skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: A New Efficient Scheme for Securely Growing WBAN Nodes
Securely growing or de-growing nodes is a mandatory requirement to manage Wireless Body Area Networks (WBANs). This requirement raises significant challenges in node authentication, backward node authentication, initial node configuration, and node de-growth. Unlike the traditional approaches using pre-stored secrets or relying on special authentication hardware, we explore the characteristics of WBAN and wireless signal to develop an efficient scheme for adding/removing WBAN node securely and effectively. The major idea of the proposed scheme is to construct a 'virtual' dual-antennae proximity detection system by fully utilizing the existing legitimate nodes and the behavior of human body. We built a system prototype on wireless devices and verified our scheme through experiments. In addition, a data mining (clustering) algorithm is also applied to successfully detect newly joined legitimate node and identify potential attackers.  more » « less
Award ID(s):
1744272
PAR ID:
10201833
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
2018 IEEE International Conference on Industrial Internet (ICII)
Page Range / eLocation ID:
159 to 164
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, 2019 International Conference on Computing, Networking and Communications (ICNC))
    null (Ed.)
    Node Authentication and Key Distribution are two tightly correlated security tasks for a secure Body Area Networks (BAN) system. Handling them separately may cause many practical issues. Based on the recent advances on node authentication and (shared) key distribution (including key generation), we propose a new integrated method to securely and efficiently conduct the two tasks. We build a system model with the consideration of passive and active attacks and solve some security risks. One of performance metric, key generation rate is significantly improved in our method. We implement and verify the proposed methods on two test beds. The experimental result demonstrates the effectiveness and efficiency of our proposal. 
    more » « less
  2. ; ; (, IEEE/MIT Undergraduate Research Technology Conference (URTC))
    The recent report by American Society of Civil Engineers gave the nation's bridges an unimpressive C grade. Across the country, more than 617,000 highway bridges: 46,154 structurally deficient and 42% 50+ years old. Continuous bridge assessment is essential to protect public safety. Federal Highway Administration requires all highway bridges inspected once every 24 months. However, any drastic change on bridges within 24 months will be left undetected. Nonetheless, bridge inspection is time-consuming and labor-intensive. Civil engineers have been using bridge health monitoring (BHM) systems with wired and/or wireless sensors to measure structural response (e.g., displacement, strain, acceleration) of a bridge. The response measurements are then converted to the information related to structural health for assessment. State-of-the-art BHM technology deploys sensor networks to facilitate data connection. Installing cables is expensive and subject to extreme weather. Wireless solutions face challenges such as energy consumption. Sensors are battery-powered. Another not well-publicized problem is security threats inherited in wireless networks. Our approach to wireless BHM is to utilize sensors networkless by collecting data with a drone. Similar to a mail carrier who goes around and picks up the mail, a drone collects data from sensors throughout the bridge. A drone eliminates restrictions for civil engineers on node placement since the drone replaces sink nodes. Networkless makes BHM less prone to attacks such as Jamming and DoS. To secure access, we deploy a Needham-Schroeder authentication protocol for the drone to collect data from sensor nodes securely. Networkless sensing for BHM benefits energy efficiency. It saves battery life as the sensor nodes remain asleep until scheduled transmission or woken up by a drone. It reduces design complexity and operation energy. The system also assures security since there is no vulnerable network to be attacked. 
    more » « less
  3. ; ; ; ; ; ; ; (, Asia CCS'22)
    Controller Area Network (CAN) is the de-facto standard in-vehicle network system. Despite its wide adoption by automobile manufacturers, the lack of security design makes it vulnerable to attacks. For instance, broadcasting packets without authentication allows the impersonation of electronic control units (ECUs). Prior mitigations, such as message authentication or intrusion detection systems, fail to address the compatibility requirement with legacy ECUs, stealthy and sporadic malicious messaging, or guaranteed attack detection. We propose a novel authentication system called ShadowAuth that overcomes the aforementioned challenges by offering backward-compatible packet authentication to ECUs without requiring ECU firmware source code. Specifically, our authentication scheme provides transparent CAN packet authentication without modifying existing CAN packet definitions (e.g., J1939) via automatic ECU firmware instrumentation technique to locate CAN packet transmission code, and instrument authentication code based on the CAN packet behavioral transmission patterns. ShadowAuth enables vehicles to detect state-of-the-art CAN attacks, such as bus-off and packet injection, responsively within 60ms without false positives. ShadowAuth provides a sound and deployable solution for real-world ECUs. 
    more » « less
  4. ; (, 2024 International Wireless Communications and Mobile Computing (IWCMC))
    Structural Health Monitoring (SHM) uses wireless sensor network (WSN) to monitor a civil construction’s conditions remotely and constantly for its sustainable usage. Security in WSN for SHM is essential to safeguard critical transportation infrastructure such as bridges. While WSN offers cost-effective solutions for Bridge SHM, its wireless nature expands attack surfaces, making security a significant concern. Despite progress in addressing security issues in WSN for Bridge SHM, challenges persist in device authentication due to the unique placement of sensor nodes and their resource constraints, particularly in energy conservation requirements to extend the system’s lifetime. To overcome these limitations, this paper proposes an innovative authentication scheme with deep learning at the physical layer. Our approach steers away from conventional device authentication methods: no challenge-response protocol with heavy communication overhead and no cryptography of intensive computation. Instead, we use radio frequency (RF) fingerprinting to authenticate sensor nodes. Deep learning is chosen for its ability to discover patterns in large datasets without manual feature engineering. We model our scheme on IEEE 802.11ah, Wi-Fi HaLow of long-range communication and low-power consumption for machine-to-machine (M2M) applications. Simulations and experiments using universal software radio peripheral (USRP) demonstrate the effectiveness of the proposed scheme. By integrating security into Cyber-Physical System/the Internet-of-Things (CPS/IoT) design of WSN for Bridge SHM, our work contributes to critical infrastructure protection. 
    more » « less
  5. ; ; ; ; ; (, 2022 ACM on Asia Conference on Computer and Communications Security)
    Continuous location authentication (CLA) seeks to continuously and automatically verify the physical presence of legitimate users in a protected indoor area. CLA can play an important role in contexts where access to electrical or physical resources must be limited to physically present legitimate users. In this paper, we present WearRF-CLA, a novel CLA scheme built upon increasingly popular wrist wearables and UHF RFID systems. WearRF-CLA explores the observation that human daily routines in a protected indoor area comprise a sequence of human-states (e.g., walking and sitting) that follow predictable state transitions. Each legitimate WearRF-CLA user registers his/her RFID tag and also wrist wearable during system enrollment. After the user enters a protected area, WearRF-CLA continuously collects and processes the gyroscope data of the wrist wearable and the phase data of the RFID tag signals to verify three factors to determine the user's physical presence/absence without explicit user involvement: (1) the tag ID as in a traditional RFID authentication system, (2) the validity of the human-state chain, and (3) the continuous coexistence of the paired wrist wearable and RFID tag with the user. The user passes CLA if and only if all three factors can be validated. Extensive user experiments on commodity smartwatches and UHF RFID devices confirm the very high security and low authentication latency of WearRF-CLA. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email