Sinkhole attacks are carried out by either hacking a node in the network or introducing a fabricated node in the network.The malicious node promotes itself as the shortest path to the base station and tries to guide the traffic from other nodes towards itself. This not only lures all the nodes near the sinkhole but also each and every node closer to the base station than the sinkhole.The intruder node or the sinkhole can then easily alter the data compromising the security of the network.
Sinkhole attack can be initiated from within the network as well as from outside. In the first scenario the attacker may use a bugged node to begin the intrusion and in the second case the invader may form a direct path to the base station through it tempting other nodes to send their traffic through it.
1. Anomaly Dependent:
In Anomaly dependent intrusion prevention, the system activity is observed and it is categorized as anomalous or normal. Here any type of interference or invasion is considered as an anomalous activity. In order to successfully identify attack traffic the system must initially be trained to identify normal system activity.
Mostly the anomaly detection systems consists of a training stage where system is configured to detect normal activity and a testing phase. The problem with this technique is that it may not always be accurate in identifying the sinkhole and can raise false alarms. Both statistical and rule based techniques are a sub division of anomaly dependent approach.
2. Rule/Signature Based:
In this type of intrusion detection system certain rules are defined which are to be followed by each node in the WSN. These rules are laid out the basis of the style and manner in which the sinkhole attacks are carried out. Nodes which are found violating the rules are labeled as intruder nodes and hence are disbanded.
Drawback of this type of detection mechanism is that it is only able to detect already registered attacks and is vulnerable to new attacks.
This is another subset of the anomaly based detection technique.In this method the info related to different tasks performed by the node is recorded and analyzed . The info could be anything from CPU usage to packet transfer between nodes. The intruder node is then found by matching its behavior with the reference data.
This approach is a combination of both anomaly and signature based Intrusion Detection Systems and eliminates the drawbacks of both of them. It is capable of catching even those attacks whose signatures are not a part of the database. Also the accuracy is improved considerably in contrast to the anomaly based approach.
5. Key Management:
This method is based on the principal of cryptography in which the data transferred between nodes is encoded and can only be decoded with the help of a key. Even a small change in the message can easily be detected in this method.
Nodes can conveniently verify the legitimacy of the message and also ascertain if the data is sent from the Base Station with the aid of the key.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
- Wormhole Attack in Wireless Sensor Networks
- Selective forwarding Attack in wireless Sensor Network
- Differences between Wireless Adhoc Network and Wireless Sensor Network
- Wireless Sensor Network (WSN)
- Difference between Active Attack and Passive Attack
- Collision Avoidance in wireless networks
- Sensor Network Architecture
- Denial of Service DDoS attack
- Birthday attack in Cryptography
- Sybil Attack
- Difference between Threat and Attack
- Brute Force Attack
- What is a Dictionary Attack?
- US Maritime Attack
- Zero-day Exploit (Cyber Security Attack)
- Difference between DOS and DDOS attack
- Replay Attack
- Modes of Wireless Connectivity
- Traditional wireless mobile communication
- Types of Wireless and Mobile Device Attacks
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to email@example.com. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.