article,we propose a triangle-based key predistribution approach and show that it can improve the effectiveness of key management in wireless sensor networks.This is achieved by using the bivariate polynomial in a triangle deployment system based on deployment information about expected locations of the sensor nodes.The analysis indicates that this scheme can achieve higher probability of both direct key establishment and indirect key establishment.On the other hand,the security analysis shows that its security against node capture would increase with a decrease of the sensor node deployment density and size of the deployment model and an increase of the polynomial degree.
基金supported by the National Natural Science Foundation of China(Grant No.61571303,No.61571004)the Shanghai Natural Science Foundation(Grant No.21ZR1461700)+3 种基金the Shanghai Sailing Program(Grant No.19YF1455800)the National Science and Technology Major Project of China(No.2018ZX03001031)the Fundamental Research Funds for State Key Laboratory of Synthetical Automation for Process Industries(Grant No.PAL-N201703)the National Key Research and Development Program of China-Internet of Things and Smart City Key Program(No.2019YFB2101600,NO.2019YFB2101602,No.2019YFB2101602-03).
文摘The single planar routing protocol has a slow convergence rate in the large-scale Wireless Sensor Network(WSN).Although the hierarchical routing protocol can effectively cope with large-scale application scenarios,how to elect a secure cluster head and balance the network load becomes an enormous challenge.In this paper,a Trust Management-based and Low Energy Adaptive Clustering Hierarchy protocol(LEACH-TM)is proposed.In LEACH-TM,by using the number of dynamic decision cluster head nodes,residual energy and density of neighbor nodes,the size of the cluster can be better constrained to improve energy efficiency,and avoid excessive energy consumption of a node.Simultaneously,the trust management scheme is introduced into LEACH-TM to defend against internal attacks.The simulation results show that,compared with LEACH-SWDN protocol and LEACH protocol,LEACH-TM outperforms in prolonging the network lifetime and balancing the energy consumption,and can effectively mitigate the influence of malicious nodes on cluster head selection,which can greatiy guarantee the security of the overall network.
文摘The World Wide Web has been an environment with many security threats and lots of reported cases of security breaches. Various tools and techniques have been applied in trying to curb this problem, however new attacks continue to plague the Internet. We discuss risks that affect web applications and explain how network-centric and host-centric techniques, as much as they are crucial in an enterprise, lack necessary depth to comprehensively analyze overall application security. The nature of web applications to span a number of servers introduces a new dimension of security requirement that calls for a holistic approach to protect the information asset regardless of its physical or logical separation of modules and tiers. We therefore classify security mechanisms as either infrastructure-centric or application-centric based on what asset is being secured. We then describe requirements for such application-centric security mechanisms.
文摘Radio frequency identification (RFID) has emerged as a pivotal technology in supply chain management (SCM), significantly enhancing its efficiency and effectiveness. When integrated with the internet of things (IoT) to form RFID-IoT, this technology brings transformative advancements to SCM, enabling automated sensing, pervasive computing, and ubiquitous data access across the entire supply chain, from manufacturers and distributors to retailers and consumers. This integration facilitates real-time identification and monitoring of products, enhances various processes, improves logistic tracking, and ensures better product quality management. Despite its promising benefits, the adoption of RFID-IoT in SCM faces several challenges, including technical complexities, data security concerns, and high implementation costs. However, the future potential of RFID-IoT technology remains substantial. It is anticipated that further integration with other emerging technologies, such as block chain and artificial intelligence, will lead to more comprehensive and robust SCM solutions, offering unprecedented levels of transparency, efficiency, and automation in supply chain operations.
文摘Key establishment and its management in Wireless Sensor Networks(WSN) is a challenging problem due to its limited resources and disordered structure. Many key management schemes have been developed recently for WSN to provide secure communication between source and destination sensor nodes.A serious threat highlighted in all of these schemes is that of node capture attacks,where an adversary gains full control over a sensor node through direct physical access.Node capture attacks can also be helpful to an adversary in new attacks like Blackhole and Denial of Service.All of these proposed key management solutions still suffer from node capture attacks with resilience.The current sensor networks are assumed to be designed for specific applications,having key management protocols strongly coupled to applications.The future sensor networks are envisioned as comprising heterogeneous devices assisting to a large range of applications.To achieve this goal,a new application independent approach is needed. In this paper we therefore present a novel,extended version of our previously published Dynamic Group-based Key Establishment(DGKE) protocol. We compare the proposed scheme with existing key management schemes,which shows a significant improvement in resilience against node capture attacks,memory overhead and connectivity.
基金This paper is supported by the Science and technology projects of Yunnan Province(Grant No.202202AD080004).
文摘As the scale of the power system continues to expand,the environment for power operations becomes more and more complex.Existing risk management and control methods for power operations can only set the same risk detection standard and conduct the risk detection for any scenario indiscriminately.Therefore,more reliable and accurate security control methods are urgently needed.In order to improve the accuracy and reliability of the operation risk management and control method,this paper proposes a method for identifying the key links in the whole process of electric power operation based on the spatiotemporal hybrid convolutional neural network.To provide early warning and control of targeted risks,first,the video stream is framed adaptively according to the pixel changes in the video stream.Then,the optimized MobileNet is used to extract the feature map of the video stream,which contains both time-series and static spatial scene information.The feature maps are combined and non-linearly mapped to realize the identification of dynamic operating scenes.Finally,training samples and test samples are produced by using the whole process image of a power company in Xinjiang as a case study,and the proposed algorithm is compared with the unimproved MobileNet.The experimental results demonstrated that the method proposed in this paper can accurately identify the type and start and end time of each operation link in the whole process of electric power operation,and has good real-time performance.The average accuracy of the algorithm can reach 87.8%,and the frame rate is 61 frames/s,which is of great significance for improving the reliability and accuracy of security control methods.
基金Project supported by the Shanghai Minicipal Natural Science Foundation(Grant No09ZR1414900)the National High Technology Development 863 Program of China(Grant No2006AA01Z436,No2007AA01Z452,No2009AA01Z118)
文摘Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changing topology, cooperative routing algorithms.The article surveys the state of the art in security for wireless mesh networks.Firstly,we analyze various possible threats to security in wireless mesh networks.Secondly,we introduce some representative solutions to these threats,including solutions to the problems of key management,secure network routing,and intrusion detection.We also provide a comparison and discussion of their respective merits and drawbacks,and propose some improvements for these drawbacks.Finally,we also discuss the remaining challenges in the area.
