The document presents a new ontology for classifying attacks in wireless sensor networks (WSNs). The ontology aims to identify the intention of the attacker, their capabilities to carry out attacks, the target, and the ultimate result. It is a high-level abstraction that is independent of the intrusion detection system used. The document also surveys known vulnerabilities and attacks in WSNs and presents some defenses. It defines the ontology for classifying WSN attacks, which includes four main classes: intention, movement, target, and result. Each attack has an intention comprising information gathering, exploits, and contamination phases.
1) This document proposes a new anomaly detection scheme for mobile ad hoc networks (MANETs) based on dynamic learning.
2) The scheme uses a statistical decision theory to calculate projection distances between the current and normal states of nodes using weighted coefficients and a forgetting curve.
3) Simulations evaluate the scheme's effectiveness in detecting five types of attacks on the ad hoc on-demand distance vector (AODV) routing protocol for MANETs of different sizes.
Protecting location privacy in sensor networks against a global eavesdropperJPINFOTECH JAYAPRAKASH
The document proposes two techniques - periodic collection and source simulation - to prevent leakage of location information in sensor networks from a global eavesdropper. Periodic collection provides high location privacy while source simulation provides tradeoffs between privacy, communication cost, and latency. The techniques are efficient and effective at providing source and sink location privacy compared to existing methods that only defend against local adversaries.
Analysis of security threats in wireless sensor networkijwmn
Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide
in the past few years, so does the need for effective security mechanisms. The sensing technology
combined with processing power and wireless communication makes it lucrative for being exploited in
abundance in future. The inclusion of wireless communication technology also incurs various types of
security threats due to unattended installation of sensor nodes as sensor networks may interact with
sensitive data and /or operate in hostile unattended environments. These security concerns be addressed
from the beginning of the system design. The intent of this paper is to investigate the security related
issues in wireless sensor networks. In this paper we have explored general security threats in wireless
sensor network with extensive study.
This document discusses security analysis of distributed systems. It outlines that security analysis involves specifying the participating entities, a security property, and checking if that property is satisfied across all possible executions despite interference from attackers. Some example security properties mentioned are secrecy, authentication, and strong secrecy. Analyzing distributed systems security is challenging due to their non-deterministic and infinitely branching nature.
A review of security attacks and intrusion detection schemes in wireless sens...ijwmn
Wireless sensor networks are currently the greatest innovation in the field of telecommunications. WSNs
have a wide range of potential applications, including security and surveillance, control, actuation and
maintenance of complex systems and fine-grain monitoring of indoor and outdoor environments. However
security is one of the major aspects of Wireless sensor networks due to the resource limitations of sensor
nodes. Those networks are facing several threats that affect their functioning and their life. In this paper we
present security attacks in wireless sensor networks, and we focus on comparison and analysis of recent
Intrusion Detection schemes in WSNs.
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolIJMTST Journal
This document summarizes an enhanced adaptive acknowledgement protocol for securing wireless sensor network communication. It begins by describing security challenges in WSNs like the wireless medium, hostile environments, and resource constraints. It then discusses common security attacks like black hole and grey hole attacks. Existing acknowledgement schemes like Watchdog, TWOACK, and AACK are explained along with their limitations in detecting such attacks. The document proposes an Enhanced Adaptive Acknowledgement (EAACK) scheme that uses ACK, Secure ACK, and Misbehavior Report Authentication to better detect attacks while reducing overhead. EAACK aims to securely detect black hole, grey hole, and false misbehavior reporting in wireless sensor networks.
International Journal of Computer Science and Security Volume (2) Issue (1)CSCJournals
This document discusses intrusion detection in mobile ad hoc networks (MANETs). It begins with background on intrusion detection systems (IDS) in general and why they are important for MANETs given their vulnerabilities. It then discusses three key aspects of IDS for MANETs: common attacks on MANETs, architectures for IDS in MANETs, and achievements in research on IDS for MANETs. Specifically, it reviews research on IDS architectures, detection techniques, resistance to attack types, and applicability to different routing protocols. The document provides an overview of issues and approaches regarding securing MANETs through intrusion detection.
The document describes an intrusion detection system for cluster-based wireless sensor networks. It proposes using MAC address-based intruder tracking to detect intruders early. The system divides the network into clusters, with cluster heads monitoring members. It uses port numbers, IP addresses and MAC addresses to authenticate nodes and detect intruders pretending to be valid nodes. If intruder behavior is detected, an alarm is raised. The approach aims to securely transmit data in the network by identifying and preventing malicious intrusions and attacks.
1) This document proposes a new anomaly detection scheme for mobile ad hoc networks (MANETs) based on dynamic learning.
2) The scheme uses a statistical decision theory to calculate projection distances between the current and normal states of nodes using weighted coefficients and a forgetting curve.
3) Simulations evaluate the scheme's effectiveness in detecting five types of attacks on the ad hoc on-demand distance vector (AODV) routing protocol for MANETs of different sizes.
Protecting location privacy in sensor networks against a global eavesdropperJPINFOTECH JAYAPRAKASH
The document proposes two techniques - periodic collection and source simulation - to prevent leakage of location information in sensor networks from a global eavesdropper. Periodic collection provides high location privacy while source simulation provides tradeoffs between privacy, communication cost, and latency. The techniques are efficient and effective at providing source and sink location privacy compared to existing methods that only defend against local adversaries.
Analysis of security threats in wireless sensor networkijwmn
Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide
in the past few years, so does the need for effective security mechanisms. The sensing technology
combined with processing power and wireless communication makes it lucrative for being exploited in
abundance in future. The inclusion of wireless communication technology also incurs various types of
security threats due to unattended installation of sensor nodes as sensor networks may interact with
sensitive data and /or operate in hostile unattended environments. These security concerns be addressed
from the beginning of the system design. The intent of this paper is to investigate the security related
issues in wireless sensor networks. In this paper we have explored general security threats in wireless
sensor network with extensive study.
This document discusses security analysis of distributed systems. It outlines that security analysis involves specifying the participating entities, a security property, and checking if that property is satisfied across all possible executions despite interference from attackers. Some example security properties mentioned are secrecy, authentication, and strong secrecy. Analyzing distributed systems security is challenging due to their non-deterministic and infinitely branching nature.
A review of security attacks and intrusion detection schemes in wireless sens...ijwmn
Wireless sensor networks are currently the greatest innovation in the field of telecommunications. WSNs
have a wide range of potential applications, including security and surveillance, control, actuation and
maintenance of complex systems and fine-grain monitoring of indoor and outdoor environments. However
security is one of the major aspects of Wireless sensor networks due to the resource limitations of sensor
nodes. Those networks are facing several threats that affect their functioning and their life. In this paper we
present security attacks in wireless sensor networks, and we focus on comparison and analysis of recent
Intrusion Detection schemes in WSNs.
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolIJMTST Journal
This document summarizes an enhanced adaptive acknowledgement protocol for securing wireless sensor network communication. It begins by describing security challenges in WSNs like the wireless medium, hostile environments, and resource constraints. It then discusses common security attacks like black hole and grey hole attacks. Existing acknowledgement schemes like Watchdog, TWOACK, and AACK are explained along with their limitations in detecting such attacks. The document proposes an Enhanced Adaptive Acknowledgement (EAACK) scheme that uses ACK, Secure ACK, and Misbehavior Report Authentication to better detect attacks while reducing overhead. EAACK aims to securely detect black hole, grey hole, and false misbehavior reporting in wireless sensor networks.
International Journal of Computer Science and Security Volume (2) Issue (1)CSCJournals
This document discusses intrusion detection in mobile ad hoc networks (MANETs). It begins with background on intrusion detection systems (IDS) in general and why they are important for MANETs given their vulnerabilities. It then discusses three key aspects of IDS for MANETs: common attacks on MANETs, architectures for IDS in MANETs, and achievements in research on IDS for MANETs. Specifically, it reviews research on IDS architectures, detection techniques, resistance to attack types, and applicability to different routing protocols. The document provides an overview of issues and approaches regarding securing MANETs through intrusion detection.
The document describes an intrusion detection system for cluster-based wireless sensor networks. It proposes using MAC address-based intruder tracking to detect intruders early. The system divides the network into clusters, with cluster heads monitoring members. It uses port numbers, IP addresses and MAC addresses to authenticate nodes and detect intruders pretending to be valid nodes. If intruder behavior is detected, an alarm is raised. The approach aims to securely transmit data in the network by identifying and preventing malicious intrusions and attacks.
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
Wireless sensor networks (WSNs) consists of small nodes with constrain capabilities. It enables numerous
applications with distributed network infrastructure. With its nature and application scenario, security of
WSN had drawn a great attention. In malicious environments for a functional WSN, security mechanisms
are essential. Malicious or internal attacker has gained attention as the most challenging attacks to
WSNs. Many works have been done to secure WSN from internal attacks but most of them relay on either
training data set or predefined thresholds. It is a great challenge to find or gain knowledge about the
Malicious. In this paper, we develop the algorithm in two stages. Initially, Abnormal Behaviour
Identification Mechanism (ABIM) which uses cosine similarity. Finally, Dempster-Shafer theory (DST)is
used. Which combine multiple evidences to identify the malicious or internal attacks in a WSN. In this
method we do not need any predefined threshold or tanning data set of the nodes.
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
Self protection mechanism for wireless sensor networksIJNSA Journal
Because of the widespread use of wireless sensor ne
tworks in many applications, and due to the nature
of
the specifications of these networks (WSN) in terms
of wireless communication, the network contract
specifications, and published it in difficult envir
onments. All this leads to the network exposure to
many
types of external attacks. Therefore, the protectio
n of these networks from external attacks is consid
ered the
one of the most important researches at this time.
In this paper we investigated the security in wirel
ess
sensor networks, Limitations of WSN, Characteristic
Values for some types of attacks, and have been
providing protection mechanism capable of detecting
and protecting wireless sensor networks from a wid
e
range of attacks.
Protocols for detection of node replication attack on wireless sensor networkIOSR Journals
This document summarizes two techniques for detecting node replication attacks in wireless sensor networks: centralized detection and distributed detection. Centralized detection involves nodes reporting information to a base station, which can detect replication by identifying conflicting location claims for the same node ID. Distributed detection techniques like witness-based strategies and deployment knowledge allow nodes to detect replication locally without a base station through methods like node broadcasting claims to witness nodes. The document analyzes the advantages and limitations of each approach.
This document provides an overview of concepts in image steganography. It defines key terms like cover object, stego object, and discusses the prisoner's problem framework for steganography. It also discusses different approaches to defining steganographic security, including defining it based on the distinguishability of cover and stego object probability distributions or the error rates of a warden's detection test. The document reviews how security is quantified using relative entropy between distributions.
Mobile ad hoc network (MANETs) is an emerging
area with practical applications. One such field concerns
mobile ad hoc networks (MANETs) in which mobile nodes
organize themselves in a network without the help of any
predefined infrastructure. Securing MANETs is an important
part of deploying and utilizing them, since them are often
used in critical applications where data and communications
integrity in important. Existing solutions for wireless
networks can be used to obtain a certain level of such security.
Nevertheless, these solutions may not always be sufficient, as
ad-hoc networks have their own vulnerabilities that cannot
be addressed by these solutions. To obtain an acceptable level
of security in such a context, traditional security solutions
should be coupled with an intrusion detection mechanism.
We propose using a quantitative method to detect intrusion in
MANETS with mobile nodes. Our method is a behavioral
anomaly based system, which makes it dynamic, scalable,
configurable and robust. Finally, we verify our method by
running ns2 simulations with mobile nodes using Ad-hoc ondemand
Distance Vector (AODV) routing. It is observed that
the malicious node detection rate is very good, and the false
positive detection rate is low
DYNAMIC NEURAL NETWORKS IN THE DETECTION OF DISTRIBUTED ATTACKS IN MOBILE AD-...IJNSA Journal
This document summarizes research on developing a distributed intrusion detection system for mobile ad hoc networks (MANETs) using dynamic neural networks. The system uses learning vector quantization neural networks distributed across nodes to identify patterns of network attacks. In a simulation of 18 nodes, the system successfully detected 80% of man-in-the-middle attacks on the ad hoc on-demand distance vector routing protocol. The distributed nature of the neural network approach helps overcome limitations of bandwidth and connectivity in MANETs compared to traditional centralized intrusion detection systems.
CROSS LAYER INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORKIJNSA Journal
The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate its effectiveness in detecting different types of attacks at multiple layers of the OSI model.
A SURVEY ON SECURITY IN WIRELESS SENSOR NETWORKSIJNSA Journal
The emergence of wireless sensor networks (WSNs) can be considered one of the most important
revolutions in the field of information and communications technology (ICT). Recently, there has been a
dramatic increase in the use of WSN applications such as surveillance systems, battleground applications,
object tracking, habitat monitoring, forest fire detection and patient monitoring. Due to limitations of
sensor nodes in terms of energy, storage and computational ability, many security issues have arisen in
such applications. As a result, many solutions and approaches have been proposed for different attacks and
vulnerabilities to achieve security requirements. This paper surveys different security approaches for
WSNs, examining various types of attacks and corresponding techniques for tackling these. The strengths
and weaknesses for each technique are also discussed at the conclusion of this paper.
For further details contact:
N.RAJASEKARAN B.E M.S 9841091117,9840103301.
IMPULSE TECHNOLOGIES,
Old No 251, New No 304,
2nd Floor,
Arcot road ,
Vadapalani ,
Chennai-26.
www.impulse.net.in
Email: ieeeprojects@yahoo.com/ imbpulse@gmail.com
This document summarizes an article about intrusion detection systems (IDS) for secure mobile ad hoc networks (MANETs). It discusses the distributed and cooperative architecture of IDS for MANETs, where each node runs an IDS agent to detect intrusions locally and cooperate with other nodes. It describes several IDS approaches for MANETs including the Watchdog technique to detect misbehaving nodes, the Pathrater technique to find routes without those nodes, and the CORE technique which uses a collaborative reputation system. The document concludes that considering these IDS techniques can help make MANETs more secure.
An Intuitionistic Fuzzy Sets Implementation for Key Distribution in Hybrid Me...IJAAS Team
This document presents a new model for securing key distribution in wireless sensor networks (WSNs) using intuitionistic fuzzy sets. The model determines the appropriate length of an intermediate encryption key based on network parameters like node count, node authentication history, trusted neighbor count, key change frequency, and desired key length. An intuitionistic fuzzy sets implementation assigns membership and non-membership values to each parameter. Based on the combinations of parameter values, intuitionistic rules output a session key scale and corresponding key length ranging from very low to very high security. The model was experimentally shown to efficiently create and distribute keys compared to other models.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A Survey on Threats and Security schemes in Wireless Sensor NetworksIJERA Editor
It is difficult to achieve and become particularly acute in wireless sensor networks due to the limitation in network capability, computational power and memory which do not allow for implementation of complex security mechanism because security being vital to the acceptance and use of wireless sensor networks for many applications. In this paper we have explored general security threats in wireless sensor networks and analyzed them. This paper is an attempt to survey and analyze the threats to the wireless sensor networks and focus on the type of attacks and achieve secure communication in wireless sensor networks.
1) The document discusses security attacks in wireless sensor networks (WSNs). It provides an overview of the types of WSNs and their components.
2) It describes the main security challenges in WSNs like remote locations, lack of central control, and resource constraints.
3) The document outlines different security attacks in WSNs including denial of service attacks, traffic analysis, wormhole attacks, and jamming.
4) Defensive measures to secure WSNs like key establishment and intrusion detection are also discussed.
This document is a project report submitted by two students, Mohammad Kafee Uddin and Aloukik Mishra, to the Department of Computer Science and Engineering at the Indian School of Mines in partial fulfillment of the requirements for a Bachelor of Technology degree in Computer Science and Engineering. The report surveys routing protocols for wireless sensor networks and provides a classification of different routing protocols according to their mode of functioning, participation style of nodes, and network structure.
Wireless sensor networks combine sensing, computation and communication capabilities into small sensor nodes. A wireless sensor network consists of multiple sensor nodes that communicate wirelessly to perform distributed sensing tasks. Each sensor node contains components for power, computation, sensing and communication. Security is important for wireless sensor networks due to their widespread applications and vulnerabilities like traffic analysis attacks and Sybil attacks. Common security techniques for wireless sensor networks include encryption, cryptography and access control protocols.
The document discusses wireless sensor networks and describes their key characteristics. It notes that wireless sensor networks consist of low-power smart sensor nodes distributed over a large field to enable wireless sensing and data networking. The sensor nodes contain sensors, processors, memory, and radios. Wireless sensor networks can be either unstructured with dense node distribution or structured with few scattered nodes.
This document discusses wireless sensor networks. It outlines their applications such as environmental monitoring, health care, and military uses. It also examines factors that influence sensor network design like fault tolerance, scalability, production costs, and power consumption. The communication architecture of sensor networks is presented, including the application, transport, network, data link, and physical layers. Sensor networks have the potential to be widely used in many applications due to their flexibility and fault tolerance.
Context-Aware Intrusion Detection and Tolerance in MANETsIDES Editor
Mobile ad-hoc network (MANET) is a
decentralized network where each node will forward the data
to other nodes. The major challenge in handling security in
MANETs is that the network is not constant and thereby it is
difficult to set a constant algorithm for detecting the intrusion.
In this work, a context-aware intrusion detection and
tolerance module for MANETs is proposed. A node in
MANET can be a filtering node or a monitor node. The
intrusion detection based on context awareness is done with
the help of filtering and monitoring nodes and intrusion
tolerance is done with the help of membership policy. The
filtering nodes have minimum level of static database and the
monitoring nodes have a database with learning capability.
For tolerance, the nodes which are not a member are denied
service while the nodes which are members are allowed the
service according to some specific rules.
SELF-PROTECTION MECHANISM FOR WIRELESS SENSOR NETWORKS IJNSA Journal
Because of the widespread use of wireless sensor networks in many applications, and due to the nature of the specifications of these networks (WSN) in terms of wireless communication, the network contract specifications, and published it in difficult environments. All this leads to the network exposure to many types of external attacks. Therefore, the protection of these networks from external attacks is considered the one of the most important researches at this time. In this paper we investigated the security in wireless sensor networks, Limitations of WSN, Characteristic Values for some types of attacks, and have been providing protection mechanism capable of detecting and protecting wireless sensor networks from a wide range of attacks.
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
Wireless sensor networks (WSNs) consists of small nodes with constrain capabilities. It enables numerous
applications with distributed network infrastructure. With its nature and application scenario, security of
WSN had drawn a great attention. In malicious environments for a functional WSN, security mechanisms
are essential. Malicious or internal attacker has gained attention as the most challenging attacks to
WSNs. Many works have been done to secure WSN from internal attacks but most of them relay on either
training data set or predefined thresholds. It is a great challenge to find or gain knowledge about the
Malicious. In this paper, we develop the algorithm in two stages. Initially, Abnormal Behaviour
Identification Mechanism (ABIM) which uses cosine similarity. Finally, Dempster-Shafer theory (DST)is
used. Which combine multiple evidences to identify the malicious or internal attacks in a WSN. In this
method we do not need any predefined threshold or tanning data set of the nodes.
Dear Students
Ingenious techno Solution offers an expertise guidance on you Final Year IEEE & Non- IEEE Projects on the following domain
JAVA
.NET
EMBEDDED SYSTEMS
ROBOTICS
MECHANICAL
MATLAB etc
For further details contact us:
enquiry@ingenioustech.in
044-42046028 or 8428302179.
Ingenious Techno Solution
#241/85, 4th floor
Rangarajapuram main road,
Kodambakkam (Power House)
http://www.ingenioustech.in/
Self protection mechanism for wireless sensor networksIJNSA Journal
Because of the widespread use of wireless sensor ne
tworks in many applications, and due to the nature
of
the specifications of these networks (WSN) in terms
of wireless communication, the network contract
specifications, and published it in difficult envir
onments. All this leads to the network exposure to
many
types of external attacks. Therefore, the protectio
n of these networks from external attacks is consid
ered the
one of the most important researches at this time.
In this paper we investigated the security in wirel
ess
sensor networks, Limitations of WSN, Characteristic
Values for some types of attacks, and have been
providing protection mechanism capable of detecting
and protecting wireless sensor networks from a wid
e
range of attacks.
Protocols for detection of node replication attack on wireless sensor networkIOSR Journals
This document summarizes two techniques for detecting node replication attacks in wireless sensor networks: centralized detection and distributed detection. Centralized detection involves nodes reporting information to a base station, which can detect replication by identifying conflicting location claims for the same node ID. Distributed detection techniques like witness-based strategies and deployment knowledge allow nodes to detect replication locally without a base station through methods like node broadcasting claims to witness nodes. The document analyzes the advantages and limitations of each approach.
This document provides an overview of concepts in image steganography. It defines key terms like cover object, stego object, and discusses the prisoner's problem framework for steganography. It also discusses different approaches to defining steganographic security, including defining it based on the distinguishability of cover and stego object probability distributions or the error rates of a warden's detection test. The document reviews how security is quantified using relative entropy between distributions.
Mobile ad hoc network (MANETs) is an emerging
area with practical applications. One such field concerns
mobile ad hoc networks (MANETs) in which mobile nodes
organize themselves in a network without the help of any
predefined infrastructure. Securing MANETs is an important
part of deploying and utilizing them, since them are often
used in critical applications where data and communications
integrity in important. Existing solutions for wireless
networks can be used to obtain a certain level of such security.
Nevertheless, these solutions may not always be sufficient, as
ad-hoc networks have their own vulnerabilities that cannot
be addressed by these solutions. To obtain an acceptable level
of security in such a context, traditional security solutions
should be coupled with an intrusion detection mechanism.
We propose using a quantitative method to detect intrusion in
MANETS with mobile nodes. Our method is a behavioral
anomaly based system, which makes it dynamic, scalable,
configurable and robust. Finally, we verify our method by
running ns2 simulations with mobile nodes using Ad-hoc ondemand
Distance Vector (AODV) routing. It is observed that
the malicious node detection rate is very good, and the false
positive detection rate is low
DYNAMIC NEURAL NETWORKS IN THE DETECTION OF DISTRIBUTED ATTACKS IN MOBILE AD-...IJNSA Journal
This document summarizes research on developing a distributed intrusion detection system for mobile ad hoc networks (MANETs) using dynamic neural networks. The system uses learning vector quantization neural networks distributed across nodes to identify patterns of network attacks. In a simulation of 18 nodes, the system successfully detected 80% of man-in-the-middle attacks on the ad hoc on-demand distance vector routing protocol. The distributed nature of the neural network approach helps overcome limitations of bandwidth and connectivity in MANETs compared to traditional centralized intrusion detection systems.
CROSS LAYER INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORKIJNSA Journal
The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate its effectiveness in detecting different types of attacks at multiple layers of the OSI model.
A SURVEY ON SECURITY IN WIRELESS SENSOR NETWORKSIJNSA Journal
The emergence of wireless sensor networks (WSNs) can be considered one of the most important
revolutions in the field of information and communications technology (ICT). Recently, there has been a
dramatic increase in the use of WSN applications such as surveillance systems, battleground applications,
object tracking, habitat monitoring, forest fire detection and patient monitoring. Due to limitations of
sensor nodes in terms of energy, storage and computational ability, many security issues have arisen in
such applications. As a result, many solutions and approaches have been proposed for different attacks and
vulnerabilities to achieve security requirements. This paper surveys different security approaches for
WSNs, examining various types of attacks and corresponding techniques for tackling these. The strengths
and weaknesses for each technique are also discussed at the conclusion of this paper.
For further details contact:
N.RAJASEKARAN B.E M.S 9841091117,9840103301.
IMPULSE TECHNOLOGIES,
Old No 251, New No 304,
2nd Floor,
Arcot road ,
Vadapalani ,
Chennai-26.
www.impulse.net.in
Email: ieeeprojects@yahoo.com/ imbpulse@gmail.com
This document summarizes an article about intrusion detection systems (IDS) for secure mobile ad hoc networks (MANETs). It discusses the distributed and cooperative architecture of IDS for MANETs, where each node runs an IDS agent to detect intrusions locally and cooperate with other nodes. It describes several IDS approaches for MANETs including the Watchdog technique to detect misbehaving nodes, the Pathrater technique to find routes without those nodes, and the CORE technique which uses a collaborative reputation system. The document concludes that considering these IDS techniques can help make MANETs more secure.
An Intuitionistic Fuzzy Sets Implementation for Key Distribution in Hybrid Me...IJAAS Team
This document presents a new model for securing key distribution in wireless sensor networks (WSNs) using intuitionistic fuzzy sets. The model determines the appropriate length of an intermediate encryption key based on network parameters like node count, node authentication history, trusted neighbor count, key change frequency, and desired key length. An intuitionistic fuzzy sets implementation assigns membership and non-membership values to each parameter. Based on the combinations of parameter values, intuitionistic rules output a session key scale and corresponding key length ranging from very low to very high security. The model was experimentally shown to efficiently create and distribute keys compared to other models.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
A Survey on Threats and Security schemes in Wireless Sensor NetworksIJERA Editor
It is difficult to achieve and become particularly acute in wireless sensor networks due to the limitation in network capability, computational power and memory which do not allow for implementation of complex security mechanism because security being vital to the acceptance and use of wireless sensor networks for many applications. In this paper we have explored general security threats in wireless sensor networks and analyzed them. This paper is an attempt to survey and analyze the threats to the wireless sensor networks and focus on the type of attacks and achieve secure communication in wireless sensor networks.
1) The document discusses security attacks in wireless sensor networks (WSNs). It provides an overview of the types of WSNs and their components.
2) It describes the main security challenges in WSNs like remote locations, lack of central control, and resource constraints.
3) The document outlines different security attacks in WSNs including denial of service attacks, traffic analysis, wormhole attacks, and jamming.
4) Defensive measures to secure WSNs like key establishment and intrusion detection are also discussed.
This document is a project report submitted by two students, Mohammad Kafee Uddin and Aloukik Mishra, to the Department of Computer Science and Engineering at the Indian School of Mines in partial fulfillment of the requirements for a Bachelor of Technology degree in Computer Science and Engineering. The report surveys routing protocols for wireless sensor networks and provides a classification of different routing protocols according to their mode of functioning, participation style of nodes, and network structure.
Wireless sensor networks combine sensing, computation and communication capabilities into small sensor nodes. A wireless sensor network consists of multiple sensor nodes that communicate wirelessly to perform distributed sensing tasks. Each sensor node contains components for power, computation, sensing and communication. Security is important for wireless sensor networks due to their widespread applications and vulnerabilities like traffic analysis attacks and Sybil attacks. Common security techniques for wireless sensor networks include encryption, cryptography and access control protocols.
The document discusses wireless sensor networks and describes their key characteristics. It notes that wireless sensor networks consist of low-power smart sensor nodes distributed over a large field to enable wireless sensing and data networking. The sensor nodes contain sensors, processors, memory, and radios. Wireless sensor networks can be either unstructured with dense node distribution or structured with few scattered nodes.
This document discusses wireless sensor networks. It outlines their applications such as environmental monitoring, health care, and military uses. It also examines factors that influence sensor network design like fault tolerance, scalability, production costs, and power consumption. The communication architecture of sensor networks is presented, including the application, transport, network, data link, and physical layers. Sensor networks have the potential to be widely used in many applications due to their flexibility and fault tolerance.
Context-Aware Intrusion Detection and Tolerance in MANETsIDES Editor
Mobile ad-hoc network (MANET) is a
decentralized network where each node will forward the data
to other nodes. The major challenge in handling security in
MANETs is that the network is not constant and thereby it is
difficult to set a constant algorithm for detecting the intrusion.
In this work, a context-aware intrusion detection and
tolerance module for MANETs is proposed. A node in
MANET can be a filtering node or a monitor node. The
intrusion detection based on context awareness is done with
the help of filtering and monitoring nodes and intrusion
tolerance is done with the help of membership policy. The
filtering nodes have minimum level of static database and the
monitoring nodes have a database with learning capability.
For tolerance, the nodes which are not a member are denied
service while the nodes which are members are allowed the
service according to some specific rules.
SELF-PROTECTION MECHANISM FOR WIRELESS SENSOR NETWORKS IJNSA Journal
Because of the widespread use of wireless sensor networks in many applications, and due to the nature of the specifications of these networks (WSN) in terms of wireless communication, the network contract specifications, and published it in difficult environments. All this leads to the network exposure to many types of external attacks. Therefore, the protection of these networks from external attacks is considered the one of the most important researches at this time. In this paper we investigated the security in wireless sensor networks, Limitations of WSN, Characteristic Values for some types of attacks, and have been providing protection mechanism capable of detecting and protecting wireless sensor networks from a wide range of attacks.
Various OSI Layer Attacks and Countermeasure to Enhance the Performance of WS...IDES Editor
Wireless sensor networks are networks having non
wired infrastructure and dynamic topology. In OSI model each
layer is prone to various attacks, which halts the performance
of a network .In this paper several attacks on four layers of
OSI model are discussed and security mechanism is described
to prevent attack in network layer i.e wormhole attack. In
Wormhole attack two or more malicious nodes makes a covert
channel which attracts the traffic towards itself by depicting a
low latency link and then start dropping and replaying packets
in the multi-path route. This paper proposes promiscuous mode
method to detect and isolate the malicious node during
wormhole attack by using Ad-hoc on demand distance vector
routing protocol (AODV) with omnidirectional antenna. The
methodology implemented notifies that the nodes which are
not participating in multi-path routing generates an alarm
message during delay and then detects and isolate the
malicious node from network. We also notice that not only
the same kind of attacks but also the same kind of
countermeasures can appear in multiple layer. For example,
misbehavior detection techniques can be applied to almost all
the layers we discussed.
NOVEL HYBRID INTRUSION DETECTION SYSTEM FOR CLUSTERED WIRELESS SENSOR NETWORKIJNSA Journal
Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.
Wireless sensor Network using Zero Knowledge Protocol pptsofiakhatoon
This document proposes a security model for wireless sensor networks that addresses cloning attacks, man-in-the-middle attacks, and replay attacks. It divides sensor nodes into base stations, cluster heads, and member nodes. Each node knows its cluster head, and base stations store information on all nodes. The model uses a "social fingerprint" based on neighboring nodes and zero knowledge protocols to detect cloned nodes and verify sender authenticity without transmitting sensitive information. Screenshots demonstrate implementation and the model is analyzed for various attack scenarios, performance, and cryptographic strength.
The document proposes a security model for wireless sensor networks using zero knowledge protocol. It addresses security threats like cloning attacks, man-in-the-middle attacks, and replay attacks. The model uses a unique fingerprint for each node based on its neighboring nodes to detect cloning. It also uses zero knowledge protocol for sensor nodes to verify authenticity without transmitting cryptographic information, preventing man-in-the-middle and replay attacks. The paper analyzes the performance and security of the proposed model.
The document provides a review of recent intrusion detection systems for wireless sensor networks. It begins with an introduction to wireless sensor networks and different types of intrusions. It then analyzes 14 recent intrusion detection systems, listing their advantages and disadvantages. Finally, it concludes that future work is needed to develop systems that can accurately detect intrusions in an energy-efficient manner.
A COMPARISON OF PHYSICAL ATTACKS ON WIRELESS SENSOR NETWORKSijp2p
Wireless sensor networks (WSNs) have many potential applications [1, 5] and unique challenges. They
usually consist of hundreds or thousands small sensor nodes such as MICA2, which operate
autonomously; conditions such as cost, invisible deployment and many application domains, lead to small
size and limited resources sensors [2]. WSNs are susceptible to many types of physical attacks [1] and
most of traditional networks security techniques are unusable on WSNs[2]; due to wireless and shared
nature of communication channel, untrusted transmissions, deployment in open environments, unattended
nature and limited resources [1]. So, security is a vital requirement for these networks; but we have to
design a proper security mechanism that attends to WSN's constraints and requirements. In this paper, we
focus on security of WSNs, divide it (the WSNs security) into four categories and will consider them,
include: an overview of WSNs, security in WSNs, the threat model on WSNs, a wide variety of WSNs'
physical attacks and a comparison of them. This work enables us to identify the purpose and capabilities
of the attackers; also, the goal, final result and effects of the physical attacks on WSNs are introduced.
Also this paper discusses known approaches of security detection and defensive mechanisms against the
physical attacks; this would enable it security managers to manage the physical attacks of WSNs more
effectively.
A COMPARISON OF PHYSICAL ATTACKS ON WIRELESS SENSOR NETWORKSijp2p
Wireless sensor networks (WSNs) have many potential applications [1, 5] and unique challenges. They
usually consist of hundreds or thousands small sensor nodes such as MICA2, which operate
autonomously; conditions such as cost, invisible deployment and many application domains, lead to small
size and limited resources sensors [2]. WSNs are susceptible to many types of physical attacks [1] and
most of traditional networks security techniques are unusable on WSNs[2]; due to wireless and shared
nature of communication channel, untrusted transmissions, deployment in open environments, unattended
nature and limited resources [1]. So, security is a vital requirement for these networks; but we have to
design a proper security mechanism that attends to WSN's constraints and requirements. In this paper, we
focus on security of WSNs, divide it (the WSNs security) into four categories and will consider them,
include: an overview of WSNs, security in WSNs, the threat model on WSNs, a wide variety of WSNs'
physical attacks and a comparison of them. This work enables us to identify the purpose and capabilities
of the attackers; also, the goal, final result and effects of the physical attacks on WSNs are introduced.
Also this paper discusses known approaches of security detection and defensive mechanisms against the
physical attacks; this would enable it security managers to manage the physical attacks of WSNs more
effectively.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
This document proposes a hybrid intrusion detection system (HIDS) for wireless sensor networks. The HIDS combines cluster-based and rule-based intrusion detection techniques. It is designed to address the limited resources of sensor networks while achieving high detection rates and low false positives. The system works by using cluster heads to detect intrusions based on both anomaly detection and comparing activities to known attack behaviors. A simulation evaluated the HIDS and found it performed intrusion detection efficiently while being energy efficient and having a high detection rate.
This document summarizes security schemes for wireless sensor networks, including TinySec, IEEE 802.15.4, and others. It discusses the challenges of WSNs like power constraints and limited resources. It also outlines common security threats to WSNs such as denial of service attacks, attacks on information in transit, Sybil attacks, black hole/sinkhole attacks, and hello flood attacks. The document evaluates the feasibility of applying basic security schemes like cryptography and steganography to WSNs given their unique constraints and requirements.
Detection of Various Attacks using Zero Knowledge Protocol in Wireless Securityijceronline
The security mechanism are not used directly in wireless sensor networks compare to wired networks, there is no user control and insufficient energy resources. In wireless environment, proposing the scheme of detection of distributed sensor cloning attacks and Zero knowledge protocols (ZKP) are used to verifying authenticity of the sender sensor nodes. Cloning attack is concentrate on by attaching fingerprint which is unique that depends on the set of neighboring nodes and itself. Every message contains a finger print which sensor node sends.ZKP is used to avoid man in the middle attack and reply attacks from the important cryptographic information in wireless networks.
Wireless Sensor Network (WSN) is a promising field for research. As the use of this field increases, it is
required to give proper security to this field. So to ensure the security of communication of data or messages and to
control the use of data in WSN is of great importance. As sensor networks interact with responsive data and operate
in unfriendly unattended area, from the time of system design these security concerns should be addressed. The paper,
presents a modified Motesec security protocol which is a security mechanism for Wireless sensor network. In this
protocol a hash function based approach is used to detect replay attacks. For data access control key lock matching
method i.e. memory data access control policy is used to prevent unauthorized data access. Encoding and
reconstruction scheme is used to find out attacker. Flooding attack detection by comparing data rate. There is currently
massive research is present in the area of wireless sensor network security..Keywords: GPS,GCM,LBS Android.
Keywords: secure communication architecture, wireless Sensor network security.
An intrusion detection system plays a major role in network security. We
propose a model “DB-OLS: An Approach for IDS” which is a Deviation Based-Outlier
approach for Intrusion detection using Self Organizing Maps. In this model “Self
Organizing Map” approach is to be used for behavior learning and “Outlier mining”
approach, for detecting an intruder by calculating deviation from known user profile.
This model aims to improve the capability of detecting intruders.
Investigation of detection & prevention sinkhole attack in manetijctet
This document discusses sinkhole attacks in mobile ad hoc networks (MANETs) and wireless sensor networks (WSNs). It provides background on sinkhole attacks, where a compromised node advertises a high quality route to attract network traffic. This can disrupt data transmission to the base station. The document reviews several existing detection techniques for sinkhole attacks, including algorithms using hop counting and mobile agents. It then proposes a new lightweight algorithm to detect sinkhole attacks in MANETs using network flow information collected by the base station and analysis of routing patterns to identify the intruder. The algorithm aims to provide secure and efficient sinkhole detection with low overhead.
This document discusses security issues related to wireless sensor networks. It begins with an introduction to wireless sensor networks and an overview of security challenges due to limited sensor node capabilities. It then summarizes common attacks on different layers of wireless sensor networks and discusses security objectives. The document outlines key areas of research on sensor network security including key management, secure time synchronization, and secure routing. It provides details on different key management schemes, time synchronization protocols, and discusses vulnerabilities of existing synchronization schemes to various attacks.
Detection of Various Attacks Using Zero Knowledge Protocol in Wireless Securityijceronline
The security mechanism are not used directly in wireless sensor networks compare to wired networks, there is no user control and insufficient energy resources. In wireless environment, proposing the scheme of detection of distributed sensor cloning attacks and Zero knowledge protocols (ZKP) are used to verifying authenticity of the sender sensor nodes. Cloning attack is concentrate on by attaching fingerprint which is unique that depends on the set of neighboring nodes and itself. Every message contains a finger print which sensor node sends.ZKP is used to avoid man in the middle attack and reply attacks from the important cryptographic information in wireless networks
A HIERARCHICAL INTRUSION DETECTION ARCHITECTURE FOR WIRELESS SENSOR NETWORKSIJNSA Journal
Networks protection against different types of attacks is one of most important posed issue into the network and information security application domains. This problem on Wireless Sensor Networks (WSNs), in attention to their special properties, has more importance. Now, there are some of proposed architectures and guide lines to protect Wireless Sensor Networks (WSNs) against different types of intrusions; but any one of them do not has a comprehensive view to this problem and they are usually designed and implemented in single-purpose; but, the proposed design in this paper tries to has been a comprehensive view to this issue by presenting a complete and comprehensive Intrusion Detection Architecture (IDA). The main contribution of this architecture is its hierarchical structure; i.e., it is designed and applicable, in one or two levels, consistent to the application domain and its required security level. Focus of this paper is on the clustering WSNs, designing and deploying Cluster-based Intrusion Detection System (CIDS) on cluster-heads and Wireless Sensor Network wide level Intrusion Detection System (WSNIDS) on the central server. Suppositions of the WSN and Intrusion Detection Architecture (IDA) are: static and heterogeneous network, hierarchical and clustering structure, clusters' overlapping and using hierarchical routing protocol such as LEACH, but along with minor changes. Finally, the proposed idea has been verified by designing a questionnaire, representing it to some (about 50 people) experts and then, analyzing and evaluating its acquired results.
ENHANCED THREE TIER SECURITY ARCHITECTURE FOR WSN AGAINST MOBILE SINK REPLI...ijwmn
Recent developments on Wireless Sensor Networks have made their application in a wide range
such as military sensing and tracking, health monitoring, traffic monitoring, video surveillance and so on.
Wireless sensor nodes are restricted to computational resources, and are always deployed in a harsh,
unattended or unfriendly environment. Therefore, network security becomes a tough task and it involves
the authorization of admittance to data in a network. The problem of authentication and pair wise key
establishment in sensor networks with mobile sink is still not solved in the mobile sink replication attacks.
In q-composite key pre distribution scheme, a large number of keys are compromised by capturing a
small fraction of sensor nodes by the attacker. The attacker can easily take a control of the entire network
by deploying a replicated mobile sinks. Those mobile sinks which are preloaded with compromised keys
are used authenticate and initiate data communication with sensor node. To determine the above problem
the system adduces the three-tier security framework for authentication and pair wise key establishment
between mobile sinks and sensor nodes. The previous system used the polynomial key pre distribution
scheme for the sensor networks which handles sink mobility and continuous data delivery to the
neighbouring nodes and sinks, but this scheme makes high computational cost and reduces the life time of
sensors. In order to overcome this problem a random pair wise key pre distribution scheme is suggested
and further it helps to improve the network resilience. In addition to this an Identity Based Encryption is
used to encrypt the data and Mutual authentication scheme is proposed for the identification and
isolation of replicated mobile sink from the network.
Similar to An ontology for attacks in wireless sensor networks (20)
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframePrecisely
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
HCL Notes and Domino License Cost Reduction in the World of DLAU
An ontology for attacks in wireless sensor networks
1. INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET EN AUTOMATIQUE
An Ontology for Attacks in Wireless Sensor Networks
Wassim Znaidi, Marine Minier and Jean-Philippe Babau
inria-00333591, version 1 - 24 Oct 2008
N° 6704
Octobre 2008
Thème COM
ISRN INRIA/RR--6704--FR+ENG
ISSN 0249-6399
3. An Ontology for Attacks in Wireless Sensor Networks
Wassim Znaidi, Marine Minier and Jean-Philippe Babau
Thème COM Systèmes communicants
Projet Amazones
Rapport de recherche n° 6704 Octobre 2008 13 pages
inria-00333591, version 1 - 24 Oct 2008
Abstract: Wireless sensor networks (WSNs) have many potential applications. In many scenarios WSNs are
of interest to adversaries and they become susceptible to some types of attacks since they are deployed in open
environments and have limited resources. Many attacks are known against WSNs. Protections exist against
some of them but for the others IDS (Intrusion Detection Mechanism) systems are required. In this report, we
present a new WSN attacks ontology that enable us to identify the intention of the attacker, his capabilities
to achieve the attacks, the target and the end result. This ontology is a high level abstraction that does not
depend on the IDS system used. We also survey known vulnerabilities and attacks in WSNs and present some
defenses.
Key-words: attacks, wireless sensor networks, ontology
Unité de recherche INRIA Rhône-Alpes
655, avenue de l’Europe, 38334 Montbonnot Saint Ismier (France)
Téléphone : +33 4 76 61 52 00 — Télécopie +33 4 76 61 52 52
4. Une ontologie des attaques dans les réseaux de capteurs sans l
Résumé : Les réseaux de capteurs sans l ont beaucoup d'applications potentielles. Dans beaucoup de
scénarios, ces réseaux sont sujets à de nombreuses attaques en raison du déploiement en environnement ouvert
et de leurs ressources limitées. Des mécanismes de protection existent contre quelques unes d'entre elles mais il
est souvent nécessaire d'ajouter à ces systèmes des mécanismes de détection d'intrusion. Dans ce rapport, nous
présentons une nouvelle ontologie d'attaques dans ces réseaux an d'identier l'intention de l'attaquant, ses
capacités à réussir les attaques, la cible et le résultat nal. Cette ontologie est une abstraction de haut niveau
qui ne dépend pas du système d'intrusion utilisé. Nous décrivons également ici les vulnérabilités connues dans
les réseaux de capteurs sans l et nous présentons également un certain nombre de contre-mesures.
Mots-clés : attaques, réseaux de capteurs sans ls, ontologie
inria-00333591, version 1 - 24 Oct 2008
5. Ontology for attacks in WSNs 3
1 Introduction
Advances in wireless communications have enabled the development of low-cost and low-power wireless sensor
networks (WSNs). The characteristics of such WSNs are namely minimal energy, weak computational capabili-
ties, wireless communication and an open-environment nature where sensors are deployed. Due to the intrinsic
nature of those networks, WSNs are vulnerable to many attacks. Some of those attacks can be discarded by
preventive mechanisms but IDS schemes are required to prevent the others. In this paper, we present a new
ontology to categorize attacks in WSNs. This high level ontology does not depend on the IDS system used,
it highlights the link between some actions done in the network and the possible attacks coming from those
observed facts. Moreover, we outline the known attacks on WSNs and relative solutions.
The rest of this paper is organized as follows: in section 2 we dene a new ontology attacks in order to better
classify attacks on sensor networks. In section 3 we focus on attacks and vulnerabilities along with possible
defenses and we show how we can apply the ontology to such attacks.
2 Attacks Ontology
Several attack classications have been proposed in the literature. The main approaches used to describe and
classify attacks are: taxonomies and ontologies. A taxonomy allows us to reason about attacks at a higher
level than a simple list of vulnerabilities and so provides a system classication that helps designer to minimize
inria-00333591, version 1 - 24 Oct 2008
attacks. A good taxonomy [1] must have the following characteristics: accepted, unambiguous, comprehensible,
determinist, mutually exclusive and exhaustive. [19, 8, 14, 22] propose dierent taxonomies to classify attacks.
Then ontologies were proposed to limit the ineciency and the inexpressiveness of attack taxonomies. An
ontology is a structured system of concepts which covers a specic eld and presents the reality in a form of a
model.
2.1 Ontology for Wireless Sensor Network
Here we present our ontology to classify WSN's attacks which was inspired from work in [6]. In their work, the
authors dene a new alerts ontology with abstraction of detectors which means they propose a new model of
the detectors without consider any specic IDS (Intrusion Detection System). This abstraction is done using
the theory of action in philosophy which roughly says that an action is composed of an intention, a movement
and an object. So, we propose to implement these concept for WSN. Using this approach, our attack ontology
(shown in Figure 1-a) is composed by four main classes, intention, movement, target and result. In our ontology,
we do not take into account the nature of the attacker (if it was a raider, a hacker, a vandal, etc) because we
assume that once the malicious node is introduced in the network, it is very dicult to dene his nature and
to distinguish it with a legitimate node.
2.1.1 Intention
Each attack in the network has a plan of action. This plan can be composed by one or many steps which
correspond to the achievement of a goal (the goal can also be viewed as the sum of multiple sub-goals). As
we want to identify the intention of an attacker, we must rst study his attack strategy. This plan can be
organised in three phases: information gathering, exploits and contamination.The information gathering consists
in determination of characteristics and weaknesses of the WSN as the topology discovery, location of the sink,
trac analysis, etc. Once information collected, the attacker try to nd vulnerabilities that can be exploitable
(exploits) as determination of the master/private key, alteration of data packets, etc, and nally once the attack
is set up, the contamination phase presents the inuence on the other parts of the network. Using this study,
we now dene ve dierent intentions for an attack in a WSN :
ˆ Passive eavesdrop, which consists in information gathering on specic or multiple targets.
ˆ Disrupt communication, which consists in preventing data from reaching their destinations and destroying
links between nodes.
ˆ Unfairness, which ensures the exhausting of available resources like bandwidth, energy, battery, etc.
ˆ To be authenticated, which means obtaining a right access to the network services.
RR n° 6704
6. 4 W. Znaidi, M. Minier, J.-P. Babau
(a) The ontology attacks.
inria-00333591, version 1 - 24 Oct 2008
(b) The ontology viewed as a taxonomy.
Figure 1: Ontology attack.
ˆ To be authorized, which means having the ability to grant appropriate access to ressources, for example
obtain keys to decrypt messages.
2.1.2 Movement
The movement describes the way the attacker reaches one/many intentions presented above. We identify four
dierent categories that describe the movements in a wireless sensor networks:
ˆ Technical capabilities, which means the extra technologies available with the malicious entity : for example
an attacker may have a sophisticated wireless radio to receive and transmit over multiple channels. It may
have also more eciency hardware component, higher bandwidth links and better batteries. The attacker
can also use a laptop to apply ecient tamper techniques to extract data from nodes.
ˆ Contributors, which specify if the attack is realized by one or many adversaries. How do these attackers
cooperate together to success the attack ? Are they autonomous or centrally controlled ? Is the attacker
a sample sensor node or a sophisticated device ? A laptop for example ? All this characteristics dier
from one attacker to another.
ˆ Vulnerabilities, which are the weaknesses present in the network due for example to resources constraints
or wicked design.Vulnerabilities can be physical - for example a tamper attack is very easy to launch as
the nodes are deployed in open environment - or logical - designing and implementing vulnerabilities such
as buer overows, bad congurations or resources exhaustions.
ˆ Layer, here we precise which network layer the attack uses to success its intention. The network layers
are physical, link, routing and application.
INRIA
7. Ontology for attacks in WSNs 5
2.1.3 Target
In a WSN, all system resources and network services are targets for the attackers. Targets can be physical, for
example destroy the sensor, damage the radio, remove the batteries, etc. Targets can be logical : internal or
provided services. An attack against an internal service has the goal to damage an intern service of the sensor
node, for example the power management, connection between layers, etc. However provided service concern
services available in the network such as time synchronization, key management, clustering protocols, etc.
2.1.4 Result
An attack is considered successful if the global goal is achieved. But sometimes, the attack can be partially
achieved and not completed. So we can dene three categories to describe the result:
ˆ If the attack was stopped by a preventative mechanism, we can say that we have a passive damage. So
the service oered by the WSN is not damaged.
ˆ If the service is absent in one part of the network (for example in one cluster region), here the attacker
maybe has partial degradation of the WSN duty.
ˆ the most serious problem is when the service is broken for the entire network.
Figure 1-b summarises our ontology presented as a taxonomy for simplication reasons.
inria-00333591, version 1 - 24 Oct 2008
3 Attacks on WSNs and defenses
In the following section, we describe some attacks of WSNs and possible defenses. Attacks described below are
classied using network layers for only simplication reasons. We will also show how we can apply our ontology
described in section 2 to classify those attacks examples.
3.1 Attacks on physical layer
3.1.1 Jamming
In a jamming attack, the adversary tries to transmit signals to the receiving antenna at the same frequency
band or sub-band as the transmitter uses, thus causing radio interference. This attack is mostly used by a
laptop, which holds higher energy, to disrupt continuously the network. It can also be done with a simple
node causing a partial damage which can be also fatal to the WSN (for example random distributed jammed
node). In [29] authors present dierent jamming strategies: constant jamming by emitting continuously a radio
signal, deceptive jamming by injecting regular packets to the channel without any gap between packets, random
jamming where the attacker alternates between sleeping and jamming to save power consumption and reactive
jamming which will transmit only when it senses channel activity and will stay quiet when the channel is idle
[17]. Many solutions have been proposed to defend against these jamming attacks. Typical defenses involve
variations of spread-spectrum communication such as frequency-hopping spread spectrum (FHSS), that consists
in sending data by switching rapidly a carrier sense among many frequency channels, or code spreading. The
FHSS techniques are only used in military applications due to the complexity and to the cost, for example
the MICA 2 mote is the only known sensor which switches eciently between two frequency and every extra
frequency will need extra processing. [29] proposes others solutions against jamming attacks. Nodes can also
try to map out the jammed area by isolating the infected region. Such a protocol was presented in [28]. Another
option is to use channel surng method which is motivated by frequency hopping modulation. The dierence
with FHSS is that channel surng does not involve a continual change of the carrier sense and it operates at the
link layer. According to the ontology, the intention of the jamming attack is to disrupt communication. The
movement is a sophisticated radio as technical capability, one/many node or a laptop as contributors, wireless
communication and known channel as vulnerabilities and it uses the physical layer. The target will be the
communication services and the result is partial/entire degradation of the services in the network.
3.1.2 Tampering
Another possible attack is tampering which involves physical access and capture of nodes. The adversary can
gain full control of these motes and try to extract sensitive information such as secret key shared between
RR n° 6704
8. 6 W. Znaidi, M. Minier, J.-P. Babau
nodes. The tampering attacks can be classied into two classes: invasive attacks, which require access to the
hardware components like chips and which need high-tech and expensive equipment used in semiconductor
manufacturing, and non-invasive which are easiest than invasive and require less times. In [4], the authors had
tried some of those attacks on Telos and Mica2 motes. We can mention attack via JTAC1 such as testing access
port (TAP) which can enable an adversary to take complete control over the sensor node. Other attacks consist
on exploiting the Bootstrap Loader (BSL) which enables writing and reading on the micro controller's memory.
The adversary can also attack the external ash or EEPROM where sometimes valuable data are stored. A
simple way to realize this attack is to eavesdrop on the conductor wires connecting the external memory chip
with the micro controller. Another form of tampering attack can consist in replacing or injecting sensor nodes.
In [5] the authors present new key management protocol that detect the injection of malicious nodes in the
network. There is not a global solution against all these attacks. Standard precautions can be applied like
disabled the JTAG interface or the use a good password for the bootstrap loader. Using the ontology, the
intention of the tampering attack is to be authenticated and to be authorized in the network. The movement
will be, as explained above high-tech material as technical capabilities to extract information, the contributors
are generally laptops, the vulnerabilities are the non protected hardware component of sensors and the open
environment where the nodes are deployed. Then the target is the hardware component of node, for example
the EEPROM or the BSL. The layer used here is the same as the jamming attack, the physical layer. Finally,
the result is, in this case, the entire damage of service in the network.
inria-00333591, version 1 - 24 Oct 2008
3.2 Attacks on Link layer
3.2.1 Collisions
In the collision attack, the adversary sends his own signal when he hears that a legitimate node will transmit
a message in order to make interferences. In theory, causing collisions in only one byte is enough to create a
CRC error and to cripple the message. The advantages of a collision attack compared to a jamming attack
is the short power energy consumed and the diculty to detect it (the only evidence of collisions attacks is
incorrect message). In fact, such an attack can target specially the ACK control message causing an exponential
back-o in some MAC protocol. All countermeasures that can be used against jamming attacks can be applied
to collision attacks. Another solution is to use Error correcting codes [20] which are ecient in situation where
errors occur on a limited number of bytes but this solution presents also an expensive communication overheard
and additional processings. According to the ontology, rst the intention of the collision attack is to exhaust the
battery by using the channel of communication indenitely. Then in the movement class, the attacker does not
really need particular technical capabilities and it can be launched by anyone in the network, the vulnerability
is the data integrity requirement and the layer used is the link layer. The target is general logical and can be at
the same time against internal service like power management and against provided services, for example the
communication service. Finally the result can be partial degradation if the attack is launched in certain region
in the network or total degradation if the attack is applied in multiple precise locations in the network.
3.2.2 Exhaustion
Exhaustion attacks [16] consist in introducing collisions in frames towards the end of transmission and force the
sensor node to retransmit continuously the packets until his death. This attack can be launched using a laptop
or an ordinary sensor node. One way to defend against this attack is to limit the MAC admission control rate
and so the sensor network can ignore excessive requests from the adversary and prevent energy loss. Another
solution is to allow for each sensor node a small slot of time to access to the channel and transmit data, so it
limits the possibility of long use of the MAC channel. The exhaustion attack present the same characteristics
according to the ontology than the collision attack. The only dierence is the vulnerability used where the
exhaustion attack exploits the checksum fault of the transmitted message.
3.2.3 Link layer Jamming
In [17], the authors present a link-layer jamming attack. They mentioned that those jamming attacks are as
eective as constant/deceptive/reactive jamming (explained in the jamming attack) and at the same time more
1 JTAG is an IEEE 1149.1 standard designed to assist electronics engineers in testing their equipment during the development
phase. Among other things, it can be used in current equipment for on-chip debugging, including single stepping through code,
and for reading and writing memory. Many sensor nodes, as MICA2, Telos, ESB, have a JTAG connector on their circuit board
allowing easy access to the micro controllers Test Access Port (TAP).
INRIA
9. Ontology for attacks in WSNs 7
(a) (b) (c) (d)
Figure 2: Attacks on WSN.
energy-ecient than random or reactive jamming. The native idea is to nd data packet and to jam it. But
as they are generated spontaneously, it is very dicult to predict when data packets will arrive and then apply
the attack. The solution proposed is to look at the probability distribution of the interarrival times between
all types of packets. This attack was applied on three MAC protocols: S-MAC, B-MAC and L-MAC. The
S-MAC probability distribution of packet interarrival times presents two separated clusters (denoted cluster1
and cluster2). This clear separation still stands even if we use mobile nodes or dierent data packet lengths.
inria-00333591, version 1 - 24 Oct 2008
The attack exploits this particular phenomena. In fact if we have, for every cluster2 interarrival time, c cluster1
interarrival times, then right after observing a cluster2 interarrival time, we should expect c cluster1 interarrival
times. So here the jamming attack becomes possible if we have an exact prediction model of packets arrival.
The same idea could be applied to L-MAC protocol but the technique diers as it presents dierent probability
distributions of packets interarrival times. Concerning B-MAC protocol, it is not possible to use the clusters
idea as B-MAC use a periodic cycles only for listening and not for sending. The attack proposed in [17] against
B-MAC rst nds out the preamble check interval that the victim nodes are using and so has the possibility
to launch jamming attacks. Moreover, the attack can take advantage of periodic listening to save energy. To
prevent networks from this link layer jamming attack, some countermeasures are given. For S-MAC, the solution
is to prevent clustering based analysis from being feasible. This can be done by narrowing the distance between
the two clusters. In the case of L-MAC, a partial solution is to make the estimation of the clusters more dicult
by changing the slot sizes (used for packet transmission) pseudorandomly as a function of time. For example a
sensor node changes its packet slot size every second by picking a random value from a range. For the B-MAC,
the only solution is to shorten the preamble in order to make its detection harder (the minimum value known
is 10 ms). This link layer jamming attack was also studied on others slot-based MAC protocols (T-MAC [25],
D-MAC [21]), frame-based protocols (PACT, Arisha [2], BMA [18], etc) and random access-based protocols
(PCM [15], WiseMAC [10], etc). Using the ontology, here the intention is to disrupt communication. Moreover,
it needs a very sophisticated radio to analyse the trac and can be launched by one/many nodes or a laptop
device. This attack exploits the propriety of data packets interarrival time at link layer level. The target of such
attack is the communication services and the result is (like in the above attacks) a partial or total degradation
of services in the network (depending on the region where the attacks is launched).
3.3 Attacks on Routing layer
3.3.1 Selective forwarding
In a selective forwarding attack [16], the malicious node forwards most messages and selectively drops, which
means throwing away some of the data. One example of such attack is the black hole attack where the attacker
chooses to drop all messages. The more the malicious node is closer to the base station, the more the attack is
ecient (more trac will pass through it). One way to mitigate this type of attack is to use multipath routing
[11] in combination with random selection of paths to destination. These defenses lessen the probability that
a message will encounter an adversary along all routes. Another solution is to use monitor nodes that ensure
that their neighbors forward the messages. The use of watchdog can help this supervision. The intention of
this attack is to alter data and loses a part of information (so it is a part of the unfairness category). Here the
attack does not require any technical capabilities and can be executed by every node that participates in the
routing mechanism. The vulnerability is that the message is not encrypted and anyone can read information in
the packets. So it's clear that it use the routing layer. The target is generally the sink but can also be a sample
RR n° 6704
10. 8 W. Znaidi, M. Minier, J.-P. Babau
destination node. The result will be a total broken of all service oered by the network (for example wrong
environmental alert) if we assume that all packets are altered.
3.3.2 Sinkhole
In the sinkhole attack [16], the malicious node tries to draw in all possible trac. This is done by making the
attacker very attractive to the surrounding nodes with respect to the routing metric (example higher power
transmission). Then the surrounding nodes will choose the sinkhole node to route their data. For example, the
Figure 2d shows the malicious node (black node) reacts like a sink and attracts all the trac. One approach to
avoid sinkholes is to use routing protocols [16] that verify the bidirectional reliability of a route with end-to-end
acknowledgements which contain latency and quality information. The sinkhole attack's intention is to create
a false sink and then create a false topology. It uses higher ressources to convince other nodes of its superiority.
It is launched generally by a laptop or a PDA and it exploits the non authentication of links and identities. It
is done at the routing layer level. The targets are all services provided by the network and the result is that
information does not reach the base station, so it is a partial/total damage of the WSNs.
3.3.3 Sybil
In a Sybil attack [23] the malicious node assumes multiple identities. The goal is to ll a neighbouring node's
memory with useless from non existing neighbours. For example, as some routing protocols use redundancy
inria-00333591, version 1 - 24 Oct 2008
detection to eliminate sensor nodes, if a Sybil node assumes the identities of ten nodes, it can remove all this
real neighbour nodes from neighbour tables of all nodes within its radio range. It can even remove the sink if
the attacker presents a higher transmission's quality. In Figure 2b the malicious node forges and broadcasts the
identities of nodes A, B, C and D for all its neighbors. As the identity fraud is the core of the Sybil attack,
authentication is the key prevention against this attack, for example the SPIN algorithm [24] can be used.
[9] shows that without a centralized authority, a Sybil attack is always possible. According to the ontology,
the intention of the Sybil attack is included in the unfairness category by forging the identities of many nodes
and so create information redundancy. This attack does not need any special technical capability and can be
launched by one node or a laptop device. It uses the routing layer and exploits the non-authentication of node's
identities. The target of such attack is always the provided services like data aggregation, voting, etc. The
result of such attack can be partial or entire degradation of the network's service, depending on the location of
the launch of the attack.
3.3.4 Hello ood
Many routing algorithms use hello packets to discover routes. In the hello ood attack [16], the attacker tries
to convince all nodes to choose it as a parent using a powerful radio transmitter to bomb whole network with
hello message announcing false neighbor status. So legitimate nodes will attempt transmission to the attacking
node, despite many are out of range. If the attacker has the same reception capabilities, one way to avoid the
hello ood attacks is to verify the bi-directionality of local links [16]. If not, authentication is a solution for
nodes to verify the identity of theirs neighbors. Here, according to the ontology, the hello ood attack presents
the same characteristics as the Sybil attack, but this attack needs a sophisticated radio to better diuse the
hello packets in the whole network.
3.3.5 Routing cycles
This attack [16] consists in making a path cycle between the source and the destination node. So the data
message will go around in circles (gure 2c), possibly forever. This attack is simple to detect even by using
tree-path routing protocols or using a hop count limit for forwarded packets. This attack presents also the same
characteristics as the sinkhole attack but here the attack needs more than one attacker to create loops in the
routing mechanism.
3.3.6 Wormhole
A wormhole attack [16] is a low-latency link between two nodes in the network which can be exploited by an
attacker to apply other kind of attacks. This attack can be launched using an out-of-band or high-bandwidth
channel between two malicious nodes, for example a direct wired link or a long-range directional wireless link.
Figure 2a shows a situation where a wormhole attack takes place. We can also apply this type of attacks using
INRIA
11. Ontology for attacks in WSNs 9
a singular malicious node where the attacker relays packets between two distant legitimate nodes to convince
them that they are neighbors. Many defenses are given to prevent the wormhole attack as the use of packet
leaches [13], MAD protocol [7], directional antennas [12], multi-dimensional scaling algorithm [26] and the use of
Local Neighborhood Information [30]. Here the intention of the wormhole attack can be a passive eavesdrop of
data, false topology creation or to be authenticated. It requires a very sophisticated radio or a cable to establish
the long channel communication. It can be launched by at least two nodes or laptops at the routing layer. The
targets are logical and the wormhole attack attempts to damage all services available in the network. the result
is the same as the sinkhole attack.
inria-00333591, version 1 - 24 Oct 2008
RR n° 6704
12. inria-00333591, version 1 - 24 Oct 2008
10
Table 1: Summary of the ontology applied to WSN's attacks
Attack Ontology Attacks
Intention Movement Target* Result
Tech. Cap. Contri. Vul. Layer
Jamming disrupt communication radio One/many, pc Logical physical lps Degra./broken
Tampering Unfairness hitech pc hardware physical physical Degra./broken
to be authenticated
to be authorized
Collision Unfairness - one/many, pc logical link lis, lps Degra./broken
Exhaustion Unfairness - one/many, pc logical link lps, lis Degra./broken
Link layer jamming disrupt communication Radio one/many, pc logical link lps Degra./broken
Selective forwarding Unfairness - one/many, pc logical routing lps Degra./broken
Sinkhole Unfairness - one/many, pc logical routing lps Degra./broken
Sybil Unfairness - one/many, pc logical routing lps Degra./broken
Hello ood Unfairness radio one/many, pc logical routing lps Degra./broken
Routing cycles Unfairness - one/many, pc logical routing lps Degra./broken
Wormhole Unfairness - one/many, pc logical routing lps Passive/degra./broken
to be authenticated
to be authorized
Flooding Unfairness battery one/many, pc logical application lis Degra./broken
Desynchronisation disrupt communication - one/many, pc logical application lis Degra./broken
*Target : lps = logical-provided services, lis = logical-internal services
INRIA
W. Znaidi, M. Minier, J.-P. Babau
13. Ontology for attacks in WSNs 11
3.4 Attacks on Application layer
3.4.1 Flooding
In this attack [27], the adversary tries to exhaust the memory and energy of a sensor node, which needs to
maintain states at either end of connection, through ooding. The adversary will send successively requests to
establish connection with a node until its death. This attack is similar to the TCP SYN attack where a node
opens a large number of connections with another node to exhaust its resources. This attack can be realized
with a simple sensor node or a laptop. The proposed solution to resist to this attack is the use of client puzzle.
A connection will be only accepted after resolving a puzzle proposed by a server [3]. In general, puzzles are
computationally expensive and hence serve as a deterrent to limit the rate request of the attacker. According
the our ontology, the intention of such attack is to exhaust the limited ressources of nodes. It does not need
any special materials but it needs a good battery. It can be launched by one/many nodes or a laptop and uses
the application layers. The vulnerabilities used here is that there is no constraint on using network ressources
or the authorization on modifying data packets. The target is the internal services of nodes such processing
cycles and the result can be partial or total damages depends on the location of the attacks in the network.
3.4.2 Desynchronisation
This attack [27] consists on disrupting the existing connections among two nodes by resynchronizing their
transmission. One way to apply this attack is to send repeatedly forged messages to the two nodes of the
inria-00333591, version 1 - 24 Oct 2008
communicating parties with various fault ags like sequence and so to oblige them to go out of synchronisation.
A simple defense consists in using an authentication mechanism to control the identity and the integrity of
packets. The intention of such attack is to disrupt communication established between two legitimates nodes.
It does not require special technical capabilities and also uses the application layer. The vulnerability that is
exploited here is that sometimes we needs a radio synchronisation to communicate in the network. The target
is internal services which are the requirement of synchronization in the appropriate layer. Finally the result
consist in, as the ooding attack, a partial or total broken of network's services.
4 Conclusion
The paper presents a representative list of possible attacks and the associated defenses in a WSNs using a new
ontology denition, summarized in table 1. We are now working on implementing this ontology, to enable an
easier detection of such attacks in real cases if it is associated with an IDS system. The next step of our work
is to validate the ontology by simulations and experiments on WSN.
References
[1] Edward G. Amoroso. Fundamentals of computer security technology. Prentice-Hall, Inc., Upper Saddle
River, NJ, USA, 1994.
[2] K. Arisha, M. Youssef, and M. Younis. Energy-aware tdma based mac for sensor networks, 2002.
[3] Tuomas Aura, Pekka Nikander, and Jussipekka Leiwo. DOS-resistant authentication with client puzzles.
Lecture Notes in Computer Science, 2133:170+, 2001.
[4] A. Becher, Z. Benenson, and M. Dornseif. Tampering with motes: Real-world physical attacks on wireless
sensor networks, 2006.
[5] Chakib Bekara and Maryline Laurent-Maknavicius. A new protocol for securing wireless sensor networks
against nodes replication attacks. Wireless and Mobile Computing, Networking and Communications.
WiMOB 2007. Third IEEE International Conference on, pages 5959, 8-10 Oct. 2007.
[6] Fatiha Benali, Véronique Legrand, and Stéphane Ubéda. An ontology for the management of heteregenous
alerts of information system. In The 2007 International Conference on Security and Management (SAM'07),
Las Vegas, USA, June 2007.
[7] Srdjan Capkun, Levente Buttyán, and Jean-Pierre Hubaux. Sector: secure tracking of node encounters in
multi-hop wireless networks. In SASN, pages 2132, 2003.
RR n° 6704
14. 12 W. Znaidi, M. Minier, J.-P. Babau
[8] Frederick B. Cohen. Information system attacks: A preliminary classication scheme. In Computers and
Security, pages 2946, 1997.
[9] J. Douceur. The sybil attack, 2002.
[10] A. El-Hoiydi, J.-D. Decotignie, C. Enz, and E. Le Roux. Poster abstract: wisemac, an ultra low power
mac protocol for the wisenet wireless sensor network. In SenSys '03: Proceedings of the 1st international
conference on Embedded networked sensor systems, pages 302303, New York, NY, USA, 2003. ACM.
[11] D. Ganesan, R. Govindan, S. Shenker, and D. Estrin. Highly-resilient, energy-ecient multipath routing
in wireless sensor networks, 2001.
[12] Lingxuan Hu and David Evans. Using directional antennas to prevent wormhole attacks. In NDSS, 2004.
[13] Yih-Chun Hu, Adrian Perrig, and David B. Johnson. Packet leashes: A defense against wormhole attacks
in wireless networks. In INFOCOM, 2003.
[14] David Icove, Karl Seger, and William R. VonStorch. Computer crime: a crimeghter's handbook. O'Reilly
Associates, Inc., Sebastopol, CA, USA, 1995.
[15] E. Jung and N. Vaidya. A power control mac protocol for ad-hoc networks, 2002.
inria-00333591, version 1 - 24 Oct 2008
[16] Chris Karlof and David Wagner. Secure routing in wireless sensor networks: Attacks and countermeasures.
Elsevier's AdHoc Networks Journal, Special Issue on Sensor Network Applications and Protocols, 1(2
3):293315, September 2003.
[17] Yee Wei Law, Lodewijk van Hoesel, Jeroen Doumen, Pieter Hartel, and Paul Havinga. Energy-ecient
link-layer jamming attacks against wireless sensor network mac protocols. In SASN '05: Proceedings of the
3rd ACM workshop on Security of ad hoc and sensor networks, pages 7688, New York, NY, USA, 2005.
ACM.
[18] Jing Li and Georgios Y. Lazarou. A bit-map-assisted energy-ecient mac scheme for wireless sensor
networks. In IPSN '04: Proceedings of the third international symposium on Information processing in
sensor networks, pages 5560, New York, NY, USA, 2004. ACM.
[19] Ulf Lindqvist and Erland Jonsson. How to systematically classify computer security intrusions. In SP '97:
Proceedings of the 1997 IEEE Symposium on Security and Privacy, page 154, Washington, DC, USA, 1997.
IEEE Computer Society.
[20] Hang Liu, Hairuo Ma, Magda El Zarki, and Sanjay Gupta. Error control schemes for networks: An
overview. Mobile Networks and Applications, 2(2):167182, 1997.
[21] G. Lu, B. Krishnamachari, and C. Raghavendra. An adaptive energy-ecient and low-latency mac for data
gathering in sensor networks, 2004.
[22] Peter G. Neumann. Computer related risks. ACM Press/Addison-Wesley Publishing Co., New York, NY,
USA, 1995.
[23] James Newsome, Elaine Shi, Dawn Song, and Adrian Perrig. The sybil attack in sensor networks: analysis
defenses. In IPSN '04: Proceedings of the third international symposium on Information processing in
sensor networks, pages 259268, New York, NY, USA, 2004. ACM.
[24] Adrian Perrig, Robert Szewczyk, Victor Wen, David E. Culler, and J. D. Tygar. SPINS: security protocols
for sensor netowrks. In Mobile Computing and Networking, pages 189199, 2001.
[25] Tijs van Dam and Koen Langendoen. An adaptive energy-ecient mac protocol for wireless sensor networks.
In SenSys '03: Proceedings of the 1st international conference on Embedded networked sensor systems, pages
171180, New York, NY, USA, 2003. ACM.
[26] Weichao Wang and Bharat K. Bhargava. Visualization of wormholes in sensor networks. In Workshop on
Wireless Security, pages 5160, 2004.
[27] A.D. Wood and J.A. Stankovic. Denial of service in sensor networks. Computer, 35(10):5462, Oct 2002.
INRIA
15. Ontology for attacks in WSNs 13
[28] A.D. Wood, J.A. Stankovic, and S.H. Son. Jam: a jammed-area mapping service for sensor networks.
Real-Time Systems Symposium, 2003. RTSS 2003. 24th IEEE, pages 286297, 3-5 Dec. 2003.
[29] Wenyuan Xu, Ke Ma, W. Trappe, and Yanyong Zhang. Jamming sensor networks: attack and defense
strategies. Network, IEEE, 20(3):4147, May-June 2006.
[30] Wassim Znaidi, Marine Minier, and Jean-Philippe BABAU. Detecting wormhole attacks in wireless net-
works using local neighborhood information. In In IEEE International Symposium on Personal, Indoor
and Mobile Radio Communications, Cannes, French Riviera, France, September 2008.
inria-00333591, version 1 - 24 Oct 2008
RR n° 6704
16. inria-00333591, version 1 - 24 Oct 2008
Unité de recherche INRIA Rhône-Alpes
655, avenue de l’Europe - 38334 Montbonnot Saint-Ismier (France)
Unité de recherche INRIA Futurs : Parc Club Orsay Université - ZAC des Vignes
4, rue Jacques Monod - 91893 ORSAY Cedex (France)
Unité de recherche INRIA Lorraine : LORIA, Technopôle de Nancy-Brabois - Campus scientifique
615, rue du Jardin Botanique - BP 101 - 54602 Villers-lès-Nancy Cedex (France)
Unité de recherche INRIA Rennes : IRISA, Campus universitaire de Beaulieu - 35042 Rennes Cedex (France)
Unité de recherche INRIA Rocquencourt : Domaine de Voluceau - Rocquencourt - BP 105 - 78153 Le Chesnay Cedex (France)
Unité de recherche INRIA Sophia Antipolis : 2004, route des Lucioles - BP 93 - 06902 Sophia Antipolis Cedex (France)
Éditeur
INRIA - Domaine de Voluceau - Rocquencourt, BP 105 - 78153 Le Chesnay Cedex (France)
http://www.inria.fr
ISSN 0249-6399