A secure localization approach against wormhole attacks using distance consistency

2009-2010 > Academic research: refereed > Publication in refereed journalVersion of RecordPublishe

Wireless Sensor Network Security: Approaches to Detecting and Avoiding Wormhole Attacks

This paper explores Wireless Sensor Networks (WSNs) and the related security issues and complications arising from a specific type of security breach, the wormhole attack. Wormhole attacks against WSNs are classified as passive, external laptop-class threats. Because malicious wormhole attacks are increasing, these attacks pose a serious security threat and increase the costs to maintain a Wireless Sensor Network. Research into preventing wormhole attacks yields two distinct model approach types: Administrator-Viewpoint models and User-Viewpoint models. While the modalities vary, the four Administrator-Viewpoint models reviewed were designed in the early 2000s and suggest defending against wormhole attacks through the use of expensive hardware, packet leashes, or topology visualization systems. On the other hand, the four proposed User-Viewpoint models have become the current theoretical models of choice.  While existing as simulation approaches to defend against wormhole attacks, the User-Viewpoint models use internally calculated routing algorithms to suggest routes to avoid or evade, not defend against, established wormhole routes. This paper confirms the efficacies of the User-Viewpoint models in the lab simulations are viewed as the most promising cost-effective, future security solutions to wormhole attacks

Detection of Hidden Wormhole Attack in Wireless Sensor Networks using Neighborhood and Connectivity Information

Wireless sensor networks (WSNs) have inspired many applications such as military applications, environmental monitoring and other fields. WSN has emergence in various fields, so security is very important issue for sensor networks. Security comes from attacks. Due to the wireless and distributed nature anyone can connect with the network. Among all possible attacks, wormholes are very hard to detect because they can cause damage to the network without knowing the protocols used in the network. It is a powerful attack that can be conducted without requiring any cryptographic breaks. Wormholes are hard to detect because they use a private, out-of-band channel invisible to the underlying sensor network. In this paper we have proposed a wormhole detection protocol based on neighborhood and connectivity information. Performance analysis shows that our proposed approach can effectively detect wormhole attack with less storage cost. Keywords: Wireless sensor network, wormhole, out-of-band, security, neighborhood

A Survey: Detection and Prevention of Wormhole Attack in Wireless Sensor Networks

Wireless Sensor Networks refers to a multi-hop packet based network that contains a set of mobile sensor nodes. Every node is free to travel separately on any route and can modify its links to other nodes. Therefore, the network is self organizing and adaptive networks which repeatedly changes its topology. The relations among nodes are restricted to their communication range, and teamwork with intermediate nodes is necessary for nodes to forward the packets to other sensor nodes beyond their communication range. The network2019;s broadcasting character and transmission medium help the attacker to interrupt network. An attacker can transform the routing protocol and interrupt the network operations through mechanisms such as selective forwarding, packet drops, and data fabrication. One of the serious routingdisruption attacks is Wormhole Attack. The main emphasis of this paper is to study wormhole attack, its detection method and the different techniques to prevent the network from these attack

Secure location-aware communications in energy-constrained wireless networks

Wireless ad hoc network has enabled a variety of exciting civilian, industrial and military applications over the past few years. Among the many types of wireless ad hoc networks, Wireless Sensor Networks (WSNs) has gained popularity because of the technology development for manufacturing low-cost, low-power, multi-functional motes. Compared with traditional wireless network, location-aware communication is a very common communication pattern and is required by many applications in WSNs. For instance, in the geographical routing protocol, a sensor needs to know its own and its neighbors\u27 locations to forward a packet properly to the next hop. The application-aware communications are vulnerable to many malicious attacks, ranging from passive eavesdropping to active spoofing, jamming, replaying, etc. Although research efforts have been devoted to secure communications in general, the properties of energy-constrained networks pose new technical challenges: First, the communicating nodes in the network are always unattended for long periods without physical maintenance, which makes their energy a premier resource. Second, the wireless devices usually have very limited hardware resources such as memory, computation capacity and communication range. Third, the number of nodes can be potentially of very high magnitude. Therefore, it is infeasible to utilize existing secure algorithms designed for conventional wireless networks, and innovative mechanisms should be designed in a way that can conserve power consumption, use inexpensive hardware and lightweight protocols, and accommodate with the scalability of the network. In this research, we aim at constructing a secure location-aware communication system for energy-constrained wireless network, and we take wireless sensor network as a concrete research scenario. Particularly, we identify three important problems as our research targets: (1) providing correct location estimations for sensors in presence of wormhole attacks and pollution attacks, (2) detecting location anomalies according to the application-specific requirements of the verification accuracy, and (3) preventing information leakage to eavesdroppers when using network coding for multicasting location information. Our contributions of the research are as follows: First, we propose two schemes to improve the availability and accuracy of location information of nodes. Then, we study monitoring and detection techniques and propose three lightweight schemes to detect location anomalies. Finally, we propose two network coding schemes which can effectively prevent information leakage to eavesdroppers. Simulation results demonstrate the effectiveness of our schemes in enhancing security of the system. Compared to previous works, our schemes are more lightweight in terms of hardware cost, computation overhead and communication consumptions, and thus are suitable for energy-constrained wireless networks

Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

Securing location discovery in wireless sensor networks

Providing security for wireless sensor networks in hostile environments has a significant importance. Resilience against malicious attacks during the process of location discovery has an increasing need. There are many applications that rely on sensor nodes\u27 locations to be accurate in order to function correctly. The need to provide secure, attack resistant location discovery schemes has become a challenging research topic. In this thesis, location discovery techniques are discussed and the security threats and attacks are explained. I also present current secure location discovery schemes which are developed for range-based location discovery. The thesis goal is to develop a secure range-free location discovery scheme. This is accomplished by enhancing the voting-based scheme developed in [8, 9] to be used as the bases for developing a secure range-free location discovery scheme. Both the enhancement voting-based and the secure range-free schemes are implemented on Sun SPOT wireless sensors and subjected to various levels of location discovery attacks and tested under different sensor network scales using a simulation program developed for testing purposes

Deterministic Secure Positioning in Wireless Sensor Networks

Properly locating sensor nodes is an important building block for a large subset of wireless sensor networks (WSN) applications. As a result, the performance of the WSN degrades significantly when misbehaving nodes report false location and distance information in order to fake their actual location. In this paper we propose a general distributed deterministic protocol for accurate identification of faking sensors in a WSN. Our scheme does \emph{not} rely on a subset of \emph{trusted} nodes that are not allowed to misbehave and are known to every node in the network. Thus, any subset of nodes is allowed to try faking its position. As in previous approaches, our protocol is based on distance evaluation techniques developed for WSN. On the positive side, we show that when the received signal strength (RSS) technique is used, our protocol handles at most $\lfloor \frac{n}{2} \rfloor-2$ faking sensors. Also, when the time of flight (ToF) technique is used, our protocol manages at most $\lfloor \frac{n}{2} \rfloor - 3$ misbehaving sensors. On the negative side, we prove that no deterministic protocol can identify faking sensors if their number is $\lceil \frac{n}{2}\rceil -1$. Thus our scheme is almost optimal with respect to the number of faking sensors. We discuss application of our technique in the trusted sensor model. More precisely our results can be used to minimize the number of trusted sensors that are needed to defeat faking ones

Secure localization against wormhole attacks using conflicting sets

2010-2011 > Academic research: refereed > Refereed conference paperAccepted ManuscriptPublishe

Attack-resistant location estimation in wireless sensor networks

Many sensor network applications require sensors’ locations to function correctly. Despite the recent advances, location discovery for sensor networks in hostile environments has been mostly overlooked. Most of the existing localization protocols for sensor networks are vulnerable in hostile environments. The security of location discovery can certainly be enhanced by authentication. However, the possible node compromises and the fact that location determination uses certain physical features (e.g., received signal strength) of radio signals make authentication not as effective as in traditional security applications. This paper presents two methods to tolerate malicious attacks against range-based location discovery in sensor networks. The first method filters out malicious beacon signals on the basis of the “consistency” among multiple beacon signals, while the second method tolerates malicious beacon signals by adopting an iteratively refined voting scheme. Both methods can survive malicious attacks even if the attacks bypass authentication, provided that the benign beacon signals constitute the majority of the beacon signals. This paper also presents the implementation and experimental evaluation (through both field experiments and simulation) of all the secure and resilient location estimation schemes that can be used on the current generation of sensor platforms (e.g., MICA series of motes), including the techniques proposed in this paper, in a network of MICAz motes. The experimental results demonstrate the effectiveness of the proposed methods, and also give the secure and resilient location estimation scheme most suitable for the current generation of sensor networks