Quantifying Node Security in Wireless Sensor Networks under Worm Attacks

The peculiar characteristics of wireless sensor networks (WSNs) make them vulnerable to physical attacks. Once a sensor node is physically captured by an adversary, it can be modified not only to perform malicious activities to disrupt network operation but also to propagate malicious worms to infect other nodes. In the face of such a threatening scenario, the system administrator needs to be aware of which nodes may have been compromised, so that appropriate countermeasures can be taken in a timely fashion. This paper presents the Sensor Security Status (S3), a security metric model for estimating in an online manner the probability that a sensor node has been infected, based on both the interaction among nodes and the alerts from the intrusion detection system (IDS). Simulation results show that S3 can accurately estimate node security level with low performance overhead and power consumption.

[1]  Insup Lee,et al.  Quantifying eavesdropping vulnerability in sensor networks , 2005, DMSN '05.

[2]  David E. Culler,et al.  Telos: enabling ultra-low power wireless research , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[3]  Adam Dunkels,et al.  Powertrace: Network-level Power Profiling for Low-power Wireless Networks , 2011 .

[4]  Neeli R. Prasad,et al.  Self-propagating worms in wireless sensor networks , 2009, Co-Next Student Workshop '09.

[5]  Siarhei Kuryla,et al.  RPL: IPv6 Routing Protocol for Low power and Lossy Networks , 2010 .

[6]  William H. Sanders,et al.  Seclius: An Information Flow-Based, Consequence-Centric Security Metric , 2015, IEEE Transactions on Parallel and Distributed Systems.

[7]  Adam Dunkels,et al.  Cross-Level Sensor Network Simulation with COOJA , 2006, Proceedings. 2006 31st IEEE Conference on Local Computer Networks.

[8]  Adam Dunkels,et al.  Contiki - a lightweight and flexible operating system for tiny networked sensors , 2004, 29th Annual IEEE International Conference on Local Computer Networks.

[9]  Marcella Lazar,et al.  A security metric for the evaluation of collaborative intrusion detection systems in wireless sensor networks , 2017, 2017 IEEE International Conference on Communications (ICC).

[10]  Hayder Radha,et al.  A topologically-aware worm propagation model for wireless sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[11]  A. Raftery,et al.  How Many Iterations in the Gibbs Sampler , 1991 .

[12]  Raimir Holanda Filho,et al.  Sensor Data Security Level Estimation Scheme for Wireless Sensor Networks , 2015, Sensors.

[13]  Claude Castelluccia,et al.  Code injection attacks on harvard-architecture devices , 2008, CCS.

[14]  Thiemo Voigt,et al.  SVELTE: Real-time intrusion detection in the Internet of Things , 2013, Ad Hoc Networks.

[15]  Jun-Won Ho Distributed Software-Attestation Defense against Sensor Worm Propagation , 2015, J. Sensors.

[16]  G. Casella,et al.  Explaining the Gibbs Sampler , 1992 .

[17]  Sajal K. Das,et al.  Deployment-aware modeling of node compromise spread in wireless sensor networks using epidemic theory , 2009, TOSN.

[18]  Sushil Jajodia,et al.  A weakest-adversary security metric for network configuration security analysis , 2006, QoP '06.

[19]  Wanlei Zhou,et al.  On the Race of Worms and Patches: Modeling the Spread of Information in Wireless Sensor Networks , 2016, IEEE Transactions on Information Forensics and Security.

[20]  Sushil Jajodia,et al.  Measuring the Overall Security of Network Configurations Using Attack Graphs , 2007, DBSec.

[21]  Weisong Shi,et al.  Wireless Sensor Network Security: A Survey , 2006 .