TY - GEN
T1 - Vulnerability assessment of intrusion recovery countermeasures in wireless sensor networks
AU - Stavrou, Eliana
AU - Pitsillides, Andreas
PY - 2011
Y1 - 2011
N2 - Wireless sensor networks (WSNs) have become a hot research topic in recent years and are considered to be one of the building blocks of pervasive computing. Many diverse, mission-critical applications are deployed, including military, rescue, healthcare, factory floor, and smart homes. Security is a fundamental requirement in such sensitive applications in order to ensure their reliable and stable operation. However, security is a fairly difficult task to achieve. The open nature of the wireless communication, the unrestricted deployment and limitations of WSNs and the existence of a variety of attacks threaten the security of a sensor network. Currently, research efforts have mainly focused on developing prevention and intrusion detection mechanisms in WSNs. Intrusion recovery is also an important aspect of security provisioning that is not given the same attention. Researchers have proposed intrusion recovery protocols to restore the network's operation when an attack is detected. Their designs are mostly based on simplified threat models, making the intrusion recovery countermeasures vulnerable to advanced threat models. Although the network may recover its operation after an attack is detected, it does not mean that the threat is eliminated. For example, a persistent adversary can adapt his intrusion strategy to compromise the deployed recovery countermeasure. This research work evaluates the robustness and reliability of well-known recovery countermeasures in WSNs against persistent adversaries. Evaluation results have shown that existing intrusion recovery solutions are vulnerable and can be exploited under different attack strategies in order to compromise the applied recovery countermeasures, and thus the network. The vulnerability assessment is carried out using ns-2 simulations in an IEEE 802.15.4 network and within the AODV context. Observations derived from the assessment contribute towards future directions that can drive new designs of intrusion recovery protocols in WSNs.
AB - Wireless sensor networks (WSNs) have become a hot research topic in recent years and are considered to be one of the building blocks of pervasive computing. Many diverse, mission-critical applications are deployed, including military, rescue, healthcare, factory floor, and smart homes. Security is a fundamental requirement in such sensitive applications in order to ensure their reliable and stable operation. However, security is a fairly difficult task to achieve. The open nature of the wireless communication, the unrestricted deployment and limitations of WSNs and the existence of a variety of attacks threaten the security of a sensor network. Currently, research efforts have mainly focused on developing prevention and intrusion detection mechanisms in WSNs. Intrusion recovery is also an important aspect of security provisioning that is not given the same attention. Researchers have proposed intrusion recovery protocols to restore the network's operation when an attack is detected. Their designs are mostly based on simplified threat models, making the intrusion recovery countermeasures vulnerable to advanced threat models. Although the network may recover its operation after an attack is detected, it does not mean that the threat is eliminated. For example, a persistent adversary can adapt his intrusion strategy to compromise the deployed recovery countermeasure. This research work evaluates the robustness and reliability of well-known recovery countermeasures in WSNs against persistent adversaries. Evaluation results have shown that existing intrusion recovery solutions are vulnerable and can be exploited under different attack strategies in order to compromise the applied recovery countermeasures, and thus the network. The vulnerability assessment is carried out using ns-2 simulations in an IEEE 802.15.4 network and within the AODV context. Observations derived from the assessment contribute towards future directions that can drive new designs of intrusion recovery protocols in WSNs.
KW - WSN security
KW - advanced threat model
KW - intrusion recovery
KW - vulnerability assessment
UR - http://www.scopus.com/inward/record.url?scp=80052695609&partnerID=8YFLogxK
U2 - 10.1109/ISCC.2011.5983922
DO - 10.1109/ISCC.2011.5983922
M3 - Conference contribution
AN - SCOPUS:80052695609
SN - 9781457706783
T3 - Proceedings - IEEE Symposium on Computers and Communications
SP - 706
EP - 712
BT - 16th IEEE Symposium on Computers and Communications, ISCC'11
T2 - 16th IEEE Symposium on Computers and Communications, ISCC'11
Y2 - 28 June 2011 through 1 July 2011
ER -