Jingsha He

Group-based intrusion detection system in wireless sensor networks

Many mission critical wireless sensor networks require an efficient, lightweight and flexible intrusion detection algorithm to identify malicious attackers. In this paper, we propose a distributed group-based intrusion detection scheme that meets all the above requirements by partitioning the sensor networks into many groups in which the sensors in each group are physically close to each other and are equipped with the same sensing capability. Our intrusion detection algorithm takes simultaneously into consideration of multiple attributes of the sensor nodes to detect malicious attackers precisely. We show through experiments with real data that our algorithm can decrease the false alarm rate and increase the detection accuracy compared with existing intrusion detection schemes while lowering the computation and transmission power consumption.

Testing coverage analysis for software component validation

Constructing component-based software using reusable components is becoming a widely used approach. Since the quality of a component-based system is highly dependent on the quality of its components, component quality validation becomes very critical to both component vendors and users. Effectively validating component quality needs adequate test models and testing coverage criteria. This paper proposes an adequate test model and test coverage criteria for component validation. The paper discusses a dynamic approach to analyze component test coverage based on the proposed test model and test coverage criteria. The major contribution of this paper is its dynamic test coverage analysis solution to monitor API-based component validation and reuse. The paper reports the recent development efforts of a component test coverage analysis tool, and presents an application example.

Mutual Authentication in Wireless Mesh Networks

A wireless mesh network (WMN) is a new wireless network technology and there is a trend to adopt the technology to build commercial mobile ad hoc networks. Since a WMN is such a network without fixed infrastructure and is operated in an open medium, any user within the range covered by radio wave may access the network. Therefore, a critical requirement for the security in WMN is the authentication of a new user who is trying to join the network. In this paper, we present a new authentication scheme based on a combination of techniques, such as zone-based hierarchical topology structure, virtual certification authority (CA), off-line CA, identity-based cryptosystem and multi-signature. We show that our scheme would improve authentication in security, computational overhead, traffic, authentication latency and storage space.

A Systematic Regression Testing Method and Tool For Software Components

In component-based software engineering, software systems are mainly constructed based on reusable components, such as third-party components and in-house built components. Hence, system quality depends on the quality of the involved components. Any change of a component, it must be re-tested at the unit level, and re-integrated to form component-based application systems. Although a number of recently published papers address regression testing and maintenance of component-based systems, very few papers discuss how to identify component changes and impacts at the unit level, and find out the reusable test cases in a components test suite to support its evolution. This paper focuses on component API-based changes and impacts, and proposes a systematic re-test method for software components based on a component API-based test model. The proposed method has been implemented in a component test tool, known as COMPTest. It can be used to automatically identify component-based API changes and impacts, as well as reusable test cases in a component test suite. The paper also reports this tool and its application results

A Distributed Intrusion Detection Scheme for Mobile Ad Hoc Networks

A mobile ad hoc network is a multi-path autonomous system comprised of many mobile nodes with wireless transmission capability. In this paper, we first review current research in intrusion detection in ad hoc networks. Then, by considering the characteristics of such networks in which free movement of mobile nodes can lead to frequent topological changes, especially network separation and convergence, we propose an intrusion detection scheme based on a combination of techniques, such as hierarchical topology structure, distributed voting, off-line CA and composite key management, and show that the proposed scheme could improve intrusion detection in the areas of security, expandability, validity, fault tolerance and usability.

A Group-Based Intrusion Detection Scheme in Wireless Sensor Networks

Wireless sensor networks are susceptible to many types of attacks because of their constrained capacity, such as limitation in computation power, memory and battery lifetime. In this paper, we propose a group- based intrusion detection scheme that meets the efficient, lightweight and flexible requirements by partitioning the sensor networks into many groups in which the sensors in each group are physically close to each other and are equipped with the same sensing capability. Our intrusion detection algorithm takes into consideration of multiple attributes of the sensor nodes simultaneously to detect malicious attackers precisely. We show through experiments with real data that our algorithm can decrease the false alarm rate and increase the detection accuracy rate compared with existing intrusion detection schemes while lowering the power consumption.

A Zone-Based Distributed Key Management Scheme for Wireless Mesh Networks

A wireless mesh network (WMN) presents a new wireless network technology for building commercial mobile ad hoc networks. However, security in WMN has not received enough attention in the research community. One main challenge in designing WMNs is the vulnerability of such networks to malicious attacks. In this paper, we propose a zone-based distributed key management scheme for WMNs in which we show that the proposed scheme would improve key management in security, expandability, validity, fault tolerance and usability.

A Group-Based Dynamic Key Management Scheme in Wireless Sensor Networks

Sensor networks are widely used in a variety of commercial and military applications. As a fundamental requirement for providing security functionality in sensor networks, key management plays an essential role in authentication and encryption. In this paper, we propose a group-based dynamic key management scheme in wireless sensor networks. In our scheme, there is no requirement for such infrastructure as base stations and cluster heads and the dynamic key update feature ensures the security of the network without tampering the compromised sensor nodes. We also analyze the connectivity and security of the proposed scheme.

Improving the Efficiency of Network Topology Discovery

As wireless and mobile networks are getting more of a commonplace, the discovery and management of dynamic networks has become a serious issue.. Since the topology of wireless and mobile networks always keeps changing, the key issue of topology discovery is how to effectively and efficiently perform the discovery task with minimal impact to normal network traffic. In this paper we analyze the efficiency of some current topology discovery methods used both in wired and wireless networks and show that they are not very efficient. We also analyze the main reason and present a new method called BacktraceTree to improve efficiency of topology discovery. The BacktraceTree first backtraces the topology tree by probing the destination nodes which give response and can find most topology nodes and links, and then it discovers the remainder topology by analyzing the known topology features and probing the unresponding destination nodes. We describe and analyze the BacktraceTree algorithm and compare it with some major current topology discovery methods. Our evaluation shows that BacktraceTree can reduce almost 70% measurement load while maintaining the coverage of router interfaces above 95%. The BacktraceTree algorithm can dramatically improve topology discovery and can thus meet the requirement for fast topology discovery in wireless and mobile networks.

A key management scheme combined with intrusion detection for mobile ad hoc networks

A mobile Ad Hoc network is a multi-path autonomous system comprised of many mobile nodes with wireless transmission capability. Although there is a trend to adopt ad hoc networks for commercial uses due to their unique properties. One main challenge in design of these networks is their vulnerability to security attacks. In this paper, we first review current research in key management in mobile Ad Hoc networks. Then by considering the characteristics of such networks in which free movement of mobile nodes can lead to frequent topological changes, especially network separation and convergence, we propose an key management mechanism based on a combination of techniques, such as hierarchical topology structure, virtual CA (certification authority), offline CA, certificate chain, and proactive measurement, and show that the proposed scheme could improve the security of mobile ad hoc network in the areas of expandability, validity, fault tolerance and usability.