TY - GEN
T1 - Real-time detection of clone attacks in wireless sensor networks
AU - Xing, Kai
AU - Cheng, Xiuzhen
AU - Liu, Fang
AU - Du, David H
PY - 2008
Y1 - 2008
N2 - A central problem in sensor network security is that sensors are susceptible to physical capture attacks. Once a sensor is compromised, the adversary can easily launch clone attacks by replicating the compromised node, distributing the clones throughout the network, and starting a variety of insider attacks. Previous works against clone attacks suffer from either a high communication/storage overhead or a poor detection accuracy. In this paper, we propose a novel scheme for detecting clone attacks in sensor networks, which computes for each sensor a social fingerprint by extracting the neighborhood characteristics, and verifies the legitimacy of the originator for each message by checking the enclosed fingerprint. The fingerprint generation is based on the superimposed s-disjunct code, which incurs a very light communication and computation overhead. The fingerprint verification is conducted at both the base station and the neighboring sensors, which ensures a high detection probability. The security and performance analysis indicate that our algorithm can identify clone attacks with a high detection probability at the cost of a low computation/communication/storage overhead. To our best knowledge, our scheme is the first to provide realtime detection of clone attacks in an effective and efficient way.
AB - A central problem in sensor network security is that sensors are susceptible to physical capture attacks. Once a sensor is compromised, the adversary can easily launch clone attacks by replicating the compromised node, distributing the clones throughout the network, and starting a variety of insider attacks. Previous works against clone attacks suffer from either a high communication/storage overhead or a poor detection accuracy. In this paper, we propose a novel scheme for detecting clone attacks in sensor networks, which computes for each sensor a social fingerprint by extracting the neighborhood characteristics, and verifies the legitimacy of the originator for each message by checking the enclosed fingerprint. The fingerprint generation is based on the superimposed s-disjunct code, which incurs a very light communication and computation overhead. The fingerprint verification is conducted at both the base station and the neighboring sensors, which ensures a high detection probability. The security and performance analysis indicate that our algorithm can identify clone attacks with a high detection probability at the cost of a low computation/communication/storage overhead. To our best knowledge, our scheme is the first to provide realtime detection of clone attacks in an effective and efficient way.
UR - http://www.scopus.com/inward/record.url?scp=51849154670&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=51849154670&partnerID=8YFLogxK
U2 - 10.1109/ICDCS.2008.55
DO - 10.1109/ICDCS.2008.55
M3 - Conference contribution
AN - SCOPUS:51849154670
SN - 9780769531724
T3 - Proceedings - The 28th International Conference on Distributed Computing Systems, ICDCS 2008
SP - 3
EP - 10
BT - Proceedings - The 28th International Conference on Distributed Computing Systems, ICDCS 2008
T2 - 28th International Conference on Distributed Computing Systems, ICDCS 2008
Y2 - 17 July 2008 through 20 July 2008
ER -