Attacking and securing beacon-enabled 802.15.4 networks
Abstract
The IEEE 802.15.4 standard has attracted time-critical applications in wireless sensor networks because of its beacon-enabled mode and guaranteed timeslots (GTSs). However, the GTS management scheme's security mechanisms still leave the 802.15.4 medium access control vulnerable to attacks. Further, the existing techniques in the literature for securing 802.15.4 networks either focus on nonbeacon-enabled 802.15.4 networks or cannot defend against insider attacks for beacon-enabled 802.15.4 networks. In this paper, we illustrate this by demonstrating attacks on the availability and integrity of the beacon-enabled 802.15.4 network. To confirm the validity of the attacks, we implement the attacks using Tmote Sky motes for wireless sensor nodes, where the malicious node is deployed as an inside attacker. We show that the malicious node can freely exploit information retrieved from the beacon frames to compromise the integrity and availability of the network. To defend against these attacks, we present BCN-Sec, a protocol that ensures the integrity of data and control frames in beacon-enabled 802.15.4 networks. We implement BCN-Sec, and show its efficacy during various attacks.
References
[1]
Alim, M. A.,& Sarikaya, B. (2008). EAP-Sens: A security architecture for wireless sensor networks. In Proceedings of the 4th annual international conference on wireless internet (WICON '08). ICST, ICST, Brussels, Belgium.
[2]
Amini, F., Misic, J., & Pourreza, H. (2008). Detection of sybil attack in beacon enabled IEEE 802.15.4 networks. In Proceedings of the international wireless communications and mobile computing conference.
[3]
Anisi, M., Abdullah, A., & Razak, S. (2013). Energy-efficient and reliable data delivery in wireless sensor networks. Wireless Networks, 19(4), 495---505.
[4]
Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., & Levkowetz, H. (2004). Extensible authentication protocol EAP. http://tools.ietf.org/html/rfc3748
[5]
Chen, F., Talanis, T., German, R., & Dressler, F. (2009). Real-time enabled IEEE 802.15.4 sensor networks in industrial automation. In IEEE international symposium on industrial embedded systems, 2009. SIES '09 (pp. 136---139).
[6]
Clancy, T., & Tschofenig, H. (2009). Extensible authentication protocol: Generalized pre-shared key EAP-GPSK method. http://tools.ietf.org/html/rfc5433
[7]
Demirbas, M., & Song, Y. (2006). An RSSI-based scheme for sybil attack detection in wireless sensor networks. In Proceedings of the international symposium on world of wireless mobile and multimedia networks.
[8]
Deutsch, L. P. (2011). http://sourceforge.net/projects/libmd5-rfc/files/latest/download?source=files
[9]
Douceur, J. R. (2002). The sybil attack. In Proceedings of the 1st international workshop on peer-to-peer systems (IPTPS'02). New York, NY: IPTPS.
[10]
Du, W., Deng, J., Han, Y., Chen, S., & Varshney, P. (2004). A key management scheme for wireless sensor networks using deployment knowledge. In Proceedings of the 23rd annual joint conference of the IEEE computer and communications societies (INFOCOM 2004).
[11]
Du, W., Deng, J., Han, Y. S., & Varshney, P. K. (2003) A pairwise key pre-distribution scheme for wireless sensor networks. In Proceedings of the 10th ACM conference on computer and communications security. New York, NY: ACM.
[12]
Eschenauer, L., & Gligor, V. D. (2002). A key-management scheme for distributed sensor networks. In Proceedings of the 9th ACM conference on computer and communications security, CCS '02 (pp. 41---47). New York, NY: ACM.
[13]
Hayajneh, T., Almashaqbeh, G., Ullah, S., & Vasilakos, A. (2014). A survey of wireless technologies coexistence in WBAN: Analysis and open research issues. Wireless Networks, 1---35.
[14]
Herbert, H., & Frankel, S. (2003). The AES-XCBC-MAC-96 algorithm and its use with IPsec. http://www.faqs.org/rfcs/rfc3566.html
[15]
Hu, Y. C., Jakobsson, M., & Perrig, A. (2005). Efficient constructions for one-way hash chains. InProceedings of the 3rd international conference on applied cryptography and network security, ACNS'05 (pp. 423---441). Berlin: Springer.
[16]
IEEE P802.15 Working Group. (2006). Wireless medium access control and physical layer specications for low-rate wireless personal area networks. IEEE Standard, 802.15.4-2006. ISBN 0-7381-4997-7.
[17]
Jung, S. S., Valero, M., Bourgeois, A., & Beyah, R. (2010). Attacking beacon-enabled 802.15.4 networks. In SecureComm '10: Proceedings of the 6th international ICST conference on security and privacy in communication networks. Berlin: Springer.
[18]
Jung, S. S., Valero, M., Bourgeois, A., & Beyah, R. (2012). Attacking and securing beacon-enabled 802.15.4 networks. Technical Report GT-ECE-CAP-12-02, Georgia Institute of Technology.
[19]
Karlof, C., Sastry, N., & Wagner, D. (2004). TinySec: A link layer security architecture for wireless sensor networks. In Proceedings of the 2nd international conference on embedded networked sensor systems (SenSys '04). New York, NY: ACM.
[20]
Karlof, C., & Wagner, D. (2003). Secure routing in wireless sensor networks: Attacks and countermeasures. In Proceedings of the 1st IEEE. 2003 IEEE international workshop on sensor network protocols and applications.
[21]
Koubaa, A., Alves, M., & Tovar, E. (2006). GTS allocation analysis in IEEE 802.15.4 for real-time wireless sensor networks. In Parallel and distributed processing symposium, 2006. IPDPS 2006. 20th international (p. 8).
[22]
Koubaa, A., Alves, M., & Tovar, E. (2006). i-GAME: An implicit GTS allocation mechanism in IEEE 802.15.4 for time-sensitive wireless sensor networks. In 18th Euromicro conference on real-time systems, 2006 (p. 10), pp. 192.
[23]
Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24, 770---772.
[24]
Liu, D., & Ning, P. (2003). Establishing pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM conference on computer and communications security. New York, NY: ACM.
[25]
Lorincz, K., Malan, D. J., Fulford-Jones, T. R. F., Nawoj, A., Clavel, A., Shnayder, V., et al. (2004). Sensor networks for emergency response: Challenges and opportunities. IEEE Pervasive Computing, 3(4), 16---23.
[26]
Luk, M., Mezzour, G., Perrig, A., & Gligor, V. (2007). MiniSec: A secure sensor network communication architecture. In Proceedings of the 6th international conference on information processing in sensor networks (IPSN '07). New York, NY: ACM.
[27]
Mehta, A., Bhatti, G., Sahinoglu, Z., Viswanathan, R., & Zhang, J. (2009). Performance analysis of beacon-enabled IEEE 802.15.4 MAC for emergency response applications. In 2009 IEEE 3rd international symposium on advanced networks and telecommunication systems (ANTS), (pp. 1---3).
[28]
Mishra, A., Na, C., & Rosenburgh, D. (2007). On scheduling guaranteed time slots for time sensitive transactions in IEEE 802.15.4 networks. In Proceedings of military communications conference, 2007. MILCOM 2007. IEEE.
[29]
Moteiv.com: Tmote-Sky-datasheet. (2006). http://www.moteiv.com
[30]
Open-zb.net. (2011). http://www.open-zb.net/
[31]
Park, P., Fischione, C., & Johansson, K. (2009). Performance analysis of GTS allocation in beacon enabled IEEE 802.15.4. In 6th Annual IEEE communications society conference on sensor, mesh and ad hoc communications and networks, 2009, SECON '09 (pp. 1---9).
[32]
Perrig, A., Szewczyk, R., Wen, V., Culler, D., & Tygar, J. D. (2001) SPINS: Security protocols for sensor networks. In Proceedings of the 7th annual international conference on Mobile computing and networking (MobiCom '01). New York, NY: ACM.
[33]
Roosta, T., Shieh, S., & Sastry, S. (2006). Taxonomy of security attacks in sensor networks and countermeasures. In Proceedings of the 1st IEEE international conference on system integration and reliability improvements.
[34]
Sastry, N., & Wagner, D. (2004). Security considerations for IEEE 802.15.4 networks. In Proceedings of the 3rd ACM workshop on wireless security (WiSe '04). New York, NY: ACM.
[35]
Shen, W., Zhang, T., Gidlund, M., & Dobslaw, F. (2013). SAS-TDMA: A source aware scheduling algorithm for real-time communication in industrial wireless sensor networks. Wireless Networks, 19(6), 1155---1170.
[36]
Shimmer Research.com. (2011). Shimmer research homepage. http://www.shimmer-research.com/
[37]
Sokullu, R., Dagdeviren, O., & Korkmaz, I. (2008). On the IEEE 802.15.4 MAC layer attacks: GTS attack. In Proceedings of 2nd international conference on sensor technologies and applications (SENSORCOMM '08).
[38]
Texas Instruments Inc. (2011). 2.4 GHz IEEE 802.15.4 / ZigBee-ready RF Transceiver chipcon Products from Texas Instruments. http://focus.ti.com/docs/toolsw/folders/print/packet-sniffer.html
[39]
Texas Instruments Inc. (2011). SmartRF Packet Sniffer User Manual Rev. 1.9. http://focus.ti.com/docs/toolsw/folders/print/packet-sniffer.html
[40]
Texas Instruments Inc. User Manual Rev. 1.0 CC2420DK Development Kit. http://focus.ti.com/lit/ug/swru045/swru045
[41]
TinyOS.net. (2011). http://www.tinyos.net/
[42]
Yang, J., Chen, Y., & Trappe, W. (2008). Detecting sybil attacks in wireless and sensor networks using cluster analysis. In Proceedings of the 5th IEEE international conference on mobile ad hoc and sensor systems.
[43]
Zhang, Q., Wang, P., Reeves, D., & Ning, P. (2005) . Defending against sybil attacks in sensor networks. In Proceedings of the 25th IEEE international conference on distributed computing systems workshops.
[44]
Zhu, S., Setia, S., & Jajodia, S. (2003). LEAP: Efficient security mechanisms for large-scale distributed sensor networks. In CCS '03: Proceedings of the 10th ACM conference on computer and communications security, (pp. 62---72). New York, NY: ACM.
- Attacking and securing beacon-enabled 802.15.4 networks
Recommendations
A mathematical model for performance of IEEE 802.15.4 beacon-enabled mode
IWCMC '09: Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World WirelesslyIn this paper a Personal Area Network (PAN) composed of multiple nodes, which transmit data to the PAN coordinator through the beacon-enabled mode of the IEEE 802.15.4 Medium Access Control (MAC) protocol, is considered. Upon reception of the beacon ...
An Energy Consumption Analysis of Beacon Enabled Slotted CSMA/CA IEEE 802.15.4
WAINA '14: Proceedings of the 2014 28th International Conference on Advanced Information Networking and Applications WorkshopsDue to low power consumption and low duty cycle, IEEE 802.15.4 standard is widely used for Low Rate Wireless Personal Area Networks (LR - WPANs). It works in Beacon Enabled (BEn) and Non Beacon Enabled (NBEn) mode. In BEn mode, it has Contention Access ...
Adaptive GTS allocation in IEEE 802.15.4 for real-time wireless sensor networks
The IEEE 802.15.4 standard is able to achieve low-power transmissions in low-rate and short-distance Wireless Personal Area Networks (WPANs). It supports a Guaranteed Time Slots (GTSs) allocation mechanism for time-critical and delay-sensitive data ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © Copyright © 2015 Springer Science+Business Media New York.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 01 July 2015
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 25 Nov 2024
Other Metrics
Citations
View Options
View options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in