eHIP: An energy-efficient hybrid intrusion prohibition system for cluster-based wireless sensor networks

Verifying authenticity and integrity of delivered data is indispensable for security-sensitive wireless sensor networks (WSN). Unfortunately, conventional security approaches are unsuitable for WSN because energy efficiency is really not an important issue. However, energy conservation is truly a critical issue in WSN. In this paper, a proposed hybrid security system, called energy-efficient hybrid intrusion prohibition (eHIP) system, combines intrusion prevention with intrusion detection to provide an energy-efficient and secure cluster-based WSN (CWSN). The eHIP system consists of authentication-based intrusion prevention (AIP) subsystem and collaboration-based intrusion detection (CID) subsystem. Both subsystems provide heterogeneous mechanisms for different demands of security levels in CWSN to improve energy efficiency. In AIP, two distinct authentication mechanisms are introduced to verify control messages and sensed data to prevent external attacks. These two authentication mechanisms are customized according to the relative importance of information contained in control messages and sensed data. However, because the security threat from compromised sensor nodes cannot be fully avoided by AIP, CID is therefore proposed. In CID, the concept of collaborative monitoring is proposed to balance the tradeoff between network security and energy efficiency. In order to evaluate the performance of eHIP, theoretical analyses and simulations of AIP and CID are also presented in this paper. Simulation results fully support the theoretical analysis of eHIP.

[1]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[2]  Sajal K. Das,et al.  Group key distribution via local collaboration in wireless sensor networks , 2005, 2005 Second Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2005. IEEE SECON 2005..

[3]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[4]  Elaine Shi,et al.  Designing secure sensor networks , 2004, IEEE Wireless Communications.

[5]  Anthony Ephremides,et al.  The Architectural Organization of a Mobile Radio Network via a Distributed Algorithm , 1981, IEEE Trans. Commun..

[6]  Songwu Lu,et al.  Self-organized network-layer security in mobile ad hoc networks , 2002, WiSE '02.

[7]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[8]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[9]  Di Ma,et al.  Classify encrypted data in wireless sensor networks , 2004, IEEE 60th Vehicular Technology Conference, 2004. VTC2004-Fall. 2004.

[10]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[11]  Jongsung Kim,et al.  On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (Extended Abstract) , 2006, SCN.

[12]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[13]  R. Ruppe,et al.  Near Term Digital Radio (NTDR) system , 1997, MILCOM 97 MILCOM 97 Proceedings.

[14]  Mohammad Ilyas,et al.  Handbook of Sensor Networks: Compact Wireless and Wired Sensing Systems , 2004 .

[15]  Richard Han,et al.  Node Compromise in Sensor Networks: The Need for Secure Systems ; CU-CS-990-05 , 2005 .

[16]  A. Manjeshwar,et al.  TEEN: a routing protocol for enhanced efficiency in wireless sensor networks , 2001, Proceedings 15th International Parallel and Distributed Processing Symposium. IPDPS 2001.

[17]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[18]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[19]  Michael B. Pursley,et al.  Routing in frequency-hop packet radio networks with partial-band jamming , 1993, IEEE Trans. Commun..

[20]  Ian F. Akyildiz,et al.  Wireless sensor networks: a survey , 2002, Comput. Networks.

[21]  Wendi Heinzelman,et al.  Energy-efficient communication protocol for wireless microsensor networks , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[22]  Peng Ning,et al.  LAD: Localization anomaly detection for wireless sensor networks , 2006, J. Parallel Distributed Comput..

[23]  Deborah Estrin,et al.  Medium access control with coordinated adaptive sleeping for wireless sensor networks , 2004, IEEE/ACM Transactions on Networking.

[24]  Anantha P. Chandrakasan,et al.  An application-specific protocol architecture for wireless microsensor networks , 2002, IEEE Trans. Wirel. Commun..

[25]  Ali Miri,et al.  An intrusion detection system for wireless sensor networks , 2005, WiMob'2005), IEEE International Conference on Wireless And Mobile Computing, Networking And Communications, 2005..

[26]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[27]  Cauligi S. Raghavendra,et al.  PEGASIS: Power-efficient gathering in sensor information systems , 2002, Proceedings, IEEE Aerospace Conference.

[28]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[29]  Mario Gerla,et al.  Multicluster, mobile, multimedia radio network , 1995, Wirel. Networks.

[30]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[31]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[32]  Mario Gerla,et al.  Adaptive Clustering for Mobile Wireless Networks , 1997, IEEE J. Sel. Areas Commun..

[33]  Gustavo de Veciana,et al.  Minimizing energy consumption in large-scale sensor networks through distributed data compression and hierarchical aggregation , 2004, IEEE Journal on Selected Areas in Communications.

[34]  Ian F. Akyildiz,et al.  Time-diffusion synchronization protocol for wireless sensor networks , 2005, IEEE/ACM Transactions on Networking.

[35]  D.P. Agrawal,et al.  APTEEN: a hybrid protocol for efficient routing and comprehensive information retrieval in wireless , 2002, Proceedings 16th International Parallel and Distributed Processing Symposium.