Detecting Node Compromise in Hybrid Wireless Sensor Networks Using Attestation Techniques

  • Christoph Krauß
  • Frederic Stumpf
  • Claudia Eckert
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4572)


Node compromise is a serious threat in wireless sensor networks. Particular in networks which are organized in clusters, nodes acting as cluster heads for many cluster nodes are a valuable target for an adversary. We present two efficient hardware-based attestation protocols for detecting compromised cluster heads. Cluster heads are equipped with a Trusted Platform Module and possess much more resources than the majority of cluster nodes which are very constrained in their capabilities. A cluster node can verify the trustworthiness of a cluster head using the Trusted Platform Module as a trust anchor and therefore validate whether the system integrity of a cluster head has not been tampered with. The first protocol provides a broadcast attestation, i.e., allowing a cluster head to attest its system integrity to multiple cluster nodes simultaneously, while the second protocol is able to carry out a direct attestation between a single cluster node (or the sink) and one cluster head. In contrast to timing-based software approaches,the attestation can be performed even if nodes are multiple hops away from each other.


Sensor Network Security Trusted Computing Attestation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akyildiz, I., Su, W., Sankarasubramaniam, Y., Cayirci, E.: A survey on sensor networks. IEEE Comm. Mag. 40(8), 102–114 (2002)CrossRefGoogle Scholar
  2. 2.
    Seshadri, A., Perrig, A., Doorn, L.v., Khosla, P.: SWATT: SoftWare-based ATTestation for Embedded Devices. In: IEEE Symp. on Sec. and Priv., IEEE Computer Society Press, Los Alamitos (2004)Google Scholar
  3. 3.
    Seshadri, A., Luk, M., Shi, E., Perrig, A., Doorn, L.v., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: SOSP 2005. Proceedings of the twentieth ACM symposium on Operating systems principles, Brighton, United Kingdom, pp. 1–16. ACM Press, New York (2005)CrossRefGoogle Scholar
  4. 4.
    Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: Secure Code Update By Attestation in Sensor Networks. In: WiSe 2006. Proceedings of the 5th ACM workshop on Wireless security, Los Angeles, California, ACM Press, New York (2006)Google Scholar
  5. 5.
    Trusted Computing Group: Trusted Platform Module (TPM) specifications, Technical report (2006),
  6. 6.
    Stumpf, F., Tafreschi, O., Röder, P., Eckert, C.: A Robust Integrity Reporting Protocol for Remote Attestation. In: WATC 2006. Proceedings of the Second Workshop on Advances in Trusted Computing (2006)Google Scholar
  7. 7.
    Shi, E., Perrig, A., Van Doorn, L.: BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In: SP 2005. Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 154–168. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  8. 8.
  9. 9.
  10. 10.
    Sailer, R., Zhang, X., Jaeger, T., Doorn, L.v.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: 13th USENIX Security Symposium, IBM T. J. Watson Research Center (August 2004)Google Scholar
  11. 11.
    Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)CrossRefMathSciNetGoogle Scholar
  12. 12.
    Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: SPINS: security protocols for sensor networks. Wirel. Netw. 8(5), 521–534 (2002)zbMATHCrossRefGoogle Scholar
  13. 13.
    Ye, F., Luo, H., Lu, S., Zhang, L.: Statistical en-route filtering of injected false data in sensor networks. In: Proceedings IEEE INFOCOM., IEEE Computer Society Press, Los Alamitos (2004)Google Scholar
  14. 14.
    Zhu, S., Setia, S., Jajodia, S.: LEAP: efficient security mechanisms for large-scale distributed sensor networks. In: CCS 2003. Proceedings of the 10th ACM conference on Computer and communications security, ACM Press, New York (2003)Google Scholar
  15. 15.
    Ganeriwal, S., Ravi, S., Raghunathan, A.: Trusted platform based key establishment and management for sensor networks (Under review)Google Scholar
  16. 16.
    Karlof, C., Wagner, D.: Secure routing in wireless sensor networks: attacks and countermeasures. In: Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, pp. 113–127. IEEE Computer Society Press, Los Alamitos (2003)CrossRefGoogle Scholar
  17. 17.
    Rivest, R.L.: The RC5 Encryption Algorithm. In: Proceedings of the 1994 Leuven Workshop on Fast Software Encryption, pp. 86–96. Springer, Heidelberg (1995)Google Scholar
  18. 18.
    Shaneck, M., Mahadevan, K., Kher, V., Kim, Y.: Remote software-based attestation for wireless sensors. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Christoph Krauß
    • 1
  • Frederic Stumpf
    • 1
  • Claudia Eckert
    • 1
  1. 1.Department of Computer Science, Darmstadt University of Technology, DarmstadtGermany

Personalised recommendations