1. Security in Wireless Sensor
Networks
By
k.Vishnu prasanna
Vishnuprasanna_kudumula@yahoo.com
2. This covers the security threats, review
proposed security mechanisms for wireless
sensor networks and also at the same time
discusses about the holistic view of security
for ensuring layered and robust security in
wireless sensor networks.
3. What are Wire le ss Se nso r Ne two rks?
A wireless network consisting of spatially
distributed autonomous devices.
Basic idea is to wide spread the tiny sensing
devices which are capable of sensing some.
Can monitor temperature, pressure, humidity,
soil makeup, vehicular movement, noise levels,
lighting conditions, the presence or absence of
certain kinds of objects or substances,
mechanical stress levels on attached objects,
and other properties .
4. Issue s to co nce ntrate o n
The routing strategies get more preference, the
security issues are yet to receive extensive
focus.
Explore the security issues and challenges,
discuss crucial parameters that require
extensive investigations.
Talk about cryptography, steganography and
other basics of network security
5. Discuss various types of threats and attacks
against wireless sensor network .
Discuss related work and proposed schemes
concerning security in WSN and introduce the
view of holistic security in WSN.
6. Security Schemes in Wireless Sensor
Networks
Authentication, integrity, privacy, no repudiation,
and anti-playback.
For secure transmission of various types of
information over networks, several
cryptographic, steganographic and other
techniques are used.
Network security fundamentals and how all
these techniques are meant for wireless sensor
network.
7. Crypto g raphy
Encryption-decryption techniques meant for the
traditional wired networks are not capable in
WSN.
Wireless sensor networks consist of tiny
sensors which really suffer from the lack of
processing, memory and battery power.
Applying any encryption scheme requires
transmission of extra bits.
8. Ste g ano g raphy
Cryptography aims at hiding the main content of
a message, steganography aims at hiding the
present existence of the message.
Steganography is the art of covert
communication by embedding a message into
the multimedia data (image, sound, video, etc.).
Objective of steganography is to modify the
carrier in a way that is not perceptible and
hence, it looks just like ordinary message.
9. Securing wireless sensor networks is not directly related to
steganography and processing multimedia data (like audio,
video) with the inadequate resources of the sensors is difficult.
10. Security Threats and Issues in Wireless
Sensor Networks
Most are similar to their wired counterparts while
some are severe with the inclusion of wireless
connectivity.
Wireless networks are usually more open to
various security threats as unguided
transmission medium is more open to security
attacks than those of the guided transmission
medium.
11. Attacks in Wireless Sensor Networks
Attacks against wireless sensor networks
could be broadly considered from two different
levels of views.
1. The attack against the security mechanisms
2. Against the basic mechanisms (like routing
mechanisms).
12. Denial of Service
A standard attack on wireless sensor networks
is to jam a node or set of nodes.
Jamming, the transmission of a radio signal that
interferes with the radio frequencies being used
by the sensor network.
Two forms: constant jamming, and intermittent
jamming.
13. Constant jamming involves the complete
jamming of the entire network. No messages
are able to be sent or received.
If the jamming is only intermittent, then nodes
are able to exchange messages periodically, but
not consistently.
Can have a detrimental impact as the messages
may be time sensitive.
14. Simplest DoS tries to exhaust the resources
available to the victim node, by sending extra
unnecessary packets preventing legitimate
network users from accessing.
Not only for the adversary’s attempt to subvert,
disrupt, or destroy a network, but also for any
event that diminishes a network’s capability to
provide a service.
15. Denial of service attacks in different
layers
Denial of service attacks could be jamming and
tampering, at link layer, collision, exhaustion,
unfairness, at network layer, neglect and greed,
homing, misdirection, black holes and at transport
layer this attack could be performed by malicious
flooding and desynchronization.
Prevention: The mechanisms to prevent Denial of
service attacks include payment for network
resources, strong authentication and identification
of traffic.
16. Transport Layer:
Attacks :
Transport layer susceptible to flooding.
Flooding can be as simple as sending many
connection requests to a susceptible node.
Prevention :
Resources must be allocated to handle the
connection request.
Eventually a node’s resources will be exhausted,
thus rendering the node useless.
17. Attacks on Information in transit
In a sensor network, sensors monitor the changes of specific
parameters or values and report to the sink according to the
requirement.
While sending the report, the information in transit may be
altered, spoofed, replayed again or vanished.
Eaves dropper can monitor the traffic flow and get into action
to interrupt, intercept, modify or fabricate packets thus,
provide wrong information to the base.
Attacker with high processing power and larger
communication range could attack several sensors at the
same time.
18.
19. Sybil Attack
Sensors in a WSN might need to work together to
accomplish a task, hence they can use
distribution of subtasks and redundancy of
information.
In such a situation, a node can pretend to be
more than one node using the identities of other
legitimate nodes .
This type of attack where a node forges the
identities of more than one node is the Sybil
attack.
Degrades integrity of data, security and resource
utilization that the distributed algorithm attempts
20.
21. Black hole/Sinkhole Attack
Malicious node acts as a black hole to attract all
the traffic in the sensor network.
Attacker listens to requests for routes then
replies to the target nodes that it contains the
high quality or shortest path to the base station.
Inserts itself between the communicating nodes,
it is able to do anything with the packets passing
between them.
22.
23. Hello Flood Attack
Uses HELLO packets as a weapon to convince
the sensors in WSN.
Attacker with a high radio transmission range
and processing power sends HELLO packets to
a number of sensor nodes.
Sensors are thus persuaded that the adversary
is their neighbor.
Victim nodes try to go through the attacker.
24. Wormhole Attack
Attacker records the packets (or bits) at one
location in the network and tunnels those to
another location.
The tunneling or retransmitting of bits could be
done selectively.
Attack does not require compromising a sensor
in the network rather, it could be performed
even at the initial.
25. The figure shows a situation where a wormhole attack
takes place.
When a node B (for example, the base station or any
other sensor) broadcasts the routing request packet,
the attacker receives this packet and replays it in its
neighborhood.
Each neighboring node receiving this replayed packet
will consider itself to be in the range of Node B, and
will mark this node as its parent. Hence, even if the
victim nodes are multihop apart from B, attacker in this
case convinces them that B is only a single hop away
26. Traffic Analysis Attack & Rate Monitoring
Attack
For an adversary to effectively render the
network useless, the attacker can simply disable
the base station.
Rate monitoring attack makes use of the idea
that nodes closest to the base station tend to
forward more.
An attacker need only monitor which nodes are
sending packets and follow those nodes that are
sending the most packets.
27. Time correlation attack
Adversary generates events and monitors to
whom a node sends its packets.
To generate an event, the adversary could
simply generate a physical event that would be
monitored by the sensor(s) in the area (turning
on a light, for instance).
28. Node Replication Attacks
Attacker seeks to add a node to an existing
sensor network by copying (replicating) the
node ID of an existing sensor node .
Packets can be corrupted or even misrouted.
29. Physical Attacks
Sensor networks typically operate in hostile
outdoor environments.
The small form factor of the sensors, both of
these together with the unattended and
distributed nature of their deployment make
them highly susceptible to physical attacks, i.e.,
threats due to physical node destructions.
31. In this section we review and map various
security schemes proposed or implemented so
far for wireless sensor networks.
32. Security Schemes for Wireless Sensor
Networks
Gives an analysis of secure routing in wireless
sensor networks and studies how to design
secure distributed sensor networks
It studies Denial of service attacks against
different layers of sensor protocol stack.
JAM presents a mapping protocol which
detects a jammed region in the sensor network
and helps to avoid the faulty region to continue
routing within the network.
33. Wormholes which are considered harmful for
wireless sensor network could effectively be used
as a reactive defense mechanism for preventing
jamming Denial of service attacks.
Statistical en-route filtering (SEF) mechanism to
detect injected false data in sensor network and
focus mainly on how to filter false data using
collective secret.
SNEP & μTESLA are two secure building blocks
for providing data confidentiality, data freshness
and broadcast authentication.
34. Sec proposes a link layer security mechanism
for sensor networks which uses an efficient
symmetric key encryption protocol.
The scheme uses a bidirectional verification
technique and also introduces multi-path multi-
base station routing if bidirectional verification is
not sufficient to defend the attack.
35. Data Confidentiality
A sensor network should not leak sensor readings to its
neighbors.
In many applications nodes communicate highly sensitive
data, e.g., key distribution, is extremely important to build
a secure channel in a wireless sensor network.
Public sensor information, such as sensor identities and
public keys, should also be encrypted to some extent to
protect against traffic analysis attacks.
The standard approach for keeping sensitive data secret is to
encrypt the data with a secret key that only intended
receivers possess, thus achieving confidentiality.
36. Data Integrity
With the implementation of confidentiality, an
adversary may be unable to steal information.
This doesn’t mean the data is safe. The
adversary can change the data, so as to send
the sensor network into disarray.
Thus, data integrity ensures that any received
data has not been altered in transit.
37. Data Freshness
Need to ensure the freshness of each message.
Informally, data freshness suggests that the
data is very much recent, and it ensures that no
old messages have been replayed.
This requirement is especially important when
there are shared-key strategies.
38. Holistic Security in Wireless Sensor
Networks
A holistic approach aims at improving the
performance of wireless sensor networks with
respect to security, longevity and connectivity
under changing environmental conditions.
The holistic approach of security concerns about
involving all the layers for ensuring overall
security in a network.
A single security solution for a single layer might
not be an efficient solution rather employing a
holistic approach could be the best option.
39.
40. Conclusion
Most of the attacks against security in wireless sensor
networks are caused by the insertion of wrong
information by the nodes which are agreed or
compromised within the network.
For defending the inclusion of these false reports by
compromised nodes, a mean is required for detecting
these false reports.
However, developing such a detection mechanism
and making it efficient represents a great research
challenge.
Again, ensuring the holistic security in wireless sensor
network is one of the major research issue.
