Ioannis Krontiris

Intrusion detection of sinkhole attacks in wireless sensor networks

In this paper, we present an Intrusion Detection System designed for wireless sensor networks and show how it can be configured to detect Sinkhole attacks. A Sinkhole attack forms a serious threat to sensor networks. We study in depth this attack by presenting how it can be launched in realistic networks that use the MintRoute protocol of TinyOS. MintRoute is the most widely used routing protocol in sensor network deployments, using the link quality metric to build the corresponding routing tree. Having implemented this attack in TinyOS, we embed the appropriate rules in our IDS system that will enable it to detect successfully the intruder node. We demonstrate this in our own sensor network deployment and we also present simulation results to confirm the effectiveness and accuracy of the algorithm in the general case of random topologies.

LIDeA: a distributed lightweight intrusion detection architecture for sensor networks

Wireless sensor networks are vulnerable to adversaries as they are frequently deployed in open and unattended environments. Preventive mechanisms can be applied to protect them from an assortment of attacks. However, more sophisticated methods, like intrusion detection systems, are needed to achieve a more autonomic and complete defense mechanism, even against attacks that have not been anticipated in advance. In this paper, we present a lightweight intrusion detection system, called LIDeA, designed for wireless sensor networks. LIDeA is based on a distributed architecture, in which nodes overhear their neighboring nodes and collaborate with each other in order to successfully detect an intrusion. We show how such a system can be implemented in TinyOS, which components and interfaces are needed, and what is the resulting overhead imposed.

Cooperative Intrusion Detection in Wireless Sensor Networks

We consider the problem of cooperative intrusion detection in wireless sensor networks where the nodes are equipped with local detector modules and have to identify the intruder in a distributed fashion. The detector modules issue suspicions about an intrusion in the sensors neighborhood. We formally define the problem of intrusion detection and identify necessary and sufficient conditions for its solvability. Based on these conditions we develop a generic algorithm for intrusion detection and present simulations and experiments which show the effectiveness of our approach.

Integrating people-centric sensing with social networks: A privacy research agenda

During the last few years there has been an increasing number of people-centric sensing projects, which combine location information with other sensors available on mobile devices, such as the camera, the microphone or the accelerometer, giving birth to a different dimension in sensing our environment compared to the existing wireless sensor networks approach. In this paper, we envision a new scenario, where users develop their own participatory urban sensing projects at a large scale through the use of social networks. Consequently, users can participate in campaigns created by other users, according to their sensitivities and interests, exploiting the existing enormous social interconnections offered by existing social networking tools. We place our primary concern to protecting user privacy and address the need for new solutions in location anonymity and access control under this new complex and dynamic communication paradigm.

Arbitrary Code Injection through Self-propagating Worms in Von Neumann Architecture Devices

Malicious code (or malware) is defined as a software designed to execute attacks on software systems and fulfill the harmful intents of an attacker. As lightweight embedded devices become more ubiquitous and increasingly networked, they present a new and very disturbing target for malware developers. In this paper, we demonstrate how to execute malware on wireless sensor nodes that are based on the Von Neumann architecture. We achieve this by exploiting a buffer overflow vulnerability to smash the call stack and intrude a remote node over the radio channel. By breaking the malware into multiple packets, the attacker can inject arbitrarily long malicious code to the node and completely take control of it. Then we proceed to show how the malware can be crafted to become a self-replicating worm that broadcasts itself and infects the network in a hop-by-hop manner. To our knowledge, this is the first instance of a self-propagating worm that provides a detailed analysis along with instructions in order to execute arbitrary malicious code. We also provide a complete implementation of our attack, measure its effectiveness in terms of time taken for the worm to propagate to the entire sensor network and, finally, suggest possible countermeasures.

SPEED: Scalable Protocols for Efficient Event Delivery in sensor networks

One of the most eminent problems in sensor networks is the routing of data to a central destination in a robust and efficient manner. In this work we propose a new scalable protocol for propagating information about a sensed event towards a receiving center. Using only local information and total absence of coordination between sensors our protocol achieves to propagate the sensed data to a receiving center by activating only those nodes that lie very close to the optimal path between the source of the event and the destination, resulting in low activation of the network’s sensors. Thus the protocol is very energy efficient. Furthermore, our protocol is robust as it manages to propagate the information even when sensors fail with certain probability.

GRAViTy: Geographic Routing around Voids in Sensor Networks

A window shutter having pivoting louvers radially mounted in an arcuate frame. Each louver has a narrow end mounted to an inner frame member, a wide end mounted to an outer frame member, and two diverging lateral sides. The wide louver end is pivotally mounted to the outer frame member by a mounting pin extending into the wide end and into the outer frame member. The narrow louver end is securely mounted to a pinion gear which meshes with arcuate front and rear rack gears which are slidably mounted in the inner frame member. The shaft of each pinion gear extends into the inner frame member to rotatably mount the gear thereto. Rotation of a single pinion gear causes a corresponding arcuate movement of the rack gears in opposite directions. Movement of the rack gears, in turn, rotates all pinion gears and all louvers simultaneously. The rack gears may also be directly positioned to rotate the louvers. The total range of movement of the rack gears cause a 180 DEG rotation of the louvers.