An Adaptive Early Node Compromise Detection Scheme for Hierarchical WSNs

Node compromise attacks pose a serious threat to wireless sensor networks (WSNs). To launch an attack, an adversary physically captures a node and access data or software stored on the node. Even worse, the adversary may redeploy the captured node back into the network and use it to launch further attacks. To reduce the impact of a node compromise attack on network operations, the network should detect a node compromise as early as possible, ideally soon after a node is being captured, and then isolate the node from future network communications. Solutions for early node compromise detection are based on distributed monitoring of neighboring nodes' aliveness. Nodes regularly send notification (Heartbeat) messages to their one-hop neighbors to indicate their aliveness. If no message is received from a node (i.e., if a node is not heard) for a certain period of time, then the unheard node is said to have been compromised. This approach may have a large number of false positive errors when the message loss ratio in the network is high, as missing messages could be caused by message loss during transmission, in addition to node compromises. This paper proposes a novel scheme, called an adaptive early node compromise detection scheme, to facilitate node compromise attack detection in a cluster-based WSN. The scheme is designed to achieve a low false positive ratio in the presence of various levels of message loss ratios. To achieve this feature, two ideas are used in the design. The first is to use cluster-based collective decision making to detect node compromises. The second is to dynamically adjust the rate of notification message transmissions in response to the message loss ratio in the sender's neighborhood. The performance of the scheme, in terms of false positive ratio, false negative ratio, and transmission overheads, is evaluated using simulation. The results are compared against those from the most relevant scheme in the literature. The comparison results show that our scheme can detect all the node compromises in the network more effectively and efficiently, regardless of the message loss ratio in the underlying environment.

[1]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[2]  Dimitrios Makrakis,et al.  Distributed Compromised Nodes Detection Scheme at First Stage for SurvSec Security Architecture , 2012 .

[3]  Yizhong Ma,et al.  The intrusion detection method based on game theory in wireless sensor network , 2008, 2008 First IEEE International Conference on Ubi-Media Computing.

[4]  Ying Yang Time Synchronization in Wireless Sensor Networks:A Survey , 2012 .

[5]  Xiaodong Lin,et al.  CAT: Building Couples to Early Detect Node Compromise Attack in Wireless Sensor Networks , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[6]  F. Freiling,et al.  Towards Intrusion Detection in Wireless Sensor Networks , 2007 .

[7]  Kang G. Shin,et al.  Soft tamper-proofing via program integrity verification in wireless sensor networks , 2005, IEEE Transactions on Mobile Computing.

[8]  Richard Han,et al.  Node Compromise in Sensor Networks: The Need for Secure Systems ; CU-CS-990-05 , 2005 .

[9]  Ing-Ray Chen,et al.  A survey of intrusion detection in wireless network applications , 2014, Comput. Commun..

[10]  Zinaida Benenson,et al.  Tampering with Motes: Real-World Physical Attacks on Wireless Sensor Networks , 2006, SPC.

[11]  Sumanth Yenduri,et al.  Distributed first stage detection for node capture , 2010, 2010 IEEE Globecom Workshops.

[12]  L. V. Doorn,et al.  SCUBA: Secure Code Update By Attestation in sensor networks , 2006, WiSe '06.

[13]  Levente Buttyán,et al.  Private cluster head election in wireless sensor networks , 2009, 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems.

[14]  A. Varga,et al.  THE OMNET++ DISCRETE EVENT SIMULATION SYSTEM , 2003 .

[15]  Haiguang Chen,et al.  Task-based Trust Management for Wireless Sensor Networks , 2009 .

[16]  William H. Sanders,et al.  Cluster-based failure detection service for large-scale ad hoc wireless network applications , 2004, International Conference on Dependable Systems and Networks, 2004.

[17]  Marimuthu Palaniswami,et al.  Elliptical anomalies in wireless sensor networks , 2009, TOSN.

[18]  Xing Zhang,et al.  EDDK: Energy-Efficient Distributed Deterministic Key Management for Wireless Sensor Networks , 2011, EURASIP J. Wirel. Commun. Netw..

[19]  Hossein Pedram,et al.  A DDoS-Aware IDS Model Based on Danger Theory and Mobile Agents , 2009, 2009 International Conference on Computational Intelligence and Security.

[20]  P. Venkata Krishna,et al.  Energy efficient learning solution for intrusion detection in Wireless Sensor Networks , 2010, 2010 Second International Conference on COMmunication Systems and NETworks (COMSNETS 2010).

[21]  Kang G. Shin,et al.  Distributed Authentication of Program Integrity Verification in Wireless Sensor Networks , 2006, SecureComm.

[22]  Sencun Zhu,et al.  Sensor node compromise detection: the location perspective , 2007, IWCMC.

[23]  Azzedine Boukerche,et al.  Trust-based security for wireless ad hoc and sensor networks , 2007, Comput. Commun..

[24]  Adrian Perrig,et al.  SAKE: Software attestation for key establishment in sensor networks , 2008, Ad Hoc Networks.

[25]  Ramesh Govindan,et al.  Understanding packet delivery performance in dense wireless sensor networks , 2003, SenSys '03.

[26]  Antonio Alfredo Ferreira Loureiro,et al.  Decentralized intrusion detection in wireless sensor networks , 2005, Q2SWinet '05.

[27]  Jonathan Timmis,et al.  Bio-inspired Error Detection for Complex Systems , 2011, 2011 IEEE 17th Pacific Rim International Symposium on Dependable Computing.

[28]  Yongdae Kim,et al.  Remote Software-Based Attestation for Wireless Sensors , 2005, ESAS.

[29]  Philip Levis,et al.  Understanding the causes of packet delivery success and failure in dense wireless sensor networks , 2006, SenSys '06.

[30]  Mani B. Srivastava,et al.  Reputation-based framework for high integrity sensor networks , 2008, TOSN.

[31]  Zhenghong Xiao,et al.  An Anomaly Detection Scheme Based on Machine Learning for WSN , 2009, 2009 First International Conference on Information Science and Engineering.

[32]  Vasos Vassiliou,et al.  An Intrusion Detection System for Wireless Sensor Networks , 2017, 2017 24th International Conference on Telecommunications (ICT).

[33]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[34]  Hyunsoo Yoon,et al.  Trust Management for Resilient Wireless Sensor Networks , 2005, ICISC.

[35]  G. Padmavathi,et al.  A Survey of Attacks, Security Mechanisms and Challenges in Wireless Sensor Networks , 2009, ArXiv.

[36]  Sencun Zhu,et al.  Distributed Software-based Attestation for Node Compromise Detection in Sensor Networks , 2007, 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007).