Secure and reliable group communication is an important aspect of security in distributed ad hoc sensor networks. Most sensors are built to be inexpensive, low power devices and consequently have limited computational and communication resources. Constraints in resources make most conventional security protocols, such as Diffie-Hellman key exchange impractical. This work adapts existing work on tree-based group key agreement that combines key trees with Diffie-Hellman key exchange, by replacing expensive public key operations with relatively cheaper symmetric key operations. The modular exponentiations in Zn* used in Diffle-Hellman key exchange are replaced by polynomial evaluations in GF(2m) Galois fields, thereby reducing the code space and time complexity requirements for the protocols substantially. This makes the protocol adaptable for use on resource-constrained sensor networks. We also focus on secure and efficient group key management in the case of group mutation. Our group key management scheme will set up a per-session shared secret key among the group members when new members join or existing members leave the group. We also discuss a performance analysis of our scheme wherein we show that our protocol is efficient in terms of computational and memory requirements.
[Show abstract][Hide abstract] ABSTRACT: In the ad hoc networks, group key management is one of the most important secure problems. We propose a hierarchical group key management scheme adapted to large groups according to network characteristics. The scheme put STR hierarchical tree structure into distributed sub-group management model effectively, and combine layer-based key management with cycle-based key management, in order to reduce the communication and computation cost greatly, and is of good attribute in expansibility and lange ad hoc networks.
Intelligent Computing and Integrated Systems (ICISS), 2010 International Conference on; 01/2010
[Show abstract][Hide abstract] ABSTRACT: This paper describes the design and implementation of a two-stage intrusion detection system (IDS) for use with mobile ad-hoc networks. Our anomaly-based intrusion detection is provided by analyzing the context from the application-level interactions of networked nodes; each interaction corresponds to a specific function or behavior within the operational scenario of the network. A static set of behaviors is determined offline, and these behaviors are tracked dynamically during the operation of the network. During the first stage of the IDS, our detection strategy employs the analysis of global and local maxima in the probability density functions of the behaviors to isolate deviance at the granularity of a single node. This stage is used to capture the typical behavior of the network. The first stage also provides tuning and calibration for the second stage. During the second stage, a cross-correlative component is used to detect multiple threats simultaneously. Our approach distributes the IDS among all connected network nodes, allowing each node to identify potential threats individually. The combined result can detect deviant nodes in a scalable manner and can operate in the presence of a density of deviant nodes approaching 22%. Computational requirements are reduced to adapt optimally to embedded devices on an ad-hoc network.
Ad Hoc Networks 05/2010; 8(3-8):253-266. DOI:10.1016/j.adhoc.2009.08.002 · 1.53 Impact Factor
Data provided are for informational purposes only. Although carefully collected, accuracy cannot be guaranteed. The impact factor represents a rough estimation of the journal's impact factor and does not reflect the actual current impact factor. Publisher conditions are provided by RoMEO. Differing provisions from the publisher's actual policy or licence agreement may be applicable.