996 research outputs found
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
A Survey on Wireless Sensor Network Security
Wireless sensor networks (WSNs) have recently attracted a lot of interest in
the research community due their wide range of applications. Due to distributed
nature of these networks and their deployment in remote areas, these networks
are vulnerable to numerous security threats that can adversely affect their
proper functioning. This problem is more critical if the network is deployed
for some mission-critical applications such as in a tactical battlefield.
Random failure of nodes is also very likely in real-life deployment scenarios.
Due to resource constraints in the sensor nodes, traditional security
mechanisms with large overhead of computation and communication are infeasible
in WSNs. Security in sensor networks is, therefore, a particularly challenging
task. This paper discusses the current state of the art in security mechanisms
for WSNs. Various types of attacks are discussed and their countermeasures
presented. A brief discussion on the future direction of research in WSN
security is also included.Comment: 24 pages, 4 figures, 2 table
Clone Node Detection in Wireless Sensor Networks
Wireless Sensor Networks (WSNs) are often deployed in unfavourable situations where an assailant can physically capture some of the nodes, first can reprogram, and then, can replicate them in a large number of clones, easily taking control over the network. This replication node is also called as Clone node. The clone node or replicated node behave as a genuine node. It can damage the network. In node replication attack detecting the clone node important issue in Wireless Sensor Networks. A few distributed solutions have been recently proposed, but they are not satisfactory. First, they are intensity and memory demanding: A serious drawback for any protocol to be used in the WSN- resource constrained environment. In this project first investigate the selection criteria of clone detection schemes with regard to device types, detection methodologies, deployment strategies, and detection ranges. Further, they are vulnerable to the specific assailant models introduced in this paper. In this scenario, a particularly dangerous attack is the replica attack, in which the assailant takes the secret keying materials from a compromised node, generates a large number of assailant-controlled replicas that share the node’s keying materials and ID, and then spreads these replicas throughout the network. With a single captured node, the assailant can create as many replica nodes as he has the hardware to generate.. The replica nodes are controlled by the assailant, but have keying materials that allow them to seem like authorized participants in the network. Our implementation specifies, user will specify its ID, which means client id, secret key will be create, and then include the port number. The witness node will verify the internally bounded user Id and secret key. The witness node means original node. If the verification is success, the information collecting to the packets that packets are send to the destination
Replication Attack Mitigations for Static and Mobile WSN
Security is important for many sensor network applications. Wireless Sensor
Networks (WSN) are often deployed in hostile environments as static or mobile,
where an adversary can physically capture some of the nodes. once a node is
captured, adversary collects all the credentials like keys and identity etc.
the attacker can re-program it and replicate the node in order to eavesdrop the
transmitted messages or compromise the functionality of the network. Identity
theft leads to two types attack: clone and sybil. In particularly a harmful
attack against sensor networks where one or more node(s) illegitimately claims
an identity as replicas is known as the node replication attack. The
replication attack can be exceedingly injurious to many important functions of
the sensor network such as routing, resource allocation, misbehavior detection,
etc. This paper analyzes the threat posed by the replication attack and several
novel techniques to detect and defend against the replication attack, and
analyzes their effectiveness in both static and mobile WSN.Comment: 12 page
An Authentication Protocol for Future Sensor Networks
Authentication is one of the essential security services in Wireless Sensor
Networks (WSNs) for ensuring secure data sessions. Sensor node authentication
ensures the confidentiality and validity of data collected by the sensor node,
whereas user authentication guarantees that only legitimate users can access
the sensor data. In a mobile WSN, sensor and user nodes move across the network
and exchange data with multiple nodes, thus experiencing the authentication
process multiple times. The integration of WSNs with Internet of Things (IoT)
brings forth a new kind of WSN architecture along with stricter security
requirements; for instance, a sensor node or a user node may need to establish
multiple concurrent secure data sessions. With concurrent data sessions, the
frequency of the re-authentication process increases in proportion to the
number of concurrent connections, which makes the security issue even more
challenging. The currently available authentication protocols were designed for
the autonomous WSN and do not account for the above requirements. In this
paper, we present a novel, lightweight and efficient key exchange and
authentication protocol suite called the Secure Mobile Sensor Network (SMSN)
Authentication Protocol. In the SMSN a mobile node goes through an initial
authentication procedure and receives a re-authentication ticket from the base
station. Later a mobile node can use this re-authentication ticket when
establishing multiple data exchange sessions and/or when moving across the
network. This scheme reduces the communication and computational complexity of
the authentication process. We proved the strength of our protocol with
rigorous security analysis and simulated the SMSN and previously proposed
schemes in an automated protocol verifier tool. Finally, we compared the
computational complexity and communication cost against well-known
authentication protocols.Comment: This article is accepted for the publication in "Sensors" journal. 29
pages, 15 figure
Distribuirani obrambeni mehanizmi za clone napade temeljeni na algoritmu za istraživanje gravitacije (GSA) u WSN
Wireless Sensor Networks (WSN) are often deployed in hostile environment and are vulnerable to attacks because of the resource constrained nature of the sensors. Clone attack in WSN is one of the major issues where the messages are eavesdropped, the captured node is cloned, and multiple nodes with same identity are produced by attacker. In order to overcome these issues, in this paper, a Distributed Defense Mechanism for Clone Attacks based on Gravitational Search Algorithm (GSA) in WSN is proposed. For efficiently detecting the suspect nodes, the nodes in the channel can be divided into witness node and the claimer node. The witness nodes are responsible for the suspect nodes detection, whereas the claimer nodes should provide their identities for the detection process. For the witness nodes selection, we utilize the GSA to pick out the best witness nodes set. After selecting the witness nodes, clone attack detection is performed by observing the behavior of the neighbor nodes. On detecting the clone attack, revocation procedure is triggered to revoke the clone attack in the witness nodes. By simulation results, it can be concluded that the proposed algorithm provides better protection to clone attacks by reducing the packet drop and increasing the packet delivery ratio.Bežične senzorske mreže (WSN) često su raspoređene u neprijateljskom okruženju i ranjive su na napade zbog prirode senzora koji su tehnološki ograničeni. Clone napad u WSN jedan je od glavnih problema gdje se poruke prisluškuju, zarobljeni čvor se klonira te napadač proizvede višestruke čvorove istog identiteta. Kako bi nadvladali te probleme, ovaj rad predlaže distribuirani obrambeni mehanizam za clone napade temeljen na algoritmu za istraživanje gravitacije (GSA) u WSN. Kako bi se sumnjivi čvorovi efikasno detektirali, čvorovi u kanalu mogu se podijeliti u čvorove svjedoke i tražene čvorove. Čvorovi svjedoci odgovorni su za otkrivanje sumnjivih čvorova, dok traženi čvorovi trebaju za potrebe procesa detekcije navesti svoj identitet. Za izbor čvorova svjedoka, koristi se GSA kako bi se izabrala grupa čvorova koji su najprikladniji. Nakon izbora čvorova svjedoka, otkivanje clone napada vrši se promatranjem ponašanja susjednih čvorova. Otkrivanjem clone napada aktivira se proces opoziva kako bi se opozvao clone napad u čvorovima svjedocima. Prema rezultatima dobivenim iz simulacije može se zaključiti kako predloženi algoritam pruža bolju zaštitu od clone napada smanjivanjem odbacivanja paketa i povećavanjem omjera isporuke paketa
- …