Conference PaperPDF Available

A Multi-Layer Framework for Detection Selective Forwarding Attacks in WSNs

Authors:

Abstract and Figures

Security is a major threat in wireless sensor networks (WSNs). These networks are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Limited power and low memory are obstacles that make conventional security measures inappropriate for WSNs. Sensor nodes have limited capacities and are deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. A compromised node selectively drops packets. A malicious node works in the same manner as any other node in the network. However, it tries to find sensitive messages and drop them before transferring packets to other nodes. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.
Content may be subject to copyright.
p. 1
A Multi-Layer Framework for Detection Selective Forwarding Attacks in
WSNs
Naser M. Alajmi
Computer Science and Engineering Department
University of Bridgeport
Bridgeport, CT, USA
nalajmi@my.bridgeport.edu
Khaled M. Elleithy
Computer Science and Engineering Department
University of Bridgeport
Bridgeport, CT, USA
elleithy@bridgeport.edu
p. 2
ABSTRACT
Security is a major threat in wireless sensor networks (WSNs). These networks are increasingly
used due to their broad range of important applications in both military and civilian domains.
WSNs are prone to several types of security attacks. Limited power and low memory are
obstacles that make conventional security measures inappropriate for WSNs. Sensor nodes
have limited capacities and are deployed in dangerous locations; therefore, they are vulnerable
to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks.
Security attacks are classified as data traffic and routing attacks. These security attacks could
affect the most significant applications of WSNs, namely, military surveillance, traffic
monitoring, and healthcare. Therefore, there are different approaches to detecting security
attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong
constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have
limited capabilities in most of these areas, selective forwarding attacks cannot be easily
detected in networks. A compromised node selectively drops packets. A malicious node works
in the same manner as any other node in the network. However, it tries to find sensitive
messages and drop them before transferring packets to other nodes. In this paper, we propose
an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool
IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission
between a source node and base station while detecting selective forwarding attacks.
Furthermore, the approach is reliable, energy efficient, and scalable.
INTRODUCTION
A sensor node is a small, light-weight sensing device. It is composed of a constrained
processing unit and small amount of memory for its small operating system. Additionally, a
sensor node includes a limited-range transceiver and a battery unit; a mobile node also includes
a mobility subsystem. Wireless sensor networks (WSNs) manage thousands of sensor nodes.
p. 3
In fact, these sensor nodes communicate with a vast number of small nodes via radio links.
Sensor nodes in a network gather data that are necessary to include in a smart network
environment. These environments include homes, transportation systems, military
installations, healthcare systems, and buildings. WSNs make it technologically possible to
reorganize information and communication technology. The study of WSNs is a significant
topic in computer science and engineering. It has an economic impact and affects industry.
In WSNs, sensor nodes transfer packets from the source to the base station. Because a sensor
node is a limited-transmission device, it uses a multi-hop method to transfer packets to the base
station. Eavesdropping, compromising nodes, interrupting or modifying packets, and injecting
malicious packets compromise privacy, and denial of service attacks are threats to the security
of WSNs (Perrig A., J. Stankovic, and D. Wagner, 2004). Attackers compromise the internal
sensor nodes from which they launch attacks, which are difficult to detect. A selective
forwarding attack is the one of these attacks.
PROBLEM IDENTIFICATION
A selective forwarding attack is difficult to detect in a network. The adversary installs a
malicious node, which drops packets in the network. Once the malicious node is present in the
network, it organizes routing loops that attract or repel network traffic. Additionally, it can
extend or shorten source routers, generate false messages, and attempt to drop significant
messages. Packets that are dropped selectively come from one node or a group of nodes. A
malicious node refuses to forward the packets. Therefore, the base station does not receive the
entire message. There is a need for a new paradigm for detecting selective forwarding attacks
that increases the detection rate while consuming less energy.
p. 4
RELATED WORKS
Bo Yu and Xiao (Bo Yu, and Chuanshan Gao, 2007) proposed a LWSS-based approach that
uses lightweight security to detect a selective forwarding attack in a sensor network
environment. The approach uses a multi-hop acknowledgment to launch alarms by obtaining
responses from the nodes that are located in the middle of a path. The aim of attack detection
is to send an alarm that indicates a selective forwarding attack when a malicious node is
discovered. Yu and Xiao employed two detection processes in the scheme: a downstream
process and an upstream process. Sending an acknowledgement packet and alert packet would
drain energy during the detection process. In this approach, a node is randomly selected as the
checkpoint that sends a message acknowledging the detection of an adversary.
Tran Hoang and Eui-Nam (Tran Hoang Hai and Eui-Nam Huh, 2008) proposed an LWD-based
approach to detecting selective forwarding attacks that consist of a lightweight mechanism.
Each sensor node is provided with a detection module that is constructed on top of an
application layer. A sensor node sets its routing rules and uses information on its two-hop
neighborhood to generate an alert packet. Hoang and Nam suggested two routing rules to
improve the monitoring system. The first rule is to determine whether the destination node
forwards the packet along the path to the sink. The second rule is that the monitoring node
waits and detects a packet that had been forwarded along the path to the sink.
Huijuan Deng et al. (Huijuan Deng, Xingming Sun, Baowei Wang, Yuanfu Cao, 2009)
proposed an SDT-based scheme for secure data transmission and for detecting a selective
forwarding attack. They used watermark technology to detect malicious nodes. Prior to
employing a watermark-based technique, they used a trust value to find a source path for
message forwarding. When the network is initialized, all of the nodes are assigned the same
trust value. Huijuan Deng et al. used a watermark-based technique to calculate the amount of
p. 5
packet loss. The base station compares the extracted watermark to the original watermark to
detect a selective forwarding attack.
Chanatip et al. (Chanatip Tumrongwittayapak and Ruttikorn Varakulsiripunth, 2009) proposed
an RSSI-EM-based lightweight scheme. They used extra monitoring (EM) to eavesdrop and
monitor all of the traffic when data were transferred between nodes. The value of an RSSI is
that four EM nodes can be arranged to establish the positions of all of the sensor nodes, with
the base station located at (0, 0). They assumed that the attackers could capture and damage
the nodes. Therefore, all of the sensor nodes must protect themselves or be made from tamper-
resistant hardware.
PROPOSED SYSTEM
In a sensor network, data are sent to the base station through routers. An attacker compromises
the nodes by attacking the network resources. Selective forwarding attacks destroy the packets
transmitted between the source and base station. As a result, a malicious node refuses to transfer
a complete packet. It attempts to drop the important data. Therefore, the entire packet is not
transferred to the base station. Furthermore, physical attacks frequently occur in WSNs because
they are easy for adversaries to execute.
Sensor networks are vulnerable to many types of security attack. A malicious node tries to
create blocks that occur while messages are being transferred between sensor nodes in the
network by, for instance, forwarding a message along another path, generating an inaccurate
network route, and delaying the transfer of packets between nodes. Selective forwarding
detection (SFD) discovers a secure route for data to be sent from one node to other nodes. In
this section of the paper, we introduce the assumptions and a multi-layer approach to detection.
p. 6
A. ASSUMPTIONS
To create a simple solution to detecting selective forwarding attacks, we make some
assumptions for detection within certain applications that are vulnerable in networks.
Specifically, we assume that secure communication is the focus of sensor networks, malicious
nodes should not drop any packets before launching a selective forwarding attack, and an
adversary cannot attack nodes during their deployment.
B. SELECTIVE FORWARDING DETECTION (SFD) USING MULTI-LAYERS
Rule-based IDS is also known as signature-based IDS, which is one of the mechanisms for
protecting a network from security threats. The network layer in WSNs is threatened with many
types of attacks, including wormhole and sinkhole attacks. Our proposal focuses on the
selective forwarding attack. We design a multi-layer approach to detection that includes the
three security layers shown in Figure 1. The first layer is a pool of MAC IDs. In this layer, the
important information is filtered and stored. The information includes message fields (e.g.,
packet, destination, and source IDs) that are useful for rule-based processing. The second layer
is the rule-based processing layer. In this layer, there are some rules that must be applied to the
stored data. Incoming traffic is either accepted or rejected. In addition, no rules are applied to
a message that fails. The third layer is the anomaly detection layer, which detects the false
negative anomalies that comprise unknown attacks. The second layer (rule-based processing)
and the third layer (anomaly detection-based IDS) can identify and control selective forwarding
attacks in all phases. The three layers are supported with three algorithms. These algorithms
are to used resolve the attack on the network. The detection approach saves energy by using
little time and memory. It chooses a secure route along which to transfer data between the
source and base station. Furthermore, the approach to SFD using multiple layers is reliable,
p. 7
energy efficient, and scalable. All of these factors are important for networks of sensor nodes.
Additionally, this approach to SFD is highly accurate.
C. SELECTIVE FORWARDING DETECTION (SFD) ALGORITHMS
Algorithm1: MAC Pool IDs Layer
1. Input = (MP: Mac Pool)
2. Output = (DT: Selective Forwarding Detector)
3. Network parameter = (SN: sensor node, RT: route, TSN: Total sensor node)
4. Attacking parameter = (SFAT: attacker)
5. For (SN=0; SN<= TSN; SN++)
6. Set SN = SN + 1
7. If SN MP then
8. Set SN = 0 // the node is declared as malicious node not allowed for communication.
9. Drop
10. Else if SN = 1 // Node is declared as a legitimate node and allowed for communication
11. Accept
12. End if
13. End else
14. End for
a. MAC POOL IDs LAYERS
The first layer consists of a pool of MAC IDs that filter and match the traffic. Each traffic
packet is monitored. The packet is matched to identify malicious activity using message fields
(e.g., the packet, destination, and source IDs). It checks whether a node is legitimate or
malicious. Therefore, if a node is assigned a value of zero, it drops a packet and is considered
malicious. Otherwise, it is accepted as a legitimate node. In our study, we analyze the malicious
nodes that are detected in the first step using an algorithm based on the pool of MAC IDs.
Algorithm2: Rules Processing Layer
1. Input = (RP: Rules Process)
2. Output = (DT: Selective Forwarding Detector, RU: Rules)
3. Network parameter = (SN: sensor node, RT: route)
4. Attacking parameter = (SFAT: attacker)
5. RL1 = Rules based in IDS (RL1IDS)
6. RP RL1IDS
7. Set RL1 >= RU // 90% from the rules
8. For (SFAT = RL1; SFAT <= RP; SFAT ++)
9. If SFAT RP then
10. DT SFAT
11. Attack alert
12. Reject Packets
p. 8
13. Else if (SFAT RP) then
14. Set SN = RT
15. Return
16. SN MP
17. Release Packets
18. End if
19. End else
20. End for
b. RULES PROCESSING LAYER
The second layer involves rule-based processing. It is the middle layer. It detects known attacks
using rules. These rules must be applied before nodes are deployed in a network area. The rule-
based processing layer checks the traffic by comparing it to a list of rules. If the traffic satisfies
at least 90% of the rules, the node is confirmed to be legitimate. Therefore, the traffic will be
returned to the pool of MAC IDs for release. If the traffic does not satisfy 90% of the rules, the
node is considered doubtful and is rejected.
Algorithm3: Anomaly Detection Layer
1. Input = (AD: Anomaly Detection)
2. Output = (DT: Selective Forwarding Detector)
3. Network parameter = (SN: sensor node, RT: route)
4. Attacking parameter = (SFAT: attacker)
5. RL2 = Anomaly detection based in IDS (RL2IDS)
6. AD RL2IDS
7. For (RL2=0; RL2 <= AD; RL2 ++)
8. RL2 = RL2 + 1
9. If RL2 AD then
10. Compute FN
11. Set Alert
12. Reject Packets
13. Else if RL2 AD then
14. No Attack
15. Set SN = RT
16. Return
17. SN MP
18. Release Packets
19. End if
20. End else
21. End for
c. ANOMALY DETECTION LAYER
The third layer involves anomaly detection, which is the recognition of unknown attacks. This
layer checks the traffic that comes from the rule-based processing layer. Therefore, it works to
analyze the traffic. The possible results of anomaly detection are false negative, false positive,
p. 9
true negative, and true positive. If the algorithm determines that an unknown attack is a false
negative, it sends an alert and rejects the relevant packet. Otherwise, the traffic is returned to
the pool of MAC IDs by confirming the legitimacy of the node.
D. SIMULATION ANALYSIS AND RESULT
The approach to detecting selective forwarding attacks is tested using a simulation. In the
simulation, 200 sensor nodes are deployed in a network with an area of 500 * 500 m2 using
NS2. Therefore, each node had a transmission range of 35 m and a sensing range of 30 m. The
energetic cost of a node is 5 J, and there are 180 static and 20 mobile nodes. We calculated the
amount of energy consumed. Figure 2 showed the energy consumption of our approach to SFD
when 10% of the nodes were malicious and 10% were mobile. The network consumed less
energy when it included mobile nodes; therefore, it was 60.4% at the highest point, and the
energy cost was low. Therefore, if there are malicious nodes along the routes, this approach to
SFD costed less in terms of communication overhead. Figure 3 showed all of the approaches,
including SFD and the RSSI-EM, SDT, LWSS, and LWD approaches for the same percentages
of malicious and mobile nodes. Therefore, the number of malicious nodes and the energy
consumption are comparable in all of the approaches. However, the other approaches
consumed more energy when the network includes mobile nodes. Their energy costed are
68.5%, 69.1%, 75.1, and 81.8%, respectively. Thus, the proposed approach to SFD was more
energy efficient. Figure 4 illustrates the rate of reliably detecting selective forwarding attacks.
The proposed approach to SFD has a perfect detection rate. This rate is greater than 98%;
therefore, it is easier to detect malicious nodes when they dropped packets. During the lifetime
of a network, the SFD algorithm accurately detects the malicious nodes. We compared our
approach with the RSSI-EM-, LWSS-, SDT-, and LWD-based approaches (Figure 5). Their
rates of reliably detecting selective forwarding attacks are 86.3%, 88.2%, 89.6%, and 90.6%,
p. 10
respectively. The graphs showed detection rates of all of the approaches. Therefore, this
approach to SFD is more reliable than other approaches.
CONCLUSION
A multi-layer detection framework is introduced to handle one type of severe attack (the
selective forwarding attack). We proposed an approach to detect selective forwarding attacks
to address this issue. The multi-layer detection framework consists of three layers, each of
which is supported by a different algorithm. In the first layer, we used an algorithm based on a
pool of MAC IDs that authenticates incoming traffic to determine whether a node is legitimate
or malicious. In the second layer, we used a rule-based processing algorithm, which checks the
traffic by comparing it to a list of rules. In the third layer, we used an anomaly detection
algorithm to identify unknown attacks, which appear as false negatives, send an alert, and reject
the traffic. In addition, the framework was validated using NS2. Based on the simulation
results, we demonstrated that this approach’s detection rate and energy consumption are higher
than those of other approaches. Therefore, the proposed approach to SFD is more effective than
other approaches.
p. 11
REFERENCES
Bin Xiao, Bo Yu, and Chuanshan Gao, “CHEMAS: Identify Suspect Nodes in Selective
Forwarding Attacks”, In Parallel and Distributed Processing Symposiun, 2007.
Bo Yu and Bin Xiao, “Detecting Selective Forwarding Attacks in Wireless Sensor Networks”,
In Parallel and Distributed Processing Symposiun, 2007. ISSNIP 2006, 20th International, page
8 pp., 2006.
Chanatip Tumrongwittayapak and Ruttikorn Varakulsiripunth, “Detecting Sinkhole Attack and
Selective Forwarding Attack in Wireless Sensor Networks”, ICICS 2009.
David Martins, and Herve Guyennet, “Wireless Sensor Network Attacks and Security
Mechanisms”, 2010 IEEE.
Huijuan Deng, Xingming Sun, Baowei Wang, Yuanfu Cao, “Selective Forwarding Attack
Detection using Watermark in Wireless Sensor Networks”, International Colloquium on
Computing, Communications Control, and Management (2009 ISECS), pp. 109-113.
Karlof, C. and Wagner, D., “Secure routing in wireless sensor networks: Attacks and
countermeasures”, Elsevier’s Ad Hoc Network Journal, Special Issue on Sensor Network
Applications and Protocols, September 2003.
Perrig A., J. Stankovic, and D. Wagner, “Security in Wireless Sensor Networks”,
Communications of the ACM, 47(6): 53 57, June 2004.
Tran Hoang Hai and Eui-Nam Huh, “Detecting Selective Forwarding Attacks in Wireless
Sensor Networks Using Two-hops Neighbor Knowledge” Seventh IEEE Internation
Symposium on Network Computing and Applications, 2008, pp.325-331.
Walters J. P., et al., "Wireless sensor network security" Security in distributed, grid, mobile,
and pervasive computing, p. 367, 2007.
APPENDIX
A. FIGURS
Fig 1. Multi layers in rules based IDS
p. 12
Fig 2. Energy consumption of SFD approach under malicious node
Fig 3. The comparison of approaches in energy consumption
p. 13
Fig 4. Reliable detection rate of SFD approach
Fig 5. The comparison of approaches in reliable detection rate
p. 14
Mr. Naser Alajmi is pursuing towards his Ph.D., Department of Computer
Science and engineering at the University of Bridgeport, Bridgeport, CT. Naser’s
interests are in Wireless Sensor Network (WSN), Wireless Sensor Network
Security, and Network Security.
Dr. Elleithy is the Associate Vice President of Graduate Studies and
Research at the University of Bridgeport. He is a professor of Computer
Science and Engineering. He has research interests are in the areas of
wireless sensor networks, mobile communications, network security,
quantum computing, and formal approaches for design and verification. He has published more
than three hundred research papers in international journals and conferences in his areas of
expertise. Dr. Elleithy has more than 25 years of teaching experience. His teaching evaluations
are distinguished in all the universities he joined. He supervised hundreds of senior projects,
MS theses and Ph.D. dissertations. He supervised several Ph.D. students. He developed and
introduced many new undergraduate/graduate courses. He also developed new teaching /
research laboratories in his area of expertise.
Dr. Elleithy is the editor or co-editor for 12 books by Springer. He is a member of technical
program committees of many international conferences as recognition of his research
qualifications. He served as a guest editor for several International Journals. He was the
chairman for the International Conference on Industrial Electronics, Technology &
Automation, IETA 2001, 19-21 December 2001, Cairo Egypt. Also, he is the General Chair
of the 2005-2013 International Joint Conferences on Computer, Information, and Systems
Sciences, and Engineering virtual conferences.
ResearchGate has not been able to resolve any citations for this publication.
Conference Paper
Full-text available
Wireless sensor networks are specific adhoc networks. They are characterized by their limited computing power and energy constraints. This paper proposes a study of security in this kind of network. We show what are the specificities and vulnerabilities of wireless sensor networks. We present a list of attacks, which can be found in these particular networks, and how they use their vulnerabilities. Finally we discuss about different solutions made by the scientific community to secure wireless sensor networks.
Article
Full-text available
Wireless sensor network applications include ocean and wildlife monitoring, manufacturing machinery performance monitoring, building safety and earthquake monitoring, and many military applications. A major benefit of these systems is that they perform in-network processing to reduce large streams of raw data into useful aggregated information. Protecting it all is critical. Because sensor networks pose unique challenges, traditional security techniques used in traditional networks cannot be applied directly. To make sensor networks economically viable, sensor devices are limited in their energy, computation, and communication capabilities research. People cover several important security challenges, including key establishment, secrecy, authentication, privacy, robustness to denial-of-service attacks, secure routing, and node capture. Security is sometimes viewed as a standalone component of a system's architecture, where a separate module provides security. To achieve a secure system, security must be integrated into every component, since components designed without security can become a point of attack.
Conference Paper
Security in Wireless Sensor Networks (WSNs) is especially challenging and quite different from traditional network security mechanisms. There are two major reasons. Firstly, there are severe constraints on these devices namely their minimal energy, computational and communicational capabilities. Secondly, there is an additional risk of physical attacks such as node capture and tampering. Moreover, cryptography based techniques alone are insufficient to secure WSNs [1]. Hence, intrusion detection techniques must be designed to detect the attacks. Further, these techniques should be lightweight because of resource-constrained nature of WSNs [2]. In this paper, we present a new approach of robust and lightweight solution for detecting the Sinkhole attack and the Selective Forwarding attack based on Received Signal Strength Indicator (RSSI) readings of messages. The proposed solution needs collaboration of some Extra Monitor (EM) node apart from the ordinary nodes. We use RSSI value from four EM nodes to determine the position of all sensor nodes which the Base Station (BS) is origin position (0,0). Later, we use this information as weight from the BS. Another functions of EM nodes are eavesdropper and monitor all traffics, in order to detect the Selective Forwarding attack in the network. Our solution is lightweight in the sense that monitor nodes were not loaded any ordinary nodes or BS and not cause a communication overhead.
Conference Paper
With the widely use of wireless sensor network (WSN), data forwarding security has become more and more important to the whole network. In order to avoid the selective forwarding attack, we proposed a scheme of secure data transmission which can forward the data safely, and detect the selective forwarding attack. In this paper, we judge the trust value of each node to select a secure path for message forwarding and then use the watermark technology to detect the malicious nodes which are suspected to launch selective forwarding attack. Different from the multi-path routing which only defends the selective forwarding attack, our method may find the malicious nodes. Extensive simulation proves that even when the channel error rate is 10%, the detection accuracy of the proposed scheme is over 95%.
Article
We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as a goal. We propose security goals for routing in sensor networks, show how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensor networks, introduce two classes of novel attacks against sensor networks––sinkholes and HELLO floods, and analyze the security of all the major sensor network routing protocols. We describe crippling attacks against all of them and suggest countermeasures and design considerations. This is the first such analysis of secure routing in sensor networks.
Conference Paper
Selective forwarding attacks may corrupt some mission- critical applications such as military surveillance and for- est fire monitoring. In these attacks, malicious nodes be- have like normal nodes in most time but selectively drop sensitive packets, such as a packet reporting the movement of the opposing forces. Such selective dropping is hard to detect. In this paper, we propose a lightweight secu- rity scheme for detecting selective forwarding attacks. The detection scheme uses a multi-hop acknowledgement tech- nique to launch alarms by obtaining responses from inter- mediate nodes. This scheme is efficient and reliable in the sense that an intermediate node will report any abnormal packet loss and suspect nodes to both the base station and the source node. To the best of our knowledge, this is the first paper that presents a detailed scheme for detecting selective forwarding attacks in the environment of sensor networks. The simulation results show that even when the channel error rate is 15%, simulating very harsh radio con- ditions, the detection accuracy of the proposed scheme is over 95%.
Article
Selective forwarding attacks may corrupt some mission-critical applications such as military surveillance and forest fire monitoring in wireless sensor networks. In such attacks, most of the time malicious nodes behave like normal nodes but will from time to time selectively drop sensitive packets, such as a packet reporting the movement of the opposing forces, and thereby make it harder to detect their malicious nature. In this paper, we propose CHEMAS (CHEckpoint-based Multi-hop Acknowledgement Scheme), a lightweight security scheme for detecting selective forwarding attacks. Our scheme can randomly select part of intermediate nodes along a forwarding path as checkpoint nodes which are responsible for generating acknowledgements for each packet received. The strategy of random-checkpoint-selection significantly increases the resilience against attacks because it prevents a proportion of the sensor nodes from becoming the targets of attempts to compromise them. In our scheme, each intermediate node in a forwarding path, if it does not receive enough acknowledgements from the downstream checkpoint nodes, has the potential to detect abnormal packet loss and identify suspect nodes. We explore the feasibility of our detection scheme using both theoretical analysis and simulations. The simulation results show that our scheme can achieve a high detection rate, even in harsh radio conditions. The communication overhead incurred by our scheme is also within reasonable bounds.
Conference Paper
Wireless sensor networks have many potential applications for both civil and military tasks. However, WSNs are susceptible to many types of attacks because they are deployed in open and unprotected environment. Selective forwarding attack is one of the easiest implement and damaged attacks in multi-hop routing protocols. In this paper, we proposed a lightweight detection algorithm based only on the neighborhood information. Our detection algorithm can detect selective forwarding attack with high accuracy and little overhead imposed on detection modules than previous works.
Conference Paper
We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as a goal. We propose security goals for routing in sensor networks, show how attacks against ad-hoc and peer-to-peer networks can be adapted into powerful attacks against sensor networks, introduce two classes of novel attacks against sensor networks sinkholes and HELLO floods, and analyze the security of all the major sensor network routing protocols. We describe crippling attacks against all of them and suggest countermeasures and design considerations. This is the first such analysis of secure routing in sensor networks.
Wireless sensor network security" Security in distributed, grid, mobile, and pervasive computing
  • J P Walters
Walters J. P., et al., "Wireless sensor network security" Security in distributed, grid, mobile, and pervasive computing, p. 367, 2007. APPENDIX A. FIGURS Fig 1. Multi layers in rules based IDS