Avijit Mathur

Defence against black hole and selective forwarding attacks for medical WSNs in the IoT

Wireless sensor networks (WSNs) are being used to facilitate monitoring of patients in hospital and home environments. These systems consist of a variety of different components/sensors and many processes like clustering, routing, security, and self-organization. Routing is necessary for medical-based WSNs because it allows remote data delivery and it facilitates network scalability in large hospitals. However, routing entails several problems, mainly due to the open nature of wireless networks, and these need to be addressed. This paper looks at two of the problems that arise due to wireless routing between the nodes and access points of a medical WSN (for IoT use): black hole and selective forwarding (SF) attacks. A solution to the former can readily be provided through the use of cryptographic hashes, while the latter makes use of a neighbourhood watch and threshold-based analysis to detect and correct SF attacks. The scheme proposed here is capable of detecting a selective forwarding attack with over 96% accuracy and successfully identifying the malicious node with 83% accuracy.

Medical WSN: Power, routing and selective forwarding defense

Different aspects of Wireless sensor networks (WSN) are currently being studied. Some of the important aspects would be clustering, routing and security. This paper looks at the problems arising due to wireless routing between nodes of a medical WSN. Here, the focus is on selective forwarding (SF) attacks. As a solution, we have described a secure routing protocol with test-bed simulation results. This protocol is capable of detecting and correcting the SF attack. The results show that the power consumed during the detection phase is only 152μW more than the power consumed during normal phase.

FPGA Based Reconfigurable IPSec AH Core Suitable for IoT Applications

Real-world deployments of Internet of Things (IoTs) applications require secure communication. The IPSec (Internet Protocol Security) is an important and widely used security protocol (in the IP layer) to provide end to end secure communication. Implementation of the IPSec is a computing intensive work, which significantly limits the performance of the high speed networks. To overcome this issue, hardware implementation of IPSec is a best solution. IPSec includes two main protocols namely, Authentication Header (AH) and Encapsulating Security Payload (ESP) with two modes of operations, transport mode and tunnel mode. In this work we presented an FPGA implementation of IPSec AH protocol. This implementation supports both, tunnel and transport mode of operation. Cryptographic hash function called Secure Hash Algorithm -- 3 (SHA-3) is used to calculate hash value for AH protocol. The proposed IPSec AH core can be used to provide data authentication security service to IoT applications.

Cluster head election and rotation for medical-based wireless sensor networks

Wireless sensor networks (WSN) are a growing field with applications in different areas that include the Medical industry. Each application raises different concerns, challenges, and requirements. This paper looks at a Cluster in a Medical WSN, and focuses on the election of a Cluster Head (CH), its power consumption, and rotation frequency. The rotation of CH is important because it allows for a load-balanced cluster i.e. helping mitigate network energy consumption. In the implemented system, our work shows improvement in power/energy consumption compared to the related work.

Efficient and High Speed FPGA Bump in the Wire Implementation for Data Integrity and Confidentiality Services in the IoT

Data integrity is a term used when referring to the accuracy and reliability of data. It ensures that data is identically maintained during any operation, such as transfer, storage, or retrieval. Any changes to data, for example malicious intention, unpredicted hardware failure or human error would results in failure of data integrity. Cryptographic hash functions are generally used to provide for the verification of data integrity. The Internet of Things (IoT) is a world where billions of objects can sense, share information and communicate over interconnected public or private Internet Protocol (IP) networks. As the adoption of IoT becomes pervasive, the quantity of data that is captured and stored becomes larger. For many IoT applications, hardware implementations of cryptographic hash algorithms will be needed to provide high speed and near real time data integrity checking. ASICs and FPGAs are the two hardware platforms that can be used for these implementations. Currently FPGA is seen as the best leading platform of the modern era in terms of flexibility, reliability and re-configurability. In this chapter an efficient high speed FPGA implementation of the newly selected hash algorithm, SHA-3, is proposed. This high speed implementation can be used with IoT applications to provide near real time data integrity checks. In addition an efficient FPGA based implementation of the Advanced Encryption Standard (AES) is provided. The provision of these FPGA based implementations allows both data integrity and data confidentiality to be provided for high speed IoT applications in addition to enabling low cost Bump In The Wire (BITW) technology to be provided for Internet Protocol Security (IPSec) provision for all IoT applications.

Bump in the wire (BITW) security solution for a marine ROV remote control application

Abstract The work presented here describes a Bump-In-The-Wire (BITW) security solution for the provision of secure communications for a Marine ROV Control Application. The targeted marine application involves controlling a ‘Remotely Operated Vehicle (ROV)’ from a remote control station through standard Internet. A BITW solution is required as communication through the Internet is inherently insecure and open to signal modification or tampering. BITW technology is an implementation approach that places a security mechanism outside and independent of the system that is to be protected, in this case that is a ROV and its remotely located control station. Secure communications between the ROV and the remote control station is necessary to ensure that only authorised persons can issue control commands to the ROV and that no unauthorised individual can understand/sniff the communications between the ROV and control station. The proposed BITW security solution involves an efficient implementation of the AES cryptographic algorithm on a Field Programmable Gate Array (FPGA) platform. The extra delay introduced into the remote control application was well within the allowable time window of 50 ms. Other security mechanisms can also be implemented in the same way depending upon the availability of hardware resources.

Reconfiguration of neighbouring nodes in coastal monitoring wireless sensor networks based on leader node recommendation

Maritime environmental monitoring based on wireless sensor networks is a challenging area of research due to the characteristics of the water environment. Thus, there are certain designing considerations must be taken into account, for instance network architecture, remote sensor data management and security of data transmission. The system must have the ability to adjust its sensor members in the network in response to environmental changes, and the condition of sensor nodes. In terms of data security, our scheme applied number of security algorithms on the network, such as advanced encryption standard based wireless sensor networks and message digest algorithm, which is providing source travelling data via authenticated sensor nodes to end user. For the sake of network stability, this work presents new technique relaying on recommendation for node called Leader node. This node is monitoring all network members behavior and reconstruct the network topology in case of abnormal member behavior. The system has been tested in real time on Waspmote sensor platform in University of Limerick Campus.

An FPGA-based reconfigurable IPSec AH core with efficient implementation of SHA-3 for high speed IoT applications

The need for securing data across the Internet has become a fundamental issue over the last decade. The Internet protocol security IPSec standard has been developed as one solution to the problem of end-to-end secure communications. IPSec implementation is computationally intensive and can significantly limit the performance of high-speed networks. To overcome this speed issue, hardware implementations of IPSec offer the best solution. This work presents a field programmable gate array-based reconfigurable IPSec authentication header AH core. AH is one of the two main IPSec protocols, namely, AH and encapsulating security payload, and it supports both transport and tunnel modes of operations. For the AH protocol, a newly selected cryptographic hash function called secure hash algorithm-3 SHA-3 is implemented and used in this work. SHA-3 is implemented using a unique two-phase implementation approach that combines all the steps of SHA-3. The resultant equations, after combining the SHA-3 steps, are implemented as a proposed high-speed architecture, which results in data throughput in the gigabits per second range. The AH core proposed here outperforms other published techniques and is capable of supporting IPv4 datagrams for both modes of operation transport and tunnel and also can be used to provide security services for Internet of things applications that require high data throughput speeds. Copyright

High Speed Implementation of a SHA-3 Core on Virtex-5 and Virtex-6 FPGAs

This work presents a novel technique for a high-speed implementation of the newly selected cryptographic hash function, Secure Hash Algorithm-3 (SHA-3) on Xilinx’s Virtex-5 and Virtex-6 Field Programmable Gate Arrays (FPGAs). The proposed technique consists of a two-phase implementation approach. In the first phase, all steps of the SHA-3 core are logically combined, which helps to eliminate the intermediate states of core function, these states utilize more area and also slow the execution. The second phase deals with the hardware implementation of the first phase equations using Xilinx Look-Up-Table (LUT) primitives. This two phase implementation technique results in a throughput of 19.241Gbps on a Virtex-6 FPGA; this is the highest reported throughput to date for an FPGA implementation of SHA-3. This high throughput makes this technique ideally suited for the provision of Bump In The Wire (BITW) security for Internet of Things (IoT) applications.

FPGA Based Real Time 'Secure' Body Temperature Monitoring Suitable for WBSN

In wireless body sensor networks (WBSNs), sensors continuously monitor human physiological activities using medical sensors, for example, blood pressure, body temperature and electrocardiography (ECG). A WBSN can be used to develop a patient monitoring system. The traditional body sensor networks (BSNs) have limited hardware resources in terms of computational capabilities, data processing speed, memory and battery life. Also these BSNs are generally not suitable for the implementation of security mechanisms, reason is that, implementation of security mechanisms require relatively more hardware resources because of the complexity of their algorithms. To get rid of these limitations a Field Programmable Gate Array (FPGA) device is suitable because of its flexible architecture and high performance features. In this paper an FPGA based experimental framework is investigated to implement real time body temperature monitoring with reliable data transmission, using data integrity verification. This data integrity check is very important for patient monitoring systems as unreliable data could lead the healthcare professionals to make an incorrect diagnosis concerning patients health. The data integrity verification is achieved using newly selected cryptographic hash function called, SHA-3 (Secure Hash Algorithm-3). To the best of authors knowledge, all previously published FPGA based WBSNs implementations did not implemented any security mechanisms to secure physiological data, so this work is the first contribution regarding it.