Broadcast authentication is an important application in sensor networks. Public Key Cryptography (PKC) is desirable for this application, but due to the resource constraints on sensor nodes, these operations are expensive, which means sensor networks using PKC are susceptible to Denial of Service (DoS) attacks: attackers keep broadcasting bogus messages, which will incur extra costs, thus exhaust the energy of the honest nodes. In addition, the long time to verify each message using PKC increases the response time of the nodes; it is impractical for the nodes to validate each incoming message before forwarding i.

In this paper we discuss this type of DoS attacks, in which the goal of the adversary is to exhaust the energy of the sensor nodes and to increase their response time to broadcast messages. We then present a dynamic window scheme, where sensor nodes determine whether first to verify a message or first to forward the message by themselves. This is made possible with the information such as how far this node is away from the malicious attacker, and how many hops the incoming message has passed. We compare the performance of the proposed scheme with other schemes, and show that it can contain the damage of DoS attacks to only a small portion of the sensor nodes.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	D.-M. Chiu , R. Jain, Analysis of the increase and decrease algorithms for congestion avoidance in computer networks, Computer Networks and ISDN Systems, v.17 n.1, p.1-14, June 10, 1989  [doi>10.1016/0169-7552(89)90019-6]
	2	Jing Deng , Richard Han , Shivakant Mishra, Defending against path-based DoS attacks in wireless sensor networks, Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks, November 07-07, 2005, Alexandria, VA, USA  [doi>10.1145/1102219.1102235]
	3	Hans Eberle , Sheueling Shantz , Vipul Gupta , Nils Gura , Leonard Rarick , Lawrence Spracklen, Accelerating Next-Generation Public-Key Cryptosystems on General-Purpose CPUs, IEEE Micro, v.25 n.2, p.52-59, March 2005  [doi>10.1109/MM.2005.24]
	4	G. Gaubatz, J. Kaps, and B. Sunar. Public keys cryptography in sensor networks -- revisited. In Proceedings of ESAS 2004, 2004.
	5	N. Gura, A. Patel, A. Wander, H. Eberle, and S. Shantz. Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs. In CHES 2004, Cambridge, MA, August 11-13 2004.
	6	Jonathan M. McCune , Elaine Shi , Adrian Perrig , Michael K. Reiter, Detection of Denial-of-Message Attacks on Sensor Network Broadcasts, Proceedings of the 2005 IEEE Symposium on Security and Privacy, p.64-78, May 08-11, 2005  [doi>10.1109/SP.2005.7]
	7	P. Ning and A. Liu. Tinyecc: Elliptic curve cryptography for sensor networks. Cyber Defense Laboratory in NCSU, September 2005.
	8	A. Perrig, R. Canetti, D. Song, and D. Tygar. Efficient and secure source authentication for multicast. In Proceedings of NDSS, San Diego, CA, February 2001.
	9	Adrian Perrig , Robert Szewczyk , Victor Wen , David Culler , J. D. Tygar, SPINS: security protocols for sensor networks, Proceedings of the 7th annual international conference on Mobile computing and networking, p.189-199, July 2001, Rome, Italy  [doi>10.1145/381677.381696]
	10	DARPA INTERNET PROGRAM. Rfc 793 -- transmission control protocol, September 1981.
	11	Sumit Rangwala , Ramakrishna Gummadi , Ramesh Govindan , Konstantinos Psounis, Interference-aware fair rate control in wireless sensor networks, Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications, September 11-15, 2006, Pisa, Italy
	12	Chieh-Yih Wan , Shane B. Eisenman , Andrew T. Campbell, CODA: congestion detection and avoidance in sensor networks, Proceedings of the 1st international conference on Embedded networked sensor systems, November 05-07, 2003, Los Angeles, California, USA  [doi>10.1145/958491.958523]
	13	Alec Woo , David E. Culler, A transmission control scheme for media access in sensor networks, Proceedings of the 7th annual international conference on Mobile computing and networking, p.221-235, July 2001, Rome, Italy  [doi>10.1145/381677.381699]
	14	Anthony D. Wood , John A. Stankovic, Denial of Service in Sensor Networks, Computer, v.35 n.10, p.54-62, October 2002  [doi>10.1109/MC.2002.1039518]
	15	Y. R. Yang , S. S. Lam, General AIMD congestion control, Proceedings of the 2000 International Conference on Network Protocols, p.187, November 14-17, 2000