1) The document discusses security issues in wireless sensor networks, specifically focusing on attacks against routing protocols and potential countermeasures. It outlines common attacks like spoofing, selective forwarding, sinkhole attacks, Sybil attacks, wormholes, and HELLO flood attacks.
2) The document then provides an overview of potential countermeasures like link layer security, identity verification protocols, verification of link bidirectionality, and multipath routing.
3) Finally, the document emphasizes the importance of secure routing protocol design and highlights the need for protocols to incorporate security features to defend against insider and outsider attacks.
Black Hole Attack:
A malicious node advertises the wrong paths as good paths to the source node during the pathfinding process.
When the source selects the path including the attacker node, the traffic starts passing through the adversary node and this node starts dropping the packets selectively or in whole.
Black hole region is the entry point to a large number of harmful attacks.
The vampire attack is the class of Denial-of-Service attack. Denial-of-Services in the network is caused by consuming the power of the sensor node. It is also called power draining attacks because of this attack consume the power of sensor nodes and disable the network. It creates a protocol-compliant message and sends it into the network so that the energy used by the network is more than if the same message transmitted of identical size to the same destination.
This presentation covers Security Issues in Mobile Adhoc Network in brief, highlighting various attacks such as Sleep Deprivation, Wormhole, Blackhole and Eavesdropping in particulars.
NetSim Webinar on Network Attacks and DetectionDESHPANDE M
Webinar Contents:
Why use a Network Simulator
Introduction to NetSim
Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim
Intrusion Detection System: Detection mechanism in MANET using NetSim
Analyzing Metrics
Areas of R & D in MANET
Q & A
this ppt is useful for both b.e/b.tech students as well as for mca students. in this ppt u will find different types of security issues in manet and their countermeasures.
Black Hole Attack:
A malicious node advertises the wrong paths as good paths to the source node during the pathfinding process.
When the source selects the path including the attacker node, the traffic starts passing through the adversary node and this node starts dropping the packets selectively or in whole.
Black hole region is the entry point to a large number of harmful attacks.
The vampire attack is the class of Denial-of-Service attack. Denial-of-Services in the network is caused by consuming the power of the sensor node. It is also called power draining attacks because of this attack consume the power of sensor nodes and disable the network. It creates a protocol-compliant message and sends it into the network so that the energy used by the network is more than if the same message transmitted of identical size to the same destination.
This presentation covers Security Issues in Mobile Adhoc Network in brief, highlighting various attacks such as Sleep Deprivation, Wormhole, Blackhole and Eavesdropping in particulars.
NetSim Webinar on Network Attacks and DetectionDESHPANDE M
Webinar Contents:
Why use a Network Simulator
Introduction to NetSim
Introduction to Sinkhole Attack : Attack scenario in MANET using NetSim
Intrusion Detection System: Detection mechanism in MANET using NetSim
Analyzing Metrics
Areas of R & D in MANET
Q & A
this ppt is useful for both b.e/b.tech students as well as for mca students. in this ppt u will find different types of security issues in manet and their countermeasures.
Mobile Ad-Hoc Networks are most usefully in current environments. It’s required high performance, networks load and Throughput. In Mobile Ad-hoc Networks Routing is the hot topic for research. Basically two types routing protocols are work in the mobile Ad-hoc Networks: 1) Proactive and 2) Reactive. Researchers have projected different routing algorithm. Important work has been done on routing in ad hoc networks, some of the important works so far were the destination-sequence distance vector (DSDV) protocol, the temporally ordered routing protocol (TORA), dynamic source routing protocol (DSR) and ad hoc on demand routing protocol (AODV). These algorithms use Open Shortest Path First (OSPF) for find optimum route source to destination.ThesisScientist.com
Overview on security and privacy issues in wireless sensor networks-2014Tarek Gaber
Lecture Outlines
Why Security is Important for WSN
WSNs have many applications e.g.:
military, homeland security
assessing disaster zones
Others.
This means that such sensor networks have mission-critical tasks.
Security is crucial for such WSNs deployed in these hostile environments.
Why Security is Important for WSN
Moreover, wireless communication employed by WSN facilitates
eavesdropping and
packet injection by an adversary.
These mentioned factors require security for WSN during the design stage to ensure operation safety, secrecy of sensitive data, and privacy for people in sensor environments.
Algorithms to achieve security services
Symmetric Encryption
Asymmetric Encryption
Hash Function/Algorithm
Digital Signature
Why Security is Complex in WSN
Because of WSNs Characteristics:
Anti-jamming and physical temper proofing are impossible
greater design complexity and energy consumption
Denial-of-service (DoS) attack is difficult
Sensor node constraints
Sensor nodes are susceptible to physical capture
Deploying in hostile environment.
eavesdropping and injecting malicious message are easy
Using wireless communication
Why Security is Complex in WSN
Because of WSNs Characteristics:
maximization of security level is challenging
Resource consumption
asymmetric cryptography is often too expensive
Node constraints
centralized security solutions are big issue
no central control and constraints, e.g. small memory capacity.
Cost Issues
Overall cost of WSN should be as low as possible.
Typical Attacks to WSN
Physical Attacks
Environmental
Permanently destroy the node, e.g., crashing or stealing a node.
Attacks at the Physical Layer
Jamming: transmission of a radio signal to interfere with WSN radio frequencies.
Constant jamming: No message are able to be sent or received.
Intermittent jamming: Nodes are able to exchange messages periodically
Jamming Attack Countermeasure
Physical Attacks
Node Capture Attacks
routing functionalities
Countermeasure
tamper-proof features
Expensive solution
Self-Protection
disable device when attack detected
Attacks on Routing
Sinkhole attack
attacker tries to attract the traffic from a particular region through it
Solution:
Watchdog Nodes can start to trace the source of false routing information
Attacks on Routing
Sybil attack (Identity Spoofing)
attacker claims to have multiple identities or locations
provide wrong information for routing to launch false routing attacks
Solutions:
Misbehavior Detection.
Identity Protection
Privacy Attacks
Attempts to obtain sensitive information collected and communicated in WSNs
Eavesdropping
made easy by broadcast nature of wireless networks
Traffic analysis
used to identify sensor nodes of interest (data of interest),
WSN Privacy Issues Cont.
WSN Privacy Issues Attack
Trust and reputation in WSN
WSN Traditional Security Techniques
Cryptographic primitive
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKSijwmn
The mobile ad hoc networks get subjected to security threats like other wireless networks. But due to their
peer to peer approach and absence of infrastructural resources the mobile ad hoc networks can not use
strong cryptographic mechanisms as used by their other wireless counterparts. This led to the
development of trust based methods as security solutions wherein a trusted node is relaxed from security
checks when the trust value reaches to a particular limit. The trust methods are prone to security risks but
have found their acceptance due to efficiency over computationally expensive and time consuming
cryptographic methods. The major problem with the trust methods is the period during which trust is
growing and is yet to reach the requisite threshold. This paper proposes security mechanism dependent
upon Random Electronic Code Book (RECB) combined with permutation functions. The proposed
mechanism has low time complexity, is easier to implement, computationally inexpensive and has very
high brute force search value. It can be used as the temporary security guard during the trust growth
phase. The impetus behind the proposed design is the reliance upon shared information between the peers
in the ad hoc networks.
1- Mobile ad hoc networks are formed dynamically by an
autonomous system of mobile nodes that are connected
via wireless links.
2- Multihop communication- node communicate with the
help of two or more node from source to destination.
3- No existing fixed infrastructure or centralized administration –No base station.
4- Mobile nodes are free to move randomly-Network topology changes frequently
5- May Operate as standalone fashion or also can be connected to the larger internet.
6- Each node work as router
Primary Goals of Security in MANET
To assure a reliable data transfer over the communication networks and to protect the system resources a number of security services are classified in five categories:-
1-Authentication:- The process of identifying an individual , usually based on a username and password.
2- Confidentially:- Confidentiality aims at protecting the data from disclosure to unauthorized person.
Network attacks against confidentiality
* Packet capturing
Password attack
Port scanning
Dumpster Diving
Wiretapping
Phishing and Pharming
2-Non repudiation:- Integrity guarantees that a message being transferred is never corrupted.
3- Integrity:- Integrity guarantees that a message being transferred is never corrupted.
network attack against integrity
Salami attack
trust relationship attacks
Man in the middle attack
Session hijacking attacks
4- Availability:- Its ensure that data ,network resources or network services are available to legitimate user when required.
network attack against availability
Denial of services attacks
Distributed denial of services attack
SYN flood attacks and ICMP flood attacks
Electrical power attacks
Server Room environment attacks
Key management
The security in networking is in many cases dependent on proper key management.
Key management consists of various services, of which each is vital for the security
of the networking systems
* Trust model:-Its must determine how much different element in the network can trust each other.
* Cryptosystem:- Public and symmetric key mechanism can be applied .
* Key creation:- It must determine which parties are allowed to generate key to themselves.
* Key storage :- In adhoc network any network element may have to store its own key and possibly key of other element as well.
* Key distribution:- The key management service must ensure that the generated keys are securely distributed to their owners.
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksijsrd.com
A Mobile Ad-Hoc Network is a collection of mobile nodes or a temporary network set up by wireless mobile nodes moving arbitrary in the places that have no network infrastructure in such a manner that the interconnections between nodes are capable of changing on continual basis. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, wireless ad-hoc networks are unprotected to attacks of the malicious nodes. Various attacks and one of those attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. Therefore, it is a severe attack that can be easily employed against routing in mobile ad hoc networks. There are lots of detection and defense mechanisms to eliminate the intruder that carry out the black hole attack. . Virtual Infrastructure achieves reliable transmission in Mobile Ad Hoc Network. Black Hole Attack is the major problem to affect the Virtual Infrastructure. In this paper, approach on analyzing and improving the security of AODV, which is one of the popular routing protocols for MANET. Our aim is to ensuring the avoidance against Black hole attack.
Wireless Sensor Network (WSN) is a promising field for research. As the use of this field increases, it is
required to give proper security to this field. So to ensure the security of communication of data or messages and to
control the use of data in WSN is of great importance. As sensor networks interact with responsive data and operate
in unfriendly unattended area, from the time of system design these security concerns should be addressed. The paper,
presents a modified Motesec security protocol which is a security mechanism for Wireless sensor network. In this
protocol a hash function based approach is used to detect replay attacks. For data access control key lock matching
method i.e. memory data access control policy is used to prevent unauthorized data access. Encoding and
reconstruction scheme is used to find out attacker. Flooding attack detection by comparing data rate. There is currently
massive research is present in the area of wireless sensor network security..Keywords: GPS,GCM,LBS Android.
Keywords: secure communication architecture, wireless Sensor network security.
Mobile Ad-Hoc Networks are most usefully in current environments. It’s required high performance, networks load and Throughput. In Mobile Ad-hoc Networks Routing is the hot topic for research. Basically two types routing protocols are work in the mobile Ad-hoc Networks: 1) Proactive and 2) Reactive. Researchers have projected different routing algorithm. Important work has been done on routing in ad hoc networks, some of the important works so far were the destination-sequence distance vector (DSDV) protocol, the temporally ordered routing protocol (TORA), dynamic source routing protocol (DSR) and ad hoc on demand routing protocol (AODV). These algorithms use Open Shortest Path First (OSPF) for find optimum route source to destination.ThesisScientist.com
Overview on security and privacy issues in wireless sensor networks-2014Tarek Gaber
Lecture Outlines
Why Security is Important for WSN
WSNs have many applications e.g.:
military, homeland security
assessing disaster zones
Others.
This means that such sensor networks have mission-critical tasks.
Security is crucial for such WSNs deployed in these hostile environments.
Why Security is Important for WSN
Moreover, wireless communication employed by WSN facilitates
eavesdropping and
packet injection by an adversary.
These mentioned factors require security for WSN during the design stage to ensure operation safety, secrecy of sensitive data, and privacy for people in sensor environments.
Algorithms to achieve security services
Symmetric Encryption
Asymmetric Encryption
Hash Function/Algorithm
Digital Signature
Why Security is Complex in WSN
Because of WSNs Characteristics:
Anti-jamming and physical temper proofing are impossible
greater design complexity and energy consumption
Denial-of-service (DoS) attack is difficult
Sensor node constraints
Sensor nodes are susceptible to physical capture
Deploying in hostile environment.
eavesdropping and injecting malicious message are easy
Using wireless communication
Why Security is Complex in WSN
Because of WSNs Characteristics:
maximization of security level is challenging
Resource consumption
asymmetric cryptography is often too expensive
Node constraints
centralized security solutions are big issue
no central control and constraints, e.g. small memory capacity.
Cost Issues
Overall cost of WSN should be as low as possible.
Typical Attacks to WSN
Physical Attacks
Environmental
Permanently destroy the node, e.g., crashing or stealing a node.
Attacks at the Physical Layer
Jamming: transmission of a radio signal to interfere with WSN radio frequencies.
Constant jamming: No message are able to be sent or received.
Intermittent jamming: Nodes are able to exchange messages periodically
Jamming Attack Countermeasure
Physical Attacks
Node Capture Attacks
routing functionalities
Countermeasure
tamper-proof features
Expensive solution
Self-Protection
disable device when attack detected
Attacks on Routing
Sinkhole attack
attacker tries to attract the traffic from a particular region through it
Solution:
Watchdog Nodes can start to trace the source of false routing information
Attacks on Routing
Sybil attack (Identity Spoofing)
attacker claims to have multiple identities or locations
provide wrong information for routing to launch false routing attacks
Solutions:
Misbehavior Detection.
Identity Protection
Privacy Attacks
Attempts to obtain sensitive information collected and communicated in WSNs
Eavesdropping
made easy by broadcast nature of wireless networks
Traffic analysis
used to identify sensor nodes of interest (data of interest),
WSN Privacy Issues Cont.
WSN Privacy Issues Attack
Trust and reputation in WSN
WSN Traditional Security Techniques
Cryptographic primitive
SHARED INFORMATION BASED SECURITY SOLUTION FOR MOBILE AD HOC NETWORKSijwmn
The mobile ad hoc networks get subjected to security threats like other wireless networks. But due to their
peer to peer approach and absence of infrastructural resources the mobile ad hoc networks can not use
strong cryptographic mechanisms as used by their other wireless counterparts. This led to the
development of trust based methods as security solutions wherein a trusted node is relaxed from security
checks when the trust value reaches to a particular limit. The trust methods are prone to security risks but
have found their acceptance due to efficiency over computationally expensive and time consuming
cryptographic methods. The major problem with the trust methods is the period during which trust is
growing and is yet to reach the requisite threshold. This paper proposes security mechanism dependent
upon Random Electronic Code Book (RECB) combined with permutation functions. The proposed
mechanism has low time complexity, is easier to implement, computationally inexpensive and has very
high brute force search value. It can be used as the temporary security guard during the trust growth
phase. The impetus behind the proposed design is the reliance upon shared information between the peers
in the ad hoc networks.
1- Mobile ad hoc networks are formed dynamically by an
autonomous system of mobile nodes that are connected
via wireless links.
2- Multihop communication- node communicate with the
help of two or more node from source to destination.
3- No existing fixed infrastructure or centralized administration –No base station.
4- Mobile nodes are free to move randomly-Network topology changes frequently
5- May Operate as standalone fashion or also can be connected to the larger internet.
6- Each node work as router
Primary Goals of Security in MANET
To assure a reliable data transfer over the communication networks and to protect the system resources a number of security services are classified in five categories:-
1-Authentication:- The process of identifying an individual , usually based on a username and password.
2- Confidentially:- Confidentiality aims at protecting the data from disclosure to unauthorized person.
Network attacks against confidentiality
* Packet capturing
Password attack
Port scanning
Dumpster Diving
Wiretapping
Phishing and Pharming
2-Non repudiation:- Integrity guarantees that a message being transferred is never corrupted.
3- Integrity:- Integrity guarantees that a message being transferred is never corrupted.
network attack against integrity
Salami attack
trust relationship attacks
Man in the middle attack
Session hijacking attacks
4- Availability:- Its ensure that data ,network resources or network services are available to legitimate user when required.
network attack against availability
Denial of services attacks
Distributed denial of services attack
SYN flood attacks and ICMP flood attacks
Electrical power attacks
Server Room environment attacks
Key management
The security in networking is in many cases dependent on proper key management.
Key management consists of various services, of which each is vital for the security
of the networking systems
* Trust model:-Its must determine how much different element in the network can trust each other.
* Cryptosystem:- Public and symmetric key mechanism can be applied .
* Key creation:- It must determine which parties are allowed to generate key to themselves.
* Key storage :- In adhoc network any network element may have to store its own key and possibly key of other element as well.
* Key distribution:- The key management service must ensure that the generated keys are securely distributed to their owners.
Black hole Attack Avoidance Protocol for wireless Ad-Hoc networksijsrd.com
A Mobile Ad-Hoc Network is a collection of mobile nodes or a temporary network set up by wireless mobile nodes moving arbitrary in the places that have no network infrastructure in such a manner that the interconnections between nodes are capable of changing on continual basis. Thus the nodes find a path to the destination node using routing protocols. However, due to security vulnerabilities of the routing protocols, wireless ad-hoc networks are unprotected to attacks of the malicious nodes. Various attacks and one of those attacks is the Black Hole Attack against network integrity absorbing all data packets in the network. Since the data packets do not reach the destination node on account of this attack, data loss will occur. Therefore, it is a severe attack that can be easily employed against routing in mobile ad hoc networks. There are lots of detection and defense mechanisms to eliminate the intruder that carry out the black hole attack. . Virtual Infrastructure achieves reliable transmission in Mobile Ad Hoc Network. Black Hole Attack is the major problem to affect the Virtual Infrastructure. In this paper, approach on analyzing and improving the security of AODV, which is one of the popular routing protocols for MANET. Our aim is to ensuring the avoidance against Black hole attack.
Wireless Sensor Network (WSN) is a promising field for research. As the use of this field increases, it is
required to give proper security to this field. So to ensure the security of communication of data or messages and to
control the use of data in WSN is of great importance. As sensor networks interact with responsive data and operate
in unfriendly unattended area, from the time of system design these security concerns should be addressed. The paper,
presents a modified Motesec security protocol which is a security mechanism for Wireless sensor network. In this
protocol a hash function based approach is used to detect replay attacks. For data access control key lock matching
method i.e. memory data access control policy is used to prevent unauthorized data access. Encoding and
reconstruction scheme is used to find out attacker. Flooding attack detection by comparing data rate. There is currently
massive research is present in the area of wireless sensor network security..Keywords: GPS,GCM,LBS Android.
Keywords: secure communication architecture, wireless Sensor network security.
Internet of Things (IoT) will enable dramatic society transformation. This seminar presents an introduction to the IoT and explains why IoT Security is important.
Then it presents security issues in wireless sensor networks that constitute a main ingredient of IoT.
Seminar given at Centre Tecnològic de Telecomunicacions de Catalunya (CTTC) on 28 January 2015.
Yesterday Pierluigi Paganini, CISO Bit4Id and founder Security Affairs, presented at the ISACA Roma & OWASP Italy conference the state of the art for the Internet of Things paradigm. The presentation highlights the security and privacy issues for the Internet of Things, a technology that is changing user’s perception of the technology.
Manet - The Art of Networking without a NetworkTarun Varshney
Mobile ad hoc network (MANET), or simply ad hoc network, comprises nodes that freely and dynamically self-organize into arbitrary and temporary network topology without any infrastructure support.
1. SECURE ROUTING IN WIRELESS
SENSOR NETWORKS
ATTACKS AND COUNTERMEASURES
A.MUQEED
11011A0449
2. CONTENTS:
• Introduction
• Sensor Networks vs Ad-Hoc Networks
• Problem statement
• Attacks on sensor network routing
• Countermeasures
• Future Enhancements
• Conclusion
• References
3. Introduction
• Propose security goals for routing in wireless Sensor networks.
• Show how certain attacks against Ad-hoc networks and peer-to-peer
networks can be adapted into more powerful attacks against sensor
networks.
• Provide a list of attacks and their countermeasures.
4. • Sensor Network: Heterogeneous system consisting of tiny sensors and
actuators having some computing elements.
• When all the wireless sensor nodes are connected in a network, they form a
wireless sensor network.
• Hence, Wireless Sensor Networks are heterogeneous systems containing
many small devices called sensor nodes and actuators with general-purpose
computing elements.
• WSN’s facilitate monitoring and controlling of physical environments from
remote locations that could be difficult or dangerous to reach.
5. • Base Station:
– Point of centralized control
– Gateway to another network, powerful data processing unit, or point of
human interface
– More processing capability, memory & power
• Aggregation points: Node at which the messages are processed before
sending to base station.
6. Sensor N/w vs Ad-Hoc N/w
• Similarity: The dominant communication method in both is multi-hop
networking.
• Differences:
I. Ad-Hoc networks support routing between any pair of nodes, whereas
sensor networks support specialized communication pattern like Many-to-
one, One-to-many, Local communication.
II. Nodes in sensor networks are more resource constrained than Ad-Hoc
networks.
III. Higher level of trust relationship among sensor nodes. In-network
processing, aggregation, duplication elimination.
7.
8. Problem Statement
• Before discussing about each attack on routing protocol and its
countermeasure a clear view about routing security problem is required.
• Network Assumptions:
-> Insecure radio links.
-> Malicious node collude to attack the system.
-> No tamper resistance on nodes.
-> Adversary can access all key material, data, and code stored on the
captured node.
• Trust Requirements:
-> Base stations are trustworthy.
-> Aggregation points not necessarily trustworthy.
9. • Threat Models : 2 types
-> Based on device capability
– Mote-class attacker Access to few sensor nodes.
– Laptop-class attacker Access to more powerful devices. Have more battery
power, better CPU, sensitive antenna, powerful radio Tx, etc.
-> Based on attacker type / attacker location
– Outside attacks attacker external to the network.
– Inside attacks Authorized node in the network is malicious/compromised.
• Security Goals
– Secure routing protocol should guarantee integrity, authenticity, availability
of messages in presence of adversaries.
– Secrecy of application data is must.
10. Attacks on sensor network routing
• By Spoofing, Altering, or Replaying
routing information:
-> Attacker can create loops, attract or
repel network traffic, generate false
message, partition network, induce delay,
etc.
• Selective forwarding:
-> Malicious node forwards only some
messages, drop others.
-> Attacker tries to be on the actual path
of data flow, if it’s a neighboring node,
then it causes collision on each forwarded
packet of interest in order to include itself
on data flow path.
11. • Sinkhole Attacks:
– Main Reason : Specialized communication
patterns supported by wsn; All packets
have same destination i.e. base station.
– Adversary tries to attract traffic from a
particular area to pass through a
compromised node, thereby creating
sinkhole with adversary at the center.
– A compromised node may be made to look
attractive to neighbors in some routing
algorithm
– Laptop class adversary provide a high
quality route to base station by
transmitting at high power which will cause
the neighboring nodes to forward packets
through the adversary.
12. • Sybil Attack:
-> Single node presents multiple identities to other
nodes.
-> Significantly affect fault-tolerance schemes like
distributed storage, multi-path routing, topology
maintenance.
-> Threat to geographical routing protocols.
• Wormholes:
-> Transfer of packets from sender to receiver occurs
through a low latency route formed by creation of
wormhole.
-> This poses a threat to routing protocols which rely
heavily on geographic locations and proximity.
-> Selective forwarding and sinkhole attacks can be
launched from wormhole.
13. • HELLO flood attack:
-> Some protocols require that nodes
broadcast ‘HELLO’ packets to advertise
themselves.
-> Laptop-class attacker can convince every
node that it is their neighbor by
transmitting at high power.
-> Target nodes attempts to reply, but the
adversary is out of range.
->This creates a state of confusion in the
network
14. Attack on LEACH protocol
• Low Energy Adaptive Clustering Hierarchy ("LEACH") is a TDMA-
based MAC protocol which is integrated with clustering in wireless sensor
networks (WSNs).
• The goal of LEACH is to lower the energy consumption required to create and
maintain clusters in order to improve the life time of a wireless sensor network.
• In LEACH nodes transmit to cluster heads, and the cluster heads aggregate and
compress the data and forward it to the base station(sink).
Attack:
• Since nodes choose a cluster-head based on received signal strength, an
adversary can disable the entire network by using HELLO flood attack.
• Every node will choose the adversary as its cluster head and the adversary now
can use selective forwarding attack to modify the node data.
• Simple countermeasure like changing the cluster-head for each round will easily
be compromised by Sybil attack.
15. Countermeasures
• Outsider attack and link layer security
-> Outside attackers can be reduced by link layer security and authentication using
a global shared key.
-> Sybil, Sinkhole, Selective forwarding attacks can be restricted as node doesn’t
accept identity of adversary and the adversary is prevented from joining
topology.
-> Ineffective against Insider attacks like wormhole, Hello flood attacks.
• Sybil attack
-> Every node shares a unique symmetric key with the base station.
-> Then two nodes generate pair-wise shared secret key between them (Needham
– Schroeder symmetric key exchange) for ‘Identity verification’
-> Limit the number of neighbors for a node prevent adversary from
establishing shared keys with everyone.
16. • HELLO flood attack
-> Verification of bidirectionality of a link before taking meaningful action using Identity
verification protocol.
-> Nodes are connected to limited verified neighbors, so even with a high sensitive
adversary the compromise of nodes is not on a large segment of network.
• Wormhole and Sinkhole attacks
-> Very difficult to defend when two are used in combination as wormholes use out-of-
bound channels invisible to networks.
-> Whereas sinkholes are difficult to defend against protocols using advertising
information.
-> Good protocol design is required to avoid these attacks.
Eg: Geographic routing protocol can be used to avoid wormhole and sinkhole attacks as
it is a location based protocol.
>> Initiation is not from base station and the traffic is naturally routed towards physical
location of base station hence difficult to create a wormhole and sinkhole.
17. • Selective forwarding
-> Use Multipath Routing; messages routed over disjoint paths.
-> Messages routed on n disjoint paths protected against selective forwarding offer
probabilistic protection when over n nodes are compromised.
18. Future Enhancements
• This survey on attacks and countermeasures in wireless sensor network
routing protocols will help in better design of routing protocols at
development stage.
• If design of routing protocols satisfies the proposed security goals then
effective defending against adversaries will be achieved.
19. Conclusion
• Different security problems in sensor networks.
• Different types of attacks on the sensor networks from inside attackers
and outside attackers.
• Countermeasures to avoid the occurrence of these attacks.
• Hence, Protocols developed for routing in wireless sensor networks must
be designed with security features in view.
20. References:
1. Chris Karlof and David Wagner, Secure routing in wireless sensor networks:
Attacks and countermeasures, University of california, Berkeley, IEEE 2003.
2. K.Venkatraman, J.Vijay Daniel, G.Murugaboopathi, Various attacks in Wireless
Sensor network: Survey, VelTech group of institution, IJSCE, March 2013.
3. Aashima Singla, Ratika Sachdeva, Review on Security Issues and Attacks in
Wireless Sensor Networks, Department of CSE Sri Guru Granth Sahib World
University, IJARCSSE, April 2013.
4. J.Steffi Agino, Priyanka, S.Tephillah, A.M.Balamurugan, Attacks and
countermeasures in WSN, St. Joseph’s College of Engineering, Chennai, Tamil
Nadu, IPASJ, January 2014.
5. I. R. Uouceur, "The Sybil Attack:' in 1st lnternational Workshop on Peer-to-
Peer Systems (IPTPS '0202). March 2002.