The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Neighborhood Overhearing for Detection of Security Attacks in Wireless Sensor Networks

Author

Matthew Tan Creti

Tech report number

CERIAS TR 2013-18

Entry type

mastersthesis

Abstract

An attractive approach for securing sensor networks has been behavior-based detection of malicious actions performed through overhearing traffic in the neighborhood. This approach has been applied toward detection of different kinds of network security attacks, building trust relationships, and also for non-security functions such as providing an implicit acknowledgment. However, observations on a wireless channel are known to be imperfect, both due to the intrinsic nature of the channel and contention from other concurrent flows. An open question has been whether any higher level protocol that relies on overhearing can be useful in light of such imperfections. This thesis addresses that question through the design and implementation of an overhearing scheme, called local monitoring, that monitors the communication functionality of neighboring nodes. The answer, derived through experiments on a sensor network testbed, is that neighborhood observation is useful for certain network configurations and parameter settings. The significant settings are node density and threshold for determining a node to be malicious. For specificity, we apply local monitoring to the detection of the highly disruptive wormhole attack. We design customized structures and algorithms for detection of anomalous events that optimize computational, memory, and bandwidth usages. These include a method for discretizing the events observed by a node for the purpose of determining malicious behavior. We also present a novel method for launching the wormhole attack and develop a countermeasure based on local monitoring. Experiments demonstrate the quality of detection measured through latency and rates of correct and false detection. ^

Date

2013 – 12 – 15

Key alpha

Tan Creti

School

Purdue University

Publication Date

2013-12-15

Location

A hard-copy of this is in REC 216

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.