A Comprehensive Survey on Routing and Security in Mobile Wireless Sensor Networks

With the continuous advances in mobile wirelesssensor networks (MWSNs), the research community hasresponded to the challenges and constraints in the design of thesenetworks by proposing efficient routing protocols that focus onparticular performance metrics such as residual energy utilization,mobility, topology, scalability, localization, data collection routing,Quality of Service (QoS), etc. In addition, the introduction ofmobility in WSN has brought new challenges for the routing,stability, security, and reliability of WSNs. Therefore, in thisarticle, we present a comprehensive and meticulous investigationin the routing protocols and security challenges in the theory ofMWSNs which was developed in recent years

Impact of Denial-of-Service Attack on Directional Compact Geographic Forwarding Routing Protocol in Wireless Sensor Networks

يَعِدُ بروتوكول التوجيه، الموجه الجغرافي المضغوط (DCGF) بتوليد الحد الأدنى من النفقات العامة من خلال استخدام هوائي ذكي وتجميع واعٍ لجودة الخدمة (QoS). ومع ذلك، تم اختبار DCGF فقط في سيناريو خالٍ من الهجمات دون إشراك عناصر الأمان.  لذلك، تم إجراء استقصاء لفحص خوارزمية بروتوكول التوجيه فيما إذا كانت آمنة ضد الشبكات القائمة على الهجوم بوجود هجوم رفض الخدمة (DoS).  تم إجراء هذا التحليل على هجوم DoS باستخدام مهاجم واحد مثالي، A1، للتحقيق في تأثير هجوم DoS على DCGF في خط اتصال.  أظهرت الدراسة أن   DCGF لا يعمل بكفاءة من حيث نسبة تسليم الحزم واستهلاك الطاقة حتى على مهاجم واحد.Directional Compact Geographic Forwarding (DCGF) routing protocol promises a minimal overhead generation by utilizing a smart antenna and Quality of Service (QoS) aware aggregation. However, DCGF was tested only in the attack-free scenario without involving the security elements. Therefore, an investigation was conducted to examine the routing protocol algorithm whether it is secure against attack-based networks in the presence of Denial-of-Service (DoS) attack. This analysis on DoS attack was carried out using a single optimal attacker, A1, to investigate the impact of DoS attack on DCGF in a communication link. The study showed that DCGF does not perform efficiently in terms of packet delivery ratio and energy consumption even on a single attacker

SRP-HEE: A Modified Stateless Routing Protocol based on Homomorphic Energy based Encryption for Wireless Sensor Network

Due to the wireless nature, the sensors node data are prone to location privacy of source and classification of the packet by unauthorized parties. Data encryption is one of the most effective ways to thwart unauthorized access to the data and trace information. Traditional wireless network security solutions are not viable for WSNs In this paper, a novel distributed forward aware factor based heuristics towards generating greedy routing using stateless routing is SRP-HEE for wireless sensor network. The model employs the homomorphic Energy based encryption technique. Energy based Encryption model is devoted as homomorphic mechanism due to their less computational complexity. Additionally, privacy constraint becoming a critical issue in the wireless sensor networks (WSNs) because sensor nodes are generally prone to attacks which deplete energy quickly as it is exposed to mobile sink frequently for data transmission. Through inclusion of the Forward aware factor on the Greedy routing strategies, it is possible to eliminate the attacking node which is depleting the energy of the source node. Heuristic conditions are used for optimizing the sampling rate and battery level for tackling the battery capacity constraints of the wireless sensor nodes. The Node characteristics of the propagating node have been analysed utilizing kalman filter and linear regression. The cooperative caching of the network information will enable to handle the fault condition by changing the privacy level of the network. The Simulation results demonstrate that SRP-HEE model outperforms existing technique on basis of Latency, Packet Delivery Ratio, Network Overhead, and Energy Utilization of nodes

TRUST-BASED DEFENSE AGAINST INSIDER PACKET DROP ATTACKS IN WIRELESS SENSOR NETWORKS

In most wireless sensor networks (WSNs), sensor nodes generate data packets and send them to the base station (BS) by multi-hop routing paths because of their limited energy and transmission range. The insider packet drop attacks refer to a set of attacks where compromised nodes intentionally drop packets. It is challenging to accurately detect such attacks because packets may also be dropped due to collision, congestion, or other network problems. Trust mechanism is a promising approach to identify inside packet drop attackers. In such an approach, each node will monitor its neighbor's packet forwarding behavior and use this observation to measure the trustworthiness of its neighbors. Once a neighbor's trust value falls below a threshold, it will be considered as an attacker by the monitoring node and excluded from the routing paths so further damage to the network will not be made. In this dissertation, we analyze the limitation of the state-of-the-art trust mechanisms and propose several enhancement techniques to better defend against insider packet drop attacks in WSNs. First, we observe that inside attackers can easily defeat the current trust mechanisms and even if they are caught, normally a lot of damage has already been made to the network. We believe this is caused by current trust models' inefficiency in distinguishing attacking behaviors and normal network transmission failures. We demonstrate that the phenomenon of consecutive packet drops is one fundamental difference between attackers and good sensor nodes and build a hybrid trust model based on it to improve the detection speed and accuracy of current trust models. Second, trust mechanisms give false alarms when they mis-categorize good nodes as attackers. Aggressive mechanisms like our hybrid approach designed to catch attackers as early as possible normally have high false alarm rate. Removing these nodes from routing paths may significantly reduce the performance of the network. We propose a novel false alarm detection and recovery mechanism that can recover the falsely detected good nodes. Next, we show that more intelligent packet drop attackers can launch advanced attacks without being detected by introducing a selective forwarding-based denial-of-service attack that drops only packets from specific victim nodes. We develop effective detection and prevention methods against such attack. We have implemented all the methods we have proposed and conducted extensive simulations with the OPNET network simulator to validate their effectiveness

A Survey on Intrusion Detection in Wireless Sensor Networks

ABSTRACT In recent years, the applications based on the Wireless Sensor Networks are growing very fast. The application areas include agriculture, healthcare, military, hospitality management, mobiles and many others. So these networks are very important for us and the security of the network from the various attacks is also a more important issue in WSN application now days. Stopping these attacks or enhancing the security of the WSN system various intrusion detection policies are developed till date to detect the node/s that is/are not working normally. Out of various detection techniques three major categories explored in this paper are Anomaly detection, Misuse detection and Specificationbased detection. Here in this review paper various attacks on Wireless Sensor Networks and existing Intrusion detection techniques are discussed to detect the compromised node/s. The paper also provides a brief discussion about the characteristics of the Wireless Sensor Networks and the classification of attacks

Intrusion detection in IPv6-enabled sensor networks.

In this research, we study efficient and lightweight Intrusion Detection Systems (IDS) for ad-hoc networks through the lens of IPv6-enabled Wireless Sensor Actuator Networks. These networks consist of highly constrained devices able to communicate wirelessly in an ad-hoc fashion, thus following the architecture of ad-hoc networks. Current state of the art IDS in IoT and WSNs have been developed considering the architecture of conventional computer networks, and as such they do not efficiently address the paradigm of ad-hoc networks, which is highly relevant in emerging network paradigms, such as the Internet of Things (IoT). In this context, the network properties of resilience and redundancy have not been extensively studied. In this thesis, we first identify a trade-off between the communication and energy overheads of an IDS (as captured by the number of active IDS agents in the network) and the performance of the system in terms of successfully identifying attacks. In order to fine-tune this trade-off, we model networks as Random Geometric Graphs; these are a rigorous approach that allows us to capture underlying structural properties of the network. We then introduce a novel IDS architectural approach that consists of a central IDS agent and set of distributed IDS agents deployed uniformly at random over the network area. These nodes are able to efficiently detect attacks at the networking layer in a collaborative manner by monitoring locally available network information provided by IoT routing protocols, such as RPL. The detailed experimental evaluation conducted in this research demonstrates significant performance gains in terms of communication overhead and energy dissipation while maintaining high detection rates. We also show that the performance of our IDS in ad-hoc networks does not rely on the size of the network but on fundamental underling network properties, such as the network topology and the average degree of the nodes. The experiments show that our proposed IDS architecture is resilient against frequent topology changes due to node failures