Biblio

WSN can be termed as a collection of dimensionally diffused nodes which are capable of surveilling and analyzing their surroundings. The sensors are delicate, transportable and small in size while being economical at the same time. However, the diffused nature of these networks also exposes them to a variety of security hazards. Hence, ensuring a reliable file exchange in these networks is not an easy job due to various security requirements that must be fulfilled. In this paper we concentrate mainly on network layer threats and their security countermeasures to overcome the scope of intruders to access the information without having any authentication on the network layer. Various network layer intrusions that are discussed here include Sinkhole Attack, Sybil Attack, Wormhole Attack, Selective Forwarding Attack, Blackhole Attack And Hello Flood Attack.

Software-defined wireless sensor cognitive radio network is one of the emerging technologies which is simple, agile, and flexible. The sensor network comprises of a sink node with high processing power. The sensed data is transferred to the sink node in a hop-by-hop basis by sensor nodes. The network is programmable, automated, agile, and flexible. The sensor nodes are equipped with cognitive radios, which sense available spectrum bands and transmit sensed data on available bands, which improves spectrum utilization. Unfortunately, the Software-defined wireless sensor cognitive radio network is prone to security issues. The sinkhole attack is the most common attack which can also be used to launch other attacks. We propose and evaluate the performance of Hop Count-Based Sinkhole Attack detection Algorithm (HCOBASAA) using probability of detection, probability of false negative, and probability of false positive as the performance metrics. On average HCOBASAA managed to yield 100%, 75%, and 70% probability of detection.

Mobile Ad Hoc Network (MANET) is pretty vulnerable to attacks because of its broad distribution and open nodes. Hence, an effective Intrusion Detection System (IDS) is vital in MANET to deter unwanted malicious attacks. An IDS has been proposed in this paper based on watchdog and pathrater method as well as evaluation of its performance has been presented using Dynamic Source Routing (DSR) and Ad-hoc On-demand Distance Vector (AODV) routing protocols with and without considering the effect of the sinkhole attack. The results obtained justify that the proposed IDS is capable of detecting suspicious activities and identifying the malicious nodes. Moreover, it replaces the fake route with a real one in the routing table in order to mitigate the security risks. The performance appraisal also suggests that the AODV protocol has a capacity of sending more packets than DSR and yields more throughput.

Industrial Wireless Sensor Networks (IWSNs) are an extension of the Internet of Things paradigm that integrates smart sensors in industrial processes. However, the unattended open environment makes IWSNs vulnerable to malicious attacks, such as node compromise in addition to eavesdropping. The compromised nodes can again launch notorious attacks such as the sinkhole or sybil attack which may degrade the network performance. In this paper, we propose a lightweight, Secure Directed Diffusion (SDD) protocol. The algorithm for the proposed protocol uses bilinear pairing to derive a location-based key (LK) by binding the ID and geographic location of a node, thereby ensuring neighborhood authentication. Thus, authenticated nodes can prevent eavesdropping, node compromise including sinkhole and sybil attacks while ensuring confidentiality, authenticity, integrity with reduced latency. Finally, through security analysis, we prove that basic security is maintained and above-mentioned attacks are also prevented. We also compute storage, computation and communication overheads which show that SDD performs at least 2.6 times better in terms of storage overhead and at least 1.3 times better in terms of communication overhead over the other state-of-the-art competing schemes for attack preventions in WSN domain.

Wireless Sensor Network is the combination of small devices called sensor nodes, gateways and software. These nodes use wireless medium for transmission and are capable to sense and transmit the data to other nodes. Generally, WSN composed of two types of nodes i.e. generic nodes and gateway nodes. Generic nodes having the ability to sense while gateway nodes are used to route that information. IoT now extended to IoET (internet of Everything) to cover all electronics exist around, like a body sensor networks, VANET's, smart grid stations, smartphone, PDA's, autonomous cars, refrigerators and smart toasters that can communicate and share information using existing network technologies. The sensor nodes in WSN have very limited transmission range as well as limited processing speed, storage capacities and low battery power. Despite a wide range of applications using WSN, its resource constrained nature given birth to a number severe security attacks e.g. Selective Forwarding attack, Jamming-attack, Sinkhole attack, Wormhole attack, Sybil attack, hello Flood attacks, Grey Hole, and the most dangerous BlackHole Attacks. Attackers can easily exploit these vulnerabilities to compromise the WSN network.

The inherent characteristics of Mobile Ad hoc network (MANET) such as dynamic topology, limited bandwidth, limited power supply, infrastructure less network make themselves attractive for a wide spectrum of applications and vulnerable to security attacks. Sinkhole attack is the most disruptive routing layer attack. Sinkhole nodes attract all the traffic towards them to setup further active attacks such as Black hole, Gray hole and wormhole attacks. Sinkhole nodes need to be isolated from the MANET as early as possible. In this paper, an effective mechanism is proposed to prevent and detect sinkhole and wormhole attacks in MANET. The proposed work detects and punishes the attacker nodes using different techniques such as node collusion technique, which classifies a node as an attacker node only with the agreement with the neighboring nodes. When the node suspects the existence of attacker or sinkhole node in the path, it joins together with neighboring nodes to determine the sinkhole node. In the prevention of routing attacks, the proposed system introduces a route reserve method; new routes learnt are updated in the routing table of the node only after ensuring that the route does not contain the attacker nodes. The proposed system effectively modifies Ad hoc on demand Distance Vector (AODV) with the ability to detect and prevent the sinkhole and wormhole attack, so the modified protocol is named as Attack Aware Alert (A3AODV). The experiments are carried out in NS2 simulator, and the result shows the efficiency in terms of packet delivery ratio and routing overhead.

Internet Protocol version 6 (IPv6) over Low power Wireless Personal Area Networks (6LoWPAN) is extensively used in wireless sensor networks (WSNs) due to its ability to transmit IPv6 packet with low bandwidth and limited resources. 6LoWPAN has several operations in each layer. Most existing security challenges are focused on the network layer, which is represented by its routing protocol for low-power and lossy network (RPL). RPL components include WSN nodes that have constrained resources. Therefore, the exposure of RPL to various attacks may lead to network damage. A sinkhole attack is a routing attack that could affect the network topology. This paper aims to investigate the existing detection mechanisms used in detecting sinkhole attack on RPL-based networks. This work categorizes and presents each mechanism according to certain aspects. Then, their advantages and drawbacks with regard to resource consumption and false positive rate are discussed and compared.

Internet Protocol version 6 (IPv6) over Low-power Wireless Personal Area Networks (6LoWPAN) is extensively used in wireless sensor networks due to its capability to transmit IPv6 packets with low bandwidth and limited resources. 6LoWPAN has several operations in each layer. Most existing security challenges are focused on the network layer, which is represented by the Routing Protocol for Low-power and Lossy Networks (RPL). 6LoWPAN, with its routing protocol (RPL), usually uses nodes that have constrained resources (memory, power, and processor). In addition, RPL messages are exchanged among network nodes without any message authentication mechanism, thereby exposing the RPL to various attacks that may lead to network disruptions. A sinkhole attack utilizes the vulnerabilities in an RPL and attracts considerable traffic by advertising falsified data that change the routing preference for other nodes. This paper proposes the neighbor-passive monitoring technique (NPMT) for detecting sinkhole attacks in RPL-based networks. The proposed technique is evaluated using the COOJA simulator in terms of power consumption and detection accuracy. Moreover, NPMT is compared with popular detection mechanisms.