Presentation is loading. Please wait.

Presentation is loading. Please wait.

T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun."— Presentation transcript:

1 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun Gu gu@cse.ohio-state.edu Department of Computer Science and Engineering The Ohio State University, U.S.A. Network Decoupling for Secure Communications in Wireless Sensor Networks IWQoS06, June 20 th 2006

2 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 2 Secure communications in WSNs  Wireless sensor networks (WSNs) Secure communications are important Pair-wise keys among neighboring nodes are needed  Random Key Pre-distribution (RKP) schemes Pre-deployment: distribute a random set of keys to each sensor Post-deployment: establish pair-wise keys  RKP schemes have been well accepted Random deployment of WSNs in many cases Simplicity Distributed Many follow-up works

3 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 3 However …  RKP schemes have two inherent limitations: Randomness in key pre-distribution Strong constraint in key path construction (a) physical node degree: 9.71 (b) secure node degree: 4.06 The current RKP schemes can only work in highly dense networks!!

4 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 4 Our major contributions  We propose network decoupling to release the strong constraint, making RKP schemes applicable in non-highly dense networks  We further design a new RKP-based protocol, i.e. RKP-DE, in a decoupled sensor network

5 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 5 Outline  Background: Random Key Pre-distribution (RKP) schemes  Network decoupling methodology  RKP-DE: a secure neighbor establishment protocol  Performance analysis  Related work  Final remarks

6 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 6 Why new key management schemes in WSNs  Traditional schemes cannot work in WSNs Key distribution center (KDC)  poor scalability and single point of failure Public key based schemes  high communication / computation overhead Single master key for all sensors  poor security Distinct key for each pair of sensors  high storage overhead

7 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 7 Random Key Pre-distribution (RKP) schemes  Key pre-distribution Each sensor is pre-distributed with k keys randomly chosen from a key pool with size K Sensors are deployed randomly  Pair-wise key establishment Direct setup: share pre-distributed keys Indirect setup: construct a key path via a proxy sensor nearby

8 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 8 {k 6, k 8, k 9 } {k 5, k 8, k 9 } {k 4, k 6, k 7 } {k 1, k 4, k 5 } {k 1, k 2, k 3 } An example of RKP scheme k = 3 K = 10 b a c e d Req {k ac } k4 Req {k ac } k1

9 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 9 Inherent limitation of RKP schemes  Logical constraint Sharing pre- distributed key(s)  Physical constraint Within communication range  Both constraints are coupled {k 6, k 8, k 9 } {k 5, k 8, k 9 } {k 4, k 6, k 7 } {k 1, k 4, k 5 } {k 1, k 2, k 3 } b a c e d

10 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 10 Attack model and performance metrics  Attack model Link monitoring: monitor all links Node capture: capture some nodes  Performance metrics Connectivity: probability two neighboring sensors can establish a pair-wise key Resilience: probability a pair-wise key is uncompromised

11 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 11 Low secure node degree with RKP (a) (b) physical node degree: 9.71 secure node degree: 4.06 secure node degree = physical node degree * connectivity

12 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 12 Our solutions  Methodology: network decoupling Decouple the logical and physical constraints in key path construction  Protocol: RKP-DE A secure neighbor establishment protocol based on network decoupling Dependency elimination

13 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 13 Network decoupling  A network is decoupled into A logical key-sharing network: an edge between two sensors iff they share pre- distributed keys A physical neighborhood network: an edge between two sensors iff they are within communication range

14 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 14 An example of network decoupling (b) Logical graph decouple {k 5, k 8, k 9 } {k 4, k 6, k 7 } {k 1, k 4, k 5 } {k 1, k 2, k 3 } b a c e d {k 6, k 8, k 9 } b a c e d (c) Physical graph c b a e d (a) Local information of node a

15 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 15 RKP-DE protocol  Keys are randomly pre-distributed to each node at the pre-deployment stage. There are four steps at post-deployment stage: Step1: Local graphs construction Step2: Key paths construction  Logical key paths are constructed in logical network  Each logical link is constructed in physical network Step 3: Link and path dependency elimination Step 4: Pair-wise key establishment

16 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 16 Key paths construction c a b e d d Logical graph b a c e d Physical graph c b a e d Two key paths from a to d a a

17 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 17 Link and path dependency elimination  Not all key paths helpful for resilience  Link dependency  Path dependency a {k 1, k 2, k 3 } {k 1, k 2 } b c d e f {k 4 } {k 2 } {k 1, k 2 } b c d {k 4 } a

18 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 18 Pair-wise key establishment {k 6, k 8, k 9 } {k 5, k 8, k 9 } {k 4, k 6, k 7 } {k 1, k 4, k 5 } {k 1, k 2, k 3 } b a c e d {k ad (1) } k1 {k ad (1) } k5 k ad = k ad (1) XOR k ad (2) {k ad (2) } k1 {k ad (2) } k4 {k ad (2) } k6 {k ad (2) } k8 k ad (1) k ad (2)

19 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 19 Performance analysis  Methodologies Theoretical analysis Simulation  Metrics Secure node degree Connectivity: local and global connectivity Resilience

20 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 20 secure node degree in RKP-DE protocol probability that a sensor u can find a key path to a neighboring sensor v within both sensors’ information areas with minimum i logical hops probability that a sensor u can find a key path to a neighboring sensor v within sensor u’s information area with minimum i logical hops Analyzing secure node degree For explanation and derivation of other variables, please refer to our technical report at ftp://ftp.cse.ohio-state.edu/pub/tech-report/2006/TR27.pdfftp://ftp.cse.ohio-state.edu/pub/tech-report/2006/TR27.pdf

21 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 21 Improved secure node degree (analytical result) Formulas in previous slide are for arbitrary number of hops, while data here and in next slide are for 2 hops only. Formulas for 2 hops are much simpler. only one proxy is used on each logical key path arbitrary number of proxies are used on each logical key path

22 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 22 Improved secure node degree (simulation result) (a) (b) (c) physical node secure node secure node degree: 9.71 degree: 4.06 degree: 5.68

23 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 23 Connectivity and resilience  Sensitivity to physical node degree (D p )

24 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 24 Connectivity and resilience (cont.)  Sensitivity to key chain size (k) and number of captured nodes (x)

25 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 25 Related work  Network decoupling Internet: QoS control plane and data forwarding plane decoupling [Kung & Wang 1999] Sensor Networks: path naming and selection [Niculescu & Nath 2003]  Improving RKP Pre-deployment: key pre-distribution based on deployment knowledge [Du et al. 2004] Post-deployment: Remote proxy [Chan & Perrig 2005]

26 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 26 Final remarks  Secure communications are important in WSNs  Traditional RKP schemes suffer from the strong constraint in key path construction  Our contributions: Network decoupling releases the strong constraint RKP-DE protocol for secure neighbor establishment  Future work: Testbed implementation

27 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 27 References  [Kung & Wang 1999]: Tcp trunking: Design, implementation and performance, ICNP 1999  [Niculescu & Nath 2003]: Trajectory based forwarding and its applications, Mobicom 2003  [Du et al. 2004]: A key management scheme for wireless sensor networks using deployment knowledge, Infocom 2004  [Chan & Perrig 2005]: PIKE: Peer Intermediaries for Key Establishment in Sensor Networks, Infocom 2005

28 T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 28 Thank You !

Download ppt "T H E O H I O S T A T E U N I V E R S I T Y Computer Science and Engineering 1 Wenjun Gu, Xiaole Bai, Sriram Chellappan and Dong Xuan Presented by Wenjun."

Similar presentations

Energy-Efficient Distributed Algorithms for Ad hoc Wireless Networks Gopal Pandurangan Department of Computer Science Purdue University.

Energy-Efficient Distributed Algorithms for Ad hoc Wireless Networks Gopal Pandurangan Department of Computer Science Purdue University.
Supporting Cooperative Caching in Disruption Tolerant Networks

Supporting Cooperative Caching in Disruption Tolerant Networks
Communications Research Centre (CRC) Defence R&D Canada – Ottawa 1 Properties of Mobile Tactical Radio Networks on VHF Bands Li Li & Phil Vigneron Communications.

Communications Research Centre (CRC) Defence R&D Canada – Ottawa 1 Properties of Mobile Tactical Radio Networks on VHF Bands Li Li & Phil Vigneron Communications.
Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.

Message Integrity in Wireless Senor Networks CSCI 5235 Instructor: Dr. T. Andrew Yang Presented by: Steven Turner Abstract.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
Sec-TEEN: Secure Threshold sensitive Energy Efficient sensor Network protocol Ibrahim Alkhori, Tamer Abukhalil & Abdel-shakour A. Abuznied Department of.

Sec-TEEN: Secure Threshold sensitive Energy Efficient sensor Network protocol Ibrahim Alkhori, Tamer Abukhalil & Abdel-shakour A. Abuznied Department of.
The Sybil Attack in Sensor Networks: Analysis & Defenses J. Newsome, E. Shi, D. Song and A. Perrig IPSN’04.

The Sybil Attack in Sensor Networks: Analysis & Defenses J. Newsome, E. Shi, D. Song and A. Perrig IPSN’04.
2011.06.01 Beyond Trilateration: On the Localizability of Wireless Ad Hoc Networks Reported by: 莫斌.

Beyond Trilateration: On the Localizability of Wireless Ad Hoc Networks Reported by: 莫斌.
Detecting Phantom Nodes in Wireless Sensor Networks Joengmin Hwang Tian He Yongdae Kim Department of Computer Science, University of Minnesota, Minneapolis.

Detecting Phantom Nodes in Wireless Sensor Networks Joengmin Hwang Tian He Yongdae Kim Department of Computer Science, University of Minnesota, Minneapolis.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:

Using Auxiliary Sensors for Pair-Wise Key Establishment in WSN Source: Lecture Notes in Computer Science (2010) Authors: Qi Dong and Donggang Liu Presenter:
Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.

Securing Wireless Sensor Networks Wenliang (Kevin) Du Department of Electrical Engineering and Computer Science Syracuse University.
1 On Constructing k- Connected k-Dominating Set in Wireless Networks Department of Computer Science and Information Engineering National Cheng Kung University,

1 On Constructing k- Connected k-Dominating Set in Wireless Networks Department of Computer Science and Information Engineering National Cheng Kung University,
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.

A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks Wenliang (Kevin) Du, Jing Deng, Yunghsiang S. Han and Pramod K. Varshney Department.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Presenter: Todd Fielder.

A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge Presenter: Todd Fielder.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.

SUMP: A Secure Unicast Messaging Protocol for Wireless Ad Hoc Sensor Networks Jeff Janies, Chin-Tser Huang, Nathan L. Johnson.
Robust Communications for Sensor Networks in Hostile Environments Ossama Younis and Sonia Fahmy Department of Computer Sciences, Purdue University Paolo.

Robust Communications for Sensor Networks in Hostile Environments Ossama Younis and Sonia Fahmy Department of Computer Sciences, Purdue University Paolo.

Similar presentations

Ads by Google