Selective forwarding Attack in wireless Sensor Network

A selective forwarding attack is a type of security attack that can occur in wireless sensor networks (WSNs). In this attack, a malicious node in the network selectively forwards some data packets to the base station while dropping others, with the goal of compromising the integrity and availability of the network.

The attacker can use various techniques to carry out a selective forwarding attack. One approach is to compromise a few nodes in the network and use them to drop certain packets selectively. Another technique involves the attacker exploiting a vulnerability in the communication protocol used in the network to intercept and drop specific packets.

The consequences of a selective forwarding attack can be severe, leading to loss of data, degradation of network performance, and even network failure. Therefore, it is essential to take measures to prevent such attacks in WSNs.

One approach to preventing selective forwarding attacks is to use secure communication protocols that employ authentication and encryption techniques to prevent unauthorized access and tampering of data. Another approach is to use intrusion detection and prevention systems to monitor network activity and identify and prevent malicious behavior.

In addition to these technical measures, it is also essential to educate users and administrators about the risks of selective forwarding attacks and the best practices for mitigating them. Regular security audits and updates to software and hardware can also help prevent these types of attacks.

In this type of network attack, malicious nodes turn down the request of facilitating some packets of information and makes sure that they are not passed on any further. The adversary may drop packets selectively or randomly. The attacker tries to corrupt the network with respect to packet loss rate. The 2 ways in which the attacker may attack the network are:

1. Insider Attack: The authentication of the authorized sensor nodes might be compromised or the adversary might steal some key or information from the nodes and attack the whole network. It becomes difficult to detect such an attack.
2. Outsider Attack: By jamming the routing path between legitimate nodes.

There are various types of selective forwarding attack:

• The malicious node prohibits the flow of information from authorized nodes to the base station. Thus, leading to a Denial of Service Attack which can be transformed into a black hole attack by attacking the whole network and restricting flow of information from every node to the sink.
• The unauthorized nodes neglect to forward the information and drop them randomly. Instead, they become greedy and send their own packets of information to the other nodes. Such a type of attack is called Neglect and Greed.
• Another form of this attack is when unauthorized nodes delay the messages flowing through them to mislead the routing data between the nodes.
• The last type is Blind Letter attack. When a packet is forwarded from a legitimate node to a malicious node, it guarantees the legitimate node that the information is forwarded to next node and ultimately drops the packet without being noticed. It can attack various multi hop routing protocols like Geographic routing, TinyOS beaconing, etc.

Detection and Prevention schemes are categorized either on the basis of scheme or on basis of defense of scheme: I. On the basis of nature of scheme, it is divided into 2 sub-parts:

• Centralized and Distributed: In centralized schemes, either sensor nodes head or sink is accountable for detecting and preventing this attack while in distributed schemes, both base station and cluster head are accountable for preventing such an attack.

II. On the basis of defense of scheme, they are divided into following 2 parts:

• Detection and Prevention: Prevention type schemes are incapable of detecting the attacks or faulty nodes instead they ignore the faulty nodes and cuts them off the network. while detection type schemes are capable enough to detect the attack or faulty nodes or even both.

Various Schemes to Counteract such Attacks:

• A security scheme that detects attack and raises alarms by using multi hop acknowledgements from various sensor nodes in the network. In this, both source nodes and base station can detect the attack and make decisions accordingly even if one of them is compromised. This follows a distributed scheme approach and can detect if any malicious node tries to drop the packet instead of forwarding it to the next node. It claims to have an accuracy of 95% in detecting these selective forwarding attacks.
• An intrusion detection system (IDS) can detect any possible loophole that can be exploited by the attacker and warns the network about the malicious nodes that might be involved. An intrusion detection system is designed based on specification-based detection. This technique uses a watchdog approach in which neighboring nodes can keep track of a node’s activities and see if it forwards the actual packet to the other nodes. If it drops the actual packet, counter increments and produces an alert when this value attains a certain limit. If many of the watchdog nodes produced an alert, the base station is informed and the compromised node is removed.
• A distributed prevention scheme that uses multi-hop acknowledgement to fight selective forwarding attacks.in this scheme, it is assumed that all the sensor nodes are aware of their location and the number of faulty nodes and energy level of network is either known or estimated. All the data delivery paths are deduced by an indefinite logic taking into account the energy constraint and the faulty nodes present. In case multipath routing protocol could not provide authentic information, then propagation limiting method comes into use.
• Another scheme which uses hexagonal mesh topology. Routing algorithm is applied to find the best path for packet transmission. The nodes near the routing path examines the information transmission of its neighbor nodes, determine the location of the attacker and send these dropped packets again where it was supposed to reach. This exposes the selective forwarding attack which in turn alerts the neighboring nodes about the attacker’s location and neglects the attacker node in forwarding further messages. This method ensures authentic data delivery and also consumes less energy and storage.

:

Application of selective forwarding attack in a wireless sensor network :

The application of a selective forwarding attack in a wireless sensor network can have various implications, including:

1.Disruption of organization correspondence: A particular sending assault can disturb the correspondence between hubs in a remote sensor organization. The assault can create setbacks, information misfortune, and diminished network execution, which can be hindering in applications where ongoing information is basic.

2.Targeted information control: Assailants can utilize specific sending assaults to specifically control information. For instance, an aggressor could decrease all temperature information from a specific sensor hub to cause it to seem like the temperature is steady, in any event, when it isn’t.

3.Network disappointment: In serious cases, specific sending assaults can cause the remote sensor organization to completely fizzle. This can happen when aggressors specifically drop or defer basic control messages, prompting network unsteadiness and disappointment.

4.Security breaks: A particular sending assault can likewise think twice about security of a remote sensor organization. Aggressors can utilize this assault to get delicate data, for example, passwords or encryption keys, which can be utilized to send off additional assaults on the organization.

Advantages:

Targeted attacks: Selective forwarding attacks can be targeted towards specific data packets or nodes, making them a more effective way to disrupt the network compared to random attacks.

Difficult to detect: Selective forwarding attacks can be difficult to detect because the compromised node can forward some packets while discarding others, making it appear as if the network is functioning normally.

Efficient use of resources: Selective forwarding attacks can be used to conserve resources by allowing only important data packets to pass through the network while discarding unnecessary ones.

Disadvantages:

Data loss: Selective forwarding attacks can result in the loss of important data packets, affecting the reliability and accuracy of the network.

Network congestion: Selective forwarding attacks can cause network congestion by discarding some data packets while allowing others to pass through, leading to network delays and increased traffic.

Reduced network lifetime: Selective forwarding attacks can reduce the network lifetime by causing some nodes to consume more energy than others, leading to premature battery depletion and network failure.

Security vulnerabilities: Selective forwarding attacks can compromise the security of the network by allowing unauthorized access to sensitive data.

Impact on network performance: Selective forwarding attacks can impact the performance of the network by disrupting the flow of data and causing delays, which can affect the overall network throughput.