Enhancing the security of wireless sensor network based home automation systems

Home automation systems (HASs)seek to improve the quality of life for individuals through the automation of household devices. Recently, there has been a trend, in academia and industry, to research and develop low-cost Wireless Sensor Network (WSN) based HASs (Varchola et al. 2007). WSNs are designed to achieve a low-cost wireless networking solution, through the incorporation of limited processing, memory, and power resources. Consequently, providing secure and reliable remote access for resource limited WSNs, such as WSN based HASs, poses a significant challenge (Perrig et al. 2004). This thesis introduces the development of a hybrid communications approach to increase the resistance of WSN based HASs to remote DoS flooding attacks targeted against a third party. The approach is benchmarked against the dominant GHS remote access approach for WSN based HASs (Bergstrom et al. 2001), on a WSN based HAS test-bed, and shown to provide a minimum of a 58.28%, on average 59.85%, and a maximum of 61.45% increase in remote service availability during a DoS attack. Additionally, a virtual home incorporating a cryptographic based DoS detection algorithm, is developed to increase resistance to remote DoS flooding attacks targeted directly at WSN based HASs. The approach is benchmarked against D-WARD (Mirkovic 2003), the most effective DoS defence identified from the research, and shown to provide a minimum 84.70%, an average 91.13% and a maximum 95.6% reduction in packets loss on a WSN based HAS during a DoS flooding attack. Moreover, the approach is extended with the integration of a virtual home, hybrid communication approach, and a distributed denial of defence server to increase resistance to remote DoS attacks targeting the home gateway. The approach is again benchmarked against the D-WARD defence and shown to decrease the connection latency experienced by remote users by a minimum of 90.14%, an average 90.90%, and a maximum 91.88%.

[1]  O. Mirabella,et al.  A ZigBee-based network for home heating control , 2008, 2008 34th Annual Conference of IEEE Industrial Electronics.

[2]  David Watson,et al.  Transport and application protocol scrubbing , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[3]  Qian Liu,et al.  An implementation of remote lighting control system based on Zigbee technology and SoC solution , 2008, 2008 International Conference on Audio, Language and Image Processing.

[4]  K. Shuaib,et al.  Co-existence of Zigbee and WLAN, A Performance Study , 2006, 2006 Wireless Telecommunications Symposium.

[5]  Donggang Liu,et al.  Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks , 2002, NDSS.

[6]  Markus G. Kuhn,et al.  Analysis of a denial of service attack on TCP , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[7]  Toyoo Takata,et al.  DoS packet filter using DNS information , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[8]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[9]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[10]  Domenico Cotroneo,et al.  An active security protocol against DoS attacks , 2002, Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications.

[11]  Atsushi Kara Private-to-private communications over the internet , 2004, Computer.

[12]  Shivakant Mishra,et al.  Defending against path-based DoS attacks in wireless sensor networks , 2005, SASN '05.

[13]  C.A.M. Bolzani,et al.  Domotics Over IEEE 802.15.4 - A Spread Spectrum Home Automation Application , 2006, 2006 IEEE Ninth International Symposium on Spread Spectrum Techniques and Applications.

[14]  Kishor S. Trivedi,et al.  Ten Fallacies of Availability and Reliability Analysis , 2008, ISAS.

[15]  Shivakant Mishra,et al.  Intrusion tolerance and anti-traffic analysis strategies for wireless sensor networks , 2004, International Conference on Dependable Systems and Networks, 2004.

[16]  S. Kumar,et al.  Survivability Evaluation of Wireless Sensor Network under DDoS Attack , 2006, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06).

[17]  Hong Zhu,et al.  NetBouncer: client-legitimacy-based high-performance DDoS filtering , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[18]  Ratul Mahajan,et al.  Controlling high bandwidth aggregates in the network , 2002, CCRV.

[19]  Shuang-Hua Yang,et al.  Transparent Heterogeneous Networks for Remote Control of Home Environments , 2008, 2008 IEEE International Conference on Networking, Sensing and Control.

[20]  Pedro José Marrón,et al.  Prototyping sensor-actuator networks for home automation , 2008, REALWSN '08.

[21]  N. Pissinou,et al.  A framework for trust-based cluster head election in wireless sensor networks , 2006, Second IEEE Workshop on Dependability and Security in Sensor Networks and Systems.

[22]  Jing Jin,et al.  Development of Remote-Controlled Home Automation System with Wireless Sensor Network , 2008, 2008 Fifth IEEE International Symposium on Embedded Computing.

[23]  P. Gburzynski,et al.  Hidden Problems with the Hidden Node Problem , 2006, 23rd Biennial Symposium on Communications, 2006.

[24]  W. Granzer,et al.  Wireless Technologies in Home and Building Automation , 2007, 2007 5th IEEE International Conference on Industrial Informatics.

[25]  Peter M. Corcoran,et al.  CEBus Network Access via the World-Wide-Web , 1996, 1996. Digest of Technical Papers., International Conference on Consumer Electronics.

[26]  Vern Paxson,et al.  An analysis of using reflectors for distributed denial-of-service attacks , 2001, CCRV.

[27]  Kang G. Shin,et al.  Detecting SYN flooding attacks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[28]  William Stallings,et al.  Cryptography and network security - principles and practice (3. ed.) , 2014 .

[29]  Thomer M. Gil,et al.  MULTOPS: A Data-Structure for Bandwidth Attack Detection , 2001, USENIX Security Symposium.

[30]  N. Sriskanthan,et al.  Bluetooth based home automation system , 2002, Microprocess. Microsystems.

[31]  Peng Ning,et al.  Seluge: Secure and DoS-Resistant Code Dissemination in Wireless Sensor Networks , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).

[32]  Angelos D. Keromytis,et al.  SOS: secure overlay services , 2002, SIGCOMM '02.

[33]  Bai Li,et al.  Using Mobile Agents to Detect Node Compromise in Path-Based DoS Attacks on Wireless Sensor Networks , 2007, 2007 International Conference on Wireless Communications, Networking and Mobile Computing.

[34]  David E. Culler,et al.  Versatile low power media access for wireless sensor networks , 2004, SenSys '04.

[35]  Jianfeng Wu,et al.  The design of wireless intelligent home system base on ZigBee , 2008, 2008 11th IEEE International Conference on Communication Technology.

[36]  Chuang Lin,et al.  CSGW-RAS: A novel secure solution for remote access based on SSL , 2007, 2007 International Symposium on Intelligent Signal Processing and Communication Systems.

[37]  M. Brownfield,et al.  Effects of Denial of Sleep Attacks on Wireless Sensor Network MAC Protocols , 2006, 2006 IEEE Information Assurance Workshop.

[38]  Vinu V. Das,et al.  Honeypot Scheme for Distributed Denial-of-Service , 2009, 2009 International Conference on Advanced Computer Control.

[39]  Shuang-Hua Yang,et al.  A scheme for preventing denial of service attacks on wireless sensor networks , 2009, 2009 35th Annual Conference of IEEE Industrial Electronics.

[40]  Los Angeles,et al.  D-WARD: Source-End Defense Against Distributed Denial-of-Service Attacks , 2003 .

[41]  Marimuthu Palaniswami,et al.  Energy-efficient link-layer jamming attacks against wireless sensor network MAC protocols , 2009, SASN '05.

[42]  Joseph D. Touch,et al.  DynaBone: dynamic defense using multi-layer Internet overlays , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[43]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[44]  Raymond G. Duncan,et al.  Secure remote access to a clinical data repository using a wireless personal digital assistant (PDA) , 2000, AMIA.

[45]  Nathalie Weiler,et al.  Honeypots for distributed denial-of-service attacks , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[46]  Mukesh Singhal,et al.  Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..

[47]  R.A. Santos,et al.  A Geographic Routing Algorithm for Wireless Sensor Networks , 2006, Electronics, Robotics and Automotive Mechanics Conference (CERMA'06).

[48]  Wanlei Zhou,et al.  Protecting web applications from DDoS attacks by an active distributed defense system , 2006, Int. J. Web Inf. Syst..

[49]  Timo Hämäläinen,et al.  Experimenting TCP/IP for Low-Power Wireless Sensor Networks , 2006, 2006 IEEE 17th International Symposium on Personal, Indoor and Mobile Radio Communications.

[50]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[51]  Vitaly Shmatikov,et al.  dFence: Transparent Network-based Denial of Service Mitigation , 2007, NSDI.

[52]  A. Kara Secure remote access from office to home , 2001 .

[53]  Stefano Chessa,et al.  Wireless sensor networks: A survey on the state of the art and the 802.15.4 and ZigBee standards , 2007, Comput. Commun..

[54]  Kihong Park,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM '01.

[55]  Helen Hasan,et al.  Information Systems Development as a Research Method , 2003, Australas. J. Inf. Syst..

[56]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[57]  Lezan Hawizy,et al.  A semiotic approach to ad-hoc networked environments , 2007 .