Section: New Results

Data collection and management

Participants : Thierry Delot, Geoffroy Cogniaux, Arnaud Fontaine, Alia Ghaddar, Michael Hauspie, Samuel Hym, Xu Li, Nathalie Mitton, Tahiry Razafindralambo, David Simplot-Ryl, Isabelle Simplot-Ryl.

Data collection

Wireless sensors networks (WSNs) are deployed to collect huge amounts of data from the environment. This produced data has to be delivered through sensor's wireless interface using multi-hop communications toward a sink. The position of the sink impacts the performance of the wireless sensor network regarding delay and energy consumption especially for relaying sensors. Optimizing the data gathering process in multi-hop wireless sensor networks is, therefore, a key issue. [19] and [18] address the problem of data collection using mobile sinks in a WSN. We provide a framework that studies the trade-off between energy consumption and delay of data collection. This framework provides solutions that allow decision makers to optimally design the data collection plan in wireless sensor networks with mobile sinks.

In [20] , [5] , we focus on information gathering in vehicular ad hoc networks. Until now, only a few research works have addressed this problem. They have lead to solutions relying on push models, where potentially useful data are pushed towards vehicles. To the best of our knowledge, no work has tackled the use of pull models in VANETs. Such models would allow users to send queries to a set of cars in order to find the desired information. In order to propose such a query processing scheme, the main challenge to address is to route the different results towards their recipient in a highly dynamic network where the nodes move very quickly. To solve this issue, we propose GeoVanet, a DHT-based geographic routing protocol which ensures that the sender of a query can get a consistent answer. Our goal is not to compute the query result "instantaneously" but to ensure that the user will be able to retrieve it within a bounded time. To prove the effectiveness of GeoVanet, an experimental evaluation is provided in the paper. It shows that up to 80% of the available query results are delivered to the user.

Another way to optimize data collection is to send data only when necessary. Knowledge discovery and data analysis in resource constrained wireless sensor networks faces different challenges. One of the main challenges is to identify misbehaviors or anomalies with high accuracy while minimizing energy consumption in the network. In [25] , we extend a previous work of us and we present an algorithm for temporal anomalies detection in wireless sensor networks. Our experiments results show that our algorithm can efficiently and accurately detect anomalies in sensor measurements. It also produces low false alarm rate for slow variation time series measurements without harvesting the source of energy.

In data aggregation, sensor measurements from the whole sensory field or a sub-field are collected as a single report at an actor using aggregate functions such as sum, average, maximum, minimum, count, deviation, etc. We propose a localized Delay-bounded and Energy-efficient Data Aggregation (DEDA) protocol [11] , [38] for request-driven wireless sensor networks with IEEE 802.11 CSMA/CA MAC layer. This protocol uses a novel two-stage delay model, which measures end-to-end delay using either hop count or degree sum along a routing path depending on traffic intensity. Itmodels the network as a unit disk graph (UDG) and constructs a localized minimal spanning tree (LMST) sub-graph. Using only edges from LMST, it builds a shortest path (thus energy-efficient) tree rooted at the actor for data aggregation. The tree is used without modification if it generates acceptable delay, compared with a given delay bound. Otherwise, it is adjusted by replacing LMST sub-paths with UDG edges. The adjustment is done locally on the fly, according to the DEsired Progress (DEP) value computed at each node. We further propose to integrate DEDA with a localized sensor activity scheduling algorithm and a localized connected dominating set algorithm, yielding two DEDA variants, to improve its energy efficiency and delay reliability. Through an extensive set of simulation, we evaluate the performance of DEDA with various network parameters. Our simulation results indicate that DEDA far outperforms the only existing competing protocol.

Data management

The use of reliable high-level languages based on virtual machines, such as java, is now possible on systems as small as smart cards or sensors. However, the potential of these languages is widely limited by hardware constraints as memory storage capacity etc. We claim that is lock may be leveraged by coupling cache mechanisms with external memory storages. [40] is a preliminary study of the set up of such an approach. Thanks to simulation based results, we identify three main factors which tend to decrease the performances of cache setting code in Java.

Data security

[41] , [24] presents the enforcement of control flow policies for Java bytecode devoted to open and constrained devices. On-device enforcement of security policies mostly relies on run-time monitoring or inline checking code, which is not appropriate for strongly constrained devices such as mobile phones and smart-cards. We present a proof-carrying code approach with on-device lightweight verification of control flow policies statically at loading time. Policies are expressed by finite automata, the technique is in-between security automata and control flow security policies of Jensen et al. Our approach is suitable for evolving, open and constrained Java-based systems as it is compositional, to avoid re-verification of already verified bytecode upon loading of new bytecode, and it is regressive, to cleanly support bytecode unloading.

While mobile devices have become ubiquitous and generally multi-application capable, their operating systems provide few high level mechanisms to protect services offered by application vendors against potentially hostile applications coexisting on the device. In [23] , we tackle the issue of controlling application interactions including collusion in Java-based systems running on open, constrained devices such as smart cards or mobile phones. We present a model specially designed to be embedded in constrained devices to verify at install-time that interactions between applications abide by the security policies of each involved application without resulting in run-time computation overheads; this models deals with application (un)installations and policy changes in an incremental fashion. We show the feasibility of our approach and its security enhancements on a multi-application use case for GlobalPlatform/Java Card smart cards. This approach is developed in EVe - TCF.

Telecommunication software systems, containing security vulnerabilities, continue to be created and released to consumers. We need to adopt improved software engineering practices to reduce the security vulnerabilities in modern systems. Contracts can provide a useful mechanism for the identification, tracking, and validation of security vulnerabilities. In [8] , we propose a new contract-based security assertion monitoring framework (CB SAMF) that is intended to reduce the number of security vulnerabilities that are exploitable across multiple software layers, and to be used in an enhanced systems development life cycle (SDLC). We show how contract-based security assertion monitoring can be achieved in a live environment on Linux. Through security activities integrated into the SDLC we can identify potential security vulnerabilities in telecommunication systems, which in turn are used for the creation of contracts defining security assertions. Our contract model is then exercised, as runtime probes, against two common security related vulnerabilities in the form of a buffer overflow and a denial of service.