A self enforcing and flexible security protocol for preventing Denial of Service attacks in wireless sensor networks
03 Nov 2011-pp 847-850
TL;DR: The paper discusses the harmful nature of Denial of Service attacks and the protocol incorporated to identify the malicious sender inflicting the attack on the server and maintains confidentiality, integrity and authenticity of data transmitted between sensor nodes.
Abstract: Taking into account the recent growth in research and development in wireless sensor networks it has been shown that they have a lot of scope in future. It is more important to pay attention to the security of wireless sensor networks as they are highly prone to threats. In this paper we propose a protocol for establishing the security mechanism of wireless sensor networks and devising a scheme for preventing Denial of Service attacks. The protocol organizes the network using the derivative key to establish secure communication and also incorporates authentication check to detect any malicious sensor nodes. The paper discusses the harmful nature of Denial of Service attacks and the protocol incorporated to identify the malicious sender inflicting the attack on the server. The protocol not only defends the network against Denial of Service attacks but also maintains confidentiality, integrity and authenticity of data transmitted between sensor nodes.
Citations
More filters
03 Apr 2013
TL;DR: The affect of Black hole attack is measured on the network parameters followed by the proposal of a novel technique for the detection and prevention of Blackhole attack in WSN.
Abstract: Wireless Sensor Networks (WSNs) are prone to various attacks in which Blackhole a kind of Denial of Service (DoS) attack is very difficult to detect and defend. In blackhole attack, an intruder captures and re-programs a set of nodes in the network to block the packets they receive instead of forwarding them towards the base station. As a result any information that enters the blackhole region is captured and not able to reach destination causing high end-to-end delay and low throughput. Previously little amount of work is done for detection and prevention of the Blackhole attack in the WSN making its detection and prevention very crucial as per network performance is concerned. In this paper initially the affect of Blackhole attack is measured on the network parameters followed by the proposal of a novel technique for the detection and prevention of Blackhole attack in WSN.
61 citations
Cites background from "A self enforcing and flexible secur..."
...In paper [7] a protocol for establishing the security mechanism of wireless sensor networks and devising a scheme for preventing Denial of Service attacks is proposed....
[...]
TL;DR: WSNs are widely used in homeland security and military applications, in hospitals for medical monitoring, and in industry, but their limited battery and power options, processing capability and memory make WSNs vulnerable to a variety of network attacks.
14 citations
01 Dec 2016
TL;DR: A novel technique for detecting black-hole attacks in WSNs using multiple base stations and check agents is proposed.
Abstract: Wireless Sensor Networks (WSNs) consist of multiple sensors distributed in a certain geographic area. The goal of using WSNs is to monitor certain phenomena such as; environmental or physical. The nodes in WSNs transmit data through a wireless network that lacks infrastructure, which makes those networks exposed to security threats. One of those security threats is the black-hole attack which can be considered as a Denial of Service (DoS) attack that is very difficult to detect. In this attack, the intruder re-programs a set of nodes in the target network to prevent the received packets from being sent to the destination. Such changes to the sensors results in high delay and low throughput. Therefore, we propose in this paper a novel technique for detecting black-hole attacks in WSNs using multiple base stations and check agents.
10 citations
Cites background from "A self enforcing and flexible secur..."
...In paper [9], Nanda and Krishna developed a scheme for preventing DoS attacks in WSNs....
[...]
01 Jan 2014
TL;DR: This paper analyzes the behavior of wireless network with or without black hole attack with different parameters and concludes that any black hole in the network can degrade the performance of the network.
Abstract: Wireless sensor networks are vulnerable against various types of external and internal attacks being limited by computation resources, smaller memory capacity, limited battery life, processing power & lack of tamper resistant packaging. The black hole attack is one of the well-known security threats in wireless sensor networks. The intruders utilize the loophole to carry out their malicious behaviors because the route discovery process is necessary and inevitable. In this paper, we analyze the behavior of wireless network with or without black hole attack with different parameters. Hence from all these result we can conclude that any black hole in the network can degrade the performance of the network.
8 citations
Cites background from "A self enforcing and flexible secur..."
...In paper [7] a protocol for establishing the security mechanism of wireless sensor networks and devising a scheme for preventing Denial of Service attacks is proposed....
[...]
TL;DR: A comparative performance weighing of Star and tree topology setup of WSN nodes is carried out under the black hole scenario and the results prove a considerable reduction of the parameter of delay in transmission of packets if hybrid topology is followed and a reasonable increase in the QoS parameter of throughput as meshTopology is adopted during transmission in a black hole vulnerable network.
Abstract: Background/Objectives: A typical Wireless Sensor Network (WSN) is a collection of Sensor nodes with limited charge that get deployed in a range enabling different applications. Enormous potential is there for deployment of WSN in consumer centric applications, industry sector and defence. Method: WSNs are vulnerable to various types of attack, upon which black-hole, a type of Denial of Service (DoS) pose enormous challenge in detection and defence. The primary characteristic of the attack is that reprogramming done by attackers in the captured nodes block the packets received than forwarding to the base station. This results in information entering the black hole area not getting routed to the destination and degradation of QoS factors of delay and final throughput. In this study a comparative performance weighing of Star and tree topology setup of WSN nodes is carried out under the black hole scenario. In case, the parameter of delay is vital Mesh setup is chosen and in the requirement of throughput efficiency and fault tolerance Star topology is chosen. A methodology for choosing the topology depending on the required service parameter under black hole scenario is also devised. Findings: The vital parameters considered for the simulation study are delay in transmission of packets and throughput efficiency among the sensor nodes. The results prove a considerable reduction of the parameter of delay in transmission of packets if hybrid topology is followed and a reasonable increase in the QoS parameter of throughput as mesh topology is adopted during transmission in a black hole vulnerable network. Improvements: The vital parameters of negligible delay and throughput efficiency that contribute effective cooperation among the sensor nodes are taken into account while choosing the appropriate topology, and the results show the distribution of the parameter values for the particular topology chosen.
6 citations
References
More filters
TL;DR: This work base their work on the existing Optimized Link State Routing protocol (OLSR) and weave in concepts of Learning Automata (LA) to protect the network from this kind of attack.
Abstract: Wireless Mesh Networks (WMNs) have potentially unlimited applications in the future. Therefore, establishing a viable and secure wireless network routing protocol for these networks is essential. Currently, these networks are being used in connecting large sections of cities by setting up wireless routers at strategic points all around the city. These networks can also support connecting remote areas of the country, instead of having to lay a cable all the way. The nature of applications mentioned above make these networks prone to different attacks. Thus, security of these networks is a serious concern. In this paper, we study the impact of Distributed Denial of Service (DDoS) attacks on WMNs. We base our work on the existing Optimized Link State Routing protocol (OLSR) and we weave in concepts of Learning Automata (LA) to protect the network from this kind of attack. The simulation results for the proposed scheme show that the proposed protocol is effective in the prevention of DDoS attacks in WMNs.
54 citations
16 May 2005
TL;DR: In this paper, the authors formulated the attack-defense problem as a two-player, nonzero-sum, non-cooperative game between an attacker and a wireless sensor and actor network.
Abstract: In order to isolate malicious nodes in wireless sensor and actor networks and provide a secure routing, we formulate the attack-defense problem as a two-player, nonzero-sum, non-cooperative game between an attacker and a wireless sensor and actor network. We show that this game achieves Nash equilibrium and thus leads to a defense strategy for the network. We propose two novel schemes for preventing denial of service attack. The first approach is called utility based dynamic source routing (UDSR). It incorporates the total utility of each route in data packets, where utility is a value that we are trying to maximize in the game theoretic approach. The second approach is based on a watch-list, where each node earns a rating from its neighbors, based on its previous cooperation in the network. Results show that the proposed game frameworks significantly increase the chance of success in defense strategy for the wireless sensor and actor networks.
52 citations
01 Oct 2007
TL;DR: This research introduces Clustered Adaptive Rate Limiting, or CARL, a rate limiting approach based on current host-based intrusion detection techniques that is designed to defeat denial-of-sleep attacks.
Abstract: The potential for wide-spread use of wireless sensor networks (WSN) in military monitoring, homeland security, and other areas continues to expand. There are, however, security concerns that must be addressed before this potential is realized. One threat to WSNs is the denial-of-sleep attack, a particular type of denial-of-service attack that rapidly drains sensor node batteries by keeping radios active when they should be sleeping to conserve energy. Simple denial-of-sleep attacks involving unauthenticated or replayed packets are difficult to distinguish from bursty data and can force network devices to incorrectly remain in receive mode. This research introduces Clustered Adaptive Rate Limiting, or CARL, a rate limiting approach based on current host-based intrusion detection techniques that is designed to defeat denial-of-sleep attacks. We use simulation to examine tradeoffs and to demonstrate the potential benefits of the CARL mechanism. Providing support for adaptive rate-limiting at the MAC layer, especially in networks that might encounter bursty data, is essential if WSN are to achieve their full potential for mission-critical applications.
36 citations
06 Mar 2009
TL;DR: This method mitigates the DDoS attack by reducing computational time and memory during the processing of a packet by calculating hop count from the Time-To-Live (TTL) field of each packet.
Abstract: This paper discusses the mitigation of Distributed Denial of Service (DDoS) attack and as well preservation of computational time on wireless network. The DDoS effects upon the QoS in the loss of bandwidth and the resources available at the server. The uncertainty of Distributed denial of Service attack can be best simulated with the help of probabilistic model. The simple Hop Count method was used to calculate the hop count from the Time-To-Live (TTL) field of each packet. In this approach calculation of hop count for each packet is not required to detect the malicious packet. The number of packet we need to examine depends upon the probabilistic approach. This method mitigates the DDoS attack by reducing computational time and memory during the processing of a packet.
33 citations
01 Nov 2009
TL;DR: This paper reviews the design and implementation of a novel defence strategy designed to work alongside existing DoS counter measures to overcome the aforementioned shortcomings.
Abstract: The rapid consumer adoption of high-speed internet connections has lead to the unprecedented interconnection of home networks Consequently, the number of domestic home automation networks offering internet connectivity has increased These home automation networks are increasingly comprised of resource limited wireless sensor networks (WSN) This creates the potential for malicious users from across the internet to attack these resource-limited WSN One such threat is that of a denial of service (DoS) attack Due to the resource-limited nature of WSN, a DoS attack may disrupt communications on the WSN or block remote access to the WSN The existing DoS defence approaches are generic approaches aimed at processing and filtering all internet traffic to remove suspected DoS attack traffic However, these approaches are not capable of filtering out all attack traffic, instead a small amount of attack traffic reaches the attackers intended victim This small level of attack traffic poses a significant threat to the limited resources of WSN This paper reviews the design and implementation of a novel defence strategy designed to work alongside existing DoS counter measures to overcome the aforementioned shortcomings
26 citations
"A self enforcing and flexible secur..." refers background in this paper
...The scheme discussed in [3] proposed a new mechanism which increases the difficulty of launching a low level Distributed Denial of Service attack against a wireless sensor network by using a remote access framework which includes a virtual home and a Distributed DoS Defence Server....
[...]