Trust based security mechanisms for wireless sensor networks

Wireless sensor networks are emerging as effective tools in the gathering and dissemination of data. They can be applied in many fields including health, environmental monitoring, home automation and the military. Like all other computing systems it is necessary to include security features, so that security sensitive data traversing the network is protected. However, traditional security techniques cannot be applied to wireless sensor networks. This is due to the constraints of battery power, memory, and the computational capacities of the miniature wireless sensor nodes. Therefore, to address this need, it becomes necessary to develop new lightweight security protocols. This dissertation focuses on designing a suite of lightweight trust-based security mechanisms and a cooperation enforcement protocol for wireless sensor networks. This dissertation presents a trust-based cluster head election mechanism used to elect new cluster heads. This solution prevents a major security breach against the routing protocol, namely, the election of malicious or compromised cluster heads. This dissertation also describes a location-aware, trust-based, compromise node detection, and isolation mechanism. Both of these mechanisms rely on the ability of a node to monitor its neighbors. Using neighbor monitoring techniques, the nodes are able to determine their neighbors’ reputation and trust level through probabilistic modeling. The mechanisms were designed to mitigate internal attacks within wireless sensor networks. The feasibility of the approach is demonstrated through extensive simulations. The dissertation also addresses non-cooperation problems in multi-user wireless sensor networks. A scalable lightweight enforcement algorithm using evolutionary game theory is also designed. The effectiveness of this cooperation enforcement algorithm is validated through mathematical analysis and simulation. This research has advanced the knowledge of wireless sensor network security and cooperation by developing new techniques based on mathematical models. By doing this, we have enabled others to build on our work towards the creation of highly trusted wireless sensor networks. This would facilitate its full utilization in many fields ranging from civilian to military applications.

Trust Based Security Mechanisms for Wireless Sensor Networks

Wireless sensor networks are emerging as effective tools in the gathering and dissemination of data. They can be applied in many fields including health, environmental monitoring, home automation and the military. Like all other computing systems it is necessary to include security features, so that security sensitive data traversing the network is protected. However, traditional security techniques cannot be applied to wireless sensor networks. This is due to the constraints of battery power, memory, and the computational capacities of the miniature wireless sensor nodes. Therefore, to address this need, it becomes necessary to develop new lightweight security protocols. This dissertation focuses on designing a suite of lightweight trust-based security mechanisms and a cooperation enforcement protocol for wireless sensor networks. This dissertation presents a trust-based cluster head election mechanism used to elect new cluster heads. This solution prevents a major security breach against the routing protocol, namely, the election of malicious or compromised cluster heads. This dissertation also describes a location-aware, trust-based, compromise node detection, and isolation mechanism. Both of these mechanisms rely on the ability of a node to monitor its neighbors. Using neighbor monitoring techniques, the nodes are able to determine their neighbors’ reputation and trust level through probabilistic modeling. The mechanisms were designed to mitigate internal attacks within wireless sensor networks. The feasibility of the approach is demonstrated through extensive simulations. The dissertation also addresses non-cooperation problems in multi-user wireless sensor networks. A scalable lightweight enforcement algorithm using evolutionary game theory is also designed. The effectiveness of this cooperation enforcement algorithm is validated through mathematical analysis and simulation. This research has advanced the knowledge of wireless sensor network security and cooperation by developing new techniques based on mathematical models. By doing this, we have enabled others to build on our work towards the creation of highly trusted wireless sensor networks. This would facilitate its full utilization in many fields ranging from civilian to military applications.

Modeling security and cooperation in wireless networks using game theory

This research involves the design, development, and theoretical demonstration of models resulting in integrated misbehavior resolution protocols for ad hoc networked devices. Game theory was used to analyze strategic interaction among independent devices with conflicting interests. Packet forwarding at the routing layer of autonomous ad hoc networks was investigated. Unlike existing reputation based or payment schemes, this model is based on repeated interactions. To enforce cooperation, a community enforcement mechanism was used, whereby selfish nodes that drop packets were punished not only by the victim, but also by all nodes in the network. Then, a stochastic packet forwarding game strategy was introduced. Our solution relaxed the uniform traffic demand that was pervasive in other works. To address the concerns of imperfect private monitoring in resource aware ad hoc networks, a belief-free equilibrium scheme was developed that reduces the impact of noise in cooperation. This scheme also eliminated the need to infer the private history of other nodes. Moreover, it simplified the computation of an optimal strategy. The belief-free approach reduced the node overhead and was easily tractable. Hence it made the system operation feasible. Motivated by the versatile nature of evolutionary game theory, the assumption of a rational node is relaxed, leading to the development of a framework for mitigating routing selfishness and misbehavior in Multi hop networks. This is accomplished by setting nodes to play a fixed strategy rather than independently choosing a rational strategy. A range of simulations was carried out that showed improved cooperation between selfish nodes when compared to older results. Cooperation among ad hoc nodes can also protect a network from malicious attacks. In the absence of a central trusted entity, many security mechanisms and privacy protections require cooperation among ad hoc nodes to protect a network from malicious attacks. Therefore, using game theory and evolutionary game theory, a mathematical framework has been developed that explores trust mechanisms to achieve security in the network. This framework is one of the first steps towards the synthesis of an integrated solution that demonstrates that security solely depends on the initial trust level that nodes have for each other.^

Foundational forensic techniques for cellular and ad hoc multi-hop networks

The Internet has become an integral part of our nation’s critical socio-economic infrastructure. With its heightened use and growing complexity however, organizations are at greater risk of cyber crimes. To aid in the investigation of crimes committed on or via the Internet, a network forensics analysis tool pulls together needed digital evidence. It provides a platform for performing deep network analysis by capturing, recording and analyzing network events to find out the source of a security attack or other information security incidents. Existing network forensics work has been mostly focused on the Internet and fixed networks. But the exponential growth and use of wireless technologies, coupled with their unprecedented characteristics, necessitates the development of new network forensic analysis tools. This dissertation fostered the emergence of a new research field in cellular and ad-hoc network forensics. It was one of the first works to identify this problem and offer fundamental techniques and tools that laid the groundwork for future research. In particular, it introduced novel methods to record network incidents and report logged incidents. For recording incidents, location is considered essential to documenting network incidents. However, in network topology spaces, location cannot be measured due to absence of a ‘distance metric’. Therefore, a novel solution was proposed to label locations of nodes within network topology spaces, and then to authenticate the identity of nodes in ad hoc environments. For reporting logged incidents, a novel technique based on Distributed Hash Tables (DHT) was adopted. Although the direct use of DHTs for reporting logged incidents would result in an uncontrollably recursive traffic, a new mechanism was introduced that overcome this recursive process. These logging and reporting techniques aided forensics over cellular and ad-hoc networks, which in turn increased their ability to track and trace attacks to their source. These techniques were a starting point for further research and development that would result in equipping future ad hoc networks with forensic components to complement existing security mechanisms.

Foundational Forensic Techniques for Cellular and Ad Hoc Multi-hop Networks

The Internet has become an integral part of our nation's critical socio-economic infrastructure. With its heightened use and growing complexity however, organizations are at greater risk of cyber crimes. To aid in the investigation of crimes committed on or via the Internet, a network forensics analysis tool pulls together needed digital evidence. It provides a platform for performing deep network analysis by capturing, recording and analyzing network events to find out the source of a security attack or other information security incidents. Existing network forensics work has been mostly focused on the Internet and fixed networks. But the exponential growth and use of wireless technologies, coupled with their unprecedented characteristics, necessitates the development of new network forensic analysis tools. This dissertation fostered the emergence of a new research field in cellular and ad-hoc network forensics. It was one of the first works to identify this problem and offer fundamental techniques and tools that laid the groundwork for future research. In particular, it introduced novel methods to record network incidents and report logged incidents. For recording incidents, location is considered essential to documenting network incidents. However, in network topology spaces, location cannot be measured due to absence of a 'distance metric'. Therefore, a novel solution was proposed to label locations of nodes within network topology spaces, and then to authenticate the identity of nodes in ad hoc environments. For reporting logged incidents, a novel technique based on Distributed Hash Tables (DHT) was adopted. Although the direct use of DHTs for reporting logged incidents would result in an uncontrollably recursive traffic, a new mechanism was introduced that overcome this recursive process. These logging and reporting techniques aided forensics over cellular and ad-hoc networks, which in turn increased their ability to track and trace attacks to their source. These techniques were a starting point for further research and development that would result in equipping future ad hoc networks with forensic components to complement existing security mechanisms.

Building Regional Security: Cooperation in the 21st Century: The Case of the Caribbean Regional Security System [RSS]

Small states that lack capacity and act on their own may fall victim to international and domestic terrorism, transnational organized crime or criminal gangs. The critical issue is not whether small Caribbean states should cooperate in meeting security challenges, but it is rather in what manner, and by which mechanisms can they overcome obstacles in the way of cooperation. The remit of the Regional Security System (RSS) has expanded dramatically, but its capabilities have improved very slowly. The member governments of the RSS are reluctant to develop military capacity beyond current levels since they see economic and social development and disaster relief as priorities, requiring little investment in military hardware. The RSS depends on international donors such as the USA, Canada, Great Britain, and increasingly China to fund training programs, maintain equipment and acquire material. In the view of most analysts, an expanded regional arrangement based on an RSS nucleus is not likely in the foreseeable future. Regional political consensus remains elusive and the predominance of national interests over regional considerations continues to serve as an obstacle to any CARICOM wide regional defense mechanism. Countries in the Caribbean, including the members of the RSS, have to become more responsible for their own security from their own resources. While larger CARICOM economies can do this, it would be difficult for most OECS members of the RSS to do the same. The CARICOM region including the RSS member countries, have undertaken direct regional initiatives in security collaboration. Implementation of the recommendations of the Regional Task Force on Crime and Security (RTFCS) and the structure and mechanisms created for the staging of the Cricket World Cup (CWC 2007) resulted in unprecedented levels of cooperation and permanent legacy institutions for the regional security toolbox. The most important tier of security relationships for the region is the United States and particularly USSOUTHCOM. The Caribbean Basin Security Initiative [CBSI] in which the countries of the RSS participate is a useful U.S. sponsored tool to strengthen the capabilities of the Caribbean countries and promote regional ownership of security initiatives. Future developments under discussion by policy makers in the Caribbean security environment include the granting of law enforcement authority to the military, the formation of a single OECS Police Force, and the creation of a single judicial and law enforcement space. The RSS must continue to work with its CARICOM partners, as well as with the traditional “Atlantic Powers” particularly Canada, the United States and the United Kingdom to implement a general framework for regional security collaboration. Regional security cooperation should embrace wider traditional and non-traditional elements of security appropriate to the 21st century. Security cooperation must utilize to the maximum the best available institutions, mechanisms, techniques and procedures already available in the region. The objective should not be the creation of new agencies but rather the generation of new resources to take effective operations to higher cumulative levels. Security and non-security tools should be combined for both strategic and operational purposes. Regional, hemispheric, and global implications of tactical and operational actions must be understood and appreciated by the forces of the RSS member states. The structure and mechanisms, created for the staging of Cricket World Cup 2007 should remain as legacy institutions and a toolbox for improving regional security cooperation in the Caribbean. RSS collaboration should build on the process of operational level synergies with traditional military partners. In this context, the United States must be a true partner with shared interests, and with the ability to work unobtrusively in a nationalistic environment. Withdrawal of U.S. support for the RSS is not an option.

Disciplining democracy: United Nations peacekeeping, international security and democratization in the post -Cold War era

After the end of the Cold War, democratization and good governance became the organizing concepts for activities of the United Nations, regional organizations and states in the fields of peace, development and security. How can this increasing interest in democratization and its connection with international security be explained? This dissertation applies the theoretical tools developed by Michel Foucault in his discussions of disciplinarity and government to the analysis of the United Nations debate on democracy in the 1990s, and of two United Nations pro-democracy peacekeeping operations and their aftermath: the United Nations interventions in Haiti and Croatia. It probes “how” certain techniques of power came into being and describes their effects, using as data the texts that elaborate the United Nations understanding of democracy and the texts that constitute peacekeeping. ^ In the face of the proliferation of unpredictable threats in the last decades of the twentieth century a new form of international power emerged. Order in the international arena increasingly was maintained through activities aimed at reducing risk and increasing predictability through the normalization of “rogue” states. The dissertation shows that in the context of these activities, which included but were not limited to UN peacekeeping, normality was identified with democracy, non-democratic regimes with international threats, and democratization with international security. “Good governance” doctrines translated the political debate on democracy into the technical language of functioning state institutions. International organizations adopted good governance as the framework that made democratization a universal task within the reach of their expertise. In Haiti, the United Nations engaged in efforts to transform punishment institutions (the judiciary, police and the prison) into disciplined and disciplinary machines. In Croatia, agreements signed in the context of peacekeeping established in detail the rules of functioning of administrations and the monitoring mechanisms for their implementation. However, in Haiti, the institutions promoted were not sustainable. And in Croatia reforms are stalled by lack of consensus. ^ This dissertation puts efforts to bring about democracy through peacekeeping in the context of a specific modality of power and suggests caution in engaging in universal normalizing endeavors. ^