A Framework for Identifying Compromised Nodes in Sensor Networks

Sep 21, 2005

Download: MP4 Video Size: 183.1MB  
Watch on YouTube

Abstract

Sensor networks are vulnerable to physical attacks. Once a node's cryptographic key is compromised, an attacker may completely impersonate it, and introduce arbitrary false information into the network. Most existing techniques focus on detecting and tolerating false information introduced by compromised nodes. They cannot pinpoint exactly where the false information is introduced and who is responsible for it.

We propose an application-independent framework for identifying compromised sensor nodes. In this framework, sensor nodes may conceptually observe the activity of each other following the deployment topology of a sensor network. An alert is generated if a node observes an abnormal activity. Such alerts are collected by the base station, which further reason and finally identify compromised nodes. We develop efficient and accurate reasoning algorithms that can effectively deal with collusion and local majorities. Our algorithms are optimal in the sense that they identify the largest number of compromised nodes without introducing false positives.