A. James Clark School of Engineering

Permanent URI for this communityhttp://hdl.handle.net/1903/1654

The collections in this community comprise faculty research works, as well as graduate theses and dissertations.

Browse

Subject: search.filters.subject.Wireless sensor networks

Search Results

Now showing 1 - 6 of 6
  • Thumbnail Image
    Item
    TRUST-BASED DEFENSE AGAINST INSIDER PACKET DROP ATTACKS IN WIRELESS SENSOR NETWORKS
    (2013) Cho, Youngho; Qu, Gang; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)
    In most wireless sensor networks (WSNs), sensor nodes generate data packets and send them to the base station (BS) by multi-hop routing paths because of their limited energy and transmission range. The insider packet drop attacks refer to a set of attacks where compromised nodes intentionally drop packets. It is challenging to accurately detect such attacks because packets may also be dropped due to collision, congestion, or other network problems. Trust mechanism is a promising approach to identify inside packet drop attackers. In such an approach, each node will monitor its neighbor's packet forwarding behavior and use this observation to measure the trustworthiness of its neighbors. Once a neighbor's trust value falls below a threshold, it will be considered as an attacker by the monitoring node and excluded from the routing paths so further damage to the network will not be made. In this dissertation, we analyze the limitation of the state-of-the-art trust mechanisms and propose several enhancement techniques to better defend against insider packet drop attacks in WSNs. First, we observe that inside attackers can easily defeat the current trust mechanisms and even if they are caught, normally a lot of damage has already been made to the network. We believe this is caused by current trust models' inefficiency in distinguishing attacking behaviors and normal network transmission failures. We demonstrate that the phenomenon of consecutive packet drops is one fundamental difference between attackers and good sensor nodes and build a hybrid trust model based on it to improve the detection speed and accuracy of current trust models. Second, trust mechanisms give false alarms when they mis-categorize good nodes as attackers. Aggressive mechanisms like our hybrid approach designed to catch attackers as early as possible normally have high false alarm rate. Removing these nodes from routing paths may significantly reduce the performance of the network. We propose a novel false alarm detection and recovery mechanism that can recover the falsely detected good nodes. Next, we show that more intelligent packet drop attackers can launch advanced attacks without being detected by introducing a selective forwarding-based denial-of-service attack that drops only packets from specific victim nodes. We develop effective detection and prevention methods against such attack. We have implemented all the methods we have proposed and conducted extensive simulations with the OPNET network simulator to validate their effectiveness.
  • Thumbnail Image
    Item
    RANDOM GRAPH MODELING OF KEY DISTRIBUTION SCHEMES IN WIRELESS SENSOR NETWORKS
    (2011) Yagan, Osman; Makowski, Armand M; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)
    Wireless sensor networks (WSNs) are distributed collections of sensors with limited capabilities for computations and wireless communications. It is envisioned that such networks will be deployed in hostile environments where communications are monitored, and nodes are subject to capture and surreptitious use by an adversary. Thus, cryptographic protection will be needed to ensure secure communications, as well as to support sensor-capture detection, key revocation and sensor disabling. Recently, random key predistribution schemes have been introduced to address these issues, and they are by now a widely accepted solution for establishing security in WSNs. The main goal of the dissertation is to investigate and compare two popular random key predistribution schemes, namely the Eschenauer-Gligor (EG) scheme and the pairwise key distribution scheme of Chan, Perrig and Song. We investigate both schemes through their induced random graph models and develop scaling laws that corresponds to desirable network properties, e.g., absence of secure nodes that are isolated, secure connectivity, resiliency against attacks, scalability, and low memory load - We obtain conditions on the scheme parameters so that these properties occur with high probability as the number of nodes becomes large. We then compare these two schemes explaining their relative advantages and disadvantages, as well as their feasibility for several WSN applications. In the process, we first focus on the "full visibility" case, where sensors are all within communication range of each other. This assumption naturally leads to studying the random graph models induced by the aforementioned key distribution schemes, namely the random key graph and the random pairwise graph, respectively. In a second step, we remove the assumption of full visibility by integrating a wireless communication model with the random graph models induced under full visibility. We study the connectivity of WSNs under this new model and obtain conditions (for both schemes) that lead to the secure connectivity of the
  • Thumbnail Image
    Item
    On the gradual deployment of random pairwise key distribution schemes
    (2010-07-31) Yagan, Osman; Makowski, Armand M.
    In the context of wireless sensor networks, the pairwise key distribution scheme of Chan et al. has several advantages over other key distribution schemes including the original scheme of Eschenauer and Gligor. However, this offline pairwise key distribution mechanism requires that the network size be set in advance, and involves all sensor nodes simultaneously. Here, we address this issue by describing an implementation of the pairwise scheme that supports the gradual deployment of sensor nodes in several consecutive phases. We discuss the key ring size needed to maintain the secure connectivity throughout all the deployment phases. In particular we show that the number of keys at each sensor node can be taken to be O(log n) in order to achieve secure connectivity (with high probability).
  • Thumbnail Image
    Item
    On random graphs associated with a pairwise key distribution scheme
    (2010-01-01) Yagan, Osman; Makowski, Armand M.
    The pairwise key distribution scheme of Chan et al. was proposed as an alternative to the key distribution scheme of Eschenauer and Gligor to enable network security in wireless sensor networks. We consider the random graph induced by this pairwise scheme under the assumption of full visibility, and show the existence of a zero-one law for graph connectivity.
  • Thumbnail Image
    Item
    On the random graph induced by a randomized predistribution scheme under full visibility (Extended version)
    (2008) Yagan, Osman; Makowski, Armand M.
    We consider the random graph induced by the random key predistribution scheme of Eschenauer and Gligor under the assumption of full visibility. We show the existence of a zero-one law for the absence of isolated nodes, and complement it by a Poisson convergence for the number of isolated nodes. Leveraging earlier resu lts and analogies with Erd\H{o}s-Renyi graphs, we explore similar results for the property of graph connectivity. Implications for secure connectivity are discussed.
  • Thumbnail Image
    Item
    Robust design of wireless networks
    (2006-11-20) Kashyap, Abhishek; Kashyap, Abhishek; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)
    We consider the problem of robust topology control, routing and power control in wireless networks. We consider two aspects of robustness: topology control for robustness against device and link failures; routing and power control for robustness against traffic variations. The first problem is more specific to wireless sensor networks. Sensors typically use wireless transmitters to communicate with each other. However, sensors may be located in a way that they cannot even form a connected network (e.g, due to failures of some sensors, or loss of battery power). Using power control to induce a connected topology may not be feasible as the sensors may be placed in clusters far apart. We consider the problem of adding the smallest number of relay nodes so that the induced communication graph is k-connected. We consider both edge and vertex connectivity. The problem is NP-hard. We develop approximation algorithms that find close to optimal solutions. We consider extension to higher dimensions, and provide approximation guarantees for the algorithms. In addition, our methods extend with the same approximation guarantees to a generalization when the locations of relays are required to avoid certain polygonal obstacles. We also consider extension to networks with non-uniform transmission range, and provide approximation algorithms. The second problem we consider is of joint routing and transmission power assignment in multi-hop wireless networks with unknown traffic. We assume the traffic matrix, which specifies the traffic load between every source-destination pair in the network, is unknown, but always lies inside a polytope. Our goal is to find a fixed routing and power assignment that minimizes the maximum total transmission power in the network over all traffic matrices in a given polytope. In our approach, we do not need to monitor and update paths to adapt to traffic variations. We formulate this problem as a non-convex semi-infinite programming problem. We propose an efficient algorithm that computes a routing and power assignment that is schedulable for all traffic matrices in the given polytope. We perform extensive simulations to show that the proposed algorithm performs close to algorithms that adaptively optimize their solution to the traffic variations.