Resource-constrained Networks Research Articles

QoS‐aware stochastic spatial PLS model for analysing secrecy performance under eavesdropping and jamming

Securing wireless communication, being inherently vulnerable to eavesdropping and jamming attacks, becomes more challenging in resource-constrained networks such as internet-of-things. Towards this, physical layer security (PLS) has gained significant attention due to its low complexity. The authors address the issue of random inter-node distances in secrecy analysis and develop a comprehensive quality-of-service (QoS) aware PLS framework for the analysis of both eavesdropping and jamming capabilities of the attacker. The proposed solution covers the spatially stochastic deployment of nodes. The secrecy performance is characterised against both attacks using inter-node distance-based probabilistic distribution functions. The model takes into account the practical limits arising out of underlying QoS requirements, which include the maximum distance between legitimate users driven by transmit power and receiver sensitivity. A novel concept of eavesdropping zone is introduced, and the relative impact of jamming power is investigated. Closed-form expressions for asymptotic secrecy outage probability are derived offering insights into the design of optimal system parameters for desired security level against the attacker's capability of both attacks. The analytical framework, validated by numerical results, establishes that the proposed solution offers a potentially accurate characterisation of the PLS performance and key design perspective from point-of-view of both legitimate user and attacker.

RESCUE: A Resilient and Secure Device-to-Device Communication Framework for Emergencies

During disasters, existing telecommunication infrastructures are often congested or even destroyed. In these situations, mobile devices can form a backup communication network for civilians and emergency services using disruption-tolerant networking (DTN) principles. Unfortunately, such distributed and resource-constrained networks are particularly susceptible to a wide range of attacks such as terrorists trying to cause more harm. In this article, we present <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RESCUE</i> , a resilient and secure device-to-device communication framework for emergency scenarios that provides comprehensive protection against common attacks. <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RESCUE</i> features a minimalistic DTN protocol that, by design, is secure against notable attacks such as routing manipulations, dropping, message manipulations, blackholing, or impersonation. To further protect against message flooding and Sybil attacks, we present a twofold mitigation technique. First, a mobile and distributed certificate infrastructure particularly tailored to the emergency use case hinders the adversarial use of multiple identities. Second, a message buffer management scheme significantly increases resilience against flooding attacks, even if they originate from multiple identities, without introducing additional overhead. Finally, we demonstrate the effectiveness of <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RESCUE</i> via large-scale simulations in a synthetic as well as a realistic natural disaster scenario. Our simulation results show that <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">RESCUE</i> achieves very good message delivery rates, even under flooding and Sybil attacks.

RESCUE: A Resilient and Secure Device-to-Device Communication Framework for Emergencies

During disasters, existing telecommunication infrastructures are often congested or even destroyed. In these situations, mobile devices can form a backup communication network for civilians and emergency services using disruption-tolerant networking (DTN) principles. Unfortunately, such distributed and resource-constrained networks are particularly susceptible to a wide range of attacks such as terrorists trying to cause more harm. In this paper, we present RESCUE, a resilient and secure device-to-device communication framework for emergency scenarios that provides comprehensive protection against common attacks. RESCUE features a minimalistic DTN protocol that, by design, is secure against notable attacks such as routing manipulations, dropping, message manipulations, blackholing, or impersonation. To further protect against message flooding and Sybil attacks, we present a twofold mitigation technique. First, a mobile and distributed certificate infrastructure particularly tailored to the emergency use case hinders the adversarial use of multiple identities. Second, a message buffer management scheme significantly increases resilience against flooding attacks, even if they originate from multiple identities, without introducing additional overhead. Finally, we demonstrate the effectiveness of RESCUE via large-scale simulations in a synthetic as well as a realistic natural disaster scenario. Our simulation results show that RESCUE achieves very good message delivery rates, even under flooding and Sybil attacks.

Energy efficient resource optimization in cooperative Internet of Things networks

Abstract Internet of Things (IoT) network has been envisioned as a promising technology to satisfy the exponentially growing mobile traffic requirements. Cooperative communication technique has been proposed to significantly improve energy efficiency in resource-constrained network. In this paper, we focus on resource allocation optimization and optimal relay selection to maximize the energy efficiency of the IoT networks. Using different cooperative techniques, we have studied the resource optimization problems for a single-hop network topology and a generic cooperative multi-hop network topology. Based on dual optimization framework, we formulate an optimal algorithm to reduce the total transmit power through channel allocations and optimal relay selection for each source to destination communication link while satisfying the quality of service (QoS) requirements. We derive the closed-form expressions for the outage probabilities of the cooperative relaying protocols to improve data transmission and propose an energy efficient power routing algorithm to enhance energy efficiency. Simulation results show an effective performance gain of the proposed algorithm as compared with other existing power saving algorithms in terms of system throughput and energy efficiency.

A Provenance-Aware Distributed Trust Model for Resilient Unmanned Aerial Vehicle Networks

An unmanned aerial vehicle (UAV) network is an emerging industrial IoT network for collaborative UAV communication and management. The open architecture and dynamic topology, which provide functional benefits, unfortunately make UAVNs more vulnerable to a variety of attacks. In UAVNs, malicious nodes not only eavesdrop the communications between UAV nodes but also attempt to attack the entire network by injecting or modifying messages. This work proposes a provenance-aware distributed trust model, named UAV-pro, for UAVNs that aim to achieve accurate peer-to-peer trust assessment and maximize the delivery of correct messages received by destination nodes while minimizing the message delay and communication cost under resource-constrained network environments. Provenance refers to the history of ownership of messages transmitted on the network. The behavior of message creators and operators can be effectively evaluated based on message integrity, then generate the observational evidence. We collect the observational evidence for distributed trust evaluation, then identify malicious nodes in the network and isolate them from the network. UAVN-pro takes a data-driven approach to reduce resource consumption in the presence of selfish or malicious nodes while ensuring the safe transmission of data by digital signature technology. The experimental results show that UAVN-pro works are compatible with the existing UAV network routing protocols, and can effectively identify attacks, such as the black hole, gray hole, message modification, fake recommendation, and fake identity in UAV networks. UAVN-pro is superior to the existing security model in terms of detection rate, delivery rate, and system energy consumption in most cases.

Prioritized Data Transmission Mechanism for IoT

This paper proposes a novel data prioritization and transmission mechanism to minimize the number of packets transmitted and reduce network overload using the constrained application protocol (CoAP) in resource-constrained networks. The proposed scheme adopts four classification parameters to classify and prioritize data from a sensor. With the packet prioritization scheme, the sensed data having the lowest priority is only delivered using the proposed keep-alive message notification to decrease the number of packets transmitted. The performance evaluation demonstrates that the proposed scheme shows the improvement of resource utilization in energy consumption, and bandwidth usage compared with the existing CoAP methods. Furthermore, the proposed scheme supports quality-of-service (QoS) per packet by differentiating transmission delays regarding priorities.

Hybrid Cryptography Algorithm for Securing Wireless Sensor Networks from Node Clone Attack

Background: Security in WSNs is the most significant because sensor nodes deployed are in an unattended environment, and the information is communicated over insecure wireless channels. Therefore, there is a need to put enhanced security measures for securing sensor nodes as well as ensure secured transmission of information. Objective: These resource-constrained networks suffer from various attacks namely, node clone attack, Sybil attack, and DoS attack. In this paper, we proposed a hybrid cryptography algorithm, which secured WSNs from node clone attack. Methods: The proposed algorithm uses a combination of symmetric (AES) and asymmetric (ECC) cryptography techniques along with the hash function. Further, the proposed algorithm checks the integrity of messages during communication in the sensor network. Results: The performance of the proposed hybrid algorithm was examined through the various metrics like communication, computation, and storage overheads. The comparison of the results validates the efficiency of the proposed hybrid algorithm. Conclusion: The proposed hybrid algorithm provides a secure and efficient solution to the energy sensor networks.

Adaptive Complex Filtering for Narrowband Jamming Mitigation in Resource-Constrained Wireless Networks

Jamming attacks present a major challenge for the physical layer security of wireless communication systems. Among the large number of existing methods for jamming mitigation, filtering is a simple but promisingly effective solution that can be applied in resource-constrained and low-power wireless networks. In this article, a first-order adaptive complex narrowband notch filter is proposed for use against high-power narrowband jamming attacks. The central frequency of the filter is adaptively adjustable to match the interfering frequency. This enables the proposed solution to perform effectively in the presence of a jammer whose frequency varies in fixed or random time periods. The simulation results demonstrate the filter's behavior and the efficiency of the proposed technique.

LPWAN Technologies: Emerging Application Characteristics, Requirements, and Design Considerations

Low power wide area network (LPWAN) is a promising solution for long range and low power Internet of Things (IoT) and machine to machine (M2M) communication applications. This paper focuses on defining a systematic and powerful approach of identifying the key characteristics of such applications, translating them into explicit requirements, and then deriving the associated design considerations. LPWANs are resource-constrained networks and are primarily characterized by long battery life operation, extended coverage, high capacity, and low device and deployment costs. These characteristics translate into a key set of requirements including M2M traffic management, massive capacity, energy efficiency, low power operations, extended coverage, security, and interworking. The set of corresponding design considerations is identified in terms of two categories, desired or expected ones and enhanced ones, which reflect the wide range of characteristics associated with LPWAN-based applications. Prominent design constructs include admission and user traffic management, interference management, energy saving modes of operation, lightweight media access control (MAC) protocols, accurate location identification, security coverage techniques, and flexible software re-configurability. Topological and architectural options for interconnecting LPWAN entities are discussed. The major proprietary and standards-based LPWAN technology solutions available in the marketplace are presented. These include Sigfox, LoRaWAN, Narrowband IoT (NB-IoT), and long term evolution (LTE)-M, among others. The relevance of upcoming cellular 5G technology and its complementary relationship with LPWAN technology are also discussed.

Multi-sensors-based security control for T-S fuzzy systems over resource-constrained networks

Abstract This paper investigates the problem of multi-sensors-based security control for Takagi-Sugeno (T-S) fuzzy system over resource-constrained networks. To decrease the effects of resource-constrained networks, a distributed event-triggered scheme and a quantization mechanism are applied to lighten the burden of network transmission. By taking the influences of actuator saturation and denial-of-service (DoS) attacks into consideration, a novel mathematical model for T-S fuzzy system is constructed. Then, sufficient conditions ensuring the exponential stability of T-S fuzzy system are derived by using the Lyapunov stability theory. Moreover, the security controller gains for T-S fuzzy system are obtained by solving a set of linear matrix inequalities (LMIs). Finally, the feasibility of the proposed approach is demonstrated through simulation examples.

Mapping Obfuscation-Based PHY Security Scheme for Resource-Constrained Wireless Sensor Network

ABSTRACT Wireless sensor network (WSN) physical layer (PHY) uses M-ary spread spectrum (MaSS). This paper explores MaSS and emphasizes that based on the implementation approach; the technology has the potential to provide security at the PHY of wireless devices. The MaSS parameters, namely, spreading sequences and symbol to sequence mapping logic, can be obfuscated for security implementation. In this paper, we have focused our analysis on obfuscating mapping logic, i.e. Mapping Obfuscation (MO). Mathematical analysis reveals that an eavesdropper with processing speed in the order of 1018 operations/sec can intercept and decode short length (maximum 8–10 bytes) packets in <100 s. Simulation exposes that the eavesdropper can achieve a success rate of 50% for short-length packets if its signal-to-noise ratio exceeds −1 dB. An attacker has only one check metric for mapping sequence detection that is correct frame check sequence (FCS) detection. However, FCS detection may be misleading; if packet-embedded FCS and eavesdropper-generated FCS are the same for the wrong mapping sequence. For MO-based MaSS, false FCS detection probability is 30 times more than valid FCS detection probability. To reduce false FCS probability attacker need to analyse multiple radio frequency (RF) packets for detecting a valid mapping key; this increases the computation time. For MO-based PHY security, correct mapping sequence identification by exhaustive search demands cluster-based parallel processing.

Data Distribution Optimization Strategy in Wireless Sensor Networks With Edge Computing

Resource-constrained wireless sensor networks (WSNs) impose a substantial challenge to the transmission and processing of non-redundant perceptual data. Moreover, breakthroughs in this area have opened up a new dimension that integrates edge computing technology in wireless sensor networks. However, achieving reliable data distribution in wireless sensor networks with edge computing (EWSN) and balancing the link bandwidth and node energy resources have become challenging problems. In this article, we propose a joint bandwidth allocation and energy consumption (JBAEC) algorithm for distributing different perceptual data to different sensor nodes of the EWSN by considering the available transmission links between the source sensor and destination nodes under the condition of early perceived energy. Therefore, we first establish the model of different data packet types and energy detection costs. Second, we describe the problem of effective bandwidth allocation and prove its NP-hard feature. In addition, we formulate the bandwidth allocation problem as an optimization problem that is divided into the two states of sufficient energy and lack of energy. Afterwards, we present an available node selection (ANS) algorithm for sorting the available relay nodes under the condition of different energy-sufficient nodes. The effective transmission network construction (ETNC) algorithm selects the available transmission links based on the set of available nodes. Finally, we implement the JBAEC algorithm by using the NS-2 simulator and present extensive simulation results to verify the data distribution efficiency of the JBAEC algorithm in the EWSN.

Design Of Intrusion Detection System For Dos Attack In 6lowpan And RPL Based IoT Network

Internet of Things (IoT) is a network spread globally and accommodates maximum things under it. All these things are connected globally using IPv6 protocol which satisfies the need of connecting maximum devices by supporting 2^128 addresses. Because of heavy-weight nature of IPv6 protocol, a compressed version of it known as IPv6 Low Power Personal Area Network (6LoWPAN) protocol is used for a resource-constrained network that communicates over low power and lossy links. In IoT, devices are resource-constrained in terms of low battery power, less processing power, less transceiver power, etc. Also these devices are directly connected to insecure internet hence it is very challenging to maintain security in IoT network. In this paper, we have discussed various attacks on 6LoWPAN and RPL network along with countermeasures to reduce the attacks. DoS attack is one of the severe attacks in IoT which has various patterns of execution. Out of various attacks we have designed Intrusion Detection System (IDS) for Denial of Service (DOS) attack detection using Contiki OS and Cooja simulator.

Low-overhead video compression combining partial discrete cosine transform and compressed sensing in WMSNs

Wireless multimedia sensor network (WMSN) is a special wireless sensor network (WSN) made up of several multimedia sensor nodes, specially designed to retrieve multimedia content such as video and audio streams, still images, and scalar sensor data from the environment. Due to strict inherent limitations in terms of processing power, storage and bandwidth, data processing is a challenge in such network. Further, energy is one of the scarcest resources in WSN, especially in WMSN and therefore, saving energy is of utmost importance. Data compression is one of the solutions of such a problem. This paper proposes an energy saving video compression technique for WMSN by judicious combination of partial discrete cosine transform and compressed sensing. This amalgamation exploits the benefits of both the techniques towards fulfilling the objective of saving energy along with achieving desired peak signal to noise ratio (PSNR). When the transform technique ensures low-overhead compression, compressed sensing guarantees the reconstruction of the same video with lesser amount of measurements. Performance of the scheme is measured both qualitatively and quantitatively. In qualitative analysis, overhead of the scheme is measured in terms of storage, computation, and communication overheads and the results are compared with a number of existing schemes including the base scheme. The results show considerable reduction of all such overheads thereby justifying the appropriateness of the proposed scheme for resource-constrained networks like WMSNs. In quantitative analysis, for both ideal and packet loss environment, the scheme is simulated in Cooja, the Contiki network simulator to make it readily implementable in real life mote e.g. MICAz. When compared with the existing state-of-the-art schemes, it performs better not only in terms of 34.31% energy saving but also in getting an acceptable PSNR of 35–37 dB and SSIM of 0.85–0.88 in ideal environment. In packet loss environment, these values are 32.9–35.5 dB and 0.81–0.85 respectively implying acceptable reconstruction even in packet loss environment. Further, it requires the least storage of 51.2 KB. The observation on simulation results is also justified by statistical analysis.

Impact of Secondary User Block on the TCP Throughput in Cognitive Radio Sensor Networks

The cognitive radio sensor network (CRSN) has emerged as a promising solution to overcome spectrum under-utilization and spectrum scarcity problems in a resource-constrained wireless sensor network. In CRSN, TCP has to cope with a new type of packet loss due to the primary users arrival, known as secondary user blocking loss (SBL), otherwise It leads to significant TCP throughput degradation. In this paper, two main contributions are provided on the modeling of SBL and throughput evaluation of transport layer protocol for CRSN. First, it is identified two main factors of SBL and the probability of them is modeled by a discrete-time Markov chain. Second, a new congestion control algorithm is proposed to distinguish between actual congestion from the wrong congestion due to the SBL by considering the dynamic nature of CRSN. The obtained results through proposed model are verified using the COGNS framework based on NS2, which is a simulation framework for cognitive radio sensor networks. The proposed algorithm is compared with some of the well-known transport protocol TFRC-CR, OHTP and TCP Reno. The results confirm that our proposed algorithm is the best among them.

Efficient Network Sharing With Asymmetric Constraint Information

Network sharing has become a key feature of various enablers of the next generation network, such as network function virtualization and fog computing architectures. Network utility maximization (NUM) is a general framework for achieving fair, efficient, and cost-effective sharing of constrained network resources. When agents have asymmetric and private information, however, a fundamental economic challenge is how to solve the NUM Problem considering the self-interests of strategic agents. Many previous related works have proposed economic mechanisms that can cope with agents' private utilities. However, the network sharing paradigm introduces the issue of information asymmetries regarding constraints. The related literature largely neglected such an issue; limited closely related studies provided solutions only applicable to specific application scenarios. To tackle these issues, we propose the Decomposable NUM (DeNUM) Mechanism and the Dynamic DeNUM (DyDeNUM) Mechanism, the first mechanisms in the literature for solving NUM Problems considering private utility and constraint information. The key idea of both mechanisms is to decentralize the decision process to agents, who will make resource allocation decisions without the need of revealing private information to others. Under a monitorable influence assumption, the DeNUM Mechanism yields the network-utility maximizing solution at an equilibrium, and achieves other desirable economic properties (such as individual rationality and budget balance). We further establish the connection between the equilibrium structure and the primal-dual solution to a related optimization problem, based on which we prove the convergence of the DeNUM Algorithm to an equilibrium. When the agents' influences are not monitorable, we propose the DyDeNUM Mechanism that yields the network-utility maximizing solution at the cost of the balanced budget.

Resource Optimization Protocol Based on Multicommunity Model for Intermittently Connected Mobile Networks

Intermittently connected mobile networks (ICMNs) are kinds of delay-tolerant networks (DTNs) in which the topology of mobile network changes frequently, the network is sparse, and end-to-end connection is hard to establish. However, as nodes in DTNs may often have limited energy, the performance of the network will be inevitably affected. Particularly, the message delivery ratio will be decreased when some of the nodes are out of energy and unable to participate in relay process. In order to make effective use of resources, we take this into consideration and propose the social similarity and optimized resource (SSAOR) protocol. According to the position relationship between the source and the destination nodes, SSAOR uses two different strategies to determine the order of forwarding messages. If they belong to the same community, the source node forwards message, copies to the relay node with the shorter encounter interval and the higher social friendship rank similarity with destination nodes. Otherwise, the source node forwards message copies to the relay node with the higher weight “betweenness” similarity and the shorter waiting encounter time similarity with destination nodes. In addition, we propose a buffer management method for dynamically distributing message copies to reduce network overhead, due to the fact that only a small number of copies can be successfully delivered. Finally, the simulation results show that SSAOR achieves a higher delivery ratio and lower overhead ratio, compared to other protocols within resource-constrained network situations.

A Survey on Congestion Control for RPL-Based Wireless Sensor Networks.

RPL (IPv6 routing protocol for low power and lossy networks) proposed by the IETF (Internet Engineering Task Force) ROLL (routing over low-power and lossy networks) working group is a de facto standard routing protocol for IoT environments. Since the standardization was proposed, RPL has been extensively improved for diverse application scenarios and environments. Congestion control is one of the most important reasons why RPL has been improved. In an LLN (low power and lossy network), congestion may even lead to network lifetime reduction. In resource-constrained networks where end-to-end congestion control is not feasible, RPL should play a more crucial role in congestion control. In this survey, we review the RPL schemes proposed for congestion control and load-balancing and discuss future research directions.

ICENET: An Information Centric Protocol for Big Data Wireless Sensor Networks.

Wireless Sensors Networks (WSNs) are an essential element of the Internet of Things (IoT), and are the main producers of big data. Collecting a huge amount of data produced by a resource-constrained network is a very difficult task, presenting several challenges. Big data gathering involves not only periodic data sensing, but also the forwarding of queries and commands to the network. Conventional network protocols present unfeasible strategies for large-scale networks and may not be directly applicable to IoT environments. Information-Centric Networking is a revolutionary paradigm that can overcome such big data gathering challenges. In this work, we propose a soft-state information-centric protocol, ICENET (Information Centric protocol for sEnsor NETworks), for big data gathering in large-scale WSNs. ICENET can efficiently propagate user queries in a wireless network by using a soft-state recovery mechanism for lossy links. The scalability of our solution is evaluated in different network scenarios. Results show that the proposed protocol presents approximately 84% less overhead and a higher data delivery rate than the CoAP (Constrained Application Protocol), which is a popular protocol for IoT environments.

Cryptanalysis of Permutation–Diffusion-Based Lightweight Chaotic Image Encryption Scheme Using CPA

In order to meet the requirement of secure image communication in a resource-constrained network environment, a novel lightweight chaotic image encryption scheme based on permutation and diffusion has been proposed. It was claimed that this scheme can resist differential attacks, statistical attacks, etc. However, the original encryption scheme is found to be vulnerable and insecure to chosen-plaintext attack (CPA). In this paper, the original encryption scheme is analyzed comprehensively and attacked successfully. Only by choosing a full zero image as the chosen-plaintext of the diffusion phase, the encrypted image can be restored into permutation-only phase, and by applying the other chosen images as the chosen-plaintexts of the permutation phase, the map matrix which is equivalent to the secret key of the permutation phase can be further revealed. Experiments and analysis verify the feasibility of our proposed attack strategy.