Efficient and Secure Network Services in Wireless Sensor Networks.

Abstract

Wireless sensor networks (WSNs) have been deployed for environment monitoring and surveillance. A message delivery service is one of the most fundamental services for WSNs, thus making its efficiency and effectiveness important. A widely-adopted protocol for message delivery in WSNs is a geographic forward routing (GFR), in which messages are greedily forwarded to their destinations. In this thesis, we develop network services complementary to the existing GFR for efficient and secure message delivery in WSNs.

We first develop a distributed location service protocol (DLSP) for message delivery to mobile nodes. Since GFR represents destinations of messages with destinations' geographic locations, the knowledge of location of mobile nodes is necessary to ensure correct message delivery. In DLSP, mobile nodes select some sensor nodes as their location servers, and publish the mobiles' location information to the location servers. Sensor nodes contact those location servers to retrieve the current location of mobile nodes when needed. DLSP provides systematic methods for mobile nodes to select location servers and publish their location to those servers, and for sensor nodes to query mobiles' location.

We then design an algorithm called Traverse for hole boundary detection and geographic forward routing with hole avoidance (GFRHA) for efficient message routing. Traverse identifies boundaries of holes, i.e., areas without any functioning sensor node. GFRHA then utilizes the identified hole information to route messages around holes while being forwarded before they encounter holes. This way, the message path lengths, and subsequently the message delay and energy consumption, can be significantly reduced, depending on hole shapes and source and destination locations.

We also develop attack-resilient collaborative message authentication (ARCMA) for message delivery. ARCMA is designed to tolerate node-capture attacks, in which attackers obtain valid keys by compromising physically-exposed sensor nodes, and use the keys to generate forged messages. To defend against such attacks, in ARCMA, messages are collaboratively authenticated by a set of sensor nodes rather than by one node. The security of ARCMA does not degrade unless attackers simultaneously compromise more than a certain number of sensor nodes.