and manufacturing techniques, much stronger, tamper-resistant, and cheaper devices can be installed on the sensor platform to counteract node compromise. 5.3 Defense against DoS attacks Various types of DoS attacks in WSNs have been discussed in Section 4. In this section, defense mechanisms for each of those attacks are presented in detail. 5.3.1 Defense mechanisms in the physical layer Jamming attack may be defended by employing variations of spread-spectrum communication such as frequency hopping and code spreading . Frequency-hopping spread spectrum(FHSS) is a method of transmitting signals by rapidly switching a carrier among many frequency channels using a pseudo-random sequence known to both the transmitter and the receiver. As a potential attacker would not be able to predict the frequency selection sequence, it will be impossible for him to jam the frequency being used at a given point of time. Code spreading is another technique for defending against jamming. However, it requires greater design complexity and energy and thus not very suitable for WSNs. In general, sensor devices are limited to single-frequency use and are highly susceptible to jamming attacks. One approach for tolerance against jamming attack in a WSN is to identify the jammed part of the network and effectively avoid it by routing around. Wood et al.  have proposed an approach where the nodes along the perimeter of a jammed region report their status to the neighbors and collectively the affected region is identified and packets are routed around it. 5.3.2 Defense mechanisms in the link layer A typical defense against collision attack is the use of error-correcting codes . Most codes work best with low levels of collisions such as those caused by environmental or probabilistic errors. However, these codes also add additional processing and communication overhead. It is reasonable to assume that an attacker will always be able to corrupt more than what can be corrected. Although it is possible to detect these malicious collisions, no complete defense mechanism against them is kwon today. A possible solution for energy exhaustion attack is to apply a rate limiting MAC admission control. This would allow the network to ignore those requests that intend to exhaust the energy reserves of a node. A second technique is to use time-division multiplexing where each node is allotted a time slot in which it can transmit . This eliminates the need of arbitration for each frame and can solve the indefinite postponement problem in a back-off algorithm. However, it is still susceptible to collisions. The effect of unfairness caused by an attacker who intermittently launches link layer attacks can be lessened by use of small frames since it reduces the amount of time an attacker gets at his disposal to capture the communication channel . However, this technique often reduces efficiency and is susceptible to further unfairness such as an attacker trying to retransmit quickly instead of randomly delaying.
You've reached the end of your free preview.
Want to read all 51 pages?