Secure communications in sensor networks
by Pirretti, Matthew G., Ph.D., THE PENNSYLVANIA STATE UNIVERSITY, 2007, 103 pages; 3266183

Abstract:

Sensor networks hold the promise to accomplish missions in hostile environments that are not feasible to accomplish with any other system architecture. Consisting of hundreds to thousands of expendable computing nodes, a sensor network is capable of tolerating the loss of a significant portion of its nodes. The requirement of expendable sensor nodes necessitates usage of low cost hardware. Consequently, applications with security requirements must be carefully designed in order to circumvent the heavy performance requirements associated with traditional security techniques.

In this work, we consider the design and performance of distributed sensor network algorithms that are designed to tolerate insider attacks, wherein individual nodes are compromised. When used in conjunction with cryptographic techniques specifically crafted for low capability hardware, we find that sensor networks can be designed to a high level of robustness against attack, despite limited security of individual sensor nodes. In this work we present three such algorithms: secure localization, use of secure clusterhead election to prevent energy attacks, and detection of cloned nodes.

Localization is the process by which sensor nodes determine their physical location in the network based on receipt of position information from beacon nodes. Existing localization approaches are characterized by a lack of any security mechanisms or an inability to tolerate the compromise of beacon nodes. We address these shortcomings with our Secure Localization with Attack Tolerance (SLAT) protocol. In SLAT message authentication is used to prevent maliciously forged beacon messages, while localization is designed to tolerate compromised beacons nodes. The degree to which a compromised beacon node can adversely effect nonbeacon node location estimates is inversely proportional to the deviation from its actual distance. Through simulation, we have found that even large numbers of malicious beacon nodes have minimal effect. For instance, we show that compromising 40 out of 200 nodes only increases average localization error from 3 meters to 5 meters.

The ability of sensor nodes to enter a low power sleep mode is very useful for extending network longevity. We show how adversary nodes can exploit clustering algorithms to ensure their selection as cluster heads for the purpose of launching attacks that prevent victim nodes from sleeping. We present two such attacks: the barrage attack and the sleep deprivation attack. The barrage attack bombards victim nodes with legitimate requests, whereas the sleep deprivation attack makes requests of victim nodes only as often as is necessary to keep the victims awake. We show that while the barrage attack causes its victims to spend slightly more energy, it is more easily detected and requires more effort on behalf of the attacker. Thus we have focused our research on the sleep deprivation attack. Our analysis indicates that this attack can nullify any energy savings obtained by allowing sensor nodes to enter sleep mode. We also analyze three separate methods for mitigating this attack: the random vote scheme, the round robin scheme, and the hash-based scheme. We have evaluated these schemes based upon their ability to reduce the adversary's attack, the amount of time required to select a cluster head, and the amount of energy required to perform each scheme. We have found that of the three clustering methods analyzed, the hash-based scheme is the best at mitigating the sleep deprivation attack.

Efficient key management in sensor networks is a major research issue. Random key predistribution security schemes are well-suited for use in sensor networks due to their low overhead. However, the security of a network using predistributed keys can be compromised by cloning attacks. In this attack an adversary breaks into a sensor node, reprograms it, and inserts several copies of it into the sensor network. Cloning gives the adversary an easy way to build an army of malicious nodes which can be used to cripple the sensor network. We provide two methods for detecting the presence of cloning given the network is utilizing a random key predistribution scheme. The first technique is a proof of concept which we have used to illustrate that the distribution of keys can be used to detect the presence of cloning. This method is based Receiver Operator Characteristic (ROC) graphs, which are a general purpose methodology used to evaluate detection schemes. The second technique is a detection algorithm, based upon hypothesis testing, which a sensor network could utilize to determine the presence of cloning. We have shown that our hypothesis testing method is an accurate and robust mechanism to detect the presence of clones.
 
Advisor
SchoolTHE PENNSYLVANIA STATE UNIVERSITY
SourceDAI/B 68-05, p. , Sep 2007
Source TypeDissertation
SubjectsComputer science
Publication Number3266183
Adobe PDF Access the complete dissertation:
 

» Find an electronic copy at your library.
  Use the link below to access a full citation record of this graduate work:
  http://gateway.proquest.com/openurl%3furl_ver=Z39.88-2004%26res_dat=xri:pqdiss%26rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation%26rft_dat=xri:pqdiss:3266183
  If your library subscribes to the ProQuest Dissertations & Theses (PQDT) database, you may be entitled to a free electronic version of this graduate work. If not, you will have the option to purchase one, and access a 24 page preview for free (if available).

About ProQuest Dissertations & Theses
With over 2.3 million records, the ProQuest Dissertations & Theses (PQDT) database is the most comprehensive collection of dissertations and theses in the world. It is the database of record for graduate research.

The database includes citations of graduate works ranging from the first U.S. dissertation, accepted in 1861, to those accepted as recently as last semester. Of the 2.3 million graduate works included in the database, ProQuest offers more than 1.9 million in full text formats. Of those, over 860,000 are available in PDF format. More than 60,000 dissertations and theses are added to the database each year.

If you have questions, please feel free to visit the ProQuest Web site - http://www.proquest.com - or call ProQuest Hotline Customer Support at 1-800-521-3042.