Detection of denial-of-message attacks on sensor network broadcasts

So far sensor network broadcast protocols assume a trustworthy environment. However in safety and mission-critical sensor networks this assumption may not be valid and some sensor nodes might be adversarial. In these environments, malicious sensor nodes can deprive other nodes from receiving a broadcast message. We call this attack a denial-of-message attack (DoM). In this paper we model and analyze this attack, and present countermeasures. We present SIS, a secure implicit sampling scheme that permits a broadcasting base station to probabilistically detect the failure of nodes to receive its broadcast, even if these failures result from an attacker motivated to induce these failures undetectably. SIS works by eliciting authenticated acknowledgments from a subset of nodes per broadcast, where the subset is unpredictable to the attacker and tunable so as to mitigate acknowledgment implosion on the base station. We use a game-theoretic approach to evaluate this scheme in the face of an optimal attacker that attempts to maximize the number of nodes it denies the broadcast while remaining undetected by the base station, and show that SIS significantly constrains such an attacker even in sensor networks exhibiting high intrinsic loss rates. We also discuss extensions that permit more targeted detection capabilities.

[1]  B. R. Badrinath,et al.  Information assurance in sensor networks , 2003, WSNA '03.

[2]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[3]  Elena Pagani,et al.  Reliable broadcast in mobile multihop packet networks , 1997, MobiCom '97.

[4]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[5]  Chong-Kwon Kim,et al.  Flooding in wireless ad hoc networks , 2001, Comput. Commun..

[6]  Jie Wu,et al.  On reducing broadcast redundancy in ad hoc wireless networks , 2002, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[7]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[8]  Jie Wu,et al.  On Reducing Broadcast Redundancy in Ad Hoc Wireless Networks , 2002, IEEE Trans. Mob. Comput..

[9]  Shivakant Mishra,et al.  A Performance Evaluation of Intrusion-Tolerant Routing in Wireless Sensor Networks , 2003, IPSN.

[10]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[11]  Shivakant Mishra,et al.  INSENS: Intrusion-tolerant routing for wireless sensor networks , 2006, Comput. Commun..

[12]  Ernst W. Biersack,et al.  Scalable feedback for large groups , 1999, TNET.

[13]  Deborah Estrin,et al.  Complex Behavior at Scale: An Experimental Study of Low-Power Wireless Sensor Networks , 2002 .

[14]  Mario Gerla,et al.  EFFICIENT FLOODING IN AD HOC NETWORKS USING ON-DEMAND (PASSIVE) CLUSTER FORMATION , 2003 .

[15]  Michael Luby,et al.  A digital fountain approach to reliable distribution of bulk data , 1998, SIGCOMM '98.

[16]  Mahtab Seddigh,et al.  Dominating Sets and Neighbor Elimination-Based Broadcasting Algorithms in Wireless Networks , 2002, IEEE Trans. Parallel Distributed Syst..

[17]  Jean-Pierre Hubaux,et al.  Minimum-energy broadcast in all-wireless networks: NP-completeness and distribution issues , 2002, MobiCom '02.

[18]  Mario Gerla,et al.  GloMoSim: A Scalable Network Simulation Environment , 2002 .

[19]  Yih-Chun Hu,et al.  Rushing attacks and defense in wireless ad hoc network routing protocols , 2003, WiSe '03.

[20]  David Mazières,et al.  Secure Acknowledgment of Multicast Messages in Open Peer-to-Peer Networks , 2004, IPTPS.

[21]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[22]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[23]  Mario Gerla,et al.  Adaptive Clustering for Mobile Wireless Networks , 1997, IEEE J. Sel. Areas Commun..

[24]  Deborah Estrin,et al.  Highly-resilient, energy-efficient multipath routing in wireless sensor networks , 2001, MOCO.

[25]  Yu-Chee Tseng,et al.  The Broadcast Storm Problem in a Mobile Ad Hoc Network , 1999, Wirel. Networks.

[26]  Donggang Liu,et al.  Location-based pairwise key establishments for static sensor networks , 2003, SASN '03.

[27]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[28]  B. R. Badrinath,et al.  ReInForM: reliable information forwarding using multiple paths in sensor networks , 2003, 28th Annual IEEE International Conference on Local Computer Networks, 2003. LCN '03. Proceedings..

[29]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[30]  Donald F. Towsley,et al.  Multicast session membership size estimation , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[31]  Jessica Staddon,et al.  Efficient tracing of failed nodes in sensor networks , 2002, WSNA '02.