Heterogeneous networking: a new survivability paradigm
Proceedings of the 2001 workshop on New security paradigms
Computer Algorithms: C++
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
On achieving software diversity for improved network security using distributed coloring algorithms
Proceedings of the 11th ACM conference on Computer and communications security
MNP: Multihop Network Reprogramming Service for Sensor Networks
ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
Malware resistant networking using system diversity
Proceedings of the 6th conference on Information technology education
A Key Predistribution Scheme for Sensor Networks Using Deployment Knowledge
IEEE Transactions on Dependable and Secure Computing
Design space and analysis of worm defense strategies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
SDAP: a secure hop-by-Hop data aggregation protocol for sensor networks
Proceedings of the 7th ACM international symposium on Mobile ad hoc networking and computing
Diversify sensor nodes to improve resilience against node compromise
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks
Thresholds for virus spread on networks
valuetools '06 Proceedings of the 1st international conference on Performance evaluation methodolgies and tools
Harbor: software-based memory protection for sensor nodes
Proceedings of the 6th international conference on Information processing in sensor networks
SigFree: a signature-free buffer overflow attack blocker
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Towards self-propagate mal-packets in sensor networks
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Self-healing control flow protection in sensor applications
Proceedings of the second ACM conference on Wireless network security
Optimal monitoring in multi-channel multi-radio wireless mesh networks
Proceedings of the tenth ACM international symposium on Mobile ad hoc networking and computing
Efficient code diversification for network reprogramming in sensor networks
Proceedings of the third ACM conference on Wireless network security
Building a dark piconet upon bluetooth interfaces of computers
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
SWORDS: improving sensor networks immunity under worm attacks
WAIM'10 Proceedings of the 11th international conference on Web-age information management
| Hi-index | 0.00 |
Because of cost and resource constraints, sensor nodes do not have a complicated hardware architecture or operating system to protect program safety. Hence, the notorious buffer-overflow vulnerability that has caused numerous Internet worm attacks could also be exploited to attack sensor networks. We call the malicious code that exploits a buffer-overflow vulnerability in a sensor program sensor worm. Clearly, sensor worm will be a serious threat, if not the most dangerous one, when an attacker could simply send a single packet to compromise the entire sensor network. Despite its importance, so far little work has been focused on sensor worms. In this work, we first illustrate the feasibility of launching sensor worms through real experiments on Mica2 motes. Inspired by the survivability through heterogeneity philosophy, we then explore the technique of software diversity to combat sensor worms. Given a limited number of software versions, we design an efficient algorithm to assign the appropriate version of software to each sensor, so that sensor worms are restrained from propagation. We also examine the impact of sensor node deployment errors on worm propagation, which directs the selection of our system parameters based on percolation theory. Finally, extensive analytical and simulation results confirm the effectiveness of our scheme in containing sensor worms.