TY - GEN
T1 - STEF
T2 - 2nd International Conference on Availability, Reliability and Security, ARES 2007
AU - Krauß, Christoph
AU - Schneider, Markus
AU - Bayarou, Kpatcha
AU - Eckert, Claudia
PY - 2007
Y1 - 2007
N2 - Node compromise is a serious threat in wireless sensor networks. An adversary can use compromised nodes to inject false data into the network forging events to deceive the base station. Furthermore, an adversary can cause serious damage by injecting a large amount of false messages to deplete the scarce energy resources of the forwarding en-route sensor nodes. In this paper, we propose a Secure Ticket-Based Enroute Filtering Scheme (STEF) that drops false messages enroute. We propose a ticket concept where reply messages are only forwarded if they contain a valid ticket originally issued by the base station. Messages containing no ticket, or an replayed ticket, are immediately filtered out by not compromised sensor nodes. The ticket concept is based on lightweight one-way functions. This enables every en-route node to verify the tickets. Furthermore, our scheme does not need symmetric key sharing between message generating nodes and en-route nodes, which results in a high resiliency against node compromises. Our security and performance analysis shows that STEF provides a high security level and is very efficient in saving energy. Furthermore, the required storage capacity on the sensor nodes is very low.
AB - Node compromise is a serious threat in wireless sensor networks. An adversary can use compromised nodes to inject false data into the network forging events to deceive the base station. Furthermore, an adversary can cause serious damage by injecting a large amount of false messages to deplete the scarce energy resources of the forwarding en-route sensor nodes. In this paper, we propose a Secure Ticket-Based Enroute Filtering Scheme (STEF) that drops false messages enroute. We propose a ticket concept where reply messages are only forwarded if they contain a valid ticket originally issued by the base station. Messages containing no ticket, or an replayed ticket, are immediately filtered out by not compromised sensor nodes. The ticket concept is based on lightweight one-way functions. This enables every en-route node to verify the tickets. Furthermore, our scheme does not need symmetric key sharing between message generating nodes and en-route nodes, which results in a high resiliency against node compromises. Our security and performance analysis shows that STEF provides a high security level and is very efficient in saving energy. Furthermore, the required storage capacity on the sensor nodes is very low.
KW - En-route filtering
KW - False data injection
KW - PDoS attack
KW - Security
KW - Wireless sensor networks
UR - http://www.scopus.com/inward/record.url?scp=34548186480&partnerID=8YFLogxK
U2 - 10.1109/ARES.2007.144
DO - 10.1109/ARES.2007.144
M3 - Conference contribution
AN - SCOPUS:34548186480
SN - 0769527752
SN - 9780769527758
T3 - Proceedings - Second International Conference on Availability, Reliability and Security, ARES 2007
SP - 310
EP - 317
BT - Proceedings - The Second International Conference on Availability, Reliability and Security, ARES 2007
Y2 - 10 April 2007 through 13 April 2007
ER -