Key management is the core of security protocol for wireless sensor networks deployed in the hostile environment. Due to the strict resource constraints, traditional asymmetric key cryptosystems, such as public/private key based schemes, are infeasible for the wireless sensor networks. The existing random key based key pre-distribution schemes only provide some level of network resilience, as the number of compromised nodes increasing, the fraction of affected pairwise keys will increase quickly. As a result, a small number of compromised nodes may affect a large fraction of pairwise. This paper presents an lightweight key management scheme for wireless sensor networks to address this problem. In the proposed scheme, we use hash function to alleviate the effect of compromised sensor nodes on the uncompromised sensor nodes and at the same time this method doesn't affect the connectivity between neighboring sensor nodes. Compared with existing key pre-distribution schemes, our scheme has better network resilience against node capture attack.
No abstract
This article focus on analyzing and solving the hidden security problems of firewall itself . As a result, it gives a practical solution: the firewall immune system, which secures the firewall system by the Integrity-inspecting Module, and the Audit and Analysis Module.Firewall is one of the main network security products. Its purpose is to construct a relatively safe subnet environment under the hostile network so as to prevent the unpredictable and hidden damaging intrusion. Firewall provides the information security service for a network and functions as the network and information security infrastructure. In order to ensure the network security, the firewall as much as possible shields the internal network detail, the structure and operating conditions by monitoring, restricting and changing the data stream across it.Firewall consists of hardware platform, basic operating system and functional software [1]. Apart from the different performances of the firewall products present nowadays, firewall is essentially a software no matter it is a software firewall or a hardware firewall. However, if the firewall isn't immune to assaults or can't prevent the intruders from entering the network, the possible aftermath is a disaster, no mater the firewall functional software is installed on a common personal computer or is preinstalled together with hardware in a pretty box. Threats to firewallsHackers have all along been studying on the techniques and means to attack firewalls, whose performances demonstrates more and more intelligentization and diversification. However, the attacks on the firewall may be divided into three categories in the process of itself ȱ. Detect what kind of firewall system installed on the target network is and find out what are the services the firewall system allows.ɉ. Evade the authentication mechanism by address deceit, TCP serial number attacks to destroy the firewall and the internal network.ɒ. Find out and make use of the weakness in the design and implement of a firewall system to make an attack purposely, which bears much difficulties but disastrous.No matter what kind of a firewall is, it shows fragility facing the third kind of attack because of the defect inside the firewall[2]. The problem remains even in the products of the Check Point Corp, the leading manufacturer of the firewall makers. The firewalls made by Check Point Corp have its own protocol, RDP with UDP protocol on the 259th port of UDP in the implement. In order to simplify the process of encryption, VPN/FireWall-1 defaults RDP packets to go through the firewall Gateway. Therefore, man-made packets with the head of the RDP can deceive VPN/FireWall-1 although it is not in accordance with the rules. If the attacker had successfully install an application monitoring the 259th port of UDP on the internal network protected by the firewall, he would have successfully bypass the firewall, whose train of thought is similar to the realization of the principle of VPN, that is to say, the attacker hides malicious attack packets in...
Security schemes of pairwise key establishment plays a fundamental role in research on security issue in wireless sensor networks. However, establishing pairwise keys in wireless sensor networks is not a trivial task, particularly due to the resource constraints on sensors. In this paper, we prose an efficient key distribution scheme, in which each sensor node randomly selects two key pools from several different key pools and chooses keys from these key pools. The analysis shows that this proposed scheme can substantially improve the security of existing key predistribution scheme.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.