Wei Yang,Qin Wang,Yadong Wan,Yue Qi

DOI: https://doi.org/10.1504/ijes.2017.10008941

2017-01-01

International Journal of Embedded Systems

Abstract:Time synchronisation is very crucial in many wireless sensor network applications especially in industrial wireless networks. The current industrial wireless standards all use TDMA-based channel-sharing protocols on the medium access control (MAC) layer. If an adversary launches time synchronisation attacks to the industrial wireless networks, the whole networks communication will be paralysed. However, the time synchronisation is insufficient to be protected in the current industrial wireless standards which based on IEEE802.15.4e standard. So it is important to study in depth the time synchronisation method of attack and defense in IEEE802.15.4e networks. In this paper we give a survey of time synchronisation in IEEE802.15.4e networks and point out the possible attacks. They include ASN attack, message manipulation attack, node identity attack and pulse-delay attack. Then we propose some countermeasures against these attacks. Finally, we perform a series of experiments to evaluate the effectiveness of corresponding defences for the attacks. The experiment results show that the proposed mechanisms can successfully defend against these attacks. And the energy consumption of these defense methods are very low.

Wei Yang,Qin Wang,Yadong Wan,Jie He

DOI: https://doi.org/10.1109/cscloud.2016.44

2016-01-01

Abstract:Time synchronization is very important in the IEEE802.15.4e network which aim to industrial automation applications. It enabled high end-to-end reliability and low power wireless networking. If an adversary launches time synchronization attacks to the IEEE802.15.4e networks, the whole network communications will be paralyzed. In this paper, we present two types of attacks: 1) ASN and 2) time synchronization tree attack. In ASN attack the legitimate nodes may get an incorrect ASN value and thus can't synchronize to the normal network, while in time synchronization tree attack, the attacker can damage the structure of time synchronization tree by faking DIO packets. We propose some countermeasures which include intrusion detection algorithms, Encryption and Authentication methods to defend against these attacks. Finally, we perform time synchronization tree attack experiments. The experiment results show that the proposed mechanisms can defend against the attack.

Wei Yang,Yadong Wan,Qin Wang

DOI: https://doi.org/10.1049/iet-ifs.2016.0232

2017-01-01

IET Information Security

Abstract:Time synchronisation is a fundamental requirement for the IEEE802.15.4e-based industrial Internet of Things, allowing it to reach low-power and high-reliability wireless network through time synchronisation. If malicious adversaries launch time synchronisation attacks to IEEE802.15.4e-based networks, the entire network communication will be paralysed. In this study, the authors introduce two types of time synchronisation attacks: (i) absolute slot number (ASN) and (ii) timeslot template attack. In ASN attack, the new nodes may receive an incorrect ASN value, which prevents synchronisation with the typical network, while in the timeslot template attack, the malicious node can make the legitimate nodes calculate the error clock offset. The authors propose an enhanced secure time synchronisation protocol to defend against these attacks, which include Sec_ASN and TOF algorithm. The Sec_ASN and threshold filter (TOF) algorithms are used to defend against ASN attack and timeslot template attacks, respectively. Finally, the authors run a thorough set of simulations to assess the effectiveness of the proposed attacks as well as the proposed countermeasure. The results show that the attacks can significantly destroy the time synchronisation protocol, but can be successfully defended using the proposed mechanisms.

Wei Dong,Xiaojin Liu

DOI: https://doi.org/10.1109/tii.2015.2495147

IF: 12.3

2015-01-01

IEEE Transactions on Industrial Informatics

Abstract:Time synchronization is crucial for cyber-physical systems (CPSs), e.g., wireless sensor and actuator networks. Cyber physical security is an important yet challenging problem. In particular, attacks to the time synchronization service may incur data distortion or even malfunction of the whole system. Sybil attack is one of the most common attack types for sensor networks, where a node illegitimately claims multiple identities. Existing secure time-synchronization protocols; however, cannot well address Sybil attacks in the time synchronization process. We propose a robust and secure time-synchronization protocol (RTSP) to defend against Sybil attacks. Different from previous secure timesync protocols, RTSP employs a novel graph theoretical approach, which is able to perform anomaly detection at the message level instead of the node level. This fine-grained detection ability enables RTSP to become robust against Sybil attacks, as well as node compromise and message manipulation attacks. Extensive experimental results show the effectiveness of our proposed protocol.

Wei Yang,Jie He,Yue Qi,Ruijie Zhang,Qin Wang

DOI: https://doi.org/10.1007/s10776-016-0322-3

2016-01-01

International Journal of Wireless Information Networks

Abstract:IEEE802.15.4e networks adopt time-synchronized medium access control protocols which enables highly reliable and ultra-low power industrial wireless networks. In these networks, nodes use timeslot to communicate which need a high-precision time synchronization. In hostile environments, the time synchronization protocol may be destroyed by external, compromise or pulse-delay attacks. In this paper, we present a secure time synchronization for IEEE802.15.4e networks called STS_4e which includes a secure single-hop pair-wise time synchronization and a secure cluster-wise time synchronization. The secure pair-wise time synchronization adopts message integrity authentication mechanism to defend against external attacks and threshold filter algorithm to defend against compromise and pulse-delay attacks. The secure cluster-wise time synchronization adopts packet-based key chain to improve µTESLA broadcast authentication mechanism which can well balance the delay of disclosed keys and the length of key chain. Finally, we implement the STS_4e scheme on OpenMoteSTM node running OpenWSN. The results show that the proposed scheme can successfully defend against time synchronization attacks as well as the low energy consumption.

Tian Hao,Ruogu Zhou,Guoliang Xing,Matt W. Mutka,Jiming Chen

DOI: https://doi.org/10.1109/TMC.2013.43

2014-01-01

Abstract:Time synchronization is a fundamental service for wireless sensor networks (WSNs). Although a number of message passing protocols can achieve satisfactory synchronization accuracy, they suffer poor scalability and high transmission overhead. An alternative approach is to utilize the global time references such as those induced by GPS and timekeeping radios. However, they require the hardware receiver to decode the out of band clock signal, which introduces extra cost and design complexity. This paper proposes a novel WSN time synchronization approach by exploiting the existing Wi-Fi infrastructure. Our approach leverages the fact that 802.15.4 sensors and Wi-Fi nodes often occupy the same or overlapping radio frequency bands in the 2.4 GHz unlicensed spectrum. As a result, a 802.15.4 node can detect and synchronize to the periodic beacons broadcasted by Wi-Fi access points (APs). A key advantage of our approach is that, due to the long communication range of Wi-Fi, a large number of 802.15.4 sensors can synchronize clock rates to the same beacons without any message exchange. This paper makes several key contributions. First, we experimentally characterize the spatial and temporal characteristics of Wi-Fi beacons in an enterprise Wi-Fi network consisting of over 50 APs deployed in a 300,000 square foot office building. Motivated by our measurement results, we design a novel synchronization protocol called WizSync. WizSync employs digital signal processing (DSP) techniques to detect periodic Wi-Fi beacons and use them to calibrate the frequency of native clocks. WizSync can intelligently predict the clock skew and adaptively schedules nodes to sleep to conserve energy. We implement WizSync in TinyOS 2.1.1 and conduct extensive evaluation on a testbed consisting of 19 TelosB motes. Our results show that WizSync can achieve an average synchronization error of 0.12 milliseconds over a period of 10 days with radio power consumption of 50.9 microwatts/node.

Wei Yang,Yadong Wan,Jie He,Yuanlong Cao

DOI: https://doi.org/10.1155/2018/1954121

2018-01-01

Wireless Communications and Mobile Computing

Abstract:Time-slotted channel hopping (TSCH), which can enable highly reliable and low-power wireless mesh networks, is the cornerstone of current industrial wireless standards. In a TSCH network, all nodes must maintain high-precision synchronization. If an adversary launches a time-synchronization attack on a TSCH network, the entire network communication system can be paralyzed. Thus, time-synchronization security is a key problem in this network. In this article, time synchronization is divided into single-hop pairwise, clusterwise, and three-level multihop according to the network scope. We deeply analyze their security vulnerabilities due to the TSCH technology itself and its high-precision synchronization requirements and identify the specific attacks; then, we propose corresponding security countermeasures. Finally, we built a test bed using 16 OpenMoteSTM nodes and the OpenWSN software to evaluate the performance of the proposed scheme. The experimental results showed that serious security vulnerabilities exist in time-synchronization protocols, and the proposed countermeasures can successfully defend against the attacks.

Zhaowei Wang,Peng Zeng,Linghe Kong,Dong Li,Xi Jin

DOI: https://doi.org/10.3390/s18082718

IF: 3.9

2018-01-01

Sensors

Abstract:Time synchronization is critical for wireless sensors networks in industrial automation, e.g., event detection and process control of industrial plants and equipment need a common time reference. However, cyber-physical attacks are enormous threats causing synchronization protocols to fail. This paper studies the algorithm design and analysis in secure time synchronization for resource-constrained industrial wireless sensor networks under Sybil attacks, which cannot be well addressed by existing methods. A node-identification-based secure time synchronization (NiSTS) protocol is proposed. The main idea of this protocol is to utilize the timestamp correlation among different nodes and the uniqueness of a node’s clock skew to detect invalid information rather than isolating suspicious nodes. In the detection process, each node takes the relative skew with respect to its public neighbor as the basis to determine whether the information is reliable and to filter invalid information. The information filtering mechanism renders NiSTS resistant to Sybil attacks and message manipulation attacks. As a completely distributed protocol, NiSTS is not sensitive to the number of Sybil attackers. Extensive simulations were conducted to demonstrate the efficiency of NiSTS and compare it with existing protocols.

Qingyu Yang,Dou An,Wei Yu

DOI: https://doi.org/10.1109/EnergyTech.2013.6645332

2013-01-01

Abstract:Real-time measurement and control are essential in electrical power grid systems and the timing requirements (such as time synchronization) on the measurement and control of power grid are critical. The IEEE 1588, as a precision clock synchronization protocol, was proposed to guarantee the precise clock synchronization in nanoseconds and has broad applications in power grid systems. In this paper, we first describe the modeling of the time synchronization process in the IEEE 1588 and analyze the impact of delay asymmetry, which can be exploited by the adversary to disrupt the time synchronization process. We then investigate a feasible attack workflow based on the attack model and discuss discuss countermeasures to defend against such an attack. We conduct experiments to validate the effectiveness of the investigated attack. Our experimental data matches with our theoretical findings well and show that our investigated attack can effectively disrupt the time synchronization process in the IEEE 1588.

Wade Trappe,Wenyuan Xu

DOI: https://doi.org/10.7282/t3rj4jw7

2007-01-01

Abstract:Wireless networks are built upon a shared medium that makes it easy for adversaries to conduct radio interference, or jamming attacks, which effectively cause a denial of service (DoS) of either transmission or reception functionalities. These attacks can be easily accomplished by an adversary by either bypassing MAC-layer protocols, or emitting a radio signal targeted at jamming a particular channel. In this thesis, we examine the issue of jamming wireless networks, and sensor networks in particular, by studying both the attack and defense side of the problem. On the attack side, we present four different jamming attack models that can be used by an adversary to disable the operation of a wireless network, and evaluate their effectiveness in terms of how each method affects the ability of a wireless node to send and receive packets. In order to cope with the problem of jamming, we discuss a two-phase strategy involving the diagnosis of the attack, followed by a suitable defense strategy. For detection, we show that single measurement statistics are not enough to reliably classify the presence of a jamming attack, and propose multimodal detection methods. To cope with jamming, we propose a technique, channel surfing, which involves evading the interferer in the spectral domain. Several different channel surfing models are presented, and we evaluate their effectiveness using a testbed of MICA2 motes. Beyond channel surfing, we overview a second defense strategy whereby it is possible to establish a low data rate jamming resistant communication channel by modulating the interarrival times between jammed packets.

Hui Li,Yanfei Zheng,Mi Wen,Kefei Chen

DOI: https://doi.org/10.1007/978-3-540-77018-3_52

2007-01-01

Abstract:Clock synchronization is a critical issue in most wireless sensor network applications. Although the synchronization is well studied in last few years. Most of these synchronization protocols assume benign environments, but cannot survive malicious attacks in hostile environments, especially when there are compromised nodes. In this paper, we propose a secure synchronization protocol for sensor network. Our protocol combine the sender-receiver model and receiver-receiver model to verify the synchronization process between each synchronizing pair. The approach guarantees that normal nodes can synchronize their clocks to global clock even if each normal node has up to t colluding malicious neighbor nodes during synchronization phase.

Wenyuan Xu,Wade Trappe,Yanyong Zhang

DOI: https://doi.org/10.1145/1352533.1352567

2008-01-01

Abstract:Wireless communication is susceptible to radio interference, which prevents the reception of communications. Although evasion strategies have been proposed, such strategies are costly or ineffective against broadband jammers. In this paper, we explore an alternative to evasion strategies that involves the establishment of a timing channel that exists in spite of the presence of jamming. The timing channel is built using failed packet reception times. We first show that it is possible to detect failed packet events inspite of jamming. We then explore single sender and multisender timing channel constructions that may be used to build a low-rate overlay link-layer. We discuss implementation issues that we have overcome in constructing such jamming-resistant timing channel, and present the results of validation efforts using the MICA2 platform. Finally, we examine additional error correction and authentication mechanisms that may be used to cope with adversaries that both jam and seek to corrupt our timing channel.

Wenyuan Xu,Ke Ma,Wade Trappe,Yanyong Zhang

DOI: https://doi.org/10.1109/mnet.2006.1637931

IF: 10.294

2006-01-01

IEEE Network

Abstract:Wireless sensor networks are built upon a shared medium that makes it easy for adversaries to conduct radio interference, or jamming, attacks that effectively cause a denial of service of either transmission or reception functionalities. These attacks can easily be accomplished by an adversary by either bypassing MAC-layer protocols or emitting a radio signal targeted at jamming a particular channel. In this article we survey different jamming attacks that may be employed against a sensor network. In order to cope with the problem of jamming, we discuss a two-phase strategy involving the diagnosis of the attack, followed by a suitable defense strategy. We highlight the challenges associated with detecting jamming. To cope with jamming, we propose two different but complementary approaches. One approach is to simply retreat from the interferer which may be accomplished by either spectral evasion (channel surfing) or spatial evasion (spatial retreats). The second approach aims to compete more actively with the interferer by adjusting resources, such as power levels and communication coding, to achieve communication in the presence of the jammer.

Jianping He,Jiming Chen,Peng Cheng,Xianghui Cao

DOI: https://doi.org/10.1109/tpds.2013.150

IF: 5.3

2014-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Time synchronization is a fundamental requirement for the wide spectrum of applications with wireless sensor networks (WSNs). However, most existing time synchronization protocols are likely to deteriorate or even to be destroyed when the WSNs are attacked by malicious intruders. This paper is concerned with secure time synchronization for WSNs under message manipulation attacks. Specifically, the theoretical analysis and simulation results are first provided to demonstrate that the maximum consensus based time synchronization (MTS) protocol would be invalid under message manipulation attacks. Then, a novel secured maximum consensus based time synchronization (SMTS) protocol is proposed to detect and invalidate message manipulation attacks. Furthermore, we prove that SMTS is guaranteed to converge with simultaneous compensation of both clock skew and offset. Extensive numerical results show the effectiveness of our proposed protocol.

Yongsheng Liu,Jie Li,Guizani, M.

DOI: https://doi.org/10.1109/WCNC.2012.6214179

2012-01-01

Abstract:Time synchronization is crucial to Wireless Sensor Networks (WSNs) due to the requirement of coordination between sensor nodes. Existing secure time synchronization protocols of WSNs introduce high overhead when used for global time synchronization. In this paper, we propose a lightweight secure global time synchronization protocol for WSNs. In the proposed protocol, a broadcast synchronization packet makes all sensor nodes in the network synchronize with the trusted source. The synchronization packet is protected by a proposed broadcast authentication algorithm, which introduces asymmetry by transmitting hash values of secret keys in advance. It achieves immediate authentication and does not require the loose time synchronization. To defend the pulse-delay attacks, the arrival time of the synchronization packet is checked according to the estimated arrival time interval. The upper bound on the skew of the proposed protocol is proved. The message complexity in one period of the proposed protocol is O(n) where n represents the number of sensor nodes. The simulation results show that the maximum skew is within tens of milliseconds.

GUO Liang

DOI: https://doi.org/10.3969/j.issn.1000-1220.2006.12.015

2006-01-01

Abstract:In Wireless Sensor Networks, time synchronization is necessary. Some intrinsic properties of sensor networks, such as limited resources of energy, storage, computation, and bandwidth, make traditional time synchronization methods unsuitable for WSN. This article formulates the time synchronization problem and the need for synchronization in sensor networks ,and also introduces some time synchronization algorithms , and make further research on the ideas of carry time information with mobility of the nodes when taking mobility into account, which is proved to be good by simulation.

Zhaobin Liu,Qiang Ma,Wenzhi Liu,Victor S. Sheng,Liang Zhang,Gang Liu

DOI: https://doi.org/10.3390/s18072107

IF: 3.9

2018-01-01

Sensors

Abstract:Internal reliability and external safety of Wireless Sensor Networks (WSN) data transmission have become increasingly outstanding issues with the wide applications of WSN. This paper proposes a new method for access control and mitigation of interfering noise in time synchronization environments. First, a formal definition is given regarding the impact interference noise has on the clock skew and clock offset of each node. The degree of node interference behavior is estimated dynamically from the perspective of time-stamp changes caused by the interference noise. Secondly, a general access control model is proposed to resist invasion of noise interference. A prediction model is constructed using the Bayesian method for calculating the reliability of neighbor node behavior in the proposed model. Interference noise, which attacks the time synchronization, is regarded as the key factor for probability estimation of the reliability. The result of the calculations determines whether it is necessary to initiate synchronization filtering. Finally, a division of trust levels with bilinear definition is employed to lower interference noise and improve the quality of interference detection. Experimental results show that this model has advantages in system overhead, energy consumption and testing errors, compared to its counterparts. When the disturbance intensity of a WSN increases, the proposed optimized algorithm converges faster with a lower network communication load.

Ying Yang

Abstract:Wireless sensor networks (WSNs) have been used as an important tool inmany fields of science and industry. Time synchronization is also a criticalissue in wireless sensor networks and its aim is to synchronize the local timefor some or all nodes in the network, if necessary. However, wireless sensornetworks are limited in their accuracy, energy efficiency, scalability, and complexityand some traditional time synchronization algorithms such as NetworkTime Protocol (NTP) and Global Positioning System (GPS) are unsuitable forWSNs. This work surveys and evaluates state-of-art time synchronization protocolsbased on many factors including accuracy, energy efficiency, and complexity,and analyzes the effect that time synchronization has in a wirelesssensor network. IN ADDITION, more attention is paid to several time synchronizationalgorithms and their advantages and disadvantages. Also, the surveyprovides a valuable framework for comparing new and existing synchronizationprotocols. According to the evaluation for the performance of time synchronizationalgorithms, this thesis provides assistance in relation to further improvingthe performance of time synchronization. Finally, future research directionsin relation to time synchronization in wireless sensor networks are alsoproposed.

Computer Science,Engineering,Environmental Science

Jianping He,Peng Cheng,Ling Shi,Jiming Chen

DOI: https://doi.org/10.1109/TSP.2013.2286102

IF: 4.875

2013-01-01

IEEE Transactions on Signal Processing

Abstract:It is important and challenging to achieve secure time synchronization in wireless sensor networks, which may be deployed in a hostile environment under various malicious attacks. The recently developed average-consensus-based time synchronization protocol (ATS) is a promising alternative as it does not depend on any reference node or network topology, which makes it robust to different kinds of attacks, e.g., denial-of-service, node destruction, etc. However, the in-network information fusion nature of average consensus makes the ATS vulnerable to the well-known message manipulation attacks. In this paper, we focus on how to defend the ATS protocol in wireless sensor networks under message manipulation attacks. We first investigate the impact of message manipulation attacks over ATS, and derive a necessary condition for ATS to converge. Then based on the obtained insights, we propose a novel adjusting parameter checking mechanism which exploits the two-hop neighboring information to dynamically constrain the attackers. We further incorporate all checking processes into the traditional ATS protocol to form a secure average-consensus-based time synchronization protocol (SATS). We prove that SATS guarantees the network time synchronization with an exponentially converging speed.

Chaojie Gu,Linshan Jiang,Rui Tan,Mo Li,Jun Huang

DOI: https://doi.org/10.1145/3474368

2020-01-01

Abstract:Low-power wide-area network technologies such as long-range wide-area network (LoRaWAN) are promising for collecting low-rate monitoring data from geographically distributed sensors, in which timestamping the sensor data is a critical system function. This article considers a synchronization-free approach to timestamping LoRaWAN uplink data based on signal arrival time at the gateway, which well matches LoRaWAN’s one-hop star topology and releases bandwidth from transmitting timestamps and synchronizing end devices’ clocks at all times. However, we show that this approach is susceptible to a frame delay attack consisting of malicious frame collision and delayed replay. Real experiments show that the attack can affect the end devices in large areas up to about 50,000, m 2 . In a broader sense, the attack threatens any system functions requiring timely deliveries of LoRaWAN frames. To address this threat, we propose a LoRaTS gateway design that integrates a commodity LoRaWAN gateway and a low-power software-defined radio receiver to track the inherent frequency biases of the end devices. Based on an analytic model of LoRa’s chirp spread spectrum modulation, we develop signal processing algorithms to estimate the frequency biases with high accuracy beyond that achieved by LoRa’s default demodulation. The accurate frequency bias tracking capability enables the detection of the attack that introduces additional frequency biases. We also investigate and implement a more crafty attack that uses advanced radio apparatuses to eliminate the frequency biases. To address this crafty attack, we propose a pseudorandom interval hopping scheme to enhance our frequency bias tracking approach. Extensive experiments show the effectiveness of our approach in deployments with real affecting factors such as temperature variations.