Hae Young Lee

Fuzzy key dissemination limiting method for the dynamic filtering-based sensor networks

The dynamic en-route filtering scheme (DEF) proposed by Yu and Guan was designed to detect and drop false reports in wireless sensor networks. In this scheme the choice of a threshold value that limits the key dissemination is important since it represents a trade-off between detection power and overhead. A large threshold value increases the probability of detecting false reports but it consumes too much energy in the key dissemination phase. Thus, we should choose a threshold value such that it provides sufficient detection power, while consumes energy effectively. In this paper we propose a key dissemination limiting method for DEF. The threshold value to limit the key dissemination is determined by a fuzzy rule-based system with consideration of the energy level of the network, the number of keys in a cluster, and the distance from the base station (BS) to that cluster. The simulation results show that the proposed method can conserve energy, while it provides sufficient detection power.

Fuzzy-based reliable data delivery for countering selective forwarding in sensor networks

In wireless sensor networks, an adversary can use compromised nodes or outside jammer to launch selective forwarding attacks in which malicious nodes may refuse to forward certain messages and simply drop them, ensuring that they are not propagated any more. Multipath routing can be used to counter selective forwarding attacks. However, communication overheads in multipath routing increase dramatically as the number of paths increases. In this paper, we propose a fuzzy-based reliable data delivery method to counter selective forwarding attacks. The number of paths for data delivery is determined by a fuzzy logic with consideration of the energy level of the network and the number of malicious nodes. The proposed method uses the propagation limiting method as a means for routing if multipath routing is insufficient for reliable data delivery.

Fuzzy Logic Based Key Disseminating in Ubiquitous Sensor Networks

The dynamic en-route filtering scheme is designed to filter out forged sensing reports en-route in ubiquitous sensor networks. In this scheme, the keys of each node used to authenticate reports are forwarded to and shared with some of its neighbor nodes during the initial phase. This paper present a fuzzy logic based key dissemination method in which the number of neighbor nodes to share the keys is determined by a fuzzy rule based system with the consideration of the network conditions. The proposed method can provide more flexibility and sufficient detection power, while it does not consume much energy.

Fuzzy-Based Detection of Injected False Data in Wireless Sensor Networks

Wireless sensor networks are vulnerable to false data injection attacks in which an adversary injects fabricated reports into the network with the goal of deceiving the base station or of draining the energy resources. Several security solutions against the attacks have been proposed by researchers. Most of them, however, make nodes to involve additional computation and communication overhead in the report generation and forwarding processes, which may result in extra energy consumption. This paper presents a false data detection method that exploits a fuzzy rule-based system to verify the authenticity of sensing reports in sensor networks. Three parameters computed based on the collected reports in the base station are used for the verification. Compared to the existing crisp-based detection solutions, the method can reduce errors in the detection, thanks to approximate reasoning provided by fuzzy logic. Compared to the en-route filtering solutions, extra energy can be also conserved since it involves neither complex report generation nor en-route verification.

Fuzzy-Based adaptive threshold determining method for the interleaved authentication in sensor networks

When sensor networks are deployed in hostile environments, an adversary may compromise some sensor nodes and use them to inject false sensing reports. False reports can lead to not only false alarms but also the depletion of limited energy resource in battery powered networks. The interleaved hop-by-hop authentication scheme detects such false reports through interleaved authentication. In this scheme, the choice of a security threshold value is important since it trades off security and overhead. In this paper, we propose a fuzzy logic-based adaptive threshold determining method for the interleaved authentication scheme. The fuzzy rule-based system is exploited to determine a security threshold value by considering the number of cluster nodes, the number of compromised nodes, and the energy level of nodes. The proposed method can conserve energy, while it provides sufficient resilience.

Environment-based Selection Method for En-route Filtering Scheme using Fuzzy Logic

Nodes in sensor networks can be easily compromised by an adversary due to hostile environments in which compromised nodes could be used to inject false reports into the network. The dynamic en-route scheme can detect and drop such false reports during the forwarding phase . In this scheme , choosing a threshold value is important as this gives a trade off between security of power and energy consumption. Th us , a threshold value should be chosen such that it provides sufficient resilience, yet is small enough to conserve energy. This paper presents a fuzzy-based threshold determination method for the dynamic en-route scheme to filter false reports in wireless sensor networks. The base station periodically determines the threshold value using a fuzzy rule-based system. The resilience and energy efficiency of the proposed method, against false data injection attacks, are demonstrated using simulation studies .

Fuzzy security parameter determining method for the commutative cipher based filtering in sensor networks

Sensor networks are often deployed in hostile environments, thus leaving these networks vulnerable to false data injection attacks in which adversaries inject forged reports into the network through compromised nodes, with the goal of deceiving the base station or depleting the limited energy resources of forwarding nodes. The commutative cipher based en-route filtering scheme was proposed to detect and drop such forged reports during the forwarding process. In this scheme, the choice of a security parameter represents a trade-off between detection capability and overhead. In this paper, we propose a fuzzy based adaptive parameter determining method in which the security parameter is adaptively determined by a fuzzy rule based system. False traffic ratio, distance, and energy level are used to determine the security parameter. The effectiveness of the proposed method against false data injection attacks is shown by the simulation results.

SECURITY REQUIREMENT REPRESENTATION METHOD FOR CONFIDENCE OF SYSTEMS AND NETWORKS

Software vulnerability is a key determiner of confidence in computer systems and networks. Usually, software requirements are listed at the beginning of software design, whereas vulnerabilities appear only after development is complete and sometimes only after the system is operational. Therefore, the security requirements during the design stage should address software vulnerabilities. This paper presents a method of representing software vulnerabilities as atomic vulnerabilities (AVs): an AV is an undividable cause-unit of vulnerability, and a set of AVs and the relationships among them represent software vulnerabilities. The AV concept originates from system theory and modeling methodology. AVs and the relationships among them can be used to construct a behavioral model of systems and networks with a focus on vulnerability. The logical relationships among AVs are named vulnerability expressions (VXs). With all the accumulated VXs of the systems and networks, we can set security requirements that resolve or circumvent vulnerabilities effectively and reinforce confidence in system and network robustness. The contribution of this paper is to use the concepts of AV and VX to derive the security requirements considering software vulnerabilities for secure systems and networks. The requirement derived can be used to complement the vulnerable situation caused by software that is developed without cognizance of security consideration.

Fuzzy adaptive threshold determining in the key inheritance based sensor networks

Sensor networks are often deployed in unattended environments, thus leaving these networks vulnerable to false data injection attacks. False data injection attacks will not only cause false alarms that waste real world response efforts, but also drain the finite amount of energy in a battery powered network. The key inheritance based filtering scheme can detect a false report at the very next node of the compromised node that injected the false report before it consumes a significant amount of energy. The choice of a security threshold value in this scheme represents a trade off between security and overhead. In this paper, we propose a fuzzy adaptive threshold determining method for the key inheritance based filtering scheme. The fuzzy rule based system is exploited to determine the security threshold value by considering the average energy level of all the nodes along the path from the base station to a cluster, the number of nodes in that cluster, and the number of compromised nodes. We also introduce a modified version of this scheme to reduce the overhead for changing the threshold value. The proposed method can conserve energy, while it provides sufficient resilience.

RUP Model Based SBA Effectiveness Analysis by Considering the V Process and Defense Simulation Hierarchy

This paper presents an SBA (simulation-based acquisition) effectiveness analysis environment using the RUP (Relational Unified Process) model. The RUP model has 4 phases which cover the whole development steps such as requirement analysis, design, development and test. By applying the RUP model, SW development can be represented with the iterations of developments for each phase. Such a characteristics of the model would make the model suitable for defense acquisition. In this paper, we show the relation between the RUP model and V process model, which is the foundation for defense acquisition. In order to show how the model could be applied to SBA effectiveness analysis, graphical user interfaces for the analysis are presented at the end of the paper.