A framework for identifying compromised nodes in sensor networks

Qing Zhang, Ting Yu, Peng Ning

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Citations (Scopus)

Abstract

Sensor networks are often subject to physical attacks. Once a node's cryptographic key is compromised, an attacker may completely impersonate it, and introduce arbitrary false information into the network. Basic cryptographic security mechanisms are often not effective in this situation. Most techniques to address this problem focus on detecting and tolerating false information introduced by compromised nodes. They cannot pinpoint exactly where the false information is introduced and who is responsible for it. We still lack effective techniques to accurately identify compromised nodes so that they can be excluded from a sensor network once and for all. In this paper, we propose an application-independent framework for identifying compromised sensor nodes. The framework provides an appropriate abstraction of application-specific detection mechanisms, and models the unique properties of sensor networks. Based on the framework, we develop alert reasoning algorithms to identify compromised nodes. The algorithm assumes that compromised nodes may collude at will. We show that our algorithm is optimal in the sense that it identifies the largest number of compromised nodes without introducing false positives. We evaluate the effectiveness of the designed algorithm through comprehensive experiments.

Original languageEnglish
Title of host publication2006 Securecomm and Workshops
DOIs
Publication statusPublished - 1 Dec 2006
Externally publishedYes
Event2006 Securecomm and Workshops - Baltimore, MD, United States
Duration: 28 Aug 20061 Sep 2006

Other

Other2006 Securecomm and Workshops
CountryUnited States
CityBaltimore, MD
Period28/8/061/9/06

Fingerprint

Sensor networks
abstraction
Sensor nodes
lack
experiment
Experiments

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Communication

Cite this

A framework for identifying compromised nodes in sensor networks. / Zhang, Qing; Yu, Ting; Ning, Peng.

2006 Securecomm and Workshops. 2006. 4198806.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Zhang, Q, Yu, T & Ning, P 2006, A framework for identifying compromised nodes in sensor networks. in 2006 Securecomm and Workshops., 4198806, 2006 Securecomm and Workshops, Baltimore, MD, United States, 28/8/06. https://doi.org/10.1109/SECCOMW.2006.359546
Zhang, Qing ; Yu, Ting ; Ning, Peng. / A framework for identifying compromised nodes in sensor networks. 2006 Securecomm and Workshops. 2006.
@inproceedings{4aca72d852b04a26b2ef45687fb3a352,
title = "A framework for identifying compromised nodes in sensor networks",
abstract = "Sensor networks are often subject to physical attacks. Once a node's cryptographic key is compromised, an attacker may completely impersonate it, and introduce arbitrary false information into the network. Basic cryptographic security mechanisms are often not effective in this situation. Most techniques to address this problem focus on detecting and tolerating false information introduced by compromised nodes. They cannot pinpoint exactly where the false information is introduced and who is responsible for it. We still lack effective techniques to accurately identify compromised nodes so that they can be excluded from a sensor network once and for all. In this paper, we propose an application-independent framework for identifying compromised sensor nodes. The framework provides an appropriate abstraction of application-specific detection mechanisms, and models the unique properties of sensor networks. Based on the framework, we develop alert reasoning algorithms to identify compromised nodes. The algorithm assumes that compromised nodes may collude at will. We show that our algorithm is optimal in the sense that it identifies the largest number of compromised nodes without introducing false positives. We evaluate the effectiveness of the designed algorithm through comprehensive experiments.",
author = "Qing Zhang and Ting Yu and Peng Ning",
year = "2006",
month = "12",
day = "1",
doi = "10.1109/SECCOMW.2006.359546",
language = "English",
isbn = "1424404231",
booktitle = "2006 Securecomm and Workshops",

}

TY - GEN

T1 - A framework for identifying compromised nodes in sensor networks

AU - Zhang, Qing

AU - Yu, Ting

AU - Ning, Peng

PY - 2006/12/1

Y1 - 2006/12/1

N2 - Sensor networks are often subject to physical attacks. Once a node's cryptographic key is compromised, an attacker may completely impersonate it, and introduce arbitrary false information into the network. Basic cryptographic security mechanisms are often not effective in this situation. Most techniques to address this problem focus on detecting and tolerating false information introduced by compromised nodes. They cannot pinpoint exactly where the false information is introduced and who is responsible for it. We still lack effective techniques to accurately identify compromised nodes so that they can be excluded from a sensor network once and for all. In this paper, we propose an application-independent framework for identifying compromised sensor nodes. The framework provides an appropriate abstraction of application-specific detection mechanisms, and models the unique properties of sensor networks. Based on the framework, we develop alert reasoning algorithms to identify compromised nodes. The algorithm assumes that compromised nodes may collude at will. We show that our algorithm is optimal in the sense that it identifies the largest number of compromised nodes without introducing false positives. We evaluate the effectiveness of the designed algorithm through comprehensive experiments.

AB - Sensor networks are often subject to physical attacks. Once a node's cryptographic key is compromised, an attacker may completely impersonate it, and introduce arbitrary false information into the network. Basic cryptographic security mechanisms are often not effective in this situation. Most techniques to address this problem focus on detecting and tolerating false information introduced by compromised nodes. They cannot pinpoint exactly where the false information is introduced and who is responsible for it. We still lack effective techniques to accurately identify compromised nodes so that they can be excluded from a sensor network once and for all. In this paper, we propose an application-independent framework for identifying compromised sensor nodes. The framework provides an appropriate abstraction of application-specific detection mechanisms, and models the unique properties of sensor networks. Based on the framework, we develop alert reasoning algorithms to identify compromised nodes. The algorithm assumes that compromised nodes may collude at will. We show that our algorithm is optimal in the sense that it identifies the largest number of compromised nodes without introducing false positives. We evaluate the effectiveness of the designed algorithm through comprehensive experiments.

UR - http://www.scopus.com/inward/record.url?scp=50049094102&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=50049094102&partnerID=8YFLogxK

U2 - 10.1109/SECCOMW.2006.359546

DO - 10.1109/SECCOMW.2006.359546

M3 - Conference contribution

AN - SCOPUS:50049094102

SN - 1424404231

SN - 9781424404230

BT - 2006 Securecomm and Workshops

ER -