|
Published Articles >> Table of Contents >> Abstract
June 2007 (Vol. 6, No. 6)
pp. 663-677
Efficient Hybrid Security Mechanisms for Heterogeneous Sensor Networks
Patrick Traynor, IEEE
Raju Kumar
Heesook Choi, IEEE
Guohong Cao, IEEE
Sencun Zhu
Thomas La Porta, IEEE
Full Article Text:
   
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TMC.2007.1020
Send link to a friend
| Abstract |
|
Many applications that make use of sensor networks require secure communication. Because asymmetric-key solutions are difficult to implement in such a resource-constrained environment, symmetric-key methods coupled with a priori key distribution schemes have been proposed to achieve the goals of data secrecy and integrity. These approaches typically assume that all nodes are similar in terms of capabilities and, hence, deploy the same number of keys in all sensors in a network to provide the aforementioned protections. In this paper, we demonstrate that a probabilistic unbalanced distribution of keys throughout the network that leverages the existence of a small percentage of more capable sensor nodes can not only provide an equal level of security, but also reduce the consequences of node compromise. To fully characterize the effects of the unbalanced key management system, we design, implement, and measure the performance of a complementary suite of key establishment protocols known as LIGER. Using their predeployed keys, nodes operating in isolation from external networks can securely and efficiently establish keys with each other. Should resources such as a backhaul link to a key distribution center (KDC) become available, networks implementing LIGER automatically incorporate and benefit from such facilities. Detailed experiments demonstrate that the unbalanced distribution in combination with the multimodal LIGER suite offers a robust and practical solution to the security needs in sensor networks.
|
 References
|
[1] I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “A Survey on Sensor Networks,” IEEE Comm. Magazine, Aug. 2002.
[2] C. Blundo, A.D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, “Perfectly-Secure Key Distribution for Dynamic Conferences,” Proc. Advances in Cryptology (CRYPTO '92), vol. 740, pp.471-486, 1992.
[3] S. Capkun and J. Hubaux, “BISS: Building Secure Routing Out of an Incomplete Set of Security Associations,” Proc. ACM Workshop Wireless Security (WiSe '03), Sept. 2003.
[4] H. Chan, A. Perrig, and D. Song, “Random Key Predistribution Schemes for Sensor Networks,” Proc. IEEE Symp. Security and Privacy (S&P '03), 2003.
[5] Crossbow, “Wireless Sensor Networks,” http://www.xbow.com/Products/Wireless_Sensor_Networks.htm, June 2005.
[6] F. Delgosha and F. Fekri, “Threshold Key-Establishment in Distributed Sensor Networks Using a Multivariate Scheme,” Proc. INFOCOM, 2006.
[7] W. Du, J. Deng, S. Han, and P. Varshney, “A Pairwise Key Predistribution Scheme for Wireless Sensor Networks,” Proc. ACM Conf. Computer and Comm. Security (CCS '03), 2003.
[8] W. Du, J. Deng, S. Han, and P. Varshney, “A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge,” Proc. INFOCOM, 2004.
[9] L. Eschenauer and V. Gligor, “A Key Management Scheme for Distributed Sensor Networks,” Proc. ACM Conf. Computer and Comm. Security (CCS '02), Nov. 2002.
[10] A. Fox and S. Gribble, “Security on the Move: Indirect Authentication Using Kerberos,” Proc. MobiCom, 1996.
[11] Y. Hu, A. Perrig, and D. Johnson, “Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks,” Proc. MobiCom, 2002.
[12] J. Hubaux, L. Buttyán, and S. Capkun, “Security, Testbeds and Applications: The Quest for Security in Mobile Ad Hoc Networks,” Proc. MobiHoc, Oct. 2001.
[13] J. Kohl and B. Neuman, The Kerberos Network Authentication Service (V5), IETF RFC 1510, 1993.
[14] P. Levis, N. Lee, M. Welsh, and D. Culler, “TOSSIM: Accurate and Scalable Simulation of Entire TinyOS Applications,” Proc. First ACM Conf. Embedded Networked Sensor Systems (SenSys '03), 2003.
[15] A. Liu and P. Ning, “TinyECC: Elliptic Curve Cryptography for Sensor Networks (Version 0.1),” http://discovery.csc.ncsu.edu/software/TinyECC/, 2005.
[16] D. Liu and P. Neng, “Establishing Pairwise Keys in Distributed Sensor Networks,” Proc. ACM Conf. Computer and Comm. Security (CCS '03), 2003.
[17] D. Liu and P. Ning, “Location-Based Pairwise Key Establishments in Static Sensor Networks,” Proc. ACM Workshop Security of Ad Hoc and Sensor Networks, 2003.
[18] D. Malan, M. Welsh, and M. Smith, “A Public-Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography,” Proc. First IEEE Int'l Conf. Sensor and Ad Hoc Comm. and Networks, 2004.
[19] S. Marti, T. Giuli, K. Lai, and M. Baker, “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” Proc. MobiCom, 2000.
[20] V. Mhatre, C. Rosenberg, D. Kofman, R. Mazumdar, and N. Shroff, “A Minimum Cost Heterogeneous Sensor Network with a Lifetime Constraint,” IEEE Trans. Mobile Computing, Jan. 2004.
[21] M. Miller and N. Vaidya, “Leveraging Channel Diversity for Key Establishment in Wireless Sensor Networks,” Proc. INFOCOM, 2006.
[22] R. Needham and M. Schroeder, “Using Encryption for Authentication in Large Networks of Computers,” Comm. ACM, vol. 21, pp.993-999, 1978.
[23] P. Papadimitratos and Z. Haas, “Secure Routing for Mobile AdHoc Networks,” Proc. SCS Comm. Networks and Distributed Systems Modeling and Simulation Conf., 2002.
[24] A. Perrig, R. Canetti, D. Tygar, and D. Song, “The Tesla Broadcast Authentication Protocol,” RSA CryptoBytes, vol. 5, no. 2, pp. 2-13, 2002.
[25] A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J.D. Tygar, “Spins: Security Protocols for Sensor Networks,” ACM Wireless Networking, Sept. 2002.
[26] K. Sanzgiri, B. Dahill, B. Levine, C. Shields, and E. Belding-Royer, “A Secure Routing Protocol for Ad Hoc Networks,” Proc. IEEE Int'l Conf. Network Protocols (ICNP '02), 2002.
[27] C. Shannon, “Communication Theory of Secrecy Systems,” Bell Systems Technical J., vol. 28, 1949.
[28] Y.C. Tay, K. Jamieson, and H. Balakrishnan, “Collision-Minimizing CSMA and Its Applications to Wireless Sensor Networks,” IEEE J. Selected Areas in Comm., vol. 26, no. 6, 2004.
[29] P. Traynor, G. Cao, and T. La Porta, “The Effects of Probabilistic Key Management on Secure Routing in Sensor Networks,” Proc. IEEE Wireless Comm. and Networking Conf. (WCNC '06), 2006.
[30] P. Traynor, H. Choi, G. Cao, S. Zhu, and T. LaPorta, “Establishing Pair-Wise Keys in Heterogeneous Sensor Networks,” Proc. INFOCOM, 2006.
[31] P. Traynor, R. Kumar, H.B. Saad, G. Cao, and T. La Porta, “LIGER: A Hybrid Key Management Scheme for Heterogeneous Sensor Networks,” Proc. ACM/USENIX Fourth Int'l Conf. Mobile Systems Applications and Services (MobiSys '06), 2006.
[32] P. Traynor, J. Shin, B. Madan, S. Phoha, and T. La Porta, “Efficient Group Mobility for Heterogeneous Sensor Networks,” Proc. IEEE Vehicular Technology Conf. (VTC '06), Sept. 2006.
[33] H. Yang, X. Meng, and S. Lu, “Self-Organized Network Layer Security in Mobile Ad Hoc Networks,” Proc. ACM Workshop Wireless Security (WiSe), 2002.
[34] W. Zhang and G. Cao, “Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach,” Proc. INFOCOM, 2005.
[35] G. Zhou, C. Huang, T. Yan, T. He, and J. Stankovic, “MMSN: Multi-Frequency Media Access Control for Wireless Sensor Networks,” Proc. INFOCOM, 2006.
[36] S. Zhu, S. Setia, and S. Jajodia, “LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks,” Proc. ACM Conf. Computer and Comm. Security (CCS '03), 2003.
[37] S. Zhu, S. Xu, S. Setia, and S. Jajodia, “Establishing Pair-Wise Keys for Secure Communication in Ad Hoc Networks: A Probabilistic Approach,” Proc. IEEE Int'l Conf. Network Protocols (ICNP '03), Nov. 2003.
|
 Additional Information
|
Index Terms- Heterogeneous sensor networks, probabilistic key management, probabilistic authentication, hybrid network security.
Citation:
Patrick Traynor, Raju Kumar, Heesook Choi, Guohong Cao, Sencun Zhu, Thomas La Porta,
"Efficient Hybrid Security Mechanisms for Heterogeneous Sensor Networks,"
IEEE Transactions on Mobile Computing,
vol. 6,
no. 6,
pp. 663-677,
Jun.,
2007
|
|
RSS Feed