Dependable wireless sensor networks for reliable and secure humanitarian relief applications

Issa Khalil, Abdallah Khreishah, Faheem Ahmed, Khaled Shuaib

Research output: Contribution to journalArticle

19 Citations (Scopus)

Abstract

Disasters such as flooding, earthquake, famine and terrorist attacks might occur any time anywhere without prior warnings. In most cases it is difficult to predict when a disaster might occur however, well-planned disaster recovery procedures will reduce the intensity of expected consequences. When a disaster occurs, infrastructure based communications are most likely to be crippled, worsening the critical situation on hand. Wireless ad hoc and sensor network (WASN) technologies are proven to be valuable in coordinating and managing rescue operations during disasters. However, the increasing reliance on WASNs make them attractive to malicious attackers, especially terrorist groups, in a bid to hamper rescue operations amplifying the damage and increasing the number of casualties. Therefore, it is necessary to ensure the fidelity of data traffic through WASN against malicious traffic disruption attacks. In this paper, we first demonstrate how WASN can be used in a well-planned disaster recovery effort. Then, we introduce and analyze one of the most severe traffic disruption attacks against WASNs, called Identity Delegation, and its countermeasures. Its severity lies in its capability to evade detection by even state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes for dropping the traffic. We introduce a technique to mitigate identity delegation attack, dubbed Sadec, and compare it with the state-of-the-art mitigation technique namely Basic Local Monitoring (BLM) under a wide range of network scenarios. Our analysis which is validated by extensive ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation attacks while Sadec successfully mitigates them. The results also show that Sadec achieves higher delivery ratios of data packets compared to BLM. On the other hand, the results show similar behavior in framing probabilities between Sadec and BLM. However, the desirable features of Sadec come at the expense of higher false isolation probabilities in networks with heavy traffic load and poor communication links.

Original languageEnglish
Pages (from-to)94-106
Number of pages13
JournalAd Hoc Networks
Volume13
Issue numberPART A
DOIs
Publication statusPublished - 1 Feb 2014
Externally publishedYes

Fingerprint

Disasters
Wireless sensor networks
Wireless ad hoc networks
Monitoring
Sensor networks
Recovery
Intrusion detection
Telecommunication traffic
Telecommunication links
Earthquakes
Communication

Keywords

  • Identity delegation
  • Local monitoring
  • Multi-hop wireless networks
  • Packet dropping
  • Security attacks

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software

Cite this

Dependable wireless sensor networks for reliable and secure humanitarian relief applications. / Khalil, Issa; Khreishah, Abdallah; Ahmed, Faheem; Shuaib, Khaled.

In: Ad Hoc Networks, Vol. 13, No. PART A, 01.02.2014, p. 94-106.

Research output: Contribution to journalArticle

Khalil, Issa ; Khreishah, Abdallah ; Ahmed, Faheem ; Shuaib, Khaled. / Dependable wireless sensor networks for reliable and secure humanitarian relief applications. In: Ad Hoc Networks. 2014 ; Vol. 13, No. PART A. pp. 94-106.
@article{1c3ab3e73dfa4af8976554ce145b7c22,
title = "Dependable wireless sensor networks for reliable and secure humanitarian relief applications",
abstract = "Disasters such as flooding, earthquake, famine and terrorist attacks might occur any time anywhere without prior warnings. In most cases it is difficult to predict when a disaster might occur however, well-planned disaster recovery procedures will reduce the intensity of expected consequences. When a disaster occurs, infrastructure based communications are most likely to be crippled, worsening the critical situation on hand. Wireless ad hoc and sensor network (WASN) technologies are proven to be valuable in coordinating and managing rescue operations during disasters. However, the increasing reliance on WASNs make them attractive to malicious attackers, especially terrorist groups, in a bid to hamper rescue operations amplifying the damage and increasing the number of casualties. Therefore, it is necessary to ensure the fidelity of data traffic through WASN against malicious traffic disruption attacks. In this paper, we first demonstrate how WASN can be used in a well-planned disaster recovery effort. Then, we introduce and analyze one of the most severe traffic disruption attacks against WASNs, called Identity Delegation, and its countermeasures. Its severity lies in its capability to evade detection by even state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes for dropping the traffic. We introduce a technique to mitigate identity delegation attack, dubbed Sadec, and compare it with the state-of-the-art mitigation technique namely Basic Local Monitoring (BLM) under a wide range of network scenarios. Our analysis which is validated by extensive ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation attacks while Sadec successfully mitigates them. The results also show that Sadec achieves higher delivery ratios of data packets compared to BLM. On the other hand, the results show similar behavior in framing probabilities between Sadec and BLM. However, the desirable features of Sadec come at the expense of higher false isolation probabilities in networks with heavy traffic load and poor communication links.",
keywords = "Identity delegation, Local monitoring, Multi-hop wireless networks, Packet dropping, Security attacks",
author = "Issa Khalil and Abdallah Khreishah and Faheem Ahmed and Khaled Shuaib",
year = "2014",
month = "2",
day = "1",
doi = "10.1016/j.adhoc.2012.06.002",
language = "English",
volume = "13",
pages = "94--106",
journal = "Ad Hoc Networks",
issn = "1570-8705",
publisher = "Elsevier",
number = "PART A",

}

TY - JOUR

T1 - Dependable wireless sensor networks for reliable and secure humanitarian relief applications

AU - Khalil, Issa

AU - Khreishah, Abdallah

AU - Ahmed, Faheem

AU - Shuaib, Khaled

PY - 2014/2/1

Y1 - 2014/2/1

N2 - Disasters such as flooding, earthquake, famine and terrorist attacks might occur any time anywhere without prior warnings. In most cases it is difficult to predict when a disaster might occur however, well-planned disaster recovery procedures will reduce the intensity of expected consequences. When a disaster occurs, infrastructure based communications are most likely to be crippled, worsening the critical situation on hand. Wireless ad hoc and sensor network (WASN) technologies are proven to be valuable in coordinating and managing rescue operations during disasters. However, the increasing reliance on WASNs make them attractive to malicious attackers, especially terrorist groups, in a bid to hamper rescue operations amplifying the damage and increasing the number of casualties. Therefore, it is necessary to ensure the fidelity of data traffic through WASN against malicious traffic disruption attacks. In this paper, we first demonstrate how WASN can be used in a well-planned disaster recovery effort. Then, we introduce and analyze one of the most severe traffic disruption attacks against WASNs, called Identity Delegation, and its countermeasures. Its severity lies in its capability to evade detection by even state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes for dropping the traffic. We introduce a technique to mitigate identity delegation attack, dubbed Sadec, and compare it with the state-of-the-art mitigation technique namely Basic Local Monitoring (BLM) under a wide range of network scenarios. Our analysis which is validated by extensive ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation attacks while Sadec successfully mitigates them. The results also show that Sadec achieves higher delivery ratios of data packets compared to BLM. On the other hand, the results show similar behavior in framing probabilities between Sadec and BLM. However, the desirable features of Sadec come at the expense of higher false isolation probabilities in networks with heavy traffic load and poor communication links.

AB - Disasters such as flooding, earthquake, famine and terrorist attacks might occur any time anywhere without prior warnings. In most cases it is difficult to predict when a disaster might occur however, well-planned disaster recovery procedures will reduce the intensity of expected consequences. When a disaster occurs, infrastructure based communications are most likely to be crippled, worsening the critical situation on hand. Wireless ad hoc and sensor network (WASN) technologies are proven to be valuable in coordinating and managing rescue operations during disasters. However, the increasing reliance on WASNs make them attractive to malicious attackers, especially terrorist groups, in a bid to hamper rescue operations amplifying the damage and increasing the number of casualties. Therefore, it is necessary to ensure the fidelity of data traffic through WASN against malicious traffic disruption attacks. In this paper, we first demonstrate how WASN can be used in a well-planned disaster recovery effort. Then, we introduce and analyze one of the most severe traffic disruption attacks against WASNs, called Identity Delegation, and its countermeasures. Its severity lies in its capability to evade detection by even state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes for dropping the traffic. We introduce a technique to mitigate identity delegation attack, dubbed Sadec, and compare it with the state-of-the-art mitigation technique namely Basic Local Monitoring (BLM) under a wide range of network scenarios. Our analysis which is validated by extensive ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation attacks while Sadec successfully mitigates them. The results also show that Sadec achieves higher delivery ratios of data packets compared to BLM. On the other hand, the results show similar behavior in framing probabilities between Sadec and BLM. However, the desirable features of Sadec come at the expense of higher false isolation probabilities in networks with heavy traffic load and poor communication links.

KW - Identity delegation

KW - Local monitoring

KW - Multi-hop wireless networks

KW - Packet dropping

KW - Security attacks

UR - http://www.scopus.com/inward/record.url?scp=84888863804&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84888863804&partnerID=8YFLogxK

U2 - 10.1016/j.adhoc.2012.06.002

DO - 10.1016/j.adhoc.2012.06.002

M3 - Article

VL - 13

SP - 94

EP - 106

JO - Ad Hoc Networks

JF - Ad Hoc Networks

SN - 1570-8705

IS - PART A

ER -