Secure Event Reporting Protocol for Sense-Response Applications

Sense-response applications are widely being used for safeguarding critical infrastructure. In such applications, the sensor nodes detect and report events of interest to the base-station which promptly responds with a physical response. A concern that arises immediately is regarding the ability of the sensor nodes to encounter malicious entities that benefit from any form of damage to the critical infrastructure. Due to the lack of physical security and tamper resistant hardware around the sensor nodes, adversaries can easily compromise them, recover their embedded cryptographic material, and subsequently make them pose as authorized nodes in the network. Such compromised nodes can now launch an attack on the network to either suppress the reporting of genuine events or inject false events to the base-station, thereby rendering the entire system useless. We describe a Secure Event Reporting Protocol (SERP) for sense-response applications which ensures the generation and delivery of valid event reports in the presence of internal attacks launched by compromised nodes within the network. SERP exploits the redundancy and the mutual oversight within a group of nodes triggered by an event to generate an event report which is authenticated by a subset of these nodes. The protocol depends upon the presence of pairwise cryptographic keys between two nodes detecting a common event. We also propose a scalable post deployment mechanism for establishing these keys in the network. Our scheme exploits the Physical Attributes of the sensor nodes for Key Establishment and is referred to as PAKE. We have developed a prototype implementation of SERP and PAKE mechanisms for Mica2 motes and conducted several experiments to evaluate the overall system resiliency to attacks by internally compromised nodes. The obtained results show that SERP generates event report securely and efficiently.