RKP based secure tracking in wireless sensor networks

Journal of Systems Engineering and Electronics Vol. 19, No. 1, 2008, pp.175–183

RKP based secure tracking in wireless sensor networks∗ Wang Jiahao1 , Qin Zhiguang1 , Geng Ji1 & Wang Shengkun2 1. Coll. of Computer Science and Engineering, Univ. of Electronic Science and Technology, Chengdu 610054, P.R. China; 2. Library, Taiyuan Univ. of Technology, Taiyuan 030024, P.R. China (Received March 14, 2006)

Abstract: To enhancing the wireless sensor network’s security in target tracking and locating application, this article proposes a tracking cluster based mobile cluster distributed group rekeying protocol (MCDGR). Based on the given sensitivity, sensors can locate the moving object in the monitored area and form a tracking cluster around it. This tracking cluster can follow the target logically, process data on the target and report to the sink node, and thus achieve the tracking function. We introduce a multi-path reinforcement scheme, q-composition scheme and one-way cryptographic hash function based random key predistribution algorithm (RKP), which can guarantee a high accuracy and security and a low energy consumption on the same time in large-scale sensor networks .

Keywords: sensor network, MCDGR, RKP, sink, tracking cluster.

1. Introduction Extensive studies have been carried out in the application of target tracking algorithms to the traditional wired sensor network. Along with the advancing wireless technology, the wireless sensor network has shown great advantages in many fields recently, such as military, disaster relief etc. Currently, the practicable protocol in sensor networks is still quite rare and most proposals about target tracking[1,2] turn out to be infeasible due to their failure to meet the requirements of network scale, security and so on. Here we propose a battlefield-detection-oriented secure target tracking algorithm, organize sensor nodes around the target to establish a tracking cluster to pinpointing its location, introduce the random key pre-distribution schemes to enhance network’s survivability, and introduce a layered structure and data fusion to lengthen the network life. This protocol can resist a variety of attacks including node compromises and solve the bootstrapping problem. This article mainly focuses on the large-scale sensor network’s target tracking problem and security problem. Based on

the layered structure, this article uses measures similar to those of[2] and proposes a secure layered auto-adapted target tracking algorithm.

2. Random key predistribution scheme In large scale wireless sensor networks, each sensor nodes contacts sink through multi-hop communication. According to possible attack in this process, message mast encrypted. And because the establishment and update of the tracking cluster are stochastic in a real scene, and the composition of the tracking cluster constantly changes along with the target migration, each node must have the ability to establish the communication key with neighboring nodes independently. Therefore we cannot use KDC here, especially in large scene[3] . Then the random key predistribution scheme[4,5] is a good substitute. After the nodes are arranged, a random graph is established. Then the secure links can be established and optimized through the three phases: initialization, key-setup and path key update. 2.1 Analysis with random graphs Eschenauer and Gligor first proposed a random key

* This project was supported by the National Natural Science Foundation of China (60473090).

176

Wang Jiahao, Qin Zhiguang, Geng Ji & Wang Shengkun

predistribution scheme[4] . Because the sensor nodes spread within a certain field randomly, the density of them becomes quite important and thus should be carefully selected to prevent Information Island. G(n, p) is used to define the random graph: nis the total number of sensor nodes and p is the probability of secure links between any two nodes. Erd¨ os and R´enyi showed that for monotonous properties of a large random graph, there exists a value p which can guarantee the map a high probability Pc=Pr[G(n, p) is connected]. When Pc=0.999, the expected node degree d is n−1 )(ln(n) − ln(− ln(P c))) (1) n Supposing the sensors are distributed evenly and n
represents the average number of neighbors in node’s signal transmission distance under the given density, each node must keep d links to its neighbors at least, namely, to make p = d/n
at the key-setup phase, so as to ensure connectivity. Let r be the signal transmission range, then the density can be calculated as: D = (n
+ 1)(πr2 )−1 . Let v be the target’s speed (M/H), h the hop of the tracking cluster, f the cluster renovation frequency, then we can get their relationship as: f
v/hr. The area of a tracking cluster satisfies πr2
area
π[(1 + 2h)r]2 . To different h and v, the tracking cluster area is Z(h) = (h + 1)2 n
in an ideal condition, and the entire irregular monitored area is AREA ≈ πr2 n/(n
+1). So, with the number of nodes unchanged, the monitored area is mainly decided by two variables r and n
. For example, when n=10 000, Pc=0.999, the node’s transmission range is r=100 M, and n
=30, and then through calculation, d=17, p ≈ 0.57, AREA≈10 km2 . Under such condition, we can arrange a sensor node every 1 000 m2 approximately, and the network can monitor a scene of 10 km2 . d=(

2.2 Random key predistribution Chan and Perrig proved that in random key predistribution scheme there is great probability for every two nodes to share a key[5] . The simplified formula of Stirling’s approximation is Pr =

m
i=1

p(i) =

m C i C 2(m−i) C m−i
|S| |S|−i 2(m−i) i=1

m )2 (C|S|

≈

m 2(|S|−m+ 1 ) 2 ) |S| 1− 2m (|S|−2m+ 1 ) 2 ) (1 − |S| (1 −

(2)

Where S represents the key pool; m the key ring; P (i) the probability that two nodes share exactly i keys. Because m is decided by sensor node’s memory capability, we get the relationship between S and P (i). In the initialization phase, each sensor node randomly select m keys from key pool S to form its key ring. And after deployed, any two neighbor nodes can exchange their key index lists, which are composed by the indexes I of keys in their key ring. Then, they may find shared keys with certain probability Pr. To further enhance the security, we must introduce assistant mechanisms, among which q-composite and multi-path reinforcement are two representative techniques. Because here we need a key distribution scheme that can been performed in a large scale network, in which each node tries to set up secure links to its neighbors and the opponents may capture any node physically to release the key ring stored in it, we have to find a trade-off between security and performance. According to the analysis in Ref. [5], we select the multi-path reinforcement scheme with q=1. Since it needs to hash duplicate link keys and there is no necessity to compress the key pool, it reduces the faulty link ratio when part nodes are compromised. In the q-composite scheme, the relationship between the compromised node number x and the faulty link ratio of the rest nodes is fm =

m
i=q

(1 − (1 −

m x i p(i) ) ) |S| Pr

(3)

The combination of multi-path reinforcement and q-composite scheme perform well in the link key negotiation. Since any two neighboring nodes A and B may find j different paths to transmit random numbers v 1 , v2 ,· · · , vj to generate a new link key k
= v1 ⊕ v2 ⊕ · · · ⊕ vj used for establishing a direct link between them, a strong connected graph can be established finally, and each node can establish secure links to its neighbors. Besides, the key found in the key-setup phase can reinforce itself in the same way and thus enhance its resistibility against attacks, and

RKP based secure tracking in wireless sensor networks generate a new link key k · k
. In the path key update phase, the least probability of two neighboring nodes establishing a link either directly or indirectly is P s = 1−(1−

2 d d )(1−( )2 )0.391Dπr −1.391 Dπr2 − 1 Dπr2 −1

d+1 (4) πr2 Let Density represent the number of nodes per square kilometer. The relationship between the connectivity and the density of the network is shown in Fig.1. D

177 2.3 One-way cryptographic hash function To further enhance the security of the algorithm and reduce the broken proportion under certain attack, the one-way cryptographic hash function form HARPS [6] is also adopted into this scheme as an assistant instrument. This mechanism repeatedly apply a cryptographic hash function h() to every key in every node’s key ring g times before their disposal (g is chosen randomly). Then a key pool [M1 , M2 , M3 ,· · · , MP ] with size P is generated. Let Kig = hg (Mi ) (g < L) represent the key i is hashed g times and L represent the max number of hash times, thereupon each node’s preload key ring changes to [KIG11 . . . KIGkk ] = [hG1 (MI1 ) · · · hGk (MIk )]

Fig. 1

The probability of connectivity vs. network density

From Eq. (1), d can be too small to keep the network’s connectivity, while the nodes’ spread density can not be too high in practical application. Therefore, any two nodes can be guaranteed to have a high probability of establishing a secure link. The probability of breaking a link established in key-setup phase is fm , and the probability of breaking a link established in path-key-update phase, namely, the probability of compromising all the participant multi-path reinforcement links’ keys, is: [1 − (1 − fm )2 ]j . To reduce the transmit consumption in practice, we can restrict the update path to j=3[5] . After every node establishes t encrypt links (in order to save energy, t is the threshold of secure links each node can have, t < n
), there are altogether tn/2 keys in the network if the key space Zkey is large enough. According to the Eq. (3), any link (directly or indirectly generated) can be broken with the probability d d 2 j Fm = [ ∗ fm + (1 − )](2∗ fm − fm ) , td t t

(5)

Accompanying the key ring, each key index and hash times pair ID=(I, G) is also embedded. When two neighboring nodes need to establish a secure link, they first exchange their IDs lists, and then search the list for the same original key. If the same key index is detected, then they will proceed to compare the hash times of the corresponding keys between each other. The participator with the shallower hash layer will keep applying the hash function to the shared keys until the same depth is reached and the shared keys are established. In this algorithm, whether any two nodes can establish a secure link is decided by whether they have the shared keys. Because the participator with the less hash times to the shared keys can always work out the same keys with the opponent by exchanging the IDs lists, the introduction of the one-way cryptographic hash function does not affect the sensor network’s connectivity, but obviously reduces the node compromise attack’s effect on the entire network. After the introduction of this method, if the attackers want to eavesdrop on the secure links through the compromised keys in a small amount of nodes, not only they need to find the same encrypt keys with the target links, but also the hash times of those keys must be shallower than those in the target links. Only under this condition, to calculate the link keys through the compromised keys is possible. Otherwise, even if

178

Wang Jiahao, Qin Zhiguang, Geng Ji & Wang Shengkun

the attackers obtain the correct key with deeper hash layer, the unidirectivity of the one-way hash function will make it quite difficult to work out the shallower layer value of the key. Let the max hash times be L, then the probability of any key being hashed i times is 1/L. Supposing the attacker has found an encrypt key used in secure links, and let l represent the number of compromised nodes which also contain the corresponding key, a represent the min hash times of all these lkeys, b represent the max hash times of all the corresponding keys used in the uncompromised links, then we know the probability that the encrypt links are still safe is Qs (L, l) =

L
1 L−i l ( ) =P {a > b} L L i=1

(6)

As the probability of any key being compromised is m/|S|, we can convert Eq. (3) to

fm =

m


⎛ ⎝

i=q

x
l=1

⎞

⎛ ⎝

x l

⎠



l  x−l m ⎠ p(i) 1− |S| Pr

(7) After adoption of the one-way hash function, the relationship between the number of compromised nodes x and the probability of successful synthesis of at least one node in the q-composition scheme is fml =

 l m 
x 
x m . |S| l i=q l=1 i  x−l m p(i) [1 − Qs (L, l)] 1− |S| Pr

Fig. 2

The Probability of successful synthesis of at least one node and the performance of the multilayer hash

⎞i

m |S|

reinforcement algorithm when more nodes are compromised. And the combination of all these algorithms can keep a low fail link ratio even when many nodes have been compromised.

(8)

From Eqs. (5) and (8), the fraction of links compromised after adopting the one-way hash function is d d 2 j Fml = [ ∗ fml + (1 − )](2∗ fml − fml ) , t  d (9) t t Figure 2 shows that the introduction of the oneway hash function enhances the security of the entire key distribution algorithm greatly. When j and L are all zero, namely the q = 1 composition algorithm, along with the increase of compromised nodes the failure link ratio rise quickest; the introduction of the one-way hash function reduces the fraction of compromised links and even surpasses the multi-path

algorithm and the multi-path reinforcement

Figure 3 contrasts the effect of different hash depths on the one-way hash function. The bigger the Lis, the securer the algorithm is and the greater the computing consumption is. Therefore, we need to find the tradeoff value between them. According to HARPS [6] and the Fig.3, we may find that after L surpasses 64, the security enhancement slows down. Figure 4 shows how the different encrypt linkst will affect the system security. Each one hop member of the tracking cluster shares a secure link key with the cluster head. The total number of the final established keys is in direct proportion to the secure links t. And similar to L, the bigger the t is, the greater the computation and transmission consumption is. And in most situations, the sensor node’s induction scope is by far smaller than the radio transmitting range, so there is no necessity to include all the neighboring nodes to the tracking cluster and valuetcan be set small. If t is smaller than d, the security of the algorithm will not be enhanced further. All the scenes above are calculated under d=20,
n =60(i.e.p=0.33), m=200 and S=100 000. The routing message can be transferred through µ TESLA[3] or SPEED [7] etc, which omits our scope.

RKP based secure tracking in wireless sensor networks

179 achieve the trade-off in the network’s performance and capacity, the sensor nodes are divided into many cooperation groups and many tracking clusters are formed around the targets. In view of military application, we also introduce the security mechanism. For example, those sensor nodes that can obtain the most valuable information about some phenomenon should be put in one group, whereas those nodes which obtain rare information are supposed to be excluded. Through confining the collaborator in a small quantity and a restricted area, the communication and computation are independent of the network scale.

Fig. 3

The probability of successful synthesis of at least one node and The effect of the hash layer L (t=30)

There are many methods for sensor nodes’ selflocating, which mainly depend on the beacon nodes to evaluate the sensor nodes’ positions and chiefly fall into two categories: range-based and range-free[8]. Recently, a beaconless localization scheme is described in Ref. [9]. A complete description of sensor node’s selflocating is beyond the scope of this paper; here we assume all the sensor nodes’ positions are recognizable. 3.1 MCDGR

Fig. 4

The Probability of successful synthesis of at least one node and the effect of the encrypt links t(L=64)

3. A mobile target tracking algorithm Target tracking is an important function of wireless sensor networks. Supposing a vehicle moves through a two dimensional space, the sensor network’s function is detecting the target’s location. How to find the trade-off between performance and capacity is a basic question in sensor network design. The traditional methods try to transmit all data to a central site (sink) for processing. Although they might be able to get the most accurate result, but will display a poor scalability. The communication and the complexity of computation increase rapidly along with the network’s extension, which makes such methods inapplicable for a large sensor network. To

based on CDGR[10] , we further enhance the cluster tracking algorithm’s applicability by introducing security mechanisms and propose a MOBILE CLUSTER DISTRIBUTED GROUP REKEYING (MCDGR) in this section. In MCDGR, every cluster head and member pairs share a Cluster Key as the conversation key to collect data, and this key is distributed through encrypting link among nodes and is only valid in the current cluster. The encrypting links can be achieved through the above methods. The finite field machine of the nodes’ state and behavior is shown as Fig. 5. Based on the assumption that the nodes are globally time-synchronized to some reasonable accuracy, after detecting a nearby target, the node in Init state will start timer Tc and broadcast CAST packet, which contains the node’s identity I and a time stamp T to announce when the target is firstly detected by the node. Considering the collision and delay, multiple nodes may also have broadcasted the CAST packets to compete for cluster header before the first announced CAST packet successively reaches all the neighboring nodes.

180

Wang Jiahao, Qin Zhiguang, Geng Ji & Wang Shengkun

Fig. 5

MCDGR

As the tracked target is the source of the diffused phenomenon, the closest node can change into Cluster head if its time stamp T is earlier than all the time stamp t from other nodes after a short delay Tc. After the tracking cluster is formed, each node sends a JOIN message to the cluster head when receiving CLUSTER packet. And on receiving the JOIN message, the cluster head returns a RECV message to complete the Cluster Key exchange procedure. This process can be shown as follows head → member : CLU ST ER = IA |NA |TA member → head : JOIN = IB |IA |EKAB [Ks|NA |NB ]| M ACKAB[IB|IA|EKAB[Ks|NA |NB ]] head → member : RECV = IA |IB |EKs [NB ]| M ACKs [IA |IB |EKs [NB ]] Here, theKsis the cluster key and the KAB represents the path key between the current cluster head A and the member B.N represents the announcement. The timer T defines the form time of the tracking cluster. In this protocol, we employ 4 timers and 6 kinds of packets. Timer Tw is used to limit energy consumption, and transfer nodes back into sleep schedule

after a period with nothing happened. Tc defines the longevity of the cluster competition period. Tf is the frequency of reporting. And Tr defines the biggest renovating interval. Considering the six kinds of packets, the CAST and the RECLUSTER contain similar load as the CLUSTER packet. The REPORT packet is send by cluster members to head for fusion. The RESULT packet is sent to sink node by cluster head to report the target’s location x(t) . And the WAKEUP packet can be replaced by the member REPORT or JOIN packets to pro-activate the 2 hop distance nodes that may enter the tracking cluster in near future. 3.2 Protocol analysis Compared with traditional key distribution methods, MCDGR is more fit for resource starve wireless sensor networks. The traditional methods must change the cluster key frequently to keep secure, such as CDGR[10] . Although this method can performs well in the ad hoc network with less hardware restriction and higher recluster frequency, it is not fit for the wireless sensor networks. Because it is hard to replace battery for each sensor nodes once they are deployed, energy

RKP based secure tracking in wireless sensor networks is a bottleneck in wireless sensor networks. To save energy and prolong the network’s serving time, sensor nodes are in sleeping mode in most condition. They change into the tracking mode and form a tracking cluster only when a target moves near. By this way, the tracking cluster can follow the target logically as a shadow of it. Because the nodes outside the cluster are not affected, we not only lowered energy consumption but also keep a high tracking efficiency. Based on the secure links, we can at least solve three security problems: Firstly, after several nodes detect the target and broadcast GROUP packets, the malfunction node can declare that it is the closest one to the target and try to be the cluster head to achieve sinkhole attack. But after the target moves out of the cluster head’s communication range, the cluster reconfiguration process will be performed. Because the nodes do not have path keys with nodes beyond one hop, it can not continue the attack. Secondly, with the moving of the cluster, a malfunction node may be included into the cluster. Since it knows nothing about the path keys between the cluster head and the other members, it can not modify the data collected by other members. The node may generate misleading messages, which can be filtrated in the following data fusion process. Thirdly, even the tracked target be aware of MCDGR, it can hardly dysfunction this tracking scheme. For every broadcasted packet can only received by its direct neighbors, these nodes can check their neighbor list to find out whether the packets come from their direct neighbors and whether they share path keys with this node. By this way, every node can authenticate the received broadcasting message. Then we can prevent the malfunction nodes from moving with the target to disrupt the forming of tracking cluster. To protect the secret of those path keys, they are only used for cluster session key distribution. The tracking result can be encrypted by a key only shared by the cluster head and sink node. Because of these, the MCDGR can resist a lot of attacks in sensor networks.

181

4. Performance evaluation 4.1 The simulation model To evaluate the performance of MCDGR, we develop a simulator based on ns2 (version 2.26)[11]. In each experiment, 1 000 sensor nodes are deployed in a 1 000×1 000 m2 two-dimensional field to locate the moving target. A mobile node is hired to simulate the target to send out certain signals in a high frequency. Table 1 lists most of the simulation parameters. Table 1

Simulation parameters

Parameter field size

(m2 )

Values 1 000×1 000

number of nodes communication range (m)

1 000 100

radius of the monitoring region surrounding a target (m)

40

maximum speed of a mobile target: v(m/s)

50

size of a control message

32

(JOIN, RECV, CAST, CLUSTER, RECLUSTER) (byte) size of a sensingreport (bye)

120

Number of neighbors for each nodes: n’

30

4.2 Simulation results Figure 6 depicts the tracking scene. A target sets out from the bottom left to the up right at a speed of 40 m/s and turns downward at a speed of 30 m/s after 25 s movement, then points up left at 45 s with a speed of 39 m/s. Each point in the figure represents a sensor node, which is randomly spread to represent the real scene. The rectangle represents the cluster head at different time and the line is the target node’s moving trace. The circle at the top represents the sink node. As the figure shows, the cluster heads are generally the closest ones to the target. The tracking result can be quite close to the real location of targets even only based on the heads’ evaluation. In addition, after the heads’ cooperation and fusion with cluster members, the tracking result can be further pinpointed. Several methods can be used in data fusion in the cluster head, such as and SIA[12] , which will be explored in the future. Another important parameter used to evaluate the transmission energy consumption is the bit rate. In

182

Wang Jiahao, Qin Zhiguang, Geng Ji & Wang Shengkun

Fig. 8

Comparison of message rate for different target velocities

Fig. 6

Tracking scene

the primitive method, each node tries to transmit its reports to the sink node solely. After the nodes’ clustering, a lot of abundant data are accumulated and fused in the cluster head, which leads to a great decrease of message transmission loads. The total number of messages of MCDGR is only 37.2 of original one in the primitive method. Figure 7 depicts the message transmission speed. The sudden decreases of the bit rate near 30 and 50 s are caused by node deserts while the target moves to these locations. Although the control packet load is massive when target moves fast, the total transmission load is still much less than that in the primitive method. And the average latency in this test is 0.053 s. To evaluate the influence of the target speed, we compare the total number of messages at different speeds when target follows the same path moving from bottom left to up right. From the test result Fig. 8,

Fig. 7

Tracking result

we can see that the slower the target is, the more efficient the message is. And as the tracking cluster reclusters only when the target moves out of the head’s monitoring region, the speed of target has little influence on the control of message consumption. After the speed of target surpasses 40 m/s, namely 144 km/hour, the proportion of consumption used for reclustering rises to a high level and lowers the efficiency of this protocol.

5. Conclusions Target tracking is one of the most important applications for sensor networks. But as a result of wireless channel’s openness, how to safeguard information security and reliability poses a difficult question, especially in the military domain where exists direct electronic opposition. Therefore, based on the analysis of wireless sensor networks in the realm of target tracking, a MCDGR protocol is proposed. By using the multi-path reinforcement with q-composition and one way hash function techniques, it not only guarantees the actual large-scale request but also enhances the wireless sensor network’s strength and security, many attacks against sensor networks can be effectively resist, such as node compromise, sybil, selected forward and so on[13] . It guarantees the tracking accuracy and enhances the network’s security at same time. We will study the performance of this key predistribution scheme and MCDGR in practice in our future work. Certainly there are also many other key distribution algorithms that can be used in this protocol, like grid-based or ultra-cube-based key distribution and so on[14] , and more studies are needed in this

RKP based secure tracking in wireless sensor networks regard.

183 171.

References

[10] Kuang X, Zhu P, Lu X. Distributed group rekeying algorithms for mobile Ad-Hoc Networks. Journal of Software,

[1] Tian H, Sudha K, John A S, et al. Energy-efficient surveillance system using wireless sensor networks. Proceedings of the 2nd International Conference on Mobile Systems, Applications, and Services (MobiSys04), 2004: 270–283. [2] Brian B, Prashant N, Anthony W, et al. An entity maintenance and connection service for Sensor Networks. The First International Conference on Mobile Systems, Applications, and Services (MOBISYS ‘03), 2003: 201–214. [3] Adrian P, Robert S, Victor W, et al.

SPINS: Security

protocols for sensor networks, Mobile Computing and Networking, 2001: 189–199.

2004, 15 (5): 757–766. [11] Ian D. Simulating sensor networks in NS-2. Computer Programming and Software, 2004: 20–29. [12] Bartosz P, Dawn S, Adrian P. SIA:Secure information aggregation in sensor networks. Proceedings of the 1st International Conference on Embedded Networked Sensor Systems, 2003: 255–265. [13] Chris K, David W. Secure routing in wireless sensor networks: attacks and countermeasures. First IEEE International Workshop on Sensor Network Protocols and Applications, 2003, 5: 113–127.

[4] Laurent E, Virgil D G. A key-management scheme for distributed sensor networks. Conference on Computer and Communications Security, 2002: 41–47. [5] Chan H, Adrian P, Dawn S. Random key predistribution

[14] Liu D, Ning P, Li R. Establishing pairwise keys in distributed sensor networks, Proceedings of the 10th ACM Conference on Computer and Communications Security, 2003: 52–61.

schemes for sensor networks. In 2003 IEEE Symposium on Research in Security and Privacy, 2003: 197–213. [6] Mahalingam R, Nasir M. HARPS: HAshed random preloaded subset key distribution.

Cryptology ePrint

Archive, August 2003.

Wang Jiahao was born in 1978, he is Ph.D. candidate, specializing in computer security and wireless sensor network. E-mail: [email protected]

[7] Tian H, John A S, Lu C, et al SPEED: A stateless protocol for real-time communication in sensor networks.

Qin Zhiguang was born in 1956, he is Professor and

ICDCS ’03: Proceedings of the 23rd International Confer-

doctoral mentor, Ph. D., specializing in computer security.

ence on Distributed Computing Systems, 2003: 46–55. [8] Shi L, Wang F, Duan W, et al. Range-Free self-localization

Computer Engineering and Applications, 2004, 23: 130–

Geng Ji was born in 1963. He is Associate Professor, Ms, specializing in distributing parallel process and

133, 154.

computer operating system.

mechanism and algorithm for wireless sensor networks.

[9] Fang L, Du W, Ning P. A beacon-less location discovery scheme for wireless sensor networks. Proceedings of IEEE

Wang Shengkun was born in 1949. He is a Profes-

INFOCOM. 24th Annual Joint Conference of the IEEE

sor, Ms, specializing in electronic engineering.

Computer and Communications Societies, 2005, 1: 161–