Zhenhua Liu,Wenyuan Xu

DOI: https://doi.org/10.1007/s11276-011-0403-2

IF: 2.701

2011-01-01

Wireless Networks

Abstract:The viability and success of wireless sensor networks critically hinge on the ability of a small number of sinks to glean sensor data throughout the networks. Thus, the locations of sinks are critically important. In this paper, we examine the sink location privacy problem from both the attack and defense perspectives. First, we examine resource-constrained adversaries who can only eavesdrop the network at their vicinities. To determine the sink location, they can launch a Zeroing-In attack by leveraging the fact that several network metrics are 2-dimensional functions in the plane of the network, and their values minimize at the sink. Thus, determining the sink location is equivalent to finding the minima of those functions. We demonstrate that by obtaining the hop counts or the arrival time of a broadcast packet at a few spots in the network, the adversaries are able to determine the sink location with the accuracy of one radio range, which is sufficient to disable the sink by launching jamming attacks, for example. To cope with the Zeroing-In attacks, we present a directed-walk-based routing scheme and show that the defense strategy is effective in deceiving adversaries at little energy costs.

George W. Kibirige,Camilius Sanga

DOI: https://doi.org/10.48550/arXiv.1505.01941

2015-05-08

Cryptography and Security

Abstract:Wireless Sensor Network (WSN) consists of large number of low-cost, resource-constrained sensor nodes. The constraints of the wireless sensor node is their characteristics which include low memory, low computation power, they are deployed in hostile area and left unattended, small range of communication capability and low energy capabilities. Base on those characteristics makes this network vulnerable to several attacks, such as sinkhole attack. Sinkhole attack is a type of attack were compromised node tries to attract network traffic by advertise its fake routing update. One of the impacts of sinkhole attack is that, it can be used to launch other attacks like selective forwarding attack, acknowledge spoofing attack and drops or altered routing information. It can also used to send bogus information to base station. This paper is focus on exploring and analyzing the existing solutions which used to detect and identify sinkhole attack in wireless sensor network. The analysis is based on advantages and limitation of the proposed solutions.

Mona R, Manoranjitham R

DOI: https://doi.org/10.52783/jes.1270

2024-04-04

Abstract:A wireless sensor network (WSN) uses uniformly deployed and positioned sensors to regularly send sensed data to a centralized station. Sinkhole attacks, in which a malicious node draws packets from other legitimate sensor devices and drops them, are the main danger to the WSN network layer and continue to be a difficult problem on wireless sensor networks. Security becomes a major issue since these networks have limited assets including less memory, less energy, and less transmission capacity. Additionally, given the dynamic context in which they are deployed, they are vulnerable to a variety of Denial of Service (DoS) assaults, including wormhole, sinkhole, and black hole attacks. The most dangerous routing attack at the network layer is known as a "sinkhole assault," which directs all network traffic onto a fake path by sending false information under the impression that it is the quickest one to the server. We explore sinkhole attacks to prevent them, and this work proposes a method of detection based on the redundancy process. Messages are transmitted across multiple paths to the suspicious nodes. Upon a thorough evaluation of the response, the attacked nodes are ultimately verified. Finally, a simulation is run to evaluate the method's efficacy. Furthermore, the simulation indicates that the strategy might be somewhat successful. Finally, it draws attention to difficulties and offers a prospective viewpoint for identifying sinkhole attacks.

Zhenhua Liu,Wenyuan Xu

DOI: https://doi.org/10.1145/1741866.1741883

2010-01-01

Abstract:The locations of base stations are critically important to the viability of wireless sensor networks. In this paper, we examine the location privacy problem from both the attack and defense sides. We start by examining adversaries targeting at identifying the sink location using minimum amount of resources. In particular, they launch a Zeroing-In attack lever-aging the fact that several network metrics are 2-dimensional functions in the plane of the network and their values minimize at the sink. Thus, determining the sink locations is equivalent to finding the minima of those functions. We have shown that by obtaining the hop counts or the arrival time of a broadcast packet at a few spots in the network, the adversaries are able to determine the sink location with the accuracy of one radio range, sufficient to disable the sink by launching jamming attacks. To cope with the Zeroing-In attacks, we have proposed a directed-walk-based scheme and validated that the defense strategy is effective in deceiving adversaries at little energy costs.

Wenyuan Xu,Ke Ma,Wade Trappe,Yanyong Zhang

DOI: https://doi.org/10.1109/mnet.2006.1637931

IF: 10.294

2006-01-01

IEEE Network

Abstract:Wireless sensor networks are built upon a shared medium that makes it easy for adversaries to conduct radio interference, or jamming, attacks that effectively cause a denial of service of either transmission or reception functionalities. These attacks can easily be accomplished by an adversary by either bypassing MAC-layer protocols or emitting a radio signal targeted at jamming a particular channel. In this article we survey different jamming attacks that may be employed against a sensor network. In order to cope with the problem of jamming, we discuss a two-phase strategy involving the diagnosis of the attack, followed by a suitable defense strategy. We highlight the challenges associated with detecting jamming. To cope with jamming, we propose two different but complementary approaches. One approach is to simply retreat from the interferer which may be accomplished by either spectral evasion (channel surfing) or spatial evasion (spatial retreats). The second approach aims to compete more actively with the interferer by adjusting resources, such as power levels and communication coding, to achieve communication in the presence of the jammer.

Wenyuan Xu,Zhenhua Liu

2012-01-01

Abstract:The open nature of wireless communication makes it easy for adversaries to either inject random signals to wireless channels harming the network availability, or eavesdrop on the communication breaching the location privacy. Those threats are challenging to cope with, because most of them cannot be addressed by traditional cryptographic methods. One of the attacks that can easily imperil the availability of networks is jamming attacks. An adversary can launch a jamming attack either by bypassing MAC-layer protocols and keeping sending packets, or by emitting radio signals to a particular channel. To cope with jamming attacks, in this dissertation, we focus on developing mechanisms to localize jammers. We examine how jammers affect networks in terms of signal strength, nodes' communication range, and network topologies, and present how to measure these jamming effects. To localize a jammer, we design an Adaptive Least-Squares-based (LSQ-based) algorithm which performs localization by exploiting the changes of communication range. Then, to further improve the localization accuracy, we propose an error minimizing framework that can localize not only one but also multiple jammers through utilizing the strength of jamming signals (JSS). To evaluate the effectiveness of our proposed localization schemes, we conducted real-world experiments using a testbed of MicaZ, and then carried out extensive performance studies in large-scale networks by simulation. Another problem that cannot be solved by traditional cryptographic method is the location privacy issue. We study this issue in wireless sensor network because the locations of the sink nodes are critically important to the viability of wireless networks, and such information can be easily determined by attackers. For instance, attackers can eavesdrop on the network communication at several spots and trace back to the sink nodes. Then, they can destroy the sink nodes physically to disable the data collection or dissemination. In this dissertation, we examine the sink location privacy problem from both the attack and defense sides. On the attack side, we present two types of Zeroing-In attacks which allow attackers to identify the sink location by estimating the hop count or the arrival time of a broadcast packet at a few spots in the network. To cope with the Zeroing-In attacks, we propose a directed-walk-based scheme and validate that it is effective in deceiving adversaries at modest energy costs.

Zhijun Teng,Chunqiu Du,Meng Li,Hengjia Zhang,Weihua Zhu

DOI: https://doi.org/10.1109/jsen.2022.3152841

IF: 4.3

2022-04-01

IEEE Sensors Journal

Abstract:The openness of Wireless Sensor Networks (WSNs) layout makes them vulnerable to attacks. One of the most threatening attacks is the wormhole attack. The wormhole attack is difficult to be detected since it causes false routing by private tunnels and damages to WSNs in data transmission. Therefore, in order to resist wormhole attacks and improve network performance, this paper proposes a detection algorithm integrated with the node trust optimization model (NTOM-DA) against wormholes in WSNs. First, add the node whose number of neighbors exceeds the threshold to the list of suspicious nodes, and then the exclusive neighbors of suspicious nodes communicate with each other. Mark the path whose hops exceed the wormhole threshold as the path to be tested. Establish a trust model to calculate the node trust and evaluate the path trust. The simulation results show that NTOM-DA is superior in detecting wormhole attacks. Even in the face of a network with high node density and high attack degree, it still has a high detection rate and a low false-positive rate, which effectively guarantees the safe and reliable operation of WSNs.

engineering, electrical & electronic,instruments & instrumentation,physics, applied

Sumit Pundir,Mohammad Wazid,Devesh Pratap Singh,Ashok Kumar Das,Joel J. P. C. Rodrigues,Youngho Park,Joel J. P. C. J. P. C. Rodrigues

DOI: https://doi.org/10.3390/s20051300

IF: 3.9

2020-02-27

Sensors

Abstract:The sinkhole attack in an edge-based Internet of Things (IoT) environment (EIoT) can devastate and ruin the whole functioning of the communication. The sinkhole attacker nodes ( S H A s) have some properties (for example, they first attract the other normal nodes for the shortest path to the destination and when normal nodes initiate the process of sending their packets through that path (i.e., via S H A ), the attacker nodes start disrupting the traffic flow of the network). In the presence of S H A s, the destination (for example, sink node i.e., gateway/base station) does not receive the required information or it may receive partial or modified information. This results in reduction of the network performance and degradation in efficiency and reliability of the communication. In the presence of such an attack, the throughput decreases, end-to-end delay increases and packet delivery ratio decreases. Moreover, it may harm other network performance parameters. Hence, it becomes extremely essential to provide an effective and competent scheme to mitigate this attack in EIoT. In this paper, an intrusion detection scheme to protect EIoT environment against sinkhole attack is proposed, which is named as SAD-EIoT. In SAD-EIoT, the resource rich edge nodes (edge servers) perform the detection of different types of sinkhole attacker nodes with the help of exchanging messages. The practical demonstration of SAD-EIoT is also provided using the well known NS2 simulator to compute the various performance parameters. Additionally, the security analysis of SAD-EIoT is conducted to prove its resiliency against various types of S H A s. SAD-EIoT achieves around 95.83 % detection rate and 1.03 % false positive rate, which are considerably better than other related existing schemes. Apart from those, SAD-EIoT is proficient with respect to computation and communication costs. Eventually, SAD-EIoT will be a suitable match for those applications which can be used in critical and sensitive operations (for example, surveillance, security and monitoring systems).

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Ahmed M. Khedr,P. V. Pravija Raj,S. Sheeja Rani,Raj, P. V. Pravija,Rani, S. Sheeja

DOI: https://doi.org/10.1007/s11277-024-10913-x

IF: 2.017

2024-03-14

Wireless Personal Communications

Abstract:As a result of technological growth, WSNs enable creative practical solutions for anything from basic communication to sophisticated applications, which are not confined to a particular domain. In addition to the advances, there is an ongoing issue concerning the frequent threats or attacks on WSNs. The sinkhole attack, which jeopardizes the accuracy and trustworthiness of information in a WSN, is one of the most devastating attacks. Moreover, WSN routing schemes are extremely vulnerable to sinkhole attacks. To address the security challenges faced by WSNs, timely and reliable intrusion detection is of utmost importance. In this paper, a novel intrusion detection scheme, called Time Synchronized Multivariate Regressive Convolution Deep Neural Network Model (TSMR-CDNN), is introduced for sinkhole attack detection. TSMR-CDNN incorporates a reverse time synchronization scheme for its potential to provide precise clock skews and offsets, effectively reducing detection delays. The Broken-stick regression method is applied for the analysis of multivariate data such as clock features, RSSI, LQI, and energy by setting the threshold value, for enhancing its detection capabilities. The steepest gradient function is used to update the weight parameter in order to reduce the false positive rate. This approach minimizes the error rate, resulting in superior classification performance. The experimental results confirm that TSMR-CDNN outperforms the existing methods in terms of various metrics, and demonstrates 5% improvement in attack detection accuracy, 3% enhancement in precision, recall, and F-measure, and 10% reduction in detection time, respectively.

telecommunications

Zhou Sha,Jia-Liang Lu,Xu Li,Min-You Wu

DOI: https://doi.org/10.1109/glocom.2010.5684043

2010-01-01

Abstract:Sink mobility has attracted much research interests in Wireless Sensor Networks (WSNs), because it could provide energy saving and reduce latency during data collection. However, the mobile sink node is still a single point of failure in many WSNs applications, thus needs to be particularly protected against adversaries. We propose in this paper a moving strategy for the mobile sink which prevents tracking or detecting on it by adversaries during its data collection phase around the sensor field. Our moving strategy aims to selecting a trajectory for mobile sink node, which minimizes the total number of message communication from all static sensor nodes to the mobile sink node (including multi-hop relaying) and thereby reducing the possibility of being detected by the adversaries. We also employed a routing protocol on sensor nodes to forward the data to mobile sink node with shortest-path. Four strategies are evaluated in our simulation and the performance results show that our moving strategy we proposed achieves best goal and adapts well to the different deployment patterns.

Xuyang Hou,Jingjing Wang,Chunxiao Jiang,Sanghai Guan,Yong Ren

DOI: https://doi.org/10.1109/ICC.2018.8422794

2018-01-01

Abstract:Relying on mini wearable or implantable biosensors, the wireless body area network (WBAN) is capable of efficiently collecting as well as of analyzing human physiological information. It has shown great potential in terms of beneficially improving healthcare quality. However, due to stringent resource constraints of biosensors, traditional security schemes, i.e. the encryption and the authentication, may not do well in countering security threats. Moreover, they are not competent in protecting the network from inside attacks and deny of service (DoS) attacks. In this paper, we propose a sink node assisted lightweight intrusion detection mechanism for WBAN, where the sink node can periodically monitor the packet transmission and record the abnormality for further analysis. Our lightweight mechanism results in a very high true positive rate and an ultra-low false positive rate. Extensive analysis and simulations based on Castalia are conducted and verify the validity and efficiency of our proposed mechanism.

Sherril Sophie Maria Vincent,N. Duraipandian

DOI: https://doi.org/10.1016/j.eswa.2024.123765

IF: 8.5

2024-04-04

Expert Systems with Applications

Abstract:WSN (Wireless Sensor Network) is considered as one of the promising technologies which are utilized in various fields for various applications. Along with it, MANET (Mobile Ad Hoc Network) has attracted a distinct attention, as they serve communication means across innumerable domain. In recent years, due to the development of both wired and wireless technologies, attacks are becoming more frequent and these attacks can be in various form such as worm hole, black hole, grey-hole, sinkhole and others. These attacks can cause loss of security, increase the number of drop packets, decrease packet delivery ratio which result in poor routing performance. In order to overcome these issues, the proposed study employs PBCS (Particle Bee Colony Swarm) algorithm for finding the shortest path between the nodes, which helps in reducing the routing cost and makes the model more efficient and effective. In addition to this, Hybrid AdaBoost-Random forest algorithm is utilized in proposed model. This model helps in reducing the training time which makes the model more reliable and efficient than existing models. It can be implemented in huge dataset and in Hybrid AdaBoost-Random Forest algorithm, estimator of random forest is used, which result in high accuracy and low loss. AODV (Ad-Hoc on Demand Vector) protocol helps to identify the prevention of attack as this routing protocol perform better for longer and extensive duration of traffic than other protocols. The performance of the proposed model is evaluated using different metrics which includes accuracy, recall, precision, sensitivity and specificity. Besides, energy consumption, throughput, network lifetime, delay of the proposed model is also evaluated. The proposed model is then compared with various existing models in order to determine the efficiency and effectiveness of the proposed framework.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

Arun Kumar Sangaiah,Amir Javadpour,Forough Ja'fari,Pedro Pinto,HamidReza Ahmadi,Weizhe Zhang

DOI: https://doi.org/10.1016/j.micpro.2022.104504

IF: 3.503

2022-01-01

Microprocessors and Microsystems

Abstract:This research aims to represent a novel approach to detect malicious nodes in Ad-hoc On-demand Distance Vector (AODV) within the next-generation smart cities. Smart city applications have a critical role in improving public services quality, and security is their main weakness. Hence, a systematic multidimensional approach is required for data storage and security. Routing attacks, especially sinkholes, can direct the network data to an attacker and can also disrupt the network equipment. Communications need to be with integrity, confidentiality, and authentication. So, the smart city and urban Internet of Things (IoT) network, must be secure, and the data exchanged across the network must be encrypted. To solve these challenges, a new protocol using CLustering Multi-Layer Security Protocol (CL-MLSP) with AODV has been proposed. The Advanced Encryption Standard (AES) algorithm is aligned with the proposed protocol for encryption and decryption. The shortest path is obtained by the clustering method based on energy, mobility, and distribution for each node. Ns2 is used to evaluate the CL-MLSP performance, and the parameters are network lifetime, latency, packet loss, and security. We have compared CL-MLPS with ECP-AODV, Probe, and Multi-Path. The proposed method superiority rates in energy consumption, drop rate, delay, throughput, and security performance are 6.54%, 12.87%, 8.12%, 9.46%, respectively.

Nike Gui,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.4304/jnw.5.5.535-542

2010-01-01

Journal of Networks

Abstract:Wireless sensor networks are increasingly deployed in security-critical areas, such as battle field. However, general sensor nodes are manufactured with inexpensive components, and they are short of security enhancement. Therefore, an adversary could capture and compromise sensor nodes easily, then launch some malicious attacks (including tampering or discarding useful data collected from source nodes). In this paper, we propose a secure routing and aggregation protocol with low energy cost for sensor networks (named STAPLE), which utilizes one-way hash chain and multi-path mechanism to achieve security of wireless sensor networks, and develop a network expanding model to control communication cost incurred by multi-path routing. Then we discuss the protocol application in multi-sink wireless sensor networks. Finally, we perform the simulation of STAPLE in comparison with INSENS, the results demonstrate that STAPLE achieves a higher level security with considerably low communication overhead.

Jianqing Ma,Ping Yi,Yiping Zhong,Shiyong Zhang

DOI: https://doi.org/10.1109/WiCOM.2006.280

2006-01-01

Abstract:Wireless Sensor Networks (WSNs) have wide applications both in military and civil fields. However, when deployed in untended/hostile area, WSNs may suffer all kinds of attacks like flooding Sinkhole, etc. To apply WSNs more practically and wildly, some secure countermeasures must be deployed in WSNs. In this paper, we design a kind of firewall scheme, which based on mobile agent, to isolate the intruder with less communication overhead and memory cost. The S_Firewall can be generated automatically, distributively and in real time when network-wide attacks happen. The paper also proposes a route restoring scheme by local repair and makes a performance analysis by prototype implementation of S_Firewall.

Yu Hu,Yuanming Wu,Hongshuai Wang

DOI: https://doi.org/10.4236/wsn.2014.611023

2014-01-01

Wireless Sensor Network

Abstract:The security problems of wireless sensor networks (WSN) have attracted people’s wide attention. In this paper, after we have summarized the existing security problems and solutions in WSN, we find that the insider attack to WSN is hard to solve. Insider attack is different from outsider attack, because it can’t be solved by the traditional encryption and message authentication. Therefore, a reliable secure routing protocol should be proposed in order to defense the insider attack. In this paper, we focus on insider selective forwarding attack. The existing detection mechanisms, such as watchdog, multipath retreat, neighbor-based monitoring and so on, have both advantages and disadvantages. According to their characteristics, we proposed a secure routing protocol based on monitor node and trust mechanism. The reputation value is made up with packet forwarding rate and node’s residual energy. So this detection and routing mechanism is universal because it can take account of both the safety and lifetime of network. Finally, we use OPNET simulation to verify the performance of our algorithm.

Fan-rui Kong,Chun-wen Li,Qing-qing Ding,Guang-zhao Cui,Bing-yi Cui

DOI: https://doi.org/10.1631/jzus.a0820178

2009-01-01

Journal of Zhejiang University SCIENCE A

Abstract:As the applications of wireless sensor networks (WSNs) diversify, providing secure communication is emerging as a critical requirement. In this paper, we investigate the detection of wormhole attack, a serious security issue for WSNs. Wormhole attack is difficult to detect and prevent, as it can work without compromising sensor nodes or breaching the encryption key. We present a wormhole attack detection approach based on the probability distribution of the neighboring-node-number, WAPN, which helps the sensor nodes to judge distributively whether a wormhole attack is taking place and whether they are in the influencing area of the attack. WAPN can be easily implemented in resource-constrained WSNs without any additional requirements, such as node localization, tight synchronization, or directional antennas. WAPN uses the neighboring-node-number as the judging criterion, since a wormhole usually results in a significant increase of the neighboring-node-number due to the extra attacking link. Firstly, we model the distribution of the neighboring-node-number in the form of a Bernoulli distribution. Then the model is simplified to meet the sensor nodes’ constraints in computing and memory capacity. Finally, we propose a simple method to obtain the threshold number, which is used to detect the existence of a wormhole. Simulation results show that WAPN is effective under the conditions of different network topologies and wormhole parameters.

Zhong Su,Chuang Lin,FengYuan Ren,XiaoSu Zhan

DOI: https://doi.org/10.1109/spca.2006.297488

2006-01-01

Abstract:Secure Routing is a challenging task because ad-hoc and resource constrained nature of Wireless Sensor Networks. In this paper, we discuss several specific routing attacks, such as wormhole attack, sinkhole attack, Sybil attack, False Data Insert Attack etc. Some security mechanisms, which are used to defend against these attacks, are analyzed. This paper also points out the open research challenges in this field.

Mohammad Sirajuddin,Dr. B. Sateesh Kumar

DOI: https://doi.org/10.32628/cseit2390395

2023-05-10

Abstract:In modern times, security remains a significant concern in wireless networks. Wireless sensor networks are widely employed in different practical situations. WSNs struggle with numerous internal and external threats, and detecting and defending against insider attacks is difficult. Insider attacks, in which intruders discard received data packets selectively, pose a significant risk to WSNs. The presence of black hole nodes within the network causes this issue. This research paper presents a secure and reliable route management methodology for WSNs that selects nodes and routing paths based on trust metrics. The proposed mechanism employs intelligent routing and node selection to defend against various types of assaults encountered during the routing process, including selective forwarding and black hole attacks. As a result, the paper identifies secure routes and establishes secure network routing. This scheme uses throughput, latency, and packet drop ratio as performance metrics. Experimentation demonstrates that the proposed system effectively increases the probability of secure network routing paths while extending the network lifecycle.

Liang Song,Dimitrios Hatzinakos

DOI: https://doi.org/10.1080/15501320601062130

IF: 1.938

2007-01-01

International Journal of Distributed Sensor Networks

Abstract:We propose to develop Wireless Sensor Networks with Mobile Sinks (MSSN), under high sensor node density, where multiple sensor nodes need to share one single communication channel in the node-to-sink transmission. By exploiting the tradeoff between the successful information retrieval probability and the nodes energy consumption, a number of multiple nodes transmission scheduling algorithms are proposed. Both optimal and suboptimal algorithms, which exhibit exponential and linear complexity respectively, are discussed under the desired application. Computer simulations show that suboptimal algorithms perform nearly as good as the optimal one. The study leads to the cross-layer Wireless Link layer design for MSSN.