Key distribution mechanisms for wireless sensor networks : a survey

Advances in technology introduce new application areas for sensor networks. Foreseeable wide deployment of mission critical sensor networks creates concerns on security issues. Security of large scale densely deployed and infrastructure less wireless networks of resource limited sensor nodes requires efficient key distribution and management mechanisms. We consider distributed and hierarchical wireless sensor networks where unicast, multicast and broadcast type of communications can take place. We evaluate deterministic, probabilistic and hybrid type of key pre-distribution and dynamic key generation algorithms for distributing pair-wise, group-wise and network-wise keys.

Optimally increasing secure connectivity in multihop wireless ad hoc networks

We consider the problem of how to maximize secure connectivity of multi-hop wireless ad hoc networks after deployment. Two approaches, based on graph augmentation problems with nonlinear edge costs, are formulated. The first one is based on establishing a secret key using only the links that are already secured by secret keys. This problem is in NP-hard and does not accept polynomial time approximation scheme PTAS since minimum cutsets to be augmented do not admit constant costs. The second one is based of increasing the power level between a pair of nodes that has a secret key to enable them physically connect. This problem can be formulated as the optimal key establishment problem with interference constraints with bi-objectives: (i) maximizing the concurrent key establishment flow, (ii) minimizing the cost. We show that both problems are NP-hard and MAX-SNP (i.e., it is NP-hard to approximate them within a factor of 1 + e for e > 0 ) with a reduction to MAX3SAT problem. Thus, we design and implement a fully distributed algorithm for authenticated key establishment in wireless sensor networks where each sensor knows only its one- hop neighborhood. Our witness based approaches find witnesses in multi-hop neighborhood to authenticate the key establishment between two sensor nodes which do not share a key and which are not connected through a secure path.

Monitoring android for collaborative anomaly detection : a first architectural draft

Our daily lives become more and more dependent upon smartphones due to their increased capabilities. Smartphones are used in various ways, e.g. for payment systems or assisting the lives of elderly or disabled people. Security threats for these devices become more and more dangerous since there is still a lack of proper security tools for protection. Android emerges as an open smartphone platform which allows modification even on operating system level and where third-party developers first time have the opportunity to develop kernel-based low-level security tools. Android quickly gained its popularity among smartphone developers and even beyond since it bases on Java on top of "open" Linux in comparison to former proprietary platforms which have very restrictive SDKs and corresponding APIs. Symbian OS, holding the greatest market share among all smartphone OSs, was even closing critical APIs to common developers and introduced application certification. This was done since this OS was the main target for smartphone malwares in the past. In fact, more than 290 malwares designed for Symbian OS appeared from July 2004 to July 2008. Android, in turn, promises to be completely open source. Together with the Linux-based smartphone OS OpenMoko, open smartphone platforms may attract malware writers for creating malicious applications endangering the critical smartphone applications and owners privacy. Since signature-based approaches mainly detect known malwares, anomaly-based approaches can be a valuable addition to these systems. They base on mathematical algorithms processing data that describe the state of a certain device. For gaining this data, a monitoring client is needed that has to extract usable information (features) from the monitored system. Our approach follows a dual system for analyzing these features. On the one hand, functionality for on-device light-weight detection is provided. But since most algorithms are resource exhaustive, remote feature analysis is provided on the other hand. Having this dual system enables event-based detection that can react to the current detection need. In our ongoing research we aim to investigates the feasibility of light-weight on-device detection for certain occasions. On other occasions, whenever significant changes are detected on the device, the system can trigger remote detection with heavy-weight algorithms for better detection results. In the absence of the server respectively as a supplementary approach, we also consider a collaborative scenario. Here, mobile devices sharing a common objective are enabled by a collaboration module to share information, such as intrusion detection data and results. This is based on an ad-hoc network mode that can be provided by a WiFi or Bluetooth adapter nearly every smartphone possesses.

Solving inherent problems of anomaly detection by cooperation

Anomaly detection compensates shortcomings of signature-based detection such as protecting against Zero-Day exploits. However, Anomaly Detection can be resource-intensive and is plagued by a high false-positive rate. In this work, we address these problems by presenting a Cooperative Intrusion Detection approach for the AIS, the Artificial Immune System, as an example for an anomaly detection approach. In particular we show, how the cooperative approach reduces the false-positive rate of the detection and how the overall detection process can be organized to account for the resource constraints of the participating devices. Evaluations are carried out with the novel network simulation environment NeSSi as well as formally with an extension to the epidemic spread model SIR

Design and analysis of key management schemes for distributed wireless sensor networks

Secure communications in distributed Wireless Sensor Networks (WSN) operating under adversarial conditions necessitate efficient key management schemes. In the absence of a priori knowledge of post-deployment network configuration and due to limited resources at sensor nodes, key management schemes cannot be based on post-deployment computations. Instead, a list of keys, called a key-chain, is distributed to each sensor node before the deployment. For secure communication, either two nodes should have a key in common in their key-chains, or they should establish a key through a secure-path on which every link is secured with a key. We first provide a comparative survey of well known key management solutions for WSN. Probabilistic, deterministic and hybrid key management solutions are presented, and they are compared based on their security properties and re-source usage. We provide a taxonomy of solutions, and identify trade-offs in them to conclude that there is no one size-fits-all solution. Second, we design and analyze deterministic and hybrid techniques to distribute pair-wise keys to sensor nodes before the deployment. We present novel deterministic and hybrid approaches based on combinatorial design theory and graph theory for deciding how many and which keys to assign to each key-chain before the sensor network deployment. Performance and security of the proposed schemes are studied both analytically and computationally. Third, we address the key establishment problem in WSN which requires key agreement algorithms without authentication are executed over a secure-path. The length of the secure-path impacts the power consumption and the initialization delay for a WSN before it becomes operational. We formulate the key establishment problem as a constrained bi-objective optimization problem, break it into two sub-problems, and show that they are both NP-Hard and MAX-SNP-Hard. Having established inapproximability results, we focus on addressing the authentication problem that prevents key agreement algorithms to be used directly over a wireless link. We present a fully distributed algorithm where each pair of nodes can establish a key with authentication by using their neighbors as the witnesses.

Usability and security of gaze-based graphical grid passwords

We present and analyze several gaze-based graphical password schemes based on recall and cued-recall of grid points; eye-trackers are used to record user's gazes, which can prevent shoulder-surfing and may be suitable for users with disabilities. Our 22-subject study observes that success rate and entry time for the grid-based schemes we consider are comparable to other gaze-based graphical password schemes. We propose the first password security metrics suitable for analysis of graphical grid passwords and provide an in-depth security analysis of user-generated passwords from our study, observing that, on several metrics, user-generated graphical grid passwords are substantially weaker than uniformly random passwords, despite our attempts at designing schemes to improve quality of user-generated passwords.

Synthetic rating system for railway bridge management

Railway bridges deteriorate with age. Factors such as environmental effects on different materials of a bridge, variation of loads, fatigue, etc will reduce the remaining life of bridges. Bridges are currently rated individually for maintenance and repair actions according to the structural conditions of their elements. Dealing with thousands of bridges and several factors that cause deterioration, makes the rating process extremely complicated. Current simplified but practical rating methods are not based on an accurate structural condition assessment system. On the other hand, the sophisticated but more accurate methods are only used for a single bridge or particular types of bridges. It is therefore necessary to develop a practical and accurate system which will be capable of rating a network of railway bridges. This paper introduces a new method for rating a network of bridges based on their current and future structural conditions. The method identifies typical bridges representing a group of railway bridges. The most crucial agents will be determined and categorized to criticality and vulnerability factors. Classification based on structural configuration, loading, and critical deterioration factors will be conducted. Finally a rating method for a network of railway bridges that takes into account the effects of damaged structural components due to variations in loading and environmental conditions on the integrity of the whole structure will be proposed. The outcome of this research is expected to significantly improve the rating methods for railway bridges by considering the unique characteristics of different factors and incorporating the correlation between them.

Synthetic rating system for railway bridge management

Railway bridges deteriorate with age. Factors such as environmental effects on different materials of a bridge, variation of loads, fatigue, etc. will reduce the remaining life of bridges. Dealing with thousands of bridges and several factors that cause deterioration, makes the rating process extremely complicated. Current simplified but practical methods of rating a network of bridges are not based on an accurate structural condition assessment system. On the other hand, the sophisticated but more accurate methods are only used for a single bridge or particular types of bridges. It is therefore necessary to develop a practical and accurate system, which will be capable of rating a network of railway bridges. This article introduces a new method to rate a network of bridges based on their current and future structural conditions. The method identifies typical bridges representing a group of railway bridges. The most crucial agents will be determined and categorized to criticality and vulnerability factors. Classification based on structural configuration, loading, and critical deterioration factors will be conducted. Finally a rating method for a network of railway bridges that takes into account the effects of damaged structural components due to variations in loading and environmental conditions on the integrity of the whole structure will be proposed. The outcome of this article is expected to significantly improve the rating methods for railway bridges by considering the unique characteristics of different factors and incorporating the correlation among them.

Effects of wireless sensor network uncertainties on output-only modal analysis employing merged data of multiple tests

The use of Wireless Sensor Networks (WSNs) for Structural Health Monitoring (SHM) has become a promising approach due to many advantages such as low cost, fast and flexible deployment. However, inherent technical issues such as data synchronization error and data loss have prevented these distinct systems from being extensively used. Recently, several SHM-oriented WSNs have been proposed and believed to be able to overcome a large number of technical uncertainties. Nevertheless, there is limited research verifying the applicability of those WSNs with respect to demanding SHM applications like modal analysis and damage identification. This paper first presents a brief review of the most inherent uncertainties of the SHM-oriented WSN platforms and then investigates their effects on outcomes and performance of the most robust Output-only Modal Analysis (OMA) techniques when employing merged data from multiple tests. The two OMA families selected for this investigation are Frequency Domain Decomposition (FDD) and Data-driven Stochastic Subspace Identification (SSI-data) due to the fact that they both have been widely applied in the past decade. Experimental accelerations collected by a wired sensory system on a large-scale laboratory bridge model are initially used as clean data before being contaminated by different data pollutants in sequential manner to simulate practical SHM-oriented WSN uncertainties. The results of this study show the robustness of FDD and the precautions needed for SSI-data family when dealing with SHM-WSN uncertainties. Finally, the use of the measurement channel projection for the time-domain OMA techniques and the preferred combination of the OMA techniques to cope with the SHM-WSN uncertainties is recommended.

A wide area monitoring system based load restoration method

Restoring a large-scale power system has always been a complicated and important issue. A lot of research work has been done on different aspects of the whole power system restoration procedure. However, more time will be required to complete the power system restoration process in an actual situation if accurate and real-time system data cannot be obtained. With the development of the wide area monitoring system (WAMS), power system operators are capable of accessing to more accurate data in the restoration stage after a major outage. The ultimate goal of the system restoration is to restore as much load as possible while in the shortest period of time after a blackout, and the restorable load can be estimated by employing WAMS. Moreover, discrete restorable loads are employed considering the limited number of circuit-breaker operations and the practical topology of distribution systems. In this work, a restorable load estimation method is proposed employing WAMS data after the network frame has been reenergized, and WAMS is also employed to monitor the system parameters in case the newly recovered system becomes unstable again. The proposed method has been validated with the New England 39-Bus system and an actual power system in Guangzhou, China.

Investigating effective wayfinding in airports : a Bayesian network approach

Effective Wayfinding is the successful interplay of human and environmental factors resulting in a person successfully moving from their current position to a desired location in a timely manner. To date this process has not been modelled to reflect this interplay. This paper proposes a complex modelling system approach of wayfinding by using Bayesian Networks to model this process, and applies the model to airports. The model suggests that human factors have a greater impact on effective wayfinding in airports than environmental factors. The greatest influences on human factors are found to be the level of spatial anxiety experienced by travellers and their cognitive and spatial skills. The model also predicted that the navigation pathway that a traveller must traverse has a larger impact on the effectiveness of an airport’s environment in promoting effective wayfinding than the terminal design.

Women as victims and offenders : incarcerated for murder in the Australian criminal justice system

This study was undertaken in an effort to contribute to the limited knowledge of women who commit murder. Women account for approximately 10% of the total Australian homicides and according to Mouzos (2000), 20% of these female perpetrated homicides result in murder convictions. In her extensive study of female homicide offending in England, Brookman (2005) asserts that nearly two thirds of the victims of women who kill are intimates, to include violent partners and their own children. The other third of the victims consist largely of acquaintances and to lesser degree strangers (Brookman, 2005). This study strives to introduce further knowledge regarding women convicted of murder; the smaller subgroup of female homicide offenders of which less is known. It is comprised of women who killed intimates and non-intimates to include acquaintances. The study engages the narratives of seven women, all of whom were convicted of murder and serving lengthy sentences at the Dame Phyllis Frost Centre, a medium and maximum security prison that is located on the outskirts of Melbourne, Australia. The seven women fall largely outside of the characteristics of female homicide offenders as revealed in the studies from Australia’s National Homicide Monitoring Program (NHMP, 2007), from Canada by Hoffmann, Lavigne, and Dickie (1998) and research from the United States by Scott and Davies (2002). In this study there were no Indigenous women represented. Only one of the women had a previous criminal charge. The women were older on average than the prevailing demographics from western nations. Two of the women had substance abuse and co-occurring mental illness, which reflects a significant lower rate than the literature suggests. This study expands the current understanding of the phenomenon of women who murder. It communicates the narratives of seven women charged and convicted of murder as they attempt to understand their lives and identities. It moves the dialogue beyond the preponderance of feminist criminological research that examines motive and the relationship the woman has with her victim to the social discourses which dominate in her identity formation. This research found that in their attempt to create a favourable identity the women needed to engage with the master script of normative femininity through the feminisation of victimisation, motherhood and domesticity.

Australia's disabling income support system : tracing the history of the Australian disability income support system 1908 to 2007 : disablism, citizenship and the basic income proposal

The present study examined the historical basis of the Australian disability income support system from 1908 to 2007. Although designed as a safety net for people with a disability, the disability income support system within Australia has been highly targeted. The original eligibility criteria of "permanently incapacitated for work", medical criteria and later "partially capacitated for work" potentially contained ideological inferences that permeated across the time period. This represents an important area for study given the potential consequence for disability income support to marginalise people with a disability. Social policy and disability policy theorists, including Saunders (2007, Social Policy Research Centre [SPRC]) and Gibilisco (2003) have provided valuable insight into some of the effects of disability policy and poverty. Yet while these theorists argued for some form of income support they did not propose a specific form of income security for further exploration. Few studies have undertaken a comprehensive review of the history of disability income support within the Australian context. This thesis sought to redress these gaps by examining disability income support policy within Australia. The research design consisted of an in-depth critical historical-comparative policy analysis methodology. The use of critical historical-comparative policy analysis allowed the researcher to trace the construction of disability within the Australian disability income support policy across four major historical epochs. A framework was developed specifically to guide analysis of the data. The critical discourse analysis method helped to understand the underlying ideological dimensions that led to the predominance of one particular approach over another. Given this, the research purpose of the study centred on: i. Tracing the history of the Australian disability income support system. ii. Examining the historical patterns and ideological assumptions over time. iii. Exploring the historical patterns and ideological assumptions underpinning an alternative model (Basic Income) and the extent to which each model promotes the social citizenship of people with a disability. The research commitment to a social-relational ontology and the quest for social change centred on the idea that "there has to be a better way" in the provision of disability income support. This theme of searching for an alternative reality in disability income support policy resonated throughout the thesis. This thesis found that the Australian disability income support system is disabling in nature and generates categories of disability on the basis of ableness. From the study, ableness became a condition for citizenship. This study acknowledged that, in reality, income support provision reflects only one aspect of the disabling nature of society which requires redressing. Although there are inherent tensions in any redistributive strategy, the Basic Income model potentially provides an alternative to the Australian disability income support system, given its grounding in social citizenship. The thesis findings have implications for academics, policy-makers and practitioners in terms of developing better ways to understand disability constructs in disability income support policy. The thesis also makes a contribution in terms of promoting income support policies based on the rights of all people, not just a few.

Iris based identity verification robust to sample presentation security attacks

Iris based identity verification is highly reliable but it can also be subject to attacks. Pupil dilation or constriction stimulated by the application of drugs are examples of sample presentation security attacks which can lead to higher false rejection rates. Suspects on a watch list can potentially circumvent the iris based system using such methods. This paper investigates a new approach using multiple parts of the iris (instances) and multiple iris samples in a sequential decision fusion framework that can yield robust performance. Results are presented and compared with the standard full iris based approach for a number of iris degradations. An advantage of the proposed fusion scheme is that the trade-off between detection errors can be controlled by setting parameters such as the number of instances and the number of samples used in the system. The system can then be operated to match security threat levels. It is shown that for optimal values of these parameters, the fused system also has a lower total error rate.

Future Information Communication Technology and Applications : ICFICE 2013

Focuses on the various aspects of advances in future information communication technology and its applications Presents the latest issues and progress in the area of future information communication technology Applicable to both researchers and professionals These proceedings are based on the 2013 International Conference on Future Information & Communication Engineering (ICFICE 2013), which will be held at Shenyang in China from June 24-26, 2013. The conference is open to all over the world, and participation from Asia-Pacific region is particularly encouraged. The focus of this conference is on all technical aspects of electronics, information, and communications ICFICE-13 will provide an opportunity for academic and industry professionals to discuss the latest issues and progress in the area of FICE. In addition, the conference will publish high quality papers which are closely related to the various theories and practical applications in FICE. Furthermore, we expect that the conference and its publications will be a trigger for further related research and technology improvements in this important subject. "This work was supported by the NIPA (National IT Industry Promotion Agency) of Korea Grant funded by the Korean Government (Ministry of Science, ICT & Future Planning)."