Nathaniel J. Davis

Wireless sensor network denial of sleep attack

With the progression of computer networks extending boundaries and joining distant locations, wireless sensor networks (WSN) emerge as the new frontier in developing opportunities to collect and process data from remote locations. Like IEEE 802.3 wired and IEEE 802.11 wireless networks, remote wireless sensor networks are vulnerable to malicious attacks. While wired and infrastructure-based wireless networks have mature intrusion detection systems and sophisticated firewalls to block these attacks, wireless sensor networks have only primitive defenses. WSNs rely on hardware simplicity to make sensor field deployments both affordable and long-lasting without any maintenance support. Energy-constrained sensor networks periodically place nodes to sleep in order to extend the network lifetime. Denying sleep effectively attacks each sensor nodes critical energy resources and rapidly drains the networks lifetime. This paper analyzes the energy resource vulnerabilities of wireless sensor networks, models the network lifetimes of leading WSN medium access control (MAC) protocols, and proposes a new MAC protocol which mitigates many of the effects of denial of sleep attacks.

A real-time medium access control protocol for ad hoc wireless local area networks

We develop and analyze a simple, elegant medium access control (MAC) protocol for use in transmitting real-time data in point to point ad hoc wireless local area networks (WLANs). Our enhancement of IEEE 802.11, real-time MAC (RT-MAC), achieves dramatic reductions in mean delay, missed deadlines, and packet collisions by selectively discarding packets and sharing station state information. For example, in a 50 station network with a normalized offered load of 0.7, mean delay is reduced from more than 14 seconds to less than 45 ms, late packets are reduced from 76% to less than 1%, and packet collisions are reduced from 36% to less than 1%. Regression models are developed from simulation data to describe network behavior in terms of throughput, mean delay, ratio of late packets, and ratio of collisions. Stations using RT-MAC are interoperable with stations using IEEE 802.11.

Battery-based intrusion detection

This paper proposes an early warning system via a host-based form of intrusion detection that can alert security administrators to protect their corporate network(s). This innovative technique operates through the implementation of battery-based intrusion detection (B-bid) on mobile devices by correlating attacks with their impact on device power consumption using a rules-based host intrusion detection engine (HIDE). HIDE monitors power behavior to detect potential intrusions by noting irregularities of power consumption.

Wireless sensor network energy-adaptive mac protocol

Wireless Sensor Networks (WSNs) provide a valuable capability to autonomously monitor remote activities. Their limited resources challenge WSN medium access control (MAC) layer designers to adequately support network services while conserving limited battery power. This paper presents an energyadaptive WSN MAC protocol, Gateway MAC (GMAC), which implements a new cluster-centric paradigm to effectively distribute cluster energy resources and extend network lifetime. G-MAC’s centralized cluster management function offers significant energy savings by leveraging the advantages of both contention and contention-free protocols. A centralized gateway node collects all transmission requirements during a contention period and then schedules their distributions during a reservation-based, contention-free period. With minimal overhead, the gateway duties are efficiently rotated based upon available resources to distribute the increased network management energy requirements among all of the nodes.

Toward a decentralized trust-based access control system for dynamic collaboration

As ad-hoc collaborative environments become more common, the need for access control becomes more imperative. Centralized access control determination fails to work in mobile ad-hoc networking environments, as the information necessary for pre-configuration is not available. This situation is exacerbated by the dynamic nature of the environments membership, so that the time and resources expended in offline management are largely wasted. This paper presents a decentralized access control system that implements sociological trust constructs in a quantitative system to evaluate interaction partners. A distributed, node-centric approach to reputation management processes nodal behavior feedback and provides a reputation index that nodes use to determine trustworthiness their peers before establishing associations. The availability of a reputation index gives a measure of expectation of a peers behavior, based on past performance, and makes a MANET a more distributed operational environment.

IPSec overhead in wireline and wireless networks for Web and email applications

This paper focuses on characterizing the overhead of IP security (IPSec) for email and Web applications using a set of test bed configurations. The different configurations are implemented using both wireline and wireless network links. The testing considers different combinations of authentication algorithms and authentication protocols. Authentication algorithms include Hashed Message Authentication Code-Message Digest 5 (HMAC-MD5) and Hashed Message Authentication Code-Secure Hash Algorithm 1 (HMAC-SHA1). Authentication protocols include Encapsulating Security Payload (ESP) and Authentication Header (AH) protocols. Triple Digital Encryption Standard (3DES) is used for encryption. Overhead is examined for scenarios using no encryption and no authentication, authentication and no encryption, and authentication and encryption. A variety of different file sizes are considered when measuring the overhead The results present a thorough analysis of the overhead of different IPSec configurations and provide practical guidance for choosing the IPSec configuration needed in a network environment.

A framework for key management in mobile ad hoc networks

Recently proposed key management systems (KMSs) provide limited functionality in highly partitioned mobile ad hoc networks. In this paper we present a framework for key management that provides redundancy and robustness for security association (SA) establishment between pairs of nodes in mobile ad hoc networks. Our KMS uses a modified hierarchical trust public key infrastructure (PKI) model in which nodes can dynamically assume management roles. The system ensures high service availability for the network members through a number of schemes. A novel behavior grading mechanism provides security criteria for the network nodes and aids the management functions of the KMS to revoke or reissue certificates for nodes. This mechanism is based on the notion of trust, and more specifically on SAs among nodes in the entire network. In this paper we give an overview of the framework of the system and present a performance analysis of the system based on certificate issuance and acquisition. Finally, we compare our KMS with threshold cryptography schemes.

Packetized voice transmission using RT-MAC, a wireless real-time medium access control protocol

RT-MAC is a simple, elegant, and robust medium access control (MAC) protocol for use in transmitting real-time data in point-to-point ad hoc wireless local area networks (WLANs). Our enhancement of IEEE 802.11, real-time MAC (RT-MAC), dramatically reduces missed deadlines and packet collisions while increasing throughput by selectively discarding packets and sharing station state information. For example, RT-MAC is able to successfully transmit 40 2-way voice conversations in addition to a normalized offered load of 80%. IEEE 802.11 is only able to transmit 10 2-way conversations under the same conditions. In another instance, RT-MAC reduced packet collisions from 50% to less than 15% while increasing throughput by more than 50%. Herein we extend our previous performance analysis of RT-MAC to include integrated voice-data transmission. Stations using RT-MAC are interoperable with stations using IEEE 802.11 and show a significant performance improvement even when a minority of stations in the network employ RT-MAC.

Battery-based intrusion detection a first line of defense

This paper proposes a first line of defense early warning system via a host-based form of intrusion detection that can alert security administrators to protect their corporate network(s). This innovative technique operates through the implementation of battery-based intrusion detection (B-bid) on mobile devices by correlating attacks with their impact on device power consumption using a rule-based host intrusion detection engine (HIDE). HIDE monitors power behavior to detect potential intrusions by noting irregularities of power consumption and works in conjunction with a host analysis signature trace engine (HASTE) to provide protection to both mobile hosts and, by extension, their affiliated network.

Mobile Host-Based intrusion Detection and Attack Identification

Although much attention has focused on optimizing power in batteries for mobile devices, little attention to date has focused on battery constraints to determine if an attack is present. This research proposes that resident monitoring of the demands placed on a batterys current (mA) and other system processes can be used as an early-warning, trip-wire-like sensor for mobile hosts as a means to block attacks as well as to identify them.