Professional Documents
Culture Documents
Sensor Networks (WSN) has extended to too many real world II. LITERATURE REVIEW
applications such as habitat monitoring, environment
monitoring, military surveillance, etc. Sometimes the through In paper [1] authors design a novel message observation
mechanism (MoM) to detect and defense the DoS attack.
Based on the spatiotemporal correlation, MoM utilizes the
Roshan Singh Sachan, student is with the Department of Computer similarity function to identify the content attack as well as the
Science and Engineering, Graphic Era University, Dehradun, 248002, India frequency attack. The MoM adopts rekey and reroute
(Phone: +918957272790; (e-mail: rsachan28@gmail.com). countermeasures to isolate the malicious node. The security
Mohammad Wazid student is with the Department of Computer Science
and Engineering, Graphic Era University, Dehradun, 248002, India analysis shows that their solution not only detects and defenses
Avita Katal student is with the Department of Computer Science and the DoS attack but also can reduce the energy consumption. In
Engineering, Graphic Era University, Dehradun, 248002, India [2] the advances in the area of the micro-electro-mechanical
D P Singh and R H Goudar is with the Department of Computer Science systems (MEMS) technology provides to send the data without
and Engineering, Graphic Era University, Dehradun, 248002, India
any physical connection from Wireless Sensor Node (WSN) to
the Base Station, this data may be modified by an attacker or
dropped, if no security is provided. A Survey of various
secured routing protocols along with various authentication
methods which use minimum resources to resist against
various attacks is done. In paper [3] a new method is invented
795
for discovering the misdirection attack. Produced results show node density in certain range can reduce the influence of DoS
that the misdirection attack causes consumption of network attacks. Simulations prove DoS attacks decrease the
resources. The advantage of this work is to show the survivability of WSN, adding node energy and properly
importance of reducing energy and time consumption as they improving node density can reduce the influence of DoS
are very significant in data transmission and reducing them attacks. A new method has been invented in paper [10] for
makes transmission process more efficient and reliable. In discovering the misdirection attack. The advantage of this
paper [4] two modifications to the Lightweight Medium work is to show the importance of reducing energy and time
Access Control (LMAC) protocol are proposed and evaluated. consumption. As these two factors are very significant in data
The first is Data Packet Separation Slot Size Randomization transmission and reducing them make transmission process
(DSSSR); the second is Round Robin (RR) slot size more efficient and reliable. Paper [13] depicts that many
assignment. The paper shows that (DS-SSR) can increase the threats can be defeated by using existing encryption and
WSN resistance against the Energy efficient denial of service authentication mechanisms and other techniques can alert
link layer jamming attacks. The paper also shows that network administrators of ongoing attacks or trigger
employing RR slightly eliminates the negative impact on the techniques to conserve energy on affected devices. In paper
network throughput when using countermeasures against [14] to overcome vulnerabilities for large-scale static WSNs, a
energy efficient jamming. Two measures are used to evaluate location-aware end-to-end security framework in which secret
the resistance of the proposed protocol against the attack: keys are bound to geographic locations and each node stores a
lifetime advantage and censorship rate. Experimental results few keys based on its own location. This location-aware
show that about 8 % reduction of the attacker lifetime property effectively limits the impact of compromised nodes
advantage can be achieved with DS-SSR LMAC compared to only to their vicinity without affecting end-to-end data
other countermeasure. Furthermore, results show that the security. The proposed multifunctional key management
censorship rate of the proposed protocol was similar to the framework assures both node-to-sink and node-to-node
other countermeasures. In this paper [5] the authors focused on authentication along the report forwarding routes. Moreover,
security of WSN with the conclusion that the security of the proposed data delivery approach guarantees efficient en-
significant systems should be continually reassessed to take route bogus data filtering and is highly robust against DoS
new detections into account. The level of security needed from attacks. The evaluation demonstrates that the proposed design
the application should also be marked when preferring is highly resilient against an increasing number of
hardware. Paper [6] proposes TARF, a trust-aware routing compromised nodes and effective in energy savings. The
framework for WSNs, to secure multi-hop routing in WSNs design is evaluated through extensive analysis, which
against intruders exploiting the replay of routing information. demonstrates its high resilience against an increasing number
With the idea of trust management, TARF enables a node to of compromised nodes and effectiveness in energy savings that
keep track of the trust worthiness of its neighbors and thus to is, achieving 85 percent or more energy savings in contrast to
select a reliable route. Not only does TARF circumvent those the case without using our design when appropriate parameters
malicious nodes misusing other nodes’ identities to misdirect are chosen. This paper [15] presents an overview of the
network traffic, it also accomplishes efficient energy usage. In various vulnerabilities in WSN at network layer, and the
[7] the challenges and potential solutions to achieve defensive measures that can be taken against these threats.
dependability of WSNs taking into account accidental failures Various security protocols for sensor networks have been
as well as intentional attacks are discussed. In this article the evaluated against these vulnerabilities. Most of the attacks on
authors have identified scientific challenges with respect to some well known and widely used security protocols have
security and dependability that need to be solved to make been discussed, along with the possible countermeasures for
WSNs a ready to use technology for CIP. In order to cope with these attacks. Some new emerging protocols have also been
those challenges they apply a vertical approach, where they do discussed in this context. Suitability of implementation of
not focus on a single layer or subsystem, but consider the cryptographic techniques at the network layer has also been
whole system in all its facets. In this paper [8], a new approach investigated for these severely resource constrained networks.
to achieve confidentiality in multi-hop code dissemination is Although most of the threats have been addressed by
presented. They integrate confidentiality and DoS-attack- researchers much deeply, but a need exists to combine all these
resistance in a multi-hop code dissemination protocol. The separate efforts to develop a unique light weight and powerful
approach is based on Deluge, an open source, state-of-the-art protocol to address the issues cumulatively. Paper [16] checks
code dissemination protocol for WSNs. In addition, they the qualitative analysis of various proactive and reactive
provide a performance evaluation in their scheme, compared protocols which compromise with the internal attacks (i. e.
with the original Deluge and the existing secure Deluge. This misdirection attack) and whether one type of protocol offers
paper [9] presents new method based on services and Markov better resistance to various attacks than the other. In this [17] a
Chain. It distinguishes services, analyzes influence of services novel RSA-based framework for combating DoS attacks in
under DoS attacks and gets the formula of survivability. WSN by ensuring that the malicious party will exhaust its
Probability of states is obtained by markov chain and then the resources prior to exhausting those of its counterparts is
quantities survivability is obtained in different states. proposed. Under the proposed approach, the mathematical
Simulations prove that DoS attacks obviously decrease the operations performed by the malicious party require two or
survivability of WSN but adding node energy and improving three orders of magnitude more resources than those required
796
by the attacked party. The authors also present three
methodologies for establishing an ephemeral key, in which the
proposed DoS mitigation mechanism is an embedded
component. Implementation results on the Intel Mote 2
platform substantiate the clear advantages of the proposed
method the concept developed can be applied to a wide range
of additional security services that are currently not offered in
WSN environments. This paper [18] addresses an especially a
very malignant type of of DoS attack, called PDoS (Path-based
Denial of Service) in which an adversary overwhelms sensor
nodes a long distance away by flooding the node with replayed
Fig. 2. Flow Packets when R1 becomes Attacker
packets or injected spurious packets. A solution using one-way
hash chains to protect end-to-end communications in WSNs Figure 2 shows the flow of packets; they are misdirected to
against PDoS attacks is proposed. The solution provided is node R2 by the malicious node R1. In this paper we have
lightweight, tolerates burst packet losses, and can easily be simulated this attack.
implemented in modern WSNs. 2) Packets forwarded to a node far away from the
destination: This kind of misdirection attack is very harmful
III. PROBLEM DEFINITION AND NOVELITY because all packets are forwarded to a node far away,
preventing them to reach the destination so packets will not
Misdirection Attack is one of the alarming attacks in WSN reach destination. Due to the attack the delay becomes infinite
as it reduces the throughput of the network along with the and further results in zero throughput.
introduction of high end to end delay. In this paper a novel
technique for intrusion detection and prevention of V. INTRUSION DETECTION AND PREVENTION
misdirection attack is proposed. It is a cluster based approach TECHNIQUES FOR MISDIRECTION ATTACK
for the detection and prevention of misdirection attack.
Proposed technique is very effective in the detection and A. Cluster Based Intrusion Detection and Prevention
prevention of this attack. We have also measured the impact of Technique
this technique on the performance of network (i. e. End-to-end
delay and Throughput). In misdirection attack malicious nodes misdirect packets to
other nodes but not to the intended recipient. As the malicious
IV. STUDY OF MISDIRECTION ATTACK intermediate node (routing node) begins misdirecting packets
due to this packets reach destination but not from the actual
It is the most popular Denial of Service Attack. This attack
path but from some other path producing long delay in the
can be performed in different ways. A malicious node could
network due to which throughput is also decreased.
deny a valid route to a particular node thereby denying service
The Cluster based intrusion detection and prevention
to the destination.
technique introduced in this paper detects the misdirection
attacker node and also prevents this attack from occurrence.
A. Types of Misdirection attack
In the proposed technique we build clusters from mobile
It can be performed in two ways:
nodes. Cluster contains nodes which are in the communication
range of each other. A cluster head is elected by these nodes
1) Packets forwarded to a node near to the destination: This
for each cluster. Election of a cluster head requires two things
kind of misdirection attack is less intense, because packets
to be considered.
reach to the destination but from a different route which
x Fairness: Any node can become cluster head meaning
further produces long delay, thus decreasing throughput of
that the probability of every node to be a cluster head
network (bit transfer per second).
should be equal.
x Efficiency: There should be some method that can
select a node from the cluster periodically which has
high efficiency (i.e. battery backup).
797
with stamp value. If packet mismatch or empty entry is found SN4 to SN5 (destination). Thus delay will be increased in the
in the buffer at a particular node, then the previous node will presence of misdirection attacker node (i.e. SN2).
be omitted. The detection process again starts right from the
beginning. It again searches for another optimum route for the
secure communication. Thus any misdirection attack is easily
detected and prevented with the proposed technique.
798
Complexity Analysis:
=
Fig. 9. Normal flow of packets after the deployment of proposed Technique
= 1+2 +3 + ----------- + n= n (n+1)/2
Figure 9 shows a new routing path, formed after intrusion If the value of the timer is t
detection process by omitting the intruder node (SN2) and a = t (n (n+1)/2)
normal flow of traffic is again achieved in the network. Now If the number of nodes are x
traffic is transmitted via new formed path (SN1-SN3-SN4- = x t (n (n+1)/2)
SN5) in place of (SN1-SN2-SN3-SN5). x and t are constant values.
Therefore the complexity is Ө (n2)
B. Misdirection Attack Detection and Prevention Algorithm
For detection and prevention purpose we have proposed C. Flowchart of the proposed Method
following algorithm:
799
TABLE I
COMMON PARAMETERS USED IN SIMULATION
VI. SIMULATION SCENARIO OF MISDIRECTION
ATTACK IN WSN Parameter Value
To verify this work we simulate a WSN under misdirection Simulator Opnet modeler 14.5
attack. We have used the following two simulation scenarios in Area 500x500 met (Fix)
this paper:
14 Sensor Nodes
Network Size 2 Routers
1 Coordinator
Topologies Tree
Simulation Time 30 Minutes
Packet Size (bits) Constant (1024)
TABLE III
END-TO-END DELAY & THROUGHPUT
800
[6] Guoxing Zhan, Weisong Shil, Julia Deng, “TARF: A Trust-Aware
Routing Framework for Wireless Sensor Networks”, EWSN 2010,
LNCS 5970, pp. 65–80, 2010.
[7] N Levente Buttya ,Dennis Gessner, Alban Hessler, Peter
Langendoerfer, , “Application of Wireless Sensor Networks in
Fig. 13. End-to-end Delay (msec) Fig. 14. Throughput (bps) Critical Infrastructure Protection: Challenges and Design
Options”, IEEE Transactions on Wireless Communications
Figure 13 shows end-to-end delay (msec) with normal flow, October 2010.
under attack and under proposed algorithm. Figure 14 shows [8] Hailun Tan,Diethelm Ostry, John Zic,Sanjay Jha, “A Confidential
throughput (bps) with normal flow, under attack and under and DoS-Resistant Multi-hop Code Dissemination Protocol for
Wireless Sensor Networks”, ACM WiSec’09, Zurich, Switzerland,
proposed algorithm. March 16–18, 2009.
[9] Jiang Zhongqiu,Yan Shu,Wang Liangmin, “Survivability
VII. KEY FINDINGS Evaluation of Cluster-Based Wireless Sensor Network under DoS
Attacks” IEEE 5th International Conference on Wireless
In this paper we have measured the impact of the intrusion Communications, Networking and Mobile Computing (WiCom
detection and prevention techniques on the performance of '09), 2009.
WSN under the presence of misdirection attack. Some of the [10] M. Y. Abdullah, Hua Gui Wei, N. Alsharabi, “Wireless sensor
networks misdirection attacker challenges and solutions”, IEEE
observations are:
International Conference on Information and Automation, 2008.
x The End-to-end delay for normal flow is 14.02 msec, [11] Somanath Tripathy, Sukumar Nandi, “Defense against outside
attacks in wireless sensor networks”, Elsevier Computer
14.11 msec under misdirection attack which further Communications, Volume 31, Pages 818-826 Issue 4, 5 March
improves to 14.03 msec when proposed method is 2008.
applied (Refer Table III). The Throughput of the [12] An Liu, Young-Hyun Oh, Peng Ning, “Secure and DoS-Resistant
network for normal flow is 12805.70 bps, 11478.29 Code Dissemination in Wireless Sensor Networks Using Seluge”,
ACM International Conference on Information Processing in
bps under misdirection attack which further improves Sensor Networks 2008.
to 12727.76 bps when proposed method is applied [13] David R. Raymond, Scott F. Midkiff, “Denial-of-Service in
(Refer Table III). Wireless Sensor Networks: Attacks and Defenses”, Published by
the IEEE Pervasive Computing magazine no 1536-1268/08/ 2008.
[14] Kui Ren , Wenjing Lou, Yanchao Zhang “LEDS: Providing
VIII. CONCLUSION Location-Aware End-to-End Data Security in Wireless Sensor
Networks”, IEEE Transactions on Mobile Computing, vol. 7, No.
x The presence of misdirection attack affects entire 5, May 2008.
performance of network especially throughput and [15] Asif Habib, “Sensor Network Security Issues at Network Layer”,
IEEE 2nd International Conference on Advances in Space
End to end delay. The proposed cluster based Technologies, (ICAST’ 08) 2008.
intrusion detection and prevention technique is very [16] Po Wah Yau, Shenglan Hu, Chris J. Mithell, “Malicious attacks
effective to detect and prevent misdirection attack. on ad hoc network routing protocols”, International Journal of
Throughput has increased considerably by proposed Computer Research Vol 15 Issue 1, 2007.
[17] Arazil, H. Qi1, D. Rose “ A Public Key Cryptographic Method for
method but it has introduced some delay. Denial of Service Mitigation in Wireless Sensor Networks”, 4th
x In future this can be extended with some other Annual IEEE Communications Society Conference on Sensor,
topology; we can also vary node density etc. Mesh and Ad Hoc Communications and Networks, ( SECON '07)
x We can apply proposed detection and prevention 2007.
[18] Jing Deng, Richard Han, and Shivakant Mishra, “Defending
technique in misdirection attack prone wireless sensor against Pathbased DoS Attacks in Wireless Sensor Networks”,
networks which gives us secured network with ACM SASN’05, November 7, 2005.
improved performance.
REFERENCES
801