Sleep Deprivation Attack Detection in Wireless Sensor Network

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.Comment: 7 pages,4 figures, IJCA Journal February 201

Probabilistic model for single and multi-sensing intrusion detection in wireless sensor networks

Wireless Sensor Networks consists of tiny devices capable of processing, routing the sensed data and are capable of detecting the intruders. The process of detecting any suspected (anomalous) moving object (attacker) within the reach of a Wireless Sensor Network area is referred to as intrusion detection. In this paper, we propose an algorithm to detect the intruder by the cluster heads in a 2D and 3D homogeneous Wireless Sensor Networks. This algorithm overcomes the attacks on implementation and also, reduces the energy consumption. The proposed algorithm considers Single Sensing and Multi-Sensing Intrusion Detection using minimum number of sensor nodes and a probabilistic model has been developed for both 2D and 3D homogeneous networks. Simulation results show that the power analysis attack and energy consumption is minimized by activating only few sensor nodes for detection and using only few sensor nodes for processing of data. The performance of the proposed algorithm is better compared to using all the sensor nodes for detection where the energy consumption is more

Distributed intrusion detection systems for enhancing security in mobile wireless sensor networks.

We present an approach to provide Intrusion Detection Systems (IDS) facilities into Wireless Sensors Networks (WSN). WSNs are usually composed of a large number of low power sensors. They require a careful consumption of the available energy in order to prolong the lifetime of the network. From the security point of view, the overhead added to standard protocols must be as light as possible according to the required security level. Starting from the DESERT tool [14, 16, 25] which has been proposed for component-based software architectures, we derive a new framework that permits to dynamically enforce a set of properties of the sensors behavior. This is accomplished by an IDS specification that is automatically translated into few lines of code installed in the sensors. This realizes a distributed system that locally detects violation of the sensors interactions policies and is able to minimize the information sent among sensors in order to discover attacks across the network

Distributed intrusion detection systems for enhancing security in mobile wireless sensor networks.

We present an approach to provide Intrusion Detection Systems (IDS) facilities into Wireless Sensors Networks (WSN). WSNs are usually composed of a large number of low power sensors. They require a careful consumption of the available energy in order to prolong the lifetime of the network. From the security point of view, the overhead added to standard protocols must be as light as possible according to the required security level. Starting from the DESERT tool [14, 16, 25] which has been proposed for component-based software architectures, we derive a new framework that permits to dynamically enforce a set of properties of the sensors behavior. This is accomplished by an IDS specification that is automatically translated into few lines of code installed in the sensors. This realizes a distributed system that locally detects violation of the sensors interactions policies and is able to minimize the information sent among sensors in order to discover attacks across the network

Intrusion Detection System for detecting internal threats in 6LoWPAN

6LoWPAN (IPv6 over Low-power Wireless Personal Area Network) is a standard developed by the Internet Engineering Task Force group to enable the Wireless Sensor Networks to connect to the IPv6 Internet. This standard is rapidly gaining popularity for its applicability, ranging extensively from health care to environmental monitoring. Security is one of the most crucial issues that need to be considered properly in 6LoWPAN. Common 6LoWPAN security threats can come from external or internal attackers. Cryptographic techniques are helpful in protecting the external attackers from illegally joining the network. However, because the network devices are commonly not tampered-proof, the attackers can break the cryptography codes of such devices and use them to operate like an internal source. These malicious sources can create internal attacks, which may downgrade significantly network performance. Protecting the network from these internal threats has therefore become one of the centre security problems on 6LoWPAN. This thesis investigates the security issues created by the internal threats in 6LoWPAN and proposes the use of Intrusion Detection System (IDS) to deal with such threats. Our main works are to categorise the 6LoWPAN threats into two major types, and to develop two different IDSs to detect each of this type effectively. The major contributions of this thesis are summarised as below. First, we categorise the 6LoWPAN internal threats into two main types, one that focuses on compromising directly the network performance (performance-type) and the other is to manipulate the optimal topology (topology-type), to later downgrade the network service quality indirectly. In each type, we select some typical threats to implement, and assess their particular impacts on network performance as well as identify performance metrics that are sensitive in the attacked situations, in order to form the basis detection knowledge. In addition, on studying the topology-type, we propose several novel attacks towards the Routing Protocol for Low Power and Lossy network (RPL - the underlying routing protocol in 6LoWPAN), including the Rank attack, Local Repair attack and DIS attack. Second, we develop a Bayesian-based IDS to detect the performance-type internal threats by monitoring typical attacking targets such as traffic, channel or neighbour nodes. Unlike other statistical approaches, which have a limited view by just using a single metric to monitor a specific attack, our Bayesian-based IDS can judge an abnormal behaviour with a wiser view by considering of different metrics using the insightful understanding of their relations. Such wiser view helps to increase the IDS’s accuracy significantly. Third, we develop a Specification-based IDS module to detect the topology-type internal threats based on profiling the RPL operation. In detail, we generalise the observed states and transitions of RPL control messages to construct a high-level abstract of node operations through analysing the trace files of the simulations. Our profiling technique can form all of the protocol’s legal states and transitions automatically with corresponding statistic data, which is faster and easier to verify compare with other manual specification techniques. This IDS module can detect the topology-type threats quickly with a low rate of false detection. We also propose a monitoring architecture that uses techniques from modern technologies such as LTE (Long-term Evolution), cloud computing, and multiple interface sensor devices, to expand significantly the capability of the IDS in 6LoWPAN. This architecture can enable the running of both two proposed IDSs without much overhead created, to help the system to deal with most of the typical 6LoWPAN internal threats. Overall, the simulation results in Contiki Cooja prove that our two IDS modules are effective in detecting the 6LoWPAN internal threats, with the detection accuracy is ranging between 86 to 100% depends on the types of attacks, while the False Positive is also satisfactory, with under 5% for most of the attacks. We also show that the additional energy consumptions and the overhead of the solutions are at an acceptable level to be used in the 6LoWPAN environment

Honeypot for Wireless Sensor Networks

People have understood that computer systems need safeguarding and require knowledge of security principles for their protection. While this has led to solutions for system components such as malware-protection, firewalls and intrusion detection systems, the ubiquitous usage of tiny microcomputers appeared at the same time. A new interconnectivity is on the rise in our lives. Things become “smart” and increasingly build new networks of devices. In this context the wireless sensor networks here interact with users and also, vice versa as well; unprivileged users able to interact with the wireless sensor network may harm the privileged user as a result. The problem that needs to be solved consists of possible harm that may be caused by an unprivileged user interacting with the wireless sensor network of a privileged user and may come via an attack vector targeting a vul- nerability that may take as long as it is needed and the detection of such mal-behaviour can only be done if a sensing component is implemented as a kind of tool detecting the status of the attacked wireless sensor network component and monitors this problem happening as an event that needs to be researched further on. Innovation in attack detection comprehension is the key aspect of this work, because it was found to be a set of hitherto not combined aspects, mechanisms, drafts and sketches, lacking a central combined outcome. Therefore the contribution of this thesis consists in a span of topics starting with a summary of attacks, possible countermeasures and a sketch of the outcome to the design and implementation of a viable product, concluding in an outlook at possible further work. The chosen path for the work in this research was experimental prototype construction following an established research method that first highlights the analysis of attack vectors to the system component and then evaluates the possibilities in order to im- prove said method. This led to a concept well known in common large-scale computer science systems, called a honeypot. Its common definitions and setups were analy- sed and the concept translation to the wireless sensor network domain was evaluated. Then the prototype was designed and implemented. This was done by following the ap- proach set by the science of cybersecurity, which states that the results of experiments and prototypes lead to improving knowledge intentionally for re-use

Microfinance for better lives?: learning experiences of women beneficiaries of the Inhlanyelo Fund in Manzini Region, Eswatini.

Doctoral Degrees. University of KwaZulu-Natal, Pietermaritzburg.Empowering women is a critical issue in developing countries such as Eswatini. Women's poverty is exacerbated by discrimination in the economic, social, and political spheres (Salia, Hussain, Tingbani, & Kolade, 2018), thus limiting their inner potential. Poverty in emerging economies is a major impediment for meeting the countries’ Sustainable Development Goals. There is evidence that interventions, such as microfinance schemes, can improve the lives of women, particularly rural women (Banerjee, 2017; Mayoux, 2002). Women's participation in informal sectors in developing countries could lead to economic growth and well-being. As key players in household welfare, microfinance supports self-employment, and alleviates poverty. Understanding women's microfinance experiences could improve microfinance interventions. The study explores how women beneficiaries of Eswatini’s Inhlanyelo Fund bettered their lives and gained learning experiences. There is limited information available on this topic. This investigation analyses what kind of microfinance intervention is most suitable for improving the lives of women and their families. The study is positioned within the interpretive paradigm, and adopts a qualitative design. The investigation was conducted with ten women in the Manzini regions of Eswatini. Data collection methods include semi-structured interviews, which make use of life histories and photovoice. The data were transcribed and analysed manually using pattern coding where themes emerged. The findings reveal that loan income from the Inhlanyelo Fund was used primarily for consumables, with little remaining for investment in the business. Using the theoretical lenses of Jarvis’ model of experiential learning and the African perspective of ubuntu, this study examines how the women’s learning evolved through access to the fund and led to their empowerment and “buen vivir”. The findings reveal that women learned in social networks through interaction with others, and this helped to transform their behaviour and changed their lives. The study concludes that the ubuntu theme of humanness and participation in the collective were contributory factors in the learning processes of the beneficiaries of Eswatini’s Inhlanyelo Fund. The study recommends that future training should take account of the importance of experiential learning and social networking in empowering women through microfinance schemes