Hani Alzaid

RSDA: Reputation-Based Secure Data Aggregation in Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are a new technology that is expected to be used in the near future due to its cheap cost and data processing ability. However, securing WSNs with traditional cryptographic mechanism is insufficient because of the existing limited resources and the lack of tamper resistant hardware. In this paper, we propose a Reputation-based Secure Data Aggregation for WSNs (RSDA) that integrates aggregation functionality with the advantages provided by a reputation system to enhance the network lifetime and the accuracy of the aggregated data. We bind symmetric secret keys to geographic locations and assign these keys to sensor nodes based on their locations. RSDA therefore can resist an adversary that is capable to compromise up to W sensor nodes in total with no more than t -1 compromised nodes in any cell.

Reputation-Based Trust Systems for Wireless Sensor Networks: A Comprehensive Review

Cryptographic mechanisms alone are insufficient to protect Wireless Sensor Networks (WSNs), because sensors are deployed for long periods in hostile environments where it is possible for an adversary to physically take over a sensor and obtain access to the cryptographic keys stored in the sensor’s internal memory. Thus, reputation-based trust systems are employed to detect abnormal activities and enhance the trustworthiness among sensors. Unfortunately, existing reputation-based trust systems for WSNs do not investigate the robustness against WSN-related or reputation-related attacks. This paper provides a comprehensive analysis for current reputation-based trust systems by surveying the current “state-of-the-art” work in this area.

A Forward and Backward Secure Key Management in Wireless Sensor Networks for PCS/SCADA

Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. In this paper, a key management scheme is proposed to defeat node capture attack by offering both forward and backward secrecies. Our scheme overcomes the pitfalls which Nilsson et al.’s scheme suffers from, and is not more expensive than their scheme.

LNT: a logical neighbor tree secure group communication scheme for wireless sensor networks

Abstract Secure group communication is a paradigm that primarily designates one-to-many communication security. The proposed works relevant to secure group communication have predominantly considered the whole network as being a single group managed by a central powerful node capable of supporting heavy communication, computation and storage cost. However, a typical Wireless Sensor Network (WSN) may contain several groups, and each one is maintained by a sensor node (the group controller) with constrained resources. Moreover, the previously proposed schemes require a multicast routing support to deliver the rekeying messages. Nevertheless, multicast routing can incur heavy storage and communication overheads in the case of a wireless sensor network. Due to these two major limitations, we have reckoned it necessary to propose a new secure group communication with a lightweight rekeying process. Our proposal overcomes the two limitations mentioned above, and can be applied to a homogeneous WSN with resource-constrained nodes with no need for a multicast routing support. Actually, the analysis and simulation results have clearly demonstrated that our scheme outperforms the previous well-known solutions.

LNT: a Logical Neighbor Tree for Secure Group Management in Wireless Sensor Networks

Abstract Secure group management is an important issue in Wireless Sensor Networks (WSNs). The most of previous works consider the whole network as a single group managed by a central, powerful node (e.g., the base station) capable of supporting heavy communication, computation and storage cost. However, typical WSNs applications may benefit from being designed and implemented as a collection of multiple logical groups, each one is maintained by a sensor node (the group controller) with constrained resources. Furthermore, previous schemes require multicast support at the routing level to deliver rekeying messages. Unfortunately, multicast may cause a storage and communication overhead that are not a_ordable in a WSN. In order to go beyond these two limitations, we propose a new secure group management scheme with a lightweight re-keying process. The scheme allows multiple logical groups, each one is maintained and rekeyed separately by a resource-constrained sensor node without requiring multicast routing support. We prove that the scheme is secure and we evaluate its performance from several view points. Actually, we show that our scheme outperforms some previous well-known schemes such as LKH.

MASA: End-to-End Data Security in Sensor Networks Using a Mix of Asymmetric and Symmetric Approaches.

Wireless sensor networks (WSNs) are a new technology that is expected to be used increasingly in the near future due to its cheap cost and data processing ability. However, securing WSNs is a complicated issue since the chosen security scheme should offer data security requirements such as data integrity, confidentiality, authentication, and availability although of the existed resource constraints in the sensors. In this paper, we describe the design of securing end-to-end data in WSNs using a mixture of asymmetric and symmetric approaches (MASA) that improves the security level offered by similar schemes and reduces the resources consumptions.

Mitigating On-Off attacks in reputation-based secure data aggregation for wireless sensor networks

In-network aggregation is considered as an efficient way to reduce the energy consumption in wireless sensor networks (WSNs). However, it opens doors for a compromised node to distort the integrity of the aggregated data by altering the data and disrupting transmission of the aggregation results. Thus, several secure data aggregation protocols were designed to mitigate the effect of the node compromise attack and ensure data integrity. Most protocols can detect the manipulation of the aggregation results and then reject them at the base station, which gives a single node compromise the opportunity to disrupt the limited resources in the network. Reputation-based secure data aggregation protocols take a step further in helping to identify compromised nodes as early as possible. However, reputation-based protocols are prone to On-Off attacks (OOs) in which a compromised node is able to affect the aggregation results without being detected. The compromised node behaves maliciously now and then to ensure that its reputation value is within the trustable level. A solution to defeat this attack is proposed in this paper. The significance of the proposal is twofold: (i) it extends Alzaid et al.s protocol and mitigates the effect of the OO on the aggregation results, and (ii) it considers non-homogeneous environments, which requires distinguishing between abrupt and incipient changes. In a comparative analysis of our proposal with Alzaid et al.s protocol, plain estimate, and reputation-based estimate shows its superior performance in mitigating the effect of the attack. Copyright

Secure Data Aggregation with MAC Authentication in Wireless Sensor Networks

Recently, several data aggregation schemes based on privacy homomorphism encryption have been proposed and investigated on wireless sensor networks. These data aggregation schemes provide better security compared with traditional aggregation since cluster heads (aggregator) can directly aggregate the ciphertexts without decryption; consequently, transmission overhead is reduced. Based on our survey of existing research efforts for ensuring secure data aggregation, a novel approach that uses homomorphic encryption and Message Authentication Codes (MAC) to achieve confidentiality, authentication and integrity for secure data aggregation in wireless sensor networks is proposed. Our experiments show that our proposed secure aggregation method significantly reduces computation and communication overhead and can be practically implemented in on-the-shelf sensor platforms.

A taxonomy of secure data aggregation in wireless sensor networks

Recent advances in wireless sensor networks (WSNs) have led to several new promising applications including habitat monitoring and target tracking. However, data communication between nodes consumes a large portion of the entire energy consumption of the WSNs. Consequently, data aggregation techniques can significantly help to reduce the energy consumption by eliminating redundant data travelling back to the base station. The security issues such as data integrity, confidentiality, and freshness in data aggregation become crucial when the WSN is deployed in a remote or hostile environment where sensors are prone to node failures and compromises. There is currently research potential in securing data aggregation in WSNs. With this in mind, the security issues in data aggregation for the WSN will be discussed in this article. After that, the |state-of-the-art| in secure data aggregation schemes will be surveyed and then classified into two categories based on the number of aggregator nodes and the existence of the verification phase.

Mitigating Sandwich Attacks Against a Secure Key Management Scheme in Wireless Sensor Networks for PCS/SCADA

Alzaid et al. proposed a forward & backward secure key management scheme in wireless sensor networks for Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems. The scheme, however, is still vulnerable to an attack called the sandwich attack that can be launched when the adversary captures two sensor nodes at times t1 and t2, and then reveals all the group keys used between times t1 and t2. In this paper, a fix to the scheme is proposed in order to limit the vulnerable time duration to an arbitrarily chosen time span while keeping the forward and backward secrecy of the scheme untouched. Then, the performance analysis for our proposal, Alzaid et al.’s scheme, and Nilsson et al.’s scheme is given.