Threats in wireless sensor networks
Download as PPTX, PDF1 like3,925 views
Wireless sensor networks require a high level of security even though their resources are limited. They face many types of attacks due to their broadcast transmissions and deployment in hostile environments without physical protection. Attacks can target the information in transit, different layers of the protocol stack, and seek to overwhelm the network. While some challenges have been addressed, research is still needed to resolve conflicts between security and limited resources in wireless sensor networks.
Threats in wireless sensor networks
- 1. Threats in Wireless Sensor Networks PRESENTED BY: PRIYA KAUSHAL ROLL NO. 152615 ME (ECE) REGULAR
- 2. Introduction High level of security is needed in WSN. This leads to need of extra resources. BUT WSN resources are very limited. Current researches haven’t treat this conflict yet. SO Special security requirements are needed. WSN security faces a lot of challenges. A lot of research points in this area is open.
- 3. Why high security level is needed? Have many applications in military and homeland. Could be deployed in hostile environments. Could be deployed in uncontrolled environment. Wireless communication facilitates eavesdropping. Often monitor their surroundings, so it is easy to deduce extra unwanted information results in privacy violation.
- 5. Attacks Sensor networks are particularly vulnerable to several key types of attacks. Attacks can be performed in a variety of ways. Wireless networks are vulnerable to security attacks due to the broadcast nature of the transmission medium. Furthermore, WSNs have an additional vulnerability because nodes are often placed in a hostile or dangerous environment where they are not physically protected. For a large-scale sensor network, it is impractical to monitor and protect each individual sensor from physical or logical attack. Attackers may device different types of security threats to make the WSN system unstable.
- 6. Classifications Based on Capability of the attacker Attack on information in transit Protocol stack
- 7. Based on Capability of attacker • Outside attacks are defined as attacks from nodes, which do not belong to a WSN • Insider attacks occur when legitimate nodes of a WSN behave in unintended or unauthorized ways. Outsider versus insider attacks • Passive attacks include eavesdropping on or monitoring packets exchanged within a WSN • Active attacks involve some modifications of the data steam or the creation of a false stream. Passive versus active attacks • In mote-class attacks, an adversary attacks a WSN by using a few nodes with similar capabilities to the network nodes. • laptop-class attacks, an adversary can use more powerful devices (e.g., a laptop) to attack a WSN. Mote-class versus laptop-class attacks
- 8. Attacks on information in transit • This involves breaking the software running on the sensor nodes. Chances are the operating system and/or the applications running in a sensor node are vulnerable to popular exploits such as buffer overflows. Software compromise • It has two orthogonal perspectives layer-specific compromises, and protocol-specific compromises. This includes all the attacks on information in transit. Apart from that it also includes Deviating from protocol. Network- based attacks
- 9. Based on Protocol Stack Physical layer Jamming Radio interference Data link layer Continues channel access Collision Network layer sinkhole Hello flood Transport layer Flooding De-synchronization attack Application layer overwhelm attack Path based DOC
- 10. Physical layer • Attackers broadcasting a high-energy signal. Jamming attacks in WSNs, classifying them as • constant :corrupts packets as they are transmitted • Deceptive: sends a constant stream of bytes into the network to make it look like legitimate traffic • Random: randomly alternates between sleep and jamming to save energy • Reactive: transmits a jam signal when it senses traffic Jamming • In which the adversary either produces large amounts of interference intermittently. • Solution: use of symmetric key algorithms in which the disclosure of the keys is delayed by some time interval. Radio interference
- 11. Data link layer • malicious node disrupts the Media Access Control protocol, by continuously requesting or transmitting over the channel. This eventually leads a starvation for other nodes in the network with respect to channel access. • Solution: Rate Limiting to the MAC admission control such that the network can ignore excessive requests, thus preventing the energy drain caused by repeated transmissions. • time division multiplexing Continuous Channel Access • A collision occurs when two nodes attempt to transmit on the same frequency simultaneously. • When packets collide, a change will likely occur in the data portion, causing a checksum mismatch at the receiving end. • solution: error-correcting codes . collision
- 12. Network layer • Depending on the routing algorithm technique, a sinkhole attack tries to lure almost all the traffic toward the compromised node, creating a metaphorical sinkhole with the adversary at the center. • Geo-routing protocols. sinkhole • This attack exploits Hello packets • A laptop class adversary can send this kind of packet to all sensor nodes in the network so that they believe the compromised node belongs to their neighbors. This causes a large number of nodes sending packets to this imaginary neighbor and thus into oblivion. • Authentication is a solution . Such attacks can easily be avoided by verify bi-directionality of a link before taking action based on the information received over that link. Hello Flood
- 13. Transport layer • An attacker may repeatedly make new connection requests until the resources required by each connection are exhausted or reach a maximum limit. It produces severe resource constraints for legitimate nodes. • solution: each connecting client demonstrate its commitment to the connection by solving a puzzle. Flooding • In this attack, the adversary repeatedly forges messages to one or both end points which request transmission of missed frames. Hence, these messages are again transmitted and if the adversary maintains a proper timing, it can prevent the end points from exchanging any useful information. This will cause a considerable drainage of energy of legitimate nodes in the network in an end less synchronization-recovery protocol. • Solution: authentication of all packets including control fields communicated between De- synchronization
- 14. Application layer • An attacker might attempt to overwhelm network nodes with sensor stimuli, causing the network to forward large volumes of traffic to a base station. • consumes network bandwidth and drains node energy. • Solution: carefully tuning sensors so that only the specifically desired stimulus • Rate-limiting and efficient data-aggregation algorithms can also reduce these attacks’ effects Overwhelm attack • It involves injecting spurious or replayed packets into the network at leaf nodes. This attack can starve the network of legitimate traffic, because it consumes resources on the path to the base station, thus preventing other nodes from sending data to the base station. • Solution: Combining packet authentication and anti replay protection prevents these attacks. Path –based DOS attack
- 15. conclusion WSN needs high level of security due to its harsh environment. This leads to intense security and survival requirements. WSN face attacks of different types. Limited resources of sensors make WSN faces a huge security challenges. Some challenges are resolved and many haven’t resolved yet or under studying.
- 16. Thank You