Alessandro Mei
ABSTRACT
We show that massive attacks against sensor networks that use random key pre-distribution schemes cannot be cheap, provided that the parameters are set in the right way. By choosing them appropriately, any adversary whose aim is to compromise a large fraction of the communication links is forced, with overwhelming probability, to capture a large fraction of the nodes. This holds regardless of the information available to the adversary to select the nodes. We consider two important security properties: We say that the network is unassailable if the adversary cannot compromise a linear fraction of the communication links by compromising a sub-linear fraction of the nodes, and that the network is unsplittable if the adversary cannot partition the network into two (or more) linear size fragments. We show how to set the relevant parameters of random key pre-distribution---pool and key ring size---in such a way that the network is not only connected, but also provably unassailable and unsplittable with high probability. Moreover, we also show how to set the parameters in such a way to form a giant component in the network, a connected subgraph including, say, 99% of the sensors. Giant components emerge by using much smaller key rings, are sparse, and, quite remarkably, are provably unassailable and unsplittable as well. All these results are supported by experiments.
- A. Perrig, J. Stankovic, and D. Wagner, "Security in wireless sensor networks," Communications of the ACM, vol. 47, no. 6, 2004. Google Scholar
Digital Library
- L. Eschenauer and V. D. Gligor, "A key-management scheme for distributed sensor networks," in Proceedings of the 9th ACM conference on Computer and communications security. ACM Press, 2002, pp. 41--47. Google ScholarDigital Library
- R. Di Pietro, L. V. Mancini, A. Mei, A. Panconesi, and J. Radhakrishnan, "Sensor networks that are provably resilient," in Proceedings of the IEEE International Conference on Security and Privacy in Communication Networks (SECURECOMM), 2006.Google Scholar
- H. Chan, A. Perrig, and D. Song, "Random key predistribution schemes for sensor networks," in Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, USA, 11--14 May 2003, pp. 197--213. Google ScholarDigital Library
- R. D. Pietro, L. V. Mancini, and A. Mei, "Energy efficient node-to-node authentication and communication confidentiality in wireless sensor networks," Wireless Networks, vol. 12, no. 6, pp. 709--721, 2006. Google ScholarDigital Library
- W. Du, J. Deng, Y. S. Han, and P. K. Varshney, "A pairwise key pre-distribution scheme for wireless sensor networks," in CCS '03: Proceedings of the 10th ACM conference on Computer and communications security. New York, NY, USA: ACM Press, 2003, pp. 42--51. Google ScholarDigital Library
- R. Blom, "An optimal class of symmetric key generation systems," in Advances in Cryptology: Proceedings of EUROCRYPT '84, volume 338 of LNCS, 1985. Google ScholarDigital Library
- D. Liu and P. Ning, "Establishing pairwise keys in distributed sensor networks," in CCS '03: Proceedings of the 10th ACM conference on Computer and communications security. New York, NY, USA: ACM Press, 2003, pp. 52--61. Google ScholarDigital Library
- C. Blundo, A. D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, "Perfectly-secure key distribution for dynamic conferences," in Advances in Cryptology: Proceedings of CRYPTO '92, volume 740 of LNCS, 1993. Google ScholarDigital Library
- P. Erdös and A. Rényi, "On the evolution of random graphs," Publ. Math. Inst. Hungar. Acad. Sci., vol. 5, pp. 17--61, 1960.Google Scholar
- J. Hwang and Y. Kim, "Revisiting random key pre-distribution schemes for wireless sensor networks," in Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN 2004), 2004. Google ScholarDigital Library
- C. Bettstetter, "On the minimum node degree and connectivity of a wireless multihop network," in Proceedings of the 3rd ACM international symposium on Mobile ad hoc networking and computing, 2002, pp. 80--91. Google ScholarDigital Library
- M. D. Penrose, "On k-connectivity for a geometric random graph," Random Structures and Algorithms, vol. 15, no. 2, pp. 145--164, 1999. Google ScholarDigital Library
- M. Karoński, E. R. Sheinerman, and K. B. Singer-Cohen, "On random intersection graphs: the subgraph problem," Combinatorics, Probability and Computing, vol. 8, pp. 131--159, 1999. Google ScholarCross Ref
- K. B. S.-C. J. A. Fill, E. R. Schenerman, "Random intersection graphs when m = w(n): An equivalence theorem relating the evolution of the g(n, m, p) and g(n, p) models," Random Structures and Algorithms, vol. 16, pp. 156--176, 2000. Google ScholarDigital Library
- K. B. Singer-Cohen, "Random intersection graphs," Ph.D. dissertation, Department of Mathematical Sciences, The Johns Hopkins University, 1995.Google Scholar
- D. Stark, "The vertex degree distribution of random intersection," Random Structures and Algorithms, vol. 24, pp. 249--258, 2004. Google ScholarDigital Library
- W. Hoeffding, "Probability inequalities for sums of bounded random variables," Am. Stat. Assoc. J., vol. 58, pp. 13--30, 1963.Google ScholarCross Ref
- V. Chvátal, "Lecture notes on the new aks sorting network," DIMACS Technical Report 92--99, Tech. Rep., 1991.Google Scholar
Index Terms
- Unassailable sensor networks
Recommendations
Defending against false-endorsement-based dos attacks in wireless sensor networks
WiSec '08: Proceedings of the first ACM conference on Wireless network securityNode compromise is a serious threat in wireless sensor networks. An adversary can use compromised sensor nodes to inject false data to deceive the base station or he can try to deplete the energy resources of the sensor nodes. One approach to mitigate ...
Analysis for Location-Based Key Pre-distribution in Wireless Sensor Networks
ICIC '09: Proceedings of the 2009 Second International Conference on Information and Computing Science - Volume 02Wireless sensor networks play key roles in many applications. They are often deployed in hostile environment where communications between sensor nodes must be encrypted. This requires the establishment of secure keys between the sensor nodes in the ...
Analysis of the applicability of wireless sensor networks attacks to body area networks
BodyNets '13: Proceedings of the 8th International Conference on Body Area NetworksA Body Area Network (BAN) is composed by several sensors that may be implanted or placed around the human body, usually deployed for health-care applications. The sensors monitor one or more vital signs and communicate through a wireless network, ...
Reviews
Jingping Long
Due to their intrinsic openness, wireless networks attract more attacks than wired networks. Security is a crucial and difficult issue for wireless networks. Much research effort is devoted to this important field, and numerous security protocols have been proposed and analyzed. Mei, Panconesi, and Radhakrishnan examine a protocol called random key predistribution. They set several criteria to evaluate its performance under attacks, including the ability to protect the majority of the links, the ability to counter being split, and the ability to form a giant component (containing 99 percent of the network). The authors conclude that if the protocol is properly implemented, the network will still be safe, even if some of the network sensors fail during attacks, as this will account for just a small fraction of the total number of sensors. In addition to the experiments, the authors use rigorous mathematics to prove their conclusion. The proof is based on graph theory. Basically, they convert the network into a graph. Each node of the graph represents a network sensor and the edges represent the links between sensors. Then, they prove that the route between two graph nodes can be established, regardless of how the edges are cut. A possible flaw of the work is that the graph is not weighted, meaning that all of the sensors and links of the network are equally important. This is probably not true in many cases since, quite often, the network has some nodes and links that have more responsibility than others. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments