52 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO.

2, SECOND QUARTER 2009

Sensor Network Security: A Survey

Xiangqian Chen, Kia Makki, Kang Yen, and Niki Pissinou

Abstract—Wireless sensor networks (WSNs) use small nodes • Compared with ad hoc nodes, sensor nodes are limited
with constrained capabilities to sense, collect, and disseminate in computation, memory, power resources, and commu-
information in many types of applications. As sensor networks nication speed or bandwidth.
become wide-spread, security issues become a central concern,
especially in mission-critical tasks. In this paper, we identify the • Sensor nodes may not have global identification.
threats and vulnerabilities to WSNs and summarize the defense • Compared with ad hoc nodes, a WSN normal has one
methods based on the networking protocol layer analysis first. base station, which has more computing capabilities and
Then we give a holistic overview of security issues. These issues assumes the controller of the network.
are divided into seven categories: cryptography, key manage- • Compared with ad hoc nodes, sensor nodes are prone
ment, attack detections and preventions, secure routing, secure
location security, secure data fusion, and other security issues. to failures due to harsh deployment environments and
Along the way we analyze the advantages and disadvantages of energy constraints.
current secure schemes in each category. In addition, we also • Compared with ad hoc nodes, sensor nodes are easy to
summarize the techniques and methods used in these categories, be compromised.
and point out the open research issues and directions in each • The topology of a WSN changes very frequently due to
area.
the node failure, joining or mobility.
Index Terms—Sensor networks, Security, Ad hoc networks, • Sensor nodes are densely deployed in most environments.
Survey, key management, Attack detections and preventions, • Compared with ad hoc nodes, the number of nodes in a
Secure routing, Secure location, Secure data aggregation, Node
compromise. WSN can be several orders of magnitude higher than the
nodes in an ad hoc network.

I. I NTRODUCTION

F OLLOWING the recent advances in micro-electro-

mechanical systems (MEMS) [1]-[4] technology, wireless
communications, and digital electronics, it is technically and
Due to such differences and difficulties, security in WSNs
is more complicated, thus introducing more studies to address
economically practical to manufacture a large number of small the security issues. In this paper, we identify the threats and
and low cost sensors. These tiny sensor nodes consist of vulnerabilities to sensor networks and summarize the defense
sensing, data processing, and communicating components. It methods based on the networking protocol layer analysis.
is possible to deploy these sensor nodes inside or close to the Then we explore current proposals in sensor network security
inspected phenomenon, and to organize them as a wireless that have been developed over the period after 2000, and
sensor network (WSN) or sensor network. Sensor networks develop a classification for these studies. Our objective is to
may consist of many different types of sensors, such as provide a deeper understanding of current security approaches
seismic, low sampling rate magnetic, thermal, visual, infrared, in WSNs, and to identify some open research issues that can
acoustic, and radar, which can monitor temperature, humidity, be further pursued. A few existing surveys on security issues
vehicular movement, lighting condition, pressure, soil makeup, in WSNs can be found [7], [8]. However, these articles do not
noise levels, etc. [1]. Because of this, they have a wide discuss secure location issues and other security issues such
range applications. Akyildiz, et al. [5] classify the applications as security-energy assessment, data assurance, survivability,
of sensor networks as military applications, environmental etc., which are also important to secure WSNs. Further, our
applications, health applications, home applications, and other paper includes a large number of recent available literatures
commercial applications. on security in WSNs.
Many sensor networks have mission-critical tasks, such as
above military applications, thus it is clear that security needs
to be taken into account at the time of design. While WSNs The remainder of the proposal is organized as follows:
come from wireless ad hoc networks, important distinctions Background information on WSNs including security goals,
exist between them and these differences greatly affect the challenges, threats and attacks, and evaluation is presented in
system designs including security designs. The differences are Section II. Section III gives a short summation of security
as the following [6]: issues and defense suggestions from the point of view of OSI
model. Then we focus on the security issues and solutions
Manuscript received 12 March 2007; revised 14 April 2008. in seven categories: cryptography, key management, attack
The authors are with the Telecommunication and Information Technology detections and preventions, secure routing, secure location
Institute, Florida International University (e-mail: fuqiang_chen178@hotmail.
com). security, secure data fusion, and other security issues from
Digital Object Identifier 10.1109/SURV.2009.090205. Section 4 to Section 10. Finally, we summarize this paper.
c 2009 IEEE
1553-877X/09/$25.00 

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 53

II. BACKGROUND attack occurred, there is no need for security. Generally, the
A. Security Goals attack probability within sensor networks is larger than that
of any other types of networks, such as wireless LANs, due
When dealing with security in WSNs, we mainly focus on
to their deployment environments and resource limitations
the problem of achieving some of all of the following security
[6]. These attacks can be classified as external attacks and
contributes or services:
internal attacks. In an external attack, the attacker node is not
• Confidentiality: Confidentiality or Secrecy has to do with
an authorized participant of the sensor network [6]. External
making information inaccessible to unauthorized users attacks can further be divided into two categories: passive
[9], [10]. A confidential message is resistant to revealing and active. Passive attacks involve unauthorized ‘listening’
its meaning to an eavesdropper. to the routing packets. This type of attack can be eased by
• Availability: Availability ensures the survivability of net-
adopting different security methods such as encryption. Active
work services to authorized parties when needed despite external attacks disrupt network functionality by introducing
denial-of-service attacks. A denial-of-service attack could some denial-of-service (DoS) attacks, such as jamming, power
be launched at any OSI (Open System Interconnect) layer exhaustion. Authentication and integrity will ease most ac-
[9] of a sensor network. tive external attacks except jamming. The standard defense
• Integrity: Integrity measures ensure that the received data
against jamming involves various forms of spread-spectrum
is not altered in transit by an adversary [9], [10]. or frequency hopping communication. Other defense methods
• Authentication: Authentication enables a node to ensure
against jamming include switching to low duty cycle and
the identity of the peer node with which it is communi- conserving as much power as possible, locating the jamming
cating [9], [10]. area and rerouting traffic, adopting prioritized transmission
• Non-repudiation: Non-repudiation denotes that a node
scheme that minimize collisions, etc. [13].
cannot deny sending a message it has previously sent. Node compromise is the major problem in sensor net-
• Authorization: Authorization ensures that only authorized
works that leads to internal attacks. With node compromise,
nodes can be accessed to network services or resources. an adversary can perform an internal attack. In contrast to
• Freshness: This could mean data freshness and key
disabled nodes, compromised nodes actively seek to disrupt
freshness. Since all sensor networks provide some forms or paralyze the network [6]. Normally, compromised nodes
of time varying measurements, we must ensure each can be obtained by the following methods:
message is fresh. Data freshness implies that each data • Attackers capture sensor nodes and reprogram them. The
is recent, and it ensures that no adversary replayed old advantage of this method is quick and easy. But this
messages. method has some limitations. Firstly, it is not easy to
Moreover, as new sensors are deployed and old sensors capture and reprogram sensor nodes automatically. Most
fail frequently in WSNs, the following forward and backward time, attackers must manually capture nodes and repro-
secrecy are also important to security: gram them. Secondly, in some applications, the deploy-
• Forward secrecy: a sensor should not be allowed to know ment environment makes it difficult or even impossible
future messages after it leaves the network. for attackers to capture sensor nodes, e.g. some military
• Backward secrecy: a newly joining sensor should not be applications. Thirdly, WSNs can locate the compromised
able to know any previously transmitted message. nodes by monitor node activity, location, etc. [14].
• Attackers can deploy nodes with larger computing re-
B. Security Challenges sources such as laptops to attack sensor nodes. For
We summarize security challenges in sensor networks from example, laptop attackers’ nodes can communicate sensor
[6], [11], [12] as follows: nodes, breach their security mechanisms, insert malicious
codes and make them as compromised nodes without
• Minimizing resource consumption and maximizing secu-
physically touching them or moving their positions.
rity performance.
These laptop nodes compromising activities can execute
• Sensor network deployment renders more link attacks
at all time, and these compromise activities are hard to
ranging from passive eavesdropping to active interfering.
be detected, and can be implemented automatically. The
• In-network processing involves intermediate nodes in
disadvantage is that attackers need some time to breach
end-to-end information transfer.
security mechanisms of sensor nodes.
• Wireless communication characteristics render traditional
• Attackers can deploy big nodes as compromised nodes.
wired-based security schemes unsuitable.
Attackers can deploy big nodes such as laptop nodes
• Large scale and node mobility make the affair more
as compromised nodes to replace current sensor nodes
complex.
when they get the secret information by attacking normal
• Node adding and failure make the network topology
nodes. Similar to the above case, it is hard for detecting
dynamic.
mechanisms to detect such compromised nodes. The
disadvantages of this method are: attacking time is a little
C. Threats and Attacks longer compared with the first introduced method; the
Security issues mainly come from attacks. Base stations cost is expensive when using one laptop as one node.
in WSNs are usually regarded as trustworthy. Most research Someone may say that attacker can use one laptop to
studies focus on security issues among sensor nodes. If no forge several nodes. This type of attack is Sybil attack

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
54 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

[15]. System can easily locate them by using Location Sensor Layer model
Verification, Identity Verification [15].
Compared with external attacks, internal attacks are hard
to be detected and prevented, thus raising more security Application Layer
challenges. Compromised nodes can do the following attacks:
• Compromised node can steal secrets from the encrypted Middle Ware
data which passed it;
• Compromised node can report wrong information to the Transport Layer
network;
• Compromised node can report other normal nodes as Network Layer
compromised nodes;
• Compromised node can breach routing by introducing Data Link Layer
many routing attacks, such as selective forwarding, black
hole, modified the routing data, etc., while systems are Physical Layer
hard to notice these activities, and normal encryption
methods have no effect to prevent them because they own
the secret information such as keys; Fig. 1. Layered networking model of sensor network.
• Compromised nodes may exhibit arbitrary behavior and
may collude with other compromised nodes.
typical layered networking model of a sensor network. Each
D. Evaluation layer is susceptible to different attacks. Even some attacks can
crosscut multiple layers or exploit interactions between them.
Besides implementing the security goal discussed above,
In this section, we mainly discuss attacks and defenses on the
the following metrics are also important to evaluate whether
transport layer and the below layers.
a security scheme is appropriate for WSNs [7], [8].
• Resiliency: Resilience is the ability of the network to
provide and maintain an acceptable level of security A. Physical Layer
service in case some nodes are compromised. The physical layer is responsible for frequency selection,
• Resistance: Resistance is the ability to prevent the ad- carrier frequency generation, signal detection and modulation
versary from gaining full control of the network by [5]. Jamming and tampering are the major types of physical at-
node replication attack [16] in case some nodes are tacks. The standard defense against jamming involves various
compromised. forms of spread-spectrum or frequency hopping communica-
• Scalability, self-organization and flexibility: In contrast to tion. Given that these abilities require greater design complex-
general ad hoc networks that do not put scalability in the ity and more power, low-cost and low-power sensor devices
first priority, designing sensor network must consider its will likely be limited to single-frequency use [13]. Other
scalability because of its large quantity of sensor nodes. defense methods against jamming include switching to low
Due to its deployment condition and changeable mission duty cycle and conserving as much power as possible, locating
goals, self-organization and flexibility (such as sensor the jamming area and rerouting traffic, adopting prioritized
networks fusing, nodes leaving and joining, etc.) are also transmission schemes that minimize collisions, etc. Capturing
important factors when designing secure sensor network. and tampering is one of methods that produce compromised
• Robustness: A security scheme is robust if it continues nodes. An attacker can also tamper with nodes physically,
to operate despite abnormalities, such as attacks, failed interrogate and compromise them. Tamper protection falls into
nodes, etc. two categories: passive and active [11]. Passive mechanisms
• Energy efficiency: A security scheme must be energy include those that do not require energy and include technolo-
efficient so as to maximize network lifetime. gies that protect a circuit from being detected (e.g., protective
• Assurance: It is an ability to disseminate different infor- coatings, tamper seals). Active tamper protections involve the
mation at different assurance levels to the end-user [17]. special hardware circuits within the sensor node to prevent
A security scheme had better allow a sensor network to sensitive data from being exposed. Active mechanisms will
deliver different level information with regard to different not be typically found in sensor nodes since these mechanisms
desired reliability, latency, etc. with different cost. add more cost for extra circuitry and consume more energy.
Instead, passive techniques are more indicative of sensor node
III. ATTACKS AND D EFENSE S UGGESTIONS IN OSI technology.
M ODEL
Here we give a short summation of security issues and B. Data Link Layer
defense suggestions from the point of view of Open System The data link layer or media access control (MAC) is
Interconnect (OSI) model. Using layered network architecture responsible for the multiplexing of data streams, data frame
can help to analyze security issues, and improve robustness by detection, medium access and error control [5]. It provides
circumscribing layer interactions and interfaces. Fig. 1 is the reliable point-to-point and point-to-multipoint connections

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 55

in a communication network, and channel assignment for Cryptography schemes

neighbor-to-neighbor communication is a main task for this
layer. Collision, exhaustion, and unfairness are major attacks
in this layer. Error-correcting code can ease collision attack,
however, the result is limited because malicious nodes can Cryptography evaluation Cryptography architectures
[19-24] [25-30]
still corrupt more data than the network can correct. Also,
the collision-detection mechanism cannot completely defend
against that attack because proper transmission still need coop- Fig. 2. Taxonomy of cryptography schemes.
eration among nodes and subverted nodes could intentionally
and repeatedly deny access to the channel, expending much
D. Transport Layer
less energy than in fulltime jamming [13]. TDMA is another
method in preventing collisions. But it requires more control The transport layer protocols provide reliability and session
resources and is still susceptible to collisions. Adversaries can control for sensor node applications [5]. This layer is espe-
let sensor nodes execute a large number of tasks to deplete the cially needed when the system plans to be accessed through
battery of these nodes. This exhaustion attack will compromise Internet or other external networks. Though it is considered to
the system availability even if the adversary expends few have few security issues in this layer, there are still some types
efforts. Random back–offs only decrease the probability of of attacks, such as flooding and desynchronization that can
an inadvertent collision, thus they would be ineffective at threaten the security. Though limiting the number of connec-
preventing this attack. Time-division multiplexing gives each tions can prevents flooding, it also prevents legitimate clients
node a slot for transmission without requiring arbitration from connecting to the victim as queues and tables filled with
for each frame. This approach could solve the indefinite abandoned connections. Protocols that are connectionless, and
postponement problem in a back–off algorithm, but it is still therefore stateless, can naturally resist this type of attack
susceptible to collisions. A promising solution is rate limiting somewhat, but they may not provide adequate transport-level
in MAC admission control, but it still needs additional work services for the network. Solving client puzzles can partially
[13]. In a non-priority MAC mechanism, adversaries can adopt ease this type of attack [13]. Desynchronization can disrupt
maximizing their own transmission time in order to let the an existing connection between two endpoints. In this attack,
other good nodes not have any time to transmit packets. the adversary repeatedly forges messages carrying sequence
This will cause unfairness, a weaker form of DoS. Though numbers or control flags, which cause the endpoints to request
this threat may not entirely prevent legitimate access to the retransmission of missed frames to one or both endpoints. One
channel, it could degrade normal service. Though using small counter to this attack is to authenticate all packets exchanged,
frames can ease some extents of such attacks, it increases including all control fields in the transport protocol header.
framing overhead when the network typically transmits long The endpoints could detect and ignore the malicious packets,
messages. Further, an adversary can easily defeat this defense supposing that the adversary cannot forge the authentication
by cheating when vying for access, such as by responding message [13].
quickly while others delay randomly [13].
IV. C RYPTOGRAPHY
A. State-of-the-Art
C. Network Layer
Cryptography is the basic encryption method used in im-
Sensor nodes are scattered in a field either close to or plementing security. Symmetric key cryptography uses the
inside the phenomenon [5]. Special multihop wireless routing same key for encryption and decryption. Another type of
protocols between the sensor nodes and the sink node are encryption method, asymmetric or public key cryptography
needed to deliver data throughout the network. Karlof and uses different keys to encrypt and decrypt. On one hand,
Wagne [18] summarize the attacks of the network layer as asymmetric key cryptography (e.g., the RSA signature algo-
follows: Spoofed, altered, or replayed routing information; rithm) requires more computation resources than symmetric
Selective forwarding; Sinkhole attacks; Sybil attacks; Worm- key cryptography (e.g., the AES block cipher) does, on the
holes; HELLO flood attacks; and acknowledgement spoofing. other hand, symmetric key cryptography is difficult for key
• Countermeasure summary in Network layer deployment and management. Cryptographic methods used
Encryption and authentication, multipath routing, identity in WSNs should meet the constraints of sensor nodes and
verification, bidirectional link verification, and authentication be evaluated before choosing. In this section, we focus on
broadcast can protect sensor network routing protocols against cryptography evaluations and cryptography architectures. Fig.
external attacks, bogus routing information, Sybil attacks, 3 shows the taxonomy of cryptography.
HELLO floods, and acknowledgement spoofing. Sinkhole at- 1) Cryptography Evaluations: To evaluate the computa-
tacks, and wormholes pose significant challenges to secure tional overhead of cryptographic algorithms, Ganesan, et al.
routing protocol design, especially integrating node compro- in [19] chose RC4, IDEA, RC5, MD5 and SHA1 as the
mise. It is unlikely to find effective countermeasures against popular symmetric encryption and hashing function schemes.
these attacks that can be applied after deployment. It is They did a series performance evaluation experiments for
crucial to design routing protocols in which these attacks are these choosing algorithms based on different hardware plat-
meaningless or ineffective. Geographic routing protocols are forms including Atmega 103, Atmega 128, M16C/10, SA-
one class of protocols that holds promise [18]. 1110, PXA250 and UltraSparc2. Experimental measurements

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
56 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

Key management protocols key agreement to provide authentication and the initial key
exchange, the establishment of sending clusters to extend
pairwise communication to broadcast inside the communica-
Key Hybrid One way Key Key management
pre-distribution cryptography hash infection in hierarchy
tion range, and encrypted and authenticated communication of
schemes schemes schemes schemes networks sensor data. Some approaches such as Yuksel, et al. in [30]
propose variations of universal hash function to adapt to sensor
Probability Determinate [49] [50-54] [55, 56] [57-64], network environment.
schemes schemes LKHW [65]

B. Summary
[16, 33-43] PIKE [44],
LEAP [45], Cryptography selection is fundamental to providing security
mGKE [46], [47,
48] services in WSNs. Many researchers consider that public key
cryptography schemes are not suitable for WSNs due to the
Fig. 3. Taxonomy of key management protocols. resource limitation of sensor nodes. Although some recent
research results show that it is feasible to apply public key
cryptography to WSNs by choosing appropriate algorithms,
parameters, etc., private key operations in asymmetric cryptog-
indicate uniform cryptographic cost for each encryption class
raphy schemes are still too expensive in terms of computation
and each architecture class and negligible impact of caches.
and energy cost for sensor nodes, and still need further
RC4 is shown to outperform RC5 for the Motes Atmega
studies. Symmetric key cryptography is superior to public key
platform contrary to the choice of RC5 for the Motes project
cryptography in terms of speed and low energy cost. However,
[20], a choice driven in large by memory constraints. From
the key management is not an easy task for symmetric key
the findings and the experimental data, they derived a model
cryptography. Efficient and flexible key management schemes
that allows the interpolation of performance for other architec-
need to be designed.
tures. Their model assesses the impact of arbitrary embedded
architectures as a multi-variant function for each encryption
V. K EY M ANAGEMENT
scheme depending on processor frequency, word width, ISA
type and specific ISA support. A. State-of-the-Art
Law, et al. [21], [22] propose their own systematic frame- Considering security, key management is very important
work that considers both the security properties and the and complex especially in symmetric cryptography structure.
efficiencies of storage and energy in order to evaluate and Sensor network dynamic structure, easy node compromise
assess these candidates. They compare several ciphers such as and self organization property increase the difficulty of key
RC5, RC6, Rijndael, MISTY1, KASUMI, and Camellia and management and bring a broad research issues in this area.
conclude that Rijndael is the suitable cipher when consider- Due to the importance and difficulty of key management
ing security and energy efficiency for sensor networks, and in WSNs, there are a large number of approaches focused on
MISTY1 is a good selection when considering storage and this area. Based on the main technique that these proposals
energy efficiency. used or the special structure of WSNs, we classify the current
Several public key system costs are compared by Malan in proposals as key pre-distribution schemes, hybrid cryptogra-
[23] in terms of transmission time, round trip time, compu- phy schemes, one way hash schemes, key infection schemes,
tation overhead, memory overhead, etc. The research shows: and key management in hierarchy networks, though some
SKIPJACK is reasonable; Diffie-Hellman (DLP) is respectable schemes combine several techniques. An existing survey on
and still has room for optimization though the key sizes are key management in WSNs can be found in [32]. However, the
unappealing; the key size of Elliptic Curve Diffie-Hellman article does not discuss Key infection schemes. Fig. 4 shows
(ECDLP) is appealing and has potential though it still need the taxonomy of key management.
some works to optimize. The research work of Gaubatz, et al. 1) Key Pre-Distribution Schemes: In the key pre-
in [24] shows PKC is acceptable in sensor networks. distribution schemes, sensor nodes store some initial keys
2) Cryptography Architectures: Some researchers imple- before they are deployed. After deployed, the sensor nodes
ment cryptography with software in normal sensor networks’ can use the initial keys to setup secure communication. This
hardware. For example, Malan, et al. [25] propose the first method can ease key management especially for sensor nodes
known implementation of elliptic curve cryptography for sen- that have limited resource. Thus many approaches adopt key
sor networks based on the 8-bit, 7.3828-MHz MICA2 [31] pre-distribution method. In addition, in these approaches, the
mote. Others implement cryptography with specific cryptog- communications between the base station and sensors are
raphy design in hardware such as [26]. Some approaches are smaller compared with centralized approaches, thus the base
based on symmetric cryptography, while others use asym- station is not a bottleneck problem. So, we not only call
metric cryptography or both. Most asymmetric cryptography it key pre-distribution management, but also distributed key
architectures [27, 28] balance the overheads between sensors management. A naive solution is to let all the nodes to
and base stations. Some approaches adopt both asymmetric carry a master secret key. Any pair of nodes can use this
and symmetric cryptography to ease the overheads. For ex- global master secret key to initiate key management. The
ample, a security architecture proposed by Schmidt, et al. advantage of this scheme is that it only needs store one
in [29] includes three different interacting phases: a pairwise master key in a node before its deployment. However, if one

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 57

Attack detections and preventions pose a q-composite random key pre-distribution scheme [16].
Different from Eschenauer-Gligor scheme that only needs 1
common key, their scheme requires q common keys (q ≥ 1)
Attack detecting mechanisms Node compromise detecting mechanisms to establish secure communications between a pair of nodes.
And they show that when q is increased, the network resilience
Normal Attack/failed DoS and Code testing Location against node compromise is improved, i.e., attackers need
external node detection countermeasures schemes [88-91] verification [14]
attack compromise more nodes to achieve a high probability of
defenses
[15, 70-73] compromised communication. Of course, when q is increased,
Centralized Neighbors’ Watchdog Virtual
approaches cooperative and currency
the sensor nodes should store more pre-distribution keys in
[74, 75] [76-81] Reputation
Rating
[85-87] order to obtain an applicable probability of key-shared within
[77, 82-84] neighbors. Du, et al. [34] propose a key predistribution scheme
with a definite node compromise threshold λ, which improves
the resilience of the network. This scheme exhibits a nice
Fig. 4. Taxonomy of attack detections and preventions.
threshold property: when the number of compromised nodes is
less than the threshold λ, the probability that any nodes other
than these compromised nodes are affected is near to zero.
node is compromised, the security of the whole network will This desirable property makes it necessary for the adversary
be compromised. Some existing studies suggest storing the to attack a significant proportion of the network in order to
master key in tamper-resistant hardware to make the system breach the network when the security designers elaborately
more secure, but it is impractical to implement such equipment select the λ. Liu and Ning [35] develop a similar method.
in sensor nodes. Furthermore, tamper-resistant hardware might The key difference between [34] and [35] is that the scheme in
also be conquered [66]. Another normal key pre-distribution [35] is based on a set of bivariate t-degree polynomials while
scheme is to let each sensor store N -1 secret pairwise keys, scheme in [34] is based on Blom’s method [67]. Different from
each pairwise key is only known to this sensor and one of scheme in [35] using bivariate polynomials, scheme in [36]
the other N -1 sensors (assuming N is the total number of uses multivariate polynomials and it also provide threshold
sensors). Though compromising one node does not affect the feature.
security of the other nodes, this scheme is impractical for Based on the combination of probabilistic key sharing and
current generation sensor with an extremely limited amount threshold secret sharing schemes, Zhu, et al. [37] present an
of memory because N could be large. Moreover, it is difficult approach for establishing a pairwise key that is exclusively
for new nodes to join in a pre-existing sensor network because known to a pair of nodes with overwhelming probability. They
the currently deployed nodes do not have pairwise keys with implement a secure pairwise key between any pair of nodes
new added sensors. by splitting the key into multiple shares and transmitting these
In some key pre-distribution schemes, the existence of a shares into different paths and cooperating them to reconstruct
shared key between a particular pair of nodes is not certain it. Another type of probabilistic model to establish pair-wise
but is instead guaranteed only probabilistically; while other key scheme proposed by Pietro, et al. in [38] use pseudo-
approaches guarantee that any two nodes can be able to random, seed-based technique. Their Direct Protocol and Co-
establish a key. Thus, we classify key pre-distribution schemes operative Protocol establish a secure pair-wise communication
as probability schemes and determinate schemes. channel between any pair of sensors in the sensor network by
assigning a small set of random keys to each sensor as key
• Probability schemes seeds, executing key discovery, and setup procedure.
We classify some proposals of key management as proba- Besides using the probabilistic theory, some approaches
bility schemes when the existence of one or more common [39]-[43] exploit deployment knowledge or location informa-
predistribution keys between intermediate nodes is not certain tion to ease key management. For example, Du, et al. [40]
but is instead guaranteed only probabilistically. The basic idea improve the security performance of the random key pre-
of these schemes is to randomly preload each sensor with a distribution scheme by exploiting deployment knowledge and
subset of keys from a global key pool before deployment. avoiding unnecessary key assignments. Their scheme is based
Thus, we also call them random key predistribution (RKP) on the following: dividing the key pool into small key pools
schemes. corresponding sensor groups; dividing the deployment area
The basic probabilistic key pre-deployment scheme is in- into grids; and a special key-setup making the nearby key
troduced by Eschenauer and Gligor in [33]. Their scheme pools share more keys. Instead of randomly distributing keys
consists of three phases: key pre-distribution, shared-key dis- from a large key pool to each sensor, Huang, et al. [41]
covery, and path-key establishment. The main contribution of propose a structured key-pool random key predistribution (SK-
this paper is that: randomly drawing a small number of keys RKP) scheme to systematically distribute secret keys to each
from a large key pool and storing in each sensor node can sensor from a structured key pool. Their key predistribution
obtain a considerably large probability that two neighbor nodes scheme includes two steps: key predistribution within a given
will have a shared key. zone and key predistribution for two adjacent zones. After the
Based on the Eschenauer-Gligor scheme, some researchers deployment of sensors, each sensor first sets up pairwise keys
provide key pre-distribution schemes that improve the network with all neighbors within its zone; then it sets up a pairwise
resilience to prevent node compromise. Chan, et al. pro- key with its neighbors located in adjacent zones.

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
58 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

• Determinate schemes 2) Hybrid Cryptography Schemes: Though most frame-

work use one type of cryptograph, there still exist some
Contrary to probability schemes, some of approaches guar-
schemes that use both asymmetric-key and symmetric-key
antee that any two intermediate nodes can share one or more
cryptographs. For example, a hybrid scheme proposed by
predistribution keys. We call this type of schemes as deter-
Huang, et al. in [49] balances public key cryptography
minate schemes, e.g. [44]-[46]. In some of theses schemes,
computations in the base station side and symmetric key
they suppose that there is an interval secure time (during this
cryptography computation in sensors side in order to obtain
interval, small number of shared keys is secure enough for
adorable system performance and facilitate key management.
bootstrapping process) after sensor deployment, and systems
On one hand, they reduce the computation intensive elliptic
can utilize this interval time to establish security and transmit
curve scalar multiplication of a random point at the sensor
keys between neighbor nodes. Dutertre, et al. [68] also use the
side, and use symmetric key cryptographic operations instead.
same idea in order to improve key management efficiency by
On the other hand, it authenticates the two identities based on
introducing small set of shared keys in initial trust.
elliptic curve implicit certificates, solving the key distribution
In [44], Chan and Perrig describe Peer Intermediaries and storage problems, which are typical bottlenecks in pure
for Key Establishment (PIKE), a class of key-establishment symmetric-key based protocols.
protocols that use one or more sensor nodes as a trusted 3) One Way Hash Schemes: To ease key management,
intermediary to perform key establishment between neighbors. many approaches use the one-way key method that comes
Unlike random key-establishment protocols, the key establish- from one-way hash function technique. For example, Zachary
ment of PIKE is not probabilistic, and any two nodes are [50] propose a group security mechanism based on one-way
guaranteed to be able to establish a key. The communication accumulators that utilizes a pre-deployment process, quasi-
and √memory overheads of PIKE protocols scale sub-linearly commutative property of one-way accumulators and broadcast
(O( n)) with the number of nodes in the network. Though communication to maintain the secrecy of the group member-
PIKE in [44] increases the security performance and solves ship. Another group security mechanism proposed by Dutta,
the high density requirements in random key predistribution et al. in [51] also use one-way function to ease group node
schemes (RKP) and some structure random key predistribution joining or revocation. Their scheme has self-healing feature,
schemes (SRKP), e.g. [34], [35], [42], the deployment of a good property that makes the qualified users recover lost
PIKE requires more complex work than random deployment session keys over a lossy mobile network on their own from
schemes. the broadcast packets and some private information, without
Another example of deterministic security scheme, LEAP requesting additional transmission from the group manager.
(Localized Encryption and Authentication Protocol) [45] does The one-way hash function can also adapt to conduct
not expose the pairwise keys between other nodes when the public key authentication. For example, Du, et al. [52] use all
network is compromised by a fraction of sensor nodes. To ease sensors’ public keys to construct a forest of Merkle trees of
the overhead of key management, LEAP supports four types of different heights, and by optimally selecting the height of each
keys for each sensor node which is appropriate for all types of tree, they can minimize the computation and communication
communication in sensor networks – an individual key shared costs. To ease the joining and revocation issues of mem-
with the base station, a pairwise key shared with another bership in broadcast or group encryption, many approaches
sensor node, a cluster key shared with multiple neighboring use predistribution and/or a local collaboration technique. For
nodes, and a group key that is shared by all the nodes in example, RBE (Randomized Broadcast Encryption scheme),
the network. LEAP also supposes the interval secure time for proposed by Huang and Du in [53], uses a node-based key pre-
bootstrapping process. distribution technique. Besides predistribution future group
Sensor deployments may be static, but researchers have keys, the group rekeying scheme of Zhang and Cao [54] also
recently been making a case for mobile collector nodes to adopts the neighbors’ collaboration.
enhance data acquisition. Zhou, et al. in [46] analyze the 4) Key Infection Schemes: Contrary to most of key man-
impact of mobile collector compromises on the reliability agement using pre-loaded initial keys, Anderson, et al. [55]
of data received by the base station, and the circumstances propose a key infection mechanism. In a key infection scheme,
under which reliability can be guaranteed first. Then they different from key pre-distribution schemes, no predistribution
present mGKE (a Group-based Key Establishment scheme for key is stored in sensor nodes. This type of schemes establishes
mobile sensor networks), which allows any pair of neighboring secure link keys by broadcasting plaintext information first.
sensors to establish a unique pairwise key, regardless of sensor This type of schemes is not secure essentially. However,
density or distribution. Anderson, et al. show that their key infection scheme [55]
Lee and Stinson in [47] present two combinatorial design is still secure enough for non- critical commodity sensor
theory based deterministic schemes: the ID-based one-way networks after identifying a more realistic attacker model that
function scheme (IOS) and the deterministic multiple space is applicable to these sensor networks. Their protocol is based
Blom’s scheme (DMBS). They further discuss the use of on the assumption that the number of adversary devices in
combinatorial set systems in the design of deterministic key the network at the time of key establishment is very small (in
predistribution schemes for WSNs in [48]. They analyze the their results, less than 3% of the devices are adversaries).
combinatorial properties of the set systems that relate to the Similar to scheme in [55], Miller and Vaidya in [56] propose
connectivity and resilience of the resulting distributed sensor a predistribution scheme that allows neighboring sensors to
networks. establish secure link keys from plaintext keys that are broad-

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 59

cast by sensors in their neighborhood. Their scheme has better • Master keys usage: It may consume less computing re-
security performance than [55] by utilizing a special property sources and still provide enough security to store a small
of hardware - multiple channels available on some sensor number of key-seeds in sensor nodes before deployment
hardware, and spatial diversity of device locations. and establish security based on these seeds in short time.
5) Key Management in Hierarchy Networks: Though many • Combing location and deployment information: Integrat-
key management approaches are based on a normal flat ing location information or deployment knowledge in
structure, there are still some approaches [57]-[65] that utilize key management schemes will ease security design and
a hierarchical structure in order to ease the difficulties by provide better security performance;
balancing the traffic among a command node (base station), • Combing node identity: Integrating node identity in the
gateways, and sensors. These are the three parts of networks process of key producing will make a system more
that have different resources. secure;
In this type of key management, some use the physical hier- • Usage of various types keys: Using different types of
archical structure of networks such as [57]-[63], while others keys for different types of communication may ease the
[64], [65] implement their hierarchy key management logically overhead of key management and make system more
in physical flat structure sensor networks, which only include secure;
a base station and sensors. For example, LKHW (Logical Key • Usage of one-way hash schemes: Using variations of one-
Hierarchy for Wireless sensor networks), proposed by Pietro, way hash functions sometimes can ease key management
et al. in [65], integrates directed diffusion and LKH (Logical design, especially for group node joining or revocation;
Key Hierarchy) where keys are logically distributed in a tree • Distributed structure or centralized structure: A dis-
rooted at the key distribution center (KDC). A key distribution tributed mechanism has better resilience than a central-
center maintains a key tree that will be used for group key ized mechanism in large scale networks;
updates and distribution, and every sensor only stores its keys • Usage of special structure: Considering network struc-
on its key path, i.e. the path from the leaf node up to the root. ture may help designing key management, especially in
In order to efficiently achieve confidential and authentication, hierarchy sensor networks;
they apply LKHW: directed diffusion sources are treated as • Importance of re-keying: Re-keying is very important in
multicast group members, whereas the sink is treated as the defending against cryptography attacks and an adaptive
KDC. re-keying mechanism may be a good choice in defending
against cryptography attacks;
B. Summary • Using suitable schemes: Different schemes may have
Key management is the linchpin of cryptograph mechanism. different advantages and shortcomings. For example,
Most proposals use a key-predistribution technique to easy the threshold schemes have some advantages than other
key management. Some protocols use the probabilistic theory schemes when the number of compromised nodes is
to calculate the probability that neighbor nodes have shared less than the threshold. However, when the number of
keys, and others have the deterministic property so that there compromised nodes is larger than the threshold, the
exists one or more shared keys between a node and its neigh- security performance of this type of scheme will decrease
bors. Some protocols unite node identity in key management. largely than other schemes. Security designers should
Classifying different types of keys can ease key management. carefully analyze the application environment and adopt
Integrating the localization of sensors and key predistribu- suitable schemes for the application.
tion can provide good security performance and minimize
Though there is a lot of research focused on key manage-
the effect of node compromise. Some protocols provide a
ment, and most of them provide some extent of prevention
threshold property while others provide gradual resilience for
from node compromise, the design of key management pro-
node compromise. Considering network structure may help
tocols is still largely open to research. Open research issues
designing key management, especially in hierarchy sensor
include following:
networks. To decrease the number of predistribution keys
stored in sensor nodes, some approaches assume that there is • Most key management schemes discussed in literature
an interval secure time after deployment. During this interval so far are suitable for static WSNs. Following technique
time, predistributing a small number of keys in sensor nodes advance, key management and security mechanisms for
is secure enough. To ease the difficulty of key management, mobile WSNs should be considered and become a focus
some approaches utilize deployment knowledge, special struc- of attention.
ture of cluster sensor networks, key classifications, one-way • Most current approaches assume that the base station is
hash functions, etc. Some security mechanisms only use one of trustworthy. However, there may be situations (e.g. in
cryptographs while others use both public-key and symmetric- the battle field) where the base station is not secure as
key cryptographs. After reviewing current researches, we give assumed. New schemes need to be designed to secure the
our recommendations of key management as follows: base station.
• Cryptograph choosing: Symmetric cryptography is the • Though many key management approaches consider de-
first selection; fending against node compromise, the efficiency and se-
• Key-predistribution usage: Most symmetric schemes use curity performance is not high when their mechanisms are
key-predistribution to ease the difficulty of key manage- deployed in some special application environment (e.g.
ment; in the battle field). In their mechanisms, they imply the

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
60
Secure Multi-path
Routing routing
Protocols for [100-103]
Ad Hoc
Networks
[94-99]
Fig. 5. Taxonomy of secure routing.
probability of node compromise to be the same for every
node. However, when their security systems are deployed
in a different environment from their supposition, the
security performance will decrease largely. For example,
in battlefield surveillance, the probability of nodes of
being compromised in an enemy controlled area is larger
than in our controlled areas. Under such environment, the
security performance will decrease because: the system
has the same capability to defend against node compro-
mise in all areas, while adversaries attack the system with
different strengths in each area; thus making the system
unable to provide enough security in some areas, while
it provides more security than needed in other areas [69].
Thus, the study of node compromise distribution and
integrating it in key management is a promising research
area.
VI. ATTACK D ETECTIONS AND P REVENTIONS
A. State-of-the-Art
Security issues mainly come from attacks. If no attack oc-
curred, there is no need for security. Detecting and defending
against attacks are important tasks of security mechanisms.
Attacks in WSNs are classified as external attacks and internal
attacks. Compared with external attacks, internal attacks are
hard to be detected and prevented. Thus, besides introducing
some normal attack detecting mechanisms, we also describe
some special node compromise detecting methods. Fig. 5
shows the taxonomy.
1) Attack Detecting and Prevention Mechanisms:
• Normal external attack defenses
Currently, there are some approaches that are focus on
external attacks, described as the following:
• Sybil attack: Newsome, et al. in [15] establish taxonomy
of the Sybil attacks (A Sybil attack occurs when a
single node illegally claims multiple identities to other
nodes in the network) by distinguishing different attack
types and proposing several methods to identify these
attacks, including radio resource testing, key validation
for random key predistribution, position verification, and
registration.
• Wormhole attack: In a wormhole attack, an adversary
tunnels messages received in one part of the network
over a low-latency link and replays them in a different
part to make a fake that these two parts are very close.
Normally, wormhole attacks need two distant colluding
malicious nodes to communicate directly through relay-
ing packets along an out-of-bound channel available only
Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009
Secure routing protocols to the attackers. Hu, et al. [70] present a mechanism,
packet leashes, for detecting and thus defending against
wormhole attacks, and a specific efficient authentication
Reputation Secure routing Broadcast Secure routing
based schemes for cluster or authentication defense against
protocol, TIK(TESLA with Instant Key disclosure), that
[77, 104-107] hierarchical [20, 45, 109] attacks [110- implements leashes. A leash is any information that
sensor 112]
networks [108] is added to a packet and is designed to restrict the
packet’s maximum allowed transmission distance. They
distinguish between a geographical leash, which ensures
that the recipient of the packet is within a certain distance
from the sender, and a temporal leash, which ensures
that the packet has an upper bound on its lifetime. The
latter restricts the maximum travel distance, since the
packet can travel at most at the speed of light. Either
type of leash can prevent the wormhole attack, because
it allows the receiver of a packet to detect whether the
packet traveled further than the leash allows. Wang and
Bhargava [71] propose a mechanism, MDS-VOW (Multi-
Dimensional Scaling – Visualization of Wormhole), to
detect wormholes by using multi-dimensional scaling to
reconstruct the layout of the sensors and adopting a
surface smoothing scheme to compensate the distortions
caused by distance measurement errors.
• Node replication attack: It can be detected by Random-
ized Multicast and Line-Selected Multicast [72]. Ran-
domized Multicast distributes node location information
to randomly-selected witnesses, exploiting the birthday
paradox to detect replicated nodes, while Line-Selected
Multicast uses the topology of the network to detect
replication nodes.
• Jamming attack: Li, et al. in [73] study controllable
jamming attacks in WSNs, which are easy to launch
and difficult to detect and confront. They derive optimal
strategies or policies for both jammer and the network
defense system under two cases: perfect knowledge of
the jammer and the defense system, lack of knowledge
of the attacker and the network.
• Attack/failed node detection
As a whole, most attack detecting methods can be clas-
sified as centralized approaches or neighbors’ cooperative
approaches.
• Centralized approaches: The type of method uses the
base station to detect attacks. Although the schemes in
[74], [75] are mainly used to diagnose failed nodes,
the idea can also be adapted to detect attacks. In the
approach of [74], sensor networks are diagnosed by
injecting queries and collecting responses. To reduce the
large communication overhead, which results in failure
detection latency, their solution reduces the response
implosion by sacrificing some accuracy. Staddon, et al.
in [75] propose another centralized approach to trace the
failed nodes. Nodes append a little bit of information
about their neighbors to each of their measurements and
transmit them to the base station to let the latter know
the network topology. Once the base station knows the
network topology, the failed nodes can be efficiently
traced using a simple divide&conquer strategy based on
adaptively routing update messages.
• Neighbors’ cooperative approach: In neighbors’ cooper-
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 61

ative approach, neighbor nodes of a given node collect Model and Packet Trade Model. In the Packet Purse
neighbors’ information and make a collective decision Model, each packet is loaded with enough Nuglets by
to detect attacks. Wang, et al. in [76] propose a dis- the source, and each forwarding host takes out some
tributed cooperative failure detecting mechanism to let Nuglets for its forwarding service. The advantage of this
the neighbors of a faulty node cooperate to detect the approach is that it discourages users from flooding the
failure. To achieve neighbors’ communication efficiency, network. In the Packet Trade Model, packets are traded
they propose Tree-based Propagation-Collection (TPC) for Nuglets by the intermediate nodes. Each intermediate
protocols to collect the information from all neighbors node buys the packet from the previous node with some
of the suspect with low delay, low message complexity, Nuglets, and sells it to the next node for more Nuglets,
and low energy consumption. Watchdog [77] also uses and the destination has to pay the total cost of forwarding
neighbors to identify misbehaving nodes. Ding, et al. in the packet. The direct advantage of this method is that
[78] propose another localized approach to detect the the source does not need to know how many Nuglets
faulty sensors by using neighbors’ data and processing need to be loaded into the packet. To prevent illegal ma-
them with the statistical method. Threshold approaches nipulation of the nodes’ Nuglets, tamper-proof hardware
is a special type of neighbors’ cooperative approach, e.g. is required at each node to store all the relevant IDs,
[7], [80]. Recently, Liu, et al. in [81] introduce a new Nuglets counter, and cryptographic materials. Sprite [87],
neighbors’ cooperative approach to detect insider attacks. a simple, cheat-proof, credit-based system uses credit to
The nice feature of their algorithm is that it requires provide incentives for mobile nodes to cooperate and
no prior knowledge about normal or malicious sensors, report actions honestly. The basic idea of this scheme
which is important considering the dynamic attacking is as follows: a system has a Credit Clearance Service
behaviors. Further, their algorithm can be employed to (CCS) to determine the charge and credit to each node
inspect any aspects of networking activities, with the involved in the transmission of a message. Payments and
multiple attributes evaluated simultaneously, which is charges are determined from a game theory perspective.
better than the previous schemes, e.g. [82]. In this scheme, the sender is charged to prevent a denial-
of-service attack to the destination by sending it a lot of
• Denial of service attack and countermeasures traffic. A node receives credit only when the next node on
the path reports a valid receipt to the CCS to acknowledge
Denial of service (DoS) means that the adversaries attempt the successful transmission.
disrupting, subverting, or destroying sensor networks in order 2) Special Node Compromise Detecting Mechanisms:
to diminish or eliminate its capacity to perform its expected Although many node compromise detecting mechanisms
function. DoS can disrupt sensor nodes, communications use centralized detecting methods or neighbors’ coopera-
among nodes, and the base station to implement their goal, tive/localized methods to monitor the activities of nodes, there
which is disabling sensor network availability. Draining the are still some mechanisms use code testing methods and a
battery by repeating service request attacks, benign repeating special scheme uses location verification method.
energy-hungry tasks, or repeating malignant burden tasks is
also a special type of DoS [92]. Denial-of-Message attack • Code testing schemes
[93] is another type of DoS in which adversaries deprive
other nodes from receiving broadcast messages. To prevent In the context of node compromise code testing schemes
DoS attacks, we can adopt the following methods: in WSNs, some implement their schemes by software-based,
• Watchdog and Reputation Rating based scheme: Marti, et while others use hardware to assist their mechanisms.
al. in [77] propose a watchdog that identifies misbehaving • Software-based approach: In software-based approaches,
nodes and a pathrater that helps routing protocols avoid such as [88], [89], rely on optimal program code
these nodes. The Watchdog Scheme is further investi- and exact time measurements. These approaches enable
gated and extended to Reputation Rating Scheme [82]- software-based attestation by introducing an optimal pro-
[84]. In the Reputation Rating Scheme the neighbors of gram verification process that verifies the memory of
any single node collectively rate the node according to a sensor node by calculating hash values of randomly
how well the node executes the functions requested of selected memory regions.
it. Compared to malicious nodes disrupting the network, • Hardware-based approach: Normal hardware-based ap-
selfish nodes only refuse to perform any function re- proaches such as [90] are based on public-key cryp-
quested by the others, such as packet forwarding, to save tography and require extensive computational power,
energy. Reputation Rating Scheme conquers the selfish as well as the transmission of large messages, making
nodes by giving them a bad strike. these approaches not usable in WSNs. Krauss, et al.
• Virtual currency: Virtual currency systems [85]-[87] use [91] suppose that some cluster nodes posses much more
credit or micro payments to compensate for the service resources than the majority of clusters and are equipped
of a node. A node receives a virtual payment for for- with a Trusted Platform Module in the hybrid WSNs.
warding the message of another node, and this payment Their hardware-based attestation protocols use the nodes
is deducted from the sender (or the destination node). equipped with Trusted Platform Module as trust anchors
Two examples of such systems are: Nuglets [85], [86] and can enable attestation with more efficiently. However,
and Sprite [87]. Nuglets has two models: Packet Purse their mechanisms can only make sense in Hybrid WSNs.

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
62 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

• Location verification schemes Secure location

Song, et al. in [14] provide a method to detect node com-

promise by comparing the previous position of nodes with
current position. The main idea of their mechanism is based Secure location scheme with Secure location scheme without
on the assumption that a node compromise often consists of beacons [114-122] beacons [123, 124]
three stages: physically obtaining and compromising the sen-
sors, redeploying the compromised sensors, and compromised Fig. 6. Taxonomy of secure location schemes.
nodes launching attacks after their rejoining the network. In
some applications an attacker may not be able to precisely
deploy the compromised sensors back into their original strong. For example, the scheme in [89] assumes that the
positions. Their mechanism can detect compromise events attacker’s hardware devices were not present in the sensor
when compromised nodes change positions or identities. But network for the duration of the repair process. Most of
sometimes adversaries can compromise the nodes by com- time, attackers use big nodes, such as laptops, as the
municating them, breaching their security mechanism, and attacking devices, and these attacker nodes present and
controlling them without physically touching them or moving attack the sensor network all the time. Furthermore, all
their positions. Under such condition, their mechanism will these approaches do not tell us when these mechanisms
not detect the compromise events. are executing. They just say that the mechanisms are
executing by the request of the base station. So their
B. Summary systems must have some other mechanisms to invoke
these code testing schemes. However they do not provide
Normally, most attack detecting mechanisms belong to any invoking mechanisms in their research work. The
centralized approaches or neighbors’ cooperative approaches. algorithm of the invoking mechanisms is very important
Centralized approaches gather the data from the monitoring because: if the checking interval for each node is small,
node and compare them with the data from its neighbor nodes. these code testing schemes introduce a lot of communi-
Based on the comparing result, the system makes a decision cation cost and consume large computing resources for
whether the given node is attacked or not. The disadvantage the sensor node; on the contrary, if the checking interval
of this method is that it introduces more routing traffic from for each node is large, the compromised nodes may have
the given node to the base station. While in neighbors’ long time to paralyze the network. An invoking algorithm
cooperative approaches, neighbor nodes of the given node that makes code testing mechanisms more efficient and
make a collective decision to detect attacks. Though it does not effective needs to be investigated.
need transfer larger data to the base station, it introduces more • Most proposed attack detecting mechanisms focus on
computing process and monitoring tasks for neighbor nodes. In static WSNs, ignoring mobility. Attack detecting schemes
all, Watchdog and Reputation Rating based or Virtual currency for mobile WSNs are desirable.
methods are able to prevent DoS attacks in some extent. Code
testing methods and location verification methods open our
VII. S ECURE ROUTING
eyes to node compromise detection, though they need more
work to improve. For example, code testing mechanisms in- A. State-of-the-Art
troduce more communication overheads between sensor nodes WSNs use multi-hop routing and wireless communication
and the base station. to transfer data, thus incur more routing attacks. There are a
Though there is a lot of research focused on attack detection lot of approaches to ease routing security. In this section, we
and prevention, and most of them provide some good results, review existing secure routing approaches. Fig. 6 shows the
there is still much work need to be studied in the future. Open taxonomy of secure routing.
research issues include following: 1) Secure Routing Protocols for Ad Hoc Networks: Be-
• Currently, most current detecting systems monitor all the cause WSNs came from ad hoc, some of secure routing
nodes in the system without emphasis, and the system algorithms [94]-[99] in the latter are still valued to be re-
should decentralize their resources evenly in all nodes in viewed though they may have difficulty to be suited to sensor
order to monitor whether they have larger compromise networks. Some secure AODV algorithms [94], [95] that
probabilities or not. That makes the detecting mecha- may be adapted in WSNs have some effects on defending
nism less efficient. Due to the heavy work, the system against external attacks because they suggest secure routing
performance may decrease largely, and may even make information. These security mechanisms still meet security
this work unpractical. A good ideal is that the system issues when the nodes are compromised and the security
chooses those nodes that have larger probability to be information such as key is disclosed to the attackers.
attacked as the main monitoring object. However [69] A certificate approach, URSA, a ubiquitous and robust
only provides the idea. How to implement this idea still access control solution proposed by Luo, et al. in [96], uses
need more work. the multiple nodes decision to certify/revoke a ticket to ensure
• Although above code testing schemes introduced in sec- access control service ubiquity and resilience. Sanzgiri, et
tion 6.1.2 can detect whether the given node is compro- al. in [97] also propose a secure routing protocol based on
mised or not, the assumptions of these schemes are very certificate. Their protocol, Authenticated Routing for Ad hoc

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 63

Networks (ARAN), works to defend against identified attacks are bad. Besides considering security, the trust-based routing
under such a scenario where no network infrastructure is pre- scheme proposed by Hung, et al. in [107] also takes into
deployed, but a small amount of prior security coordination is account the metric of network lifetime.
expected before deployment. 4) Secure Routing for Cluster or Hierarchical Sensor Net-
Papadimitratos and Haas [98] propose a route discovery works: Some researchers utilize the special structure in physi-
protocol that it only requires the security association between cal or logical cluster or hierarchical sensor networks in order to
the node initiating the query and the sought destination provide more efficient secure routing algorithms. For example,
only in order to defend against routing attacks, such as Tubaishat, et al. in [108] propose an energy efficient level-
fabricated, compromised, or replayed attacks for mobile Ad based hierarchical system. In their approach, they divide the
Hoc Networks. An on-demand routing protocol for ad hoc sensor nodes into different levels. The lower-level sensor
to provide resilience to Byzantine failures (which include nodes only sense and disseminate data, whereas the higher-
nodes that drop, modify, or mis-route packets in an attempt level sensors find the shortest path to the sink node and
to disrupt the routing service), proposed by Awerbuch, et aggregate data in addition to forwarding it. A sensor becomes
al. in [99], can be separated into three successive phases: a cluster head and is valued as level 2 if it has the highest
route discovery with fault avoidance by using flooding and number of neighbors (NBR). Sensors are initiated at level 0
cryptographic primitives, Byzantine fault detection by using when embedded in the network. The incremental level depends
adaptive probing technique to identify a malicious link after on a sensor’s reliability and its energy consumption. When a
log n (n is the length of the path) faults occurred, and sensor finds its neighbors it upgrades itself to level 1 and then
link weight management by multiplicatively increasing the to level 2 if it becomes a cluster head. A sensor connected
malicious link weight. Their protocol avoids malicious links to two or more cluster heads upgrades itself to level 3 (they
in the routing paths because the system uses an on-demand call this node the root). Based on the level classifications,
route discovery protocol that finds a least weight path to the they propose a new routing protocol algorithm that depends
destination. on the number of neighbors and their levels to disseminate the
2) Multi-Path Routing: Some approaches use multi-path queries and data. The level-based hierarchical routing protocol
routing and neighbor collaboration techniques, such as [100], compromises between shortest path and energy consumption.
[101]. Multi-path routing, location disguise, and relocation Based on the usage of hierarchical structure of sensor networks
methods can be used to protect base stations [101]-[103]. In and symmetric key, they propose a secure routing protocol. In
the environment where the network only has a small number addition, they propose a group key management scheme which
of compromised nodes, Multi-path schemes provide more every sensor node contributes its partial key for computing the
reliable routing, though they introduce more communication group key.
overheads. However, in the environment where the network 5) Broadcast Authentication: µTESLA proposed by Perrig,
has a large number of compromised nodes, if the compromised et al. in [20] is an authenticated broadcast protocol for the
can modify the routing data, system may involve more security SPINS. It divides time into intervals of equal duration and as-
issues. signs each time slot a corresponding key. µTESLA introduces
3) Reputation Based Schemes: Reputation based schemes asymmetry through a delayed disclosure of symmetric keys
normally need neighbor nodes corporation to control the resulting in an efficient broadcast authentication scheme. Each
credit, reputation, etc. Routing paths will path the nodes with MAC key is a key from the one-way key chain, generated by a
good reputation. In ad hoc networks, Watchdog and Pathrater public one-way function F . The base station chooses the last
[77] can be regarded as one of the earliest works in trust-based key Kn from the chain, and repeatedly applies F to compute
routing schemes. A probabilistic routing algorithm, ARRIVE, all other keys: Ki = F (Ki+1 ). The base station sends packets
is proposed by Karlof, et al. in [104] to defend link failures, with MAC. The receiver node stores the packet in a buffer.
patterned node failures, and malicious or misbehaving nodes At the time of key disclosure, the base station broadcasts the
without resorting to periodic flooding of the network. The verification key to all receivers. During that time, the receiver
main idea of their algorithm is that: the next hop in the routing can use the disclosure key to authenticate the packet stored in
path is chosen probabilistically based on link reliability and its buffer. If a node wants to broadcast information, it must
node reputation; it uses multiple paths, and it ensures that the send the information to the base station first and then the base
packets of the same event use different outgoing links when station broadcasts the information. All of operations in SPINS
they meet at one node. need the network to keep time synchronization between nodes,
SIGF (Secure Implicit Geographic Forwarding) [105] also thus the base station makes the latter susceptible to attack and
needs neighbor collaboration to choose the nodes in the has more traffic nearer the base station.
routing path. FBSR [106], a feedback based secure routing Liu and Ning in [109] go a step to present a multi-
protocols gets feedback from both the nearby neighbors and level key chain scheme to improve µTESLA key distribution
the base stations. Feedback serves as the dynamic informa- efficiency by using pre-determination and broadcast to remove
tion of the current network, with which sensor nodes make its requirement of a unicast-based distribution of initial key
forwarding decisions in a secure and energy aware manner. chain commitments to save communication overhead in large
These proposals collect neighbor feedbacks or information to distributed sensor networks.
decide routing paths. They are based on reputation or corporate µTESLA and its extension provide broadcast authentication
decision, etc., and they can prevent routing paths from passing for base station, but they are not suitable for local broadcast
some nodes that have less reliability factors or the reputations authentication because: they cannot provide immediate authen-

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
64 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

tication; the communication overhead is high between sensors in some extent. However, most compromise activities
and the base station; packet buffering requires more storage cannot be detected immediately because any detecting
space for sensors. Zhu, et al. in [45] propose a one-way key mechanism needs time to collect and process collected
chain for one-hop broadcast authentication based on pairwise data, and the fraudulent action of adversaries (adversaries
key to solve the issues in µTESLA. don’t want system to notice their attacking activities.)
6) Secure Routing Defense Against Attacks: PRSA (path even makes the detecting time longer. In such condition,
redundancy based security algorithm) [110] uses alternative there exist some intervals when some nodes are compro-
routing paths for each data transmission call to overcome mised nodes but the system has not detected them. During
the sensor network attack. To enhance network reliability, these intervals, routing paths in current algorithms, such
PRSA allows sensor node data to be sent on defined routing as [111], may pass the undetected compromised nodes,
paths using various transmission modes including round robin, the nodes that have already been compromised but the
redundant and selective modes. system has not detected them. Thus, current approach
To defend against node compromise, An, et al. in [111] cannot conquer undetected node compromise. Designing
present a route recovery scheme called Route Recovery by secure routing that can defend against undetected node
One-Hop Broadcast (RROB) that removes compromised nodes compromise is a promising research area [69].
from the current route and reconstructs the route without • Currently most proposals only consider security metrics
depending on central mediation. RROB reconstructs the new and only a few of them evaluate other metrics, e.g. [107].
path based on the current path and bypass the compromised More metrics, such as QoS (quality of service) need to
nodes in the current path. Instead of flooding packets in the be considered in addition of security.
network, RROB utilizes the neighbors of the compromised • Though some secure routing algorithms are proposed
nodes to bypass the compromised nodes to decrease the based on hierarchical sensor networks, most of these
communication overhead and the energy consumption. studies did not show the different effects such as energy
To prevent packet-tracing attack, in which an adversary consummations, security, etc. due to different cluster size.
traces the location of a receiver by eavesdropping and follow- What’s more, though these algorithms may ease secure
ing the packets transmitted in the sensor network, Jian, et al. in routing issues, they bring complex cluster management
[112] propose a location privacy routing protocol (LPR) that issues and costs. More elaborate studies need to be done
is easy to implement and provides path diversity. Combining in the future.
with fake packet injection, LPR is able to minimize the traffic • Routing maintenance: During the lifetime of a sensor
direction information that an adversary can retrieve from network, the network topology changes frequently, and
eavesdropping. By making the directions of both incoming routing error messages are normally produced. Preventing
and outgoing traffic at a sensor node uniformly distributed, unauthorized nodes from being producing this type of
the new defense system makes it very hard for an adversary message is important and needs more studies.
to perform analysis on locally gathered information and infer
the direction to which the receiver locates. VIII. S ECURE L OCATION
A. State-of-the-Art
B. Summary Location information is very important in some applications
Currently, there are a lot of secure routing algorithms of sensor network, such as reconnaissance of opposing forces.
for WSNs. Many routing algorithms are reputation based Many monitoring applications require near accurate position
schemes, which rely on neighbor nodes’ corporation. Some besides event self. Besides this type of application, many rout-
approaches utilize the special structure (cluster WSNs) to ing protocols or other security mechanisms also need location
balance the computing and transmission overheads between information or distance information among neighbor nodes.
big nodes and normal nodes. Some researchers study some Thus, providing secure and reliable location information in
types of attacks, and propose special algorithms to prevent the some special applications under adversaries’ attacks need pay
specified attacks. Others use cache to improve the efficient more attention. Fig. 7 shows the taxonomy of secure location
[113].To provide routing reliability, some adopt multi-path schemes.
techniques. One-way functions are the normal method to 1) Secure Location Scheme With Beacons: In some location
provide broadcast authentication. Though a lot of protocols systems, some sensors have a position system such as GPS
are proposed to secure routing, the design of new algorithms to locate their positions. We call this type of sensors beacon
is still largely open to research. Open research issues include nodes. These location systems use location information from
following: these beacon nodes and some positioning and ranging tech-
• Most current proposals are suitable for static WSNs. niques to construct the whole location systems. Positioning
Designing secure routing algorithms for mobile WSNs is and ranging techniques in wireless networks mainly rely on
complex and current secure routing algorithms will meet measurements of the times of flight of radio or ultrasound
issues when they are applied in mobile environments. For signals, and on the measurements of received strengths of
example, reputation based schemes will meet difficulties radio signals of devices. However, these methods are highly
when they adapt to mobile environments. vulnerable to attacks from dishonest nodes and external at-
• Undetected node compromise issues: The current cryp- tackers.
tography mechanisms, such as authentication, identifica- A mechanism for position verification, called Verifiable
tion, etc. may detect and defend against node compromise Multilateration (VM), proposed by Capkun and Hubaux in

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 65

Secure data aggregation Different from many proposals defending against crypto-
graphic attacks, Chen, et al. in [119] analyze the problem of
detecting non-cryptographic attacks on wireless localization,
Plaintext based scheme Cipher based scheme [135- such as signal attenuation and amplification, that cannot be
136] addressed by traditional security services. In Multilateration
localization approaches, they build a mathematical model and
Scheme Bidirectional Neighbors’ Statistical
defending authentication certificate method
derive an analytic solution for attack detection using the
against one schemes [127] schemes [133, 134] residuals of an LLS (Linear Least Squares) regression for easy
compromised [128-132]
node [126] conducting. In signal strength based approaches, they use the
minimum distance between an observation and the database
of signal strength vectors as the test statistic to perform attack
detection.
Fig. 7. Taxonomy of secure data aggregation schemes. Hwang, et al. in [120] propose a secure localization mecha-
nism that detects phantom nodes, which claim fake locations,
without relying on any trusted entities, an approach different
from the other approaches. Their algorithm includes two main
[114], is based on Distance bounding techniques [125] that phases: distance measurement phase and filtering phase. In the
can prevent compromised nodes from reducing the measured first phase, each node measures the distances to its neighbors.
distance. VM use the distance bound measurements from three In the second phase, each node projects its neighboring nodes
or more reference points (verifiers) to verify the position of to a virtual local plane to determine the largest consistent
the claimant. subset of nodes. After the completion of the two phases, each
Lazos and Poovendran in [115] propose a range overlapping node establishes a local view without phantom nodes.
method instead of using the expensive distance estimation Beacon location systems will meet difficulty issues when
method. Its main idea is as follows: each locator transmits the beacon nodes are compromised. To detect malicious
different beacons with individual coordinates and coverage beacon nodes, the scheme in [121] uses redundant beacon
sector areas. After receiving enough sector information from nodes instead of normal nodes in the sensing field to verify
different locators, the sensor estimates its location as the center them. To defend against malicious beacon node compromise,
of gravity of the overlapping region of the sectors that include Liu, et al. in [122] propose two methods: attack-resistant
it. Instead of solving the secure location determination prob- Minimum Mean Square Estimation, and collective “votes.”
lem, Sastry, et al. in [116] introduce the in-region verification The main idea of the first method is that the malicious location
problem (a problem how verifiers verify whether a prover is references introduced by attacks are usually inconsistent with
in a given region of interest) and show how it can be used for the good ones due to their misleading characteristic. The main
location-based access control. idea of the second technique is as follows: the deployment area
Li, et al. in [117] propose robust statistical methods in is quantized as small cells; each location reference (beacon
order to make two broad classes of localization including node) “votes” which cell the node belongs to; and finally the
triangulation and RF-based fingerprinting attack-tolerant. For center of the selected cell is thought of as the location of the
triangulation-based localization, their adaptive algorithm uses node.
least squares (LS) position estimator in normal status, and 2) Secure Location Scheme Without Beacons: In practical
switches to use least median squares (LMS) instead of least environments, sensor networks may not have beacon nodes.
squares (LS) for achieving robustness when being attacked. Under such conditions, some approaches [123], [124] estimate
For fingerprinting-based location estimation, they introduce location by combining deployment knowledge and probability
robustness by using a median-based distance metric instead theory. Fang, et al. in [123] propose a Beacon-Less Location
of traditional Euclidean distance metrics. Discovery Scheme. Their scheme supposes that: sensors in
Capkun, et al. in [118] analyze the attack model in two the same group are deployed together at the same deployment
types of positioning systems: node-centric and infrastructure- point; and the locations of sensors from the same group follow
centric. In a node-centric positioning system, a node computes a probability distribution that can be known a priori. With their
its position by observing signals received from public base supposition, they can estimate the actual location of a sensor in
stations with known locations. Infrastructure-centric position- static sensor networks by observing the group memberships of
ing systems are those in which the infrastructure computes its neighbors and using the Maximum Likelihood Estimation
positions of nodes based on their mutual communication. method. Furthermore, they propose a general scheme called
After the analysis of attack models, they propose a new Localization Anomaly Detection (LAD) [124], to detect local-
approach to secure localization based on hidden and mobile ization anomalies that are caused by adversaries by comparing
base stations. Their approach enables secure positioning with the inconsistency of location between pre-deployment and
a broad spectrum of positioning techniques: ultrasonic or RF, after deployment.
based on received signal strength or on time of signal flight.
Their secure position system need more base stations while
most WSNs only have one base station. Furthermore, most B. Summary
verification work is executed by base stations, thus incurring Providing reliable and accurate location is the key factor in
more communication overheads. some sensor networks when position or location information is

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
66 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

Other security schemes - µTESLA [20]) instead of aggregating messages at the

immediate next hop, proposed by Hu and Evans in [126]
provides resilience to both intruder devices and single device
Security Information Survivability Trust End-to-end Security Node
-energy assurance evaluation evaluation security and compromise key compromises. However, the mechanism may be vulnerable
evaluation
[141, 142]
[17] [143-146] [147, 148] [149] privacy
support for
distribution
modeling
if a parent and a child node in the hierarchy are compromised.
DCS [150] [69]
• Bidirectional authentication schemes

Deng, et al in [127] introduce a secure in-network routing

algorithms involved processes of downstream and upstream
Fig. 8. Taxonomy of other security mechanisms. between aggregators and sensors. In the downstream stage,
sensor nodes authenticate commands disseminated from parent
aggregators and this is accomplished by two techniques: one-
the object of these networks, or if they need position informa- way hash chains and µTESLA. In the upstream, aggregators
tion in those systems. From above review, we know that two authenticate data produced by sensors before aggregating
main methods, including beacon detection and deployment that data. The upstream stage requires that pairwise keys be
estimation, can be used to locate sensors. When the first established between aggregators and their sensor nodes.
method is used, we can use multiple beacons to detect location,
• Neighbors’ certificate schemes
tolerating attacks and even malicious beacon attacks by using
a voting mechanism or by utilizing statistical methods. To In this type of approach [128]-[132], the aggregation report
defend against attacks in the second location method, we only must be verified or endorsed by the neighbor nodes of the
need to ensure the group membership is guaranteed by a secure aggregator before sending out. Du, et al. in [128] propose
mechanism. However, the second location method cannot a Witness-Based approach to assure the validation of the
provide accurate location information as the first method data sent from data fusion nodes to the base station. In their
does. Currently, most of current proposals are suitable for approach, some nodes around the data fusion node are selected
static WSNs. Secure location algorithms for mobile WSNs as witnesses to monitor the data fusion results. Before the
in different environments need to be investigated. fusion data is transmitted to the base station, the system adds
the witness information to them, and the base station processes
IX. S ECURE DATA AGGREGATION the witness information and uses a voting strategy to decide
whether to accept a fusion result or not.
A. State-of-the-Art
To filter injected false data between sensors and the base
In typical data aggregation or data fusion application sce- station, Zhu, et al. in [130] propose an interleaved hop-by-
narios, the sensor nodes are spread randomly over the terrain hop authentication (IHA) scheme in which at least t + 1
under scrutiny and collect sensor data. Each node processes the sensor nodes have to endorse a report before it is sent to
data and coordinates with nearby nodes in order to combine the base station, where t is the node compromise threshold.
their information (the process is called data fusion). The In the process of data transmission to the base station, the
aggregate data is then forwarded to specialized gateway nodes injected false data packets can be detected and filtered by
or base stations. either at or en-route to the base station. Furthermore, their
Though data aggregation can reduce communication over- scheme gives an upper bound for the number of hops that a
head significantly, it brings more security issues. In a WSN, false data packet could be forwarded before it is detected and
there are usually certain nodes, called aggregators, helping to dropped, given that there are up to t colluding compromised
aggregate information requested by queries. In general, there nodes. This scheme is particularly useful for large-scale sensor
are two types of attacks for data aggregation operation. The networks where a sensor report needs to be relayed over
first one is that aggregators received false data from sensor several hops before it reaches the base station and for appli-
nodes. This false data may be produced by the original sensor cations where the information contained in the sensor reports
nodes or the intermediate nodes between original sensor nodes is not amenable to the statistical techniques used by SIA
and aggregators. The second one is that the base station [129] (e.g., non-numeric data). Vogt in [131] explores several
receives false data from compromised aggregator nodes. Of message authentication methods including end-to-end, hop-
course, routing between aggregators and the base station may to-hop, physical and virtual multipath authentication. Based
also meet security issues. However these issues belong to the on the exploration, a virtual multipath authentication method,
research area of secure routing. called Canvas scheme, is introduced. In the scheme, each node
There are two types of secure data aggregation ways: plain- will create two MACs for the next two nodes that it makes
text based scheme and cipher based scheme. The intermediate a message being authenticated twice before it is forwarded.
nodes in the path know the content of the transferred data in Similar to [130], the scheme in [131] also uses interleaved
the first type of scheme. In the second type of scheme, data authentication method with t equal to 1. That means that this
aggregation is based on the concealed data. Fig. 8 shows the scheme can detect and filter false packets under one node
taxonomy of secure data aggregation. compromise.
1) Plaintext Based Scheme: Yu and Guan in [132] propose a dynamic en-route filtering
• Scheme defending against one compromised node scheme for false data injection attacks in wireless sensor
A secure aggregation mechanism based on delayed aggrega- networks. In their scheme, a legitimate report is endorsed by
tion and delayed authentication (one way delay authentication multiple sensing nodes using their own authentication keys

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 67

generated from one-way hash chains. Cluster head uses Hill ECEG cryptographic algorithm. After careful evaluation, they
Climbing approach to disseminate the authentication keys of discovered that none of the described algorithms provides all
sensing nodes to the forwarding nodes along multiple paths the desirable security goals. Despite this, it turned out that the
toward the base station. Hill Climbing guarantees that the key stream based CMT approach is the most promising one.
forwarding nodes closer to a cluster hold more authentication To cope with the problems they propose two approaches. The
keys for the cluster than those nodes farther from it do, hence, first approach combines two algorithms so that weaknesses
the number of keys held by each forwarding node can be of one algorithm are covered by the strengths of the other
balanced. In filtering phase, each forwarding node validates one. For the second approach they face specific weaknesses
the authenticity of the reports and drops those false ones. and engineer mechanisms that solve the particular issues. With
• Statistical method the considered homomorphic message authentication code and
Instead of collective endorsement, some approaches use a a discussion of the id-issue, they exemplary evaluate the two
statistical method to secure aggregation. For example, Ye, et biggest issues of the very promising CMT algorithm.
al. in [133] propose a statistical en-route filtering (SEF) mech-
anism to detect and drop false reports during the forwarding
process. Their mechanism attaches corporate endorsements B. Summary
(keyed message authentication code, MAC) in the data packet. Data aggregation is a normal operation to save energy and
In the process of data transmission to the base station, each provide accurate phenomenon observation in sensor networks.
node along the path verifies the correctness of the MAC’s Though data aggregation can reduce communication overhead
probabilistically and drops those with invalid MACs. Another significantly, it brings more security issues. In all, there are
approach in [134] also applies a robust statistics estimation two types of secure data aggregation ways: plaintext based
model with noisy and error-prone data to the problem of scheme and cipher based scheme. Compared with the second
securing aggregation in the presence of malicious or spoofed type of scheme, the first type of scheme introduces more
data. operations of encryption and decryption, thus incurring more
9.1.2 Cipher based scheme energy consumption. However, the latter one usually lowers
Different from plaintext based schemes, the intermediate the security level. In the first type of scheme, many proposals
nodes in the path do not know the content of the transferred use neighbor nodes’ collective endorsement or similar methods
data. To prevent the disclosure of data in intermediate nodes, to verify the correction of the aggregation reports. Others
Concealed Data Aggregation (CDA), proposed by Girao, et al. adopt statistical methods to filter the fake data. Though a lot
in [135], conceals sensed data end-to-end and still provides of protocols are proposed to secure aggregation, the design
efficient in-network data aggregation without any operation of of secure routing algorithms is still largely open to research.
plaintext data in intermediate nodes. Their work is based on a Data aggregation is essential for WSNs and its security still
privacy homomorphism (PH), proposed by Domingo-Ferrer in needs more considerations. Open research issues include the
[137], a particular encryption transformation. PH allows direct following:
computation on encrypted data. Let Q and R denote two rings, • Currently, most studies assume aggregators as big nodes.
+ denote addition and × denote multiplication on both. Let K It is desirable to design a secure data aggregation scheme
be the key space. They denote an encryption transformation in the environments without big nodes.
E : K × Q → R and the corresponding decryption transfor- • Since data aggregation can save system energy and in-
mation D : K × R → Q. Given a, b ∈ Q and k ∈ K they troduces security issues, is it possible to design a scheme
term a+b = Dk (Ek (a)+Ek (b)) additively homomorphic and based on the different security and energy requirement?
a × b = Dk (Ek (a) × Ek (b)) multiplicatively homomorphic. • Though there exists one evaluation paper for CDA algo-
The concept of PH is first described by Rivest, et al. in rithms, new evaluation studies are still needed especially
[138]. In [137] Domingo-Ferrer presents an additive and for plaintext based schemes. The evaluation metrics may
multiplicative PH which is a symmetric scheme and secure include security, communication overheads, process over-
against chosen ciphertext attacks. Although Wagner in [139] heads, energy consumption, etc.
shows that the proposed PH in [137] is unsecure against • Most of current schemes are only suitable for static
chosen plaintext attacks for some parameter settings, Girao, et WSNs. Designing new secure data aggregation schemes
al. in [135] argue that for the WSN data aggregation scenario, for mobile WSNs including mobile aggregators or normal
the security level is still adequate and the proposed PH in nodes still needs further studies.
[137] can be employed for encryption transformation. CDA
is suitable for aggregation functions: average and movement
detection. To calculate average, an aggregator needs to know X. OTHER S ECURITY I SSUES
the number of sensor nodes.
A. State-of-the-Art
Recently, Peter, et al. in [136] describe and evaluate three
algorithms: Domingo-Ferrer (DFPH) [137], CMT (they denote Other security issues include security-energy assessment,
it corresponding to the authors initials) - a Key stream based data assurance, survivability, etc. It’s very important to study
PH [140], Elliptic Curve ElGamal, that were reported to suit these areas due to a sensor network’s special character, such
to the WSN scenario. The elliptic curve ElGamal (ECEG) as battery limitation, high failure probability nodes, easier
based PH is an asymmetric cryptographic approach. As the compromised nodes, unreliable transmission media, etc. Fig.
name suggests the ECEG PH is based on the well investigated 9 shows the taxonomy of other security mechanisms.

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
68 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

1) Security-Energy Evaluation: As to our knowledge, few in cluster based WSNs. Their cluster formation algorithm
research works have been done in this area. To evaluate the establishes trusted clusters by the help of pre-distributed keys.
relation between energy and security, Law, et al. in [141], 5) End-to-End Security: Most existing security designs
[142] describe an assessment framework based on a system provide a hop-by-hop security paradigm only, which leaves
profile after carefully reviewing the dominant issues of energy- the end-to-end data security at high stake. To provide end-
security trade-off in the network protocol and key management to-end data security, Ren, et al. in [149] propose LEDS: a
design space. location-aware end-to-end security framework, in which each
2) Information Assurance: Due to resource limitations of node only stores a few secret keys and those secret keys are
a sensor network, the transmission all of information with the bound to the node’s geographic location. In LEDS, the targeted
same reliability requires more resources and is impractical. terrain is virtually divided into multiple cells using a concept
For the user, different types of events have different levels called virtual geographic grid. LEDS then efficiently binds
of importance. Based on this assumption, Deb, et al. in the location (cell) information of each sensor into all types
[17] propose an assurance level mechanism to transmit the of symmetric secret keys owned by that node. By this means,
information of different criticality with different reliability the impact of compromised nodes can be effectively confined
(probability to sink) using hop-by-hop broadcast. to their vicinity. In LEDS, each node computes three different
3) Survivability Evaluation: As so far, many schemes are types of location-aware keys: 1) two unique secret keys shared
proposed to secure WSNs, it is crucial to build a model to between the node and the sink and used to provide node-
evaluate these schemes with regard to survivability of a WSN. to-sink authentication; 2) a cell key shared with other nodes
In [143], Li, et al. propose a quantitative evaluation model in the same cell that is used to provide data confidentiality;
for a typical pre-distribution key management scheme. Their and 3) a set of authentication keys used to provide cell-to-
survivability evaluation model includes three major attributes: cell authentication and en-route bogus data filtering. LEDS
resilience, resistance, and robustness. Based on their model, ensures both node-to-sink and node-to-node authentication
they show that that increasing the key space and decreasing along report forwarding routes. Moreover, LEDS guarantees
the multiple key space would improve the survivability of efficient en-route bogus data filtering, and is highly robust
WSNs. Kim, et al. in [144] propose a survivability model against DoS attacks.
with software rejuvenation methodology, which is applicable 6) Security and Privacy Support for DCS: The application
in security field and also less expensive. Based on their model, demand has led to the development of data centric sensor
they analyze each cluster of a hierarchical cluster based WSN networks (DCS), where the sensor data as contrast to sensor
as a stochastic process based on semi-Markov Process (SMP) nodes are named based on attributes such as event type or
and Discrete-Time Markov Chain (DTMC). Different from geographic location. To address the security problems of DCS,
other approaches considering node survivability, Kumar, et Shao, et al. in [150] present pDCS, a privacy-enhanced DCS
al. in [145] simulate a DDoS attack on a WSN-gateway network which offers different levels of data privacy based
(Most approaches denote it as the base station) of a WSN on different cryptographic keys. pDCS offers different levels
to highlight how the computing resource of the gateway can of location privacy and allow a tradeoff between privacy
be exhausted which directly hampers or disables the data and query efficiency. In addition, they propose several query
collection efforts. Skelton, et al. in [146] survey the issues optimization techniques based on Euclidean Steiner Tree [151]
and concerns surrounding the deployment and maintenance and Keyed Bloom Filter [152] to minimize the query overhead
of WSNs. Their research focuses on several distinct areas while providing certain query privacy.
affecting survivability: 1) power, 2) network/node destruction 7) Node Compromise Distribution Modeling: Node com-
and repair, and 3) network security. They summarize that the promise is the major problem in sensor networks that leads to
two distinct categories of survivability: information access internal attacks. It is obvious that knowing the probability of
and end-to-end communication, are applied to all of the node compromise with a given time and position can help a
networking layers. Based these two requirement categories, system monitor, identify and defend against node compromise
they examine the cause of WSN failure, both hardware and efficiently and effectively. Based on whether the network
software based, and then identify means by which survivability has node compromise detecting mechanisms, Chen, et al. in
may be supported. [69] classify node compromise distribution models as basic
4) Trust Evaluation: Sun, et al. in [147] presents a frame- models or intelligent models. Basic models can further be
work for trust evaluation in distributed networks. They address divided as basic uniform models and basic gradient models.
the concept of trust in computer networks, develop trust Intelligent models can further be divided as intelligent uniform
metrics with clear physical meanings, develop fundamental models and intelligent gradient models. These models allow
axioms of the mathematical properties of trust, and build trust systems to estimate the probability of node compromise. The
models that govern trust propagation through third parties. difference between a uniform model and a gradient model is
Further, they identify some attacks that can reduce the ef- that the location of a sensor may affect the node compromise
fectiveness of trust evaluation, and develop some techniques probability in the latter model, while it does not matter in
to defend against these attacks. Then, they design a systemic the previous model. The difference between a basic model
trust management system. Their framework can be used to and an intelligent model is that: the latter model considers the
assist route selection and malicious node detection. Crosby, effect of compromise events come from neighbor nodes when
et al. in [148] describes a reputation based trust framework estimating the probability of node compromise. Applying
with a mechanism for the election of trustworthy cluster heads these models in system security designs can improve system

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY 69

security and decrease the overheads in nearly every security extent. Code testing methods and location verification
area including key management, secure routing, and node methods open our eyes to node compromise detection,
compromise detection. though they need improvement.
• Secure routing: Many sensor network routing protocols
B. Summary are quite simple and offer little to no security features,
and there are some types of attacks that disable routing.
Security assessment, data assurance, survivability, trust eval-
Though there are some secure routing protocols for ad
uation, end-to-end security, security and privacy support, node
hoc networks, figuring out how to adapt them to sensor
compromise distribution, etc. are also important in sensor
networks still needs more works. After reviewing current
network security. Until now, there have been only a few
approaches, we give our suggestions: Authentication is
approaches available, and more studies are needed in these
required for broadcast; A system should prevent adver-
areas.
saries from knowing the network topology; Multi-path
can tolerate routing attacks to some extent; Routing infor-
XI. S UMMARY mation should be encrypted; Identifying malicious nodes
Security in sensor networks is a new area of research, with and isolating them from routing path will improve system
a limited, but rapidly growing set of research results. Because security performance; Integrating location information
of its linchpin in some application areas, it is worth studying. can help a routing path immune spoof; Using localized
In this paper, we present a nearly comprehensive survey of algorithms instead of centralized ones will improve sys-
security researches in wireless sensor networks, which has tem performance; Using the special structure of cluster or
been presented in the literature. hierarchical sensor networks can provide more efficient
We summarize security challenges and analyze threats and secure routing algorithm; Base station protection needs
attacks. Based on the network protocol model, we review more considerations; Reduce overhead when possible;
nearly all types of crippling attacks against the functions of etc.
protocol layers. We also provide summarization of counter- • Security location: Providing reliable and accurate loca-
measures and design considerations. Then we review seven tion or position information is the key factor in some
major issues in securing WSNs and also proposed our sug- sensor networks when position or location information is
gestions: the object of these networks, or if they use distance or ge-
• Cryptography: Cryptography Selection is fundamental ography routing algorithms. To provide location security,
to providing security services in WSNs. Most secu- we can adopt multiple verifications to detect or tolerate
rity approaches adopt symmetric key cryptography, thus attacks in beacon detecting location mechanisms. In a
introducing complex key management. Although some group membership estimating location mechanism, we
recent studies show public key cryptography is avail- can use the statistical method and deployment knowledge
able for WSNs, private key operations in asymmetric to secure location.
cryptography schemes are still too expensive in terms of • Secure data fusion: Data fusion security issues can occur
computation and energy cost for sensor nodes, and still in the original sensors, intermediate nodes, and the aggre-
need further studies. gators. To provide security, we can adopt authentication,
• Key management: Key management is the linchpin of neighbor nodes’ collective endorsement or similar meth-
cryptograph mechanism especially for symmetric key ods to verify the correction of the aggregation reports,
cryptography. After reviewing current approaches, we or we can use statistical methods to filter the fake data.
give our suggestions: adopting symmetric cryptography Some studies suggest that using ciphertext instead of
and one-way hash functions and using a distributed mech- plaintext to prevent the disclosure of data in intermediate
anism instead of a centralized mechanism; combining nodes, though these methods usually lower the security
deployment knowledge, location information, and key- level.
predistribution; integrating node identity and key pro- • Other security issues: Security assessment, data assur-
duce; adopting an adaptive re-key mechanism to defend ance, survivability, trust evaluation, end-to-end security,
against cryptography attacks; integrating secure resilience security and privacy support, node compromise distribu-
and a system application environment; considering net- tion, etc. are also important in sensor network security.
work structure, etc. Until now, there have been only a few approaches avail-
• Attack detections and preventions: Although most secure able, and more studies are needed in these areas.
schemes are able to limit the effects of attacks, attack
As our survey shows, there are several unsolved research
detections are still need for system security. In general,
problems that deserve more attention:
most attack detecting mechanisms belong to centralized
approaches or neighbors’ cooperative approaches. The • Inexpensive private key operations on sensor nodes:
disadvantage of the first method is that it introduces more Though some studies show that asymmetric key cryp-
routing traffic from the given node to the base station; tography can be used to secure WSNs, improving the
while the second method introduces more computing efficiency of private key operations on sensor nodes is
process and monitoring tasks for neighbor nodes. In highly desirable.
all, Watchdog and Reputation Rating based or Virtual • Key management for mobile flat WSNs: Most current key
currency methods are able to prevent DoS attacks in some management protocols are only suitable for static WSNs.

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
70 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

New protocols for mobile WSNs including mobile nodes [8] Y. Wang, G. Attebury, and B. Ramamurthy, “A survey of security issues
and mobile base stations need to be developed. in wireless sensor networks,” IEEE Commun. Surveys Tutorials, vol.
8, pp. 2–23, 2006.
• Intelligent attack/node compromise detecting mechanism: [9] A. S. Tanenbaum, Computer Networks, 4th ed. NJ: Prentice Hall, 2003.
Most current detecting systems monitor all the nodes [10] W. Stallings, Cryptography and Network Security- Principles and
in the system without emphasis, and the system should Practices, 3rd ed. Upper Saddle River, NJ: Prentice Hall, 2003.
[11] D. W. Carman, P. S. Kruus, and B. J. Matt, “Constraints and approaches
decentralize their resources evenly in all nodes in order for distributed sensor network security,” NAI Labs Technical Report
to monitor whether they have larger compromise proba- 00-010, 2000.
bilities or not. That makes the detecting mechanism less [12] A. Perrig, J. Stankovic, and D. Wagner, “Security in wireless sensor
efficient. Due to the heavy work, the system performance networks,” Commun. ACM, Special Issue: Wireless sensor networks,
vol. 47, pp. 53–57, 2004.
may decrease largely, and may even make this work un- [13] A. D. Wood and J. A. Stankovic, “Denial of service in sensor
practical. It is highly desirable to design an efficient and networks,” IEEE Computer, vol. 35, pp. 54-62, 2002.
effective mechanism that chooses those nodes with larger [14] H. Song, L. Xie, S. Zhu, and G. Cao, “Sensor node compromise
detection: The location perspective,” in Proc. International Conf.
probabilities of being attacked as the main monitoring Wireless Commun. Mobile Computing, 2007, pp. 242–247.
objects. [15] J. Newsome, E. Shi, D. Song, and A. Perrig, “The Sybil attack in
• Secure routing for mobile WSNs: Most current secure sensor networks: Analysis and defenses,” in Proc. 3rd International
Symposium on Information Processing in Sensor Networks, 2004, pp.
routing algorithms assume the sensor network is station- 259–268.
ary. It is highly needed to study secure routing protocols [16] H. Chan, A. Perrig, and D. Song, “Random key predistribution schemes
for mobile WSNs. for sensor networks,” in Proc. IEEE Symposium Security Privacy, 2003,
pp. 197–213.
• Secure routing to defend against undetected attacks: [17] B. Deb, S. Bhatnagar, and B. Nath, “Information assurance in sensor
Currently, there are some protocols that let routing paths networks,” in Proc. 2nd ACM International Conference on Wireless
bypass the detected compromised nodes or attacks. How- Sensor Networks and Applications, 2003, pp. 160–168.
[18] C. Karlof and D. Wagner, “Secure routing in wireless sensor networks:
ever, most compromise activities can not be immediately Attacks and countermeasures,” Elsevier’s AdHoc Networks Journal,
detected because any detecting mechanism needs time Special Issue on Sensor Network Applications and Protocols, vol. 1,
and the fraudulent action of adversaries (adversaries don’t pp. 293–315, 2003.
want system to notice their attacking activities, thus they [19] P. Ganesan, R. Venugopalan, P. Peddabachagari, A. Dean, F. Mueller,
and M. Sichitiu, “Analyzing and modeling encryption overhead for
will adopt any action that one can imagine to make sensor network nodes,” in Proc. 2nd ACM International Conf. Wireless
the detecting time longer.) makes the time even longer. Sensor Networks Applications, 2003, pp. 151–159.
Consequently, current secure routing algorithms have no [20] A. Perrig, R. Szewczyk, J. D. Tygar, V. Wen, and D. E. Culler, “SPINS:
Security protocols for sensor networks,” Springer Netherlands Wireless
effect to conquer undetected attacks. New secure routing Networks, vol. 8, pp. 521–534, 2002.
protocols that can defend against undetected attacks or [21] Y. W. Law, J. Doumen, and P. Hartel, “Benchmarking block ciphers for
node compromise are highly desirable. wireless sensor networks,” in Proc. IEEE International Conf. Mobile
Ad-hoc Sensor Systems, 2004, pp. 447–456.
• Security and QoS: Most current security studies focus [22] Y. W. Law, J. Doumen, and P. Hartel,“Survey and benchmark of block
on individual topics of security issues. However, security ciphers for wireless sensor networks,” ACM Trans. Sensor Networks,
overhead will degrade other performances of WSNs. The vol. 2, pp. 65–93, 2006.
[23] D. Malan, “Crypto for tiny objects,” Harvard University TR-04-04,
tradeoff between security and QoS needs to be evaluated. 2004.
• Base station protection: Most approaches assume the [24] G. Gaubatz, J.-P. Kaps, E. Ozturk, and B. Sunar, “State of the art in
base station is secure and robust enough. However, in public-key cryptography for wireless sensor networks,” in Proc. 3rd
IEEE International Conf. Pervasive Computing Commun. Workshops
some special application environment, such as battlefield (PERCOMW), 2005, pp. 146–150.
surveillance, base stations may be easy to be destroyed or [25] D. J. Malan, M. Welsh, and M. D. Smith, “A public-key infrastructure
attacked. Under such conditions, base station protection for key distribution in tinyOS based on elliptic curve cryptography,” in
and the other issues that are introduced by the base station Proc. 1st IEEE International Conf. Sensor Ad Hoc Commun. Networks
SECON, 2004, pp. 71–80.
protection must be carefully investigated. [26] G. Gaubatz, J.-P. Kaps, and B. Sunar, “Public key cryptography in
sensor networks-revisited,” in Proc. 1st European Workshop Security
Ad-Hoc Sensor Networks (ESAS), 2004.
R EFERENCES [27] M. Bohge and W. Trappe, “An authentication framework for hierarchi-
cal ad hoc sensor networks,” in Proc. ACM Workshop Wireless Security,
[1] D. Estrin, R. Govindan, J. Heidemann, and S. Kumar, “Next century 2003, pp. 79–87
challenges: Scalable coordination in sensor networks,” in Proc. Inter- [28] C. Karlof, N. Sastry, and D. Wagner, “TinySec: A link layer security
national Conf. Mobile Computing Networking, 1999, pp. 263–270. architecture for wireless sensor networks,” in Proc. 2nd International
[2] J. W. Gardner, V. Varadan, and O. Awadelkarim, Microsensors, MEMS Conference on Embedded Networked Sensor Systems, 2004, pp. 162–
and Smart Devices. New York: Wiley, 2001. 175
[3] J. Hill, R. Szewczyk, A. Woo, S. Hollar, D. Culler, and K. Pister, “Sys- [29] S. Schmidt, H. Krahn, S. Fischer, and D. Watjen, “A security archi-
tem architecture directions for network sensors,” in Proc. ASPLOS-IX, tecture for mobile wireless sensor networks,” in Proc. 1st European
2000. Workshop Security Ad-Hoc Sensor Networks (ESAS), 2004.
[4] J. M. Kahn, R. H. Katz, and K. S. J. Pister, “Next century challenges: [30] K. Yuksel, J.-P. Kaps, and B. Sunar, “Universal hash functions for
Mobile networking for “smart dust,” in Proc. International Conf. emerging ultra-low-power networks," in Proc. Commun. Networks
Mobile Computing Networking, 1999, pp. 271–278. Distributed Systems Modeling Simulation Conf. (CNDS), 2004.
[5] I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “A survey [31] I. C. Technology, “MICA2: Wireless Measurement System.”
on sensor networks,” IEEE Commun. Mag., vol. 40, pp. 102–114, 2002. [32] S. A. Camtepe and B. Yener, “Key distribution mechanisms for wireless
[6] E. Shi and A. Perrig, “Designing secure sensor networks,” IEEE sensor networks: A survey,” Computer Science Department at RPI
Commun. Mag., vol. 11, pp. 38–43, 2004. Tech, Rep. TR-05-07, 2005.
[7] D. Djenouri, L. Khelladi, and N. Badache, “A survey of security [33] L. Eschenauer and V. D. Gligor, “A key-management scheme for dis-
issues in mobile ad hoc and sensor networks,” IEEE Commun. Surveys tributed sensor networks,” in Proc. Conf. Computer Commun. Security,
Tutorials, vol. 7, pp. 2–28, 2005. 2002, pp. 41–47.

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY
[34] W. Du, J. Deng, Y. S. Han, and P. K. Varshney, “A pairwise key
predistribution scheme for wireless sensor networks,” ACM Trans.
Inform. System Security (TISSEC), vol. 8, pp. 228–258, 2005.
[35] D. Liu, P. Ning, and R. Li, “Establishing pairwise keys in distributed
sensor networks,” ACM Trans. Inform. System Security (TISSEC), vol.
8, pp. 41–77, 2005.
[36] F. Delgosha and F. Fekri, “Threshold key-establishment in distributed
sensor networks using a multivariate scheme,” in Proc. IEEE INFO-
COM, 2006.
[37] S. Zhu, S. Xu, S. Setia, and S. Jajodia, “Establishing pairwise keys for
secure communication in ad hoc networks: A probabilistic approach,”
in Proc. 11th IEEE International Conf. Network Protocols Center
Secure Inf. Syst., 2003, pp. 326–335.
[38] R. D. Pietro, L. V. Mancini, and A. Mei, “Random key assignment for
secure wireless sensor networks,” in Proc. 1st ACM Workshop Security
Ad hoc Sensor Networks, 2003, pp. 62–71
[39] F. Anjum, “Location dependent key management using random key-
predistribution in sensor networks,” in Proc. 5th ACM Workshop on
Wireless Security, 2006, pp. 21–30
[40] W. Du, J. Deng, Y. S. Han, S. Chen, and P. K. Varshney, “A key
management scheme for wireless sensor networks using deployment
knowledge,” in Proc. IEEE INFOCOM, 2004
[41] D. Huang, M. Mehta, D. Medhi, and L. Harn, “Location-aware key
management scheme for wireless sensor networks,” in Proc. 2nd ACM
Sorkshop on Security of Ad hoc and Sensor Networks, 2004, pp. 29–42
[42] D. Liu and P. Ning, “Location-based pairwise key establishments for
static sensor networks,” in Proc. 1st ACM Workshop on Security of Ad
hoc and Sensor Networks, 2003, pp. 72–82.
[43] H. Yang, F. Ye, Y. Yuan, S. Lu, and W. Arbaugh, “Toward resilient
security in wireless sensor networks,” in Proc. 6th ACM International
Symposium Mobile Ad hoc Networking Computing (MOBIHOC), 2005,
pp. 34–45
[44] H. Chan and A. Perrig, “PIKE: Peer intermediaries for key establish-
ment,” in Proc. IEEE INFOCOM, 2005.
[45] S. Zhu, S. Setia, and S. Jajodia, "LEAP: Efficient security mechanisms
for large-scale distributed sensor hetworks,” in Proc. 10th ACM Conf.
Computer Commun. Security, 2003 pp. 62–72.
[46] L. Zhou, J. Ni, and C. V. Ravishankar, “Supporting secure communi-
cation and data collection in mobile sensor networks,” in Proc. IEEE
INFOCOM, 2006.
[47] J. Lee and D. R. Stinson, “Deterministic key predistribution schemes
for distributed sensor networks.” vol. 3357/2004: Springer Berlin /
Heidelberg, 2004, pp. 294–307.
[48] J. Lee and D. R. Stinson, “A combinatorial approach to key predistribu-
tion for distributed sensor networks,” in Proc. IEEE Wireless Commun.
Networking Conf., 2005, vol. 2, pp. 1200–1205.
[49] Q. Huang, J. Cukier, H. Kobayashi, B. Liu, and J. Zhang, “Fast
authenticated key establishment protocols for self-organizing sensor
networks,” in Proc. 2nd ACM International Conf. Wireless Sensor
Networks Applications, 2003, pp. 141–150.
[50] J. Zachary, “A decentralized approach to secure group membership test-
ing in distributed sensor networks,” in Proc. IEEE Military Commun.
Conf., 2003.
[51] R. Dutta and S. Mukhopadhyay, “Improved self-healing key distri-
bution with revocation in wireless sensor network,” in Proc. IEEE
Wireless Commun. Networking Con.(WCNC), 2007, pp. 2963–2968.
[52] W. Du, R. Wang, and P. Ning, “An efficient scheme for authenticating
public keys in sensor networks,” in Proc. 6th ACM International
Symposium Mobile Ad Hoc Networking Computing (MobiHoc), 2005.
[53] C.-H. Huang and D. Du, “New constructions on broadcast encryption
and key pre-distribution schemes,” in Proc. IEEE INFOCOM, 2005.
[54] W. Zhang and G. Cao, “Group rekeying for filtering false data in sensor
networks: A predistribution and local collaboration-based approach,” in
Proc. IEEE INFOCOM, 2005.
[55] R. Anderson, H. Chan, and A. Perrig, “Key infection: Smart trust for
smart dust,” in Proc. 12th IEEE International Conf. Network Protocols
(ICNP), 2004.
[56] M. J. Miller and N. H. Vaidya, “Leveraging channel diversity for key
establishment in wireless sensor networks,” in Proc. IEEE INFOCOM,
2006.
[57] M. Chorzempa, J. M. Park, and M. Eltoweissy, “SECK: Survivable and
efficient keying in wireless sensor networks,” in Proc. IEEE Workshop
Information Assurance Wireless Sensor Networks, (WSNIA), 2005.
[58] M. Eltoweissy, M. Younis, and K. Ghumman, “Lightweight key man-
agement for wireless sensor networks,” in Proc. IEEE International
Conf. Performance, Computing, Commun., 2004, pp. 813–818.
Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
71
[59] Y.-S. Jeong, B.-K. Lee, and S.-H. Lee, “An efficient key management
scheme for secure sensor networks,” in Proc. 6th IEEE International
Conf. Computer Inform. Technol. (CIT), 2006, p. 228.
[60] G. Jolly, M. Kuscu, P. Kokate, and M. Youni, “A low-energy key
nanagement protocol for wireless sensor networks,” in Proc. 8th
International Symposium Computers Commun. (ISCC), 2003, vol. 1,
pp. 335–340.
[61] M. F. Younis, K. Ghumman, and M. Eltoweissy, “Location-aware
combinatorial key management scheme for clustered sensor networks,”
IEEE Trans. Parallel Distrib. Syst., vol. 17, pp. 865–882, 2006.
[62] P. Traynor, H. Choi, G. Cao, S. Zhu, and T. L. Porta, “Establishing
pair-wise keys in heterogeneous sensor networks,” in Proc. IEEE
INFOCOM, 2006.
[63] I.-H. Chuang, W.-T. Su, C.-Y. Wu, J.-P. Hsu, and Y.-H. Kuo, “Two-
layered dynamic key management in mobile and long-lived cluster-
based wireless sensor networks,” in Proc. IEEE Wireless Commun.
Networking Conf. (WCNC), 2007, pp. 4145–4150.
[64] S. Basagni, K. Herrin, D. Bruschi, and E. Rosti, “Secure pebblenets,”
in Proc. 2nd ACM International Symposium on Mobile Ad hoc Net-
working Computing, 2001, pp. 156–163.
[65] R. D. Pietro, L. V. Mancini, Y. W. Law, S. Etalle, and P. J. M.
Havinga, “LKHW: A directed diffusion-based secure multicast scheme
for wireless sensor networks,” in Proc. International Conf. Parallel
Processing Workshops, 2003, pp. 397–406.
[66] R. Anderson and M. Kuhn, “Tamper resistance - A cautionary note,” in
Proc. 2nd USENIX Workshop Electronic Commerce, 1996, pp. 1–11.
[67] R. Blom, “An optimal class of symmetric key generation systems,”
in Proc. EUROCRYPT 84 Workshop Advances Cryptology. New York:
Springer-Verlag 1985, pp. 335–338.
[68] B. Dutertre, S. Cheung, and J. Levy, “Lightweight key management in
wireless sensor networks by leveraging Initial trust,” System Design
Laboratory 2004.
[69] X. Chen, K. Makki, K. Yen, and N. Pissinou, “Node compromise
modeling and its applications in sensor networks,” in Proc. IEEE
Symposium Computers Communications (ISCC), 2007.
[70] Y. Hu, A. Perrig, and D. Johnson, “Packet leashes: A defense against
wormhole attacks in wireless ad hoc networks,” in Proc. IEEE INFO-
COM, 2003.
[71] W. Wang and B. Bhargava, “Visualization of wormholes in sensor
networks,” in Proc. 3rd ACM Workshop Wireless Security, 2004, pp.
51–60.
[72] B. Parno, A. Perrig, and V. Gligor, “Distributed detection of node
replication attacks in sensor networks,” in Proc. IEEE Symposium
Security and Privacy, 2005, pp. 49–63.
[73] M. Li, I. Koutsopoulos, and R. Poovendran, “Optimal jamming attacks
and network defense policies in wireless sensor networks,” in Proc.
IEEE INFOCOM, 2007, pp. 1307–1315.
[74] C. Jaikaeo, C. Srisathapornphat, and C.-C. Shen, “Diagnosis of sensor
networks,” in Proc. IEEE International Conf. Commun., 2001, vol. 5,
pp. 1627–1632.
[75] J. Staddon, D. Balfanz, and G. Durfee, “Efficient tracing of failed
nodes in sensor networks,” in Proc. 1st ACM International Workshop
Wireless Sensor Networks Applications, 2002, pp. 122–130
[76] G. Wang, W. Zhang, and G. Cao, “On supporting distributed collab-
oration in sensor networks,” in Proc. IEEE Military Communi. Conf.,
2003, vol. 2, pp. 752–757.
[77] S. Marti, T. Giuli, K. Lai, and M. Baker, “Mitigating routing misbe-
havior in mobile ad hoc networks,” in Proc. 6th Annual International
Conference Mobile Computing Networking, 2000, pp. 255–265
[78] M. Ding, D. Chen, K. Xing, and X. Cheng, “Localized fault-tolerant
event boundary detection in sensor networks,” in Proc. IEEE INFO-
COM, 2005, vol. 2, pp. 902–913
[79] B. Krishnamachari and S. Iyengar, “Distributed Bayesian algorithms
for fault-tolerant event region detection in wireless sensor networks,”
IEEE Trans. Comput., vol. 53, pp. 241–250, 2004.
[80] T. Palpanas, D. Papadopoulos, V. Kalogeraki, and D. Gunopulos,
“Distributed deviation detection in sensor networks,” ACM SIGMOD
Record, vol. 32, pp. 77–82, 2003.
[81] F. Liu, X. Cheng, and D. Chen, “Insider attacker detection in wireless
sensor networks,” in Proc. IEEE INFOCOM, 2007, pp. 1937–1945.
[82] P. Michiardi and R. Molva, “Core: A collaborative reputation mecha-
nism to enforce node cooperation in mobile ad hoc networks,” in Proc.
Advanced Commun. Multimedia Security, 2002, pp. 107–121.
[83] S. Buchegger and J.-Y. L. Boudec, “Nodes bearing grudges: Towards
routing security, fairness, and robustness in mobile ad hoc networks,” in
Proc. 10th Euromicro Workshop Parallel, Distributed Network-Based
Processing, 2002, pp. 403–410.
72 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 11, NO. 2, SECOND QUARTER 2009

[84] P. Michiardi and R. Molva, “Simulation-based analysis of security [107] K.-S. Hung, K.-S. Lui, and Y.-K. Kwok, “A trust-based geographical
exposures in mobile ad hoc networks,” in Proc. European Wireless routing scheme in sensor networks,” in Proc. IEEE Wireless Commun.
2002: Next Generation Wireless Networks: Technologies, Protocols, Networking Conf. (WCNC), 2007, pp. 3123–3127.
Services Applications, 2002. [108] M. Tubaishat, J. Yin, B. Panja, and S. Madria, “A secure hierarchical
[85] L. Blazevic, L. Buttyan, S. Capkun, S. Giordano, J.-P. Hubaux, and model for sensor network,” ACM SIGMOD Record, vol. 33, pp. 7–13,
J.-Y. L. Boudec, “Self-organization in mobile ad hoc networks: The 2004.
approach of terminodes,” IEEE Commun. Mag., vol. 39, pp. 166–174, [109] D. Liu and P. Ning, “Efficient distribution of key chain commitments
2001. for broadcast authentication in distributed sensor networks,” in Proc.
[86] L. Buttyan and J.-P. Hubaux, “Nuglets: A virtual currency to stimulate 10th Annual Network Distributed System Security Symposium (NDSS),
cooperation in self-organized mobile ad hoc networks,” Swiss Federal 2003, pp. 263–276.
Institute of Technology 2001. [110] S. S. Al-Wakeel and S. A. AL-Swailem, “PRSA: A path redundancy
[87] S. Zhong, J. Chen, and Y. R. Yang, “Sprite: A simple, cheat-proof, based security algorithm for wireless sensor networks,” in Proc. IEEE
credit-based system for mobile ad hoc networks,” in Proc. IEEE Wireless Commun. Networking Conf. (WCNC), 2007, pp. 4156–4160.
INFOCOM, 2003, vol. 3, pp. 1987–1997 [111] D. An and H. Cam, “Route recovery with one-hop broadcast to
[88] A. Seshadri, A. Perrig, L. v. Doorn, and P. Khosla, “SWATT: SoftWare- bypass compromised nodes in wireless sensor networks,” in Proc. IEEE
based ATTestation for embedded devices,” in Proc. IEEE Symposium Wireless Commun. Networking Conf. (WCNC), 2007, pp. 2495–2500.
Security Privacy, 2004, pp. 272–282. [112] Y. Jian, S. Chen, Z. Zhang, and L. Zhang, “Protecting receiver-location
privacy in wireless sensor networks,” in Proc. IEEE INFOCOM, 2007,
[89] A. Seshadri, M. Luk, A. Perrig, L. v. Doorn, and P. Khosla, “SCUBA:
pp. 1955–1963.
Secure code update by attestation in sensor networks,” in Proc. 5th
ACM Workshop Wireless Security, 2006, pp. 85–94. [113] J. Yin and S. Madria, “SecRout: A secure routing protocol for sensor
networks,” in Proc. 20th International Conf. Advanced Information
[90] R. Sailer, X. Zhang, T. Jaeger, and L. v. Doorn, “Design and im- Networking Applications (AINA), 2006, vol. 1, pp. 393–398.
plementation of a TCG-based integrity measurement architecture,” in
[114] S. Capkun and J.-P. Hubaux, “Secure positioning of wireless devices
Proc. 13th USENIX Security Symposium, vol. 13, IBM T. J. Watson
with application to sensor networks,” in Proc. INFOCOM, 2005, vol.
Research Center, 2004.
3, pp. 1917–1928
[91] C. Krauss, F. Stumpf, and C. Eckert, “Detecting node compromise in [115] L. Lazos and R. Poovendran, “SeRLoc: Secure range-independent
hybrid wireless sensor networks Using attestation techniques,” in Proc. localization for wireless sensor networks,” in Proc. 3rd ACM Workshop
Security and Privacy in Ad-hoc and Sensor Networks, vol. 4572/2007. Wireless Security, 2004, pp. 21–30.
Springer: Berlin/Heidelberg, 2007. [116] N. Sastry, U. Shankar, and D. Wagner, “Secure verification of location
[92] T. Martin, M. Hsiao, D. Ha, and J. Krishnaswami, “Denial-of-service claims,” in Proc. 2nd ACM Workshop Wireless Security, 2003, pp. 1–
attacks on battery-powered mobile computers,” in Proc. 2nd IEEE 10.
Annual Conf. Pervasive Computing Commun. (PerCom), 2004, pp. [117] Z. Li, W. Trappe, Y. Zhang, and B. Nath, “Robust statistical methods
309–318. for securing wireless localization in sensor networks,” in Proc. 4th
[93] J. M. McCune, E. Shi, A. Perrig, and M. K. Reiter, “Detection of International Symposium Information Processing in Sensor Networks,
denial-of-message attacks on sensor network broadcasts,” in Proc. 2005.
IEEE Symposium Security Privacy, 2005, pp. 64–78. [118] S. Capkun, M. Cagalj, and M. Srivastava, “Secure localization with
[94] A. A. Pirzada and C. McDonald, “Secure routing with the AODV hidden and mobile base stations,” in Proc. IEEE INFOCOM, 2006.
protocol,” in Proc. Asia -Pacific Conf. Commun., 2005. [119] Y. Chen, W. Trappe, and R. P. Martin, “Attack detection in wireless
[95] S. Bhargava and D. P. Agrawal, “Security enhancements in AODV localization,” in Proc. IEEE INFOCOM, 2007.
protocol for wireless ad hoc networks," in Proc. 54th IEEE Vehicular [120] J. Hwang, T. He, and Y. Kim, “Detecting phantom nodes in wireless
Technology Conference, 2001, vol. 4, pp. 2143–2147. sensor networks,” in Proc. IEEE INFOCOM, 2007, pp. 2391–2395.
[96] H. Luo, J. Kong, P. Zerfos, S. Lu, and L. Zhang, “URSA: Ubiquitous [121] D. Liu, P. Ning, and W. Du, “Detecting malicious beacon nodes for
and robust access control for mobile ad hoc networks,” IEEE/ACM secure location discovery in wireless sensor networks,” in Proc. 25th
Trans. Networking, vol. 12, pp. 1049–1063, 2004. International Conf. Distributed Computing Systems (ICDCS), 2005, pp.
[97] K. Sanzgiri, B. Dahill, B. N. Levine, C. Shields, and E. M. Belding- 609–619.
Royer, “A secure routing protocol for ad hoc networks,” in Proc. 10th [122] D. Liu, P. Ning and W. Du, “Attack-resistant location estimation in
IEEE International Confe. Network Protocols, 2002, pp. 78–87. sensor networks," in Proc. 4th International Symposium Information
[98] P. Papadimitratos and Z. J. Haas, “Secure routing for mobile ad Processing Sensor Networks, 2005, pp. 99- 106.
hoc networks,” in Proc. SCS Commun. Networks Distributed Systems [123] L. Fang, W. Du, and P. Ning, “A beacon-less location discovery scheme
Modeling Simulation Conf., 2002 for wireless sensor networks,” in Proc. IEEE INFOCOM, 2005.
[99] B. Awerbuch, D. Holmer, C. Nita-Rotaru, and H. Rubens, “An on- [124] W. Du, L. Fang and P. Ning, “LAD: Localization anomaly detection for
demand secure routing protocol resilient to byzantine failures,” in Proc. wireless sensor networks,” in Proc. 19th IEEE International Parallel
ACM Workshop on Wireless Security, 2002, pp. 21–30. Distributed Processing Symposium, 2005, pp. 41a–41a.
[125] S. Brands and D. Chaum, “Distance-bounding protocols,” in Proc.
[100] A. Woo, T. Tong, and D. Culler, “Taming the underlying challenges of
Adv. Cryptology - EUROCRYPT ’93: Workshop Theory Application
reliable multihop routing in sensor networks," in Proc. 1st International
Cryptographic Techniques, vol. 765/1994. Springer Berlin / Heidelberg,
Conf. Embedded Networked Sensor Systems, 2003, pp. 14–27.
1994, pp. 344–359.
[101] J. Deng, R. Han, and S. Mishra, “INSENS: Intrusion-tolerant routing in
[126] L. Hu and D. Evans, “Secure aggregation for wireless networks,” in
wireless sensor networks,” Computer Commun., vol. 29, pp. 216–230
Proc. Symposium Applications Internet Workshops, 2003, pp. 384–391.
2006.
[127] J. Deng, R. Han, and S. Mishra, “Security support for in-network
[102] J. Deng, R. Han, and S. Mishra, “Enhancing base station security in processing in wireless sensor networks,” in Proc. 1st ACM Workshop
wireless sensor networks,” University of Colorado Technical Report, Security Ad hoc Sensor Networks, 2003, pp. 83–93.
CU-CS-951-03, 2003. [128] W. Du, J. Deng, Y. S. Han, and P. K. Varshney, “A witness-based
[103] J. Deng, R. Han, and S. Mishra, “A performance evaluation of intrusion approach for data fusion assurance in wireless sensor networks,” in
tolerant routing in wireless sensor networks,” in Proc. 2nd International Proc. IEEE Global Telecommun. Conf., 2003, vol. 3, pp. 1435–1439
Workshop Information Processing Sensor Networks (IPSN), 2003, pp. [129] B. Przydatek, D. Song, and A. Perrig, “SIA: Secure information
349–363. aggregation in sensor networks,” in Proc. 1st International Conf.
[104] C. Karlof, Y. Li, and J. Polastre, “ARRIVE: Algorithm for robust Embedded Networked Sensor Systems, 2003, pp. 255–265.
routing in volatile environments,” Technical Report UCB/CSD-03- [130] S. Zhu, S. Setia, S. Jajodia, and P. Ning, “An interleaved hop-by-
1233, University of California at Berkeley, 2002. hop authentication scheme for filtering of injected false data in sensor
[105] A. D. Wood, L. Fang, J. A. Stankovic, and T. He, “SIGF: A family of networks,” in Proc. IEEE Symposium Security Privacy, 2004, pp. 259–
configurable, secure routing protocols for wireless sensor networks,” in 271.
Proc. 4th ACM Workshop Security of Ad hoc Sensor Networks, 2006, [131] H. Vogt, “Exploring message authentication in sensor networks,”
pp. 35–48 in Proc. 1st European Workshop Security Ad-Hoc Sensor Networks
[106] Z. Cao, J. Hu, Z. Chen, M. Xu, and X. Zhou, “Feedback: Towards (ESAS), 2004.
dynamic behavior and secure routing for wireless sensor networks,” [132] Z. Yu and Y. Guan, “A dynamic en-route scheme for filtering false
in Proc. 20th International Conf. Advanced Information Networking data injection in wireless sensor networks,” in Proc. IEEE INFOCOM,
Applications (AINA), 2006, vol. 2, pp. 160–164. 2006.

Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
CHEN et al.: SENSOR NETWORK SECURITY: A SURVEY
[133] F. Ye, H. Luo, S. Lu, and L. Zhang, “Statistical en-route filtering of
injected false data in sensor networks,” IEEE J. Select. Areas Commun.,
vol. 23, pp. 839–850, 2005.
[134] D. Wagner, “Resilient aggregation in sensor networks,” in Proc. 2nd
ACM Workshop Security Ad hoc Sensor Networks, 2004, pp. 78–87.
[135] J. Girao, D. Westhoff, and M. Schneider, “CDA: Concealed data
aggregation in wireless sensor networks,” in Proc. ACM WiSe, 2004.
[136] S. Peter, K. Piotrowski, and P. Langendoerfer, “On concealed data
aggregation for WSNs,” in Proc. 4th IEEE Consumer Communi.
Networking Conf. (CCNC), 2007, pp. 192–196.
[137] J. Domingo-Ferrer, “A provably secure additive and multiplicative
privacy homomorphism” in Proc. Information Security Conf., 2002,
pp. 471–483.
[138] R. L. Rivest, L. Adleman, and M. L. Dertouzos, “On data banks and
privacy homomorphisms,” in Proc. Foundations Secure Computation,
1978, pp. 169–179.
[139] D. Wagner, “Cryptanalysis of an algebraic privacy homomorphism,” in
Proc. 6th Information Security Conf. (ISC), 2003.
[140] C. Castelluccia, E. Mykletun, and G. Tsudik, “Efficient aggregation of
encrypted data in wireless sensor networks,” in Proc. 2nd International
Conf. Mobile Ubiquitous Systems: Networking Services (MobiQuitous),
2005, pp. 109–117.
[141] Y. W. Law, S. Etalle, and P. H. Hartel, “Assessing security in energy-
efficient sensor networks,” in Proc. 18th IFIP TC11 Int. Conf. Infor-
mation Security Privacy Age Uncertainty (SEC), 2003, pp. 459–463.
[142] Y. W. Law, S. Dulman, S. Etalle, and P. Havinga, “Assessing security-
critical energy-efficient sensor networks,” Univ. of Twente, The Nether-
lands, Tech. Rep. TR-CTIT-02-18 2002.
[143] X. Li and D. Yang, “A quantitative survivability evaluation model
for wireless sensor networks,” in Proc. IEEE International Conf.
Networking, Sensing Control (ICNSC), 2006, pp. 727–732.
[144] D. S. Kim, S. KM, and J. S. Park, “A framework of survivability
model for wireless sensor network,” in Proc. 1st International Conf.
Availability, Reliability Security (ARES), 2006, pp. 515–522.
[145] S. Kumar, R. Valdez, O. Gomez, and S. Bose, “Survivability evaluation
of wireless sensor network under DDoS attack,” in Proc. International
Conf. Networking; International Conf. Systems; International Conf.
Mobile Commun. Learning Technologies (ICN/ICONS/MCL), 2006, pp.
23–29.
[146] G. W. Skelton and A. Holton, “Survivability in wireless sensor net-
works,” in Proc. IEEE SoutheastCon, 2006, pp. 341-341.
[147] Y. L. Sun, Z. Han, W. Yu, and K. J. R. Liu, “A trust evaluation
framework in distributed networks: Vulnerability analysis and defense
against attacks,” in Proc. IEEE INFOCOM, 2006.
[148] G. V. Crosby and N. Pissinou, “Cluster-based reputation and trust
Authorized licensd use limted to: IE Xplore. Downlade on May 13,20 at 1:423 UTC from IE Xplore. Restricon aply.
73
for wireless sensor networks,” in Proc. 4th IEEE Consumer Commun.
Networking Conf. (CCNC), 2007, pp. 604–608.
[149] K. Ren, W. Lou, and Y. Zhang, “LEDS: Providing location-aware
end-to-end data security in wireless sensor networks,” in Proc. IEEE
INFOCOM, 2006.
[150] M. Shao, S. Zhu, W. Zhang, and G. Cao, “pDCS: Security and privacy
support for data-centric sensor networks,” in Proc. IEEE INFOCOM,
2007, pp. 1298–1306.
[151] P. Winter and M. Zachariasen, “Euclidean steiner minimum trees: An
improved exact algorithm,” Networks, vol. 30, pp. 149–166, 1997.
[152] B. H. Bloom, “Space/time trade-offs in hash coding with allowable
errors,” Commun. ACM, vol. 13, no. 7, pp. 422–426, 1970.
Xiangqian Chen received his PhD at the Department of Electrical and
Computer Engineering, Florida International University in December 2007.
His research interests include wireless and mobile computing, wireless
communications, network security, and ad hoc and sensor networks.
Kia Makki is a full professor of Telecommunications and Information Tech-
nology Institute at Florida International University, USA. He received the PhD
degree in Computer Science from the University of California, Davis in 1988.
His current research interests include computer and information security,
wireless communication, and security for ad hoc and sensor networks. He
has served in different capacities for various journals and conferences.
Kang Yen is a full professor and the chairperson of the Electrical and
Computer Engineering department at Florida International University. He
received the PhD degree from Vanderbilt University in 1985. His research
interests include system modeling and simulation, control theory, parallel
processing, microprocessor and AI applications.
Niki Pissinou is a full professor and the director of the Telecommunications
and Information Technology Institute at Florida International University, USA.
Her current research interests include computer and information security,
wireless communication, and mobile computing.