Results 1 - 10
of
107
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures
-
, 2003
"... We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as agq1( We propose securitygcur forrouting in sensor networks, show how attacks agacks ad-hoc and peer-to-peer networks can be ..."
Abstract
-
Cited by 827 (3 self)
- Add to MetaCart
We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as agq1( We propose securitygcur forrouting in sensor networks, show how attacks agacks ad-hoc and peer-to-peer networks can be adapted into powerful attacks agacks sensor networks, introduce two classes of novel attacks agacks sensor networks----sinkholes and HELLO floods, and analyze the security of all the major sensor networkrouting protocols. We describe crippling attacks against all of them and sug@(5 countermeasures anddesig considerations. This is the first such analysis of secure routing in sensor networks.
A Cluster-Based Security Architecture for Ad Hoc Networks
- IEEE Infocom
, 2004
"... Secure communication is very important in computer networks and authentication is one of the most eminent preconditions. However, common authentication schemes are not applicable in ad hoc networks because public key infrastructures with a centralized certification authority are hard to deploy there ..."
Abstract
-
Cited by 64 (1 self)
- Add to MetaCart
(Show Context)
Secure communication is very important in computer networks and authentication is one of the most eminent preconditions. However, common authentication schemes are not applicable in ad hoc networks because public key infrastructures with a centralized certification authority are hard to deploy there. We propose and evaluate a security concept based on a distributed certification facility. A network is divided into clusters with one special head node each. These cluster head nodes execute administrative functions and hold shares of a network key used for certification. New nodes start to participate in the network as guests; they can only become full members with a networksigned certificate after their authenticity has been warranted by some other members. The feasibility of this concept was verified by simulation. Three different models for node mobility were used in order to include realistic scenarios as well as make the results comparable to other work. The simulation results include an evaluation of the log-on times, availability, and communication overhead.
On the Utility of Distributed Cryptography in P2P and MANETs: the Case of Membership Control
"... Peer-to-peer systems enable efficient resource aggregation and are inherently scalable since they do not depend on any centralized authority. However, lack of a centralized authority, prompts many security-related challenges. Providing efficient security services in these systems is an active resear ..."
Abstract
-
Cited by 35 (7 self)
- Add to MetaCart
(Show Context)
Peer-to-peer systems enable efficient resource aggregation and are inherently scalable since they do not depend on any centralized authority. However, lack of a centralized authority, prompts many security-related challenges. Providing efficient security services in these systems is an active research topic which is receiving much attention in the security research community. In this paper, we explore the use of threshold cryptography in peer-to-peer settings (both Internet- and MANETbased) to provide, in a robust and fault tolerant fashion, security services such as authentication, certificate issuance and access control. Threshold cryptography provides high availability by distributing trust throughout the group and is, therefore, an attractive solution for secure peer-groups. At least, so it seems... Our work investigates the applicability of threshold cryptography for membership control in peer-to-peer systems. In the process, we discover that one interesting recently proposed scheme contains an unfortunate (yet serious) flaw. We then present an alternative solution and its performance measurements. More importantly, our preliminary work casts a certain degree of skepticism on the practicality and even viability of using (seemingly attractive) threshold cryptography in certain peer-to-peer settings.
Security considerations in ad hoc sensor networks
, 2005
"... In future smart environments, ad hoc sensor networks will play a key role in sensing, collecting, and disseminating information about environmental phenomena. As sensor networks come to be wide-spread deployment, security issues become a central concern. So far, the main research focus has been on m ..."
Abstract
-
Cited by 35 (0 self)
- Add to MetaCart
In future smart environments, ad hoc sensor networks will play a key role in sensing, collecting, and disseminating information about environmental phenomena. As sensor networks come to be wide-spread deployment, security issues become a central concern. So far, the main research focus has been on making sensor networks feasible and useful, and less emphasis has been placed on security. This paper analyzes security challenges in wireless sensor networks and summarizes key issues that need be solved for achieving security in an ad hoc network. It gives an overview of the current state of solutions on such key issues as secure routing, prevention of denial-of-service, and key management service.
Providing fault-tolerant ad-hoc routing service in adversarial environments
- Wireless Pers. Commun
, 2004
"... Abstract. Most existing designs of ad hoc networks are based on the assumption of non-adversarial environments, where each node in the network is cooperative and well-behaved. When misbehaving nodes exist in the network, the performance of current routing protocols degrades significantly. Since ad h ..."
Abstract
-
Cited by 23 (0 self)
- Add to MetaCart
Abstract. Most existing designs of ad hoc networks are based on the assumption of non-adversarial environments, where each node in the network is cooperative and well-behaved. When misbehaving nodes exist in the network, the performance of current routing protocols degrades significantly. Since ad hoc networks, consisting of autonomous nodes, are open and distributed in nature, maintaining a fault-free network environment is extremely difficult and expensive. In this paper, we propose a new routing service named best-effort fault-tolerant routing (BFTR). The design goal of BFTR is to provide packet routing service with high delivery ratio and low overhead in presence of misbehaving nodes. Instead of judging whether a path is good or bad, i.e., whether it contains any misbehaving node, BFTR evaluates the routing feasibility of a path by its end-to-end performance (e.g. packet delivery ratio and delay). By continuously observing the routing performance, BFTR dynamically routes packets via the most feasible path. BFTR provides an efficient and uniform solution for a broad range of node misbehaviors with very few security assumptions. The BFTR algorithm is evaluated through both analysis and extensive simulations. The results show that BFTR greatly improves the ad hoc routing performance in the presence of misbehaving nodes.
Efficient node admission for short-lived mobile ad hoc networks
- In ICNP ’05
, 2005
"... Admission control is an essential and fundamental security service in mobile ad hoc networks (MANETs). It is needed to securely cope with dynamic membership and topology and to bootstrap other important security primitives (such as key management) and services (such as secure routing) without the as ..."
Abstract
-
Cited by 21 (2 self)
- Add to MetaCart
(Show Context)
Admission control is an essential and fundamental security service in mobile ad hoc networks (MANETs). It is needed to securely cope with dynamic membership and topology and to bootstrap other important security primitives (such as key management) and services (such as secure routing) without the assistance of any centralized trusted authority. An ideal admission protocol must involve minimal interaction among the MANET nodes, since connectivity can be unstable. Also, since MANETs are often composed of weak or resource-limited devices, admission control must be efficient in terms of computation and communication. Most previously proposed admission control protocols are prohibitively expensive and require a lot of interaction among MANET nodes in order to securely reach limited consensus regarding admission and cope with potentially powerful adversaries. While the expense may be justified for long-lived group settings, short-lived MANETs can benefit from much less expensive techniques without sacrificing any security. In this paper, we consider short-lived MANETs and present a secure, efficient and a fully noninteractive admission control protocol for such networks. More specifically, our work is focused on novel applications of non-interactive secret sharing techniques based on bi-variate polynomials, but, unlike other results, the associated costs are very low. 1
hoc Networks
- Journal
, 2001
"... Abstract — This paper illustrates how networking protocols can inadvertently exacerbate obstacles to providing real-time guarantees for distributed problem solving in wireless mobile and sensor networks. We analyze the effects of control packet timing on providing quality of service guarantees. Inap ..."
Abstract
-
Cited by 21 (0 self)
- Add to MetaCart
(Show Context)
Abstract — This paper illustrates how networking protocols can inadvertently exacerbate obstacles to providing real-time guarantees for distributed problem solving in wireless mobile and sensor networks. We analyze the effects of control packet timing on providing quality of service guarantees. Inappropriate timing of control packets gives rise to synchronizations that result in sharp increases and decreases in throughput with small changes in node speed. Such synchronizations can seriously jeopardize network performance with direct effect on real-time guarantees. This paper introduces these synchronizations, analyzes them and suggests ways to modify the control packet timing to overcome them. These analyses include investigating the role of buffering at the network layer and its impact on network throughput. We analyze these effects and evaluate our protocol enhancements through simulation studies. I.
DICTATE: Distributed certification authority with probabilistic freshness for ad hoc networks
- TRANS. DEPENDABLE SECURE COMPUT
, 2005
"... Securing ad hoc networks is notoriously challenging, notably due to the lack of an online infrastructure. In particular, key management is a problem that has been addressed by many researchers but with limited results. In this paper, we consider the case where an ad hoc network is under the respons ..."
Abstract
-
Cited by 19 (0 self)
- Add to MetaCart
Securing ad hoc networks is notoriously challenging, notably due to the lack of an online infrastructure. In particular, key management is a problem that has been addressed by many researchers but with limited results. In this paper, we consider the case where an ad hoc network is under the responsibility of a mother certification authority (mCA). Since the nodes can frequently be collectively isolated from the mCA (e.g., for a remote mission) but still need the access to a certification authority, the mCA preassigns a special role to several nodes (called servers) that constitute a distributed certification authority (dCA) during the isolated period. We propose a solution, called DICTATE (DIstributed CerTification Authority with probabilisTic frEshness), to manage the dCA. This solution ensures that the dCA always processes a certificate update (or query) request in a finite amount of time and that an adversary cannot forge a certificate. Moreover, it guarantees that the dCA responds to a query request with the most recent version of the queried certificate in a certain probability; this probability can be made arbitrarily close to 1, but at the expense of higher overhead. Our contribution is twofold: 1) a set of certificate management protocols that allow trading protocol overhead for certificate freshness or the other way around, and 2) a combination of threshold and identity-based cryptosystems to guarantee the security, availability, and scalability of the certification function. We describe DICTATE in detail and, by security analysis and simulations, we show that it is robust against various attacks.
An attack on the proactive RSA signature scheme in the URSA ad hoc network access control protocol
- in the URSA Ad Hoc Network Access Control Protocol. In ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN
, 2004
"... ..."
(Show Context)
A localized certificate revocation scheme for mobile ad hoc networks
- Ad Hoc Netw
, 2008
"... ..."
(Show Context)
