Rong Fan,Dao-jing He,Xue-zeng Pan,Ling-di Ping

DOI: https://doi.org/10.1631/jzus.c1000377

2011-01-01

Abstract:Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints. Considering that most large-scale WSNs follow a two-tiered architecture, we propose an efficient and denial-of-service (DoS)-resistant user authentication scheme for two-tiered WSNs. The proposed approach reduces the computational load, since it performs only simple operations, such as exclusive-OR and a one-way hash function. This feature is more suitable for the resource-limited sensor nodes and mobile devices. And it is unnecessary for master nodes to forward login request messages to the base station, or maintain a long user list. In addition, pseudonym identity is introduced to preserve user anonymity. Through clever design, our proposed scheme can prevent smart card breaches. Finally, security and performance analysis demonstrates the effectiveness and robustness of the proposed scheme.

Rong Fan,Lingdi Ping,JianQing Fu,Xuezeng Pan

DOI: https://doi.org/10.1109/PACCS.2010.5626600

2010-01-01

Abstract:As wireless sensor networks (WSNs) are susceptible to attacks and sensor nodes have limited resources, designing a secure and efficient user authentication protocol for WSNs is a difficult task. Considering that most future large-scale WSNs follow a two-tiered architecture, we propose an efficient and Denial-of-Service resistant user authentication scheme for two-tiered WSNs, which imposes very light computational load and requires simple operations such as one-way hash function and exclusive-OR operations. In addition, there is a growing requirement for preserving user anonymity recently. Thus we introduce pseudonym identity for each user which is concealed in login messages. And through clever design, our proposed scheme can prevent from smart card breach. Moreover, the security analysis on this scheme demonstrates that our proposed scheme enjoys security attributes such as preventing the various kinds of attacks and user anonymity. Finally, performance analysis shows that our proposed scheme is simple and efficient.

Jin Liu,Hefei Ling,Fuhao Zou,Wei Qi Yan,Zhengding Lu

DOI: https://doi.org/10.4018/jdcf.2010100103

2010-01-01

International Journal of Digital Crime and Forensics

Abstract:This paper proposes a technique to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. The technique is divided into two main parts and with game theory and cryptographic puzzles. Introduced first is a new client puzzle to prevent DoS attacks in such networks. The second part presents a multiplayer game that takes place between the nodes of an ad hoc network and based on fundamental principles of game theory. By combining computational problems with puzzles, improvement occurs in the efficiency and latency of the communicating nodes and resistance in DoS and DDoS attacks. Experimental results show the effectiveness of the approach for devices with limited resources and for environments like ad hoc networks where nodes must exchange information quickly.

Yuan Cheng,Yanan Liu,Zheng Zhang,Yanxiu Li

DOI: https://doi.org/10.3390/s23146460

IF: 3.9

2023-07-18

Sensors

Abstract:Wireless sensor networks are usually applied in hostile areas where nodes can easily be monitored and captured by an adversary. Designing a key distribution scheme with high security and reliability, low hardware requirements, and moderate communication load is crucial for wireless sensor networks. To address the above objectives, we propose a new key distribution scheme based on an ECC asymmetric encryption algorithm. The two-way authentication mechanism in the proposed scheme not only prevents illegal nodes from accessing the network, but also prevents fake base stations from communicating with the nodes. The complete key distribution and key update methods ensure the security of session keys in both static and dynamic environments. The new key distribution scheme provides a significant performance improvement compared to the classical key distribution schemes for wireless sensor networks without sacrificing reliability. Simulation results show that the proposed new scheme reduces the communication load and key storage capacity, has significant advantages in terms of secure connectivity and attack resistance, and is fully applicable to wireless sensor networks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Daojing He,Yi Gao,Sammy Chan,Chun Chen,Jiajun Bu

2010-01-01

Abstract:Designing a user authentication protocol for wireless sensor networks is a difficult task because wireless networks are susceptible to attacks and sensor node has limited energy, processing and storage resources. Recently, several authentication schemes have been proposed. This short paper shows some security problems and design weaknesses in those schemes. Furthermore, an enhanced two-factor user authentication protocol is presented. The proposed scheme only uses hash function, and a successful user authentication just requires three message exchanges. Security and performance analyses demonstrate that compared to the well-known authentication schemes, our proposal is more secure and efficient.

Kaiping Xue,Peilin Hong,Hancheng Lu,Bin Zhu,Le Li

DOI: https://doi.org/10.1109/iwasid.2008.4688379

2008-01-01

Abstract:The key issue for WSN (wireless sensor network) is designing viable security mechanisms for the protection of confidentiality, integrity and authentication to prevent malicious attacks, but with nodespsila limited capabilities. Recently, Cheng proposed an efficient key distribution mechanism for large scale wireless sensor network based on hierarchical topology. In this paper, we show that Chengpsilas scheme is vulnerable to the node capture attack. Then a security modification of the original scheme will be proposed, which can withstand the node capture attack.

LIU Tao,XIONG Yan,HUANG Wenchao,LU Qiwei,GONG Xudong

DOI: https://doi.org/10.3724/sp.j.1087.2013.01842

2013-01-01

Journal of Computer Applications

Abstract:Concerning the vulnerability to attack from external and internal nodes and node failure due to openness and limited resources in Wireless Sensor Network(WSN),an efficient,secure trusted authentication scheme was proposed.The theory of identity-based and bilinear pairings was adopted in the authentication key agreement and update.The node trust value was computed by node behavior reputation management based on Beta distribution.The symmetric cryptosystem combined with message authentication code was used in certification process between trusted nodes which were identified by the trust value.The scheme not only can prevent eavesdropping,injection,replay,denial of service and other external attacks,but also is able to withstand internal threats such as the selective forwarding,Wormhole attack,Sinkhole attack and Sybil attack.The analysis and comparison with SPINS scheme show that the scheme can achieve longer network lifetime,smaller certification delay,greater security and scalability in the same network environment.The scheme has good application value in unattended WSN with high safety requirements.

Juan Chen,Hongli Zhang,Xiaojiang Du,Binxing Fang,Yan Liu,Haining Yu

DOI: https://doi.org/10.1109/icc.2012.6364186

2012-01-01

Abstract:A base station (BS) is the controller and the data receiving center of a wireless sensor network. Hence, a reliable and secure BS is critical to the network. Once an attacker locates the BS, he can do a lot of damages to the network. In this paper, we study the BS location protection issue. First, we present a new attack on BS: the Parent-based Attack Scheme (PAS). The PAS can locate a BS within one radio (wireless transmission) range of sensors. Different from existing methods, the PAS determines the BS location based on parent-child relationship of sensor nodes. The PAS cannot be defended by existing BS protection schemes. To defend against the PAS, we design a new parent-free (PF) secure routing protocol for sensor networks. Our simulation results show that the PF protocol has small communication and computation costs, while ensuring the security of the BS.

Xinfeng Li,Xiaoyuan Wang,Nan Zheng,Zhiguo Wan,Ming Gu

DOI: https://doi.org/10.1109/msn.2009.19

2009-01-01

Abstract:Location privacy in wireless sensor networks has gained a wide concern. Particularly, the location privacy of base station requires ultimate protection due to its crucial position in wireless sensor networks. In this paper, we propose an efficient scheme, consisting of anonymous topology discovery and intelligent fake packet injection (IFPI), to protect the location privacy of base station. Anonymous topology discovery eliminates the potential threats against base station within topology discovery period. On the other hand, IFPI enhances privacy protection strength during data transmission period. Under given conditions, comprehensive simulations demonstrate that our scheme significantly improves privacy strength compared with existing strategies.

Chi Zhang,Yanchao Zhang,Yuguang Fang

DOI: https://doi.org/10.1109/MILCOM.2006.302095

2006-01-01

Abstract:In order to defeat physical destruction attacks on wireless sensor networks, the base station (BS) need have the ability to continuously self-monitor the change of the WSN's coverage performance. In this paper, we propose a secure coverage inference protocol (SCIP) which can provide the BS an accurate and in-time measurement of the current connected coverage in an energy-efficient way, and our SCIP is resilient to attacks from external adversaries as well as to attacks from compromised nodes

Zhang Kewang,Zahng Qiong

DOI: https://doi.org/10.1109/hpcc/smartcity/dss.2018.00171

2018-01-01

Abstract:Wireless Sensor Networks (WSNs) are used in many applications in military, ecological, and health-related areas. These applications often include the monitoring of sensitive information such as enemy movement on the battlefield or the location of personnel in a building. Thus, secure data transmission is a critical issue for WSN. However, the extremely constrained nature of sensors and the potentially dynamic behavior of WSNs hinder the use of key management mechanisms commonly applied in modern wired and wireless networks. Network-wide keys schemes require only one key for any communication pairs, but such schemes' resilience is fairly low. In this paper, we propose a scheme to provide dynamic keys from environmental data sensed by the sensors. Based on the observations that sensors cannot produce 100% accurate data because of noise from sensor electronic circuit, and wireless channel is error prone, dynamic keys created by sensor data can provide high resilience. Simulation results show that the proposed scheme requires the same memory and communication resource as network-wide keys schemes, but provides the same resilience as full pairwise schemes.

Wenting Li,Bin Li,Yiming Zhao,Ping Wang,Fushan Wei

DOI: https://doi.org/10.1155/2018/8539674

2018-01-01

Abstract:Nowadays wireless sensor networks (WSNs) have drawn great attention from both industrial world and academic community. To facilitate real-time data access for external users from the sensor nodes directly, password-based authentication has become the prevalent authentication mechanism in the past decades. In this work, we investigate three foremost protocols in the area of password-based user authentication scheme for WSNs. Firstly, we analyze an efficient and anonymous protocol and demonstrate that though this protocol is equipped with a formal proof, it actually has several security loopholes been overlooked, such that it cannot resist against smart card loss attack and violate forward secrecy. Secondly, we scrutinize a lightweight protocol and point out that it cannot achieve the claimed security goal of forward secrecy, as well as suffering from user anonymity violation attack and offline password guessing attack. Thirdly, we find that an anonymous scheme fails to preserve two critical properties of forward secrecy and user friendliness. In addition, by adopting the "perfect forward secrecy (PFS)" principle, we provide several effective countermeasures to remedy the identified weaknesses. To test the necessity and effectiveness of our suggestions, we conduct a comparison of 10 representative schemes in terms of the underlying cryptographic primitives used for realizing forward secrecy.

Song Guo,Victor Leung,Zhuzhong Qian

DOI: https://doi.org/10.1109/icc.2010.5502141

2010-01-01

Abstract:The wireless sensor networks (WSNs) are normally operated in unattended, harsh, or hostile environment. Some strategies have been proposed to establish pairwise keys to protect the sensitive data and the sensor readings, but most existing schemes either suffer the large-scale node capture attacks, or cannot provide full and direct key establishment. In this paper, we present a permutation-based multi-polynomial scheme for pairwise key establishment in wireless sensor networks. This scheme is highly robust to the large-scale node capture attacks. Even after a large number of nodes have been compromised, the pairwise keys shared by non-compromised nodes remain secure. It also guarantees that any two nodes can directly establish a pairwise key without exposing any secret to other nodes. This full and direct key establishment features enable our scheme every adaptive to support node addition and mobility, which are particularly beneficial to the real-world applications. Our performance analysis also shows that the proposed scheme incurs low communication, storage, and computation overhead.

Mingming Li,Jianbin Hu,Nike Gui

DOI: https://doi.org/10.1007/978-3-642-13067-0_61

2010-01-01

Abstract:Traditional wireless sensor networks (WSN) are entity-centric systems making Sybil attacks, collusion attacks, false data injection attacks etc very effective attacks These attacks are critical security threat to WSN Although there are many security solutions to these attacks, such as cryptography, reputation, authentic consensus, none of them can well defense all these attacks respectively In this paper, we address this challenge by combining classical security solutions and extending the traditional entity-centric trust to data-centric trust via Dempster-Shafer Theory (DST) and a new method: Proof-of-Reputation-Relevance (PoRR) Our data-centric trust framework gives a whole solution for those attacks It is realized by our PoRR accomplished by collecting reputation weighted authentic consensus from witness nodes in a cooperative way Event reports from attacks who fail to provide right PoRR are discarded or given low trust levels Our simulation results show that our scheme is highly resilient to attackers and converges stably to the correct decision.

Fan Wu,Lili Xu,Saru Kumari,Xiong Li

DOI: https://doi.org/10.1007/s12083-015-0404-5

IF: 3.488

2015-01-01

Peer-to-Peer Networking and Applications

Abstract:Wireless sensor network(WSN) contains many specially distributed sensors which collect information for people to analyze appointed objects in real-time. WSN is deployed widely in many fields, such as fire detection and remote health care monitoring. User authentication is an important part for the communication of WSN. In 2014, Jiang et al. and Choi et al. proposed their authentication schemes for WSN, respectively. However, we find some weaknesses in them. Jiang et al.'s scheme cannot resist the De-Synchronization attack, the off-line guessing attack and the user forgery attack. Besides, it does not keep the character of strong forward security. Choi et al.'s scheme is under the off-line password guessing attack and the user impersonation attack without user anonymity. We present an improved authentication scheme and prove it to be secure with the formal security model. Also, we analyze the concrete secure characters and the performance of our scheme. Through comparison with some recent schemes, our scheme is more practical and fit for applications.

Debiao He,Yuanyuan Zhang,Jianhua Chen

2015-01-01

Abstract:Wireless sensor networks (WSNs) are applied widely a variety of areas such as realtime traffic monitoring, measurement of seismic activity, wildlife monitoring and so on. User authentication in WSNs is a critical security issue due to their unattended and hostile deployment in the field. In 2010, Yuan et al. proposed the first biometric-based user authentication scheme for WSNs. However, Yoon et al. pointed out that Yuan et al.’s scheme is vulnerable to the insider attack, user impersonation attack, GW-node impersonation attack and sensor node impersonate attack. To improve security, Yoon et al.’s proposed an improved scheme and claimed their scheme could withstand various attacks. Unfortunately, we will show Yoon et al.’s scheme is vulnerable to the denial-of-service attack (DoS) and the sensor node impersonation attack. To overcome the weaknesses in Yoon et al.’s scheme, we propose a new biometric-based user authentication scheme for WSNs. The analysis shows our scheme is more suitable for practical applications.

Yinghong Liu,Yuanming Wu

DOI: https://doi.org/10.1007/978-3-030-12388-8_7

2019-01-01

Abstract:In Sybil attack, a single faulty entity illegitimately claims multiple identities to gather more packets, which is extremely detrimental to network performance. This paper proposes an enhanced RSSI-based detection scheme with an innovative detection framework, including suspicious node screening phase and Sybil node verification phase. Introducing reputation module and adaptive threshold, malicious nodes are figured and marked by monitoring node promptly, which is essential to guarantee the reliability of detection nodes. In the collaborative work, monitoring node screens out the suspicious Sybil nodes firstly, and then selects two high reputation nodes for every suspicious node as detection nodes to carry out the verification of Sybil nodes. Theoretical analysis and simulation results show that our scheme achieves fast locating ability and high detection accuracy with low energy consumption.

Nike Gui,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.4304/jnw.5.5.535-542

2010-01-01

Journal of Networks

Abstract:Wireless sensor networks are increasingly deployed in security-critical areas, such as battle field. However, general sensor nodes are manufactured with inexpensive components, and they are short of security enhancement. Therefore, an adversary could capture and compromise sensor nodes easily, then launch some malicious attacks (including tampering or discarding useful data collected from source nodes). In this paper, we propose a secure routing and aggregation protocol with low energy cost for sensor networks (named STAPLE), which utilizes one-way hash chain and multi-path mechanism to achieve security of wireless sensor networks, and develop a network expanding model to control communication cost incurred by multi-path routing. Then we discuss the protocol application in multi-sink wireless sensor networks. Finally, we perform the simulation of STAPLE in comparison with INSENS, the results demonstrate that STAPLE achieves a higher level security with considerably low communication overhead.

Saru Kumari,Ashok Kumar Das,Mohammad Wazid,Xiong Li,Fan Wu,Kim-Kwang Raymond Choo,Muhammad Khurram Khan

DOI: https://doi.org/10.1002/cpe.3930

2017-01-01

Abstract:A wireless sensor network (WSN) typically consists of a large number of resource-constrained sensor nodes and several control or gateway nodes. Ensuring the security of the asymmetric nature of WSN is challenging, and designing secure and efficient user authentication and key agreement schemes for WSNs is an active research area. For example, in 2016, Farash et al. proposed a user authentication and key agreement scheme for WSNs. However, we reveal previously unpublished vulnerabilities in their scheme, which allow an attacker to carry out sensor node spoofing, password guessing, user/sensor node anonymity, and user impersonation attacks. We then present a scheme, which does not suffer from the identified vulnerabilities. To demonstrate the practicality of the scheme, we evaluate the scheme using NS-2 simulator. We then prove the scheme secure using Burrows-Abadi-Needham logic. Copyright (c) 2016 John Wiley & Sons, Ltd.

Daojing He,Sammy Chan,Chun Chen,Jiajun Bu

DOI: https://doi.org/10.1002/sec.377

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:Dynamic program update protocols provide a convenient way to reprogram sensor nodes after deployment. However, designing a secure program update protocol for wireless sensor networks is a difficult task because wireless networks are susceptible to attacks and nodes have limited resources. Recently, two secure program update protocols using orthogonality principle have been found to be vulnerable to two impersonation attacks, although these attacks are rather restrictive. This paper reports one new attack that is more general and makes the program update protocols even more vulnerable. With this attack, an attacker can easily impersonate the base station to install his/her preferred program on sensor nodes and then obtain control over the network. As a remedy, two simple countermeasures are suggested to defend against all these attacks. Finally, the security properties of the two proposed solutions are formally validated by a model checking tool. Copyright © 2011 John Wiley & Sons, Ltd.