Active eavesdroppers detection system in multi-hop wireless sensor networks

Date

2022-08

Authors

Abedini, Masih

Journal Title

Journal ISSN

Volume Title

Publisher

Faculty of Graduate Studies and Research, University of Regina

Abstract

Wireless Sensor Networks (WSNs) are vulnerable to eavesdropping attacks that endanger their privacy, confidentiality, and authenticity. As the broadcast nature of the wireless channel makes it susceptible to eavesdropping by adversaries, the detection of eavesdroppers in wireless networks can lessen the chances of more damaging attacks. Historically, researchers have attempted to reduce the risk of covert eavesdropping through the use of cryptographic protocols, information-theoretic solutions, and transmission range control. These methods are not suitable for WSNs with resource constraints. It is noteworthy that active eavesdroppers are legitimate nodes that are compromised by adversaries to eavesdrop on traffic while performing their normal responsibilities in ad-hoc networks. Detecting such malicious nodes slows the ongoing destructive attacks. In this thesis, we present a novel Active Eavesdroppers Detection (AED) system for homogeneous multi-hop WSNs. The AED system consists of two major modules: a Monitoring module and a Detection Engine module. The Monitoring module plays a vital role in the AED system to provide accurate measurements for the Detection Engine module. The Detection Engine module is provided with a lightweight detection engine module that employs the Z-test method and runs on edge devices. Regarding measurements, we first use intra-node delay measurements as the input feature of the AED system. To measure intra-node delays of nodes, the Monitoring module employs an out-of-band monitoring system using static nodes, Unmanned Aerial Vehicles (UAVs), or both of them. According to simulation results in the Cooja and MATLAB environments, the AED system can detect active eavesdroppers who relay packets to their neighbors. However, it fails to detect active eavesdroppers who do not forward packets for any reason, like placement at the network’s border. To solve this problem, we propose to use Round Trip Time (RTT) as a measurement for the AED system. The monitoring module requests nodes for responses, and the AED’s detection engine can detect active eavesdroppers in WSNs based on the response delay. We focus on three potential monitoring systems for this measurement: static monitoring nodes, UAV-based monitoring, and neighborhood monitoring. To find the optimal places for static monitoring nodes, we utilize a Genetic Algorithm(GA), and to find the path of flight for UAVs for measuring RTT, we use Hamiltonian path planning. The simulation results indicate that the RTT-based AED system can detect active eavesdroppers regardless of their locations, with a high detection rate (≥ 90%) and a low false-positive rate (≤ 5%) and outstanding performance (AUC ≈ 0.97). In addition, we analyze and discuss the network overhead, advantages, and disadvantages of the in-band neighborhood monitoring system.

Description

A Thesis Submitted to the Faculty of Graduate Studies and Research In Partial Fulfillment of the Requirements for the Degree of Master of Applied Science in Electronic Systems Engineering, University of Regina. xii, 85 p.

Keywords

Citation

Collections