Mitigating Resource-Draining DoS Attacks on Broadcast Source Authentication on Wireless Sensors Networks

During the few last years, several broadcast source authentication protocols (BSAPs) were proposed for wireless sensors network (WSN), to secure broadcast communications. Amongst the proposed protocols, we find time-asymmetry based BSAPs, that achieve delayed authentication of broadcasted data, and are known for their low computation and transmission overheads. However, time-asymmetry based BSAPs suffer from a kind of DoS attacks, called resource-draining DoS attack, in which an attacker floods the network with fake messages, that all sensors of the network buffer and forward, then later verify, thus causing buffer overflow and batteries depletion. In this paper we investigate resource-draining DoS attack in time-asymmetry based BSAPs, and propose a new time asymmetry based BSAP protocol, to overcome this kind of DoS attacks, by achieving a hop-by-hop authentication of broadcasted messages, thus limiting the damage of an attacker to its one-hop neighbors only, instead of the entire network.