DEVESH JINWALA | National Institute of Technology, Surat (original) (raw)

Papers by DEVESH JINWALA

2013 International Conference on Security and Cryptography (SECRYPT), 2013

Collaborative data mining has become very useful today with the immense increase in the amount of... more Collaborative data mining has become very useful today with the immense increase in the amount of data collected and the increase in competition. This in turn increases the need to preserve the participants' privacy. There have been a number of approaches proposed that use Secret Sharing for privacy preservation for Secure Multiparty Computation (SMC) in different setups and applications. The different multiparty scenarios may have parties that are semi-honest, rational or malicious. A number of approaches have been proposed for semi honest parties in this setup. The problem however is that in reality we have to deal with parties that act in their self-interest and are rational. These rational parties may try and attain maximum gain without disrupting the protocol. Also these parties if cautioned would correct themselves to have maximum individual gain in the future. Thus we propose a new practical game theoretic approach with three novel punishment policies with the primary adv...

The current massive proliferation of data has led to collaborative data mining that requires pres... more The current massive proliferation of data has led to collaborative data mining that requires preservation of individual privacy of the participants. A number of algorithms proposed till date in this scenario are limited to mining association rules and do not consider their cyclic nature that finds associations with respect to the time segment. Hence catering to this challenge, we propose techniques for privacy preservation while finding global cycles when mining cyclic association rules in a distributed setup. The proposed techniques are based on homomorphic encryption and Shamir’s secret sharing that can help us decipher partial and total global cycles along with maintaining privacy in a distributed setup. Additionally security, efficiency and correctness analysis of the proposed algorithms are also given.

Journal of Engineering, 2014

Privacy preservation while undertaking collaborative distributed frequent itemset mining (PPDFIM)... more Privacy preservation while undertaking collaborative distributed frequent itemset mining (PPDFIM) is an important research direction. The current state of the art for privacy preservation in distributed frequent itemset mining for secure sum in a horizontally partitioned data model comprises primarily public key based homomorphic schemes which are expensive in terms of the communication and computation cost. The nonpublic key based existing state-of-the-art scheme by Clifton et al. used for secure sum in PPDFIM is efficient but prone to security attacks. In this paper, we propose Shamir’s secret sharing based approaches and a symmetric key based scheme to calculate the secure sum in PPDFIM. These schemes are information theoretically secure under the standard assumptions. We further give a detailed theoretical and empirical evaluation of our proposed schemes for PPDFIM using a real market basket dataset. Our experimental analysis also shows that our schemes perform better in terms o...

International Journal of Distributed Systems and Technologies, 2014

With digital data being abundant in today's world, competing organizations desire to gain ins... more With digital data being abundant in today's world, competing organizations desire to gain insights about the market, without putting the privacy of their confidential data at risk. This paper provides a new dimension to the problem of Privacy Preserving Distributed Association Rule Mining (PPDARM) by extending it to a distributed temporal setup. It proposes extensions of public key based and non-public key based additively homomorphic techniques, based on efficient private matching and Shamir's secret sharing, to privately decipher these global cycles in cyclic association rules. Along with the theoretical analysis, it presents experimental results to substantiate it. This paper observes that the Secret Sharing scheme is more efficient than the one based on Paillier homomorphic encryption. However, it observes a considerable increase in the overhead associated with the Shamir's secret sharing scheme, as a result of the increase in the number of parties. To reduce this ov...

A sensor network is a network consisting of several small, wireless, resource-limited nodes that ... more A sensor network is a network consisting of several small, wireless, resource-limited nodes that sense data about their environment and report readings to some central base station. One of the ways through which power can be conserved in a sensor network is to aggregate sensor readings hop-byhop as they travel towards a central base station. Using this approach the total number of messages required to collect each sensor reading can be reduced. In this paper the applications of wireless sensor networks which we have considered are pipeline monitoring, tunnel monitoring, perimeter surveillance etc. These applications form a linear topology in which sensor nodes are deployed in a straight line thus capturing just a single node can disrupt the entire network. Therefore they are security critical and in an adversarial environment, the ability of a malicious node to alter this aggregate total must be limited. We present two aggregation protocols inspired by two natural key pre-distributi...

The Denial of service (DoS) and Distributed Denial of Service (DDoS) attacks are aimed at malicio... more The Denial of service (DoS) and Distributed Denial of Service (DDoS) attacks are aimed at maliciously consuming the available resources in computing systems to prevent genuine users from legitimately accessing them. These attacks can easily interrupt or disable targeted systems, so it is important for the system to detect and filter bogus connection requests as early as possible. Many common protocols TCP, HIP, SSL, etc., are vulnerable to DoS attacks. Until now, there has been no fit for all, generic solution to resist a DoS/DDoS attacks presented. An attractive alternative therefore is to investigate the approaches by which one can at least reduce the impact of the DoS/DDoS attacks. Our research work presented here focuses on the same. We develop a formal model of Internet Key Exchange version 2 (IKEv2) protocol using formal specification language of Colored Petri Nets (CPNs) to analyze the protocol for DoS attacks. IKEv2 is a member of the IPSec protocol suite and establishes a s...

Computer Networks, 2016

The objectives of concealed data aggregation are to provide end-to-end privacy and en route aggre... more The objectives of concealed data aggregation are to provide end-to-end privacy and en route aggregation of reverse multicast traffic in wireless sensor networks. Privacy homomorphism has been used for realizing these objectives together. Although privacy homomorphism achieves the conflicting objectives, such as privacy and data aggregation, it negatively affects other security objectives such as integrity and freshness. Privacy homomorphism that protects sensor readings from passive adversaries makes them susceptible to active adversaries whose aim is to modify or inject malicious data packets in the network. In this article, we present a comprehensive survey of the state-of-the-art concealed data aggregation protocols in wireless sensor networks. We investigate the need for en route aggregation, encrypted data processing, en route and endto-end integrity verification, and replay protection. We discuss the challenges and their proposed solutions for achieving the conflicting goals such as in-network aggregation, privacy, integrity, and replay protection. We comparatively evaluate the performance of concealed data aggregation protocols for measuring their respective strengths and weaknesses. In addition, we provide a detailed insight into the open research issues in concealed data aggregation and conclude with possible future research directions.

In-network processing involves processing of the sensed data onthe-fly during the course of the c... more In-network processing involves processing of the sensed data onthe-fly during the course of the communication to the base station. However, due to the fusion of data items sourced at different nodes into a single one, the security of the aggregated data as well as that of the aggregating node, demands critical investigation. One of the approaches to ensure secure data aggregation is to use encrypted sensor data for processing, using homomorphic encryption. As per our observation, an integrated solution to offer all the necessary security attributes viz. confidentiality, privacy, integrity and authentication based on elliptic curve cryptography is not found in the literature. Hence, our research here is aimed to propose an approach that uses homomorphic encryption and appropriate data integrity mechanisms to offer confidentiality, privacy, and data integrity for secure data aggregation in wireless sensor networks.

Journal of Information Security, 2015

In wireless sensor networks, secure data aggregation protocols target the two major objectives, n... more In wireless sensor networks, secure data aggregation protocols target the two major objectives, namely, security and en route aggregation. Although en route aggregation of reverse multi-cast traffic improves energy efficiency, it becomes a hindrance to end-to-end security. Concealed data aggregation protocols aim to preserve the end-to-end privacy of sensor readings while performing en route aggregation. However, the use of inherently malleable privacy homomorphism makes these protocols vulnerable to active attackers. In this paper, we propose an integrity and privacy preserving end-to-end secure data aggregation protocol. We use symmetric key-based homomorphic primitives to provide end-to-end privacy and end-to-end integrity of reverse multicast traffic. As sensor network has a non-replenishable energy supply, the use of symmetric key based homomorphic primitives improves the energy efficiency and increase the sensor network's lifetime. We comparatively evaluate the performance of the proposed protocol to show its efficacy and efficiency in resource-constrained environments.

International Journal of Distributed Systems and Technologies, 2014

Data aggregation based on in-network processing is useful in improving the communications overhea... more Data aggregation based on in-network processing is useful in improving the communications overhead in Wireless Sensor Networks (WSNs) by reducing the overall number of packets communicated to the base station. However, due to the fusion of data items sourced at different nodes into a single one, the security of the aggregated data as well as that of the aggregating node, demands critical investigation. This paper observes that though there have been substantial numbers of research attempts recently in proposing techniques for secure data aggregation, there is still a need for a coherent, integrated framework for secure data aggregation. It proposes such an integrated framework for secure data aggregation in this paper. The proposed framework implements a secure data aggregation protocol, offering the attributes viz. confidentiality, privacy, authentication, robustness, as well as data integrity using a defined data aggregation topology. In addition to that, the proposed framework is...

Journal of Information Security, 2014

Wireless Sensor Networks (WSNs) typically use in-network processing to reduce the communication o... more Wireless Sensor Networks (WSNs) typically use in-network processing to reduce the communication overhead. Due to the fusion of data items sourced at different nodes into a single one during in-network processing, the sanctity of the aggregated data needs to be ensured. Especially, the data integrity of the aggregated result is critical as any malicious update to it can jeopardize not one, but many sensor readings. In this paper, we analyse three different approaches to providing integrity support for SDA in WSNs. The first one is traditional MAC, in which each leaf node and intermediate node share a key with parent (symmetric key). The second is aggregate MAC (AMAC), in which a base station shares a unique key with all the other sensor nodes. The third is homomorphic MAC (Homo MAC) that is purely symmetric key-based approach. These approaches exhibit diverse trade-off in resource consumption and security assumptions. Adding together to that, we also propose a probabilistic and improved variant of homomorphic MAC that improves the security strength for secure data aggregation in WSNs. We carry out simulations in TinyOS environment to experimentally evaluate the impact of each of these on the resource consumption in WSNs.

International Journal of Network Security & Its Applications, 2010

Due to the severe resource constraints in the Wireless Sensor Networks (WSNs), the security proto... more Due to the severe resource constraints in the Wireless Sensor Networks (WSNs), the security protocols therein, should be designed to optimize the performance maximally. On the other hand a block cipher and the mode of operation in which it operates, play a vital role in determining the overall efficiency of a security protocol. In addition, when an application demands confidentiality and message integrity, the overall efficiency of a security protocol can be improved by using the Authenticated Encryption (AE) block cipher mode of operation as compared to the conventional sequential encryption and authentication. Amongst the AE block cipher modes, the Galois Counter mode (GCM) is the latest recommended AE mode by the NIST. In this paper, we attempt at evaluating the performance of the GCM mode in the link layer security protocol for a WSN viz. TinySec and compare it with the default conventional block cipher modes of operation used therein. To the best of our knowledge ours is the first experimental evaluation of Galois Counter Mode with Advanced Encryption Standard Cipher at the link layer security architecture for WSNs.

International Journal of Computer Applications, 2013

The in-network processing consists of data aggregation operations e.g. Summation, averaging, min-... more The in-network processing consists of data aggregation operations e.g. Summation, averaging, min-max value, variance etc. Data aggregation reduces the number of message transmitted to the Wireless Sensor Network(WSN) by calculating the sub aggregation results at the intermediate nodes. Furthermore the sensor nodes are deployed in open and unsafe environments, so the security of sensed and aggregated data is crucial. This situation necessitates the investigation of the Secure Data Aggregation (SDA) protocol. Many protocols have been proposed concerning finding answers for SUM queries in WSNs but most of them either offer only approximate answers for SUM queries or do not live up to all the security requirements. The focus of the research in this paper is to investigate a SDA protocol which satisfies all the security requirements viz. Confidentiality, Privacy, Authentication, Integrity and Freshness of the query result and also returns the exact answers for SUM queries (as well as their derivatives, e.g., COUNT, AVG, etc). The protocol applies homomorphic encryption that promises the privacy as well as confidentiality of data sent by sensor nodes with innetwork aggregation. The protocol achieves integrity of sensed data by means of secret sharing scheme, message authentication code (MAC) and data diffusion methods. Proposed scheme satisfies all the essential security requirements for secure in-network aggregation. This scheme does not impose extra overhead in communication. Therefore, the scheme is best desirable for resource-restrain WSNs.

Ensuring communications security in Wireless Sensor Networks (WSNs) indeed is critical; due to th... more Ensuring communications security in Wireless Sensor Networks (WSNs) indeed is critical; due to the criticality of the resources in the sensor nodes as well as due to their ubiquitous and pervasive deployment, with varying attributes and degrees of security required. The proliferation of the next generation sensor nodes, has not solved this problem, because of the greater emphasis on low-cost deployment. In addition, the WSNs use data-centric multi-hop communication that in turn, necessitates the security support to be devised at the link layer (increasing the cost of security related operations), instead of being at the application layer, as in general networks. Therefore, an energy-efficient link layer security framework is necessitated. There do exists a number of link layer security architectures that offer some combinations of the security attributes desired by different WSN applications. However, as we show in this paper, none of them is responsive to the actual security demand...

doi:10.4156/ijact.vol2. issue5.15 Amidst the proliferation of different resources available on th... more doi:10.4156/ijact.vol2. issue5.15 Amidst the proliferation of different resources available on the Grid, today, it is vital to optimally discover the appropriate resource from amongst a repository of the resources distributed across Grid. Conventionally, the syntactic homogeneity of the resource description in each repository is used for match making and for identification of the required resource. Of late, detecting the semantic homogeneity of the resource description is also coupled with syntactic matching for the purpose. However, detecting semantic homogeneity requires complete description of the associated resource. We propose here an approach that is based on employing complement classes to early reject those resources that lack the semantic matching, thereby yielding efficient discovery of the required resource. To the best of our knowledge, ours is the first attempt at proposing Complement Class based semantic match making algorithm for detection of the resources.

Ensuring communications security in Wireless Sensor Networks (WSNs) indeed is critical; due to th... more Ensuring communications security in Wireless Sensor Networks (WSNs) indeed is critical; due to the criticality of the resources in the sensor nodes as well as due to their ubiquitous and pervasive deployment, with varying attributes and degrees of security required. The proliferation of the next generation sensor nodes, has not solved this problem, because of the greater emphasis on low-cost deployment. In addition, the WSNs use data-centric multi-hop communication that in turn, necessitates the security support to be devised at the link layer (increasing the cost of security related operations), instead of being at the application layer, as in general networks. Therefore, an energy-efficient link layer security framework is necessitated. There do exists a number of link layer security architectures that offer some combinations of the security attributes desired by different WSN applications. However, as we show in this paper, none of them is responsive to the actual security demand...

There are various approaches to achieve time synchronization in case of wireless sensor networks.... more There are various approaches to achieve time synchronization in case of wireless sensor networks. Amongst them “sender to receiver” and “receiver to receiver” are the frequently used approaches for synchronizing time. Both the methodology has some drawbacks with respect to number of message exchanged for synchronization. To overcome those drawbacks Hybrid approach was introduced. Hybrid approach is efficient with respect to number of message exchanged compared to both methodology. In this paper Hybrid Approach is improved, to reduce the message communication that is required to synchronize time between the nodes in sensor network.

With ever increasing network traffic, distributed systems can provide higher performance using a ... more With ever increasing network traffic, distributed systems can provide higher performance using a typical dynamic load balancing (DLB) algorithm. Dynamic algorithm employs up to date load information of the nodes to make load distribution decisions and therefore, they have potential to outperform static strategies. In this paper, we illustrate the analytical comparative study of existing dynamic algorithms and result gives a thorough overview of various dynamic algorithms, helping designers in choosing the most appropriate approach for a variety of distributed systems. Moreover, researchers can use it as a catalog of available DLB schemes to come up with new design.

Due to wireless communication, dynamic topology, limited resources and lack of centralized admini... more Due to wireless communication, dynamic topology, limited resources and lack of centralized administration, MANETs are vulnerable to various types of DoS attacks on network layer. In Gray hole and Black hole attacks malicious nodes deliberately disrupt data transmission in the network by sending incorrect routing information. It is a challenge to keep the communication route free from such attackers. In this paper, we propose a scheme for Ad-hoc On-demand Distance Vector (AODV) protocol, in which an intermediate node detects the malicious node sending false routing information, routing packets are used not only to pass routing information, but also to pass information about malicious nodes. The proposed scheme not only detects but also removes malicious node by isolating it, to make safe and secure communication.

It is to select and configure the appropriate constituent components when designing an effective ... more It is to select and configure the appropriate constituent components when designing an effective dynamic load balancing algorithm for distributed systems, since the performance of a dynamic load balancing algorithm heavily depends on these components. The main concern of this paper is to analyze and explore the various components for designing dynamic load balancing algorithms and to propose new information and location policies factoring in the limitations of the existing approaches. We also present a compartive analysis of existing information policies and location policies based on a set of defined parameters. This analysis is useful in identifying the lacunae in the current research in dynamic load balancing algorithms and justifies the need for a novel efficient dynamic load balancing algorithm.

2013 International Conference on Security and Cryptography (SECRYPT), 2013

Collaborative data mining has become very useful today with the immense increase in the amount of... more Collaborative data mining has become very useful today with the immense increase in the amount of data collected and the increase in competition. This in turn increases the need to preserve the participants' privacy. There have been a number of approaches proposed that use Secret Sharing for privacy preservation for Secure Multiparty Computation (SMC) in different setups and applications. The different multiparty scenarios may have parties that are semi-honest, rational or malicious. A number of approaches have been proposed for semi honest parties in this setup. The problem however is that in reality we have to deal with parties that act in their self-interest and are rational. These rational parties may try and attain maximum gain without disrupting the protocol. Also these parties if cautioned would correct themselves to have maximum individual gain in the future. Thus we propose a new practical game theoretic approach with three novel punishment policies with the primary adv...

The current massive proliferation of data has led to collaborative data mining that requires pres... more The current massive proliferation of data has led to collaborative data mining that requires preservation of individual privacy of the participants. A number of algorithms proposed till date in this scenario are limited to mining association rules and do not consider their cyclic nature that finds associations with respect to the time segment. Hence catering to this challenge, we propose techniques for privacy preservation while finding global cycles when mining cyclic association rules in a distributed setup. The proposed techniques are based on homomorphic encryption and Shamir’s secret sharing that can help us decipher partial and total global cycles along with maintaining privacy in a distributed setup. Additionally security, efficiency and correctness analysis of the proposed algorithms are also given.

Journal of Engineering, 2014

Privacy preservation while undertaking collaborative distributed frequent itemset mining (PPDFIM)... more Privacy preservation while undertaking collaborative distributed frequent itemset mining (PPDFIM) is an important research direction. The current state of the art for privacy preservation in distributed frequent itemset mining for secure sum in a horizontally partitioned data model comprises primarily public key based homomorphic schemes which are expensive in terms of the communication and computation cost. The nonpublic key based existing state-of-the-art scheme by Clifton et al. used for secure sum in PPDFIM is efficient but prone to security attacks. In this paper, we propose Shamir’s secret sharing based approaches and a symmetric key based scheme to calculate the secure sum in PPDFIM. These schemes are information theoretically secure under the standard assumptions. We further give a detailed theoretical and empirical evaluation of our proposed schemes for PPDFIM using a real market basket dataset. Our experimental analysis also shows that our schemes perform better in terms o...

International Journal of Distributed Systems and Technologies, 2014

With digital data being abundant in today's world, competing organizations desire to gain ins... more With digital data being abundant in today's world, competing organizations desire to gain insights about the market, without putting the privacy of their confidential data at risk. This paper provides a new dimension to the problem of Privacy Preserving Distributed Association Rule Mining (PPDARM) by extending it to a distributed temporal setup. It proposes extensions of public key based and non-public key based additively homomorphic techniques, based on efficient private matching and Shamir's secret sharing, to privately decipher these global cycles in cyclic association rules. Along with the theoretical analysis, it presents experimental results to substantiate it. This paper observes that the Secret Sharing scheme is more efficient than the one based on Paillier homomorphic encryption. However, it observes a considerable increase in the overhead associated with the Shamir's secret sharing scheme, as a result of the increase in the number of parties. To reduce this ov...

A sensor network is a network consisting of several small, wireless, resource-limited nodes that ... more A sensor network is a network consisting of several small, wireless, resource-limited nodes that sense data about their environment and report readings to some central base station. One of the ways through which power can be conserved in a sensor network is to aggregate sensor readings hop-byhop as they travel towards a central base station. Using this approach the total number of messages required to collect each sensor reading can be reduced. In this paper the applications of wireless sensor networks which we have considered are pipeline monitoring, tunnel monitoring, perimeter surveillance etc. These applications form a linear topology in which sensor nodes are deployed in a straight line thus capturing just a single node can disrupt the entire network. Therefore they are security critical and in an adversarial environment, the ability of a malicious node to alter this aggregate total must be limited. We present two aggregation protocols inspired by two natural key pre-distributi...

The Denial of service (DoS) and Distributed Denial of Service (DDoS) attacks are aimed at malicio... more The Denial of service (DoS) and Distributed Denial of Service (DDoS) attacks are aimed at maliciously consuming the available resources in computing systems to prevent genuine users from legitimately accessing them. These attacks can easily interrupt or disable targeted systems, so it is important for the system to detect and filter bogus connection requests as early as possible. Many common protocols TCP, HIP, SSL, etc., are vulnerable to DoS attacks. Until now, there has been no fit for all, generic solution to resist a DoS/DDoS attacks presented. An attractive alternative therefore is to investigate the approaches by which one can at least reduce the impact of the DoS/DDoS attacks. Our research work presented here focuses on the same. We develop a formal model of Internet Key Exchange version 2 (IKEv2) protocol using formal specification language of Colored Petri Nets (CPNs) to analyze the protocol for DoS attacks. IKEv2 is a member of the IPSec protocol suite and establishes a s...

Computer Networks, 2016

The objectives of concealed data aggregation are to provide end-to-end privacy and en route aggre... more The objectives of concealed data aggregation are to provide end-to-end privacy and en route aggregation of reverse multicast traffic in wireless sensor networks. Privacy homomorphism has been used for realizing these objectives together. Although privacy homomorphism achieves the conflicting objectives, such as privacy and data aggregation, it negatively affects other security objectives such as integrity and freshness. Privacy homomorphism that protects sensor readings from passive adversaries makes them susceptible to active adversaries whose aim is to modify or inject malicious data packets in the network. In this article, we present a comprehensive survey of the state-of-the-art concealed data aggregation protocols in wireless sensor networks. We investigate the need for en route aggregation, encrypted data processing, en route and endto-end integrity verification, and replay protection. We discuss the challenges and their proposed solutions for achieving the conflicting goals such as in-network aggregation, privacy, integrity, and replay protection. We comparatively evaluate the performance of concealed data aggregation protocols for measuring their respective strengths and weaknesses. In addition, we provide a detailed insight into the open research issues in concealed data aggregation and conclude with possible future research directions.

In-network processing involves processing of the sensed data onthe-fly during the course of the c... more In-network processing involves processing of the sensed data onthe-fly during the course of the communication to the base station. However, due to the fusion of data items sourced at different nodes into a single one, the security of the aggregated data as well as that of the aggregating node, demands critical investigation. One of the approaches to ensure secure data aggregation is to use encrypted sensor data for processing, using homomorphic encryption. As per our observation, an integrated solution to offer all the necessary security attributes viz. confidentiality, privacy, integrity and authentication based on elliptic curve cryptography is not found in the literature. Hence, our research here is aimed to propose an approach that uses homomorphic encryption and appropriate data integrity mechanisms to offer confidentiality, privacy, and data integrity for secure data aggregation in wireless sensor networks.

Journal of Information Security, 2015

In wireless sensor networks, secure data aggregation protocols target the two major objectives, n... more In wireless sensor networks, secure data aggregation protocols target the two major objectives, namely, security and en route aggregation. Although en route aggregation of reverse multi-cast traffic improves energy efficiency, it becomes a hindrance to end-to-end security. Concealed data aggregation protocols aim to preserve the end-to-end privacy of sensor readings while performing en route aggregation. However, the use of inherently malleable privacy homomorphism makes these protocols vulnerable to active attackers. In this paper, we propose an integrity and privacy preserving end-to-end secure data aggregation protocol. We use symmetric key-based homomorphic primitives to provide end-to-end privacy and end-to-end integrity of reverse multicast traffic. As sensor network has a non-replenishable energy supply, the use of symmetric key based homomorphic primitives improves the energy efficiency and increase the sensor network's lifetime. We comparatively evaluate the performance of the proposed protocol to show its efficacy and efficiency in resource-constrained environments.

International Journal of Distributed Systems and Technologies, 2014

Data aggregation based on in-network processing is useful in improving the communications overhea... more Data aggregation based on in-network processing is useful in improving the communications overhead in Wireless Sensor Networks (WSNs) by reducing the overall number of packets communicated to the base station. However, due to the fusion of data items sourced at different nodes into a single one, the security of the aggregated data as well as that of the aggregating node, demands critical investigation. This paper observes that though there have been substantial numbers of research attempts recently in proposing techniques for secure data aggregation, there is still a need for a coherent, integrated framework for secure data aggregation. It proposes such an integrated framework for secure data aggregation in this paper. The proposed framework implements a secure data aggregation protocol, offering the attributes viz. confidentiality, privacy, authentication, robustness, as well as data integrity using a defined data aggregation topology. In addition to that, the proposed framework is...

Journal of Information Security, 2014

Wireless Sensor Networks (WSNs) typically use in-network processing to reduce the communication o... more Wireless Sensor Networks (WSNs) typically use in-network processing to reduce the communication overhead. Due to the fusion of data items sourced at different nodes into a single one during in-network processing, the sanctity of the aggregated data needs to be ensured. Especially, the data integrity of the aggregated result is critical as any malicious update to it can jeopardize not one, but many sensor readings. In this paper, we analyse three different approaches to providing integrity support for SDA in WSNs. The first one is traditional MAC, in which each leaf node and intermediate node share a key with parent (symmetric key). The second is aggregate MAC (AMAC), in which a base station shares a unique key with all the other sensor nodes. The third is homomorphic MAC (Homo MAC) that is purely symmetric key-based approach. These approaches exhibit diverse trade-off in resource consumption and security assumptions. Adding together to that, we also propose a probabilistic and improved variant of homomorphic MAC that improves the security strength for secure data aggregation in WSNs. We carry out simulations in TinyOS environment to experimentally evaluate the impact of each of these on the resource consumption in WSNs.

International Journal of Network Security & Its Applications, 2010

Due to the severe resource constraints in the Wireless Sensor Networks (WSNs), the security proto... more Due to the severe resource constraints in the Wireless Sensor Networks (WSNs), the security protocols therein, should be designed to optimize the performance maximally. On the other hand a block cipher and the mode of operation in which it operates, play a vital role in determining the overall efficiency of a security protocol. In addition, when an application demands confidentiality and message integrity, the overall efficiency of a security protocol can be improved by using the Authenticated Encryption (AE) block cipher mode of operation as compared to the conventional sequential encryption and authentication. Amongst the AE block cipher modes, the Galois Counter mode (GCM) is the latest recommended AE mode by the NIST. In this paper, we attempt at evaluating the performance of the GCM mode in the link layer security protocol for a WSN viz. TinySec and compare it with the default conventional block cipher modes of operation used therein. To the best of our knowledge ours is the first experimental evaluation of Galois Counter Mode with Advanced Encryption Standard Cipher at the link layer security architecture for WSNs.

International Journal of Computer Applications, 2013

The in-network processing consists of data aggregation operations e.g. Summation, averaging, min-... more The in-network processing consists of data aggregation operations e.g. Summation, averaging, min-max value, variance etc. Data aggregation reduces the number of message transmitted to the Wireless Sensor Network(WSN) by calculating the sub aggregation results at the intermediate nodes. Furthermore the sensor nodes are deployed in open and unsafe environments, so the security of sensed and aggregated data is crucial. This situation necessitates the investigation of the Secure Data Aggregation (SDA) protocol. Many protocols have been proposed concerning finding answers for SUM queries in WSNs but most of them either offer only approximate answers for SUM queries or do not live up to all the security requirements. The focus of the research in this paper is to investigate a SDA protocol which satisfies all the security requirements viz. Confidentiality, Privacy, Authentication, Integrity and Freshness of the query result and also returns the exact answers for SUM queries (as well as their derivatives, e.g., COUNT, AVG, etc). The protocol applies homomorphic encryption that promises the privacy as well as confidentiality of data sent by sensor nodes with innetwork aggregation. The protocol achieves integrity of sensed data by means of secret sharing scheme, message authentication code (MAC) and data diffusion methods. Proposed scheme satisfies all the essential security requirements for secure in-network aggregation. This scheme does not impose extra overhead in communication. Therefore, the scheme is best desirable for resource-restrain WSNs.

Ensuring communications security in Wireless Sensor Networks (WSNs) indeed is critical; due to th... more Ensuring communications security in Wireless Sensor Networks (WSNs) indeed is critical; due to the criticality of the resources in the sensor nodes as well as due to their ubiquitous and pervasive deployment, with varying attributes and degrees of security required. The proliferation of the next generation sensor nodes, has not solved this problem, because of the greater emphasis on low-cost deployment. In addition, the WSNs use data-centric multi-hop communication that in turn, necessitates the security support to be devised at the link layer (increasing the cost of security related operations), instead of being at the application layer, as in general networks. Therefore, an energy-efficient link layer security framework is necessitated. There do exists a number of link layer security architectures that offer some combinations of the security attributes desired by different WSN applications. However, as we show in this paper, none of them is responsive to the actual security demand...

doi:10.4156/ijact.vol2. issue5.15 Amidst the proliferation of different resources available on th... more doi:10.4156/ijact.vol2. issue5.15 Amidst the proliferation of different resources available on the Grid, today, it is vital to optimally discover the appropriate resource from amongst a repository of the resources distributed across Grid. Conventionally, the syntactic homogeneity of the resource description in each repository is used for match making and for identification of the required resource. Of late, detecting the semantic homogeneity of the resource description is also coupled with syntactic matching for the purpose. However, detecting semantic homogeneity requires complete description of the associated resource. We propose here an approach that is based on employing complement classes to early reject those resources that lack the semantic matching, thereby yielding efficient discovery of the required resource. To the best of our knowledge, ours is the first attempt at proposing Complement Class based semantic match making algorithm for detection of the resources.

Ensuring communications security in Wireless Sensor Networks (WSNs) indeed is critical; due to th... more Ensuring communications security in Wireless Sensor Networks (WSNs) indeed is critical; due to the criticality of the resources in the sensor nodes as well as due to their ubiquitous and pervasive deployment, with varying attributes and degrees of security required. The proliferation of the next generation sensor nodes, has not solved this problem, because of the greater emphasis on low-cost deployment. In addition, the WSNs use data-centric multi-hop communication that in turn, necessitates the security support to be devised at the link layer (increasing the cost of security related operations), instead of being at the application layer, as in general networks. Therefore, an energy-efficient link layer security framework is necessitated. There do exists a number of link layer security architectures that offer some combinations of the security attributes desired by different WSN applications. However, as we show in this paper, none of them is responsive to the actual security demand...

There are various approaches to achieve time synchronization in case of wireless sensor networks.... more There are various approaches to achieve time synchronization in case of wireless sensor networks. Amongst them “sender to receiver” and “receiver to receiver” are the frequently used approaches for synchronizing time. Both the methodology has some drawbacks with respect to number of message exchanged for synchronization. To overcome those drawbacks Hybrid approach was introduced. Hybrid approach is efficient with respect to number of message exchanged compared to both methodology. In this paper Hybrid Approach is improved, to reduce the message communication that is required to synchronize time between the nodes in sensor network.

With ever increasing network traffic, distributed systems can provide higher performance using a ... more With ever increasing network traffic, distributed systems can provide higher performance using a typical dynamic load balancing (DLB) algorithm. Dynamic algorithm employs up to date load information of the nodes to make load distribution decisions and therefore, they have potential to outperform static strategies. In this paper, we illustrate the analytical comparative study of existing dynamic algorithms and result gives a thorough overview of various dynamic algorithms, helping designers in choosing the most appropriate approach for a variety of distributed systems. Moreover, researchers can use it as a catalog of available DLB schemes to come up with new design.

Due to wireless communication, dynamic topology, limited resources and lack of centralized admini... more Due to wireless communication, dynamic topology, limited resources and lack of centralized administration, MANETs are vulnerable to various types of DoS attacks on network layer. In Gray hole and Black hole attacks malicious nodes deliberately disrupt data transmission in the network by sending incorrect routing information. It is a challenge to keep the communication route free from such attackers. In this paper, we propose a scheme for Ad-hoc On-demand Distance Vector (AODV) protocol, in which an intermediate node detects the malicious node sending false routing information, routing packets are used not only to pass routing information, but also to pass information about malicious nodes. The proposed scheme not only detects but also removes malicious node by isolating it, to make safe and secure communication.

It is to select and configure the appropriate constituent components when designing an effective ... more It is to select and configure the appropriate constituent components when designing an effective dynamic load balancing algorithm for distributed systems, since the performance of a dynamic load balancing algorithm heavily depends on these components. The main concern of this paper is to analyze and explore the various components for designing dynamic load balancing algorithms and to propose new information and location policies factoring in the limitations of the existing approaches. We also present a compartive analysis of existing information policies and location policies based on a set of defined parameters. This analysis is useful in identifying the lacunae in the current research in dynamic load balancing algorithms and justifies the need for a novel efficient dynamic load balancing algorithm.