Gicheol Wang

K-GENI testbed deployment and federated meta operations experiment over GENI and KREONET

The classical Internet has confronted many drawbacks in terms of network security, scalability, and performance, although it has strongly influenced the development and evolution of diverse network technologies, applications, and services. Therefore, new innovative research on the Future Internet has been performed to resolve the inherent weaknesses of the traditional Internet, which, in turn, requires new at-scale network testbeds and research infrastructure for large-scale experiments. In this context, K-GENI has been developed as an international programmable Future Internet testbed in the GENI spiral-2 program, and it has been operational between the USA (GENI) and Korea (KREONET) since 2010. The K-GENI testbed and the related collaborative efforts will be introduced with two major topics in this paper: (1) the design and deployment of the K-GENI testbed and (2) the federated meta operations between the K-GENI and GENI testbeds. Regarding the second topic in particular, we will describe how meta operations are federated across K-GENI between GMOC (GENI Meta Operations Center) and DvNOC (Distributed virtual Network Operations Center on KREONET/K-GENI), which is the first trial of an international experiment on the federated network operations over GENI.

Lightweight Key Renewals for Clustered Sensor Networks

In sensor networks, sensors are likely to be c aptured by attackers because they are usually deployed in an unprotected or even a hostile environment . If an adversarial compromises a sensor, he/she uses the keys from the compromised sensor to uncover the keys of others sensors. Therefore, it is very important to renew the keys of sensors in a proactive or reactive manner. Even though many group key renewal schemes have been proposed, they have some security flaws. First, they employ a single group key in a cluster so that the compromise of one sensor discloses the group key . Second, they evict the compromised nodes by updating the compromised keys with non-compromised keys. This eviction scheme is useless when the non-compromised keys are exhausted due to the increase of compromised nodes. In this paper, we propose a lightweight key renewal scheme , which evicts the compromised nodes clearly by reforming clusters excluding compromised nodes. Besides, in a cluster, each member employs a pairwise key for communication with its CH (Cluster Head) so that our scheme is tolerable against sensor compromise. Our simulation results prove that the proposed scheme is more tolerable against the compromise of sensors and it is more energy-saving than the group key renewal schemes.

Secure Cluster Head Sensor Elections Using Signal Strength Estimation and Ordered Transmissions

In clustered sensor networks, electing CHs (Cluster Heads) in a secure manner is very important because they collect data from sensors and send the aggregated data to the sink. If a compromised node is elected as a CH, it can illegally acquire data from all the members and even send forged data to the sink. Nevertheless, most of the existing CH election schemes have not treated the problem of the secure CH election. Recently, random value based protocols have been proposed to resolve the secure CH election problem. However, these schemes cannot prevent an attacker from suppressing its contribution for the change of CH election result and from selectively forwarding its contribution for the disagreement of CH election result. In this paper, we propose a modified random value scheme to prevent these disturbances. Our scheme dynamically adjusts the forwarding order of contributions and discards a received contribution when its signal strength is lower than the specified level to prevent these malicious actions. The simulation results have shown that our scheme effectively prevents attackers from changing and splitting an agreement of CH election result. Also, they have shown that our scheme is relatively energy-efficient than other schemes.

A Pair-Wise Key Agreement Scheme in Ad Hoc Networks

Mobile Ad-hoc networks are exposed to various security threats because all traffics are carried in air and there is no central management authority. For the sake of secure communication in an Ad-hoc network, a scheme is inevitable to securely distribute security keys in the network. Based on the cluster structure and the verifiable secret sharing scheme[1], this paper proposes a pairwise key agreement scheme which is secure and induces a lower overhead. The proposed scheme is safe against a man-in-the-middle attack while not all private keys within the destination’s cluster are exposed. In addition, our simulation result shows that the proposed scheme is more efficient and scalable than CABM(Clusterhead Authentication Based Method)[2].

A lightweight key renewal scheme for clustered sensor networks

In sensor networks, sensors are prone to be captured by attackers because they are usually deployed in unattended surroundings. If an adversarial compromises a sensor, he/she uses the keys from the compromised sensor to uncover the keys of others sensors. Therefore, it is very important to renew the keys of sensors in a periodic or reactive manner. Even though many group key renewal schemes for distributed key renewals have been proposed, they expose some flaws. First, they employ a single group key in a cluster so that the compromise of one sensor discloses the group key. Second, they evict the compromised nodes by updating the compromised keys with non-compromised keys. This eviction scheme is useless when the non-compromised keys are exhausted due to the increase of compromised nodes. In this paper, we propose a lightweight key renewal scheme, which evicts the compromised nodes clearly by reforming clusters without compromised nodes. Besides, in a cluster, each member employs a pairwise key for communication with its CH (Cluster Head) so that our scheme is tolerable against sensor compromise. Our simulation results prove that the proposed scheme is more tolerable against the compromise of sensors and it is more energy-saving than the group key renewal schemes.

Reputation-based cluster head elections in wireless sensor networks

In clustered sensor networks, because CHs (cluster heads) collect data from sensors and transmit the aggregated data to the sink, it is very important to elect the CHs in a secure manner. In order to protect CH elections from attackers, unpredictability, non-manipulability, and agreement property should be guaranteed in CH elections. However, existing schemes for secure CH election cannot prevent intelligent attackers from violating the properties via cooperation. In this paper, we propose a scheme that securely elects CHs by detecting intelligent attackers and excluding them. For every CH election round, each CH candidate provides reputation values to other CH candidates according to their behavior and extracts real reputation values. Then, each node evaluates the real reputation values of members in its cluster and excludes some disreputable nodes from CH candidates. The scheme greatly enhances the non-manipulability and agreement property of CH election results compared to other rival schemes. Furthermore, the scheme presents higher non-manipulability and higher agreement property than other schemes, even in an environment where message losses can occur.

An adaptive UDT congestion control method with reflecting of the network status

Nowadays, most of networks support several tens of Gb/s with advance of the optical technologies. However, TCP protocol is known to be less suitable for fast transmission due to its AIMD characteristic. As an alternative, UDT protocol has been invented to efficiently utilize network bandwidth; it periodically controls the sending rate for the fixed sync-interval, 0.01 sec. Here, if the network status varies quickly, the available bandwidth is not able to be properly utilized in-between the sync-intervals. In this paper, we propose an adaptive congestion control method in order to reflect the network status. The network status is estimated based on RTT variances. It is divided into four classes, and then properly utilized to differentiate the sending rate. The simulation results show that the proposed method improves the message delivery throughput as well as stability than that of the UDT protocol.

A secure key agreement scheme in low-energy wireless sensor networks

Ubiquitous computing environment provides users with information access anytime and anywhere. In particular, sensor networks must be broadly deployed in real world and utilized to ensure the safety of the human life. In cryptography aspect, key agreement protocol is very important element to exchange messages safely between sensor nodes. This concern originates from the fact that sensor nodes are highly vulnerable to faults, energy depletions, and security attacks. The open problems are how to verify the identity of communicating nodes, how to set up a session key between communicating nodes, and how to minimize any information about the keys disclosed to the other side of key agreement. To solve above problems, we propose a secure key agreement scheme for low-energy sensor networks. Our scheme is based on the MRS scheme and enhances the security by hiding unshared keys and the number of shared keys. Besides, it resolves the weak points in encryption mechanism of MRS by employing multiple random numbers. Performance and security analyses have proven that our scheme is suitable for sensor networks in terms of availability and security aspects

A pair-wise key establishment scheme without predistributing keys for ad-hoc networks

This paper deals with a pair-wise key establishment scheme without pre-distributing keys for ad-hoc networks. The scheme is based on the Diffie-Hellman key exchange protocol. It makes use of the one-time password to prevent a falsification of Diffie-Hellman values. Additionally, it forces each node to prove its long-term secret key ownership to provide mutual authentication. Security analyses prove that it is secure against various attacks. Also, simulation results show that it significantly reduces the number of messages to be exchanged over the probabilistic key pre-distribution scheme.

Securing Cluster Head Elections in Wireless Sensor Networks

In wireless sensor networks, since a CH gathers data from members and delivers the gathered data to the sink, preventing a compromised node from being a CH is very important. Even though unveiling the CH election process enhances the security of network, it cannot prevent compromised nodes from declaring themselves as CHs without qualification. In this paper, we propose a scheme which identifies the compromised nodes by evaluating the trust level of members and excludes untrustworthy nodes every CH election round. Our analyses show that our scheme outperforms the scheme which only unveils the CH election process without filtering.