In-network data aggregation is favorable for wireless sensor networks (WSNs): It allows in-network data processing while reducing the network traffic and hence saving the sensors energy. However, due to the distributed and unattended nature of WSNs, several attacks aiming at compromising the authenticity of the collected data could be perpetrated. For example, an adversary could capture a node to create clones of the captured one. These clones disseminated through the network could provide malicious data to the aggregating node, thus poisoning/disrupting the aggregation process. In this paper we address the problem of detecting cloned nodes; a requirement to be fulfilled to provide authenticity of the data fusion process. First, we analyze the desirable properties a distributed clone detection protocol should meet. Specifically: It should avoid having a single point of failure; the load should be totally distributed across the nodes in the network; the position of the clones in the network should not influence the detection probability. We then show that current solutions do not meet the exposed requirements. Next, we propose the Information Fusion Based Clone Detection Protocol (ICD). ICD is a probabilistic, completely distributed protocol that efficiently detects clones. ICD combines two cryptographic mechanisms: The pseudo-random key pre-distribution, usually employed to secure node pairwise communications, with a sparing use of asymmetric crypto primitives. We show that ICD matches all the requirements above mentioned and compare its performance with current solutions in the literature; experimental results show that ICD has better performance than existing solutions for all the cost parameters considered: Number of messages sent, per sensor storage requirement, and signature verification. These savings allow to increase the network operating lifetime. Finally, note that ICD protocol could be used as an independent layer by any data aggregation mechanism.
Read full abstract