Providing security is essential for mission critical Wireless Ad Hoc and Sensor Networks (WAHSN) applications. Often a highly secure mechanism inevitably consumes a rather large amount of system resources, which in turn may unintentionally cause a Security Service Denial of Service (SSDoS) attack. This paper proposes a self-adaptive resource-aware (SARA) security provisioning approach for WAHSNs. For resource scarce WAHSNs, SARA strives to provide the optimal tradeoff between the sufficient security (which is reflected by the Security Index (SI)) and the acceptable network performance degradation (which is reflected by the Performance Index (PI)). With the support of the offline optimal secure protocol selection module and the online self-adaptive security control module, SARA is capable of employing different combinations of secure protocol sets to satisfy different security need at different condition for different applications.
To determine the security index SI of a secure protocol set, a heuristic cross-layer security-service mapping mechanism is presented. Furthermore, we evaluate performance index PI of a secure protocol set via simulation followed by Analysis of Variance (ANOVA). Consequently, the proposed self-adaptive security provisioning based on both SI and PI achieves the maximum overall network security services and network performance services, without causing the SSDoS attack. Furthermore, this self-adaptive mechanism is capable of switching from one secure protocol set to another while keeping similar level of security and performance, it thus provides additional security by security service hopping.
Wireless Ad Hoc and Sensor Networks (WAHSNs) are vulnerable to extensive attacks as well as severe resource constraints. To fulfill the security needs, many security enhancements have been proposed. Like wise, from resource constraint perspective, many power aware schemes have been proposed to save the battery power. However, we observe that for the severely resource limited and extremely vulnerable WAHSNs, taking security or power (or any other resource) alone into consideration for protocol design is rather inadequate toward the truly “secure-and-useful” WAHSNs. For example, from resource constraint perspective, we identify one of the potential problems, the Security-Capable-Congestion (SCC) behavior, for the WAHSNs routing protocols where only the security are concerned. On the other hand, the design approach where only scarce resource is concerned, such as many power-aware WAHSNs protocols, leaves security unconsidered and is undesirable to many WAHSNs application scenarios.
Motivated by these observations, we propose a co-design approach, where both the high security and effective resource consumption are targeted for WAHSNs protocol design. Specifically, we propose a novel routing protocol, Security- and Power- Aware Routing (SPAR) protocol based on this co-design approach. In SPAR, the routing decisions are made based on both security and power as routing criteria. The idea of the SPAR mechanism is routing protocol independent and therefore can be broadly integrated into any of the existing WAHSNs routing protocols. The simulation results show that SPAR outperforms the WAHSNs routing protocols where security or power alone is considered, significantly. This research finding demonstrates the proposed security- and resource- aware co-design approach is promising towards the truly “secure-and-useful” WAHSNs.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.