Attacks on Wireless Sensor Networks

Due to the fact that the nodes of a WSN may be deployed in unprotected areas it is possible that the network will be attacked. The type of the attack is dependent on the capabilities of the adversary, on her location and on her access level. If the attacker can compromise only sensor nodes she is called a mote-class attacker.

Such an attacker is able to attack low-energy sensor nodes, but is not capable to perform strong attacks. Another type of the attacker is a laptop-class attacker using devices with stronger computational and energy resources than the sensor nodes are equipped with. Further, the adversary can be located inside or outside the network and can perform passive or active attacks. The following types of attacks can be distinguished in the WSN world:

3.1. WIRELESS SENSOR NETWORKS 25

ˆ Man in the Middle attack.

An adversary pretends to be a network member and controls the commu-nication between the nodes. She is able to steal or even to manipulate the data. An example of such an attack is the exchange of the authorized public key used for encryption of data by one provided by the adversary. After that the adversary is able to decrypt the exchanged data.

ˆ Node replication attack.

An adversary can get access to the security parameters, like secret keys for example, by physically capturing a node being part of the network. After that she can prepare a malicious node having the captured security creden-tials and node ID, insert it into the network and induce other nodes from the network to accept the malicious node as the legitimate member of the network. The malicious node is equipped with the ID of some node being part of the network. The replicated node can drop, reroute or change the packets it gets. The malicious node can also generate false and misleading data packets.

ˆ Spoofing, altering, replying the routing information.

The target of this attack is the routing information exchanged by the nodes.

By spoofing, altering or replaying this information the attacker can create new routing paths, change the lengths of the existing ones or generate false error messages.

ˆ Wormhole attack.

In this attack the malicious nodes are placed in different parts of the net-work. The node from one part of the network receives the messages over an alternative low latency link and sends them to the different part of the network. This causes the routing disruption (false routes), the routing race conditions, changes in the network topology and changes in the normal message flow.

ˆ Eavesdropping, gathering, stealing the data.

In this attack the malicious node accesses the content of the communica-tion by listening to the message transmissions in the broadcasting wireless medium. This attack violates the data confidentiality and privacy.

ˆ Collisions.

In this attack the data is transmitted continuously by an adversary to cause collisions in the network, to trigger retransmissions. Collisions can also be caused by sending altered data, which due to the incorrect MAC cannot be received by the recipient. The altered packets are sent again what also causes collisions.

26 CHAPTER 3. STATE OF THE ART

ˆ Exhaustion of the resources of the sensor nodes.

The power resources of the sensor nodes are exhausted by forcing the nodes to waste energy on pointless operations, like the continuous retransmissions.

ˆ De-synchronization.

In this attack the transmission between two nodes is resynchronized. This can be done by continuous sending of fake messages containing outdated sequence numbers or flags. This causes that the nodes need to synchronize by retransmitting the missed frames what depletes their resources leading to the exhaustion.

ˆ Jamming.

The jamming attack is the deliberate transmission of radio signals in order to disrupt the information. Jamming attack causes temporary or permanent suspension in reception and transmission of the packets by the jammed sensor node.

ˆ Physical attack.

In this attack the adversary performs the attacks on the devices. By tam-pering the sensor nodes it is possible to extract the security parameters (secret keys), or the information about the network (from the source code for example). The adversary can change the source code in order to get access to the network or replace the nodes.

ˆ Selective forwarding/Black Hole Attack.

It this type of attack the malicious nodes do not forward or even drop the messages. This causes data loss and may even disrupt the whole network.

The case when the malicious node refuses to forward any message it gets is called a black hole attack. In this attack the neighbouring nodes have to choose an alternate path for transmitting the data.

ˆ Sybil attack.

In this type of attack a malicious node can present multiple identities to the other nodes in the network. This attack influences the redundancy mech-anisms of distributed storage or multipath routing and data aggregation mechanisms.

ˆ Sink-hole attack.

In this type of attack, the adversary lures the traffic from the nearest area of the compromised node. In this case the adversary can manipulate the data packets, can modify the routing information, can fabricate and drop the messages. This attack can trigger other attacks, like selective forwarding.

ˆ Hello flood attack.

Some of the routing protocols for WSN require sending hello messages by