Wireless sensor network (WSN) consists of a large number of small, inexpensive, battery-supplied communication devices densely deployed within a range of geographical space. It offers economical practicable solutions for many applications including monitoring factory instrumentation, pollution levels, freeway traffic, nature environment monitoring, surveillance, disaster management, target tracking, and the structural integrity of buildings.
The functions of WSNs are mainly to be used for gathering useful information related to the surrounding environment. (e.g. temperature, humidity, seismic and acoustic data, etc.)
“Energy or power consumption” is commonly considered as the key challenge in the design of WSNs. Individual sensor is expected to be low-cost, small size, and power conserving. However, most applications involving WSNs will ask for the unattended use over a long time. But the battery-supplied sensors of WSNs are with rare or no possibility to meet that requirement. So how to prolong the lifetime of WSNs by means of conserve the energy or power of sensors is the critical problem to be solved.
In resent years, a considerable number of published research works about wireless sensor networks have dealt with the issues of “energy or power consumption” problems [2][3][5-8]. Most of these works are proposed to minimize the energy usage of sensors and, therefore, success to prolong the operational lifetime of the entire network. The main ways are (1) to reduce the sum of inter-node communication, or (2) prolong the sleep time of sensor nodes. The researchers of these works also commonly agree with that WSNs of cluster-based architecture have the effect of advantages of these two ways, (1), (2) to prolong the network lifetime. Accordingly, WSNs of cluster-based architecture are considered as the most energy-efficient and most long-lived class of sensor networks.
Because of the low-cost and low tamper-resistant features, sensor nodes are vulnerable to physical captured. We should consider that the nodes within networks may be compromised by an attacker as a possible condition, when designing a secure sensor network. If a node is compromised, all the
information it keeps would also be revealed including keys of the data authentication, the pare-wised keys and the session keys. As a consequence, an adversary can carry out an inside attack with nodes compromised. Besides to disabled nodes, compromised nodes could actively seek a way to paralyze the network such as making and transmitting fake messages to let the conditions of the environment un-trusted [12-18].
Furthermore, cluster-based wireless sensor network often reduce communication overhead by means of message aggregation by clustered-heads or sinks. But message aggregation results in more degree of difficulty in security. Each intermediate node which was compromised can modify, forge or discard message, or simply transmit false values to aggregator.
One of these inside attacks is the fabricated report attack, which means compromised nodes may pretend to have detected nearby events or forward a fabricated report supposedly originating at another location to aggregator. If there is no secure mechanism to protect the network, adversaries could claim non-existed events nearly to aggregator. This kind of attack will not only waste the effort to report but also provide an un-trusted condition of the networks to managers. Several resent researches [19-21] about this have proposed mechanisms to filtrate injected fabricated reports in the packet forwarding process.
The basic ideas of their researches are: some symmetric keys are saved in every node. When events occurred, several sensors would collect data with multiple message authentication codes (MACs). A MAC is generated by a node which uses one of its symmetric keys and it represents the authenticated signature from the transmitter of the report. In the process of which a report arrives to the aggregator over multiple hops, each forwarder verifies the correctness of the MACs carried by the report. When the verification failed, it means the report was modified. Once, an incorrect MAC is detected. That report would be dropped by forwarders.
These mechanisms offer an efficient way to solve the fabricated report.
But these ways also result in another threat called false votes on real reports attack. This attack is that the attackers may inject false MACs for every real
report. If the methods are used, all these real event reports would be dropped during the process of forwarding.
A probabilistic voting-based filtering scheme (PVFS) [18] offers an efficient scheme to address these two types of attacks simultaneously by used of voting method under the clustered organization of WSNs. It used a designed probability to select intermediate cluster-heads as verification nodes.
The verification would not drop a report immediately after finding a false vote; instead it records the result of current verification. When the number of false votes reaches the design threshold, the report would be dropped.
But there are some problems in these previous researches. They address these problems at a location several hops from the attacker, which results in high resource consumption and the spread of damage across the network.
In this paper, we design a statistical voting scheme for detecting compromised nodes under the clustered-organized wireless sensor networks.
In order to prevent the damages caused by compromised nodes expend into a large range of the network, we use the cluster-heads as the detectors to detect the compromised nodes locally inside the 1-hop cluster. Each of the non-clustered-heads is not only the voter in the scheme but also probable the compromised node. We use some statistical analysis techniques to filter the voters and compute the reasonable range of data value to judge whether the destination is compromised or not. The neighbors of each node are its voters.
In order to promise the correctness of reasonable range, the assumption that there are less than half of neighbors compromised would be the requirement of our scheme.
The contribution of this thesis are as follow:
1. All these researches are success to make the damages of these two attacks (fabricated report attack and false votes on real reports attack) inefficient. But they can not detect the compromised ones and make the inside attacker disappeared completely. Our scheme can not only make these attacks inefficient but also capture the compromised ones.
2. We use cluster-based organization in our design. By processing detection locally, the damages from different clusters can not influence each other.
It limits the damages caused by compromised ones into a cluster.
3. We present a statistical voting scheme for detecting compromised nodes with statistical analysis techniques. By the process of scheme, the correctness of the aggregated result would be guaranteed.
The remainder of this paper is organized as follow. Section 2 introduces the related works and researches about secure clustering in WSNs. Several security threats with countermeasures will also be introduced in this section.
In section 3, we describe the detail of the statistical voting scheme. Section 4 gives a formal analysis of the clustering environments, simulation analysis, discussion, and security analysis. The conclusion and references are in section 5 and section 6.