Patent Application
20090325478
The present invention relates to a denial-of-service attacks in a wireless sensor network and the defending scheme thereof, and particularly a power exhaustion denial-of-service attack possessing learning capability and attacking the routing layer of the wireless sensor network in a mobile manner, and a defending scheme for dividing the nodes in a wireless sensor network into a plurality of topologies when the attacker initiates the mobile jamming attack on a certain area to alleviate the damage level of the entire wireless sensor network.
There are a lot of types of jamming attacks. The object is to jam the system from providing services in a short term, in which the power exhaustion denial-of-service attack is a very destructive attack. Because the lifespan of sensor nodes in a wireless network is limited by the power consumption of the battery, when the power is exhausted, the sensor nodes can not operate. For example, the attacker can fake a message asking the sensors nodes continuously retransmitting messages to exhaust its energy. In the wireless sensor network, the data transmission is the most power-consuming.
The jamming attack can be initiated on the link layer or the physical layer. The jamming attack on the link layer employs a jammer to interfere the communication among the sensor nodes. This kind of jamming attack actually employs some weaknesses of the link layer protocol. The jamming attack on the physical layer employs the radio frequency to interfere the opened wireless environment. Because the sensor node only has a single channel, the jammer will seize the usage right of the channel, the sensor node could not transmit the sensing message to the base station.
However, for the conventional jamming attack, after the attacker distributing the mobile jammer initiating the jamming attack to the wireless sensor network, the location of the attacker initiating the jamming attack is the location of distribution. At this time, the jammed sensor node is possibly the unimportant node in a role among the wireless sensors, so that the affected range to the entire wireless sensor network is not so large.
Based on the conventional jamming attack, the defending scheme can be classified into an active mode and a passive mode. The active mode can detect the occurred attack and find out the jammed areas. However, this kind of defending scheme will increase the overhead of transmission and operation of the sensor node, and will easily exhaust the lifespan of the sensor node.
The passive mode employs modifying the MAC layer protocol or reducing the packet transmission frequency to achieve the purpose of power saving. S-MAC (Sensor MAC) and T-MAC (Timeout MAC) are the associated communication protocol. S-MAC employs the periodical sleep mode to make the wireless sensor enter the sleep state to achieve the power-saving effect, but entering the sleep state will stop the data transmission and cause the sleep delay. T-MAC reduces the working period to achieve the purpose of power-saving, but it did not consider the data transmission performance and the problem of sleep delay. Furthermore, except of the above-mentioned problems, both communication protocols, S-MAC and T-MAC have a common defect under the jamming attack, which is that both of the communication protocols will be destroyed by only jamming the data packets and the control packets.
To this end, the applicant has developed the “denial-of-service attacks in a wireless sensor network and the defending scheme thereof” as the present application, so as to improve the defects in the prior art.
The first object of the present invention is to provide a mobile denial-of-service attack method applied in a wireless sensor network having a plurality of sensor nodes. The method includes the following steps: (a) distributing a mobile jammer initiating a jamming attack to the wireless sensor network; (b) configuring a jamming threshold; (c) monitoring a network throughput of a sensor node adjacent to the mobile jammer, and learning a data flow direction of the sensor node; (d) determining if the network throughput of the sensor node is lower than the jamming threshold; (e) continuously moving the mobile jamming toward the upstream along the data flow direction and re-executing step (c) if the network throughput has not reached the jamming threshold; and, (f) otherwise, confirming if the sensor node is located on a critical path of a base station connected to the wireless sensor network, and initiating the attack on the sensor node and at least one sensor node on the neighborhood to generate a jammed area, so that the sensor nodes jammed in the jammed area and at least one affected sensor node in the downstream all fail to transmit data to the base station of the wireless sensor network.
According to the above-mentioned method, the critical path in step (e) is a routing path sequentially connecting the sensor nodes with the network throughput larger than the jamming threshold to the base station of the wireless sensor network.
The above-mentioned method can be applied to military surveillance, field ecological observation, and home security systems.
The second object of the present invention is to provide a mobile denial-of-service defending method, which is applied when there is only one critical path connected to a base station in a wireless sensor network having a plurality of sensor nodes is under the attack of a mobile jammer. The method includes the following steps: (a) dividing the sensor nodes in the wireless sensor network into a plurality of topologies with different data flow direction, in which any one of the sensor nodes belonging to any topology only communicates with other sensor nodes belonging to the same topology; (b) switching at least one jammed sensor nodes in the sensor nodes which fails to transmit data to the base station of the wireless sensor network and at least one affected sensor node in the downstream upon being attacked by the mobile jammer to a power-saving mode and reducing the transmission frequency thereof; (c) making the base station transmit a plurality of data retransmission commands to the respectively affected sensor nodes through unaffected sensor nodes in another topology overlapped with the topology to which the affected sensor nodes belong to request to retransmit the data for the affected sensor nodes lost under the attack of mobile jammer; (d) making the affected sensor nodes retransmit the lost data to the base station through the unaffected sensor nodes in another topology overlapped with the topology to which the affected sensor nodes are belonged; (e) making the jammed sensor nodes periodically check if the mobile jammer has stopped the jamming attack; (f) if the mobile jammer has stopped the jamming attack, informing the jammed sensor nodes and the affected sensor nodes in the downstream to recover an original power supply mode and the transmission frequency, and resuming transmitting sensed data to the base station according to the original topology; and, (g) otherwise, transmitting the sensed data from the affected sensor nodes to the base station through the unaffected sensor nodes in another topology overlapped with the topologies to which the affected sensor nodes belong, and repeating step (e).
According to the above-mentioned method, the topologies to which the sensor nodes belong in step (a) are respectively configured by means of a random number, and establish a corresponding routing path of their own.
The above-mentioned method can be applied for defending a denial-of-service attack initiating in a physical layer, a link layer, and a routing layer.
The above-mentioned method can be applied to military surveillance, field ecological observation, and home security systems.
The objects of the present invention and the achieved effects can be further appreciated by the following embodiments.
In order to improve the problem in the prior art that the denial-of-service attack is not provided with mobility and learning capability causing the limited affected range to the entire wireless sensor network and the defending method for the denial-of-service attack being not able to defend the mobile jamming service attack, the present application provides an innovative mobile denial-of-service attack, which can attack the routing layer of the wireless sensor network, and can not be defended by the current defending method for denial-of-service attack, and further provides a defending method for denial-of-service attach by dividing into multiple topologies to defend the mobile jamming service attack. The following description regarding to the present invention are only examples, which are used for further understanding by the skilled in the art, but not for limiting the present invention.
First, the technical process for the mobile jamming service attack according to the present invention is described as follows:
In a summary,
(a) distributing a mobile jammer initiating a jamming attack to the wireless sensor network;
(b) configuring a jamming threshold;
(c) monitoring a network throughput of a sensor node adjacent to the mobile jammer, and learning a data flow direction of the sensor node;
(d) determining if the network throughput of the sensor node is lower than the jamming threshold;
(e) continuously moving the mobile jamming toward the upstream along the data flow direction and re-executing step (c) if the network throughput has not reached the jamming threshold; and
(f) otherwise, confirming if the sensor node is located on a critical path of a base station connected to the wireless sensor network, and initiating the attack on the sensor node and at least one sensor node on the neighborhood to generate a jammed area, so that the sensor nodes jammed in the jammed area and at least one affected sensor node in the downstream all fail to transmit data to the base station of the wireless sensor network.
Next, the technical process for the defending method of the mobile jamming service attack according to the present invention is described as follows:
In a summary,
(a) dividing the sensor nodes in the wireless sensor network into a plurality of topologies with different data flow direction, in which any one of the sensor nodes belonging to any topology only communicates with other sensor nodes belonging to the same topology;
(b) switching at least one jammed sensor nodes in the sensor nodes which fails to transmit data to the base station of the wireless sensor network and at least one affected sensor node in the downstream upon being attacked by the mobile jammer to a power-saving mode and reducing the transmission frequency thereof;
(c) making the base station transmit a plurality of data retransmission commands to the respectively affected sensor nodes through unaffected sensor nodes in another topology overlapped with the topology to which the affected sensor nodes belong to request to retransmit the data for the affected sensor nodes lost under the attack of mobile jammer;
(d) making the affected sensor nodes retransmit the lost data to the base station through the unaffected sensor nodes in another topology overlapped with the topology to which the affected sensor nodes are belonged;
(e) making the jammed sensor nodes periodically check if the mobile jammer has stopped the jamming attack;
(f) if the mobile jammer has stopped the jamming attack, informing the jammed sensor nodes and the affected sensor nodes in the downstream to recover an original power supply mode and the transmission frequency, and resuming transmitting sensed data to the base station according to the original topology; and
(g) otherwise, transmitting the sensed data from the affected sensor nodes to the base station through the unaffected sensor nodes in another topology overlapped with the topologies to which the affected sensor nodes belong, and repeating step (e).
The above-mentioned mobile denial-of-service attack method and mobile denial-of-service defending method could both be applied to military surveillance, field ecological observation, and home security systems. Moreover, the mobile denial-of-service defending method according to the present invention can not only defend the mobile jamming attack provided by the present invention, but also can defend the denial-of-service attack initiated on any one of a physical layer, a link layer or a routing layer.
In a summary, the present invention provides an innovative mobile jamming attack which has mobility and learning capability and is able to attack the routing layer in a wireless sensor network, and will cause larger damages to the wireless sensor network comparing to the conventional jamming attack; and, also providing a denial-of-service attack defending method by dividing into multiple topologies, which can much reduce the affected range by the jamming attack, and can also approximately position the location and attack path by the jamming attack. The method is provides with practicability and creativity, so that the present invention can effectively improve the defects in the prior art, and further achieve the purpose for developing the present invention.
The prevent invention can be conducted with various modification by the skilled in the art having technical background, which are all not departing from the subjects to be protected by the attached claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| 096143842 | Nov 2007 | TW | national |
