Adaptive defenses for physical- and routing-layer denial of service attacks in wireless sensor networks

Wireless sensor networks (WSNs) operate under tight resource constraints that preclude the use of many traditional means for defense against denial of service attacks. The most broadly damaging are those which target the lower layers of the WSN network stack, as disruption there may subvert higher-layer security mechanisms and render the network unavailable for its intended purposes. In this work, we propose decentralized, adaptive defenses for limiting the impact of denial of service attacks in WSNs at the physical and routing layers. At the medium access control layer, DEEJAM tolerates compromised sensor devices, and allows continued communication despite ongoing jamming attacks by hiding messages, evading the jammer's search, and recovering from corruption. Using a full embedded implementation, we show that despite four high-power jammers in the neighborhood, DEEJAM maintains an aggregate packet delivery ratio of 92%. For more powerful attacks that cannot be prevented, we propose JAM, a jammed area mapping service that represents the affected area to other network services. It builds upon a Lightweight Group Middleware that enables sensors to collaborate and share information despite irregular topologies and poor communication link quality. Network simulation results show robustness to 40% group member failures and 80% message loss while maintaining group convergence. It is the first mapping protocol designed to operate in such adversarial circumstances. We propose the first layered family of multi-hop routing protocols to make security and state maintenance trade-offs explicit and allow runtime adaptation. SIGF-0 provides probabilistic defenses against attack, but requires no persistent state. SIGF-1 detects misbehavior of neighboring nodes at the cost of storing neighbor tables and maintaining reputations. SIGF-2 defends against more attacks with cryptographic guarantees, but requires more resources. In network simulations, packet delivery ratios during black hole attacks improved to 45%, 97%, and 100% for the three protocols, respectively. We show that the proposed solutions embody five key principles in their designs—containment, continuity, adaptivity, robustness, and efficiency—and secure the foundational layers of the stack against denial of service attacks while satisfying WSN resource constraints.