Sybil attack detection in a hierarchical sensor network

The Sybil attack is a particularly harmful threat to sensor networks where a single sensor node illegitimately claims multiple identities. A malicious node may generate an arbitrary number of additional node identities using only one physical device. The Sybil attack can disrupt normal functioning of the sensor network, such as the multipath routing, used to explore the multiple disjoint paths between source-destination pairs. But the Sybil attack can disrupt it when a single adversary presents multiple identities, which appear on the multiple paths. Digital certificates are a way to prove identities, but they are not suitable for the sensor network because of the large computational overheads. Researchers have proposed a light-weight identity certificate method to defeat Sybil attacks, but it is not suitable for a large scale sensor network because of the huge memory usage required at each node. In this paper, we propose a light-weight Sybil attack detection method based on a hierarchical architecture in sensor networks. The proposed method can be used in a large scale sensor network, and it only uses the symmetric cryptography avoiding the use of the public key cryptography. Simulation results show that the proposed method only needs a small memory (below 140 KB) for each node (even in a large scale sensor network). In addition, the energy consumption by new identity generations within each group is low (below 60 mJ), which is much lower than the available energy at each sensor node.

[1]  Min Qin,et al.  An energy-efficient voting-based clustering algorithm for sensor networks , 2005, Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Network.

[2]  Tohru Kikuno,et al.  A routing protocol for finding two node-disjoint paths in computer networks , 1995, Proceedings of International Conference on Network Protocols.

[3]  Vijay Kumar,et al.  Robot and sensor networks for first responders , 2004, IEEE Pervasive Computing.

[4]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[5]  Sanjay Kumar Madria,et al.  A secure hierarchical model for sensor network , 2004, SGMD.

[6]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[7]  Sanjay Kumar Madria,et al.  SecRout: a secure routing protocol for sensor networks , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[8]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[9]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[10]  Budhaditya Deb,et al.  A topology discovery algorithm for sensor networks with applications to network management , 2001 .

[11]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[12]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[13]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[14]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[15]  Antonio Alfredo Ferreira Loureiro,et al.  LHA-SP: secure protocols for hierarchical wireless sensor networks , 2005, 2005 9th IFIP/IEEE International Symposium on Integrated Network Management, 2005. IM 2005..

[16]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[17]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[18]  Sandeep K. S. Gupta,et al.  Role-based hierarchical self organization for wireless ad hoc sensor networks , 2003, WSNA '03.

[19]  Peng Ning,et al.  Defending against Sybil attacks in sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[20]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[21]  Shivakant Mishra,et al.  Security support for in-network processing in Wireless Sensor Networks , 2003, SASN '03.

[22]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[23]  Min Qin,et al.  An Energy-Efficient Voting-Based Clustering Algorithm for Sensor Networks , 2005, SNPD.

[24]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.