Due to limited resources in wireless sensors, such sensors are easily attacked by flood joining messages. To address these types of challenges, techniques are presented herein that support making simple nodes (such as wireless sensors) "smarter" to allow them to identify malicious node(s) from legal neighbors. Aspects of the techniques presented herein leverage, among other things, the Extensible Authentication Protocol (EAP) over local area network (LAN), or EAPOL, protocol and employ, among other things, an EAPOL neighbor status profile, or ENSP. A node may generate an ENSP for each connection rather than for each node based on a unique address. After exchanging ENSPs with neighbors and then analyzing, a node may easily identify a malicious node and detect which is the malicious traffic.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Zhang, Lele; Xia, Yajun; Sheriff, Akram; and Li, Chuanwei, "DETECTION AND PREVENTION OF EAPOL-START FLOOD ATTACKS IN LLN ENVIRONMENTS", Technical Disclosure Commons, (February 25, 2021)