• Journal of KIISE:Information Networking
• /
• v.35 no.1
• /
• pp.76-90
• /
• 2008

Wireless sensor networks are expected to play a vital role in the upcoming age of ubiquitous computing such as home environmental, industrial, and military applications. Compared with the vivid utilization of the sensor networks, however, security and privacy issues of the sensor networks are still in their infancy because unique challenges of the sensor networks make it difficult to adopt conventional security policies. Especially, node compromise is a critical threat because a compromised node can drain out the finite amount of energy resources in battery-powered sensor networks by launching various insider attacks such as a false data injection. Even cryptographic authentication mechanisms and key management schemes cannot suggest solutions for the real root of the insider attack from a compromised node. In this paper, we propose a novel trust-based secure aggregation scheme which identifies trustworthiness of sensor nodes and filters out false data of compromised nodes to make resilient sensor networks. The proposed scheme suggests a defensible approach against the insider attack beyond conventional cryptographic solutions. The analysis and simulation results show that our aggregation scheme using trust evaluation is more resilient alternative to median.

• Convergence Security Journal
• /
• v.8 no.1
• /
• pp.19-26
• /
• 2008

In wireless sensor networks, an adversary can launch the wormhole attacks, where a malicious node captures packets at one location and tunnels them to a colluding node, which retransmits them locally. The wormhole attacks are very dangerous against routing protocols since she might launch these attacks during neighbor discovery phase. A strategic placement of a wormhole can result in a significant breakdown in communication across the network. This paper presents a compromise-resilient tunneled packet filtering method for sensor networks. The proposed method can detect a tunneled message with hop count alteration by a comparison between the hop count of the message and one of the encrypted hop counts attached in the message. Since the proposed method limits the amount of security information assigned to each node, the impact of wormhole attacks using compromised nodes can be reduced.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.1 no.1
• /
• pp.1-17
• /
• 2007

This paper proposes and analyzes a scalable and an efficient cluster based group key management protocol by introducing identity based infrastructure for secure communication in mobile wireless sensor networks. To ensure scalability and dynamic re-configurability, the system employs a cluster based approach by which group members are separated into clusters and the leaders of clusters securely communicate with each other to agree on a group key in response to changes in membership and member movements. Through analysis we have demonstrated that our protocol has a high probability of being resilient for secure communication among mobile nodes. Finally, it is established that the proposed scheme is efficient for secure positioning in wireless sensor networks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.1
• /
• pp.62-77
• /
• 2010

Emerging applications with high data rates will need to transport bulk data reliably in wireless sensor networks. ARQ (Automatic Repeat request) or Forward Error Correction (FEC) code schemes can be used to provide reliable transmission in a sensor network. However, the naive ARQ approach drops the whole frame, even though there is a bit error in the frame and the FEC at the bit level scheme may require a highly complex method to adjust the amount of FEC redundancy. We propose a bulk data transmission scheme based on erasure-resilient code in this paper to overcome these inefficiencies. The sender fragments bulk data into many small blocks, encodes the blocks with LT codes and packages several such blocks into a frame. The receiver only drops the corrupted blocks (compared to the entire frame) and the original data can be reconstructed if sufficient error-free blocks are received. An incidental benefit is that the frame error rate (FER) becomes irrelevant to frame size (error recovery). A frame can therefore be sufficiently large to provide high utilization of the wireless channel bandwidth without sacrificing the effectiveness of error recovery. The scheme has been implemented as a new data link layer in TinyOS, and evaluated through experiments in a testbed of Zigbex motes. Results show single hop transmission throughput can be improved by at least 20% under typical wireless channel conditions. It also reduces the transmission time of a reasonable range of size files by more than 30%, compared to a frame ARQ scheme. The total number of bytes sent by all nodes in the multi-hop communication is reduced by more than 60% compared to the frame ARQ scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.12
• /
• pp.5189-5208
• /
• 2015

To address the contradiction between data aggregation and data security in wireless sensor networks, a Recoverable Privacy-preserving Integrity-assured Data Aggregation (RPIDA) scheme is proposed based on privacy homomorphism and aggregate message authentication code. The proposed scheme provides both end-to-end privacy and data integrity for data aggregation in WSNs. In our scheme, the base station can recover each sensing data collected by all sensors even if these data have been aggregated by aggregators, thus can verify the integrity of all sensing data. Besides, with these individual sensing data, base station is able to perform any further operations on them, which means RPIDA is not limited in types of aggregation functions. The security analysis indicates that our proposal is resilient against typical security attacks; besides, it can detect and locate the malicious nodes in a certain range. The performance analysis shows that the proposed scheme has remarkable advantage over other asymmetric schemes in terms of computation and communication overhead. In order to evaluate the performance and the feasibility of our proposal, the prototype implementation is presented based on the TinyOS platform. The experiment results demonstrate that RPIDA is feasible and efficient for resource-constrained sensor nodes.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.9C
• /
• pp.855-862
• /
• 2009

The path key establishment phase in the wireless sensor network is vulnerable to Byzantine attack. Huang and Hedhi proposed a Byzantine resilient multi-key establishment scheme using a systematic RS code, which has shortcomings of exposing a part of message symbols and inefficient transmission. In this paper, we propose a new Byzantine resilient multi-path key establishment scheme in which direct message symbols are not exposed to an adversary and are more efficiently transmitted the RS-encoded symbols to the destination node. In the Proposed scheme, a non-systematic RS code is used to transmit a generated indirect secret key and each encoded symbol is relayed through available paths between two sensor nodes. If enough symbols are collected at the destination node, it is possible to reconstruct the secret message through RS decoding.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.8B
• /
• pp.482-491
• /
• 2007

This paper proposes a k-disjoint-path routing algorithm that provides energy efficient and reliable message transmission in wireless sensor networks. The proposed algorithm sends messages through a single path without the occurrence of critical events. However, it sends through k disjoint paths(k>1) under the occurrence of critical events. The proposed algorithm detects the occurrence of critical events by monitoring changing data patterns, and calculates k from a well-defined fault model and the target-delivery ratio. Our simulations reveal that the proposed algorithm is more resilient to node failure than other routing algorithms, and it also decreases energy consumption and reduces the average delay much more than multi-path and path-repair algorithms.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.5
• /
• pp.487-491
• /
• 2008

This paper proposes the Byzantine fault tolerant clock synchronization scheme for wireless sensor networks to cope with the clock synchronization disturbance attack of malicious nodes. In the proposed scheme, a node which is requiring clock synchronization receives 3m+1 clock synchronization messages not only from its parent nodes but also from its sibling nodes in order to tolerate malicious attacks even if up to m malicious nodes exist among them. The results show that the proposed scheme is 7 times more resilient to the clock synchronization disturbance attack of malicious nodes than existing schemes in terms of synchronization accuracy.

• The Journal of the Korea Contents Association
• /
• v.10 no.7
• /
• pp.70-80
• /
• 2010

Due to the resource limitations of sensor nodes, providing a security protocol is a particular challenge in sensor networks. One popular method is the neighborhood-based key agreement protocol (NEKAP). NEKAP is an efficient and lightweight protocol, but it includes loopholes through which adversaries may launch replay attacks by successfully masquerading as legitimate nodes. In this paper, we present a modified security protocol for wireless sensor networks. We provide four types of keys for each node, which adapt to different security requirements; and an improvement is made to alleviate the replay attack. According to our qualitative performance analyses, the proposed security protocol provides effectiveness in terms of authentication security, attacking node detection, and replay attack resilience when compared to the conventional method.

• Journal of information and communication convergence engineering
• /
• v.6 no.3
• /
• pp.255-260
• /
• 2008

In the recently years, there has been a big interest in ad hoc wireless network as they have tremendous military and commercial potential. An Ad hoc wireless network is composed of mobile computing devices that use having no fixed infrastructure of a multi-hop wireless network formed. So, the fact that limited resource could support the network of robust, simple framework and energy conserving etc. In this paper, we propose a new ad hoc multicast routing protocol for based on the ontology scheme called inference network. Ontology knowledge-based is one of the structure of context-aware. And the ontology clustering adopts a tree structure to enhance resilient against mobility and routing complexity. This proposed multicast routing protocol utilizes node locality to be improve the flexible connectivity and stable mobility on local discovery routing and flooding discovery routing. Also attempts to improve route recovery efficiency and reduce data transmissions of context-awareness. We also provide simulation results to validate the model complexity. We have developed that proposed an algorithm have design multi-hierarchy layered networks to simulate a desired system.