Wireless Networks

, Volume 15, Issue 4, pp 431–441 | Cite as

Proactive mitigation of impact of wormholes and sinkholes on routing security in energy-efficient wireless sensor networks

  • Huzaifa Al Nahas
  • Jitender S. Deogun
  • Eric D. Manley
Article

Abstract

Sensor networks are deployed in a variety of environments for unattended operation. In a hostile terrain, sensor nodes are vulnerable to node capture and cryptographic material compromise. Compromised nodes can be used for launching wormhole and sinkhole attacks in order to prevent sensitive data from reaching intended destinations. Our objective in this paper is mitigating the impact of undetected compromised nodes on routing. To this end, we develop metrics for quantifying risk of paths in a network. We then introduce a novel routing approach: Secure-Path Routing (SPR) that uses expected path risk as a parameter in routing. Quantified path risk values are used in routing to reduce traffic flow over nodes that have high expected vulnerability. Selecting low risk routes may lead to the choice of energy-expensive routes. Thus, we develop algorithms for balancing risk with other path selection parameters, including energy consumption. We conduct simulation experiments to evaluate the effectiveness of our approach and study the tradeoff between security and energy. Simulation shows that SPR can be quite effective at increasing traffic flow over legitimate routes and that the impact of SPR on network lifetime is negligible.

Keywords

Sensor networks Secure routing Energy-efficiency Wormhole attacks 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Notes

Acknowledgments

This work was supported in part by NSF EPSCoR under grant EPS- 0346476. The views and conclusions presented in this paper are those of the authors and should not be interpreted as necessarily representing the official opinions or policies, either expressed or implied, of NSF or the University of Nebraska-Lincoln.

References

  1. 1.
    Bohacek, S., Hespanha, J. P., Obraczka, K., Lee, J., & Lim, C. (2002). Enhancing security via stochastic routing. In 11th IEEE international conference on computer communications and networks (ICCCN), May.Google Scholar
  2. 2.
    Capkun, S., Buttyán, L., & Hubaux, J.-P. (2003). Sector: secure tracking of node encounters in multi-hop wireless networks. In SASN’03: Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks (pp. 21–32). New York, NY: ACM Press.Google Scholar
  3. 3.
    Chan, H., Perrig, A., & Song, D. (2003). Random key predistribution schemes for sensor networks. In IEEE security and privacy symposim.Google Scholar
  4. 4.
    Chang, J., & Tassiulas, L. (1999). Routing for maximum system lifetime in wireless ad-hoc networks. In 37th annual allerton conference on communication, control, and computing.Google Scholar
  5. 5.
    European Economic Community. (1993). Information technology security evaluation manual (ITSEM). Technical report.Google Scholar
  6. 6.
    Deng, J., Han, R., & Mishra, S. (2006). INSENS: Intrusion-tolerant routing for wireless sensor networks. Computer Communications, 29(2), 216–230.Google Scholar
  7. 7.
    Eschenauer, L., & Gligor, V. (2002). A key management scheme for distributed sensor networks. In ACM CCS2002, Washington DC.Google Scholar
  8. 8.
    Ganesan, D., Govidan, R., Skenker, S., & Estrin, D. (2001). Highly-resilient, energy-efficient multipath routing in wireless sensor networks. In Symposium on mobile ad hoc networking and computing (MobiHoc’01), October 4–5, 2001, Long Beach, CA, USA (pp. 295–298). ACM, October.Google Scholar
  9. 9.
    Hu, Y.-C., Perrig, A., & Johnson, D. B. (2002). Ariadne: A secure on-demand routing protocol for ad hoc networks. In MOBICOM (pp. 12–23).Google Scholar
  10. 10.
    Hu, Y.-C., Perrig, A., & Johnson, D. B. (2003). Packet leashes: A defense against wormhole attacks in wireless networks. In INFOCOM.Google Scholar
  11. 11.
    Hu, Y.-C., Perrig, A., & Johnson, D. B. (2003). Rushing attacks and defense in wireless ad hoc network routing protocols. In WiSe’03: Proceedings of the 2003 ACM workshop on wireless security (pp. 30–40). New York, NY: ACM Press.Google Scholar
  12. 12.
    Jha, S., Sheyner, O., & Wing, J. M. (2002). Two formal analysis of attack graphs. In CSFW (pp. 49–63).Google Scholar
  13. 13.
    Karlof, C., & Wagner, D. (2003). Secure routing in wireless sensor networks: Attacks and countermeasures. Elsevier’s AdHoc Networks Journal, Special Issue on Sensor Network Applications and Protocols, 1(2–3):293–315, September.Google Scholar
  14. 14.
    Kuipers, F., Van Mieghem, P., Korkmaz, T., & Krunz, M. (2002). An overview of constraint-based path selection algorithms for QoS routing. IEEE Communications Magazine, 40(12), December.Google Scholar
  15. 15.
    Phillips, C. A., & Swiler, L. P. (1998). A graph-based system for network-vulnerability analysis. In Workshop on new security paradigms (pp. 71–79).Google Scholar
  16. 16.
    Puterman, M. (1994). Markov decision processes. New York, NY: Wiley.MATHCrossRefGoogle Scholar
  17. 17.
    Sheyner, O., Haines, J. W., Jha, S., Lippmann, R., & Wing, J. M. (2002). Automated generation and analysis of attack graphs. In IEEE symposium on security and privacy, pp. 273–284.Google Scholar
  18. 18.
    Sheyner, O. M. (2004). Scenario graphs and attack graphs. PhD thesis, Carnegie Mellon University, Pittsburgh, PA, April.Google Scholar
  19. 19.
    Wang, Z., & Crowcroft, J. (1996). Quality-of-service routing for supporting multimedia applications. IEEE Journal on Selected Areas in Communications, 14(7), 1228–1234.Google Scholar
  20. 20.
    Zhu, S., Setia, S., & Jajodia, S. (2003). LEAP: Efficient security mechanisms for large-scale distributed sensor networks. In ACM conference on computer and communications security (CCS’03).Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2007

Authors and Affiliations

  • Huzaifa Al Nahas
    • 1
  • Jitender S. Deogun
    • 1
  • Eric D. Manley
    • 1
  1. 1.Department of Computer Science and EngineeringUniversity of Nebraska-LincolnLincolnUSA

Personalised recommendations