cross layer design of security scheme for cooperative mimo sensor networks
DESCRIPTION
Cross Layer Design of Security Scheme for Cooperative MIMO Sensor Networks. Wei Chen, McKenzie McNeal, Liang Hong College of Engineering, Technology, and Computer Science Tennessee State University, USA. IEEE International Conference on Wireless Information Technology and Systems , 2010. - PowerPoint PPT PresentationTRANSCRIPT
Cross Layer Design of Security Scheme for Cooperative MIMO Sensor Networks
Wei Chen, McKenzie McNeal, Liang HongCollege of Engineering, Technology, and Computer Science
Tennessee State University, USA
ICWITS 2010
IEEE International Conference on Wireless Information Technology and Systems , 2010
Outline Introduction to Virtual MIMO Technology
Cooperative communication schemes Virtual MIMO networks and cooperative relay
Research Objectives Cross-Layered Design of Security Scheme
Cryptography based security routing protocol at network layer Compromised node detection at physical layer Data recovery and network recovery
Preliminary Performance Analysis Summery and Future Work
Introduction to Virtual MIMO technology
T×1
T×2
T×M R×M
R×1
R×2
T×1
T×2
T×M R×M
R×1
R×2
Wireless MIMO network
MIMO (Multi-Input Multi-Output) TechnologyMIMO (Multi-Input Multi-Output) TechnologyWithout using extra energy and channel, a MIMO transceiver can be used toWithout using extra energy and channel, a MIMO transceiver can be used to Extend communication range or reducing error rate (diversity gain)Extend communication range or reducing error rate (diversity gain) Provide higher data rate (multiplexing gain)Provide higher data rate (multiplexing gain)
multiplexing gaindiversity gain
MIMO transceiver
However, it is unrealistic to equip multiple antennas to small and inexpensive wireless devices (e.g., crossbow sensor nodes).
Cooperative transmission and receptionCooperative transmission and reception
Distributed individual single-antenna nodes cooperating on Distributed individual single-antenna nodes cooperating on data transmission and reception as a multi-antenna MIMO nodedata transmission and reception as a multi-antenna MIMO node
Introduction to Virtual MIMO technology – Cooperative Communication schemesCooperative Communication schemes
MIMO Link
MISO Link SIMO LinkSISO Link
The ith node’antenna acts like the ith antenna
The jth node’s antenna acts like the jth antenna
Different types of cooperative MIMO links
B C
Other hops
three 4×1 MISO links
three 4×1 MISO links
Introduction to Virtual MIMO technology – Virtual MIMO Networks and Cooperative Virtual MIMO Networks and Cooperative RelayRelay
Virtual MIMO nodes & relay backbone Cooperative MIMO links
Step 1 (Local transmission at A): Each node i (1≤i≤m) in A broadcasts information to all the other local nodes using different timeslots.
First hop
D
A B
d
iI
Step 2 (long-haul transmission between A and B): Each node i in A acts as the ith antenna encoding the information sequence using the MISO code system. All m nodes in A broadcast encoded sequence to the nodes in B at the same time. Each node in B receives m encoded sequences, and then decodes them back to I according to the MISO code system.
mIIII ,..., 21
Multi-MISO based cooperative data relay
3×2 MIMO link
virtual MIMO node
relay backbone
Research Objectives – Previous Research Works
Cryptographic based security schemes Securing communication and routing between healthy nodes, but doing nothing to compromised nodes
MIMO technology based data assurance schemes Li et al & Kim et al [5,6]: Exploit signal randomization and channel
diversity in physical layer to effectively randomize the eavesdropper’s signals but not the authorized receiver’s signals
(Wen et al [7]): Add artificial noise (known by the authorized receiver and generated by the keys in network layer) to transmission process in physical layer.
The schemes need extra MIMO antennas to achieve the data assurance, which largely reduces the MIMO advantage.
This Research
Combining the cryptographic technique in network layer with data assurance analysis at physical layer to provide:
1. Efficient key management system to secure communication and routing in network layer
2. MIMO-aid compromised node detection at physical layer
3. Data recovering and network recovering
Research Objectives
Security Protocol at Network Layer – Shared key cryptography for cooperative communication/routing
C-key(A) C-key(B)
L-key(A,B)A B
Type of Keys(1) Each cluster: each node has a cluster key C-key(A) for local transmission(2) Each link AB: each node in A and B has a key L-key(A,B) for long-haul transmission between A and B
Step 2 (long-hul transmission between A and B): Each node i in A encrypts sequence I with key L-key(A,B), and it acts as ith antenna encoding the encrypted I using the MISO encode system. Then, all m nodes in A broadcast the encrypted and encoded I to the nodes in B at the same time. When a nodes in B receives m copies of the information, it decrypts them with L-key(A,B), and then decode them back to I according to the MISO decode system.
Secured cooperative relay: Step 1 (Local transmission at A): Each node i (1≤i≤m) in A encrypts its information
with C-key(A), and broadcasts it to other local nodes using different timeslots. Each node uses C-key(A) to decrypt the received m information back to .
iI
mIIII ,..., 21
Security Protocol at Network Layer
– Key EstablishmentPre-distributed key: (1) Each node u has a pre-distributed key, pre-key(b,u), shared with base station b. (2) Base station b has all keys, pre-key(b,u), for all nodes u in the network.
Key request from u: (u.id, b.id) withencrypted (u.id, b.id, u.member-list , u.neighbor-list) using pre-key(u,b)
A:head: u Pre-key(u,b)Member-list: p,q,r,sNeighbor-list: B,C,D
Base station bpre-key(u,b) for all nodes u
B
C D
Key response to each node p: (p.id, b.id) with encrypted (p.id, b.id, C-key(A), L-key(A,B),L-key(A,C),L-Key(A,D))using pre-key(p,b)
Step 3. b generates a cluster key C-key(A) for each cluster A and a link key L-key(A,B) for each link AB of the relay backbone and disseminates the keys as follows:
• for each cluster A, b sends each node p of A a cluster key response: {(b.id, p.id), encrypted (b.id, p.id, C-key(A))} using pre-key(p,b).
• for each link AB in the relay backbone, b sends each node p in A a link key response: {(b.id, p.id), encrypted (b.id, p.id, L-key(A,B))} using pre-key(p,b); and each node q in B a link key response {(b.id, q.id), encrypted (b.id, q.id, L-key(A,B))} using pre-key(q,b).
Step 4. Each node p decrypts the received message and get the C-key and L-keys
Step 1. each head node u of cluster A sends a key request to base station b: {(u.id, b.id), encrypted (u.id, b.id, u.member-list , u.neighbor-list)} using pre-key(u,b). Step 2. b decrypts the key request using pre-key(u,b) from all head nodes u.
Key Establishment Algorithm:
Compromised Node Detection at Transmission/Physical Layer
mr21 ,..., ssss
1y
mr21 ,..., ssss
mr21 ,..., ssss
AB
h
2y
3y
Detection Algorithm at head node h
Step 1: Each node of B sends the received signal stream to h. In other words, h receives streams .),...,,( mr21 yyyy Step 2: H estimates the transmitted signal stream by using Inverse Channel Detector:
noiseGaussian white theis andmatrix channel theis where,ˆ 11 HHsyHs -
sStep 3: If the ith element in vector is different from others, then the ith node x in A is the compromised node.
Network Recovering
Detection report from h: (h.id, b.id) withencrypted (h.id, b.id, x.id) using pre-key(h,b)
new C-Key(A) to each node p in A other than x: (p.id, b.id) with encrypted (p.id, b.id, C-key(A)) using pre-key(p,b)
new L-Key(A,B) to each node p in A and B other than x: (p.id, b.id) with encrypted (p.id, b.id, L-key(A,B)) using pre-key(p,b)
Network Recovering AlgorithmStep1. Recovering the data in B(1) h broadcasts a data discard request: (h.id) withencrypted (h.id, x.id) using C-key(A) (2) Each node in cluster B set zero to the column in channel matrix H to eliminate the use of the data from x
Step 2: h sends a detection report to b: (h.id,b.id) withencrypted (h.id, b.id, x.id) using pre-key(h,b)
Step 3: b sends new C-key(A) to each node p in A except x: (p.id,b.id) withencrypted (p.id, b.id, C-key(A)) with pre-key(p,b)
Step 4: b send new L-key(A,B) to each node p in A and B except x(p.id,b.id) withencrypted (p.id, b.id, L-key(A,B)) with pre-key(p,b)
A
x
h
Base station b
B
C
D
Compromised
detector
Preliminary Performance Analysis – Node Detection and Data Recovery Simulation 4 cooperative transmission nodes and 4 cooperative reception nodes Channel: block Rayleigh fading channel Modulation: binary phase shift keying (BPSK)Transmission data: 100 symbols Scenarios: (1) no compromised node (2) one compromised
• with no detection• knowing it without detection • with detection
Preliminary Performance Analysis – Key Management
Scale of the key management systemTypes of C-keys number of the clusters Types of L-keys size of backbone tree Number of keys at each node 1 pre-key, 1 C-key, r L-key where r is the number of neighboring clusters in the backbone Number of keys at base station n pre-key, where n is the number of nodes
Summery and Future workSummeryA cross-layer security scheme is designed for virtual MIMO networks. It contains: • cryptography based secured communication and routing protocol at network layer. • compromised node detection at physical layer • data and network recovery
Future WorkGeneralize the detection approach to deal with the following cases:
Channel matrix H is not square, i.e., the number of cooperative nodes at transmission side is different from that at the reception sides
More than one compromised nodeComprehensive performance evaluation combining the network layer