Apostolos Kountouris

Secure Lossless Aggregation for Smart Grid M2M Networks

Whilst security is generally perceived as an important constituent of communication systems, this paper offers a viable security-communication-tradeoff particularly tailored to Advanced Metering Infrastructures (AMIs) in Smart Grid systems. These systems, often composed of embedded nodes with highly constrained resources, require e.g.~metering data to be delivered efficiently whilst neither jeopardizing communication nor security. Data aggregation is a natural choice in such settings, where the challenge is to facilitate per-hop as well as end-to-end security. The prime contribution of this paper is to propose a secure aggregation protocol that meets the requirements of Smart Grids, and to analyze its efficiency considering various system configurations as well as the impact of the wireless channel through packet error rates. Relying on analysis and corroborative simulations, unprecedented design guidelines are derived which determine the operational point beyond which aggregation is useful as well quantifying the superiority of our protocol w.r.t. non-aggregated solutions.

Low-power low-rate goes long-range: the case for secure and cooperative machine-to-machine communications

The vision of connecting a large amount of objects on this planet to improve well-being and safety is slowly taking shape. Preceded by a decade-long era of research on low-power low-rate short-range wireless sensor networks, first proprietary and later standards-compliant embedded technologies have successfully been put forward. Cellular machine-to-machine (M2M) is taking this technology to a next step where communication ranges are significantly extended by relying on cellular infrastructure. This position paper discusses these emerging paradigms and highlights how cooperative as well as security requirements are core to their designs.

Secure Lossless Aggregation Over Fading and Shadowing Channels for Smart Grid M2M Networks

While security is generally perceived as an important constituent of communication systems, this paper offers a viable security-communication trade-off particularly tailored to smart grids. These systems, often composed of embedded nodes with highly constrained resources, require, e.g., metering data to be delivered efficiently while neither jeopardizing communication nor security. Data aggregation is a natural choice in such settings, where an additional challenge is to facilitate per-hop and end-to-end security as well as a mechanism to protect the valid nodes from exhaustion threats. The prime contribution of this paper is to include into the security design framework issues related to aggregation, wireless fading and shadowing channels, physical layer parameters (such as choice of modulation, packet length, channel coder), medium access control parameters (such as average number of transmissions), routing parameters (such as choice of route). Relying on analysis and corroborating simulations, unprecedented design guidelines are derived which determine the operational point beyond which aggregation is useful as well quantifying the superiority of our protocol enriched with a protection mechanism against nonintended packets (malicious or nonmalicious) w.r.t. nonaggregated and/or unsecured solutions.

Resiliency of wireless sensor networks: Definitions and analyses

This paper considers security in wireless sensor networks (WSNs), focusing at the routing layer. We propose to analyze the behavior of some routing protocols according to attacks stemming from compromised nodes. Such malicious nodes could disrupt the routing functionality (node replication, Sybil attacks or Black-Grey-Sink holes). For such adversary models traditional cryptographic solutions are not enough by themselves but need to be completed by algorithmic solutions considering “beyond cryptography” approaches. Emphasizing internal attacks, with security features of routing in mind, we define the resiliency as the ability of a network to continue to operate in presence of k compromised nodes, i.e. the capacity of a network to endure and overcome internal attacks. In this context, we analyze four particular routing protocols (DSR, Gradient based, Greedy forwarding and Random walk routing). Using intensive simulations, we test their resiliency in presence of several compromised nodes in several adversary models.

A New Metric to Quantify Resiliency in Networking

In network protocol engineering resiliency is still a relatively new and somewhat ill-defined concept. Insofar only few studies attempt to define some metric to measure and thus quantify resiliency. In this paper we propose to quantify network resiliency along multiple parameters and further we introduce a two dimensional graphical representation with multiple axes forming an equiangular polygon surface. This method allows to aggregate meaningfully several parameters and makes it easier to visually discern various tradeoffs thus greatly simplifying the process of protocol comparison. Finally, this method is flexible and can be applied to various networking contexts.

Autonomous Decision Making Process for the Dynamic Reconfiguration of Cognitive Radios

The aim of this paper is to present a generic cognitive framework for autonomous decision making with regard to multiple, possibly conflicting, operational objectives in the face of a time-varying environment. The framework is based on the definition of two scales introducing order relationships between the configurations that help the reasoning and learning processes. The resulting cognitive engine learns from scratch to identify the optimal configuration with regard to the design objectives given the current radio environment. The proposed approach is validated on a case of cognitive waveform design voluntarily kept simple for illustration purpose. The possibility of extending this framework to more complex problems is also discussed.

Optimizing energy-efficiency of PHY-Layer authentication in machine-to-machine networks

Security issues are gaining in importance for machine-to-machine (M2M) networks, mainly because thousands of devices are left unattended for years of operation without the possibility of human intervention. One of the most critical security issues is the prevention of denial of service (DoS) attacks, given the limited capabilities of the M2M devices and the wireless communication settings. To this end, we had earlier introduced a novel recursive PHY-Layer security scheme which was shown to yield enormous benefits with regards to DoS attacks [1]. Recognizing the importance of the thus required synchronization window and the possibility of desynchronization because of poor channel conditions, we introduce a novel synchronization process. For said process, we calculate the optimum synchronization window length taking error rates into account. The analysis allows minimizing energy expenditure and also quantifies the impact onto memory and CPU. The analysis is corroborated by simulations which confirm significant performance improvements.

A randomized algorithm for controlling the round-off error accumulation in recursive digital frequency synthesis (DFS)

Recursive methods for digital frequency synthesis (DFS) exhibit numerical instability due to the round-off error propagation and accumulation in the finite precision digital computations. Because of this, despite their simplicity and other desirable features, recursive DFS methods are generally avoided in practice. In this paper we present a method that solves this numerical instability problem for the coupled form oscillator (CFO) method in a simple manner by randomizing the selection of the rotation phase-step. The internal process uncertainty, induced by the truncation of intermediate computation results, is used for randomization. Interestingly this results in the self-stabilizing property of the proposed method.

Energy-efficient physical layer packet authenticator for machine-to-machine networks

Machine-to-machine networks are spreading over every sector of our society due to their self-organisation capabilities. In these networks, thousands of devices are left unattended for years of operation without the possibility of human intervention. In this sense, every step forward into avoiding early exhaustion of the network nodes is of paramount importance. We have introduced a novel authentication scheme that is able to discard non-intended and/or non-legitimate packets just after the reception of the physical preamble. This proposal was shown to yield enormous energy saving with regard to both node exhaustion attacks and normal network operation. In this paper, we extend that work with a novel synchronisation protocol that addresses previous desynchronisation issues. Besides, we analyse and propose the more appropriate deployment parameters that maximise the overall energy savings. We also detail the necessary key generation and key updating processes required to manage the in use keying material. Moreover, we show how to fit the proposed mechanism into the IEEE 802.15.4e amendment to the IEEE 802.15.4-2006 standard, as many companies have decide to go for this technology for the development of machine-to-machine networks

A generic cognitive framework for supervising the radio dynamic reconfiguration

Cognitive radio is a technological concept pushing for the introduction of intelligent radio operation that goes beyond traditional system adaptation. So far, a rather limited amount of work has been published on the cognitive mechanisms that should be embedded into communicating equipments to achieve such an intelligent behavior. This paper presents a generic cognitive framework for autonomous decision making with regard to multiple, possibly conflicting, operational objectives in a time-varying environment. The framework is based on the definition of two scales introducing order relationships between the configurations that help the reasoning and learning processes. The resulting cognitive engine learns to progressively identify the optimal configurations for the design objectives imposed given the current radio environment. The proposed approach is illustrated for a case of cognitive waveform design and extensive simulation results validate the cognitive engine behavior.