Open Access  Subscription or Fee Access

Providing desirable data security, that is, confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is challenging, as a WSN usually consists of a large number of resource constraint sensor nodes that are generally deployed in unattended/hostile environments and, hence, are exposed to many types of severe insider attacks due to node compromise. Existing security designs mostly provide a hop-by-hop security paradigm and thus are vulnerable to such attacks. Furthermore, existing security designs are also vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks and selective forwarding attacks and thus put data availability at stake. In this paper, we seek to overcome these vulnerabilities for large-scale static WSNs. We come up with a location-aware end-to-end security framework in which secret keys are bound to geographic locations and each node stores a few keys based on its own location. This location-aware property effectively limits the impact of compromised nodes only to their vicinity without affecting end-to-end data security. The proposed multifunctional key management framework assures both node-to-sink and node-to-node authentication along the report forwarding routes. Moreover, the proposed data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against DoS attacks. The evaluation demonstrates that the proposed design is highly resilient against an increasing number of compromised nodes and effective in energy savings.

Sensors, Hop-by-Hop, Selective Forwarding Attack, Report Disruption

D. Carman, P. Kruus, and B. Matt, “Constraints and Approaches for Distributed Sensor Network Security,” Technical Report 00- 010, NAI Labs, 2000.

A. Wood and J. Stankovic, “Denial of Service in Sensor Networks,” Computer, Oct. 2002.

C. Karlof and D. Wagner, “Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures,” Ad Hoc Networks, vol. 1, no.2, 2003.

A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. Tygar, “SPINS: Security Protocols for Sensor Networks,” Proc. MobiCom, July 2001.

E. Shi and A. Perrig, “Designing Secure Sensor Networks,” Wireless Comm. Magazine, vol. 11, no. 6, Dec. 2004.

L. Eschenauer and V. Gligor, “A Key-Management Scheme for Distributed Sensor Networks,” Proc. Ninth ACM Conf. Computer and Comm. Security (CCS ’02), 2002.

H. Chan and A. Perrig, “Security and Privacy in Sensor Networks,” Computer, pp. 103-105, Oct. 2003.

H. Chan, A. Perrig, and D. Song, “Random Key Predistribution Schemes for Sensor Networks,” Proc. IEEE Symp. Research in Security and Privacy, 2003.

D. Liu and P. Ning, “Location-Based Pairwise Key Establishments for Relatively Static Sensor Networks,” Proc. ACM Workshop Security of Ad Hoc and Sensor Networks (SASN ’03), Oct. 2003.

D. Liu and P. Ning, “Establishing Pairwise Keys in Distributed Sensor Networks,” Proc. 10th ACM Conf. Computer and Comm. Security (CCS ’03), Oct. 2003.