Dependable wireless sensor networks for reliable and secure humanitarian relief applications

• Published in: Ad hoc networks Vol. 13; pp. 94 - 106
• Main Authors: Khalil, Issa M., Khreishah, Abdallah, Ahmed, Faheem, Shuaib, Khaled
• Format: Journal Article
• Language: English
• Published: Elsevier B.V 01.02.2014
• Subjects: Disasters; Disruption; Identity delegation; Local monitoring; Monitoring; Multi-hop wireless networks; Networks; Packet dropping; Recovery; Security attacks; State of the art; Traffic engineering; Traffic flow; Identity delegation; Packet dropping; Security attacks; Local monitoring; Multi-hop wireless networks
• ISSN: 1570-8705; 1570-8713
• DOI: 10.1016/j.adhoc.2012.06.002

Disasters such as flooding, earthquake, famine and terrorist attacks might occur any time anywhere without prior warnings. In most cases it is difficult to predict when a disaster might occur however, well-planned disaster recovery procedures will reduce the intensity of expected consequences. When a disaster occurs, infrastructure based communications are most likely to be crippled, worsening the critical situation on hand. Wireless ad hoc and sensor network (WASN) technologies are proven to be valuable in coordinating and managing rescue operations during disasters. However, the increasing reliance on WASNs make them attractive to malicious attackers, especially terrorist groups, in a bid to hamper rescue operations amplifying the damage and increasing the number of casualties. Therefore, it is necessary to ensure the fidelity of data traffic through WASN against malicious traffic disruption attacks. In this paper, we first demonstrate how WASN can be used in a well-planned disaster recovery effort. Then, we introduce and analyze one of the most severe traffic disruption attacks against WASNs, called Identity Delegation, and its countermeasures. Its severity lies in its capability to evade detection by even state-of-the-art intrusion detection techniques such as the neighbor monitoring based mechanisms. Through identity delegation, an adversary can drop packets, evade detection, and frame innocent nodes for dropping the traffic. We introduce a technique to mitigate identity delegation attack, dubbed Sadec, and compare it with the state-of-the-art mitigation technique namely Basic Local Monitoring (BLM) under a wide range of network scenarios. Our analysis which is validated by extensive ns-2 simulation scenarios show that BLM fails to efficiently mitigate packet drop through identity delegation attacks while Sadec successfully mitigates them. The results also show that Sadec achieves higher delivery ratios of data packets compared to BLM. On the other hand, the results show similar behavior in framing probabilities between Sadec and BLM. However, the desirable features of Sadec come at the expense of higher false isolation probabilities in networks with heavy traffic load and poor communication links.