Intrusion monitoring using networked sensors has a broad range of applications, including border security, surveillance, and monitoring of critical infrastructure such as nuclear power plants. In these hostile environments, the sensor network will itself be an attractive target that well-funded attackers will attempt to undermine. The sensor network has to be protected so that no intruders can evade monitoring, a challenging issue with many aspects not adequately addressed by existing research.
This project investigates novel techniques for location privacy and jamming-resistant tracking to defeat smart and resourceful attackers in intrusion monitoring applications. Location privacy techniques hide the locations of critical infrastructure such as base stations to make it hard for an adversary to locate and attack them. Jamming-resistant tracking allows the system to detect and track intruders in the presence of jamming attacks. However, existing location privacy techniques do not work effectively against resourceful adversaries who can monitor all traffic at a large area, and existing jamming-resistant algorithms do not scale well to large networks. These problems will be addressed in this project.
Through this project, we expect to uncover insights and develop algorithms that will apply to intrusion monitoring systems. By providing a layered, comprehensive defense system, the success of this project will have substantial impacts on both civilian and military operations where security is a major concern. This project will also help develop course materials on sensor network security and privacy. New course materials will enhance the information assurance curricula at UTA and other institutions.
The objective of this project is to develop effective techniques to defeat smart and resourceful attackers in intrusion monitoring applications that use wireless communication, particularly wireless sensor networks. Our research focuses on techniques for location privacy, jamming-resistant tracking, and widespread node compromise detection and prevention. Location privacy techniques hide the locations of critical infrastructure such as base stations to make it hard for an adversary to locate and attack them, e.g. through physical attacks or localized jamming. Jamming-resistant tracking allows the system to detect and track intruders in the presence of jamming attacks. Widespread node compromise detection and prevention techniques enable the system to detect and stop the intruder’s attempt to disrupt the intrusion monitoring applications by gaining control of a large number of sensor nodes. Outcomes addressing intellectual merits 1. Location Privacy: in this project, we formally defined a new adversary model for location privacy in sensor networks, i.e., global eavesdropper, and showed that this adversary is quite reasonable in practice. In addition, we formally defined what is location privacy and provided a lower bound on how much communication cost needed to achieve certain location privacy. We also developed solutions to provide privacy protection for event sources and destinations in sensor networks. In addition, for attackers with limited funds, it will be infeasible to monitor the entire network. As a result, a semi-global eavesdropper would be more realistic. In this project, we demonstrated the vulnerability of phantom routing and related protocols in our new attack model and proposed to use data mules to counter such semi-global attackers. 2. Jamming-resistant tracking: in this project, we have shown that a semi-centralized scheme for jammed area mapping can be fast and efficient, while providing reasonable mapping results. By enhancing our K-means approach for the semi-centralized mapping approach, we have achieved more accurate mapping results, maintaining our mapping speed and efficiency to a large extent. Simulation and experiments on real sensor motes both show that our mapping scheme is efficient and effective. We also developed an efficient and timely jamming detection scheme for large-scale wireless sensor networks. Our detection scheme does not need any special hardware or infrastructure support. In our experiment, we showed that we can efficiently detect jamming attack in less than 0.5 second without any false positive. To the best of our knowledge, we produced the first research result that gives a concrete answer about the detection latency in a network of real sensor platforms. 3. Widespread Node Compromise Detection and Prevention: we developed the first scheme that can effectively detect mobile node replicas in sensor networks. In simulation, we demonstrate that our scheme quickly detects mobile replicas with at most ten samples while sustaining false positive and false negative rates below at most 1.3% and 0.8%. In this project, we also studied the feasibility of fingerprinting sensor nodes using two physical properties, the clock skew and the RSSD (received signal strength distribution). Different from the common belief, we pointed out that clock skew cannot be used for node authentication or detecting attacks in sensor networks. We confirmed this via extensive experiments. We have also found that the RSSD-based fingerprinting is promising for static sensor networks. We demonstrated its reliability and analyzed its unforgibility. Outcomes addressing broader impacts Wireless sensor networks have a wide variety of beneficial uses; they are ideal candidates for various monitoring applications. Through this project, we have developed efficient and effective algorithms to promote the application of wireless sensor networks in intrusion monitoring applications. We believe that this has substantial impact on both civilian and military operations where security is a major concern. This project has also helped develop course materials on network security and privacy, which was part of the effort towarding the DHS and NSA-recognized Center of Academic Excellence in Information Assurance Education (CAE/IAE) at the University of Texas at Arlington (UTA).
