Using overhearing technique to detect malicious packet-modifying attacks in wireless sensor networks

Ssu, Kuo‐Feng; Chou, Chih-Hsun; Cheng, Liwen

doi:10.1016/j.comcom.2007.04.013

Cited by 18 publications

(11 citation statements)

References 29 publications

(36 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are two possible ways to know if the acknowledged packet was forwarded or not, either by monitoring the node using overhearing capability (see [20] or [10]) or by having feedback from other nodes that are on the route to the destination. Feedback from other nodes will include communication overhead and is not instant.…”

Section: B General Frameworkmentioning

confidence: 99%

Detecting Malicious Packet Dropping in the Presence of Collisions and Channel Errors in Wireless Ad Hoc Networks

Hayajneh

Krishnamurthy

Tipper

et al. 2009

2009 IEEE International Conference on Communications

View full text Add to dashboard Cite

Abstract-Detecting malicious packet dropping is important in ad hoc networks to combat a variety of security attacks such as blackhole, greyhole, and wormhole attacks. We consider the detection of malicious packet drops in the presence of collisions and channel errors and describe a method to distinguish between these types. We present a simple analytical model for packet loss that helps a monitoring node to detect malicious packet dropping attacks. The model is analyzed and evaluated using simulations. The results show that it is possible to detect malicious packet drops in the presence of collisions and channel errors.

show abstract

Section: B General Frameworkmentioning

confidence: 99%

Detecting Malicious Packet Dropping in the Presence of Collisions and Channel Errors in Wireless Ad Hoc Networks

Hayajneh

Krishnamurthy

Tipper

et al. 2009

2009 IEEE International Conference on Communications

View full text Add to dashboard Cite

show abstract

“…modify the packets and then forward them), not to forward the packets and forward them to the destination, respectively. The actions of the agents can be observed by overhearing agents' transmissions, which is possible due to the broadcast nature of wireless transmissions [4], [8]. In this work we assume that an IDS periodically performs the overhearing process and then the TMS updates the trust values of the agents and disseminates the new ones to them.…”

Section: System Model a Agents' Interactions And Modelingmentioning

confidence: 99%

“…The monitoring mechanisms deployed for detecting agents' actions and especially misbehavior patterns are called Intrusion Detection Systems (IDS). The most commonly used IDS technique is overhearing an agent's transmissions [1], [4], [8]. However, low energy budget networks, such as WSNs, may employ partial monitoring IDS schemes that periodically sample the agents' packets to decide on their behavior as discussed in [9].…”

Section: Introductionmentioning

confidence: 99%

Trust-based strategies for wireless networks under partial monitoring

Ntemos

Kalouptsidis

Kolokotronis

2017

2017 25th European Signal Processing Conference (EUSIPCO)

View full text Add to dashboard Cite

Abstract-In modern wireless networks autonomous agents may exhibit selfish or malicious behavior which can compromise the performance of the network. For this reason, Intrusion Detection Systems (IDS) have been proposed to monitor the agents' behavior, along with the deployment of Trust/reputation Management Systems (TMS) to enforce cooperation among the agents. IDS may not continuously monitor agents' behavior to avoid excessive deployment costs. In this work we consider agents that exhibit both selfish and malicious behavior and study their pairwise interactions when they participate in a packetforwarding task, in the scenario of partial monitoring of their actions by the IDS. We investigate the decision-making process of the agents and derive conditions that if satisfied, the trust-based strategy proposed by the TMS constitutes an optimal strategy for the agents.

show abstract

“…In [8], Ssu et al proposed the overhearing-based detection mechanism (ODB) in which PMAs launched by a forwarding node can be detected in collaboration among its surrounding nodes in WSNs. For each forwarding node, some of its neighboring nodes are chosen as its committee nodes.…”

Section: Overhearing-based Detection Mechanism (Obd)mentioning

confidence: 99%

“…Another type of potential insider attacks is packet modification attacks (PMAs) [8]. In PMAs, an adversary uses some compromised nodes to skillfully modify some legitimate packets passing through the nodes, with the goal of preventing notifications of critical events to the BSs or BSs' control over downstream nodes.…”

Section: Introductionmentioning

confidence: 99%

TDMA-Based Detection of Packet Modification Attacks in Wireless Sensor Networks

Lee¹,

Kim²

2016

Advanced Science and Technology Letters

View full text Add to dashboard Cite

Abstract. In a wireless sensor network, a few sensor nodes can be physically captured by a malicious adversary and then, by using the whole information they hold, skillfully modify some legitimate packets passing through the captured nodes. Such packet modification attacks (PMAs) could make real events on the field or control messages from the base stations (BSs) considered as false ones, so that some critical events, such as the enemy's advances, may not be reported to the BSs, or BSs may lose control of numerous nodes. In this paper, the author proposes a method of detecting PMAs in WSNs, in which each PMA can be detected and notified to the BSs through a time division multiple access based collaboration among the detecting nodes. While the proposed method does not require tamper-resistant hardware, the method guarantees that a PMA can be detected unless half of the detecting nodes are collude with the PMA. The performance of the method is reviewed with simulation results.

show abstract

Using overhearing technique to detect malicious packet-modifying attacks in wireless sensor networks

Cited by 18 publications

References 29 publications

Detecting Malicious Packet Dropping in the Presence of Collisions and Channel Errors in Wireless Ad Hoc Networks

Detecting Malicious Packet Dropping in the Presence of Collisions and Channel Errors in Wireless Ad Hoc Networks

Trust-based strategies for wireless networks under partial monitoring

TDMA-Based Detection of Packet Modification Attacks in Wireless Sensor Networks

Contact Info

Product

Resources

About