26.3 REQUIREMENTS FOR DDoS ATTACK DETECTION IN WIRELESS SENSOR NETWORKS

In wireless sensor networks, the wireless nature of the communication media, accompanied by the limited energy resources of sensor nodes, differentiates distributed denial of service attack modeling and detection in them. The adversary class monitors the flow of traffic in the network and labels the more active nodes, in terms of transmitting and receiving data packets, as critical nodes, which need to be targeted as part of the distributed denial of service attack. We refer to all such critical nodes as target or victim nodes. The distributed denial of service attack is launched by the adversarial nodes toward these critical sensor nodes from multiple ends of the network. The purpose of such attacks is to deplete the limited energy resources of the victim nodes. Furthermore, injected malicious nodes in the network steal the identities of the energy-depleted victim nodes and participate, with malicious intent, in the network operations. The lack of a single entry point to the network makes the task of detecting these attacks more cumbersome.

The topology of the wireless sensor network defines the network data delivery model. The topological designation of individual sensor nodes of the network, together with their placement, imply different expected traffic flow observations by each of the detector nodes. Each traffic threshold value (subpattern) defines the maximum numbers of packets a victim node may receive ...

Get Mobile Intelligence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.