Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

Um sistema baseado na Teoria do Perigo para detectar ataques Jamming em Manets

Orientador : Prof. Dr. Aldri Luiz dos SantosCoorientadora : Profa. Dra. Michele Nogueira LimaDissertação (mestrado) - Universidade Federal do Paraná, Setor de Ciencias Exatas, Programa de Pós-Graduação em Informática. Defesa: Curitiba, 16/09/2011Bibliografia: fls. 77-87Resumo: As redes sem fio possibilitam a comunica¸c˜ao de dispositivos computacionais port'ateis, como celulares, notebooks, palmtops, entre outros. Um principal desafio 'a seguran¸ca das aplica¸c˜oes e servi¸cos dependentes das redes sem fio 'e a vulnerabilidade das comunica¸c˜oes aos ataques jamming. No escopo das redes sem fio, as redes m'oveis ad hoc (MANETs - Mobile Ad hoc Networks) permitem que os usu'arios tenham mobilidade e acessem as informa¸c˜oes de forma descentralizada empregando ondas eletromagn'eticas atrav'es do meio de transmiss˜ao sem fio. Para tentar garantir a existˆencia de uma MANET segura, robusta e confi'avel, 'e necess'ario desenvolver um sistema de detec¸c˜ao como contramedida inicial aos ataques jamming. Em face 'as limita¸c˜oes dos sistemas de detec¸c˜ao de ataques jamming existentes, este trabalho prop˜oe um sistema de detec¸c˜ao distribu'?do e flex'?vel contra ataques jamming em MANETs. O sistema de detec¸c˜ao proposto, denominado DANTE (do inglˆes, Detecting jAmming attacks by the daNger ThEory), tem como inspira¸c˜ao a teoria do perigo, a qual possui caracter'?sticas que inspiram o desenvolvimento de um sistema de detec¸c˜ao de ataques jamming nas MANETs, como a descentraliza¸c˜ao, a dinamicidade e a quantifica ¸c˜ao. O sistema DANTE 'e composto por uma arquitetura com trˆes m'odulos, denominados medi¸c˜oes e informa¸c˜oes, detec¸c˜ao bio-inspirada e resposta ao ataque jamming. O m'odulo de medi¸c˜oes e informa¸c˜oes calcula os valores das medi¸c˜oes estat'?sticas e coleta os dados provenientes da camada de enlace que sofreram interferˆencia. O m'odulo de detec ¸c˜ao bio-inspirada determina e quantifica os ataques na rede. O m'odulo de resposta ao ataque jamming toma uma a¸c˜ao apropriada de acordo com a quantifica¸c˜ao do ataque. Para avaliar o desempenho do sistema DANTE s˜ao empregados dois tipos diferentes de cen'arios. Os cen'arios s˜ao compostos por trˆes dispositivos, os quais dois deles s˜ao leg'?timos e um atua como o atacante. No primeiro cen'ario, os dispositivos s˜ao vizinhos entre si, j'a no segundo cen'ario, o dispositivo atacante 'e vizinho somente de um dispositivo leg'?timo. A fim de avaliar o sistema DANTE s˜ao empregadas as m'etricas de desempenho denominadas acur'acia e precis˜ao. Al'em disso, o sistema DANTE 'e comparado a um outro sistema de detec¸c˜ao de ataques jamming encontrado na literatura, denominado neste trabalho como CLADE. Os resultados de simula¸c˜ao mostram que o sistema DANTE possui um desempenho superior ao sistema CLADE. Al'em de obter a precis˜ao de 100% nos ataques jamming deceptivo e reativo, o sistema DANTE alcan¸cou os maiores resultados para a acur'acia nos ataques jamming deceptivo, aleat'orio e reativo.Abstract: Wireless networks make possible the communication between portable devices, such as cell phones, laptops, palmtops, among others. A main challenge to security of applications and services dependent of wireless networks is the communications vulnerability to jamming attacks. In wireless networks context, mobile ad hoc networks (MANETs) allow users to have mobility and access information in a decentralized way using electromagnetic waves to communicate by wireless medium. In order to assure the existence of a secure, robust and trustworthy MANET, it is necessary to develop a detection system against jamming attacks as initial countermeasure. In face of existing detection systems limitations, this work proposes a detection system against jamming attacks to MANETs. The detection system proposed, called DANTE (Detecting jAmming attacks by the daNger ThEory), has as inspiration danger theory, that is supported by the argumentation that immune system discerns between danger and absence of danger. DANTE system comprises an architecture with three modules, called informations and measures, bio-inspired detection and jamming response. Information and measurements module captures data from the link layer that suffered interference and calculates the values of statistical measures. Bio-inspired detection module identifies and quantifies the presence of jammers in a bio-inspired manner. The jamming response module takes an action, based on quantification, to mitigate the impact of jamming attack. The performance of DANTE system is evaluated using two different scenarios. They comprise three devices, in which two serve as sender and receiver, and one acts as the attacker. In the first scenario all devices are neighbors, and in the second one, the attacker is neighbor only of sender. Two performance metrics, called accuracy and precision, are used in order to evaluate DANTE system. Further, DANTE system is compared with another jamming detection system, called in this work as CLADE. Simulation results show that DANTE system reaches a superior performance than CLADE system. Besides DANTE system obtains a precision rate of 100% in deceptive and reactive jamming at tacks, it reaches higher values than CLADE system to accuracy rate in deceptive, random and reactive jamming attacks