Problems Addressed and Contributions

In this dissertation, we investigate five challenging problems in wireless ad hoc networks. We initially study the problem of energy efficient key management for secure multicast in

wireless ad hoc networks. We then study the problem of secure location estimation for ad hoc and sensor networks. Furthermore, we address the problem of the wormhole attack [48, 52], a type of attack that is easy to mount and difficult to detect [48]. To facilitate the analytical evaluation of the security level achieved using our methods, we also investigate the problem of stochastic coverage in heterogeneous sensor networks. Finally, we address the problem of detecting mobile targets in heterogeneous sensor networks.

1.1.1 Resource-Effcient Group Key Management for Secure Multicast in Ad Hoc Networks

As group-oriented services become the focal point of ad hoc network applications, secur- ing the group communications becomes a default requirement. Group applications such as broadcast-on-demand, teleconferecing, telemedicine, pay-per-view, are expected to migrate from the wired networks to the wireless ad-hoc networks. Due to the anticipated size of such networks and the limited energy resources of the wireless devices, securing group com- munications requires the availability of an energy-efficient and scalable key management system, that can accommodate the dynamics of the communication group. Group member- ship is expected to be highly dynamic due to users subscribing and unsubscribing from the multicast services, as well as intermittent connectivity due to the varying network topology. In this dissertation, we address the problem of key management for secure multicast communications in wireless ad hoc networks, that is, the energy-efficient distribution and

maintenance of cryptographic quantities to the members of a communication group called, the multicast group, so that access to group data is restricted only to valid group members, at any time. We formulate the problem of key management as an optimization problem

and study its complexity under three important network resources; storage, bandwidth and energy expenditure. While optimal solutions exist in terms of storage and number of messages transmitted by the entity managing the group membership, also known as the

Group Controller (GC), we show that finding the optimal solution with respect to the

network bandwidth and energy expenditure requirements, is an NP-hard problem.

We also show that optimization of storage requires bandwidth and energy resource that grow exponentially with the group size and, hence, no universal solution exists that would

simultaneously optimize all three resources. Hence, we study tree-based key structures that are known to be scalable in both storage and bandwidth [52, 90, 123], and attempt to optimize these structures with respect to energy expenditure.

We show that the energy expended by the network to distribute cryptographic quanti- ties depends both on the network topology and path-loss parameters of the medium, and introduce a new metric called average key update energy to evaluate the energy efficiency of key management schemes. To reduce the energy expended by the ad hoc network to perform key management, we devise a topology dependent key management scheme that exploits node location information to built a key-tree hierarchy, in the absence of any other information. When routing information is available, we first propose a simple heuristic al- gorithm that takes into account the energy required to deliver a message to each member of the communication group. We illustrate the impact of different routing strategies on the energy efficiency of the key management schemes. Finally, we propose a cross-layer design based on network flows, that explicitly takes into account the flow of the information from the GC to the members of the communication group, and show that its performance is within a bound from the optimal solution. Our cross-layer designs for key management lead to a significant reduction in energy expenditure compared to previous approaches that did not take into account the network topology [21, 111, 112].

1.1.2 Secure Location Estimation in Wireless Ad Hoc and Sensor Networks

Wireless ad hoc and sensor networks primarily provide network services, such as environ- ment monitoring, and/or user communication. While communication among users does not always require knowledge of location information, in environmental monitoring application collected data need to be correlated with the geographical position where the information is recorded. As an example, the report for an overheated room from a sensor si is useful

only when the report is associated with the location (x_i, y_i) of s_i. Given the location of the

sensor, one can react either using the network itself (actuation networks), or using some external intervention method. Hence, nodes need to be aware of their positions in order to stamp the reported events with the location where the events occurred. Finally, location

is assumed to be known in many ad hoc network protocols such as the key management scheme we develop in this dissertation, or geographical routing [6].

Since ad hoc networks may be deployed in a non-deterministic way, the position of the nodes cannot be known a priori. Hence, nodes need to estimate their location via a process known as the location estimation process or the localization process [4, 15, 31, 44, 45, 81, 83, 84, 94, 104, 106, 117]. The use of the widely available Global Positioning System (GPS) [45] may not be feasible, since the network devices are envisioned to be low-cost and have a small form factor. Furthermore, even if GPS-enabled devices are assumed, GPS cannot be employed in indoor environments. Hence, a number of techniques have been proposed for node localization in ad hoc networks that do not make use of the GPS, except for a small number of reference points [4, 15, 44, 81, 83, 94, 104, 117]. These techniques investigate the problem of location estimation in a non-adversarial setting.

However, ad hoc networks may be deployed in hostile environments where nodes operate untethered. The network becomes vulnerable to conventional and new attacks [48, 52, 85] aimed at interrupting the functionality of location-aware applications and network functions by exploiting the vulnerabilities of the location estimation process. Hence, one needs to ensure that the location of nodes is robustly estimated in the presence of adversaries.

In this dissertation, we investigate the problem of secure location estimation in the pres- ence of adversaries. We propose SeRLoc, a novel range-independent localization scheme for wireless ad hoc networks based on a two-tier network architecture, that achieves de- centralized, resource-efficient robust node localization, and can accommodate limited node mobility. We illustrate well known security threats against the localization process, such as the wormhole attack [48, 85], the Sybil attack [32, 82], and compromise of network entities, and provide mechanisms that allow each node to determine its location even in the presence of those threats. Furthermore, we analytically evaluate the probability of success for each type of attack using spatial statistics theory [29]. Based on our performance evaluation, we show that SeRLoc localizes nodes with higher accuracy than state-of-the-art decentralized range-independent localization schemes [15,44,81,83], and is robust against varying sources of error. We also present HiRLoc, a high resolution localization algorithm that improves the accuracy of SeRLoc, while not degrading its robustness to attacks.

1.1.3 Graph Theoretic Framework for Preventing the Wormhole Attack in Ad Hoc Net- works

One severe attack in ad hoc networks, able to disrupt vital network function such as the location estimation process [63–65], routing [48,52,85], and the data aggregation process [96] is the wormhole attack. In the wormhole attack, the adversary establishes a low-latency unidirectional or bi-directional link, such as a wired or long-range wireless link, between two points in the network that are not within communication range of each other. The attacker then records one or more messages at one end of the link, tunnels them via the link to the other end, and replays them into the network in a timely manner. The wormhole attack is easily implemented and particularly challenging to detect, since it does not require breach of the authenticity and confidentiality of communication, or the compromise of any host.

In this dissertation, we present a graph theoretic framework for modeling wormhole links and derive the necessary and sufficient conditions for detecting and defending against wormhole attacks. Based on our framework, we show that any candidate solution preventing wormholes should construct a communication graph that is a subgraph of the geometric graph defined by the radio range of the network nodes. Making use of our framework, we propose a cryptographic mechanism based on local broadcast keys in order to prevent wormholes. Our solution does not need time synchronization or time measurement, requires only a small fraction of the nodes to know their location, and is decentralized. Hence, it is suitable for networks with the most stringent constraints such as ad hoc networks.

1.1.4 Stochastic Coverage for Heterogeneous Sensor Networks

Sensors networks may be deployed to monitor physical properties such as temperature, humidity, air quality, or track the motion of objects moving within the F oI. The availability of monitoring information can be measured by computing the coverage of the F oI, achieved by the sensor network deployment. Coverage quantifies how well a F oI is monitored1_{. The}

1_{Once the information has been collected by the sensors, an additional mechanism known as data aggre-}

coverage problem has been studied under different objectives, depending on the requirements and constraints of the applications. If the location of the deployed sensors can be pre- selected, the coverage problem reduces to the problem of finding the optimal placement for sensors such that a target coverage is met [51, 92].

However, for large sensor networks, it is impractical to perform deterministic coverage of the F oI, since the number of sensors that need to be placed is often prohibitively large. Instead, sensors are deployed in the field of interest according to a pre-selected distribution. For stochastically deployed sensor networks, the coverage problem quantifies how well the

F oI is monitored when a number of sensors is deployed according to a known distribution.

This problem is also known as the stochastic coverage problem [55, 72, 75, 78, 125].

In this dissertation, we analyze the following stochastic coverage problem. Given a planar

F oI and N sensors deployed according to a known distribution, compute the fraction of

the F oI that is covered by at least k sensors (k ≥ 1). The problem can also be rephrased as, given a F oI and a sensor distribution, how many sensors must be deployed in order for every point in the field of interest to be covered by at least k sensors with a probability p (k- coverage problem) [125]. We formulate the stochastic coverage problem as a set intersection problem, arising in Integral geometry and Geometric Probability [102]. Our formulation allows us to derive analytical coverage expressions even when the sensors have heterogeneous sensing capabilities and are deployed according to any stochastic distribution.

1.1.5 Detecting Mobile Targets in Heterogeneous Sensor Networks

Target detection and field surveillance are among the most prominent applications of Wire- less Sensor Networks (WSN). The quality of detection achieved by the deployment of a WSN can be quantified by evaluating the probability of detecting a mobile target cross- ing an FoI. For the purposes of target detection, a smaller number of sensors needs to be deployed compared to the number of nodes that must be deployed to achieve coverage of the F oI, since sensors have the opportunity to detect a mobile target along its trajectory within the F oI.

sensors are deployed to monitor a F oI. We map the target detection problem under both stochastic and deterministic sensor deployment, to a line-set intersection problem, and derive analytic formulas using tools from Integral Geometry and Geometric Probability. Compared to previous works, our formulation allows us to consider a heterogeneous sensing model, where each sensor can have a different and arbitrary sensing area.

For stochastic sensor deployment, we also analytically evaluate the mean time until a target is first detected, a critical measure for timely detection. For the deterministic de- ployment case, we show that the probability of detecting a target increases as the distance among the sensors monitoring the F oI increases. We also show that the number of terms re- quired to compute the placement of sensors that maximizes the target detection probability, grows exponentially with the number of sensors that monitor the F oI.