skip to main content
10.1145/1352533.1352537acmconferencesArticle/Chapter ViewAbstractPublication PageswisecConference Proceedingsconference-collections
research-article

Defending against false-endorsement-based dos attacks in wireless sensor networks

Published: 31 March 2008 Publication History

Abstract

Node compromise is a serious threat in wireless sensor networks. An adversary can use compromised sensor nodes to inject false data to deceive the base station or he can try to deplete the energy resources of the sensor nodes. One approach to mitigate the impact of node compromise exploits the redundancy property of many wireless sensor networks. If a node initiates a report generation for the base station, then this report must be endorsed by multiple neighboring sensor nodes. Already proposed schemes using this approach introduce a new possible attack, called False-Endorsement-Based Denial of Service attack, where a compromised node sends a false endorsement which invalidates the collaboratively generated report. We propose an extension scheme, which enables the detection and exclusion of false endorsing nodes and is efficient in terms of storage and energy consumption.

References

[1]
Mica2: Wireless measurement system. http://www.xbow.com/.
[2]
I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci. A survey on sensor networks. IEEE Communications Magazine 40, 8:102--114, 2002.
[3]
B. H. Bloom. Space/time trade-offs in hash coding with allowable errors. Commun. ACM, 13(7):422--426, 1970.
[4]
H. Chan, A. Perrig, and D. Song. Random key predistribution schemes for sensor networks. In SP '03: Proceedings of the 2003 IEEE Symposium on Security and Privacy, 2003.
[5]
J. Deng, R. Han, and S. Mishra. Defending against path-based DoS attacks in wireless sensor networks. In SASN '05: Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, 2005.
[6]
W. Du, J. Deng, Y. S. Han, and P. K. Varshney. A pairwise key pre-distribution scheme for wireless sensor networks. In CCS '03: Proceedings of the 10th ACM conference on Computer and communications security, 2003.
[7]
L. Eschenauer and V. D. Gligor. A key-management scheme for distributed sensor networks. In CCS '02: Proceedings of the 9th ACM conference on Computer and communications security, 2002.
[8]
Y.-C. Hu, M. Jakobsson, and A. Perrig. Efficient constructions for one-way hash chains. In Applied Cryptography and Network Security (ACNS), 2005.
[9]
C. Karlof and D. Wagner. Secure routing in wireless sensor networks: attacks and countermeasures. In Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003.
[10]
C. Krauß, M. Schneider, K. Bayarou, and C. Eckert. STEF: A secure ticket-based en-route filtering scheme for wireless sensor networks. In 2nd International Conference on Availability, Reliability and Security (ARES), 2007.
[11]
C. Krauß, F. Stumpf, and C. Eckert. Detecting node compromise in hybrid wireless sensor networks using attestation techniques. In Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS), 2007.
[12]
L. Lamport. Password authentication with insecure communication. Commun. ACM, 24(11):770--772, 1981.
[13]
F. Li and J. Wu. A probabilistic voting-based filtering scheme in wireless sensor networks. In IWCMC '06: Proceeding of the 2006 international conference on Communications and mobile computing, 2006.
[14]
D. Liu, P. Ning, and R. Li. Establishing pairwise keys in distributed sensor networks. ACM Trans. Inf. Syst. Secur., 8(1):41--77, 2005.
[15]
A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen, and D. E. Culler. SPINS: security protocols for sensor networks. Wirel. Netw., 8(5):521--534, 2002.
[16]
R. L. Rivest. The RC5 Encryption Algorithm. In Proceedings of the 1994 Leuven Workshop on Fast Software Encryption, 1995.
[17]
H. Yang and S. Lu. Commutative cipher based en-route filtering in wireless sensor networks. In IEEE VTC Wireless Security Symposium, 2004.
[18]
H. Yang, F. Ye, Y. Yuan, S. Lu, and W. Arbaugh. Toward resilient security in wireless sensor networks. In MobiHoc '05: Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing, 2005.
[19]
F. Ye, H. Luo, S. Lu, and L. Zhang. Statistical en-route filtering of injected false data in sensor networks. In Proceedings IEEE INFOCOM, 2004.
[20]
W. Zhang and G. Cao. Group rekeying for filtering false data in sensor networks: A predistribution and local collaboration-based approach. In IEEE INFOCOM, 2005.
[21]
Y. Zhang, W. Liu, W. Lou, and Y. Fang. Location-based compromise-tolerant security mechanisms for wireless sensor networks. IEEE Journal on Selected Areas in Communications, 24, Issue 2:247--260, 2006.
[22]
L. Zhou and C. Ravishankar. A fault localized scheme for false report filtering in sensor networks. In ICPS'05: IEEE International Conference on Pervasive Services, 2005.
[23]
S. Zhu, S. Setia, and S. Jajodia. LEAP: efficient security mechanisms for large-scale distributed sensor networks. In CCS '03: Proceedings of the 10th ACM conference on Computer and communications security, 2003.
[24]
S. Zhu, S. Setia, S. Jajodia, and P. Ning. An interleaved hop-by hop authentication scheme for filtering false data in sensor networks. In IEEE Symposium on Security and Privacy, 2004.

Cited By

View all
  • (2018)Constrained Function-Based Message Authentication for Sensor NetworksIEEE Transactions on Information Forensics and Security10.1109/TIFS.2011.21061206:2(407-425)Online publication date: 26-Dec-2018
  • (2018)On handling insider attacks in wireless sensor networksInformation Security Tech. Report10.1016/j.istr.2008.10.01113:3(165-172)Online publication date: 14-Dec-2018
  • (2015)Fuzzy-Based adaptive countering method against false endorsement insertion attacks in wireless sensor networksInternational Journal of Distributed Sensor Networks10.5555/2836620.28366272015(7-7)Online publication date: 1-Jan-2015
  • Show More Cited By

Index Terms

  1. Defending against false-endorsement-based dos attacks in wireless sensor networks

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      WiSec '08: Proceedings of the first ACM conference on Wireless network security
      March 2008
      234 pages
      ISBN:9781595938145
      DOI:10.1145/1352533
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 31 March 2008

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. denial-of-service attacks
      2. node compromise
      3. report generation
      4. security
      5. wireless sensor network

      Qualifiers

      • Research-article

      Conference

      WISEC '08
      Sponsor:
      WISEC '08: First ACM Conference on Wireless Network Security
      March 31 - April 2, 2008
      VA, Alexandria, USA

      Acceptance Rates

      Overall Acceptance Rate 98 of 338 submissions, 29%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)6
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 14 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2018)Constrained Function-Based Message Authentication for Sensor NetworksIEEE Transactions on Information Forensics and Security10.1109/TIFS.2011.21061206:2(407-425)Online publication date: 26-Dec-2018
      • (2018)On handling insider attacks in wireless sensor networksInformation Security Tech. Report10.1016/j.istr.2008.10.01113:3(165-172)Online publication date: 14-Dec-2018
      • (2015)Fuzzy-Based adaptive countering method against false endorsement insertion attacks in wireless sensor networksInternational Journal of Distributed Sensor Networks10.5555/2836620.28366272015(7-7)Online publication date: 1-Jan-2015
      • (2015)Fuzzy-Based Adaptive Countering Method against False Endorsement Insertion Attacks in Wireless Sensor NetworksInternational Journal of Distributed Sensor Networks10.1155/2015/61852911:7(618529)Online publication date: Jan-2015
      • (2015)Method for Detecting Manipulated Compilation of Sensing Reports in Wireless Sensor NetworksThe Scientific World Journal10.1155/2015/4931622015:1Online publication date: 3-May-2015
      • (2013)On the Security of Data Collection and Transmission from Wireless Sensor Networks in the Context of Internet of ThingsInternational Journal of Distributed Sensor Networks10.1155/2013/8065059:9(806505)Online publication date: Jan-2013
      • (2012)False Data Injection-Resilient Security Routing Protocol for Wireless Sensor NetworksJournal of Networks10.4304/jnw.7.12.2025-20307:12Online publication date: 1-Dec-2012
      • (2012)Information-theoretic modeling of false data filtering schemes in wireless sensor networksACM Transactions on Sensor Networks (TOSN)10.1145/2140522.21405278:2(1-19)Online publication date: 31-Mar-2012
      • (2009)A DoS-resilient en-route filtering scheme for sensor networksProceedings of the tenth ACM international symposium on Mobile ad hoc networking and computing10.1145/1530748.1530805(343-344)Online publication date: 18-May-2009
      • (2008)An Enhanced Scheme to Defend against False-Endorsement-Based DoS Attacks in WSNsProceedings of the 2008 IEEE International Conference on Wireless & Mobile Computing, Networking & Communication10.1109/WiMob.2008.13(586-591)Online publication date: 12-Oct-2008

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media