一种无线传感器网络的访问控制协议

传感器网络中的节点存在由于能量耗尽或恶意攻击而丧失作用的威胁,因此需要新节点的加入.利用Bloom Filter技术,提出了一种访问控制协议.本协议不仅便于实现新节点、旧节点的双向认证和密钥协商,而且便于实现节点的加入与撤消.通过性能分析和安全性分析说明了该协议的有效性.     

无线传感器网络的轻量级安全体系研究

结合无线传感器网络现有的安全方案存在密钥管理和安全认证效率低等问题的特点,提出了无线传感器网络的轻量级安全体系和安全算法。采用门限秘密共享机制的思想解决了无线传感器网络组网中遭遇恶意节点的问题;采用轻量化ECC算法改造传统ECC算法,优化基于ECC的CPK体制的思想,在无需第三方认证中心CA的参与下,可减少认证过程中的计算开销和通信开销,密钥管理适应无线传感器网络的资源受限和传输能耗相当于计算能耗千倍等特点,安全性依赖于椭圆离散对数的指数级分解计算复杂度;并采用双向认证的方式改造,保证普通节点与簇头节点间的通信安全,抵御中间人攻击。     

WSNs中基于秘密共享的身份认证协议

身份认证是无线传感器网络安全的第一道屏障。针对现有无线传感器网络中的身份认证协议的效率和安全问题,基于Shamir门限秘密共享方案提出一种低功耗的身份认证协议。在不降低网络安全性的前提下,通过多个已认证节点对新节点进行身份认证,能够有效的降低认证过程中的计算量。认证过程中使用单向散列函数对通信数据进行加密并且运用时间戳机制抵御重放攻击。分析结果表明协议具有低功耗的特点,并且能够抵御窃听攻击、重放攻击以及少数节点被俘虏的攻击。     

LHAP: A lightweight network access control protocol for ad hoc networks

Most ad hoc networks do not implement any network access control, leaving these networks vulnerable to resource consumption attacks where a malicious node injects packets into the network with the goal of depleting the resources of the nodes relaying the packets. To thwart or prevent such attacks, it is necessary to employ authentication mechanisms to ensure that only authorized nodes can inject traffic into the network. We propose LHAP, a hop-by-hop authentication protocol for ad hoc networks. LHAP resides in between the network layer and the data link layer, thus providing a layer of protection that can prevent or thwart many attacks from happening, including outsider attacks and insider impersonation attacks. Our detailed performance evaluation shows that LHAP incurs small performance overhead and it also allows a tradeoff between security and performance.     

无线传感器网络中一种基于共享密钥的节点鉴别机制

在无线传感器网络中,信息的传输需要保证通信双方的节点是本次通信的节点,而不是网络中的其他节点或者一些恶意节点,这就需要对通信双方的身份进行身份鉴别。提出了一种基于共享密钥的节点鉴别机制,实现了网内节点间在通信前确认彼此身份的合法性和有效性。分析表明,该方案有效抵御了传感器网络中一些常见的安全威胁,例如女巫攻击等。同时,该方案还具有很强的攻击容忍性。     

Design of a lightweight authentication scheme for IEEE 802.11p vehicular networks

With the growing popularity of vehicle-based mobile devices, vehicular networks are becoming an essential part of wireless heterogeneous networks. Therefore, vehicular networks have been widely studied in recent years. Because of limited transmission range of wireless antennas, mobile vehicles should also switch their access points to maintain the connections as conventional mobile nodes. Considering the inherent characteristics of vehicular networks such as dynamic topology and high speed, the question of how to implement handoff protocol under real-time scenarios is very important. IEEE 802.11p protocol is designed for vehicular networks for the long distance transmission. To reduce handoff latency for 802.11p protocol, the authentication phase is waived during the handoff. However, security is also very important for wireless communications, and authentication can forbid access from malicious nodes and prevent wireless communications from potential attacks. Thus, in this paper, a lightweight authentication scheme is introduced to balance the security requirements and the handoff performance for 802.11p vehicular networks. In our scheme, the access points are divided into different trust groups, and the authentication process is completed in a group-based method. Once a vehicle is authenticated by an access point group, during the handoff within the same group, few extra authentication operations are needed. As a result, there is no extra overhead introduced to the authentication servers. Simulation results demonstrate that our authentication scheme only introduces small handoff latency and it is ideal for vehicular networks.     

Distributed detection of mobile malicious node attacks in wireless sensor networks

In wireless sensor networks, sensor nodes are usually fixed to their locations after deployment. However, an attacker who compromises a subset of the nodes does not need to abide by the same limitation. If the attacker moves his compromised nodes to multiple locations in the network, such as by employing simple robotic platforms or moving the nodes by hand, he can evade schemes that attempt to use location to find the source of attacks. In performing DDoS and false data injection attacks, he takes advantage of diversifying the attack paths with mobile malicious nodes to prevent network-level defenses. For attacks that disrupt or undermine network protocols like routing and clustering, moving the misbehaving nodes prevents them from being easily identified and blocked. Thus, mobile malicious node attacks are very dangerous and need to be detected as soon as possible to minimize the damage they can cause. In this paper, we are the first to identify the problem of mobile malicious node attacks, and we describe the limitations of various naive measures that might be used to stop them. To overcome these limitations, we propose a scheme for distributed detection of mobile malicious node attacks in static sensor networks. The key idea of this scheme is to apply sequential hypothesis testing to discover nodes that are silent for unusually many time periods—such nodes are likely to be moving—and block them from communicating. By performing all detection and blocking locally, we keep energy consumption overhead to a minimum and keep the cost of false positives low. Through analysis and simulation, we show that our proposed scheme achieves fast, effective, and robust mobile malicious node detection capability with reasonable overhead.     

LPPA: Lightweight privacy‐preservation access authentication scheme for massive devices in fifth Generation (5G) cellular networks

Because of the requirements of stringent latency, high‐connection density, and massive devices concurrent connection, the design of the security and efficient access authentication for massive devices is the key point to guarantee the application security under the future fifth Generation (5G) systems. The current access authentication mechanism proposed by 3rd Generation Partnership Project (3GPP) requires each device to execute the full access authentication process, which can not only incur a lot of protocol attacks but also result in signaling congestion on key nodes in 5G core networks when sea of devices concurrently request to access into the networks. In this paper, we design an efficient and secure privacy‐preservation access authentication scheme for massive devices in 5G wireless networks based on aggregation message authentication code (AMAC) technique. Our proposed scheme can accomplish the access authentication between massive devices and the network at the same time negotiate a distinct secret key between each device and the network. In addition, our proposed scheme can withstand a lot of protocol attacks including interior forgery attacks and DoS attacks and achieve identity privacy protection and group member update without sacrificing the efficiency. The Burrows Abadi Needham (BAN) logic and the formal verification tool: Automated Validation of Internet Security Protocols and Applications (AVISPA) and Security Protocol ANimator for AVISPA (SPAN) are employed to demonstrate the security of our proposed scheme.     

Novel Trusted Hierarchy Construction for RFID Sensor–Based MANETs Using ECCs

In resource‐constrained, low‐cost, radio‐frequency identification (RFID) sensor–based mobile ad hoc networks (MANETs), ensuring security without performance degradation is a major challenge. This paper introduces a novel combination of steps in lightweight protocol integration to provide a secure network for RFID sensor–based MANETs using error‐correcting codes (ECCs). The proposed scheme chooses a quasi‐cyclic ECC. Key pairs are generated using the ECC for establishing a secure message communication. Probability analysis shows that code‐based identification; key generation; and authentication and trust management schemes protect the network from Sybil, eclipse, and de‐synchronization attacks. A lightweight model for the proposed sequence of steps is designed and analyzed using an Alloy analyzer. Results show that selection processes with ten nodes and five subgroup controllers identify attacks in only a few milliseconds. Margrave policy analysis shows that there is no conflict among the roles of network members.     

传感器编码网络广播认证协议研究

广播认证技术能抵御污染攻击,保障传感器编码网络广播通信安全。但由于网络资源受限,广播认证技术所引入的计算量使得网络又易遭受拒绝服务攻击。为了有效抵御污染攻击与拒绝服务攻击,并兼顾网络安全性与时间延迟,本文以节点遭受污染攻击概率为决策因子,采用博弈论的思想研究广播认证协议。首先考察安全传感器编码网络中中间节点的策略行为,归纳与总结典型的广播认证协议模式;针对广播认证协议模式选择中存在的两次博弈过程,研究先转发策略、先认证策略与先聚合策略,对各策略的博弈成本/收益进行量化;构造广播认证协议二阶段博弈模型,博弈的纳什均衡即为节点应选择的广播认证协议模式。实例分析验证了各策略成本/收益量化及博弈模型的有效性。      

URSA: ubiquitous and robust access control for mobile ad hoc networks

Restricting network access of routing and packet forwarding to well-behaving nodes and denying access from misbehaving nodes are critical for the proper functioning of a mobile ad-hoc network where cooperation among all networking nodes is usually assumed. However, the lack of a network infrastructure, the dynamics of the network topology and node membership, and the potential attacks from inside the network by malicious and/or noncooperative selfish nodes make the conventional network access control mechanisms not applicable. We present URSA, a ubiquitous and robust access control solution for mobile ad hoc networks. URSA implements ticket certification services through multiple-node consensus and fully localized instantiation. It uses tickets to identify and grant network access to well-behaving nodes. In URSA, no single node monopolizes the access decision or is completely trusted. Instead, multiple nodes jointly monitor a local node and certify/revoke its ticket. Furthermore, URSA ticket certification services are fully localized into each node's neighborhood to ensure service ubiquity and resilience. Through analysis, simulations, and experiments, we show that our design effectively enforces access control in the highly dynamic, mobile ad hoc network.     

一种传感器网络分布式认证方案

传感器网络的资源受限性给它的安全认证机制设计带来很大的困难。论文在基于椭圆曲线密码体制(ECC)的基础上提出了一种新的分布式认证方案,利用节点群实现公钥算法,在不提高节点计算强度的前提下可以实现节点间的身份认证,并有效提高整个网络的安全性。     

A Safe Proactive Routing Protocol SDSDV for Ad Hoc Network

In mobile Ad Hoc network, nodes move freely, this can lead to frequent changes of network topology. Routing protocol algorithm is the strategy to establish communication links for network nodes, and its performance influences the availability of Ad Hoc network directly. By using wireless channel to transmit data in Ad Hoc network, the invaded malicious nodes will cause various attacks, aim to steal the transmission data or destroy the network. Based on the traditional proactive routing protocol for Ad Hoc network, an improved safe routing strategy SDSDV is put forward to resist attacks against routing protocols. The safe proactive routing protocol includes route request and route response two stages. When the network initialization is complete, after successful identity authentication by each other, secure communication paths are established between nodes and the encrypted data will be transmission through the path. The protocol integrates distributed authentication, encryption algorithm, hash check, and other security policy together. SDSDV protocol reduces the risk of malicious manipulation of routing information and ensures the safe and reliable routing between the source and destination nodes.     

无线传感器网络节点复制攻击和女巫攻击防御机制研究

在无线传感器网络(WSNs)中,节点复制攻击和女巫攻击可扰乱数据融合和阈值选举等网络操作.发起这两种攻击需先通过邻居发现认证过程.考虑到在WSNs中发起邻居认证是不频繁的,提出了一种基于单向密钥链的ID认证防御机制(OKCIDA),降低攻击者在任何时间段发起这两种攻击的可能性.然后基于椭圆曲线离散对数问题,构造对称参数,并组合OKCIDA和利用节点邻居关系,提出了一种无需位置的邻居认证协议(LFNA),以阻止复制节点和女巫节点成功加入网络.最后给出了安全性证明和分析,并在安全和开销方面将LFNA与已有典型防御方案进行了比较,结果表明该方案具有一定的优势.     

异构无线网络可信接入设计及实现

异构无线网络互连后的安全问题是当前网络安全研究的一个热点问题,为了解决异构网络互连后产生的接入安全问题,提出了一种基于信任模型的可信接入框架,该框架建立了异构无线网络间的信任评价体系,对接入异构无线网络用户除了进行身份验证,还必须进行用户信任度的验证,既拒绝了恶意节点接入,又确保了合法节点的安全接入,从而保证异构无线网络互连接入的安全和可信。     

Location-based compromise-tolerant security mechanisms for wireless sensor networks

Node compromise is a serious threat to wireless sensor networks deployed in unattended and hostile environments. To mitigate the impact of compromised nodes, we propose a suite of location-based compromise-tolerant security mechanisms. Based on a new cryptographic concept called pairing, we propose the notion of location-based keys (LBKs) by binding private keys of individual nodes to both their IDs and geographic locations. We then develop an LBK-based neighborhood authentication scheme to localize the impact of compromised nodes to their vicinity. We also present efficient approaches to establish a shared key between any two network nodes. In contrast to previous key establishment solutions, our approaches feature nearly perfect resilience to node compromise, low communication and computation overhead, low memory requirements, and high network scalability. Moreover, we demonstrate the efficacy of LBKs in counteracting several notorious attacks against sensor networks such as the Sybil attack, the identity replication attack, and wormhole and sinkhole attacks. Finally, we propose a location-based threshold-endorsement scheme, called LTE, to thwart the infamous bogus data injection attack, in which adversaries inject lots of bogus data into the network. The utility of LTE in achieving remarkable energy savings is validated by detailed performance evaluation.     

Node cooperation in hybrid ad hoc networks

A hybrid ad hoc network is a structure-based network that is extended using multihop communications. Indeed, in this kind of network, the existence of a communication link between the mobile station and the base station is not required: A mobile station that has no direct connection with a base station can use other mobile stations as relays. Compared with conventional (single-hop) structure-based networks, this new generation can lead to a better use of the available spectrum and to a reduction of infrastructure costs. However, these benefits would vanish if the mobile nodes did not properly cooperate and forward packets for other nodes. In this paper, we propose a charging and rewarding scheme to encourage the most fundamental operation, namely packet forwarding. We use "MAC layering" to reduce the space overhead in the packets and a stream cipher encryption mechanism to provide "implicit. authentication" of the nodes involved in the communication. We analyze the robustness of our protocols against rational and malicious attacks. We show that-using our solution-collaboration is rational for selfish nodes. We also show that our protocols thwart rational attacks and detect malicious attacks.     

一种泛在网络的安全认证协议

泛在网络是标准的异质异构网络,保证用户在网络间的切换安全是当前泛在网的一个研究热点。该文对适用于异构网络间切换的认证协议EAP-AKA进行分析,指出该协议有着高认证时延,且面临着用户身份泄露、中间人攻击、DoS攻击等安全威胁,此外接入网络接入点的有效性在EAP-AKA协议中也没有得到验证,使得用户终端即使经过了复杂的认证过程也不能避免多种攻击。针对以上安全漏洞,该文提出一种改进的安全认证协议,将传统EAP-AKA的适用性从3G系统扩展到泛在网络中。新协议对传播时延和效率进行完善,为用户和接入点的身份信息提供有效性保护,避免主会话密钥泄露,采用椭圆曲线Diffie Hellman算法生成对称密钥,在每次认证会话时生成随机的共享密钥,并实现用户终端与家乡域网络的相互认证。通过开展实验,对协议进行比较分析,验证了新协议的有效性及高效率。     

Achieving distributed user access control in sensor networks

User access control in sensor networks defines a process of granting user an access right to the stored information. It is essential for future real sensor network deployment in which sensors may provide users with different services in terms of data and resource accesses. A centralized access control mechanism requires the base station to be involved whenever a user requests to get authenticated and access the information stored in the sensor node, which is inefficient, not scalable, and is exposed to many potential attacks along long communication paths. In this paper, we propose a distributed user access control under a realistic adversary model in which sensors can be compromised and user may collude. We split the access control into local authentication conducted by a group of sensors physically close to a user, and a light remote authentication based on the endorsement of the local sensors. We implement the access control protocols on a testbed of TelosB motes. Our analysis and experimental results show that our schemes are feasible for real access control requirements.     

EMLTrust: An enhanced Machine Learning based Reputation System for MANETs

Many mission critical networks including MANETs for military communications and disaster relief communications rely on node cooperation. If malicious nodes gain access to such networks they can easily launch attacks, such as spreading viruses or spam, or attacking known vulnerabilities. One way to defend against malicious nodes is to use Reputation Systems (RS) that try to predict future behavior of nodes by observing their past behavior. In this paper, we propose a Machine Learning (ML) based RS that defends against many patterns of attacks. We specifically consider the proposed RS in the context of MANETs.After introducing a basic RS, we propose further enhancements to it to improve its performance and to deal with some of the more challenging aspects of MANETs. For instance, we consider digital signature based mechanisms that do not require trusted third parties, or servers that are always online. Another enhancement uses an algorithm called Fading Memories that allows us to look back at longer histories using fewer features. Finally, we introduce a new technique, called Dynamic Thresholds, to improve accuracies even further. We compare the performance of our RS with another RS found in the literature, called TrustGuard, and perform detailed evaluations against a variety of attacks. The results show that our RS significantly outperforms TrustGuard, even when the proportion of malicious nodes in the network is high. We also show that our scheme has very low bandwidth and computation overhead. In contrast to existing RSs designed to detect specific attacks, ML based RSs can be retrained to detect new attack patterns as well.