TY - GEN
T1 - SET
T2 - 3rd International Conference on Security and Privacy in Communication Networks, SecureComm
AU - Choi, Heesook
AU - Zhu, Sencun
AU - Porta, Thomas F.La
PY - 2007
Y1 - 2007
N2 - Sensor nodes that are deployed in hostile environments are vulnerable to capture and compromise. An adversary may obtain private information from these sensors, clone and intelligently deploy them in the network to launch a variety of insider attacks. This attack process is broadly termed as a clone attack. Currently, the defenses against clone attacks are not only very few, but also suffer from selective interruption of detection and high overhead (computation and memory). In this paper, we propose a new effective and efficient scheme, called SET, to detect such clone attacks. The key idea of SET is to detect clones by computing set operations (intersection and union) of exclusive subsets in the network. First, SET securely forms exclusive unit subsets among one-hop neighbors in the network in a distributed way. This secure subset formation also provides the authentication of nodes' subset membership. SET then employs a tree structure to compute nonoverlapped set operations and integrates interleaved authentication to prevent unauthorized falsification of subset information during forwarding. Randomization is used to further make the exclusive subset and tree formation unpredictable to an adversary. We show the reliability and resilience of SET by analyzing the probability that an adversary may effectively obstruct the set operations. Performance analysis and simulations also demonstrate that the proposed scheme is more efficient than existing schemes from both communication and memory cost standpoints.
AB - Sensor nodes that are deployed in hostile environments are vulnerable to capture and compromise. An adversary may obtain private information from these sensors, clone and intelligently deploy them in the network to launch a variety of insider attacks. This attack process is broadly termed as a clone attack. Currently, the defenses against clone attacks are not only very few, but also suffer from selective interruption of detection and high overhead (computation and memory). In this paper, we propose a new effective and efficient scheme, called SET, to detect such clone attacks. The key idea of SET is to detect clones by computing set operations (intersection and union) of exclusive subsets in the network. First, SET securely forms exclusive unit subsets among one-hop neighbors in the network in a distributed way. This secure subset formation also provides the authentication of nodes' subset membership. SET then employs a tree structure to compute nonoverlapped set operations and integrates interleaved authentication to prevent unauthorized falsification of subset information during forwarding. Randomization is used to further make the exclusive subset and tree formation unpredictable to an adversary. We show the reliability and resilience of SET by analyzing the probability that an adversary may effectively obstruct the set operations. Performance analysis and simulations also demonstrate that the proposed scheme is more efficient than existing schemes from both communication and memory cost standpoints.
UR - http://www.scopus.com/inward/record.url?scp=51349148059&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=51349148059&partnerID=8YFLogxK
U2 - 10.1109/SECCOM.2007.4550353
DO - 10.1109/SECCOM.2007.4550353
M3 - Conference contribution
AN - SCOPUS:51349148059
SN - 1424409756
SN - 9781424409754
T3 - Proceedings of the 3rd International Conference on Security and Privacy in Communication Networks, SecureComm
SP - 341
EP - 350
BT - Proceedings of the 3rd International Conference on Security and Privacy in Communication Networks, SecureComm
Y2 - 17 September 2007 through 21 September 2007
ER -