Code dissemination protocols provide a convenient way to update program images via wireless communication. Due to the open environment in which Wireless Sensor Networks (WSNs) are typically deployed, it is important that a code dissemination protocol ensures that a program image update can be authenticated as coming from a trusted source. In some applications it is also required that the data be kept confidential in spite of the possibility of message interception. Authentication and confidentiality are implemented through cryptographic operations which may be expensive in power consumption, making a protocol with these features vulnerable to attack by an adversary who transmits forged data, forcing nodes to waste energy in identifying it as invalid i.e., a signature-based DoS attack). Additionally, in multi-hop dissemination protocols, each sensor node is required to broadcast its program image when requested by its neighbors. An adversary could repeatedly send spurious program image requests to its neighbors, making them exhaust their energy reserves i.e., request-based DoS attack). In this paper, we present a new approach to achieve confidentiality in multi-hop code dissemination. We propose counter-measures against both types of DoS attacks mentioned above. To our knowledge, we are the first to integrate confidentiality and DoS-attack-resistance in a multi-hop code dissemination protocol. Our approach is based on Deluge, an open source, state-of-the-art code dissemination protocol for WSNs. In addition, We provide a performance evaluation in terms of latency and energy consumption in our scheme, compared with the original Deluge and the existing secure Deluge.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	I. F. Akyildiz, Weilian Su, Y. Sankarasubramaniam, and E. Cayirci. A survey on sensor networks. Communications Magazine, IEEE, 40(8):102--114, 2002.
	2	Jonathan W. Hui , David Culler, The dynamic behavior of a data dissemination protocol for network programming at scale, Proceedings of the 2nd international conference on Embedded networked sensor systems, November 03-05, 2004, Baltimore, MD, USA  [doi>10.1145/1031495.1031506]
	3	T. Stathopoulos, J. Heidemann, and D. Estrin. A remote code update mechanism for wireless sensor networks. In Technical Report CENS-TR-30. UCLA, Center for Embedded Networked Computing, November 2003.
	4	An Liu , Peng Ning, TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks, Proceedings of the 7th international conference on Information processing in sensor networks, p.245-256, April 22-24, 2008  [doi>10.1109/IPSN.2008.47]
	5	Prabal K. Dutta , Jonathan W. Hui , David C. Chu , David E. Culler, Securing the deluge Network programming system, Proceedings of the 5th international conference on Information processing in sensor networks, April 19-21, 2006, Nashville, Tennessee, USA  [doi>10.1145/1127777.1127826]
	6	Patrick E. Lanigan , Rajeev Gandhi , Priya Narasimhan, Sluice: Secure Dissemination of Code Updates in Sensor Networks, Proceedings of the 26th IEEE International Conference on Distributed Computing Systems, p.53, July 04-07, 2006  [doi>10.1109/ICDCS.2006.77]
	7	Jing Deng , Richard Han , Shivakant Mishra, Secure code distribution in dynamically programmable wireless sensor networks, Proceedings of the 5th international conference on Information processing in sensor networks, April 19-21, 2006, Nashville, Tennessee, USA  [doi>10.1145/1127777.1127822]
	8	Handley and Rescorla. Internet denial-of-service considerations. RFC 4032, November 2006.
	9	Hailun Tan , Sanjay Jha , Diet Ostry , John Zic , Vijay Sivaraman, Secure multi-hop network programming with multiple one-way key chains, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA  [doi>10.1145/1352533.1352564]
	10	J. Shaheen, D. Ostry, V. Sivaraman, and S. Jha. Confidential and secure broadcast in wireless sensor networks. In Personal, Indoor and Mobile Radio Communications, 2007. PIMRC 2007. IEEE 18th International Symposium on, pages 1--5, 2007.
	11	R. L. Rivest, A. Shamir, and L. M. Adelman. A method FOR OBTAINING DIGITAL SIGNATURES AND PUBLIC-KEY CRYPTOSYSTEMS. Technical Report MIT/LCS/TM-82, 1977.
	12	Dennis K. Nilsson , Tanya Roosta , Ulf Lindqvist , Alfonso Valdes, Key management and secure software updates in wireless process control environments, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA  [doi>10.1145/1352533.1352550]
	13	Sangwon Hyun , Peng Ning , An Liu , Wenliang Du, Seluge: Secure and DoS-Resistant Code Dissemination in Wireless Sensor Networks, Proceedings of the 7th international conference on Information processing in sensor networks, p.445-456, April 22-24, 2008  [doi>10.1109/IPSN.2008.12]
	14	Leslie Lamport, Password authentication with insecure communication, Communications of the ACM, v.24 n.11, p.770-772, Nov. 1981  [doi>10.1145/358790.358797]
	15	Qi Dong , Donggang Liu , Peng Ning, Pre-authentication filters: providing dos resistance for signature-based broadcast authentication in sensor networks, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA  [doi>10.1145/1352533.1352536]
	16	X. Du, M. Guizani, Y. Xiao, and H. H. Chen. Defending dos attacks on broadcast authentication in wireless sensor networks. In Communications, 2008. ICC '08. IEEE International Conference on, pages 1653--1657, 2008..
	17	Ieee standard for information technology-telecommunications and information exchange between systems- local and metropolitan area networks- specific requirements part 15.4: Wireless medium access control (mac) and physical layer (phy) specifications for low-rate wireless personal area networks (wpans) ieee standard for information technology- telecommunications and information exchange between systems-local and metropolitan area networks-specific requirements part 15.4: Wireless medium access control (mac) and physical layer (phy) specifications for low-rate wireless personal area networks (wpans). Technical report, 2006.
	18	Y. C. Hu, A. Perrig, and D. B. Johnson. Packet leashes: a defense against wormhole attacks in wireless networks. In INFOCOM '03, volume 3, pages 1976--1986 vol.3, 2003.
	19	John R. Douceur, The Sybil Attack, Revised Papers from the First International Workshop on Peer-to-Peer Systems, p.251-260, March 07-08, 2002
	20	Peng Ning , An Liu , Wenliang Du, Mitigating DoS attacks against broadcast authentication in wireless sensor networks, ACM Transactions on Sensor Networks (TOSN), v.4 n.1, p.1-35, January 2008  [doi>10.1145/1325651.1325652]
	21	Philip Levis , Nelson Lee , Matt Welsh , David Culler, TOSSIM: accurate and scalable simulation of entire TinyOS applications, Proceedings of the 1st international conference on Embedded networked sensor systems, November 05-07, 2003, Los Angeles, California, USA  [doi>10.1145/958491.958506]
	22	Victor Shnayder , Mark Hempstead , Bor-rong Chen , Geoff Werner Allen , Matt Welsh, Simulating the power consumption of large-scale sensor network applications, Proceedings of the 2nd international conference on Embedded networked sensor systems, November 03-05, 2004, Baltimore, MD, USA  [doi>10.1145/1031495.1031518]