Distributed Denial of Service Attack Detection in Wireless Sensor Networks

Wireless sensor networks have emerged as a significant source for the study and analysis of data from the environment. These networks are deployed in harsh and inaccessible environments with the purpose of monitoring their respective surroundings, and generating observed readings, for delivery to a centralised entity, for further data analysis. Sensor nodes are tiny devices with limited available resources for performing all their sensory operations, and be sustained for their entire lifetime. Applications of wireless sensor networks such as battlefield monitoring, bushfire monitoring and surveillance, are mission-critical in nature. The timeliness and accuracy in the delivery of the sensory data affects several mitigation efforts that may be launched upon successful detection of a particular event in the environment. Therefore, it is essential to protect such networks from malicious attacks, that may be launched by the adversary-class, with the intent of causing loss to the network operations. Distributed Denial of Service(DDoS) attacks are defined as attacks launched from multiple ends of a wireless sensor network towards a set of legitimate sensor nodes, with the intent of exhausting their limited energy resources. These attacks can significantly affect the performance of the network, and eventually lead to complete compromise of all sensor nodes of the network. The consequences of such an attack, if left undetected, can be catastrophic to the operations of the entire network.

[1]  Mauro Leoncini,et al.  The K-Neigh Protocol for Symmetric Topology Control in Ad Hoc Networks , 2003, MobiHoc '03.

[2]  Kristof Van Laerhoven,et al.  Self-organization in ad hoc sensor networks: an empirical study , 2002 .

[3]  Daniel S. Yeung,et al.  A covariance analysis model for DDoS attack detection , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[4]  Zubair A. Baig Performance Analysis of an Application-Level Mechanism for Preventing Service Flooding in the Internet , 2003 .

[5]  John S. Heidemann,et al.  A framework for classifying denial of service attacks , 2003, SIGCOMM '03.

[6]  Adrian Perrig,et al.  Security and Privacy in Sensor Networks , 2003, Computer.

[7]  Mani Srivastava,et al.  Overview of sensor networks , 2004 .

[8]  Adrian Perrig,et al.  Distributed detection of node replication attacks in sensor networks , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[9]  Dezhen Song Probabilistic Modeling of Leach Protocol and Computing Sensor Energy Consumption Rate in Sensor Networks , 2005 .

[10]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[11]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[12]  M. S. Corson,et al.  A highly adaptive distributed routing algorithm for mobile wireless networks , 1997, Proceedings of INFOCOM '97.

[13]  Rocky K. C. Chang,et al.  Defending against flooding-based distributed denial-of-service attacks: a tutorial , 2002, IEEE Commun. Mag..

[14]  Danco Davcev,et al.  Tracking of unusual events in wireless sensor networks based on artificial neural-networks algorithms , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[15]  Adrian Perrig,et al.  Secure broadcast communication in wired and wireless networks , 2002 .

[16]  J. Elliott,et al.  Distributed denial of service attacks and the zombie ant effect , 2000 .

[17]  Paolo Santi Topology control in wireless ad hoc and sensor networks , 2005 .

[18]  Peter Xiaoping Liu,et al.  Data gathering communication in wireless sensor networks using ant colony optimization , 2004, 2005 IEEE/RSJ International Conference on Intelligent Robots and Systems.

[19]  Tobias Zimmer,et al.  Increasing Connectivity in Wireless Sensor Network using Cooperative Transmission , 2005 .

[20]  Andrew B. Whinston,et al.  Defending Wireless Infrastructure Against the Challenge of DDoS Attacks , 2002, Mob. Networks Appl..

[21]  Gustavo de Veciana,et al.  Minimizing energy consumption in large-scale sensor networks through distributed data compression and hierarchical aggregation , 2004, IEEE Journal on Selected Areas in Communications.

[22]  Stephen Grossberg,et al.  Adaptive Resonance Theory , 2010, Encyclopedia of Machine Learning.

[23]  Pieter H. Hartel,et al.  POSEIDON: a 2-tier anomaly-based network intrusion detection system , 2006, Fourth IEEE International Workshop on Information Assurance (IWIA'06).

[24]  Asad I. Khan,et al.  A peer-to-peer associative memory network for intelligent information systems , 2002 .

[25]  R. K. Shyamasundar,et al.  Introduction to algorithms , 1996 .

[26]  John A. Stankovic,et al.  Security in wireless sensor networks , 2004, SASN '04.

[27]  D.S. Yeung,et al.  DDoS detection based on feature space modeling , 2004, Proceedings of 2004 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.04EX826).

[28]  Daniel Kersten,et al.  Introduction to neural networks , 1993 .

[29]  H. Javitz,et al.  IDES : The Enhanced Prototype A Real-Time Intrusion-Detection Expert System , 1988 .

[30]  Eugene M. Izhikevich,et al.  Weakly pulse-coupled oscillators, FM interactions, synchronization, and oscillatory associative memory , 1999, IEEE Trans. Neural Networks.

[31]  Hervé Abdi,et al.  A NEURAL NETWORK PRIMER , 1994 .

[32]  David E. Culler,et al.  System architecture directions for networked sensors , 2000, SIGP.

[33]  Yih-Chun Hu,et al.  Wormhole Detection in Wireless Ad Hoc Networks , 2002 .

[34]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[35]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[36]  Albert Levi,et al.  Sensor wars: detecting and defending against spam attacks in wireless sensor networks , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[37]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[38]  V. Rao Vemuri,et al.  NSOM: A Tool To Detect Denial Of Service Attacks Using Self-Organizing Maps , 2002 .

[39]  Zubair A. Baig,et al.  A Pattern Recognition Scheme for Distributed Denial of Service (DDoS) Attacks in Wireless Sensor Networks , 2006, 18th International Conference on Pattern Recognition (ICPR'06).

[40]  Asad I. Khan,et al.  A Hierarchical Graph Neuron Scheme for Real-Time Pattern Recognition , 2008, IEEE Transactions on Neural Networks.

[41]  Rasool Jalili,et al.  Detection of Distributed Denial of Service Attacks Using Statistical Pre-processor and Unsupervised Neural Networks , 2005, ISPEC.

[42]  Nael B. Abu-Ghazaleh,et al.  A taxonomy of wireless micro-sensor network models , 2002, MOCO.

[43]  Deborah Estrin,et al.  Directed diffusion for wireless sensor networking , 2003, TNET.

[44]  Todd L. Heberlein,et al.  Network intrusion detection , 1994, IEEE Network.

[45]  JAMAL N. AL-KARAKI,et al.  Routing techniques in wireless sensor networks: a survey , 2004, IEEE Wireless Communications.

[46]  Teuvo Kohonen,et al.  Self-Organizing Maps , 2010 .

[47]  Aurobindo Sundaram,et al.  An introduction to intrusion detection , 1996, CROS.

[48]  Asad I. Khan,et al.  Parallel pattern recognition computations within a wireless sensor network , 2004, ICPR 2004.

[49]  Hervé Debar,et al.  Correlation of Intrusion Symptoms: An Application of Chronicles , 2003, RAID.

[50]  Shawn Ostermann,et al.  Detecting Anomalous Network Traffic with Self-organizing Maps , 2003, RAID.

[51]  D.S. Yeung,et al.  Denial of service detection by support vector machines and radial-basis function neural network , 2004, Proceedings of 2004 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.04EX826).

[52]  Deborah Estrin,et al.  Directed diffusion: a scalable and robust communication paradigm for sensor networks , 2000, MobiCom '00.

[53]  W.K.G. Seah,et al.  Framework for statistical filtering against DDoS attacks in MANETs , 2005, Second International Conference on Embedded Software and Systems (ICESS'05).

[54]  SangHak Lee,et al.  Data Aggregation for Wireless Sensor Networks Using Self-organizing Map , 2004, AIS.

[55]  Mihui Kim,et al.  Denial-of-service (DoS) detection through practical entropy estimation on hierarchical sensor networks , 2006, 2006 8th International Conference Advanced Communication Technology.

[56]  Peng Ning,et al.  LAD: localization anomaly detection for wireless sensor networks , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[57]  Hugo Krawczyk,et al.  UMAC: Fast and Secure Message Authentication , 1999, CRYPTO.

[58]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[59]  Mohamed F. Younis,et al.  A survey on routing protocols for wireless sensor networks , 2005, Ad Hoc Networks.

[60]  Chen Eric Yi-Hua,et al.  Defending against distributed denial of service attacks , 2005 .

[61]  Virgil D. Gligor,et al.  A Note on the Denial-of-Service Problem , 1983, 1983 IEEE Symposium on Security and Privacy.

[62]  Balachander Krishnamurthy,et al.  Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites , 2002, WWW.

[63]  Michael A. Arbib,et al.  The handbook of brain theory and neural networks , 1995, A Bradford book.

[64]  Eric Y. Chen,et al.  Active shaping: a countermeasure against DDoS attacks , 2002, 2nd European Conference on Universal Multiservice Networks. ECUMN'2001 (Cat. No.02EX563).

[65]  Giovanni Vigna,et al.  NetSTAT: A Network-based Intrusion Detection System , 1999, J. Comput. Secur..

[66]  Saswati Sarkar,et al.  On optimal placement of intrusion detection modules in sensor networks , 2004, First International Conference on Broadband Networks.

[67]  Virgil D. Gligor Guaranteeing Access in Spite of Distributed Service-Flooding Attacks , 2003, Security Protocols Workshop.

[68]  Anup K. Ghosh,et al.  A Study in Using Neural Networks for Anomaly and Misuse Detection , 1999, USENIX Security Symposium.

[69]  Leonidas J. Guibas,et al.  Lightweight sensing and communication protocols for target enumeration and aggregation , 2003, MobiHoc '03.

[70]  Deborah Estrin,et al.  Modelling Data-Centric Routing in Wireless Sensor Networks , 2002 .

[71]  Harold S. Javitz,et al.  The SRI IDES statistical anomaly detector , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[72]  Roger Wattenhofer,et al.  XTC: a practical topology control algorithm for ad-hoc networks , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[73]  Hyunsoo Kim,et al.  Estimation of the Optimal Number of Cluster-Heads in Sensor Network , 2005, KES.

[74]  Robert E. Tarjan,et al.  Finding a Maximum Independent Set , 1976, SIAM J. Comput..

[75]  Shivakant Mishra,et al.  Intrusion tolerance and anti-traffic analysis strategies for wireless sensor networks , 2004, International Conference on Dependable Systems and Networks, 2004.

[76]  C. Douligeris,et al.  Detecting denial of service attacks using emergent self-organizing maps , 2005, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005..

[77]  S. Grossberg Adaptive Resonance Theory , 2006 .

[78]  Virgil D. Gligor,et al.  Security of Emergent Properties in Ad-Hoc Networks (Transcript of Discussion) , 2004, Security Protocols Workshop.

[79]  Bo Sun Intrusion detection in mobile ad hoc networks , 2004 .