基于高斯分布的传感器网络信誉模型

融合了密码学、经济学、统计学、数据分析等相关领域的知识来建立可信传感器网络.探讨了一种基于高斯分布的传感器网络信誉模型(GRFSN,Gauss reputation framework for sensor network)描述方法.通过对高斯概率分布与信誉分布的拟合分析与证明,证实了用高斯分布建立信誉模型的途径是可行的.通过仿真实验,说明了高斯分布可更好地保持信誉稳定性和表达信任更加直观等特点,实验也显示了GRFSN模型具有更强的识别故障和抵御信誉恶意攻击能力的优越性.     

Byzantine robust trust establishment for mobile ad hoc networks

In a mobile ad hoc network (MANET), the nodes act both as traffic sources and as relays that forward packets from other nodes along multi-hop routes to the destination. Such networks are suited to situations in which a wireless infrastructure is unavailable, infeasible, or prohibitively expensive. However, the lack of a secure, trusted infrastructure in such networks make secure and reliable packet delivery very challenging. A given node acting as a relay may exhibit Byzantine behavior with respect to packet forwarding, i.e., arbitrary, deviant behavior, which disrupts packet transmission in the network. For example, a Byzantine node may arbitrarily choose to drop or misroute a certain percentage of the packets that are passed to it for forwarding to the next hop. In earlier work, we proposed a trust establishment framework, called Hermes, which enables a given node to determine the “trustworthiness” of other nodes with respect to reliable packet delivery by combining first-hand trust information obtained independently of other nodes and second-hand trust information obtained via recommendations from other nodes. A deficiency of the Hermes scheme is that a node can fail to detect certain types of Byzantine behavior, such as packet misforwarding directed at a particular source node. In this paper, we propose new mechanisms to make Hermes robust to Byzantine behavior and introduce a punishment policy that discourages selfish node behavior. We present simulation results that demonstrate the effectiveness of the proposed scheme in a variety of scenarios involving Byzantine nodes that are malicious both with respect to packet forwarding and trust propagation.     

Hybrid trust and reputation management for sensor networks

Wireless sensor networks are characterised by the distributed nature of their operation and the resource constraints on the nodes. Trust management schemes that are targeted at sensor networks need to be lightweight in terms of computational and communication requirements, yet powerful in terms of flexibility in managing trust between nodes of heterogeneous deployments. In this paper, we propose a trust management model that can uniformly support the needs of nodes with highly diverse network roles and capabilities, by exploiting the pre-deployment knowledge on the network topology and the information flows, and by allowing for flexibility in the trust establishment process. The model is hybrid, combining aspects from certificate-based and behaviour-based approaches on trust establishment on common evaluation processes and metrics. It enables controlled trust evolution based on network pre-configuration, and controlled trust revocation through the propagation of behaviour evaluation results made available by supervision networks. The proposed model and trust metrics have been validated through simulation. The results and analysis demonstrate its effectiveness in managing the trust relationships between nodes and clusters, while distributing the computational cost of trust evaluation operations.     

Authenticated symmetric-key establishment for medical body sensor networks

This study concerns security issues of the emerging Wireless Body Sensor Network (WBSN) formed by biomedical sensors worn on or implanted in the human body for mobile healthcare appli-cations. A novel authenticated symmetric-key establishment scheme is proposed for WBSN,which fully exploits the physiological features obtained by network entities via the body channel available in WBSN but not other wireless networks. The self-defined Intrinsic Shared Secret (ISS) is used to replace the pre-deployment of secrets among network entities,which thus eliminates centralized services or au-thorities essential in existing protocols,and resolves the key transport problem in the pure symmet-ric-key cryptosystem for WBSN as well. The security properties of the proposed scheme are demon-strated in terms of its attack complexity and the types of attacks it can resist. Besides,the scheme can be implemented under a light-weight way in WBSN systems. Due to the importance of the ISS concept,the analysis on using false acceptance/false rejection method to evaluate the performance of ISS for its usage in the scheme is also demonstrated.     

容忍入侵的无线传感器网络模糊信任评估模型

针对无线传感器网络的"数据感知融合"和"数据转发"两类关键服务面临的内部攻击,提出了一种基于信任-信心值的二元组模糊信任评估模型,可有效识别路由和数据分组丢弃攻击,并通过限制数据的篡改范围,实现对难以发现的数据篡改攻击的容忍.以示例给出并分析了基于模糊信任模型的容忍入侵机制,以仿真实验说明了模糊信任模型针对路由和数据分组丢弃攻击在入侵节点与普通节点分类上的效果;最后分析了模糊信任模型对网络性能的影响,并阐述了与相关工作的异同.     

ProTru: a provenance‐based trust architecture for wireless sensor networks

Trust is an important component of wireless sensor networks for believability of the produced data, and trust history is a crucial asset in deciding trust of the data. In this paper, we show how provenance can be used for registering previous trust records and other information such as node type, data type, and node location. Our aim is to design a distributed trust‐enhancing architecture using only local provenance during sensor fusion with a low communication overhead. Our network is cognitive in the sense that our system reacts automatically upon detecting low trust. Copyright © 2016 John Wiley & Sons, Ltd.     

Towards a classification of energy aware MAC protocols for wireless sensor networks

Power management is an important issue in wireless sensor networks (WSNs) because wireless sensor nodes are usually battery powered, and an efficient use of the available battery power becomes an important concern specially for those applications where the system is expected to operate for long durations. This necessity for energy efficient operation of a WSN has prompted the development of new protocols in all layers of the communication stack. Provided that, the radio transceiver is the most power consuming component of a typical sensor node, large gains can be achieved at the link layer where the medium access control (MAC) protocol controls the usage of the radio transceiver unit. MAC protocols for sensor networks differ greatly from typical wireless networks access protocols in many issues. MAC protocols for sensor networks must have built‐in power conservation, mobility management, and failure recovery strategies. Furthermore, sensor MAC protocols should make performance trade‐off between latency and throughput for a reduction in energy consumption to maximize the lifetime of the network. This is in general achieved through duty cycling the radio transceiver. Many MAC protocols with different objectives were proposed for wireless sensor networks in the literature. Most of these protocols take into account the energy efficiency as a main objective. There is much more innovative work should be done at the MAC layer to address the hard unsolved problems. In this paper, we first outline and discuss the specific requirements and design trade‐offs of a typical wireless sensor MAC protocol by describing the properties of WSN that affect the design of MAC layer protocols. Then, a typical collection of wireless sensor MAC protocols presented in the literature are surveyed, classified, and described emphasizing their advantages and disadvantages whenever possible. Finally, we present research directions and identify open issues for future medium access research. Copyright © 2009 John Wiley & Sons, Ltd.     

A trust enhanced secure clustering framework for wireless ad hoc networks

Secure clustering in Wireless Ad Hoc Networks is a very important issue. Traditional cryptographic solution is useless against threats from internal compromised nodes. In light of this, we propose a novel distributed secure trust aware clustering protocol that provides secure solution for data delivery. A trust model is proposed that computes the trust of a node using self and recommendation evidences of its one-hop neighbors. Therefore, it is lightweight in terms of computational and communication requirements, yet powerful in terms of flexibility in managing trust. In addition, the proposed clustering protocol organizes the network into one-hop disjoint clusters and elects the most qualified, trustworthy node as a Clusterhead. This election is done by an authenticated voting scheme using parallel multiple signatures. Analysis of the protocol shows that it is more efficient and secure compared to similar existing schemes. Simulation results show that proposed protocol outperforms the popular ECS, CBRP and CBTRP in terms of throughput and packet delivery ratio with a reasonable communication overhead and latency in presence of malicious nodes.     

Adaptive and dual data-communication trust scheme for clustered wireless sensor networks

In wireless sensor networks, trust management schemes are designed to preserve them against misbehavior of malicious sensor nodes. These schemes observe the behavior of nodes, check their conformity to what is expected, compute and assign them trust values, and avoid any interaction with untrustworthy nodes. In this paper, we introduce Adaptive and dual Data-Communication Trust scheme (ADCT) for clustered wireless sensor networks to effectively deal with untrustworthy nodes. Unlike prior works, we propose an adaptive trust function to assess the direct trust between nodes according to the application’s requirement in terms of trust severity. We also consider data trust to cope with untrustworthy nodes during the data collection despite their communication capabilities. Moreover, we use the duality data-communication trust to deal with untrustworthy recommendations when building cluster-member’s feedback at the cluster-head level. Theoretical analysis and simulation show that the trust mechanism presented in this paper provides a better cooperation with the same or even lower communication overhead compared to the latest trust management schemes proposed for clustered wireless sensor networks.     

A lightweight intrusion detection framework for wireless sensor networks

In recent years, Wireless Sensor Networks (WSNs) have demonstrated successful applications for both civil and military tasks. However, sensor networks are susceptible to multiple types of attacks because they are randomly deployed in open and unprotected environments. It is necessary to utilize effective mechanisms to protect sensor networks against multiple types of attacks on routing protocols. In this paper, we propose a lightweight intrusion detection framework integrated for clustered sensor networks. Furthermore, we provide algorithms to minimize the triggered intrusion modules in clustered WSNs by using an over‐hearing mechanism to reduce the sending alert packets. Our scheme can prevent most routing attacks on sensor networks. In in‐depth simulation, the proposed scheme shows less energy consumption in intrusion detection than other schemes. Copyright © 2009 John Wiley & Sons, Ltd.     

A dynamic reconfigurable routing framework for wireless sensor networks

Sensornet deployments of the future are expected to deliver a multitude of services, ranging from reliable sensing, real time streams, mission critical support, network reprogramming and so on. Naturally, no one routing protocol can sufficiently cater to the network layer functionalities expected. Severe resource constraints further limit the possibility of multiple routing protocols to be implemented. Further, vertically integrated designs of present protocols hinder synergy and code-reuse among implementations. In this paper, we present an architecture that allows applications to send different types of flows, often with conflicting communication requirements. A flow’s requirements are made visible to our framework by using just 3 bits in the packet header. The core architecture is a collection of highly composable modules that allows rapid protocol development and deployment. We show that our framework can provide: (i) flow based network functionality that ensures each flow gets an application specific network layer which is dynamically knit as per the flow’s needs, (ii) modular organization that promotes code-reuse, run time sharing, synergy and rapid protocol development and (iii) pull processing that allows flows to dictate their traffic rate in the network, and implement flexible scheduling policies. This creates a framework for developing, testing, integrating, and validating protocols that are highly portable from one deployment to another. Using our framework, we show that virtually any communication pattern can be described to the framework. We validate this by gathering requirements for one real world application scenario: predictive maintenance (PdM). The requirements are used to generate a fairly complete and realistic traffic workload to drive our evaluation. Using simulations and 40 node MicaZ testbed experiments, we show that our framework can meet the deployments demands at granularities not seen before in sensornets. We measure the costs of using this framework in terms of code size, memory footprints and forwarding costs on MicaZ motes.     

HIKES: Hierarchical key establishment scheme for wireless sensor networks

This paper presents a hierarchical key establishment scheme called HIKES. The base station in this scheme, acting as the central trust authority, empowers randomly selected sensors to act as local trust authorities authenticating, on its behalf, the cluster members and issuing private keys. HIKES uses a partial key escrow scheme that enables any sensor node selected as a cluster head to generate all the cryptographic keys needed to authenticate other sensors within its cluster. This scheme localizes secret key issuance and reduces the communication cost with the base station. HIKES provides an efficient broadcast authentication in which source authentication is achieved in a single transmission and a good defense for the routing mechanism. HIKES defends the routing mechanism against most known attacks and is robust against node compromise. HIKES also provides high addressing flexibility and network connectivity to all sensors in the network, allowing sensor addition and deletion. Simulation results have shown that HIKES provides an energy‐efficient and scalable solution to the key management problem. Copyright © 2012 John Wiley & Sons, Ltd.     

ReTrust: attack-resistant and lightweight trust management for medical sensor networks

Wireless medical sensor networks (MSNs) enable ubiquitous health monitoring of users during their everyday lives, at health sites, without restricting their freedom. Establishing trust among distributed network entities has been recognized as a powerful tool to improve the security and performance of distributed networks such as mobile ad hoc networks and sensor networks. However, most existing trust systems are not well suited for MSNs due to the unique operational and security requirements of MSNs. Moreover, similar to most security schemes, trust management methods themselves can be vulnerable to attacks. Unfortunately, this issue is often ignored in existing trust systems. In this paper, we identify the security and performance challenges facing a sensor network for wireless medical monitoring and suggest it should follow a two-tier architecture. Based on such an architecture, we develop an attack-resistant and lightweight trust management scheme named ReTrust. This paper also reports the experimental results of the Collection Tree Protocol using our proposed system in a network of TelosB motes, which show that ReTrust not only can efficiently detect malicious/faulty behaviors, but can also significantly improve the network performance in practice.     

Combining trust with location information for routing in wireless sensor networks

As the applications of wireless sensor networks proliferate, the efficiency in supporting large sensor networks and offering security guarantees becomes an important requirement in the design of the relevant networking protocols. Geographical routing has been proven to efficiently cope with large network dimensions while trust management schemes have been shown to assist in defending against routing attacks. Once trust information is available for all network nodes, the routing decisions can take it into account, i.e. routing can be based on both location and trust attributes. In this paper, we investigate different ways to incorporate trust in location‐based routing schemes and we propose a novel way of balancing trust and location information. Computer simulations show that the proposed routing rule exhibits excellent performance in terms of delivery ratio, latency time and path optimality. Copyright © 2010 John Wiley & Sons, Ltd.     

SAKE: Software attestation for key establishment in sensor networks

This paper presents a protocol called Software Attestation for Key Establishment (SAKE), for establishing a shared key between any two neighboring nodes of a sensor network. SAKE guarantees the secrecy and authenticity of the key that is established, without requiring any prior authentic or secret cryptographic information in either node. In other words, the attacker can read and modify the entire memory contents of both nodes before SAKE executes. Further, to the best of our knowledge, SAKE is the only protocol that can perform key re-establishment after sensor nodes are compromised, because the presence of the attacker’s code in the memory of either protocol participant does not compromise the security of SAKE. Also, the attacker can perform any active or passive attack using an arbitrary number of malicious, colluding nodes. SAKE does not require any hardware modification to the sensor nodes, human mediation, or secure side channels. However, we do assume the setting of a computationally-limited attacker that does not introduce its own computationally-powerful nodes into the sensor network.SAKE is based on Indisputable Code Execution (ICE), a primitive we introduce in previous work to dynamically establish a trusted execution environment on a remote, untrusted sensor node.     

An efficient and flexible MPLS signaling framework for mobile networks

Multiprotocol Label Switching (MPLS) has gained momentum in recent years as an effective tool to provide Quality of Service (QoS) in a variety of networks. This has in turn created active interest in the area of recovery in MPLS based networks. A number of recovery schemes for MPLS domains have been proposed in recent years. However, the current schemes lack support for recovery in dynamic network topologies. In this paper, a new flexible signaling protocol for LSP rerouting in dynamic network environments is introduced. The signaling protocol recovers from node and link failures reactively, taking a local approach to LSP reestablishment. The performance of the signaling protocol is evaluated through simulations. Results indicate that the protocol can effectively and efficiently handle rerouting in dynamic networks with a low protocol signaling overhead as compared to contemporary MPLS rerouting protocols. This would enable the MPLS based IP-QoS support mechanisms to extend to dynamic network topologies. A preliminary version of this work was presented at the 2004 IEEE International Conference on Communications, Paris. Ramprasad Nagarajan has received his B.E. degree in Electronics and Telecommunications from Pune University, India in 1999. He received his M.S. degree in Electrical and Computer Engineering from the Ohio State University, Columbus, OH in 2004. Currently, he is a Wireless Network Engineer in Nortel Networks, specializing in the area of network architecture and design of wireless packet core networks. Ramprasad’s current research interests include the study of wireless network evolution trends, next generation wireless networks, network capacity planning, performance analysis, and optimization. He is a member of the IEEE. Eylem Ekici has received his B.S. and M.S. degrees in Computer Engineering from Bogazici University, Istanbul, Turkey, in 1997 and 1998, respectively. He received his Ph.D. degree in Electrical and Computer Engineering from Georgia Institute of Technology, Atlanta, GA, in 2002. Currently, he is an assistant professor in the Department of Electrical and Computer Engineering of the Ohio State University, Columbus, OH. Dr. Ekici’s current research interests include wireless sensor networks, vehicular communication systems, next generation wireless systems, and space-based networks, with a focus on routing and medium access control protocols, resource management, and analysis of network architectures and protocols. He also conducts research on interfacing of dissimilar networks.     

Information theoretic framework of trust modeling and evaluation for ad hoc networks

The performance of ad hoc networks depends on cooperation and trust among distributed nodes. To enhance security in ad hoc networks, it is important to evaluate trustworthiness of other nodes without centralized authorities. In this paper, we present an information theoretic framework to quantitatively measure trust and model trust propagation in ad hoc networks. In the proposed framework, trust is a measure of uncertainty with its value represented by entropy. We develop four Axioms that address the basic understanding of trust and the rules for trust propagation. Based on these axioms, we present two trust models: entropy-based model and probability-based model, which satisfy all the axioms. Techniques of trust establishment and trust update are presented to obtain trust values from observation. The proposed trust evaluation method and trust models are employed in ad hoc networks for secure ad hoc routing and malicious node detection. A distributed scheme is designed to acquire, maintain, and update trust records associated with the behaviors of nodes' forwarding packets and the behaviors of making recommendations about other nodes. Simulations show that the proposed trust evaluation system can significantly improve the network throughput as well as effectively detect malicious behaviors in ad hoc networks.     

一种节省能量的水声传感器网络组织结构与协议

本文为水声传感器网络提出了一种基于簇间协商的事件报告策略,网络节点以簇的形式组织起来,多址接入协议采用了一种适合水声环境的TDMA/CDMA混合式协议,建立了由簇头与网关组成的用于簇间通信的主干链路。仿真结果表明,基于簇间协商的事件报告策略能有效减少网络中的冗余通信量从而延长网络寿命。