Reinforcement Swap Attack against Directed Diffusion in Wireless Sensor Networks
Автор: Ibrahim S. I. Abuhaiba, Huda B. Hubboub
Журнал: International Journal of Computer Network and Information Security(IJCNIS) @ijcnis
Статья в выпуске: 3 vol.5, 2013 года.
Бесплатный доступ
In this paper, we introduce a new attack, Reinforcement Swap Attack, against Directed Diffusion based WSNs, which exploits the vulnerabilities of Directed Diffusion specifications. Its main idea is the disruption of configuration information, such as routing information to misuse route establishment along the network. Our approach is to swap Directed Diffusion reinforcement rule which means that the good route is excluded and the bad route is included. Moreover, our attack is activated and deactivated periodically to prolong its lifetime and hence brings down the target network. For the proposed attack, we present analysis, simulation, and experimental measurements. We show that the system achieves maximal damage on system performance represented by many metrics.
Wireless sensor network, denial of service attack, directed diffusion, on-off attack
Короткий адрес: https://sciup.org/15011169
IDR: 15011169
Текст научной статьи Reinforcement Swap Attack against Directed Diffusion in Wireless Sensor Networks
Published Online March 2013 in MECS
A typical wireless sensor network is expected to give a certain data that the user is actively enquiring about after some amount of time. Many attack schemes tend to stop the proper performance of sensor networks to delay or even prevent the delivery of data requested by the user. Despite the fact that the term attack usually refers to an adversary’s attempt to disrupt, undermine, or destroy a network, a Denial-of-Service (DoS) attack refers to any event that diminishes or eliminates a network’s ability to perform its expected function [1]. Such a technique may be helpful in specific applications such as utilizing the best of these attacks to find the weak tips of presented protocols at different layers. These attacks consequently would expose weaknesses that lead to effective countermeasures. Understanding these vulnerabilities can develop techniques for identifying attacks that attempt to take advantage of them and implement mechanisms to mitigate these attacks. In other more serious applications, there are situations where network blocking is necessary to protect public safety. For example, in hostile environments disabling the communication capabilities of the enemy represents a high priority. Another example is to prevent cell phone detonation of bombs. Furthermore, denial of service attack can be used in legitimate scenarios to achieve such purpose at different layers of the protocol. However, we chose to exploit the routing layer which represents one of the famous techniques widely used for this.
Several schemes have been proposed for routing in WSNs that leverage on sensor network specific characteristics such as application requirements. Directed Diffusion (DD) [2] is one example of a generic scheme for managing the data communication requirements and thus routing in WSNs. As a sensory network protocol, Directed Diffusion is subject to many threats and risks. However, in what follows we are interested in identifying the vulnerabilities of DD due to its infrastructure architectural design (for example, its special control signals).
Although a large body of literatures dealt with Directed Diffusion vulnerabilities, the vast majority of such work was devoted to theoretically discuss DD security and the possible attack threats with no implementations of these attacks as it was the case in [3] and [4] where both papers investigate different misuse actions manipulated to attack AODV and TORA, respectively, to achieve certain attack objectives.
In [5], security in wireless sensor networks has been proposed; the authors present general classes of attacks, and analyze the security of nearly all the currently documented sensor routing protocols including DD. However, this work may be considered as an argument of DD security rather than a real simulation of an attack on DD based sensory network.
Similarly in [6], taxonomy of possible threats to DD is viewed. Some of these attacks are cloning attack, flow suppression, path influence, selective forwarding, and node inclusion/exclusion.
In [7], Kalambour addresses some of the security issues for routing in sensor networks by taking an example of the Directed Diffusion protocol for analysis of the attacks and general possible countermeasures. He classified the possible attacks on Directed Diffusion protocol under three categories: (1) denial of service attacks that have two forms to achieve either by jamming or spoofing negative reinforcement, (2) modification and spoofing of routing information in which the attacker sends spoofed events at a high data rate to the sink node or base station in order to successfully being able to include itself in the path of the base station and observes all packets sent to the base station, and (3) dropping or selective forwarding of data.
Список литературы Reinforcement Swap Attack against Directed Diffusion in Wireless Sensor Networks
- A. D. Wood, J. A Stankovic, "Denial of Service in Sensor Networks," IEEE Computer, vol. 35, no. 10, October 2002, pp. 54-62.
- C. Intanagonwiwat, R. Govindan, D. Estrin, "Directed diffusion: A scalable and robust communication paradigm for sensor networks," in Proc. 6th Annual ACM/IEEE MobiCom'00, Boston, MA, August 2000.
- P. Ning, K. Sun, "How to Misuse AODV: A Case Study of Insider Attacks against Mobile Ad-hoc Routing Protocols," Ad Hoc Networks, vol. 3, no. 6, pp. 795-819, Nov. 2005.
- VL Chee, WC Yau ,"Security analysis of TORA routing protocol," in Springer, vol. 4706, pp.975-986, August 2007.
- C. Karlof, D. Wagner, "Secure routing in wireless sensor networks: Attacks and countermeasures," In Proc. of the 1st IEEE International Workshop on Sensor Network Protocols and Applications, Anchorage, AK, May 11, 2003.
- V. R. Kumar, J. Thomas, A. Abraham, "Secure Directed Diffusion Routing Protocol for Sensor Networks using the LEAP Protocol," NATO Security through Science Series - D: Information and Communication Security, vol. 6, pp. 183-203, 2006.
- A. Kalambur, "Secure Routing in Wireless Sensor Networks: A study on Directed Diffusion," Available: http:// ww.cs.sjsu.edu
- S. Moon, T. Cho, "Intrusion Detection Scheme against Sinkhole Attacks in Directed Diffusion Based Sensor Networks," IJCSNS International Journal of Computer Science and Network Security, vol. 9, no.7, pp. 118-122, Jul. 2009.
- J. Kim, P. Bentley, C. Wallenta, M. Ahmed, S. Hailes, "Danger Is Ubiquitous: Detecting Malicious Activities in Sensor Networks Using the Dendritic Cell Algorithm," Proc. of 5th International Conference on Artificial Immune Systems, Oeiras, Portugal, (ICARIS), pp. 390–403, 2006.
- Ibrahim S. I. Abuhaiba, Huda B. Hubboub, "Swarm Flooding Attack against Directed Diffusion in Wireless Sensor Networks," International Journal of Computer Network and Information Security (IJCNIS), Vol. 4, No. 12, pp. 18-30, 2012.
- A. Ferrante, R. Pompei, A. Stulova, A. V. Taddeo, "A protocol for pervasive distributed computing reliability," In the Proc. of the 4th IEEE International Conference on Wireless and Mobile Computing, Networking and Communication, Avignon, France, (WiMob 2008) , Oct. 2008, pp. 574–579
- K. Fall, K. Varadhan, "Editors ns Notes and Documentation," The VINT Project, UC Berkeley, LBL, USC/ISI, and Xerox PARC, Nov. 1997. Available: http://www-mash.cs.berkeley.edu/ns
- K. Fall, K. Varadhan, "The ns Manual (formerly ns notes and documentation), the VINT project, July 2003.
- A. Pathan, H. Lee, C. Hong, "Security in Wireless Sensor Networks: Issues and Challenges," In Proc. of 8th Advanced Communication Technology 2006, Phoenix Park, Republic of Korea, (IEEE ICACT), vol. 2, no. 6, Feb. 2006, pp. 1048-1054.
