無線感測網路(Wireless Sensor Networks,WSNs)是由大量受限計算和傳輸能力之感測節點(sensor nodes)所組成。感測節點的功能便是收集周遭的屬性，像是溫度、濕度、或者是敵人的行蹤等等。近年來無線感測網路漸漸運用在許多環境中，像是生態環境的監控，災難現場的救援，醫院的病人追蹤，和家庭自動化等等。由於感測節點採用無線廣播傳輸，於是需要金鑰管理系統來防止惡意的竄改。然而目前的金鑰管理系統大都植基於傳統平面式同質性感測網路(flat homogeneous sensor networks)，而此架構已被一些文獻證實傳輸速度慢，傳輸電力消耗快，缺乏容錯性(fault-tolerant)和擴充性(scalability)。目前最新的解決方法是異質性叢集感測網路(heterogeneous clustered sensor networks,Hetero. CWSNs)，它利用了閘道器感測節點(gateway sensor nodes)和叢集化(clustering)來解決傳輸速度慢和擴充性的問題。然而一旦閘道器被捕獲(compromised)或故障時，該叢集的感測節點便無法將資料傳回基地台(base station)。此外，異質性叢集感測網路仍無法解決傳輸電力消耗快和缺乏容錯性的問題。
根據以上的觀察，本論文提出混合式叢集感測網路來解決上述的問題。在本論文中，我們將異質性叢集感測網路再細分成多個同質性叢集，因此本架構有兩層叢集頭。高階叢集頭由閘道器擔任，而低階叢集頭則由一般感測節點擔任。本論文保留了閘道器傳輸速度快的優點，並當閘道器被捕獲或故障時，該閘道器管理的感測節點依然可以透過低階叢集頭傳遞資料給基地台。本論文接著模擬叢集內三種資料傳輸方式：直接傳輸(Direct Transmission)，多重跳躍傳輸(multihop transmission)和叢集化(clustering)。模擬結果顯示在感測節點存活時間上：叢集化>直接傳輸 多重跳躍傳輸，而在平均傳遞資料到閘道器的時間上：多重跳躍傳輸>叢集化>直接傳輸。雖然叢集化的傳輸速度沒有比直接傳輸快，但在兼顧存活時間和傳輸速度的考量下叢集化是較好的選擇。最後由於目前的金鑰管理系統皆無法直接套用到混合式叢集感測網路，所以本論文植基於混合式叢集感測網路修改金鑰管理系統LEAP+(Localized Encryption and Authentication Protocol & plus)設計出新的金鑰管理系統C-LEAP+。

Wireless sensor networks (WSNs) consist of a large number of sensor nodes with limited computation and transimisson capability. The function of sensor nodes is to collect surrounding attributes, such as temperature, humidity, or enemy's track. Wireless sensor networks are used in many environments recently, such as the surveillance of the ecological environment, the rescue of the disaster scene, the track of patient in hospital and home automation. Wireless sensor networks need key managemen to prevent malicious tampering due to sensor nodes transmit data by broadcast. However, the existing key managements are most based on traditional flat homogeneous sensor networks, and this structure has be confirmed low transmission rate, fast energy drainage, lacking in fault-tolerant and scalability. The newest solution is heterogeneous clustered sensor networks(Hetero. CWSNs). Hetero. CWSNs employ gateways sensor nodes and clustering to solve the problems of low transmission rate and lacking in scalability. However, once a gateway be compromised or broke down, sensor nodes belong to this gatway cannot forward data to base station. In addition, Hetero. CWSNs still cannot solve the problems of fast energy drainage and lacking in fault-tolerant.
According to the above observations, this thesis proposes hybrid clustered sensor networks. In this paper, we subdivide heterogeneous clustered sensor networks into several homogeneous sub-clustered sensor networks, then the structure has two level cluster heads. Gateways act as high-level cluster heads, and general sensor nodes act as low-level cluster heads. The thesis keeps gateway’s advantage of fast transmission rate, and when a gateway be compromised or broke down, sensor nodes managed by the gateway can forward data to base station anyway by low-level cluster heads. The theis simulates on three transmission type in cluster：Direct transmission, multihop transmission and clustering. Simulation results show that the survival time of sensor node：Clustering > direct transmission multihop, and the average transmission time to gateways：Multihop >clustering > direct transmission. Although the transmission time of clustering is longer than that of direct transmission, clustering is a better choice when giving consideration to survival time and transmission time. Finally, the thesis based on the hybrid clustered sensor networks to modify key management LEAP+ (Localized Encryption and Authentication Protocol & plus)to design a novel key management C-LEAP+ due to the existing key managements cannot apply to the hybrid clustered sensor networks directly.

[1]A. Perrig, R. Canetti, D. Song, and J. Tygar, “Efficient and secure source authentication for multicast,” In Proceedings of 2001 Network and Distributed System Security Symposium, February 2001, pp.35-46.

[2]A. Perrig, R. Szewczyk, J. Tygar, V. Wen, and D. Culler, “SPINS: security protocols for sensor networks,” Wireless Networks, vol.8, no.5, September 2002, pp.228-258.

[3]A. Wander, N. Gura, H. Eberle, V. Gupta, and S. Shantz, “Energy Analysis of Public-Key Cryptography for Wireless Sensor Networks,” In Proceedings of the 3rd IEEE international Conference on Pervasive Computing and Communications, March 2005, pp.324-328.

[4]A. Abbasi, and M. Younis, “A survey on clustering algorithms for wireless sensor networks,” Computer Communications, vol.30, no.14-15, October 2007, pp.2826-2841.

[5]B. Sun, L. Osborne, Y. Xiao, and S. Guizani, "Intrusion detection techniques in mobile ad hoc and wireless sensor networks," Wireless Communications, vol.14, no.5, October 2007, pp.56-63.

[6]C. Blundo, A. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, “Perfectly-Secure Key Distribution for Dynamic Conferences,” In Proceedings of the 12th Annual international Cryptology Conference on Advances in Cryptology, vol.740, August 1992, pp.471-486.

[7]C. Karlof, and D. Wagner, “Secure routing in wireless sensor networks: attacks and countermeasures,” Ad Hoc Networks, vol.1, no.2-3, September 2003, pp.293-315.

[8]C. Karlof, N. Sastry, and D. Wagner, “TinySec: a link layer security architecture for wireless sensor networks,” In Proceedings of the 2nd international Conference on Embedded Networked Sensor Systems, November 2004, pp.162-175.

[9]C. Su, K. Chang, Y. Kuo, and M. Horng, “The new intrusion prevention and detection approaches for clustering-based sensor networks”, In Proceedings of 2005 IEEE Wireless Communications and Networking Conference, vol.4, March 2005, pp.1927-1932.

[10]C. Wang, A. Liu, and P. Ning, "Cluster-Based Minimum Mean Square Estimation for Secure and Resilient Localization in Wireless Sensor Networks," In Proceedings of 2007 International Conference on Wireless Algorithms, Systems and Applications, August 2007, pp.29-37.

[11]D. Carman, P. Kruus, B. Matt, “Constraints and approaches for distributed sensor network security,” NAI Labs Technical Report No.00-010, September 2000.

[12]D. Eastlake, and P. Jones, “US Secure Hash Algorithm 1 (Sha1),” RFC 3174, September 2001.

[13]D. Liu, and P. Ning, “Location-based pairwise key establishments for static sensor networks,” In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks, 2003, pp.72-82.

[14]D. Huang, M. Mehta, D. Medhi, and L. Harn, “Location-aware key management scheme for wireless sensor networks,” In Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks, October 2004, pp.29-42.

[15]D. Liu, P. Ning, and R. Li, “Establishing pairwise keys in distributed sensor networks,” ACM Transactions on Information and System Security, vol.8, no.1, February 2005, pp.41-77.

[16]D. Liu, P. Ning, and W. Du, "Attack-resistant location estimation in sensor networks," In Proceedings of the 4th International Symposium on Information Processing in Sensor Networks, April 2005, pp.99-106.

[17]G. Gupta, and M. Younis, "Fault-tolerant clustering of wireless sensor networks," Wireless Communications and Networking, vol.3, March 2003, pp.1579-1584.

[18]H. Chan, A. Perrig, and D. Song, "Random key predistribution schemes for sensor networks," In Proceedings of 2003 Symposium on Security and Privacy, May 2003, pp.197-213.

[19]H. Chan, A. Perrig, and D. Song, “Key distribution techniques for sensor networks,” Wireless Sensor Networks, 2004, pp.277-303.

[20]H. Chan, V. Gligor, A. Perrig, and G. Muralidharan, "On the Distribution and Revocation of Cryptographic Keys in Sensor Networks," IEEE Transactions on Dependable and Secure Computing, vol.02, no.3, July-September 2005, pp. 233-247.

[21]H. Lee, W. Seah, and P. Sun, "Energy Implications of Clustering in Heterogeneous Wireless Sensor Networks - An Analytical View," In Proceedings of the 17th International Symposium on Personal, Indoor and Mobile Radio Communications, September 2006, pp.1-5.

[22]I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “Wireless sensor networks: a survey,” Computer Networks, vol.38, no.4, March 2002, pp.393-422.

[23]J. Douceur, “The Sybil Attack,” Peer-to-Peer Systems, vol. 2429, March 2002, pp.251-260.

[24]J. Newsome, E. Shi, D. Song, and A. Perrig, ‘The sybil attack in sensor networks: analysis & defenses,” In Proceedings of the 3rd international Symposium on information Processing in Sensor Networks, April 2004, pp.259-268.

[25]J. Deng, C. Hartung, R. Han, and S. Mishra, "A Practical Study of Transitory Master Key Establishment For Wireless Sensor Networks," Security and Privacy for Emerging Areas in Communications Networks, September 2005, pp.289-302.

[26]K. Barr, and K. Asanović, “Energy-aware lossless data compression,” ACM Transactions on Computer Systems, vol.24, no.3, August 2006, pp.250-291.

[27]K. Lu, Y. Qian, M. Guizani, and H. Chen, "A framework for a distributed key management scheme in heterogeneous wireless sensor networks," IEEE Transactions on Wireless Communications, vol.7, no.2, February 2008, pp.639-647.

[28]L. Eschenauer, and V. Gligor, “A key-management scheme for distributed sensor networks.“ In Proceedings of the 9th ACM Conference on Computer and Communications Security, November 2002, pp.41-47.

[29]L. Hu, and D. Evans, “Using directional antennas to prevent wormhole attacks,” In Proceedings of the 11th Network and Distributed System Security Symposium, 2003, pp.131-141.

[30]L. Lazos, R. Poovendran, and S. Capkun, "ROPE: robust position estimation in wireless sensor networks," In Proceedings of 4th International Symposium on Information Processing in Sensor Networks, April 2005, pp.324-331.

[31]L. Lazos, and R. Poovendran, ” SeRLoc: Robust localization for wireless sensor networks,” ACM Transactions on Sensor Networks, vol.1, no.1, August 2005, pp.73-100.

[32]M. Eltoweissy, H. Heydari, L. Morales, and H. Sudborough, ”Combinatorial optimization of key management in group communications,” Journal of Network and Systems Management, vol.12, no.1, March 2004, pp.33-50.

[33]M. Yarvis, N. Kushalnagar, H. Singh, A. Rangarajan, Y. Liu, and S. Singh, "Exploiting heterogeneity in sensor networks," In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies, vol.2, March 2005 , pp. 878-890.

[34]M. Eltoweissy, M. Moharrum, and R. Mukkamala, "Dynamic key management in sensor networks," IEEE Communications Magazine, vol.44, no.4, April 2006, pp. 122-130.

[35]M. Younis, K. Ghumman, and M. Eltoweissy, "Location-Aware Combinatorial Key Management Scheme for Clustered Sensor Networks," IEEE Transactions on Parallel and Distributed Systems, vol.17, no.8, August 2006, pp.865-882.

[36]O. Goldreich, S. Goldwasser, and S. Micali, “ How to construct random functions,” Journal of the ACM, vol.33, no.4, August 1986, pp.792-807.

[37]O. Younis, M. Krunz, and S. Ramasubramanian, "Node clustering in wireless sensor networks: recent developments and deployment challenges," Network, vol.20, no.3, May-June 2006, pp.20-25.

[38]P. Erdős, and A. Rnyi, “On the evolution of random graphs,” Publication of the Mathematical Institute of the Hungarian Acadamy of Science, 1960, pp.17-61.

[39]P. Traynor, H. Choi, G. Cao, S. Zhu, and T. La Porta, "Establishing Pair-Wise Keys in Heterogeneous Sensor Networks," In Proceedings of the 25th IEEE International Conference on Computer Communication, April 2006, pp.1-12.

[40]R. Rivest, A. Shamir, and L. Adleman, ” A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, vol.21, no.2, February 1978, pp.120-126.

[41]R. Merkle, “Protocols for public key cryptosystems,” In Proceedings of the IEEE Symposium on Research in Security and Privacy, April 1980.

[42]R. Blom, “An optimal class of symmetric key generation systems,” In Proceedings of the EUROCRYPT 84 Workshop on Advances in Cryptology: theory and Application of Cryptographic Techniques, 1985, pp.335-338.

[43]R. Rivest, “Md5 Message-Digest Algorithm,” RFC 1321, April 1992.

[44]R. Anderson, and M. Kuhn, “Tamper resistance: a cautionary note,” In Proceedings of the 2nd Conference on Proceedings of the Second USENIX Workshop on Electronic Commerce, Vol.2, November 1996, pp.1-1.

[45]R. Anderson, H. Chan, and A. Perrig, "Key infection: smart trust for smart dust," In Proceedings of the 12th IEEE International Conference on Network Protocols, October 2004, pp.206-215.

[46]R. Roman, J. Zhou, and J. Lopez, "Applying intrusion detection systems to wireless sensor networks," In Proceedings of the 3rd IEEE Consumer Communications and Networking Conference, vol.1, January 2006, pp.640-644.

[47]R. Roman, C. Alcaraz, and J. Lopez, “A survey of cryptographic primitives and implementations for hardware-constrained sensor network nodes,” Mobile Networks and Applications, vol.12, no.4, August 2007,pp.231-244.

[48]S. Basagni, K. Herrin, D. Bruschi, and E. Rosti, “Secure pebblenets,” In Proceedings of the 2nd ACM international Symposium on Mobile Ad Hoc Networking & Computing, October 2001, pp.156-163.

[49]S. Zhu, S. Setia, and S. Jajodia, “LEAP: efficient security mechanisms for large-scale distributed sensor networks,” In Proceedings of the 10th ACM Conference on Computer and Communications Security, October 2003, pp.62-72.

[50]S. Zhu, S. Setia, S. Jajodia, and P. Ning, "An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks," In Proceedings of 2004 IEEE Symposium on Security and Privacy, May 2004, pp.259-271.

[51]S. Capkun, and J. Hubaux, "Secure positioning of wireless devices with application to sensor networks," In Proceedings of the 24th Annual Joint Conference of the IEEE Computer and Communications Societies, vol.3, March 2005, pp.1917-1928.

[52]S. Lee, and Y. Choi, “A resilient packet-forwarding scheme against maliciously packet-dropping nodes in sensor networks,” In Proceedings of the 4th ACM Workshop on Security of Ad Hoc and Sensor Networks, October 2006, pp.59-70.

[53]S. Zhu, S. Setia, and S. Jajodia, “LEAP+: Efficient security mechanisms for large-scale distributed sensor networks,“ ACM Transactions on Sensor Networks, vol.2, no.4 , November 2006, pp.500-528.

[54]V. Mhatre, and C. Rosenberg, "Homogeneous vs heterogeneous clustered sensor networks: a comparative study," Communications, vol.6, June 2004, pp.3646-3651.

[55]W. Diffie, and M. Hellman, "New directions in cryptography," IEEE Transactions on Information Theory, vol.22, no.6, November 1976, pp. 644-654.

[56]W. Heinzelman, A. Chandrakasan, and H. Balakrishnan, "Energy-efficient communication protocol for wireless microsensor networks," In Proceedings of the 33rd Annual Hawaii International Conference, vol.2, January 2000, pp.4-7.

[57]W. Heinzelman, A. Chandrakasan, and H. Balakrishnan, "An application-specific protocol architecture for wireless microsensor networks," Wireless Communications, vol.1, no.4, October 2002, pp. 660-670.

[58]W. Du, J. Deng, Y. Han, S. Chen, and P. Varshney, "A key management scheme for wireless sensor networks using deployment knowledge," In Proceedings of the 23rd Annual Joint Conference of the IEEE Computer and Communications Societies, vol.1, March 2004, pp.586-597.

[59]W. Du, J. Deng, Y. Han, P. Varshney, J. Katz, and A. Khalili, “A pairwise key predistribution scheme for wireless sensor networks,” ACM Transactions on Information and System Security, vol.8, no.2, May 2005, pp.228-258.

[60]Wikipedia. 19, August 2008<http://en.wikipedia.org/wiki/Sensor_node>.

[61]X. Du, Y. Xiao, M. Guizani, and H. Chen, “An effective key management scheme for heterogeneous sensor networks,” Ad Hoc Networks, vol.5, no.1, January 2007, pp.24-34.

[62]XBOW. Crossbow technology inc. 19, August 2008. < http://www.xbow.com>.

[63]Y. Hu, A. Perrig, and D. Johnson, "Packet leashes: a defense against wormhole attacks in wireless networks," In Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies, vol.3, April 2003, pp.1976-1986.

[64]Z. Li, W. Trappe, Y. Zhang, and B. Nath, ” Robust statistical methods for securing wireless localization in sensor networks,” In Proceedings of the 4th international Symposium on information Processing in Sensor Networks, April 2005.

[65]Z. Zhang, M. Ma, and Y. Yang, "Energy-Efficient Multihop Polling in Clusters of Two-Layered Heterogeneous Sensor Networks," IEEE Transactions on Computers, vol.57, no.2, February 2008, pp.231-245.