Detecting and Localizing Identity-Based Attacks in Wireless and Sensor Networks

Wireless networks are vulnerable to identity-based attacks, including spoofing and Sybil attacks, which allows for many other forms of attacks on the networks. Although the identity of a node can be verified through cryptographic authentication, authentication is not always possible, because it requires key management and additional infrastructural overhead. In this paper, we propose a method for detecting both spoofing and Sybil attacks by using the same set of techniques. We first propose a generalized attack-detection model that utilizes the spatial correlation of received signal strength (RSS) inherited from wireless nodes. We further provide a theoretical analysis of our approach. We then derive the test statistics for detection of identity-based attacks by using the K-means algorithm. Our attack detector is robust when handling the situations of attackers that use different transmission power levels to attack the detection scheme. We further describe how we integrated our attack detector into a real-time indoor localization system, which can also localize the positions of the attackers. We show that the positions of the attackers can be localized using either area- or point-based localization algorithms with the same relative errors as in the normal case. We further evaluated our methods through experimentation in two real office buildings using both an IEEE 802.11 (WiFi) network and an IEEE 802.15.4 (ZigBee) network. Our results show that it is possible to detect wireless identity-based attacks with both a high detection rate and a low false-positive rate, thereby providing strong evidence of the effectiveness of the attack detector utilizing the spatial correlation of RSS and the attack localizer.

[1]  M. Abramowitz,et al.  Handbook of Mathematical Functions With Formulas, Graphs and Mathematical Tables (National Bureau of Standards Applied Mathematics Series No. 55) , 1965 .

[2]  Andy Hopper,et al.  The active badge location system , 1992, TOIS.

[3]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[4]  Hari Balakrishnan,et al.  6th ACM/IEEE International Conference on on Mobile Computing and Networking (ACM MOBICOM ’00) The Cricket Location-Support System , 2022 .

[5]  Paramvir Bahl,et al.  RADAR: an in-building RF-based user location and tracking system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[6]  William A. Arbaugh,et al.  YOUR 802.11 WIRELESS NETWORK HAS NO CLOTHES , 2001 .

[7]  B. R. Badrinath,et al.  Ad hoc positioning system (APS) , 2001, GLOBECOM'01. IEEE Global Telecommunications Conference (Cat. No.01CH37270).

[8]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[9]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[10]  William A. Arbaugh,et al.  Your 80211 wireless network has no clothes , 2002, IEEE Wirel. Commun..

[11]  Miguel Castro,et al.  Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[12]  M. Kayton,et al.  Global positioning system: signals, measurements, and performance [Book Review] , 2002, IEEE Aerospace and Electronic Systems Magazine.

[13]  Henry Tirri,et al.  A Probabilistic Approach to WLAN User Location Estimation , 2002, Int. J. Wirel. Inf. Networks.

[14]  Robert Tappan Morris,et al.  Span: An Energy-Efficient Coordination Algorithm for Topology Maintenance in Ad Hoc Wireless Networks , 2002, Wirel. Networks.

[15]  Koen Langendoen,et al.  Distributed localization in wireless sensor networks: a quantitative compariso , 2003, Comput. Networks.

[16]  Tarek F. Abdelzaher,et al.  Range-free localization schemes for large scale sensor networks , 2003, MobiCom '03.

[17]  Shouhuai Xu,et al.  LHAP: a lightweight hop-by-hop authentication protocol for ad-hoc networks , 2003, 23rd International Conference on Distributed Computing Systems Workshops, 2003. Proceedings..

[18]  Ying Zhang,et al.  Localization from mere connectivity , 2003, MobiHoc '03.

[19]  Wade Trappe,et al.  An authentication framework for hierarchical ad hoc sensor networks , 2003, WiSe '03.

[20]  Tian He,et al.  Range-free localization schemes in large scale sensor network , 2003, MobiCom 2003.

[21]  Tuomas Aura,et al.  Cryptographically Generated Addresses (CGA) , 2005, ISC.

[22]  Moustafa Youssef,et al.  WLAN location determination via clustering and probability distributions , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[23]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[24]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[25]  M. Salazar-Palma,et al.  A survey of various propagation models for mobile communication , 2003 .

[26]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[27]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[28]  Anupam Joshi,et al.  Security in Sensor Networks , 2020, Texts in Computer Science.

[29]  Abbas Jamalipour,et al.  Wireless communications , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[30]  Alfred O. Hero,et al.  Locating the Nodes , 2005 .

[31]  R.L. Moses,et al.  Locating the nodes: cooperative localization in wireless sensor networks , 2005, IEEE Signal Processing Magazine.

[32]  Jie Wu,et al.  Secure and efficient key management in mobile ad hoc networks , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[33]  A. S. Krishnakumar,et al.  On the accuracy of signal strength-based estimation techniques , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[34]  Avishai Wool,et al.  Lightweight Key Management for IEEE 802.11 Wireless LANs with Key Refresh and Host Revocation , 2005, Wirel. Networks.

[35]  Peng Ning,et al.  Defending against Sybil attacks in sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[36]  Wenyuan Xu,et al.  Securing wireless systems via lower layer enforcements , 2006, WiSe '06.

[37]  Richard P. Martin,et al.  The Robustness of Localization Algorithms to Signal Strength Attacks: A Comparative Study , 2006, DCOSS.

[38]  David R. Cheriton,et al.  Detecting identity-based attacks in wireless networks using signalprints , 2006, WiSe '06.

[39]  Wade Trappe,et al.  Relationship -based Detection of Spoofing -related Anomalous Traffic in Ad Hoc Networks , 2006, 2006 3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks.

[40]  Murat Demirbas,et al.  An RSSI-based scheme for sybil attack detection in wireless sensor networks , 2006, 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06).

[41]  Richard P. Martin,et al.  A Practical Approach to Landmark Deployment for Indoor Localization , 2006, 2006 3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks.

[42]  Gang Zhou,et al.  Models and solutions for radio irregularity in wireless sensor networks , 2006, TOSN.

[43]  Richard P. Martin,et al.  Detecting and Localizing Wireless Spoofing Attacks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[44]  Yong Sheng,et al.  Detecting 802.11 MAC Layer Spoofing Using Received Signal Strength , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[45]  King Lun Yiu Ad-hoc positioning system , 2008 .

[46]  Jie Yang,et al.  A theoretical analysis of wireless localization using RF-based fingerprint matching , 2008, 2008 IEEE International Symposium on Parallel and Distributed Processing.

[47]  Jie Yang,et al.  Detecting sybil attacks inwireless and sensor networks using cluster analysis , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[48]  Massimo Bernaschi,et al.  Access points vulnerabilities to DoS attacks in 802.11 networks , 2008, Wirel. Networks.

[49]  Robert Tibshirani,et al.  The Elements of Statistical Learning: Data Mining, Inference, and Prediction, 2nd Edition , 2001, Springer Series in Statistics.