Study On Typical Attack Defense Mechanisms Against Routing And Transmission In Wireless Sensor Networks

A Wireless Sensor Network (WSN) is usually composed of a large number of micro sensor nodes. These nodes are self-organized into a multi-hop wireless network, are responsible for real-time sensing and gathering several interesting information from the deployment area, and also responsible for sending the collected information back to the sink and the observers in a collaborative way. WSN is very suitable for many applications in special scenarios and can be deployed in harsh, unattended or even hostile environment to perform the task of information collection. It has a wide range of application prospects in military surveillance, industrial process monitoring and control, precision agriculture, medical care, environmental monitoring, anti-terrorist monitoring, target tracking and so on. WSN has attracted intensive interest from both academia and industry due to their wide application in military and civil scenarios.Due to communication with open wireless channel and may be deployed in unattended even hostile environment, WSN faces severe security threats. A fraction of the nodes even may be compromised by attackers and then be exploited to launch various internal attacks. Also owing to the limitation resources of nodes in WSN, such as energy, communication bandwidth, storage and computation, security mechanisms in traditional wireless networks are often too costly to be deployed in WSN and unsuitable for it. Therefore, WSN confronts with big challenges in security and novel and lightweight secure defense mechanisms are needed to be designed for WSN. How to counter with various attacks efficiently, research and design effective security mechanisms or techniques for WSN has become one of the most important tasks and challenges. Moreover, routing and transmission are two important issues in WSN security. In this dissertation, several typical attacks are investigated, which may be launched by attackers during routing and transmission in WSN, the major studies of this dissertation include:(1) For the problem of wormhole attacks during neighbor discovery and route discovery phase, a restricted mechanism, SenLeash, was presented to restrict the transmission range of messages and hence prevent wormhole attacks in WSNs. The SenLeash depends on two parameters:the distance of each node to an initial sink node and a chosen receiving distance. To obtain the distance of each node to an initial sink node, a RSSI-based measure method nRSSI was proposed. Considering the receiving probability of each node and the maximum retransmission times of the link layer, the method of choosing an appropriate receiving distance was discussed. The simulation results demonstrate that the SenLeash can effectively decrease the number of fake neighbor nodes and invalid reply messages caused by wormhole attacks in WSNs.(2) For the problem that node replication attacks and Sybil attacks can disrupt the network's operations such as route choosing, data aggregation and data transmission, firstly, a one-way key chain ID authentication (OKCIDA) defense mechanism was presented to decrease the probability for attackers to mount such attacks at any time. Moreover, to stop replica nodes and Sybil nodes successfully joining into the network during the neighbor discovery phase, the symmetric parameters was constructed based on the elliptic curve discrete logarithm problem, then combining with OKCIDA and utilizing node neighbor relationship, a location-free neighborhood authentication protocol (LFNA) was introduced. Finally, the security of LFNA was proved and analyzed. Compared with several existing important mechanisms, the proposed method is superior in security and cost.(3) For the packet lost problem caused by the On-Off forwarding attacks and the variability of link quality during data transmission, a trust-and energy-aware remedy routing, TeaRR, is proposed to enhance the original ARRIVE algorithm. Combination nodes'trust and remaining energy, TeaRR selects the nodes with the optimal trust value and remaining energy as next-hop nodes responsible for forwarding packets. At the same time, each sending node actively recommends a remedy forwarding node. When perceiving packets may be lost, the remedy forwarding node will quickly resume forwarding the possible lost packets with a certain probability. Experimental results show that TeaRR is more suitable for delay-sensitive applications, and can provide a trade-off between the packet delivery ratio and the energy cost.(4) For the problem of false-data injection or malicious tampering attack in data aggregation transmission schemes, a mutual defense scheme for secure data aggregation is proposed, including a secure sort-group-filter data aggregation algorithm (SSGF) and a lightweight TDMA-based monitoring mechanism. The former is to defend against injecting false readings by compromised member nodes, and the latter is to defend against altering the aggregation results by aggregator nodes. In addition, a secure data packet transmission scheme is also presented to provide security services including the integrity, freshness and authentication. Considering that the readings sensed by neighbor nodes exhibit temporal and spatial correlation, a constraint parameter, called maximum tolerant difference (MTD), is introduced and the quantitative criteria for abnormal readings evaluation are given. Both the theoretical analysis and comparative experiments show the feasibility and efficiency of the proposed method(5) For the problem of protecting the data source location privacy (DSLP) under global traffic analysis attack, firstly, the dissertation points out the existing problems of the source simulation method (SS) and proposes an improved source simulation method (ISS) under the panda-hunter game model (PHGM) by adjusting the event report strategy. Moreover, to overcome the disadvantage of the PHGM, an updated-panda-hunter game model (UPHGM) is proposed and a formal model of the DSLP issues is also presented. Then, based on the UPHGM, an energy-efficient grid-based pull (GBP) scheme is designed to protect the DSLP by combining a light-weight security object collection scheme with an effective grid partition method. Finally, the related schemes are evaluated in both theory and simulation. Analysis and simulation results show that GBP outperforms SS and ISS in terms of energy cost on the whole.In summary, this dissertation is mainly focused on several typical attacks related with routing and transmission in WSN, including wormhole attack, node replication attack, Sybil attack, On-Off attack, false-data injection or malicious tampering attack, traffic analysis attack. Lots of theoretical analysis and experiments show that these approaches are effective and efficient. These approaches and techniques have positive contributions and theoretical value to build personalized and comprehensive defense and detection mechanisms against attacks in WSN.