H. M. CHOI ET AL. 35
tionally, LIny special
2.2. Statistical En-Route Filtering (SEF)
F sche-
2.2.1. Key Assi gnment and Report Generation
t into n
su
ro
2.2.2. En-Route Filtering and BS Verification
h inter-
er of MACs in the reports. If t
re
that the key indices in the attached report
be
the node has a key that matches that of the report,
th
operations 1-3, the node sends it
to
detect false reports en-route, but ev
fa
or Wormhole
Attacks (LITEWORP)
tack alized hardware such as
and outgoing data packet of its neighbor
the guard node revokes
t
of a combined false report
ck in a wireless sensor net-
ay contain some duplication be-
TEWORP can operate without a
devices such as GPS. However, the guard nodes must
monitor all traffic between the two nodes, resulting in
increased processing overheads; as the guard nodes are
not special nodes, such overhead invariably shortens
their lifetime.
In this section, the main characteristics of the SE
me are described. Similar to the general en-route scheme,
the SEF also involves two primary phases.
The BS maintains a global key pool and divides i
partitions. Each partition has m keys, and each key has a
unique key index. Before the nodes are deployed, the
user randomly selects k keys from one partition. The
selected keys and the associated key indices are stored in
the node before being deployed to the sensing field.
When an event occurs in the sensing field, all r-
nodes. When a node sends a data packet to a receiv-
ing node, the guard nodes save the packet information
in a watch buffer. The information includes the
packet’s identification and type, source, destination,
and immediate sender and receiver. The guard nodes
expect that the receiving node will forward the packet
toward the base station unless the receiving node is
itself the base station. Each entry in the watch buffer
has a time threshold; the receiving node must send the
packet onwards before the time threshold expires. A
malicious activity counter is maintained by each
guard node. The malicious activity counter is incre-
mented for each neighbor node malicious event that is
detected by the guard node.
Isolation: When the malicious activity counter of
node A crosses a threshold,
unding nodes detect the event and one of these nodes is
elected as the CoS (Center of Stimulus) node. All detect-
ing nodes generate a message authentication code (MAC)
via one of their keys and send it to the CoS node along
with the key index. The CoS node collects and classifies
MACs based on the key partitions. Then the CoS node
generates a report consisting of the event information, the
MACs chosen from the distinct partitions and the key
indices used to generate the MACs. The number of
MACs included in each report is exactly same for all
reports.
As reports are forwarded via multiple hops, eac
mediate forwarding node is able to verify them via the
following operations:
1) Check the numbhe
node A from its neighbor list, then sends alert mes-
sages to each neighbor node of node A indicating that
node A is a suspected malicious node. When a
neighbor node X of node A receives the alert, it stores
the identity of the guard node in an alert buffer asso-
ciated with A. When the number of alert messages
regarding node A is over the threshold for node X,
node X removes node A from its neighbor list. After
isolation, node X does not receive or send any packet
to a revoked node.
3. Problem Statemen
port has a different number of MACs, the node drops
the report.
2) Check
long to distinct partitions. If the report has more than
one key index from the same partition, the node drops the
report.
3) If
e node generates a MAC with that key. If generated
MAC and the corresponding MAC are different, the node
drops the report.
4) If the report passes
the next hop.
The SEF can en if cause they are not designed to work together. For ex-
ample, for sensor networks using both countermea-
sures, the SEF attaches message authentication codes
(MACs) to reports for detection of false reports, in-
lse reports arrive at the BS, the BS is able to verify
every MAC because it has all the keys. If there are any
mismatches, the BS discards the report.
2.3. Lightweight Countermeasure f
LITEWORP [17] is a countermeasure for wormhole at-
s that does not require speci
GPS. In the LITEWORP scheme, neighboring nodes
common between two nodes are chosen as their guard
nodes, which monitor the incoming and outgoing traffic
of their neighbors. LITEWORP is operated in two phases
as follows:
Wormhole Detection: Guard nodes monitor every
incoming
Figure 3 shows a schematic
injection and wormhole atta
work. Generally, to combat this multiple attack, the net-
work can use two countermeasures to deal separate with
the false report injection attacks (i.e., SEF) and worm-
hole attacks (i.e., LITEWORP). These two countermea-
sures are not designed to work together, so a few prob-
lems occur as follows:
Energy consumption: The two countermeasures, SEF
and LITEWORP, m
Copyright © 2013 SciRes. WSN