LEDS: Providing location-aware end-to-end data security in wireless sensor networks

Kui Ren, Wenjing Lou, Yanchao Zhang

Research output: Contribution to journalArticle

103 Citations (Scopus)

Abstract

Providing desirable data security, that is, confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is challenging, as a WSN usually consists of a large number of resource constraint sensor nodes that are generally deployed in unattended/hostile environments and, hence, are exposed to many types of severe insider attacks due to node compromise. Existing security designs mostly provide a hop-by-hop security paradigm and thus are vulnerable to such attacks. Furthermore, existing security designs are also vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks and selective forwarding attacks and thus put data availability at stake. In this paper, we seek to overcome these vulnerabilities for large-scale static WSNs. We come up with a location-aware end-to-end security framework in which secret keys are bound to geographic locations and each node stores a few keys based on its own location. This location-aware property effectively limits the impact of compromised nodes only to their vicinity without affecting end-to-end data security. The proposed multifunctional key management framework assures both node-to-sink and node-to-node authentication along the report forwarding routes. Moreover, the proposed data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against DoS attacks. The evaluation demonstrates that the proposed design is highly resilient against an increasing number of compromised nodes and effective in energy savings.

Original languageEnglish (US)
Article number4358997
Pages (from-to)585-598
Number of pages14
JournalIEEE Transactions on Mobile Computing
Volume7
Issue number5
DOIs
StatePublished - May 2008
Externally publishedYes

Fingerprint

Security of data
Wireless sensor networks
Availability
Sensor nodes
Authentication
Energy conservation
Denial-of-service attack

Keywords

  • Data security
  • DoS attack
  • End-to-end
  • False-data injection attack
  • Wireless sensor network

ASJC Scopus subject areas

  • Engineering(all)
  • Computer Science(all)

Cite this

LEDS : Providing location-aware end-to-end data security in wireless sensor networks. / Ren, Kui; Lou, Wenjing; Zhang, Yanchao.

In: IEEE Transactions on Mobile Computing, Vol. 7, No. 5, 4358997, 05.2008, p. 585-598.

Research output: Contribution to journalArticle

@article{a226426569204335af3cbbad37d4fe12,
title = "LEDS: Providing location-aware end-to-end data security in wireless sensor networks",
abstract = "Providing desirable data security, that is, confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is challenging, as a WSN usually consists of a large number of resource constraint sensor nodes that are generally deployed in unattended/hostile environments and, hence, are exposed to many types of severe insider attacks due to node compromise. Existing security designs mostly provide a hop-by-hop security paradigm and thus are vulnerable to such attacks. Furthermore, existing security designs are also vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks and selective forwarding attacks and thus put data availability at stake. In this paper, we seek to overcome these vulnerabilities for large-scale static WSNs. We come up with a location-aware end-to-end security framework in which secret keys are bound to geographic locations and each node stores a few keys based on its own location. This location-aware property effectively limits the impact of compromised nodes only to their vicinity without affecting end-to-end data security. The proposed multifunctional key management framework assures both node-to-sink and node-to-node authentication along the report forwarding routes. Moreover, the proposed data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against DoS attacks. The evaluation demonstrates that the proposed design is highly resilient against an increasing number of compromised nodes and effective in energy savings.",
keywords = "Data security, DoS attack, End-to-end, False-data injection attack, Wireless sensor network",
author = "Kui Ren and Wenjing Lou and Yanchao Zhang",
year = "2008",
month = "5",
doi = "10.1109/TMC.2007.70753",
language = "English (US)",
volume = "7",
pages = "585--598",
journal = "IEEE Transactions on Mobile Computing",
issn = "1536-1233",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "5",

}

TY - JOUR

T1 - LEDS

T2 - Providing location-aware end-to-end data security in wireless sensor networks

AU - Ren, Kui

AU - Lou, Wenjing

AU - Zhang, Yanchao

PY - 2008/5

Y1 - 2008/5

N2 - Providing desirable data security, that is, confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is challenging, as a WSN usually consists of a large number of resource constraint sensor nodes that are generally deployed in unattended/hostile environments and, hence, are exposed to many types of severe insider attacks due to node compromise. Existing security designs mostly provide a hop-by-hop security paradigm and thus are vulnerable to such attacks. Furthermore, existing security designs are also vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks and selective forwarding attacks and thus put data availability at stake. In this paper, we seek to overcome these vulnerabilities for large-scale static WSNs. We come up with a location-aware end-to-end security framework in which secret keys are bound to geographic locations and each node stores a few keys based on its own location. This location-aware property effectively limits the impact of compromised nodes only to their vicinity without affecting end-to-end data security. The proposed multifunctional key management framework assures both node-to-sink and node-to-node authentication along the report forwarding routes. Moreover, the proposed data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against DoS attacks. The evaluation demonstrates that the proposed design is highly resilient against an increasing number of compromised nodes and effective in energy savings.

AB - Providing desirable data security, that is, confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is challenging, as a WSN usually consists of a large number of resource constraint sensor nodes that are generally deployed in unattended/hostile environments and, hence, are exposed to many types of severe insider attacks due to node compromise. Existing security designs mostly provide a hop-by-hop security paradigm and thus are vulnerable to such attacks. Furthermore, existing security designs are also vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks and selective forwarding attacks and thus put data availability at stake. In this paper, we seek to overcome these vulnerabilities for large-scale static WSNs. We come up with a location-aware end-to-end security framework in which secret keys are bound to geographic locations and each node stores a few keys based on its own location. This location-aware property effectively limits the impact of compromised nodes only to their vicinity without affecting end-to-end data security. The proposed multifunctional key management framework assures both node-to-sink and node-to-node authentication along the report forwarding routes. Moreover, the proposed data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against DoS attacks. The evaluation demonstrates that the proposed design is highly resilient against an increasing number of compromised nodes and effective in energy savings.

KW - Data security

KW - DoS attack

KW - End-to-end

KW - False-data injection attack

KW - Wireless sensor network

UR - http://www.scopus.com/inward/record.url?scp=41449098948&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=41449098948&partnerID=8YFLogxK

U2 - 10.1109/TMC.2007.70753

DO - 10.1109/TMC.2007.70753

M3 - Article

AN - SCOPUS:41449098948

VL - 7

SP - 585

EP - 598

JO - IEEE Transactions on Mobile Computing

JF - IEEE Transactions on Mobile Computing

SN - 1536-1233

IS - 5

M1 - 4358997

ER -