Abstract
Node compromise is a serious threat in wireless sensor networks. Particular in networks which are organized in clusters, nodes acting as cluster heads for many cluster nodes are a valuable target for an adversary. We present two efficient hardware-based attestation protocols for detecting compromised cluster heads. Cluster heads are equipped with a Trusted Platform Module and possess much more resources than the majority of cluster nodes which are very constrained in their capabilities. A cluster node can verify the trustworthiness of a cluster head using the Trusted Platform Module as a trust anchor and therefore validate whether the system integrity of a cluster head has not been tampered with. The first protocol provides a broadcast attestation, i.e., allowing a cluster head to attest its system integrity to multiple cluster nodes simultaneously, while the second protocol is able to carry out a direct attestation between a single cluster node (or the sink) and one cluster head. In contrast to timing-based software approaches,the attestation can be performed even if nodes are multiple hops away from each other.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Akyildiz, I., Su, W., Sankarasubramaniam, Y., Cayirci, E.: A survey on sensor networks. IEEE Comm. Mag. 40(8), 102–114 (2002)
Seshadri, A., Perrig, A., Doorn, L.v., Khosla, P.: SWATT: SoftWare-based ATTestation for Embedded Devices. In: IEEE Symp. on Sec. and Priv., IEEE Computer Society Press, Los Alamitos (2004)
Seshadri, A., Luk, M., Shi, E., Perrig, A., Doorn, L.v., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: SOSP 2005. Proceedings of the twentieth ACM symposium on Operating systems principles, Brighton, United Kingdom, pp. 1–16. ACM Press, New York (2005)
Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: Secure Code Update By Attestation in Sensor Networks. In: WiSe 2006. Proceedings of the 5th ACM workshop on Wireless security, Los Angeles, California, ACM Press, New York (2006)
Trusted Computing Group: Trusted Platform Module (TPM) specifications, Technical report (2006), https://www.trustedcomputinggroup.org/specs/TPM
Stumpf, F., Tafreschi, O., Röder, P., Eckert, C.: A Robust Integrity Reporting Protocol for Remote Attestation. In: WATC 2006. Proceedings of the Second Workshop on Advances in Trusted Computing (2006)
Shi, E., Perrig, A., Van Doorn, L.: BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In: SP 2005. Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 154–168. IEEE Computer Society Press, Los Alamitos (2005)
Crossbow Technology: Mica2 datasheet, http://www.xbow.com/Products/Product_pdf_files/Wireless_pdf/MICA2_Datasheet.pdf
Crossbow Technology: Stargate datasheet, http://www.xbow.com/Products/Product_pdf_files/Wireless_pdf/Stargate_Datasheet.pdf
Sailer, R., Zhang, X., Jaeger, T., Doorn, L.v.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: 13th USENIX Security Symposium, IBM T. J. Watson Research Center (August 2004)
Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)
Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: SPINS: security protocols for sensor networks. Wirel. Netw. 8(5), 521–534 (2002)
Ye, F., Luo, H., Lu, S., Zhang, L.: Statistical en-route filtering of injected false data in sensor networks. In: Proceedings IEEE INFOCOM., IEEE Computer Society Press, Los Alamitos (2004)
Zhu, S., Setia, S., Jajodia, S.: LEAP: efficient security mechanisms for large-scale distributed sensor networks. In: CCS 2003. Proceedings of the 10th ACM conference on Computer and communications security, ACM Press, New York (2003)
Ganeriwal, S., Ravi, S., Raghunathan, A.: Trusted platform based key establishment and management for sensor networks (Under review)
Karlof, C., Wagner, D.: Secure routing in wireless sensor networks: attacks and countermeasures. In: Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, pp. 113–127. IEEE Computer Society Press, Los Alamitos (2003)
Rivest, R.L.: The RC5 Encryption Algorithm. In: Proceedings of the 1994 Leuven Workshop on Fast Software Encryption, pp. 86–96. Springer, Heidelberg (1995)
Shaneck, M., Mahadevan, K., Kher, V., Kim, Y.: Remote software-based attestation for wireless sensors. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Krauß, C., Stumpf, F., Eckert, C. (2007). Detecting Node Compromise in Hybrid Wireless Sensor Networks Using Attestation Techniques. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds) Security and Privacy in Ad-hoc and Sensor Networks. ESAS 2007. Lecture Notes in Computer Science, vol 4572. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73275-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-540-73275-4_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73274-7
Online ISBN: 978-3-540-73275-4
eBook Packages: Computer ScienceComputer Science (R0)