- Open Access
Energy-efficient cluster-based security mechanism for intra-WBAN and inter-WBAN communications for healthcare applications
© Ali and Khan; licensee Springer. 2013
- Received: 31 January 2013
- Accepted: 31 July 2013
- Published: 27 August 2013
Wireless body area networks (WBANs) are formed by using tiny health monitoring sensors on the human body in order to collect and communicate the human personal data. WBANs serve as a solution to facilitate the tasks performed in the medical sector, and minimize the chances of errors during the process of medical diagnosis. Due to the unreliable wireless media, the communication in a WBAN is exposed to a variety of attacks. These attacks pose major threats to WBAN security. In order to overcome these threats, several cryptographic techniques have been proposed in the recent past. Effectiveness of these cryptographic techniques largely depends on a good key management scheme. However, using an expensive key management scheme is not feasible in highly resource-constrained WBANs. Therefore, we propose and evaluate an energy-efficient key management scheme for WBANs that takes into account available resources of a node during the whole life cycle of key management. Our proposed scheme is a cluster-based hybrid security framework that supports both intra-WBAN and inter-WBAN communications. By using multiple clusters, energy-efficiency can be ensured. The cluster formation process itself is secured by using electrocardiogram (EKG)-based key agreement scheme. The proposed technique is hybrid because we use both preloading of keys and physiological value-based generated keys. We use highly dynamic and random EKG values of the human body for pairwise key generation and refreshment. The performance comparison of our proposed cluster-based key management scheme and low-energy adaptive clustering hierarchy (LEACH)-based key agreement scheme shows that the proposed scheme is secure, more energy-efficient, and provides better network lifetime.
- Wireless body area networks (WBANs)
- Key management
Wireless body area network (WBAN) is a special kind of network, which is formed by putting the biometric sensors on the human body. In other words, a human body wearing the biometric sensor clothes forms the WBAN . Due to resource limitations, WBANs need a number of sensor nodes to collect physiological data from the body of its wearer in a safe and secure manner. Each WBAN also contains a single centralized entity called personal server (PS), which gathers data from the sensor nodes using multi-hop communication. The PS acts as a gateway between the body on which it resides and the outside world. There are two types of communications in WBANs; intra-WBAN communication, and inter-WBAN communication. The on-body communication among the sensor nodes is called intra-WBAN communication. Inter-WBAN communication occurs between PSs residing on two or more bodies, i.e., WBANs.
The applications of WBANs include the monitoring of human health remotely. In this type of application, the health monitoring sensors are implanted on the human body. These sensors collect personal data from the host body and send it to remote medical servers located in the hospital. Similarly, inter-WBAN communication can be applied to the health monitoring system, for example, monitoring the health of patients while they are doing their normal routine work (i.e., somewhere in market, home, office, or even in the playground). In this case, WBANs (sensor-clothed bodies) will be scattered and the sink or remote base station (RBS) will not always be in their range. Therefore, WBANs must cooperate with one another using hop-by-hop communication in order to reach the RBS (sink), and the RBS further communicates with the medical server (MS) through the internet. Another application scenario of inter-WBAN communication could be monitoring the health of soldiers in a battlefield. After deployment, nodes that are far away from the RBS, located in a safe zone, will have to communicate in a hop-by-hop fashion in order to reach the RBS. In this scenario, the nodes (WBANs) act as routers to forward data to the RBS. In both the applications, the WBAN (single human body) may not always be in the range of the remote MS or the RBS. So, along with intra-WBAN communication, there is a need for inter-WBAN communication in order to deliver data to the destination, i.e., through PS to MS. Securing intra-WBAN and inter-WBAN communications means securing the human lives because both kinds of communications involve the human personal data to be delivered to the medical server. Hence, the security of WBANs is essential.
Wireless sensor network
Wireless body area network
Monitored environment (meters/kilometers)
Human body (centimeters/meters)
Number of nodes
Many redundant nodes for wide area coverage
Fewer, limited in space
Large number of nodes provide accuracy
Few nodes, need to be robust andaccurate
Node performs a dedicated task
Node performs multiple tasks
Small is preferred, but not important
Small is essential
Very likely to be fixed or static
More variable due to body movement
Most often homogeneous
Most often heterogeneous
Performed easily, nodes are even disposable
Replacement of implanted nodes isdifficult
Several years or months
Several years or months, smaller battery capacity
Accessible and can be replaced easily and frequently
Inaccessible and difficult to replace in an implantable setting
Likely to be large, energy supply easier
Likely to be lower, energy supply more difficult
Energy scavenging source
Most likely solar and wind power
Most likely motion (vibration) andthermal (body heat)
Not a consideration in most applications
A must for implants and some external sensors
Higher to protect personal information
Impact of data loss
Likely to be compensated by redundant nodes
More significant, may require additional measures to ensure QoS and real-time data delivery
Bluetooth, ZigBee, GPRS, WLAN, etc.
Low power technology required
Key management support from application
Yes, sensor nodes not required togenerate random numbers
Not possible in most cases
Possible rather inevitable in some cases
In this paper, we propose a secure cluster-based key management scheme for both intra-WBAN and inter-WBAN communications. In intra-WBAN communication, we use physiological value (PV)-based solution for establishing trust among sensor nodes. PV is a stimulus from human body, which is used for generating pairwise keys. The advantage of PV-based solution is that the generated keys on both sender and receiver sides are the same, because both the sender and the receiver use the same PVs for generating the key. We use electrocardiogram (EKG) as a PV to generate pairwise keys in intra-WBAN communication, which eliminates the key distribution process [5, 8–10]. Due to the highly dynamic nature of the human body, it produces time-variant PV, i.e., EKG, which results in addition and removal of nodes without rekeying . In intra-WBAN communication, the cluster formation is done on the basis of residual energy and distance . The leader solicitations are made secure to avoid sinkhole-like attacks by using secure cluster formation using EKG-based keys. For secure cluster formation and exchange of EKG blocks in intra-WBAN communication, we use EKG-based generated pairwise keys using keyed-hashing digest. Keyed-hashing message authentication code (HMAC-MD5)  ensures the authenticity and integrity of the EKG blocks exchange process between communicating sensors in intra-WBAN communication. Securing communication among the sensors is done in two steps. In the first step, trust is established between the sensors, and in the second step, data communication is carried out on the basis of that trust. Trust establishment is the process of agreeing upon a common key for secure communication . While in inter-WBAN communication, secure cluster formation and communication is done through preloaded pool of keys. The reason of using preloading-based keys is that existing PV based key management schemes of WBANs are designed by keeping in mind the characteristics of intra-WBAN communication, i.e., these networks are small in size and scale, and the communication is done over a single body. Whereas, in inter-WBAN communication, the communication involves two or more bodies (WBANs), therefore, EKG-based scheme cannot be applied in this case. Moreover, in inter-WBAN communication, the security requirements are totally different from those of intra-WBAN communication e.g., there is an additional risk of physical attacks in inter-WBAN communication such as node capture, tampering, as well as unknown pre-deployment network topology etc.
An important requirement of inter-WBAN communication is the efficiency of energy, which increases the lifetime of a network. For this purpose, we use an energy-efficient secure cluster formation technique in inter-WBAN communication. The PS acts as a single node and represents the whole WBAN in inter-WBAN communication. To communicate multiple WBANs, only the PS will communicate with another PS and will choose one PS as a cluster head (CH). For example, consider three WBANs A, B, and C having personal servers PS1, PS2, and PS3, respectively. Now if A wants to communicate with B or C, it will communicate through PS1 to PS2 or PS3 and the ordinary sensor nodes on A, B, and C will not take part in inter-WBAN communication. Our technique for clustering in inter-WBAN communication is based on the residual energy of the PS and the distance between PSs of two communicating WBANs. We use a pool of keys and then randomly select some keys from that pool. These randomly selected keys from CH are assigned to cluster members (CMs) in the pre-deployment phase.
Notations used in the paper
Wireless body area network
Secret key preloaded in all sensors
Wireless sensor network
Message authentication code
Electrocardiogram is the interpretation of the electrical activity of the heart for a specific period
K n and
K n is the key selected from the key pool, and is the hashed key obtained as a result of the hash of K n
Physiological value is a biological characteristic of the body
Pairwise key established between SN a and SN b
IDSNa,IDSNb, IDps, IDSNs
Identifiers of sensor nodes a, b,personal server, and networkrespectively
Random number generated during the communication process tocheck the transaction freshness
Medical server located in hospital
Broadcast message used to refresh key in the network
Remote base station
Subset of P
The on-body communication
Randomly selected key from thepool
The communication between two or more WBANs
Keyed-hashing for message authentication
Sensor node ‘a’
Sensor node ‘b’
K i ′
Integrity check key
Network key for broadcastauthentication
The number of competing nodes
Probabilities of occurrence of CH
Distance from RBS
The remaining of the paper is organized as follows: In Section 2 the related work is explained. Section 3 presents the system model, while Section 4 describes our intra-WBAN communication security technique. In Section 5 the technique for inter-WBAN communication is explained. Section 6 presents the performance evaluation of our proposed technique, and Section 7 concludes the article.
Clinical prototypes for implantable and wearable health monitoring sensors have been designed recently. These devices are used for monitoring human body over long periods of time [17, 18]. Most of the work concerns bio-compatibility, power-efficiency, and reliability. Therefore, ensuring the security of communication among these devices is important [19, 20]. Medical sensors used in a pervasive healthcare system have very limited capabilities. Hence, in general, a complex, computationally intensive security mechanism such as public-key infrastructure [21, 22] is not suitable for securing medical sensor communication in the context of pervasive healthcare. Similarly, authors in [23, 24] present the pre-deployment-based strategy to protect the communication in distributed sensor networks. Techniques such as message-in-a-bottle  are also not suitable for WBANs as they involve the use of a Faraday cage, which increases the involvement of the host, i.e., the host will put the Faraday cage in the WBAN. A technique concerning the security of implantable devices is presented in , which describes the use of biometrics as a tool for generating cryptographic keys for secure inter-sensor communication. Due to the extremely dynamic properties of human body, it can produce many specific physiological values that are time-variant and difficult to guess. These time-variant properties for cryptographic purposes ensure strong security and eliminate key distribution [5, 8–10]. Both sender and receiver can now measure the physiological values from their environment, generate pairwise keys, and use them for security purposes whenever they intend to communicate .
In [9, 10] the authors use EKG as a physiological measure for generating cryptographic keys for secure inter-sensor communication. Both communicating sensors first sense the EKG values and then by applying certain hashing and watermarking technique, exchange these values for generating common keys for communication. In [27, 28] the authors proposed a pairwise key management protocol which uses accelerometer (handheld device) data as a PV for generating the keys. The scheme works by physically shaking the communicating devices. After shaking the user has to press ‘authenticate now’ button to synchronize the accelerometer signal measurement process and execute the protocol. In  the authors propose a preloading-based scheme for key management in WBANs; however, the technique suffers from lack of variations. Key refreshment is also an issue with the preloading-based schemes. Also, most of the preloading-based schemes suffer from forward secrecy problems. In  the authors use PV-based keys for secure cluster formation. The idea of cluster-based secure key agreement protocol for WBANs is presented in . The authors consider the WBAN as a single cluster and the PS is considered as the CH. The network is assumed to be a heterogeneous WSN, which consists of a powerful high-end sensor (H-sensor) node and several low-end sensor (L-sensors) nodes.
Several techniques are available in the literature for selecting CH in a cluster. In  CH is chosen on the basis of node ID. In  a cluster-based protocol uses randomized rotation of local CHs to evenly distribute the energy load among sensors in the network. In  optimal CH selection is done using multi-objective particle swarm optimization. The above approaches do not consider security of the protocols or techniques that are used for cluster formation. Also in the context of WBANs, the abovementioned techniques are very complex and expensive due to limited resources of the nodes in WBANs. In  the authors propose a secure cluster formation scheme, which is based on microTesla protocol. MicroTesla protocol uses pre-deployment and public-key cryptography which is expensive in WBANs. The scheme proposed in this paper presents a secure cluster-based approach to choose an optimal CH on the basis of residual energy and distance of nodes present in WBANs.
Inter-WBAN communication involves CHs and CMs communication. CMs are PSs located on the body in WBANs to collect information or biometrics from sensors and then transmit to CHs. PSs are body base stations, which are more powerful devices attached to the human body. CHs are tamper-resistant devices that are well-protected against routing attacks and adversaries.
When PS receives this m 2, first it calculates the KSNa,SNb by applying the keyed-hash function on the calculated EKG values, IDSNa and IDSNb. As EKG values are same on both sides, KSNa,SNb generated by SNa will also be same as that of SNb. SNa decrypts the message with KSNa,SNb and compares IDSNb and received EKG values with the decrypted message IDSNb and EKG values on SNa to ensure that both parties have generated the same key. The message authenticity is checked by SNa through MAC verification with KSNa,SNb. The communication between PS and sensor nodes is done through the IDPS. PS broadcasts its ID to the whole network. Sensor nodes generate KPS,SN by applying keyed-hash function on IDSN, IDPS, and EKG values. SN encrypts data by KPS,SN and sends its ID, encrypted data, and MAC of these values to PS. PS then generates the key and decrypts the data. Authentication of PS is done by MAC.
4.1 Secure cluster formation in intra-WBAN communication
where Tsign and Texpire are issuance and expiry time for the certificate respectively. Also, Data contains the information of the node’s residual energy and distance from PS of the WBAN. Upon receiving this message, every node in the WBAN verifies the certificate by using MAC. For renewal of the certificate, the Tref is used and all certificates must be renewed within this Tref time interval.
4.2 Key refreshment in intra-WBAN communication
The inter-WBAN communication is used for the delivery of data from PS to the remote sink. We consider the inter-WBAN communication as a hierarchical structure, in which more powerful sensors act as CH. The hierarchical structure has the advantage of local data processing, which reduces communication load in the network in order to provide a scalable solution.
5.1 Key pre-distribution
Step 1. For each PS, randomly select one key k i from the key pool and generate a new key by applying one-way hash function on the PSID and k i . This newly generated key () is assigned the same key ID as that of k i . Put along with corresponding key ID into PS’s memory.
Step 2. Each CH is preloaded with all S keys of the key pool. Further, RBS and each CH are loaded with a special key KM known as the master key.
5.2 Secure cluster formation in inter-WBAN communication
Traditional cluster formation protocols are vulnerable to attacks. The protocols work by choosing the CH after the deployment of nodes [39, 40]. In inter-WBAN communication, the clusters are formed to efficiently deliver data to the remote sink. The proposed work chooses the CH on the basis of residual energy and distance from the RBS . Each node calculates its position by using any technique such as positioning through global positioning system (GPS) or any of the GPS-free positioning techniques available in the literature [41–43]. Each node in the network broadcast its residual energy and distance. Nodes with optimal value of T(n) in Equation 2 are selected as CHs. The CH selection process is shown in Figure 4, where CH selection in cluster B is done by measuring its distance from the RBS directly. Node 1 in cluster B is selected as a CH because it has the minimum distance from the remote base station and also has maximum residual energy as compared to the other members in the same transmission range. Similarly, node 4 in cluster A is selected as CH because its distance from the RBS is lesser and its residual energy is maximum within that transmission area. The distance between the sender node and the RBS will be the total cost of the path (summation of all distances on the path to RBS). After the CH is selected, the nodes within its transmission range with minimum distance from the CH are declared as CM for that particular CH. The cluster formation process is as follows:
Each CH broadcast its solicitation beacon, which contains its ID and control information.
Upon receiving the solicitation beacon, each CM decides to join the cluster of a CH such that the distance of the CM from this CH is minimum as compared to the distances from other CHs.
Each CM now sends a join request to the CH whose cluster it wants to join.
5.3 Neighborhood discovery in inter-WBAN communication
After the completion of cluster formation, all the WBANs broadcast solicitation beacons in order to discover their neighbors in a cluster.
5.4 Inter-cluster and intra-cluster pairwise keys generation in inter-WBAN communication
In both types of communications, the CH performs long-distance communication and also performs some extra tasks due to which its energy reduces with higher ratios as compared to the CM nodes. Due to this issue, the cluster has to be reorganized at regular intervals by choosing CHs from CM nodes. Re-clustering will also be performed when a node is reconfigured as well as when the CH leaves especially in inter-WBAN communication.
5.6 WBAN addition
The authentication of the new PS is done by using the RBS. The RBS validates the received message and computes the MAC on IDPS u ∥ RN u using the master key K M . The RBS has the master keys of all sensor nodes. If computed MAC matches with the corresponding received MAC, the node PS u is considered as a legitimate node.
5.7 WBAN eviction in inter-WBAN communication
PS eviction means that any PS in the cluster leaves its region for any reason (power consumption, node emigration, node capture, etc.). In this case, we propose two cases for PS eviction.
Case 1. Member PS eviction occurs when the CH does not receive the solicitation beacon from a certain PS for a specific duration. In this case, CH sends a query message to that PS and waits for a reply. If it does not receive a reply within a certain time, the CH sends a message to its entire member WBANs to inform them to delete the PS with a certain ID from the list of neighbors.
Case 2. In CH eviction when a CH leaves the cluster, two steps must be taken. First, the CH sends messages to its entire members to inform them that it is going to leave. Another PS is selected as CH by using the Equation 2. Secondly, if the CH leaves surreptitiously, the entire cluster members will not receive the CH beacon for a certain period, and then another PS is selected as CH by the same Equation 2.
5.8 Key refreshment in inter-WBAN communication
After receiving m 2, PS i generates ICK and Knet by extracting nonceCHa, and the keys are verified by checking the MAC value. Master key KM is refreshed by RBS. RBS sends random integer r to CH for the refreshment of KM; CH generates new KM by applying hash function on r and the old KM.
In this section, the proposed cluster-based WBAN technique is analyzed with respect to security, storage, and energy consumption of nodes. Both intra-WBAN and inter-WBAN communications involve routing, in which the nodes (CMs) transmit data to the CH, which relays the information to the RBS and then to the MS. All experiments were performed using MATLAB (Mathworks, Natick, MA, USA). For key generation, the EKG data of 31 patients are taken from the MIT Physiobank database . Clustering is performed for ten rounds for both proposed and LEACH-based schemes.The simulation area is kept as 100×100 m for 60, 100, and 300 nodes.
6.1 Security analysis
In this subsection, the security analysis of the proposed scheme is demonstrated based on (a) resilience against routing attacks, and (b) personal server compromise.
6.1.1 Resilience against routing attacks
Routing attacks include spoofed, altered, or replayed routing information; selective forwarding; sinkhole attack; Sybil attack; and wormhole attack etc. Detailed description of all these attacks can be found in . In the following, we discuss how the proposed technique defends against these attacks.
Sybil attack involves the attack in which a single node appears with multiple identities. The communication between two PSs in a WBAN is done through pairwise keys. When PS i wishes to send data to PS j , MAC is computed by using the shared pairwise key between PS i and PS j . These pairwise keys are only known to PS i and PS j so no adversary can pretend to be PS i unless PS i is compromised. Thus, Sybil attack can be prevented.
The proposed cluster-based routing in WBAN includes two types of routing in inter-WBAN and intra-WBAN communications i.e., intra-cluster routing, and inter-cluster routing. For intra-cluster routing, all CMs send data only to the CH. For inter-cluster routing, the data packets are forwarded only through CH in the cluster. Other nodes in the cluster do not participate in routing. An adversary is not able to route in the proposed routing structure, therefore, the proposed technique is well protected against wormhole and sinkhole attacks. Also in intra-WBAN communication, the sinkhole is prevented by applying MAC using the EKG-based keys.
The routing information is distributed by the CH. Since CH in the WBAN is a high-end device, has tamper-resistant hardware, and is well protected against routing attacks, it cannot be compromised by an adversary. A CH appends keyed MAC to each routing control message. Only the intended CM and CH know the key used to generate MAC so the adversary is unable to inject false information in the WBAN. Due to these factors, selective forwarding attacks cannot be launched on CH. To defend the selective forwarding attack on PS in WBAN, PacketID is used. Each PS is responsible to confirm that its successor has successfully forwarded the packet by overhearing the transmission.
6.1.2 Dieharder tests for randomness
In the proposed work, keys are generated for 25 different subjects using the EKG data taken from MIT Physiobank. The Dieharder  testing suite is applied on the keys generated from the EKG data. Dieharder includes tests from DIEHARD  battery of tests, Statistical Test Suite developed by the National Institute for Standards and Technology, and also new tests developed by the Dieharder team.
For each statistical test, a set of P value is produced. The P value is the probability of obtaining a test statistic larger than the one observed if the sequence is random. Hence, small values are interpreted as evidence that a sequence is unlikely to be random. The decision rule in this case states that ‘for a fixed significance value α, a sequence fails the statistical test if it’s P value<α’. A sequence passes a statistical test whenever the P value ≥ α and fails otherwise. Authors in  assume that a test is considered failed if it outcomes a P value less than or equal to 0.0001 or greater than or equal to 0.9999. It results in a 95% confidence interval of P values between 0.0001 and 0.9999.
Dieharder testing suite results for randomness of EKG generated keys
AverageP value of 25 keys
1 to 16
0.424347 to 0.674048
1 to 12
0.438929 to 0.647891
2 to 5
0.326321 to 0.534724
0 to 32
0.420681 to 0.737265
The sts serial, rgb bitdist, and rgb minimum distance are the set of tests. For the sts serial test, the value of N-tuple is from 1 to 16 and produces the P value between 0.424347 and 0.674048. Similarly, rgb bitdist have the value of N-tuple ranging from 1 to 12 and produces the P value between 0.438929 and 0.647891. The generated keys pass each and every test in the suite, which shows the degree of its randomness.
6.1.3 Personal server compromise
6.2 Storage overhead analysis
6.3 Communication and computation complexity
In intra-WBAN communication each time a key is refreshed, the whole process is repeated, i.e., the features are extracted and quantized, and then the keys are generated after the feature exchange process between the communicating sensors. Also in intra-WBAN communication, the key establishment latency (join and leave latency) occurs very rarely, as the node leaving and joining occurs only when the node failure happens, e.g., due to power failure or malfunctioning. Hence, due to these properties of intra-WBAN communication, its communication and computation costs are relatively minimal.
Due to the availability of powerful devices and high resources, inter-WBAN communication resembles the communication in WSNs. Therefore, we compare our proposed inter-WBAN communication scheme with LEAP+ , which is a lightweight extensible authentication protocol for WSN security. In inter-WBAN communication, the WBAN (node) joining and leaving may occur very frequently, so the keys need to be refreshed regularly thereby affecting the computation and communication costs of the scheme. The computation cost depends upon the total number of encryptions and decryptions taking place in the key agreement process. In a cluster-based key agreement scheme, the number of decryptions is equal to the network size (N) because every node has to decrypt the message.
Also in cluster-based schemes, CH encrypts the message once for all its CMs. Thus, the total number of encryptions depends upon the network size and can be at most N. So, for a network of size N, the average number of symmetric key operations a node performs during cluster key generation and updating is (2 S/N), where S is the sum of all encryptions and decryptions, while N is the network size. So the computation complexity of the proposed work is dependent upon the degree of connectivity (d) and network size N and can be given as O(d2/N). Table 4 shows that the computation and communication complexity of both the schemes are same, but the number of messages sent by the proposed scheme are less than that of the LEAP+, which reduces the computation as well as the communication costs of the protocol. This is because the communication cost is the sum of all costs incurred during transmission and reception of the messages for the key agreement, key refreshment, and node addition and revocation. In cluster-based key agreement, the communication cost is dependent upon the degree of connectivity of the nodes, i.e., the increase in the connectivity will increase the communication cost. The communication cost is the same as the computation cost because every node has to send and receive keys for cluster key revocations. However, in case of communication cost, the number of messages transmitted will affect the total cost and the proposed scheme sends lesser number of messages than the LEAP+ scheme. This is because the message overhead is a much bigger concern than the computation overhead. It has been shown that the energy for computing one MAC is equivalent to transmitting only a single byte ; as for every message received, the node will have to calculate the MAC and will update its neighbor table.
Communication and computation complexity
Number of message
6.4 Energy consumption
In Equation 13, data_packet represents the number of packets transmitted during the cluster formation process, e _elect represents the energy consumed in the electronics, while e _emp is the energy consumption in amplifier. LEACH divides the network into clusters and the operation in LEACH is divided into rounds. In the first round, the CH is elected among the number of nodes. The election of CH uses probabilistic approach. LEACH introduces randomized rotation role of CH between member nodes to balance the energy conservation among nodes.
The above figures and discussion clearly show that the proposed scheme performs better than the LEACH-based scheme in case of energy consumption, network lifetime, and cluster formation.
WBANs play an important role in providing better healthcare services by using continuous and real-time monitoring of health information. Before using WBANs on real test beds, one must address the essential security and energy consumption requirements of WBANs as these requirements increase the usability and usefulness of WBANs. The technique presented in this paper uses clustering in both types of communications, i.e., intra-WBAN and inter-WBAN. In intra-WBAN communication, secure cluster formation is done by using PV-based generated pairwise keys. Introducing secure cluster topology formation to intra-WBAN communication makes the communication energy-efficient and increases the network lifetime. In intra-WBAN secure cluster formation, we compare the proposed scheme with the LEACH-based scheme presented in . The results of our analysis show that the proposed scheme produces better results in terms of energy consumption, cluster formation, and network lifetime. In inter-WBAN communication, the cluster formation process is secured by using pre-deployed keys. The analysis of our proposed inter-WBAN communication scheme in terms of storage and energy efficiency shows that the proposed scheme uses very small number of keys per node, which reduces the storage overhead. Also, the cluster formation process in inter-WBAN communication brings energy efficiency to the scheme.
The security analysis of the proposed intra-WBAN communication scheme shows resilience against different attacks e.g., sinkhole attacks are prevented by using the PV-based generated keys. In addition, replay attacks are prevented by using nonce and time stamps. Similarly, in inter-WBAN communication scheme, the generated keys are random and the probability of repetition of the keys is minimum. The proposed scheme is lightweight and is highly suitable for WBAN applications.
The authors would like to extend their sincere appreciation to the Deanship of Scientific Research at King Saud University for the funding of this research through the Research Group Project no. RGP-VPP-214. The authors would also like to thank the Higher Education Commission (HEC), Pakistan, for its support through the indigenous PhD fellowship program.
- Paradiso R, Loriga G, Taccini N: A wearable health care system based on knitted integrated sensors. Proc. IEEE Trans. Info. Technol. Biomed 2005, 9(3):337-344. 10.1109/TITB.2005.854512View ArticleGoogle Scholar
- Djenouri D, Khelladi L, Badache N: A survey of security issues in mobile ad hoc and sensor networks. IEEE Commun. Surveys and Tutorials 2005, 7(4):2-28. 10.1109/COMST.2005.1593277View ArticleGoogle Scholar
- Wang Y, Attebury G, Ramamurthy B: A survey of security issues in wireless sensor networks. IEEE Commun. Surveys and Tutorials 2006, 8(2):2-23.View ArticleGoogle Scholar
- Perrig A, Szewczyk R, Tygar JD, Wen V, Culler D: SPINS: security protocol for sensor networks. Wireless Netw 2002, 8(5):521-534. 10.1023/A:1016598314198View ArticleMATHGoogle Scholar
- Venkatasubramaniam KK, Gupta SKS: Physiological value-based efficient usable security solutions for body sensor networks. ACM Trans. Sens. Netw. (TOSN) 2010, 6(4):60-68.Google Scholar
- Raazi SMKUR, Lee H, Lee S, Lee YK: BARI+: a biometric based distributed key management approach for wireless body area networks. Sensors 2010, 10: 3911-3933. 10.3390/s100403911View ArticleGoogle Scholar
- Aziz O, Lo B, Yang GZ, AraDarzi: Chapter 1. Body sensor networks - introduction. In Body Sensor Networks. London: Springer-Verlag; 2006.Google Scholar
- Ali A, Irum S, Firdous K, Khan FA: A cluster-based key agreement scheme using keyed hashing for body area networks. Multimedia Tools and Applications 2013, 66(2):201-214. 10.1007/s11042-011-0791-4View ArticleGoogle Scholar
- Ali A, Khan FA: An improved EKG-based key agreement scheme for body area networks,. Proceedings of International Conference on Information Security & Assurance (ISA’10). Springer Berlin Heidelberg (Miyazaki, June 2010)Google Scholar
- Venkatasubramaniam KK, Banerjee A, Gupta SKS: EKG-based key agreement in body sensor networks. In Proceedings of the 2nd IEEE INFOCOM Workshop on Mission Critical Networks. New York; April 2008.Google Scholar
- West BJ: Where Medicine Went Wrong: Rediscovering the Path to Complexity (Studies of Nonlinear Phenomena in Life Science. Singapore: World Scientific Publishing Company; 2006.Google Scholar
- Zarei B, Zeynali M, Nezhad VM: Novel cluster based routing protocol in wireless sensor networks. Int. JComput. Sci. Issues(IJCSI) 2010, 7,4,: 32-36.Google Scholar
- Krawczyk H, Bellare M, Canetti R: HMAC: keyed-hashing for message authentication. (RFC2104., HMAC, February 1997)Google Scholar
- Adelstein F, Gupta SKS, Richard G, Schwiebert L: Fundamentals of Mobile and Pervasive Computing. New York: McGraw Hill; 2005.Google Scholar
- Kausar F, Saeed MQ, Masood A: Key management and secure routing in heterogeneous sensor networks. In 4th IEEE International Conference on Wireless and Mobile Computing, (Networking and Communications (SecPriWiMob 2008). Avignon; 12–14 October 2008.Google Scholar
- Heinzelman WR, Chandrakasan A, Balakrishnan H: Energy-efficient communication protocol for wireless microsensornetworks. In Proceedings of IEEE 33rd Hawaii International Conference on System Sciences (HICSS-33). Hawaii; 4–7 January 2000.Google Scholar
- Van Laerhoven K, Lo BPL, Ng JWP, et al.: Medical healthcare monitoring with wearable and implantable sensors. 3rd International Workshop on Ubiquitous Computing for Pervasive Healthcare Applications (UbiHealth) [Online] Available: http://www.healthcare.pervasive.dk/ubicomp2004/papers/final_papers/laerhoven.pdf
- Darwish A, Hassanien AE: Wearable and implantable wireless sensor network solutions for healthcare monitoring. Sensors 2011, 11: 5561-5595. 10.3390/s110605561View ArticleGoogle Scholar
- Kumar P, Lee HJ: Security issues in healthcare applications using wireless medical sensor networks: a survey. Sensors 2012, 12(1):55-91.View ArticleGoogle Scholar
- Selimis G, Huang L, Massé F, Tsekoura I, Ashouei M, Catthoor F, Huisken J, Stuyt J, Dolmans G, Penders J, De Groot H: A lightweight security scheme for wireless body area networks: design, energy evaluation and proposed microprocessor design. J. Med. Syst 2011, 35: 289-1298.View ArticleGoogle Scholar
- Balfanz D, Smetters DK, Stewart P, Chi Wong H: Talking to strangers: Authentication in ad-hoc wireless networks. In Proceedings of the Symposium on Network and Distributed Systems Security. San Diego, California; February 2002.Google Scholar
- Sampangi RV, Dey S, Urs SR, Sampalli S: A security suite for wireless body area networks. Int. J. Netw. Secur. & Its Appl. (IJNSA) 2012, 4,1,: 97-116.Google Scholar
- Setia S, Jajodia S, ZHU S: LEAP+: efficient security mechanisms for large-scale distributed sensor networks. ACM Trans. Sens. Netw 2006, 2,4,: 500-528.Google Scholar
- Eschenauer L, Gligor VD: A key-management scheme for distributed sensor networks. In CCS Proceedings of the 9th ACM Conference on Computer and Communications Security. New York: ACM; 18–22 November 2002.Google Scholar
- Kuo C, Luk M, Negi R, Perrig A: Message-in-a-bottle: user-friendly and secure key deployment for sensor nodes. In Proceedings of the 5th International Conference on Embedded Networked Sensor Systems (SenSys ’07). New York: ACM; 6–9 November 2007.Google Scholar
- Venkatasubramaniam KK, Gupta SKS, Cherukuri S: BioSec: A biometric based approach for securing communication in Wireless networks of biosensors implanted in the human body. In Proceedings of IEEE International Conference on Parallel Processing Workshops. Kaohsiung; 6–9 October 2003.Google Scholar
- Mayrhofer R: The candidate key protocol for generating secret shared keys from similar sensor data streams. In Proceedings of the 4th European conference on Security and Privacy in Ad-hoc and Sensor Networks (ESAS’07). Berlin; July 2007.Google Scholar
- Mayrhofer R, Gellersen H: Shake well before use: authentication based on accelerometer data. In Proceedings of the 5th International Conference on Pervasive Computing (PERVASIVE’07). Berlin; 13–16 May 2007.Google Scholar
- Venkatasubramaniam KK, Gupta SKS: Security for pervasive health monitoring sensor applications. In Proceedings of IEEE International Conference on Intelligent Sensing and Information Processing (ICISIP ’06). Bangalore; 14–16 December 2006.Google Scholar
- Baker D, Ephremides A: The architectural organization of a mobile radio network via a distributed algorithm. IEEE Trans. Commun 1981, 29,11,: 1694-1701.View ArticleGoogle Scholar
- Heinzelman WR, Chandrakasan A, Balakrishnan H: An application -specific protocol architecture for wireless microsensor networks. IEEE Trans. Wireless Commun 2002, 1(4):660-670. 10.1109/TWC.2002.804190View ArticleGoogle Scholar
- Ali H, Shahzad W, Khan FA: Energy-efficient clustering in mobile ad hoc networks using multi-objective particle swarm optimization. Appl. Soft Comput 2012, 12(7):1913-1928. 10.1016/j.asoc.2011.05.036View ArticleGoogle Scholar
- Sun K, Ning P, Wang C: Secure distributed cluster formation in wireless sensor networks. In Proceedings of Annual Computer Security Applications Conference (ACSAC ’06). Washington, DC; December 2006.Google Scholar
- Laerhoven V, Gellersen H: Spine versus porcupine: a study in distributed wearable activity recognition. In Proceeding of the 8th International Symposium on Wearable Computers. Washington, DC; 31 October to 4 November 2004.Google Scholar
- Ouchi K, Suzuki T, Doi M: Lifeminder: A wearable healthcare support system using user’s context. In Proceedings of the 22nd International Conference on Distributed Computing Systems Workshop. Vienna; July 2002.Google Scholar
- Younis O, Fahmy S: HEED: a hybrid, energy-efficient, distributed clustering approach for ad hoc sensor networks. Proc. IEEE Trans. mobile comput 2004, 3(4):366-379. 10.1109/TMC.2004.41View ArticleGoogle Scholar
- Karlof C, Wagner D: Secure routing in wireless sensor networks: attacks and countermeasures. In Proceedings of 38th International Conference on Communication. New York; 7–9 September 2003.Google Scholar
- Du X, Xiao Y: Energy efficient chessboard clustering and routing in heterogeneous sensor network. Int. J. Wireless and, Mobile Comput 2006, 1(2):121-130. 10.1504/IJWMC.2006.012471View ArticleGoogle Scholar
- Deb K, Pratap A, Agarwal S, Meyarivan T: A fast and elitist multi-objective genetic algorithm: NSGA-II. IEEE Trans. Evol. Comput 2002, 6: 182-197. 10.1109/4235.996017View ArticleGoogle Scholar
- Valle YD, Venayagamoorthy GK, Mohagheghi S, Hernandez JC: Particle swarm optimization: basic concepts, variants and applications in power systems. IEEE Trans. Evol. Comput 2008, 122: 171-195.View ArticleGoogle Scholar
- Capkun S, Hamdi M, Hubaux JP: GPS-free positioning in mobile ad hoc networks. 2002.Google Scholar
- Capkun S, Hamdi M, Hubaux JP: GPS-free positioning in mobile ad-hoc networks. In Proceedings of the IEEE 34th Annual Hawaii International Conference on System Sciences (HICSS-34). Washington, DC; 2008.Google Scholar
- Bar GM, Fidan B, Anderson DO: 2007 Wireless sensor network localization techniques. Comput. Netw 2007, 51: 2529-2553. doi:10.1016/j.comnet.2006.11.018 10.1016/j.comnet.2006.11.018View ArticleMATHGoogle Scholar
- NIH, NIBIB: National Institute of General Medical Sciences, PhysioBankArchive. . Accessed 15 October 2012 http://www.physionet.org/physiobank/database/
- Brown RG: Dieharder: a random number test suite. Accessed 23 October 2012 http://www.phy.duke.edu/~rgb/General/dieharder.php
- Marsaglia G: DIEHARD Statistical Tests. Florida State University; 1995.Google Scholar
- Intel Platform Security Division: The Intel random number generator. Intel Technical Brief, 1999. Retrieved 6 December 2012 http://citeseer.ist.psu.edu/435839.htmlGoogle Scholar
- Feller W: An Introduction to Probability Theory and Its Applications. NewYork: Wiley; 1968.MATHGoogle Scholar
- KaliskiJr BS, Rivest RL: AT Sherman, Is the data encryption standard a group? (results of cycling experiments on DES). J. Cryptol 1988, 1: 3-36.Google Scholar
- Liu D, Ning P: Establishing pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS’03). New York: ACM; 2003:52-61.Google Scholar
- Raffo D: PhD Thesis, Chapter 6: cryptosystems for the ad hoc environment. Université Paris 6, 2005. . Accessed 28 May 2013 http://perso.crans.org/raffo/papers/phdthesis/thesisch6.html Université Paris 6, 2005. . Accessed 28 May 2013
This article is published under license to BioMed Central Ltd. This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.