LEDS: Providing Location-Aware End-to-End Data Security in Wireless Sensor Networks
TL;DR: A location-aware end-to-end security framework in which secret keys are bound to geographic locations and each node stores a few keys based on its own location, which effectively limits the impact of compromised nodes only to their vicinity without affecting end- to-end data security.
Abstract: Providing desirable data security, that is, confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is challenging, as a WSN usually consists of a large number of resource constraint sensor nodes that are generally deployed in unattended/hostile environments and, hence, are exposed to many types of severe insider attacks due to node compromise. Existing security designs mostly provide a hop-by-hop security paradigm and thus are vulnerable to such attacks. Furthermore, existing security designs are also vulnerable to many types of denial of service (DoS) attacks, such as report disruption attacks and selective forwarding attacks and thus put data availability at stake. In this paper, we seek to overcome these vulnerabilities for large-scale static WSNs. We come up with a location-aware end-to-end security framework in which secret keys are bound to geographic locations and each node stores a few keys based on its own location. This location-aware property effectively limits the impact of compromised nodes only to their vicinity without affecting end-to-end data security. The proposed multifunctional key management framework assures both node-to-sink and node-to-node authentication along the report forwarding routes. Moreover, the proposed data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against DoS attacks. The evaluation demonstrates that the proposed design is highly resilient against an increasing number of compromised nodes and effective in energy savings.
Citations
More filters
TL;DR: In this article, the authors provide a tutorial and survey of recent research and development efforts addressing this issue by using the technique of multi-objective optimization (MOO), and elaborate on various prevalent approaches conceived for MOO, such as the family of mathematical programming-based scalarization methods, and a variety of other advanced optimization techniques.
Abstract: Wireless sensor networks (WSNs) have attracted substantial research interest, especially in the context of performing monitoring and surveillance tasks. However, it is challenging to strike compelling tradeoffs amongst the various conflicting optimization criteria, such as the network’s energy dissipation, packet-loss rate, coverage, and lifetime. This paper provides a tutorial and survey of recent research and development efforts addressing this issue by using the technique of multi-objective optimization (MOO). First, we provide an overview of the main optimization objectives used in WSNs. Then, we elaborate on various prevalent approaches conceived for MOO, such as the family of mathematical programming-based scalarization methods, the family of heuristics/metaheuristics-based optimization algorithms, and a variety of other advanced optimization techniques. Furthermore, we summarize a range of recent studies of MOO in the context of WSNs, which are intended to provide useful guidelines for researchers to understand the referenced literature. Finally, we discuss a range of open problems to be tackled by future research.
311 citations
TL;DR: This paper defines three types of Sybil attacks: SA-1, SA-2, and SA-3 according to the Sybil attacker's capabilities, and presents some Sybil defense schemes, including social graph-based Sybil detection (SGSD), behavior classification-basedSybil Detection (BCSD), and mobile Sybil Detection with the comprehensive comparisons.
Abstract: The emerging Internet-of-Things (IoT) are vulnerable to Sybil attacks where attackers can manipulate fake identities or abuse pseudoidentities to compromise the effectiveness of the IoT and even disseminate spam. In this paper, we survey Sybil attacks and defense schemes in IoT. Specifically, we first define three types Sybil attacks: SA-1, SA-2, and SA-3 according to the Sybil attacker’s capabilities. We then present some Sybil defense schemes, including social graph-based Sybil detection (SGSD), behavior classification-based Sybil detection (BCSD), and mobile Sybil detection with the comprehensive comparisons. Finally, we discuss the challenging research issues and future directions for Sybil defense in IoT.
308 citations
01 Dec 2017
TL;DR: The impact of security issues and possible solutions are determined, providing future security-relevant directions to those responsible for designing, developing, and maintaining Fog systems.
Abstract: Fog computing is a new paradigm that extends the Cloud platform model by providing computing resources on the edges of a network. It can be described as a cloud-like platform having similar data, computation, storage and application services, but is fundamentally different in that it is decentralized. In addition, Fog systems are capable of processing large amounts of data locally, operate on-premise, are fully portable, and can be installed on heterogeneous hardware. These features make the Fog platform highly suitable for time and location-sensitive applications. For example, Internet of Things (IoT) devices are required to quickly process a large amount of data. This wide range of functionality driven applications intensifies many security issues regarding data, virtualization, segregation, network, malware and monitoring. This paper surveys existing literature on Fog computing applications to identify common security gaps. Similar technologies like Edge computing, Cloudlets and Micro-data centres have also been included to provide a holistic review process. The majority of Fog applications are motivated by the desire for functionality and end-user requirements, while the security aspects are often ignored or considered as an afterthought. This paper also determines the impact of those security issues and possible solutions, providing future security-relevant directions to those responsible for designing, developing, and maintaining Fog systems.
267 citations
TL;DR: This survey paper addresses a broad range of security and privacy aspects in IoT-based positioning and localization from both technical and legal points of view and aims to give insight and recommendations for future IoT systems providing more robust, secure, and privacy-preserving location-based services.
Abstract: Internet of Things (IoT) connects sensing devices to the Internet for the purpose of exchanging information. Location information is one of the most crucial pieces of information required to achieve intelligent and context-aware IoT systems. Recently, positioning and localization functions have been realized in a large amount of IoT systems. However, security and privacy threats related to positioning in IoT have not been sufficiently addressed so far. In this paper, we survey solutions for improving the robustness, security, and privacy of location-based services in IoT systems. First, we provide an in-depth evaluation of the threats and solutions related to both global navigation satellite system (GNSS) and non-GNSS-based solutions. Second, we describe certain cryptographic solutions for security and privacy of positioning and location-based services in IoT. Finally, we discuss the state-of-the-art of policy regulations regarding security of positioning solutions and legal instruments to location data privacy in detail. This survey paper addresses a broad range of security and privacy aspects in IoT-based positioning and localization from both technical and legal points of view and aims to give insight and recommendations for future IoT systems providing more robust, secure, and privacy-preserving location-based services.
262 citations
Cites background from "LEDS: Providing Location-Aware End-..."
...Secure localization and location verification can be used also for improving data security of IoT more generally by introducing a location-aware security framework [145]....
[...]
01 May 2007
TL;DR: Simulation results indicate that internal adversaries can be identified with a high accuracy and a low false alarm rate when as many as 25% sensors are misbehaving.
Abstract: Though destructive to network functions, insider attackers are not detectable with only the classic cryptography-based techniques. Many mission-critic sensor network applications demand an effective, light, flexible algorithm for internal adversary identification with only localized information available. The insider attacker detection scheme proposed in this paper meets all the requirements by exploring the spatial correlation existent among the networking behaviors of sensors in close proximity. Our work is exploratory in that the proposed algorithm considers multiple attributes simultaneously in node behavior evaluation, with no requirement on a prior knowledge about normal/malicious sensor activities. Moreover, it is application-friendly, which employs original measurements from sensors and can be employed to monitor many aspects of sensor networking behaviors. Our algorithm is purely localized, fitting well to the large-scale sensor networks. Simulation results indicate that internal adversaries can be identified with a high accuracy and a low false alarm rate when as many as 25% sensors are misbehaving.
207 citations
References
More filters
TL;DR: This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.
Abstract: In this paper we show how to divide data D into n pieces in such a way that D is easily reconstructable from any k pieces, but even complete knowledge of k - 1 pieces reveals absolutely no information about D. This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.
14,340 citations
"LEDS: Providing Location-Aware End-..." refers background or methods in this paper
...In addition, LEDS also adopts a ðt; T Þ threshold linear secret sharing scheme (LSSS) [ 25 ] so that the sink can recover the original report from any t out of T legitimate report shares....
[...]
...On the other hand, to generate an authentic report, each node needs to compute two MACs and execute one LSSS operation, which can be performed using efficient Oðjpj log 2 jpjÞ algorithms [ 25 ]....
[...]
18 Nov 2002
TL;DR: A key-management scheme designed to satisfy both operational and security requirements of DSNs is presented, which relies on probabilistic key sharing among the nodes of a random graph and uses simple protocols for shared-key discovery and path-key establishment, and for key revocation, re-keying, and incremental addition of nodes.
Abstract: Distributed Sensor Networks (DSNs) are ad-hoc mobile networks that include sensor nodes with limited computation and communication capabilities. DSNs are dynamic in the sense that they allow addition and deletion of sensor nodes after deployment to grow the network or replace failing and unreliable nodes. DSNs may be deployed in hostile areas where communication is monitored and nodes are subject to capture and surreptitious use by an adversary. Hence DSNs require cryptographic protection of communications, sensor-capture detection, key revocation and sensor disabling. In this paper, we present a key-management scheme designed to satisfy both operational and security requirements of DSNs. The scheme includes selective distribution and revocation of keys to sensor nodes as well as node re-keying without substantial computation and communication capabilities. It relies on probabilistic key sharing among the nodes of a random graph and uses simple protocols for shared-key discovery and path-key establishment, and for key revocation, re-keying, and incremental addition of nodes. The security and network connectivity characteristics supported by the key-management scheme are discussed and simulation experiments presented.
3,900 citations
"LEDS: Providing Location-Aware End-..." refers background in this paper
...2.2 End-to-End versus Hop-by-Hop Design In the past few years, many secret key predistribution schemes have been proposed [ 6 ], [8], [9], [10], [12], [13], [14], [15], [29]....
[...]
...We further note that the above bootstrapping operation can also be realized through the key predistribution approach [ 6 ], [12], instead of using mobile robots....
[...]
...Recent research has seen a growing body of work on security designs for WSNs [ 6 ], [8], [9], [10], [12], [13], [14], [15], [18], [19], [21], [36], [37], [38]....
[...]
12 Nov 2000
TL;DR: Key requirements are identified, a small device is developed that is representative of the class, a tiny event-driven operating system is designed, and it is shown that it provides support for efficient modularity and concurrency-intensive operation.
Abstract: Technological progress in integrated, low-power, CMOS communication devices and sensors makes a rich design space of networked sensors viable. They can be deeply embedded in the physical world and spread throughout our environment like smart dust. The missing elements are an overall system architecture and a methodology for systematic advance. To this end, we identify key requirements, develop a small device that is representative of the class, design a tiny event-driven operating system, and show that it provides support for efficient modularity and concurrency-intensive operation. Our operating system fits in 178 bytes of memory, propagates events in the time it takes to copy 1.25 bytes of memory, context switches in the time it takes to copy 6 bytes of memory and supports two level scheduling. The analysis lays a groundwork for future architectural advances.
3,648 citations
"LEDS: Providing Location-Aware End-..." refers methods in this paper
...We assume that every sensor node has a unique id and is similar to the current generation of sensor nodes (for example, the Berkeley MICA motes [ 24 ]) in its computation and communication capability and power resource....
[...]
11 May 2003
TL;DR: The random-pairwise keys scheme is presented, which perfectly preserves the secrecy of the rest of the network when any node is captured, and also enables node-to-node authentication and quorum-based revocation.
Abstract: Key establishment in sensor networks is a challenging problem because asymmetric key cryptosystems are unsuitable for use in resource constrained sensor nodes, and also because the nodes could be physically compromised by an adversary. We present three new mechanisms for key establishment using the framework of pre-distributing a random set of keys to each node. First, in the q-composite keys scheme, we trade off the unlikeliness of a large-scale network attack in order to significantly strengthen random key predistribution's strength against smaller-scale attacks. Second, in the multipath-reinforcement scheme, we show how to strengthen the security between any two nodes by leveraging the security of other links. Finally, we present the random-pairwise keys scheme, which perfectly preserves the secrecy of the rest of the network when any node is captured, and also enables node-to-node authentication and quorum-based revocation.
3,125 citations
"LEDS: Providing Location-Aware End-..." refers background or result in this paper
...decreases, as shown in Fig. 4. Therefore, LEDS performs fairly well with respect to security resilience against random node capture attacks when compared with existing security designs [ 8 ], [12], [13]....
[...]
...2.2 End-to-End versus Hop-by-Hop Design In the past few years, many secret key predistribution schemes have been proposed [6], [ 8 ], [9], [10], [12], [13], [14], [15], [29]....
[...]
...Recent research has seen a growing body of work on security designs for WSNs [6], [ 8 ], [9], [10], [12], [13], [14], [15], [18], [19], [21], [36], [37], [38]....
[...]
11 May 2003
TL;DR: This work proposes security goals for routing in sensor networks, shows how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensors, and introduces two classes of novel attacks against sensor networks sinkholes and HELLO floods.
Abstract: We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as a goal. We propose security goals for routing in sensor networks, show how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensor networks, introduce two classes of novel attacks against sensor networks sinkholes and HELLO floods, and analyze the security of all the major sensor network routing protocols. We describe crippling attacks against all of them and suggest countermeasures and design considerations. This is the first such analysis of secure routing in sensor networks.
2,946 citations
"LEDS: Providing Location-Aware End-..." refers background in this paper
...Last, LEDS provides high-level assurance on data availability by dealing with both report disruption attack [21] and selective forwarding attack [ 3 ] simultaneously....
[...]
...Lastly, the attacker could also use compromised nodes to launch a selective forwarding attack [ 3 ], in which case compromised nodes selectively drop the going-through data traffic and, thus, data availability can be severely damaged....
[...]
...To this end, any security design in WSNs should be highly resilient against two types of DoS attacks: report disruption attack [21] and selective forwarding attack [ 3 ], in which compromised nodes purposefully drop legitimate packets to disrupt the event report service by taking advantage of the en-route-filtering policy....
[...]
...The existence of the aforementioned attacks together with the inherent constraints of sensor nodes make it rather challenging to provide satisfying data security in WSNs with respect to all its three aspects, that is, confidentiality, authenticity, and availability [1], [2], [ 3 ], [4], [5]....
[...]
...LEDS further adopts a one-to-many report-forwarding paradigm, which ensures that the system is being highly resilient to selective message forward attacks [ 3 ]....
[...]