Denial of Service Attack in Wireless Sensor Networks

Abstract

The objective of this thesis is to study the vulnerabilities of sensor networks, design, and implement new approaches for routing attack. As one of the cornerstones of network infrastructure, routing systems are facing more threats than ever; they are vulnerable by nature and challenging to protect. In this thesis, we study different denial of service attack strategies against Directed Diffusion based WSNs. We introduce two new attacks. Reinforcement Swap Attack is our first attack which exploits the vulnerabilities of Directed Diffusion specifications. Its main idea is the disruption of configuration information, such as routing information to misuse route establishment along the network. Our approach is to swap Directed Diffusion reinforcement rule which means that the good route is excluded and the bad route is included. Moreover, our attack is activated and deactivated periodically to prolong its lifetime and hence brings down the target network. We present another attack, and call it Swarm Flooding Attack which targets the consumption of sensors computational resources, such as bandwidth, disk space, or processor time. Two variants of swarm attacks have been introduced namely Bee and Ant. Both approaches are inspired from the natural swarming difference between bees and ants. In all cases, the strategy used to mount an attack is the same. An attack consists of a set of malicious user queries represented by interests that are inserted into the network. However, the two forms of attack vary in the synchronization aspects among attackers. These types of attacks are hard to defend against as illustrated by past events (discussed within the thesis). For each of the proposed attack models, this thesis describes and presents analysis, simulation, and experimental measurements. We show that the system achieves maximal damage on system performance represented by sink throughput and average delay. During this study, we analyze the parameter space of many possible denial of service attacks scenarios and make excessive simulations to identify what combination of parameter settings which leads to the more damaging and thus ultimate scenarios for our attack process.