LEDS

Providing location-aware end-to-end data security in wireless sensor networks

Kui Ren, Wenjing Lou, Yanchao Zhang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

52 Citations (Scopus)

Abstract

Providing end-to-end data security, i.e., data confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is a non-trivial task. In addition to the large number and severe resource constraint of sensor nodes, a particular challenge comes from potential insider attacks due to possible node compromise, since a WSN is usually deployed in unattended/hostile environments. Existing security designs provide a hop-by-hop security paradigm only, which leaves the end-to-end data security at high stake. Data confidentiality and authenticity is highly vulnerable to insider attacks, and the multihop transmission of messages aggravates the situation. Moreover, data availability is not sufficiently addressed in existing security designs, many of which are highly vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks, selective forwarding attacks, etc. In this paper, we seek feasible solutions to overcome these vulnerabilities. Through exploiting the static and location-aware nature of WSNs, we come up with a location-aware end-to-end security framework in which each node only stores a few secret keys and those secret keys are bound to the node's geographic location. The property of the location-aware keys successfully limits the impact of compromised nodes to their vicinity. We also propose a multifunctional key management framework which ensures both nodeto-sink and node-to-node authentication along report forwarding routes. Moreover, our novel one-to-many data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against many known DoS attacks. We evaluate our design through extensive analysis, which demonstrates a high security resilience against an increasing number of compromised nodes at the cost of a moderate protocol overhead.

Original languageEnglish (US)
Title of host publicationProceedings - IEEE INFOCOM
DOIs
StatePublished - 2006
Externally publishedYes
EventINFOCOM 2006: 25th IEEE International Conference on Computer Communications - Barcelona, Spain
Duration: Apr 23 2006Apr 29 2006

Other

OtherINFOCOM 2006: 25th IEEE International Conference on Computer Communications
CountrySpain
CityBarcelona
Period4/23/064/29/06

Fingerprint

Security of data
Wireless sensor networks
Availability
Sensor nodes
Authentication
Network protocols
Denial-of-service attack

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Hardware and Architecture

Cite this

LEDS : Providing location-aware end-to-end data security in wireless sensor networks. / Ren, Kui; Lou, Wenjing; Zhang, Yanchao.

Proceedings - IEEE INFOCOM. 2006. 4146956.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ren, K, Lou, W & Zhang, Y 2006, LEDS: Providing location-aware end-to-end data security in wireless sensor networks. in Proceedings - IEEE INFOCOM., 4146956, INFOCOM 2006: 25th IEEE International Conference on Computer Communications, Barcelona, Spain, 4/23/06. https://doi.org/10.1109/INFOCOM.2006.303
@inproceedings{729d3f8d06514c1a999ab7bf63446e98,
title = "LEDS: Providing location-aware end-to-end data security in wireless sensor networks",
abstract = "Providing end-to-end data security, i.e., data confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is a non-trivial task. In addition to the large number and severe resource constraint of sensor nodes, a particular challenge comes from potential insider attacks due to possible node compromise, since a WSN is usually deployed in unattended/hostile environments. Existing security designs provide a hop-by-hop security paradigm only, which leaves the end-to-end data security at high stake. Data confidentiality and authenticity is highly vulnerable to insider attacks, and the multihop transmission of messages aggravates the situation. Moreover, data availability is not sufficiently addressed in existing security designs, many of which are highly vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks, selective forwarding attacks, etc. In this paper, we seek feasible solutions to overcome these vulnerabilities. Through exploiting the static and location-aware nature of WSNs, we come up with a location-aware end-to-end security framework in which each node only stores a few secret keys and those secret keys are bound to the node's geographic location. The property of the location-aware keys successfully limits the impact of compromised nodes to their vicinity. We also propose a multifunctional key management framework which ensures both nodeto-sink and node-to-node authentication along report forwarding routes. Moreover, our novel one-to-many data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against many known DoS attacks. We evaluate our design through extensive analysis, which demonstrates a high security resilience against an increasing number of compromised nodes at the cost of a moderate protocol overhead.",
author = "Kui Ren and Wenjing Lou and Yanchao Zhang",
year = "2006",
doi = "10.1109/INFOCOM.2006.303",
language = "English (US)",
isbn = "1424402212",
booktitle = "Proceedings - IEEE INFOCOM",

}

TY - GEN

T1 - LEDS

T2 - Providing location-aware end-to-end data security in wireless sensor networks

AU - Ren, Kui

AU - Lou, Wenjing

AU - Zhang, Yanchao

PY - 2006

Y1 - 2006

N2 - Providing end-to-end data security, i.e., data confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is a non-trivial task. In addition to the large number and severe resource constraint of sensor nodes, a particular challenge comes from potential insider attacks due to possible node compromise, since a WSN is usually deployed in unattended/hostile environments. Existing security designs provide a hop-by-hop security paradigm only, which leaves the end-to-end data security at high stake. Data confidentiality and authenticity is highly vulnerable to insider attacks, and the multihop transmission of messages aggravates the situation. Moreover, data availability is not sufficiently addressed in existing security designs, many of which are highly vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks, selective forwarding attacks, etc. In this paper, we seek feasible solutions to overcome these vulnerabilities. Through exploiting the static and location-aware nature of WSNs, we come up with a location-aware end-to-end security framework in which each node only stores a few secret keys and those secret keys are bound to the node's geographic location. The property of the location-aware keys successfully limits the impact of compromised nodes to their vicinity. We also propose a multifunctional key management framework which ensures both nodeto-sink and node-to-node authentication along report forwarding routes. Moreover, our novel one-to-many data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against many known DoS attacks. We evaluate our design through extensive analysis, which demonstrates a high security resilience against an increasing number of compromised nodes at the cost of a moderate protocol overhead.

AB - Providing end-to-end data security, i.e., data confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is a non-trivial task. In addition to the large number and severe resource constraint of sensor nodes, a particular challenge comes from potential insider attacks due to possible node compromise, since a WSN is usually deployed in unattended/hostile environments. Existing security designs provide a hop-by-hop security paradigm only, which leaves the end-to-end data security at high stake. Data confidentiality and authenticity is highly vulnerable to insider attacks, and the multihop transmission of messages aggravates the situation. Moreover, data availability is not sufficiently addressed in existing security designs, many of which are highly vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks, selective forwarding attacks, etc. In this paper, we seek feasible solutions to overcome these vulnerabilities. Through exploiting the static and location-aware nature of WSNs, we come up with a location-aware end-to-end security framework in which each node only stores a few secret keys and those secret keys are bound to the node's geographic location. The property of the location-aware keys successfully limits the impact of compromised nodes to their vicinity. We also propose a multifunctional key management framework which ensures both nodeto-sink and node-to-node authentication along report forwarding routes. Moreover, our novel one-to-many data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against many known DoS attacks. We evaluate our design through extensive analysis, which demonstrates a high security resilience against an increasing number of compromised nodes at the cost of a moderate protocol overhead.

UR - http://www.scopus.com/inward/record.url?scp=36248933437&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=36248933437&partnerID=8YFLogxK

U2 - 10.1109/INFOCOM.2006.303

DO - 10.1109/INFOCOM.2006.303

M3 - Conference contribution

SN - 1424402212

SN - 9781424402212

BT - Proceedings - IEEE INFOCOM

ER -