Mauro Conti
Roberto Di Pietro
ABSTRACT
Wireless sensor networks are often deployed in hostile environments, where anadversary can physically capture some of the nodes. Once a node is captured, the attackercan re-program it and replicate the node in a large number of clones, thus easily taking over the network. The detection of node replication attacks in a wireless sensor network is therefore a fundamental problem. A few distributed solutions have recently been proposed. However, these solutions are not satisfactory. First, they are energy and memory demanding: A serious drawback for any protocol that is to be used in resource constrained environment such as a sensor network. Further, they are vulnerable to specific adversary models introduced in this paper.
The contributions of this work are threefold. First, we analyze the desirable properties of a distributed mechanism for the detection of node replication attacks. Second, we show that the known solutions for this problem do not completely meet our requirements. Third, we propose a new Randomized, Efficient, and Distributed (RED) protocol for the detection of node replication attacks and we show that it is completely satisfactory with respect to the requirements. Extensive simulations also show that our protocol is highly efficient in communication, memory, and computation, that it sets out an improved attack detection probability compared to the best solutions in the literature, and that it is resistant to the new kind of attacks we introduce in this paper, while other solutions are not.
- I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci. Wireless sensor networks: a survey. International Journal of Computer and Telecommunications Networking -- Elsevier, 38(4):393--422, March 2002. Google Scholar
Digital Library
- A. Becher, Z. Benenson, and M. Dornseif. Tampering with motes: Real-world physical attacks on wireless sensor networks. In Proceedings of the 3rd International Conference on Security in Pervasive Computing (SPC), pages 104--118, 2006. Google ScholarDigital Library
- C. Bettstetter. On the minimum node degree and connectivity of a wireless multihop network. In Proceedings of the 3rd ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc '02), pages 80--91, 2002. Google ScholarDigital Library
- C. Bettstetter and C. Hartmann. Connectivity of wireless multihop networks in a shadow fading environment. In Proceedings of the 6th ACM International Workshop on Modeling, Analysis and Simulation of Wireless and Mobile Systems (MSWiM '03), pages 28--32, 2003. Google ScholarDigital Library
- S. Capkun and J.-P. Hubaux. Secure positioning of wireless devices with application to sensor networks. In INFOCOM, pages 1917--1928, 2005.Google ScholarCross Ref
- A. Caruso, A. Urpi, S. Chessa, and S. De. Gps-free coordinate assignment and routing in wireless sensor networks. In Proceedings of IEEE INFOCOM '05, pages 150--160, 2005.Google ScholarCross Ref
- H. Chan, A. Perrig, and D. Song. Random key predistribution schemes for sensor networks. In Proceedings of 2003 IEEE Symposium on Security and Privacy (S&P'03), pages 197--213, 2003. Google ScholarDigital Library
- G. Chen, J. W. Branch, and B. K. Szymanski. Local leader election, signal strength aware flooding, and routeless routing. In 19th International Parallel and Distributed Processing Symposium (IPDPS 2005), 2005. Google ScholarDigital Library
- C. Cocks. An identity based encryption scheme based on quadratic residues. In Proceedings of the 8th IMA International Conference on Cryptography and Coding, pages 360--363, London, UK, 2001. Springer-Verlag. Google ScholarDigital Library
- M. Conti, R. Di Pietro, and L. V. Mancini. Secure cooperative channel establishment in wireless sensor networks. In Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW '06), pages 327--331, 2006. Google ScholarDigital Library
- M. Conti, R. Di Pietro, and L. V. Mancini. Ecce: Enhanced cooperative channel establishment for secure pair-wise communication in wireless sensor networks. Ad Hoc Networks, 5(1):49--62, 2007.Google ScholarCross Ref
- M. Conti, R. Di Pietro, L. V. Mancini, and A. Mei. Requirements and open issues in distributed detection of node identity replicas in wsn. In Proceedings of the 2006 IEEE International Conference on Systems, Man, and Cybernetics (SMC '06), Special Session on Wireless Sensor Networks, page 66, 2006.Google ScholarCross Ref
- B. Deb, S. Bhatnagar, and B. Nath. Reinform: Reliable information forwarding using multiple paths in sensor networks. In Proceedings of the 28th Annual IEEE International Conference on Local Computer Networks (LCN '03), page 406, 2003. Google ScholarDigital Library
- M. Demirbas and Y. Song. An rssi-based scheme for sybil attack detection in wireless sensor networks. In 1st workshop on advanced EXPerimental activities ON WIRELESS networks and systems (EXPONWIRELESS 2006), pages 564--570, 2006. Google ScholarDigital Library
- R. Di Pietro, L. V. Mancini, and A. Mei. Energy efficient node-to-node authentication and communication confidentiality in wireless sensor networks. Wireless Networks, 12(6):709--721, 2006. Google ScholarDigital Library
- R. Di Pietro, L. V. Mancini, A. Mei, A. Panconesi, and J. Radhakrishnan. Connectivity properties of secure wireless sensor networks. In Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '04), pages 53--58, 2004. Google ScholarDigital Library
- R. Di Pietro, L. V. Mancini, A. Mei, A. Panconesi, and J. Radhakrishnan. Sensor networks that are provably resilient. In Proceedings of IEEE 2nd International Conference on Security and Privacy in Communication Networks (SecureComm 2006), to appear.Google ScholarCross Ref
- J. R. Douceur. The sybil attack. In Proceedings of the 1st International Workshop on Peer-to-Peer Systems (IPTPS'01), pages 251--260. Springer, 2002. Google ScholarDigital Library
- J. Elson and D. Estrin. Time synchronization for wireless sensor networks. In Proceedings of the 15th International Parallel & Distributed Processing Symposium (IPDPS '01), pages 1965--1970, 2001. Google ScholarDigital Library
- J. Elson, L. Girod, and D. Estrin. Fine-grained network time synchronization using reference broadcasts. SIGOPS Operating Systems Review, 36(SI):147--163, 2002. Google ScholarDigital Library
- L. Eschenauer and V. D. Gligor. A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS '02), pages 41--47, 2002. Google ScholarDigital Library
- D. Ganesan, R. Govindan, S. Shenker, and D. Estrin. Highly-resilient, energy-efficient multipath routing in wireless sensor networks. SIGMOBILE Mobile Computing and Communications Review, 5(4):11--25, 2001. Google ScholarDigital Library
- V. D. Gligor. Emergent properties in ad-hoc networks: a security perspective. In Proceedings of the 4th ACM workshop on Wireless security (WiSe '05), page 55, 2005. Google ScholarDigital Library
- Y. C. Hu, A. Perrig, and D. B. Johnson. Packet leashes: a defense against wormhole attacks in wireless networks. In INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies. IEEE, pages 1976--1986, 2003.Google ScholarCross Ref
- C. Karlof and D. Wagner. Secure routing in wireless sensor networks: attacks and countermeasures. Ad Hoc Networks, 1(2-3):293--315, 2003.Google ScholarCross Ref
- B. Karp and H. T. Kung. GPSR: Greedy perimeter stateless routing for wireless networks. In Proceedings of the 6th Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom '00), pages 243--254, 2000. Google ScholarDigital Library
- J. Kong, H. Luo, K. Xu, D. L. Gu, M. Gerla, and S. Lu. Adaptive Security for Multi-layer ad hoc Networks. Special Issue of Wireless Communications and Mobile Computing, Wiley Interscience Press, 2002.Google Scholar
- A. J. Menezes, S. A. Vanstone, and P. C. V. Orschot. Handbook of Applied Cryptography. CRC Press, Inc., 1996. Google ScholarDigital Library
- J. Newsome, E. Shi, D. Song, and A. Perrig. The sybil attack in sensor networks: analysis & defenses. In Proceedings of ACM IPSN'04, pages 259--268, 2004. Google ScholarDigital Library
- J. Newsome and D. X. Song. Gem: graph embedding for routing and data-centric storage in sensor networks without geographic information. In Proceedings of the 1st International Conference on Embedded Networked Sensor Systems (SenSys '03), pages 76--88, 2003. Google ScholarDigital Library
- B. Parno, A. Perrig, and V. D. Gligor. Distributed detection of node replication attacks in sensor networks. In Proceedings of 2005 IEEE Symposium on Security and Privacy (S&P '05), pages 49--63, 2005. Google ScholarDigital Library
- A. Shamir. Identity-based cryptosystems and signature schemes. In Proceedings of CRYPTO 84 on Advances in cryptology, pages 47--53. Springer-Verlag New York, Inc., 1985. Google ScholarDigital Library
- A. Wander, N. Gura, H. Eberle, V. Gupta, and S. C. Shantz. Energy analysis of public-key cryptography for wireless sensor networks. In Proceedings of the Third Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM '05), pages 324--328, 2005. Google ScholarDigital Library
- Y. Yang, X. Wang, S. Zhu, and G. Cao. Sdap:: a secure hop-by-hop data aggregation protocol for sensor networks. In MobiHoc '06: Proceedings of the seventh ACM international symposium on Mobile ad hoc networking and computing, pages 356--367, 2006. Google ScholarDigital Library
Index Terms
- A randomized, efficient, and distributed protocol for the detection of node replication attacks in wireless sensor networks
Recommendations
Distributed Detection of Clone Attacks in Wireless Sensor Networks
Wireless Sensor Networks (WSNs) are often deployed in hostile environments where an adversary can physically capture some of the nodes, first can reprogram, and then, can replicate them in a large number of clones, easily taking control over the ...
Localized Multicast: Efficient and Distributed Replica Detection in Large-Scale Sensor Networks
Due to the poor physical protection of sensor nodes, it is generally assumed that an adversary can capture and compromise a small number of sensors in the network. In a node replication attack, an adversary can take advantage of the credentials of a ...
Node replication attacks in mobile wireless sensor networks
The mobile wireless sensor networks (MWSNs) commonly operate in hostile environments such as battlefields and surveillance zones. Owing to their operating nature, MWSNs are often unattended and generally are not equipped with tamper-resistant tools. ...
Comments