Using FIRE & ICE for detecting and recovering compromised nodes in sensor networks

This paper presents a suite of protocols called FIRE (Forgery-resilient Intrusion detection, Recovery, and Establishments of keys), for detecting and recovering compromised nodes in sensor networks. FIRE consists of two protocols: an intrusion detection and code update protocol, and a cryptographic key update protocol. In concert, the FIRE protocols enable us to design a sensor network that can always detect compromised nodes (no false negatives), and either repair them through code updates and set up new cryptographic keys, or revoke the compromised nodes from the network. The FIRE protocols are based on ICE (Indisputable Code Execution), a mechanism providing externally verifiable code execution on off-the-shelf sensor nodes. ICE gives the following two properties: 1) the locations in memory from where the code is currently executing on a sensor node, matches memory locations being verified and 2) the memory contents being verified are correct. Together, these two properties guarantee that the code currently executing on the sensor node is correct. The FIRE protocols represent a significant step towards designing secure sensor networks. As far as we are aware, there are no techniques for intrusion detection in adhoc and sensor networks that do make any false negative claims. Also, we do not know of any existing techniques that can automatically recover compromised sensor nodes. We present an implementation of our FIRE protocols and ICE on current off-the-shelf sensor devices. This research was supported in part by the CyLab at Carnegie Mellon under grant DAAD19-02-1-0389 from the Army Research Office, and grant CAREER CNS-0347807 from NSF, and by gifts from Bosch and IBM. The views and conclusions contained here are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either express or implied, of ARO, Bosch, Carnegie Mellon University, IBM, NSF, or the U.S. Government or any of its agencies.