FALSE MISBEHAVIOUR ELIMINATION IN WATCHDOG MONITORING SYSTEM USING CHANGE POINT IN A WIRELESS SENSOR NETWORK

Wireless Sensor Networks are to be widely deployed in the near future for data monitoring in commercial, industrial and military applications. Though much research has focused on making these networks feasible and useful security has received very little attention. Sensor networks are exposed to variety of attacks like eavesdropping, message tampering, selective forward, gray hole attack, and Wormhole and Sybil attacks. Watchdog is a kind of behaviour monitoring mechanism which is the base of many trust systems in Ad hoc and Wireless Sensor Network. Current watchdog mechanism only evaluates its next-hop’s behaviour and propagates the evaluation result to other nodes by broadcasting, which is neither energy efficient nor attack resilient. The fundamental problem of secure neighbour discovery is studied which is importunate in protecting the network from different forms of attacks. In this paper an improved watchdog monitoring mechanism is proposed by using the process of change point detection. By implementing this change point detection algorithm in watchdog mechanism, the limitations of the existing watchdog mechanism are overcome. From this the exact malicious node can be found out and the data will be routed through a secure path bypassing the malicious node. Finally to analyze the efficiency of this algorithm, the results obtained from the proposed algorithm and the existing algorithms are compared

TRUST-BASED DEFENSE AGAINST INSIDER PACKET DROP ATTACKS IN WIRELESS SENSOR NETWORKS

In most wireless sensor networks (WSNs), sensor nodes generate data packets and send them to the base station (BS) by multi-hop routing paths because of their limited energy and transmission range. The insider packet drop attacks refer to a set of attacks where compromised nodes intentionally drop packets. It is challenging to accurately detect such attacks because packets may also be dropped due to collision, congestion, or other network problems. Trust mechanism is a promising approach to identify inside packet drop attackers. In such an approach, each node will monitor its neighbor's packet forwarding behavior and use this observation to measure the trustworthiness of its neighbors. Once a neighbor's trust value falls below a threshold, it will be considered as an attacker by the monitoring node and excluded from the routing paths so further damage to the network will not be made. In this dissertation, we analyze the limitation of the state-of-the-art trust mechanisms and propose several enhancement techniques to better defend against insider packet drop attacks in WSNs. First, we observe that inside attackers can easily defeat the current trust mechanisms and even if they are caught, normally a lot of damage has already been made to the network. We believe this is caused by current trust models' inefficiency in distinguishing attacking behaviors and normal network transmission failures. We demonstrate that the phenomenon of consecutive packet drops is one fundamental difference between attackers and good sensor nodes and build a hybrid trust model based on it to improve the detection speed and accuracy of current trust models. Second, trust mechanisms give false alarms when they mis-categorize good nodes as attackers. Aggressive mechanisms like our hybrid approach designed to catch attackers as early as possible normally have high false alarm rate. Removing these nodes from routing paths may significantly reduce the performance of the network. We propose a novel false alarm detection and recovery mechanism that can recover the falsely detected good nodes. Next, we show that more intelligent packet drop attackers can launch advanced attacks without being detected by introducing a selective forwarding-based denial-of-service attack that drops only packets from specific victim nodes. We develop effective detection and prevention methods against such attack. We have implemented all the methods we have proposed and conducted extensive simulations with the OPNET network simulator to validate their effectiveness

Security and Privacy Issues in Wireless Mesh Networks: A Survey

This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio

Trust model genetic node recovery based on cloud theory for underwater acoustic sensor network

Underwater Acoustic Sensor Networks [UASNs] are becoming a very growing research topic in the field of WSNs. UASNs are harmful by many attacks such as Jamming attacks at the physical layer, Collision attacks at the data link layer and Dos attacks at the network layer. UASNs has a unique characteristic such as unreliable communication, mobility, and computation of underwater sensor network. Because of this the traditional security mechanism, e.g. cryptographic, encryption, authorization and authentications are not suitable for UASNs. Many trust mechanisms of TWSNs [Terrestrial Wireless Sensor Networks] had proposed to UASNs and failed to provide security for UASNs environment, due to dynamic network structure and weak link connection between sensors. In this paper, a novel Trust Model Genetic Algorithm based on Cloud Theory [TMC] for UASNs has been proposed. The TMC-GA suggested a genetic node recovery algorithm to improve the TMC network in terms of better network lifetime, residual energy and total energy consumption. Also ensures that sensor nodes are participating in the rerouting in the routing discovery and performs well in terms of successful packet delivery. Simulation result provides that the proposed TMC-Genetic node recovery algorithm outperforms compared to other related works in terms of the number of hops, end-to-end delay, total energy consumption, residual energy, routing overhead, throughput and network lifetime

PAWN: a payload-based mutual authentication scheme for wireless sensor networks

Copyright © 2016 John Wiley & Sons, Ltd. Wireless sensor networks (WSNs) consist of resource-starving miniature sensor nodes deployed in a remote and hostile environment. These networks operate on small batteries for days, months, and even years depending on the requirements of monitored applications. The battery-powered operation and inaccessible human terrains make it practically infeasible to recharge the nodes unless some energy-scavenging techniques are used. These networks experience threats at various layers and, as such, are vulnerable to a wide range of attacks. The resource-constrained nature of sensor nodes, inaccessible human terrains, and error-prone communication links make it obligatory to design lightweight but robust and secured schemes for these networks. In view of these limitations, we aim to design an extremely lightweight payload-based mutual authentication scheme for a cluster-based hierarchical WSN. The proposed scheme, also known as payload-based mutual authentication for WSNs, operates in 2 steps. First, an optimal percentage of cluster heads is elected, authenticated, and allowed to communicate with neighboring nodes. Second, each cluster head, in a role of server, authenticates the nearby nodes for cluster formation. We validate our proposed scheme using various simulation metrics that outperform the existing schemes