Catching "Moles" in Sensor Networks

Authors:
Fan Ye;Hao Yang;Zhen Liu
Affiliations:
IBM T.J. Watson research Center, NY;IBM T.J. Watson research Center, NY;IBM T.J. Watson research Center, NY
Venue:
ICDCS '07 Proceedings of the 27th International Conference on Distributed Computing Systems
Year:
2007

Citing 0
Cited 8

Sensor node compromise detection: the location perspective

IWCMC '07 Proceedings of the 2007 international conference on Wireless communications and mobile computing
Catching packet droppers and modifiers in wireless sensor networks

SECON'09 Proceedings of the 6th Annual IEEE communications society conference on Sensor, Mesh and Ad Hoc Communications and Networks
A three-tier framework for intruder information sharing in sensor networks

Ad Hoc Networks
CAT: building couples to early detect node compromise attack in wireless sensor networks

GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Mitigating selective forwarding attacks with a channel-aware approach in WMNs

IEEE Transactions on Wireless Communications
Traceback in wireless sensor networks with packet marking and logging

Frontiers of Computer Science in China
Distributed detection of mobile malicious node attacks in wireless sensor networks

Ad Hoc Networks
AK-PPM: an authenticated packet attribution scheme for mobile ad hoc networks

RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses

Quantified Score

Hi-index	0.00

Visualization

Abstract

False data injection is a severe attack that compromised sensor nodes ("moles"') can launch. These moles inject large amount of bogus trafJic that can lead to application failures and exhausted network resources. Existing sensor network security proposals only passively mitigate the damage by filtering injected packets; they do not provide active means for fight back. This paper studies how to locate such moles within the framework of packet marking, when forwarding moles collude with source moles to manipulate the marks. Existing Internet traceback mechanisms do not assume compromised forwarding nodes and are easily defeated by manipulated marks. We propose a Probabilistic Nested Marking (PNM) scheme that is secure against such colluding attacks. No matter how colluding moles manipulate the marks, PNM can always locate them one by one. We prove that nested marking is both sufJicient and necessaly to resist colluding attacks. PNM also has fast-traceback: within about 50 packets, it can track down a mole up to 20 hops away from the sink. This virtually prevents any effective data injection attack: moles will be caught before they have injected any meaningful amount of bogus traffic.