AMISEC: Leveraging Redundancy and Adaptability to Secure AmI Applications

Security in Ambient Intelligence (AmI) poses too many challenges due to the inherently insecure nature of wireless sensor nodes. However, there are two characteristics of these environments that can be used effectively to prevent, detect, and confine attacks: redundancy and continuous adaptation. In this article we propose a global strategy and a system architecture to cope with security issues in AmI applications at different levels. Unlike in previous approaches, we assume an individual wireless node is vulnerable. We present an agent-based architecture with supporting services that is proven to be adequate to detect and confine common attacks. Decisions at different levels are supported by a trust-based framework with good and bad reputation feedback while maintaining resistance to bad-mouthing attacks. We also propose a set of services that can be used to handle identification, authentication, and authorization in intelligent ambients. The resulting approach takes into account practical issues, such as resource limitation, bandwidth optimization, and scalability

Hybrid Multi-Level Detection and Mitigation of Clone Attacks in Mobile Wireless Sensor Network (MWSN).

Wireless sensor networks (WSNs) are often deployed in hostile environments, where an adversary can physically capture some of the sensor nodes. The adversary collects all the nodes' important credentials and subsequently replicate the nodes, which may expose the network to a number of other security attacks, and eventually compromise the entire network. This harmful attack where a single or more nodes illegitimately claims an identity as replicas is known as the node replication attack. The problem of node replication attack can be further aggravated due to the mobile nature in WSN. In this paper, we propose an extended version of multi-level replica detection technique built on Danger Theory (DT), which utilizes a hybrid approach (centralized and distributed) to shield the mobile wireless sensor networks (MWSNs) from clone attacks. The danger theory concept depends on a multi-level of detections; first stage (highlights the danger zone (DZ) by checking the abnormal behavior of mobile nodes), second stage (battery check and random number) and third stage (inform about replica to other networks). The DT method performance is highlighted through security parameters such as false negative, energy, detection time, communication overhead and delay in detection. The proposed approach also demonstrates that the hybrid DT method is capable and successful in detecting and mitigating any malicious activities initiated by the replica. Nowadays, crimes are vastly increasing and it is crucial to modify the systems accordingly. Indeed, it is understood that the communication needs to be secured by keen observation at each level of detection. The simulation results show that the proposed approach overcomes the weaknesses of the previous and existing centralized and distributed approaches and enhances the performance of MWSN in terms of communication and memory overhead

Whac-A-Mole: Smart Node Positioning in Clone Attack in Wireless Sensor Networks

Wireless sensor networks are often deployed in unattended environments and, thus, an adversary can physically capture some of the sensors, build clones with the same identity as the captured sensors, and place these clones at strategic positions in the network for further malicious activities. Such attacks, called clone attacks, are a very serious threat against the usefulness of wireless networks. Researchers proposed different techniques to detect such attacks. The most promising detection techniques are the distributed ones that scale for large networks and distribute the task of detecting the presence of clones among all sensors, thus, making it hard for a smart attacker to position the clones in such a way as to disrupt the detection process. However, even when the distributed algorithms work normally, their ability to discover an attack may vary greatly with the position of the clones. We believe this aspect has been greatly underestimated in the literature. In this paper, we present a thorough and novel study of the relation between the position of clones and the probability that the clones are detected. To the best of our knowledge, this is the first such study. In particular, we consider four algorithms that are representatives of the distributed approach. We evaluate for them whether their capability of detecting clone attacks is influenced by the positions of the clones. Since wireless sensor networks may be deployed in different situations, our study considers several possible scenarios: a uniform scenario in which the sensors are deployed uniformly, and also not uniform scenarios, in which there are one or more large areas with no sensor (we call such areas “holes”) that force communications to flow around these areas. We show that the different scenarios greatly influence the performance of the algorithms. For instance, we show that, when holes are present, there are some clone positions that make the attacks much harder to be detected. We believe that our work is key to better understand the actual security risk of the clone attack in the presence of a smart adversary and also with respect to different deployment scenarios. Moreover, our work suggests, for the different scenarios, effective clone detection solutions even when a smart adversary is part of the game

Replication Attack Mitigations for Static and Mobile WSN

Security is important for many sensor network applications. Wireless Sensor Networks (WSN) are often deployed in hostile environments as static or mobile, where an adversary can physically capture some of the nodes. once a node is captured, adversary collects all the credentials like keys and identity etc. the attacker can re-program it and replicate the node in order to eavesdrop the transmitted messages or compromise the functionality of the network. Identity theft leads to two types attack: clone and sybil. In particularly a harmful attack against sensor networks where one or more node(s) illegitimately claims an identity as replicas is known as the node replication attack. The replication attack can be exceedingly injurious to many important functions of the sensor network such as routing, resource allocation, misbehavior detection, etc. This paper analyzes the threat posed by the replication attack and several novel techniques to detect and defend against the replication attack, and analyzes their effectiveness in both static and mobile WSN.Comment: 12 page

A Survey On Security In Wireless Sensor Network

With the global use of wireless sensor network technology in different fields and for different purposes such as health care monitoring, earth sensing, air pollution monitoring, military operations monitoring or surveillance system monitoring, a problem arises. Problem that could negatively impact previously started activities and observations if not handled in a right way. Authors of this paper discuss various vulnerabilities and security threads in different applications of WSN in the real world, such as intrusion, node capture attack, black hole attack or selective forwarding attack. Potential countermeasures are proposed formatted as protocols or architectures for secure transfer of data between friendly nodes, compromises on security measures with the goal of achieving secure and reliable connection. This paper could be used as a general representation of WSN security issue with which WSN engineers are faced on a daily basis

Distribuirani obrambeni mehanizmi za clone napade temeljeni na algoritmu za istraživanje gravitacije (GSA) u WSN

Wireless Sensor Networks (WSN) are often deployed in hostile environment and are vulnerable to attacks because of the resource constrained nature of the sensors. Clone attack in WSN is one of the major issues where the messages are eavesdropped, the captured node is cloned, and multiple nodes with same identity are produced by attacker. In order to overcome these issues, in this paper, a Distributed Defense Mechanism for Clone Attacks based on Gravitational Search Algorithm (GSA) in WSN is proposed. For efficiently detecting the suspect nodes, the nodes in the channel can be divided into witness node and the claimer node. The witness nodes are responsible for the suspect nodes detection, whereas the claimer nodes should provide their identities for the detection process. For the witness nodes selection, we utilize the GSA to pick out the best witness nodes set. After selecting the witness nodes, clone attack detection is performed by observing the behavior of the neighbor nodes. On detecting the clone attack, revocation procedure is triggered to revoke the clone attack in the witness nodes. By simulation results, it can be concluded that the proposed algorithm provides better protection to clone attacks by reducing the packet drop and increasing the packet delivery ratio.Bežične senzorske mreže (WSN) često su raspoređene u neprijateljskom okruženju i ranjive su na napade zbog prirode senzora koji su tehnološki ograničeni. Clone napad u WSN jedan je od glavnih problema gdje se poruke prisluškuju, zarobljeni čvor se klonira te napadač proizvede višestruke čvorove istog identiteta. Kako bi nadvladali te probleme, ovaj rad predlaže distribuirani obrambeni mehanizam za clone napade temeljen na algoritmu za istraživanje gravitacije (GSA) u WSN. Kako bi se sumnjivi čvorovi efikasno detektirali, čvorovi u kanalu mogu se podijeliti u čvorove svjedoke i tražene čvorove. Čvorovi svjedoci odgovorni su za otkrivanje sumnjivih čvorova, dok traženi čvorovi trebaju za potrebe procesa detekcije navesti svoj identitet. Za izbor čvorova svjedoka, koristi se GSA kako bi se izabrala grupa čvorova koji su najprikladniji. Nakon izbora čvorova svjedoka, otkivanje clone napada vrši se promatranjem ponašanja susjednih čvorova. Otkrivanjem clone napada aktivira se proces opoziva kako bi se opozvao clone napad u čvorovima svjedocima. Prema rezultatima dobivenim iz simulacije može se zaključiti kako predloženi algoritam pruža bolju zaštitu od clone napada smanjivanjem odbacivanja paketa i povećavanjem omjera isporuke paketa