Security in Wireless Sensor Networks

Security in Sensor Networks

Introduction

Wireless Sensor Networks are expected to be a solution to applications. Two categories of applications are monitoring and tracking. This include industrial/health/millitary applications which are mission critical and often handle sesitive data. But because of the peculiar nature of network, the traditional security mechanisms are often can not be applied to WSN.
The major obstacles are
  1. Very limited resources: Computing, commnication and energy
  2. Unreliable communication: Unreliable transfer, conflicts because of broadcast/multicast nature of network and latency in communication
  3. Unattended operation: Nodes are exposed to physical attacks. They are managed remotely and there is no central management point.
These differences greately affect how secure data transfer schemes are implemented. The limited computing and communication power make WSN succeptible to DoS attacks. The public key cryptographic schemes currently deployed needs lot of computing and can not be ported in WSN. Thus most of the security schemes employ symmetric key cryptography.

Security Requirements

WSN's are application specific. The requirements mainly depend on the nature of data, WSN handles. Broadly the requirements can be viewed as
  1. Data Confidentiality: It's important in applications such as millitary operations or when the network handles sensitive data
  2. Data integrity: WSN should be able to tolerate active attacks such as tampering of messages which may be due to a mallicious node trying to modify the traffic passing through it or due to communication errors or node malfunctioning
  3. Data freshness: Data freshness suggest that the data is recent and no old messages has been replayed. Normally achieved using a nonce or packet id.
  4. Availability: The network can undergo node failures due to energy drain or malfunctioning of nodes. The increase in computation itself can make a node run out of energy.
  5. Self organization: WSN is a typical ad-hoc network which requires every node to self organize and self heal according to situations.
  6. Time Synchronization: The nodes need time synchronization for effective data transfer. Also the node may wish to find end-end delay for data transfer.
  7. Secure Localization: Often the node has to identify its correct location. This is important to application such as fault location or tracking applications
  8. Authentication: The receiver node has to make sure that data originated from correct source. This is important when base station issues commands / send program updates( migratable code).

Typical Attacks

  1. DoS attacks: Violation of communication protocols, jamming
  2. Sybil Attack: A malicious node illegimately taking on multiple identities. It's major attack on routing algorithms , data aggregation, voting, fair resource allocation and foiling misbehavior detection.
  3. Traffic analysis attacks: The sensor nodes normally route the information to base station. Often the traffic analysis can easily detect the base and make the network useless. Two basic and blind attacks are rate monitoring attack and time correlation attack.
  4. Node replication attacks: An attacker replicate the node ID of existing node by copying which can result in disconnected network or false sensor reading etc.
  5. Attacks against privacy: The traffic analysis by intruder can capture the entire information remotely. The major attacks agains sensor privacy are a) monitor and eavesdropping, traffic analysis and camouflage ( where attacker insert hidden nodes and re route information)
  6. Physical attacks: Include tampering the node/extract the cryptographic information etc.

Dealing with DoS



References

  1. Wireless Sensor NetworkSecurity : A Survey :- John Paul Walters, Zhengqiang Liang,
    Weisong Shi, and Vipin Chaudhary. 2006 Auerbach Publications, CRC Press
  2. A survey of Security Issues in WSN : Yong Wang, Garhan Attebury and Byrav Ramamurthy (2005)
  3. Taxonomy of Security Attacks in Sensor Networks and Countermeasures:- Tanya Roosta, ShiuhpyngShieh Shankar Sastry



Group

2 comments:

kuldeep said...

hi,
thanks for ur help making me aware of Avrora.Do u have source code of any security related application like key distribution or any trust management framework code.Please reply soon

Gireesh said...

@kuldeep
ECC is ported in to tinyos which is available as TinyECC
Also link layer gives AES-128 encryption which is specific to 802.15.4 radios

Any key mechanism based on symmetric keys, you should be able to code. Please go through the tinyos contributed code.
And if you get any interesting stuff, please post it as comment here so that others will be benifited