Review on detection of sinkhole attack in
wireless sensor network
Diksha mehta
CSE dept. (U.I.E.T) M.D.U Rohtak, India [email protected]
Dr. Yudhvir Singh (Professor), Dr. Vikas Shiwach (Assistant Professor) , Mr. Harikesh Sherawat (Assistant Professor)
CSE Dept. (U.I.E.T) M.D University, Rohtak, India.
Abstract-A Wireless Sensor Network (WSNs) is a collection of number of sensor nodes which are left neglected in an unsecured environment. Sensor node work and communicate together to attain goals. Wireless Sensor Network is resource restricted. These resources can be computational power, storage (memory) capacity, power etc. Because of the unattended environment the Wireless Sensor Network (WSNs) aren’t protected to discrete type of security attacks. Sinkhole attack is one of the security attacks which try to disturb the communication in wireless sensor network. In sinkhole attack the intruder try to lure network traffic towards the false (compromised) node, so that sensor nodes will pass data packets through this compromised node and can manipulate the messages sensor nodes are sending to the base station (BS). In this paper we will be discussing different types of security attacks and the related work done in detecting and analyzing sinkhole attack.
Keywords—sinkhole attack , wireless sensor network , AODV.
I. INTRODUCTION
Wireless sensor network: WSNs is a combination of hundreds of thousands of small nodes known as sensor nodes. These sensor nodes works together to attain some goals. The work of sensor nodes is to send messages (data) or information to the base station. Base station is the destination node [1]. Fig 1 shows the component of a sensor node. ADC’s and sensors are composed in sensing unit. A small memory unit called the processing unit manages the task how sensor nodes communicate with other sensor node. Nodes communicate through transceiver unit. Power unit is the most important part of sensor node which provides the network with needed power.[2]
Fig.1. Components of sensor unit
A. Applications of wireless sensor network • Intrusion detection
• Monitoring weather
• Security and tactical surveillance • Disaster management
• Inventory control • Medical diagnostics • Military surveillance • Environment surveillance B. Features
II. Attacks on wireless sensor network (WSNs)
In WSN’s the sensor nodes are placed in an unattended environment, because of which WSN is likely to be attacked. There are different types of security attacks such as:
A. Tampering: It is the consequence of physical access by an attacker in the node; the intention is to retrieve cryptographic details like the keys used for encryption and decryption [3].
B. Selective forwarding: In this attack, compromised nodes may refuse to pass on some messages and straightforwardly drop them [3].
C. Sybil attack: Intruder can make use of identities of others nodes in order to capture necessary information [3].
D. Sinkhole attack: In sinkhole attack, compromised node tries to attract data packets [3].
E. Wormhole attack: Intruders here are tactically placed at ends of the network. They receive information and sends back information in different nodes via a tunnel [3].
F. Blackhole attack: Its only goal is to pass nothing and then making a black hole in the network [3]. III. Sinkhole attack
Wireless sensor network is unprotected from different type of attacks, an example of this is sinkhole attack. This attack is caused by captivating the maximum traffic possible. Based on routing protocols malicious node tries to captivate traffic from the neighbourhood. Malicious node when succeeds in regulating the traffic, throws the attack in the network. Because of the many to one pattern in WSN where each and every node sends data to BS, makes Wireless sensor network more vulnerable to sinkhole attack [4]. Fig 2 is an example of sinkhole attack where the sinkhole node tries to attain network traffic by sending false information to the neighbour node and then changes the content of the information and pass it to the base station. Sinkhole node prevents base station to get access to complete information.
Fig.2. sinkhole attack in WSN
A. Sinkhole attack in MintRoute routing protocol
Fig.3. sinkhole attack in mintroute protocol
B. Sinkhole attack in AODV (ad-hoc on demand distance vector routing protocol)
AODV works by sending route request messages to sensor nodes and by receiving route reply messages from the sensor node. Source and destination address and sequence number are contained in the rreq and rrep. Route is created when one sensor node sends an rreq message to another sensor node and the other sensor node reply with an rrep message.
Sinkhole attack: Route request packet is generated when a node sequence no is extended by 1. More the sequence number more will be the freshness of message. The malicious node tries to obtain the sequence number of other nodes. The goal of the attacker is to modify these sequence number. After attacker succeeds, it modifies the sequence number. Since the ID of attacker is not unique it generates a fake route request data packet. Other nodes in the sensor network receiving bogus route see greater sequence number and sends information to the node [6]. Fig. 4. Shows sinkhole attack in AODV.
Fig.4. sinkhole attack in AODV
IV. Related works
Udaya Suriya Rajkumar [7] stated LBIDS (Leader Based Intrusion Detection System), to protect & discover sinkhole attacks in WSN This LBIDS contained three algorithms. These were:
a. Leader election algorithm.
b. Algorithm that could avoid fake nodes. c. Check ID’s Algorithm.
For this a leader is elected areawise, that elected leader compares and manipulates performance of every single node in that area and disintegrates the sinkhole attack. When a malicious node comes in the network, the leader informs other leaders in the WSN and then they all break connection with that malicious node.
D. Sheela [8] proposed another mobile agent based routing algorithm to avoid sinkhole attacks for WSN. A mobile agent goes through every single node in the network either timely or when needed. These agents alarm every single node of the complete network so that no genuine node would answer to any fake nodes available in the network. This algorithm uses a very small power and need not decode or encode for recognizing sinkhole attack.
pack, when a signal is to be transferred to base station, a network packet is directly sent to the base station. Then information is transferred in chunks of data from node to node in a store and forward method to the base station. This information is compared with the genuine information and if any difference or manipulation is found, then base station signals defect in the route of station. This method was tested in MAT lab.
Tejinderdeep Singh and Harpreet Kaur Arora [10] stated another method that found sinkhole attacks using (AODV) Ad-hoc On Demand Distance Vector routing protocol. This method contains following steps:
a. A request message for confirming sequence number is sent by the node sending information rreq. b. Nodes send back its sequence no with rrep.
c. If any difference in sequence number is found, the defected node will be thrown out of the network. If Sequence number matches, it will allow information sharing.
S.Sharmila and Dr G Umamaheswari [11] proposed another method for detecting sinkholes using message ingest. One way hash chains are used for detecting the sinkhole. In this method attack is found if digest received from reliable route and through reliable node are different. This method will also detect honesty of data. This method also tackles nodes that save the real attacker. This method was tested in MAT lab simulation. Ahmad Salehi S [12] stated a light weight method to detect WSN sinkhole attack. This algorithm contains two steps:
a. It makes a list of devastated nodes by studying the uniformity in data.
b. The attacker is identified by inspecting information flowing through the network.
Multiple compromised nodes can be detected easily by this node that hides the real attacker. The performance of this method can be evaluated using numerical analysis.
Murad A. Rassam [13] stated a method that could find sinkhole attack using fuzzy rules in MintRoute WSNs. This method has power to detect sinkhole in small scale WSN’s. Firstly a detection scheme is spread out in every node to observe whole network that guarantees high detection system. Then the defect is detected by getting ID of distrusted node that causes link break ups with all nodes by advertising the suspected node’s ID. Changlong Chen, Min Song, and George Hsieh [14] presented a method for detecting sinkhole attack. The scheme is applicable only to large scale wireless sensor networks. The problem is solved as change point detection issue. The method observes CPU usage and record regularity of CPU usage. This method is capable of differentiating compromised node and original node. For checking the goodness of algorithm extensive simulations are used. The paper surveyed different features and challenges of WSNs in building up the detection procedure. GRSh based algorithm are used for detection. Base station computes the remainder of CPU usage by observing the CPU utility of nodes in definite time periods. Base station is able to find out compromised node by equating the difference with given threshold value. Simulations and network analyses are used to check algorithm. Performance of algorithm states that compromised node can be detected in less time with less rate of false positive.
Rajeshwar L.Balla and Venugopal Kotoju [15] suggested performance criteria depending upon packet loss, throughput, end to end delay and packet delivery ratio (PDR). NS2 is used for carrying out simulation. Performance is carried out by comparing the results of packet delivery ratio, throughput, end to end delay and packet loss with and without the use of AODV protocol. Performance of AODV disintegrates for large number of sensor nodes which are in attack mode. When node vary between 10 to 50, AODV is better as compare to sinkhole AODV. PDR disintegrates because of sinkhole attack.
George W. Kibirige and Camilius Sanga [16] emphasis on earlier solutions used to prevent sinkhole attack. Based upon the investigation of merits and demerits of existing solution proposed solution is build up. Different researcher gives different solutions for detecting sinkhole attack in wireless sensor networks. Some uses rule based approach, some uses key management, while some uses IDS (intrusion detection scheme). A low number of researchers, for their real WSNs manage to apply their security system. Future of this approach will aim on reducing computational power and network overhead.
Soo Young Moon and Tae Ho Cho [17] show the how directed diffusion is unprotected from sinkhole attack. For finding and preventing sinkhole attack they proposed fuzzy logic and IDS in sensor networks. In this intruder mould route reinforcement data and transfer them in order to allure network traffic. False report attack, denial of service and selective forwarding, the intruder tries on the network. The attack can be examined to occur or not by observing path reinforcement and sensor node. For preventing sinkhole attacks in the network, small number of master nodes observe the task and sends message periodically. The message includes path reinforcement transferred in that area divided by sensor nodes. The idea achieves both less FPR and less FNR, by simulation. Future work is to enhance the system.
Cryptographic method is used where it is difficult for the sensor node to subvert. Rile based method is served where fresh nodes are not taken after first step. Future work will be to remove sinkhole and devices such as mobile and laptops are not specialized.
Khushboo Tunwal, Rakhi Khandelwal, Divya Acharya and priyanka singh dabi [19] the aim is to study routing attacks. The most dangerous threat in WSN is the sinkhole attack. Sinkhole attack breaks the entire network communication and results in data failure. Prevention techniques are introduced in the paper to overcome sinkhole attack. Different approaches are used such as Network Flow Information and Multiple malicious approach, hop-count monitoring approach, RSSI based schemes etc. In the paper many kinds of detection schemes are summed up. In future these approaches are enhanced for better use.
Conclusion and future work
Wireless sensor network have many characteristics that make them very vulnerable to destructive attacks in open environment. A wireless channel is open to everyone with a radio interface configured at the same frequency, anyone can participate in communication. This provides an appropriate way for intruders to break into WSNs. In this paper we have introduced the impact of sinkhole attack. In future we will introduce the concept how sinkhole attacks can be detected and controlled.
References
[1] Kibirige, G. W., & Sanga, C. (2015). A Survey on Detection of Sinkhole Attack in Wireless Sensor Network. arXiv preprint arXiv:1505.01941.
[2] Fulara, Y. K. (2015). Some aspects of wireless sensor networks. Int. J. AdHoc Netw. Syst, 5(1), 15-24.
[3] Tunwal, K., Khandelwal, R., Acharya, D., & Dabi, P. S. A Survey of Sinkhole-Based Attack and Detection Techniques in WSN. [4] Soni, V., Modi, P., & Chaudhri, V. (2013). Detecting Sinkhole attack in wireless sensor network. International Journal of Application
or Innovation in Engineering & Management, 2(2), 29-32.
[5] Krontiris, I., Giannetsos, T., & Dimitriou, T. (2008, October). Launching a sinkhole attack in wireless sensor networks; the intruder side. In Networking and Communications, 2008. WIMOB'08. IEEE International Conference on Wireless and Mobile Computing, (pp. 526-531). IEEE.
[6] Bhatiya, A., Tilwankar, A., Lambhate, D., & Kumar, M. K. A. (2017). DETECTION AND PREVENTION OF SINK HOLE ATTACK IN AODV PROTOCOL FOR WIRELESS SENSOR NETWORK.
[7] Rajkumar, U. S., & Vayanaperumal, R. (2013). A leader based monitoring approach for sinkhole attack in wireless sensor network. [8] Sheela, D., Kumar, C. N., & Mahadevan, G. (2011, June). A non cryptographic method of sink hole attack detection in wireless sensor
networks. In Recent Trends in Information Technology (ICRTIT), 2011 International Conference on (pp. 527-532). IEEE.
[9] Bahekmat, M., Yaghmaee, M. H., Yazdi, A. S. H., & Sadeghi, S. (2012). A novel algorithm for detecting sinkhole attacks in WSNs. International Journal of Computer Theory and Engineering, 4(3), 418.
[10] Singh, T., & Arora, H. K. (2013). Detection and correction of sinkhole attack with novel method in WSN using NS2 tool. International Journal of Advanced Computer Science and Applications, 4(2).
[11] Sharmila, S., & Umamaheswari, G. (2011, July). Detection of sinkhole attack in wireless sensor networks using message digest algorithms. In Process Automation, Control and Computing (PACC), 2011 International Conference on (pp. 1-6). IEEE.
[12] Salehi, S. A., Razzaque, M. A., Naraei, P., & Farrokhtala, A. (2013, July). Detection of sinkhole attack in wireless sensor networks. In Space Science and Communication (IconSpace), 2013 IEEE International Conference on (pp. 361-365). IEEE.
[13] Rassam, M. A., Zainal, A., Maarof, M. A., & Al-Shaboti, M. (2012, November). A sinkhole attack detection scheme in mintroute wireless sensor networks. In Telecommunication Technologies (ISTT), 2012 International Symposium on (pp. 71-75). IEEE.
[14] Chen, C., Song, M., & Hsieh, G. (2010, June). Intrusion detection of sinkhole attacks in large-scale wireless sensor networks. In Wireless Communications, Networking and Information Security (WCNIS), 2010 IEEE International Conference on (pp. 711-716). IEEE.
[15] Balla, R. L., & Kotoju, V. (2013). Sinkhole Attack detection and prevention in MANET & Improving the performance of AODV Protocol. Compusoft, 2(7), 210.
[16] Kibirige, G. W., & Sanga, C. (2015). A Survey on Detection of Sinkhole Attack in Wireless Sensor Network. arXiv preprint arXiv:1505.01941.
[17] Moon, S. Y., & Cho, T. H. (2009). Intrusion detection scheme against sinkhole attacks in directed diffusion based sensor networks. International Journal of Computer Science and Network Security, 9(7), 118-122.
[18] Chaudhry, J. A., Tariq, U., Amin, M. A., & Rittenhouse, R. G. (2013). Dealing with sinkhole attacks in wireless sensor networks. Advanced Science and Tec
