Spoofing prevention using received signal strength for ZigBee-based home area networks

In this paper we present a novel spoofing prevention system (SPS) for ZigBee based home area networks (HANs) within smart grids. The proposed SPS uses the spatial correlation of received signal strength (RSS) in order to detect attacks and filter malicious frames. The SPS consists of a spoofing detection module which is installed on the security center in the HAN, as well as spoofing prevention agents installed on network nodes. Once an attack is detected, the agents differentiate and filter malicious frames by analyzing the RSS values of received frames. Two methods are introduced and investigated for attack prevention, static threshold and dynamic threshold. The former has very low computational requirements, yet due to high false positive rate introduces some network overhead during the attack. The latter needs more computations; however, it has a higher performance and a very low network overhead. The soundness of the proposed method is proved through both theoretical analysis, as well as experiments.

[1]  Victor C. M. Leung,et al.  Spoofing detection in IEEE 802.15.4 networks based on received signal strength , 2013, Ad Hoc Networks.

[2]  Douglas C. Madory,et al.  New Methods of Spoof Detection in 802.11b Wireless Networking , 2006 .

[3]  Victor C. M. Leung,et al.  Specification-based Intrusion Detection for home area networks in smart grids , 2011, 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[4]  Robert C. Green,et al.  Intrusion Detection System in A Multi-Layer Network Architecture of Smart Grids by Yichi , 2015 .

[5]  Victor C. M. Leung,et al.  Intrusion detection in advanced metering infrastructure based on consumption pattern , 2013, 2013 IEEE International Conference on Communications (ICC).

[6]  Ernest Foo,et al.  Gap analysis of intrusion detection in smart grids , 2011 .

[7]  J. Sobana,et al.  Detection and Localization of Multiple Spoofing Attackers in Wireless Networks , 2014 .

[8]  William H. Sanders,et al.  Intrusion Detection for Advanced Metering Infrastructures: Requirements and Architectural Directions , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[9]  Yong Sheng,et al.  Detecting 802.11 MAC Layer Spoofing Using Received Signal Strength , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[10]  I. Korkmaz,et al.  On the IEEE 802.15.4 MAC Layer Attacks: GTS Attack , 2008, 2008 Second International Conference on Sensor Technologies and Applications (sensorcomm 2008).

[11]  David R. Cheriton,et al.  Detecting identity-based attacks in wireless networks using signalprints , 2006, WiSe '06.

[12]  Patrick J. Van Fleet,et al.  Discrete Wavelet Transformations: An Elementary Approach with Applications , 2019 .