Distributed detection of node replication attacks resilient to many compromised nodes in wireless sensor networks

Abstract

In large-scale sensor networks, sensor nodes are at high risk of being captured and compromised. Once a sensor node is compromised, all the secret keys, data, and code stored on it are exposed to the attacker. The attacker can insert arbitrary malicious code in the compromised node. Moreover, he can easily replicate it in a large number of clones and deploy them on the network. This node replication attack can form the basis of a variety of attacks such as DoS attacks, and Sybil attacks. Previous studies of node replication attacks have had some drawbacks; they need a central trusted entity or they become vulnerable when many nodes are compromised. Therefore, we propose a distributed protocol for detecting node replication attacks that is resilient to many compromised nodes. Our method does not need any reliable entities and has a high detection rate of replicated nodes. Our analysis and simulations demonstrate our protocol is effective even when there are a large number of compromised nodes.