Security vulnerabilities, attacks and countermeasures in wireless sensor networks at various layers of OSI reference model: A survey

Wireless sensor networks (WSNs) security is a topic of great importance because of advancement of many security sensitive applications in diverse fields involving WSNs. Compared to traditional wireless and wired networks, WSNs also possess numerous additional vulnerabilities such as dynamic network topology, broadcast nature of the medium, resource constrained nodes, immense network scale and lack of physical infrastructure. The open communication environment makes WSNs more vulnerable than wired communications to several types of attacks including the passive type of eavesdropping attack leading to intercepted transmissions and active type of jamming attack leading to disrupted transmissions. These additional vulnerabilities enable the adversary to launch severe and even more complicated attacks. Thus a thorough investigation of attacks that can be launched against WSNs is required. Therefore, this article is motivated for examining the wireless security vulnerabilities and the imposed threats to devise reliable and efficient defence technique for improvement of WSNs security. We first summarize the security challenges and the security requirements of wireless networks. The paper then throws light on security vulnerabilities in wireless networks and classifies various attacks in WSNs according to different OSI protocol layers. Finally, some open technical challenges which are still unsolved are summarized and future works in WSNs security are discussed.

[1]  Marco Conti,et al.  Throughput Analysis and Measurements in IEEE 802.11 WLANs with TCP and UDP Traffic Flows , 2008, IEEE Transactions on Mobile Computing.

[2]  William Stallings,et al.  Cryptography and network security - principles and practice (3. ed.) , 2014 .

[3]  N.E. Hastings,et al.  TCP/IP spoofing fundamentals , 1996, Conference Proceedings of the 1996 IEEE Fifteenth Annual International Phoenix Conference on Computers and Communications.

[4]  Qiang Gu,et al.  A novel classification scheme for 802.11 WLAN active attacking traffic patterns , 2006, IEEE Wireless Communications and Networking Conference, 2006. WCNC 2006..

[5]  Tang Liu,et al.  Energy-Efficient Prediction Clustering Algorithm for Multilevel Heterogeneous Wireless Sensor Networks , 2011, Int. J. Distributed Sens. Networks.

[6]  Yu Jiang,et al.  A New Approach for Detecting Abnormal Email Traffic in Backbone Network , 2006, 2006 International Conference on Computational Intelligence and Security.

[7]  Rocky K. C. Chang,et al.  Defending against flooding-based distributed denial-of-service attacks: a tutorial , 2002, IEEE Commun. Mag..

[8]  Anis Koubâa,et al.  A Two-Tiered Architecture for Real-Time Communications in Large-Scale Wireless Sensor Networks: Research Challenges , 2005 .

[9]  G. A. Vijayalakshmi Pai,et al.  Ant Colony Optimization based approach for efficient packet filtering in firewall , 2010, Appl. Soft Comput..

[10]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).

[11]  Sneha Kumar Kasera,et al.  Securing Ad Hoc Wireless Networks Against Data Injection Attacks Using Firewalls , 2007, 2007 IEEE Wireless Communications and Networking Conference.

[12]  Muhammad Ali Imran,et al.  A Survey of Self Organisation in Future Cellular Networks , 2013, IEEE Communications Surveys & Tutorials.

[13]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[14]  Ashar Aziz,et al.  Privacy and authentication for wireless local area networks , 1994, IEEE Personal Communications.

[15]  John W. Lockwood,et al.  Deep packet inspection using parallel bloom filters , 2004, IEEE Micro.

[16]  Yuanyuan Yang,et al.  Energy-Efficient Multihop Polling in Clusters of Two-Layered Heterogeneous Sensor Networks , 2008, IEEE Transactions on Computers.

[17]  Xuemin Shen,et al.  Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks , 2006, IEEE Transactions on Wireless Communications.

[18]  Charalampos Konstantopoulos,et al.  A survey on jamming attacks and countermeasures in WSNs , 2009, IEEE Communications Surveys & Tutorials.

[19]  Vom Fachbereich Informatik Virtual Private Networks for mobile environments. Development of protocol for mobile security and algorithms for location update. , 2010 .

[20]  Martin Hope,et al.  Active router approach to defeating denial-of-service attacks in networks , 2007, IET Commun..

[21]  John A. Stankovic,et al.  Security in wireless sensor networks , 2004, SASN '04.

[22]  Rupam Kumar Sharma,et al.  Different firewall techniques: A survey , 2014, Fifth International Conference on Computing, Communications and Networking Technologies (ICCCNT).

[23]  Markus G. Kuhn,et al.  Analysis of a denial of service attack on TCP , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[24]  Kyeong Hur,et al.  Energy-efficient and rapid time synchronization for wireless sensor networks , 2010, IEEE Transactions on Consumer Electronics.

[25]  Thomas P. von Hoff,et al.  Security for Industrial Communication Systems , 2005, Proceedings of the IEEE.

[26]  Karen Heyman A New Virtual Private Network for Today's Mobile World , 2007, Computer.

[27]  Angelos D. Keromytis,et al.  Designing Firewalls: A Survey , 2007 .

[28]  Michael D. Ernst,et al.  Automatic creation of SQL Injection and cross-site scripting attacks , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[29]  Asaad Moosa,et al.  Artificial Neural Network based Web Application Firewall for SQL Injection , 2010 .

[30]  Dharma P. Agrawal,et al.  A novel authentication scheme for ad hoc networks , 2000, 2000 IEEE Wireless Communications and Networking Conference. Conference Record (Cat. No.00TH8540).

[31]  Mark Stamp,et al.  Information security - principles and practice , 2005 .

[32]  Dijiang Huang,et al.  Using Power Hopping to Counter MAC Spoof Attacks in WLAN , 2010, 2010 7th IEEE Consumer Communications and Networking Conference.