ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Pre-authentication filters: providing dos resistance for signature-based broadcast authentication in sensor networks
Full text PdfPdf (313 KB)
Source
Conference On Wireless Network Security archive
Proceedings of the first ACM conference on Wireless network security table of contents
Alexandria, VA, USA
SESSION: Authentication in wireless networks table of contents
Pages 2-12  
Year of Publication: 2008
ISBN:978-1-59593-814-5
Authors
Qi Dong  University if Texas at Arlington, Arlington, TX
Donggang Liu  University if Texas at Arlington, Arlington, TX
Peng Ning  North Carolina State University, Raleigh, NC
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 24,   Downloads (12 Months): 157,   Citation Count: 3
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1352533.1352536
What is a DOI?

ABSTRACT

Recent studies have demonstrated that it is possible to perform public key cryptographic operations on the resource-constrained sensor platforms. However, the significant resource consumption imposed by public key cryptographic operations makes such mechanisms easy targets of Denial- of Service (DoS) attacks. For example, if digital signatures such as ECDSA are used directly for broadcast authentication without further protection, an attacker can simply broadcast forged packets and force the receiving nodes to perform a large number of unnecessary signature verifications, eventually exhausting their battery power. This paper studies how to deal with such DoS attacks when signatures are used for broadcast authentication in sensor networks. In particular, this paper presents two filtering techniques, a group-based filter and a key chain-based filter, to handle DoS attacks against signature verification. Both methods can significantly reduce the number of unnecessary signature verifications that a sensor node has to perform. The analytical results also show that these two techniques are efficient and effective for resource-constrained sensor networks.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
I. F. Akyildiz , W. Su , Y. Sankarasubramaniam , E. Cayirci, Wireless sensor networks: a survey, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.38 n.4, p.393-422, 15 March 2002  [doi>10.1016/S1389-1286(01)00302-4]
 
2
Haowen Chan , Adrian Perrig , Dawn Song, Random Key Predistribution Schemes for Sensor Networks, Proceedings of the 2003 IEEE Symposium on Security and Privacy, p.197, May 11-14, 2003
 
3
Crossbow Technology Inc. MICAz 2.4GHz Wireless Module. http://www.xbow.com/Products/productdetails.aspx?sid=164. Accessed in January 2008.
4
Laurent Eschenauer , Virgil D. Gligor, A key-management scheme for distributed sensor networks, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA  [doi>10.1145/586110.586117]
 
5
N. Gura, A. Patel, and A. Wander. Comparing elliptic curve cryptography and rsa on 8-bit CPUs. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES), August 2004.
 
6
C. Hartung, J. Balasalle, and R. Han. Node compromise in sensor networks: The need for secure systems. Technical Report CU-CS-990-05, U. Colorado at Boulder, Jan. 2005.
 
7
Y. Hu, A. Perrig, and D. Johnson. Packet leashes: A defense against wormhole attacks in wireless ad hoc networks. In Proceedings of INFOCOM, April 2003.
 
8
IEEE Computer Society. IEEE standard for information technology - telecommunications and information exchange between systems - local and metropolitan area networks specific requirements part 15.4: wireless medium access control (MAC) and physical layer (PHY) specifications for low-rate wireless personal area networks (LR-WPANs). IEEE Std 802.15.4-2003, 2003.
 
9
C. Karlof and D. Wagner. Secure routing in wireless sensor networks: Attacks and countermeasures. In Proceedings of 1st IEEE International Workshop on Sensor Network Protocols and Applications, May 2003.
10
Loukas Lazos , Radha Poovendran, SeRLoc: secure range-independent localization for wireless sensor networks, Proceedings of the 3rd ACM workshop on Wireless security, October 01-01, 2004, Philadelphia, PA, USA  [doi>10.1145/1023646.1023650]
11
Hyojun Lim , Chongkwon Kim, Multicast tree construction and flooding in wireless ad hoc networks, Proceedings of the 3rd ACM international workshop on Modeling, analysis and simulation of wireless and mobile systems, p.61-68, August 20-20, 2000, Boston, Massachusetts, United States  [doi>10.1145/346855.346865]
 
12
A. Liu and P. Ning. TinyECC: Elliptic curve cryptography for sensor networks. http://discovery.csc.ncsu.edu/software/TinyECC/index.html.
13
Donggang Liu , Peng Ning, Establishing pairwise keys in distributed sensor networks, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA  [doi>10.1145/948109.948119]
 
14
D. J. Malan, M. Welsh, and M. D. Smith. A public-key infrastructure for key distribution in tinyos based on elliptic curve cryptography. In Proceedings of First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks (IEEE SECON 2004), pages 71--80, 2004.
15
James Newsome , Elaine Shi , Dawn Song , Adrian Perrig, The sybil attack in sensor networks: analysis & defenses, Proceedings of the third international symposium on Information processing in sensor networks, April 26-27, 2004, Berkeley, California, USA  [doi>10.1145/984622.984660]
16
Peng Ning , An Liu , Wenliang Du, Mitigating DoS attacks against broadcast authentication in wireless sensor networks, ACM Transactions on Sensor Networks (TOSN), v.4 n.1, p.1-35, January 2008  [doi>10.1145/1325651.1325652]
 
17
Bryan Parno , Adrian Perrig , Virgil Gligor, Distributed Detection of Node Replication Attacks in Sensor Networks, Proceedings of the 2005 IEEE Symposium on Security and Privacy, p.49-63, May 08-11, 2005  [doi>10.1109/SP.2005.8]
 
18
Wei Peng , Xi-Cheng Lu, On the reduction of broadcast redundancy in mobile ad hoc networks, Proceedings of the 1st ACM international symposium on Mobile ad hoc networking & computing, November 20, 2000, Boston, Massachusetts
19
Adrian Perrig , Robert Szewczyk , Victor Wen , David Culler , J. D. Tygar, SPINS: security protocols for sensor networks, Proceedings of the 7th annual international conference on Mobile computing and networking, p.189-199, July 2001, Rome, Italy  [doi>10.1145/381677.381696]
20
Bartosz Przydatek , Dawn Song , Adrian Perrig, SIA: secure information aggregation in sensor networks, Proceedings of the 1st international conference on Embedded networked sensor systems, November 05-07, 2003, Los Angeles, California, USA  [doi>10.1145/958491.958521]
 
21
Texas Instruments Inc. 2.4 GHz IEEE 802.15.4 / ZigBee-ready RF Transceiver. http://focus.ti.com/lit/ds/symlink/cc2420.pdf. Accessed in January 2008.
 
22
H. Wang, B. Sheng, C. C. Tan, and Q. Li. WM-ECC: an Elliptic Curve Cryptography Suite on Sensor Motes. Technical Report WM-CS-2007-11, College of William and Mary, Computer Science, Williamsburg, VA, 2007.
23
Ronghua Wang , Wenliang Du , Peng Ning, Containing denial-of-service attacks in broadcast authentication in sensor networks, Proceedings of the 8th ACM international symposium on Mobile ad hoc networking and computing, September 09-14, 2007, Montreal, Quebec, Canada  [doi>10.1145/1288107.1288118]
 
24
Anthony D. Wood , John A. Stankovic, Denial of Service in Sensor Networks, Computer, v.35 n.10, p.54-62, October 2002  [doi>10.1109/MC.2002.1039518]
 
25
Sencun Zhu , Shouhuai Xu , Sanjeev Setia , Sushil Jajodia, LHAP: A Lightweight Hop-by-Hop Authentication Protocol for Ad-Hoc Networks, Proceedings of the 23rd International Conference on Distributed Computing Systems, p.749, May 19-22, 2003

CITED BY  3
Haowen Chan , Adrian Perrig, Efficient security primitives derived from a secure aggregation algorithm, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Hailun Tan , Diethelm Ostry , John Zic , Sanjay Jha, A confidential and DoS-resistant multi-hop code dissemination protocol for wireless sensor networks, Proceedings of the second ACM conference on Wireless network security, March 16-19, 2009, Zurich, Switzerland
Leonardo B. Oliveira , Aman Kansal , Bodhi Priyantha , Michel Goraczko , Feng Zhao, Secure-TWS: Authenticating node to multi-user communication in shared sensor networks, Proceedings of the 2009 International Conference on Information Processing in Sensor Networks, p.289-300, April 13-16, 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)


General Terms:
Algorithms, Design, Security


Keywords:
DoS attacks, broadcast authentication, security, sensor networks

Collaborative Colleagues:
Qi Dong: colleagues
Donggang Liu: colleagues
Peng Ning: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player