Autonomous and distributed node recovery in wireless sensor networks

Intrusion or misbehaviour detection systems are an important and widely accepted security tool in computer and wireless sensor networks. Their aim is to detect misbehaving or faulty nodes in order to take appropriate countermeasures, thus limiting the damage caused by adversaries as well as by hard or software faults. So far, however, once detected, misbehaving nodes have just been isolated from the rest of the sensor network and hence are no longer usable by running applications. In the presence of an adversary or software faults, this proceeding will inevitably lead to an early and complete loss of the whole network.For this reason, we propose to no longer expel misbehaving nodes, but to recover them into normal operation. In this paper, we address this problem and present a formal specification of what is considered a secure and correct node recovery algorithm together with a distributed algorithm that meets these properties. We discuss its requirements on the soft- and hardware of a node and show how they can be fulfilled with current and upcoming technologies. The algorithm is evaluated analytically as well as by means of extensive simulations, and the findings are compared to the outcome of a real implementation for the BTnode sensor platform. The results show that recovering sensor nodes is an expensive, though feasible and worthwhile task. Moreover, the proposed program code update algorithm is not only secure but also fair and robust.

[1]  Robbert van Renesse,et al.  JiST: an efficient approach to simulation using virtual machines: Research Articles , 2005 .

[2]  Paola Inverardi,et al.  Distributed IDSs for enhancing Security in Mobile Wireless Sensor Networks , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[3]  David E. Culler,et al.  Towards Secure Network Programming and Recovery in Wireless Sensor Networks , 2005 .

[4]  Issa M. Khalil,et al.  DICAS: Detection, Diagnosis and Isolation of Control Attacks in Sensor Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[5]  Richard Han,et al.  Node Compromise in Sensor Networks: The Need for Secure Systems ; CU-CS-990-05 , 2005 .

[6]  Wang Ze-shen IDS (Intrusion Detection System)Based on K-Means Algorithm , 2008 .

[7]  Antonio Alfredo Ferreira Loureiro,et al.  Decentralized intrusion detection in wireless sensor networks , 2005, Q2SWinet '05.

[8]  Srivaths Ravi,et al.  Security in embedded systems: Design challenges , 2004, TECS.

[9]  Robbert van Renesse,et al.  JiST: an efficient approach to simulation using virtual machines , 2005, Softw. Pract. Exp..

[10]  Limin Wang,et al.  MNP: Multihop Network Reprogramming Service for Sensor Networks , 2004, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[11]  David E. Culler,et al.  Incremental network programming for wireless sensors , 2004, SECON.

[12]  Jan Beutel,et al.  Poster abstract: BTnodes -- a distributed platform for sensor nodes , 2003, SenSys '03.

[13]  Srivaths Ravi,et al.  Security as a new dimension in embedded system design , 2004, Proceedings. 41st Design Automation Conference, 2004..

[14]  Mingyan Liu,et al.  A distributed monitoring mechanism for wireless sensor networks , 2002, WiSE '02.

[15]  송왕철,et al.  IDS(Intrusion Detection System) , 2000 .

[16]  Elaine Shi,et al.  Designing secure sensor networks , 2004, IEEE Wireless Communications.

[17]  Saurabh Bagchi,et al.  Detection and repair of software errors in hierarchical sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).

[18]  Miles E. Smid,et al.  Security Requirements for Cryptographic Modules | NIST , 1994 .

[19]  Margaret Martonosi,et al.  Impala: a middleware system for managing autonomic, parallel sensor systems , 2003, PPoPP '03.

[20]  Harald Vogt,et al.  Intrusion Detection and Failure Recovery in Sensor Nodes , 2005, GI Jahrestagung.

[21]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[22]  Mani B. Srivastava,et al.  Reputation-based framework for high integrity sensor networks , 2008, TOSN.