Tuan Manh Vu
Carey Williamson
ABSTRACT
Securing wireless sensor networks against node capture is a challenging task. All well-known random key pre-distribution systems, including the Eschenauer and Gligor's pioneering scheme, its extensions, as well as threshold schemes, become insecure when a large number of nodes are captured. We propose a general technique, called virtual key ring, that can effectively strengthen the resilience of random key pre-distribution systems against node capture attacks by reducing the pre-loaded keying material while maintaining secure connectivity of the network.
The technique is general and applicable to many key pre-distribution systems. We however focus on the original EG scheme and propose a virtual key ring system based on this pioneering scheme. We provide detailed mathematical analysis and a security proof for the system, and use extensive simulation to validate the analysis and to compare performance of the new system with the original EG scheme. We also present simulation results for the strengthened resilience when the virtual key ring scheme is combined with the multipath key reinforcement and q-composite techniques, showing that the system resilience is substantially improved against large-scale node capture attack (e.g., 40% of nodes captured).
- S. Camtepe and B. Yener, "Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks", IEEE/ACM Transactions on Networking, pp. 346--358, April 2007. Google Scholar
Digital Library
- D. Stinson, Combinatorial Designs: Construction and Analysis, Springer-Verlag, New York, 2004. Google ScholarDigital Library
- D. Carman, P. Kruus, and B. Matt, "Constraints and Approaches for Distributed Sensor Network Security", NAI Labs Technical Report #00--010, September 2000.Google Scholar
- H. Chan and A. Perrig, "PIKE: Peer Intermediaries for Key Establishment in Sensor Networks", Proceedings of IEEE INFOCOM, pp. 524--535, 2005.Google Scholar
- H. Chan, A. Perrig, and D. Song, "Random Key Predistribution Schemes for Sensor Networks", Proceedings of IEEE Security and Privacy Symposium, pp. 197--213, May 2003. Google ScholarDigital Library
- W. Du, J. Deng, Y. Han, S. Chen, and P. Varshney, "A Key Management Scheme for Wireless Sensor Networks using Deployment Knowledge", Proceedings of IEEE INFOCOM, pp. 586--597, March 2004.Google Scholar
- W. Du, J. Deng, Y. Han, P. Varshney, J. Katz, and A. Khalili, "A Pairwise Key Pre-distribution Scheme for Wireless Sensor Networks", Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 42--51, October 2003. Google ScholarDigital Library
- L. Eschenauer and V. Gligor, "A Key Management Scheme for Distributed Sensor Networks", Proceedings of the 9th ACM Conference on Computer and Communication Security, pp. 41--47, November 2002. Google ScholarDigital Library
- D. Huang, M. Mehta, D. Medhi, and L. Harn, "Location-aware Key Management Scheme for Wireless Sensor Networks", Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 29--42, October 2004. Google ScholarDigital Library
- Internet Engineering Task Force, "Diffie-Hellman Key Agreement Method", http://tools.ietf.org/html/rfc2631, 1999.Google Scholar
- D. Liu and P. Ning, "Location-based Pairwise Key Establishments for Static Sensor Networks", Proceedings of ACM Workshop on Security in Ad Hoc and Sensor Networks, pp. 72--82, 2003. Google ScholarDigital Library
- D. Liu, P. Ning, and W. Du, "Group-based Key Pre-distribution in Wireless Sensor Networks", Proceedings of ACM Workshop on Wireless Security, pp. 11--20, 2005. Google ScholarDigital Library
- D. Liu, P. Ning, and R. Liu, "Establishing Pairwise Keys in Distributed Sensor Networks", Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 52--61, October 2003. Google ScholarDigital Library
- R. Pietro, L. Mancini, A. Mei, A. Panconesi, and J. Radhakrishnan, "Redoubtable Sensor Networks", ACM Transactions on Information and System Security, 11(3):1--22, 2008. Google ScholarDigital Library
- J. Spencer, "The Strange Logic of Random Graphs", Algorithms and Combinatorics, Vol. 22, Springer-Verlag, ISBN 3-540-41654-4, 2000.Google Scholar
- T. Vu, "Modeling, Analysis, and Simulation of Secure Connectivity in Wireless Sensor Networks", MSc thesis, Department of Computer Science, University of Calgary, October 2009.Google Scholar
- T. Vu, C. Williamson, and R. Safavi-Naini, "Simulation Modeling of Secure Wireless Sensor Networks", Proceedings of ValueTools '09, Pisa, Italy, October 2009. Google ScholarDigital Library
- Securing wireless sensor networks against large-scale node capture attacks
Recommendations
A high performance and intrinsically secure key establishment protocol for wireless sensor networks
Key establishment among neighboring sensors is the most challenging issue for security services such as authentication and confidentiality in wireless sensor networks (WSNs). Many key establishment schemes have recently been proposed, but most have ...
Improving Resilience Against Node Capture Attacks in Wireless Sensor Networks Using ICmetrics
EST '12: Proceedings of the 2012 Third International Conference on Emerging Security TechnologiesWireless Sensor Networks (WSNs) have the potential of being employed in a variety of applications ranging from battlefield surveillance to everyday applications such as smart homes and patient monitoring. Security is a major challenge that all ...
Location-aware key management scheme for wireless sensor networks
SASN '04: Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networksSensor networks are composed of a large number of low power sensor devices. For secure communication among sensors, secret keys must be established between them. Recently, several pairwise key schemes have been proposed for large distributed sensor ...
Comments