Cryptography Reference
In-Depth Information
Table 2.1. Attack Classifi cation Using a Layered Approach
Layer
Attack vectors
Application
Data corruption and repudiation
Transport
Session hijacking and SYN fl ooding
IP layer
Byzantine, resource consumption,
location disclosure, wormhole and
black hole
Data link
Traffi c analysis
Physical
Interference and jamming
Multilayer attack
DoS, replay, man-in-the-middle
and replay.
2.2.1.1 Reconnaissance
Reconnaissance refers to intelligent gathering or probing to access the vulnerabilities
in a network, to launch a full-scale attack later. Reconnaissance attacks can be further
classified into active and passive. Passive reconnaissance attacks include the collection
of network information through indirect or direct methods, but without probing the
targe; active reconnaissance attacks involve the process of gathering traffic with the
intention of eliciting responses from the target.
2.2.1.2 Eavesdropping
Eavesdropping is the act of listening secretly to a private conversation. However, in the
paradigm of WSN, eavesdropping is an operation to learn the “aggregate data” that is
being collected by the entire network. Hence, eavesdropping between two specific sen-
sor nodes may not help the attacker in thoroughly understanding the entire network. It
can be further classified into active and passive eavesdropping.
Active eavesdropping: In this case, the adversary actively sends queries to other
nodes in an attempt to instigate them to respond to his queries, and in exchange
will be able to comprehend the precise task assigned to the nodes in the net-
work. Usually, the attacker launches a “man-in-the-middle attack” (discussed
in the next section) to infiltrate into the network and enforce himself on the
active path.
Passive eavesdropping: The attacker inserts himself into the active path, unbe-
knownst to other nodes in the network. He then passively listens to all traffic
sent over the broadcast medium. It may be difficult to detect a passive eaves-
dropping attack, as the attacker may be operating in stealth mode. (Detection
mechanisms are covered in the chapter on intrusion detection systems.)
Search WWH ::




Custom Search