An improved key distribution mechanism for large-scale hierarchical wireless sensor networks

Wireless sensor networks are often deployed in hostile environments and operated on an unattended mode. In order to protect the sensitive data and the sensor readings, secret keys should be used to encrypt the exchanged messages between communicating nodes. Due to their expensive energy consumption and hardware requirements, asymmetric key based cryptographies are not suitable for resource-constrained wireless sensors. Several symmetric-key pre-distribution protocols have been investigated recently to establish secure links between sensor nodes, but most of them are not scalable due to their linearly increased communication and key storage overheads. Furthermore, existing protocols cannot provide sufficient security when the number of compromised nodes exceeds a critical value. To address these limitations, we propose an improved key distribution mechanism for large-scale wireless sensor networks. Based on a hierarchical network model and bivariate polynomial-key generation mechanism, our scheme guarantees that two communicating parties can establish a unique pairwise key between them. Compared with existing protocols, our scheme can provide sufficient security no matter how many sensors are compromised. Fixed key storage overhead, full network connectivity, and low communication overhead can also be achieved by the proposed scheme.     

基于CPK和能量的安全路由算法

无线传感网是由大量传感器节点组成的网络,具有无线通信、自组织、无中心的组网特性。针对无线传感器网络面临的众多安全问题,从组合公钥和节点能量入手,对LEACH进行改进,提出了一种基于CPK和能量的安全有效路由算法。通过仿真实验,改进的路由协议比LEACH具有更长的寿命,而且在安全性方面也进一步加强了。     

Security in wireless sensor networks

With sensor networks on the verge of deployment, security issues pertaining to the sensor networks are in the limelight. Though the security in sensor networks share many characteristics with wireless ad hoc networks, the two fields are rapidly diverging due to the fundamental differences between the make‐up and goals of the two types of networks. Perhaps the greatest dividing difference is the energy and computational abilities. Sensor nodes are typically smaller, less powerful, and more prone to failure than nodes in an ad hoc network. These differences indicate that protocols that are valid in the context of ad‐hoc networks may not be directly applicable for sensor networks. In this paper, we survey the state of art in securing wireless sensor networks. We review several protocols that provide security in sensor networks, with an emphasis on authentication, key management and distribution, secure routing, and methods for intrusion detection. Copyright © 2006 John Wiley & Sons, Ltd.     

Simple,secure, and lightweight mechanism for mutual authentication of nodes in tiny wireless sensor networks

Wireless sensor networks (WSNs) are widely used in large areas of applications; due to advancements in technology, very tiny sensors are readily available, and their usage reduces the cost. The mechanisms designed for wireless networks cannot be implied on networks with tiny nodes due to battery and computational constraints. Understanding the significance of security in WSNs and resource constraintness of tiny WSNs, we propose a node authentication mechanism for nodes in wireless sensor networks to avoid security attacks and establish secure communication between them. In the proposed mechanism, a base station (BS) generates a secret value and random value for each sensor node and stores at the node. The sensor node authenticates using secret value and random number. Random nonce ensures freshness, efficiency, and robustness. The proposed mechanism is lightweight cryptographic, hence requires very less computational, communication, and storage resources. Security analysis of the proposed mechanism could not detect any security attack on it, and the mechanism was found to incur less storage, communication, and computation overheads. Hence, the proposed mechanism is best suitable for wireless sensor networks with tiny nodes.     

Self-propagating mal-packets in wireless sensor networks: Dynamics and defense implications

Self-propagating mal-packets have become an emergent threat against information confidentiality, integrity, and service availability in wireless sensor networks. While playing an important role for people to interact with surrounding environment, wireless sensor networks suffer from growing security concerns posed by mal-packets because of sensor networks’ low physical security, lack of resilience and robustness of underlying operating systems, and the ever-increasing complexity of deployed applications.In this paper, we study the propagation of mal-packets in 802.15.4 based wireless sensor networks. Based on our proposed mal-packet self-propagation models, we use TOSSIM, a simulator for wireless sensor networks, to study their propagation dynamics. We also present a study of the feasibility of mal-packet defense in sensor networks. Specifically, we apply random graph theory and percolation theory to investigate the immunization of highly-connected nodes, i.e., nodes with high degrees of connectivity. Our goal is to partition the network into as many separate pieces as possible, thus preventing or slowing down the mal-packet propagation. We study the percolation thresholds of different network densities and the effectiveness of immunization in terms of connection ratio, remaining link ratio, and distribution of component sizes. We also present an analysis of the distribution of component sizes.     

大规模输电线路状态监测传感器网络的周期性低功耗通信技术方案

为了实现输电线路监测的功耗低、寿命长、绿色发展的目的，提出大规模输电线路状态监测传感器网络周期性低功耗通信技术方案。依据网络中传感器网络组网特征以及节点运行状态转换特点，设置睡眠定时器，以周期性运行方式使传感器网络通信节点在初始化、睡眠、激活状态间转换，通信节点在输电线路状态监测数据无传递需求时进入睡眠状态，节省通信功耗；传感器网络汇聚（sink）节点利用梯度创建上行路由，通过源路由的方式创建下行路由，以跳数和剩余能量为依据进行上、下行路由数据分组传递，降低节点功耗，延长通信运行时间。实验显示，大规模输电线路状态监测传感器网络应用该技术方案后，通信功耗明显降低，运行时间明显延长，且不会影响监测传感器网络的数据传输性能，延长了监测传感器网络的使用寿命。     

Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks

Secure communications in wireless sensor networks operating under adversarial conditions require providing pairwise (symmetric) keys to sensor nodes. In large scale deployment scenarios, there is no priory knowledge of post deployment network configuration since nodes may be randomly scattered over a hostile territory. Thus, shared keys must be distributed before deployment to provide each node a key-chain. For large sensor networks it is infeasible to store a unique key for all other nodes in the key-chain of a sensor node. Consequently, for secure communication either two nodes have a key in common in their key-chains and they have a wireless link between them, or there is a path, called key-path, among these two nodes where each pair of neighboring nodes on this path have a key in common. Length of the key-path is the key factor for efficiency of the design. This paper presents novel deterministic and hybrid approaches based on Combinatorial Design for deciding how many and which keys to assign to each key-chain before the sensor network deployment. In particular, Balanced Incomplete Block Designs (BIBD) and Generalized Quadrangles (GQ) are mapped to obtain efficient key distribution schemes. Performance and security properties of the proposed schemes are studied both analytically and computationally. Comparison to related work shows that the combinatorial approach produces better connectivity with smaller key-chain sizes     

A new load balancing and data collection algorithm for energy saving in wireless sensor networks

Data gathering is a major function of many applications in wireless sensor networks. The most important issue in designing a data gathering algorithm is how to save energy of sensor nodes while meeting the requirements of special applications or users. Wireless sensor networks are characterized by centralized data gathering, multi-hop communication and many to one traffic pattern. These three characteristics can lead to severe packet collision, network congestion and packet loss, and even result in hot-spots of energy consumption thus causing premature death of sensor nodes and entire network. In this paper, we propose a load balance data gathering algorithm that classifies sensor nodes into different layers according to their distance to sink node and furthermore, divides the sense zone into several clusters. Routing trees are established between sensor node and sink depending on the energy metric and communication cost. For saving energy consumption, the target of data aggregation scheme is adopted as well. Analysis and simulation results show that the algorithm we proposed provides more uniform energy consumption among sensor nodes and can prolong the lifetime of sensor networks.     

无线传感器网络中一种基于共享密钥的节点鉴别机制

在无线传感器网络中,信息的传输需要保证通信双方的节点是本次通信的节点,而不是网络中的其他节点或者一些恶意节点,这就需要对通信双方的身份进行身份鉴别。提出了一种基于共享密钥的节点鉴别机制,实现了网内节点间在通信前确认彼此身份的合法性和有效性。分析表明,该方案有效抵御了传感器网络中一些常见的安全威胁,例如女巫攻击等。同时,该方案还具有很强的攻击容忍性。     

REACA: An Efficient Protocol Architecture for Large Scale Sensor Networks

The emergence of wireless sensor networks has imposed many challenges on network design such as severe energy constraints, limited bandwidth and computing capabilities. This kind of networks necessitates network protocol architectures that are robust, energy-efficient, scalable, and easy for deployment. This paper proposes a robust energy-aware clustering architecture (REACA) for large-scale wireless sensor networks. We analyze the performance of the REACA network in terms of quality-of-service, asymptotic throughput capacity, and power consumption. In particular, we study how the throughput capacity scales with the number of nodes and the number of clusters. We show that by exploiting traffic locality, clustering can achieve performance improvement both in capacity and in power consumption over general-purpose ad hoc networks. We also explore the fundamental trade-off between throughput capacity and power consumption for single-hop and multi-hop routing schemes in cluster-based networks. The protocol architecture and performance analysis developed in this paper provide useful insights for practical design and deployment of large-scale wireless sensor network.     

WSN中一种改进的密钥管理方案研究

密钥管理作为传感器网络安全中最为基本的环节,在认证和加密过程中起着重要作用。针对无线传感器网络(Wireless Sensor Network,WSN)的通信密钥易被破解的缺点以及为建立安全信道而增加密钥会造成网络的连通率低的问题,提出了一种改进的无线传感器网络密钥管理方案,通过定位算法得到网络中的坐标,利用所得到的位置信息对所存储的密钥空间进行优化,可以增大2个邻居节点拥有相同密钥空间的概率。实验结果表明:该方法占用较小密钥存储空间,能明显改善网络连通性和网络的安全性等性能,提高安全性。     

基于信号幅度衰减测距的水下定位方法

无线传感器网络中节点规模大、能量有限、可靠性差、随机部署,无线模块的通信距离有限,虽然运用全球定位系统是个很好的选择,但是其体积大、成本高、能耗多而且需要基础设施,不适用于低成本、自组织的无线传感器网络。通过研究发现,基于信号幅度衰减测距的水下定位方法不仅能够满足无线传感器网络节点定位的要求,而且其成本较低,易理解及操作,精度高。     

A group-based security scheme for wireless sensor networks

In recent years, wireless sensor networks have been a very popular research topic, offering a treasure trove of systems, networking, hardware, security, and application-related problems. Distributed nature and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. The problem is more critical if its purpose is for some mission-critical applications such as in a tactical battlefield. This paper presents a security scheme for group-based distributed wireless sensor networks. Our first goal is to devise a group-based secure wireless sensor network. We exploit the multi-line version of matrix key distribution technique and Gaussian distribution to achieve this goal. Secondly, security mechanisms are proposed for such a group-based network architecture in which sensed data collected at numerous, inexpensive sensor nodes are filtered by local processing on its way through more capable and compromise-tolerant reporting nodes. We address the upstream requirement that reporting nodes authenticate data produced by sensors before aggregating and the downstream requirement that sensors authenticates commands disseminated from reporting nodes. Security analysis is presented to quantify the strength of the proposed scheme against security threats. Through simulations, we validate the analytical results.     

无线传感器网络的轻量级安全体系研究

结合无线传感器网络现有的安全方案存在密钥管理和安全认证效率低等问题的特点,提出了无线传感器网络的轻量级安全体系和安全算法。采用门限秘密共享机制的思想解决了无线传感器网络组网中遭遇恶意节点的问题;采用轻量化ECC算法改造传统ECC算法,优化基于ECC的CPK体制的思想,在无需第三方认证中心CA的参与下,可减少认证过程中的计算开销和通信开销,密钥管理适应无线传感器网络的资源受限和传输能耗相当于计算能耗千倍等特点,安全性依赖于椭圆离散对数的指数级分解计算复杂度;并采用双向认证的方式改造,保证普通节点与簇头节点间的通信安全,抵御中间人攻击。     

Energy Efficient Distributed Face Recognition in Wireless Sensor Network

Face recognition enhances the security through wireless sensor network and it is a challenging task due to constrains involved in wireless sensor network. Image processing and image communication in wireless sensor network reduces the life time of network due to the heavy processing and communication. This paper presents a collaborative face recognition system in wireless sensor network. The layered linear discriminant analysis is re-engineered to implement on wireless sensor network by efficiently allocating the network resources. Distributed face recognition not only help to reduce the communication overload but it also increase the node life time by distributing the work load on the nodes. The simulation shows that the proposed technique provide significant gain in network life time.     

无线传感器网络的新进展与应用

为完成实时监测、感知和采集各种监测环境或对象的信息,将智能传感器组成分布式信息测控网络。无线传感器网络是传感器智能化发展的趋势。它是以数据获取与数据管理为核心的全新网络,综合了传感器技术、嵌入式计算技术、分布式信息处理技术和无线通信技术。介绍了无线传感器网络节点、无线传感器网络、无线传感器网络的最新进展,并给出了无线传感器网络的应用。     

Minimum latency joint scheduling and routing in wireless sensor networks

Wireless sensor networks are expected to be used in a wide range of applications from environment monitoring to event detection. The key challenge is to provide energy efficient communication; however, latency remains an important concern for many applications that require fast response. In this paper, we address the important problem of minimizing average communication latency for the active flows while providing energy-efficiency in wireless sensor networks. As the flows in some wireless sensor network can be long-lived and predictable, it is possible to design schedules for sensor nodes so that nodes can wake up only when it is necessary and asleep during other times. Clearly, the routing layer decision is closely coupled to the wakeup/sleep schedule of the sensor nodes. We formulate a joint scheduling and routing problem with the objective of finding the schedules and routes for current active flows with minimum average latency. By constructing a novel delay graph, the problem can be solved optimally by employing the M node-disjoint paths algorithm under FDMA channel model. We further present extensions of the algorithm to handle dynamic traffic changes and topology changes in wireless sensor networks.     

建筑物抗震性无线检测系统的设计

介绍了一种基于无线传感器网络技术的建筑物抗震性检测系统.首先,提出了以无线通信震动传感器形成一种可扩展的无线传感器网络的系统结构.然后,介绍在该系统中采用的无线震动传感器节点以及检测基站设备的设计.在本系统中,节点和基站设备所使用的近距离通信标准为802.15.4/ZigBee标准.     

无线传感网络安全改进方案研究

介绍了无线传感网络的发展现状和网络应用的特点,详细描述了时变加密技术的工作原理和在无线传感网络中的应用。针对时变加密密钥在无线传感网络中容易出现丢失和误码,从而导致网络中的感应节点与控制节点安全数据传输失效的缺点,提出了密钥预传输的解决方案。该方法在不缩短节点寿命的前提下,大大提高了无线传感网络的安全性和节点数据传输的稳定性。     

基于发布/订阅模型的WSN设计

为降低通信频率对节点能耗的影响同时提高大规模节点下传感器网络的连通率,本文设计了一种以发布/订阅模型作为应用层数据交互方式的无线传感器网络。该网络利用6LoWPAN技术实现组网,并以Contiki操作系统为平台完成了基于发布/订阅模型的MQTT-S应用层协议设计。测试结果表明,该设计能够有效降低节点的通信流量,实现对节点功耗以及网络通信优化,并能与互联网实现无缝连接减少开发成本,对大规模传感器网络的设计与应用具有重要意义。