50 4. RISK ASSESSMENT IN A SENSOR CLOUD
Attacks on a WSN can be categorized as active or passive attacks [52]. Active attacks, such
as sinkhole, are executed to alter the network resources or operations such as routing protocol.
Passive attacks, such as eavesdropping, are executed to gather information about the network
which can then be used to execute Active attacks. An example instance of classification of active
and passive attacks is shown in Table 4.1. An instance of the set of known attacks along with
their definition and attack patterns [38, 39, 51] is given in Table 4.2.
Table 4.1: Classification of attacks on a WSN
Types of Security Attacks
Active Attacks Passive Attacks
Routing Attacks (Spoof, Alter and Replay;
Selective Forwarding; Sinkhole; Sybil;
Wormhole; HELLO Flood)
Passive information Gathering (Eavesdrop-
ping)
Denial of Service (Frequency Jamming) Traffi c Analysis
Fabrication (Node Subversion and Node
Malfunction)
Camoufl aged Adversaries
Lack of Cooperation (Node Outage)
Modifi cation (Physical Tampering and
Message Corruption)
Impersonation (Node Replication)
Further, to understand the cause-consequence relationships between attacks on a WSN,
we should be aware of the conditions that are required to execute a particular attack, also known
as pre-conditions of an attack, and the consequences of successful execution of an attack, also
known as the post-conditions of an attack. If the post-conditions of an attack satisfies the pre-
conditions of another attack then these two attacks will have a cause-consequence relationship
which is represented as an edge in the attack graph. We develop an attack module that will
capture the cause-consequence relationship between the attacks (Table 4.3). In some cases, pre-
conditions of an attack may be satisfied by the post-conditions of a single attack, these kinds
of attacks will be connected by an OR type join in the attack graph (Figure 4.3), whereas, if
post-conditions of two or more attacks are required simultaneously to satisfy the pre-conditions
of an attack, they are connected by AND type joins.
Definition 4.2 Attack Module. An attack module is defined as a tuple, (P
i
, S
pre
, S
post
, ),
where P
i
is the attack pattern, s
pre
is the pre-conditions required to execute the attack, s
post
are
the post-conditions after the execution of the attack, and is the join type, 2 [OR, AND].