Effects of Denial-of-Sleep Attacks on Wireless Sensor Network MAC Protocols

Wireless platforms are becoming less expensive and more powerful, enabling the promise of widespread use for everything from health monitoring to military sensing. Like other networks, sensor networks are vulnerable to malicious attack. However, the hardware simplicity of these devices makes defense mechanisms designed for traditional networks infeasible. This paper explores the denial-of-sleep attack, in which a sensor node's power supply is targeted. Attacks of this type can reduce the sensor lifetime from years to days and have a devastating impact on a sensor network. This paper classifies sensor network denial-of-sleep attacks in terms of an attacker's knowledge of the medium access control (MAC) layer protocol and ability to bypass authentication and encryption protocols. Attacks from each classification are then modeled to show the impacts on four sensor network MAC protocols, i.e., Sensor MAC (S-MAC), Timeout MAC (T-MAC), Berkeley MAC (B-MAC), and Gateway MAC (G-MAC). Implementations of selected attacks on S-MAC, T-MAC, and B-MAC are described and analyzed in detail to validate their effectiveness and analyze their efficiency. Our analysis shows that the most efficient attack on S-MAC can keep a cluster of nodes awake 100% of the time by an attacker that sleeps 99% of the time. Attacks on T-MAC can keep victims awake 100% of the time while the attacker sleeps 92% of the time. A framework for preventing denial-of-sleep attacks in sensor networks is also introduced. With full protocol knowledge and an ability to penetrate link-layer encryption, all wireless sensor network MAC protocols are susceptible to a full domination attack, which reduces the network lifetime to the minimum possible by maximizing the power consumption of the nodes' radio subsystem. Even without the ability to penetrate encryption, subtle attacks can be launched, which reduce the network lifetime by orders of magnitude. If sensor networks are to meet current expectations, they must be robust in the face of network attacks to include denial-of-sleep.

[1]  Deborah Estrin,et al.  Medium access control with coordinated adaptive sleeping for wireless sensor networks , 2004, IEEE/ACM Transactions on Networking.

[2]  IV NathanielJ.Davis,et al.  Wireless sensor network energy-adaptive mac protocol , 2006, CCNC 2006. 2006 3rd IEEE Consumer Communications and Networking Conference, 2006..

[3]  Yee Wei Law,et al.  Energy-efficient link-layer jamming attacks against wireless sensor network MAC protocols , 2005, TOSN.

[4]  David E. Culler,et al.  Versatile low power media access for wireless sensor networks , 2004, SenSys '04.

[5]  Almohanad S. Fayez,et al.  Cross-layer wireless sensor network radio power management , 2006, IEEE Wireless Communications and Networking Conference, 2006. WCNC 2006..

[6]  Ossama Younis,et al.  HEED: a hybrid, energy-efficient, distributed clustering approach for ad hoc sensor networks , 2004, IEEE Transactions on Mobile Computing.

[7]  Wendi Heinzelman,et al.  Energy-efficient communication protocol for wireless microsensor networks , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[8]  Scott F. Midkiff,et al.  Clustered Adaptive Rate Limiting: Defeating Denial-of-Sleep Attacks in Wireless Sensor Networks , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[9]  David R. Raymond,et al.  Scalable, Cluster-based Anti-replay Protection for Wireless Sensor Networks , 2007, 2007 IEEE SMC Information Assurance and Security Workshop.

[10]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[11]  Wenyuan Xu,et al.  The feasibility of launching and detecting jamming attacks in wireless networks , 2005, MobiHoc '05.

[12]  Suresh Singh,et al.  PAMAS—power aware multi-access protocol with signalling for ad hoc networks , 1998, CCRV.

[13]  C. Chien,et al.  Low power TDMA in large wireless sensor networks , 2001, 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277).

[14]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[15]  Koen Langendoen,et al.  An adaptive energy-efficient MAC protocol for wireless sensor networks , 2003, SenSys '03.

[16]  Adrian Perrig,et al.  ACE: An Emergent Algorithm for Highly Uniform Cluster Formation , 2004, EWSN.

[17]  M. Brownfield,et al.  Wireless sensor network denial of sleep attack , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[18]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.