Defense Against Insider Attacks (Sybil Attack) Using Code Testing

Abstract

Wireless Sensor Networks (WSN) due to their distributed nature are vulnerable to various external and insider attacks. Classic cryptographic measures do protect against external attacks to some extent but they fail to defend against insider attacks involving node compromise. A compromised node can be used to launch various attacksof which Sybil Attack is the most prominent. Existing security protocols in WSN fail to provide protection against all the dimensions of Sybil Attack. Code attestation is considered to be the only potent defense against node compromise and related integrity attacks including Sybil Attack launched by change in the code of the end device. Various code attestation protocols do exist but they are either vulnerable to network attacks being challenge-response based or they are in-efficient with respect to performance and security aspects. One Way Memory Attestation Protocol (OMAP) is one of them. OMAP claims 90% detection rate in case 20% of the end device’s memory is modified, but with increased time overhead. A detailed review and analysis of various defenses proposed against Sybil Attack has been carried out. Their strengths and weaknesses have been identified and ultimately a novel One Way Code Attestation Protocol (OWCAP) for wireless sensors networks is proposed, which is an economical and a secure code attestation scheme that protects not only against Sybil Attack but also against majority of the insider attacks involving node compromise.It detects the modified memory of an end device with 100% detection rate when only 0.8 % memory is changed. The performance analysis of the proposed scheme OWCAP is carried out in detail by implementation in Dev C++ and Code Composer.