Abstract. This paper evaluates the performance of INSENS, an INtrusion-tolerant routing protocol for wireless SEnsor Networks. Security in sensor networks is important in battlefield monitoring and home security applications to prevent intruders from eavesdropping, from tampering with sensor data, and from launching denial-of-service (DOS) attacks against the entire network. The resilience of INSENS’s multipath performance against various forms of communication-based attacks by intruders is evaluated in simulation. Within the context of INSENS, the paper evaluates implementations on the motes of the RC5 and AES encryption standards, an RC5-based scheme to generate message authentication codes (MACs), and an RC5-based generation of one-way sequence numbers. 1

Secure sensor network communication protocols need to provide three basic properties: data secrecy, authentication, and replay protection. Secure sensor network link layer protocols such as Tiny-Sec [13] and ZigBee [28] enjoy significant attention in the community. However, TinySec achieves low energy consumption by reducing the level of security provided. In contrast, ZigBee enjoys high security, but suffers from high energy consumption. MiniSec is a secure network layer that obtains the best of both worlds: low energy consumption and high security. MiniSec has two operating modes, one tailored for single-source communication, and another tailored for multi-source broadcast communication. The latter does not require per-sender state for replay protection and thus scales to large networks. We present a publicly available implementation of MiniSec for the Telos platform, and experimental results demonstrate our low energy utilization.

Advances in wireless communication and electronics have enabled the development of low-cost, lowpower, multifunctional sensor nodes. These tiny sensor nodes, consisting of sensing, data processing, and communication components, make it possible to deploy Wireless Sensor Networks (WSNs), which represent a significant improvement over traditional wired sensor networks. WSNs can greatly simplify system design and operation, as the environment being monitored does not require the communication or energy infrastructure associated with wired networks [1]. WSNs are expected to be solutions to many applications, such as detecting and tracking the passage of troops and tanks on a battlefield, monitoring environmental pollutants, measuring traffic flows on roads, and tracking the location of personnel in a building. Many sensor networks have mission-critical tasks and thus require that security be considered [2, 3]. Improper use of information or using forged information may cause unwanted information leakage and provide inaccurate results. While some aspects of WSNs are similar to traditional wireless ad hoc networks, important distinctions exist which greatly affect how security is achieved. The differences

So far, sensor network broadcast protocols assume a trustworthy environment. However, in safety and missioncritical sensor networks this assumption may not be valid and some sensor nodes might be adversarial. In these environments, malicious sensor nodes can deprive other nodes from receiving a broadcast message. We call this attack a Denial-of-Message Attack (DoM). In this paper, we model and analyze this attack, and present countermeasures. We present SIS, a Secure Implicit Sampling scheme that permits a broadcasting base station to probabilistically detect the failure of nodes to receive its broadcast, even if these failures result from an attacker motivated to induce these failures undetectably. SIS works by eliciting authenticated acknowledgments from a subset of nodes per broadcast, where the subset is unpredictable to the attacker and tunable so as to mitigate acknowledgment implosion on the base station. We use a game-theoretic approach to evaluate this scheme in the face of an optimal attacker that attempts to maximize the number of nodes it denies the broadcast while remaining undetected by the base station, and show that SIS significantly constrains such an attacker even in sensor networks exhibiting high intrinsic loss rates. We also discuss extensions that permit more targeted detection capabilities. 1.

As wireless sensor networks continue to grow, so does the need for effective security mechanisms. Because sensor networks may interact with sensitive data and/or operate in hostile unattended environments, it is imperative that these security concerns be addressed from the beginning of the system design. However, due to inherent resource and computing constraints, security in sensor networks poses different challenges than traditional network/computer security. There is currently enormous research potential in the field of wireless sensor network security. Thus, familiarity with the current research in this field will benefit researchers greatly. With this in mind, we survey the major topics in wireless sensor network security, and present the obstacles and the requirements in the sensor security, classify many of the current attacks, and finally list their corresponding defensive measures. 2

Denial of service (DoS) attacks can cause serious damage in resourceconstrained, wireless sensor networks (WSNs). This paper addresses an especially damaging form of DoS attack, called PDoS (Path-based Denial of Service). In a PDoS attack, an adversary overwhelms sensor nodes a long distance away by flooding a multihop end-to-end communication path with either replayed packets or injected spurious packets. This paper proposes a solution using one-way hash chains to protect end-to-end communications in WSNs against PDoS attacks. The proposed solution is lightweight, tolerates bursty packet losses, and can easily be implemented in modern WSNs. The paper reports on performance measured from a prototype implementation. 1.

For widespread adoption of sensor technology, robustness in the event of abnormal behavior such as a network intrusion, or failures of components or nodes is critical. Current research on robust and resilient sensor networking is focused on specific tasks – secure broadcast, secure aggregation, secure localization or fault-tolerant feature extraction. While these primitives provide useful functionality, what has been lacking is a comprehensive, holistic approach to sensor network robustness across various failure modalities. In this position paper, we propose a self-healing hybrid sensor network architecture called SASHA, that is inspired by and co-opts several mechanisms from the Acquired Natural Immune System to attain its autonomy, robustness, diversity and adaptability to unknown pathogens, and compactness. SASHA encompasses automatic fault recognition and response over a wide range of possible faults. Moreover, it is an adaptive architecture that can learn and evolve its monitoring and inference capabilities over time to deal with unknown faults. We illustrate the workings of SASHA using the example of fault-tolerant sensor data collection and outline an agenda for future research. 1.

Abstract not found

Abstract. In this paper we consider a problem of implementing a hybrid routing protocol for wireless sensor networks, which natively supports data-centric, geographic-based and address-centric communication paradigms. We demonstrate the feasibility of such protocol by presenting tinyLUNAR, an adapted to the specifics of sensor networks reactive routing scheme originally developed for mobile wireless ad hoc networks. In addition to the support for several communications paradigms tiny-LUNAR implements highly efficient multihop forwarding using only 1 B field that can be directly encoded in the standard IEEE 802.15.4 MAC header. 1

Abstract — The small form factor of the sensors, coupled with the unattended and distributed nature of their deployment expose sensors to Physical Attacks that physically destroy sensors in the network. In this paper, we study the modeling and analysis of Search-based Physical Attacks in sensor networks. We define a search-based physical attack model, where the attacker walks through the sensor network using signal detecting equipment to locate active sensors, and then destroys them. We consider both flat and hierarchical sensor networks. The attacker in our model uses a weighted random selection based approach to discriminate multiple target choices (normal sensors and clusterheads) to enhance sensor network performance degradation. Our performance metric in this paper is Accumulative Coverage (   ¢¡ which effectively captures coverage and lifetime of the sensor network. We then conduct detailed evaluations on the impacts of search-based physic attacks on sensor network performance. Our performance data clearly show that search-based physical attacks significantly reduce sensor network performance. We observe that attack related parameters, namely attacker movement speed, detection range and accuracy have significant impacts on the attack effectiveness. We also observe that the attack effectiveness is significantly impacted by sensor network parameters, namely the frequency of communication and frequency of cluster-head rotation. We believe that our work in this paper on modeling and analyzing search-based physical attacks is an important first step in understanding their overall impacts, and effectively defending against them in the future. I.