Posts: 820
Threads: 393
Joined: Jul 2010
Wireless sensor networks are susceptible to node replication attacks due to their unattended nature. Existing replicas detection schemes can be further improved in regard of detection probabilities, detection overheads, and the balance of detection overheads among sensor nodes. In this paper, we make the following contributions: first, we point out the unrealistic assumption that the replica node would behave honestly as the benign sensor nodes; thus the existing detection schemes would fail if the replica nodes cheat or collude with the compromised node. Then, we propose a location-binding symmetric key scheme forcing the replica nodes to be inserted only in the vicinity of the compromised node. Later, a detecting scheme is presented to inspect the location claims within the neighborhood. Finally, analysis shows that our scheme helps to detect and defend against replication attacks effectively and efficiently. Extensive simulations are conducted and the results show that the detection overheads are low and evenly distributed among all the sensor nodes.
Previous Section
Next Section
1. Introduction
Wireless sensor networks (WSNs) are generally deployed in the unattended environments for some missions, such as environment monitoring and enemy surveillance. The unattended nature and the lack of tamper-resistant hardware cause wireless sensor networks to be vulnerable to various insider attacks, threatening the operation of WSNs.
Replication attack is one of the insider threats. The attacker captures one or more sensor nodes, tampers with them and obtains the credential materials, such as the identity and keys, then clones some nodes as replica nodes, and surreptitiously inserts these replicas in the network. Subsequently, the attacker may launch a variety of insidious attacks, such as data injection, selecting forwarding, routing loop, or even topology partition. Just as shown in Figure 1, a network was formed by the normal nodes (without frame). The captured and compromised nodes are represented in the solid frame, and replica nodes are represented in the dashed frame.
Figure 1
View larger version:
In this page In a new window
Download to PowerPoint Slide
Figure 1
Replication attacks in wireless sensor network.
Thus, detection of replica nodes becomes one research hotspot in WSN [1]. The first distributed replication detection schemes RM and LSM were proposed by Parno et al. [2]. In RM scheme, nodes broadcast to neighboring nodes the location claim message signed by ID-based public key scheme. Then the neighbors forward such received claim message with a specified probability to randomly selected network nodes, which act as witness. According to the birthday paradox [1], the nodes owning the same ID would select same witness nodes with a big probability. These witness nodes eventually detect replicas successfully. To further increase the detection probability, LSM scheme is also proposed. In this scheme, the nodes in the forwarding path of the claim messages also store and compare the messages. Thus witness line segment is formed from the source to the destination; then the witness line of the same ID will cross at some node with a large probability and the node at the cross point acts as the witness node. Compared with RM scheme, the detection probability is increased at the cost of memory storage. However, LSM scheme has the crowded-center problem because the witness line is prone to cross at the center of network with a big probability.
Previous Section
Next Section
2. Related Work
The existing detection schemes can be classified as centralized approaches and distributed approaches.
2.1. Centralized Detection Approaches
The schemes in [3–6] assume a central base station to conduct the detection. Choi et al. [3] proposed to detect the replica nodes by set. The network is divided into disjoint subregions. A header node is enumerated to report the member list to the base station in each subregion. The reports from all of the header nodes are computed by set. The intersection of two sets is checked; any nonempty intersection implies the existence of the replica sensor node. Brooks et al. [4] proposed a centralized scheme to detect replication attacks by using random key predistribution. Every sensor node should report the usage of its keys. If the usage of some key exceeded the threshold, then the sensor node was identified to be suspicious. Ho et al. [5] presented a SPRT method for replica detection in mobile sensor networks, in which the base station checks whether the speeds of the mobile sensor nodes exceed the threshold. Based on a state-of-the-art signal processing technique, compressed sensing, Yu et al. [6] proposed CSI to detect replication attacks.
2.2. Distributed Detection Approaches
In distributed approaches [2, 7–14], the replication attacks detection is conducted by reporting the location claim messages to randomly chosen witness nodes in the network. Paradoxes of the location claims indicate the detection of replication attacks. To further improve the detection probability, Conti et al. [7] proposed RED scheme, in which a random seed was shared and upgraded in the network. The same random seed and the same pseudorandom function result in the same witness node chosen by replica nodes and the compromised node. But it is difficult to share and upgrade such random seed across the whole network. Zhu et al. [8] proposed another detection scheme by using localized multicast. Ho et al. [9] proposed to take advantage of the group deployment knowledge to further raise detection probability and lower detection overheads. Zhang et al. [10] proposed four detection schemes, B-MEM, BC-MEM, C-MEM, and CC-MEM, to address the cross-over problem and the crowded-center problem in the detection. Li and Gong [11] proposed RDE scheme to utilize the local neighborhood geographic information for replication attacks detection. Zeng et al. [12] proposed two detection schemes, RAWL and TRAWL, to distribute the witness sensor node to the network. Wang and Shi [13] introduced mobile patrollers to detect replica nodes; the result shows this solution is effective and also energy efficient to prolong the lifetime of network. Xing and Cheng [14] proposed two replication detection schemes from both the time domain and the space domain in MANETs (mobile ad hoc networks). The basic idea is to utilize a cryptographic one-way hash function to force the replica sensor nodes to keep on generating paradoxes.
It is assumed by existing schemes that compromised sensor node and the replica node carry out the detection procedures honestly. However, it is not always true; it is more likely that the program code in the compromised sensor node and the replica sensor node has been modified by the attacker for the purpose of escaping from being detected. To make things worse, the replica node may collude with the compromised node, which will lead to the failure of existing detection schemes.
In this work, we seek to detect and defend against the replication attacks with fewer communication, computation, and memory overheads than previous works. We propose a location-binding pairwise key scheme, forcing the attacker to insert the replica nodes to the vicinity of the compromised node. Then, the neighbor sensor nodes around the replica sensor nodes are the first possible witnesses to detect the replication attacks.
The remainder of this paper is organized as follows: the next section illustrates the network model and assumptions; Section 4 proposes our location-binding pairwise key management scheme which is used in our scheme to defend against the replication attacks; Section 5 presents our replicas detection scheme; Section 6 analyzes the security and efficiency of our scheme, and extensive simulations supporting the analytical findings are also shown. Discussion follows in Section 7. Section 8 concludes the proposed scheme.
Previous Section
Next Section
3. Network Model and Assumptions
In this paper, we assume that there are only stationary sensor nodes in the wireless sensor network. We also assume that the communications between the stationary sensor nodes are bi-directional, which is also an assumption of most of previous detection schemes.
Stationary nodes can get their geographic location by using positioning device (e.g., GPS device) or positioning algorithms [15–18]. Also, we assume that all the sensor nodes are loosely time synchronized using time synchronization techniques, such as [19, 20]. Consider
Formula
Prior to network deployment, we assume that a trusted authority (TA) chooses one t-degree bivariate symmetric polynomial in (1) with the coefficients Formula over the finite field Formula, where q is a prime large enough to accommodate the keys. The symmetry of the polynomial assures the equation Formula, which also implies the equation of the coefficients Formula. Also, TA select a cryptographic one-way hash function Formula, which maps arbitrary-length input into fixed-length output. TA preloads every sensor node with the symmetric polynomial Formula and the hash function Formula. Table 1 lists all the relevant symbols and the corresponding meaning.
