• The Journal of the Korea Contents Association
• /
• v.10 no.7
• /
• pp.70-80
• /
• 2010

Due to the resource limitations of sensor nodes, providing a security protocol is a particular challenge in sensor networks. One popular method is the neighborhood-based key agreement protocol (NEKAP). NEKAP is an efficient and lightweight protocol, but it includes loopholes through which adversaries may launch replay attacks by successfully masquerading as legitimate nodes. In this paper, we present a modified security protocol for wireless sensor networks. We provide four types of keys for each node, which adapt to different security requirements; and an improvement is made to alleviate the replay attack. According to our qualitative performance analyses, the proposed security protocol provides effectiveness in terms of authentication security, attacking node detection, and replay attack resilience when compared to the conventional method.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.46 no.2
• /
• pp.73-80
• /
• 2009

Security is critically important for ubiquitous sensor networks that are usually used for the military and serveillance in environments that are opened to attacks, such as, eavesdroping, replay attacks of abnormal messages, forgery of the messages to name a few. ZigBee has emerged as a strong contender for ubiquitous sensor networks. ZigBee is used for low data rate and low power wireless sensor network applications. To deploy ubiquitous sensor networks, the collected information requires protection from an adversary over the network in many cases. The security mechanism should be provided for collecting the information over the network. However, the ZigBee protocol has some security weaknesses. In this paper, these weaknesses are discussed and a method to improve security aspect of the ZigBee protocol is presented along with a comparison of the message complexity of the proposed security protocol with that of the current ZigBee protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1249-1272
• /
• 2016

In this paper, we propose a symmetric key establishment scheme for wireless sensor networks which tries to minimize the resource usage while satisfying the security requirements. This is accomplished by taking advantage of the communication pattern of wireless sensor networks and adopting heterogeneous wireless sensor networks. By considering the unique communication pattern of wireless sensor networks due to the nature of information gathering from the physical world, the number of keys to be established is minimized and, consequently, the overhead spent for establishing keys decreases. With heterogeneous wireless sensor networks, we can build a hybrid scheme where a small number of powerful nodes do more works than a large number of resource-constrained nodes to provide enhanced security service such as broadcast authentication and reduce the burden of resource-limited nodes. In addition, an on-demand key establishment scheme is introduced to support extra communications and optimize the resource usage. Our performance analysis shows that the proposed scheme is very efficient and highly scalable in terms of storage, communication and computation overhead. Furthermore, our proposed scheme not only satisfies the security requirements but also provides resilience to several attacks.

• Convergence Security Journal
• /
• v.7 no.4
• /
• pp.51-60
• /
• 2007

It is important to assess vulnerability of network and information system to countermeasure against a variety of attack in effective and efficient way. But vulnerability and risk assessment methodology for network and information systems could not be directly applied to sensor networks because sensor networks have different properties compared to traditional network and information system. This paper proposes a vulnerability assessment framework for cluster based sensor networks. The vulnerability assessment for sensor networks is presented. Finally, the case study in cluster based sensor networks is described to show possibility of the framework.

• Proceedings of the IEEK Conference
• /
• 2006.06a
• /
• pp.193-194
• /
• 2006

In this paper, the SPINS, a sensor network security mechanism, was researched to design a system to be applied to home network structure and check the security of which degree was ensured by a virtual network of home networking middleware. Sensor Network security mechanism SPINS provides data confidentiality and authentication by SNEP, and provides authenticated broadcast by ${\mu}TESLA$. We designed the system that applied SPINS to home networking middleware basic structure.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.514-515
• /
• 2010

Security has become a major concern for many real world applications for wireless sensor networks. Usually, all these approaches are based on well known cryptographic algorithms. At the same time, performance analyses have shown that the applicability of sensor networks strongly depends on effective routing sessions or energy aware wireless communication. Based on our experiments, we provide some analyses and considerations on practical feasibility of such cryptographic algorithms in sensor networks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.11
• /
• pp.2769-2792
• /
• 2013

In this paper, we propose an authenticated key agreement scheme, TinyIBAK, based on the identity-based cryptography and bilinear paring, for large scale sensor networks. We prove the security of our proposal in the random oracle model. According to the formal security validation using AVISPA, the proposed scheme is strongly secure against the passive and active attacks, such as replay, man-in-the middle and node compromise attacks, etc. We implemented our proposal for TinyOS-2.1, analyzed the memory occupation, and evaluated the time and energy performance on the MICAz motes using the Avrora toolkits. Moreover, we deployed our proposal within the TOSSIM simulation framework, and investigated the effect of node density on the performance of our scheme. Experimental results indicate that our proposal consumes an acceptable amount of resources, and is feasible for infrequent key distribution and rekeying in large scale sensor networks. Compared with other ID-based key agreement approaches, TinyIBAK is much more efficient or comparable in performance but provides rekeying. Compared with the traditional key pre-distribution schemes, TinyIBAK achieves significant improvements in terms of security strength, key connectivity, scalability, communication and storage overhead, and enables efficient secure rekeying.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2518-2533
• /
• 2020

In wireless sensor networks, adversaries may physically capture sensor nodes on the fields, and use them to launch false positive attacks (FPAs). FPAs could be conducted by injecting forged or old sensing reports, which would represent non-existent events on the fields, with the goal of disorientating the base stations and/or reducing the limited energy resources of sensor nodes on the fields. Researchers have proposed various mitigation methods against FPAs, including the statistical en-route filtering scheme (SEF). Most of these methods are based on key pre-distribution schemes and can efficiently filter injected false reports out at relay nodes through the verification of in-transit reports using the pre-distributed keys. However, their filtering power may decrease as time goes by since adversaries would attempt to capture additional nodes as many as possible. In this paper, we propose an adaptive key distribution method that could maintain the security power of SEF in WSNs under such circumstances. The proposed method makes, if necessary, BS update or re-distribute keys, which are used to endorse and verify reports, with the consideration of the filtering power and energy efficiency. Our experimental results show that the proposed method is more effective, compared to SEF, against FPAs in terms of security level and energy saving.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.13 no.1
• /
• pp.382-389
• /
• 2012

The fabricated report attack will not only cause false alarms that waste real-world response efforts such as sending response teams to the event location, but also drains the finite amount of energy in a wireless sensor network. In this paper, we propose a probabilistic filtering method for sensor network security (PFSS) to deal with filtering for the fabricated report. On the basis of filtering scheme, PFSS combines cluster-based organization and probabilistic verification node assignment using distance of from cluster head to base station for energy efficiency and hot spot problem. Through both analysis and simulation, we demonstrate that PFSS could achieve efficient protection against fabricated report attack while maintaining a sufficiently high filtering power.

• The KIPS Transactions:PartC
• /
• v.17C no.2
• /
• pp.165-172
• /
• 2010

Sensor network can be applied in many areas in our life, and security is very important in applying sensor network. For secure sensor communication, pairwise key establishment between sensor nodes is essential. In this paper, we cluster the network field in hexagonal shapes and preassign three different kinds of key information for each sensor according to its expected location. We adopt overlapped key string pool concept for our clustered network architecture and every node uses the part of sub-strings for setting up pairwise keys with all neighboring nodes in its own cluster and from different clusters according to respective position with small amount of information. Our proposal decreases the memory requirement and increases security level efficiently.