Efficient Detection of Compromised Nodes in Wireless Sensor Networks

Wireless Sensor Networks (WSNs) are networks which often consist of hundreds or thousands of devices called sensor nodes which monitor or identify the occurrence of an event in an environment. Some applications of WSN include environmental monitoring, monitoring traffic patterns, presence of chemical, radiological and biological material.;Due to the widespread use of these networks and the importance of the information they gather, they can be targets of malicious attacks. Adequate security is therefore crucial because once a sensor node has been compromised, incorrect decisions can be made through the use of faulty data supplied by compromised nodes. This causes the integrity of the entire network to degenerate. It is therefore crucial that compromised nodes be identified to limit the damage that they can cause.;Providing security in a WSN poses unique challenges. Existing security techniques used in traditional networks are not suitable because WSNs have unique characteristics which present unique challenges to detecting compromised nodes. These characteristics include the unattended operation of WSNs and resource constraints such as limited memory and processing capability, limited power, and unreliable communication.;In this research we investigated ways to detect compromised nodes faced with the unique constraints inherent in Wireless Sensor Networks. Our ultimate goal was to develop low cost solutions which have high detection rates and which introduce very few false positives. We investigated detection algorithms which used a Simple Majority and a Weighted Majority voting algorithm. We showed that the Weighted Majority voting algorithm could be tuned to emphasize higher detection rates or lower false positives. We investigated what is meant for a sensor node to be trusted and devised a unique trust metric to assign a degree of trust to a node based on its conformance to three existing security standards. We used this to create a concept of a node which could not be compromised (one with a security score of 1), and used this definition to develop detection algorithms which relied on the trustworthiness of these nodes. These algorithms produced high detection rates with little or no false positives.;To assess the security of an entire sensor network, we developed two security metrics, one theoretical and one empirical approach based on the effectiveness of the network's detection algorithms. These two security metrics are widely applicable to other networks and can be enhanced for a specific environment.