Sensor node compromise detection: the location perspective
IWCMC '07 Proceedings of the 2007 international conference on Wireless communications and mobile computing
Catching packet droppers and modifiers in wireless sensor networks
SECON'09 Proceedings of the 6th Annual IEEE communications society conference on Sensor, Mesh and Ad Hoc Communications and Networks
CAT: building couples to early detect node compromise attack in wireless sensor networks
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Mitigating selective forwarding attacks with a channel-aware approach in WMNs
IEEE Transactions on Wireless Communications
Traceback in wireless sensor networks with packet marking and logging
Frontiers of Computer Science in China
AK-PPM: an authenticated packet attribution scheme for mobile ad hoc networks
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Hi-index | 0.00 |
False data injection is a severe attack that compromised sensor nodes ("moles"') can launch. These moles inject large amount of bogus trafJic that can lead to application failures and exhausted network resources. Existing sensor network security proposals only passively mitigate the damage by filtering injected packets; they do not provide active means for fight back. This paper studies how to locate such moles within the framework of packet marking, when forwarding moles collude with source moles to manipulate the marks. Existing Internet traceback mechanisms do not assume compromised forwarding nodes and are easily defeated by manipulated marks. We propose a Probabilistic Nested Marking (PNM) scheme that is secure against such colluding attacks. No matter how colluding moles manipulate the marks, PNM can always locate them one by one. We prove that nested marking is both sufJicient and necessaly to resist colluding attacks. PNM also has fast-traceback: within about 50 packets, it can track down a mole up to 20 hops away from the sink. This virtually prevents any effective data injection attack: moles will be caught before they have injected any meaningful amount of bogus traffic.