Radha Poovendran

SeRLoc: secure range-independent localization for wireless sensor networks

In many applications of wireless sensor networks (WSN), sensors are deployed un-tethered in hostile environments. For location-aware WSN applications, it is essential to ensure that sensors can determine their location, even in the presence of malicious adversaries. In this paper we address the problem of enabling sensors of WSN to determine their location in an un-trusted environment. Since localization schemes based on distance estimation are expensive for the resource constrained sensors, we propose a range-independent localization algorithm called SeRLoc. SeRLoc is distributed algorithm and does not require any communication among sensors. In addition, we show that SeRLoc is robust against severe WSN attacks, such as the wormhole attack, the sybil attack and compromised sensors. To the best of our knowledge, ours is the first work that provides a security-aware range-independent localization scheme for WSN. We present a threat analysis and comparison of the performance of SeRLoc with state-of-the-art range-independent localization schemes.

SeRLoc: Robust localization for wireless sensor networks

Many distributed monitoring applications of Wireless Sensor Networks (WSNs) require the location information of a sensor node. In this article, we address the problem of enabling nodes of Wireless Sensor Networks to determine their location in an untrusted environment, known as the secure localization problem. We propose a novel range-independent localization algorithm called SeRLoc that is well suited to a resource constrained environment such as a WSN. SeRLoc is a distributed algorithm based on a two-tier network architecture that allows sensors to passively determine their location without interacting with other sensors. We show that SeRLoc is robust against known attacks on a WSNs such as the wormhole attack, the Sybil attack, and compromise of network entities and analytically compute the probability of success for each attack. We also compare the performance of SeRLoc with state-of-the-art range-independent localization schemes and show that SeRLoc has better performance.

Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks

We consider a scenario where a sophisticated jammer jams an area in a single-channel wireless sensor network. The jammer controls the probability of jamming and transmission range to cause maximal damage to the network in terms of corrupted communication links. The jammer action ceases when it is detected by a monitoring node in the network, and a notification message is transferred out of the jamming region. The jammer is detected at a monitor node by employing an optimal detection test based on the percentage of incurred collisions. On the other hand, the network computes channel access probability in an effort to minimize the jamming detection plus notification time. In order for the jammer to optimize its benefit, it needs to know the network channel access probability and number of neighbors of the monitor node. Accordingly, the network needs to know the jamming probability of the jammer. We study the idealized case of perfect knowledge by both the jammer and the network about the strategy of one another, and the case where the jammer or the network lack this knowledge. The latter is captured by formulating and solving optimization problems, the solutions of which constitute best responses of the attacker or the network to the worst-case strategy of each other. We also take into account potential energy constraints of the jammer and the network. We extend the problem to the case of multiple observers and adaptable jamming transmission range and propose a intuitive heuristic jamming strategy for that case.

A graph theoretic framework for preventing the wormhole attack in wireless ad hoc networks

Wireless ad hoc networks are envisioned to be randomly deployed in versatile and potentially hostile environments. Hence, providing secure and uninterrupted communication between the un-tethered network nodes becomes a critical problem. In this paper, we investigate the wormhole attack in wireless ad hoc networks, an attack that can disrupt vital network functions such as routing. In the wormhole attack, the adversary establishes a low-latency unidirectional or bi-directional link, such as a wired or long-range wireless link, between two points in the network that are not within communication range of each other. The attacker then records one or more messages at one end of the link, tunnels them via the link to the other end, and replays them into the network in a timely manner. The wormhole attack is easily implemented and particularly challenging to detect, since it does not require breach of the authenticity and confidentiality of communication, or the compromise of any host. We present a graph theoretic framework for modeling wormhole links and derive the necessary and sufficient conditions for detecting and defending against wormhole attacks. Based on our framework, we show that any candidate solution preventing wormholes should construct a communication graph that is a subgraph of the geometric graph defined by the radio range of the network nodes. Making use of our framework, we propose a cryptographic mechanism based on local broadcast keys in order to prevent wormholes. Our solution does not need time synchronization or time measurement, requires only a small fraction of the nodes to know their location, and is decentralized. Hence, it is suitable for networks with the most stringent constraints such as sensor networks. Finally, we believe our work is the first to provide an analytical evaluation in terms of probabilities of the extent to which a method prevents wormholes.

Maximizing static network lifetime of wireless broadcast ad hoc networks

We investigate the problem of energy-efficient broadcast routing over wireless static ad hoc network where host mobility is not involves. We define the lifetime of a network as the duration of time until the first node failure due to battery depletion. We provide a globally optimal solution to the problem maximizing a static network lifetime through a graph theoretic approach. We also provide extensive comparative simulation studies.

HiRLoc: high-resolution robust localization for wireless sensor networks

In this paper, we address the problem of robustly estimating the position of randomly deployed nodes of a wireless sensor network (WSN), in the presence of security threats. We propose a range-independent localization algorithm called high-resolution range-independent localization (HiRLoc), that allows sensors to passively determine their location with high resolution, without increasing the number of reference points, or the complexity of the hardware of each reference point. In HiRLoc, sensors determine their location based on the intersection of the areas covered by the beacons transmitted by multiple reference points. By combining the communication range constraints imposed by the physical medium with computationally efficient cryptographic primitives that secure the beacon transmissions, we show that HiRLoc is robust against known attacks on WSN, such as the wormhole attack, the Sybil attack, and compromise of network entities. Finally, our performance evaluation shows that HiRLoc leads to a significant improvement in localization accuracy compared with state-of-the-art range-independent localization schemes, while requiring fewer reference points.

Stochastic coverage in heterogeneous sensor networks

We study the problem of coverage in planar heterogeneous sensor networks. Coverage is a performance metric that quantifies how well a field of interest is monitored by the sensor deployment. To derive analytical expressions of coverage for heterogeneous sensor networks, we formulate the coverage problem as a set intersection problem, a problem studied in integral geometry. Compared to previous analytical results, our formulation allows us to consider a network model where sensors are deployed according to an arbitrary stochastic distribution; sensing areas of sensors need not follow the unit disk model but can have any arbitrary shape; sensors need not have an identical sensing capability. Furthermore, our formulation does not assume deployment of sensors over an infinite plane and, hence, our derivations do not suffer from the border effect problem arising in a bounded field of interest. We compare our theoretical results with the spatial Poisson approximation that is widely used in modeling coverage. By computing the Kullback-Leibler and total variation distance between the probability density functions derived via our theoretical results, the Poisson approximation, and the simulation, we show that our formulas provide a more accurate representation of the coverage in sensor networks. Finally, we provide examples of calculating network parameters such as the network size and sensing range in order to achieve a desired degree of coverage.

Swing & swap: user-centric approaches towards maximizing location privacy

In wireless networks, the location tracking of devices and vehicles (nodes) based on their identifiable and locatable broadcasts, presents potential threats to the location privacy of their users. While the tracking of nodes can be mitigated to an extent by updating their identifiers to decorrelate their traversed locations, such an approach is still vulnerable to tracking methods that utilize the predictability of node movement to limit the location privacy provided by the identifier updates. On the other hand, since each user may need privacy at different locations and times, a user-centric approach is needed to enable the nodes to independently determine where/when to update their identifiers. However, mitigation of tracking with a user-centric approach is difficult due to the lack of synchronization between updating nodes. This paper addresses the challenges to providing location privacy by identifier updates due to the predictability of node locations and the asynchronous updates, and proposes a user-centric scheme called Swing that increases location privacy by enabling the nodes to loosely synchronize updates when changing their velocity. Further, since each identifier update inherently trades off network service for privacy, the paper also introduces an approach called Swap, which is an extension of Swing, that enables the nodes to exchange their identifiers to potentially maximize the location privacy provided by each update, hence reducing the number of updates needed to meet the desired privacy levels. The performance of the proposed schemes is evaluated under random and restricted pedestrian mobility.

Preventing wormhole attacks on wireless ad hoc networks: a graph theoretic approach

We study the problem of characterizing the wormhole attack, an attack that can be mounted on a wide range of wireless network protocols without compromising any cryptographic quantity or network node. A wormhole, in essence, creates a communication link between an origin and a destination point that could not exist with the use of the regular communication channel. Hence, a wormhole modifies the connectivity matrix of the network, and can be described by a graph abstraction of the ad hoc network. Making use of geometric random graphs induced by the communication range constraint of the nodes, we present the necessary and sufficient conditions for detecting and defending against wormholes. Using our theory, we also present a defense mechanism based on local broadcast keys. We believe our work is the first one to present analytical calculation of the probabilities of detection. We also present simulation results to illustrate our theory.

Mitigation of Control Channel Jamming under Node Capture Attacks

Availability of service in many wireless networks depends on the ability for network users to establish and maintain communication channels using control messages from base stations and other users. An adversary with knowledge of the underlying communication protocol can mount an efficient denial of service attack by jamming the communication channels used to exchange control messages. The use of spread spectrum techniques can deter an external adversary from such control channel jamming attacks. However, malicious colluding insiders or an adversary who captures or compromises system users is not deterred by spread spectrum, as they know the required spreading sequences. For the case of internal adversaries, we propose a framework for control channel access schemes using the random assignment of cryptographic keys to hide the location of control channels. We propose and evaluate metrics to quantify the probabilistic availability of service under control channel jamming by malicious or compromised users and show that the availability of service degrades gracefully as the number of colluding insiders or compromised users increases. We propose an algorithm called GUIDE for the identification of compromised users in the system based on the set of control channels that are jammed. We evaluate the estimation error using the GUIDE algorithm in terms of the false alarm and miss rates in the identification problem. We discuss various design trade-offs between robustness to control channel jamming and resource expenditure.