Detecting and Localizing Identity-Based Attacks in Wireless and Sensor Networks

Detecting and Localizing Identity-Based Attacks in Wireless and Sensor Networks

Wireless networks are vulnerable to identity-based attacks, including spoofing and Sybil attacks, which allows for many other forms of attacks on the networks. Although the identity of a node can be verified through cryptographic authentication, authentication is not always possible, because it requ...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on vehicular technology Vol. 59; no. 5; pp. 2418 - 2434
Main Authors: Yingying Chen, Jie Yang, Trappe, Wade, Martin, Richard P
Format: Journal Article
Language:English
Published: New York, NY IEEE 01-06-2010
Institute of Electrical and Electronics Engineers
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Algorithms
Applied sciences
Authentication
Business and industry local networks
Correlation
Cryptography
Detectors
Electrical engineering. Electrical power engineering
Electrical power engineering
Exact sciences and technology
Identity management systems
Identity-based attack
Identity-based encryption
Information, signal and communications theory
localization
Mathematical models
Networks
Networks and services in france and abroad
Position (location)
Power networks and lines
Real time systems
received signal strength (RSS)
Robustness
sensor network
Services and terminals of telecommunications
Signal and communications theory
Spoofing
spoofing attack
Statistical analysis
Studies
Sybil attack
Systems, networks and services of telecommunications
Telecommunications
Telecommunications and information theory
Telemetry. Remote supervision. Telewarning. Remote control
Teleprocessing networks. Isdn
Testing
transmission power
Users connections and in door installation
wireless network
Wireless networks
Wireless sensor networks
ZigBee
Wireless LAN
Spatial correlation
Wireless telecommunication
received signal strength (RSS)
K means algorithm
Sybil attack
Identity based encryption
Remote sensing
Indoor installation
Security of data
spoofing attack
IEEE standards
Cryptography
Localization
Signal detection
Office building
transmission power
Test statistic
Measurement sensor
Vulnerability
Key management
Experimental study
Identity-based attack
sensor network
Authentication
Wireless network
Relative error
Sensor array
Personal communication networks
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Wireless networks are vulnerable to identity-based attacks, including spoofing and Sybil attacks, which allows for many other forms of attacks on the networks. Although the identity of a node can be verified through cryptographic authentication, authentication is not always possible, because it requires key management and additional infrastructural overhead. In this paper, we propose a method for detecting both spoofing and Sybil attacks by using the same set of techniques. We first propose a generalized attack-detection model that utilizes the spatial correlation of received signal strength (RSS) inherited from wireless nodes. We further provide a theoretical analysis of our approach. We then derive the test statistics for detection of identity-based attacks by using the K-means algorithm. Our attack detector is robust when handling the situations of attackers that use different transmission power levels to attack the detection scheme. We further describe how we integrated our attack detector into a real-time indoor localization system, which can also localize the positions of the attackers. We show that the positions of the attackers can be localized using either area- or point-based localization algorithms with the same relative errors as in the normal case. We further evaluated our methods through experimentation in two real office buildings using both an IEEE 802.11 (WiFi) network and an IEEE 802.15.4 (ZigBee) network. Our results show that it is possible to detect wireless identity-based attacks with both a high detection rate and a low false-positive rate, thereby providing strong evidence of the effectiveness of the attack detector utilizing the spatial correlation of RSS and the attack localizer.
Bibliography:ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 23
ISSN:0018-9545
1939-9359
DOI:10.1109/TVT.2010.2044904