Intrusion-resilient integrity in data-centric unattended WSNs

Unattended Wireless Sensor Networks (UWSNs) operate in autonomous or disconnected mode: sensed data is collected periodically by an itinerant sink. Between successive sink visits, sensor-collected data is subject to some unique vulnerabilities. In particular, while the network is unattended, a mobile adversary (capable of subverting up to a fraction of sensors at a time) can migrate between compromised sets of sensors and inject fraudulent data. In this paper, we provide two collaborative authentication techniques that allow an UWSN to maintain integrity and authenticity of sensor data-in the presence of a mobile adversary-until the next sink visit. Proposed schemes use simple, standard, and inexpensive symmetric cryptographic primitives, coupled with key evolution and few message exchanges. We study their security and effectiveness, both analytically and via simulations. We also assess their robustness and show how to achieve the desired trade-off between performance and security.

[1]  Claudio Soriente,et al.  POSH: Proactive co-Operative Self-Healing in Unattended Wireless Sensor Networks , 2008, 2008 Symposium on Reliable Distributed Systems.

[2]  Sencun Zhu,et al.  Least privilege and privilege deprivation: towards tolerating mobile sink compromises in wireless sensor networks , 2005, MobiHoc '05.

[3]  Gene Tsudik,et al.  DISH: Distributed Self-Healing , 2008, SSS.

[4]  Gene Tsudik,et al.  DISH: Distributed Self-Healing in Unattended Sensor Networks , 2008, IACR Cryptol. ePrint Arch..

[5]  William A. Arbaugh,et al.  Toward resilient security in wireless sensor networks , 2005, MobiHoc '05.

[6]  Sencun Zhu,et al.  pDCS: Security and Privacy Support for Data-Centric Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[7]  Donggang Liu,et al.  Efficient and distributed access control for sensor networks , 2007, Wirel. Networks.

[8]  Shouhuai Xu,et al.  Strong Key-Insulated Signature Schemes , 2003, Public Key Cryptography.

[9]  Gene Tsudik,et al.  Extended Abstract: Forward-Secure Sequential Aggregate Authentication , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[10]  Sushil Jajodia,et al.  Interleaved hop-by-hop authentication against false data injection attacks in sensor networks , 2007, TOSN.

[11]  Wade Trappe,et al.  An authentication framework for hierarchical ad hoc sensor networks , 2003, WiSe '03.

[12]  Sushil Jajodia,et al.  Practical broadcast authentication in sensor networks , 2005, The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

[13]  A. Varga,et al.  Using the OMNeT++ discrete event simulation system in education , 1999 .

[14]  Mark A. Shayman,et al.  Energy Efficient Routing in Wireless Sensor Networks , 2003 .

[15]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[16]  Matthew K. Franklin,et al.  A Generic Construction for Intrusion-Resilient Public-Key Encryption , 2004, CT-RSA.

[17]  Guohong Cao,et al.  Group rekeying for filtering false data in sensor networks: a predistribution and local collaboration-based approach , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[18]  Shouhuai Xu,et al.  Key-Insulated Public Key Cryptosystems , 2002, EUROCRYPT.

[19]  Gene Itkis,et al.  SiBIR: Signer-Base Intrusion-Resilient Signatures , 2002, CRYPTO.

[20]  Vipul Gupta,et al.  Energy analysis of public-key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[22]  Peng Ning,et al.  Hash-Based Sequential Aggregate and Forward Secure Signature for Unattended Wireless Sensor Networks , 2009, 2009 6th Annual International Mobile and Ubiquitous Systems: Networking & Services, MobiQuitous.

[23]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2004, IEEE INFOCOM 2004.

[24]  Claudio Soriente,et al.  Catch Me (If You Can): Data Survival in Unattended Sensor Networks , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[25]  Jun Yang,et al.  The interleaved authentication for filtering false reports in multipath routing based sensor networks , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[26]  A. Varga,et al.  THE OMNET++ DISCRETE EVENT SIMULATION SYSTEM , 2003 .

[27]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[28]  JAMAL N. AL-KARAKI,et al.  Routing techniques in wireless sensor networks: a survey , 2004, IEEE Wireless Communications.

[29]  Yee Wei Law,et al.  Survey and benchmark of block ciphers for wireless sensor networks , 2006, TOSN.

[30]  Claudio Soriente,et al.  Data Security in Unattended Wireless Sensor Networks , 2009, IEEE Transactions on Computers.

[31]  Chinya V. Ravishankar,et al.  Supporting Secure Communication and Data Collection in Mobile Sensor Networks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[32]  Rajashekhar C. Biradar,et al.  A survey on routing protocols in Wireless Sensor Networks , 2012, 2012 18th IEEE International Conference on Networks (ICON).

[33]  Claudio Soriente,et al.  Collaborative authentication in unattended WSNs , 2009, WiSec '09.

[34]  Claudio Soriente,et al.  New adversary and new threats: security in unattended sensor networks , 2009, IEEE Network.

[35]  Claudio Soriente,et al.  Playing hide-and-seek with a focused mobile adversary in unattended wireless sensor networks , 2009, Ad Hoc Networks.

[36]  Panagiotis Papadimitratos,et al.  GossiCrypt: Wireless Sensor Network Data Confidentiality Against Parasitic Adversaries , 2008, 2008 5th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.