Typical packet traffic in a sensor network reveals pronounced patterns that allow an adversary analyzing packet traffic to deduce the location of a base station. Once discovered, the base station can be destroyed, rendering the entire sensor network inoperative, since a base station is a central point of data collection and hence failure. This paper investigates a suite of decorrelation countermeasures aimed at disguising the location of a base station against traffic analysis attacks. A set of basic countermeasures is described, including hop-by-hop reencryption of the packet to change its appearance, imposition of a uniform packet sending rate, and removal of correlation between a packet's receipt time and its forwarding time. More sophisticated countermeasures are described that introduce randomness into the path taken by a packet. Packets may also fork into multiple fake paths to further confuse an adversary. A technique is introduced to create multiple random areas of high communication activity called hot spots to deceive an adversary as to the true location of the base station. The effectiveness of these countermeasures against traffic analysis attacks is demonstrated analytically and via simulation using three evaluation criteria: total entropy of the network, total overhead/energy consumed, and the ability to frustrate heuristic-based search techniques to locate a base station.
- Sensor network security
- Traffic analysis