International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, UGC Approved List of Recommended Journal, Volume 8, Issue 4, April 2018)142
Security Attacks and Prevention in Wireless Sensor Networks
Rohini Sharma
A.I.J.H.M. College, Rohtak
Abstract: Wireless sensors Networks (WSN) are very popular in different areas especially in military. Because of this, these are highly susceptible in terms of security. Normally, sensor nodes are deployed in an area where human intervention is not possible. Therefore, they can easily be attacked by different types of soft wares and it will not possible to avoid these attacks immediately, therefore there must be some mechanism which can secure the deployed WSN. This paper discusses different types of security attacks on WSN, their effect on WSN and their prevention.
Keywords: WSN, type of attacks, Security methods
I. INTRODUCTION
[image:1.612.71.540.371.708.2]The wireless sensor network contains a large number of nodes which are scattered throughout the area which is to be analyzed [1]. These nodes communicate with each other through wireless medium [2] and transmission power [3]. The cost of sensor networks is very low and they perform the same work as a wireless network. These can be used in various area like wireless body area network [4-5]. Other than security WSN also deals with battery problems, therefore efficient protocols [6-9] must be developed to avoid energy holes problems [10-12]. Security mechanism must be developed in a way such that, they do not consume much energy of the nodes. Figure 1 shows the topology of the WSN.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, UGC Approved List of Recommended Journal, Volume 8, Issue 4, April 2018)143
II. SECURITY PARAMETERSSince the sensors are deployed in the hostile environment, the motes are an easy victim of attack. The data and information which is being communicated by the motes can be stolen and used for malicious purposes. The parameters which must be taken care of are as follows:
a. Authorization: As the node can be attacked by the malware program, an authentication provision must be attached with each node, so that no one steals the data.
b.Integrity: it means original composition of data should not be changed. The data should not be altered by any unauthorized person or program. This
parameter keeps the data untouched from
unauthorized modifications.
c. Confidentiality: Data confidentiality signifies the protection of the data and information transferred by a transmitting node and one or more receiving nodes. Encryption techniques are used for communication enciphering and deciphering. The confidentiality of a node’s data can be preserved through the use of asymmetric or symmetric keys. A strong encryption method increases the confidentiality of the data, as it takes time to decipher a long and strong key.
d.Availability: Any node in the WSN can be used for communication at any time.
e. Data Freshness: Data should be latest and the obsolete data should not flow in the WSN.
III.
CATEGORIES OF ATTACKS IN WSNAn attacker can try to listen or interpret the message transferring by a node or he can insert wrong packets in the WSN to make it crowdies, it will lead to energy depletion of the nodes. The attacker can insert malicious motes in the WSN; these nodes can act as a false receiver and gain the information. He can also extract information from a sensor node by accessing control over it. The severity of attack is based on the battery and transmitting power of a node.
Denial of service attack: A Denial of Service (DOS) attack is an endeavor to make a system (server / client) or some other resource unapproachable to authentic users [13-14]. This attack floods the victim by too much communication requests and because of this the besieged system cannot respond the authentic users at all or responds very sluggishly, fading its effectiveness. It may replace the victim or absorbs nearly all of its resources by thwarting its communication path. It lowers the performance of the system, by causing loss or delay of packets and their acknowledgement. It consumes memory, bandwidth and CPU processing time. It can remove or change routing information in the WSN. It can change session of the
Transmission Control Protocol. It can block
communication between sending and receiving nodes. Table 1 shows different types of DOS at different layers.
Table 1:
Different types of DOS at separate layers
Layer Type of DOS Attack
Application Devastating Sensors
Path Based Routing Deluge
Transport SYN flood
De synchronization
Network IP Spoofing, Replaying, Homing, Altering Routing
Tables, Black holes, Neglect and Greed, Sinkhole, Sybil, Wormhole, HELLO Flood,
Acknowledgement Spoofing
Link Interrogation, Denial of Sleep, Collision Exhaustion,
Unfairness
Physical Jamming, Node Tempering
i. Jamming [15]: In this attack, a malevolent node transmits a jamming signal across the network as shown in Figure 2. It blocks data exchange among the nodes.
There are four types of jamming attacks: constant,
deceptive, random and reactive.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, UGC Approved List of Recommended Journal, Volume 8, Issue 4, April 2018) [image:3.612.165.504.129.332.2]144
Figure 2: Jamming attack in WSN.
ii.Node tempering: It is to malfunction the sensor nodes either by accessing it cryptographic key or by disturbing its software processing.
Prevention from attack: Use strong and lengthy encryption key and guard sensor programming memory[16].
iii. Interrogation: Attacker initiates a RTS/CTS request to victim node, victim reply by CTS, but attacker again send a RTS. In this way, attacker keeps bust victim and do nothing.
Prevention from attack: By strong authentication of each
node in the network. A link layer security process
“μTESLA” sustenance broadcast authentication protocol, and resistance to replay attacks.
iv.Denial of Sleep: To prolong the lifetime of the sensor networks nodes kept themselves in sleep mode at regular time intervals. But the denial of sleep stop the nodes from going into the sleep state and it will lead to short life of network.
Prevention from attack:By using absorbing Markov Chain (AMC) method [17].
v. Collision: When attacker discovers some valid packets, it starts dispatching signal at the same time and with the equal frequency of that of valid packet. The valid packet can collided with the attacker’s signal.
Prevention from attack: It was provided in [18]. It can be handled by Error Correction Codes.
vi.Exhaustion: An intruder continuous send join request to a victim node and the victim node keep on sending the acknowledgements and as a result its battery drains out.
Prevention from attack: By ignoring excessive transmission or by using a security protocol TinySec which provides message authentication, data integrity and privacy against exhaustion attacks [19].
vii. Unfairness:It is not a very strong attack; it just delays the transmission of the information [20].
viii.Interception Attack / Replay: It attacks the routing information in the WSN. A packet is being modified and transmitted back in the network again. In a replay attack same packet is transmitted in the network many times. These attacks increase latency time of the WSN and mislead the routing protocols.
Prevention from attack:These attacks can be prevented by using Data encryption, anti-replay protection and authentication mechanisms.
ix. IP Spoofing: The attacker pings various nodes and the source address in the ping, contains the address of the victim node. Now all the responses get diverted to the victim node [21].
x. Homing: It aims nodes which are important and have some responsibility in the WSN like cluster head, cryptography manager, and gateway or sink node.
Prevention from attack: Use Header encryption Dummy packets to mislead the attacker.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, UGC Approved List of Recommended Journal, Volume 8, Issue 4, April 2018)145
Prevention from attack: Sensor nodes use sequence number of the packet to detect an intruder in the WSN. Another way to deal with this attack is to use disjoint routes and sensor nodes.
xii. Altering Routing Traffic: Attacker can change the routing information stored in the tables of the WSN.
xiii.Black Hole or Sink Hole: The attacker discovers or analyzes the direction of data, and detect the sink node. Then it acts as a sink node and divert all the data towards itself as shown in Figure 4 [22].
Prevention from attack: It can be survived by using a secure routing algorithm called “REWARD” [23]. This algorithm can detect the source of attack by using two types of messages. This attack can also be prevented by examining the data transmission rates of the upcoming messages from an attacker area [24].
xiv. Neglect and Greed: Avoid routing of some messages and transmit its own messages.
xv. Sybil attack: A single node represents its multiple identities at multiple locations and effects geographical routing protocols in WSN.
xvi. Worm Hole attack: Two challenger nodes together create a tunnel which is not the portion of the WSN. From one end of tunnels, it creates low latency link and packets are forwarded through it, and on the other side of the tunnel, those packets are replayed. As one side of the tunnel is near to the sink, so it gives an impression of high quality route to those nodes who are located far away from the sink node as shown in Figure 5[25].
xvii.Hello Flood:In WSN, a neighbor node sends a hello
packetto its neighbor to inform about its presence. But
in case of attack, a malicious node flood the WSN with Hello packets and each node think attacker as its
neighboring node.
xviii.Acknowledge Spoofing:When a node send a packet to the receiver and this packet get lost on a weak link, receiver does not send any acknowledgement to the sender, but in case of this attack, attacker becomes false receiver and send a false ACK to the sender.
xix. Synchronize Flood: An attacker sends several connection requests to a sensor node without implementing any of them. Each request shares some resources of the victim node connection buffer.
Prevention from attack: This attack can be prevented by allowing limited connections to the node.
xx. De-synchronization Attack: An prevailing connection between two nodes is interrupted by the attacker. To de-synchronize two nodes, the attacker node transmit false control packets to them.
Prevention from attack: A complete authenticated packet transmission can avoid this attack.
xxi. Overwhelming Sensors: Consume network bandwidth by triggering sensor simulations.
xxii.Path Based: The path from sender to receiver is flooded with duplicate packets [26].
Prevention from attack: Mobile agents can find out the occurrence of this attack.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, UGC Approved List of Recommended Journal, Volume 8, Issue 4, April 2018) [image:5.612.163.453.130.353.2]146
Figure 3: selective forwarding attack in WSN
[image:5.612.139.474.390.650.2]International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, UGC Approved List of Recommended Journal, Volume 8, Issue 4, April 2018) [image:6.612.71.545.124.376.2]147
Figure 4: Worm Hole attack in WSN
After the identification of attacks, some cryptographic techniques [27] must apply on the WSN and the testing [28-29] of outcomes must be performed.
IV. CONCLUSION
WSN is an advanced application area which is an easy target of attackers. Among various types of security attacks, Denial of service attack is the most severe one. It attacks at different layers of WSN model. This paper present all types of attack at each layer. Additionally, different prevention measures for each type of attack has been provided.
REFERENCES
[1] Savita Hooda, Kirti Bhatia, Rohini Sharma, “Nodes Deployment Strategies for Sensor Networks: An Investigation”, International Research Journal of Engineering and Technology (IRJET), Volume: 03 Issue: 04, April-2016, pp. 2395 -0056.
[2] Rohini Sharma, D.K. Lobiyal, “Region Based Energy Balanced Inter-cluster communication Protocol for Sensor networks”, NCCCIP Conference Proceedings, May 2015, pp. 184-195. [3] Rohini Sharma, D.K. Lobiyal, “Dual Transmission Power and Ant
Colony Optimization Based Lifespan Maximization Protocol for Sensor Networks”, International Journal of Business Data Communications and Networking, Vol. 11, Issue1, 2015, pp. 1-14. [4] Anjali Rana, Kirti Bhatia, Rohini Sharma, “ETM: A survey on
Energy, Thermal and Mobility Efficient Routing Protocols for Wireless Body Area Sensor Network”, International Research Journal of Commerce, Arts and Science, Vol. 8, issue 4, June 2017, pp.26-38.
[5] Anjali Rana, Kirti Bhatia, Rohini Sharma, IIEPDR: Improved Information and Energy Proficient Data Relaying Routing Protocol for Wireless Body Area Networks, International Research Journal of Science Engineering and Technology, Vol. 7, Issue 2, 2017, pp. 4-11.
[6] Rohini Sharma, D.K. Lobiyal, “Energy based proficiency analysis of ad-hoc routing protocols in wireless sensor networks”, IEEE Conference Proceedings ICACEA, March 2015, DOI:10.1109/ICACEA.2015.7164829 PP. 882-886.
[7] Savita Hooda, Kirti Bhatia,Rohini Sharma, “Enrichment of Life span of Sensor Networks through BCO and Gateway Node”, International Journal of Research in Information Technology, Vol 4, issue 5, 2016, pp. 9-20.
[8] Priyanka chhillar, Kirti Bhatia, Rohini sharma, “Swarm Intelligence Inspired Energy Efficient Routing Protocols for Sensor Networks: An Investigation”, International Research Journal of Engineering and Technology, Vol. 3 Issue 5, May 2016, pp. 623-630.
[9] Priyanka chhillar, Kirti Bhatia, Rohini sharma, “Spiral Based Sink Mobility Method Aiming Lengthening of Lifetime of Sensor Networks”, International Research Journal of Engineering and Technology, Vol. 3 Issue 5, May 2016, pp. 631-637.
[10] Rohini Sharma, D.K. Lobiyal, Multi-Gateway-Based Energy Holes Avoidance Routing Protocol for WSN, Informatics, Vol. 3, Issue 2, No. 5, April 2016, pp. 1-26.
[11] Rohini Sharma, D.K. Lobiyal, Proficiency Analysis of AODV, DSR and TORA Ad-hoc Routing Protocols for Energy Holes Problem in Wireless Sensor Networks, Vol. 57, pp.1057-1066, August 2015. [12] Rohini Sharma, “Energy Holes Avoiding Techniques in Sensor
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (ISSN 2250-2459, UGC Approved List of Recommended Journal, Volume 8, Issue 4, April 2018)148
[13] Daojing He, Chun Chen, Sammy Chan and Jiajun Bu,“DoS-Resistant and Distributed Code Dissemination in Wireless Sensor Networks”, IEEE Transactions on Wireless Communications, vol. 11, Issue 5, 2012, pp. 1946-1956.
[14] Dhara Buch Devesh and JinwalaDevesh Jinwala, “Denial of Service Attacks in Wireless Sensor Networks”, Conference: NUiCone 2010, pp. 1-8.
[15] Emre UnsalYalçin and ÇebiYalçin Çebi, “Denial of Service Attacks in Wsn”, Conference: 3rd International Symposium on Computing in Science and Engineering, October 2013.
[16] David R. Raymond and Scott F. Midkiff, “Denial-of-Service in Wireless Sensor Networks: Attacks and Defenses”, IEEE Pervasive Computing, vol. 7, Issue: 1, Jan.-March 2008.
[17] T. Bhattasali and R. Chaki, AMC Model for Denial of Sleep Attack Detection. arXiv preprint arXiv:1203.1777,2012.
[18] A.D. Wood, J.A. Stankovic and S.H. Son, “JAM: a jammed-area mapping service for sensor networks”, Real-Time Systems Symposium, 2003. RTSS 2003. 24th IEEE, Dec 2003, pp. 286-297. [19] C. Karlof, N. Sastry and D. Wagner, TinySec: a link layer security
architecture for wireless sensor networks. In Proceedings of the 2nd international conference on Embedded networked sensor systems, 2004, pp. 162-175.
[20] Anthony D.Wood, John A.Stankovic,”Denial of Service in Sensor Networks” IEEE/Computer, pp. 49-56, October-2002.
[21] Anat Bremler-Barr, Hanoch Levy, “Spoofing Prevention Method”, IEEE, pp. 536, 2005.
[22] Vishal G. Rathod and Mrudang Mehta, “Security in Wireless Sensor Network: A survey”, Ganpat University Journal of Engineering & Technology, Vol.:1, Issue:1, 2011.
[23] Zdravko Karakehayov, “Using REWARD to detect team black-hole attacks in wireless sensor networks”, Wksp. Real-World Wireless Sensor Networks, pp.20-21, 2005.
[24] Edith C. H. Ngai , Jiangchuan Liu and Michael R. Lyu, “On the Intruder Detection for Sinkhole Attack in Wireless Sensor Networks”, Communications, 2006. ICC '06. IEEE International Conference on 11-15 June 2006, Vol. 8, pp. 3383-3389.
[25] http://resources.infosecinstitute.com/wireless-attacks-unleashed/#gref.
[26] Bai Li, Lynn, “Using Mobile Agents to Detect Node Compromise in Path-based DoS Attacks on Wireless Sensor Networks”, IEEE, pp. 2507-2508, 2007.
[27] Sameksha, Kirti Bhatia and RohiniSharma, “Cryptographic Techniques: In new Era”, International Journal of Advance Computational Engineering and Networking, vol 6, pp. 6,2018. [28] Jyoti Devi, Kirti Bhatia, Rohini Sharma, “A Relative Analysis of
Programmed Web Testing Tools”, International Research Journal of Engineering and Technology (IRJET), Vo. 4, 2017, pp. 386-389. [29] Jyoti Devi, Kirti Bhatia, Rohini Sharma, “A Study on Functioning of