Properly locating sensor nodes is an important building block for a large subset of wireless sensor networks (WSN) applications. As a result, the performance of the WSN degrades significantly when misbehaving nodes report false location and distance information in order to fake their actual location. In this paper we propose a general distributed deterministic protocol for accurate identification of faking sensors in a WSN. Our scheme does \emph{not} rely on a subset of \emph{trusted} nodes that are not allowed to misbehave and are known to every node in the network. Thus, any subset of nodes is allowed to try faking its position. As in previous approaches, our protocol is based on distance evaluation techniques developed for WSN. On the positive side, we show that when the received signal strength (RSS) technique is used, our protocol handles at most $\lfloor \frac{n}{2} \rfloor-2$ faking sensors. Also, when the time of flight (ToF) technique is used, our protocol manages at most $\lfloor \frac{n}{2} \rfloor - 3$ misbehaving sensors. On the negative side, we prove that no deterministic protocol can identify faking sensors if their number is $\lceil \frac{n}{2}\rceil -1$. Thus our scheme is almost optimal with respect to the number of faking sensors. We discuss application of our technique in the trusted sensor model. More precisely our results can be used to minimize the number of trusted sensors that are needed to defeat faking ones.
Properly locating sensor nodes is an important building block for a large subset of wireless sensor networks (WSN) applications. For example, environment and habitat monitoring [20], surveillance and tracking for military [10] or civilian purpose, both require the knowledge of the location where a particular event takes place. Location of nodes in a WSN can also be used for location based routing algorithms (such as geographic routing [14]), or location based services.
Most of existing position verification protocols rely on distance evaluation techniques (e.g. [1,9,11,19,21,22]). Received signal strength (RSS) [1] and time of flight (ToF) [9] techniques are relatively easy to implement yet very precise (one or two meters). In the RSS technique, receiving sensor estimates the distance of the sender on the basis of sending and receiving signal strengths. In the ToF technique, sensor estimates distance based on message delay and radio signal propagation time. Position verification using the aforementioned distance estimation techniques is relatively straighforward provided that all sensors cooperate. However, this task becomes challenging in the presence of misbehaving nodes that are allowed to report false position and distance information in order to fake their actual position. In the following such nodes are denoted as faking or cheating nodes.
Such misbehaviors could occur due to several factors: a sensor may malfunction due to improper sensor deployment, partial communication problem due objects in the vicinity, or inaccurate position (coordinates) estimation. We consider that misbehaving sensors are unaware that they are malfunctioning, so locally they properly execute the protocol that is given to all nodes. Nevertheless, they can report incorrect position, change signal strength (when the RSS technique is used), or report incorrect transmission time (when the ToF technique is used).
Most methods [3,4,16,15] existing in the literature that use distance estimation techniques to detect and filter out faking nodes are based on the availability of a few fixed trusted entities (or verifiers), that are equipped with GPS. We refer to this model as the trusted sensor (or TS ) model. In this model, the faking nodes may use attacks not available to regular nodes, such as radio signal jamming or using directional antenas, that permit to implement e.g. wormhole attack [12] and Sybil attack [8]. Lazos and Poovendran [15] present a secure range-independent localization scheme, where each sensor computes its position based on received beacons messages from locators. Sensors compute the center of gravity of beacons’s intersection region, and the computed location becomes the estimated location of the sensor. Probabilistic analysis of the protocol demonstrate that it is resilient to wormhole and Sybil attacks, with high probability. Lazos et al. [16] further refine this scheme with multilateration to reduce the number of required locator, while maintaining probabilistic guarantees. The protocol of Capkun and Hubaux [4] relies on a distance bounding technique proposed by Brands and Chaum [2]. Each sensor v measures its distance to a (potential) faking sensor u based on its message round-trip delay and radio signal propagation time, thus enabling the faking node u only to enlarge the distance to v. Then, if the faking node is located inside the triangle formed by verifiers and its faked position is also located within the triangle, then at least one of the three verifiers detects an inconsistency. Capkun, Cagalj, Srivastava [3] is supported by powerful verifiers, that know their positions and communicate with some wired channels that prevent faking nodes to locate them or to listen their transmissions. Then, each verifier v measures the arrival time t v of the (potential) faking node transmission. Verifiers exchange all such arrival times and check consistency of the declared position. However, the TS model presents several drawback in WSNs: first the network can not self-organize in an entirely distributed manner, and second the trusted nodes have to be checked regularly and manually to actually remain trusted.
Relaxing the assumption of trusted nodes makes the problem more challenging, and to our knowledge, has only been investigated very recently [13]. We call this model where no trusted node preexists the no trusted sensor (or NTS ) model. The approach of [13] is randomized and consists of two phases: distance measurement and filtering. In the distance measurement phase, sensors measure their distances to their neighbors, faking sensors being allowed to corrupt the distance measure technique. In the filtering phase each correct sensor randomly picks up 2 so-called pivot sensors. Next each sensor v uses trilateration with respect to the chosen pivot sensors to compute the location of its neighbor u. If there is a match between the announced location and the computed location, the (u, v) link is added to the networ
This content is AI-processed based on open access ArXiv data.