June 25, 2007 to June 27, 2007
Fan Ye , IBM T.J. Watson research Center, NY
Hao Yang , IBM T.J. Watson research Center, NY
Zhen Liu , IBM T.J. Watson research Center, NY
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICDCS.2007.89
False data injection is a severe attack that compromised sensor nodes ("moles"') can launch. These moles inject large amount of bogus trafJic that can lead to application failures and exhausted network resources. Existing sensor network security proposals only passively mitigate the damage by filtering injected packets; they do not provide active means for fight back. This paper studies how to locate such moles within the framework of packet marking, when forwarding moles collude with source moles to manipulate the marks. Existing Internet traceback mechanisms do not assume compromised forwarding nodes and are easily defeated by manipulated marks. We propose a Probabilistic Nested Marking (PNM) scheme that is secure against such colluding attacks. No matter how colluding moles manipulate the marks, PNM can always locate them one by one. We prove that nested marking is both sufJicient and necessaly to resist colluding attacks. PNM also has fast-traceback: within about 50 packets, it can track down a mole up to 20 hops away from the sink. This virtually prevents any effective data injection attack: moles will be caught before they have injected any meaningful amount of bogus traffic.
Fan Ye, Hao Yang, Zhen Liu, "Catching "Moles" in Sensor Networks", ICDCS, 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07), 27th International Conference on Distributed Computing Systems (ICDCS '07) 2007, pp. 69, doi:10.1109/ICDCS.2007.89