Since sensor applications are implemented in embedded computer systems, cyber attacks that compromise regular computer systems via exploiting memory-related vulnerabilities present similar threats to sensor networks. However, the paper shows that memory fault attacks in sensors are not the same as in regular computers due to sensor's hardware and software architecture. In contrast to worm attacks, mal-code carried by exploiting packets cannot be executed in sensors built upon Harvard architecture. Therefore, the paper proposes a range of attack approaches to illustrate that a mal-packet, which only carries specially crafted data, can exploit memory-related vulnerabilities and utilize existing application code in a sensor to propagate itself without disrupting the sensor's functionality. The paper shows that such a mal-packet can have as few as 17 bytes. A prototype of a 27-byte mal-packet has been implemented and tested in Mica2 sensors. Simulation shows that the propagation pattern of such a mal-packet in a sensor network is very different from worm propagation. Mal-packets can either quickly take over the whole network or hardly propagate under different traffic situations. The paper also develops two defense schemes (S2Guard and S2Shuffle) based on existing defense techniques to protect sensor applications. The analysis shows that they only incur a little overhead and can stop the propagation of mal-packets. (c) 2010 Elsevier Ltd. All rights reserved.
