This research is directed at filling a critical need in building secure sensor networks. Using techniques other than cryptographic, the research develops intrusion detection and response systems (IDRS) that are suited especially for the challenges of a deployed wireless sensor network.
Specific topics being pursued include (i) developing lightweight specification-based IDS detectors that apply to various sensor network protocols, (ii) employing formal reasoning and verification techniques on these detectors to develop a formal framework for proving that, for a given set of assumptions, the IDS will trigger an alarm whenever the policy is violated, regardless of the correctness of the protocol or its implementation, (iii) building a cooperative, distributed, lightweight ID architecture to explore issues in data acquisition, aggregation, correlation and analysis as well as appropriate dissemination of IDS alerts and response directives suitable for this domain, and (iv) employing the NSF-NeTS UCDavis SENSES project software infrastructure that facilitates the task of developing, deploying and managing sensor network applications in order to generate IDS schemas from the above developed security specifications. This will be used to develop common IDS components for building the IDS middleware. The key here is to develop very fine-grained and scalable components that can be synthesized to fit on a wide range of devices.
This research will lead to the development and deployment of new architectures and new IDRS methodologies suitable for the realization of effective and evaluatable security for sensor networks.
