Detecting Sybil attack in mobile wireless sensor networks using observer nodes

Alomirah, Abdulaziz Abdulrahman

Alomirah, Abdulaziz Abdulrahman

View fulltext online

Abdulaziz Alomirah_MComp_2019.pdf (3.591Mb)

Date

2019

Citation:

Alomirah, A. A. (2019). Detecting Sybil attack in mobile wireless sensor networks using observer nodes. An unpublished thesis submitted in partial fulfilment of the requirements for the degree of Master of Computing, Unitec Institute of Technology, Auckland, New Zealand.

Permanent link to Research Bank record:

https://hdl.handle.net/10652/4531

Abstract

RESEARCH QUESTIONS: What lightweight, scalable algorithm can be developed to detect the Sybil nodes in MWSNs? Then, I broke it to more detailed questions as follows:  How many observer nodes would be enough for a wireless sensor network to detect the Sybil attack?  How often should an observer node collect information about neighbouring nodes?  What is a suitable threshold for common neighbours to mark a node as suspicious?  How much overhead would the observation algorithm impose on the network? Wireless sensor network (WSN) is one of the dominant technology trends in recent years. These networks are being employed in different environments to gather data for various applications. Mobile wireless sensor network (MWSN) is a subclass of WSN, in which the nodes are mobile and frequently change their locations. Since sensor nodes have limited capabilities, WSNs are vulnerable to various types of attacks, one of which is Sybil attack. In this attack, a malicious node illegitimately forges several (fake) identities. These fake copies confuse and collapse the network. Sybil attack causes too many threats to the routing algorithm, data aggregation, fair resource allocation, voting system, and misbehaviour detection. Since multiple copies of the malicious nodes can be located in several places at the same time, Sybil can disrupt geographic routing protocols and collide with routing algorithms by building many routes from a single node. As a result, detecting and preventing this type of attack is crucial for the security of the wireless sensor network. In this thesis, I propose a new lightweight algorithm for detecting the Sybil attack in MWSN using observer nodes. Observer nodes are normal, trustful nodes which have been initially programmed to observe the network and report malicious behaviours. An observer node counts the number of times a node has appeared as a common neighbour between itself and its neighbours. After collecting some information about its neighbours, each observer node considers the nodes whose counters are above a threshold as critical, and nodes having all critical nodes in their neighbourhood are considered suspicious nodes. The results show that true detection rate of the proposed algorithm is 98.1%, and its false detection rate is 0.5%, while similar algorithms could not achieve better than 95.4% and 1.2% for these metrics, respectively. In addition, the proposed algorithm outperforms other algorithms in terms of overhead and scalability.

Keywords:

wireless sensor networks (WSN), WSN, microelectromechanical systems (MEMS), MEMS, computer security, Sybil attacks, observer nodes, algorithms

ANZSRC Field of Research:

080303 Computer System Security, 080503 Networking and Communications

Degree:

Master of Computing, Unitec Institute of Technology

Supervisors:

Sarrafpour, Bahman; Li, Xiaosong

Rights:

This digital work is protected by copyright. It may be consulted by you, provided you comply with the provisions of the Act and the following conditions of use: Any use you make of these documents or images must be for research or private study purposes only, and you may not make them available to any other person. You will recognise the author's and publishers rights and give due acknowledgement where appropriate.

Metadata

Show detailed record

This item appears in

Computing Dissertations and Theses [88]