Detection of Sybil Attack in Wireless Sensor Network

Similar documents
Sybil Attack Detection in Mobile Adhoc Network

ANALYSIS OF LIGHTWEIGHT SYBIL ATTACK DETECTION TECHNIQUE IN MANET

SADAM: Sybil Attack Detection Approach In Manets Using Testbed

DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM

DETECTING SYBIL ATTACK USING HYBRID FUZZY K-MEANS ALGORITHM IN WSN

Detection and Localization of Multiple Spoofing using GADE and IDOL in WSN. U.Kavitha 1.

RECOGNIZING AND DISCOVERING SPOOFING ATTACKS FOR MOBILE ADHOC NETWORK

Clustering Based Certificate Revocation Scheme for Malicious Nodes in MANET

Detection And Prevention Of Sybil Nodes Using Threshold And Security Based Techniques In Manet. CHAPTER 1. Abstract. Introduction

Spoofing Detection in Wireless Networks

Sleep/Wake Aware Local Monitoring (SLAM)

IdentityMappingSchemewithCBDSApproachtoSecureMANET

Identification and Prevention of ARP Spoofing, Sybil Attacks in Mobile Ad Hoc Networks

Implementing Crytoptographic Technique in Cluster Based Environment for Secure Mobile Adhoc Networks

Index terms Wireless Mesh networks, Selective forwarding attacks, Route Reply Packet, Fuzzy Logic, Detection threshold.

Detection and Localization of Multiple Spoofing Attackers in Wireless Networks Using Data Mining Techniques

Sybil Attack In High Throughput Multicast Routing In Wireless Mesh Network

Spoofing Attacks in wireless Sensor Networks

CASER Protocol Using DCFN Mechanism in Wireless Sensor Network

Secure Enhanced Authenticated Routing Protocol for Mobile Ad Hoc Networks

Securing MANETs using Cluster-based Certificate Revocation Method: An Overview

Sybil Attack Detection and Prevention Using AODV in VANET

Effective Cluster Based Certificate Revocation with Vindication Capability in MANETS Project Report

Considerable Detection of Black Hole Attack and Analyzing its Performance on AODV Routing Protocol in MANET (Mobile Ad Hoc Network)

Enhancing Security in MANET Using CCRVC Scheme

Quadratic Route Factor Estimation Technique for Routing Attack Detection in Wireless Adhoc Networks

Figure 1. Clustering in MANET.

Quadratic Route Factor Estimation Technique for Routing Attack Detection in Wireless Adhoc Networks

TDMA-Based Detection of Packet Modification Attacks in Wireless Sensor Networks 1

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures

Security in Mobile Ad-hoc Networks. Wormhole Attacks

A REVIEW PAPER ON DETECTION AND PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK

Detection and Removal of Black Hole Attack in Mobile Ad hoc Network

Keywords: Blackhole attack, MANET, Misbehaving Nodes, AODV, RIP, PDR

Defending MANET against Blackhole Attackusing Modified AODV

Detection of Vampire Attack in Wireless Adhoc

Hierarchical Energy Efficient Clustering Algorithm for WSN

Routing Scheme in Energy efficient based Protocols for Wireless Sensor Networks

Fig. 2: Architecture of sensor node

Wireless Sensor Networks: Clustering, Routing, Localization, Time Synchronization

An Algorithm for Dynamic SDN Controller in Data Centre Networks

ComparisonofPacketDeliveryforblackholeattackinadhocnetwork. Comparison of Packet Delivery for Black Hole Attack in ad hoc Network

CLUSTER BASED ROUTING PROTOCOL FOR WIRELESS SENSOR NETWORKS

Detecting and Identifying the Location of Multiple Spoofing Adversaries in Wireless Network

Wireless Sensor Networks: Security Issues, Challenges and Solutions

AN EFFICIENT MAC PROTOCOL FOR SUPPORTING QOS IN WIRELESS SENSOR NETWORKS

A Review on Mobile Ad Hoc Network Attacks with Trust Mechanism

Black Hole Detection Scheme in WSN for Mobile Replica Node Detection and Rejection

PRIVACY AND TRUST-AWARE FRAMEWORK FOR SECURE ROUTING IN WIRELESS MESH NETWORKS

Deepti Jaglan. Keywords - WSN, Criticalities, Issues, Architecture, Communication.

PEERLESS JAMMING ATTACKS AND NETWORK FORTIFICATION POLICIES IN WIRELESS SENSOR NETWORKS

A METHOD TO DETECT PACKET DROP ATTACK IN MANET

A CDCA-TRACE MAC PROTOCOL FRAMEWORK IN MOBILE AD-HOC NETWORK

GROUP MANAGEMENT IN MOBILE ADHOC NETWORKS

Dr. Anuj Kumar Sharma 2 Associate professor (CSE) Department of Computer Science and Engineering

Ensuring Trustworthiness and Security during Data Transmission in Multihop Wireless Networks

Design and Implementation of TARF: A Trust-Aware Routing Framework for WSNs

Detection of Wormhole Attacks in Wireless Sensor Networks

[Manjrekar*, 4(11): November, 2015] ISSN: (I2OR), Publication Impact Factor: 3.785

Security Issues In Mobile Ad hoc Network Routing Protocols

Secure Routing and Transmission Protocols for Ad Hoc Networks

Implementation: Detection of Blackhole Mechanism on MANET

Realization of Fault Tolerant Routing Protocol for Zigbee

Cluster based certificate revocation For mobile ad hoc networks

A Survey on Wormhole attack in VANET

SEAR: SECURED ENERGY-AWARE ROUTING WITH TRUSTED PAYMENT MODEL FOR WIRELESS NETWORKS

Performance Comparison of DSDV, AODV, DSR, Routing protocols for MANETs

Tracing down Black hole attack in MANETS

Detection and Localization of Multiple Spoofing Attackers in Wireless Network

CLUSTER-BASED CERTIFICATE REVOCATION IN MOBILE AD-HOC NETWORK USING FUZZY LOGIC Dipti S Sawant 1, Prof. E. Jayanthi 2 1,2

CROSS LAYER PROTOCOL (APTEEN) USING WSN FOR REAL TIME APPLICATION

CONCLUSIONS AND SCOPE FOR FUTURE WORK

Performance Analysis of Mobile Ad Hoc Network in the Presence of Wormhole Attack

Challenges in Mobile Ad Hoc Network

Intrusion Detection System for Rushing Attack in MANETs

ICMP and Monitoring to Detect and Isolate Sybil Attack in VANET

BYZANTINE ATTACK ON WIRELESS MESH NETWORKS: A SURVEY

Security Enhancements for Mobile Ad Hoc Networks with Trust Management Using Uncertain Reasoning

A METHOD FOR DETECTING FALSE POSITIVE AND FALSE NEGATIVE ATTACKS USING SIMULATION MODELS IN STATISTICAL EN- ROUTE FILTERING BASED WSNS

Performance Analysis of AODV Routing Protocol with and without Malicious Attack in Mobile Adhoc Networks

Defenses against Wormhole Attack

Selfish Scheduler for Packet Scheduling Based on Packet Weighted Energy Drain Rate in Manets

Improving ZRP Protocol against Blackhole Attack

ENERGY-EFFICIENT TRUST SYSTEM THROUGH WATCHDOG OPTIMIZATION

Analysis of Worm-Hole Attack in MANET using AODV Routing Protocol

CMNTS:Catching Malicious Nodes with Trust Support in Wireless Sensor Networks

Cross Layer Detection of Wormhole In MANET Using FIS

An Efficient Scheme for Detecting Malicious Nodes in Mobile ad Hoc Networks

An Energy Efficient Intrusion Detection System in MANET.

Study and Comparison of Mesh and Tree- Based Multicast Routing Protocols for MANETs

Regression Based Cluster Formation for Enhancement of Lifetime of WSN

International Journal of Advance Engineering and Research Development

A Survey - Energy Efficient Routing Protocols in MANET

Impact of Black Hole and Sink Hole Attacks on Routing Protocols for WSN

A Review Paper on Secure Routing Technique for MANETs

Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks

International Journal of Advanced Engineering Research and Science (IJAERS) [Vol-1, Issue-2, July 2014] ISSN:

TOWARD PRIVACY PRESERVING AND COLLUSION RESISTANCE IN A LOCATION PROOF UPDATING SYSTEM

An Agent Based Approach for Sinkhole Preventive Route formation in Mobile Network

Ad-hoc Trusted Information Exchange Scheme for Location Privacy in VANET

Transcription:

Middle-East Journal of Scientific Research 23 (Sensing, Signal Processing and Security): 202-206, 2015 ISSN 1990-9233 IDOSI Publications, 2015 DOI: 10.5829/idosi.mejsr.2015.23.ssps.55 Detection of Sybil Attack in Wireless Sensor Network 1 2 V. Sujatha and E.A. Mary Anita 1 Department of Computer Applications, S.A.Engineering College, Chennai, India 1 Research Scholar, AMET University, Chennai, India 2 Professor, Department of CSE, S.A. Engineering College, Chennai, India Abstract: In Wireless networks the legitimacy and uniqueness is essential due to the broadcast nature of wireless medium. In this paper, we investigate Sybil attack which is one of the most disrupting attacks in the context of wireless sensor networks. In this attack, a node illegitimately asserts numerous characters and acquires multiple identities and performs as the original nodes causing disrupts in routing, voting, data leakage and data aggregation. A lightweight scheme is proposed to detect the new identities of Sybil nodes without using centralized trusted third party and our scheme utilizes neighborhood RSS to differentiate between the legitimate and Sybil identities. Key words: Sybil attack Sensor Network Throughput Delay INTRODUCTION technique based on using ratios of RSSIs from multiple nodes. The technique was first introduced by Sohail Wireless Sensor Networks (WSN)are heterogeneous Abbas et al. [1] as a localization solution in mobile adhoc systems consisting of hundreds and thousands of self- networks and this is now extended to WSN. This method organizing spatially distributed autonomous nodes. As presents a robust and lightweight solution for Sybil attack wireless networks are adopted in diverse environments problem based on received signal strength indicator and applications, the focus is on routing security. The (RSSI) readings of messages. security has become one of their top priorities. The uniqueness and legitimacy of the node identity must be Related Work: Chris Piro, et al. [2] have proposed that imposed to facilitate the primary operations like routing, the mobility of nodes in a wireless network can be used to resource allocation and misbehavior detection. detect and identify nodes that are part of a Sybil attack. In this paper, we focus on the Sybil attack which is to Two methods have been proposed which can run on denote an attack where the Sybil node claims multiple standard, inexpensive equipment without any special identities or claims fake IDs. Due to this attack, the node antennae or hardware and with only very loose clock replicates itself to confuse the network. In WSN, a Sybil synchronization. attacker can change the aggregated analysis of outcome M. Merabit et al. [3] suggest that nodes can locally by acting or subsidizing many times as a different node. determine their locations through received signal strength Sybil attacker being an inside and passive attacker, it is variations and inform the neighbors about the location desirable to detect the Sybil attack in order to eliminate updates automatically. them. Raghu Vamsi P, et al. [4] have proposed a A Sybil attacker can disturb the location-based lightweight Sybil attack detection framework which routing by participating in the routing, giving the fake consists of evidence collection and validation. impression of being individual nodes on different Every node in the network collects the evidences by locations. The Sybil attack detection process can also be observing the activities of neighboring nodes. These implied with use of cryptographic authentication but this evidences are validated by running sequential hypothesis incurs overhead since the maintenance of random keys is test to decide whether neighboring node is a Sybil node difficult. This paper implements a Sybil attack detection or not. Corresponding Author: V. Sujatha, Department of Computer Applications, S.A. Engineering College, Chennai, India. E-mail: sujathasheik@yahoo.co.in. 202

Sohail Abbas, et al. [5] have proposed a method for preventing whitewashing attack by one-time location information at the time when new nodes join the network which substantially reduces the overhead incurred by periodic dissemination of location information. Xiaoyazhu et al. [6] address Sybil attack by a RSSIbased distributed detection mechanisms. In this the protocol is designed on MAC layer, so as to run on WSN systems with different routing protocols. Location based solutions are the most important problems in which the node self-localization causes lot of communication overhead and computation. Yingyingchen, et al. [7] have proposed a method for detecting both spoofing and Sybil attacks with high detection rate and a low false-positive rate, thereby providing strong evidence of the effectiveness of the attack detector utilizing the spatial correlation of RSS and the attack localizer. Yingyingchen, et al. [8] have proposed a method for both detecting spoofing attacks as well as locating the positions of adversaries performing the attacks. This approach utilizes the Received Signal Strength (RSS) measured across a set of access points to perform spoofing detection and localization. Node Legitima te node WSN Identity of each nodes RSS values SYBIL DETECTION Low Fig. 1: System Architecture. RSS thresholdvalue between the nodes, RSS and store them in the neighbor table. After a certain time of network operation, an adversary captures and alters one or more legitimate nodes and places back in the network. These nodes try to convert its neighboring nodes as malicious ones. The signal strength of the newly created identity will be high so that it cannot be distinguished from the newly joined Proposed Work: A light weight scheme is proposed to neighbor. The greater the transmission rate of the node, detect the Sybil identity without using third parties. In earlier their presence will be acknowledged and vice versa. particular, the scheme uses the RSS in order to The distinction between the Sybil node and a differentiate between the legitimate and Sybil node. This legitimate node can be estimated using the signal method detects all Sybil attack cases with very little false- strength. Also, each node captures and stores the signal positives. strength of the transmissions received from neighboring Let S be a set of n sensor nodes deployed in a nodes. Detection of threshold values are nothing but the geographical region. These nodes interact directly with smallest readable RSS values. Detection threshold values each other to forward the packet. It adopts that each node are set up based on the RSS threshold values like If RSSs has a unique identity and is aware of its own location. from newcomers is greater than the threshold which imply Each node makes use of promiscuous mode of the abnormal entry into the neighborhood. In this case, it network interface. This strategy detects every new checks the identity of both nodes. If the node identity for identity created by a Sybil attacker. The two types of both nodes are the same, then it checks for the RSS Sybil attack has been defined, In the first type, the values of both the nodes. If it is greater than or equal to attacker creates new identity while discarding the the threshold, which indicates that the new node lies near previously created one, thereby having only one identity in the neighborhood and its entry is not normal into the of the attacker at a time in the network. The Figure 1 neighborhood. Its address is added to the malicious shows the System Architecture. node list. This is called as join-and-leave attack. In the other Otherwise, the address is added to the RSS table and type, the attacker concurrently uses all its identities for an a link list is created in order to store the received RSS. attack which is called as simultaneous Sybil attack. In the Finally, the size of the link list is checked to see if it is network, each node maintains a neighbor table to store greater than LIST-SIZE. If so, the old RSS is removed from information associated with their neighbors. If the the list. If the RSS values of any one of the node is greater information consists of identity of the node and location, than the other node, then it is considered as the Sybil then the receiving node shall compute the distance node. High Sybil node 203

Algorithm: addnewrss (Address, rss, time-recv) BEGIN SUB: IF: Address is not in the Table THEN: IF: rss>=ub-threshold THEN: Add-to-Malicious list(address) Bcast-Detection-Update(Address) ELSE: Add-to-Table(Address) END-IF Create-Record(Address) Push-back(rss, time-recv) IF: list-size> LIST-SIZE THEN: Pop-front() END SUB: Simulation: Consider the set of n sensor nodes being static, deployed in a geographical region. These nodes interact directly with each other to forward the packet. It is assumed that each node has a unique identity and is aware of its own location. First all these static nodes are arranged in a particular topology and start to communicate with each other. The identity and RSS values of each nodes are identified and a particular RSS_threshold value is noted. The RSS value of each node is noted in order to differentiate the normal node and a Sybil node. The Figure 2 shows the calculation of RSS. The comparison of all node identity are taken and stored. If these values are the same, then the RSS values of the node is checked with the threshold values which have already been taken. If the value is greater, then it is considered as a Sybil node. Figure 3 shows the detection of Sybil node. If the value is lesser or equal to the threshold value then it is regarded as a legitimate node. Figure 4 Shows Sybil nodes. The comparisons are made with the parameters namely: Throughput, end-to-end delay, packet-loss ratio, true positive rates and false positive rates. Throughput: Throughput denotes the rate of successful delivery. Figure 5 shows the comparison of the throughput in the presence of Sybil node and in the absence of the Sybil node. The throughput decreases in the presence of Sybil node. As the packets that are routed decrease, the throughput value decreases and vice versa. Fig. 2: Calculation of RSS Fig. 3: Detection of Sybil node Fig. 4: Sybil nodes 204

Fig. 5: Throughput with and without Sybil node Fig. 7: True positive rate Fig. 6: End-to-End delay End-to-end delay: End-to-end delay denotes the delay occurring during the transmission of each and every node. Figure 6 shows the comparison of the end-to-end delay in the presence of Sybil node and in the absence of the Sybil node. As time increases the end-to-end delay will be more when there is a Sybil node and it will be less in the absence of the Sybil node. Fig. 8: False positive rate True Positive Rate: True positive rate means a malicious node is correctly detected. Figure 7 shows the True positive rates of the nodes in the network according to the simulation time. The true positive rate in the proposed scheme results up to 80%. False Positive Rate: False positive rate means a malicious node is not detected correctly. Fig. 9: Comparison of True positive and False positive rate 205

Figure 8 shows the false positive rate in the network. REFERENCES This value is compared with the simulation time. Hence in this network the false positive rate is up to (16%). False 1. Sohail Abbas, MadjidMerabti, David Llewellynpositive means a good or legitimate node is incorrectly Jones and Kashif kifayat, 2013. Lightweight Sybil detected as a malicious. Attack Detection in MANETs, IEEE Systems Figure 9 shows the comparison of true positive rate Journal, 7(2), June 2013. and the false positive rate with respect to the simulation 2. Chris Piro Clay Shields Brian Neil Levine, 2013. time. Hence in this paper, the true positive result is up to Detecting the Sybil Attack in Mobile Adhoc 80% and the false positive rate is up to 16%. Networks IEEE Communications Letters, 17(5), In this paper the true positive result is more when May 2013. compared to the result of the false positive. Hence this 3. Merabit, M. and D. Llewellyn-Jones, 2009. system is proposed with the good accuracy. Signal Strength Based Sybil Attack Detection In Wireless AdhocNetworks,IEEE Trans. Mobile CONCLUSION Comput., 5(1): 43-51, Jan. 2009. 4. Raghu Vamsi, P. and Krishna Kant, 2014. In this proposed scheme a RSS based process is A Lightweight Sybil Attack Detection Framework used in wireless sensor network to detect Sybil attacks. It For Wireless Sensor Networks. is verified that a detection threshold makes the distinction 5. Sohail Abbas, Madjid Merabti and David Llewellynbetween legitimate new nodes and new malicious Jones, 2010. Deterring Whitewashing Attacks in identities. The factors such as throughput, packet loss Reputation Based Schemes for Mobile Ad hoc ratio, end-to-end delay, true positive rates, false positive Networks. rates analyze the performance of the system. The 6. Xiaoyazhu, Xianchun Zhou, 2013. A Regional simulation results show that this scheme has a high level Statistics Detection Scheme Against Sybil Attacks In of accuracy. This detection process gives us the high true WSNs, IEEETrans. Mobile Comput., 2(3): 257-269, positive rates up to 80% and the low false positive rates Jul-Sep 2013. that ranges to 16%. 7. Yingyingchen, JieYang, Richard p Martin and Wade Trappe, 2010. Detecting And Localizing Identity-Based Attacks In Wireless And Sensor Networks. 8. Yingyingchen, Wade Trappe, Richard p Martin and Wade Trappe, 2010. Detecting And Localizing Wireless Spoofing Attacks IEE Trans. Veh. Technol., 59(5): 2418-2434, Jun 2010. 206

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback