skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Defense against Black Hole Attacks in Wireless Sensor Network with Anomaly Report Cycling
Wireless Sensor Network (WSN) becomes the dominate last-mile connection to cyber-physical systems and Internet-of-Things. However, WSN opens new attack surfaces such as black holes, where sensing information gets lost during relay towards base stations. Current defense mechanisms against black hole attacks require substantial energy consumption, reducing the system's lifetime. This paper proposes a novel approach to detect and recover from black hole attacks using an improved version of Low-Energy Adaptive Clustering Hierarchy (LEACH) protocol. LEACH is an energy-efficient routing protocol for groups of battery-operated sensor nodes in hierarchy. A round of selection for cluster heads is scheduled in a set time. We propose to improve LEACH with Anomaly Report Cycling (ARC-LEACH), tradeoff between security strength and energy cost. ARC-LEACH absorbs an attack when it occurs by rotating cluster heads to reestablish communication and then sending a message from the base station to coordinate all nodes against the malicious nodes. ARC-LEACH actively blocks malicious nodes while leveraging the resilience of LEACH for stronger resistance to blackhole attacks. ARC-LEACH can provide more defense capability when under attack from multiple malicious nodes that would otherwise be defenseless by LEACH, with only minor increase in energy consumption.  more » « less
Award ID(s):
2105718
PAR ID:
10517005
Author(s) / Creator(s):
;
Publisher / Repository:
IEEE
Date Published:
Journal Name:
2024 International Wireless Communications and Mobile Computing (IWCMC)
Subject(s) / Keyword(s):
network security wireless local area network (WLAN) wireless sensor network (WSN) cyber-physical system (CPS) Internet of Things (IoT)
Format(s):
Medium: X
Location:
Ayia Napa, Cyprus (Hybrid)
Sponsoring Org:
National Science Foundation
More Like this
  1. ; (, 2024 International Wireless Communications and Mobile Computing (IWCMC))
    Structural Health Monitoring (SHM) uses wireless sensor network (WSN) to monitor a civil construction’s conditions remotely and constantly for its sustainable usage. Security in WSN for SHM is essential to safeguard critical transportation infrastructure such as bridges. While WSN offers cost-effective solutions for Bridge SHM, its wireless nature expands attack surfaces, making security a significant concern. Despite progress in addressing security issues in WSN for Bridge SHM, challenges persist in device authentication due to the unique placement of sensor nodes and their resource constraints, particularly in energy conservation requirements to extend the system’s lifetime. To overcome these limitations, this paper proposes an innovative authentication scheme with deep learning at the physical layer. Our approach steers away from conventional device authentication methods: no challenge-response protocol with heavy communication overhead and no cryptography of intensive computation. Instead, we use radio frequency (RF) fingerprinting to authenticate sensor nodes. Deep learning is chosen for its ability to discover patterns in large datasets without manual feature engineering. We model our scheme on IEEE 802.11ah, Wi-Fi HaLow of long-range communication and low-power consumption for machine-to-machine (M2M) applications. Simulations and experiments using universal software radio peripheral (USRP) demonstrate the effectiveness of the proposed scheme. By integrating security into Cyber-Physical System/the Internet-of-Things (CPS/IoT) design of WSN for Bridge SHM, our work contributes to critical infrastructure protection. 
    more » « less
  2. ; (, ICC 2019 - 2019 IEEE International Conference on Communications (ICC))
    Data aggregation is a key primitive in wireless sensor networks and refers to the process in which the sensed data are processed and aggregated en-route by intermediate sensor nodes. Since sensor nodes are commonly resource constrained, they may be compromised by attackers and instructed to launch various attacks. Despite the rich literature on secure data aggregation, most of the prior work focuses on detecting intermediate nodes from modifying partial aggregation results with two security challenges remaining. First, a compromised sensor node can report arbitrary reading of its own, which is fundamentally difficult to detect but widely considered to have limited impact on the final aggregation result. Second, a compromised sensor node can repeatedly attack the aggregation process to prevent the base station from receiving correct aggregation results, leading to a special form of Denial-of-Service attack. VMAT [1] (published in ICDCS 2011) is a representative secure data aggregation scheme with the capability of pinpointing and revoking compromised sensor nodes, which relies on a secure MIN aggregation scheme and converts other additive aggregation functions such as SUM and COUNT to MIN aggregations. In this paper, we introduce a novel enumeration attack against VMAT to highlight the security vulnerability of a sensor node reporting an arbitrary reading of its own. The enumeration attack allows a single compromised sensor node to significantly inflate the final aggregation result without being detected. As a countermeasure, we also introduce an effective defense against the enumeration attack. Theoretical analysis and simulation studies confirm the severe impact of the enumeration attack and the effectiveness of the countermeasure. 
    more » « less
  3. ; ; (, IEEE UEMCON 2021)
    null (Ed.)
    It is vital to consider the energy usage of motes when designing a Wireless Sensor Network (WSN). Protocols can be altered to their application to enhance a system's performance. This project modifies the Routing Protocol for Low-Power and Lossy Networks (RPL) protocol using a S-MAC algorithm to increase its energy efficiency. The project began with the application and the focus of the WSN. The proposed protocol was developed within the Cooja simulator, then implemented on TelosB motes using the Contiki-NG operating system. Lastly, the WSN was tested with the proposed system and compared against its original counterpart. In conclusion it was found that the proposed method provides a significant increase in energy efficiency, extending the life of a WSN. 
    more » « less
  4. ; ; (, IEEE)
    Federated Learning (FL) allows individual clients to train a global model by aggregating local model updates each round. This results in collaborative model training while main-taining the privacy of clients' sensitive data. However, malicious clients can join the training process and train with poisoned data or send artificial model updates in targeted poisoning attacks. Many defenses to targeted poisoning attacks rely on anomaly-detection based metrics which remove participants that deviate from the majority. Similarly, aggregation-based defenses aim to reduce the impact of outliers, while L2-norm clipping tries to scale down the impact of malicious models. However, oftentimes these defenses misidentify benign clients as malicious or only work under specific attack conditions. In our paper, we examine the effectiveness of two anomaly -detection metrics on three different aggregation methods, in addition to the presence of L2-norm clipping and weight selection, across two different types of attacks. We also combine different defenses in order to examine their interaction and examine each defense when no attack is present. We found minimum aggregation to be the most effective defense against label-flipping attacks, whereas both minimum aggregation and geometric median worked well against distributed backdoor attacks. Using random weight selection significantly deteriorated defenses against both attacks, whereas the use of clipping made little difference. Finally, the main task accuracy was directly correlated with the BA in the label-flipping attack and generally was close to the MA in benign scenarios. However, in the DBA the MA and BA are inversely correlated and the MA fluctuates greatly. 
    more » « less
  5. (, IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN))
    For the past decade, botnets have dominated network attacks in spite of significant research advances in defending against them. The distributed attack sources, the network size, and the diverse botnet attack techniques challenge the effectiveness of a single-point centralized security solution. This paper proposes a distributed security system against largescale disruptive botnet attacks by using SDN/NFV and machinelearning. In our system, a set of distributed network functions detect network attacks for each protocol and to collect real-time traffic information, which also gets relayed to the SDN controller for more sophisticated analyses. The SDN controller then analyzes the real-time traffic with the only forwarded information using machine learning and updates the flow rule or take routing/bandwidth-control measures, which get executed on the nodes implementing the security network functions. Our evaluations show the proposed system to be an efficient and effective defense method against botnet attacks. The evaluation results demonstrated that the proposed system detects large-scale distributed network attacks from botnets at the SDN controller while the network functions locally detect known attacks across different networking protocols. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email