Compromised nodes in wireless sensor network - CiteSeerX

Compromised nodes in wireless sensor network 1 Lin Zhi-Ting, Qu Yu-Gui, Li Jing, Zhao Bao-Hua MOE-Microsoft Key Laboratory of Multimedia Computing and Communication, Department of Electronic Engineering and Information Science, University of Science and Technology of China Hefei, Anhui 230027, China +Corresponding author: Phn +86-0551-3607462, Fax +86-0551-3607462 [email protected]

Abstract. Sensor webs consisting of nodes with limited battery power and wireless communication are deployed to collect useful information from a variety of environments. A new challenge in the wireless sensor networks (WSN) is the compromised nodes problem. Compromised nodes may exhibit arbitrary behavior and may collude with other compromised nodes. In this paper, we propose a novel security strategy with assistant cluster heads, SSACH, which focuses on limiting the attack from compromised nodes. It adds the Assistant Cluster Heads (ACH) so as to monitor Cluster Head (CH) and take precautions against the inside attack.

1

Introduction

Sensor networks offer economically practicable solutions for many applications. For instance, current implementations include monitoring factory instrumentation, pollution levels, freeway traffic, and the structural integrity of buildings [1].The privacy and security issues posed by sensor networks represent a rich field of research problems [2]. Sensor nodes are susceptible to physical capture [3]. And as a consequence of their targeted low cost, tamper-resistant hardware is unlikely to prevail. So, when designing a secure sensor network we should assume that the nodes within it may be compromised by an attacker. If a node is compromised, all the information it holds will also be leaked out. With nodes compromised, an adversary can carry out an inside attack. In contrast to disabled nodes, compromised nodes actively seek to paralyze the network [4]. Furthermore, wireless sensor network often utilizes message aggregation to reduce communication overhead. But message aggregation makes security more difficult. Each intermediate node can modify, forge or discard messages, or simply transmit false aggregation values, so one compromised node is able to significantly alter the final aggregation value [5][6]. In this paper, we propose a novel framework for secure information aggregation in large sensor networks. Security Strategy with Assistant Cluster Head focuses on limiting the attack from compromised node. SSACH adds the Assistant Cluster Heads so as to monitor Cluster Head and take precautions against the inside attack. ACH utilizes the proportionate sampling to testify that the answer given by the CH is a good approximation of the true value. SSACH will be shown to exhibit excellent performance via simulations. The remainder of this paper is organized as follows. Section 2 presents our strategy in detail. In Section 3, we examine the performance of our scheme, and finally draw a conclusion from our work in Section 4.

2

SSACH Description

2.1

Key Distribute Mechanism of SSACH

Pre-distribution of secret keys are adopted in SSACH. Table 1 displays the notation used in the scheme descriptions.

1

This paper is supported by the National Natural Science Foundation of China under Grant No. 60241004 ,the National Grand Fundamental Research 973 Program of China under Grant No. 2003CB314801, and the State Key Laboratory of Networking and Switching Technology.

Table 1. Notation used in SSACH

Notation Si Fm(i,j)

ω

nonce E(K,… α

Idi ||

Description Sensor node i Key generating function shared between sensor nodes i and j The number of the symmetric matrices Random nonce value Symmetric encryption function using key K The challenge code Identifier for node i Concatenation operator

There are M key generating functions in the entire network. Each node stores a key, Ki, shared with the base station, and a subset of the key generating functions Fm(i,x) [7] [8], m ∈ M . Nodes Si and Sj sharing the same key generating function Fm, can calculate the shared key Fm(i,j)=Fm(j,i) [9][10]. The other nodes Sp, p ≠ i, j , are unable to calculate Fm(i,j). For example, we could construct a (λ + 1) * N matrix G over a finite field GF(q) and ω symmetric matrices D1 , D2 ,..., Dω of size (λ + 1)*(λ + 1) . Because Dn ( 1 ≤ n ≤ ω ), is symmetric, it is easy to see:

An * G = (Dn * G)T * G = GT * DnT * G = GT * Dn * G= (An * G)T

(1)

Let An(j) represent the jth row of An. Then the base station could randomly select t distinct key spaces from the key spaces (A(j)) for each node. Up to now, Fm(i,j) can be calculate in the following manner: Fm(i,j) =An (i)* G(j) = An (j)* G(i)= Fm(j,i)

(2)

Despite the fact that some nodes may compromise, they have limited effects on the security of the network. SSACH uses the challenge-response technique to evade the smart attack [11]. Smart attack means the attacker attempts to compromises the sensor that stores the largest number of keys which are not known.

{α , E Fm ( i , j ) (α ), m ∈ M }

(3)

The decryption with the proper key by sensor sb would reveal the challenge α and the information that sb shares that particular key with sensor sa. So far, the nodes succeed in obtaining the following keys: Key shared with the base station: Ki Key shared with the Cluster Head: Ki,CH=Fm(i,CH) Key shared with the Assistant Cluster Head: Ki,ACH=Fm(i,ACH) Key shared with the neighbors nodes: Ki, neighbour=Fm(i, neighbour) 2.2

Data Transmission and Compression Based on SSACH

As Fig. 1 shows, the wireless sensor network employs the hierarchical clustering model. Cluster Head and Assistant Cluster Head are selected in turn from nodes within cluster. Gathered data are encrypted and transmitted to the CH and ACHs separately.

Fig. 1. Structure of wireless sensor network

After collecting results from a group of sensors, the CH calculates a smaller message, idCH||E(KCH,ACH,,nounce’||idCH||Aggregation_message), which summarizes the important information

and transmits the result to ACHs. Then ACHs validate the compressive message making use of the data collected from certain sensor nodes. If accurate, the ACHs construct an agreement encrypted with the key KACH, and pass idACH||MAC(KACH,,nounce”||idACH||Aggregation_message) on to CH. On the contrary, an alarm would be sent out. The cluster head wouldn’t convey the aggregation data to the base station in a relay way, until it has collected adequate agreements. The aggregation datum is denoted as: Report : idCH||E(KCH,nounce”||idCH||Aggregation_message||XMAC||ACH_list) where, XMAX= MAC(KACH1,,nounce”||idACH1||Aggregation_message) ⊕ MAC(KACH2,,nounce”||idACH2||Aggregation_message) ⊕ … MAC(KACHk,,nounc”||idACHk||Aggregation_message)

(4)

If the CH is compromised, and it simply ignores the advice of the ACHs and sends compromised data without enough agreements. The base station would also send out an alarm unhesitatingly. At the same time, the relaying nodes between CH and BS should calculate and store data summary. If a certain relaying node compromises, it may inject wrong message into the sensor network or discard message on purpose. As a result, follow-up nodes must turn into different summaries or have no summary. If the base station receives incorrect information, it can broadcast alarm and collect the summaries in order to isolate the suspicious nodes.

Fig. 2. Message Aggregation

The process of data transmission and compression based on SSACH is shown in Fig.2. Obviously, a distinguishing feature of SSACH is that ACHs and data summaries are added to supervise the behavior of CH and the relaying nodes. SSACH can take precautions against CH launching the inside attack, and provide an effective method of confining the compromised relaying node. The algorithm is rendered useless if the CH and all ACH nodes are compromised. It is stated that the election algorithm must be designed very carefully. The same set of sensor node should not always act as the CH or the ACHs. For instance, sensor nodes can queue up to be header according to their IDs. Here, it is supposed that there are n nodes compromised in certain cluster which is made up of m sensor nodes. So the probability that the compromised node becomes the cluster head is: P=n/m, which means that n/m of the data may be invalid. SSACH adds k associate cluster head. So the probability of compromised node occupying the CH and all the ACHs turns into:

P=

Cnk +1 n!(m − k − 1)! = Cmk +1 m!(n − k − 1)!

(5)

It points out the amount of invalid data would be much less, whereas such technique will cause the increasing of communication quantity. Keeping in mind that communication between nodes consumes a significant amount of the energy resources, applications and system software are expected to achieve a required level of performance while minimizing the amount of traffic in the network [12]. Therefore, SSACH utilizes the proportionate sampling to reduce energy consumption. The wireless sensor network is divided into k groups. An ACH selects one group of the sensor nodes at random, and the nodes being selected are required to send data of low precision to the ACH. For instance raw data (10bit) are collected by CH, and low precision data (4bit) are gathered by ACH. Subsequently, it will reduce the total of communication. However, error must be brought into while making use of sampling.

If the high precision samples are used, mean error of the average of the samples is as follows, where the σ is the total standard deviation.

μx =

σ2

m − m/k σ 2 ( k − 1) )= m / k m −1 m −1 (

(6)

And in the case that low precision samples are adopted, the formula shows the lower bound of the mean error.

3

Simulation Experiments And Analysis

In this section, we simulated the SSACH described in Section 2. First, we considered a sensor cluster made up of 100 nodes has 1~3 ACHs and 5~30 compromised nodes. The probability of the valid transmission is as follows Fig.3. It exemplifies that SSACH is able to restrict attack from inside effectively. When the quantity of ACHs is large enough, the data can almost convey correctly. Data transitions are nearly free of the impact of the compromised node.

Fig. 3. Performance of resisting compromised node

In order to test the performance of SSACH from different points of view, the error caused by sampling was taken into account. We consider a sensor cluster made up of 200 nodes contains 1~5 ACHs. And the raw data range between [0.0, 100.0]. The results plotted in Figure 4 show that if the data bit is reduced properly, the mean error of the average of the sample can be acceptable.

Fig. 4. Mean error of the average of the sample

Simulations above illustrate that SSACH is efficient with respect to the security it provides and allows a tradeoff between security and performance.

4

Conclusions

Wireless sensor networks are often deployed in unattended environments. Node compromise is the central problem that uniquely characterizes the sensor network’s threat model. So, in this paper a straightforward but effective scheme, SSACH, is presented. SSACH focuses on secure information aggregation in sensor networks that can handle a malicious CH and malevolent sensor nodes. SSACH has been demonstrated to exhibit excellent performance.

References 1. Haowen Chan, Perrig, A.: Security and Privacy in Sensor Networks. Computer Vol.36, Issue 10. (2003) 103 – 105. 2. Sencun Zhu, Setia, S, Jajodia, S, Peng Ning: An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks. Security and Privacy 2004, Proceedings, 2004 IEEE Symposium. (2004) 59 - 271 3. Shi, E.; Perrig, A.: Designing secure sensor networks. Wireless Communications, IEEE. Vol.11, Issue 6, (2004) 38 – 43. 4. Qingchun Ren, Qilian Liang: Secure media access control (MAC) in wireless sensor networks: intrusion detections and countermeasures. Personal, Indoor and Mobile Radio Communications, 2004. PIMRC 2004. 15th IEEE International Symposium, Vol.4 (2004) 3025 – 3029. 5. Slijepcevic, S., Potkonjak, M., Tsiatsis, V., Zimbeck, S., Srivastava, M.B.: Secure Aggregation for Wireless Networks. Enabling Technologies. Infrastructure for Collaborative Enterprises, 2002. WET ICE 2002. Proceedings. Eleventh IEEE International Workshops. (2002) 139 – 144. 6. B. Przydatek, D. Song, and A. Perrig,: SIA: Secure Information Aggregation in Sensor Networks. Proc. of Embedded Networked Sensor Sys (2003) 255-265. 7. R. Blom.: An Optimal Class of Symmetric Key Generation Systems. Advances in Cryptology, EUROCRYPT’84, LNCS 209. (1984) 335-338. 8. C. Blundo, A. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung.: Perfectly-secure key distribution for dynamic conferences. In Advances in Cryptology CRYPTO 92, LNCS 740 (1993) 471-486. 9. D. Liu and P. Ning.: Establishing Pairwise Keys in Distributed Sensor Networks. In Proc. of the 10th ACM Conference on Computer and Communications Security (CCS ’03) (2003). 10. Wenliang Du, Jing Deng, Yunghsiang S. Han, Pramod K. Varshney.: A Pairwise Key Pre-distribution Scheme for Wireless Sensor Networks. Proceedings of the 10th ACM conference on Computer and communications security (2003) 42 – 51 11. Di Pietro, R., Mancini, L.V., Mei, A.:Efficient and resilient key discovery based on pseudo-random key pre-deployment. Parallel and Distributed Processing Symposium 2004 Proceedings (2004) 217 12. Slijepcevic S., Potkonjak M., Tsiatsis V., Zimbeck S., Srivastava M.B.: On communication security in wireless ad-hoc sensor networks. Enabling Technologies: Infrastructure for Collaborative Enterprises, 2002. WET ICE 2002. Proceedings. Eleventh IEEE International Workshops (2002) 139 - 144