Tolerating failures of continuous-valued sensors
ACM Transactions on Computer Systems (TOCS)
Directed diffusion: a scalable and robust communication paradigm for sensor networks
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Mitigating routing misbehavior in mobile ad hoc networks
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
System architecture directions for networked sensors
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
A key-management scheme for distributed sensor networks
Proceedings of the 9th ACM conference on Computer and communications security
Random Key Predistribution Schemes for Sensor Networks
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Establishing pairwise keys in distributed sensor networks
Proceedings of the 10th ACM conference on Computer and communications security
Toward resilient security in wireless sensor networks
Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing
Optimal Selection and Activation of Intrusion Detection Agents for Wireless Sensor Networks
FGCN '07 Proceedings of the Future Generation Communication and Networking - Volume 01
Slander-resistant forwarding isolation in ad hoc networks
International Journal of Mobile Network Design and Innovation
Intrusion Detection in Homogeneous and Heterogeneous Wireless Sensor Networks
IEEE Transactions on Mobile Computing
Intrusion Detection in Wireless Sensor Networks: The S-Model Learning Automata Approach
WIMOB '08 Proceedings of the 2008 IEEE International Conference on Wireless & Mobile Computing, Networking & Communication
A clustered routing protocol with distributed intrusion detection for wireless sensor networks
APWeb/WAIM'07 Proceedings of the joint 9th Asia-Pacific web and 8th international conference on web-age information management conference on Advances in data and web management
On supporting distributed collaboration in sensor networks
MILCOM'03 Proceedings of the 2003 IEEE conference on Military communications - Volume II
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Intrusion detection techniques in mobile ad hoc and wireless sensor networks
IEEE Wireless Communications
An application-specific protocol architecture for wireless microsensor networks
IEEE Transactions on Wireless Communications
Hi-index | 0.00 |
Wireless sensor networks have recently emerged as a promising computing model for many civilian and military applications. Sensor nodes in such a network are subject to varying forms of attacks since they are left unattended after deployment. Compromised nodes can, for example, tamper with legitimate reports or inject false reports in order to either distract the user from reaching the right decision or deplete the precious energy of relay nodes. Most of the current designs take the en-network detection approach: misbehaved nodes are detected by their neighboring watchdog nodes; false reports are detected and dropped by trusted en-route relay nodes, etc. However en-network designs are insufficient to defend collaborative attacks when many compromised nodes collude with each other in the network. In this paper we propose COOL, a COmpromised nOde Locator for detecting and locating compromised nodes once they misbehave in the network. It is based on the observation that for a well-behaved sensor node, the set of outgoing messages should be equal to the set of incoming and locally generated or dropped messages. However, comparing the message sets for different nodes is not enough to identify attacks as their sanity is unknown. We exploit a proven collision-resilient hashing scheme, termed incremental hashing, to sign the incoming, outgoing and locally generated/dropped message sets. The hash values are then sent to the sink for trusted comparisons. We discuss how to securely collect these hash values and then confidently locate compromised nodes. The scheme can also be combined with existing en-route false report filtering schemes to achieve both early false report dropping and accurate compromised nodes isolation. Through identifying and excluding compromised nodes, the COOL protocol prevents further damages from these nodes and forms a reliable and energy-conserving sensor network.