• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.11
• /
• pp.5354-5369
• /
• 2019

Sensor networks are deployed in unheeded environment to monitor the situation. In view of the unheeded environment and by the nature of their communication channel sensor nodes are vulnerable to various attacks most commonly malicious packet dropping attacks namely blackhole, grayhole attack and sinkhole attack. In each of these attacks, the attackers capture the sensor nodes to inject fake details, to deceive other sensor nodes and to interrupt the network traffic by packet dropping. In all such attacks, the compromised node advertises itself with fake routing facts to draw its neighbor traffic and to plunge the data packets. False routing advertisement play vital role in deceiving genuine node in network. In this paper, behavior based routing misbehavior detection (BRMD) is designed in wireless sensor networks to detect false advertiser node in the network. Herein the sensor nodes are monitored by its neighbor. The node which attracts more neighbor traffic by fake routing advertisement and involves the malicious activities such as packet dropping, selective packet dropping and tampering data are detected by its various behaviors and isolated from the network. To estimate the effectiveness of the proposed technique, Network Simulator 2.34 is used. In addition packet delivery ratio, throughput and end-to-end delay of BRMD are compared with other existing routing protocols and as a consequence it is shown that BRMD performs better. The outcome also demonstrates that BRMD yields lesser false positive (less than 6%) and false negative (less than 4%) encountered in various attack detection.

• Journal of Information Processing Systems
• /
• v.15 no.1
• /
• pp.203-216
• /
• 2019

The nature of wireless transmission has made wireless sensor networks defenseless against various attacks. This paper presents warning message counter method (WMC) to detect blackhole attack, grayhole attack and sinkhole attack in wireless sensor networks. The objective of these attackers are, to draw the nearby network traffic by false routing information and disrupt the network operation through dropping all the received packets (blackhole attack), selectively dropping the received packets (grayhole and sinkhole attack) and modifying the content of the packet (sinkhole attack). We have also attempted light weighted symmetric key cryptography to find data modification by the sinkhole node. Simulation results shows that, WMC detects sinkhole attack, blackhole attack and grayhole attack with less false positive 8% and less false negative 6%.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.61-63
• /
• 2005

본 논문에서는 무선 애드 혹 네트워크상의 패킷 폐기 공격의 영향을 분석하고 시뮬레이션을 통해 그 효과를 측정하였다. 시뮬레이션 수행 결과 RREQ 패킷을 폐기한 경우에는 네트워크에 미치는 영향이 적은 반면, RREP 및 DATA 패킷을 폐기한 경우는 네트워크의 전송 효율이 떨어졌으며. 또한 패킷을 폐기하는 악성노드가 많을수록 데이터의 전달율이 감소하고 하나의 데이터를 전송 하는데 필요한 제어 패킷의 수가 늘어남을 알 수 있었다. 시뮬레이션을 통해 분석된 결과를 바탕으로 패킷 폐기 공격의 징후를 미리 검출하거나 공격 형태를 식별하는 기초 자료로 활용가능 할 것이다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.655-659
• /
• 2016

In this paper, we propose new detection and detour methods against packet drop attacks for availability in the Internet of Things (IoT) based on the IEEE 802.15.4e and RPL protocol standards that employ IPv6. We consider the rank value of RPL and the consecutive packet drops to improve the detection metrics, and also take into account the use of both sibling and child nodes on a RPL routing path to construct the detour method. Our simulation results show that the proposed detection method is faster than the previous result, and the detour method improves the detour success rate.

• Journal of Communications and Networks
• /
• v.15 no.2
• /
• pp.122-131
• /
• 2013

We address the problem of effective vehicular routing in hostile scenarios where malicious nodes intend to jeopardize the delivery of messages. Compromised vehicles can severely affect the performance of the network by a number of attacks, such as selectively dropping messages, manipulating them on the fly, and the likes. One of the best performing solutions that has been used in static wireless sensor networks to deal with these attacks is based on the concept of watchdog nodes (also known as guard nodes) that collaborate to continue the forwarding of data packets in case a malicious behavior in a neighbor node is detected. In this work, we consider the beacon-less routing algorithm for vehicular environments routing protocol, which has been previously shown to perform very well in vehicular networks, and analyze whether a similar solution would be feasible for vehicular environments. Our simulation results in an urban scenario show that watchdog nodes are able to avoid up to a 50% of packet drops across different network densities and for different number of attackers, without introducing a significant increase in terms of control overhead. However, the overall performance of the routing protocol is still far from optimal. Thus, in the case of vehicular networks, watchdog nodes alone are not able to completely alleviate these security threats.

• KIPS Transactions on Computer and Communication Systems
• /
• v.2 no.4
• /
• pp.155-162
• /
• 2013

Routing protocol in ad hoc mobile networking has been an active research area in recent years. However, the environments of ad hoc network tend to have vulnerable points from attacks, because ad hoc mobile network is a kind of wireless network without centralized authentication or fixed network infrastructure such as base stations. Also, existing routing protocols that are effective in a wired network become inapplicable in ad hoc mobile networks. To address these issues, several secure routing protocols have been proposed: SAODV and SRPTES. Even though our protocols are intensified security of networks than existing protocols, they can not deal fluidly with frequent changing of wireless environment. Moreover, demerits in energy efficiency are detected because they concentrated only safety routing. In this paper, we propose an energy efficient secure routing protocol for various ad hoc mobile environment. First of all, we provide that the nodes distribute security information to reliable nodes for secure routing. The nodes constitute tree-structured with around nodes for token escrow, this action will protect invasion of malicious node through hiding security information. Next, we propose multi-path routing based security level for protection from dropping attack of malicious node, then networks will prevent data from unexpected packet loss. As a result, this algorithm enhances packet delivery ratio in network environment which has some malicious nodes, and a life time of entire network is extended through consuming energy evenly.

• The KIPS Transactions:PartC
• /
• v.14C no.3 s.113
• /
• pp.209-220
• /
• 2007

IPS(Intrusion Prevention Systems), which is installed in inline mode in a network, protects network from outside attacks by inspecting the incoming/outgoing packets and sessions, and dropping the packet or closing the sessions if an attack is detected in the packet. In the signature based filtering, the payload of a packet passing through IPS is matched with some attack patterns called signatures and dropped if matched. As the number of signatures increases, the time required for the pattern matching for a packet increases accordingly so that it becomes difficult to develop a high performance US working without packet delay. In this paper, we propose a high performance IPS based on signature hashing to make the pattern matching time independent of the number of signatures. We implemented the proposed scheme in a Linux kernel module in a PC and tested it using worm generator, packet generator and network performance measure instrument called smart bit. Experimental results show that the performance of existing method is degraded as the number of signatures increases whereas the performance of the proposed scheme is not degraded.