Cluster Based Intrusion Detection Technique for Wireless Networks

Wireless networks are vulnerable to spoofing attacks, which allows for many other forms of attacks on the networks. Although th e identity of a node can be verified through cryptographic authentication, authentication is not always possible because it requires key management and additional infrastructural overhead. In this paper we propose a method for both detect ing spoofing attacks, as well as locating the positions of adversaries performing the attacks. We propose to use the spatial correlation of received signal strength (RSS) inherited from wireless nodes to detect the spoofing attacks. We then formulate the problem of determin ing the number of attackers as a multiclass detection problem. Cluster - based mechanisms are developed to determine the number of attackers. When the training data are available, we explore using the Support Vector Machines (SVM) method to further improve t he accuracy of determining the number of attackers. In addition, we developed an integrated detection and localization system that can localize the positions of multiple attackers. We evaluated our techniques through two test beds using both an 802.11 ( Wi - Fi ) network and an 802.15.4 network in two real office buildings. Our experimental results show that our proposed methods can achieve over 90 percent Hit Rate and Precision when determining the number of attackers. Our localizatio n results using a represen tative set of algorithms provide strong evidence of high accuracy of localizing multiple adversaries

Trust models in wireless sensor networks: A survey

This paper introduces the security and trust concepts in wireless sensor networks and explains the difference between them, stating that even though both terms are used interchangeably when defining a secure system, they are not the same. The difference between reputation and trust is also explained, highlighting that reputation partially affects trust. The methodologies used to model trust and their references are presented. The factors affecting trust updating are summarised and some examples of the systems in which these factors have been implemented are given. The survey states that, even though researchers have started to explore the issue of trust in wireless sensor networks, they are still examining the trust associated with routing messages between nodes (binary events). However, wireless sensor networks are mainly deployed to monitor events and report data, both continuous and discrete. This leads to the development of new trust models addressing the continuous data issue and also to combine the data trust and the communication trust to infer the total trust. © 2010 Springer-Verlag Berlin Heidelberg

Detection and Localization of IDS Based Spoofing Attackers in Wireless Sensor Networks

A Wireless sensor network consists of a series of sensing devices. These track parameters such as those required for tracking and surveillance and then effectively passes on this information with other such sensors over a specific geographical area within the wireless network. The problem with traditional wireless networks lies in the way that they are positioned in an unattended manner, being controlled remotely by the network operator. This opens up a pathway for attackers, which compromise and capture wireless nodes and launch a variety of attacks that impair the functioning of the system. The proposed system aims to localize and cluster these nodes together, according to their position, wherein the cluster head acts as an Intrusion Detection system by monitoring node behavior such as packet transmission. This information is used to identify the attacked nodes in the wireless sensor network

A Study on Security Mechanism of Civil Air Defense and Disaster Warning Control System based on CDMA Wireless Access

Due to the use of wireless transmission and open networks, mobile communications are faced with enormous security threats. This study focuses on security mechanisms of the civil air defense and disaster warning control system based on CDMA wireless access. The working principle and process of authentication and data encryption are presented in detail. Further we propose and develop a novel hybrid cryptosystem combining AES and ECC for this control system in order to achieve the convenience of a public-key cryptosystem and the efficiency of a symmetric-key cryptosystem. Providing high security and encryption efficiency as well as simple management of keys, the proposed cryptographic approach can meet the requirements for security and real-time-ness of data transmission in the wireless access control system

Intrusion-Resilient Integrity in Data-Centric Unattended WSNs

Unattended Wireless Sensor Networks (UWSNs) operate in autonomous or disconnected mode: sensed data is collected periodically by an itinerant sink. Between successive sink visits, sensor-collected data is subject to some unique vulnerabilities. In particular, while the network is unattended, a mobile adversary (capable of subverting up to a fraction of sensors at a time) can migrate between compromised sets of sensors and inject fraudulent data. In this paper, we provide two collaborative authentication techniques that allow an UWSN to maintain integrity and authenticity of sensor data-in the presence of a mobile adversary-until the next sink visit. Proposed schemes use simple, standard, and inexpensive symmetric cryptographic primitives, coupled with key evolution and few message exchanges. We study their security and effectiveness, both analytically and via simulations. We also assess their robustness and show how to achieve the desired trade-off between performance and security

An Enhanced Source Location Privacy based on Data Dissemination in Wireless Sensor Networks (DeLP)

open access articleWireless Sensor Network is a network of large number of nodes with limited power and computational capabilities. It has the potential of event monitoring in unattended locations where there is a chance of unauthorized access. The work that is presented here identifies and addresses the problem of eavesdropping in the exposed environment of the sensor network, which makes it easy for the adversary to trace the packets to find the originator source node, hence compromising the contextual privacy. Our scheme provides an enhanced three-level security system for source location privacy. The base station is at the center of square grid of four quadrants and it is surrounded by a ring of flooding nodes, which act as a first step in confusing the adversary. The fake node is deployed in the opposite quadrant of actual source and start reporting base station. The selection of phantom node using our algorithm in another quadrant provides the third level of confusion. The results show that Dissemination in Wireless Sensor Networks (DeLP) has reduced the energy utilization by 50% percent, increased the safety period by 26%, while providing a six times more packet delivery ratio along with a further 15% decrease in the packet delivery delay as compared to the tree-based scheme. It also provides 334% more safety period than the phantom routing, while it lags behind in other parameters due to the simplicity of phantom scheme. This work illustrates the privacy protection of the source node and the designed procedure may be useful in designing more robust algorithms for location privac

SHRP - Secure Hybrid Routing Protocol over Hierarchical Wireless Sensor Networks

A data collection via secure routing in wireless sensor networks (WSNs) has given attention to one of security issues. WSNs pose unique security challenges due to their inherent limitations in communication and computing, which makes vulnerable to various attacks. Thus, how to gather data securely and efficiently based on routing protocol is an important issue of WSNs. In this paper, we propose a secure hybrid routing protocol, denoted by SHRP, which combines the geographic based scheme and hierarchical scheme. First of all, SHRP differentiates sensor nodes into two categories, nodes with GPS (NG) and nodes with antennas (NA), to put different roles. After proposing a new clustering scheme, which uses a new weight factor to select cluster head efficiently by using energy level, center weight and mobility after forming cluster, we propose routing scheme based on greedy forwarding. The packets in SHRP are protected based on symmetric and asymmetric cryptosystem, which provides confidentiality, integrity and authenticity. The performance analyses are done by using NS2 and show that SHRP could get better results of packet loss rate, delivery ratio, end to end delay and network lifetime compared to the well known previous schemes