• Journal of the Korean Institute of Intelligent Systems
• /
• v.22 no.1
• /
• pp.108-113
• /
• 2012

Routing paths are mightily important for the network security in WSNs. To maintain such routing paths, sustained path re-selection and path management are needed. Region segmentation based path selection method (RSPSM) provides a path selection method that a sensor network is divided into several subregions, so that the regional path selection and path management are available. Therefore, RSPSM can reduce energy consumption when the path re-selection process is executed. However, it is hard to guarantee optimized secure routing path at all times since the information using the path re-selection process is limited in scope. In this paper, we propose partial path selection method in each subregion using preselected partial paths made by RSPSM for routing path optimization in SEF based sensor networks. In the proposed method, the base station collects the information of the all partial paths from every subregion and then, evaluates all the candidates that can be the optimized routing path for each node using a evaluation function. After the evaluation process is done, the result is sent to each super DN using the global routing path information (GPI) message. Thus, each super DN provides the optimized secure routing paths using the GPI. We show the effectiveness of the proposed method via the simulation results. We expect that our method can be useful for the improvement of RSPSM.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.749-753
• /
• 2006

최근 Mobile Ad-hoc Networks(MANET)에서 보안 요소를 추가한 라우팅 연구가 활발히 진행되어 왔다. 하지만 기존 연구들은 대부분 secure 라우팅 또는 패킷 자체에 대한 악의적인 행위가 이루어지는 부분 중 어느 한 측면에 대해서만 연구되어져 왔다. 이와 같은 방법들은 악의적인 노드를 확인하더라도 라우팅 경로 설정과정에서 악의적인 행위가 이루어지거나 라우팅 경로 설정에 대한 공격은 차단하더라고 패킷에 대한 악의적인 행위가 이루어지면 네트워크 내 보안 측면에서 큰 효율성을 기대할 수 없다. 따라서 본 논문에서는 일정기간 악의저인 행위가 이루어지는 노드를 확인하여 각 노드에 대한 신뢰단계를 구성 후, 획득한 각 노드의 신뢰레벨에 따라 라우팅 경로를 설정함으로써 패킷 및 라우팅 경로 설정에 대해 이루어질 수 있는 악의적인 행위를 효율적으로 대응 할 수 있는 방안인 IMSec(A identification of malicious node and secure communications in MANET)을 제안한다. IMSec은 AODV(Ad-hoc On-demand Distance Vector Routing)를 기반으로 하였다. NS-2 네트워크 시뮬레이션 결과를 통해, 제안된 IMSec은 기존 프로토콜보다 네트워크의 부하를 감소시킨 상태에서 악의적인 노드를 더 정확하고 신속하게 찾아냄을 보였다.

• Journal of Internet Computing and Services
• /
• v.16 no.6
• /
• pp.47-55
• /
• 2015

The conventional dynamic routing methods in Software Defined Networks (SDN) set the optimal routing path based on the minimum link cost, and thereby transmits the incoming or outgoing flows to the terminal. However, in this case, flows can bypass the middlebox that is responsible for security service and thus, thus the network can face a threat. That is, while determining the best route for each flow, it is necessary to consider a dynamic service chaining, which routes a flow via a security middlebox. Therefore, int this paper, we propose a new dynamic routing method that considers the dynamic flow routing method combined with the security service functions over the SDN.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37C no.12
• /
• pp.1256-1262
• /
• 2012

Mobile ad hoc networks (MANETs) are infrastructure-less, autonomous, and stand-alone wireless networks with dynamic topologies. Recently, cluster-based ad hoc networks which enhance the security and efficiency of ad hoc networks are being actively researched. And routing protocols for cluster-based ad hoc networks are also studied. However, there are few studies about secure routing protocols in cluster-based ad hoc networks. In this paper, we propose secure routing protocol for cluster-based ad hoc networks. We use Diffie-Hellman key agreement, HMAC, and digital signature to support integrity of routing messages, and finally can perform secure routing.

• Proceedings of the Korean Information Science Society Conference
• /
• 2012.06d
• /
• pp.199-201
• /
• 2012

무선 멀티미디어 센서 네트워크를 활용하기 위한 응용에서는 대용량 멀티미디어 데이터 저장 및 처리 기술, 데이터 전송 기술 등과 같은 다양한 기반 기술들이 요구된다. 특히, 응용을 실제 환경에 적용하기 위해서는 대용량 데이터에 대한 데이터 보안 기술은 필수적이다. 본 논문은 여러 해킹 기술 중 하나인 스니핑 공격으로부터 원천적인 방어를 위해, 데이터 전송 경로를 위험 요소로부터 물리적으로 회피시키기 위한 다중 경로 라우팅 기법을 제안한다. 제안하는 기법은 위험 요소의 감지 반경과 움직임을 토대로 위험 요소의 인근에 위치한 센서 노드에 준비태세 단계를 설정한다. 이를 기반으로 데이터의 우선 순위를 설정하여 데이터 라우팅 과정에서 준비태세 단계와 데이터의 우선 순위를 고려하여 우선순위에 맞는 안전한 경로를 통해 위험요소 우회 다중 경로 라우팅을 수행한다. 시뮬레이션을 통해 제안하는 기법의 구현 가능성을 제시하였으며, 준비태세를 기반으로 효과적인 위험요소 우회 다중 경로 라우팅을 보였다.

• The KIPS Transactions:PartC
• /
• v.12C no.5 s.101
• /
• pp.623-632
• /
• 2005

In ad-hoc network, there is no fixed infrastructure such as base stations or mobile switching centers. The security of ad-hoc network is more vulnerable than traditional networks because of the basic characteristics of ad-hoc network, and current muting protocols for ad-hoc networks allow many different types of attacks by malicious nodes. Malicious nodes can disrupt the correct functioning of a routing protocol by modifying routing information, by fabricating false routing information and by impersonating other nodes. We propose a routing suity mechanism based on one-time digital signature. In our proposal, we use one-time digital signatures based on one-way hash functions in order to limit or prevent attacks of malicious nodes. For the purpose of generating and keeping a large number of public key sets, we derive multiple sets of the keys from hash chains by repeated hashing of the public key elements in the first set. After that, each node publishes its own public keys, broadcasts routing message including one-time digital signature during route discovery and route setup. This mechanism provides authentication and message integrity and prevents attacks from malicious nodes. Simulation results indicate that our mechanism increases the routing overhead in a highly mobile environment, but provides great security in the route discovery process and increases the network efficiency.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06d
• /
• pp.171-174
• /
• 2011

무선 센서 네트워크를 이용한 응용에서는 데이터 저장 및 처리 기술, 데이터 전송 기술 등과 같은 다양한 기반 기술들이 요구된다. 특히 응용을 실제 환경에 적용하기 위해서는 데이터 보안 기술은 필수적이다. 본 논문은 여러 해킹 기술 중 하나인 스니핑(Sniffing) 공격으로부터 원천적인 방어를 위해 데이터 전송 경로를 위험 요소로부터 물리적으로 회피시키기 위한 라우팅 기법을 제안한다. 제안하는 기법은 크기와 방향 정보를 가지는 반발력 이라는 개념을 기반으로 위험 요소의 인근에 위치한 센서 노드들에게 반발력 정보를 설정한다. 데이터 라우팅 과정에서 반발력이 설정된 노드를 지나갈 경우 해당 정보를 이용하여 안전한 경로로 우회 라우팅을 수행한다. 본 논문에서는 제안하는 기법의 효과를 보이기 위해 시뮬레이션을 통한 동작 모습을 보인다.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.5
• /
• pp.103-117
• /
• 2009

In MANET(Mobile Ad-Hoc Network), providing security to routing has been a significant issue recently. Existing studies, however, focused on either of secure routing or packet itself where malicious operations occur. In this paper, we propose SRPPnT(A Secure Routing Protocol in MANET based on Malicious Pattern of Node and Trust Level) that consider both malicious behavior on packet and secure routing. SRPPnT is identify the node where malicious activities occur for a specific time to compose trust levels for each node, and then to set up a routing path according to the trust level obtained. Therefore, SRPPnT is able to make efficient countermeasures against malicious operations. SRPPnT is based on AODV(Ad-Hoc On-Demand Distance Vector Routing). The proposed SRPPnT, from results of the NS-2 network simulation. shows a more prompt and accurate finding of malicious nodes than previous protocols did, under the condition of decreased load of networks and route more securely.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.4
• /
• pp.797-803
• /
• 2012

Recently demands in construction of the stand-alone networks and interconnection between convergence devices have led an increase in research on and much attention has been paid to the application of MANET as a Ubiquitous network which is growing fast. With performance both as hosts and routers, easy network configuration, and fast response, mobile nodes participating in MANET are suitable for Embedded computing, but have vulnerable points, such as lack of network scalability and dynamic network topology due to mobility, passive attacks, active attacks, which make continuous security service impossible. In this study, hashed AODV routing is used to protect from counterfeiting messages by malicious nodes in the course of path finding and setting, and disguising misrouted messages as different mobile nodes and inputting them into the network.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.5B
• /
• pp.260-267
• /
• 2008

As pervious the SAR(Security Aware Routing)[10] protocol is an secure Ad Hoc network protocol that finds a secure path, it is the security routing protocol that uses the security level of nodes as the routing information. However, the SAR protocol sometimes transfers data through inefficient transmission paths because it always tries to find secure nodes for a safe transmission. Since it is a protocol based on AODV[6], it will cause transmission delay as researching of security routing path. when a node is out of the data transmission range as its battery dying or movement. Although it is possible to connection of nodes because a characteristic of the SAR protocol, the connection is not easy to reconnect when the security level of intermediate node is lower than the level requested by a source node. In this paper, we suggest the MP-SAR based on the SAR to solve the SAR protocol's problem. The MP-SAR seeks multiple secure path for maintenance of data confidentiality using the expanded secure path detection techniques based on the SAR. It can transfer data quickly and reliably by using the shortest efficient path among multiple paths. In the research result, we proved a outstanding performance of MP-SAR than the previous SAR through comparison and analysis.