|
Abstract:
|
Wireless sensor networks are known to be vulnerable to a variety ofattacks that could undermine normal sensor network operations . Manyschemes have been developed to defend the wireless sensor networksagainst various attacks . Most of them focus on making the networkand service protocols be attack -resilient rather than rooting outthe source of attacks . Although the attack -resiliency approachmitigates the threats on sensor network protocols , it requiressubstantial time and effort for continuously enhancing therobustness of the protocols in line with the emergence of newtypes of attacks . Accordingly , if we are able to detect and removethe sources of attacks as soon as possible , we could save the largeamount of time and effort incurred from employing theattack -resiliency approach . In wireless sensor networks , theprinciple sources of various attacks are compromised nodes .Specifically , since sensor nodes are deployed in an unattendedmanner , an adversary can physically capture and compromise sensornodes , and mount a variety of attacks with the compromised nodes . He canalso move the compromised nodes to multiple locations to evade the detection .Moreover , he can create wide -spread influence by generating manyreplica nodes of a few compromised nodes or propagating maliciousworm into the network . Our works are designed for rooting outthe sources of possible threats by quickly detecting and removingcompromised nodes and preventing wide -spread node compromise throughreplica node and worm propagation attacks .To meet this challenge , we propose a framework for robust detectionand revocation of wide -spread node compromise in wireless sensornetworks . In the framework , we first propose a reputation -based trustmanagement scheme to facilitate static node compromise detection , and then propose a distributed detection scheme to achieve fast mobile node compromise detection , and finally propose replica node detection and worm propagation detectionschemes to prevent wide -spread node compromise .Specifically , the framework is composed of five components . In thefirst component , we quickly detect the suspected regions in whichcompromised nodes are likely placed and perform software attestationagainst the nodes in the suspected regions , leading to the detectionand revocation of the compromised nodes . However , ifthe attacker moves the compromised nodes to multiple locations in thenetwork , such as by employing simple robotic platforms or moving thenodes by hand , he can evade the detection scheme in the first component . To resolve this limitation , we propose the second component in which we quickly detect these mobile malicious nodes that are silent forunusually many time periods - - -such nodes are likely to be moving - - -andblock them from communicating in fully distributed manner . To reduce the time and effort incurred from directly compromising many benign nodes ,attacker may launch replica node attacks in which he generates manyreplica nodes of a few compromised nodes and widely spread them overthe network . To thwart wide -spread node compromise by replica nodeattacks , we propose two complementary schemes for replica detectionas the third and fourth components . In the third component , wedetect static replica nodes by leveraging theintuition that static replica nodes are placed in more than one location .In the fourth component , we quickly detect mobile replicas byleveraging the intuition that mobile replicas are in two or morelocations at once and thus appear to move much faster than benignnodes , leading to highly likely exceed the predefined maximum speed .However , the attacker needs to prepare as many sensor nodes as thenumber of replicas that he wants to generate in replica nodeattacks . Thus , the attack costs will increase in proportion to thenumber of deployed replicas . To reduce these costs , the attacker mayattempt to widely spread node compromise by capturing a few nodesand having the captured nodes propagate malicious worm through thenetwork , leading to the fast compromise of many benign nodes . To fight against this type of attack , we propose the fifth component in which we quickly detect worm propagation in fully distributed fashion by leveraging the intuition that a worm's communication pattern is different from benign traffic .Through analysis and experimental study , we show that thesecomponents achieve robust and effective detection and revocationcapability of node compromise , replica node , worm propagation with reasonableoverhead . |