1. Security in
Wireless sensor network
Disclaimer:
a.
Information included in this slides came from multiple sources. We have
tried our best to cite the sources. Please refer to the Table of References
slide (#2) to learn about the sources, when applicable.
b.
The slides should be used only for academic purposes (e.g., in teaching a
class), and should not be used for commercial purposes.
Security in Wireless sensor network
1
3. Introduction
What is wireless sensor network?
The wireless network consists of hundreds or thousands of lowpower, low-cost nodes deployed to monitor and affect the
environment
Organization of Wireless sensor network
Ref:-www.cis.syr.edu/~wedu/Research/slides/Purdue04.ppt
Sensors
Deploy
3
Security in Wireless sensor network
5. Application of WSN
Military applications
Enemy movement
Environmental applications
Habitat monitoring
Forrest fire monitoring
Health applications
Tracking patients, doctors, drug administrators
Home applications
Other commercial applications
5
Security in Wireless sensor network
6. Need for Security
Protecting confidentiality, integrity, and availability of the
communications and computations
Sensor networks have certain severe resource
constraints due to their lack of data storage and power
Wireless Sensor networks are vulnerable to security
attacks as medium of transmission of data is
broadcasting
Sensor nodes can be physically captured or destroyed
6
Security in Wireless sensor network
7. Requirements of security
Data confidentiality
Sensor networks should not leak any sensitive data
to any unauthorized neighboring nodes
Data integrity
The sensitive data should not be erased or changed
by the adversary
Data Freshness
The data received by the nodes should be recent
and should be the old message replayed
Availability
Limitation of data access
7
Security in Wireless sensor network
8. Standard approach
The standard approach to achieve the data
confidentiality is to encrypt it with the secret key which is
possessed by the intended receivers
uTESLA is a protocol which uses asymmetric key
cryptography and minimal packet overhead to achieve
the data integrity
Typical approach to achieve the data freshness is
shared needs to be exchanged over a period of time
Traditional encryption algorithm can be used to achieve
make the data available
8
Security in Wireless sensor network
9. Obstacles of Sensor nodes Security
A sensor nodes have a small amount of memory and
storage space for the code
Energy is the biggest constraints in the wireless sensor
network
Unreliable communication
Unattended Operation
9
Security in Wireless sensor network
10. Network layer attacks on WSN
Spoofed, altered and replayed routing information
Selective Forwarding
Sinkhole attacks
The Sybil attack
Wormholes
10
Security in Wireless sensor network
11. Description of attacks
Spoof, alter, or replay routing info
- Create loops, attack or repel network traffic, partition
the network, extend or shorten the source routes and
generate false error messages
Selective forwarding
- Malicious node selectively drops incoming packets
- Adversary can also modify packets and forward
these messages
11
Security in Wireless sensor network
12. Continued..
Sinkhole attacks
- All packets are directed to base station
- A malicious node advertises a high quality link to the
base station to attract a lot of packets
- Enable other attacks, e.g., selective forwarding or
wormhole attack
12
Security in Wireless sensor network
13. Continued..
Sybil attack
- A single node presents multiple ID’s to other nodes
- Affect distributed storage, multi-path routing , topology
maintenance and geographic routing
Wormhole Attack
- Two colluding nodes
- A node at one end of the wormhole advertises high
quality link to the base station
- Another node at the other end receives the attracted
packets
13
Security in Wireless sensor network
15. Approaches against the attacks
Outsider attacks and link layer security
Precaution against outsider attacks, e.g., Sybil
attacks, selective forwarding, ACK spoofing
- Cannot handle insider attacks
Sybil attack
- Every node shares a unique secret key with the base
station
- Create pair wise shared key for msg authentication
- Limit the number of neighbors for a node
15
Security in Wireless sensor network
16. Continued..
Wormhole, sinkhole attack
- Cryptography may not help directly
- Good routing protocol design
- Geographic routing
Tunnel packets from one part
of the network and replay them
in a different part.
-
16
Security in Wireless sensor network
17. Continued..
Selective forwarding
- Multi-path routing
- Route messages over disjoint or Braided paths
- Dynamically pick next hop from a set of candidates
17
Security in Wireless sensor network
18. Secure routing
To send data safely proper routing and forwarding is
required in sensor network
Injection attacks
Insert malicious information in the network to
produce inconsistencies
Authentication can avoid the injection attacks
Sensor networks are susceptible to node capture
attacks
Single node is compromised to take over the entire
network
18
Security in Wireless sensor network
19. Secure group management
protocols for group management are required to
- securely admit new group members
- support secure group communication
The outcome of the group computation is normally
transmitted to a base station, therefore the output must
be authenticated to ensure it comes from a valid group.
Any solution must also be efficient in terms of time and
energy (or involve low computation and communication
costs).
- precludes most classical group-management solutions
19
Security in Wireless sensor network
20. Secure data aggregation
Wireless sensor network sense the large and dense set
of nodes
The sensed values must be aggregated to avoid
overwhelming amounts of traffic back to the base station
Aggregation takes place depending on the architecture
If the application tolerates approximate answers,
powerful techniques are available.
- randomly sampling a small fraction of nodes and
checking that they have behaved properly supports
detection of many different types of attacks
20
Security in Wireless sensor network