Authentic delay bounded event detection in heterogeneous wireless sensor networks

When using wireless sensor networks for real-time event alarming, it is critical to ensure event notification in a timely manner. Additionally, it is extremely important to ensure the alarms generated by the sensors propagate securely through the network to the sink. Another important factor to consider is energy, as it is a limited resource in wireless sensor networks. Accordingly, maximizing network lifetime is always an optimization goal. To address the aforementioned concerns, in this paper we present the Authentic Delay Bounded Event Detection System (ADBEDS). ADBEDS works in rounds, and in each round an event detection tree is responsible for simultaneously detecting events, routing packets to a gateway node, and detecting injection of false packets. The ADBEDS can support k-watching composite events to allow event detection in a redundant manner. Additionally, the corresponding event alarm can be delivered within a user-specified bounded delay. The use of energy-based keying allows smaller, more efficient keys as input to security mechanisms, allowing further reduction in energy consumption of the ADBEDS. We evaluate the energy efficiency and reliability of ADBEDS using theoretical analysis and simulation.     

Orthogonal frequency division multiple access resource allocation in mobile multihop relay networks using an adaptive frame structure

For wireless mobile multihop relay (MMR) networks, we have chosen orthogonal frequency division multiple access (OFDMA) and time division duplex as a multiple access scheme and a duplex communication technique, respectively. We have also selected nontransparent relay stations (nt‐RSs) as relay nodes to extend the MMR network coverage. Through the nt‐RSs, far‐off subscriber stations (SSs) or hidden SSs can communicate with a base station (BS) that is connected to backhaul networks. In these MMR networks, the way in which a BS and nt‐RSs use OFDMA resources (e.g., OFDMA symbols and subcarriers) and share them might reduce system capacity and network throughput. Therefore, we proposed a new adaptive OFDMA frame structure for both the BS and the nt‐RSs. The proposed scheme is the first approach that incorporates the adaptive technique for wireless MMR networks. Based on the proposed adaptive OFDMA frame structure, an adaptive OFDMA resource allocation for SSs within a BS as well as nt‐RSs was proposed. To derive the maximum OFDMA resource that nt‐RSs can be assigned and to synchronize access zones and relay zones between a superior station and its subordinate nt‐RSs, three properties are introduced: a data relay property, a maximum balance property, and a relay zone limitation property. In addition, we propose max‐min and proportional fairness schemes of the proposed adaptive frame structure. Our numerical analysis and simulations show that the proposed OFDMA allocation scheme performs better than the nonadaptive allocation scheme in terms of network throughput and fairness especially in the asymmetric distribution of subscriber stations between access zones and relay zones in the MMR networks. Copyright © 2011 John Wiley & Sons, Ltd.     

An 802.11 MAC layer covert channel

For extremely sensitive applications, it may be advantageous for users to transmit certain types of data covertly over the network. This provides an additional layer of security to that provided by the different layers of the protocol stack. In this paper we present a covert side channel that uses the 802.11 MAC rate switching protocol. The covert channel provides a general method to hide communications within currently deployed 802.11 LANs. The technique uses a one‐time password (OTP) algorithm to ensure high‐entropy randomness of the covert messages. We investigate how the covert side channel affects network throughput under various rate‐switching conditions with UDP‐based and TCP‐based application traffic. We also investigate the covertness of the covert side channel using standardized entropy. The theoretical analysis shows that the maximum covert channel bandwidth is 60 bps. The simulation results show that the impact on network throughput is minimal and increases slightly as the covert channel bandwidth increases. We further show that the channel has 100% accuracy with minimal impact on rate switching entropy for scenarios where rate switching normally occurs. Finally, we present two applications for the covert channel: covert authentication and covert WiFi botnets. Copyright © 2010 John Wiley & Sons, Ltd.     

Passive classification of wireless NICs during active scanning

Computer networks have become increasingly ubiquitous. However, with the increase in networked applications, there has also been an increase in difficulty to manage and secure these networks. The proliferation of 802.11 wireless networks has heightened this problem by extending networks beyond physical boundaries. We present a statistical analysis and propose the use of spectral analysis to identify the type of wireless network interface card (NIC). This mechanism can be applied to support the detection of unauthorized systems that use NICs that are different from that of a legitimate system. We focus on active scanning, a vaguely specified mechanism required by the 802.11 standard that is implemented in the hardware and software of the wireless NIC. We show that the implementation of this function influences the transmission patterns of a wireless stream that are observable through traffic analysis. Our mechanism for NIC identification uses signal processing to analyze the periodicity embedded in the wireless traffic caused by active scanning. A stable spectral profile is created from the periodic components of the traffic and used for the identity of the wireless NIC. We show that we can distinguish between NICs manufactured by different vendors, with zero false positives, using the spectral profile. Finally, we infer where, in the NIC, the active scanning algorithm is implemented.     

A secure routing protocol with regional partitioned clustering and Beta trust management in smart home

With the emergence of the Internet of Things (IoT) in recent years, the security has been significantly called more and more people’s attention on wireless communication between the devices and the human-beings, as well as the devices to devices. Smart home (SH), as a small-scale example of the smart application-based field, has benefited from the concept of IoT since it uses an indoor data-centric sensor network. In SH, routing schemes are widely utilized for data aggregation purposes. However, there are three main issues, which can considerably affect the current execution of routing protocol in SH: (1) lack of technical methods for precisely regional division of the network, (2) the difficulty of differentiating data among various functional regions, and (3) the vulnerability of network with advanced internal routing attacks. To address the aforementioned issues, in this paper, a two-layer cluster-based network model for indoor structured SH and a novel Beta-based trust management (BTM) scheme are proposed to defend various types of internal attacks by integrating the variation of trust value, threshold, and evaluation. The proposed structure forms a secure hierarchical routing protocol called SH-PCNBTM to effectively support the data transmission service in SH networks. The performance of SH-PCNBTM is thoroughly evaluated by using a set of comprehensive simulations. We will show that the proposed routing protocol not only ensures the even distribution of cluster-heads in each sub-region, but it also identifies and isolates the malicious sensor nodes accurately and rapidly compared with other trust-based hierarchical routing protocols.