Image Processing Reference
In-Depth Information
the geographical position of nodes in cleartext, this could be exploited by an attacker for “homing”
(locating) specific sensor nodes to physically capture and compromise them. As a countermeasure
against this threat, Wood and Stankovic propose encryption of message headers and content between
neighboring nodes. Regarding routing-related threats, deliberate “misdirection” of traffic could lead
to higher traffic load, as a consequence to higher energy consumption in a sensor network, and poten-
tially also to unreachability of certain network parts. Potential countermeasures against this threat
are egress filtering, that is checking the direction in which messages will be routed, authorization
verification of routing-related messages, monitoring of routing and forwarding behavior of nodes
by neighboring nodes, and redundant routing of messages via multiple paths that in the ideal case
do not share common intermediate nodes. he same countermeasures can also be applied to defend
against so-called black hole attacks, in which one node or part of the network attracts a high amount
of traffic (e.g., by announcing short routes to the base station) but does not forward this traffic.
On the transport layer, the threats “flooding” with connection requests and “desynchronization” of
sequence numbers are identified in [WS]. Both attack techniques are known from classical Internet
communications and might potentially also be applied to sensor networks, in case that such networks
are going to make use of transport layer connections. Established countermeasures to defend them
are so-called client puzzles [TAL] and authentication of communication partners.
Recapitulating the above discussion, it can be seen that especially the network layer exhibits severe
DoS vulnerabilities and proves to be the most interesting layer for potential attackers interested in
degrading the availability of sensor network services. his is mostly due to the fact that in this layer
the essential forwarding and routing functionality is realized, so that an attacker can cause significant
damage with rather moderate means (e.g., in comparison to jamming a large area). In the following,
we will therefore further elaborate on this layer and at the same time extend our discussion on general
threats on forwarding and routing functions including attacks beyond pure DoS interests.
In Ref. [KWb], Karlof and Wagner give an overview on attacks and countermeasures regarding
secure routing in wireless sensor networks. From a high level point of view, they identify the following
threats:
•
Insertion of spoofed, altered or replayed routing information
with the aim of loop construc-
tion, attracting, or repelling traffic, etc.
•
Forging of acknowledgments
which may trick other nodes to believe that a link or node is
either dead or alive when in fact it is not
•
Selective forwarding
which may be realized either “in-path” or “beneath path” by delib-
erate jamming, and which allows to control what information is forwarded and what
information is suppressed
•
Creation of so-called
“sinkholes,” that is attracting traffic to a specific node, e.g., to prepare
selective forwarding
•
Simulating multiple identities
(“Sybil attacks”), which allows to reduce effectiveness of
fault-tolerant schemes like multipath routing
•
Creation of so-called wormholes
by tunneling messages over alternative low-latency links,
e.g., to confuse the routing protocol, create sinkholes, etc.
•
Sendingofso-called“helloloods”
(more precisely: “hello shouting”), in which an attacker
sends or replays a routing protocol's hello packets with more energy to trick other nodes
into the belief that they are neighbors of the sender of the received messages
In order to give an example for such attacks, Figure . [Woo] illustrates the construction of a
breadth first spanning tree, and Figure . [KWb] shows the effect of two attacks on routing
schemes that use the breadth first search tree idea to construct their forwarding tables.
One example of a sensor network-operating system that builds a breadth-first spanning tree rooted
at the base station is TinyOS. In such networks, an attacker disposing of one or two laptops can either
