ZoneTrust: Fast Zone-Based Node Compromise Detection and Revocation in Wireless Sensor Networks Using Sequential Hypothesis Testing
IEEE Transactions on Dependable and Secure Computing
Due to the unattended nature of wireless sensor networks, an adversary can physically capture and compromise sensor nodes and then mount a variety of attacks with these compromised nodes. To minimize the damage incurred by compromised nodes, the system should detect and revoke them as soon as possible. To meet this need, several researchers have recently proposed a variety of node compromise detection schemes. Reputation-based trust management schemes identify malicious nodes but do not revoke
... but do not revoke them. Software-attestation schemes leverage the software attestation technique to detect the subverted software modules of compromised nodes. However, they require each sensor node to be attested periodically, which would incur substantial overhead. To mitigate the limitations of previous schemes, we propose a zone-based node compromise detection scheme in sensor networks. The main idea of the proposed scheme is to use sequential hypothesis testing to detect suspect regions in which compromised nodes are likely placed. In these suspect regions, nodes perform software attestation, leading to the detection and revocation of the compromised nodes. Through analysis and simulation, we show that the proposed scheme provides effective and robust compromised sensor node detection capability with little overhead.