PoK

Author:Qi Dong, Donggang Liu,Peng Ning

Description:
Recent studies have demonstrated that it is possible to per form public key cryptographic operations on the resource constrained sensor platforms. However, the significant resource consumption imposed by public key cryptographic operations makes such mechanisms easy targets of Denial of Service (DoS) attacks. For example, if digital signatures such as ECDSA are used directly for broadcast authenti cation without further protection, an attacker can simply broadcast forged packets and force the receiving nodes to perform a large number of unnecessary signature verifications, eventually exhausting their battery power. This paper studies how to deal with such DoS attacks when signatures are used for broadcast authentication in sensor networks.In particular, this paper presents two filtering techniques,a group based filter and a key chain based filter, to handle DoS attacks against signature verification. Both methods can significantly reduce the number of unnecessary signature verifications that a sensor node hasto perform. The analytical results also show t

Author:Donggang Liu,Peng Ning,Wenliang Du

Description:
Many key pre distribution techniques have been developed recently to establish pairwise keys for wireless sensor networks. To further improve these schemes, researchers have proposed to take advantage of sensors’ expected locations to help pre distributing keying materials. However, it is usually very difficult, and sometimes impossible, to guarantee the knowledge of sensors’ expected locations. In order to remove the dependency on expected locations,this paper proposes a practical deployment model, where sensor nodes are deployed in groups, and the nodes in the same group are close to each other after the deployment. Based on this model, the paper develops a novel group based key pre distribution framework, which can be combined with any of existing key predistribution techniques. A distinguishing property of this framework is that it does not require the knowledge of sensors expected locations and greatly simplifies the deployment of sensor networks.The analysis also shows that the framework can substantially improve the security as well as the performance of existing key predistribution techniques.

Author:Donggang Liu,Peng Ning, An Liu,Cliff Wang,Wenliang Kevin Du

Description:
Many sensor network applications require sensors’ locations to function correctly. Despite the recent advances, location discovery for sensor networks in hostile environments has been mostly overlooked. Most of the existing localization protocols for sensor networks are vulnerable in hostile environments. The security of location discovery can certainly be enhanced by authentication. However, the possible node compromises and the fact that location determination uses certain physical features (e.g., received signal strength) of radio signals make authentication not as effective as in traditional security applications. This paper presents two methods to tolerate malicious attacks against range based location discovery in sensor networks. The first method filters out malicious beacon signals on the basis of the “consistency” among multiple beacon signals, while the second method tolerates malicious beacon signals by adopting an iteratively refined voting scheme. Both methods can survive malicious attacks even if the attacks bypass authentication,provided that the benign beacon signals constitute the majority of the beacon signals. This paper also presents the implementation and experimental evaluation (through both field experiments and simulation) of all the secure and resilient location estimation schemes that can be used on the current generation of sensor platforms (e.g., MICA series of motes), including the techniques proposed in this paper, in a network of MICAz motes. The experimental results demonstrate the effectiveness of the proposed methods, and also give the secure and resilient location estimation scheme most suitalbe for the current generation of sensor networks.

Authors: Qingfeng Huang, Chenyang Lu, Gruia-Catalin Roman

Description:
This paper presents a novel protocol for a spatiotemporal variant of multicast called mobicast, designed to support message delivery in sensor and mobile ad hoc networks. The spatiotemporal character of mobicast relates to the obligation to deliver a message to all the nodes that will be present at time t in some geographic zone Z, where both the location and shape of the delivery zone are a function of time over some interval (tstart; tend). The protocol, called Face-Aware Routing (FAR), exploits ideas adapted from existing applications of face routing to achieve reliable mobicast delivery. The key features of the protocol are a routing strategy, which uses information confined solely to a node’s immediate spatial neighborhood, and a forwarding schedule, which employs only local topological information. Statistical results showing that, in uniformly distributed random disk graphs, the spatial neighborhood size is usually less than 20 suggest that FAR is likely to exhibit a low average memory cost. An estimation formula for the average size of the spatial neighborhood in a random network is another analytical result reported in this paper. This paper also includes a novel and low cost distributed algorithm for spatial neighborhood discovery.