An identity-based key agreement scheme for large scale sensor networks

To solve the problems of high memory occupation, low connectivity and poor resiliency against node capture, which existing in the random key pre-distribution techniques while applying to the large scale Wireless Sensor Networks （WSNs）, an Identity-Based Key Agreement Scheme （IBKAS） is proposed based on identity-based encryption and Elliptic Curve Diffie-Hellman （ECDH）. IBKAS can resist man-in-the-middle attacks and node-capture attacks through encrypting the key agreement parameters using identity-based encryption. Theoretical analysis indicates that comparing to the random key pre-distribution techniques, IBKAS achieves significant improvement in key connectivity, communication overhead, memory occupation, and security strength, and also enables efficient secure rekcying and network expansion. Furthermore, we implement IBKAS for TinyOS-2.1.2 based on the MICA2 motes, and the experiment results demonstrate that IBKAS is feasible for infrequent key distribution and rekeying for large scale sensor networks.     

A dual-mode energy efficient encryption protocol for wireless sensor networks

This paper presents a novel link-layer encryption protocol for wireless sensor networks. The protocol design aims to reduce energy consumption by reducing security related communication overhead. This is done by merging security related data of consecutive packets. The merging (or combining packets) based on simple mathematical operations helps to reduce energy consumption by eliminating the requirement to send security related fields in headers and trailers. We name our protocol as the Compact Security Protocol referred to as C-Sec. In addition to energy savings, the C-Sec protocol also includes a unique security feature of hiding the packet header information. This feature makes it more difficult to trace the flow of wireless communication, and helps to minimize the cost of defending against replay attacks. We performed rigorous testing of the C-Sec protocol and compared it with well-known protocols including TinySec, MiniSec, SNEP and Zigbee. Our performance evaluation demonstrates that the C-Sec protocol outperforms other protocols in terms of energy savings. We also evaluated our protocol with respect to other performance metrics including queuing delay and error probability.     

网络安全的回顾与展望

文章分析了网络安全问题的现状,系统地介绍了网络安全系统的设计原则,提出了一种新的网络安全模型P~2DR,并详细阐述了网络安全的未来发展趋势。     

A Key Pre-distribution Scheme for Wireless Sensor Networks Using Hexagonal Deployment knowledge

To insure security for the messages sent among sensor nodes, it is important to establish keys for encryption to nodes which have had no prior direct contact with each other in wireless sensor networks. To solve the problem above, several key pre-distribution schemes have been proposed. In this paper, we present a novel key pre-distribution scheme using hexagonal deployment knowledge, in which the q-composite keys scheme has been improved. By using hexagonal division over the deploy- ment region, the probability of sharing common keys be- tween each sub-region and its neighboring sub-regions are equal, so the keys for encryption can be generated efficiently. The analytic results show that the scheme we pre-sented can achieve a higher connection probability of any two neighboring nodes than previous schemes, and net- work resilience against node capture can be substantially improved.     

DRMA： A Dynamically Reconfigurable Management Architecture for Wireless Sensor Networks

Wireless sensor networks (WSN) is uniquely characterized by its limited resources and often deployed in remote and harsh environments. It is highly dynamic, prone to faults and usually kept unattended. Therefore, proper management of WSN and its limited resources is highly desirable for an effective and efficient functioning of the network. By introducing state machines and publish/subscribe scheme, a light-weight and dynamically reconfigurable management architecture for WSN is proposed, which is called DRMA. By dynamically configuring the data collection mode and processing method, it supports application dynamics and new application additions, which in practice are very desirable to make applications better meet a big diversity of real needs. The result of simulation shows that DRMA can collection and process data timely and accurately.     

一种有效的无线传感器网络密钥协商方案

 针对无线传感器网络能量、计算能力、存储空间以及带宽等局限性问题,提出了一种适合无线传感器网络的密钥协商方案EKASFWSN(Efficient Key Agreement Scheme for Wireless Sensor Networks).该方案首先运用身份加密(IBE)算法预置网络系统参数并通过计算获得节点的相关参数;然后节点使用组播技术向邻居节点广播其ID号并利用Diffie-Hellman密钥交换技术和IBE算法安全地交换节点间的相关参数、计算节点的密钥;最后利用计算获得的节点间共享密钥使用对称密码方法对网络消息进行加、解密.与目前在WSNS研究中比较流行的传统网络密钥协商方案进行的理论分析和仿真实验,结果表明:EKASFWSN方案较好的解决了无线传感器网络在计算能力、能量、存储空间和带宽等方面的局限性问题;并通过密钥交换和身份加密等技术提高了节点通信的安全.     

基于粒子群算法的无线传感器网络优化研究

无线传感器网络（WSN）在多个领域得到了广泛应用,但其能效、数据传输效率和网络生命周期始终是研究的重点。针对这些挑战,文中提出了一种基于粒子群优化算法（PSO）的无线传感器网络。通过构建一个包含能效优化、数据传输效率和网络生命周期管理的网络框架,全面提升了网络的性能。能效优化模块通过动态功率管理和负载均衡,显著降低了能耗;数据传输效率模块通过数据压缩和优先级调度,保证了数据的快速可靠传输;网络生命周期管理模块则通过节点睡眠调度和网络拓扑动态调整,延长了网络的运行周期。粒子群算法在这一过程中起到了关键作用,其通过智能搜索策略,优化了各模块的参数设置和操作策略。实验结果表明,该方法在节能、提高数据传输效率和延长网络生命周期方面具备显著成效,有效缓解了无线传感器网络在实际应用中面临的问题。     

Range-Based Sleep Scheduling (RBSS) for Wireless Sensor Networks

Sleep scheduling in a wireless sensor network is the process of deciding which nodes are eligible to sleep (enter power-saving mode) after random deployment to conserve energy while retaining network coverage. Most existing approaches toward this problem require sensor’s location information, which may be impractical considering costly locating overheads. This paper proposes range-based sleep scheduling (RBSS) protocol which needs sensor-to-sensor distance but no location information. RBSS attempts to approach an optimal sensor selection pattern that demands the fewest working (awake) sensors. Simulation results indicate that RBSS is comparable to its location-based counterpart in terms of coverage quality and the reduction of working sensors.

基于等概率路由模型的传感器网络负载均衡研究

无线传感器网络的能耗效率与流量负载分布密切相关。论文从微观角度研究了无线传感器网络的负载均衡问题。基于等概率路由模型,分析了拓扑传输结构对于感知数据流量的分流作用。根据分析结果,提出了多对一传输模式下任意节点负载密度的定义和算法。分析了节点的负载密度与传感器网络生命期的关系,进一步论证了在多对一的多跳传感器网络中不能实现完全的负载均衡,但是通过设计合理的拓扑结构可以实现准负载均衡。仿真结果说明,从微观角度得到的节点负载密度可以准确描述无线传感器网络的流量负载分布,由此得到的准负载均衡条件也能实现绝大多数节点的负载均衡。     

数据加密技术在计算机网络安全中的应用

网络数据加密技术是通过复杂的数学算法将数字信息进行加密,然后进行传输或存储的一种网络安全防御技术。数据加密不仅在数据传输和存储中提供了强大的防护,使未经授权的访问者难以窃取、理解或篡改数据,也在防范中间人攻击,拒绝服务攻击等方面发挥了关键作用。文中通过探讨数据加密技术在网络安全中的关键作用,综合剖析了计算机网络安全的脉络,并揭示了数据加密技术在抵御多样化网络威胁中的不可或缺的地位,旨在为从业者提供防范网络安全的应对策略。     

无线传感器网络中带消息恢复机制的PBC广播认证协议

为了在无线传感器网络(WSN)中保证安全等级的情况下最小化通信和计算成本,提出了一种带消息恢复机制的基于配对密码学的广播认证协议。该机制不需要同时传输原始签名信息和新生成的签名信息,认证/消息恢复过程能自动恢复原始签名信息。首先初始化系统,基站产生系统参数;然后用户从基站获取密钥,访问WSN;最后当用户需要广播消息给WSN时,用户使用包含消息恢复机制的身份签名(IBS)协议写下签名消息,生成签名后进行消息广播。实验性能分析表明,与IMBAS和IDBAS相比,本文协议的广播消息大小分别减少了30%和22.3%,在112比特位安全等级,总能耗至少减少30%左右,在80比特位安全等级至少可降低15%的总能耗。     

GSM向3G演进系统安全的改进

介绍了GSM向3G过渡时期GSM用户的认证与密钥协商过程,分析了GSM用户对3G系统的安全威胁,并对GSM用户接入3G系统提出了改进认证与加密算法。它可以有效防止攻击者假冒合法GSM用户滥用UTRAN网络资源,并可以保证用户的通信安全。     

Connectivity maintenance and coverage preservation in wireless sensor networks

In wireless sensor networks, one of the main design challenges is to save severely constrained energy resources and obtain long system lifetime. Low cost of sensors enables us to randomly deploy a large number of sensor nodes. Thus, a potential approach to solve lifetime problem arises. That is to let sensors work alternatively by identifying redundant nodes in high-density networks and assigning them an off-duty operation mode that has lower energy consumption than the normal on-duty mode. In a single wireless sensor network, sensors are performing two operations: sensing and communication. Therefore, there might exist two kinds of redundancy in the network. Most of the previous work addressed only one kind of redundancy: sensing or communication alone. Wang et al. [Intergrated Coverage and Connectivity Configuration in Wireless Sensor Networks, in: Proceedings of the First ACM Conference on Embedded Networked Sensor Systems (SenSys 2003), Los Angeles, November 2003] and Zhang and Hou [Maintaining Sensing Coverage and Connectivity in Large Sensor Networks. Technical report UIUCDCS-R-2003-2351, June 2003] first discussed how to combine consideration of coverage and connectivity maintenance in a single activity scheduling. They provided a sufficient condition for safe scheduling integration in those fully covered networks. However, random node deployment often makes initial sensing holes inside the deployed area inevitable even in an extremely high-density network. Therefore, in this paper, we enhance their work to support general wireless sensor networks by proving another conclusion: “the communication range is twice of the sensing range” is the sufficient condition and the tight lower bound to ensure that complete coverage preservation implies connectivity among active nodes if the original network topology (consisting of all the deployed nodes) is connected. Also, we extend the result to k-degree network connectivity and k-degree coverage preservation.     

数据加密技术在网络数据信息安全中的应用

在数字化时代,数据加密技术已成为网络信息安全的关键屏障。文中重点研究了数据加密技术在网络安全中的应用,包括通信加密、数据存储加密和端到端加密。通过对现有加密算法的分析和实际应用探讨,展示了数据加密在保障信息传输安全和隐私保护中的重要性。此外,还探讨了当前数据加密技术面临的主要挑战,如量子计算的威胁和算法破解技术的进展,并提出了相应的对策,旨在为未来的研究和应用提供方向。     

Controlled sink mobility for prolonging wireless sensor networks lifetime

This paper demonstrates the advantages of using controlled mobility in wireless sensor networks (WSNs) for increasing their lifetime, i.e., the period of time the network is able to provide its intended functionalities. More specifically, for WSNs that comprise a large number of statically placed sensor nodes transmitting data to a collection point (the sink), we show that by controlling the sink movements we can obtain remarkable lifetime improvements. In order to determine sink movements, we first define a Mixed Integer Linear Programming (MILP) analytical model whose solution determines those sink routes that maximize network lifetime. Our contribution expands further by defining the first heuristics for controlled sink movements that are fully distributed and localized. Our Greedy Maximum Residual Energy (GMRE) heuristic moves the sink from its current location to a new site as if drawn toward the area where nodes have the highest residual energy. We also introduce a simple distributed mobility scheme (Random Movement or RM) according to which the sink moves uncontrolled and randomly throughout the network. The different mobility schemes are compared through extensive ns2-based simulations in networks with different nodes deployment, data routing protocols, and constraints on the sink movements. In all considered scenarios, we observe that moving the sink always increases network lifetime. In particular, our experiments show that controlling the mobility of the sink leads to remarkable improvements, which are as high as sixfold compared to having the sink statically (and optimally) placed, and as high as twofold compared to uncontrolled mobility. Stefano Basagni holds a Ph.D. in electrical engineering from the University of Texas at Dallas (December 2001) and a Ph.D. in computer science from the University of Milano, Italy (May 1998). He received his B.Sc. degree in computer science from the University of Pisa, Italy, in 1991. Since Winter 2002 he is on faculty at the Department of Electrical and Computer Engineering at Northeastern University, in Boston, MA. From August 2000 to January 2002 he was professor of computer science at the Department of Computer Science of the Erik Jonsson School of Engineering and Computer Science, The University of Texas at Dallas. Dr. Basagni’s current research interests concern research and implementation aspects of mobile networks and wireless communications systems, Bluetooth and sensor networking, definition and performance evaluation of network protocols and theoretical and practical aspects of distributed algorithms. Dr. Basagni has published over four dozens of referred technical papers and book chapters. He is also co-editor of two books. Dr. Basagni served as a guest editor of the special issue of the Journal on Special Topics in Mobile Networking and Applications (MONET) on Multipoint Communication in Wireless Mobile Networks, of the special issue on mobile ad hoc networks of the Wiley’s Interscience’s Wireless Communications & Mobile Networks journal, and of the Elsevier’s journal Algorithmica on algorithmic aspects of mobile computing and communications. Dr. Basagni serves as a member of the editorial board and of the technical program committee of ACM and IEEE journals and international conferences. He is a senior member of the ACM (including the ACM SIGMOBILE), senior member of the IEEE (Computer and Communication societies), and member of ASEE (American Society for Engineering Education). Alessio Carosi received the M.S. degree “summa cum laude” in Computer Science in 2004 from Rome University “La Sapienza.” He is currently a Ph.D. candidate in Computer Science at Rome University “La Sapienza.” His research interests include protocols for ad hoc and sensor networks, underwater systems and delay tolerant networking. Emanuel Melachrinoudis received the Ph.D. degree in industrial engineering and operations research from the University of Massachusetts, Amherst, MA. He is currently the Director of Industrial Engineering and Associate Chairman of the Department of Mechanical and Industrial Engineering at Northeastern University, Boston, MA. His research interests are in the areas of network optimization and multiple criteria optimization with applications to telecommunication networks, distribution networks, location and routing. He is a member of the Editorial Board of the International Journal of Operational Research. He has published in journals such as Management Science, Transportation Science, Networks, European Journal of Operational Research, Naval Research Logistics and IIE Transactions. Chiara Petrioli received the Laurea degree “summa cum laude” in computer science in 1993, and the Ph.D. degree in computer engineering in 1998, both from Rome University “La Sapienza,” Italy. She is currently Associate Professor with the Computer Science Department at Rome University “La Sapienza.” Her current work focuses on ad hoc and sensor networks, Delay Tolerant Networks, Personal Area Networks, Energy-conserving protocols, QoS in IP networks and Content Delivery Networks where she contributed around sixty papers published in prominent international journals and conferences. Prior to Rome University she was research associate at Politecnico di Milano and was working with the Italian Space agency (ASI) and Alenia Spazio. Dr. Petrioli was guest editor of the special issue on “Energy-conserving protocols in wireless Networks” of the ACM/Kluwer Journal on Special Topics in Mobile Networking and Applications (ACM MONET) and is associate editor of IEEE Transactions on Vehicular Technology, the ACM/Kluwer Wireless Networks journal, the Wiley InterScience Wireless Communications & Mobile Computing journal and the Elsevier Ad Hoc Networks journal. She has served in the organizing committee and technical program committee of several leading conferences in the area of networking and mobile computing including ACM Mobicom, ACM Mobihoc, IEEE ICC,IEEE Globecom. She is member of the steering committee of ACM Sensys and of the international conference on Mobile and Ubiquitous Systems: Networking and Services (Mobiquitous) and serves as member of the ACM SIGMOBILE executive committee. Dr. Petrioli was a Fulbright scholar. She is a senior member of IEEE and a member of ACM. Z. Maria Wang received her Bachelor degree in Electrical Engineering with the highest honor from Beijing Institute of Light Industry in China, her M.S. degree in Industrial Engineering/Operations Research from Dalhousie University, Canada and her Ph.D. in Industrial Engineering/Operations Research from Northeastern University, Boston. She served as a R&D Analyst for General Dynamics. Currently MS. Wang serves as an Optimization Analyst with Nomis Solutions, Inc.     

WMSN的半依赖基站密钥管理方案

由于传统的WSN密钥管理方案,并没有考虑到无线多媒体节点的特殊性,文章提出半依赖基站密钥管理方案。该方案将密钥的产生和分发放在多媒体节点上,而sink节点采用延时认证方法负责所有节点的认证。通过分析后,该密钥管理方案符合安全性要求,并且具有较高的连通性,保证多媒体传感器网络安全高效运行。     

无线传感器网络中基于概率的能量平衡算法

各传感器节点的能耗不平衡严重地影响了无线传感器网络的生命周期。该文提出了基于传输概率的能量平衡算法。首先把圆形区域网络模型划分成若干圆环,每一圆环中的传感器节点以混合传输的方式传输数据。其次,为使每个传感器节点能耗均衡,提出了一种混合传输概率求解算法,获得一组传输概率决定节点传输数据的方式,从而更好地平衡网络能耗。然后对圆环宽度进行了分析和优化。仿真结果证明这些算法可以有效地降低网络能耗,延长网络生命周期。     

局域网通讯安全的实现

尽管当前有许多维护网络安全的策略,但是局域网内部通讯安全却往往被忽略,文章首先分析当前一些安全策略在维护局域网内部通讯安全的不足,然后提出一种具有加密功能的以太网网卡,用以解决局域网内部通讯的安全问题。     

无线传感器网络门限密钥共享模型

针对现有传感器网络密钥管理方案存在的网络连通度低、抗俘获性差、节点能耗高等问题,该文提出一种基于(q,l)门限秘密共享的密钥共享模型,采用虚拟簇头共享密钥,物理簇头重构密钥的方式完成簇头与簇成员的密钥协商。该模型实现了簇成员能耗最低、抗俘获性最优的目标,同时门限参数l和q能够调节簇头的抗俘获性、容错性和高效性。理论分析与实验证明,与传统的概率型方案相比,该模型有效地提高了节点抗俘获性和网络连通度,并降低了节点能耗。