17-07-2012, 02:49 PM
Stealthy Attacks in Wireless Ad Hoc Networks: Detection
and Countermeasure
[attachment=27823]
INTRODUCTION
Wireless Ad hoc and Sensor Networks (WASN) are becoming an
important platform in several domains, including military warfare and
command and control of civilian critical infrastructure [33][34]. They
are especially attractive in scenarios where it is infeasible or expensive
to deploy significant networking infrastructure. Examples in the military
domain include monitoring of friendly and enemy forces, equipment and
ammunition monitoring, targeting, and nuclear, biological, and chemical
attack detection [33][34]. Consider a military network scenario where
more powerful and less energy constrained ad hoc nodes may be carried
by soldiers or in vehicles, while a large number of low cost and lowenergy
sensor nodes with limited energy resources may be distributed
over the battlefield. This network setup can guide a troop of soldiers to
move through the battle field by detecting and locating enemy tanks and
troops. The soldiers can use information collected by the sensor nodes to
strategically position to minimize any possible causality. Examples in
the civilian domain include habitat monitoring, animal tracking, forestfire
detection, disaster relief and rescue, oil industry management, and
traffic control and monitoring [33][35].
RELATED WORK
In the last few years, researchers have been actively exploring
many mechanisms to ensure the security of control and data traffic in
wireless networks. These mechanisms can be broadly categorized into
the following classes–authentication and integrity services, protocols
that rely on path diversity, protocols that use specialized hardware,
protocols that require explicit acknowledgements or use statistical
methods, protocols that overhear neighbor communication.
The path diversity techniques increase route robustness by first
discovering multi-path routes [9], [13] and then using these paths to
provide redundancy in the data transmission between a source and a
destination. The data is encoded and divided into multiple shares sent to
the destination via different routes. The method is effective in wellconnected
networks, but does not provide enough path diversity in
sparse networks. Moreover, many of these schemes are expensive for
resource-constrained wireless networks due to the data redundancy.
Additionally, these protocols could be vulnerable to route discovery
attacks, such as the Sybil attack, that prevent the discovery of nonadversarial
paths.
Attack Model and System Assumptions
Attack model: An attacker can control an external node or an internal
node, which, since it possesses the keys, can be authenticated by other
nodes in the network. An insider node may be created, for example, by
compromising a legitimate node. A malicious node can perform packet
dropping by itself or by colluding with other nodes. The collusion may
happen through out-of-band channels (e.g., a wireline channel).
Drop through Power Control
In this type of attack, a malicious node relays the packet by
carefully reducing its transmission power, thereby reducing the range
and excluding the legitimate next-hop node. This kind of transmission
power control is available in today’s commercial wireless nodes, such as
the Crossbow Mica family of nodes.
Consider the scenario shown in Figure 3. A node S sends a packet
to a malicious node M to be relayed to node T. Node M drops the packet
by sending it over a range that does not reach T (the dotted circle
centered at M). Figure 3(a) shows the guards of M that are satisfied by
the controlled transmission of M (region II) and the set of guards that
detect M (region I) as dropping the packet since they did not overhear
M. Figure 3(b) shows all the guards of M over S
and Countermeasure
[attachment=27823]
INTRODUCTION
Wireless Ad hoc and Sensor Networks (WASN) are becoming an
important platform in several domains, including military warfare and
command and control of civilian critical infrastructure [33][34]. They
are especially attractive in scenarios where it is infeasible or expensive
to deploy significant networking infrastructure. Examples in the military
domain include monitoring of friendly and enemy forces, equipment and
ammunition monitoring, targeting, and nuclear, biological, and chemical
attack detection [33][34]. Consider a military network scenario where
more powerful and less energy constrained ad hoc nodes may be carried
by soldiers or in vehicles, while a large number of low cost and lowenergy
sensor nodes with limited energy resources may be distributed
over the battlefield. This network setup can guide a troop of soldiers to
move through the battle field by detecting and locating enemy tanks and
troops. The soldiers can use information collected by the sensor nodes to
strategically position to minimize any possible causality. Examples in
the civilian domain include habitat monitoring, animal tracking, forestfire
detection, disaster relief and rescue, oil industry management, and
traffic control and monitoring [33][35].
RELATED WORK
In the last few years, researchers have been actively exploring
many mechanisms to ensure the security of control and data traffic in
wireless networks. These mechanisms can be broadly categorized into
the following classes–authentication and integrity services, protocols
that rely on path diversity, protocols that use specialized hardware,
protocols that require explicit acknowledgements or use statistical
methods, protocols that overhear neighbor communication.
The path diversity techniques increase route robustness by first
discovering multi-path routes [9], [13] and then using these paths to
provide redundancy in the data transmission between a source and a
destination. The data is encoded and divided into multiple shares sent to
the destination via different routes. The method is effective in wellconnected
networks, but does not provide enough path diversity in
sparse networks. Moreover, many of these schemes are expensive for
resource-constrained wireless networks due to the data redundancy.
Additionally, these protocols could be vulnerable to route discovery
attacks, such as the Sybil attack, that prevent the discovery of nonadversarial
paths.
Attack Model and System Assumptions
Attack model: An attacker can control an external node or an internal
node, which, since it possesses the keys, can be authenticated by other
nodes in the network. An insider node may be created, for example, by
compromising a legitimate node. A malicious node can perform packet
dropping by itself or by colluding with other nodes. The collusion may
happen through out-of-band channels (e.g., a wireline channel).
Drop through Power Control
In this type of attack, a malicious node relays the packet by
carefully reducing its transmission power, thereby reducing the range
and excluding the legitimate next-hop node. This kind of transmission
power control is available in today’s commercial wireless nodes, such as
the Crossbow Mica family of nodes.
Consider the scenario shown in Figure 3. A node S sends a packet
to a malicious node M to be relayed to node T. Node M drops the packet
by sending it over a range that does not reach T (the dotted circle
centered at M). Figure 3(a) shows the guards of M that are satisfied by
the controlled transmission of M (region II) and the set of guards that
detect M (region I) as dropping the packet since they did not overhear
M. Figure 3(b) shows all the guards of M over S