A low‐cost node capture attack algorithm for wireless sensor networks

Wireless sensor networks (WSNs) have many micro devices that are easy to capture. In node capture attacks, the adversary physically captures sensors and extracts all information including key information from their memories, trying to compromise the system's security protection. However, the robust and random nature of many WSN security designs makes it difficult to compromise the system even with the capture of some sensors. In this paper, we approach WSN security from an adversarial point of view and investigate low‐cost and efficient algorithms to identify sensors in a WSN in the shortest time with the lowest cost. Instead of randomly capturing sensors, an intelligent attacker should choose the next target based on the known topology so far. Because the identification of such has been proven to be NP‐hard (non‐deterministic polynomial‐time hard), we propose to transform the problem into a set covering problem and develop a greedy minimum cost node capture attack algorithm (MCA) to lower cost of attack. Extensive simulations have been implemented to evaluate the performance of MCA and to compare it with several related schemes. It is shown that MCA lowers the cost of compromising WSNs by 16%. Copyright © 2015 John Wiley & Sons, Ltd.     

Simple,secure, and lightweight mechanism for mutual authentication of nodes in tiny wireless sensor networks

Wireless sensor networks (WSNs) are widely used in large areas of applications; due to advancements in technology, very tiny sensors are readily available, and their usage reduces the cost. The mechanisms designed for wireless networks cannot be implied on networks with tiny nodes due to battery and computational constraints. Understanding the significance of security in WSNs and resource constraintness of tiny WSNs, we propose a node authentication mechanism for nodes in wireless sensor networks to avoid security attacks and establish secure communication between them. In the proposed mechanism, a base station (BS) generates a secret value and random value for each sensor node and stores at the node. The sensor node authenticates using secret value and random number. Random nonce ensures freshness, efficiency, and robustness. The proposed mechanism is lightweight cryptographic, hence requires very less computational, communication, and storage resources. Security analysis of the proposed mechanism could not detect any security attack on it, and the mechanism was found to incur less storage, communication, and computation overheads. Hence, the proposed mechanism is best suitable for wireless sensor networks with tiny nodes.     

Density‐adaptive network reprogramming protocol for wireless sensor networks

Network reprogramming is a process used to update program codes of sensor nodes that are already deployed. To deal with potentially unstable link conditions of wireless sensor networks, the epidemic approach based on 3‐way advertise‐request‐data handshaking is preferred for network reprogramming. Existing epidemic protocols, however, require a long completion period and high traffic overhead in high‐density networks, mainly due to the hidden terminal problem. In this paper, we address this problem by dynamically adjusting the frequency of advertisement messages in terms of the density of sensor nodes, which is the number of sensor nodes in a certain area. We compare the performance of the proposed scheme, called DANP (Density‐Adaptive Network Reprogramming Protocol), with a well‐known epidemic protocol, Deluge. Simulations indicate that, in the grid topologies, DANP outperforms Deluge by about 30% in terms of the completion time and about 50% in terms of the traffic overhead. Significant performance gain is observed in random topologies as well. The performance of DANP is further confirmed via measurements in an experimental test bed. Copyright © 2009 John Wiley & Sons, Ltd.     

Energy-balanced unequal clustering protocol for wireless sensor networks

Clustering provides an effective way to prolong the lifetime of wireless sensor networks.One of the major issues of a clustering protocol is selecting an optimal group of sensor nodes as the cluster heads to divide the network.Another is the mode of inter-cluster communication.In this paper,an energy-balanced unequal clustering(EBUC)protocol is proposed and evaluated.By using the particle swarm optimization(PSO)algorithm,EBUC partitions all nodes into clusters of unequal size,in which the clusters closer to the base station have smaller size.The cluster heads of these clusters can preserve some more energy for the inter-cluster relay traffic and the 'hot-spots' problem can be avoided.For inter-cluster communication,EBUC adopts an energy-aware multihop routing to reduce the energy consumption of the cluster heads.Simulation results demonstrate that the protocol can efficiently decrease the dead speed of the nodes and prolong the network lifetime.     

An efficient anonymous communication protocol for wireless sensor networks

Anonymous communication is very important for many wireless sensor networks, because it can be used to hide the identity of important nodes, such as the base station and a source node. In sensor networks, anonymous communication includes several important aspects, such as source anonymity, communication relationship anonymity, and base station anonymity. Existing sensor network anonymous schemes either cannot achieve all the anonymities or have large computation, storage, and communication overheads. In this paper, we propose an efficient anonymous communication protocol for sensor networks that can achieve all the anonymities while having small overheads on computation, storage, and communication. We compare our anonymous communication protocol with several existing schemes, and the results show that our protocol provides strong anonymity protection and has low overheads. Copyright © 2011 John Wiley & Sons, Ltd.     

A cluster‐based fault‐tolerant routing protocol for wireless sensor networks

Energy conservation and fault tolerance are two critical issues in the deployment of wireless sensor networks (WSNs). Many cluster‐based fault‐tolerant routing protocols have been proposed for energy conservation and network lifetime maximization in WSNs. However, these protocols suffer from high frequency of re‐clustering as well as extra energy consumption to tolerate failures and consider only some very normal parameters to form clusters without any verification of the energy sufficiency for data routing. Therefore, this paper proposes a cluster‐based fault‐tolerant routing protocol referred as CFTR. This protocol allows higher energy nodes to become Cluster Heads (CHs) and operate multiple rounds to diminish the frequency of re‐clustering. Additionally, for the sake to get better energy efficiency and balancing, we introduce a cost function that considers during cluster formation energy cost from sensor node to CH, energy cost from CH to sink, and another significant parameter, namely, number of cluster members in previous round. Further, the proposed CFTR takes care of nodes, which have no CH in their communication range. Also, it introduces a routing algorithm in which the decision of next hop CH selection is based on a cost function conceived to select routes with sufficient energy for data transfer and distribute uniformly the overall data‐relaying load among the CHs. As well, a low‐overhead algorithm to tolerate the sudden failure of CHs is proposed. We perform extensive simulations on CFTR and compare their results with those of two recent existing protocols to demonstrate its superiority in terms of different metrics.     

Accelerating signature-based broadcast authentication for wireless sensor networks

In wireless sensor networks (WSNs), broadcast authentication is a crucial security mechanism that allows a multitude of legitimate users to join in and disseminate messages into the networks in a dynamic and authenticated way. During the past few years, several public-key based multi-user broadcast authentication schemes have been proposed to achieve immediate authentication and to address the security vulnerability intrinsic to μTESLA-like schemes. Unfortunately, the relatively slow signature verification in signature-based broadcast authentication has also incurred a series of problems such as high energy consumption and long verification delay. In this contribution, we propose an efficient technique to accelerate the signature verification in WSNs through the cooperation among sensor nodes. By allowing some sensor nodes to release the intermediate computation results to their neighbors during the signature verification, a large number of sensor nodes can accelerate their signature verification process significantly. When applying our faster signature verification technique to the broadcast authentication in a 4 × 4 grid-based WSN, a quantitative performance analysis shows that our scheme needs 17.7-34.5% less energy and runs about 50% faster than the traditional signature verification method. The efficiency of the proposed technique has been tested through an experimental study on a network of MICAz motes.     

NHRPA: a novel hierarchical routing protocol algorithm for wireless sensor networks

Considering severe resources constraints and security threat hierarchical routing protocol algorithm. The proposed routing of wireless sensor networks （WSN）, the article proposed a novel protocol algorithm can adopt suitable routing technology for the nodes according to the distance of nodes to the base station, density of nodes distribution, and residual energy of nodes. Comparing the proposed routing protocol algorithm with simple direction diffusion routing technology, cluster-based routing mechanisms, and simple hierarchical routing protocol algorithm through comprehensive analysis and simulation in terms of the energy usage, packet latency, and security in the presence of node protocol algorithm is more efficient for wireless sensor networks. compromise attacks, the results show that the proposed routing     

A reliable and energy‐efficient routing protocol for underwater wireless sensor networks

Recently, underwater wireless sensor networks (UWSNs) have attracted much research attention to support various applications for pollution monitoring, tsunami warnings, offshore exploration, tactical surveillance, etc. However, because of the peculiar characteristics of UWSNs, designing communication protocols for UWSNs is a challenging task. Particularly, designing a routing protocol is of the most importance for successful data transmissions between sensors and the sink. In this paper, we propose a reliable and energy‐efficient routing protocol, named R‐ERP²R (Reliable Energy‐efficient Routing Protocol based on physical distance and residual energy). The main idea behind R‐ERP²R is to utilize physical distance as a routing metric and to balance energy consumption among sensors. Furthermore, during the selection of forwarding nodes, link quality towards the forwarding nodes is also considered to provide reliability and the residual energy of the forwarding nodes to prolong network lifetime. Using the NS‐2 simulator, R‐ERP²R is compared against a well‐known routing protocol (i.e. depth‐based routing) in terms of network lifetime, energy consumption, end‐to‐end delay and delivery ratio. The simulation results proved that R‐ERP²R performs better in UWSNs.Copyright © 2012 John Wiley & Sons, Ltd.     

A PUF-based anonymous authentication protocol for wireless medical sensor networks

Wireless Networks - Wireless medical sensor networks (WMSNs) play a major role in remote medical monitoring systems. Generally, in a WMSN, professionals need to obtain real-time physiological data...     

抗DoS攻击的多用户传感器网络广播认证方案

在vBNN-IBS签名基础上提出了一种抗DoS攻击的多用户传感器网络广播认证方案DDA-MBAS,利用散列运算及用户信息进行虚假数据过滤。与现有的多用户传感器网络广播认证方案相比,DDA-MBAS在抵抗节点妥协攻击、主动攻击的基础上,以较低的能耗过滤虚假消息并有效地限制了妥协用户发起的DoS攻击及共谋攻击的安全威胁。     

Cross‐layer MAC design for location‐aware wireless sensor networks

In this paper, we propose an optimization of MAC protocol design for wireless sensor networks, that accounts for cross‐layering information, in terms of location accuracy for nodes and residual energy levels. In our proposed solution we encode this cross‐layer information within a decreasing backoff function in the MAC. The protocol is optimized by appropriately selecting priority window lengths, and we have shown that accurate cross‐layer information plays a crucial role in achieving an optimal performance at the MAC layer level. The estimation accuracy can be characterized spatially using a location reliability probability distribution function. We show that this distribution function greatly influences the design of the optimal backoff window parameters, and the overall throughput performance of the MAC protocol. Copyright © 2010 John Wiley & Sons, Ltd.     

A lightweight intrusion detection framework for wireless sensor networks

In recent years, Wireless Sensor Networks (WSNs) have demonstrated successful applications for both civil and military tasks. However, sensor networks are susceptible to multiple types of attacks because they are randomly deployed in open and unprotected environments. It is necessary to utilize effective mechanisms to protect sensor networks against multiple types of attacks on routing protocols. In this paper, we propose a lightweight intrusion detection framework integrated for clustered sensor networks. Furthermore, we provide algorithms to minimize the triggered intrusion modules in clustered WSNs by using an over‐hearing mechanism to reduce the sending alert packets. Our scheme can prevent most routing attacks on sensor networks. In in‐depth simulation, the proposed scheme shows less energy consumption in intrusion detection than other schemes. Copyright © 2009 John Wiley & Sons, Ltd.     

无线传感器网络协议探究

随着物联网技术的深入发展,无线传感器网络的应用也越来越广泛.然而,无线传感器网络的技术还有待进一步的发展,也促使人们对于无线传感器网络协议的深入探究.本文针对无线传感器网络协议的网络层协议和MAC层协议的分类做了详细的描述和总结,为后续人们进一步研究做好铺垫.     

无线传感器网络分簇路由协议研究

在无线传感器网络中,分簇型路由在路由协议中占据重要的地位,该协议方便拓扑结构管理,能源利用率高,数据融合简单。文章从簇头生成、簇形成和簇路由3个角度对典型的分簇路由算法LEACH,HEED,EEUC,PEGASIS进行了系统描述,从网络生命周期和节点存活数量等方面,对比了其优缺点,结合该领域的研究现状,指出了未来研究的方向。     

Revised anonymous authentication protocol for adaptive client‐server infrastructure

Rapid evolution in information and communication technologies has facilitated us to experience mobile communication in our daily routine. Mobile user can only avail the services from the server, once he/she is able to accomplish authentication process successfully. In the recent past, several researchers have contributed diverse authentication protocols for mobile client‐server environment. Currently, Lu et al designed two‐factor protocol for authenticating mobile client and server to exchange key between them. Lu et al emphasized that their scheme not only offers invincibility against potential security threats but also offers anonymity. Although this article reveals the facts that their protocol is vulnerable against client and server impersonation, man‐in‐the‐middle, server key breach, anonymity violation, client traceability, and session‐specific temporary attacks, therefore, we have enhanced their protocol to mitigate the above mention vulnerabilities. The enhanced protocol's security strength is evaluated through formal and informal security analysis. The security analysis and performance comparison endorses the fact that our protocol is able to offer more security with least possible computation complexity.     

A secure and effective biometric‐based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor

User authentication is a prominent security requirement in wireless sensor networks (WSNs) for accessing the real‐time data from the sensors directly by a legitimate user (external party). Several user authentication schemes are proposed in the literature. However, most of them are either vulnerable to different known attacks or they are inefficient. Recently, Althobaiti et al. presented a biometric‐based user authentication scheme for WSNs. Although their scheme is efficient in computation, in this paper, we first show that their scheme has several security pitfalls such as (i) it is not resilient against node capture attack; (ii) it is insecure against impersonation attack; and (iii) it is insecure against man‐in‐the‐middle attack. We then aim to propose a novel biometric‐based user authentication scheme suitable for WSNs in order to withstand the security pitfalls found in Althobaiti et al. scheme. We show through the rigorous security analysis that our scheme is secure and satisfies the desirable security requirements. Furthermore, the simulation results for the formal security verification using the most widely used and accepted Automated Validation of Internet Security Protocols and Applications tool indicate that our scheme is secure. Our scheme is also efficient compared with existing related schemes. Copyright © 2015 John Wiley & Sons, Ltd.     

无线传感器网络中的“双重”身份验证

如今,无线传感器网络是一种新的和有前途的下一代实时无线监控应用的解决方案。如果在考虑部署传感器网络之前没有适当的安全考虑,可以成为一个威胁。但是,如果有任何安全漏洞,即可能向攻击者敞开了大门并且危害应用。因此,用户身份验证的核心要求之一,以防止未经授权的无线传感器网络的数据访问用户。在这方面提出一个有效的双重身份验证的无线传感器网络,它是基于密码和智能卡（双重）。计划提供了相互认证,使用户能够选择和频繁地改变自己密码。再者,通过合理计算成本,提供强大的保护防止不同类型的攻击。     

A lightweight,self‐adaptive lock gate designation scheme for data collection in long‐thin wireless sensor networks

Constrained by the physical environments, the long‐thin topology has recently been promoted for many practical deployments of wireless sensor networks (WSNs). In general, a long‐thin topology is composed of a number of long branches of sensor nodes, where along a branch each sensor node has only one potential parent node toward the sink node. Although data aggregation may alleviate excessive packet contention, the maximum payload size of a packet and the dynamically changing traffic loads may severely affect the amount of sensor readings that may be collected along a long branch of sensor nodes. In addition, many practical applications of long‐thin WSNs demand the exact sensor readings at each location along the deployment areas for monitoring and analysis purposes, so sensor readings may not be aggregated when they are collected. This paper proposes a lightweight, self‐adaptive scheme that designates multiple collection nodes, termed lock gates, along a long‐thin network to collect sensor readings sent from their respective upstream sensor nodes. The self‐adaptive lock gate designation scheme balances between the responsiveness and the congestion of data collection while mitigating the funneling effect. The scheme also dynamically adapts the designation of lock gates to accommodate the time‐varying sensor reading generation rates of different sensor nodes. A testbed of 100 Jennic sensor nodes is developed to demonstrate the effectiveness of the proposed lock gate designation scheme. Copyright © 2011 John Wiley & Sons, Ltd.