Hop-Count Monitoring: Detecting Sinkhole Attacks in Wireless Sensor Networks

Author

Dallas, Daniel ; Leckie, Christopher ; Ramamohanarao, Kotagiri

Author_Institution

Melbourne Univ., Melbourne

fYear

2007

fDate

19-21 Nov. 2007

Firstpage

176

Lastpage

181

Abstract

We investigate the problem of defending wireless sensor networks against attacks that disrupt dynamic routing protocols. We propose a novel intrusion detection system that detects the presence of a sinkhole attack, or any attack that misleads traffic by understating the cost of an attack route. Our study shows that protocols designed to select the shortest path between two nodes will, through time, select a series of paths whose length exhibits a log-normal distribution. By deriving tolerance limits from the lognormal distribution of path lengths under normal conditions, we develop an anomaly detection scheme that detects sinkhole attacks in a computationally efficient manner. We show that our scheme can detect attacks with 96% accuracy and no false alarms using a single detection system in a simulated network.

Keywords

log normal distribution; routing protocols; telecommunication network management; telecommunication security; wireless sensor networks; anomaly detection scheme; dynamic routing protocols; hop-count monitoring; intrusion detection system; log-normal distribution; sinkhole attack detection; wireless sensor networks; Base stations; Communication system traffic control; Cryptography; Intrusion detection; Monitoring; Protection; Routing protocols; Telecommunication traffic; Wireless sensor networks; ZigBee;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks, 2007. ICON 2007. 15th IEEE International Conference on

Conference_Location

Adelaide, SA

ISSN

1556-6463

Print_ISBN

978-1-4244-1230-3

Electronic_ISBN

1556-6463

Type

conf

DOI

10.1109/ICON.2007.4444082

Filename

4444082