Abstract — We propose a highly scalable cluster-based hierarchical trust management protocol for wireless sensor networks (WSNs) to effectively deal with selfish or malicious nodes. Unlike prior work, we consider multidimensional trust attributes derived from communication and social networks to evaluate the overall trust of a sensor node. By means of a novel probability model, we describe a heterogeneous WSN comprising a large number of sensor nodes with vastly different social and quality of service (QoS) behaviors with the objective to yield “ground truth ” node status. This serves as a basis for validating our protocol design by comparing subjective trust generated as a result of protocol execution at runtime against objective trust obtained from actual node status. To demonstrate the utility of our hierarchical trust management protocol, we apply it to trust-based geographic routing and trust-based intrusion detection. For each application, we identify the best trust composition and formation to maximize application performance. Our results indicate that trust-based geographic routing approaches the ideal performance level achievable by flooding-based routing in message delivery ratio and message delay without incurring substantial message overhead. For trust-based intrusion detection, we discover that there exists an optimal trust threshold for minimizing false positives and false negatives. Furthermore, trust-based intrusion detection outperforms traditional anomaly-based intrusion detection approaches in both the detection probability and the false positive probability. Index Terms — Trust management; security; wireless sensor networks; routing; intrusion detection; performance analysis. A I.

Abstract. In this paper, we present an Intrusion Detection System designed for wireless sensor networks and show how it can be configured to detect Sinkhole attacks. A Sinkhole attack forms a serious threat to sensor networks. We study in depth this attack by presenting how it can be launched in realistic networks that use the MintRoute protocol of TinyOS. MintRoute is the most widely used routing protocol in sensor network deployments, using the link quality metric to build the corresponding routing tree. Having implemented this attack in TinyOS, we embed the appropriate rules in our IDS system that will enable it to detect successfully the intruder node. We demonstrate this in our own sensor network deployment and we also present simulation results to confirm the effectiveness and accuracy of the algorithm in the general case of random topologies.

Abstract. The fact that sensor networks are deployed in wide dynamically changing environment and usually left unattended, calls for nomadic, diverse and autonomic behavior. The nature of security threats in such networks as well as the nature of the network itself raise additional security challenges, so new mechanisms and architectures must be designed to protect them. In an autonomic communication context these mechanisms must be based on self-healing, self-configuration and self-optimization in order to enforce high-level security policies. In this work we discuss the research challenges posed by sensor network security as they apply to the autonomic communication setting. 1

Recent advances in MEMS hardware have enabled small-footprint and inexpensive sensors to be deployed in hard-to-access locations and to form wireless sensor networks (WSNs). WSNs are typically mission-oriented networks and offer appealing solutions to a range of practical problems. However, due to the characteristics of WSN, their design principles differ from other types of networks. For instance, the severe limitations of computational and energy resources in the network nodes restrict their ability to process and communicate information. These characteristics, particular to WSNs, dictate new security challenges and require new approaches to implementation of security protocols. In this chapter, we present some of the WSNs security challenges and discuss a number of selected solutions presented in the technical literature. The structure of the chapter is as follows. In Section 1, we provide background material on WSN security; in particular, we present the security goals, implementation constraints, potential attacks and defenses, and evaluation benchmarks. In Section 2, we discuss basic security challenges and approaches, including cryptography schemes, key management schemes, and attack detection and prevention mechanisms. Then, in Sections 3, 4, and 5, we discuss secure routing, secure localization, and secure data aggregation, respectively. Finally, we conclude the survey in Section 6.