Securing Broadcast Authentication in Wireless Sensor Networks Against DoS Attack

Timed Efficient Stream Loss-tolerant Authentication (TESLA) and digital signature are security implementations of broadcast authentication in Wireless Sensor Networks (WSNs). Both approaches, however, are considered vulnerable to DoS attacks. Encountering this attack requires a scheme that addresses two security measures: prevention and detection.. This paper provides a hybrid solution between prevention and detention scheme., namely Combined Prevention and Detection Scheme (CPDS). The prevention part is based on the dynamic window scheme installed at each sensor node. The detection part adopts the Fuzzy Logic Intrusion Detection Scheme (FL-IDS) installed at monitor nodes. Both parts work coherently where the detection part relies on predefined information provided by the prevention part. The evaluation metrics includes the average broadcast delay of authentic messages and the energy consumption. The implemented CPDS scheme improved the average broadcast delay of authentic messages by 75% and 43% compared to Authentication first mode and Dynamic window scheme respectively. In terms of energy consumption, CPDS was evidently more efficient by 60% and 30% compared to Authentication first mode and Dynamic window scheme respectively.