Toward resilient security in wireless sensor networks

Node compromise poses severe security threats in wireless sensor networks. Unfortunately, existing security designs can address only a small, fixed threshold number of compromised nodes; the security protection completely breaks down when the threshold is exceeded. In this paper, we seek to overcome the threshold limitation and achieve resiliency against an increasing number of compromised nodes. To this end, we propose a novel location-based approach in which the secret keys are bound to geographic locations, and each node stores a few keys based on its own location. The location-binding property constrains the scope for which individual keys can be (mis)used, thus limiting the damages caused by a collection of compromised nodes. We illustrate this approach through the problem of report fabrication attacks, in which the compromised nodes forge non-existent events. We evaluate our design through extensive analysis, implementation and simulations, and demonstrate its graceful performance degradation in the presence of an increasing number of compromised nodes.

[1]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[2]  Radha Poovendran,et al.  SeRLoc: secure range-independent localization for wireless sensor networks , 2004, WiSe '04.

[3]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[4]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[5]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[6]  Ying Zhang,et al.  Localization from mere connectivity , 2003, MobiHoc '03.

[7]  Leonidas J. Guibas,et al.  Locating and bypassing routing holes in sensor networks , 2004, IEEE INFOCOM 2004.

[8]  Songwu Lu,et al.  PEAS: a robust energy conserving protocol for long-lived sensor networks , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[9]  Guohong Cao,et al.  Group rekeying for filtering false data in sensor networks: a predistribution and local collaboration-based approach , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[10]  Songwu Lu,et al.  GRAdient Broadcast: A Robust Data Delivery Protocol for Large Scale Sensor Networks , 2005, Wirel. Networks.

[11]  Sushil Jajodia,et al.  LEAP - efficient security mechanisms for large-scale distributed sensor networks , 2003, SenSys.

[12]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[13]  Wade Trappe,et al.  Robust statistical methods for securing wireless localization in sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[14]  Ross J. Anderson,et al.  Key infection: smart trust for smart dust , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[15]  Gene Tsudik Message authentication with one-way hash functions , 1992, CCRV.

[16]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[17]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[18]  Brad Karp,et al.  GPSR: greedy perimeter stateless routing for wireless networks , 2000, MobiCom '00.

[19]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[20]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[21]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2005, IEEE J. Sel. Areas Commun..

[22]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[23]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[24]  Yunghsiang Sam Han,et al.  A key management scheme for wireless sensor networks using deployment knowledge , 2004, IEEE INFOCOM 2004.

[25]  Brad Karp,et al.  Greedy Perimeter Stateless Routing for Wireless Networks , 2000 .

[26]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[27]  Deborah Estrin,et al.  Directed diffusion: a scalable and robust communication paradigm for sensor networks , 2000, MobiCom '00.

[28]  Haiyun Luo,et al.  A two-tier data dissemination model for large-scale wireless sensor networks , 2002, MobiCom '02.

[29]  Donggang Liu,et al.  Attack-resistant location estimation in sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..