See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/323567366

Security vulnerabilities, attacks and countermeasures in wireless sensor

networks at various layers of OSI reference model: A survey

Conference Paper · July 2017

DOI: 10.1109/CSPC.2017.8305855

CITATIONS READS

53 2,693

4 authors:

Preeti Sinha Vijay Kumar Jha

Birla Institute of Technology, Mesra Birla Institute of Technology, Mesra
1 PUBLICATION   53 CITATIONS    37 PUBLICATIONS   334 CITATIONS   

SEE PROFILE SEE PROFILE

Amit Kumar Rai Bharat Bhushan

RTC institute of Technology , Ranchi jharkhand Sharda University
3 PUBLICATIONS   125 CITATIONS    99 PUBLICATIONS   1,175 CITATIONS   

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Query Optimization in Big Data View project

ICCCIS View project

All content following this page was uploaded by Bharat Bhushan on 10 May 2019.

The user has requested enhancement of the downloaded file.

 International Conference on Signal Processing and Communication (ICSPC’17) – 28th & 29th July 2017
Security vulnerabilities, attacks and countermeasures
in wireless sensor networks at various layers of OSI
reference model: A Survey
Preeti sinha
Dept. of computer science and engg.
Birla Institute of Technology, Mesra
Ranchi, Jharkhand, India
Preetigunja5@gmail.com
Amit Kumar Rai
Dept. of computer science and engg.
Birla Institute of Technology, Mesra
Ranchi, Jharkhand, India
Ak_rai@yahoo.com
Abstract-Wireless sensor networks (WSNs) security is a topic
of great importance because of advancement of many security
sensitive applications in diverse fields involving WSNs. Compared
to traditional wireless and wired networks, WSNs also possess
numerous additional vulnerabilities such as dynamic network
topology, broadcast nature of the medium, resource constrained
nodes, immense network scale and lack of physical infrastructure.
The open communication environment makes WSNs more
vulnerable than wired communications to several types of attacks
including the passive type of eavesdropping attack leading to
intercepted transmissions and active type of jamming attack
leading to disrupted transmissions. These additional
vulnerabilities enable the adversary to launch severe and even
more complicated attacks. Thus a thorough investigation of
attacks that can be launched against WSNs is required.
Therefore, this article is motivated for examining the wireless
security vulnerabilities and the imposed threats to devise reliable
and efficient defence technique for improvement of WSNs
security. We first summarize the security challenges and the
security requirements of wireless networks. The paper then
throws light on security vulnerabilities in wireless networks and
classifies various attacks in WSNs according to different OSI
protocol layers. Finally, some open technical challenges which are
still unsolved are summarized and future works in WSNs security
are discussed.
Keywords- wireless sensor networks, security challenges,
security goals, OSI layer, routing protocols, TCP flood, UDP
flood.
I. INTRODUCTION
With the advancement in communications, electronics,
internet and information technologies have lead to evolution of
wireless sensor networks (WSNs). WSN is an emerging
research area among academia, research organizations and
industries [1]. These are used for healthcare, object tracking,
smart homes monitoring and so on. WSNs consist of numerous
inexpensive sensors with limited resources such as low
bandwidth, low processing units, low memory and limited
288
ECE Programme, Karunya University
Dr. V. K. Jha
Dept. of computer science and engg.
Birla Institute of Technology, Mesra
Ranchi, Jharkhand, India
vkjha@bitmesra.ac.in
Bharat Bhushan
Dept. of computer science and engg.
Birla Institute of Technology, Mesra
Ranchi, Jharkhand, India
bharat_bhushan1989@yahoo.com
battery supply [2]. Sensors are integrated with wireless sensing
capabilities and a sensing unit. These sensors are small in size
and are deployed to perform the intended tasks efficiently.
Heterogeneous sensor networks have better performance so is
more practical. These provide scalability, delay tolerant and
efficient load-balancing [3], [4], [5]. With the increasing use of
WSNs in real-time applications such as military, hospitals and
wildlife monitoring, there is need for the data to be available
anytime, anywhere and everywhere. These WSNs information
are highly critical and sensitive. Thus adversary may leak the
sensors information by introducing malicious nodes in the
sensor network. Adversary can also interrupt the network
functionality.
WSNs adopt OSI layers protocol structure that comprises of
several layers. Security vulnerabilities with these protocol
layers are separately protected at each layer. This meets the
security requirements such as confidentiality, authentication,
integrity and availability. Data confidentiality can be protected
using cryptographic techniques by prevention of disclosure of
information to unauthorized users [6]. Cryptography improves
data confidentiality but requires more computational power
and introduces latency. This is because of time requirement in
data encryption as well as data decryption. WSNs employ
various authentication approaches to guarantee data
authenticity. These approaches include MAC layer
authentication [7], transport layer authentication [8], and
network layer authentication [9]. The network layer uses WPA
and WPA2 for guaranteeing authentication. The transport layer
uses SSL and TSL protocols to provide data authentication in
WSNs. The major wireless security technique includes
authentication, encryption, authorization, latency and
complexity.
In wired networks, there exists physical connection among
the communicating nodes through cables. Due to broadcast
nature of wireless networks, these WSNs are vulnerable to
 International Conference on Signal Processing and Communication (ICSPC’17) – 28th & 29th July 2017
several malicious attacks including DoS attack, eavesdropping
attack, MITM attack, spoofing attack, message falsified attack,
etc. In a wireless network, unauthorized nodes can cause
interferences leading to data communication disruption
between the legitimate users. Eavesdroppers may overhear the
wireless communication sessions if it is within the transmit
range of the transmitting node. Cryptographic techniques can
be used to maintain confidential transmissions by preventing
eavesdroppers from data interception between legitimate users.
Thus cryptographic techniques assume the eavesdroppers to
have limited computing power.
The remainder of this paper is organised as follows. Section
2 outlines various security challenges such as broadcast nature
of medium, lack of physical infrastructure, dynamic network
topology, resource constrained nodes and immense scale of
WSNs. Section 3 presents the security requirements and goals
of WSNs where the confidentiality, integrity, authenticity and
network availability are discussed. Section 4 explores the
existing security vulnerabilities in wireless networks. Here the
various protocols used in different layers of OSI protocol stack
are discussed. The section also explores the various wireless
network attacks encountered by different OSI protocol stack
layers including the physical layer, the MAC layer, the
network layer, the transport layer and the application layer.
These discussions and reviews are followed by section 5,
where few open challenges and future trends in WSNs security
are presented. Finally, section 6, concludes this article.
II. SECURITY CHALLENGES
WSNs have several security vulnerabilities due to its
broadcast and open nature of wireless medium. Malicious
adversaries exploits these existing vulnerabilities of the
network to launch several types of attacks such as wormhole
attack, denial of service attack, sinkhole attack, black hole
attack, flooding attack, etc. Several such WSNs vulnerabilities
are detailed below.
x Broadcast nature of the medium:
Wireless medium access is open to all, thus the malicious
adversary can gain network access by positioning itself with
the radio range of the sensor network nodes. Thus attacker may
intercept, replay, alter or eavesdrop on the network’s
transmissions.
x Resource constrained sensor nodes:
SNs in sensor network have limited processing, energy and
computational power, memory, storage resources and
bandwidth. These make the SNs resources constrained
restricting certain preventive techniques such as data
aggregation and cryptography. These techniques may serve as
first defence line against attacks which are launched against
entire network and also individual nodes.
x Lack of physical safeguards:
SNs are deployed in hostile environments. SNs can be
physically damaged, captured or destroyed by attackers in such
hostile environments. In military battlefields, device capture
can lead to severe consequences.
289
ECE Programme, Karunya University
x Dynamic network topology:
WSNs have dynamic network topology and thus do not have
statically defined boundary or structure as the SNs can leave or
join the network anytime. Thus security schemes that can
counter such high network dynamism are required.
x Immense scale:
Intrusion detection is difficult in networks containing
thousands of SNs as compared to small-scale networks.
III. SECURITY GOALS
WSNs security evaluation is based on numerous criteria’s
often termed as security goals. If networks fail to meet any of
these goals, security schemes needs to be designed. Here in this
section, various security goals are explored which should be
present for all network types. These goals include the
following.
A. Data confidentiality
This refers to the message content being concealed from
every node other than destination to prevent message content
disclosure by the attackers. This limits the data access only to
legitimate users. Data confidentiality can be achieved by
various cryptographic techniques. In symmetric key encryption
schemes, the sending node encrypts the plaintext (original
data) using a secret key and an encryption algorithm. Cipher
text (encrypted data) is transmitted to the destination where
these are decrypted using the secret keys known only to the
destination. Eavesdropper is unable to interpret the CT as it has
no information about the secret key. Several key management
techniques are required for exchange of keys between the
source and the destination [11].
B. Data integrity
Preserving of data integrity refers to message content not
being modified or tempered. Adversary can also intentionally
alter the message content. This can occur due to falsified data
injection by the attacker. Message content can also be altered
unintentionally resulting in loss or damage of data. Wireless
networks information must be reliable and accurate during the
entire life cycle without any modification or falsification by
unauthorized users. Node compromise attack is a type of
insider attack that violates the data integrity. A legitimate node
can be called a compromised node if it is compromised or
altered by an adversary. The compromised nodes may launch
malicious attacks including false reporting, message injection
and data modification.
C. Message authenticity
The destination nodes must ensure message reliability upon
message reception by identification of the source. This
prevents acceptance of the data transmitted by the attacker or
the malicious nodes. Confirming the true identity of SNs
distinguishing of authorized and unauthorized users is referred
to as authenticity. Every sensor node is equipped with a unique
MAC address and a network interface card to facilitate the
authentication process. In addition to these techniques, there
 International Conference on Signal Processing and Communication (ICSPC’17) – 28th & 29th July 2017
are several other message authentication scheme for protection
of transmitted data in the sensor network [12].
D. Network availability
This prevents the data by adversary from being accepted by
legitimate nodes. This allows legitimate users to access the
network anywhere and anytime upon request. Denial of service
is the result of violation of network availability. This makes
authorized users unable to access the network leading to
unsatisfactory user experiences. Jamming attack is a type of
DoS attack that disrupts legitimate transmission of data.
Various WSNs security requirements can be summarized as
below.
TABLE I
VARIOUS SECURITY REQUIREMENTS AND THEIR OBJECTIVES
Security Objectives
requirements
Confidentiality Limits the data access only to legitimate users.
Integrity Guarantees transmitted data accuracy and
prevent falsification.
Authenticity Differentiate authorized and unauthorized users.
Availability Makes sure that the legitimate node is capable of
accessing the network anywhere anytime upon
request.
IV. SECURITY VULNERABILITIES IN WIRELESS SENSOR
NETWORKS
Here we present a detailed review of various security
weaknesses and vulnerabilities encountered in WSNs. Both
wireless and wired networks adopt the OSI protocol stack
consisting of the physical layer, the MAC layer, the network
layer, the transport layer and the application layer. Various
protocols and specifications are implemented at all these
layers. Application layer uses HTTP for delivering web
services and FTP for huge file transfer. It also supports SMTP
for electronic mail transmission. Transport layer uses TCP for
reliable data delivery [13] and UDP for reduced protocol
overhead. UDP adopts simple transmission model and no
handshaking dialogs as contrast to TCP. Network layer
supports IP for data delivery based on IP addresses and ICMP
for generation of error messages. MAC layer supports
CSMA/CA for application in Wi-Fi networks and ALOHA for
military usage. The physical layer is responsible for physical
transmission characteristics. It is responsible for modulation,
line coding, forward error correction, circuit switching, and
transmission medium and so on.
Various protocols used in different layers of OSI protocol
stack are listed in the table below.
TABLE II
OSI LAYERS AND RELATED PROTOCOLS
OSI layers Related protocols
Application layer HTTP, SMTP, and FTP
Transport layer UDP and TCP
Network layer ICMP and IP
MAC layer CDMA, ALOHA and CSMA/CA
Physical layer Coding, modulation and transmission
medium.
290
ECE Programme, Karunya University
The various wireless network attacks encountered by
different OSI protocol stack layers are explored below.
A. Physical layer attacks
It specifies the signal transmissions physical characteristics.
The physical layer is vulnerable to jamming and eavesdropping
attack due to broadcast nature of the medium. In eavesdropping
attack, adversary intercepts the data transmission between
authorized and legitimate users [14]. The communication
session is overheard by the eavesdropper till the eavesdropper
is within the transmission range of the source node. Several
cryptographic techniques are adopted to prevent eavesdropping
attack. They used shared secret key where the sensor nodes
encrypt the plaintext (original data) and sends the cipher text to
the destination SNs. Eavesdropper cannot extract any useful
information from the cipher text even if it overhears the cipher
text as it does not have the secret key. Thus eavesdropping
attack is normalized by adoption of cryptography. A malicious
node can disrupt the data communication by intentionally
generating interferences between the legitimate users. This is a
special type of DoS attack which is referred to as jamming
attack [15].
Jamming is the most prominent physical layer attack in
wireless sensor networks. A common defence mechanism
against physical layer jamming attack in WSNs is spread
spectrum communication. If jamming attack can be identified
in WSNs, the best defence strategy is to keep the SN in sleep
mode and wake them time to time periodically for testing the
communication channel for continued jamming. This increases
the life of SN by reducing power consumption but still could
not prevent Dos attack. An adversary may have to jam the
channel for a considerable longer period. The jammer prevents
authorized users from accessing the network resources leading
to unavailability of certain resources for the users. Spread
spectrum techniques are used to defend jamming attacks. This
spreads the transmitted signal over a wide frequency band than
the original frequency band. DSSS, FHSS and THSS are
several spread spectrum techniques for overcoming the
jamming attacks in WSNs.
B. MAC layer attacks
It enables several nodes to access a common shared medium
using several access control mechanisms that includes CDMA,
OFDMA, CSMA/CA and so on. Each node possesses a unique
MAC address and a network interface card for user
authentication. Adversary may launch MAC spoofing attack by
changing the assigned MAC address [16]. MAC address is
coded into the NIC card but still the malicious node can launch
spoofing to carry out illicit activities. Adversary may overhear
the traffic to steal the MAC address of legitimate nodes. This is
referred to identity theft attack. Another type of MAC layer
attack is Man-in-the-middle (MITM) attack [17] and network
injection [18]. In MITM attack, adversary sniffs network traffic
to intercept MAC address of the legitimate nodes. The MITM
adversary cats as relay between two victims. The network
injection prevents the working of certain networking devices
 International Conference on Signal Processing and Communication (ICSPC’17) – 28th & 29th July 2017
such as switches, routers, and so on. If more components are in which adversary sends numerous ICMP ping requests to the
compromised, the entire network can be paralyzed leading to victim nodes. This leads to flooding of input and output victim
rebooting or reprogramming requirement of all the buffers leading to delaying connection to the target network
compromised networking devices. Other threats related to the [22]. TCP prediction technique predicts the sequence index and
link layer include interrogation, collisions and packet replay. fabricates the packets of transmitting node. It results in victims
The reactive jamming attack is similar to the collision attack. receiving fabricated packets leading to data integrity damage.
Some collisions can be mitigated by the use of error correcting UDP flooding attack is responsible for sending huge number of
codes but this error correcting codes consumes energy and also UDP packets forcing the victim nodes to send overwhelming
adds transmission overhead. Another link layer attack in WSN number of reply packets [23]. The victim nodes become
is the denial of sleep attack. It prevents the radio from entering unreachable for several legitimate nodes.
into the sleep mode. The impact of UDP flooding attack can be limited by
reducing the UDP packets response rate. Firewalls can also
C. Network layer attacks
filter the malicious UDP packets leading to UDP flooding
IP protocol of network layer is responsible for data or packet
attacks defence. In case of de-synchronization attack, an
delivery from the source to the destination through the
adversary interrupts the connection between two nodes by
intermediate routers using their IP addresses. The attacks
transmitting bogus packets bearing bogus sequence numbers.
related to the network layer exploits the IP weaknesses which
Header or entire packet authentication can overcome such
includes hijacking [19], IP spoofing [20], and the Smurf attack
attack.
[21]. IP spoofing leads to forged IP address leading to hiding
the attacker’s true identity for carrying out illegal activities.
E. Application layer attacks
Nodes that receive messages from forged IP addresses send
The application layer supports several protocols such as
data back to the forged IP address. This leads to wastage of
HTTP for enabling web services, SMTP for mail transfer and
network capacity and paralyzing the network. In IP hijacking,
FTP for transferring files. Each of these protocols are
hijackers takes control over the IP address of legitimate users.
vulnerable to network security attacks. Malware attack is a
This leads to disconnecting of the legitimate users from the
type of HTTP attack that includes Trojan horse, worms, key-
network and establishing a new connection. This leads the
loggers, viruses and backdoors. Malware is malicious software
adversary to gain access to the confidential data. In case of
to disrupt or intercept the legitimate confidential data [24].
Smurf attack, huge number of ICMP packets is sent to the
SQL injection attacks the applications that are data driven for
victim node. Victims send ICMP responses upon receiving
gaining unauthorized access to websites. FTP is responsible for
ICMP requests. Smurf attack overwhelms the victim network
transferring large files and also is vulnerable to certain security
by sending huge number of ICMP requests, leading to
attacks. FTP bounce attacks is a type of FTP related attacks
paralyzed network. Routers and individual users are configured
that incorporates a middle man. SMTP attacks include SMTP
to not constantly respond to ICMP requests as a solution for
worms and viruses for email spoofing and password sniffing.
Smurf attack defense.
Firewalls and antivirus software are required to counter such
Also firewalls are implemented for rejecting the malicious
attacks. At this layer an adversary might try to overwhelm
packets from forged IP addresses. Hello flooding is a specific
sensor nodes using sensor stimuli thereby causing the sensor
attack that doesn’t require the attacker to break the encryption.
network to forward huge volumes of traffic to the base station.
An attacker records hello packets and sends them with high
Such attack drains node energy and consumes network
transmit power to launch hello flood. Geographic and energy
bandwidth. This attack can be overcome by tuning the sensors
aware routing protocols can prevent this attack as each node in
in such a way that only specifically desired stimulus can trigger
geographic protocols requires knowing its location and is also
them like vehicular movement. Efficient data aggregation and
able to send that location to other nodes. Homing is another
rate limiting algorithm can also mitigate the effects of these
network layer attack that uses a traffic pattern analysis
attacks. In a path based Dos attack, another type of application
algorithm for identifying and targeting the nodes having
layer attack sometimes involves injecting replayed or spurious
special responsibilities such as cryptographic key managers or
packets into the sensor network at leaf nodes.
cluster heads.
D. Transport layer attacks Different types of attacks and countermeasures at various
TCP, a connection oriented protocol, supports a reliable data layers of OSI reference model are summarized in the table
transmission for transferring files and delivering emails from below.
one network to other. UDP, a connectionless protocol, supports
reduced protocol latency and overhead. UDP does not
guarantee reliable packet delivery. Both UDP and TCP are
vulnerable to several security attacks such as TCP flooding,
UDP flooding and TCP prediction attack. TCP flooding attack,
also referred to as ping flooding, is a transport layer DoS attack

291
ECE Programme, Karunya University
 International Conference on Signal Processing and Communication (ICSPC’17) – 28th & 29th July 2017

TABLE III
CHARACTERISTICS AND COUNTERMEASURES OF ATTACKS IN VARIOUS OSI LAYERS
Attacks Characteristics Countermeasures
Physical layer attacks
Eavesdropping attack [14] Confidential data packets interception. Cryptographic techniques.
Jamming attack [15] Legitimate data transmission interruption. Spread spectrum techniques such as FHSS, DSSS and
THSS.
MAC layer attacks
MAC spoofing [16] MAC addresses falsification. Use of ARP packets.
MITM attack [17] Communicating nodes impersonation. Use of Virtual Private Networks (VPNs). [25], [26].
Network injection [18] Preventing networking devices operation. Reprogramming of network devices.
Network layer attacks
IP hijacking [19] Legitimate users IP address impersonation. Firewalls [27], [30].
IP spoofing [20] IP address falsification. Firewalls [28].
Smurf attack [21] Sending overwhelming number of ICMP Routers and individual users are configured not to
requests. constantly respond to ICMP requests.
Transport layer attacks
TCP flood [22] Sending overwhelming number of ping Increasing the TCP backlog and reducing the SYN
requests. timer.
UDP flood [23] Sending overwhelming number of UDP Reducing the UDP packets response rate.
packets.
Application layer attacks
Malware attack [24] Disrupt or intercept the legitimate Firewalls and anti viruses.
confidential data.
SQL injection [29] Gaining unauthorized access to several Firewalls and anti viruses.
websites.
SMTP attack [31], [32]. Email spoofing and password sniffing. Firewalls and anti viruses.

Finally we summarized various security attacks, their
characteristic features and countermeasures at different OSI
layers.
V. OPEN CHALLENGES AND FUTURE WORKS
Numerous issues and challenges in WSNs are still open.
Several such challenges are listed below.
x Most security research related to physical layer
addresses only the eavesdropping attack and neglects
various types of wireless attacks. These mixed
wireless attacks needs to be countered in WSNs.
x Security, throughput and reliability are the major
factors for wireless sensor networks development.
These factors needs to be optimized and at the same
time maintain high-rate and secure wireless
communications.
x WSNs security needs to be improved at a reduced
latency and security overhead for cross-layered
networks as compared to conventional mechanisms
where OSI reference layers are secured separately.
x Secure key management techniques need to be
developed. Cryptographic keys needs to be
established between the SNs as primary security
technique enabling user authentication and data
encryption.
x Secure user authentication as well as secure data
routing mechanisms needs to be developed for an
efficient data transmissions in WSNs.
VI. CONCLUSION
In this paper, a survey of WSNs security challenges and
defense techniques are presented for protection of authenticity,
integrity, confidentiality and availability of transmission
against malicious wireless attacks. WSNs security is an
emerging research topic as they possess numerous additional
vulnerabilities such as dynamic network topology, resource
constrained nodes, broadcast nature of medium and lack of
physical infrastructure. Adversaries utilize these vulnerabilities
to launch many severe attacks in WSNs. Wide range of
wireless attacks and security threats at different OSI protocol
layers are discussed along with the existing countermeasures.
In several practical real-time WSNs applications, security is of
utmost importance.
REFERENCES
[1] B.-K. Kim, S.-H. Hong, K. Hur, D.-S. Eom, "Energy-efficient and rapid
time synchronization for wireless sensor networks", IEEE Trans.
Consum. Electron., vol. 56, no. 4, pp. 2258-2266, Nov. 2010.
[2] O. Aliu, A. Imran, M. Imran, B. Evans, "A survey of self organisation in
future cellular networks", IEEE Commun. Surv. Tut., vol. 15, no. 1, pp.
336-361, Feb. 2013..
[3] Z. Zhang, M. Ma, Y. Yang, "Energy-efficient multihop polling in clusters
of two-layered heterogeneous sensor networks", IEEE Trans. Comput.,
vol. 57, no. 2, pp. 231-245, Feb. 2008..
[4] J. Peng, T. Liu, H. Li, B. Guo, "Energy-efficient prediction clustering
algorithm for multilevel heterogeneous wireless sensor networks", Int. J.
Distrib. Sensor Netw., vol. 2013, 2013.
[5] A. Koubaa, M. Alves, "A two-tiered architecture for real-time
communications in large-scale wireless sensor networks: Research
challenges", Proc. 17th Euromicro Conf. Real-Time System (ECRTS), pp.
1-4, Jul. 2005.
[6] M. Stamp, Information Security: Principles and Practice, 2nd ed. New
York, NY, USA: Wiley, 2011.

292
ECE Programme, Karunya University
 International Conference on Signal Processing and Communication (ICSPC’17) – 28th & 29th July 2017
[7] K. Wong, Y. Zheng, J. Cao, and S. Wang, “A dynamic user
authentication scheme for wireless sensor networks,” in Proc. IEEE Int.
Conf. Sensor Netw. Ubiquitous Trustworthy Comput., Taichung, Taiwan,
Jun. 2006, doi: 10.1109/ SUTC.2006.1636182, pp. 244–251.
[8] L. Venkatraman and D. P. Agrawal, “A novel authentication scheme for
ad hoc networks,” in Proc. IEEE Wireless Commun. Netw. Conf.,
Chicago, IL, USA, Sep. 2000, pp. 1268–1273.
[9] A. Aziz and W. Diffie, “Privacy and authentication for wireless local area
networks,” IEEE Pers. Commun., vol. 1, no. 1, pp. 25–31, Aug. 2002.
[10] D. Dzung, M. Naedele, T. Von Hoff, and M. Crevatin, “Security for
industrial communications systems,” Proc. IEEE, vol. 93, no. 6, pp.
1152–1177, Jun. 2005.
[11] W. Stalling, Cryptography and Network Security: Principles and
Practices, 3rd ed. Englewood Cliffs, NJ, USA: Prentice-Hall, Jan. 2010.
[12] Y. Jiang, C. Lin, X. Shen, and M. Shi, “Mutual authentication and key
exchange protocols for roaming services in wireless mobile networks,”
IEEE Trans. Wireless Commun., vol. 5, no. 9, pp. 2569–2577, Sep. 2006.
[13] R. Bruno and M. Conti, “Throughput analysis and measurements in IEEE
802.11 WLANs with TCP and UDP traffic flows,” IEEE Trans. Mobile
Comput., vol. 7, no. 2, pp. 171–186, Feb. 2008.
[14] A. Perrig, J. Stankovic, and D. Wagner, “Security in wireless sensor
networks,” Commun. ACM, vol. 47, no. 6, pp. 53–57, Jun. 2004.
[15] A. Mpitziopoulos, “A survey on jamming attacks and countermeasures in
WSNs,” IEEE Commun. Surv. Tut., vol. 11, no. 4, pp. 42–56, Dec. 2009.
[16] V. Nagarajan and D. Huang, “Using power hopping to counter MAC
spoof attacks in WLAN,” in Proc. IEEE Consumer Commun. Netw.
Conf., Las Vegas, NV, USA, Jan. 2010, pp. 1–5.
[17] W. Zhou, A. Marshall, and Q. Gu, “A novel classification scheme for
802.11 WLAN active attacking traffic patterns,” in Proc. IEEE Wireless
Commun. Netw. Conf., Las Vegas, NV, USA, Apr. 2006, pp. 623–628.
[18] J. Park and S. Kasera, “Securing Ad Hoc wireless networks against data
injection attacks using firewalls,” in Proc. IEEE Wireless Commun.
Netw. Conf., Hongkong, China, Apr. 2007, pp. 2843–2848.
[19] N. Hastings and P. McLean, “TCP/IP spoofing fundamentals,” in Proc.
IEEE 15th Annu. Int. Conf. Comput. Commun., Phoenix, AZ, USA, Mar.
1996, pp. 218–224.
293
ECE Programme, Karunya University
View publication stats
[20] Computer Emergency Response Team (CERT), “CERT Advisory: IP
Spoofing Attacks and Hijacked Terminal Connections,” Jan. 1995.
[21] F. El-Moussa, N. Linge, and M. Hope, “Active router approach to
defeating denial-of-service attacks in networks,” IET Commun., vol. 1,
no. 1, pp. 55–63, Feb. 2007.
[22] C. Schuba et al., “Analysis of a denial of service attack on TCP,” in Proc.
IEEE Symp. Security Privacy, Oakland, USA, May 1997, pp. 208–223.
[23] R. Chang, “Defending against flooding-based distributed denial-of-
service attacks: A tutorial,” IEEE Commun. Mag., vol. 40, no. 10, pp.
42–51, Oct. 2002.
[24] A. Kieyzun, P. Guo, K. Jayaraman, and M. Ernst, “Automatic creation of
SQL injection and cross-site scripting attacks,” in Proc. IEEE 31st Int.
Conf. Softw. Eng., Vancouver, Canada BC, May 2009, pp. 199–209.
[25] K. Heyman, “A new virtual private network for todays mobile world”,
Computer Vol.20, No. 12, pp 17-19, 2010..
[26] V. D. Tzvetkov, “Virtual private networks for mobile environments.
Development of protocols for mobile security and algorithms for mobile
location update”, Dept. of computer science, Univ. Darmstadt, 2010.
[27] Rupam Sharma, Hemanta kumar, Biju Issac, “ different firewall
techniques: A survey”, fifth intl. conference on computing,
communication and networking technologies,pp1-6, 2010..
[28] Christos douligeris, Dimitros N,” Designing firewalls : A survey”,
Network Status and future directions, pp33-49, 2007.
[29] Asaad Moosa, "Artificial Neural Network based Web Application
Firewall for SQL Injection", World Academy of Science, Engineering
and Technology, vol.4, 2010-04-23
[30] N .K. Sreelaja, G.A Vijayaakshmi Pai," Ant colony optimization based
approach for efficient packet filtering in firewall", Elsevier 2010
[31] Ni Zhang; BinXing Fang; Li Guo and Yu Jiang, "A NewApproach for
Detecting Abnormal Email Traffic in Backbone Network", International
Conf. on Computational Intelligence and Security, 2006.
[32] Sarang Dharmapurikar, Praveen Krishnamurthy, Todd S. Sproull, and
John W. Lockwood, "Deep Packet Inspection Using Parallel Bloom
Filters", IEEE Micro, Vol 24, Issue 1, pp. 52-61, 2004