“A security scheme for wireless sensor networks” aceptado en el Globecom 16

hacene paper

Como ya os comentamos hace unos días la visita de nuestro compañero Hacene Fouchal fue muy productiva. Una de las actividades que realizamos fue un artículo para el congreso Globecom’16 y por el gran trabajo realizado, el artículo ha sido aceptado.

El artículo propone un nuevo sistema de seguridad para redes de sensores inalámbricas (WSNs) que asegura la autenticación de los nodos aunque no tengan acceso a una autoridad de certificados. EL congreso se celebrará del 4 al 8 de Diciembre en Washington. Esperemos que sea una gran experiencia para Hacene.

GC15_PatronageV6_Page1

A WSN-Based Intrusion Alarm System to Improve Safety in Road Work Zones

IMG_20160216_191158

Title: A WSN-Based Intrusion Alarm System to Improve Safety in Road Work Zones
Authors: Jose Martin, Alba Rozas, and Alvaro Araujo
Published in: Journal of Sensors
Date of Publication: Jun 2016
Digital Object Identifier : 10.1155/2016/7048141
Web: https://www.hindawi.com/journals/js/2016/7048141/

Road traffic accidents are one of the main causes of death and disability worldwide. Workers responsible for maintaining and repairing roadways are especially prone to suffer these events, given their exceptional exposure to traffic. Since these actuations usually coexist with regular traffic, an errant driver can easily intrude the work area and provoke a collision. Some authors have proposed mechanisms aimed at detecting breaches in the work zone perimeter and alerting workers, which are collectively called intrusion alarm systems. However, they have several limitations and have not yet fulfilled the necessities of these scenarios. In this paper, we propose a new intrusion alarm system based on a Wireless Sensor Network (WSN). Our system is comprised of two main elements: vehicle detectors that form a virtual barrier and detect perimeter breaches by means of an ultrasonic beam and individual warning devices that transmit alerts to the workers. All these elements have a wireless communication interface and form a network that covers the whole work area. This network is in charge of transmitting and routing the alarms and coordinates the behavior of the system. We have tested our solution under real conditions with satisfactory results.

Artículo aceptado sobre el proyecto PROMETEO

Despliegue del nodo central secundario y los nodos finales en la Buitrera

Aunque el proyecto PROMETEO finalizó hace ya dos años, hoy hemos recibido una gran noticia referente a su difusión. Ha sido aceptado un artículo sobre el sistema desarrollado, titulado Forest Monitoring and Wildland Early Fire Detection by a Hierarchical Wireless Sensor Network, en la revista Journal of Sensors, con índice de impacto 1,182. Este artículo describe de forma detallada la red terrena de sensores desarrollada, así como las pruebas que se realizaron durante el transcurso del proyecto.

Esta red era el objetivo principal de la tarea en la que participaba el grupo B105 junto al grupo GIICA del Instituto de Tecnología Informática de la Universidad Politécnica de Valencia y la empresa ISDEFE. El grupo B105 se encargó del desarrollo de los nodos finales, encargados de monitorizar la temperatura, humedad y condiciones de viento en el bosque. Estos datos se enviaban inalámbricamente a los nodos centrales, desarrollados por el grupo de la UPV, que los agrupaban y reenviaban al centro de control. La tarea de ISDEFE consistió en la supervisión y seguimiento del proyecto.

En lo que respecta al artículo, cada participante del proyecto ha escrito las secciones correspondientes a su desarrollo, mientras que el planteamiento general y la escritura del conjunto del artículo han sido realizadas por David Cuesta de la UPV. Esperemos que su publicación contribuya a una mayor difusión del sistema desarrollado. Además, de cara a nuestro grupo, puede servir de ejemplo de que el trabajo de desarrollo e innovación puede y debe publicarse tanto como el de investigación.

js

Cognitive Wireless Sensor Network Platform for Cooperative Communications

nodo

Title: Cognitive Wireless Sensor Network Platform for Cooperative Communications
Authors: Agustín Tena, Guillermo Jara, Juan Domingo, Elena Romero, Alvaro Araujo
Published in: International Journal of Distributed Sensor Networks
Date of Publication: January 2014
Digital Object Identifier : 10.1155/2014/473905
Web: http://www.hindawi.com/journals/ijdsn/2014/473905/

Nowadays, Wireless Ad-Hoc Sensor Networks (WAHSNs), specially limited in energy and resources, are subject to development constraints and difficulties such as the increasing Radio Frequency (RF) spectrum saturation at the unlicensed bands. Cognitive Wireless Sensor Networks (CWSNs), leaning on a cooperative communication model, develop new strategies to mitigate the inefficient use of the spectrum that WAHSNs face. However, few and poorly featured platforms allow their study due to their early research stage.

This paper presents a versatile platform that brings together cognitive properties into WAHSNs. It combines hardware and software modules as an entire instrument to investigate CWSNs. The hardware fits WAHSN requirements in terms of size, cost, features, and energy. It allows communication over three different RF bands, becoming the first cognitive platform for WAHSNs with this capability. In addition, its modular and scalable design is widely adaptable to almost any WAHSN application.

Significant features such as Radio Interface (RI) agility or energy consumption have been proved throughout different performance tests.

 

nodo

PUE Attack Detection in CWSN Using Collaboration and Learning Behavior

cognitive radio module

Title: PUE Attack Detection in CWSN Using Collaboration and Learning Behavior
Authors: Javier Blesa, Elena Romero, Alba Rozas, Alvaro Araujo and Octavio Nieto-Taladriz
Published in: International Journal of Distributed Sensor Networks
Date of Publication: June 2013
Digital Object Identifier : 10.1155/2013/815959
Web: http://www.hindawi.com/journals/ijdsn/2013/815959/

Cognitive Wireless Sensor Network (CWSN) is a new paradigm which integrates cognitive features in traditional Wireless Sensor Networks (WSNs) to mitigate important problems such as spectrum occupancy. Security in Cognitive Wireless Sensor Networks is an important problem because these kinds of networks manage critical applications and data. Moreover, the specific constraints of WSN make the problem even more critical. However, effective solutions have not been implemented yet. Among the specific attacks derived from new cognitive features, the one most studied is the Primary User Emulation (PUE) attack. This paper discusses a new approach, based on anomaly behavior detection and collaboration, to detect the PUE attack in CWSN scenarios. A nonparametric CUSUM algorithm, suitable for low resource networks like CWSN, has been used in this work. The algorithm has been tested using a cognitive simulator that brings important results in this area. For example, the result shows that the number of collaborative nodes is the most important parameter in order to improve the PUE attack detection rates. If the 20% of the nodes collaborates, the PUE detection reaches the 98% with less than 1% of false positives.

cognitive radio module

 

PUE attack detection in CWSNs using anomaly detection techniques

clusters

Title: PUE attack detection in CWSNs using anomaly detection techniques
Authors: Javier Blesa, Elena Romero, Alba Rozas and Alvaro Araujo
Published in: EURASIP Journal on Wireless Communications and Networking 
Date of Publication: September 2013
Digital Object Identifier : 10.1186/1687-1499-2013-215
Web: http://jwcn.eurasipjournals.com/content/2013/1/215

Cognitive wireless sensor network (CWSN) is a new paradigm, integrating cognitive features in traditional wireless sensor networks (WSNs) to mitigate important problems such as spectrum occupancy. Security in cognitive wireless sensor networks is an important problem since these kinds of networks manage critical applications and data. The specific constraints of WSN make the problem even more critical, and effective solutions have not yet been implemented. Primary user emulation (PUE) attack is the most studied specific attack deriving from new cognitive features. This work discusses a new approach, based on anomaly behavior detection and collaboration, to detect the primary user emulation attack in CWSN scenarios. Two non-parametric algorithms, suitable for low-resource networks like CWSNs, have been used in this work: the cumulative sum and data clustering algorithms. The comparison is based on some characteristics such as detection delay, learning time, scalability, resources, and scenario dependency. The algorithms have been tested using a cognitive simulator that provides important results in this area. Both algorithms have shown to be valid in order to detect PUE attacks, reaching a detection rate of 99% and less than 1% of false positives using collaboration.

clusters

 

Improving Security in WMNs with Reputation Systems and Self-Organizing Maps

Title: Improving Security in WMNs with Reputation Systems and Self-Organizing Maps
Authors: Z. Bankovic, D. Fraga, José M. Moya, J.C. Vallejo, P. Malagón, A. Araujo, J.M. de Goyeneche, E. Romero, J. Blesa, D. Villanueva, O. Nieto-Taladriz
Published in: Journal of Network and Computer Applications, Special Issue “Wireless Mesh Networks”ISSN : 1084–8045
Date of Publication: April 2010
Digital Object Identifier : 10.1016/j.jnca.2010.03.023
Web: http://www.sciencedirect.com/science/article/pii/S1084804510000585

One of the most important problems of WMNs, that is even preventing them from being used in many sensitive applications, is the lack of security. To ensure security of WMNs, two strategies need to be adopted: embedding security mechanisms into the network protocols, and developing efficient intrusion detection and reaction systems. To date, many secure protocols have been proposed, but their role of defending attacks is very limited.

We present a framework for intrusion detection in WMNs that is orthogonal to the network protocols. It is based on a reputation system, that allows to isolate ill-behaved nodes by rating their reputation as low, and distributed agents based on unsupervised learning algorithms (self-organizing maps), that are able to detect deviations from the normal behavior. An additional advantage of this approach is that it is quite independent of the attacks, and therefore it can detect and confine new, previously unknown, attacks. Unlike previous approaches, and due to the inherent insecurity of WMN nodes, we assume that confidentiality and integrity cannot be preserved for any single node.

wsn2

Using Reputation Systems and Non-Deterministic Routing to Secure Wireless Sensor Networks

Title: Using Reputation Systems and Non-Deterministic Routing to Secure Wireless Sensor Networks
Authors: José M. Moya, J.C. Vallejo, D. Fraga, A. Araujo, D. Villanueva,J.M. de Goyeneche
Published in: Sensors, Vol 9
ISSN : 1424–8220
Date of Publication: May 2009
Digital Object Identifier : 10.3390/s90503958
Web: http://www.mdpi.com/1424-8220/9/5/3958

Security in wireless sensor networks is difficult to achieve because of the resource limitations of the sensor nodes. We propose a trust-based decision framework for wireless sensor networks coupled with a non-deterministic routing protocol. Both provide a mechanism to effectively detect and confine common attacks, and, unlike previous approaches, allow bad reputation feedback to the network. This approach has been extensively simulated, obtaining good results, even for unrealistically complex attack scenarios.

amisec-elements

 

Distributed Intrusion Detection System for Wireless Sensor Networks based on a Reputation System coupled with Kernel Self-Organizing Maps

Title: Distributed Intrusion Detection System for Wireless Sensor Networks based on a Reputation System coupled with Kernel Self-Organizing Maps
Authors: Z. Bankovic´, J.M. Moya, A. Araujo, D. Fraga, J.C. Vallejo, J.M. de Goyeneche
Published in: Integrated Computer-Aided Engineering, Vol 17
ISSN : 1069–2509
Date of Publication: April 2010
Digital Object Identifier : 10.3233/ICA-2010-0334
Web: http://iospress.metapress.com/content/67t2t65423226255/

Security of sensor networks is a complicated task, mostly due to the limited resources of sensor units. The first line of defense, i.e. encryption and authentication, is useless if an attacker has entered the system, and it is also vulnerable to side-channel attacks. Thus, a second line of defense, known as Intrusion Detection, must be added in order to detect and eliminate attacks. In the recent past, various solutions for detecting intrusions have been proposed. Most of them are able to detect only a limited number of attacks. Further, the solutions that deploy machine learning techniques exhibit higher level of flexibility and adaptability. Yet, these techniques consume significant power and computational resources. In this work we propose a distributed intrusion detection system organized as a reputation system where the reputation of each node is assigned by self-organizing maps (SOM) trained for detecting intrusions. The response of the system consists in assigning low reputation values to the compromised nodes rendering them isolated from the rest of the network. Further, we propose the implementation of SOM algorithm using the energy-efficient SORU (Stream Oriented Reconfigurable Unit) co-processor developed by our research group. Our solution offers many benefits: scalable solution, fast response to adversarial activities, ability to detect unknown attacks, high adaptability and energy efficiency. The testing results demonstrate its high potential.

somcolor-after

Improving Security for SCADA Sensor Networks with Reputation Systems and Self- Organizing Maps

Title: Improving Security for SCADA Sensor Networks with Reputation Systems and Self- Organizing Maps
Authors: José M. Moya, A. Araujo, Z. Bankovic, J.M. de Goyeneche, J.C. Vallejo, P. Malagón, D. Villanueva, D. Fraga, E. Romero, J. Blesa
Published in: Sensors, Vol 9
ISSN : 1424–8220
Date of Publication: November 2009
Digital Object Identifier : 10.3390/s91109380
Web: http://www.mdpi.com/1424-8220/9/11/9380

The reliable operation of modern infrastructures depends on computerized systems and Supervisory Control and Data Acquisition (SCADA) systems, which are also based on the data obtained from sensor networks. The inherent limitations of the sensor devices make them extremely vulnerable to cyberwarfare/cyberterrorism attacks. In this paper, we propose a reputation system enhanced with distributed agents, based on unsupervised learning algorithms (self-organizing maps), in order to achieve fault tolerance and enhanced resistance to previously unknown attacks. This approach has been extensively simulated and compared with previous proposals.

scada4