A Quantitative Model for Dynamic Security Analysis of Wireless Sensor Networks

Abstract

The main purpose of wireless sensor networks (WSNs) is to gather physical data from a target region and make them available for interested users. However, the unique characteristics of sensor nodes (e.g., limited resources, deployment in open areas) make them vulnerable to physical attacks. Once a node is physically captured by an adversary, it can be modified to perform malicious activities to corrupt the gathered sensor data of the WSN. Although intrusion detection system (IDS) can be deployed to raise alerts when malicious nodes are detected, the alerts usually do not provide any insights on the criticality of the attack or on how sensor data from other nodes may be affected. This paper introduces the dynamic security measure (DSM), a security metric model that enables an online quantitative security analysis of sensor nodes and data provided to users. In particular, DSM combines information about the communication pattern of nodes with IDS alerts received, in real-time, to estimate the probability that data messages from each node have not been compromised by ongoing attacks. Experimental results show that DSM can accurately estimate security level with low performance overhead and power consumption.