Beruflich Dokumente
Kultur Dokumente
I. I NTRODUCTION beacon nodes among all the nodes in the network. The network
coordinates of a node are the vector of the hop counts to
Wireless sensornet designs have evolved in recent years,
each of the beacons, which can be derived from the hop count
from primarily focusing on data collection to more sophis-
field in the beacon messages. Depending on the specific VCS,
ticated tasks such as data centric storage [7]. Likewise, the
the beacon nodes can be special infrastructure nodes, such as
requirements on the network support have also changed, from
landmarks [1], or regular sensor nodes [2], [3]. The VCS-
the basic many-to-one and one-to-many communications to
based routing follows the geographic routing paradigm, in
more sophisticated point-to-point communications. To address
which each node forwards the message to the neighbor that is
the unique challenges for point-to-point routing in the sensor-
closest to the destination under some protocol specific distance
nets, virtual coordinate system (VCS) based routing protocols
metric. When the message reaches a node that is closer to the
have been developed. Compared to the traditional routing
destination than all of its neighbors (i.e. a local minima), a
protocols, VCS-based routing protocols are proactive protocols
protocol specific fall-back procedure is invoked. For example,
that have the attractive properties of operating via only local
in [3], the fall-back procedure re-directs the message to the
interactions and requiring state information that does not grow
beacon node closest to the destination. When the message
with the size of the network.
reaches the beacon node, it is then flooded in the network.
Although there have been many proposed VCS-based rout-
Typically, the fall-back procedure incurs much more overhead
ing protocols in the literature [1], [2], [3], [6], there has been
than the greedy forwarding process.
little work that investigates the security of such protocols.
However, as our experimental results have shown, the VCS- III. ATTACKS AGAINST VCS- BASED ROUTING
based routing protocols are particularly sensitive to attacks. It
is possible for a small number of attacker nodes to jeopardize In this section, we present security threats against VCS-
the routing operations of a significant portion of the network. based routing protocols. We first describe the adversarial
Thus, it is paramount that we provide security mechanisms model and then we describe attacks on the establishment of a
in these protocols if the target deployment environment is VCS and on the routing protocol itself separately.
potentially malicious. In this project, we address the problem
of securing VCS-routing protocols. As a first step, we focus on A. Adversarial Model
the security threats against such protocols. More specifically, We assume that the radio links are insecure. The attacker can
we will present the following contributions: mount eavesdropping, packet injection, and replay attacks. We
• We abstract a common framework for VCS-based routing assume “mote-class” attackers [4], that is the attacker nodes
based on the characteristics of existing protocols have similar capabilities as legitimate nodes. The legitimate
• We identify attacks against VCS-based routing protocols nodes may be compromised and the attacker nodes can collude
based on the common framework and use wormholes in conducting their attacks. However, we
• We evaluate experimentally the impact of the attacks to do not consider physical or MAC layer attacks.
demonstrate the necessity of security mechanisms
B. Attacks Against VCSs
II. OVERVIEW OF VCS AND VCS- BASED ROUTING The main goal of the attacks against VCSs is to disrupt the
Although each specific VCS-based routing protocol differs normal establishment of the coordinate system in the network,
in the details of the VCS establishment and the specific routing causing incorrect coordinates, instability in the coordinate
operations, most of these protocols follow a common design. system, or both. In the following, we classify the attacks on
In this section, we give an overview of the common design VCS based on their intended effect on the coordinate system.
of the VCS-based routing protocols. We will use the protocol 1) Coordinate Deflation Attack: This attack causes legit-
framework described here as our model for the discussion of imate nodes to obtain smaller coordinates than their actual
the attacks in the rest of the paper. coordinates. The attacker can mount this attack by having
Typically, in VCS-based routing, a few beacon nodes are the attacker nodes announcing incorrectly small coordinates in
deployed in the network, from which periodic beacon mes- its neighborhood via node spoofing, compromising legitimate
sages are sent out. The flooding of the beacon messages across nodes, or wormhole tunneling legitimate small coordinate
the network builds the shortest path trees rooted at each of the announcements from a distant network region.
2) Coordinate Inflation Attack: This attack causes legit- randomly select a number of nodes to be the attacker nodes
imate nodes to obtain larger coordinates than their actual in each experiment. Figure 1 and 2 show the results of the
coordinates. The attacker can mount this attack by announcing impact of the attacks on the routing performance. As can be
incorrectly large coordinates with the similar approaches as in seen from Figure 1, the sinkhole attack has a significant impact
the coordinate deflation attack. on the routing protocol: a mere 5% nodes being malicious
3) Random Disturbance Attack: This attack causes insta- can bring the routing success ratio from 90% to only 30%.
bility in the VCS. The attacker can mount this attack by The coordinate inflation attack, on the other hand, does not
alternatively announcing small and large coordinates. have a significant impact, due to the relative high density of
Impact of the attacks: Note that all of the above attacks the network. However, we expect combining the coordinate
are “contagious” in the sense that the legitimate nodes once inflation attack with lying about path quality to have a larger
affected by the attack become “attackers” themselves and impact.
propagate the effect of the attack further in the network by for-
1
warding their incorrect coordinates to their neighbors. A back-
The aim of the attacks on the routing protocol is to cause percentage of attackers
route failures or to significantly increase the routing overhead. Fig. 1. Impact of the attacks on VCS on the routing performance
Besides simple attacks, such as packet dropping, which has 1
coordinate pollution
only local effect, we focus on attacks that have network average success ratio 0.8
wide impact, such as the sinkhole attack and the coordinate
pollution attack. 0.6
1) Sinkhole Attack: To mount the sinkhole attack, the
attacker first intelligently manipulates the VCS establishment 0.4