Improving sensor network immunity under worm attacks

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Improving sensor network immunity under worm attacks: a software diversity approach

Full text

Pdf (445 KB)

Source

International Symposium on Mobile Ad Hoc Networking & Computing archive
Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing table of contents

Hong Kong, Hong Kong, China

SESSION: System design and optimization table of contents

Pages 149-158

Year of Publication: 2008

ISBN:978-1-60558-073-9

Authors

Yi Yang	The Pennsylvania State University, University Park, PA, USA
Sencun Zhu	The Pennsylvania State University, University Park, PA, USA
Guohong Cao	The Pennsylvania State University, University Park, PA, USA

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 7, Downloads (12 Months): 213, Citation Count: 3

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1374618.1374640 What is a DOI?

ABSTRACT

Because of cost and resource constraints, sensor nodes do not have a complicated hardware architecture or operating system to protect program safety. Hence, the notorious buffer-overflow vulnerability that has caused numerous Internet worm attacks could also be exploited to attack sensor networks. We call the malicious code that exploits a buffer-overflow vulnerability in a sensor program sensor worm. Clearly, sensor worm will be a serious threat, if not the most dangerous one, when an attacker could simply send a single packet to compromise the entire sensor network. Despite its importance, so far little work has been focused on sensor worms.

In this work, we first illustrate the feasibility of launching sensor worms through real experiments on Mica2 motes. Inspired by the survivability through heterogeneity philosophy, we then explore the technique of software diversity to combat sensor worms. Given a limited number of software versions, we design an efficient algorithm to assign the appropriate version of software to each sensor, so that sensor worms are restrained from propagation. We also examine the impact of sensor node deployment errors on worm propagation, which directs the selection of our system parameters based on percolation theory. Finally, extensive analytical and simulation results confirm the effectiveness of our scheme in containing sensor worms.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	ATmega128(L). http://www.atmel.com/dyn/resources/prod- documents/doc2467.pdf.
	2	Backtracking. http://en.wikipedia.org/wiki/Backtracking.
	3	Introduction to Percolation Theory. http://garnet.berkeley.edu/ jqwu/paper1/paper1.html.
	4	Memory Sections in Related Pages. http://hubbard.engr.scu.edu/embedded/avr/doc/avr-libc/avr-libc-user-manual/.
	5	Mica Motes. Crossbow Technology, Inc. http://www.xbow.com.
	6	MSP430 Microcontrollers. Texas Instrument. http://www.ti.com/.
	7	Percolation theory. http://en.wikipedia.org/wiki/Percolation-theory.
	8	Abdulrahman Alarifi , Wenliang Du, Diversify sensor nodes to improve resilience against node compromise, Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks, October 30-30, 2006, Alexandria, Virginia, USA [doi>10.1145/1180345.1180359]
	9	M. G. Bailey. Malware resistant networking using system diversity. In SIGITE '05.
	10	N. Bailey. The mathematical theory of infectious diseases and its applications. Hafner Press, New York, 1975.
	11	David Brumley , Li-Hao Liu , Pongsin Poosankam , Dawn Song, Design space and analysis of worm defense strategies, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan [doi>10.1145/1128817.1128837]
	12	S. Capkun and J. Hubaux. Secure positioning in sensor networks. Technical Report Technical Report EPFL/IC/200444, 2004.
	13	P. De, Y. Liu, and S. K. Das. Modeling node compromise spread in wireless sensor networks using epidemic theory. In WOWMOM '06.
	14	M. Draief, A. Ganesh, and L. Massoulie. Thresholds for virus spread on networks. In ValueTools'06.
	15	W. Du, J. Deng, Y. S. Han, S. Chen, and P. Varshney. A key management scheme for wireless sensor networks using deployment knowledge. In IEEE INFOCOM, 2004.
	16	Wenliang Du , Jing Deng , Yunghsiang S. Han , Pramod K. Varshney, A Key Predistribution Scheme for Sensor Networks Using Deployment Knowledge, IEEE Transactions on Dependable and Secure Computing, v.3 n.1, p.62, January 2006 [doi>10.1109/TDSC.2006.2]
	17	S. Forrest , A. Somayaji , D. Ackley, Building Diverse Computer Systems, Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI), p.67, May 05-06, 1997
	18	A. Ganesh, L. Massoulie, and D. Towsley. The effect of network topology on the spread of epidemics. In Infocom, 2005.
	19	Gaurav S. Kc , Angelos D. Keromytis , Vassilis Prevelakis, Countering code-injection attacks with instruction-set randomization, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA [doi>10.1145/948109.948146]
	20	Qijun Gu , Rizwan Noorani, Towards self-propagate mal-packets in sensor networks, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA [doi>10.1145/1352533.1352563]
	21	Ellis Horowitz , Sartaj Sahni , Sanguthevar Rajasckaran, Computer Algorithms: C++, W. H. Freeman & Co., New York, NY, 1996
	22	T. R. Jensen. Graph Coloring Problems. Wiley, 1995.
	23	Sandeep S. Kulkarni , Limin Wang, MNP: Multihop Network Reprogramming Service for Sensor Networks, Proceedings of the 25th IEEE International Conference on Distributed Computing Systems, p.7-16, June 06-10, 2005 [doi>10.1109/ICDCS.2005.50]
	24	Ram Kumar , Eddie Kohler , Mani Srivastava, Harbor: software-based memory protection for sensor nodes, Proceedings of the 6th international conference on Information processing in sensor networks, April 25-27, 2007, Cambridge, Massachusetts, USA [doi>10.1145/1236360.1236404]
	25	M. C. Mont, A. Baldwin, Y. Beres, K. Harrison, M. Sadler, and S. Shiu. Towards diversity of cots software applications: Reducing risks of widespread faults and attacks. In Technical Report HPL-2002-178, 2002.
	26	N. Roux, J.-S. Pegon, and M. Subbarao. Cost adaptive mechanism to provide network diversity for manet reactive routing protocols. In MILCOM, 2000.
	27	Adam J. O'Donnell , Harish Sethu, On achieving software diversity for improved network security using distributed coloring algorithms, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA [doi>10.1145/1030083.1030101]
	28	A. One. Smashing the stack for fun and profit. Phrack 49. http://www.phrack.org/show.php?p=49a=14.
	29	R. Pastor-Satorras and A. Vespignani. Epidemics and immunization in scale-free networks, chapter Handbook of graphs and networks: from the genome to the Internet. 2002.
	30	J. Regehr, N. Cooprider, W. Archer, and E. Eide. Memory safety and untrusted extensions for tinyos. Technical Report UUCS-06-007, University of Utah, 2006.
	31	Stuart Staniford , Vern Paxson , Nicholas Weaver, How to Own the Internet in Your Spare Time, Proceedings of the 11th USENIX Security Symposium, p.149-167, August 05-09, 2002
	32	M. Vojnovic and A. Ganesh. On the race of worms, alerts and patches. In ACM WORM 2005.
	33	Xinran Wang , Chi-Chun Pan , Peng Liu , Sencun Zhu, SigFree: a signature-free buffer overflow attack blocker, Proceedings of the 15th conference on USENIX Security Symposium, July 31-August 04, 2006, Vancouver, B.C., Canada
	34	Yi Yang , Xinran Wang , Sencun Zhu , Guohong Cao, SDAP: a secure hop-by-Hop data aggregation protocol for sensor networks, Proceedings of the 7th ACM international symposium on Mobile ad hoc networking and computing, May 22-25, 2006, Florence, Italy [doi>10.1145/1132905.1132944]
	35	Yongguang Zhang , Harrick Vin , Lorenzo Alvisi , Wenke Lee , Son K. Dao, Heterogeneous networking: a new survivability paradigm, Proceedings of the 2001 workshop on New security paradigms, September 10-13, 2001, Cloudcroft, New Mexico [doi>10.1145/508171.508177]

CITED BY 3

	Christopher Ferguson , Qijun Gu , Hongchi Shi, Self-healing control flow protection in sensor applications, Proceedings of the second ACM conference on Wireless network security, March 16-19, 2009, Zurich, Switzerland
	Dong-Hoon Shin , Saurabh Bagchi, Optimal monitoring in multi-channel multi-radio wireless mesh networks, Proceedings of the tenth ACM international symposium on Mobile ad hoc networking and computing, May 18-21, 2009, New Orleans, LA, USA
	Bo Sun , Guanhua Yan , Yang Xiao , T. Andrew Yang, Self-propagating mal-packets in wireless sensor networks: Dynamics and defense implications, Ad Hoc Networks, v.7 n.8, p.1489-1500, November, 2009