Physical Attack Detection in Sensor Networks

1
Physical Attack Detection in Sensor Networks
Project Supervisor Prof. Vinay Joseph Ribeiro
By Vaibhav Dhakad
2
Contents

• Introduction
• Security Attacks in WSNs
• Goal of the Project
• Related Work
• Approach used
• Issues faced in the project.
• Future Work

3
Introduction

• Why Security needed in WSNs?
• The security of sensor networks is of so much
  importance because of their various applications.
  The applications include ocean and wildlife
  monitoring, building safety and earthquake
  monitoring, military applications, the monitoring
  of highway traffic, pollution, building security,
  water quality, geographical area monitoring etc
• What is different from traditional networks?
• As sensor networks have unique properties like
  limited battery life, computation power and
  memory constraints these networks pose unique
  challenges which traditional security mechanisms
  of traditional networks cannot solve.

4
Security Attacks in WSNs

• Denial of Service Attack
• In this attacker tries to exhaust the network
  resources by sending huge amount unnecessary data
  to the system due to which it becomes unable to
  provide service to its legitimate users.
• Sybil Attack
• This type of attack where a node forges the
  identities of more than one node is the Sybil
  attack. Sybil attack tries to degrade the
  integrity of data, security and resource
  utilization that the distributed algorithm
  attempts to achieve.

5
Security Attacks in WSNs (contd)

• Blackhole/Sinkhole Attack
• In this attack, a malicious node acts as a
  blackhole to attract all the traffic in the
  sensor network.
• Hello Flood Attack
• In this attack the attacker uses a high power
  transmission device such as a laptop etc. then it
  sends HELLO packets in the networks the sensor
  nodes assume that this node is their neighbor and
  try to send packets through this node also, thus
  the attacker can capture many packets from the
  networks.

6
Security Attacks in WSNs (contd)

• Wormhole Attack
• Wormhole attack is a critical attack in which the
  attacker records the packets (or bits) at one
  location in the network and tunnels those to
  another location. Attacker in this case convinces
  other nodes that they are single hop away from
  the attacker node while they are not in reality.
• Physical Attacks
• Unlike traditional networks, sensor nodes are
  often deployed in accessible areas, presenting
  the added risk of physical attack. The attacker
  completely destroys the sensor nodes and thus
  heavily degrading the performance of the network.

7
Goal of the Project related work

• To develop an efficient algorithm that detects
  Physical attacks as soon as possible without any
  serious impact on the network performance.
• Related Work
• Xun Wang, Sriram Chellappan, Wenjun Gu, Wei Yu
  and Dong Xuan showed in their paper that the
  physical attack are actually harmful for the
  sensor networks if the attacker has some
  information about the network.
• They have also proposed a defense mechanism for
  the sensor networks.

8
Approach

• Assumptions In our work we have to assume
  certain things about the network and the attacker
• The assumptions are
• The sensors are deployed at the place which is
  important for the attacker also, so attacker
  dont try to blow up whole network by bombarding
  on it.
• The attacker goes physically to each of the node
  and destroys it, such that there is a limitation
  on the speed of the attacker.
• The attacker is not smart enough to detect the
  nodes that are of more importance for the
  network.
• The attacker cannot attack the base station i.e.
  the base station is safe from the physical
  attacks.

9
Approach (contd)

• Assumptions (contd)
• Initially we are assuming that there is only a
  single attacker so that he can attack in only one
  part of the network at any given time. Later we
  will try to extend this algorithm for more than
  one attacker.
• The sensors are fixed and the clusters in the
  network are static.
• The base station has complete information about
  the nodes their clusters.

10
How to proceed further

• The base station will construct a graph of all
  the sensor nodes in the network showing the
  status of each of the nodes.
• The base station will monitor the network nodes
  and will raise an alarm whenever it detects an
  attack.
• We are trying to generate the attack warning as
  soon as possible and also to minimize the false
  alarms.

11
Issues faced in the project

• The graph that we are constructing does it
  require the geographical location information for
  every node or the algorithm can run well without
  knowing the geographical location.
• The nodes will be sending HELLO packets at
  regular time interval to indicate that they are
  still alive, but this will create a lot of
  traffic on the nodes after every short time
  period, so is there any way to reduce the traffic
  significantly?

12
Issues (contd)

• Another issue is that when should the cluster
  heads send the info arrays to the base station,
  the sooner they will send the better for the
  algorithm to detect the down nodes, but it will
  increase the traffic on the network.
• The algorithm will assume that the attacker is
  moving with some speed so there is some upper and
  lower limit on the time interval, what should be
  these limits so that the number of false alarms
  are as few as possible and the actual attacks
  should be detected almost every time

13
Issues (contd)

• During the attack the attacker may choose any
  path like he can go around the field where the
  sensors are deployed or he can go directly go
  into the inner part of the field while destroying
  all the nodes in its path, how the algorithm will
  incorporate these different patterns?

14
Future Work

• There are some open issues that have to be
  solved these are those which we have faced so
  far, It is possible that we may find some more
  issues while proceeding.
• After providing solution to all the issues
  encountered, we will try to simulate it so that
  we can find out the effectiveness of the
  algorithm.

15
Thank You