DocumentCode :
3003093
Title :
Scalable, Cluster-based Anti-replay Protection for Wireless Sensor Networks
Author :
Raymond, David R. ; Marchany, Randy C. ; Midkiff, Scott F.
fYear :
2007
fDate :
20-22 June 2007
Firstpage :
127
Lastpage :
134
Abstract :
Large-scale wireless sensor network (WSN) deployments show great promise for military, homeland security, and many other applications. This promise, however, is offset by important security concerns. The resource constraints that typify wireless sensor devices make traditional security solutions impractical. One threat to secure sensor networks is the replay attack, in which packets are captured and replayed into the network. This type of attack can be perpetrated to confuse observers or to mount a denial-of-service or denial-of-sleep attack. Traditional techniques for anti-replay protection are too resource intensive for large-scale WSN deployments. While techniques for reducing data transmission overhead of WSN-speciflc anti-replay mechanisms have been explored, the important problem of minimizing per-node reply table storage requirements has not been addressed. This paper introduces Clustered Anti-Replay Protection or CARP, which leverages sensor network clustering to place a limit on the amount of memory required to store anti-replay information. We show that clustering keeps the memory required for anti-replay tables manageable, reducing the size from 30% of a Mica2´s memory to 4.4% for a 200-node network. While the advantages of this technique are clear, the difficulty lies in securely updating network-wide anti-replay tables when the network reclusters, an event that must happen routinely to distribute energy consumption across the nodes in the network. Our mechanism distributes necessary anti-replay information in a secure, low-overhead, and completely distributed manner. We further show the energy-consumption overhead of adding anti-replay counters to network traffic across several WSN medium access control (MAC) protocols and two representative WSN platforms. On the Mica2 platform, overheads range from a 0% to 1.32% decrease in network lifetime, depending on the MAC protocol. On the Tmote Sky, overheads range from 0% to 4.64%. Providing anti-replay suppor- t in a secure, scalable, and distributed way is necessary to the overall security of future WSN deployments if they are to meet current expectations.
Keywords :
access protocols; telecommunication security; wireless sensor networks; MAC; antireplay information; antireplay tables; cluster-based antireplay protection; data transmission overhead; denial-of-service attack; denial-of-sleep attack; energy-consumption; medium access control protocols; network reclusters; security solutions; wireless sensor networks; Access protocols; Communication system security; Computer crime; Large-scale systems; Media Access Protocol; Memory management; National security; Protection; Terrorism; Wireless sensor networks; Anti-replay; Security; Sensor Networks;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Assurance and Security Workshop, 2007. IAW '07. IEEE SMC
Conference_Location :
West Point, NY
Print_ISBN :
1-4244-1304-4
Electronic_ISBN :
1-4244-1304-4
Type :
conf
DOI :
10.1109/IAW.2007.381924
Filename :
4267552
Link To Document :
بازگشت