在本論文中,我們首先提出一種名為『節點恢復』(Node Recovery) 之新型式攻擊,並以這個新攻擊為觀點去分析一些現存一對多感測器完整性驗證對策的缺陷。最後,我們提出一項機率式的一對多型式之感測器完整性驗證協定,其不僅可以抵禦前述節點恢復攻擊,並能有效率的進行整體無線感測網路完整性驗證。 ;Wireless Sensor Networks (WSNs) have been increasingly developed in many mission-critical applications, such as military and healthcare monitoring systems. Sensor nodes are usually equipped with limited computational resources and become attractive target for various security risks, one of which is malicious code injection attack. An attacker can alter the internal memory state of a sensor node; the compromised nodes can violate the safety and privacy of the users and send foraged data to a base station. Therefore, a mechanism for verifying the trustworthiness of the sensor nodes is highly desirable.
Many researchers have proposed several methods to check the integrity of the sensor nodes in WSNs. Remote attestation is a common promising protection mechanism used for verifying the integrity of a sensor node′s memory state. The remote attestation is based on challenge-response technique. A verifier can attest the sensor node′s integrity by verifying a cryptographic checksum of the node′s memory state. However, most remote attestation schemes are suitable only for the one-hop communication between the verifier and the prover.
This research first identifies a new attack model, namely node recovery attack, which enables an attacker to recover a compromised sensor node; consequently, the verifier is convinced that the recovered node is not compromised. We analyze various countermeasures applied in two WSN architectures and show that these countermeasures are subject to the node recovery attack. A probabilistic remote attestation scheme is proposed to resist the node recovery attack.