Distributed denial of service attacks in wireless sensor ...

Page 1 of 19

IET Wireless Sensor Systems

This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication in an issue of the journal. To cite the paper please use the doi provided on the Digital Library page.

Distributed denial of service attacks in wireless sensor networks: detection and countermeasures Ademola P. Abidoye1*, Ibidun C. Obagbuwa 1

School of Computing, University of South Africa, Johannesburg, P/Bag X6, Florida, 1710, South Africa. 2 Information Systems and Technology, School of Management, Information Technology and Governance, University of Kwazulu-Natal, Westville Campus, Durban, 4000, South Africa. * Email: [email protected] Abstract: Wireless Sensor Networks (WSNs) have been widely applied in many areas for real-time event

detection. They are designed using both mobile and static sensor nodes for different applications such as smart parking, environmental monitoring, health care systems, automotive industries, sports, open space surveillance, and so on. WSNs communicate through wireless mediums and are accessible to anyone, which make sensor nodes susceptible to different types of attack. Distributed denial of service (DDoS) is one such attack. It wastes the limited energy of sensor nodes and causes loss of data packets within a network. A DDoS attack launches a coordinated attack by flooding the target nodes with bogus requests, thus exhausting their resources, and forcing them to deny service to legitimate member nodes. In this paper, we propose a message analyser scheme (MAS) for WSNs. The method is capable of detecting compromised sensor nodes vulnerable to a DDoS attack. In addition, it is able to detect all compromised messages transmitted by the attackers to the base station through the sender nodes. The proposed method is compared with other related protocols. The results show that our method can effectively detect and defend against DDoS attacks in WSNs. 1. Introduction Recent improvements in micro-electromechanical systems (MEMs), highly integrated electronics, and low power devices have led to the design of wireless sensor networks (WSNs) [1]. WSNs consist of lightweight devices called sensor nodes designed with the main aim of sensing physical quantities such as temperature, vibrations or humidity in the interest areas. A typical sensor node is equipped with integrated sensors for data collection, implanted microcontroller for rapid processing of data packets, and a radio transceiver for digital communication which is powered by small batteries. These devices communicate wirelessly with one another over a short distance. Generally, sensed data is transmitted from sender nodes in a hop-by-hop fashion through each intermediate node until it reaches the final destination. WSNs have been successfully applied in the following areas: ubiquitous web services, disaster/crisis management, structural health monitoring, home automation, agricultural control, logistics and inventory management, and smart parking [2]. Wireless sensor nodes can be uniformly or randomly distributed in an environment and left unattended for a long period of time depending on the application area. Wireless sensor networks – unlike wired networks – are susceptible to various attacks for the following reasons:  The nature of the wireless medium makes sensor nodes susceptible to attacks, as the wireless medium is open and accessible to anyone.

IET Review Copy Only


Page 2 of 19


 The network topology constantly changes due to the dynamic nature of the network, damage or death of some sensor nodes.  Sensor nodes are susceptible to failure due to limited energy or hash environmental conditions.  They are largely deployed in a target area for a long period of time These conditions cumulatively expose the sensor nodes to various security attacks. Therefore, WSNs should be protected against attacks and, if there is an attack, its effects on the network should be infinitesimal. In other words, compromising one or two sensor nodes should not completely destroy the entire network. Security in the context of WSNs can thus be defined as an approach involving the protection of legitimate sensor nodes against all known types of attack. Security mechanisms designed for WSNs must be energy efficient. In particular, the size of data packets transmission and the accompanying computation should not be too complex due to the limited resources of the sensor nodes. Sensor networks attacks can be divided into active and passive attacks as shown in Fig. 1.

Fig. 1. Classification of security attacks in WSNs [3]

The attackers can eavesdrop on radio transmissions, inject bogus message into the communication channel, modify data packets received, and playback the packets into the network. In addition, the attackers may deploy some compromised nodes with similar hardware resources as the legitimate nodes into the network. Defence techniques used in wired networks such as cryptography cannot be used for WSNs due to uniqueness of sensor nodes. An attacker may disable a WSN by interfering with data packets transmission through Wormhole attacks, Sinkhole attacks, Sybil attacks, Hello flood attacks, and Denial of service attacks


Page 3 of 19



[4-5]. Based on the points listed above, sensor nodes are susceptible to denial of service (DoS) attacks, which then waste the energy of sensor nodes and cause data packets loss within a network. This work focuses on distributed denial of service (DDoS) attacks. A DDoS attack takes place when many compromised sensor nodes infected by the malicious node act concurrently and are coordinated under the control of a single attacker by flooding the target nodes with bogus requests, exhausting their resources, and forcing them to deny service to the legitimates sensor nodes. This causes the victim node to remain in active mode all the time and be unable to return to sleep mode. The attacker ensures that the energy of the target nodes is completely wasted so that some or all legitimate nodes will not be able to communicate with them. Initially, a DoS is a cyber-attack using the internet with the main aim to make computers' resources unavailable to legitimate users for a period of time. Similarly, DoS attacks may occur at any layer of Open Systems Interconnection (OSI) model of WSNs [6]. In this attack, attackers may disrupt the channel by continuously requesting and transmitting over it. It results in starvation for channel access for legitimate sensor nodes. The aims of the attackers are i) to deplete limited energy of legitimate sensor nodes, ii) to alter or destroy configuration information, and iii) to physically destroy network components [7]. In this paper, we propose a message analyser scheme (MAS) for WSNs. The network is divided into different clusters and MAS algorithm is deployed in the cluster head (CH) which distinguishes forged messages from legitimate messages. Whenever a CH notices the presence of DDoS attack, it identifies the malicious nodes and applies the countermeasures. This work is similar to [8] but different in the following ways. i. We use an algorithm to divide the sensor network into clusters and uniformly distribute the cluster heads within the network while [8] adopted LEACH algorithm to form clusters. This algorithm has some shortcomings and are discussed in the related work below. ii. Unique approach are used to detect and remove malicious nodes from the network. In our work, these shortcomings are considered in our design. This paper introduces an effective method to detect and remove a DDoS attack in WSNs. The proposed method is able to detect all compromised messages transmitted to a base station through the cluster heads. In a MAS, legitimate messages are able to separate from malicious messages, which can effectively minimize computation and energy consumption. In addition, this equally increases the authentication of the messages. Finally, the CHs can authenticate and coordinate their member nodes based on the intra-cluster architecture, which minimizes the DDoS attacks and improves the security within the network. The rest of this paper is organised as follows. In Section 2 related work is discussed. System model is discussed in Section 3. Section 4 contains a discussion of performance evaluation. Finally, the conclusion and future work are discussed in Section 5.



Page 4 of 19


2. Related work Distributed denial of service (DDoS) is a highly treacherous attack that paralyses data transmission in a network. DDoS attacks WSNs in two different ways a) by jamming the signal and b) through power exhaustion. In a jamming attack, an attacker with a strong radio transceiver intercepts a transmission, injects bogus packets, and jams the data packets transmission sent by the legitimate sensor nodes. Thereafter, the attacker activates the DoS attack. In a power exhaustion attack, the attacker seeks to invade and exploit the power system to inhibit the device’s ability to shift into a reduced power state. Such an attack slowly reduces the general performance as well as the functionality of the WSNs. DDoS attacks take place at different layers of the Open Systems Interconnection (OSI) reference model. In the literature, some researchers have described DDoS from the OSI model point of view [9-11]. Kumar [11] presented a state-of-the-art in WSNs for the classification of DDoS attack with respect to different layers of an OSI model. The author presents a clear view of a DoS attacks for each layer of the OSI model. However, he fails to provide countermeasures for each layer. In addition, the author’s analytical representation is poorly presented. Gond and Dhar [12-13] presented a taxonomy of DDoS attacks in which attackers attempt to launch DDoS attacks using different means to attack legitimate sensor nodes. However, the authors did not discuss the performance evaluation (the discussion of the results) of the work presented. AlOmary and Khana [14] proposed a goal programming based mechanism. The authors formulated a linear programming as a multi-criteria decision-making problem, with attack detection rate and energy decay rate as the two decision criteria. The approach is analysed in the context of distributed denial of service attacks (DDoS) in WSNs. A goal programming based mechanism is developed to achieve the best trade-off between the two aforementioned conflicting criteria. The proposed method improves the distributed node exhaustion attack detection scheme and eliminates the deficiencies revealed by the use of fuzzy logic based decision-making approach. However, this method is only efficient for small WSNs. It may not be able to detect all DDoS attacks in large WSNs. In [6] authors developed a model for a structural health monitoring system, being disturbed by one of the most common types of DDoS attacks, the flooding attack. They performed a multilevel analysis which enabled them to examine the influence of the number of compromised sensors on sink’s performance. They implemented distributed denial of service model in Quality of Protection Modeling Language (QoP-ML) in order to analyse how different properties of the attack influence its success probability. The presented DDoS attack model can be further be used for testing different attack mitigation methodologies. With the proposed approach, it is possible to examine several network configurations, parameters, attack options, and


Page 5 of 19



scenarios. However, the packets traversing the network are not encrypted; the attackers can quietly intercept the packets and bring down the whole network, exhausting valuable energy resources. Chen et al. [15] proposed a novel method called path-based denial of service attacks (PDoS) which is operated at the base station to detect compromised sensor nodes within a network. The authors combined Markov chain with triple exponential smoothing in order to make detection results more accurate. This approach is analytically presented, numerical representation of the models makes the approach scalable and performance evaluation (the discussion of the results) is well discussed. However, the approach is not flexible; it requires more computation and more overhead is involved during computation. Han et al., [16] proposed a security scheme against DoS attacks (SSAD) in cluster-based WSNs. The proposed method uses unique features to establish the trustworthiness of sensor nodes. The authors classified all sensor nodes of a network into three domains: trusted, un-trusted, and uncertain. Cluster heads are selected from the trusted domain to ascertain their trustworthiness. The untrusted domain is used to isolate and remove untrusted nodes from the network, while uncertain nodes join the clusters. These features allow the scheme to reduce the overhead involved in cluster head selection. In addition, it provides an efficient solution to detect and defend DoS attacks in a WSN. Analytical representation as well as energy evaluation are logically provided and discussed. The discussion of the results (performance evaluation) is well presented. However, the proposed approach is designed for homogeneous sensor networks; it is not suitable for heterogeneous networks. In addition, the authors did not explain how clusters are formulated. Preventing denial of service attacks in wireless sensor networks is presented in [8]. Henceforth, this work will be referred to as (DSAW) for simplicity. The authors adopted LEACH algorithm for the formation of clusters. This technique is used in order to elect special nodes (Cnode) from member nodes, which belong to obtained clusters. Special control nodes (cluster heads) are elected to monitor the throughput of traffic in clusters. The numerical results obtained show that the proposed approach gives significant results in term of detection rate and time detection. However, LEACH algorithm they adopted has some shortcomings considering the limited energy of sensor nodes. First, this algorithm selects cluster heads based on probability which may lead to an increase in overhead in selecting new cluster heads and results in an increase in energy consumption. Second, sensor nodes selected as cluster heads in LEACH are not evenly distributed within the network. When this happens, sensor nodes that are far from the cluster head will transmit through long distance and more energy will be consumed during the transmission. Raymond and Midkiff [17] presented a survey of denial-of-service threats and countermeasures. The research work is majorly divided into two parts. The first part discussed the general security mechanisms for WSNs while denial of service attacks and defenses were presented in the second part. The authors



Page 6 of 19


considered Open System Interconnection (OSI) model layers for WSNs and discussed attacks and defenses for each layer of the model. However, they did not implement any of the defense mechanisms discussed to substantiate their preventive measures. Wood and Stankovic [18] presented a taxonomy for denial-of-service attacks in wireless sensor networks. The authors explore denial of service vulnerabilities in WSNs. The work provides a classification system that ideally suggests ways to mitigate attacks by prevention, detection, and recovery. 3. System model System model for the proposed scheme is discussed in this section. Network architecture is discussed in sub-section 3.1. Sub-section 3.2 discusses analysis of distributed denial of service (DDoS) attacks and 3.3 discusses distributed denial of service attacks in a network. DDoS attacks detection in a network and countermeasures are discussed in sub-sections 3.4 and 3.5 respectively. 3.1. Network architecture

Network architecture for our proposed scheme consists of three types of sensor nodes and a base station. Function of each sensor node is briefly described below. Normal Sensor Nodes (SNs): Normal sensor nodes have limited power and their main function is to sense environmental data. Relay Nodes (RNs): The main function of relay nodes is to relay data generated from neighbouring sensor nodes, without sensing the environment. The relay nodes are introduced into the networks in order to extend their lifetime as they remove some burden from the over loaded nodes. They also minimise the transmission distance between neighbouring sensor nodes by acting as a hop between them. Cluster heads (CHs): A CH collects sensor readings from relay nodes, processes the number of sensor reading received and forwards it as a single packet to a data collection centre called base station. Base Station (BS): A base station is typically a gateway to another network, it possesses higher computational power, communication resources and it is often connected to a better source of energy. It acts as a gateway between sensor nodes and the end user as it typically forwards data from the WSNs on to a server. We decided to divide the network into groups considering the resource-constrained of WSNs. Partitioning sensor networks into clusters can greatly minimise energy consumption of sensor nodes and prolong the network's lifetime. In this work, we adopt an approach argued in [19] to divide the network into finite clusters and every node is assigned an identification number (ID) to uniquely identify it in the network. It is assumed that a cluster contains a cluster head (CH) and member nodes. In order for the CHs to be


Page 7 of 19



uniformly distributed within the network, algorithm in [20] is adopted and the output is shown in Fig. 2a. The network is divided into intra-clusters and inter-clusters based on the association among the nodes. Intra-cluster clustering: This refers to communication between member nodes and a CH, where every sensor node only transmits data to its respective CH through the relay nodes. Inter-cluster clustering: This refers to communication between CHs and a base station, where each CH forwards aggregated data packets that are received from member nodes to the base station for further processing. The main function of a CH is to manage sensor nodes in its domain. This means that a CH has to collect sensed data, aggregate, and forward aggregated data packets to base station. 3.2. Analysis of distributed denial of service attacks

Traffic pattern in WSNs is many-to-one, sensor nodes need to forward their data packets back to a base station. In-network processing such as data compression or elimination of duplicate packets is needed for energy efficient. This pre-processing requires intermediate sensor nodes to read, modify, and probably aggregate the contents of sensor readings. End-to-end data packets transmission is susceptible to distributed denial of service (DDoS) attacks. Thus, if packets integrity is only verified at the base station, there is high probability the network may forwards packets injected by an attacker many hops away from source nodes to a base station before the forged messages are identified in the network. This type of attack will dissipate sensor nodes’ energy and consume network bandwidth [21]. Assumptions for this work are stated below 

All communication links between the sensor nodes and their corresponding CHs are bi-directional



All sensor nodes are randomly distributed in a target area



If a sensor node is compromised, data packets in it are also compromised



Sensor nodes communicate within fixed radio range



If a sensor node is compromised, its data packets are also compromised Clustering of Sensor Nodes

100 90

CH CH

80

Y-coordinate

70 60 50

Bas e s tation

CH 40 30

CH

20 CH 10 0

0

10

20

30

40 50 60 X-coordinate

70

80

Fig. 2a. Uniform distribution of cluster heads

90

100

Fig. 2b. Distributed denial of service attack model



Page 8 of 19


3.3. Distributed denial of service attack in a network

This subsection briefly explains the term malicious node as it used in this work. A malicious node is defined as node seeking to deny service to legitimate sensor nodes in the network. The malicious nodes in sensor networks include the following. a) Compromised nodes: These are legitimate sensor nodes whose responsibilities are taken over by the attackers with the main aim to prevent them from transmission or modify the readings. Fig. 2b shows some sensor nodes that have been compromised in the network. b) Injected sensor nodes: These type of sensor nodes may be either legitimate nodes with normal sensing capability or more powerful nodes with processing capability of say the base station [22]. c) A laptop-class adversary: A laptop-class adversary can broadcast with high transmission power and convince unsuspected nodes in the network that it is their neighbour. In reality, it is far from the victim nodes. It can jam the whole network using its stronger transmitter [23]. Normal (legitimate) nodes and compromised nodes in a network are defined as follows: Let N = {𝑛1 , 𝑛2 , 𝑛3 , … … … … , 𝑛𝑉 } be the set of sensor nodes randomly distributed in M x M m2 network area and V represents number of sensor nodes in a network. Let {𝑛𝑖 } such that 1≤ i ≤ p denote set of normal nodes in a cluster Ck ∀ k=1,2,…,K and K is the desired number of clusters and each node 𝑛𝑖 is a legitimate sensor node in the network where p ∈ | Ck | 𝐴̅) then if D(H( Mi) )) = E(H( Mi)) then 𝑀𝑖𝑛𝑒𝑤 are legitimate messages end if end if end if End

3.5.3 New message detection: In some WSNs applications such as intrusion detection, habitat monitoring,

environmental monitoring data is only generated when events occur. When new events are detected in the target area, it is assumed the new data (messages) have not been compromised. 𝑛𝑒𝑤 𝑛𝑒𝑤 Given 𝑀𝑖𝑛𝑒𝑤 = {𝑀𝑛𝑒𝑤 1 , 𝑀2 , … … , 𝑀|ξ| } denote the set of new messages transmitted from member nodes to a

receiving node over a certain period of time. The new messages 𝑀𝑖𝑛𝑒𝑤 have a format similar to lmi and expressed as (M, nonce, ID). Procedure for detecting the new messages is presented in Algorithm 2.


Page 13 of 19



Algorithm 2. New message detection

Begin 1

Recall 𝐴̅ = |𝜆| ∑𝑛𝑒𝑤 𝐻 (Mi) 𝑖 Input Minew and Mjnew

if 𝑀𝑖𝑛𝑒𝑤 . counter ≤ 𝐴̅ and 𝑀𝑖𝑛𝑒𝑤 ≠ 𝑀𝑗𝑛𝑒𝑤

Minew are new messages Include Minew into ξ

else Drop the new messages end if End

where H(Mi) is the hash value of message Mi and 𝐴̅ is the average of the hash value messages generated in a cluster. Table 2 Simulation parameters

4.

Network Parameter

Value

Physical and MAC model

IEEE 802.15.4

Simulation area

100 x 100

Number of nodes

100

Packet size

96 bits

Electronic energy (Eelec)

50nJ/bit

Transmission range R

75 m

Initial node energy

2J

Desired No. of cluster heads

5%

Simulation time

1000 sec

Transmit data rate

250 kbps

No. of packets threshold

4500

Performance Evaluation We analysed the performance of our proposed method via simulation, and present our results in a

comparative way. The results shown in the graphs are the average of 35 simulations. S = 100 sensor nodes are randomly distributed over a 100m x 100m network area. NS-2 simulator is used to evaluate the performance of the proposed scheme and compared with other related protocols. Table 2 contains parameters used for the simulation. In our simulation, the following metrics are used for our performance evaluation.



Page 14 of 19


Energy Consumption: The average energy consumption is the difference between the initial energy level and the final energy level that is left in each sensor node in a network lifetime. An experiment is performed to simulate energy dissipation of sensor nodes. In our simulation, the network was attacked at 300 seconds and the number of message received by the nodes is more than 4500 during transmission. Thereafter, our scheme started to defend the DDoS attack. Energy conservation of the proposed method is more than the result obtained without countermeasure as shown in Fig. 4. 2 DDoS attack with countermeasure DDoS attack without countermeasure

Energy (J)

1.6

1.2

0.8

0.4

0

0

200

400

600 Time(s)

800

1000

1200

Fig. 4. Energy dissipation varied with time

Number of packets delivered against percentage of attackers: Fig. 5 shows scenarios with and without attackers. When the number of attackers is more than 25%, more than 175% forged packets have been sent to the cluster heads. This increases the energy consumption of cluster heads, resulting in an increase in the loss-of-packet rate during transmission. The proposed approach is able to effectively detect and defend all malicious sensor nodes and remove forged messages from the network, this makes the loss-of-packets rate very low during transmission. Thus, when MAS is not implemented, the loss-of-packets rate increases as the number of attackers increases. However, when the countermeasure is implemented, the number of packets transmitted from sensor nodes to their corresponding cluster heads is constant as shown in the figure.


Page 15 of 19


This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication in an issue of the journal. To cite the paper please use the doi provided on the Digital Library page. 2500 Number of packets without attackers Number of packets with attackers

Number of packets

2000

1500

1000

500

0

10

20 30 % of attackers

40

50

Fig. 5. Number of packets delivered versus percentage of attackers

Packets loss rate: Fig. 6 shows packets loss rate with/without the proposed scheme. With the proposed scheme, all malicious sensor nodes can be detected in the network. It removes forged messages and minimizes packets loss rate. Thus, the proposed scheme can effectively detect and defend against the DDoS. On the other hand, when MAS is not implemented, packets loss rate increases as the number of attackers increases. As the attackers flood the network, legitimate sensor nodes are not able to use the resources available. 1.2 When MAS scheme is not implimented When MAS scheme is implimented

Packets loss rate

1

0.8

0.6

0.4

0.2

0

0

10

20 30 % of attackers

40

50

Fig. 6. Packets loss rate when MAS scheme is/ not implemented

End-to-end delay: This metric measures the average time taken to transmit a data packet from a source node to the destination node. The lower the end-to-end delay the better the performance of the protocol. The performance of end-to-end packets delay for MAS, QoP-ML [6] and DSAW [8] protocols during simulation time was analysed as shown in Fig. 7. In all three protocols, packets delay increases as the network size



Page 16 of 19


increases. The end-to-end of proposed scheme is better than QoP-ML and DSAW protocols in the presence of malicious nodes because our method is able to detect malicious nodes and remove all paths emanated from them so that legitimate nodes will not transmit through them. 1.4 MAS

QoP-ML

DSAW

End to end delay (Sec)

1.2

1

0.8

0.6

0.4

0.2

0

20

40

60 80 Number of sensor nodes

100

Fig. 7. End to end delay versus number of nodes

Fig. 8 shows the expected packets, as well as abnormal packets transmission delays. By periodically generating the nonce for sensor nodes, the cluster head can detect abnormal data packets. This figure shows the ability of the cluster head to identify the data integrity attack. We observe varying packet delays by monitoring the network over different time intervals. The graph shows that the cluster head identifies abnormalities when the delay values is more than the set nonce value. 12 Delay packets

Delay of packets (sec)

10

8

6

4

2

0

6

7

8

9 Time period

10

11

12

Fig.8. Time period against Delay of packets


Page 17 of 19



Data packets delivery ratio: This metric is the ratio of the total number of data packets successfully received at the destination node to the number of data packets transmitted by the source nodes in the network. The greater the value of the data delivery ratio, the better the performance of the protocol. Fig. 9 shows data packets delivery of MAS, DSAW, and QoP-ML protocols with different numbers of attackers. The packets delivery ratio for the three schemes decreases as the number of attackers increases. The three schemes are based on clustering approaches but each scheme uses different algorithm to divide the network into clusters. We observe that the delivery ratio for MAS is more than QoP-ML and DSAW protocols because data packets traversing the network in the two protocols are not encrypted. The attackers can quietly intercept the packets and bring down the whole network. The proposed scheme performs better because it is able to encrypt the transmitted message and delivers highest number of data packets to the base station. 1 MAS QoP-ML DSAW

Data packets delivery ratio

0.8

0.6

0.4

0.2

0

0

1

2

3 4 Number of attacks

5

6

Fig. 9. Packet delivery ratio for the MAS, QoP-ML and DSAW Protocols

5. Conclusion Wireless sensor networks are becoming more popular in recent times due to their wide area of applications. Sensor networks' communication patterns and their mode of deployment expose them to a variety of attacks. This work presents a unique method called message analyser scheme (MAS) to detect and defend against distributed denial of service attacks in wireless sensor networks. The MAS adopts the hash function and encryption to ensure data authenticity and integrity within the network and uses the pre-shared keys to encrypt the message before it is forwarded to the receiver node. MAS uses two parameters (nonce and hash value) to authenticate data packets transmission. Simulation results show the MAS can effectively detect and defend against the DDoS attacks in WSNs. In a future study, we will implement the proposed approach in a real test bed; this will help us to check whether the approach meets the resources-constraint of WSNs.



Page 18 of 19


6. References [1] [2] [3] [4] [5] [6] [7]

[8]

[9]

[10] [11] [12] [13]

[14]

[15] [16]

[17] [18] [19]

Amgoth, T., Jana, P. K.: 'Energy-aware routing algorithm for wireless sensor networks', Computers & Electrical Engineering, 2015, 41, pp. 357-367. Iyengar, S. S., Brooks, R. R., Distributed sensor networks: sensor networking and applications. 2nd Edition ed.; CRC Press Taylor & Francis Group: 2016. Messai, M.-L.: 'Classification of Attacks in Wireless Sensor Networks'. Proc. Int. Conf. Telecommunication and Application, Bejaia, Algeria, 23-24 April 2014. Chelli, K.: 'Security Issues in Wireless Sensor Networks: Attacks and Countermeasures'. Proc. Int. Conf. World Congress on Engineering, London, UK, July 1-3 2015. Jokhio, S., Jokhio, I. A., Kemp, A. H.: 'Node capture attack detection and defence in wireless sensor networks', IET wireless sensor systems, 2012, 2, (3), pp. 161-169. Mazur, K., Ksiezopolski, B., Nielek, R.: 'Multilevel modeling of distributed denial of service attacks in wireless sensor networks', Journal of Sensors, 2016, 2016, pp. 1-13. Gill, K., Yang, S.-H., Wang, W.: 'Scheme for preventing low-level denial-of-service attacks on wireless sensor network-based home automation systems', IET Wireless Sensor Systems, 2012, 2, (4), pp. 361-368. Mansouri, D., Mokddad, L., Ben-Othman, J., et al.: 'Preventing denial of service attacks in wireless sensor networks'. Proc. Int. Conf. Communications (ICC), London, UK, 8-12 June 2015 pp. 3014-3019. Zargar, S. T., Joshi, J., Tipper, D.: 'A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks', IEEE Communications Surveys & Tutorials, 2013, 15, (4), pp. 2046-2069. Patel, M. M., Aggarwal, A.: 'Security attacks in wireless sensor networks: A survey'. Proc. Int. Conf. Intelligent Systems and Signal Processing (ISSP), Gujarat, India, 1-2 March 2013 pp. 329-333. Kumar, G.: 'Understanding Denial of Service (Dos) Attacks Using OSI Reference Model', International Journal of Education and Science Research Review, 2014, 1, (5), pp. 89-103. Gond, S., Nath, A.: 'A Mitigation Model for DDoS Attack in Wireless Sensor Networks', 2015, pp. 35-43. Dhar, M., Singh, R.: 'A Review of Security Issues and Denial of Service Attacks in Wireless Sensor Networks', International Journal of Computer Science and Information Technology Research, 2015, 3, (1), pp. 27-33. AlOmary, R. Y., Khan, S. A.: 'Goal programming based multi-criteria decision-making for distributed denial of service attacks in wireless sensor networks'. Proc. Int. Conf. Computer, Control, Informatics and Its Applications (IC3INA), Jakarta, Indonesia, 2013. Chen, D., Zhang, Z., Tseng, F.-H., et al.: 'A novel method defends against the path-based DOS for wireless sensor network', International journal of distributed sensor networks, 2014, pp. 205-216. Han, G., Shen, W., Duong, T. Q., et al.: 'A proposed security scheme against Denial of Service attacks in cluster-based wireless sensor networks', Security Communication Networks, 2014, 7, pp. 2542–2554. Raymond, D. R., Midkiff, S. F.: 'Denial-of-service in wireless sensor networks: Attacks and defenses', IEEE Pervasive Computing, 2008, 7, (1), pp.74-81. Wood, A. D., Stankovic, J. A.: 'A taxonomy for denial-of-service attacks in wireless sensor networks', Handbook of Sensor Networks: Compact Wireless and Wired Sensing Systems, 2004, pp. 739-763 Kannan, G., Raja, T. S. R.: 'Energy efficient distributed cluster head scheduling scheme for two tiered wireless sensor network', Egyptian Informatics Journal, 2015, 16, (2), pp. 167-174.


Page 19 of 19



[20] Abidoye, A. P., Azeez, N. A., Adesina, A. O., et al.: 'ANCAEE: A novel clustering algorithm for energy efficiency in wireless sensor networks', Journal of Wireless Sensor Networks, 2011, 3, (9), pp. 307-312. [21] Karlof, C., Sastry, N., Wagner, D.: 'TinySec: a link layer security architecture for wireless sensor networks'. Proc. Int. Conf. Proceedings of the 2nd international conference on Embedded networked sensor systems, 2004 pp. 162-175. [22] Baig, Z. A., Khan, A. I.: 'DDoS Attack Modeling and Detection in Wireless Sensor Networks', Mobile Intelligence, 2010, pp. 595-626. [23] Karlof, C., Wagner, D.: 'Secure routing in wireless sensor networks: Attacks and countermeasures', Ad hoc networks, 2003, 1, (2), pp. 293-315. [24] Hsieh, W. B., Leu, J. S.: 'Anonymous authentication protocol based on elliptic curve Diffie–Hellman for wireless access networks', Wireless Communications and Mobile Computing, 2014, 14, (10), pp. 995-1006. [25] Heinzelman, W. R., Kulik, J., Balakrishnan, H.: ' Adaptive protocols for information dissemination in wireless sensor networks'. Proc. Int. Conf. ACM MobiCom'99, Seattle, Washington USA, 1999 pp. 174–185. [26] Nam, J., Choo, K.-K. R., Han, S., et al.: 'Efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation', Plos one, 2015, 10, (4), pp. 1-21.


Distributed denial of service attacks in wireless sensor ...

Distributed denial of service attacks in wireless sensor ...

Suggest Documents

Denial of Service Attacks in Wireless Sensor

Multilevel Modeling of Distributed Denial of Service Attacks in Wireless ...

Modeling of distributed denial of service attacks in wireless networks ...

Multilevel Modeling of Distributed Denial of Service Attacks in Wireless ...

Denial-of-Service in Wireless Sensor Networks: attacks and Defenses

Mitigating denial of service attacks in hierarchical wireless sensor ...

Distributed Denial of Service Attacks and istributed Denial of Service ...

Distributed Denial of Service Attacks and istributed Denial of Service ...

Distributed Denial of Service Attacks - CiteSeerX

Distributed Denial of Service Attacks Prevention

Distributed Denial of Service Attacks - CiteSeerX

Denial of Service Attacks

Denial of Service Attacks

Defence for Distributed Denial of Service Attacks in Cloud ... - Core

Defence for Distributed Denial of Service Attacks in ... - Science Direct

Defence for Distributed Denial of Service Attacks in Cloud Computing

Denial of Service Attacks in Wireless Networks ... - Semantic Scholar

Security Frame Work against Denial of Service Attacks in Wireless ...

Denial of Service Attacks in Wireless Networks - Semantic Scholar

DISTRIBUTED DENIAL-OF-SERVICE

DISTRIBUTED DENIAL-OF-SERVICE

Denial of Service Attacks - Imperva

A Comparative Study of Distributed Denial of Service Attacks, Intrusion ...

A Proposal of Highly Responsive Distributed Denial-of-Service Attacks ...