Tampering with Motes: Real-World Physical Attacks on Wireless Sensor Networks

Most security protocols for wireless sensor networks (WSN) assume that the adversary can gain full control over a sensor node through direct physical access (node capture attack). But so far the amount of effort an attacker has to undertake in a node capture attack is unknown. In our project we evaluate different physical attacks against sensor node hardware. Detailed knowledge about the effort needed for physical attacks allows to fine tune security protocols in WSNs so they provide optimal protection at minimal cost.

[1]  Martin Lefering Development of Incremental Integration Tools Using Formal Specifications , 1994 .

[2]  Markus Mohnen Efficient Compile-Time Garbage Collection for Arbitrary Data Structures , 1995, PLILP.

[3]  Bernhard Westfechtel,et al.  Feedback handling in dynamic task nets , 1997, Proceedings 12th IEEE International Conference Automated Software Engineering.

[4]  Andreas J. Winter,et al.  Modules and Updatable Graph Views for PROgrammed Graph REwriting Systems , 1997 .

[5]  Sergei Skorobogatov,et al.  Semi-invasive attacks: a new approach to hardware security analysis , 2005 .

[6]  Guido Moerkotte,et al.  Partition-Based Clustering in Object Bases: From Theory to Practice , 1993, FODO.

[7]  Pär J. Ågerfalk,et al.  The Language Action Perspective on Communication Modelling , 1999 .

[8]  U. Naumann Syntax-Directed Derivative Code (Part I: Tangent-Linear Code) , 2005 .

[9]  Geoff Martin,et al.  An Evaluation of Ad-hoc Routing Protocols for Wireless Sensor Networks , 2004 .

[10]  Albert Zündorf A Heuristic for the Subgraph Isomorphism Problem in Executing PROGRES , 1993 .

[11]  U. Quernheim Satellite communication protocols-a performance comparison considering on-board processing , 1988, 8th European Conference on Electrotechnics, Conference Proceedings on Area Communication.

[12]  Mukesh Singhal,et al.  Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..

[13]  Jürgen Giesl,et al.  Size-Change Termination for Term Rewriting , 2003, RTA.

[14]  Ken Frazer,et al.  Building secure software: how to avoid security problems the right way , 2002, SOEN.

[15]  Ludwig Staiger,et al.  Valuations and Unambiguity of Languages, with Applications to Fractal Geometry , 1994, ICALP.

[16]  Andy Schürr,et al.  PROGRES , A Visual Language and Environment for PROgramming with Graph REwriting Systems 1 , 1994 .

[17]  Matthias Jarke,et al.  ConceptBase - A Deductive Object Base Manager , 1994 .

[18]  Matthias Jarke,et al.  Exploring the Semantic Structure of Technical Document Collections: A Cooperative Systems Approach , 2000, CoopIS.

[19]  Bernhard Steffen,et al.  Generating Data Flow Analysis Algorithms from Modal Specifications , 1993, Sci. Comput. Program..

[20]  Felix C. Freiling,et al.  Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks , 2005, ESORICS.

[21]  Martin Grohe,et al.  An existential locality theorem , 2004, Ann. Pure Appl. Log..

[22]  Henry N. Adorna 3-Party Message Complexity is Better than 2-Party Ones for Proving Lower Bounds on the Size of Minimal Nondeterministic Finite Automata , 2001, DCFS.

[23]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[24]  Andy Schürr Logic Based Programmed Structure Rewriting Systems , 1996, Fundam. Informaticae.

[25]  Bernhard Steffen,et al.  The Interprocedural Coincidence Theorem , 1992, CC.

[26]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[27]  Thierry Cachat The Power of One-Letter Rational Languages , 2001, Developments in Language Theory.

[28]  Jürgen Giesl,et al.  Deciding Inductive Validity of Equations , 2003, CADE.

[29]  Guido Moerkotte,et al.  Nested Queries in Object Bases , 1993, DBPL.

[30]  Andy Schürr,et al.  Specification of Graph Translators with Triple Graph Grammars , 1994, WG.

[31]  Manfred Nagl,et al.  On Integration Mechanisms within a Graph-based Software Development Environment , 1987, WG.

[32]  Manfred Nagl,et al.  A universal component for the administration in distributed and integrated development environments , 1994 .

[33]  Stefan Gruner Einige Anmerkungen zur graphgrammatischen Spezifikation von Integrationswerkzeugen nach Westfechtel, Janning, Lefering und Schürr , 1998 .

[34]  Rudolf Mathar,et al.  Analyzing routing strategy NFP in multihop packet radio networks on a line , 1995, IEEE Trans. Commun..

[35]  Yongdae Kim,et al.  Revisiting random key pre-distribution schemes for wireless sensor networks , 2004, SASN '04.

[36]  Bernhard Steffen,et al.  Compositional Minimization of Finite State Systems , 1990, CAV.

[37]  Jürgen Giesl,et al.  Innermost Termination of Context-Sensitive Rewriting , 2002, Developments in Language Theory.

[38]  P. Rossmanith,et al.  A New Satisabilit y Algorithm With Applications To Max-Cut , 2005 .

[39]  Thorsten Holz,et al.  A Pointillist Approach for Comparing Honeypots , 2005, DIMVA.

[40]  Werner Damm,et al.  Specifying distributed computer architectures in AADL , 1989, Parallel Comput..

[41]  Andrew Blyth,et al.  Secure coding — principles and practices , 2004 .

[42]  Matthias Jarke,et al.  Simulating the Impact of Information Flows in Networked Organizations , 1996, ICIS.

[43]  Werner Hans,et al.  On the Interaction of Lazy Evaluation and Backtracking , 1992, PLILP.

[44]  Yoshihito Toyama,et al.  4th International Workshop on Reduction Strategies in Rewriting and Programming , 2004 .

[45]  Guido Moerkotte,et al.  Efficient Evaluation of Aggregates on Bulk Types , 1995, DBPL.

[46]  Roland Baumann Client / Server Distribution in a Structure-Oriented Database Management System , 1997 .

[47]  Jürgen Giesl,et al.  Termination of term rewriting using dependency pairs , 2000, Theor. Comput. Sci..

[48]  George Horatiu Botorog High level parallel programming and the efficient implementation of numerical algorithms , 1998 .

[49]  Matthias Jarke,et al.  Sharing Processes: Team Coordination in Design Repositories , 1992, Int. J. Cooperative Inf. Syst..

[50]  RWTHAachen,LehrstuhlfurInformatikII Ahornstrae55,W-5100Aachen,Germany , .

[51]  Felix C. Freiling,et al.  Revisiting Failure Detection and Consensus in Omission Failure Environments , 2005, ICTAC.

[52]  Uwe Naumann,et al.  Tangent-Linear Models by Augmented LL-Parsers , 2006, ICCSA.

[53]  David de Frutos-Escrig,et al.  A Complete Proof System for Timed Observations , 1991, TAPSOFT, Vol.1.

[54]  Stefan Gruner Schemakorrespondenzaxiome unterstützen die paargrammatische Spezifikation inkrementeller Integrationswerkzeuge , 1997 .

[55]  Jürgen Giesl,et al.  Proving and Disproving Termination of Higher-Order Functions , 2005, FroCoS.

[56]  Rance Cleaveland,et al.  The Concurrency Workbench , 1990, Automatic Verification Methods for Finite State Systems.

[57]  Benedikt Bollig,et al.  Message-passing automata are expressively equivalent to EMSO logic , 2006, Theor. Comput. Sci..

[58]  Otto Spaniol,et al.  File transfer in high-speed token ring networks: performance evaluation by approximate analysis and simulation , 1988, IEEE J. Sel. Areas Commun..

[59]  K. Jacobs OSI-an appropriate basis for group communication? , 1989, IEEE International Conference on Communications, World Prosperity Through Communications,.

[60]  Bernhard Steffen,et al.  Model Checking for Context-Free Processes , 1992, CONCUR.

[61]  Franz Josef Och,et al.  Statistical machine translation: from single word models to alignment templates , 2002 .

[62]  Bernhard Steffen,et al.  Characteristic Formulae for Processes with Divergence , 1994, Inf. Comput..

[63]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[64]  Kai Jakobs,et al.  Timer Handling in High-Performance Transport Systems , 1993, Integrated Broadband Communications.

[65]  Guido Moerkotte,et al.  Query Optimization Techniques Exploiting Class Hierarchies , 1995 .

[66]  Thomas Wilke,et al.  CTL+ is Exponentially more Succinct than CTL , 1999, FSTTCS.

[67]  Rance Cleaveland,et al.  The concurrency workbench: a semantics-based tool for the verification of concurrent systems , 1993, TOPL.

[68]  Jürgen Giesl,et al.  Transformation techniques for context-sensitive rewrite systems , 2004, J. Funct. Program..

[69]  Christof Löding,et al.  Solving the Sabotage Game Is PSPACE-Hard , 2003, MFCS.

[70]  Bernhard Steffen,et al.  Pushdown Processes: Parallel Composition and Model Checking , 1994, CONCUR.

[71]  John Viega,et al.  Secure programming cookbook for C and C , 2003 .

[72]  Wolfgang Thomas,et al.  AMORE: A System for Computing Automata, MOnoids, and Regular Expressions , 1989, STACS.

[73]  Stefan Richter,et al.  A Faster Algorithm for the Steiner Tree Problem , 2006, STACS.

[74]  Manfred A. Jeusfeld,et al.  Query Optimization in Deductive Object Bases , 1991, Query Processing for Advanced Database Systems, Dagstuhl.

[75]  Victor Ok Li PERFORMANCE MODELS OF DISTRIBUTED DATABASES. , 1981 .

[76]  Ludwig Staiger,et al.  Finite Acceptance of Infinite Words , 1997, Theor. Comput. Sci..

[77]  Bernhard Steffen,et al.  An Elementary Bisimulation Decision Procedure for Arbitrary Context-Free Processes , 1995, MFCS.

[78]  Michael Portz,et al.  A New Class of Cryptosystems Based on Interconnection Networks , 1991 .

[79]  Werner Hans,et al.  A Complete Indexing Scheme for WAM-based Abstract Machines , 1992, PLILP.

[80]  Holger Peine Rules of thumb for secure software engineering , 2005, ICSE.

[81]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[82]  Harald Vogt,et al.  Intrusion Detection and Failure Recovery in Sensor Nodes , 2005, GI Jahrestagung.

[83]  Elaine Shi,et al.  Designing secure sensor networks , 2004, IEEE Wireless Communications.

[84]  Markus Mohnen Interfaces with default implementations in Java , 2002, PPPJ/IRE.

[85]  Matthias Jarke,et al.  Intelligent Networks as a Data Intensive Application (INDIA) , 1994, ADB.

[86]  Manfred A. Jeusfeld,et al.  An Executable Meta Model for Re-Engineering of Database Schemas , 1994, ER.

[87]  Berthold Vöcking,et al.  Adaptive routing with stale information , 2005, PODC '05.

[88]  Markus Mohnen,et al.  An open framework for data-flow analysis in Java: extended abstract , 2002, PPPJ/IRE.

[89]  Marcin Jurdzinski,et al.  A Discrete Strategy Improvement Algorithm for Solving Parity Games , 2000, CAV.

[90]  Bruce Christianson,et al.  Proceedings of the 5th International Workshop on Security Protocols , 1996 .

[91]  Fundamenta Informaticae,et al.  The Sigma-Semantics : A Comprehensive Semantics for Functional Programs , .

[92]  Andy Schürr PROGRESS: A VHL-Language Based on Graph Grammars , 1990, Graph-Grammars and Their Application to Computer Science.

[93]  Rudolf Mathar,et al.  Analyzing a distributed slot assignment protocol by Markov chains , 1992, [1992 Proceedings] Vehicular Technology Society 42nd VTS Conference - Frontiers of Technology.

[94]  Matthias Jarke,et al.  Incremental Maintenance of Externally Materialized Views , 1996, VLDB.

[95]  Peter Klein Designing Software with Modula–3 , 2007 .

[96]  Matthias Jarke,et al.  Business process oriented information management: conceptual models at work , 1995, COCS '95.

[97]  Benedikt Bollig,et al.  Local Parallel Model Checking for the Alternation-Free µ-Calculus , 2002, SPIN.

[98]  Matthias Nicola,et al.  Design and Evaluation of Wireless Health Care Information Systems in Developing Countries , 1998 .

[99]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[100]  Christian Prehofer,et al.  Higher-order narrowing with definitional trees , 1999, Journal of Functional Programming.

[101]  J. J. Ruzz,et al.  A VHDL Speci cation of a Shared Memory Parallel Machine for Babel , 1998 .

[102]  J. Klop,et al.  WST ’ 04 7 th International Workshop on Termination , 2004 .

[103]  Andy Schürr,et al.  Computing with Graphs and Graph Rewriting , 1999 .

[104]  Stackbased ReductionGuido Hogen,et al.  Parallel Functional Implementations: Graphbased vs. Stackbased Reduction , 1995 .

[105]  M. O. Berger,et al.  k-coloring vertices using a neural network with convergence to valid solutions , 1994, Proceedings of 1994 IEEE International Conference on Neural Networks (ICNN'94).

[106]  Gottfried Vossen,et al.  SUXESS: Towards a Sound Unification of Extensions of the Relational Data Model , 1991, Data Knowl. Eng..

[107]  Matthias Jarke,et al.  Workflow support for failure management in federated organizations , 1998, Proceedings of the Thirty-First Hawaii International Conference on System Sciences.

[108]  Matthias Jarke,et al.  Three Aspects of Intelligent Cooperation in the Quality Cycle , 1993, Int. J. Cooperative Inf. Syst..

[109]  Rita Loogen,et al.  Dynamic Detection of Determinism in Functional Languages , 1991, Theor. Comput. Sci..

[110]  Markus Mohnen,et al.  Optimising the memory management of higher order functional programs , 1997 .

[111]  Alexandre Tessier Declarative Debugging in Constraint Logic Programming , 1996, ASIAN.

[112]  Andy Schürr,et al.  Introduction to PROGRESS, an Attribute Graph Grammar Based Specification Language , 1990, WG.

[113]  Felix C. Freiling,et al.  An offensive approach to teaching information security : 'Aachen summer school applied IT security , 2005 .

[114]  Ludwig Staiger,et al.  On Syntactic Congruences for Omega-Languages , 1993, Theor. Comput. Sci..

[115]  Kenneth R. van Wyk,et al.  Secure Coding: Principles and Practices , 2003 .

[116]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[117]  S. Gruner Fine-grained and Structure-Oriented Document Integration Tools are Needed for Development Processes , 2007 .

[118]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[119]  U. Naumann Syntax-Directed Derivative Code (Part II: Intraprocedural Adjoint Code) , 2005 .

[120]  Patrick Shicheng Chen,et al.  On Inference Rules of Logic-Based Information Retrieval Systems , 1994, Inf. Process. Manag..

[121]  Berthold Vöcking,et al.  A Counterexample to the Fully Mixed Nash Equilibrium Conjecture , 2005 .

[122]  Stefan Kahrs Polymorphic Type Checking by Interpretation of Code , 1992 .

[123]  Thomas Noll,et al.  Algebraic Correctness Proofs for Compiling Recursive Function Definitions with Strictness Information , 2006, Acta Informatica.

[124]  C. Lewerentz,et al.  Integrated Project Team Management in a Software Development Environment , 1988 .

[125]  Manfred A. Jeusfeld,et al.  An Executable Meta Model for Re-Engineering of Database Schemas , 1994, Int. J. Cooperative Inf. Syst..

[126]  Werner Hans,et al.  Full Indexing for Lazy Narrowing , 1993 .

[127]  Janis A. Bubenko,et al.  Requirements Engineering: An Integrated View of Representation, Process, and Domain , 1993, ESEC.