一种基于到达时间差的无线传感器网络中Sybil攻击检测方案.docx

1、一种基于到达时间差的无线传感器网络中Sybil攻击检测方案1Project supported by the Specialized Research Fund for the Doctoral Program of Higher Education (SRFDP, under grant No. 20050248043. TDOA-based Sybil Attack Detection Scheme forWireless Sensor Networks1Wen Mi, Li hui, Zheng Yanfei, Chen KefeiCryptography & Information S

2、ecurity Lab, Shanghai JiaoTong University, Shanghai,China (200240E-mail :AbstractAs wireless sensor network are deployed in fire monitoring, object tracking applications, security emerges as a central requirement. A case that Sybil node illegitimately reports messages to the master node with multipl

3、e non-existent identities (ID, will cause harmful effects on the decision making or resource allocation in these applications. In this paper, we present an efficient and lightweight solution for Sybil attack detection based on the Time Difference of Arrival (TDOA between the source node and beacon n

4、odes. Our solution can not only detect the existence of Sybil attacks but also locate the Sybil nodes. And we demonstrate the efficiency of our solution through experiments. The experiments show that our solution can detect Sybil attack cases with 100% completeness.Keywords: Attack Detection; Sybil

5、Attack; Time Difference of Arrival; Wireless Sensor Networks1. Introductions Wireless sensor network (WSN has recently emerged as an important application resulting from the fusion of wireless communications and embedded computing technologies. It has been wildly applied in all fields, including mon

6、itoring, location, tracking and foresting. However, the nature of wireless sensor network makes them vulnerable to security attacks. Especially, without a trusted centralized authority, the Sybil attack is always possible. The Sybil attack introduced in 1 denotes an attack that the Sybil node tries

7、to forge multiple identifications to broadcast messages in a certain region. Broadcasting messages with multiple identifications can be exceedingly harmful to many important functions of the sensor network, such as voting, fair resource allocation, group based decisions, routing, data aggregation, m

8、isbehavior detection etc. A number of protocols for Sybil attack prevention have been proposed in recent years. But most of them are too costly for the resource-poor sensors. Douceur 1 proposes a resource testing method. It assumes that each physical entity is limited in some resource. The verifier

9、tests whether identitiescorrespond to different physical entities byverifying that each identity has as much of the tested resource as a physical device. It is unsuitable for wireless sensor networks, because the attacker may be using a physical device with several orders of magnitude more resources

10、 than a resource starved sensor node. Karlof 2 commends to use a Needham- Schroeder like protocol to verify each others identity and establish a shared key. Consequently, it can limit the number of neighbors a node allowed to have and send an error message when a node exceeds it. But this method jus

11、t limit the capability of the Sybil attack and it cant locate the Sybil node and remove it. Newsome 3 adopts key validation for random key pre-distribution and registration; however, they consume precious memory space as every node is required to store pair-wise keys with neighbors. Bazzi 7 prevents

12、 Sybil attacks via geometricdistinctness certification, which tests that amongst a group of identities a large enough subset resides on a set of distinct entities. Its too complex and energy consumptive. Demirbas 8 presents a scheme based on the received signal strength indicator (RSSIreadings of me

13、ssages to detect the Sybil attack. This is the one most close to ours.Zhang9 proposes a suite of location-based compromise-tolerant security mechanisms, which based on a new cryptographic concept called pairing. To the best of our knowledge, pairing is energy-consuming and it is not suitable for the

14、 sensor networks. The major contribution of this paper is that, it proposes a Time Difference of Arrival (TDOA based solution for Sybil attack detection and demonstrates its efficiency by experiments. This solution can not only detect the existence of Sybil attacks but also locate the Sybil nodes. I

15、t requires minimal storage and communication overhead for sensors, as they are listened by three beacon nodes in each cluster, which are assumed to know their own locations (e.g., through GPS receivers or manual configuration.It also does not burden the WSN with shared keys or piggy backing of keys

16、to messages. The essential point of the TDOA based solution is associating the TDOA ratio with the senders ID. Once the same TDOA ratio with different ID is received, the receiver knows there is a Sybil attack. To use TDOA ratio instead of TDOA to associate the ID is to avoid the sensors at the circ

17、le centered at one of the beacon nodes being misdiagnosed.This paper is organized as follows. In section 2 we discuss the network model and methodology. In Section 3 we present our Sybil attack detection schemes. In Section 4 we discuss the experiments of our solution, and in section 5 we analyze th

18、e performance of our solution. Finally, in Section 6 we give our conclusion and future work.2. Network model andmethodology2.1 Network modelWe assume a static network, where all nodes are deployed randomly over a 2-dimensional monitored area (it can be easilyexpand to 3- dimensions. If the nodes are

19、 deployed too dense, on one hand, the position of more than one node may be located at the same place. This location error may influence the detection of the Sybil attack. On the other hand, in the large scale network, which deployed outdoor, its expensive to deploy nodes too densely. So, we assume

20、that the density of the sensor network is beyond 10m (10m is the position accuracy of MTS420C, which is the MICA2 GPS Sensor Board of Crossbow.We assume there are time synchronization between the source nodes and the beacon nodes. Three beacon nodes 123, , S S S with known coordinates (1X , 1Y , (2X

21、 , 2Y , and (3X , 3Y respectively, are placed at the boundary of the monitored area (usually a cluster, as shown in Fig1. Let (x, y be the Sybil nodes location, which will be determined by time-based positioning schemes 4, 5. Each node can reach all beacon nodes in the cluster. Note that Sybil node

22、can forge non-existent multiple identities.2.2 Time Difference of Arrival PrincipleThe TDOA of a message can be estimated by Hyperbolic Position Location Solution (HPL 6.Assume that1S is the master beacon node. The distance between the source and the ith beacon node isi R = (1Now, the distance diffe

23、rence betweenFig1Hyperbolic Position Location Redraw5beacon nodes with respect to1S is given as ,1i R =,1i cd = i R 1R (2Where c is the signal propagation speed,1i R is the range distance difference between 1S and (1 i i S , ,1i d is the estimated TDOAbetween 1S and (1 i i S . This defines the set o

24、f nonlinear hyperbolic equations whose solutiongives the 2-D coordinates of the source. From (2 we know that,i R = ,1i R +1R (3Subtracting (1 at i = 1 from (3 results in 2,1i R +12i R R=2i X +2i Y 2,1i X x 2,1i Y y 21X 21Y (4Where ,1i X and ,1i Y are equal to 1i X X and 1i Y Y respectively. And with

25、out loss of generality, we assume the beacon node 1S is located at (0, 0.From (2 we obtain2221R x y =+ (5For a three base station system, Chans method 6 producing two TDOA to render solution for x and y in terms of 1R is in the form (6 as122,12,12,12,121123,13,13,13,1311*2X Y R R K K x R y R X Y R K

26、 K +=+Where,22111K X Y =+, 22222K X Y =+ , 22333K X Y =+,2,12,1, R cd =3,13,1R cd =On the right side of above equation, all the quantities are known quantities except1R . Therefore solution of x and y will be determined by1R . When these values of x and y are substituted into the equation (5, a quad

27、ratic equation in terms of 1R is produced. Once the roots of1R are known, values of x and y can be determined.3. TDOA-based Sybil node detection Here we first present a basic TDOA-based Sybil attack detection protocol in section 3.1, and in section 3.2, we propose an advanced one by considering the

28、environment errors.3.1 Basic AlgorithmWe are going to use the localization algorithm in section2.2 to detect the Sybil attack as follows. Once hearing a message , i x m data D = from source S, the three beacon nodes record its arriving time respectively, for example, 123, , t t t at123, , S S S . Th

29、e master beacon node 1S can compute the Time Difference of Arrival when receive 23t and t from 23S and S and deduce the location of the source using equation (2 and (6.Then1S associates this location with the source-ID included in the message.Later,when another message with a different source-ID is

30、received and the location of the source is computed to be the same as the previous one,the beacon nodes detect a Sybil attack.But, it is costly and very inconvenient to calculate the location of every node at every communication session using equation (6. In fact, we do not need this computation for

31、 Sybil node detection, because it is possible to detect Sybil attack by just recording and comparing the ratio of TDOA for the received messages. Only after the Sybil attack is found can we use equation (6 to locate the Sybil one.Suppose, a Sybil node forge its ID as D1, D2, Dx and so on. Considerin

32、g at session1, a Sybil node broadcasts message 1, 1m data D = with D1. When beacon nodes hear the message from Source node, they transmit their own ID and the arriving time of message 1m as 1(1 , 1, i i i report S D t = to 1S .1S will use1,1111*( /D i i i d t t R R c = (7to denote the TDOA value between (1 i i S and itself. Then, 1S computesthe ratio1112,13,1/D D tr d d = (8and stores it locally.Similarly, at session2, the Source nodebroad