• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.10
• /
• pp.50-64
• /
• 2013

In clustered sensor networks, since a CH (Cluster Head) collects data from its members and delivers the collected data to the sink, it is very important to prevent compromised nodes from joining a CH election and manipulating and fabricating the election result. In order to protect CH elections from compromised nodes, unpredictability, non-manipulability, and agreement property should be guaranteed in CH elections. However, existing CH election schemes cannot prevent intelligent compromised nodes from skilfully violating those properties via their cooperation. In this paper, we propose a scheme which protects the CH election process by detecting intelligent compromised nodes and excluding them. For every CH election round, each member gives a direct trust value to other members according to their behavior. Then a real reputation value is given to each member by combining the direct trust value and indirect trust values provided by other members. Then, each node evaluates the real reputation values of members in its cluster and excludes some untrustable nodes from CH candidates. The scheme greatly improves the non-manipulability and agreement property of CH election results compared to other rival schemes. Furthermore, the scheme preserves the high non-manipulability and the high agreement property even in an environment where message losses can happen.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.12
• /
• pp.4661-4676
• /
• 2014

In Wireless Mesh Networks (WMN), an authentication technique can be compromised due to the distributed network architecture, the broadcast nature of the wireless medium and dynamic network topology. Several vulnerabilities exist in different protocols for WMNs. Hence, in this paper, we propose trust based authentication and key establishment for secure routing in WMN. Initially, a trust model is designed based on Ant Colony Optimization (ACO) to exchange the trust information among the nodes. The routing table is utilized to select the destination nodes, for which the link information is updated and the route verification is performed. Based on the trust model, mutual authentication is applied. When a node moves from one operator to another for accessing the router, inter-authentication will be performed. When a node moves within the operator for accessing the router, then intra-authentication will be performed. During authentication, keys are established using identity based cryptography technique. By simulation results, we show that the proposed technique enhances the packet delivery ratio and resilience with reduced drop and overhead.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.9
• /
• pp.49-55
• /
• 2017

Despite the Openflow's switch migration occurs after the channel was established in secure manner (optional), the current cryptography protocol cannot prevent the insider attack as the attacker possesses a valid public/private key pair. There are methods such as the certificate revocation list (CRL) or the online certificate status protocol (OCSP) that tries to revoke the compromised certificate. However, these methods require a management system or server that introduce additional overhead for the communication. Furthermore, these methods are not able to mitigate power abuse of an insider. In this paper, we propose a role-based identity-based cryptography (RB-IBC) that integrate the identity of the node along with its role so the nodes within the network can easily mitigate any role abuse of the nodes. Besides that, by combining with IBC, it will eliminate the need of exchanging certificates and hence improve the performance in a secure channel.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.141-145
• /
• 2008

Wireless sensor network (WSN) is expected to be used in many applications. However, sensor nodes still have some secure problems to use them in the real applications. They are typically deployed on open, wide, and unattended environments. An adversary using these features can easily compromise the deployed sensor nodes and use compromised sensor nodes to inject fabricated data to the sensor network (false data injection attack). The injected fabricated data drains much energy of them and causes a false alarm. To detect and drop the injected fabricated data, a filtering-based security method and adaptive methods are proposed. The number of different partitions is important to make event report since they can make a correctness event report if the representative node does not receive message authentication codes made by the different partition keys. The proposed methods cannot guarantee the detection power since they do not consider the filtering scheme. We proposed clustering method for filtering-based secure methods. Our proposed method uses fuzzy system to enhance the detection power of a cluster.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.25-31
• /
• 2012

LTE/SAE has presented the handover key management to revoke the compromised keys and to isolate corrupted network devices. In this paper, we identify that the handover key management is vulnerable to de-synchronization attacks, which is jeopardizing the forward secrecy of handover key management. Also, an adversary could prevent the UE from creating the secure link with eNodeB, which is delaying the handover procedure. In this paper, we present a counrermeasure to prevent above attacks, and analyze the performance issues of the proposed protocol.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.6
• /
• pp.1165-1170
• /
• 2022

In WSNs, a clustering algorithm groups sensor nodes on a unit called cluster and periodically selects a cluster head (CH) that acts as a communication relay on behalf of nodes in each cluster for the purpose of energy conservation and relay efficiency. Meanwhile, attack techniques also have emerged to intervene in the CH election process through compromised nodes (inside attackers) and have a fatal impact on network operation. However, existing countermeasures such as encryption key-based methods against outside attackers have a limitation to defend against such inside attackers. Therefore, we propose a statistical detection method that detects abnormal CH election behaviors occurs in a WSN cluster. We design two attack methods (Selfish and Greedy attacks) and our proposed defense method in WSNs with two clustering algorithms and conduct experiments to validate our proposed defense method works well against those attacks.

• Journal of the Korea Society for Simulation
• /
• v.19 no.1
• /
• pp.161-171
• /
• 2010

Sensor Networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks in which an adversary injects forged reports into the network through compromised nodes. Such attacks by compromised sensors can cause not only false alarms but also the depletion of the finite amount of energy in a battery powered network. Ye et al. proposed the Statistical En-route Filtering scheme to overcome this threat. In statistical en-route filtering scheme, all the intermediate nodes perform verification as event reports created by center of stimulus node are forwarded to the base station. This paper applies a probabilistic verification method to the Static Statistical En-route Filtering for energy efficiency. It is expected that the farther from the base station an event source is, the higher energy efficiency is achieved.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.7 s.349
• /
• pp.32-40
• /
• 2006

It is very important to establish a pairwise key securely in wireless sensor networks. Because sensor networks consist of devices with weak physical security, they are likely to be compromised by an attacker. However, some approaches using key pre-distribution and other approaches using one hop local keys are known to be very vulnerable to threats caused by compromised nodes, even a small number. This paper proposes a scheme where each node establishes three hop local keys and employs them for a later pairwise key establishment. When any two nodes agree a pairwise key, all nodes on the route between two nodes contribute to the agreement of the pairwise key. Here, the initial three hop local keys are employed for encrypting a secret key delivered from a node to other nodes. Therefore, the proposed scheme bothers attackers to compromise much more nodes than the scheme using one hop local keys only. The simulation results have proven that the proposed scheme provides better performance and higher security than the scheme using one hop local keys in terms of message exchange, the number of encryption and decryption, and pairwise key exposure rate.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.5B
• /
• pp.512-521
• /
• 2003

In this paper, we introduce our experience of the design and implementation of mobile collaboration system(MCS) that support people using mobile devices to participate in cooperative session. There are considerable differences between desktop PC and mobile devices like PDA in processing ability, resolution of display and color degree. In the case of mobile devices, they use different processors and different operating system and they have even differences in ability of executing application. The mobile collaborative system based on T.120 protocol of ITU-T standard compromised of mobile collaboration server, mobile collaboration client, session node and application. We also define the session node in desktop PC in which session control block and communication block runs. This node provide functions of session control block and communication block to mobile collaboration clients and so lighten load of clients. The mobile collaboration server provides information of candidates for session node, session and user to mobile collaboration client. And this server support clients to configure their own session node and manage sessions. Only the mobile collaboration client module and applications including APE are executed in a mobile device when user using mobile devices would like to participate in cooperative session. We implemented mobile collaboration client and applications with JAVA to support platform independency.

• Tuberculosis and Respiratory Diseases
• /
• v.38 no.4
• /
• pp.347-356
• /
• 1991

Endobronchial tuberculosis is a serious disase because it frequently leaves airway obstruction as the complication, and the treatment of airway obstruction is generally troublesome. In the tumorous type of endobonchial tuberculosis, the bronchial patency is partially or completely compromised with lymph node contents when the necrotic focus of the lymph node ruptures into the bronchial lumen to form a bronchoglandular fistula. To investigate the transition of endobronchial lesion and to evaluate the therapeutic role of bronchoscopic electrocautery in the tumorous type of endobronchial tuberculosis, we performed electrocautery in addition to the combination chemotherapy with steroid and anti-tuberculous drugs in two cases which had airway obstruction proximal to lobar bronchus with the impairment of pulmonary function. We also treated another two cases only with chemotherapy and we have followed up four cases over a 36-month period. In cases that bronchoscopic electrocautery was done, the bronchial patency was completely restored and the impairment of pulmonary function disappeared just after cautery and these effects have remained for 12 months or more. But in cases of medical treatment only, bronchial stenosis was inevitable as the tumorous type of endobronchial tuberculosis changed to the stenotic type with fibrosis. It can be concluded that bronchoscopic electrocautery can nip the occurence of bronchial stenosis in the bud when it is applied in addition to combination chemotherapy with steroid and antituberculous drugs in the tumorous type of endobronchial tuberculosis.