An efficient intruder detection algorithm against sinkhole attacks in wireless sensor networks

In a wireless sensor network, multiple nodes would send sensor readings to a base station for further processing. It is known that such a many-to-one communication is highly vulnerable to a sinkhole attack, where an intruder attracts surrounding nodes with unfaithful routing information, and then performs selective forwarding or alters the data passing through it. A sinkhole attack forms a serious threat to sensor networks, particularly considering that the sensor nodes are often deployed in open areas and of weak computation and battery power. In this paper, we present a novel algorithm for detecting the intruder in a sinkhole attack. The algorithm first finds a list of suspected nodes through checking data consistency, and then effectively identifies the intruder in the list through analyzing the network flow information. The algorithm is also robust to deal with multiple malicious nodes that cooperatively hide the real intruder. We have evaluated the performance of the proposed algorithm through both numerical analysis and simulations, which confirmed the effectiveness and accuracy of the algorithm. Our results also suggest that its communication and computation overheads are reasonably low for wireless sensor networks.

[1]  Deborah Estrin,et al.  Directed diffusion: a scalable and robust communication paradigm for sensor networks , 2000, MobiCom '00.

[2]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[3]  Xiuzhen Cheng,et al.  Localized fault-tolerant event boundary detection in sensor networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[4]  Jessica Staddon,et al.  Efficient tracing of failed nodes in sensor networks , 2002, WSNA '02.

[5]  Radha Poovendran,et al.  Preventing wormhole attacks on wireless ad hoc networks: a graph theoretic approach , 2005, IEEE Wireless Communications and Networking Conference, 2005.

[6]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[7]  Anantha P. Chandrakasan,et al.  An application-specific protocol architecture for wireless microsensor networks , 2002, IEEE Trans. Wirel. Commun..

[8]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1986, 1986 IEEE Symposium on Security and Privacy.

[9]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[10]  Shivakant Mishra,et al.  INSENS: Intrusion-Tolerant Routing in Wireless Sensor Networks , 2002 .

[11]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[12]  Antonio Alfredo Ferreira Loureiro,et al.  Decentralized intrusion detection in wireless sensor networks , 2005, Q2SWinet '05.

[13]  David A. Wagner,et al.  Resilient aggregation in sensor networks , 2004, SASN '04.

[14]  D. P. Agrawal,et al.  Self-organized criticality and stochastic learning based intrusion detection system for wireless sensor networks , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[15]  Tadeusz A. Wysocki,et al.  Advanced wired and wireless networks , 2005 .

[16]  Elaine Shi,et al.  Designing secure sensor networks , 2004, IEEE Wireless Communications.

[17]  Frank Mueller,et al.  Analyzing and modeling encryption overhead for sensor network nodes , 2003, WSNA '03.

[18]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[19]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2005, IEEE J. Sel. Areas Commun..

[20]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[21]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[22]  Qiang Chen,et al.  An anomaly detection technique based on a chi‐square statistic for detecting intrusions into information systems , 2001 .

[23]  Pierre Baldi,et al.  Battery Lifetime Estimation and Optimization for Underwater Sensor Networks , 2004 .

[24]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[25]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[26]  Deborah Estrin,et al.  Rumor routing algorthim for sensor networks , 2002, WSNA '02.

[27]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[28]  David Evans,et al.  Localization for mobile sensor networks , 2004, MobiCom '04.

[29]  Dharma P. Agrawal,et al.  Routing security in wireless ad hoc networks , 2002, IEEE Commun. Mag..

[30]  Chris McDonald,et al.  Secure Routing Protocols for Mobile Ad-Hoc Wireless Networks , 2005 .

[31]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[32]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[33]  H. Chris Tseng,et al.  Sinkhole intrusion indicators in DSR MANETs , 2004, First International Conference on Broadband Networks.

[34]  Deborah Estrin,et al.  Rumor Routing Algorithm For Sensor Networks , 2002 .

[35]  Sang Hyuk Son,et al.  JAM: a jammed-area mapping service for sensor networks , 2003, RTSS 2003. 24th IEEE Real-Time Systems Symposium, 2003.

[36]  Songwu Lu,et al.  A scalable solution to minimum cost forwarding in large sensor networks , 2001, Proceedings Tenth International Conference on Computer Communications and Networks (Cat. No.01EX495).

[37]  Robert Cole,et al.  Computer Communications , 1982, Springer New York.

[38]  Faramarz Fekri,et al.  Key pre-distribution in wireless sensor networks using multivariate polynomials , 2005, 2005 Second Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2005. IEEE SECON 2005..

[39]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[40]  Chris McDonald,et al.  Circumventing Sinkholes and Wormholes in Ad-hoc Wireless Networks , 2005 .