Distributed replication attack detection protocol in wireless sensor networks

Abstract

As Wireless Sensor Networks (WSNs) continue to be applied to mission-critical applications, it is essential to provide security solutions to interact with sensitive data. However, due to inherent resource limitations and operations in hostile environments where enemies may be present, sensors are susceptible to being captured or compromised by adversaries. As one of the most cost-effective attacks for an adversary to disturb the sensor network applications, the node replication attack has begun to be paid attention. In this attack, once the adversary had captured at least one node, he could make a bunch of replicas of them, and surreptitiously put them back to the original network after both operational and strategic aspects were considered. Since capturing a few nodes and copying them are relatively easy in distributed large-scale sensor networks, the adversary can launch a variety of inner attacks using these cloned nodes. Thus, it is a challenging problem that needs to be addressed urgently. For detecting and removing these hostile replicas, we propose distributed, deterministic and resilient (DDR) replication attack detection scheme and its enhanced variant E-DDR. They are based on the use of symmetric key cryptography unlike prior approaches. The basic idea is to select verification point where each node will be verified deterministically considering network topology before sensor deployment. When the detection round begins for each node, one of the given node`s neighboring node sends an authenticated message including the target node`s deployed information and $\textit{id}$ toward that verification point. Then, intermediate nodes along the routing path store that claim messages and check the inconsistency of deployment location depending on the target node`s security weight. If replicated nodes exist, more than two claim messages may collide at a certain intermediate node or the closest node to verification point in the end. By doing so, our approach ...