Security in wireless sensor networks

Prof. S K Jena
Department of Computer Science and Engineering
National Institute of Technology Rourkela

 Why Need Security?
 Why Security Complicated in WSN?
 Security Requirements
 Guiding Principles for Securing WSN
 Evaluation Metrics to Security Scheme
 Taxonomy of Attacks
 Issues with High-Level Security Mechanisms
 Conclusion

 Wireless sensor networks have many applications in military,
homeland security and other areas. In that many sensor
networks have mission-critical tasks.
 Security is critical for such networks deployed in hostile
environments.
 Most sensor networks actively monitor their surroundings,
and it is often easy to deduce information other than the
data monitored.

 Such unwanted information leakage often results in privacy
breaches of the people in environment.
 Moreover, the wireless communication employed by sensor
networks facilitates eavesdropping and packet injection by an
adversary.
 The combination of these factors demands security for
sensor networks at design time to ensure operation safety,
secrecy of sensitive data, and privacy for people in sensor
environments.
 Providing security in sensor networks is even more difficult
than MANETs due to the resource limitations of sensor
nodes.

 Overall cost of WSN should be as low as possible.
 Sensor nodes are susceptible to physical capture.
 Sensor nodes use wireless communication, easy to
eavesdrop.
 Attacker can easily inject malicious message into network.
 Anti-jamming and physical temper proofing techniques are
impossible due to greater design complexity and energy
consumption
 Sensor node constraints make WSNs more susceptible to
denial-of-service attack

 Frequent topology change of WSN facilitates different link
attacks ranging from passive eavesdropping to active
interfering
 There is a conflict between resource consumption and
maximization of security level.
 Due to node constraints asymmetric cryptography is often
too expensive.
 Managing key distribution is not unique to WSNs, but
constraints such as small memory capacity make centralized
keying techniques impossible.

 Confidentiality
 Integrity
 Availability
 Freshness
 Additional requirements:
 Authentication
 Access-control
 Privacy
 Authorization
 Non-repudiation
 Survivability

 Security of a network is determined by the security over all layers.
 In a massively distributed network, security measures should be
amenable to dynamic reconfiguration and decentralized
management.
 In a given network, at any given time, the cost incurred due to the
security measures should not exceed the cost assessed due to the
security risks at that time.
 If physical security of nodes in a network is not guaranteed, the
security measures must be resilient to physical tampering with nodes
in the field of operation.
 Because of various constraints in WSN the following aspects should
be carefully considered when designing a security scheme: Power
efficiency, Node Density and Reliability, Adaptive security, Self
configurability, Simplicity and local ID.

 Security
 Resiliency
 Energy efficiency
 Flexibility
 Scalability
 Fault-tolerance
 Self-healing
 Assurance

 Wireless networks are vulnerable to security attacks due to
the broadcast nature of the transmission medium.
 Furthermore, WSNs have an additional vulnerability
because nodes are often placed in a hostile or dangerous
environment where they are not physically protected.
 For a large-scale sensor network, it is impractical to
monitor and protect each individual sensor from physical
or logical attack. Attackers may device different types of
security threats to make the WSN system unstable.

 Based on Capability of attacker
 Outsider versus insider (Node Compromise) attacks
 Passive versus active attacks
 Mote-class versus laptop-class attacks
 Attacks on Information in Transit
 Interruption
 Interception
 Modification
 Fabrication
 Replaying existing messages

 Host Based Vs Network Based
 Host-based attacks
▪ User compromise
▪ Hardware compromise
▪ Software compromise
 Network-based attacks
▪ Layer-specific compromises
▪ Protocol-specific compromises
 Deviating from protocol

 Based on Protocol Stack
 Physical layer
▪ Jamming
▪ Radio interference
▪ Tampering or destruction
 Data Link Layer
▪ Continuous Channel Access (Exhaustion)
▪ Collision
▪ Unfairness
▪ Interrogation
▪ Sybil Attack

 Network Layer
▪ Sinkhole
▪ Hello Flood
▪ Node Capture
▪ Selective Forwarding/ Black Hole Attack (Neglect And Greed)
▪ Sybil Attack
▪ Wormhole Attacks
▪ Spoofed, Altered, or Replayed Routing Information
▪ Acknowledgment Spoofing
▪ Misdirection
▪ Internet Smurf Attack
▪ Homing

 Transport Layer
▪ Flooding
▪ De-synchronization Attacks
 Application Layer
▪ Overwhelm attack
▪ Path-based DOS attack
▪ Deluge (reprogram) attack

 Cryptograph
 To achieve security in WSNs, it is important to be able to perform various
cryptographic operations, including encryption, authentication, and so on.
 However, decision for Selecting the appropriate cryptography method
depends on the computation and communication capability of the sensor
nodes.
 Asymmetric cryptography is often too expensive for many applications. Thus,
a promising approach is to use more efficient symmetric cryptographic
alternatives.
 However, symmetric cryptography is not as versatile as public key
cryptographic techniques, which complicates the design of secure
applications.
 Applying any encryption scheme requires transmission of extra bits, hence
extra processing, memory and battery power, which are very important
resources for the sensors’ longevity.
 Applying the security mechanisms such as encryption could also increase
delay, jitter and packet loss in WSNs.

 Cryptography
 The process by which public key and symmetric key
cryptography schemes should be selected is based on the
following criteria:
▪ Energy
▪ Program memory
▪ Temporary memory
▪ Execution time
▪ Program parameters memory

 Key Management
 The security of a cryptographic system relies mainly on the secrecy of
the key it uses.
 Keys for these cryptographic operations must be set up by
communicating nodes before they can exchange information securely.
 Key management schemes are mechanisms used to establish and
distribute various kinds of cryptographic keys in the network, such as
individual keys, pair wise keys, and group keys.
 Key management is an essential cryptographic primitive upon which
other security primitives are built. If an attacker can find the key, the
entire system is broken.
 In fact, a secure key management scheme is the prerequisite for the
security of these primitives, and thus essential to achieving secure
infrastructure in sensor networks.

 Open Research Issue on Cryptography algorithms and Key
Management protocols
 Public key cryptography
 Symmetric key cryptography
 Link layer security (hop-by-hop encryption)
 Authenticity of public keys (Identity-based cryptography)
 Key revocation
 Key management schemes based on symmetric key cryptography
 Key management schemes based on public key cryptography
 path key establishment
 Good-shared key discovery
 Key management and Security mechanisms for mobile WSNs
 study of node compromise distribution and integrating it in key
management

 Secure Data Aggregation
 Data aggregation (or data fusion) is a process in which intermediary nodes
called “aggregators” collect the raw sensed information form sensor nodes,
process it locally, and forward only the result to the end-user.
 This important operation essentially reduces the amount of transmitted data
on the network and thus prolongs its overall lifetime
 This operation cannot be efficiently done without being secured.
 Because of deployment environment, the physical compromise of
aggregators and some of the sensor nodes is possible.
 An active adversary can forge, the home server to accept false aggregation
results (Stealthy attacks), which are very much different from the actual results
determined by the measured values.
 The first line of defence against threats is cryptographic mechanisms: integrity
and confidentiality can be achieved using cryptographic schemes.

 Open Research Issue on Secure Data Aggregation
 Techniques are needed to ensure that the user can still be confident of the
(approximate) accuracy of the aggregated data even when the aggregator and
a small subset of the sensor nodes are under the control of an adversary .
 In secure data aggregation protocols, performance comparison are required in
terms of matrices such as security, processing overhead, communication
overhead, energy consumption, and data compression rate.
 New data aggregation protocols need to be developed to address higher
scalability and reliability against aggregator and sensor node cheating.
 Cryptography within in-network data processing (secure data processing ).
 Secure, very efficient and cost-effective, data aggregation mechanisms .
 Trustworthiness and reliability of the aggregated data.
 Secure data aggregation scheme in the environments without big nodes.
 secure data aggregation schemes for mobile WSNs including mobile
aggregators

 Secure Group Management
 In-network processing of the raw data is performed in WSNs by
dividing the network into small groups and analyzing the data
aggregated at the group leaders.
 So the group leader has to authenticate the data it is receiving from
other nodes in the group.
 This requires group key management. However, addition or deletion of
nodes from the group leads to more problems.
 Consequently, secure protocols for group management are required.

 Intrusion Detection
 The problem of intrusion detection is very important in the case of
WSNs.
 Traditional approaches which do an anomaly analysis of the network
at a few concentration points, are expensive in terms of network's
memory and energy consumption.
 So there is a need for decentralized intrusion detection .

 Open Research Issue on Intrusion Detection
 The problem of intrusion detection needs to be well defined in WSNs.
 The proposed IDS protocols focus on filtering injected false
information only.
 These protocols need to be improved so as to address scalability
issues.
 It is very difficult to integrate intrusion detection techniques into a
uniform hardware platform due to cost and implementation
considerations .

 Secure Time Synchronization
 Due to the collaborative nature of sensor nodes, time synchronization
is very important for many sensor network operations, such as
coordinated sensing tasks, sensor scheduling (sleep and wake), mobile
object tracking, time- division multiple access (TDMA) medium access
control, data aggregation, and multicast source authentication
protocol.
 However, none of the aforementioned time synchronization schemes
were designed with security in mind. Hence, they are not suitable for
applications in hostile environments (e.g., military battlefields) where
security is critical.
 Most existing time synchronization schemes are vulnerable to several
attacks which include Masquerade attack, Replay attack, Message
manipulation attack, Delay attack and Denial of service (DoS).

 Secure Location Discovery
 Sensor locations play a critical role in many sensor network applications,
such as environment monitoring and target tracking.
 Without protection, an attacker may easily mislead the location estimation
at sensor nodes and subvert the normal operation of sensor networks.
 For example, an attacker may provide incorrect location references by
replaying the beacon packets intercepted in different locations.
 In either case, non-beacon nodes will determine their locations incorrectly.
 Two approaches to deal with malicious attacks against location discovery
in WSNs are based on minimum mean square estimation (MMSE) and use
a voting-based location estimation technique and iteratively refine voting
to tolerate malicious location references sent by attackers.

 Code Attestation
 Sensors that operate in an unattended, harsh or hostile environment often suffer
from break-in compromises, because their low costs do not allow the use of
expensive tamper-resistant hardware.
 Besides the exposure of secret information (e.g., cryptographic keys),
compromised sensors may be reprogrammed with malicious code to launch all
kinds of insider attacks.
 If we can identify and further revoke those corrupted nodes in a timely manner,
the potential damages caused by them could be minimized.
 To address this problem, a promising direction is to use code attestation to
validate the code running on each sensor node. Because the code running on a
malicious node must be different from that on a legitimate node, we can detect
compromised nodes by verifying their memory content.
 Code attestation may be achieved through either hardware or software.
 So far little research has been done in this aspect, and I believe it is a promising
research direction.

 Secure Routing
 Many sensor network routing protocols have been proposed, but none of them
have been designed with security as a goal. WSNs use multi-hop routing and
wireless communication to transfer data, thus incur more routing attacks.
 Security attributes are the mechanisms that allow the routing protocols to
defend against the possible threats in the whole network.
 These attributes consist of identity verification, bi- directionality confirmation,
topology structure restriction, base station decentralization and braided and
multi-path transmission.

 Secure Routing
 There are a lot of approaches to ease routing security:
▪ Most current proposals are suitable for static WSNs. Designing secure routing algorithms for
mobile WSNs is complex and current secure routing algorithms will meet issues when they are
applied in mobile environments.
▪ Undetected node compromise issues
▪ Currently most proposals only consider security metrics and only a few of them evaluate other
metrics. More metrics, such as QoS (quality of service) need to be considered in addition of
security.
▪ Some secure routing algorithms are proposed based on hierarchical sensor networks, most of
these studies did not show the different effects such as energy consummations, security, etc. due
to different cluster size. More elaborate studies need to be done in the future.
▪ Routing maintenance

 Trust Management System
 Trust, or the trust on the behaviour of the elements of the network, is a key
aspect for WSN.
 A trust management system can be useful for detecting a node which is not
behaving as expected (either faulty or maliciously) or it can assist in the
decision-making process, for instance, if a node needs a partner in order to
achieve a common goal.
 Even though trust is an important feature for WSN few systems have
considered it.
 However, more efforts have been made on the fields of Ad-hoc and P2P
networks, which are somehow similar to WSN.
 It is clear that any trust management system has to be specially designed and
prepared for reacting against the particular issues, such as autonomy,
decentralization, and initialization that can be found in WSN environments.

 Trust Management System
 Although there are some existing architectures for WSN that partially solve
these problems, it is still possible to point out the neglected aspects that can
be considered crucial for creating a satisfactory trust system.
▪ Any trust management system has to be specially designed and prepared for reacting
against the particular issues, such as autonomy, decentralization, and initialization
that can be found in WSN environments.
▪ It should be necessary to deduce different trust values for every distinct behaviour of
the nodes.
▪ Sensor nodes should also be aware of the trust history of their neighbourhood. The
consistence in the trust readings is also significant.
▪ Note that all the important decisions taken by the nodes, such as node exclusion,
should be notified to the base station for logging, monitoring and maintenance
purposes.
▪ One of the biggest constraints regarding trust management for sensor networks is
the overhead that the existence of this system may impose over the constrained
elements of the network.

 Other Security Issues
 Security-energy assessment,
 Data assurance,
 Survivability,
 Trust,
 End to end security,
 Security and Privacy Support for data centric sensor networks (DCS),
 Node compromise distribution.
It’s very important to study these areas due to a sensor network’s
special character, such as battery limitation, high failure probability
nodes, easier compromised nodes, unreliable transmission media, etc.
Until now, there have been only a few approaches available, and more
studies are needed in these areas.

 Security concerns constitute a potential stumbling block to the
impending wide deployment of sensor networks.
 WSNs are still under development, and many protocols designed so far
for WSNs have not taken security into consideration.
 On the other hand, the salient features of WSNs make it very challenging
to design strong security protocols while still maintaining low overheads.
 We summarize typical attacks on sensor networks and several important
security issues relevant to the sensor networks, including key
management, secure time synchronization, secure location discovery and
etc.
 Many security issues in WSNs remain open and I expect to see more
research activities on these exciting topics in the future.

 Chris Karlof and David Wagner, “Secure routing in wireless sensor networks: attacks
and countermeasures”, Ad Hoc Networks, Elsevier Publications, Vol.1, pp.293–315,
2003.
 Xiangqian Chen, Kia Makki, Kang Yen, and Niki Pissinou, “Sensor Network
Security: A Survey”, IEEE Communications Surveys & Tutorials, Vol. 11, No. 2, pp.
52 – 73, Second Quarter 2009.
 T.Kavitha and D.Sridharan, “Security Vulnerabilities In Wireless Sensor Networks:
A Survey”, Journal of Information Assurance and Security (2010) Vol. 5, No. 1 pp.
31– 44, 2010.
 Holger Karl and Andreas Willing, “Protocols and Architectures for Wireless Sensor
Networks”, John Wiley & Sons publication, 2007.

Security in wireless sensor networks

Recommended

More Related Content

What's hot (20)

Viewers also liked (7)

Similar to Security in wireless sensor networks (20)

More from Piyush Mittal (20)

Recently uploaded (20)

Security in wireless sensor networks

Editor's Notes