Journal of KIISE:Information Networking (한국정보과학회논문지:정보통신)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Trust-Based Filtering of False Data in Wireless Sensor Networks

신뢰도 평가를 통한 무선 센서 네트워크에서의 거짓 데이타 제거

  • 허준범 (한국과학기술원 전산학과) ;
  • 이윤호 (한국과학기술원 전산학과) ;
  • 윤현수 (한국과학기술원 전산학과)
  • Published : 2008.02.15
Download PDF
⟨ Previous Next ⟩

Abstract

Wireless sensor networks are expected to play a vital role in the upcoming age of ubiquitous computing such as home environmental, industrial, and military applications. Compared with the vivid utilization of the sensor networks, however, security and privacy issues of the sensor networks are still in their infancy because unique challenges of the sensor networks make it difficult to adopt conventional security policies. Especially, node compromise is a critical threat because a compromised node can drain out the finite amount of energy resources in battery-powered sensor networks by launching various insider attacks such as a false data injection. Even cryptographic authentication mechanisms and key management schemes cannot suggest solutions for the real root of the insider attack from a compromised node. In this paper, we propose a novel trust-based secure aggregation scheme which identifies trustworthiness of sensor nodes and filters out false data of compromised nodes to make resilient sensor networks. The proposed scheme suggests a defensible approach against the insider attack beyond conventional cryptographic solutions. The analysis and simulation results show that our aggregation scheme using trust evaluation is more resilient alternative to median.

무선 센서 네트워크는 자연재해 탐지 시스템, 의료 시스템, 그리고 군사적 응용분야 등의 다양한 환경에서 유용한 해결책을 제시하고 있다. 그러나 센서 네트워크의 구성 환경 및 자원 제약적인 본질적인 특성으로 인해 기존의 전통적인 보안기법을 그대로 센서 네트워크에 적용하기에는 무리가 있다. 특히 네트워크를 구성하는 센서 노드들은 제한된 배터리를 사용하기 때문에 센서 네트워크에 거짓 데이타가 유입되는 경우 서비스 거부 뿐만 아니라 센서 노드의 제한된 에너지를 소모시키는 등의 심각한 문제를 야기할 수 있다. 기존의 전통적인 암호학적 인증 및 키 관리 방법 등을 통한 보안 기법은 센서 네트워크의 물리적인 노드탈취 공격에 대한 취약성으로 인해서 이러한 거짓 데이타 판별에 대한 해결책을 제시하지 못한다. 본 논문에서는 기존의 평판기반 기법과 달리 각 센서 노드의 위치에 따른 센싱 결과에 대해 일관성 등의 요소를 기반으로 신뢰도를 평가하고, 거짓 데이타를 주입하는 내부 공격에 대한 보안기법을 제안한다. 분석 결과에 따르면 제안한 신뢰도 평가 기반의 데이타 통합 기법은 기존의 중앙값보다 견고한 데이타 통합 결과를 보여준다.

Keywords

References

  1. H. Chan and A. Perrig, Security and Privacy in Sensor Networks, IEEE Computer 2003
  2. A. Pirzada, C. McDonald, Establishing Trust In Pure Ad-hoc Networks, Proceedings of the 27th conference on Australasian computer science, 2004
  3. C. Karlof, D. Wagner, Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures, NEST 2003
  4. A. Perrig, J. Stankovic, D. Wagner, Security in Wireless Sensor Networks, Communication of the ACM, June 2004
  5. David Wagner, Resilient Aggregation in Sensor Networks, ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '04), October 25, 2004
  6. B. Przydatek, D. Song, A. Perrig, SIA: Secure Information Aggregation in Sensor Networks, SenSys 2003
  7. H. Yang, F. Ye, Y. Yuan, S. Lu, W. Arbaugh, Toward Resilient Security in Wireless Sensor Networks, Proceedings of the 6th ACM International Symposium on Mobile Ad hoc Networking and Computing, Urbana-Champaign, Illinois, USA, May 2005
  8. L. Hu and D. Evans, Secure Aggregation for Wireless Networks, In Workshop on Security and Assurance in Ad hoc Networks. January 2003
  9. S. Zhu, S. Setia, S. Jajodia, P. Ning, An Interleaved Hop-by-Hop Authentication Scheme for Filtering of Injected False Data in Sensor Networks, Proceedings of IEEE Symposium on Security and Privacy, Oakland, California, May 2004
  10. F. Ye, H. Luo, L. Zhang, Statistical En-route Detection and Filtering of Injected False Data in Sensor Networks, Proceedings of IEEE INFOCOM 2004
  11. A. Perrig, R. Szewczyk, V. Wen, D. Culler, J.D. Tygar, SPINS: Security Protocols for Sensor Networks, Wireless Networks Journal (WINE), September 2002
  12. N. Shrivastava, C. Buragohain, D. Agrawal, S. Suri, Medians and Beyond: New Aggregation Techniques for Sensor Networks, Proceedings of the Second ACM Conference on Embedded Networked Sensor Systems (SenSys 2004), August 16 2004
  13. H. Chan, A. Perrig, D. Song, Random key predistribution schemes for sensor networks, IEEE Symposium on Security and Privacy, Berkely, California, May 11-14 2003, pp. 197-213
  14. W. Du, J. Deng, Y.S. Han, P.K. Varshney, A pairwise key pre-distribution scheme for wireless sensor networks, Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS), Washington, DC, USA, October 27-31 2003, pp. 42-51
  15. L. Buttyan, P. Schaffer, I. Vajda, Resilient Aggregation with Attack Detection in Sensor Networks, Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops, 2006
  16. Z. Yan, P. Zhang, T. Virtanen, Trust Evaluation Based Security Solution in Ad Hoc Networks, NordSec 2003, Proceedings of the Seventh Nordic Workshop on Secure IT Systems, 15th-17th October 2003
  17. R. Pickholtz, D. Schilling, L. Milstein, Theory of Spread Spectrum Communications - A Tutorial, IEEE Transactions on Communications, pp. 855- 884, May 1982
  18. S. B. Wicker, M. D. Bartz, Type-II Hybrid-ARQ Protocols Using Punctured MDS Codes, Proceedings of IEEE Transactions on Communications, April 1994
  19. Z. Li, W. Trappe, Y. Zhang, B. Nath, Robust Statistical Methods for Securing Wireless Localization in Sensor Networks, IPSN 2005, Los Angeles, April 2005
  20. X. Ji, H. Zha, Robust Sensor Localization Algorithm in Wireless Ad-hoc Sensor Networks, Proceedings of the 12th International Conference on Computer Communications and Networks (ICCCN03), 2003
  21. L. Lazos, R. Poovendran, SeRLoc: Secure Range- Independent Localiztion for Wireless Sensor Networks, Proceedings of the 2004 ACM Workshop on Wireless Security, pp. 21-30, 2004
  22. N. Sastry, U. Shankar, D. Wagner, Secure Verification of Location Claims, Proceedings of the 2003 ACM workshop on Wireless security
  23. S.S. Doumit, D.P. Agrawal, Self-Organized Criticality and Stochastic learning based intrusion detection system for wireless sensor networks, Military Communications Conference, 2003. MILCOM '03. 2003 IEEE, pp. 609-614
  24. A. Mahimkar, T. S. Rappaport, SecureDAV: A Secure Data Aggregation and Verification Protocol for Sensor Networks, Proceedings of IEEE Global Telecommunications Conference (Globecom) 2004, Dallas, TX, Nov 29 - Dec 3, 2004