Security Research Based On Wireless Chanel Characters In Body Area Networks

With the development of sensor technology, communications technology and computer technology, wearable sensor nodes and terminal devices which have sensing, computing and communication capabilities continuously come out, so the research on Body Area Networks (BANs) comprising these nodes and devices is currently emerging. Different from traditional networks, BAN is characteristic of open channel, data sensitivity, limited resources, special application and dynamic nature. On the one hand, as BAN communicates through open wireless channel, the attacker can copy, forge and interfere with information to influence the accuracy of the data. If an attacker intentionally interfere with or modify a user’s health data, that may disturb doctors’diagnoses and lead to patients’deterioration or even death. On the other hand, wireless BAN faces two types of privacy threat:location privacy and information privacy. In the applications of BAN, the user’s location is a high-degree personal privacy, but it can be easily detected. Information privacy includes the user’s various physiological parameters, which may be leaked to the third parity without privacy protection. Therefore, BAN’s security has increasingly become research focus.Traditional security research normally focuses on five issues:confidentiality, integrity, availability, authentication and non-repudiation. However, traditional security techniques do not fully meet the security needs of the BAN. As the number of BAN’s nodes is small and they are distributed in small ranges, integrity and non-repudiation can be achieved through authentication; Meanwhile, BAN’s limited resources and dynamic characteristics bring in new challenges on confidentiality and authentication. In addition, due to high sensitivity of BAN’s information and different demands arising from emergencies, there emerge new challenges on availability. Corresponding three security techniques:encryption, authentication and access control are needed to tackle the challenges faced by confidentiality, authentication and availability. Therefore, how to ensure BAN’s security through these three technologies is a major task of the current research.Based on BAN’security demands, this paper conducted research on three important techniques including key distribution between the BAN nodes, authentication between the BAN nodes and access control of the BAN’s external devices, whose details are as follows:(1) Due to BAN’s limited resources and network dynamics, it must have an efficient lightweight encryption to ensure confidentiality. This paper therefore presents a new trend key agreement mechanism based on wavelet transform in wireless body area network (Wavelet-Transform Trend-Based Key Extraction, WTKE). Firstly, WTKE makes full use of the high correlation of RSS values between intra-BAN communications within the channel coherence time. Through4-level Haar wavelet transform, these values can be coverted into trend-based binary. Therefore, the key can be shared between BAN’s nodes even if an eavesdropper (Eve) is present. Secondly, experiments show that the key mismatch rate between Eve and legitimate nodes (Alice or Bob) approaches0.5, which is the same as the probability of random guessing, WTKE security is therefore verified. The key generated by WTKE passes the test of NIST test suite to prove the key’s randomness. Then, this paper compares WTKE with classic amplitude quantization method and previous trend method on two metrics:the secret key rate and the key mismatch rate. It turns out that, compared with classic amplitude quantization, WTKE has advantages on both metrics. Compared to previous trend quantization work, WTKE has lower key mismatch rate. Further, with bringing in sufficient movement, WTKE can also be applied between the nodes and the basestation, and this paper has done a similar experiment for verification. On the whole, WTKE is a lightweight key agreement with low resource consumption and low hardware complexity.(2) As BAN’s network dynamic requires it must have a quick and easy authentication, this paper proposes a lightweight proximity-based authentication mechanism for body area network (RSS Ratio-Based Node Authentication, R2NA), which only uses wireless modules equipped on sensors. With only one sensor and one control unit (CU) in BAN, we could detect a unique physical layer characteristic, namely, the difference between the received signal strength (RSS) measured on different devices in BAN. Through the above-mentioned particular difference, we can tell whether the sender is close enough to be legitimate. We validate our scheme through both theoretical analysis and practical experiments, which are conducted on the real Shimmer nodes. This paper also analyzes the factors that may affect R2NA mechanisms including the position of the sensor, human movement, the environment and body type. After comprehensive analyses, the paper proposes the related parameters about R2NA mechanisms. Finally, this paper verifies R2NA security through experiments, and compares R2NA with BANA (the previous lightweight body area network authentication scheme). The results show that:R2NA has advantaged performance on three metrics and they have the same performance on two metrics. Based on the setup of parameters in this paper, the authentication time of R2NA does not exceed12seconds, and its authentication success rate is close to100%in0.2m range. Furthermore, R2NA can be applied to multiple crowded scenarios.(3) BAN’s limited resources and special applications require it must have a fail-open access control mechanism to meet the availability requirements. This paper proposes a fail-open access control mechanism based on scenario adaptation, that’s to say, BAN under normal situation will require strict access control mechanisms, but in an emergency situation it will require relatively loose access control mechanisms. In order to achieve scenario adaptation, CU (control unit) uses Bayesian methods to do fall recognition to determine whether a scenario is an emergency or not, and then different access control mechanisms would be switched as needed. As to access control technology, this paper proposes two communication solutions to the security requirements of different scenarios, which enable CU to proactively switch access control mechanisms or passively defend through jamming. The proposed access control mechanism also introduces key agreement based on fuzzy vault to protect the communication confidentiality in the normal situation. Further, the proposed mechanism uses R2NA to detect close attribute in normal situations, and close attributes in passive emergency situations can be detected through switching off CU. Finally, this paper analyzes security of the proposed access control mechanism through experiments, which show that even though CU’s jamming power is20dB less than the BAN sensors’ power, the communication transmission from the sensors to the attackers can be totally blocked.In summary, with more applications of BAN, BAN’s security will attract more attention. And the lightweight solutions proposed by this thesis, which use wireless channel characteristics in physical layer, have great significance to improve BAN’s security.