Vulnerability assessment of intrusion recovery countermeasures in wireless sensor networks

Wireless sensor networks (WSNs) have become a hot research topic in recent years and are considered to be one of the building blocks of pervasive computing. Many diverse, mission-critical applications are deployed, including military, rescue, healthcare, factory floor, and smart homes. Security is a fundamental requirement in such sensitive applications in order to ensure their reliable and stable operation. However, security is a fairly difficult task to achieve. The open nature of the wireless communication, the unrestricted deployment and limitations of WSNs and the existence of a variety of attacks threaten the security of a sensor network. Currently, research efforts have mainly focused on developing prevention and intrusion detection mechanisms in WSNs. Intrusion recovery is also an important aspect of security provisioning that is not given the same attention. Researchers have proposed intrusion recovery protocols to restore the network´s operation when an attack is detected. Their designs are mostly based on simplified threat models, making the intrusion recovery countermeasures vulnerable to advanced threat models. Although the network may recover its operation after an attack is detected, it does not mean that the threat is eliminated. For example, a persistent adversary can adapt his intrusion strategy to compromise the deployed recovery countermeasure. This research work evaluates the robustness and reliability of well-known recovery countermeasures in WSNs against persistent adversaries. Evaluation results have shown that existing intrusion recovery solutions are vulnerable and can be exploited under different attack strategies in order to compromise the applied recovery countermeasures, and thus the network. The vulnerability assessment is carried out using ns-2 simulations in an IEEE 802.15.4 network and within the AODV context. Observations derived from the assessment contribute towards future directions that can drive new designs of intrusion recov- - ery protocols in WSNs.