A scheme for preventing denial of service attacks on wireless sensor networks

The rapid consumer adoption of high-speed internet connections has lead to the unprecedented interconnection of home networks. Consequently, the number of domestic home automation networks offering internet connectivity has increased. These home automation networks are increasingly comprised of resource limited wireless sensor networks (WSN). This creates the potential for malicious users from across the internet to attack these resource-limited WSN. One such threat is that of a denial of service (DoS) attack. Due to the resource-limited nature of WSN, a DoS attack may disrupt communications on the WSN or block remote access to the WSN. The existing DoS defence approaches are generic approaches aimed at processing and filtering all internet traffic to remove suspected DoS attack traffic. However, these approaches are not capable of filtering out all attack traffic, instead a small amount of attack traffic reaches the attackers intended victim. This small level of attack traffic poses a significant threat to the limited resources of WSN. This paper reviews the design and implementation of a novel defence strategy designed to work alongside existing DoS counter measures to overcome the aforementioned shortcomings.

[1]  Toyoo Takata,et al.  DoS packet filter using DNS information , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[2]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM 2001.

[3]  Shuang-Hua Yang,et al.  A zigbee-based home automation system , 2009, IEEE Transactions on Consumer Electronics.

[4]  Jelena Mirkovic,et al.  D-WARD: a source-end defense against flooding denial-of-service attacks , 2005, IEEE Transactions on Dependable and Secure Computing.

[5]  Kang G. Shin,et al.  Detecting SYN flooding attacks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[6]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[7]  Mario Gerla,et al.  D-ward: source-end defense against distributed denial-of-service attacks , 2003 .

[8]  Rocky K. C. Chang,et al.  Defending against flooding-based distributed denial-of-service attacks: a tutorial , 2002, IEEE Commun. Mag..

[9]  Shuang-Hua Yang,et al.  Home Automation Systems — Secure Remote Access , 2008 .

[10]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM '01.