Ibrahim Ethem Bagci

Maximizing lifetime of event-unobservable wireless sensor networks

In wireless sensor networks (WSNs) contextual information such as the information regarding whether, when, and where the data is collected cannot be protected using only traditional measures (e.g., encryption). Contextual information can be protected against global eavesdroppers by periodic packet transmission combined with dummy traffic filtering at proxy nodes. In this paper, through a Linear Programming (LP) framework, we analyze lifetime limits of WSNs preserving event-unobservability with different proxy assignment methodologies. We show that to maximize the network lifetime data flow should pass through multiple proxies that are organized as a general directed graph rather than as a tree.

Lifetime Bounds of Wireless Sensor Networks Preserving Perfect Sink Unobservability

In wireless sensor networks an attack to the base station (sink) can render the whole network useless. Hence, concealing the physical location of the sink may be necessary in certain circumstances. Previous studies addressing this challenging problem assume a weak adversary model. The problem has not been studied in the presence of an eavesdropper who has global knowledge for the entire network. Here, a naive solution is to employ fake sinks so that nodes send their data not only to the real sink but also to other locations. An alternative solution with less overhead could be provided when all nodes including base station equalize the values of their total incoming and outgoing flows as well as their energy expenditure. This way, no information about the sink location is revealed even when all communication within the network is monitored. In this paper, through a Linear Programming (LP) framework we analyze and compare lifetime limits of wireless sensor networks preserving sink location privacy with the aforementioned two approaches.

Optimal data compression and forwarding in wireless sensor networks

In this letter, we present a Linear Programming framework for modeling dynamic data compression and decompression in conjunction with flow balancing in wireless sensor networks. Using the developed framework, we investigated the sensor network lifetimes for different network sizes with various data compression and flow balancing strategies. Our results show that neither compressing all data nor avoiding data compression completely can achieve the longest possible network lifetime. Dynamic data transformation is shown to achieve significantly longer network lifetimes than the lifetimes obtained with the two pure strategies above.

Combined secure storage and communication for the Internet of Things

The future Internet of Things (IoT) may be based on the existing and established Internet Protocol (IP). Many IoT application scenarios will handle sensitive data. However, as security requirements for storage and communication are addressed separately, work such as key management or cryp-tographic processing is duplicated. In this paper we present a framework that allows us to combine secure storage and secure communication in the IP-based IoT. We show how data can be stored securely such that it can be delivered securely upon request without further cryptographic processing. Our prototype implementation shows that combined secure storage and communication can reduce the security-related processing on nodes by up to 71% and energy consumption by up to 32.1%.

Communication/computation tradeoffs for prolonging network lifetime in wireless sensor networks: The case of digital signatures

In the context of wireless sensor networks, computation/communication tradeoffs may appear in many aspects of the system design. In this paper, we present a linear programming framework to guide designers in effectively using these tradeoffs for prolonging network lifetime. To investigate the tradeoff in more concrete terms, as our representative problem we choose a security service; non-repudiation which can be supported with different types of digital signature algorithms. Since these algorithms have high computation and/or communication overheads, supporting non-repudiation of sensor data has been traditionally considered to be infeasible in wireless sensor networks. Using our framework, we compare three signature algorithms with respect to their effect on network lifetime in different topologies and operating conditions. We have shown that with proper algorithm selection the lifetime reduction due to the utilization of digital signatures can be as low as 10%; however, non-optimal algorithm selection can result in more than 90% lifetime reduction compared to a network not supporting non-repudiation.

Codo: confidential data storage for wireless sensor networks

Many Wireless Sensor Networks (WSNs) are used to collect and process confidential information. Confidentiality must be ensured at all times and, for example, solutions for confidential communication, processing or storage are required. To date, the research community has addressed mainly the issue of confidential communication. Efficient solutions for cryptographically secured communication and associated key exchange in WSNs exist. Many WSN applications, however, rely heavily on available on-node storage space and therefore it is essential to ensure the confidentiality of stored data as well. In this paper we present Codo, a confidential data storage solution which balances platform, performance and security requirements. We implement Codo for the Contiki WSN operating system and evaluate its performance.

Using Channel State Information for Tamper Detection in the Internet of Things

The Internet of Things (IoT) is increasingly used for critical applications and securing the IoT has become a major concern. Among other issues it is important to ensure that tampering with IoT devices is detected. Many IoT devices use WiFi for communication and Channel State Information (CSI) based tamper detection is a valid option. Each 802.11n WiFi frame contains a preamble which allows a receiver to estimate the impact of the wireless channel, the transmitter and the receiver on the signal. The estimation result - the CSI - is used by a receiver to extract the transmitted information. However, as the CSI depends on the communication environment and the transmitter hardware, it can be used as well for security purposes. If an attacker tampers with a transmitter it will have an effect on the CSI measured at a receiver. Unfortunately not only tamper events lead to CSI fluctuations; movement of people in the communication environment has an impact too. We propose to analyse CSI values of a transmission simultaneously at multiple receivers to improve distinction of tamper and movement events. A moving person is expected to have an impact on some but not all communication links between transmitter and the receivers. A tamper event impacts on all links between transmitter and the receivers. The paper describes the necessary algorithms for the proposed tamper detection method. In particular we analyse the tamper detection capability in practical deployments with varying intensity of people movement. In our experiments the proposed system deployed in a busy office environment was capable to detect 53% of tamper events (TPR = 53%) while creating zero false alarms (FPR = 0%).

Using Quantum Confinement to Uniquely Identify Devices

Modern technology unintentionally provides resources that enable the trust of everyday interactions to be undermined. Some authentication schemes address this issue using devices that give a unique output in response to a challenge. These signatures are generated by hard-to-predict physical responses derived from structural characteristics, which lend themselves to two different architectures, known as unique objects (UNOs) and physically unclonable functions (PUFs). The classical design of UNOs and PUFs limits their size and, in some cases, their security. Here we show that quantum confinement lends itself to the provision of unique identities at the nanoscale, by using fluctuations in tunnelling measurements through quantum wells in resonant tunnelling diodes (RTDs). This provides an uncomplicated measurement of identity without conventional resource limitations whilst providing robust security. The confined energy levels are highly sensitive to the specific nanostructure within each RTD, resulting in a distinct tunnelling spectrum for every device, as they contain a unique and unpredictable structure that is presently impossible to clone. This new class of authentication device operates with minimal resources in simple electronic structures above room temperature.

Neighbor sensor networks: Increasing lifetime and eliminating partitioning through cooperation

In this paper we consider neighbor sensor networks which are defined as multiple wireless sensor networks under the administration of different authorities but located physically on the same area or close to each other. We construct a Linear Programming framework to characterize the cooperation of neighbor sensor networks in comparison to non-cooperating networks. We show that if neighbor sensor networks cooperate with each other for relaying data packets then this cooperation brings two advantages as compared to no cooperation case. First, lifetime of both networks is prolonged - the results of our analysis show that cooperation between neighbor sensor networks can significantly extend the overall network lifetime. Second, cooperation reduces the probability of disjoint partitions arising due to the limited transmission ranges of sensor nodes. When neighbor sensor networks cooperate, eliminating disjoint partitions is possible with sensors having shorter transmission ranges as demonstrated and quantified by our analysis.

Defend your home!: jamming unsolicited messages in the smart home

A plethora of communication protocols for home automation are currently in use. These protocols generally lack essential security features such as message authentication. Thus, smart homes are not protected against accidental or malicious message injection. In this paper we describe how jamming can be used to prevent processing of unsolicited messages in smart homes. We describe how jamming based protection can be added to a home automation system without impairing legitimate transmissions in neighbouring houses. Furthermore, we present the initial evaluation of a jamming device and its capability to secure networks of a variety of protocol types. Our evaluation shows that even a single jamming device can significantly improve the security of a smart home.