detecting node replication attacks in wsn
TRANSCRIPT
-
8/9/2019 Detecting Node Replication Attacks in WSN
1/13
Review
Detecting node replication attacks in wireless sensor networks: A survey
Wen Tao Zhu a,n, Jianying Zhou b, Robert H. Deng c, Feng Bao b
a State Key Laboratory of Information Security, Graduate University of Chinese Academy of Sciences, 19A Yuquan Road, Beijing 100049, Chinab Cryptography & Security Department, Institute for Infocomm Research, 1 Fusionopolis Way, Singapore 138632, Singaporec School of Information Systems, Singapore Management University, 80 Stamford Road, Singapore 178902, Singapore
a r t i c l e i n f o
Article history:
Received 5 September 2011
Received in revised form14 December 2011
Accepted 12 January 2012Available online 4 February 2012
Keywords:
Wireless sensor network
Security
Node replication attack
Detection
a b s t r a c t
A wireless sensor network (WSN) consists of a number of tiny, low-cost, and resource-constrained
sensor nodes, but is often deployed in unattended and harsh environments to perform various
monitoring tasks. As a result, WSNs are susceptible to many application-dependent and application-independent attacks. In this paper we consider a typical threat in the latter category known as the node
replication attack, where an adversary prepares her own low-cost sensor nodes and deceives the
network into accepting them as legitimate ones. To do so, the adversary only needs to physically
capture one node, extract its secret credentials, reproduce the node in large quantity, and then deploy
the replicas under her control into the network, possibly at strategic positions, to cripple various WSN
applications with little effort. Defending against such node replication attacks has recently become an
imperative research topic in sensor network security, and the design issues may involve different and
more threatening challenges than detecting typical application-dependent attacks. In this survey, we
classify existent detections in the literature, and explore the various proposals in each category. We
look into necessary technical details and make certain comparisons, so as to demonstrate their
respective contributions as well as limitations. We also present the technical challenges and indicate
some possible directions for future research.
& 2012 Elsevier Ltd. All rights reserved.
Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1023
2. Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1024
2.1. Sensor Node Identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1024
2.2. Network-related discussions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1024
2.3. Intrusion detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1024
2.4. A quick overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1025
3. Centralized detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1025
3.1. Straightforward scheme. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1025
3.2. Set operations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1026
3.3. Detecting cloned keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1026
3.4. Fingerprint verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1026
3.5. Speed test. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10264. Distributed detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1027
4.1. Node-to-network broadcasting (N2NB). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1027
4.2. Deterministic multicast (DM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1027
4.3. Randomized multicast (RM) and line-selected multicast (LSM). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1028
4.3.1. RM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1028
4.3.2. LSM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1028
4.3.3. Countering counterattacks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1029
4.4. Single deterministic cell (SDC) and parallel multiple probabilistic cells (P-MPC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1029
Contents lists available at SciVerse ScienceDirect
journal homepage: www.elsevier.com/locate/jnca
Journal of Network and Computer Applications
1084-8045/$- see front matter& 2012 Elsevier Ltd. All rights reserved.
doi:10.1016/j.jnca.2012.01.002
n Corresponding author. Tel.:86 10 88256432x411; fax:86 10 88255549.E-mail addresses: [email protected],[email protected] (W.T. Zhu), [email protected] (J. Zhou),[email protected] (R.H. Deng),
[email protected] (F. Bao).
Journal of Network and Computer Applications 35 (2012) 10221034
http://www.elsevier.com/locate/jncahttp://www.elsevier.com/locate/jncahttp://localhost/var/www/apps/conversion/tmp/scratch_3/dx.doi.org/10.1016/j.jnca.2012.01.002mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]://localhost/var/www/apps/conversion/tmp/scratch_3/dx.doi.org/10.1016/j.jnca.2012.01.002http://localhost/var/www/apps/conversion/tmp/scratch_3/dx.doi.org/10.1016/j.jnca.2012.01.002mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]://localhost/var/www/apps/conversion/tmp/scratch_3/dx.doi.org/10.1016/j.jnca.2012.01.002http://www.elsevier.com/locate/jncahttp://www.elsevier.com/locate/jnca -
8/9/2019 Detecting Node Replication Attacks in WSN
2/13
-
8/9/2019 Detecting Node Replication Attacks in WSN
3/13
article presentation. Specifically, two indispensable building
blocks are introduced. We then generally categorize mainstream
detection methodologies intocentralizedanddistributedones, and
review the two categories inSections 3 and 4respectively. Such a
rudimentary classification is not very balanced since research
efforts have focused on the latter so as to conform to the
distributed nature of WSNs. Finally, Section 5 concludes this
article with certain comparisons, where we also indicate some
possible directions for future research.
2. Preliminaries
Before one can dive into the nuts and bolts of a concrete
replication detection protocol (particularly a distributed one),
there are certain building blocks that we need to make clear.
This also gives us a chance to conduct certain clarification and
classification.
2.1. Sensor Node Identity
Since sensor nodes are produced in large quantity out of the
same hardware, each node in a WSN is assigned and then identified
by its software identity, id for short. The replicated sensor nodes are
the same with the original node captured from the network;
everything including the id has to be cloned (though sometimes
based on their roles they may be strategically reprogrammed
slightly differently). If the secret credentials are cloned but the id
is not, the attack is very likely to fail. Herein the point lies in that a
key management scheme for WSNs can bind the keys preloaded to a
node to its id, so that all the cryptographic behaviors of a node are
tied to its id.
Take symmetric pairwise key assignment for example. If a
replicated node claims an id different from that of the originally
captured node, it will be immediately revealed when it is unable
to employ certain pairwise keys that it is supposed to possess (i.e.,
keys bound to the claimed id). Alternatively but more impor-
tantly, the id-based public key cryptosystem binds ones publickey (and thus the corresponding private key for signing a
message) to ones id. With an id-based signature scheme, it is
very convenient for a sensor node to authenticate itself to others,
and id-based signature has been necessarily adopted in replica-
tion detections since (Parno et al., 2005). Extensive discussions of
the id-based signature technique can be found in Parno et al.
(2005). Recent advances in id-based signature schemes for sensor
nodes (along with real implementation) can be found inLiu et al.
(2010).
An attack superficially similar to the node replication attack is
theSybilattack (Newsome et al., 2004), where one physical sensor
node gains an unfair advantage by claiming multiple ids. The Sybil
attack is also application-independent and enables one malicious
node to multiply its inputs to subvert many protocols likedistributed storage, routing, data aggregation, voting/agreement,
resource allocation, and so on (Newsome et al., 2004); it is just
like the opposite of replication attack, where one logical node id is
reused by multiple physical sensor nodes. The Sybil attack is
outside the scope of this survey article, but is often mentioned in
research efforts against replication attacks (e.g.,Parno et al., 2005;
Conti et al., 2007;Brooks et al., 2007;Zhu et al., 2007) as a related
note. Some (Conti et al., 2007) regard Sybil attack as orthogonal to
replication attack. Indeed, if an id-based signature scheme is
adopted, then the adversary cannot associate a compromised
node with extra ids due to not being able to generate the
corresponding private keys. Nevertheless, the id-based signature
only binds a nodes public/private key pair to its node id, but by
itself does not counteract the replication attack.
2.2. Network-related discussions
On a high level, the detection of sensor node replication
attacks can be either network-based or not. A typical (but perhaps
the only) instance in the latter case is found in Hussain and
Rahman (2009), where radio signal strength is utilized at a
receiver node to detect node replication (and other attacks like
the SybilNewsome et al., 2004one). The main idea is to harness a
physical characteristic (the radio fingerprint) (Zeng et al., 2010;Mathur et al., 2010), which is outside the realm of autonomous
network intrusion detection. As a result, the proposal is imprac-
tical for unattended and geographically widespread WSNs. Here-
inafter, we only consider network-based detections.
A WSN can be either stationary (which is the prevalent case) or
mobile, and replication detection scenarios in stationary and
mobile WSNs can be substantially different. The detection philo-
sophy for stationary WSNs, on a coarse level, is based on the
exclusiveness of nodelocation(Boukerche et al., 2007). That is, a
sensor node should be related to a unique deployment position; if
one logical node id is found to be associated with two or more
physical locations, node replication is detected. Clearly, this
principle is inapplicable to the emerging mobile WSNs, where
sensor nodes may roam in the deployment field all the time. So
far little (Yu et al., 2008;Ho et al., 2009b;Yu et al., 2009;Xing and
Cheng, 2010) has been done to address node replication detection
for mobile WSNs, but we have just made an effort in a separate
work (Zhu et al., 2011). Replication detection in a mobile WSN
involves significantly different scenarios and techniques, and we
will only show a very brief example inSection 3.5. To make the
current survey more focused, herein we are mainly concerned
with detecting replication attacks in stationary WSNs, where all
sensor nodes are fixed and immobile.
Besides the aforementioned id-based signature technique,
another important building block for node replication detection
is a geographic routingscheme (Ruhrup, 2009) likeKarp and Kung
(2000), which is especially pertinent to distributed detections for
stationary WSNs. In a geographic routing protocol, a message
recipient is identified by a physical position (instead of a node idor an IP address), and is typically relayed hop-by-hop from one
node to its neighbor that is closest to the destination, until there
is no node closer to the position than the current node (which
then eventually becomes the receiver). It is supposed that each
node is aware of its own location (hence node localization
Boukerche et al., 2007 is an implicit assumption), and that a
message sender can somehow (e.g., randomly) determine the
location of the delivery destination. With this information a
message can be routed to the destination without the knowledge
of the network topology or a prior route discovery.
Distributed replication detections prefer geographic routing to
traditional addressing (e.g., by node ids) because the latter
method does not scale well in a dynamic environment (such as
a WSN): messages destined for a node id will get lost if theintended node has perished, and newly added nodes will not have
the chance of being message recipients if their ids are not
foreseeable for the senders. Moreover, geographic routing proto-
cols (Karp and Kung, 2000) such as Choi et al. (2007) are
intrinsically self-protective in that they are resistant to sinkhole
and wormhole attacks (Karlof and Wagner, 2003).
2.3. Intrusion detection
In this subsection we talk about node replication detection in
terms of intrusion detection system (IDS). In the traditional
context of computer security, a typical case could be a host-based
IDS auditing the log files generated by the operating system and
various applications and looking for suspicious user actions, or a
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 102210341024
-
8/9/2019 Detecting Node Replication Attacks in WSN
4/13
network-based IDS eavesdropping the traffic exchanged over a
wired network and performing string matches to identify on-
going attacks. In the context of intrusion detection in a wireless
sensor network (Sun et al., 2007), however, a typical case is that
sensor nodes monitor each others behaviors, and sometimes a
consensus is needed (e.g., by means of majority voting) to
diagnose the presence of an attack. As will be shown later, node
replication detection is usually based on the collaborative efforts
of a large number of sensor nodes.The design and implementation of any security service for
WSNs must keep in mind that compared with conventional
computers, the low-cost sensor nodes have limited energy supply
and stringent capabilities. For node replication detection, it has
been identified that communication and storage are the major
overheads for performing the intrusion detection, and there can
be various tradeoffs. The higher the communication cost is, the
faster a sensor node will deplete its batter-powered energy
supply. The larger the storage consumption is, the less room a
sensor node can make for other applications like data collection
and processing. As a result, to make the overall WSN solution
applicable, one may have to trade certain detection metrics (e.g.,
detection rate) for communication efficiency and/or memory
efficiency.
Traditionally, there are two types of intrusion detection techni-
ques (Sun et al., 2007),misuse detection and anomaly detection(Xie
et al., 2011):
Misuse detection encodes known attack patterns; if a deployedIDS finds a match between current activities and pre-defined
patterns, an alarm is generated. For example, to detect appli-
cation-based attacks, it is necessary to integrate the detection
patterns with corresponding applications (Sun et al., 2007). A
general drawback is that misuse detection is ineffective to
discover unknown attacks. Anomaly detection creates normal profiles of system states or
user behaviors and compares them with current activities; if a
significant deviation is observed, the IDS raises an alarm.
Anomaly detection can detect unknown attacks but may sufferhigh false positives.
For node replication detection, since it is to identify a known and
dedicated attack, most solutions follow misuse detection (Section
3.3 will review one exceptionBrooks et al., 2007, which follows
anomaly detectionXie et al., 2011). The attack pattern for misuse
detection is derived from the aforementioned exclusiveness.
Recall that id-based signature binds a nodes cryptographic keys
to its logical node id, and that a physical node is supposed to have
a distinctive location. Therefore, the pattern for detecting replicas
(particularly for distributed detection) is that two or more nodes
at different locations possess the same node id. Basically, no false
positiveswill be incurred when following such a misuse detection.
Nevertheless, there may be false negatives; in other words, thedetection rate may not be 100%. The detection rate may by design
be traded for benefits like communication efficiency, and may
also be subject to runtime factors like the actual number of
replicas existent in the network and the topology of the deploy-
ment field (and thus be difficult to predict).
2.4. A quick overview
This section can be summarized withFig. 1, which establishes
a rudimentary classification, and provides a first step in better
understanding node replication detections. Now we are ready to
explore the various detection schemes recently proposed in the
literature. We first look into centralized solutions inSection 3and
then turn to distributed ones in Section 4, where representative
proposals in the literature are reviewed basically following the
chronological order. Centralized solutions heavily rely on a
powerful base station for information convergence and decision
making, and are relatively simple to understand, while distrib-
uted solutions are typically accommodated by a special detection
mechanism pioneered in Parno et al. (2005) which we call theclaimerreporterwitnessframework. Generally, using distributed
manner for computing is a promising way for WSN applications,
particularly for intrusion detection (Zhu et al., 2004).
3. Centralized detection
In this section we briefly investigate five representative but
distinct centralized replication detection schemes. Besides their
contributions, their respective limitations are also pinpointed,
many of which are found to be fairly serious. In general,
centralized detections barely have an advantage over distributed
detections, which are the topic of the next section and theemphasis of this survey. Consequently, we do not further compare
the proposals in the centralized category against each other.
3.1. Straightforward scheme
The most straightforward detection scheme is outlined in
Parno et al. (2005) (and similar to the centralized node registra-
tion method in Newsome et al., 2004). It requires each node to
send a list of its neighbors (more specifically, a list of their ids)
and the positions claimed by these neighbors (and signed by
them, e.g., with an id-based signature scheme) to the base station,
which then examines every neighbor list to look for replicated
sensor nodes. In a stationary WSN, conflicting position claims for
one node id indicates a replication. Once the base station spotsone or more replicas, it can revoke the replicated nodes by
flooding the network with an authenticated revocation message,
e.g., employing mTESLA (Perrig et al., 2002) or id-based signature
(seeSection 2.1) for broadcast authentication.
While conceptually simple, this approach suffers from several
drawbacks (Parno et al., 2005) inherent in a centralized system.
First, the base station introduces a single point of failure and can
become a significant bottleneck. Second, the nodes close to the
base station, referred to as hotspots hereinafter, will receive the
brunt of the routing load and thus will quickly deplete their
power supply (usually by irreplaceable batteries). Network con-
nectivity may then be seriously affected. Moreover, besides the
base station, these hotspots will also become attractive targets for
attacks. Third, this approach may incur observable processing
Fig. 1. The big picture for node replication detection in wireless sensor networks,
with an elementary taxonomy. The state of art is represented by the distributed
detections, which typically employ id-based signature and geographic routing as
two building blocks.
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 10221034 1025
-
8/9/2019 Detecting Node Replication Attacks in WSN
5/13
delay, since the base station has to wait for telling reports (to
propagate hop-by-hop and eventually converge), analyze them to
confirm conflicts, and then flood revocations throughout the net-
work. Fourth, some WSNs may not have the luxury of a powerful
base station.
3.2. Set operations
Choi et al. (2007) proposed another centralized detectionknown as SET, which attempts to reduce the detection overhead
by computing set operations (intersection and union) of
exclusive subsets in the network. We conjecture that the under-
ling idea is borrowed from secure WSN data aggregation employ-
ing network clustering (e.g., He et al., 2007): SET logically
partitions the network into non-overlapping regions (clusters)
respectively managed by leaders (cluster heads), and has these
leaders respectively report to the base station all the ids of the
nodes (including the leader herself) in the region, in the form of a
subset (which is a subset of all node ids network-wide). Intui-
tively, the intersection of any two subsets of reports should be
empty; otherwise, a replication is detected. Essentially, all node
ids in the network are pulled up by the base station and left to its
discretion.
Although SET declares reduced number of message transmis-
sions, its comparison with other schemes (e.g., with RM and LSM
Parno et al., 2005, which are both distributed solutions; see the
next section) is not a fair one; the claimed reduction in the
number of message transmissions is just the result of increased
size per message (simply due to the union operation, i.e.,
combination). Therefore, one may have to question how a
centralized WSN solution like SET (Choi et al., 2007) can compare
with distributed ones like RM and LSM (Parno et al., 2005).
Interestingly, inChoi et al. (2007)it is exactly noted that reporting
every nodes id to the base station may cause the size of the report
to become too large, and this problem can be addressed by
using randomized optimization, where a leader (cluster head)
only generates a report of randomly selected members instead of
all nodes in the managed region (cluster). However, such opti-mization necessitates multiple rounds of reports (actually, this is
also pointed out inChoi et al., 2007), in each of which a certain
part of the members in a region is reported. Taking additional
security mechanisms such as message authentication codes into
consideration, such multiple-round optimization inevitably
results in even higher detection cost in terms of computation
and communication.
Although the above review by us may not be difficult to under-
stand, the actual SET protocol (Choi et al., 2007) is highly complex
due to its complicated components (like authenticated subset
covering and interleaved authentication following Zhu et al.,
2004), which also contribute to increased overload. The real com-
munication cost of SET is left inChoi et al. (2007)as unclear and for
future work. Moreover, the SET protocol may have to be performedmultiple rounds just to counter colludingreplicas. Furthermore, an
unexpected design flaw of SET is reported in Conti et al. (2011): an
adversary can misuse the detection protocol to revoke honest nodes.
A detection scheme similar to SET (but less known) is found in
Znaidi et al. (2009). It passes the workload of the base station on
to the cluster heads themselves.
3.3. Detecting cloned keys
Brooks et al. (2007)proposed a clone detection protocol based
on random pairwise key pre-distribution schemes. Its assump-
tions and application scenarios are quite different from other
approaches; in fact, it addresses the detection of cloned crypto-
graphic keys rather than cloned sensor nodes and falls into the
category of anomaly detection (Xie et al., 2011). The basic idea is
that in the context of random key pre-distribution, the keys
employed by genuine nodes should follow a certain pattern.
Therefore, it is possible to monitor the key usage (which refers
to the number of times a key is used to set up secure connections
between neighboring nodes, but not to the number of times a key
is used for encrypting or decrypting packets) as authentication
tokens and then detect statistical deviations that indicate clone
attacks. The approach detects the cloned keys by analyzing nodeauthentication statistics; those keys whose usage exceeds a
certain threshold (determined by the false positive rate) are
considered cloned and erased from the network. To this end,
each node is required to report its pre-loaded keys to the base
station, which then performs an anomaly detection to discover
cloned keys. Counting Bloom filter is utilized to collect the key
usage data.
Nevertheless, it seems that the detection only becomes effec-
tive when (i) the size of the keys pre-distributed to each node is
small, (ii) more clones exist in (i.e., are inserted into) the network,
and (iii) a high false positive rate is set. These conditions imply
possibly poor detection accuracy (high false negative and positive
rates) for actual scenarios. Moreover, the detection of cloned keys
assumes an ideal Erd +osRenyi topology where connections
between all nodes are equally likely Brooks et al. (2007), while
in a practical WSN any sensor node can only communicate with a
limited number of neighbors within a finite wireless communica-
tion radius. This number is characterized by d , the average node
degree, also known as the network density, which can be adjusted
by selecting the appropriate transmission range (Zhang et al.,
2009) but still has to be very limited (d5n). In Brooks et al.
(2007)possible methods for the clones to subvert the detection
are also discussed; the best strategy for a cloned node appears to
be not participating in the protocol. However, related problems
may be overlooked, e.g., how to ensure that the participating
clones report their keys honestly (and exactly) to the base station.
3.4. Fingerprint verification
Xing et al. (2008)proposed detecting clone attacks with nodes
encoded network community information called the social finger-
print. The scheme consists of two phases. In the first phase, each
node u computes for each neighbor vANu the fingerprint FPv,which is a reflection ofvs fixed neighborhood characteristics; node
v itself is also capable of computing FPv. In the second phase, the
legitimacy of the originator for each message is verified by checking
the enclosed fingerprint, and the detection is conducted both at the
sensor side (seemingly in a distributed manner by the notion) and
at the base station. However, even the detection at the sensor side
needs the base station to process the alarms for decision making,
and thus the scheme is throughout centralized.
Besides all the limitations commonly found in centralized
solutions, the employed coding system unusually asks for anabsolutelyfixed WSN: the intended number of nodes is nonadjus-
table, and thus neither node addition nor disappearance can be
handled. Moreover, a sophisticated replica can intelligently com-
pute by itself a fingerprint consistent with its neighborhood so as
to escape the detection at the sensor side, and it can also dodge
the detection at the base station simply by not communicating
with the base station.
3.5. Speed test
While all the above research efforts against replication attacks
adopt a stationary network model, Ho et al. (2009b) proposed a
fast and effective replica detection scheme for a mobile WSN. It
works as follows. A node a locally broadcasts its location claim to
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 102210341026
-
8/9/2019 Detecting Node Replication Attacks in WSN
6/13
its temporary neighbors from time to time, and essentially its
location vector L!
i and the corresponding time information Tiduring its movement are collected by as temporary neighbors
and then sent to the base station. The base station then computes
the measured speed for a as v i 9 L!
i L!
i19=TiTi1 and com-pares it with the system-configured maximum speed vmax. Intui-
tively, a genuine node should never move faster than vmax; if the
measured viis found beyond the configured vmax, it is very likely
that at least two nodes bearing the same id are present in the
mobile WSN.
The idea behind the detection protocol is intuitive. However,
accurate measurement is a prerequisite for acceptable false
negative and positive rates. This requires not only a precise
dynamic localization system but also tight time synchronization,
both of which have to be secured against attacks (Poovendran
et al., 2007). Particularly, for accurately sampling L!
is, each
moving node localizing itself has to deal with unstable beacon
signals (or otherwise employ the expensive GPS). Therefore, the
detection may not be affordable for the current generation of WSNs
due to cost concerns. The replicas can also employ a group mobility
strategy (Ho et al., 2009b) such that the perceived velocity is less
thanvmax, and thus evade quarantine by the base station.
4. Distributed detection
All the centralized solutions bear similar deficiencies (Parno
et al., 2005). For example, any compromise of the base station (or
the communication channel around it) will render the solution
useless. For another example, even if there are no attacks, the
nodes surrounding the base station (i.e., the hotspots) will suffer
an undue communication burden that may shorten the life
expectancy of the WSN. All these make a distributed solution a
necessity. At first glance it seems easy to design a decentralized
detection protocol, for example, by localizing the straightforward
scheme inSection 3.1, in a way similar to the neighbor position
verification approach inNewsome et al. (2004). However, such a
local detection may not be able to handle the case where no two
replicas share a neighbor. In fact, the first set of nontrivial
distributed detections was proposed only recently (Parno et al.,
2005). Next, we focus on the relatively more mature schemes (i.e.,
distributed detections for stationary WSNs) and analyze their
respective pros and cons. We summarize in Table 1the symbols
and parameters commonly employed by distributed detections.
4.1. Node-to-network broadcasting (N2NB)
A plausible approach to distributed detection of replicated
nodes is the decentralized (but network-wide) version of the
straightforward scheme inSection 3.1: Every node collects all its
neighbors ids and their positions, and floods the entire network
with this information employing authenticated broadcast. When
a node receives a broadcast message, it compares those nodes
listed in the message with its own neighbors. Once nodes that
have conflicting positions are spotted, they can be revoked also
with authenticated broadcasts. The major concern with this
approach is its prohibitive communication cost.
A similar but slightly simplified approach is the node-to-
network broadcasting (Parno et al., 2005), N2NB for short, where
each node floods the entire network with authenticated broadcast
to claim its own location (instead of its neighbors). Each node
stores the location information for its neighbors, incurring astorage cost ofOd. Each node upon receiving a conflicting claiminvokes a revocation procedure against the offending nodes, and
eventually any replica will be cut off by all its neighbors (thus
isolated from the WSN). The N2NB protocol achieves 100%
detection rate as long as the broadcasts reach every node. Assume
the network size isn and certain duplicate suppression algorithm
is employed so that each node only broadcasts a given message
once. Then each location broadcast incurs On messages, asgenerally every node in the WSN has to be involved for hop-by-
hop propagation. For n broadcasts, the total communication cost
for N2NB is On2. Given the simplicity of the scheme and thedetection rate achieved, this On2 cost may be justifiable forsmall WSNs.
The challenge for detecting replication attacks has roots in the
resource scarcity of sensor nodes. For stationary WSNs, such
detection essentially requires network-wide comparison of loca-
tion-dependent authentication information, and the limited
memory capacity and energy supply place severe constraints on
how much authentication information can be stored per node and
exchanged in the network (Zhang et al., 2009). Hence it is
reasonable to trade the detection rate (e.g., 100% for N2NB) for
other major performance criteria like energy efficiency and
memory efficiency. Note that the wireless transceiver is the
biggest energy consumer for sensor nodes, while the communica-
tion cost for N2NB is On2.
4.2. Deterministic multicast (DM)
The DM protocol is actually a negative (or unappealing)example given in Parno et al. (2005), and has thus received
relatively less attention. However, we find it a good example to
illustrate the claimerreporterwitness framework; we even
believe it has directly inspired other solutions like SDC and
P-MPC (Zhu et al., 2007), though both schemes are proposed in
Zhu et al. (2007) under another brand localized multicast (see
Section 4.4). The design goal for DM is reduced communication
cost, and the main idea is to only send a nodes location claim to a
limited set of deterministically chosen nodes serving as witnesses.
Next, we outline DM as follows.
When a node, referred to as the claimer, locally broadcasts its
location claim to its neighbors, each neighbor, serving as a reporter,
employs a function to map the claimer id to a witness. Then the
neighbor forwards the claim to the witness, which will receive twodifferent location claims for the same node id if the adversary has
replicated a node. One immediate issue arises: the adversary can also
employ the function to know about the witness for a given claimer id,
and may locate and compromise the witness node before she inserts
the replicas into the WSN so as to evade the detection. To alleviate
this problem, DM employs g instances of a function so that one
claimer id is mapped to gdifferent witnesses (hence the adversary
needs g times more effort to thwart the detection by DM). Never-
theless, each of the d neighbors does not necessarily need to forward
the location claim to each of all g witnesses. Assume they do not
collaborate, i.e., each reporter behaves independently. The well-
studied coupon collectors problem (Cormen et al., 2001) tells us
that if the reporters randomly select in allgPg
i 1 1=iglng0:58repeatable destinations from all g witnesses for the claimer, then
Table 1
Notions for distributed replication detection.
IDa Identifier of node a
la Deployment location claimed by node a
/IDa ,laS Location claim (with an id-based signature)n Network size (no. of nodes in the WSN)
d Network density (average node degree)
p The probability a neighbor becomes a reporter
g No. of witnesses contacted by one reporter
s Cell size (no. of nodes that a cell should contain)
ps The probability a node in the destination cell becomes a witness
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 10221034 1027
-
8/9/2019 Detecting Node Replication Attacks in WSN
7/13
each witness will probably receive at least one location claim. Hence,
each reporter only needs to select glng=d random witnesses as the
forwarding destinations.
Each sensor node in the network both is a claimer and plays
the role of a witness, if the 1-to-g mapping is well designed.
Therefore, each node in the network stores on average 1=n gPg
i 1 1=i nglnglocation claims. Assume the WSN deploy-ment approximates any regular polygon. Then the average net-
work path length is O ffiffiffinp , resulting in an overall communicationcost of Oglng n ffiffiffinp messages. (Table 1 in Parno et al. (2005)summarizes the costs for the proposals, where DMs network-
wide communication cost is labeled as Oglng ffiffiffinp =d and DMsmemory cost per node is labeled as Og; we believe bothinaccuracies there are due to analysis oversights, and similarly,
we summarize the performance analysis later in ourTable 2.)
DM is treated as an unfavorable protocol inParno et al. (2005)
because it does not provide much security. Since the 1-to-g
mapping is deterministic, an adversary only needs to compromise
all thegwitnesses for a given claimer id to prevent the conflicting
reports from converging, so that she can deploy as many replicas
with that id as she desires but without triggering any alarm, as
long as no two replicas share a neighbor. The dilemma for DM is
that a large g (for improved resilience) is not affordable becauseboth the network communication and the node storage are
proportional to glng, and yet a small gmay allow the adversary
almost unlimited replication ability.
4.3. Randomized multicast (RM) and line-selected multicast (LSM)
Since DM is unappealing for its deterministic property, Parno
et al. (2005) developed two probabilisticalgorithms RM and LSM,
which are generally accepted as the pioneering full-fledged replica
detections. RM distributes node location claims to a randomly
selected set of witnesses, exploiting certain combinatorics theory
(the birthday paradoxCormen et al., 2001) to detect replicas, while
LSM exploits the routing topology of the network to nominate
additional witnesses for a claimer and utilizes geometric probabilityfor the detection. RM and LSM still follow the claimerreporter
witness approach, but the witnesses become unpredictable for the
adversary. Therefore, both schemes can be regarded as improve-
ments of the above DM. They trade efficiency for security, i.e.,
increased resistance is achieved at the price of also increased
communication and/or memory consumption. Both are based on
the emergent properties (Gligor, 2004), while further modifications
and tradeoffs are possible (as to be shown in subsequent subsec-
tions). One major difference between RM and LSM lies in that in the
former protocol the reporters randomly select several witnesses,
while in the latter protocol nodes forwarding a location claim (i.e.,
on the path from a reporter to the corresponding witness) also save
the claim for inspection, serving as additional witnesses. Next, we
review them respectively. For completeness/clearness and also a
better understanding of subsequent proposals in the literature, we
include a little more technical details for the pioneering RM and
LSM, though similar assumptions may have already been made in
DM implicitly.
4.3.1. RM
In RM, a claimer node a with id IDa and location la locally
broadcasts to its neighbors its location claim /IDa,laS signed with
an id-based signature scheme, where anyones public key isessentially her id. Recall Section 2.1 that all replicas copying the
same public/private key pair have to reuse the same id with the
originally captured node, and that an adversary cannot create
new node ids due to not being able to generate the corresponding
private keys. The id-based signature also enables authenticated
broadcast, as anyone (herein any of the claimers neighbors) can
authenticate as location claim by verifying the signature with the
public key immediately derived from IDa. Each neighbor node,
aware of its own position (Boukerche et al., 2007), also verifies the
plausibility of la with certain geometric constrains, and with
probabilityp, becomes a reporter (recall that p1 in DM). Thusthere are on averagedp reporters for node a. Each reporter selects
grandom destinations in the network, and forwards the authen-
ticated location claim to each witness node closest respectivelyto each of the gselected destinations employing a geographic
routing protocol (recall Section 2.2).1 Thus there are dpg wit-
nesses for a; as to be shown later, the choice of the product dpg
exploits the birthday paradox (Cormen et al., 2001). Assumeahas
a replica a0, which involves another set of dpg witnesses. Theprobability that the two sets have no intersection can be esti-
mated with P1 1dpg=ndpg, and thus the detection rate in thecase of only one replica is Pd 1P1. That is, with probability Pd,two conflicting location claims /IDa,laS and/IDa0 IDa,la0 a laSwill be received by at least one common witness, who can
immediately flood the network with the conflicting pair as the
evidence to discreditaand a0. Then each node receiving the pair canindependently verify (with the same public key) the two signatures
to confirm the revocation.
Generally, if there are L compromised nodes with the same id
in the network (that is, there areL1 replicas), we can employ theMaclaurin Series (ex 1x) and formulate the detection rate asPd41edpg
2=nLL1=2. RM chooses the parameters in a specialmanner so that dpg ffiffiffinp and thus Pd41eLL1=2. Therefore,RM detects a single replication of node a (L2) with probabilityabove 63%; if a is replicated twice (L3), the detection rateproliferates to over 95%. This is very desirable. However, RM
poses high costs. Each node is both a claimer (each of whose dp
reporters forwards the location claim to grandom witnesses) and
a witness for storing the received claims, and thus on average
each node needs to store 1=n dpg n ffiffiffinp claims. Again assumethe average network path length is O ffiffiffinp . Each of the n nodesincurs dpgdeliveries of its location claim. Therefore, the network
communication cost is O ffiffiffinp n dpg, i.e., On2, which is asexpensive as N2NB (Section 4.1). Actually, one can roughly regard
N2NB as an ultimate edition of RM, where the witnesses for any
claimer are present everywhere in the network (i.e., ubiquitous).
4.3.2. LSM
If we interpret RM as a randomized version of DM, LSM can
then be regarded as a less expensive version of RM to decrease the
communication cost. On a high level, when node as location
Table 2
Summary of protocol costs: network-wide communication and memory con-
sumption per node.
Detection protocol Communication Storage
N2NB (Parno et al., 2005) On2 OdDM (Parno et al., 2005) Ogln g n ffiffiffinp Ogln gRM (Parno et al., 2005) On2 O ffiffiffinpLSM (Parno et al., 2005) O
n ffiffiffin
p
O
ffiffiffin
pSDC (Zhu et al., 2007) Odp n ffiffiffinp Os n Osps
P-MPC (Zhu et al., 2007) Odp n ffiffiffinp Os n OspsRED (Conti et al., 2007) Odpg n ffiffiffinp OdpgB-MEM (Zhang et al., 2009) On ffiffiffinp O ffiffiffinpRDE (Li and Gong, 2009a) Od n ffiffiffinp Od
1 It is implicitly assumed that each reporter appends (in an authentic manner)
a random destination to each of the location claims (otherwise, other nodes will
have no idea where to forward a location claim). Among several side effects is
increased communication cost. Nevertheless, such appending is not necessary for
detection schemes like DM (due to the mapping function, recall Section 4.2).
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 102210341028
-
8/9/2019 Detecting Node Replication Attacks in WSN
8/13
claim propagates from a reporter to a witness, all the intermedi-
ate nodes on the forwarding path also learn about the informa-
tion, and can serve as additional witnesses, as shown in Fig. 2.
Hence whenever a conflicting location claim by a replica a0
crosses the forwarding path for a, the intermediate node at the
intersection of the two paths can detect the conflict, i.e., an
intersection corresponds to a detection of the replication attack.
This idea can be compared to the following geometric theorem:
forx randomly drawn lines within a circle, the expected number
of intersections is about 0:339xx1, and thus we only need a fewsuch lines to insure an intersection (e.g., with only x3 randomlines we expect 2 collisions).
In LSM, the productdpg(inherited from RM) is fixed and set to
a very small constant r(5ffiffiffin
p ). Each location claim from a nodea
is forwarded to rrandom nodes following the claimerreporter
witness framework, but the intermediate nodes on the r forward-
ing paths also save a copy of the claim. Once another location
claim /IDa0 IDa,la0 a laS is received by a witness (eitherselected by a reporter, or more likely, an additional one), it floods
the network with the unforgeable evidence to exclude both a anda0. One may notice that LSM actually draws r line segments(paths) that originate from reporters around a central point (theclaimer node) and radiate out in random directions (to rrandom
witnesses), instead of random lines (as in the aforementioned
geometric theorem). However, even so, simulations indicate that
even if there is only one replica (i.e., rrandom paths radiate from
a, another rpaths from a0), setting r2 assures that the prob-ability for generating at least one intersection (i.e., the detection
rate Pd) is above 56%, and r5 leads to 95%. Similar reliabilityholds for realistic WSN deployment fields with irregular topolo-
gies far different from a circular domain. Compared with RM, LSM
has the network communication cost scaling as O ffiffiffinp n r, i.e.,On ffiffiffinp , and an average node storage cost of 1=n r ffiffiffinp nlocation claims scaling as O ffiffiffinp .
4.3.3. Countering counterattacks
For an actual WSN, new nodes may be added over time while
old nodes may perish, and it is impossible to foresee when an
adversary would launch a replication attack. Hence it is necessary
to schedule regular detection rounds for RM and LSM (and other
schemes). If a node hears from a neighbor a that did not participate
in the previous round, it will refuse to communicate with a until a
successfully participates in one round. This precludes the adversary
from bypassing the detection, in terms of the time domain. Next we
look at the counterattacks in the space domain.
The adversary may tamper with the detection by disrupting
the routing of location claims from reporters to witnesses, but
this can be easily detected (Karlof and Wagner, 2003) and creates
tell-tale signs of the adversarys presence in the network.
Alternatively, since the witnesses for any claimer become unpre-
dictable in RM and LSM, an adversary may turn to compromise all
thed neighbors of a replica so as to prevent a location claim from
propagating to any witness (actually, to eliminate the reporters at
all). Such a masked replication attack can be addressed with
pseudo-neighbors (Parno et al., 2005) (eventually, additional repor-
ters). Nevertheless, as indicated in Conti et al. (2011), it is possible
for such a replica (whose neighbors have all been compromised) to
lie about its physical position (hence the location claim), which may
be a common drawback of all location-based replication detections.
4.4. Single deterministic cell (SDC) and parallel multiple probabilistic
cells (P-MPC)
Zhu et al. (2007)proposed two schemes SDC and P-MPC under
the brand localized multicast. Essentially both are variants of
DM (Section 4.2), and can be parsed as network-wide determi-
nistic multicast, followed by in-cell broadcast and probabilistic
storage. In both schemes, the WSN deployment field is considered
as a geographic grid of cells, and a location claim from node a is
sent by its reporters tog
1 (SDC) org41 (P-MPC) cells for in-cell
broadcast, the cell id(s) of which is/are deterministically mappedfrom IDa; each node in the destination cell(s) then probabilisti-
cally chooses to be a witness by saving the claim. If there is a
replicaa 0, its location claim is sent to the same cell(s) for in-cellbroadcast, and thus the witnesses can spot the conflict.
One may remark that the concept localized multicast advo-
cated inZhu et al. (2007)is not very exact. Both schemes also bear
a similar dilemma with DM (Section 4.2) that if the cell size s is
too large, they incur expensive communication cost like N2NB
(Section 4.1); ifs is too small, they degenerate back to DM, and an
adversary can defeat both schemes by compromising all nodes in
thegdeterministic tiny cells. Note that in the latter case (a very
smalls), all prospective witnesses in one cell are deployed close to
each other within a geographically limited region instead of
sparsely spreading throughout the deployment field, and thus itis easy for an adversary to physically approach and compromise
them once for all. Therefore, the practicality of SDC and P-MPC
relies on careful selection ofs. Unfortunately, inZhu et al. (2007)
the critical issue of choosing an appropriate cell size s is over-
looked; for all provided examples, s is set to 100 nodes without
any explanation/discussion. In practice, one needs to choose s
carefully to find an appropriate tradeoff between efficiency and
security.
Another problem omitted inZhu et al. (2007)is what we term
the indistinguishable dilemma. Take SDC for example. Once a
location claim by node aarrives at the destination cell, it should
be flooded within the cell so that each node in the cell indepen-
dently stores the claim (i.e., becomes a witness) with probability
ps. To reduce the in-cell broadcast overhead, SDC requires that the
Fig. 2. Randomized multicast (left) and line-selected multicast (right) following the claimerreporterwitnessframework, where the red hexagons stand for claimers with
the same node id, green/blue circles stand for reporters, and green/blue squares stand for witnesses. The squares with two colors (green and blue) stand for the common
witnesses that detect the conflict. (For interpretation of the references to color in this figure legend, the reader is referred to the web version of this article.)
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 10221034 1029
-
8/9/2019 Detecting Node Replication Attacks in WSN
9/13
flooding be executed only when the first copy ofas location claim
arrives at the cell, and thefollowingcopies are ignored (Zhu et al.,
2007). Now, let the location claim by a replica node a0 arrive atthe same cell, since IDa IDa0 . The conundrum is that the node inthe cell that first receives the claim can be anywhere on the cell
perimeter; if it has not become a witness for a, it is unable to
distinguish between the following two scenarios: (i) the claim is
of the followingcopies of node as claim or (ii) the claim is not
from node a , but from another node a0. Although not specified inZhu et al. (2007), an effective solution is available as follows. Anode in the destination cell, upon the first (and only) in-cell
broadcast, need temporarily store the received location claim for
a very short period, which corresponds to the time difference
between the arrivals of the location claims forwarded by the dp
reporters of the same a. Note that all these reporters are as
neighbors, and thus their forwarding paths may overlap signifi-
cantly and eventually converge, resulting in approximately the
same routing delays (and thus only insignificant time difference).
During this short period, the node in the destination cell simply
ignores any identical copy arriving later, addressing scenario (i).
After that the node will discard the stored claim with probability1ps, but is still ready for addressing scenario (ii). Clearly, withthis solution, conflicting location claims can be spotted no matter
they arrive at the destination cell simultaneously or not.
SDC and P-MPC have the same level of costs. The network-wide
communication overhead comprises Odp n ffiffiffinp reporter-to-cellrouting and Os n in-cell flooding. The memory consumption pernode scales as Osps. A more recent version ofZhu et al. (2007)isfound in Zhu et al. (2010), where the cell size s is additionally
evaluated with respect to the node communication range.
4.5. Randomized, efficient, and distributed (RED) detection
Conti et al. (2007) proposed a randomized, efficient, and
distributed (RED) protocol, which combines both merits of DM
(Section 4.2) and RM (Section 4.3.1). The major motivation stems
from the fairness or so called quality of the detection protocol
(Conti et al., 2006): resilience to attacks can be improved bydesigns that associate individual sensor nodes with equal risk
level. For example, a protocol where the likelihood for a genuine
node to serve as a witness node (known as the node appeal) is
independent of the nodes geographical position is more favor-
able, because such an area-oblivious protocol actually associ-
ates sensor nodes with almost even responsibility.
In RED, each of the d neighbors of a claimer a becomes a
reporter with probability p , and each reporter sends as location
claim to a set of gpseudo-randomly selected network locations
(hence to gwitnesses, like RM). The point is that these pseudo-
random locations are computed from IDa with a 1-to-gdetermi-
nistic mapping (like DM), which is seeded with a nonce received
from centralized broadcasting (e.g., from a satellite). Once the
random seed is shared network-wide at the beginning of eachprotocol iteration, the gwitnesses are actually deterministic, and
the witness set selected by any reporter for a is actually the same.
Compared with RM and LSM (Section 4.3), REDs philosophy lies in
just enough witnesses, which is inherited from DM. The productdpgcan be merely a very small constant (5
ffiffiffin
p); it is even enough
to setg1. Clearly, the node storage isdpglocation claims, and thenetwork communication is of O ffiffiffinp n dpg. Importantly, theincurred overheads are almost evenly balanced among sensor nodes.
The probability that a claimer has no reporter is 1pd, and thus thedetection rate is Pd 11pd2 assuming there are only twonodes sharing the same id.
The pseudo-random choice of witnesses leads to a uniform
witness distribution (area-oblivious). On the contrary, in LSM
(Parno et al., 2005) a very small central area (for a convex
deployment field like a square) may accommodate a large portion
of all the witnesses that spot non-coherent location claims,
because two forwarding paths are more likely to intersect in the
central area; these nodes are just another type of hotspots (recall
Section 3.1), and may become appealing targets of attack and/or
exhausted quickly. This is termed the crowded centerproblem in
Zhang et al. (2009) to be reviewed in the next subsection. RED
(Conti et al., 2007) following Conti et al. (2006) solves this
problem justifiably, and an updated version is in Conti et al.(2011). We consider RED as one of the most promising replication
detections in the state of the art. Nevertheless, in Zhang et al.
(2009) it is also noted that the infrastructure for distributing
REDs random seed may not always be available. Moreover, since
for each protocol iteration the witnesses set for any node is
deterministic, there might exist a dilemma in selecting an appro-
priate g so as to balance between efficiency and robustness
against node compromise (Zhu et al., 2010).
4.6. Memory efficient multicast: B-MEM, BC-MEM, C-MEM, and
CC-MEM
Zhang et al. (2009)proposed four replication detection proto-
cols in the name of memory efficient multicast (MEM). The first,
B-MEM, is an extension of LSM (Parno et al., 2005), and is the
basis of all other three schemes. It reduces the number of stored
location claims per node by factor ffiffiffin
p through the use of two
compact Bloom filters, which are maintained by semi-witnesses
(known as watchers) and are reset right before each detection
round. However, additional memory consumption per node has to
be incurred for storing the two filters (essentially compressed
location claims), and the overall node storage still scales as O ffiffiffinp (i.e., of the same level with LSM). Moreover, simulations show
that B-MEM may lower the detection rate of LSM due to so called
false verifications (Zhang et al., 2009) (essentially the intrinsic
false positives of Bloom filters). The second, BC-MEM, employs a
technique called cell forwarding to solve the cross overproblem
that unlike geometric line segments intersecting at a common
point, in LSM even when two forwarding paths cross they maynot intersect at a common node. One can indeed verify the
problem by reconsidering the geographic routing (Section 2.2).
The third, C-MEM, employs a technique called cross forwardingto
address the aforementioned crowded center problem (Section
4.5) that in LSM random forwarding paths tend to pass the central
area of the deployment field more frequently, where the nodes
suffer far worse overheads. For each claimer, C-MEM first selects a
random point called the cross pointin the network, and forwards
the location claim to that point. From there, the claim is then
forwarded in four directions, along the horizontal and vertical
lines that pass the cross point. Last, CC-MEM integrates cell
forwarding and cross forwarding, and thus is a combination of
BC-MEM and C-MEM.
Simulation results show that the performance of C-MEM iscomparable to BC-MEM, because two sets of crossing lines have a
very high probability to intersect at one or two locations. That is,
C-MEM can also mitigate the cross over problem. However, cross
forwarding achieves a high probability for intersection only for a
convex deployment field, particularly a rectangle (the simulations
inZhang et al., 2009actually employed a square). For the various
irregular topologies considered by LSM such as thin cross,
large H, etc. (Parno et al., 2005), the cross forwarding technique
employed by both C-MEM and CC-MEM may work far poorer than
in a rectangle; the detection rate may drop drastically.
As to cell forwarding in BC-MEM, the basic idea is to divide the
deployment field into virtual cells (like SDC and P-MPCZhu et al.,
2007). By employing a pseudo-random mapping similar to RED
(Conti et al., 2007) but seeded with the detection round number
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 102210341030
-
8/9/2019 Detecting Node Replication Attacks in WSN
10/13
(an increasing index), in each cell an anchor node is assigned for
each claimer in the network; one anchor node as a representative
of the cell may serve different network-wide nodes. To solve the
cross over problem, BC-MEM only chooses witnesses from these
anchor nodes, which serve as definite intersections for forwarding
paths. The price is increased energy expenditure, as any location
claim is no longer forwarded along an approximately straight
path but a zigzag path. A major problem with BC-MEM is that
similar to Ho et al. (2009b), the cell division and anchor nodeselection ask for highly accurate localization, which may not be
affordable for the current generation of WSNs. A less serious
problem is that an adversary may circumvent BC-MEM by
compromising certain deterministic anchor nodes, assuming the
detection only runs for a few rounds. An unaddressed problem is
the policy for cell size selection (as also observed in SDC and
P-MPC Zhu et al., 2007, recall Section 4.4), which makes fair
comparison with other schemes difficult. In all simulations the
deployment field is always divided into 100 cells without further
explanation/discussion.
4.7. Randomly directed exploration (RDE)
InLi and Gong (2009a), a simplified version of N2NB (Section4.1) known as randomly directed exploration (RDE) is proposed,
where a location claim along with the claimers neighbor list is
forwarded in such a manner that the each of the forwarding paths
are approximately a straight line segment. We notice such a
directed (i.e., oriented) forwarding approach is just a special
(yet simple) implementation of geographic routing (Section 2.2)
that only works for a convex deployment field (the more regular
the better). The real interesting part lies in its motivation: RDE
tries to mimic N2NB while suppressing broadcast flood. The
underlying idea can be interpreted as follows: if the WSN is
small-scale but very densely deployed, a thin forwarding path
can become a thick belt to cover sufficient overhearing nodes.
Hence it is plausible to substitute such an anycast (as suggested
inLi and Gong, 2009a) for broadcast.
RDEs node storage cost remains the same with N2NB (i.e., Od),while the network communication overhead is reduced from On2to Od n ffiffiffinp , at the price of decreased detection rate. Note that weadd the coefficientd to count for the cost of additionally forwarding
a claimers neighbor list (which is not forwarded in N2NB), whereas
this cost is overlooked in the evaluation in Li and Gong (2009a).
Actually, the communication reduction from On2 to Od n ffiffiffinp isnot very beneficial. Moreover, RDE only seems feasible for an ideal
network model, and the detection rate may not be very significant
even for a convex deployment field.
4.8. Rethinking the claimerreporterwitness framework
4.8.1. A brief sum-up
In this section we have investigated a dozen distributed
detection protocols, all of which can be accommodated by the
claimerreporterwitness framework pioneered in Parno et al.
(2005). Following the taxonomy inFig. 1, we depict the relation-
ship between these various solutions inFig. 3, which enables us to
better understand how the research in this area has evolved. It is
also easy for one to yield another but quite similar illustration
(herein omitted for space concerns) for a qualitative comparison
between the schemes. For example, one can replace the text
additional witnesses in Fig. 3 (between RM and LSM) with
trading storage for communication efficiency, replace the text
cell forwarding (between B-MEM and BC-MEM) with resolving
the cross over problem, and so on.There are also some other proposals (possibly less well-
known) under the same framework. For example, in Li and
Gong (2009b), a detection scheme based on the distributed hash
table is proposed. The main idea is to replace the geographic
routing with the index-based routing in a special upper overlay
network built upon the WSN. This actually increases the network
communication by a factor of logn, and thus is unfavorable.
In Sei and Honiden (2009), instead of developing a new
detection scheme, the problem of efficient selection of reporters
is considered. In the claimerreporterwitness framework, each
neighbor of a claimer becomes a reporter with probability p, and
thus the average number of reporters, dp, may be more than
enough; for RED (Conti et al., 2007), SDC (Zhu et al., 2007), and
P-MPC (Zhu et al., 2007), a witness only needs one reporter to
forward the location claim. The reporter determination is to
decrease the number of reporters, so that unnecessary message
forwarding can be restrained. The proposed algorithm cannot be
applied to other schemes like RM or LSM (Parno et al., 2005).
Fig. 3. Relationship between the most well-known distributed node replication detections in the state of the art accommodated by theclaimerreporterwitness
framework.
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 10221034 1031
-
8/9/2019 Detecting Node Replication Attacks in WSN
11/13
4.8.2. Potential deficiencies
While the prospect of the claimerreporterwitness frame-
work seems promising, so far little work has been done to inspect
possible defects of the location-based framework. One exception
is inConti et al. (2011), where Conti et al. found that a replica can
circumvent detections by lying about its position. As previously
mentioned in Section 4.3.3, if all the neighbors of this cheating
node are corrupted, they will not identify it as a cheater. The
security breakage is posed as a common drawback of both LSMand RED inConti et al. (2011), where no countermeasure is given.
Another but more sophisticated circumvention is described in
Zhou et al. (2008), where Zhou et al. introduced a novel asynchro-
nous node replication attack as a variant of the classical one. The
inventive attack does not violate the assumption that all deployed
sensor nodes are physically fixed and immobile, but can avoid the
detection by major protocols like RM and LSM (Parno et al., 2005). A
competitive scenario is conceived, where two rival WSNs exist in the
same deployment field. Both are stationary. Assume the gray
network attacks the blue network employing ccaptured nodes.
The main idea is to have the credentials of the ccaptured nodes
utilized bydifferentnodes of the gray network during each detection
round. Although the number of nodes actively mounting the attack
at any instant is limited by c, over a period of time the total number
of nodes actively participating in the asynchronous attack is far
greater thanc. Note that this is indeed a dedicated replication attack,
though the terminology of dual id nodes in Zhou et al. (2008)
might remind one of the (actually irrelevant) Sybil attack (Newsome
et al., 2004) (recallSection 2.1). To confront such an asynchronous
attack, a hybrid approach consisting of both distributed detection
and centralized monitoring is proposed.
4.8.3. Formalized design goals
InZhou et al. (2008) the challenge in detecting mobile replicas
was already implied, and in Zhu et al. (2011) we concentrate on
detecting node replication attacks in mobile WSNs. While the
solutions proposed there are purely for mobile WSNs, some princi-
ples developed there are generally applicable to static WSNs, too. For
example, we contend that the design goals of a replication detection
scheme can be set according to different information requirement
levels (informally, whether, who, and how many) (Zhu et al.,
2011). Assume the adversary has captured and compromised one
sensor node with id IDc, from which she has created rclones and
then places all these 1rmalicious nodes back into the network. Forany detection protocol:
1. The basic goal is to tell whether there is a replication attack or
not (i.e., rZ1 orr0?).2. If rZ1, it is often necessary for the scheme to identify the
compromised id (i.e., IDc ?).3. Furthermore, it is preferable (though not always necessary) for
the scheme to infer the number of malicious nodes (equiva-
lently,r ?).
In the above, the goal of a higher level implies more under-
standing of the security status of the WSN than the goal of a
lower level. For example, only achieving goal level 1 (but not level
2) means detection without identification. In this case, the net-
work owner is passively aware of the situation that an attack is
ongoing, but is unable to undertake active responses like
revocation and/or emergency recovery; all she could do might
be only discard the data received from the sensor nodes.
4.9. Other related work
Ho et al. (2009a)assume nodes are organized in groups, each
of which is deployed towards a predetermined geographic
location called the group deployment point. Since each group of
nodes exhibit similar geographic relations, replication detection
becomes almost a trivial task. The proposed schemes partially
follow (Parno et al., 2005), but can be made arbitrarily efficient
by increasing the accuracy of deployment knowledge (Ho et al.,
2009a). This reminds us of that the predetermined node place-
ment sounds more like replication prevention than replication
detection.
Another work that goes further towards prevention (but is stillentitled detection) is found in Bekara and Laurent-Maknavicius
(2007), which exploits the apparent fact that excluding new
nodes from joining the WSN can trivially prevent replication
attacks. The main idea is to enforce a strict generation- (or batch-
)based node deployment policy, and to tie every node to its
generation when establishing pairwise keys. Although it does not
involve asymmetric cryptosystem, the work (Bekara and Laurent-
Maknavicius, 2007) seems to be inspired byZhang et al. (2006),
where the private keys of individual sensor nodes are bound to
both their ids and geographic locations.
For the completeness of this survey, we have also checked
some replication detections proposed recently (Kim et al.,
2009a,b; Ko et al., 2009; Meng et al., 2010); unfortunately, the
underlying ideas are all found to be flawed (Zhu, 2011a,b).
5. Concluding remarks
In this paper, we addressed a unique yet application-indepen-
dent problem in WSN security known as the node replication
attack. As depicted inFig. 1, we classified mainstream detection
protocols as centralized and distributed, and reviewed the litera-
ture with a focus on the latter category. For distributed solutions,
the detection overheads are summarized in Table 2 for a quick
comparison. Note that B-MEM (Zhang et al., 2009) is selected as a
representative of the MEM family (Section 4.6). InTable 2we do
not compare the detection rates because different detections
assume quite different scenarios (regarding deployment field
topology, grid division, ability for network-wide spontaneouschange of a random seed, etc.). Moreover, the detection rates
sometimes may be analytically inferred (e.g., for REDConti et al.,
2007), but often may not (i.e., can only be obtained heuristically
with simulations, like for LSM Parno et al., 2005 and the MEM
familyZhang et al., 2009).
Due to quite different motivations and assumptions behind
these research efforts as well as their respective strengths and
weaknesses, it may be inappropriate to make general and definite
remarks that which is the most promising or which are better
than the others. For example, even the relatively naive N2NB
(which obviously incurs the highest communication overhead
among all schemes, recall Section 4.1) may be preferable for a
very small WSN due to its simplicity and intuitiveness, while
more sophisticated schemes are found in the three protocolspioneered inParno et al. (2005)(i.e., DM, RM, and LSM) and their
various derivatives (see Fig. 3). Nevertheless, we summarize in
Table 3the different scenarios considered in all the solutions that
have been included inFig. 3. This helps us better understand the
emphases and tradeoffs of respective proposals, though a com-
parison like this has generally been overlooked in the literature.
The recent research has so far been striving for solutions that
incur less communication and occupy less memory, and this trend
will continue towards more efficient detection schemes. More-
over, we notice one factor that has received relatively less
attention in replication detection is the computational cost
involved. It is reasonable to count on this additional metric when
evaluating various detection schemes besides network commu-
nication and node storage overheads. Adding more generic
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 102210341032
-
8/9/2019 Detecting Node Replication Attacks in WSN
12/13
evaluation dimensions also allows protocol designers to balance
between various expenditures in an in-depth and more compre-
hensive manner.
For future development, one can first reflect on the thought-
provoking discoveries summarized in Section 4.8.2. One can also
borrow some ideas from closely related research topics in WSN
security, like detection of captured nodes (Conti et al., 2008,2009)
or detection of general compromised nodes (Song et al., 2007;
Zhang et al., 2008). These explorations (Conti et al., 2008,2009; Song
et al., 2007; Zhang et al., 2008) address application-independent
intrusion detection in sensor networks from different prospects, but
bear intriguing similarities with replica detection (for example, our
latest research efforts on detecting node replication attacks in
mobile WSNsZhu et al., 2011are partially inspired by Conti et al.,
2008). We envision that these relevant security solutions (Conti
et al., 2008, 2009; Song et al., 2007; Zhang et al., 2008) will hopefully
serve as complementary mechanisms in detecting node replication
attacks, and application-independent intrusion detections will sig-
nificantly help defend the security for wireless sensor networks.
Acknowledgments
We would like to thank the anonymous reviewers for their
constructive comments. This work was supported by the National
Natural Science Foundation of China under Grant 60970138.
References
Bekara C, Laurent-Maknavicius M. A new protocol for securing wireless sensornetworks against nodes replication attacks. In: Proceedings of the 3rd IEEEinternational conference on wireless and mobile computing, networking andcommunications (WiMob07); 2007. October.
Bonaci T, Bushnell L, Poovendran R. Node capture attacks in wireless sensornetworks: a system theoretic approach. In: Proceedings of the 49th IEEEconference on decision and control (CDC10); 2010. p. 676572, December.
Boukerche A, Oliveira HABF, Nakamura EF, Loureiro AAF. Localization systems for
wireless sensor networks. IEEE Wireless Communications 2007;14(December):612.Brooks R, Govindaraju PY, Pirretti M, Vijaykrishnan N, Kandemir MT. On the
detection of clones in sensor networks using random key predistribution. IEEETransactions on Systems, Man, and Cybernetics, Part C: Applications andReviews 2007;37(November):124658.
Chan H, Perrig A. Security and privacy in sensor networks. Computer2003;36(October):1035.
Choi H, Zhu S, La porta TF. SET: detecting node clones in sensor networks. In:Proceedings of the 3rd international conference on security and privacy incommunications networks and the workshops (SecureComm07); 2007.p. 34150, December.
Conti M, Di Pietro R, Mancini LV, Mei A. Requirements and open issues indistributed detection of node identity replicas in WSN. In: Proceedings ofthe 2006 IEEE international conference on systems, man, and cybernetics(SMC06); 2006. p. 146873, October.
Conti M, Di Pietro R, Mancini LV, Mei A. A randomized, efficient, distributedprotocol for the detection of node replication attacks in wireless sensornetwork. In: Proceedings of the 8th ACM international symposium on mobile
Ad Hoc networking and computing (MobiHoc07); 2007. p. 809, September.
Conti M, Di Pietro R, MAncini LV, Mei A. Emergent properties: detection of thenode-capture attack in mobile wireless sensor networks. In: Proceedings ofthe 1st ACM conference on wireless network security (WiSec08); 2008.p. 21419, March.
Conti M, Di Pietro R, Mancini LV, Mei A. Mobility and cooperation to thwart nodecapture attacks in MANETs. EURASIP Journal on Wireless Communications andNetworking 2009: 13 (Article ID 945943).
Conti M, Di Pietro R, Mancini LV, Mei A. Distributed detection of clone attacks inwireless sensor networks. IEEE Transactions on Dependable and SecureComputing 2011(September/October):68598.
Cormen TH, Leiserson CE, Rivest RL, Stein C. Introduction to algorithms. MIT Press;
2001.Deng J, Hartung C, Han R, Mishra S. A practical study of transitory master key
establishment for wireless sensor networks. In: Proceedings of the 1stinternational conference on security and privacy for emerging areas incommunication networks (SecureComm05); 2005. p. 28999. September.
Dolev D, Yao AC. On the security of public key protocols. IEEE Transactions onInformation Theory 1983;29(March):198208.
Duan M-J, Xu J. An efficient location-based compromise-tolerant key managementscheme for sensor networks. Information Processing Letters 2011;111(May):5037.
Gligor V. Security of emergent properties in ad-hoc networks. In: Proceedings ofthe 12th international workshop on security protocols; 2004. p. 25666. April.
He W, Liu X, Nguyen H, Nahrstedt K, Abdelzaher T. PDA: privacy-preserving dataaggregation in wireless sensor networks. In: Proceedings of the 26th IEEEconference o n computer communications (INFOCOM07); 2007. p. 204553May.
Ho J-W, Liu D, Wright M, Das SK. Distributed detection of replica node attacks withgroup deployment knowledge in wireless sensor networks. Ad Hoc Networks
2009;7(November):147688.Ho J-W, Wright M, Das SK. Fast detection of replica node attacks in mobile sensornetworks using sequential analysis. In: Proceedings of the 28th IEEE conferenceon computer communications (INFOCOM09); 2009b. p. 177381. April.
Hussain S, Rahman MS. Using received signal strength indicator to detect nodereplacement and replication attacks in wireless sensor networks. In: SPIEProceedings of the data mining, intrusion detection, information assurance,and data networks security; 2009. April.
Karlof C, Wagner D. Secure routing in wireless sensor networks: attacks andcountermeasures. Ad Hoc Networks 2003;1(September):293315.
Karp B, Kung HT. GPSR: greedy perimeter stateless routing for wireless networks.In: Proceedings of the 6th international conference on mobile computing andnetworking (MobiCom00); 2000. p. 24354. August.
Kim C, Park C, Hur J, Lee H, Yoon H. A distributed deterministic and resilientreplication attack detection protocol in wireless sensor networks. Commu-nications in Computer and Information Science 2009a;56(December):40512.
Kim C, Shin S, Park C, Yoon H. A resilient and efficient replication attack detectionscheme for wireless sensor networks. IEICE Transactions on Information andSystems 2009b;E92-D(July):147983.
Ko L-C, Chen H-Y, Lin G-R. A neighbor-based detection scheme for wireless sensornetworks against node replication attacks. In: Proceedings of the 2009international conference on ultra modern telecommunications and workshops(ICUMT09); 2009. October.
Li Z, Gong G. Randomly directed exploration: an efficient node clone detectionprotocol in wireless sensor networks. In: Proceedings of the 6th IEEE interna-tional conference on mobile adhoc and sensor systems (MASS09); 2009a.p. 10305. October.
Li Z, Gong G. DHT-based detection of node clone in wireless sensor networks. In:Proceedings of the 1st international conference on ad hoc networks (ADHOC-NETS09); 2009b. p. 24055. September.
Liu J, Baek J, Zhou J, Yang Y, Wong J-W. Efficient online/offline identity-basedsignature for wireless sensor network. International Journal of InformationSecurity 2010;9(August):28796.
Mathur S, Reznik A, Ye C, Mukherjee R, Rahman A, Shah Y, et al. Exploiting thephysical layer for enhanced security. IEEE Wireless Communications2010;17(October):6370.
Meng X, Lin K, Li K. A note-based randomized and distributed protocol fordetecting node replication attacks in wireless sensor networks. In: Proceedingsof the 10th international conference on algorithms and architectures forparallel processing (ICA3PP10); 2010. p. 55970. May.
Newsome J, Shi E, Song D, Perrig A. The Sybil attack in sensor networks: analysis &defenses. In: Proceedings of the 3rd international symposium on informationprocessing in sensor networks (IPSN04); 2004. p. 25968. April.
Parno B, Perrig A, Gligor V. Distributed detection of node replication attacks insensor networks. In: Proceedings of the 26th IEEE symposium on security andprivacy (S&P05); 2005. p. 4963. May.
Perrig A, Szewczyk R, Tygar JD, Wen V, Culler DE. SPINS: security protocols forsensor networks. Wireless Networks 2002;8(September):52134.
Poovendran R, Wang C, Roy S. Secure localization and time synchronizationfor wireless sensor and ad hoc networks.New York Inc: Springer-Verlag; 2007.
Ruhrup S. Theory and practice of geographic routing. In: Liu H, Leung Y-W, Chu X,editors. Ad hoc and sensor wireless networks: architectures, algorithms andprotocols. Bentham Science Publishers; 2009.
Sei Y, Honiden S. Reporter node determination of replicated node detection inwireless sensor networks. In: Proceedings of the 3rd international conferenceon ubiquitous information management and communication (ICUIMC09);
2009. p. 56673. January.
Table 3
Comparison between the scenarios in replica detections under the claimer
reporterwitness framework.
Protocol Assumed deployment model
N2NB (Parno et al., 2005) Arb it rary n etwork ver y sm all in size
DM, RM, LSM (Parno et al., 2005) Arbitrary network
SDC, P-MPC (Zhu et al., 2007) A (preferably rectangle) grid of cells
RED (Conti et al., 2007) Arb it rary n etwork , p referably r ectangle
B-MEM (Zhang et al., 2009) Arbitrary networkBC-MEM (Zhang et al., 2009) A (preferably rectangle) grid of cells
C-MEM (Zhang et al., 2009) Rectangle network
CC-MEM (Zhang et al., 2009) A Rectangle grid of cells
RDE (Li and Gong, 2009a) Convex, small-scale, and dense network
W.T. Zhu et al. / Journal of Network and Computer Applications 35 (2012) 10221034 1033
-
8/9/2019 Detecting Node Replication Attacks in WSN
13/13
Song H, Xie L, Zhu S, Cao G. Sensor node compromise detection: the locationperspective. In: Proceedings of the 3rd international conference on wirelesscommunications and mobile computing (IWCMC07); 2007. p. 2427. August.
Sun B, Osborne L, Xiao Y, Guizani S. Intrusion detection techniques in mobile adhoc and wireless sensor networks. IEEE Wireless Communications2007;14(October):5663.
Xie M, Han S, Tian B, Parvin S. Anomaly detection in wireless sensor networks: asurvey. Journal of Network and Computer Applications 2011;34(July):130225.
Xing K, Cheng X. From time domain to space domain: detecting replica attacks inmobile ad hoc networks. In: Proceedings of the 29th IEEE conference on
computer communications (INFOCOM10); 2010. March.Xing K, Liu F, Cheng X, Du DHC. Rea