• International Journal of Computer Science & Network Security
• /
• 제22권2호
• /
• pp.167-174
• /
• 2022

Vehicular Ad hoc Networks are considered as special kind of Mobile Ad Hoc Networks. VANETs are a new emerging recently developed, advanced technology that allows a wide set of applications related to providing more safety on roads, more convenience for passengers, self-driven vehicles, and intelligent transportation systems (ITS). Delay Tolerant Networks (DTN) are networks that allow communication in the event of connection problems, such as delays, intermittent connections, high error rates, and so on. Moreover, these are used in areas that may not have end-to-end connectivity. The expansion from DTN to VANET resulted in Vehicle Delay Tolerant Networks (VDTN). In this approach, a vehicle stores and carries a message in its buffer, and when the opportunity arises, it forwards the message to another node. Carry-store-forward mechanisms, packets in VDTNs can be delivered to the destination without clear connection between the transmitter and the receiver. The primary goals of routing protocols in VDTNs is to maximize the probability of delivery ratio to the destination node, while minimizing the total end-to-end delay. DTNs are used in a variety of operating environments, including those that are subject to failures and interruptions, and those with high delay, such as vehicle ad hoc networks (VANETs). This paper discusses DTN routing protocols belonging to unicast delay tolerant position based. The comparison was implemented using the NS2 simulator. Simulation of the three DTN routing protocols GeOpps, GeoSpray, and MaxProp is recorded, and the results are presented.

• 한국멀티미디어학회논문지
• /
• 제11권4호
• /
• pp.504-515
• /
• 2008

유선 네트워크의 빠른 전송속도 및 다양한 서비스와 무선의 편리성 및 이동성이 결합되어 새로운 서비스 영역을 창출하고 사용자와 서비스 제공자 모두에게 새로운 변화를 가져올 신기술로 유/무선 통합 시대가 전개되고 있다. 유/무선 통합 서비스 중에서 네트워크의 통합은 이기종 네트워크간 연동에 의한 네트워크 융합과 네트워크상에서 전송기술간 융합으로써 매주 중요한 부분을 차지하고 있다. 이러한 상황 속에서 이기종 네트워크의 융합은 서로 다른 네트워크의 융합으로 인해 기존의 보안 기술 및 통신 기술을 그대로 적용하기가 매우 어려우며, 보안 측면에서도 많은 취약점을 내포하고 있다. 기존의 동종 네트워크에서 사용자의 인증 및 키 관리와는 다르게 이기종 네트워크간의 사용자 인증 및 키 관리는 새로운 기술이 필요한 실정이며 또한 동종 네트워크에서 이기종 디바이스간의 보안 기술 확립은 매우 중요한 사항이라 할 수 있다. 본 논문에서는 이기종 네트워크 환경에서의 안전하고 효율적인 키 관리를 제안하여, 이기종 네트워크 디바이스간의 안전한 통신을 제공 할 수 있다.

• 전자공학회논문지CI
• /
• 제42권4호
• /
• pp.17-24
• /
• 2005

기존의 수동적인 네트워크는 단순히 데이터의 저장과 전송기능만을 가지고 있다. 이와 달리 액티브 네트워크는 네트워크 전송로상에서 전달중인 패킷에 대한 연산작업이 가능한 네트워크 패러다임이 1990년대 소개되었다. 하지만, 이와 같은 네트워크 패킷에 대한 능동적인 처리가 가능하다는 특징은 보안에 관한 측면에서는 보다 많은 보안상의 위협가능성을 고려해야만 한다. 본 논문에서는 이와 같이 능동적인 처리가 가능한 액티브 네트워크 환경의 취약점을 보안하고자 패킷 분리 방식을 이용한 안전한 액티브 네트워크 구조를 제안한다. 제안하고자 하는 시스템은 액티브 노드의 관리와 서비스의 이용자에 대한 관리가 가능한 모델로 설계하며, 패킷의 암호화와 세션을 이용한 패킷 전송을 통해 보안성을 향상시키고자 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권4호
• /
• pp.1779-1798
• /
• 2018

Heterogeneous wireless sensor networks (HEWSN) is a kind of wireless sensor networks (WSN), each sensor may has different attributes, HEWSN has been widely used in many aspects. Due to sensors are deployed in unattended environments and its resource constrained feature, the design of security and efficiency balanced authentication scheme for HEWSN becomes a vital challenge. In this paper, we propose a secure and lightweight user authentication and key agreement scheme based on biometric for HEWSN. Firstly, fuzzy extractor is adopted to handle the user's biometric information. Secondly, we achieve mutual authentication and key agreement among three entities, which are user, gateway and cluster head in the four phases. Finally, formal security analysis shows that the proposed scheme defends against various security pitfalls. Additionally, comparison results with other surviving relevant schemes show that our scheme is more efficient in term of computational cost, communication cost and estimated time. Therefore, the proposed scheme is well suitable for practical application in HEWSN.

• 한국정보처리학회:학술대회논문집
• /
• 한국정보처리학회 2006년도 춘계학술발표대회
• /
• pp.1113-1116
• /
• 2006

Security in wireless sensor networks is very pressing especially when sensor nodes are deployed in hostile environments. To obtain security purposes, it is essential to be able to encrypt and authenticate messages sent amongst sensor nodes. Keys for encryption and authentication must be agreed upon by communicating nodes. Due to resource limitations and other unique features, obtaining such key agreement in wireless sensor network is extremely complex. Many key agreement schemes used in general networks, such as trusted server, Diffie-Hellman and public-key based schemes, are not suitable for wireless sensor networks [1], [2], [5], [7], [8]. In that situation, key pre-distribution scheme has been emerged and considered as the most appropriate scheme [2], [5], [7]. Based on that sense, we propose a new resource-optimal key pre-distribution scheme utilizing merits of the two existing key pre-distribution schemes [3], [4]. Our scheme exhibits the fascinating properties: substantial improvement in sensors' resource usage, rigorous guarantee of successfully deriving pairwise keys between any pair of nodes, greatly improved network resiliency against node capture attack. We also present a detailed analysis in terms of security and resource usage of the scheme.

• 한국통신학회논문지
• /
• 제32권7B호
• /
• pp.403-410
• /
• 2007

IPv6 유무선 로컬 네트워크에서 이웃하는 호스트와 라우터를 발견하기 위한 목적으로 ND (Neighbor Discovery) 프로토콜이 제안되었다. 그러나 ND 프로토콜은 악의 있는 사용자가 프로토콜 메시지를 위조하여 정상적인 호스트나 라우터로 위장하는 것이 가능하기 때문에 네트워크 공격에 취약한 문제를 가지고 있다. ND 프로토콜을 보호하기 위한 목적으로 SEND (Secure Neighbor Discovery) 프로토콜이 제안되었다. SEND 프로토콜은 주소 소유권 증명, 메시지 보호, 재현 공격 방지, 그리고 라우터 인증 메커니즘을 제공한다. 본 논문에서는 IPv6 네트워크상에서 핵심적으로 운용될 프로토콜중의 하나인 SEND 프로토콜을 설계 및 구현하다. 또한 본 논문에서 구현한 SEND 프로토콜을 IPv6 네트워크상에서 실험함으로써 SEND 프로토콜의 공격 방어 능력과 프로토콜의 성능을 평가하고 분석한다.

• 정보보호학회논문지
• /
• 제18권1호
• /
• pp.49-57
• /
• 2008

본 논문에서는 구조적으로 분산 침입탐지시스템의 구조를 계승하면서 동시에 홈네트워크의 환경을 최대한 고려하여 HNHDIDS(Home Network Hierarchical Distributed Intrusion Detection System)로 명명된 새로운 계층적 분산 침입탐지 시스템을 제안한다. 제안된 시스템은 단일 클래스 support vector machine(support vector data description)과 지역적 에이전트(agent)들을 계층적으로 결합한 구조로써, 홈네트워크의 환경을 위하여 최적화되었다. 만족스러운 침입 탐지율과 안전한 FNR(false negative rate) 수치 등을 실험을 통하여 확인함으로써 제안된 시스템이 홈네트워크 환경에 적합함을 검증하였다.

• 디지털산업정보학회논문지
• /
• 제4권4호
• /
• pp.41-49
• /
• 2008

Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects forged reports into the network through compromised nodes. Such attacks by compromised sensors can cause not only false alarms but also the depletion of the finite amount of energy in a battery powered network. In order to reduce damage from these attacks, several security solutions have been proposed. Researchers have also proposed some techniques to increase the energy-efficiency of such security solutions. In this paper, we propose a CH(Cluster Header) selection algorithm to choose low power delivery method in sensor networks. The CNP(Contract Net Protocol), which is an approach to solve distribution problems, is applied to choose CHs for event sensing. As a result of employing CNP, the proposed method can prevent dropping of sensing reports with an insufficient number of message authentication codes during the forwarding process, and is efficient in terms of energy saving.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권4호
• /
• pp.923-948
• /
• 2013

The main concern in mobile peer-to-peer (P2P) networks is security because jamming or eavesdropping on a wireless link is much easier than on a wired one and such damage can be incurred without physical access or contact. In particular, authentication has increasingly become a requirement in mobile P2P environments. This paper presents a new mutual authentication mechanism which requires less storage space and maintains a high level of security in mobile P2P networks. The proposed mechanism improves efficiency by avoiding the use of centralized entities and is designed to be agile in terms of both reliability and low-cost implementation. The mechanism suggested in the simulation evaluates the function costs occurring in authentication between the devices under mobile P2P network environment comparing to existing method in terms of basic operation costs, traffic costs, communications costs, storage costs and scalability. The simulation results show that the proposed mechanism provides high authentication with low cryptography processing overhead.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권11호
• /
• pp.2769-2792
• /
• 2013

In this paper, we propose an authenticated key agreement scheme, TinyIBAK, based on the identity-based cryptography and bilinear paring, for large scale sensor networks. We prove the security of our proposal in the random oracle model. According to the formal security validation using AVISPA, the proposed scheme is strongly secure against the passive and active attacks, such as replay, man-in-the middle and node compromise attacks, etc. We implemented our proposal for TinyOS-2.1, analyzed the memory occupation, and evaluated the time and energy performance on the MICAz motes using the Avrora toolkits. Moreover, we deployed our proposal within the TOSSIM simulation framework, and investigated the effect of node density on the performance of our scheme. Experimental results indicate that our proposal consumes an acceptable amount of resources, and is feasible for infrequent key distribution and rekeying in large scale sensor networks. Compared with other ID-based key agreement approaches, TinyIBAK is much more efficient or comparable in performance but provides rekeying. Compared with the traditional key pre-distribution schemes, TinyIBAK achieves significant improvements in terms of security strength, key connectivity, scalability, communication and storage overhead, and enables efficient secure rekeying.