TY - GEN
T1 - Containing denial-of-service attacks in broadcast authentication in sensor networks
AU - Wang, Ronghua
AU - Du, Wenliang
AU - Ning, Peng
PY - 2007
Y1 - 2007
N2 - Broadcast authentication is an important application in sensor networks. Public Key Cryptography (PKC) is desirable for this application, but due to the resource constraints on sensor nodes, these operations are expensive, which means sensor networks using PKC are susceptible to Denial of Service (DoS) attacks: attackers keep broadcasting bogus messages, which will incur extra costs, thus exhaust the energy of the honest nodes. In addition, the long time to verify each message using PKC increases the response time of the nodes; it is impractical for the nodes to validate each incoming message before forwarding i. In this paper we discuss this type of DoS attacks, in which the goal of the adversary is to exhaust the energy of the sensor nodes and to increase their response time to broadcast messages. We then present a dynamic window scheme, where sensor nodes determine whether first to verify a message or first to forward the message by themselves. This is made possible with the information such as how far this node is away from the malicious attacker, and how many hops the incoming message has passed. We compare the performance of the proposed scheme with other schemes, and show that it can contain the damage of DoS attacks to only a small portion of the sensor nodes.
AB - Broadcast authentication is an important application in sensor networks. Public Key Cryptography (PKC) is desirable for this application, but due to the resource constraints on sensor nodes, these operations are expensive, which means sensor networks using PKC are susceptible to Denial of Service (DoS) attacks: attackers keep broadcasting bogus messages, which will incur extra costs, thus exhaust the energy of the honest nodes. In addition, the long time to verify each message using PKC increases the response time of the nodes; it is impractical for the nodes to validate each incoming message before forwarding i. In this paper we discuss this type of DoS attacks, in which the goal of the adversary is to exhaust the energy of the sensor nodes and to increase their response time to broadcast messages. We then present a dynamic window scheme, where sensor nodes determine whether first to verify a message or first to forward the message by themselves. This is made possible with the information such as how far this node is away from the malicious attacker, and how many hops the incoming message has passed. We compare the performance of the proposed scheme with other schemes, and show that it can contain the damage of DoS attacks to only a small portion of the sensor nodes.
KW - Broadcast delay
KW - Denial of service attack
KW - Energy saving
KW - Security
KW - Wireless sensor networks
UR - http://www.scopus.com/inward/record.url?scp=37849012001&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=37849012001&partnerID=8YFLogxK
U2 - 10.1145/1288107.1288118
DO - 10.1145/1288107.1288118
M3 - Conference contribution
AN - SCOPUS:37849012001
SN - 9781595936844
T3 - Proceedings of the International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc)
SP - 71
EP - 79
BT - MobiHoc'07
T2 - MobiHoc'07: 8th ACM International Symposium on Mobile Ad Hoc Networking and Computing
Y2 - 9 September 2007 through 14 September 2007
ER -