Quantum key distribution(QKD)optical networks can provide more secure communications.However,with the increase of the QKD path requests and key updates,network blocking problems will become severe.The blocking problem...Quantum key distribution(QKD)optical networks can provide more secure communications.However,with the increase of the QKD path requests and key updates,network blocking problems will become severe.The blocking problems in the network can become more severe because each fiber link has limited resources(such as wavelengths and time slots).In addition,QKD optical networks are also affected by external disturbances such as data interception and eavesdropping,resulting in inefficient network communication.In this paper,we exploit the idea of protection path to enhance the anti-interference ability of QKD optical network.By introducing the concept of security metric,we propose a routing wavelength and time slot allocation algorithm(RWTA)based on protection path,which can lessen the blocking problem of QKD optical network.According to simulation analysis,the security-metric-based RWTA algorithm(SM-RWTA)proposed in this paper can substantially improve the success rate of security key(SK)update and significantly reduce the blocking rate of the network.It can also improve the utilization rate of resources such as wavelengths and time slots.Compared with the non-security-metric-based RWTA algorithm(NSM-RWTA),our algorithm is robust and can enhance the anti-interference ability and security of QKD optical networks.展开更多
Convergence and collaboration of heterogeneous networks in the next generation public mobile networks will be a subject of universal significance. Convergence of heterogeneous networks, as an effective approach to imp...Convergence and collaboration of heterogeneous networks in the next generation public mobile networks will be a subject of universal significance. Convergence of heterogeneous networks, as an effective approach to improve the coverage and capacity of public mobile network, to enable communication services, to provide Internet access and to enable mobile computing from everywhere, has drawn widespread attention for its good prospects in application. Construction of security system for wireless heterogeneous networks and development of new security models, key security techniques and approaches are critical and mandatory in heterogeneous networks development. Key technology of wireless heterogeneous networks security covers security routing protocol, access authentication, intrusion detection system, cooperative communication between nodes, etc.展开更多
Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changi...Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changing topology, cooperative routing algorithms.The article surveys the state of the art in security for wireless mesh networks.Firstly,we analyze various possible threats to security in wireless mesh networks.Secondly,we introduce some representative solutions to these threats,including solutions to the problems of key management,secure network routing,and intrusion detection.We also provide a comparison and discussion of their respective merits and drawbacks,and propose some improvements for these drawbacks.Finally,we also discuss the remaining challenges in the area.展开更多
This study concerns security issues of the emerging Wireless Body Sensor Network (WBSN) formed by biomedical sensors worn on or implanted in the human body for mobile healthcare appli-cations. A novel authenticated sy...This study concerns security issues of the emerging Wireless Body Sensor Network (WBSN) formed by biomedical sensors worn on or implanted in the human body for mobile healthcare appli-cations. A novel authenticated symmetric-key establishment scheme is proposed for WBSN,which fully exploits the physiological features obtained by network entities via the body channel available in WBSN but not other wireless networks. The self-defined Intrinsic Shared Secret (ISS) is used to replace the pre-deployment of secrets among network entities,which thus eliminates centralized services or au-thorities essential in existing protocols,and resolves the key transport problem in the pure symmet-ric-key cryptosystem for WBSN as well. The security properties of the proposed scheme are demon-strated in terms of its attack complexity and the types of attacks it can resist. Besides,the scheme can be implemented under a light-weight way in WBSN systems. Due to the importance of the ISS concept,the analysis on using false acceptance/false rejection method to evaluate the performance of ISS for its usage in the scheme is also demonstrated.展开更多
This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relat...This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).展开更多
The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key managemen...The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.展开更多
Communication security is a critical aspect of QoS provisioning in wireless mesh network (WMN). Because of the inherent characteristics of WMN, conventional security mechanisms cannot be applied. In order to guarant...Communication security is a critical aspect of QoS provisioning in wireless mesh network (WMN). Because of the inherent characteristics of WMN, conventional security mechanisms cannot be applied. In order to guarantee the communication security, a novel communication security mechanism is proposed. The mechanism uses a communication encryption scheme to encrypt data packets and employs a risk avoidance scheme to avoid the malicious nodes during communications. Simulation results indicate that the mechanism is able to provide secure communication effectively and reduce the damage of attacks through multiple paths.展开更多
Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper...Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy(LEACH) for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.展开更多
Wireless body area networks(WBANs)are an emerging technology for the real-time monitoring of physiological signals.WBANs provide a mechanism for collecting,storing,and transmitting physiological data to healthcare pro...Wireless body area networks(WBANs)are an emerging technology for the real-time monitoring of physiological signals.WBANs provide a mechanism for collecting,storing,and transmitting physiological data to healthcare providers.However,the open wireless channel and limited resources of sensors bring security challenges.To ensure physiological data security,this paper provides an efficient Certificateless Public Key Infrastructure Heterogeneous Ring Signcryption(CP-HRSC)scheme,in which sensors are in a certificateless cryptosystem(CLC)environment,and the server is in a public key infrastructure(PKI)environment.CLC could solve the limitations of key escrow in identity-based cryptography(IBC)and certificate management for public keys in PKI.While PKI is suited for the server because it is widely used on the Internet.Furthermore,this paper designs a ring signcryption method that allows the controller to anonymously encrypt physiological data on behalf of a set of sensors,but the server does not exactly know who the sensor is.The construction of this paper can achieve anonymity,confidentiality,authentication,non-repudiation,and integrity in a logically single step.Under the computational Diffie-Hellman(CDH)problem,the formal security proof is provided in the random oracle model(ROM).This paper demonstrates that this scheme has indistinguishability against adaptive chosen ciphertext attacks(IND-CCA2)and existential unforgeability against adaptive chosen message attacks(EUF-CMA).In terms of computational cost and energy usage,a comprehensive performance analysis demonstrates that the proposed scheme is the most effective.Compared to the three existing schemes,the computational cost of this paper’s scheme is reduced by about 49.5%,4.1%,and 8.4%,and the energy usage of our scheme is reduced by about 49.4%,3.7%,and 14.2%,respectively.展开更多
Key establishment and its management in Wireless Sensor Networks(WSN) is a challenging problem due to its limited resources and disordered structure. Many key management schemes have been developed recently for WSN to...Key establishment and its management in Wireless Sensor Networks(WSN) is a challenging problem due to its limited resources and disordered structure. Many key management schemes have been developed recently for WSN to provide secure communication between source and destination sensor nodes.A serious threat highlighted in all of these schemes is that of node capture attacks,where an adversary gains full control over a sensor node through direct physical access.Node capture attacks can also be helpful to an adversary in new attacks like Blackhole and Denial of Service.All of these proposed key management solutions still suffer from node capture attacks with resilience.The current sensor networks are assumed to be designed for specific applications,having key management protocols strongly coupled to applications.The future sensor networks are envisioned as comprising heterogeneous devices assisting to a large range of applications.To achieve this goal,a new application independent approach is needed. In this paper we therefore present a novel,extended version of our previously published Dynamic Group-based Key Establishment(DGKE) protocol. We compare the proposed scheme with existing key management schemes,which shows a significant improvement in resilience against node capture attacks,memory overhead and connectivity.展开更多
Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malic...Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malicious behaviors can disturb routing process.We present the design and performance evaluation of a new secure on-demand routing protocol for ad hoc networks, called CASR.CASR is robust against attackers from outside of the network and even it prevents compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes.Because of using symmetric cryptography in its structure,CASR is robust against large number of types of Denial-of -Service attacks.However,due to the applying of the random key predistributions method to the routing process our proposed scheme reaches a trade-off between the degree of security and complexity.展开更多
An improved LEACH for heterogeneous wireless sensor networks is proposed. Nodes are distributed in a sensing area that is divided into a number of same equilateral hexagons. Heterogeneous nodes act as the cluster head...An improved LEACH for heterogeneous wireless sensor networks is proposed. Nodes are distributed in a sensing area that is divided into a number of same equilateral hexagons. Heterogeneous nodes act as the cluster heads and ordinary nodes act as those cluster sensors in all clusters. The structure of WSNs is a two-layer structure. The upper layer consists of all cluster heads and the lower layer consists of all ordinary sensors managed by their corresponding cluster heads. The cluster heads and the ordinary sensors establish their pairwise keys respectively through utilizing different methods. The arithmetic balances energy expense among all kinds of nodes, saves the node energy, and prolongs the life of wireless sensor networks. Additionally, Analysis demonstrates that the security of wireless sensor networks has been improved obviously even with some heterogeneous nodes.展开更多
Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it b...Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it becomes complex due to the mutual characteristics of sensor nodes in HWSN. In order to enhance the network security,an asymmetric key pre-distributed management scheme for HWSN is proposed combining with authentication process to further ensure the network security; meanwhile,an effective authentication method for newly added nodes is presented. Simulation result indicates that the proposed scheme can improve the network security while reducing the storage space requirement efficiently.展开更多
A high-speed and effective packet scheduling method is crucial to the performance of Gigabit routers. The paper studies the variable-length packet scheduling problem in Gigabit router with crossbar switch fabric and i...A high-speed and effective packet scheduling method is crucial to the performance of Gigabit routers. The paper studies the variable-length packet scheduling problem in Gigabit router with crossbar switch fabric and input queuing, and a scheduling method based on neural network is proposed. For the proposed method, a scheduling system structure fit for the variable-length packet case is presented first, then some rules for scheduling are given. At last, an optimal scheduling method using Hopfield neural network is proposed based on the rules. Furthermore, the paper discusses that the proposed method can be realized by hardware circuit. The simulation result shows the effectiveness of the proposed method.展开更多
As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key management scheme. Therefore self-healing is a good property for key distribution scheme in wireless app...As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key management scheme. Therefore self-healing is a good property for key distribution scheme in wireless applications. A new self-healing key distribution scheme was proposed, which is optimal in terms of user memory storage and efficient in terms of communication complexity.展开更多
The future Wireless Cloud Networks (WCNs) are required to satisfy both extremely high levels of service resilience and security assurance (i.e., Blue criteria) by overproviding backup network resources and cryptograph...The future Wireless Cloud Networks (WCNs) are required to satisfy both extremely high levels of service resilience and security assurance (i.e., Blue criteria) by overproviding backup network resources and cryptographic protection on wireless communication respectively, as well as minimizing energy consumption (i.e., Green criteria) by switching off unnecessary resources as much as possible. There is a contradiction to satisfy both Blue and Green design criteria simultaneously. In this paper, we propose a new BlueGreen topological control scheme to leverage the wireless link connectivity for WCNs using an adaptive encryption key allocation mechanism, named as Shared Backup Path Keys (SBPK). The BlueGreen SBPK can take into account the network dependable requirements such as service resilience, security assurance and energy efficiency as a whole, so as trading off between them to find an optimal solution. Actually, this challenging problem can be modeled as a global optimization problem, where the network working and backup elements such as nodes, links, encryption keys and their energy consumption are considered as a resource, and their utilization should be minimized. The case studies confirm that there is a trade-off optimal solution between the capacity efficiency and energy efficiency to achieve the dependable WCNs.展开更多
Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme ...Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme for wireless sensor networks due to limitations of the power,com-putation capability and storage resources.In this paper,an efficient key agreement and encryptionscheme for wireless sensor networks is presented.Results of analysis and simulations among the pro-posed scheme and other schemes show that the proposed scheme has some advantages in terms ofenergy consumption,computation requirement,storage requirement and security.展开更多
As the scale of the power system continues to expand,the environment for power operations becomes more and more complex.Existing risk management and control methods for power operations can only set the same risk dete...As the scale of the power system continues to expand,the environment for power operations becomes more and more complex.Existing risk management and control methods for power operations can only set the same risk detection standard and conduct the risk detection for any scenario indiscriminately.Therefore,more reliable and accurate security control methods are urgently needed.In order to improve the accuracy and reliability of the operation risk management and control method,this paper proposes a method for identifying the key links in the whole process of electric power operation based on the spatiotemporal hybrid convolutional neural network.To provide early warning and control of targeted risks,first,the video stream is framed adaptively according to the pixel changes in the video stream.Then,the optimized MobileNet is used to extract the feature map of the video stream,which contains both time-series and static spatial scene information.The feature maps are combined and non-linearly mapped to realize the identification of dynamic operating scenes.Finally,training samples and test samples are produced by using the whole process image of a power company in Xinjiang as a case study,and the proposed algorithm is compared with the unimproved MobileNet.The experimental results demonstrated that the method proposed in this paper can accurately identify the type and start and end time of each operation link in the whole process of electric power operation,and has good real-time performance.The average accuracy of the algorithm can reach 87.8%,and the frame rate is 61 frames/s,which is of great significance for improving the reliability and accuracy of security control methods.展开更多
To solve the problems of high memory occupation, low connectivity and poor resiliency against node capture, which existing in the random key pre-distribution techniques while applying to the large scale Wireless Senso...To solve the problems of high memory occupation, low connectivity and poor resiliency against node capture, which existing in the random key pre-distribution techniques while applying to the large scale Wireless Sensor Networks (WSNs), an Identity-Based Key Agreement Scheme (IBKAS) is proposed based on identity-based encryption and Elliptic Curve Diffie-Hellman (ECDH). IBKAS can resist man-in-the-middle attacks and node-capture attacks through encrypting the key agreement parameters using identity-based encryption. Theoretical analysis indicates that comparing to the random key pre-distribution techniques, IBKAS achieves significant improvement in key connectivity, communication overhead, memory occupation, and security strength, and also enables efficient secure rekcying and network expansion. Furthermore, we implement IBKAS for TinyOS-2.1.2 based on the MICA2 motes, and the experiment results demonstrate that IBKAS is feasible for infrequent key distribution and rekeying for large scale sensor networks.展开更多
Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually lo...Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually low power devices that run on battery power. As a result, the costs of the node resources should be minimized when constructing a group key agreement protocol so that the battery life could be prolonged. To achieve this goal, in this paper we propose a security efficient group key agreement protocol based on Burmester-Desmedt (BD) scheme and layer-cluster group model, referred to as LCKM-BD, which is appropriate for large mobile ad hoe networks. In the layer-cluster group model, BD scheme is employed to establish group key, which can not only meet security demands of mobile ad hoc networks but also improve executing performance. Finally, the proposed protocol LCKM-BD are compared with BD, TGDH (tree-based group Diffe-Hellman), and GDH (group Diffie-Hellman) group key agreement protocols. The analysis results show that our protocol can significantly decrease both the computational overhead and communication costs with respect to these comparable protocols.展开更多
基金funded by Youth Program of Shaanxi Provincial Department of Science and Technology(Grant No.2024JC-YBQN-0630)。
文摘Quantum key distribution(QKD)optical networks can provide more secure communications.However,with the increase of the QKD path requests and key updates,network blocking problems will become severe.The blocking problems in the network can become more severe because each fiber link has limited resources(such as wavelengths and time slots).In addition,QKD optical networks are also affected by external disturbances such as data interception and eavesdropping,resulting in inefficient network communication.In this paper,we exploit the idea of protection path to enhance the anti-interference ability of QKD optical network.By introducing the concept of security metric,we propose a routing wavelength and time slot allocation algorithm(RWTA)based on protection path,which can lessen the blocking problem of QKD optical network.According to simulation analysis,the security-metric-based RWTA algorithm(SM-RWTA)proposed in this paper can substantially improve the success rate of security key(SK)update and significantly reduce the blocking rate of the network.It can also improve the utilization rate of resources such as wavelengths and time slots.Compared with the non-security-metric-based RWTA algorithm(NSM-RWTA),our algorithm is robust and can enhance the anti-interference ability and security of QKD optical networks.
基金the Jiangsu Natural Science Foundation under Grant No.BK2007236Jiangsu Six-Categories Top Talent Fundunder Grand No.SJ207001
文摘Convergence and collaboration of heterogeneous networks in the next generation public mobile networks will be a subject of universal significance. Convergence of heterogeneous networks, as an effective approach to improve the coverage and capacity of public mobile network, to enable communication services, to provide Internet access and to enable mobile computing from everywhere, has drawn widespread attention for its good prospects in application. Construction of security system for wireless heterogeneous networks and development of new security models, key security techniques and approaches are critical and mandatory in heterogeneous networks development. Key technology of wireless heterogeneous networks security covers security routing protocol, access authentication, intrusion detection system, cooperative communication between nodes, etc.
基金Project supported by the Shanghai Minicipal Natural Science Foundation(Grant No09ZR1414900)the National High Technology Development 863 Program of China(Grant No2006AA01Z436,No2007AA01Z452,No2009AA01Z118)
文摘Wireless mesh network is a new emerging field with its potential applications in extremely unpredictable and dynamic environments.However,it is particularly vulnerable due to its features of open medium,dynamic changing topology, cooperative routing algorithms.The article surveys the state of the art in security for wireless mesh networks.Firstly,we analyze various possible threats to security in wireless mesh networks.Secondly,we introduce some representative solutions to these threats,including solutions to the problems of key management,secure network routing,and intrusion detection.We also provide a comparison and discussion of their respective merits and drawbacks,and propose some improvements for these drawbacks.Finally,we also discuss the remaining challenges in the area.
基金the High Technology Research and Development Program of Jiangsu Province (No.BG2005001)Hong Kong Innovation and Technology Fund (No.ITS/99/02).
文摘This study concerns security issues of the emerging Wireless Body Sensor Network (WBSN) formed by biomedical sensors worn on or implanted in the human body for mobile healthcare appli-cations. A novel authenticated symmetric-key establishment scheme is proposed for WBSN,which fully exploits the physiological features obtained by network entities via the body channel available in WBSN but not other wireless networks. The self-defined Intrinsic Shared Secret (ISS) is used to replace the pre-deployment of secrets among network entities,which thus eliminates centralized services or au-thorities essential in existing protocols,and resolves the key transport problem in the pure symmet-ric-key cryptosystem for WBSN as well. The security properties of the proposed scheme are demon-strated in terms of its attack complexity and the types of attacks it can resist. Besides,the scheme can be implemented under a light-weight way in WBSN systems. Due to the importance of the ISS concept,the analysis on using false acceptance/false rejection method to evaluate the performance of ISS for its usage in the scheme is also demonstrated.
文摘This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).
基金Project(61100201) supported by National Natural Science Foundation of ChinaProject(12ZZ019) supported by Technology Innovation Research Program,Shang Municipal Education Commission,China+1 种基金Project(LYM11053) supported by the Foundation for Distinguished Young Talents in Higher Education of Guangdong Province,ChinaProject(NCET-12-0358) supported by New Century Excellent Talentsin University,Ministry of Education,China
文摘The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.
基金This project was supported by the National Natural Science Foundation of China (60573129).
文摘Communication security is a critical aspect of QoS provisioning in wireless mesh network (WMN). Because of the inherent characteristics of WMN, conventional security mechanisms cannot be applied. In order to guarantee the communication security, a novel communication security mechanism is proposed. The mechanism uses a communication encryption scheme to encrypt data packets and employs a risk avoidance scheme to avoid the malicious nodes during communications. Simulation results indicate that the mechanism is able to provide secure communication effectively and reduce the damage of attacks through multiple paths.
基金Supported by the Natural Science Foundation ofHunan Province (jj587402)
文摘Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy(LEACH) for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.
基金supported by the Postgraduate Research&Practice Innovation Program of Jiangsu Province (Grant No.SJCX22_1677).
文摘Wireless body area networks(WBANs)are an emerging technology for the real-time monitoring of physiological signals.WBANs provide a mechanism for collecting,storing,and transmitting physiological data to healthcare providers.However,the open wireless channel and limited resources of sensors bring security challenges.To ensure physiological data security,this paper provides an efficient Certificateless Public Key Infrastructure Heterogeneous Ring Signcryption(CP-HRSC)scheme,in which sensors are in a certificateless cryptosystem(CLC)environment,and the server is in a public key infrastructure(PKI)environment.CLC could solve the limitations of key escrow in identity-based cryptography(IBC)and certificate management for public keys in PKI.While PKI is suited for the server because it is widely used on the Internet.Furthermore,this paper designs a ring signcryption method that allows the controller to anonymously encrypt physiological data on behalf of a set of sensors,but the server does not exactly know who the sensor is.The construction of this paper can achieve anonymity,confidentiality,authentication,non-repudiation,and integrity in a logically single step.Under the computational Diffie-Hellman(CDH)problem,the formal security proof is provided in the random oracle model(ROM).This paper demonstrates that this scheme has indistinguishability against adaptive chosen ciphertext attacks(IND-CCA2)and existential unforgeability against adaptive chosen message attacks(EUF-CMA).In terms of computational cost and energy usage,a comprehensive performance analysis demonstrates that the proposed scheme is the most effective.Compared to the three existing schemes,the computational cost of this paper’s scheme is reduced by about 49.5%,4.1%,and 8.4%,and the energy usage of our scheme is reduced by about 49.4%,3.7%,and 14.2%,respectively.
文摘Key establishment and its management in Wireless Sensor Networks(WSN) is a challenging problem due to its limited resources and disordered structure. Many key management schemes have been developed recently for WSN to provide secure communication between source and destination sensor nodes.A serious threat highlighted in all of these schemes is that of node capture attacks,where an adversary gains full control over a sensor node through direct physical access.Node capture attacks can also be helpful to an adversary in new attacks like Blackhole and Denial of Service.All of these proposed key management solutions still suffer from node capture attacks with resilience.The current sensor networks are assumed to be designed for specific applications,having key management protocols strongly coupled to applications.The future sensor networks are envisioned as comprising heterogeneous devices assisting to a large range of applications.To achieve this goal,a new application independent approach is needed. In this paper we therefore present a novel,extended version of our previously published Dynamic Group-based Key Establishment(DGKE) protocol. We compare the proposed scheme with existing key management schemes,which shows a significant improvement in resilience against node capture attacks,memory overhead and connectivity.
基金supported by Iran Telecommunication Research Center
文摘Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malicious behaviors can disturb routing process.We present the design and performance evaluation of a new secure on-demand routing protocol for ad hoc networks, called CASR.CASR is robust against attackers from outside of the network and even it prevents compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes.Because of using symmetric cryptography in its structure,CASR is robust against large number of types of Denial-of -Service attacks.However,due to the applying of the random key predistributions method to the routing process our proposed scheme reaches a trade-off between the degree of security and complexity.
文摘An improved LEACH for heterogeneous wireless sensor networks is proposed. Nodes are distributed in a sensing area that is divided into a number of same equilateral hexagons. Heterogeneous nodes act as the cluster heads and ordinary nodes act as those cluster sensors in all clusters. The structure of WSNs is a two-layer structure. The upper layer consists of all cluster heads and the lower layer consists of all ordinary sensors managed by their corresponding cluster heads. The cluster heads and the ordinary sensors establish their pairwise keys respectively through utilizing different methods. The arithmetic balances energy expense among all kinds of nodes, saves the node energy, and prolongs the life of wireless sensor networks. Additionally, Analysis demonstrates that the security of wireless sensor networks has been improved obviously even with some heterogeneous nodes.
基金Support by the National High Technology Research and Development Program of China(No.2012AA120802)National Natural Science Foundation of China(No.61771186)+2 种基金Postdoctoral Research Project of Heilongjiang Province(No.LBH-Q15121)University Nursing Program for Young Scholars with Creative Talents in Heilongjiang Province(No.UNPYSCT-2017125)Postgraduate Innovation Research Project of Heilongjiang University(No.YJSCX2018-051HLJU)
文摘Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it becomes complex due to the mutual characteristics of sensor nodes in HWSN. In order to enhance the network security,an asymmetric key pre-distributed management scheme for HWSN is proposed combining with authentication process to further ensure the network security; meanwhile,an effective authentication method for newly added nodes is presented. Simulation result indicates that the proposed scheme can improve the network security while reducing the storage space requirement efficiently.
文摘A high-speed and effective packet scheduling method is crucial to the performance of Gigabit routers. The paper studies the variable-length packet scheduling problem in Gigabit router with crossbar switch fabric and input queuing, and a scheduling method based on neural network is proposed. For the proposed method, a scheduling system structure fit for the variable-length packet case is presented first, then some rules for scheduling are given. At last, an optimal scheduling method using Hopfield neural network is proposed based on the rules. Furthermore, the paper discusses that the proposed method can be realized by hardware circuit. The simulation result shows the effectiveness of the proposed method.
基金The Specialized Research Fund for the Doctoral Program of Higher Education of China (No. 20050248043)
文摘As the wireless medium is characterized by its lossy nature, reliable communication cannot be assumed in the key management scheme. Therefore self-healing is a good property for key distribution scheme in wireless applications. A new self-healing key distribution scheme was proposed, which is optimal in terms of user memory storage and efficient in terms of communication complexity.
文摘The future Wireless Cloud Networks (WCNs) are required to satisfy both extremely high levels of service resilience and security assurance (i.e., Blue criteria) by overproviding backup network resources and cryptographic protection on wireless communication respectively, as well as minimizing energy consumption (i.e., Green criteria) by switching off unnecessary resources as much as possible. There is a contradiction to satisfy both Blue and Green design criteria simultaneously. In this paper, we propose a new BlueGreen topological control scheme to leverage the wireless link connectivity for WCNs using an adaptive encryption key allocation mechanism, named as Shared Backup Path Keys (SBPK). The BlueGreen SBPK can take into account the network dependable requirements such as service resilience, security assurance and energy efficiency as a whole, so as trading off between them to find an optimal solution. Actually, this challenging problem can be modeled as a global optimization problem, where the network working and backup elements such as nodes, links, encryption keys and their energy consumption are considered as a resource, and their utilization should be minimized. The case studies confirm that there is a trade-off optimal solution between the capacity efficiency and energy efficiency to achieve the dependable WCNs.
基金the Six Great Talent Peak Plan of JiangsuProvince(No 06-E-044)the"Qinlan Project"plan of Jiangsu province 2006 and the Natural Science Founda-tion of Jiangsu Province(No.BK2004218).
文摘Wireless sensor networks are being deployed for some practical applications and their se-curity has received considerable attention.It is an important challenge to find out suitable keyagreement and encryption scheme for wireless sensor networks due to limitations of the power,com-putation capability and storage resources.In this paper,an efficient key agreement and encryptionscheme for wireless sensor networks is presented.Results of analysis and simulations among the pro-posed scheme and other schemes show that the proposed scheme has some advantages in terms ofenergy consumption,computation requirement,storage requirement and security.
基金This paper is supported by the Science and technology projects of Yunnan Province(Grant No.202202AD080004).
文摘As the scale of the power system continues to expand,the environment for power operations becomes more and more complex.Existing risk management and control methods for power operations can only set the same risk detection standard and conduct the risk detection for any scenario indiscriminately.Therefore,more reliable and accurate security control methods are urgently needed.In order to improve the accuracy and reliability of the operation risk management and control method,this paper proposes a method for identifying the key links in the whole process of electric power operation based on the spatiotemporal hybrid convolutional neural network.To provide early warning and control of targeted risks,first,the video stream is framed adaptively according to the pixel changes in the video stream.Then,the optimized MobileNet is used to extract the feature map of the video stream,which contains both time-series and static spatial scene information.The feature maps are combined and non-linearly mapped to realize the identification of dynamic operating scenes.Finally,training samples and test samples are produced by using the whole process image of a power company in Xinjiang as a case study,and the proposed algorithm is compared with the unimproved MobileNet.The experimental results demonstrated that the method proposed in this paper can accurately identify the type and start and end time of each operation link in the whole process of electric power operation,and has good real-time performance.The average accuracy of the algorithm can reach 87.8%,and the frame rate is 61 frames/s,which is of great significance for improving the reliability and accuracy of security control methods.
基金Supported by the National Basic Research Program of China(973 Program)(No.2011CB302903)the National Natural Science Foundation of China(No.61100213)+3 种基金the Key Program of Natural Science for Universities of Jiangsu Province(No.10KJA510035)the Specialized Research Fund for the Doctoral Program of Higher Education(20113223120007)the Science and Technology Program of Nanjing(201103003)the Postgraduate Innovation Project Foundation of Jiangsu Province(No.CXLX11_0411)
文摘To solve the problems of high memory occupation, low connectivity and poor resiliency against node capture, which existing in the random key pre-distribution techniques while applying to the large scale Wireless Sensor Networks (WSNs), an Identity-Based Key Agreement Scheme (IBKAS) is proposed based on identity-based encryption and Elliptic Curve Diffie-Hellman (ECDH). IBKAS can resist man-in-the-middle attacks and node-capture attacks through encrypting the key agreement parameters using identity-based encryption. Theoretical analysis indicates that comparing to the random key pre-distribution techniques, IBKAS achieves significant improvement in key connectivity, communication overhead, memory occupation, and security strength, and also enables efficient secure rekcying and network expansion. Furthermore, we implement IBKAS for TinyOS-2.1.2 based on the MICA2 motes, and the experiment results demonstrate that IBKAS is feasible for infrequent key distribution and rekeying for large scale sensor networks.
基金The National Natural Science Foundation of China (No.60403027)the Research Foundation for Out-standing Young Teachers, China University of Geosciences(Wuhan) (No.CUGQNL0836)
文摘Mobile ad hoc networks create additional challenges for implementing the group key establishment due to resource constraints on nodes and dynamic changes on topology. The nodes in mobile ad hoc networks are usually low power devices that run on battery power. As a result, the costs of the node resources should be minimized when constructing a group key agreement protocol so that the battery life could be prolonged. To achieve this goal, in this paper we propose a security efficient group key agreement protocol based on Burmester-Desmedt (BD) scheme and layer-cluster group model, referred to as LCKM-BD, which is appropriate for large mobile ad hoe networks. In the layer-cluster group model, BD scheme is employed to establish group key, which can not only meet security demands of mobile ad hoc networks but also improve executing performance. Finally, the proposed protocol LCKM-BD are compared with BD, TGDH (tree-based group Diffe-Hellman), and GDH (group Diffie-Hellman) group key agreement protocols. The analysis results show that our protocol can significantly decrease both the computational overhead and communication costs with respect to these comparable protocols.
