Senses Lab

SEnsors NetworkS and Embedded Systems Laboratory

Center for Cyber Intelligence and Information Security

Security for Terrestrial and Underwater Sensing Systems

Application scenarios for wireless sensor networks (WSNs) and body area networks (BANs) are extremely diverse and heterogeneous, ranging from smart environment to perimeter sensing, to weather and ambient control, to healthcare, to military applications, and so on. The same diversity is valid for Underwater Acoustic Sensor Networks (UASNs), which are becoming the key enabler for a large set of application scenarios ranging from scientific exploration and commercial exploitation, to homeland security. 

With so much diversity, a one-size-fits-all general design paradigm for security appears far from being effective, if even possible. Thus, our focus is on the development of new security solutions specifically tailored for BANs, WSNs and UASNs. We have developed standard based end-to-end security protocols for the IoT, context-aware decentralized Data Access control for GREEn WSNs, protection mechanims against Denial-of-Sleep attacks for Wake-up-enabled networks, security frameworks and reputation based routing protocols for UASNs.


End-to-end Security Protocols for IoT

The growing number of applications based on Internet of Things (IoT) technologies is pushing towards standardized protocol stacks for machine-to-machine (M2M) communication and the adoption of standard-based security solutions, such as the Datagram Transport Layer Security (DTLS). Despite the huge diffusion of DTLS, there is a lack of optimized implementations tailored to resource constrained devices. High energy consumption and long delays of current implementations limit their effective usage in real-life deployments. The aim of our research is to explain how to design and implement DTLS-like protocols exploiting Elliptic Curve Cryptography (ECC) optimizations and minimizing ROM occupancy. We have implemented several solutions on an off-the-shelf mote platform and evaluated their performance. Results show that our ECC optimizations outperform priors scalar multiplication in state of the art for class 1 mote platforms, and improve network lifetime by a factor of up to 6.5 with respect to a standard-based not optimized implementation.

Angelo Capossele, V. Cervo, G. De Cicco and Chiara Petrioli
Security as a CoAP resource: an optimized DTLS implementation for the IoT
Proceedings of IEEE ICC 2015. London, UK. June, 8, 2015. pp. 549-554.
S. Sciancalepore, Angelo Capossele, G. Piro, G. Boggia and G. Bianchi
Key Management Protocol with Implicit Certificates for IoT Systems
Proceedings of ACM MobiSys 2015 workshop: IoT-Sys 2015. Florence, Italy. May 18, 2010. pp. 37-42.
G. Bianchi, Angelo Capossele, A. Mei and Chiara Petrioli
Flexible key exchange negotiation for wireless sensor networks
Proceedings of ACM WiNTECH 2010. Chicago, IL, USA. September 2010. pp. 55-62.

Security for Green and Ultra Low Power Networks

Can energy harvesting capabilities embedded in modern sensor nodes be exploited so as to support security mechanisms which otherwise would be too demanding and hardly viable? We have tried to answer to this question through several research works. First, we have focused on the support of extremely powerful, but complex, fine-grained data-centric access control mechanisms based on multi-authority Ciphertext Policy Attribute Based Encryption (CP-ABE). By integrating access control policies into the (encrypted) data, such mechanisms do not require any server-based access control infrastructure and are thus highly desirable in many wireless sensor network scenarios. Second, we have further optimized prior pre-computation techniques by exploiting more recent results on Cayley graph expanders and implemented the (Elliptic Curve) Digital Signature Algorithm. Our results show that the energy that micro solar cells and wind microturbines can be exploit to cryptographic processing. We believe that the exploitation of harvested energy for security protocols is a very compelling playground for future creative constructions. A different approach for low power networks foreseen the use of Wake-up-radio-based technology. Thanks to this, they have the potential to achieve low latency data collection at minimum energy cost, thus meeting the challenging lifetime and quality-of-service demands of emerging IoT and WSNs applications. However, the fact that nodes can be remotely activated on-demand makes wake-up-radio-based networks vulnerable to energy exhausting attacks. We developed a full-fledged solution to counteract Denial-of-Sleep (DoS) attacks to wake-up-radio-based sensing systems. A core component of our proposed solution is a key exchange protocol based on Elliptic Curve Cryptography (the Fully Hashed MQV protocol), which we use in conjunction with implicit certificates.

Angelo Capossele, V. Cervo, Chiara Petrioli and Dora Spenza
Counteracting Denial-of-Sleep Attacks in Wake-up-based Sensing Systems
Proceedings of IEEE SECON 2016. London, UK. June, 2016.
G. Bianchi, Angelo Capossele, Chiara Petrioli and Dora Spenza
AGREE: exploiting energy harvesting to support data-centric access control in WSNs
Elsevier Ad Hoc Networks. Vol. 11. 2013, pp. 2625 - 2636.
G. Ateniese, G. Bianchi, Angelo Capossele, and Chiara Petrioli
Low-cost Standard Signatures in Wireless Sensor Networks: A Case for Reviving Pre-computation Techniques?
Proceedings of NDSS 2013. San Diego, CA. February 24-27. 2013.

Security for Underwater Acoustic Sensor Networks

 Despite the increasing interest on UASNs, solutions to secure protocols from the network layer up to the application layer are still overlooked. The aim of this research group is therefore manyfold. We study common threats and countermeasures for UASNs. We also select the most effective cryptographic primitives to build and constantly improve our security framework SecFUN. SecFUN is flexible and configurable with different features and security levels to satisfy UASN deployment security requirements. It provides data confidentiality, integrity, authentication and nonrepudiation by exploiting as building blocks AES in the Galois Counter Mode (GCM) and short digital signature algorithms such as ZSS, BLS and Quartz. We have exploited SecFUN primitives to design and develop R-CARP, a reputation based channel aware routing protocol for underwater acoustic sensor networks (UASNs). R-CARP is an improved version of CARP, the channel aware routing protocol, enriched with a reputation based mechanism to contrast malicious node behavior. To secure R-CARP we employ BLS, a short digital signature algorithm, exploiting its aggregation property to reduce the additional communication overhead. Results of our works show that a flexible and full-fledged security solution tailored to meet the requirements of UASNs can be provided at reasonable costs.
Angelo Capossele, G. De Cicco and Chiara Petrioli
R-CARP: A Reputation Based Channel Aware Routing Protocol for Underwater Acoustic Sensor Networks
Proceedings of ACM WUWNet 2015. Washington DC, USA. October 22-24. 2015.
G. Ateniese, Angelo Capossele, Petrika Gjanci, Chiara Petrioli and Daniele Spaccini
SecFUN: Security Framework for Underwater acoustic sensor Networks
Proceedings of MTS/IEEE OCEANS 2015. Genova, Italy. May, 18--21. 2015. pp. 1-9.
  

SENSESLab Members

  

Selected publications

  • "Low-cost Standard Signatures for Energy-Harvesting Wireless Sensor Networks", ACM Transactions on Embedded Computing Systems. 2016. Full textBibTeX Read more
  • "Counteracting Denial-of-Sleep Attacks in Wake-up-based Sensing Systems". Proceedings of IEEE SECON 2016. London, UK. Jun. 2016. Full textBibTeX Read more
  • "R-CARP: A Reputation Based Channel Aware Routing Protocol for Underwater Acoustic Sensor Networks". Proceedings of ACM WUWNet 2015. Washington DC, USA. October 22-24. 2015. Full textBibTeX Read more
  • "Security as a CoAP resource: an optimized DTLS implementation for the IoT". Proceedings of IEEE ICC 2015. June. 2015. Full textBibTeX Read more
  • "Key Management Protocol with Implicit Certificates for IoT Systems". Proceedings of ACM MobiSys 2015 workshop: IoT-Sys 2015. Florence, Italy. May 18. 2015. Full textBibTeX Read more
  • "SecFUN: Security Framework for Underwater acoustic sensor Networks". Proceedings of MTS/IEEE OCEANS 2015. Genova, Italy. May, 18--21. 2015. pp. 1-9. Full textBibTeX Read more
  • "AGREE: exploiting energy harvesting to support data-centric access control in WSNs", Elsevier Ad Hoc Networks, Vol. 11. 2013, pp. 2625 - 2636. Full textBibTeXOnline version Read more
  • "Low-cost Standard Signatures in Wireless Sensor Networks: A Case for Reviving Pre-computation Techniques?". Proceedings of NDSS 2013. San Diego, CA. February 24-27. 2013. Full textBibTeXOnline version Read more
  • "Flexible key exchange negotiation for wireless sensor networks". Proceedings of the fifth ACM international workshop on Wireless network testbeds, experimental evaluation and characterization. New York, NY, USA : ACM. 2010. pp. 55-62. Full textBibTeXOnline version Read more