The Experts below are selected from a list of 3645 Experts worldwide ranked by ideXlab platform
Sajal K. Das - One of the best experts on this subject based on the ideXlab platform.
-
ZoneTrust: Fast Zone-Based Node Compromise Detection and Revocation in Wireless Sensor Networks Using Sequential Hypothesis Testing
IEEE Transactions on Dependable and Secure Computing, 2012Co-Authors: Jun Won Ho, Matthew Wright, Sajal K. DasAbstract:Due to the unattended nature of wireless sensor networks, an adversary can physically capture and Compromise sensor Nodes and then mount a variety of attacks with the Compromised Nodes. To minimize the damage incurred by the Compromised Nodes, the system should detect and revoke them as soon as possible. To meet this need, researchers have recently proposed a variety of Node Compromise detection schemes in wireless ad hoc and sensor networks. For example, reputation-based trust management schemes identify malicious Nodes but do not revoke them due to the risk of false positives. Similarly, software-attestation schemes detect the subverted software modules of Compromised Nodes. However, they require each sensor Node to be attested periodically, thus incurring substantial overhead. To mitigate the limitations of the existing schemes, we propose a zone-based Node Compromise detection and revocation scheme in wireless sensor networks. The main idea behind our scheme is to use sequential hypothesis testing to detect suspect regions in which Compromised Nodes are likely placed. In these suspect regions, the network operator performs software attestation against sensor Nodes, leading to the detection and revocation of the Compromised Nodes. Through quantitative analysis and simulation experiments, we show that the proposed scheme detects the Compromised Nodes with a small number of samples while reducing false positive and negative rates, even if a substantial fraction of the Nodes in the zone are Compromised. Additionally, we model the detection problem using a game theoretic analysis, derive the optimal strategies for the attacker and the defender, and show that the attacker's gain from Node Compromise is greatly limited by the defender when both the attacker and the defender follow their optimal strategies.
-
Node Compromise Detection in Wireless Sensor Networks
Handbook on Securing Cyber-Physical Critical Infrastructure, 2012Co-Authors: Sajal K. DasAbstract:Wireless sensor networks are known to be vulnerable to various attacks that could impair normal operations. This is mainly due to the fact that sensor Nodes are often deployed in an unattended manner, and thus an adversary is able to physically capture and Compromise them, launching a variety of attacks with the help of Compromised Nodes. To reduce the damages, it is imperative to root out the Compromised Nodes. To this need, this chapter deals with a framework for robust detection and revocation of Node Compromise in wireless sensor networks. In the framework, we consider the limited and wide-spread Node Compromise attacks. In the limited attack, an attacker physically captures a few Nodes and Compromises them. He can also move the Compromised Nodes to multiple locations to escape the detection. To combat against the limited Node Compromise attacks, we propose static and mobile Node Compromise detection schemes in static sensor networks. More specifically, we perform trust management per region and quickly detect the suspected regions. We then perform software attestations against the Nodes in the suspected regions, leading to the detection and revocation of the Compromised Nodes. However, if an adversary moves the Compromised Nodes to multiple locations in the network, he can make the Compromised Nodes evade the region-based detection scheme. To mitigate this limitation, we detect mobile malicious Nodes by leveraging the intuition that such Nodes are silent for unusually many time periods when they freely roam throughout the network. In the wide-spread attack, on the other hand, an attacker can generate wide-spread impact by producing many replica Nodes of a few Compromised Nodes and widely disseminate them over the network, thereby saving the time and effort incurred by physically capturing and compromising many benign Nodes. To fight against the wide-spread attacks, we propose replica detection schemes in both static and mobile sensor networks. In particular, we detect static replica Nodes by exploiting the fact that static replica Nodes are placed in more than one location. We also quickly detect mobile replicas because they are in two or more locations at once and thus appear to move much faster than benign Nodes, leading them to exceed the predefined maximum speed with most likelihood.We evaluate each of the proposed schemes that achieve high Node Compromise detection capability with little or moderate overhead while rarely misidentifying benign Nodes as the Compromised Nodes.
-
A synopsis on Node Compromise detection in wireless sensor networks using sequential analysis (Invited Review Article)
Computer Communications, 2011Co-Authors: Sajal K. DasAbstract:By exploiting the unattended nature of the wireless sensor networks, an attacker can physically capture and Compromise sensor Nodes and then launch a variety of attacks. He can additionally create many replicas of a few Compromised Nodes and spread these replicas over the network, thus launching further attacks with their help. In order to minimize the damage incurred by Compromised and replicated Nodes, it is very important to detect such malicious Nodes as quickly as possible. In this review article, we synthesize our previous works on Node Compromise detection in sensor networks while providing the extended analysis in terms of performance comparison to the related work. More specifically, we use the methodology of the sequential analysis to detect static and mobile Compromised Nodes, as well as mobile replicated Nodes in sensor networks. With the help of analytical and simulation results, we also demonstrate that our schemes provide robust and efficient Node Compromise detection capability.
-
A framework for robust detection and prevention of wide-spread Node Compromise in wireless sensor networks
2010Co-Authors: Sajal K. Das, Matthew WrightAbstract:Wireless sensor networks are known to be vulnerable to a variety of attacks that could undermine normal sensor network operations. Many schemes have been developed to defend the wireless sensor networks against various attacks. Most of them focus on making the network and service protocols be attack-resilient rather than rooting out the source of attacks. Although the attack-resiliency approach mitigates the threats on sensor network protocols, it requires substantial time and effort for continuously enhancing the robustness of the protocols in line with the emergence of new types of attacks. Accordingly, if we are able to detect and remove the sources of attacks as soon as possible, we could save the large amount of time and effort incurred from employing the attack-resiliency approach. In wireless sensor networks, the principle sources of various attacks are Compromised Nodes. Specifically, since sensor Nodes are deployed in an unattended manner, an adversary can physically capture and Compromise sensor Nodes, and mount a variety of attacks with the Compromised Nodes. He can also move the Compromised Nodes to multiple locations to evade the detection. Moreover, he can create wide-spread influence by generating many replica Nodes of a few Compromised Nodes or propagating malicious worm into the network. Our works are designed for rooting out the sources of possible threats by quickly detecting and removing Compromised Nodes and preventing wide-spread Node Compromise through replica Node and worm propagation attacks. To meet this challenge, we propose a framework for robust detection and revocation of wide-spread Node Compromise in wireless sensor networks. In the framework, we first propose a reputation-based trust management scheme to facilitate static Node Compromise detection, and then propose a distributed detection scheme to achieve fast mobile Node Compromise detection, and finally propose replica Node detection and worm propagation detection schemes to prevent wide-spread Node Compromise. Specifically, the framework is composed of five components. In the first component, we quickly detect the suspected regions in which Compromised Nodes are likely placed and perform software attestation against the Nodes in the suspected regions, leading to the detection and revocation of the Compromised Nodes. However, if the attacker moves the Compromised Nodes to multiple locations in the network, such as by employing simple robotic platforms or moving the Nodes by hand, he can evade the detection scheme in the first component. To resolve this limitation, we propose the second component in which we quickly detect these mobile malicious Nodes that are silent for unusually many time periods—such Nodes are likely to be moving—and block them from communicating in fully distributed manner. To reduce the time and effort incurred from directly compromising many benign Nodes, attacker may launch replica Node attacks in which he generates many replica Nodes of a few Compromised Nodes and widely spread them over the network. To thwart wide-spread Node Compromise by replica Node attacks, we propose two complementary schemes for replica detection as the third and fourth components. In the third component, we detect static replica Nodes by leveraging the intuition that static replica Nodes are placed in more than one location. In the fourth component, we quickly detect mobile replicas by leveraging the intuition that mobile replicas are in two or more locations at once and thus appear to move much faster than benign Nodes, leading to highly likely exceed the predefined maximum speed. However, the attacker needs to prepare as many sensor Nodes as the number of replicas that he wants to generate in replica Node attacks. Thus, the attack costs will increase in proportion to the number of deployed replicas. To reduce these costs, the attacker may attempt to widely spread Node Compromise by capturing a few Nodes and having the captured Nodes propagate malicious worm through the network, leading to the fast Compromise of many benign Nodes. To fight against this type of attack, we propose the fifth component in which we quickly detect worm propagation in fully distributed fashion by leveraging the intuition that a worm’s communication pattern is different from benign traffic. Through analysis and experimental study, we show that these components achieve robust and effective detection and revocation capability of Node Compromise, replica Node, worm propagation with reasonable overhead.
-
zonetrust fast zone based Node Compromise detection and revocation in sensor networks using sequential analysis
Symposium on Reliable Distributed Systems, 2009Co-Authors: Matthew Wright, Sajal K. DasAbstract:Due to the unattended nature of wireless sensor networks, an adversary can physically capture and Compromise sensor Nodes and then mount a variety of attacks with these Compromised Nodes. To minimize the damage incurred by Compromised Nodes, the system should detect and revoke them as soon as possible. To meet this need, we propose a zone-based Node Compromise detection and revocation scheme in sensor networks. The main idea of the proposed scheme is to use the sequential hypothesis testing to detect suspect regions in which Compromised Nodes are likely placed. In these suspect regions, the network operator performs software attestation against sensor Nodes, leading to the detection and revocation of the Compromised Nodes. Through analysis and simulation, we show that the proposed scheme provides effective and robust Node Compromise detection and revocation capability with little overhead.
Guohong Cao - One of the best experts on this subject based on the ideXlab platform.
-
Distributed Self-healing Mechanisms for Securing Sensor Networks
2010Co-Authors: Sencun Zhu, Guohong Cao, Peng LiuAbstract:Abstract : The specific goal of this proposal is to design and implement efficient self-healing mechanisms that allow a sensor network to recover from Node Compromises by itself. To achieve this goal, this proposal describes a self-healing framework that consists of three sequential phases: Node Compromise detection, Node revocation and network reconfiguration, and focuses on designing efficient schemes for each of these phases. It proposes to identify suspicious sensor Nodes through time synchronization protocols and location changes of sensor Nodes, respectively, in addition to other sources of discovering suspicious Nodes. It then investigates techniques to attest the authenticity of the code running in the suspected Nodes to check if the suspected Nodes are really Compromised. Two key updating schemes, one for group key updating and the other for pairwise key updating, are proposed to invalidate the security keys possessed by the Nodes that have been identified as Compromised.
-
distributed software based attestation for Node Compromise detection in sensor networks
Symposium on Reliable Distributed Systems, 2007Co-Authors: Yi Yang, Sencun Zhu, Xinran Wang, Guohong CaoAbstract:Sensors that operate in an unattended, harsh or hostile environment are vulnerable to Compromises because their low costs preclude the use of expensive tamper-resistant hardware. Thus, an adversary may reprogram them with malicious code to launch various insider attacks. Based on verifying the genuineness of the running program, we propose two distributed software-based attestation schemes that are well tailored for sensor networks. These schemes are based on a pseudorandom noise generation mechanism and a lightweight block-based pseudorandom memory traversal algorithm. Each Node is loaded with pseudorandom noise in its empty program memory before deployment, and later on multiple neighbors of a suspicious Node collaborate to verify the integrity of the code running on this Node in a distributed manner. Our analysis and simulation show that these schemes achieve high detection rate even when multiple Compromised neighbors collude in an attestation process.
-
SRDS - Distributed Software-based Attestation for Node Compromise Detection in Sensor Networks
2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007), 2007Co-Authors: Yi Yang, Sencun Zhu, Xinran Wang, Guohong CaoAbstract:Sensors that operate in an unattended, harsh or hostile environment are vulnerable to Compromises because their low costs preclude the use of expensive tamper-resistant hardware. Thus, an adversary may reprogram them with malicious code to launch various insider attacks. Based on verifying the genuineness of the running program, we propose two distributed software-based attestation schemes that are well tailored for sensor networks. These schemes are based on a pseudorandom noise generation mechanism and a lightweight block-based pseudorandom memory traversal algorithm. Each Node is loaded with pseudorandom noise in its empty program memory before deployment, and later on multiple neighbors of a suspicious Node collaborate to verify the integrity of the code running on this Node in a distributed manner. Our analysis and simulation show that these schemes achieve high detection rate even when multiple Compromised neighbors collude in an attestation process.
-
sensor Node Compromise detection the location perspective
International Conference on Wireless Communications and Mobile Computing, 2007Co-Authors: Hui Song, Liang Xie, Sencun Zhu, Guohong CaoAbstract:Node Compromise is a serious security threat that hinders the successful deployment of large-scale wireless sensor networks. A Node Compromise often consists of three stages: physically obtaining and compromising the sensors, redeploying the Compromised sensors, and Compromised Nodes launching attacks after their rejoining the network. By far, all the proposed Compromise detection schemes address this problem at the third stage. In this paper, we make the first attempt to detect Node Compromise at the second stage. Our motivation is that for some applications an attacker may not be able to precisely deploy the Compromised sensors back into their original positions. Thus, the detection of location change will become an indication of a potential Node Compromise. We name this Node redeployment detection problem. We propose two approaches to detect Node redeployment, based on the change of Node neighborship and the change of measured distances between Nodes, respectively. Our simulation study shows that both schemes can detect Node redeployment effectively (with low false positive rate and high detection rate).
-
IWCMC - Sensor Node Compromise detection: the location perspective
Proceedings of the 2007 international conference on Wireless communications and mobile computing - IWCMC '07, 2007Co-Authors: Hui Song, Liang Xie, Sencun Zhu, Guohong CaoAbstract:Node Compromise is a serious security threat that hinders the successful deployment of large-scale wireless sensor networks. A Node Compromise often consists of three stages: physically obtaining and compromising the sensors, redeploying the Compromised sensors, and Compromised Nodes launching attacks after their rejoining the network. By far, all the proposed Compromise detection schemes address this problem at the third stage. In this paper, we make the first attempt to detect Node Compromise at the second stage. Our motivation is that for some applications an attacker may not be able to precisely deploy the Compromised sensors back into their original positions. Thus, the detection of location change will become an indication of a potential Node Compromise. We name this Node redeployment detection problem. We propose two approaches to detect Node redeployment, based on the change of Node neighborship and the change of measured distances between Nodes, respectively. Our simulation study shows that both schemes can detect Node redeployment effectively (with low false positive rate and high detection rate).
Matthew Wright - One of the best experts on this subject based on the ideXlab platform.
-
ZoneTrust: Fast Zone-Based Node Compromise Detection and Revocation in Wireless Sensor Networks Using Sequential Hypothesis Testing
IEEE Transactions on Dependable and Secure Computing, 2012Co-Authors: Jun Won Ho, Matthew Wright, Sajal K. DasAbstract:Due to the unattended nature of wireless sensor networks, an adversary can physically capture and Compromise sensor Nodes and then mount a variety of attacks with the Compromised Nodes. To minimize the damage incurred by the Compromised Nodes, the system should detect and revoke them as soon as possible. To meet this need, researchers have recently proposed a variety of Node Compromise detection schemes in wireless ad hoc and sensor networks. For example, reputation-based trust management schemes identify malicious Nodes but do not revoke them due to the risk of false positives. Similarly, software-attestation schemes detect the subverted software modules of Compromised Nodes. However, they require each sensor Node to be attested periodically, thus incurring substantial overhead. To mitigate the limitations of the existing schemes, we propose a zone-based Node Compromise detection and revocation scheme in wireless sensor networks. The main idea behind our scheme is to use sequential hypothesis testing to detect suspect regions in which Compromised Nodes are likely placed. In these suspect regions, the network operator performs software attestation against sensor Nodes, leading to the detection and revocation of the Compromised Nodes. Through quantitative analysis and simulation experiments, we show that the proposed scheme detects the Compromised Nodes with a small number of samples while reducing false positive and negative rates, even if a substantial fraction of the Nodes in the zone are Compromised. Additionally, we model the detection problem using a game theoretic analysis, derive the optimal strategies for the attacker and the defender, and show that the attacker's gain from Node Compromise is greatly limited by the defender when both the attacker and the defender follow their optimal strategies.
-
A framework for robust detection and prevention of wide-spread Node Compromise in wireless sensor networks
2010Co-Authors: Sajal K. Das, Matthew WrightAbstract:Wireless sensor networks are known to be vulnerable to a variety of attacks that could undermine normal sensor network operations. Many schemes have been developed to defend the wireless sensor networks against various attacks. Most of them focus on making the network and service protocols be attack-resilient rather than rooting out the source of attacks. Although the attack-resiliency approach mitigates the threats on sensor network protocols, it requires substantial time and effort for continuously enhancing the robustness of the protocols in line with the emergence of new types of attacks. Accordingly, if we are able to detect and remove the sources of attacks as soon as possible, we could save the large amount of time and effort incurred from employing the attack-resiliency approach. In wireless sensor networks, the principle sources of various attacks are Compromised Nodes. Specifically, since sensor Nodes are deployed in an unattended manner, an adversary can physically capture and Compromise sensor Nodes, and mount a variety of attacks with the Compromised Nodes. He can also move the Compromised Nodes to multiple locations to evade the detection. Moreover, he can create wide-spread influence by generating many replica Nodes of a few Compromised Nodes or propagating malicious worm into the network. Our works are designed for rooting out the sources of possible threats by quickly detecting and removing Compromised Nodes and preventing wide-spread Node Compromise through replica Node and worm propagation attacks. To meet this challenge, we propose a framework for robust detection and revocation of wide-spread Node Compromise in wireless sensor networks. In the framework, we first propose a reputation-based trust management scheme to facilitate static Node Compromise detection, and then propose a distributed detection scheme to achieve fast mobile Node Compromise detection, and finally propose replica Node detection and worm propagation detection schemes to prevent wide-spread Node Compromise. Specifically, the framework is composed of five components. In the first component, we quickly detect the suspected regions in which Compromised Nodes are likely placed and perform software attestation against the Nodes in the suspected regions, leading to the detection and revocation of the Compromised Nodes. However, if the attacker moves the Compromised Nodes to multiple locations in the network, such as by employing simple robotic platforms or moving the Nodes by hand, he can evade the detection scheme in the first component. To resolve this limitation, we propose the second component in which we quickly detect these mobile malicious Nodes that are silent for unusually many time periods—such Nodes are likely to be moving—and block them from communicating in fully distributed manner. To reduce the time and effort incurred from directly compromising many benign Nodes, attacker may launch replica Node attacks in which he generates many replica Nodes of a few Compromised Nodes and widely spread them over the network. To thwart wide-spread Node Compromise by replica Node attacks, we propose two complementary schemes for replica detection as the third and fourth components. In the third component, we detect static replica Nodes by leveraging the intuition that static replica Nodes are placed in more than one location. In the fourth component, we quickly detect mobile replicas by leveraging the intuition that mobile replicas are in two or more locations at once and thus appear to move much faster than benign Nodes, leading to highly likely exceed the predefined maximum speed. However, the attacker needs to prepare as many sensor Nodes as the number of replicas that he wants to generate in replica Node attacks. Thus, the attack costs will increase in proportion to the number of deployed replicas. To reduce these costs, the attacker may attempt to widely spread Node Compromise by capturing a few Nodes and having the captured Nodes propagate malicious worm through the network, leading to the fast Compromise of many benign Nodes. To fight against this type of attack, we propose the fifth component in which we quickly detect worm propagation in fully distributed fashion by leveraging the intuition that a worm’s communication pattern is different from benign traffic. Through analysis and experimental study, we show that these components achieve robust and effective detection and revocation capability of Node Compromise, replica Node, worm propagation with reasonable overhead.
-
zonetrust fast zone based Node Compromise detection and revocation in sensor networks using sequential analysis
Symposium on Reliable Distributed Systems, 2009Co-Authors: Matthew Wright, Sajal K. DasAbstract:Due to the unattended nature of wireless sensor networks, an adversary can physically capture and Compromise sensor Nodes and then mount a variety of attacks with these Compromised Nodes. To minimize the damage incurred by Compromised Nodes, the system should detect and revoke them as soon as possible. To meet this need, we propose a zone-based Node Compromise detection and revocation scheme in sensor networks. The main idea of the proposed scheme is to use the sequential hypothesis testing to detect suspect regions in which Compromised Nodes are likely placed. In these suspect regions, the network operator performs software attestation against sensor Nodes, leading to the detection and revocation of the Compromised Nodes. Through analysis and simulation, we show that the proposed scheme provides effective and robust Node Compromise detection and revocation capability with little overhead.
-
SRDS - ZoneTrust: Fast Zone-Based Node Compromise Detection and Revocation in Sensor Networks Using Sequential Analysis
2009 28th IEEE International Symposium on Reliable Distributed Systems, 2009Co-Authors: Matthew Wright, Sajal K. DasAbstract:Due to the unattended nature of wireless sensor networks, an adversary can physically capture and Compromise sensor Nodes and then mount a variety of attacks with these Compromised Nodes. To minimize the damage incurred by Compromised Nodes, the system should detect and revoke them as soon as possible. To meet this need, we propose a zone-based Node Compromise detection and revocation scheme in sensor networks. The main idea of the proposed scheme is to use the sequential hypothesis testing to detect suspect regions in which Compromised Nodes are likely placed. In these suspect regions, the network operator performs software attestation against sensor Nodes, leading to the detection and revocation of the Compromised Nodes. Through analysis and simulation, we show that the proposed scheme provides effective and robust Node Compromise detection and revocation capability with little overhead.
Sencun Zhu - One of the best experts on this subject based on the ideXlab platform.
-
Distributed Self-healing Mechanisms for Securing Sensor Networks
2010Co-Authors: Sencun Zhu, Guohong Cao, Peng LiuAbstract:Abstract : The specific goal of this proposal is to design and implement efficient self-healing mechanisms that allow a sensor network to recover from Node Compromises by itself. To achieve this goal, this proposal describes a self-healing framework that consists of three sequential phases: Node Compromise detection, Node revocation and network reconfiguration, and focuses on designing efficient schemes for each of these phases. It proposes to identify suspicious sensor Nodes through time synchronization protocols and location changes of sensor Nodes, respectively, in addition to other sources of discovering suspicious Nodes. It then investigates techniques to attest the authenticity of the code running in the suspected Nodes to check if the suspected Nodes are really Compromised. Two key updating schemes, one for group key updating and the other for pairwise key updating, are proposed to invalidate the security keys possessed by the Nodes that have been identified as Compromised.
-
distributed software based attestation for Node Compromise detection in sensor networks
Symposium on Reliable Distributed Systems, 2007Co-Authors: Yi Yang, Sencun Zhu, Xinran Wang, Guohong CaoAbstract:Sensors that operate in an unattended, harsh or hostile environment are vulnerable to Compromises because their low costs preclude the use of expensive tamper-resistant hardware. Thus, an adversary may reprogram them with malicious code to launch various insider attacks. Based on verifying the genuineness of the running program, we propose two distributed software-based attestation schemes that are well tailored for sensor networks. These schemes are based on a pseudorandom noise generation mechanism and a lightweight block-based pseudorandom memory traversal algorithm. Each Node is loaded with pseudorandom noise in its empty program memory before deployment, and later on multiple neighbors of a suspicious Node collaborate to verify the integrity of the code running on this Node in a distributed manner. Our analysis and simulation show that these schemes achieve high detection rate even when multiple Compromised neighbors collude in an attestation process.
-
SRDS - Distributed Software-based Attestation for Node Compromise Detection in Sensor Networks
2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007), 2007Co-Authors: Yi Yang, Sencun Zhu, Xinran Wang, Guohong CaoAbstract:Sensors that operate in an unattended, harsh or hostile environment are vulnerable to Compromises because their low costs preclude the use of expensive tamper-resistant hardware. Thus, an adversary may reprogram them with malicious code to launch various insider attacks. Based on verifying the genuineness of the running program, we propose two distributed software-based attestation schemes that are well tailored for sensor networks. These schemes are based on a pseudorandom noise generation mechanism and a lightweight block-based pseudorandom memory traversal algorithm. Each Node is loaded with pseudorandom noise in its empty program memory before deployment, and later on multiple neighbors of a suspicious Node collaborate to verify the integrity of the code running on this Node in a distributed manner. Our analysis and simulation show that these schemes achieve high detection rate even when multiple Compromised neighbors collude in an attestation process.
-
sensor Node Compromise detection the location perspective
International Conference on Wireless Communications and Mobile Computing, 2007Co-Authors: Hui Song, Liang Xie, Sencun Zhu, Guohong CaoAbstract:Node Compromise is a serious security threat that hinders the successful deployment of large-scale wireless sensor networks. A Node Compromise often consists of three stages: physically obtaining and compromising the sensors, redeploying the Compromised sensors, and Compromised Nodes launching attacks after their rejoining the network. By far, all the proposed Compromise detection schemes address this problem at the third stage. In this paper, we make the first attempt to detect Node Compromise at the second stage. Our motivation is that for some applications an attacker may not be able to precisely deploy the Compromised sensors back into their original positions. Thus, the detection of location change will become an indication of a potential Node Compromise. We name this Node redeployment detection problem. We propose two approaches to detect Node redeployment, based on the change of Node neighborship and the change of measured distances between Nodes, respectively. Our simulation study shows that both schemes can detect Node redeployment effectively (with low false positive rate and high detection rate).
-
IWCMC - Sensor Node Compromise detection: the location perspective
Proceedings of the 2007 international conference on Wireless communications and mobile computing - IWCMC '07, 2007Co-Authors: Hui Song, Liang Xie, Sencun Zhu, Guohong CaoAbstract:Node Compromise is a serious security threat that hinders the successful deployment of large-scale wireless sensor networks. A Node Compromise often consists of three stages: physically obtaining and compromising the sensors, redeploying the Compromised sensors, and Compromised Nodes launching attacks after their rejoining the network. By far, all the proposed Compromise detection schemes address this problem at the third stage. In this paper, we make the first attempt to detect Node Compromise at the second stage. Our motivation is that for some applications an attacker may not be able to precisely deploy the Compromised sensors back into their original positions. Thus, the detection of location change will become an indication of a potential Node Compromise. We name this Node redeployment detection problem. We propose two approaches to detect Node redeployment, based on the change of Node neighborship and the change of measured distances between Nodes, respectively. Our simulation study shows that both schemes can detect Node redeployment effectively (with low false positive rate and high detection rate).
Li Xiao - One of the best experts on this subject based on the ideXlab platform.
-
Sensor Node source privacy and packet recovery under eavesdropping and Node Compromise attacks
ACM Transactions on Sensor Networks, 2013Co-Authors: Kanthakumar Pongaliur, Li XiaoAbstract:Securing a sensor network poses a variety of problems. Of those, an important one is of providing privacy to the event-detecting sensor Node and integrity to the data gathered by the Node. Compromised source privacy can inadvertently leak event location. Safeguarding the privacy of the source Node is important, as sensor networks hold critical roles in military application, tracking endangered species, etc. Existing techniques in sensor networks use either random walk path or generate fake event packets to make it hard for an adversary to trace back to the source, since encryption alone may not help prevent a traffic analysis attack. In this work, without using traditional overhead-intensive methods, we present a scheme for hiding source information using cryptographic techniques incurring lower overhead. The packet is modified en route by dynamically selected Nodes to make it difficult for a malicious entity to trace back the packet to a source Node and also to prevent packet spoofing. This is important because the adversary model considers a super-local eavesdropper having the ability to Compromise sensor Nodes. Additionally, we provide a method for the base station to recover corrupted packets and identify the location of the Compromised Node. We analyze the ability of our proposed scheme to withstand different attacks and demonstrate its efficiency in terms of overhead and functionality when compared to existing work.
-
maintaining source privacy under eavesdropping and Node Compromise attacks
International Conference on Computer Communications, 2011Co-Authors: Kanthakumar Pongaliur, Li XiaoAbstract:In a sensor network, an important problem is to provide privacy to the event detecting sensor Node and integrity to the data gathered by the Node. Compromised source privacy can inadvertently leak event location. Existing techniques use either random walk path or generate fake event packets to make it hard for the adversary to traceback to the source, since encryption alone may not help prevent a traffic analysis attack. In this work, without using the traditional overhead intensive methods, we present a scheme to hide source information using cryptographic techniques incurring lower overhead. The packet is modified en route by dynamically selected Nodes to make it difficult for a malicious entity to traceback the packet to a source Node and also prevent packet spoofing. This is important because the adversary model considers a super-local eavesdropper having the ability to Compromise sensor Nodes. We analyze the ability of our proposed scheme to withstand different attacks and demonstrate its efficiency in terms of overhead and functionality when compared to existing work.
-
INFOCOM - Maintaining source privacy under eavesdropping and Node Compromise attacks
2011 Proceedings IEEE INFOCOM, 2011Co-Authors: Kanthakumar Pongaliur, Li XiaoAbstract:In a sensor network, an important problem is to provide privacy to the event detecting sensor Node and integrity to the data gathered by the Node. Compromised source privacy can inadvertently leak event location. Existing techniques use either random walk path or generate fake event packets to make it hard for the adversary to traceback to the source, since encryption alone may not help prevent a traffic analysis attack. In this work, without using the traditional overhead intensive methods, we present a scheme to hide source information using cryptographic techniques incurring lower overhead. The packet is modified en route by dynamically selected Nodes to make it difficult for a malicious entity to traceback the packet to a source Node and also prevent packet spoofing. This is important because the adversary model considers a super-local eavesdropper having the ability to Compromise sensor Nodes. We analyze the ability of our proposed scheme to withstand different attacks and demonstrate its efficiency in terms of overhead and functionality when compared to existing work.
