Jamming Attacks and their Countermeasures in
Wireless Sensor Networks
Bharat Bhushan
Dept. of computer science and engg.
Birla Institute of Technology, Mesra
Ranchi, Jharkhand, India
bharat_bhushan1989@yahoo.com
Abstract—Wireless sensor networks, because of its low cost
design and ease of reprogramming, it is easy for the adversary to
conduct jamming or radio interference that can easily cause DoS
attacks. These attacks can be launched against WSNs. The
security attacks on WSNs are increasing drastically and these
degrade the performance in terms of throughput, energy
consumption and delay. This article models the jamming attacks
behavior and analyzes the WSNs performance. Jamming attack
jams the network traffic by blocking the communication channel.
The article explores the jamming attack modelling and then
presents countermeasures against the jamming attacks. Then, the
simulation parameters are presented along with summarizing the
severance of various jamming attacks. Finally, we conclude the
paper along with the future research scope.
Keywords— Jamming attack, wireless sensor networks,
behavioural modelling, optimization, anti-jamming approach,
denial of service, FHSS, DSSS, CSS, THSS.
I. INTRODUCTION
Wireless sensor networks (WSNs) have huge range of
applications that includes recording and monitoring of
sensitive information. These are used efficiently for security
applications such as surveillance systems of secure areas,
children, patients, etc. due to temporal disruption of streaming
data and high QoS requirements of these applications may
lead to disastrous results if there exists security concerns.
Jamming is a process of disruption or prevention of signal
transmission by directing electromagnetic waves towards any
communication system [1]. Jamming attack interferes with the
radio frequency of the network nodes [2]. Attackers using
powerful jamming may disrupt the normal functioning of the
WSNs. Thus countermeasures against jamming attack in
WSNs is of utmost importance as WSNs may suffer from
several constraints such as limited memory, low computation
capability and energy resources.
Jamming attack can be considered as a special type of
denial of service (DoS) attacks. Woods and Stankovic in [3]
defined DoS attack as “event that eliminates or diminishes the
networks performance”. DoS inhibits flooding network with
useless information. The radio frequency signals of jamming
attack correspond to useless information. Thus, jamming is a
special case of DoS attack.
WSNs are deployed in outdoor and hostile environments
such as gardens, marine coasts, large estates, rivers, or even
Dr. G. Sahoo
Dean (Admissions and Academic Coordination)
Birla Institute of Technology, Mesra
Ranchi, Jharkhand, India
gsahoo@bitmesra.ac.in
battlefields. Such outdoor scenario requires integration of
these applications with geographic information system (GIS)
applications. These provide visual layout of thousands of
sensors on single screen. This GIS is useful for target mobility
monitoring in case of machine or human tracking systems.
These GIS applications are not used for indoor scenarios and
are limited only to outdoor scenarios because of two basic
reasons. Firstly, obtaining a GPS location is not possible in
indoor environments such as tunnels, building or factories as
the signal strength decreases inside buildings. Secondly,
deployment of indoor location system is expensive and
requires huge processing power.
Jamming is the radio signals emission aimed at disrupting
the transceivers operations [1]. Jamming is against any
specific target and is intentional whereas radio frequency
interference (RFI) is unintentional and is a result of nearby
transmitters transmitting very close frequencies.
This article is organized as follows. In the section 1, we
introduce the jamming attack as a special type of DoS attack.
In section 2, we present classification and modelling of
jamming attack. Four types of jamming attacks are discussed
in this section: constant jamming, deceptive jamming, random
jamming and reactive jamming. Section 3, explores various
types of countermeasures against jamming attacks: DSSS,
FHSS, THSS, CSS and antenna polarization. Simulation
parameters and the use of NS-2 to simulate the jamming
architecture and countermeasures are presented in the section
4. In section 5, we discuss the effect of jamming attack on the
WSNs in terms of energy consumption, delay and the
throughput. The reason for performance degrading under
various jamming attack is also presented in this section.
Finally, we conclude our paper in section 6, where we present
the side effects of jamming attacks on the WSNs performance
and the future research scope is also discussed.
II. CLASSIFICATION AND MODELLING OF JAMMING
ATTACKS
Mingyan Li et al. [4] proposed a concept of perfect knowledge
of strategy of both the network and jammer and the case where
these components lack these knowledge. They also considered
energy constraints of the network and the jammer. They also
proposed a heuristic jamming technique. Wenyuan Xu et al [5]
proposed enhanced detection protocols for employment of
consistency checks. It employs two schemes. The first scheme
considered reactive consistency check using signal strength
measurements. The second scheme considered consistency
check using location information. Jamming attack can be
classified into following four types as discussed below.
A. Constant jamming
This jamming technique continuously generates a random
data incorporating some interval between this random data
generation. This random data transmission is done without
checking the channel for its idle state that is without following
the rules of MAC protocol [6], [7]. A normal node (n0) before
sending data transmits RTS packets to check the idleness of
the channel between destination and source. If the RTS finds
the channel to be idle, the destination node (n5) starts sending
CTS packets to normal node (n0). Suppose a jammer node
(n1), at the same time generates random data and this collides
with the CTS arriving from n5. The constant jammer is
activated after particular interval and generates and transmits
data in the network. If another node n2 sends RTS, and starts
sending data after receiving CTS. But the data from node n1
collides with randomly generated data. This is constant
jamming.
B. Deceptive jamming
This jammer continuously sends random data and injects
them to the channel. Between successive transmissions, it does
not keep any gap and injects all the packets. This continuous
stream of data prevents the normal sources to transmit data
successfully. The deceptive jammer (n1) continuously
generates malicious data. A normal node (n0) sends RTS
packets and receives CTS before sending data to the
destination. These packets may generate collision by colliding
with the malicious data on the channel. The continuous
generated malicious data from the deceptive jammer increases
the network collision and may result in several nodes in
receive state being placed in the networks.
C. Random jamming
This is the most intelligent jamming technique in which
the jammer considers its own energy and alternates itself
between jamming and sleeping after fixed time interval. It is
different from other jamming techniques where the jammer
continuously transmits data without considering its own
energy level. Random jamming may behave as both deceptive
as well as constant jamming. Thus random jamming detection
technique is more difficult as compared to deceptive or
constant jamming techniques. In this the nodes randomly
generates data after fixed time interval and also leads to
collision after fixed time interval in the same way as a
constant jammer. This random jammer tries to save its energy
level intelligently by switching itself to the sleep state. The
random jammer node switches itself to sleep mode after
jamming the network for facilitating energy conservation of
the jammer node. After waking up, it may act like a deceptive
jammer or constant jammer. It acts as deceptive jammer by
increasing collision and jamming the network.
D. Reactive jamming
It is difficult to detect reactive jamming as it is more
disastrous, considering network performance. In reactive
jamming, the jammer node starts its transmission upon any
event detection on the channel. As this is an intelligent
jamming technique, it reacts only upon observing any kind of
events in the network. The reactive jammer nodes (n1) first
analyze the networks state and if there is no event sensed, it
switches itself to quiet state. When normal node (n0) sends
RTS, the jammer node upon sensing such activity sends the
noise packets to the network. There occurs collision between
the noise packets and the CTS packets. The attacker only gets
activated only when the jammer sends any event in the
channel.
These jamming techniques can be summarized as follows.
TABLE I. JAMMING TECHNIQUES
Jamming technique Description
Constant jamming The MAC protocol is degraded by
continuously sending jamming
signals to the channel.
Deceptive jamming It involves constant injection of
regular packets without any gap to
the channel. Thus the normal node
is deceived.
Random jamming It alternates between sleeping and
jamming modes. The random
jammer performs deceptive or
constant jamming for a random
time period and then switches to
sleep mode.
Reactive jammer It stays quiet until any kind of
event on the channel is detected. It
spends large amount of energy in
channel sensing procedure.
III. COUNTERMEASURES AGAINST JAMMING TECHNIQUES
A brief description of various techniques and
countermeasures in jamming is presented below. In this
section, countermeasures dealing with possible radio jamming
scenarios are explored.
A. Telecommunications with spread spectrum
It is a type of radio transmission technique in which the
signals are transmitted over a large spectral width than the
original signals bandwidth when transmitted using
conventional modulation techniques. This is technique of
spreading the communication signals energy over a greater
bandwidth. This is done with the help of pseudo random code
and reduces the natural interference risks. It also withstands
interference and noise at the same time maintains privacy.
Security in WSNs is a challenging task because of its energy
constrained hardware and open medium. Jamming disrupts the
wireless communication by reducing the signal to noise ratio.
Spreading of information of narrow band signal over a wide
band spectrum decreases the interference effects. All these
spread spectral techniques employs a pseudo number for
controlling and determining the spread pattern. Spread
spectrum withstands high interference and this is the major
advantage of its usage. It provides a robust security approach
for variety of WSNs applications [10].
B. Direct Sequence Spread Spectrum (DSSS) technique plays an important role in jamming attack
This technology is mostly used in LAN wireless prevention. It is useful for LOS communications in WSNs.
transmissions. At the sending station, a data signal is Right circular polarized antenna is unable to receive left
combined with a bit sequence of high data rate. This divides polarized signals and left circular polarized antenna cannot
the user data on the basis of spreading ratio. DSSS enables receive right polarized signals. Thus for defending jamming
multiple users to share a single channel and shows resistance attacks in WSNs, the nodes must be capable of changing
to jamming attacks. It also shows negligible background noise antenna polarization upon sensing any kind of interference.
and timing difference between receivers and transmitters. This But this also involves an overhead as the nodes must inform
technique mixed data signals with pseudo noise code for about its peers to facilitate uninterrupted communications.
interference resistance. This results in larger signal bandwidth. This change in node polarization prevents jamming but
DSSS, a modulation technique, described in IEEE 802.11b requires specialized jamming equipments capable of rapidly
standards for computer wireless networking, spreads signals changing its signal polarization during the jamming process
over broadband radio frequencies [8]. [11].
C. Frequency Hopping Spread Spectrum (FHSS) Various countermeasures against jamming attacks are
This technique transmits radio wave signals that use summarized in the table below.
multiple subcarrier channels in a frequency band. This is
TABLE II. COUNTERMEASURES AGAINST JAMMING ATTACKS
based on pseudo random sequence which is known both by the
receiver and the transmitter. The FHSS is more advantageous Countermeasures Description
than the single frequency usage. The transmitted signal is Telecommunications  Reduces the natural interference
made more resistant to interference as well as difficult to with SS risks.
 Withstands interference and noise.
intercept. The radio attack interference is prevented by this
 Maintains privacy and secrecy in
technique. The advantages of FHSS are listed as follows. WSNs.
Firstly, FHSS minimizes jamming and unauthorized DSSS  Enables multiple users to share a
interception of radio transmissions. Secondly, it enables single channel.
coexistence of multiple WSNs in the same area. The major  Shows resistance to jamming
drawback of FHSS is that it requires a wider overall attacks.
bandwidth than the single carrier frequency [9], [12].  Spreads signals over broadband
radio frequencies.
D. Time Hopping Spread Spectrum (THSS) FHSS  Based on pseudorandom sequence
which is known by both the receiver
The time hopping signals are divided into frames in THSS. and the transmitter.
These frames are again subdivided into number of  Minimizes jamming and
transmission slots. One time slot at a time is modulated in the unauthorized interception of radio
frames using information modulation. The pseudo noise transmissions.
generator selects the time interval. These code generators are  Enables co-existence of multiple
responsible for performing switching using a power switch. WSNs in the same area.
THSS  Signals are divided into frames
These switching leads to some output which needs to be which are again divided into
demodulated appropriately. These message bursts are transmission slots.
rescheduled and stored to retrieve information. The time axis, CSS  Chirp uses broad spectrum band
in a THSS system, is partitioned into frames and these frames making CSS multipath fading
are again sub partitioned into slots. There may be several slots resistant.
possible but only one slot is used for one use.  Operates at low power.
 Overcomes Doppler Effect.
E. Chirp Spread Spectrum (CSS) Antenna polarization  Useful for LOS communications in
WSNs.
Sliding of the carrier over some specified range of
 Requires specialized jamming
frequencies in a specified or linear fashion generates a chirp equipments capable of rapidly
signal. The CSS receiver that employs a filter resembling time changing its signal polarization
dispersed carrier. In this technique, a signal is broadcasted during the jamming attack.
using the entire allocated bandwidth. Chirp uses broad
spectrum band making CSS multipath fading resistant and at
the same time operating at low power. It does not use any kind IV. USING THE TEMPLATE
of pseudo random elements, unlike DSSS or FHSS. It does not Here, we have used Network Simulator (NS-2), a discrete
rely on chirp pulses linear nature rather it distinguishes signal event simulator to simulate the jamming architecture and
from noise in the channel. Doppler Effect is very common in countermeasures. We have used IEEE 802.15.4 MAC radio
several mobile radio applications. CSS overcomes Doppler model for setting the parameters during simulations such as
Effect. receiving power, sleep power, transmission power, idle power.
F. Antenna Polarization This MAC layer is required for device communications. This
provides the physical channels to access all types of security
The orientation of radio waves electric field with respect and transmission mechanisms. In this simulation, there are 50
to surface of earth is referred to as antenna polarization. This mobile nodes that move in 750 X 750 meter region for 25
second. Constant Bit Rate is the simulated traffic where the  Deceptive jamming: As compared to constant
sources send their data to the sink. We also considered several jamming, a deceptive jamming shows more
jamming nodes or malicious nodes. The simulation parameters
performance degrading. This is because of
and settings are summarized in the table below.
continuous noise generation which increases delay
TABLE III. SIMULATION PARAMETERS and energy consumption as well as decreases the
Parameters Settings network throughput due to large number of collisions
Interface type Physical 802.15.4 responsible for jamming the channel.
Radio model Two ray ground propagation
Link layer LL  Random jamming: This jams the WSN randomly
Antenna type Omni-directional using either deceptive jamming or constant jamming.
Queue Priority queue It is not easy to detect as it shows random behaviour.
Channel type Wireless
Interface queue length 50  Reactive jamming: This is the most disastrous type of
Number of nodes 50 jamming attack. After any event detection, it
Transmission range 400 m introduces noise packets immediately into the
Area 750 X 750 network. By introducing severe collision, it corrupts
Routing protocols AODV huge number of packets in the WSNs.
MAC 802.15.4
Initial energy 100 joule VI. CONCLUSION
Traffic source CBR
Sources 4
Packet size 512 bytes Considering the low-cost design of WSNs and the ease
Node placement Randomized with which these can be reprogrammed, WSNs is susceptible
to radio interference attacks. This paper surveys both defence
The reason for performance degrading under various and attack side of jamming WSNs. The paper models and
jamming attack is also presented in this section. Finally, we analyzes the side effects of various types of jamming attacks
conclude our paper in section 6, where we present the side on the WSNs performance. Increasing the safety level and
effects of jamming attacks on the WSNs performance and the avoiding DoS attacks is of utmost importance in WSNs. The
future research scope is also discussed. attacker may launch DoS attack by radio channel jamming.
Jamming attacks degrades the network performance in terms
V. RESULTS AND DISCUSSIONS
of energy consumption, throughput and delay. Reactive
It is observed that jamming attack degrades the WSNs jamming degrades the network performance to maximum
performance in terms of energy consumption, delay and the extent and random jamming shows least degradation in the
throughput. network. This article provides requirements for efficient
 Energy consumption: Energy consumption is highest jamming defence technique development. The future research
for the reactive jamming. The deceptive and constant will be concentrated on new jamming possibilities in WSN
jamming shows similar increase in energy and developing an efficient defense mechanism.
consumption. Amongst, all the jamming techniques, REFERENCES
random jamming shows the lowest energy
consumption but still more than the no attack [1] D. L. Adamy, D. Adamy, EW 102: A Second Course in Electronic
condition. Warfare, Artech House Publishers, 2004.
[2] E. Shi, A. Perrig, "Designing Secure Sensor Networks", Wireless
 Delay: The delay involved in reactive jamming is Communications Magazine, vol. 11, no. 6, pp. 38-43, Dec. 2004.
highest amongst all jamming techniques while [3] A. D. Wood, J. A. Stankovic, "Denial of service in sensor
random jamming shows the lowest delay. networks", Computer, vol. 35, no. 10, pp. 54-62, 2002.

 Throughput: Throughput of no attack condition is [4]
highest and among all the jamming attacks, the
reactive jamming shows the least throughput by far [5]
from all other jamming techniques. Constant
jamming produces highest throughput followed by
deceptive jamming and random jamming techniques. [6]
The reason for performance degrading under various jamming
attack is explored below.
 Constant jamming: The performance degrading of [7]
constant jamming is less than other types of jamming
attack. This is because the network is jammed after [8]
regular intervals in constant jamming.
Mingyan Li et al "Optimal Jamming Attacks and Network Defense in
Wireless Sensor Networks" IEEE Transactions on Mobile Computing
August 2010
Wenyuan Xu, Wade Trappe, Yanyong Zhang and Timothy Wood."The
feasibility of Launching and Detecting Jamming Attacks in Wireless
Networks" MobiHoc'05, May 25-27, 2005, Urbana Champaign, Illinois,
USA.
Aristides Mpitziopoulos, Damianos Gavalas, Charalampos
Konstantopoulos, and Grammati Pantziou, "A Survey on Jamming
Attacks and Countermeasures in WSNs", IEEE Communications
Surveys & Tutorials, Vol. 11, Issue No. 4, pp. 42-56, 2009.
Wen yuan Xu, Ke Ma, Wade Trappe, and Yanyong Zhang, "Jamming
Sensor Networks: Attacks and defense stategies", IEEE Network,
MayJune, pp. 41-47, 2006.
DSSS-wikipedia. http://en.wikipedia.org/wiki/Direct-sequence-spread--
spectrum.
[9] FHSS-wikipedia. http://en. wikipedia.org/wiki/Frequency-hopping-- [12] J. Min, Analysis and design of a frequency-hopped spread-spectrum
spread-spectrum transceiver for wireless personal communications, University of
[10] R. L. Pickholtz, D. L. Schilling, L. B. Milstein, "Theory of spread California, 1995.
spectrum communications-a tutorial", IEEE Trans. Commun., vol. 20,
no. 5, pp. 855-884, 1982.
[11] W. Stutzman, G. Thiele, Antenna Theory and Design, John Wiley &
Sons, 1997.