SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure

Surveillance wireless sensor networks (WSNs) are highly vulnerable to the failure of the base station (BS) because attackers can easily render the network useless for relatively long periods of time by only destroying the BS. The time and effort needed to destroy the BS is much less than that needed...

Full description

Bibliographic Details
Main Author: Megahed, Mohamed Helmy Mostafa
Language:en
Published: 2014
Subjects:
Online Access:http://hdl.handle.net/10393/31154
id ndltd-LACETR-oai-collectionscanada.gc.ca-OOU.#10393-31154
record_format oai_dc
collection NDLTD
language en
sources NDLTD
topic Reliable network recovery from Base Station failure
Surveillance Wireless Sensor Network
Security manager (SM)
Backup security manager (BKSM)
Network trustworthiness
Efficient dynamic secret sharing
Distributed users tables (DUT)
Compromised nodes detection algorithm at first stage
Node compromise attack
Hybrid key management
Dynamic key management
Homogenous network
High end Sensor Nodes (HSNs)
Network scalability
Network connectivity
Spread Spectrum Encryption Architecture (SSEA)
Unpredictability principal
PRNG
Resistant to quantum computer
spellingShingle Reliable network recovery from Base Station failure
Surveillance Wireless Sensor Network
Security manager (SM)
Backup security manager (BKSM)
Network trustworthiness
Efficient dynamic secret sharing
Distributed users tables (DUT)
Compromised nodes detection algorithm at first stage
Node compromise attack
Hybrid key management
Dynamic key management
Homogenous network
High end Sensor Nodes (HSNs)
Network scalability
Network connectivity
Spread Spectrum Encryption Architecture (SSEA)
Unpredictability principal
PRNG
Resistant to quantum computer
Megahed, Mohamed Helmy Mostafa
SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure
description Surveillance wireless sensor networks (WSNs) are highly vulnerable to the failure of the base station (BS) because attackers can easily render the network useless for relatively long periods of time by only destroying the BS. The time and effort needed to destroy the BS is much less than that needed to destroy the numerous sensing nodes. Previous works have tackled BS failure by deploying a mobile BS or by using multiple BSs, which requires extra cost. Moreover, despite using the best electronic countermeasures, intrusion tolerance systems and anti-traffic analysis strategies to protect the BSs, an adversary can still destroy them. The new BS cannot trust the deployed sensor nodes. Also, previous works lack both the procedures to ensure network reliability and security during BS failure such as storing then sending reports concerning security threats against nodes to the new BS and the procedures to verify the trustworthiness of the deployed sensing nodes. Otherwise, a new WSN must be re-deployed which involves a high cost and requires time for the deployment and setup of the new WSN. In this thesis, we address the problem of reliable recovery from a BS failure by proposing a new security architecture called Surveillance Security (SurvSec). SurvSec continuously monitors the network for security threats and stores data related to node security, detects and authenticates the new BS, and recovers the stored data at the new BS. SurvSec includes encryption for security-related information using an efficient dynamic secret sharing algorithm, where previous work has high computations for dynamic secret sharing. SurvSec includes compromised nodes detection protocol against collaborative work of attackers working at the same time where previous works have been inefficient against collaborative work of attackers working at the same time. SurvSec includes a key management scheme for homogenous WSN, where previous works assume heterogeneous WSN using High-end Sensor Nodes (HSN) which are the best target for the attackers. SurvSec includes efficient encryption architecture against quantum computers with a low time delay for encryption and decryption, where previous works have had high time delay to encrypt and decrypt large data size, where AES-256 has 14 rounds and high delay. SurvSec consists of five components, which are: 1. A Hierarchical Data Storage and Data Recovery System. 2. Security for the Stored Data using a new dynamic secret sharing algorithm. 3. A Compromised-Nodes Detection Algorithm at the first stage. 4. A Hybrid and Dynamic Key Management scheme for homogenous network. 5. Powerful Encryption Architecture for post-quantum computers with low time delay. In this thesis, we introduce six new contributions which are the followings: 1. The development of the new security architecture called Surveillance Security (SurvSec) based on distributed Security Managers (SMs) to enable distributed network security and distributed secure storage. 2. The design of a new dynamic secret sharing algorithm to secure the stored data by using distributed users tables. 3. A new algorithm to detect compromised nodes at the first stage, when a group of attackers capture many legitimate nodes after the base station destruction. This algorithm is designed to be resistant against a group of attackers working at the same time to compromise many legitimate nodes during the base station failure. 4. A hybrid and dynamic key management scheme for homogenous network which is called certificates shared verification key management. 5. A new encryption architecture which is called the spread spectrum encryption architecture SSEA to resist quantum-computers attacks. 6. Hardware implementation of reliable network recovery from BS failure. The description of the new security architecture SurvSec components is done followed by a simulation and analytical study of the proposed solutions to show its performance.
author Megahed, Mohamed Helmy Mostafa
author_facet Megahed, Mohamed Helmy Mostafa
author_sort Megahed, Mohamed Helmy Mostafa
title SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure
title_short SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure
title_full SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure
title_fullStr SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure
title_full_unstemmed SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure
title_sort survsec security architecture for reliable surveillance wsn recovery from base station failure
publishDate 2014
url http://hdl.handle.net/10393/31154
work_keys_str_mv AT megahedmohamedhelmymostafa survsecsecurityarchitectureforreliablesurveillancewsnrecoveryfrombasestationfailure
_version_ 1716669799998685184
spelling ndltd-LACETR-oai-collectionscanada.gc.ca-OOU.#10393-311542014-06-14T03:50:41ZSurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station FailureMegahed, Mohamed Helmy MostafaReliable network recovery from Base Station failureSurveillance Wireless Sensor NetworkSecurity manager (SM)Backup security manager (BKSM)Network trustworthinessEfficient dynamic secret sharingDistributed users tables (DUT)Compromised nodes detection algorithm at first stageNode compromise attackHybrid key managementDynamic key managementHomogenous networkHigh end Sensor Nodes (HSNs)Network scalabilityNetwork connectivitySpread Spectrum Encryption Architecture (SSEA)Unpredictability principalPRNGResistant to quantum computerSurveillance wireless sensor networks (WSNs) are highly vulnerable to the failure of the base station (BS) because attackers can easily render the network useless for relatively long periods of time by only destroying the BS. The time and effort needed to destroy the BS is much less than that needed to destroy the numerous sensing nodes. Previous works have tackled BS failure by deploying a mobile BS or by using multiple BSs, which requires extra cost. Moreover, despite using the best electronic countermeasures, intrusion tolerance systems and anti-traffic analysis strategies to protect the BSs, an adversary can still destroy them. The new BS cannot trust the deployed sensor nodes. Also, previous works lack both the procedures to ensure network reliability and security during BS failure such as storing then sending reports concerning security threats against nodes to the new BS and the procedures to verify the trustworthiness of the deployed sensing nodes. Otherwise, a new WSN must be re-deployed which involves a high cost and requires time for the deployment and setup of the new WSN. In this thesis, we address the problem of reliable recovery from a BS failure by proposing a new security architecture called Surveillance Security (SurvSec). SurvSec continuously monitors the network for security threats and stores data related to node security, detects and authenticates the new BS, and recovers the stored data at the new BS. SurvSec includes encryption for security-related information using an efficient dynamic secret sharing algorithm, where previous work has high computations for dynamic secret sharing. SurvSec includes compromised nodes detection protocol against collaborative work of attackers working at the same time where previous works have been inefficient against collaborative work of attackers working at the same time. SurvSec includes a key management scheme for homogenous WSN, where previous works assume heterogeneous WSN using High-end Sensor Nodes (HSN) which are the best target for the attackers. SurvSec includes efficient encryption architecture against quantum computers with a low time delay for encryption and decryption, where previous works have had high time delay to encrypt and decrypt large data size, where AES-256 has 14 rounds and high delay. SurvSec consists of five components, which are: 1. A Hierarchical Data Storage and Data Recovery System. 2. Security for the Stored Data using a new dynamic secret sharing algorithm. 3. A Compromised-Nodes Detection Algorithm at the first stage. 4. A Hybrid and Dynamic Key Management scheme for homogenous network. 5. Powerful Encryption Architecture for post-quantum computers with low time delay. In this thesis, we introduce six new contributions which are the followings: 1. The development of the new security architecture called Surveillance Security (SurvSec) based on distributed Security Managers (SMs) to enable distributed network security and distributed secure storage. 2. The design of a new dynamic secret sharing algorithm to secure the stored data by using distributed users tables. 3. A new algorithm to detect compromised nodes at the first stage, when a group of attackers capture many legitimate nodes after the base station destruction. This algorithm is designed to be resistant against a group of attackers working at the same time to compromise many legitimate nodes during the base station failure. 4. A hybrid and dynamic key management scheme for homogenous network which is called certificates shared verification key management. 5. A new encryption architecture which is called the spread spectrum encryption architecture SSEA to resist quantum-computers attacks. 6. Hardware implementation of reliable network recovery from BS failure. The description of the new security architecture SurvSec components is done followed by a simulation and analytical study of the proposed solutions to show its performance.2014-05-30T13:19:20Z2014-05-30T13:19:20Z20142014-05-30Thèse / Thesishttp://hdl.handle.net/10393/31154en