Abstract
Node compromise attacks pose a serious threat to wireless sensor networks (WSNs). To launch an attack, an adversary physically captures a node and access data or software stored on the node. Even worse, the adversary may redeploy the captured node back into the network and use it to launch further attacks. To reduce the impact of a node compromise attack on network operations, the network should detect a node compromise as early as possible, ideally soon after a node is being captured, and then isolate the node from future network communications. Solutions for early node compromise detection are based on distributed monitoring of neighboring nodes’ aliveness. Nodes regularly send notification ( Heartbeat ) messages to their one-hop neighbors to indicate their aliveness. If no message is received from a node (i.e., if a node is not heard) for a certain period of time, then the unheard node is said to have been compromised. This approach may have a large number of false positive errors when the message loss ratio in the network is high, as missing messages could be caused by message loss during transmission, in addition to node compromises. This paper proposes a novel scheme, called an adaptive early node compromise detection scheme, to facilitate node compromise attack detection in a cluster-based WSN. The scheme is designed to achieve a low false positive ratio in the presence of various levels of message loss ratios. To achieve this feature, two ideas are used in the design. The first is to use cluster-based collective decision making to detect node compromises. The second is to dynamically adjust the rate of notification message transmissions in response to the message loss ratio in the sender’s neighborhood. The performance of the scheme, in terms of false positive ratio, false negative ratio, and transmission overheads, is evaluated using simulation. The results are compared against those from the most relevant scheme in the literature. The comparison results show that our scheme can detect all the node compromises in the network more effectively and efficiently, regardless of the message loss ratio in the underlying environment.
Highlights
Due to the unattended nature of wireless sensor networks (WSNs), sensor nodes are prone to physical node compromise attacks [1]
Efficiency parameters: – Monitoring overheads (MO): The total number of messages generated in the WSN for monitoring node compromises during a specific period of time. – Compromise reporting and revocation overheads (CRRO): The total number of messages generated in the WSN for reporting and revocation of compromised nodes during a specific period of time
This duration represents the length of time the node is not present in the network, from when the node is captured by the adversary to when the node is redeployed after the compromise. – Node compromise detection duration tddet : This is the time duration within which a cluster should detect the compromise of a CM
Summary
Due to the unattended nature of WSNs, sensor nodes (hereafter referred to as nodes) are prone to physical node compromise attacks [1]. This threshold time represents the minimum length of time required by an adversary to compromise a node before its redeployment This approach may result in detection errors when the message loss ratio (lost messages / transmitted messages) in the network is high, as missing messages could be caused by message loss during transmission (due to transmission errors or collisions in the wireless channel), in addition to VOLUME 4, 2016. We hypothesise that, by setting the notification message transmission rate dynamically in response to the message loss ratio in the underlying environment, we may be able to balance this trade-off, i.e., to achieve a low false positive ratio in node compromise detection with as few notification messages as possible. The rest of the paper is structured as follows: related work is discussed in Section II; Section III discusses the properties of AdaptENCD; Section IV presents design preliminaries; the AdaptENCD scheme is described in Section V; Section VI analyses and evaluates the scheme; Section VII suggests measures to further reduce transmission overheads; Section VIII concludes the paper
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
