TY - GEN
T1 - Diversify sensor nodes to improve resilience against node compromise
AU - Alarifi, Abdulrahman
AU - Du, Wenliang
PY - 2006
Y1 - 2006
N2 - A great challenge in securing sensor networks is that sensor nodes can be physically compromised. Once a node is compromised, attackers can retrieve secret information (e.g. keys) from the node. In most of the key pre-distribution schemes, the compromise of secret information on one node can have substantial impact on other nodes because secrets are shared by more than one node in those schemes. Although tamper-resistant hardware can help protect those secrets, it is still impractical for sensor networks.Having observed that most sensor network applications and key pre-distribution schemes can tolerate the compromise of a small number of sensors, we propose to use diversity to protect the secret keys in sensor networks. Our scheme consists of two steps. First, we obfuscate the data and the code for each sensor, such that, when attackers have compromised a sensor node, they need to spend a substantial amount of time to find the secrets from the obfuscated code (e.g., by reverse engineering or code analysis). This first line of defense raises the bar of difficulty for a successful attack on one single node. Second, for different nodes, we make sure that the data and code obfuscation methods are different. This way, even if the attacks have successfully derived the location of the secrets, they cannot use the same location for another node, because for different nodes, their secrets are stored in different ways and in different places. Such diversity makes it a daunting job to derive the secret information from a large number of compromised nodes. We have implemented our scheme for Mica2 motes, and we present the results in this paper.
AB - A great challenge in securing sensor networks is that sensor nodes can be physically compromised. Once a node is compromised, attackers can retrieve secret information (e.g. keys) from the node. In most of the key pre-distribution schemes, the compromise of secret information on one node can have substantial impact on other nodes because secrets are shared by more than one node in those schemes. Although tamper-resistant hardware can help protect those secrets, it is still impractical for sensor networks.Having observed that most sensor network applications and key pre-distribution schemes can tolerate the compromise of a small number of sensors, we propose to use diversity to protect the secret keys in sensor networks. Our scheme consists of two steps. First, we obfuscate the data and the code for each sensor, such that, when attackers have compromised a sensor node, they need to spend a substantial amount of time to find the secrets from the obfuscated code (e.g., by reverse engineering or code analysis). This first line of defense raises the bar of difficulty for a successful attack on one single node. Second, for different nodes, we make sure that the data and code obfuscation methods are different. This way, even if the attacks have successfully derived the location of the secrets, they cannot use the same location for another node, because for different nodes, their secrets are stored in different ways and in different places. Such diversity makes it a daunting job to derive the secret information from a large number of compromised nodes. We have implemented our scheme for Mica2 motes, and we present the results in this paper.
KW - Diversity
KW - Obfuscation
KW - Reverse engineering
KW - Wireless sensor networks
UR - http://www.scopus.com/inward/record.url?scp=34547404724&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34547404724&partnerID=8YFLogxK
U2 - 10.1145/1180345.1180359
DO - 10.1145/1180345.1180359
M3 - Conference contribution
AN - SCOPUS:34547404724
SN - 1595935541
SN - 9781595935540
T3 - Proceedings of the Fourth ACM Workshop on Security of ad hoc and Sensor Networks, SASN 2006. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06
SP - 101
EP - 112
BT - Proceedings of the Fourth ACM Workshop on Security of ad hoc and Sensor Networks, SASN 2006. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06
T2 - 4th ACM Workshop on Security of ad hoc and Sensor Networks, SASN 2006. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06
Y2 - 30 October 2006 through 30 October 2006
ER -