Limiting DoS attacks during multihop data delivery in wireless sensor networks

Denial of Service (DoS) attacks can be easily launched in Wireless Sensor Networks (WSNs). Due to their resource constraints, namely limited energy, memory and bandwidth, WSNs are especially vulnerable to DoS attacks. This paper addresses a particular class of DoS attacks that overwhelm resources along a multihop data delivery path. Since WSNs are typically tree-structured, then a DoS attack on a path will be especially effective in denying routing service to an entire branch of sensor nodes, not just the nodes along the path. This paper proposes a solution using one-way hash chains to protect end-to-end multihop communications in WSNs against such Path-based DoS (PDoS) attacks. The proposed solution is lightweight, tolerates bursty packet losses and can easily be implemented in modern WSNs. This paper reports on performance measured from a prototype implementation.

[1]  Yaron Sella On The Computation-Storage Trade-Offs of Hash Chain Traversal , 2003, Financial Cryptography.

[2]  Donggang Liu,et al.  Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks , 2002, NDSS.

[3]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[4]  Shivakant Mishra,et al.  INSENS: Intrusion-Tolerant Routing in Wireless Sensor Networks , 2002 .

[5]  Markus Jakobsson,et al.  Almost Optimal Hash Sequence Traversal , 2002, Financial Cryptography.

[6]  Yaping Li,et al.  ARRIVE: Algorithm for Robust Routing in Volatile Environments , 2003 .

[7]  Sang Hyuk Son,et al.  JAM: a jammed-area mapping service for sensor networks , 2003, RTSS 2003. 24th IEEE Real-Time Systems Symposium, 2003.

[8]  Ramesh Govindan,et al.  Understanding packet delivery performance in dense wireless sensor networks , 2003, SenSys '03.

[9]  Songwu Lu,et al.  GRAdient Broadcast: A Robust Data Delivery Protocol for Large Scale Sensor Networks , 2005, Wirel. Networks.

[10]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[11]  Songwu Lu,et al.  A Robust Data Delivery Protocol for Large Scale Sensor Networks , 2003, IPSN.

[12]  Markus Jakobsson,et al.  Fractal hash sequence representation and traversal , 2002, Proceedings IEEE International Symposium on Information Theory,.

[13]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[14]  Haiyun Luo,et al.  Statistical En-route Detection and Filtering of Injected False Data in Sensor Networks , 2004, INFOCOM 2004.

[15]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[16]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[17]  David E. Culler,et al.  Taming the underlying challenges of reliable multihop routing in sensor networks , 2003, SenSys '03.

[18]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[19]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[20]  Gang Zhou,et al.  Impact of radio irregularity on wireless sensor networks , 2004, MobiSys '04.

[21]  Dawn Xiaodong Song,et al.  SIA: secure information aggregation in sensor networks , 2003, SenSys '03.

[22]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[23]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[24]  Deborah Estrin,et al.  Highly-resilient, energy-efficient multipath routing in wireless sensor networks , 2001, MOCO.

[25]  Michael Neufeld,et al.  ELF: an efficient log-structured flash file system for micro sensor nodes , 2004, SenSys '04.

[26]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[27]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[28]  Dawn Song,et al.  SIA: Secure information aggregation in sensor networks , 2007, J. Comput. Secur..

[29]  Shivakant Mishra,et al.  A Performance Evaluation of Intrusion-Tolerant Routing in Wireless Sensor Networks , 2003, IPSN.